Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.
*** 1416,1425 ****
--- 1416,1441 ----
if (Pfdinfo_iter(P, iter_fd, &iter) != 0)
goto err;
}
+
+ {
+ prsecflags_t *psf = NULL;
+
+ if (Psecflags(P, &psf) != 0)
+ goto err;
+
+ if (write_note(fd, NT_SECFLAGS, psf,
+ sizeof (prsecflags_t), &doff) != 0) {
+ Psecflags_free(psf);
+ goto err;
+ }
+
+ Psecflags_free(psf);
+ }
+
#if defined(__i386) || defined(__amd64)
/* CSTYLED */
{
struct ssd *ldtp;
size_t size;
*** 1499,1508 ****
--- 1515,1525 ----
/*
* Wipe out anything we may have written if there was an error.
*/
(void) ftruncate64(fd, 0);
free(pgc.pgc_chunk);
+
return (-1);
}
static const char *content_str[] = {
"stack", /* CC_CONTENT_STACK */