Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

Split Close
Expand all
Collapse all
          --- old/usr/src/cmd/sgs/libld/common/sections.c
          +++ new/usr/src/cmd/sgs/libld/common/sections.c
↓ open down ↓ 416 lines elided ↑ open up ↑
 417  417   *
 418  418   * exit:
 419  419   *      On error, returns S_ERROR. On success, returns (1), and the
 420  420   *      ret_ pointers have been updated to point at the new structures,
 421  421   *      which have been filled in. To finish the task, the caller must
 422  422   *      update any fields within the supplied descriptors that differ
 423  423   *      from its needs, and then call ld_place_section().
 424  424   */
 425  425  static uintptr_t
 426  426  new_section(Ofl_desc *ofl, Word shtype, const char *shname, Xword entcnt,
 427      -        Is_desc **ret_isec, Shdr **ret_shdr, Elf_Data **ret_data)
      427 +    Is_desc **ret_isec, Shdr **ret_shdr, Elf_Data **ret_data)
 428  428  {
 429  429          typedef struct sec_info {
 430  430                  Word d_type;
 431  431                  Word align;     /* Used in both data and section header */
 432  432                  Word sh_flags;
 433  433                  Word sh_entsize;
 434  434          } SEC_INFO_T;
 435  435  
 436  436          const SEC_INFO_T        *sec_info;
 437  437  
↓ open down ↓ 244 lines elided ↑ open up ↑
 682  682   *
 683  683   * exit:
 684  684   *      On error, returns S_ERROR. On success, returns (1), and the
 685  685   *      ret_ pointers have been updated to point at the new structures,
 686  686   *      which have been filled in. To finish the task, the caller must
 687  687   *      update any fields within the supplied descriptors that differ
 688  688   *      from its needs, and then call ld_place_section().
 689  689   */
 690  690  static uintptr_t
 691  691  new_section_from_template(Ofl_desc *ofl, Is_desc *tmpl_isp, size_t size,
 692      -        Is_desc **ret_isec, Shdr **ret_shdr, Elf_Data **ret_data)
      692 +    Is_desc **ret_isec, Shdr **ret_shdr, Elf_Data **ret_data)
 693  693  {
 694  694          Shdr            *shdr;
 695  695          Elf_Data        *data;
 696  696          Is_desc         *isec;
 697  697  
 698  698          /*
 699  699           * Allocate and initialize the Elf_Data structure.
 700  700           */
 701  701          if ((data = libld_calloc(sizeof (Elf_Data), 1)) == NULL)
 702  702                  return (S_ERROR);
↓ open down ↓ 559 lines elided ↑ open up ↑
1262 1262                  /*
1263 1263                   * Capabilities chain information requires a .SUNW_capchain
1264 1264                   * entry (DT_SUNW_CAPCHAIN), entry size (DT_SUNW_CAPCHAINENT),
1265 1265                   * and total size (DT_SUNW_CAPCHAINSZ).
1266 1266                   */
1267 1267                  if (ofl->ofl_oscapchain)
1268 1268                          cnt += 3;
1269 1269  
1270 1270                  if (flags & FLG_OF_SYMBOLIC)
1271 1271                          cnt++;                  /* DT_SYMBOLIC */
     1272 +
     1273 +                if (ofl->ofl_aslr != 0)         /* DT_SUNW_ASLR */
     1274 +                        cnt++;
1272 1275          }
1273 1276  
1274 1277          /*
1275 1278           * Account for Architecture dependent .dynamic entries, and defaults.
1276 1279           */
1277 1280          (*ld_targ.t_mr.mr_mach_make_dynamic)(ofl, &cnt);
1278 1281  
1279 1282          /*
1280 1283           * DT_FLAGS, DT_FLAGS_1, DT_SUNW_STRPAD, and DT_NULL. Also,
1281 1284           * allow room for the unused extra DT_NULLs. These are included
↓ open down ↓ 2244 lines elided ↑ open up ↑
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX