Print this page
uts: Allow for address space randomisation.
Randomise the base addresses of shared objects, non-fixed mappings, the
stack and the heap.  Introduce a service, svc:/system/process-security,
and a tool psecflags(1) to control and observe it

@@ -80,24 +80,25 @@
 #define MAP_PRIVATE     2               /* changes are private */
 #define MAP_TYPE        0xf             /* mask for share type */
 
 /* other flags to mmap (or-ed in to MAP_SHARED or MAP_PRIVATE) */
 #define MAP_FIXED       0x10            /* user assigns address */
+/* Not implemented */
+#define MAP_RENAME      0x20            /* rename private pages to file */
 #define MAP_NORESERVE   0x40            /* don't reserve needed swap area */
+/* Note that 0x80 is _MAP_LOW32, defined below */
 #define MAP_ANON        0x100           /* map anonymous pages directly */
 #define MAP_ANONYMOUS   MAP_ANON        /* (source compatibility) */
 #define MAP_ALIGN       0x200           /* addr specifies alignment */
 #define MAP_TEXT        0x400           /* map code segment */
 #define MAP_INITDATA    0x800           /* map data segment */
 
 #ifdef _KERNEL
 #define _MAP_TEXTREPL   0x1000
+#define _MAP_RANDOMIZE  0x2000
 #endif /* _KERNEL */
 
-/* these flags not yet implemented */
-#define MAP_RENAME      0x20            /* rename private pages to file */
-
 #if     (_POSIX_C_SOURCE <= 2) && !defined(_XPG4_2)
 /* these flags are used by memcntl */
 #define PROC_TEXT       (PROT_EXEC | PROT_READ)
 #define PROC_DATA       (PROT_READ | PROT_WRITE | PROT_EXEC)
 #define SHARED          0x10