Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

@@ -87,12 +87,12 @@
 #else
         int alloc_test_priv = priv_debug;
 #endif
         rw_init(&privinfo_lock, NULL, RW_DRIVER, NULL);
 
-        PRIV_BASIC_ASSERT(priv_basic);
-        PRIV_UNSAFE_ASSERT(&priv_unsafe);
+        PRIV_BASIC_ADDSET(priv_basic);
+        PRIV_UNSAFE_ADDSET(&priv_unsafe);
         priv_fillset(&priv_fullset);
 
         /*
          * When booting with priv_debug set or in a DEBUG kernel, then we'll
          * add an additional basic privilege and we verify that it is always

@@ -478,25 +478,25 @@
 
 void
 priv_addset(priv_set_t *set, int priv)
 {
         ASSERT(priv >= 0 && priv < MAX_PRIVILEGE);
-        __PRIV_ASSERT(set, priv);
+        __PRIV_ADDSET(set, priv);
 }
 
 void
 priv_delset(priv_set_t *set, int priv)
 {
         ASSERT(priv >= 0 && priv < MAX_PRIVILEGE);
-        __PRIV_CLEAR(set, priv);
+        __PRIV_DELSET(set, priv);
 }
 
 boolean_t
 priv_ismember(const priv_set_t *set, int priv)
 {
         ASSERT(priv >= 0 && priv < MAX_PRIVILEGE);
-        return (__PRIV_ISASSERT(set, priv) ? B_TRUE : B_FALSE);
+        return (__PRIV_ISMEMBER(set, priv) ? B_TRUE : B_FALSE);
 }
 
 #define PRIV_TEST_BODY(test) \
         int i; \
 \