Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

Split Close
Expand all
Collapse all
          --- old/usr/src/lib/libbsm/common/adt.xml
          +++ new/usr/src/lib/libbsm/common/adt.xml
↓ open down ↓ 976 lines elided ↑ open up ↑
 977  977          <entry id="device">
 978  978              <internal token="path"/>
 979  979              <external opt="required" type="char *"/>
 980  980              <comment>device</comment>
 981  981          </entry>
 982  982          <entry id="return">
 983  983              <internal token="return"/>
 984  984              <external opt="none"/>
 985  985          </entry>
 986  986      </event>
 987      -
      987 +    
 988  988      <event id="AUE_pool_import" header="0" idNo="45" omit="JNI">
 989  989          <program>hald</program>
 990  990          <entry id="subject">
 991  991              <internal token="subject"/>
 992  992              <external opt="none"/>
 993  993          </entry>
 994  994          <entry id="auth_used">
 995  995              <internal token="uauth"/>
 996  996              <external opt="required" type="char *"/>
 997  997              <comment>authorization used</comment>
↓ open down ↓ 1604 lines elided ↑ open up ↑
2602 2602      <token id="exec_env">
2603 2603      </token>
2604 2604      <token id="exit">
2605 2605      </token>
2606 2606      <token id="file">
2607 2607      </token>
2608 2608      <token id="fmri">
2609 2609      </token>
2610 2610      <token id="groups">
2611 2611      </token>
     2612 +    <token id="secflags">
     2613 +    </token>
2612 2614      <!--
2613 2615          the iport token take a single argument of type uint16_t
2614 2616          if there are any other tokens following it that have arguments
2615 2617          the last of the iport tokens in the event description must
2616 2618          be followed by a dummy iport token that is optional.
2617 2619          This is to ensure proper structure alignment across all
2618 2620          compliers and architectures.
2619 2621      -->
2620 2622      <token id="iport">
2621 2623      </token>
↓ open down ↓ 278 lines elided ↑ open up ↑
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX