Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

*** 1416,1425 **** --- 1416,1441 ---- if (Pfdinfo_iter(P, iter_fd, &iter) != 0) goto err; } + + { + prsecflags_t *psf = NULL; + + if (Psecflags(P, &psf) != 0) + goto err; + + if (write_note(fd, NT_SECFLAGS, psf, + sizeof (prsecflags_t), &doff) != 0) { + Psecflags_free(psf); + goto err; + } + + Psecflags_free(psf); + } + #if defined(__i386) || defined(__amd64) /* CSTYLED */ { struct ssd *ldtp; size_t size;
*** 1499,1508 **** --- 1515,1525 ---- /* * Wipe out anything we may have written if there was an error. */ (void) ftruncate64(fd, 0); free(pgc.pgc_chunk); + return (-1); } static const char *content_str[] = { "stack", /* CC_CONTENT_STACK */