il-aslr Cdiff usr/src/uts/common/os/proc.c

Print this page

uts: Allow for address space randomisation.
Randomise the base addresses of shared objects, non-fixed mappings, the
stack and the heap.  Introduce a service, svc:/system/process-security,
and a tool psecflags(1) to control and observe it


*** 157,161 ****
--- 157,188 ----
                          (pctx->free_op)(pctx->arg, isexec);
                  kmem_free(pctx, sizeof (struct pctxop));
          }
          kpreempt_enable();
  }
+ 
+ boolean_t
+ secflag_enabled(proc_t *p, uint_t flag)
+ {
+         return ((p->p_secflags.psf_effective & flag) != 0);
+ }
+ 
+ void
+ secflag_set(proc_t *p, uint_t flag)
+ {
+         p->p_secflags.psf_inherit = flag;
+ }
+ 
+ void
+ secflag_enable(proc_t *p, uint_t flag) {
+         p->p_secflags.psf_inherit |= flag;
+ }
+ 
+ void
+ secflag_disable(proc_t *p, uint_t flag) {
+         p->p_secflags.psf_inherit &= ~flag;
+ }
+ 
+ void
+ secflag_promote(proc_t *p) {
+         p->p_secflags.psf_effective = p->p_secflags.psf_inherit;
+ }