Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

Split Close
Expand all
Collapse all
          --- old/usr/src/cmd/sgs/include/libld.h
          +++ new/usr/src/cmd/sgs/include/libld.h
↓ open down ↓ 398 lines elided ↑ open up ↑
 399  399          Objcapset       ofl_ocapset;    /* object capabilities */
 400  400          Lm_list         *ofl_lml;       /* runtime link-map list */
 401  401          Gottable        *ofl_gottable;  /* debugging got information */
 402  402          Rlxrel_cache    ofl_sr_cache;   /* Cache last result from */
 403  403                                          /*      sloppy_comdat_reloc() */
 404  404          APlist          *ofl_maptext;   /* mapfile added text sections */
 405  405          APlist          *ofl_mapdata;   /* mapfile added data sections */
 406  406          avl_tree_t      *ofl_wrap;      /* -z wrap symbols */
 407  407          ofl_guideflag_t ofl_guideflags; /* -z guide flags */
 408  408          APlist          *ofl_assdeflib; /* -z assert-deflib exceptions */
      409 +        int             ofl_aslr;       /* -z aslr, -1 disable, 1 enable */
 409  410  };
 410  411  
 411  412  #define FLG_OF_DYNAMIC  0x00000001      /* generate dynamic output module */
 412  413  #define FLG_OF_STATIC   0x00000002      /* generate static output module */
 413  414  #define FLG_OF_EXEC     0x00000004      /* generate an executable */
 414  415  #define FLG_OF_RELOBJ   0x00000008      /* generate a relocatable object */
 415  416  #define FLG_OF_SHAROBJ  0x00000010      /* generate a shared object */
 416  417  #define FLG_OF_BFLAG    0x00000020      /* do no special plt building: -b */
 417  418  #define FLG_OF_IGNENV   0x00000040      /* ignore LD_LIBRARY_PATH: -i */
 418  419  #define FLG_OF_STRIP    0x00000080      /* strip output: -s */
↓ open down ↓ 1151 lines elided ↑ open up ↑
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX