Code review comments from jeffpc
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

@@ -375,10 +375,20 @@
         { 60,   4,      0,      0 },            /* pr_fdflags */
         { 64,   1,      1024,   0 },            /* pr_path[] */
 };
 
 
+static const sl_prsecflags_layout_t prsecflags_layout = {
+        { 0,    40,     0,      0 },            /* sizeof (prsecflags_t) */
+        { 0,    4,      0,      0 },            /* pr_version */
+        { 8,    8,      0,      0 },            /* pr_effective */
+        { 16,   8,      0,      0 },            /* pr_inherit */
+        { 24,   8,      0,      0 },            /* pr_lower */
+        { 32,   8,      0,      0 },            /* pr_upper */
+};
+
+
 
 
 static const sl_arch_layout_t layout_amd64 = {
         &auxv_layout,
         &fltset_layout,

@@ -398,10 +408,11 @@
         &stack_layout,
         &sysset_layout,
         &timestruc_layout,
         &utsname_layout,
         &prfdinfo_layout,
+        &prsecflags_layout,
 };
 
 
 const sl_arch_layout_t *
 struct_layout_amd64(void)