il_7029-3 Sdiff usr/src/uts/common/syscall/ppriv.c

Print this page

7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

 170                 priv_inverse(&diff);
 171                 priv_intersect(&CR_OPPRIV(pcr), &diff);
 172                 donocd = !priv_issubset(&diff, &CR_IPRIV(cr));
 173         }
 174 
 175         p->p_cred = cr;
 176         mutex_exit(&p->p_crlock);
 177 
 178         if (donocd) {
 179                 mutex_enter(&p->p_lock);
 180                 p->p_flag |= SNOCD;
 181                 mutex_exit(&p->p_lock);
 182         }
 183 
 184         /*
 185          * The basic_test privilege should not be removed from E;
 186          * if that has happened, then some programmer typically set the E/P to
 187          * empty. That is not portable.
 188          */
 189         if ((type == PRIV_EFFECTIVE || type == PRIV_PERMITTED) &&
 190             priv_basic_test >= 0 && !PRIV_ISASSERT(target, priv_basic_test)) {
 191                 proc_t *p = curproc;
 192                 pid_t pid = p->p_pid;
 193                 char *fn = PTOU(p)->u_comm;
 194 
 195                 cmn_err(CE_WARN, "%s[%d]: setppriv: basic_test privilege "
 196                     "removed from E/P", fn, pid);
 197         }
 198 
 199         crset(p, cr);           /* broadcast to process threads */
 200 
 201         return (0);
 202 }
 203 
 204 /*
 205  * getppriv (priv_ptype_t, priv_set_t *)
 206  */
 207 static int
 208 getppriv(priv_ptype_t type, priv_set_t *pset)
 209 {
 210         if (!PRIV_VALIDSET(type))

 170                 priv_inverse(&diff);
 171                 priv_intersect(&CR_OPPRIV(pcr), &diff);
 172                 donocd = !priv_issubset(&diff, &CR_IPRIV(cr));
 173         }
 174 
 175         p->p_cred = cr;
 176         mutex_exit(&p->p_crlock);
 177 
 178         if (donocd) {
 179                 mutex_enter(&p->p_lock);
 180                 p->p_flag |= SNOCD;
 181                 mutex_exit(&p->p_lock);
 182         }
 183 
 184         /*
 185          * The basic_test privilege should not be removed from E;
 186          * if that has happened, then some programmer typically set the E/P to
 187          * empty. That is not portable.
 188          */
 189         if ((type == PRIV_EFFECTIVE || type == PRIV_PERMITTED) &&
 190             priv_basic_test >= 0 && !PRIV_ISMEMBER(target, priv_basic_test)) {
 191                 proc_t *p = curproc;
 192                 pid_t pid = p->p_pid;
 193                 char *fn = PTOU(p)->u_comm;
 194 
 195                 cmn_err(CE_WARN, "%s[%d]: setppriv: basic_test privilege "
 196                     "removed from E/P", fn, pid);
 197         }
 198 
 199         crset(p, cr);           /* broadcast to process threads */
 200 
 201         return (0);
 202 }
 203 
 204 /*
 205  * getppriv (priv_ptype_t, priv_set_t *)
 206  */
 207 static int
 208 getppriv(priv_ptype_t type, priv_set_t *pset)
 209 {
 210         if (!PRIV_VALIDSET(type))