Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.
@@ -157,5 +157,17 @@
(pctx->free_op)(pctx->arg, isexec);
kmem_free(pctx, sizeof (struct pctxop));
}
kpreempt_enable();
}
+
+boolean_t
+secflag_enabled(proc_t *p, secflag_t flag)
+{
+ return (secflag_isset(p->p_secflags.psf_effective, flag));
+}
+
+void
+secflags_promote(proc_t *p)
+{
+ secflags_copy(&p->p_secflags.psf_effective, &p->p_secflags.psf_inherit);
+}