Print this page
uts: Allow for address space randomisation.
Randomise the base addresses of shared objects, non-fixed mappings, the
stack and the heap.  Introduce a service, svc:/system/process-security,
and a tool psecflags(1) to control and observe it

Split Close
Expand all
Collapse all
          --- old/usr/src/cmd/sgs/libld/common/update.c
          +++ new/usr/src/cmd/sgs/libld/common/update.c
↓ open down ↓ 2524 lines elided ↑ open up ↑
2525 2525                          dyn->d_tag = DT_SUNW_CAPCHAIN;
2526 2526                          dyn->d_un.d_val = shdr->sh_addr;
2527 2527                          dyn++;
2528 2528                          dyn->d_tag = DT_SUNW_CAPCHAINSZ;
2529 2529                          dyn->d_un.d_val = shdr->sh_size;
2530 2530                          dyn++;
2531 2531                          dyn->d_tag = DT_SUNW_CAPCHAINENT;
2532 2532                          dyn->d_un.d_val = shdr->sh_entsize;
2533 2533                          dyn++;
2534 2534                  }
     2535 +
     2536 +                if (ofl->ofl_aslr != 0) {
     2537 +                        dyn->d_tag = DT_SUNW_ASLR;
     2538 +                        dyn->d_un.d_val = (ofl->ofl_aslr == 1);
     2539 +                        dyn++;
     2540 +                }
     2541 +
2535 2542                  if (flags & FLG_OF_SYMBOLIC) {
2536 2543                          dyn->d_tag = DT_SYMBOLIC;
2537 2544                          dyn->d_un.d_val = 0;
2538 2545                          dyn++;
2539 2546                  }
2540 2547          }
2541 2548  
2542 2549          dyn->d_tag = DT_FLAGS;
2543 2550          dyn->d_un.d_val = ofl->ofl_dtflags;
2544 2551          dyn++;
↓ open down ↓ 1765 lines elided ↑ open up ↑
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX