il_7029-3 Cdiff usr/src/uts/common/sys/mman.h

Print this page

7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.


*** 80,103 ****
  #define MAP_PRIVATE     2               /* changes are private */
  #define MAP_TYPE        0xf             /* mask for share type */
  
  /* other flags to mmap (or-ed in to MAP_SHARED or MAP_PRIVATE) */
  #define MAP_FIXED       0x10            /* user assigns address */
  #define MAP_NORESERVE   0x40            /* don't reserve needed swap area */
  #define MAP_ANON        0x100           /* map anonymous pages directly */
  #define MAP_ANONYMOUS   MAP_ANON        /* (source compatibility) */
  #define MAP_ALIGN       0x200           /* addr specifies alignment */
  #define MAP_TEXT        0x400           /* map code segment */
  #define MAP_INITDATA    0x800           /* map data segment */
  
  #ifdef _KERNEL
  #define _MAP_TEXTREPL   0x1000
  #endif /* _KERNEL */
  
- /* these flags not yet implemented */
- #define MAP_RENAME      0x20            /* rename private pages to file */
- 
  #if     (_POSIX_C_SOURCE <= 2) && !defined(_XPG4_2)
  /* these flags are used by memcntl */
  #define PROC_TEXT       (PROT_EXEC | PROT_READ)
  #define PROC_DATA       (PROT_READ | PROT_WRITE | PROT_EXEC)
  #define SHARED          0x10
--- 80,104 ----
  #define MAP_PRIVATE     2               /* changes are private */
  #define MAP_TYPE        0xf             /* mask for share type */
  
  /* other flags to mmap (or-ed in to MAP_SHARED or MAP_PRIVATE) */
  #define MAP_FIXED       0x10            /* user assigns address */
+ /* Not implemented */
+ #define MAP_RENAME      0x20            /* rename private pages to file */
  #define MAP_NORESERVE   0x40            /* don't reserve needed swap area */
+ /* Note that 0x80 is _MAP_LOW32, defined below */
  #define MAP_ANON        0x100           /* map anonymous pages directly */
  #define MAP_ANONYMOUS   MAP_ANON        /* (source compatibility) */
  #define MAP_ALIGN       0x200           /* addr specifies alignment */
  #define MAP_TEXT        0x400           /* map code segment */
  #define MAP_INITDATA    0x800           /* map data segment */
  
  #ifdef _KERNEL
  #define _MAP_TEXTREPL   0x1000
+ #define _MAP_RANDOMIZE  0x2000
  #endif /* _KERNEL */
  
  #if     (_POSIX_C_SOURCE <= 2) && !defined(_XPG4_2)
  /* these flags are used by memcntl */
  #define PROC_TEXT       (PROT_EXEC | PROT_READ)
  #define PROC_DATA       (PROT_READ | PROT_WRITE | PROT_EXEC)
  #define SHARED          0x10