7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

*** 524,533 ****
--- 524,542 ----
          sl_field_t              pr_fileflags;
          sl_field_t              pr_fdflags;
          sl_field_t              pr_path;
  } sl_prfdinfo_layout_t;
  
+ typedef struct {
+         sl_field_t              sizeof_struct;
+         sl_field_t              pr_version;
+         sl_field_t              pr_effective;
+         sl_field_t              pr_inherit;
+         sl_field_t              pr_lower;
+         sl_field_t              pr_upper;
+ } sl_prsecflags_layout_t;
+ 
  /*
   * This type collects all of the layout definitions for
   * a given architecture.
   */
  typedef struct {
*** 549,558 ****
--- 558,568 ----
          const sl_stack_layout_t         *stack;         /* stack_t */
          const sl_sysset_layout_t        *sysset;        /* sysset_t */
          const sl_timestruc_layout_t     *timestruc;     /* timestruc_t */
          const sl_utsname_layout_t       *utsname;       /* struct utsname */
          const sl_prfdinfo_layout_t      *prfdinfo;      /* prdinfo_t */
+         const sl_prsecflags_layout_t    *prsecflags;    /* prsecflags_t */
  } sl_arch_layout_t;
  
  
  
  extern  void            sl_extract_num_field(const char *data, int do_swap,