Print this page
uts: Allow for address space randomisation.
Randomise the base addresses of shared objects, non-fixed mappings, the
stack and the heap.  Introduce a service, svc:/system/process-security,
and a tool psecflags(1) to control and observe it


  65  */
  66 #define PROT_READ       0x1             /* pages can be read */
  67 #define PROT_WRITE      0x2             /* pages can be written */
  68 #define PROT_EXEC       0x4             /* pages can be executed */
  69 
  70 #ifdef  _KERNEL
  71 #define PROT_USER       0x8             /* pages are user accessable */
  72 #define PROT_ZFOD       (PROT_READ | PROT_WRITE | PROT_EXEC | PROT_USER)
  73 #define PROT_ALL        (PROT_READ | PROT_WRITE | PROT_EXEC | PROT_USER)
  74 #endif  /* _KERNEL */
  75 
  76 #define PROT_NONE       0x0             /* pages cannot be accessed */
  77 
  78 /* sharing types:  must choose either SHARED or PRIVATE */
  79 #define MAP_SHARED      1               /* share changes */
  80 #define MAP_PRIVATE     2               /* changes are private */
  81 #define MAP_TYPE        0xf             /* mask for share type */
  82 
  83 /* other flags to mmap (or-ed in to MAP_SHARED or MAP_PRIVATE) */
  84 #define MAP_FIXED       0x10            /* user assigns address */


  85 #define MAP_NORESERVE   0x40            /* don't reserve needed swap area */

  86 #define MAP_ANON        0x100           /* map anonymous pages directly */
  87 #define MAP_ANONYMOUS   MAP_ANON        /* (source compatibility) */
  88 #define MAP_ALIGN       0x200           /* addr specifies alignment */
  89 #define MAP_TEXT        0x400           /* map code segment */
  90 #define MAP_INITDATA    0x800           /* map data segment */
  91 
  92 #ifdef _KERNEL
  93 #define _MAP_TEXTREPL   0x1000

  94 #endif /* _KERNEL */
  95 
  96 /* these flags not yet implemented */
  97 #define MAP_RENAME      0x20            /* rename private pages to file */
  98 
  99 #if     (_POSIX_C_SOURCE <= 2) && !defined(_XPG4_2)
 100 /* these flags are used by memcntl */
 101 #define PROC_TEXT       (PROT_EXEC | PROT_READ)
 102 #define PROC_DATA       (PROT_READ | PROT_WRITE | PROT_EXEC)
 103 #define SHARED          0x10
 104 #define PRIVATE         0x20
 105 #define VALID_ATTR  (PROT_READ|PROT_WRITE|PROT_EXEC|SHARED|PRIVATE)
 106 #endif  /* (_POSIX_C_SOURCE <= 2) && !defined(_XPG4_2) */
 107 
 108 #if     (_POSIX_C_SOURCE <= 2) || defined(_XPG4_2)
 109 #ifdef  _KERNEL
 110 #define PROT_EXCL       0x20
 111 #endif  /* _KERNEL */
 112 
 113 #define _MAP_LOW32      0x80    /* force mapping in lower 4G of address space */
 114 #define MAP_32BIT       _MAP_LOW32
 115 
 116 /*
 117  * For the sake of backward object compatibility, we use the _MAP_NEW flag.
 118  * This flag will be automatically or'ed in by the C library for all




  65  */
  66 #define PROT_READ       0x1             /* pages can be read */
  67 #define PROT_WRITE      0x2             /* pages can be written */
  68 #define PROT_EXEC       0x4             /* pages can be executed */
  69 
  70 #ifdef  _KERNEL
  71 #define PROT_USER       0x8             /* pages are user accessable */
  72 #define PROT_ZFOD       (PROT_READ | PROT_WRITE | PROT_EXEC | PROT_USER)
  73 #define PROT_ALL        (PROT_READ | PROT_WRITE | PROT_EXEC | PROT_USER)
  74 #endif  /* _KERNEL */
  75 
  76 #define PROT_NONE       0x0             /* pages cannot be accessed */
  77 
  78 /* sharing types:  must choose either SHARED or PRIVATE */
  79 #define MAP_SHARED      1               /* share changes */
  80 #define MAP_PRIVATE     2               /* changes are private */
  81 #define MAP_TYPE        0xf             /* mask for share type */
  82 
  83 /* other flags to mmap (or-ed in to MAP_SHARED or MAP_PRIVATE) */
  84 #define MAP_FIXED       0x10            /* user assigns address */
  85 /* Not implemented */
  86 #define MAP_RENAME      0x20            /* rename private pages to file */
  87 #define MAP_NORESERVE   0x40            /* don't reserve needed swap area */
  88 /* Note that 0x80 is _MAP_LOW32, defined below */
  89 #define MAP_ANON        0x100           /* map anonymous pages directly */
  90 #define MAP_ANONYMOUS   MAP_ANON        /* (source compatibility) */
  91 #define MAP_ALIGN       0x200           /* addr specifies alignment */
  92 #define MAP_TEXT        0x400           /* map code segment */
  93 #define MAP_INITDATA    0x800           /* map data segment */
  94 
  95 #ifdef _KERNEL
  96 #define _MAP_TEXTREPL   0x1000
  97 #define _MAP_RANDOMIZE  0x2000
  98 #endif /* _KERNEL */
  99 



 100 #if     (_POSIX_C_SOURCE <= 2) && !defined(_XPG4_2)
 101 /* these flags are used by memcntl */
 102 #define PROC_TEXT       (PROT_EXEC | PROT_READ)
 103 #define PROC_DATA       (PROT_READ | PROT_WRITE | PROT_EXEC)
 104 #define SHARED          0x10
 105 #define PRIVATE         0x20
 106 #define VALID_ATTR  (PROT_READ|PROT_WRITE|PROT_EXEC|SHARED|PRIVATE)
 107 #endif  /* (_POSIX_C_SOURCE <= 2) && !defined(_XPG4_2) */
 108 
 109 #if     (_POSIX_C_SOURCE <= 2) || defined(_XPG4_2)
 110 #ifdef  _KERNEL
 111 #define PROT_EXCL       0x20
 112 #endif  /* _KERNEL */
 113 
 114 #define _MAP_LOW32      0x80    /* force mapping in lower 4G of address space */
 115 #define MAP_32BIT       _MAP_LOW32
 116 
 117 /*
 118  * For the sake of backward object compatibility, we use the _MAP_NEW flag.
 119  * This flag will be automatically or'ed in by the C library for all