il_7029-2 Sdiff usr/src/uts/i86pc/os/mlsetup.c

Print this page

7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

 304         t0.t_clfuncs = &sys_classfuncs.thread;
 305         t0.t_copyops = NULL;
 306         THREAD_ONPROC(&t0, CPU);
 307 
 308         lwp0.lwp_thread = &t0;
 309         lwp0.lwp_regs = (void *)rp;
 310         lwp0.lwp_procp = &p0;
 311         t0.t_tid = p0.p_lwpcnt = p0.p_lwprcnt = p0.p_lwpid = 1;
 312 
 313         p0.p_exec = NULL;
 314         p0.p_stat = SRUN;
 315         p0.p_flag = SSYS;
 316         p0.p_tlist = &t0;
 317         p0.p_stksize = 2*PAGESIZE;
 318         p0.p_stkpageszc = 0;
 319         p0.p_as = &kas;
 320         p0.p_lockp = &p0lock;
 321         p0.p_brkpageszc = 0;
 322         p0.p_t1_lgrpid = LGRP_NONE;
 323         p0.p_tr_lgrpid = LGRP_NONE;


 324         sigorset(&p0.p_ignore, &ignoredefault);
 325 
 326         CPU->cpu_thread = &t0;
 327         bzero(&cpu0_disp, sizeof (disp_t));
 328         CPU->cpu_disp = &cpu0_disp;
 329         CPU->cpu_disp->disp_cpu = CPU;
 330         CPU->cpu_dispthread = &t0;
 331         CPU->cpu_idle_thread = &t0;
 332         CPU->cpu_flags = CPU_READY | CPU_RUNNING | CPU_EXISTS | CPU_ENABLE;
 333         CPU->cpu_dispatch_pri = t0.t_pri;
 334 
 335         CPU->cpu_id = 0;
 336 
 337         CPU->cpu_pri = 12;           /* initial PIL for the boot CPU */
 338 
 339         /*
 340          * The kernel doesn't use LDTs unless a process explicitly requests one.
 341          */
 342         p0.p_ldt_desc = null_sdesc;
 343

 304         t0.t_clfuncs = &sys_classfuncs.thread;
 305         t0.t_copyops = NULL;
 306         THREAD_ONPROC(&t0, CPU);
 307 
 308         lwp0.lwp_thread = &t0;
 309         lwp0.lwp_regs = (void *)rp;
 310         lwp0.lwp_procp = &p0;
 311         t0.t_tid = p0.p_lwpcnt = p0.p_lwprcnt = p0.p_lwpid = 1;
 312 
 313         p0.p_exec = NULL;
 314         p0.p_stat = SRUN;
 315         p0.p_flag = SSYS;
 316         p0.p_tlist = &t0;
 317         p0.p_stksize = 2*PAGESIZE;
 318         p0.p_stkpageszc = 0;
 319         p0.p_as = &kas;
 320         p0.p_lockp = &p0lock;
 321         p0.p_brkpageszc = 0;
 322         p0.p_t1_lgrpid = LGRP_NONE;
 323         p0.p_tr_lgrpid = LGRP_NONE;
 324         psecflags_default(&p0.p_secflags);
 325 
 326         sigorset(&p0.p_ignore, &ignoredefault);
 327 
 328         CPU->cpu_thread = &t0;
 329         bzero(&cpu0_disp, sizeof (disp_t));
 330         CPU->cpu_disp = &cpu0_disp;
 331         CPU->cpu_disp->disp_cpu = CPU;
 332         CPU->cpu_dispthread = &t0;
 333         CPU->cpu_idle_thread = &t0;
 334         CPU->cpu_flags = CPU_READY | CPU_RUNNING | CPU_EXISTS | CPU_ENABLE;
 335         CPU->cpu_dispatch_pri = t0.t_pri;
 336 
 337         CPU->cpu_id = 0;
 338 
 339         CPU->cpu_pri = 12;           /* initial PIL for the boot CPU */
 340 
 341         /*
 342          * The kernel doesn't use LDTs unless a process explicitly requests one.
 343          */
 344         p0.p_ldt_desc = null_sdesc;
 345