7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

@@ -524,10 +524,19 @@
         sl_field_t              pr_fileflags;
         sl_field_t              pr_fdflags;
         sl_field_t              pr_path;
 } sl_prfdinfo_layout_t;
 
+typedef struct {
+        sl_field_t              sizeof_struct;
+        sl_field_t              pr_version;
+        sl_field_t              pr_effective;
+        sl_field_t              pr_inherit;
+        sl_field_t              pr_lower;
+        sl_field_t              pr_upper;
+} sl_prsecflags_layout_t;
+
 /*
  * This type collects all of the layout definitions for
  * a given architecture.
  */
 typedef struct {

@@ -549,10 +558,11 @@
         const sl_stack_layout_t         *stack;         /* stack_t */
         const sl_sysset_layout_t        *sysset;        /* sysset_t */
         const sl_timestruc_layout_t     *timestruc;     /* timestruc_t */
         const sl_utsname_layout_t       *utsname;       /* struct utsname */
         const sl_prfdinfo_layout_t      *prfdinfo;      /* prdinfo_t */
+        const sl_prsecflags_layout_t    *prsecflags;    /* prsecflags_t */
 } sl_arch_layout_t;
 
 
 
 extern  void            sl_extract_num_field(const char *data, int do_swap,