Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

@@ -181,10 +181,12 @@
 
 <TSTATE>attr    { return ATTR; }
 
 <TSTATE>admin   { return ADMIN; }
 
+<TSTATE>security-flags { return SECFLAGS; }
+
 <TSTATE>zonename        { return ZONENAME; }
 <CSTATE>zonename        { return ZONENAME; }
 
 <TSTATE>dataset { return DATASET; }
 

@@ -306,10 +308,19 @@
 <CSTATE>auths   { return AUTHS; }
 
 <TSTATE>fs-allowed      { return FS_ALLOWED; }
 <CSTATE>fs-allowed      { return FS_ALLOWED; }
 
+<TSTATE>default { return DEFAULT; }
+<CSTATE>default { return DEFAULT; }
+
+<TSTATE>lower { return LOWER; }
+<CSTATE>lower { return LOWER; }
+
+<TSTATE>upper { return UPPER; }
+<CSTATE>upper { return UPPER; }
+
 <TSTATE>=       { return EQUAL; }
 <LSTATE>=       { return EQUAL; }
 <CSTATE>=       { return EQUAL; }
 
 <TSTATE>"["     {