Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

@@ -143,14 +143,14 @@
 #define HAS_ALLPRIVS(cr)        priv_isfullset(&CR_OEPRIV(cr))
 #define ZONEPRIVS(cr)           ((cr)->cr_zone->zone_privset)
 #define HAS_ALLZONEPRIVS(cr)    priv_issubset(ZONEPRIVS(cr), &CR_OEPRIV(cr))
 #define HAS_PRIVILEGE(cr, pr)   ((pr) == PRIV_ALL ? \
                                         HAS_ALLPRIVS(cr) : \
-                                        PRIV_ISASSERT(&CR_OEPRIV(cr), pr))
+                                        PRIV_ISMEMBER(&CR_OEPRIV(cr), pr))
 
 #define FAST_BASIC_CHECK(cr, priv)      \
-        if (PRIV_ISASSERT(&CR_OEPRIV(cr), priv)) { \
+        if (PRIV_ISMEMBER(&CR_OEPRIV(cr), priv)) { \
                 DTRACE_PROBE2(priv__ok, int, priv, boolean_t, B_FALSE); \
                 return (0); \
         }
 
 /*

@@ -399,11 +399,11 @@
 {
         if ((HAS_PRIVILEGE(cr, priv) && (!allzone || HAS_ALLZONEPRIVS(cr))) ||
             (!servicing_interrupt() &&
             priv_policy_override(cr, priv, allzone, ap) == 0)) {
                 if ((allzone || priv == PRIV_ALL ||
-                    !PRIV_ISASSERT(priv_basic, priv)) &&
+                    !PRIV_ISMEMBER(priv_basic, priv)) &&
                     !servicing_interrupt()) {
                         PTOU(curproc)->u_acflag |= ASU; /* Needed for SVVS */
                         if (AU_AUDITING())
                                 audit_priv(priv,
                                     allzone ? ZONEPRIVS(cr) : NULL, 1);

@@ -447,11 +447,11 @@
         boolean_t res = HAS_PRIVILEGE(cr, priv) &&
             (!allzone || HAS_ALLZONEPRIVS(cr));
 
         /* Audit success only */
         if (res && AU_AUDITING() &&
-            (allzone || priv == PRIV_ALL || !PRIV_ISASSERT(priv_basic, priv)) &&
+            (allzone || priv == PRIV_ALL || !PRIV_ISMEMBER(priv_basic, priv)) &&
             !servicing_interrupt()) {
                 audit_priv(priv, allzone ? ZONEPRIVS(cr) : NULL, 1);
         }
         if (res) {
                 DTRACE_PROBE2(priv__ok, int, priv, boolean_t, allzone);

@@ -970,18 +970,18 @@
 {
         mode_t mode;
 
         /* Inline the basic privileges tests. */
         if ((wantmode & VREAD) &&
-            !PRIV_ISASSERT(&CR_OEPRIV(cr), PRIV_FILE_READ) &&
+            !PRIV_ISMEMBER(&CR_OEPRIV(cr), PRIV_FILE_READ) &&
             priv_policy_va(cr, PRIV_FILE_READ, B_FALSE, EACCES, NULL,
             KLPDARG_VNODE, vp, (char *)NULL, KLPDARG_NOMORE) != 0) {
                 return (EACCES);
         }
 
         if ((wantmode & VWRITE) &&
-            !PRIV_ISASSERT(&CR_OEPRIV(cr), PRIV_FILE_WRITE) &&
+            !PRIV_ISMEMBER(&CR_OEPRIV(cr), PRIV_FILE_WRITE) &&
             priv_policy_va(cr, PRIV_FILE_WRITE, B_FALSE, EACCES, NULL,
             KLPDARG_VNODE, vp, (char *)NULL, KLPDARG_NOMORE) != 0) {
                 return (EACCES);
         }
 

@@ -1726,10 +1726,23 @@
 secpolicy_pset(const cred_t *cr)
 {
         return (PRIV_POLICY(cr, PRIV_SYS_RES_CONFIG, B_FALSE, EPERM, NULL));
 }
 
+/* Process security flags */
+int
+secpolicy_psecflags(const cred_t *cr, proc_t *tp, proc_t *sp)
+{
+        if (PRIV_POLICY(cr, PRIV_PROC_SECFLAGS, B_FALSE, EPERM, NULL) != 0)
+                return (EPERM);
+
+        if (!prochasprocperm(tp, sp, cr))
+                return (EPERM);
+
+        return (0);
+}
+
 /*
  * Processor set binding.
  */
 int
 secpolicy_pbind(const cred_t *cr)