Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.
*** 585,594 ****
--- 585,605 ----
ARRAY_FIELD(prfdinfo_t, pr_path, 0);
END;
}
+ static void
+ gen_prsecflags(void)
+ {
+ START(prsecflags, prsecflags_t);
+ SCALAR_FIELD(prsecflags_t, pr_version, 0);
+ SCALAR_FIELD(prsecflags_t, pr_effective, 0);
+ SCALAR_FIELD(prsecflags_t, pr_inherit, 0);
+ SCALAR_FIELD(prsecflags_t, pr_lower, 0);
+ SCALAR_FIELD(prsecflags_t, pr_upper, 0);
+ END;
+ }
/*ARGSUSED*/
int
main(int argc, char *argv[])
{
*** 626,636 ****
gen_stack();
gen_sysset();
gen_timestruc();
gen_utsname();
gen_prfdinfo();
!
/*
* Generate the full arch_layout description
*/
(void) printf(
--- 637,647 ----
gen_stack();
gen_sysset();
gen_timestruc();
gen_utsname();
gen_prfdinfo();
! gen_prsecflags();
/*
* Generate the full arch_layout description
*/
(void) printf(
*** 654,663 ****
--- 665,675 ----
(void) printf(fmt, "stack");
(void) printf(fmt, "sysset");
(void) printf(fmt, "timestruc");
(void) printf(fmt, "utsname");
(void) printf(fmt, "prfdinfo");
+ (void) printf(fmt, "prsecflags");
(void) printf("};\n");
/*
* A public function, to make the information available
*/