Print this page 
sync further changes from uts/aslr


 168 static int
 169 handle_secflag_dt(proc_t *p, uint_t dt, uint_t val)
 170 {
 171         uint_t flag;
 172 
 173         switch (dt) {
 174         case DT_SUNW_ASLR:
 175                 flag = PROC_SEC_ASLR;
 176                 break;
 177         default:
 178                 return (EINVAL);
 179         }
 180 
 181         if (val == 0) {
 182                 if (secflag_isset(p->p_secflags.psf_lower, flag))
 183                         return (EPERM);
 184                 if ((secpolicy_psecflags(CRED(), p, p) != 0) &&
 185                     secflag_isset(p->p_secflags.psf_inherit, flag))
 186                         return (EPERM);
 187 
 188                 secflag_clear(&p->p_secflags.psf_inherit, flag);
 189                 secflag_clear(&p->p_secflags.psf_effective, flag);
 190         } else {
 191                 if (!secflag_isset(p->p_secflags.psf_upper, flag))
 192                         return (EPERM);
 193 
 194                 if ((secpolicy_psecflags(CRED(), p, p) != 0) &&
 195                     !secflag_isset(p->p_secflags.psf_inherit, flag))
 196                         return (EPERM);
 197 
 198                 secflag_set(&p->p_secflags.psf_inherit, flag);
 199                 secflag_set(&p->p_secflags.psf_effective, flag);
 200         }
 201 
 202         return (0);
 203 }
 204 
 205 /*
 206  * Map in the executable pointed to by vp. Returns 0 on success.
 207  */
 208 int
 209 mapexec_brand(vnode_t *vp, uarg_t *args, Ehdr *ehdr, Addr *uphdr_vaddr,
 210     intptr_t *voffset, caddr_t exec_file, int *interp, caddr_t *bssbase,
 211     caddr_t *brkbase, size_t *brksize, uintptr_t *lddatap)
 212 {
 213         size_t          len;
 214         struct vattr    vat;
 215         caddr_t         phdrbase = NULL;
 216         ssize_t         phdrsize;
 217         int             nshdrs, shstrndx, nphdrs;
 218         int             error = 0;




 168 static int
 169 handle_secflag_dt(proc_t *p, uint_t dt, uint_t val)
 170 {
 171         uint_t flag;
 172 
 173         switch (dt) {
 174         case DT_SUNW_ASLR:
 175                 flag = PROC_SEC_ASLR;
 176                 break;
 177         default:
 178                 return (EINVAL);
 179         }
 180 
 181         if (val == 0) {
 182                 if (secflag_isset(p->p_secflags.psf_lower, flag))
 183                         return (EPERM);
 184                 if ((secpolicy_psecflags(CRED(), p, p) != 0) &&
 185                     secflag_isset(p->p_secflags.psf_inherit, flag))
 186                         return (EPERM);
 187 

 188                 secflag_clear(&p->p_secflags.psf_effective, flag);
 189         } else {
 190                 if (!secflag_isset(p->p_secflags.psf_upper, flag))
 191                         return (EPERM);
 192 
 193                 if ((secpolicy_psecflags(CRED(), p, p) != 0) &&
 194                     !secflag_isset(p->p_secflags.psf_inherit, flag))
 195                         return (EPERM);
 196 

 197                 secflag_set(&p->p_secflags.psf_effective, flag);
 198         }
 199 
 200         return (0);
 201 }
 202 
 203 /*
 204  * Map in the executable pointed to by vp. Returns 0 on success.
 205  */
 206 int
 207 mapexec_brand(vnode_t *vp, uarg_t *args, Ehdr *ehdr, Addr *uphdr_vaddr,
 208     intptr_t *voffset, caddr_t exec_file, int *interp, caddr_t *bssbase,
 209     caddr_t *brkbase, size_t *brksize, uintptr_t *lddatap)
 210 {
 211         size_t          len;
 212         struct vattr    vat;
 213         caddr_t         phdrbase = NULL;
 214         ssize_t         phdrsize;
 215         int             nshdrs, shstrndx, nphdrs;
 216         int             error = 0;