7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

@@ -585,10 +585,21 @@
         ARRAY_FIELD(prfdinfo_t,         pr_path,        0);
 
         END;
 }
 
+static void
+gen_prsecflags(void)
+{
+        START(prsecflags, prsecflags_t);
+        SCALAR_FIELD(prsecflags_t, pr_version, 0);
+        SCALAR_FIELD(prsecflags_t, pr_effective, 0);
+        SCALAR_FIELD(prsecflags_t, pr_inherit, 0);
+        SCALAR_FIELD(prsecflags_t, pr_lower, 0);
+        SCALAR_FIELD(prsecflags_t, pr_upper, 0);
+        END;
+}
 
 /*ARGSUSED*/
 int
 main(int argc, char *argv[])
 {

@@ -626,11 +637,11 @@
         gen_stack();
         gen_sysset();
         gen_timestruc();
         gen_utsname();
         gen_prfdinfo();
-
+        gen_prsecflags();
 
         /*
          * Generate the full arch_layout description
          */
         (void) printf(

@@ -654,10 +665,11 @@
         (void) printf(fmt, "stack");
         (void) printf(fmt, "sysset");
         (void) printf(fmt, "timestruc");
         (void) printf(fmt, "utsname");
         (void) printf(fmt, "prfdinfo");
+        (void) printf(fmt, "prsecflags");
         (void) printf("};\n");
 
         /*
          * A public function, to make the information available
          */