Print this page
Code review comments from jeffpc
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

*** 375,384 **** --- 375,394 ---- { 60, 4, 0, 0 }, /* pr_fdflags */ { 64, 1, 1024, 0 }, /* pr_path[] */ }; + static const sl_prsecflags_layout_t prsecflags_layout = { + { 0, 40, 0, 0 }, /* sizeof (prsecflags_t) */ + { 0, 4, 0, 0 }, /* pr_version */ + { 8, 8, 0, 0 }, /* pr_effective */ + { 16, 8, 0, 0 }, /* pr_inherit */ + { 24, 8, 0, 0 }, /* pr_lower */ + { 32, 8, 0, 0 }, /* pr_upper */ + }; + + static const sl_arch_layout_t layout_amd64 = { &auxv_layout, &fltset_layout,
*** 398,407 **** --- 408,418 ---- &stack_layout, &sysset_layout, &timestruc_layout, &utsname_layout, &prfdinfo_layout, + &prsecflags_layout, }; const sl_arch_layout_t * struct_layout_amd64(void)