il_7029-4 Cdiff usr/src/uts/common/sys/elf.h

Print this page

7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.


*** 818,828 ****
  #define NT_PRPRIVINFO   19      /* priv_impl_info_t <sys/priv.h>        */
  #define NT_CONTENT      20      /* core_content_t <sys/corectl.h>       */
  #define NT_ZONENAME     21      /* string from getzonenamebyid(3C)      */
  #define NT_FDINFO       22      /* open fd info                         */
  #define NT_SPYMASTER    23      /* psinfo_t for agent LWP spymaster     */
! #define NT_NUM          23
  
  
  #ifdef _KERNEL
  /*
   * The following routine checks the processor-specific
--- 818,829 ----
  #define NT_PRPRIVINFO   19      /* priv_impl_info_t <sys/priv.h>        */
  #define NT_CONTENT      20      /* core_content_t <sys/corectl.h>       */
  #define NT_ZONENAME     21      /* string from getzonenamebyid(3C)      */
  #define NT_FDINFO       22      /* open fd info                         */
  #define NT_SPYMASTER    23      /* psinfo_t for agent LWP spymaster     */
! #define NT_SECFLAGS     24      /* process security-flags */
! #define NT_NUM          24
  
  
  #ifdef _KERNEL
  /*
   * The following routine checks the processor-specific