Print this page
uts: Allow for address space randomisation.
Randomise the base addresses of shared objects, non-fixed mappings, the
stack and the heap.  Introduce a service, svc:/system/process-security,
and a tool psecflags(1) to control and observe it

@@ -62,10 +62,11 @@
 #include <sys/pset.h>
 #include <sys/procfs_isa.h>
 #include <sys/priv.h>
 #include <sys/stat.h>
 #include <sys/param.h>
+#include <sys/secflags.h>
 
 /*
  * System call interfaces for /proc.
  */
 

@@ -178,11 +179,12 @@
         char    pr_pad[3];
         taskid_t pr_taskid;     /* task id */
         projid_t pr_projid;     /* project id */
         int     pr_nzomb;       /* number of zombie lwps in the process */
         zoneid_t pr_zoneid;     /* zone id */
-        int     pr_filler[15];  /* reserved for future use */
+        psecflags_t pr_secflags; /* security flags */
+        int     pr_filler[13];  /* reserved for future use */
         lwpstatus_t pr_lwp;     /* status of the representative lwp */
 } pstatus_t;
 
 /*
  * pr_flags (same values appear in both pstatus_t and lwpstatus_t pr_flags).

@@ -635,11 +637,12 @@
         char    pr_pad[3];
         id32_t  pr_taskid;      /* task id */
         id32_t  pr_projid;      /* project id */
         int     pr_nzomb;       /* number of zombie lwps in the process */
         id32_t  pr_zoneid;      /* zone id */
-        int     pr_filler[15];  /* reserved for future use */
+        psecflags_t pr_secflags; /* security flags */
+        int     pr_filler[13];  /* reserved for future use */
         lwpstatus32_t pr_lwp;   /* status of the representative lwp */
 } pstatus32_t;
 
 /*
  * _ILP32 lwp ps(1) information file.  /proc/<pid>/lwp/<lwpid>/lwpsinfo