Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

@@ -192,10 +192,11 @@
         .pop_fini       = (pop_fini_t)Pdefault_void,
         .pop_platform   = (pop_platform_t)Pdefault_voidp,
         .pop_uname      = (pop_uname_t)Pdefault_int,
         .pop_zonename   = (pop_zonename_t)Pdefault_voidp,
         .pop_execname   = (pop_execname_t)Pdefault_voidp,
+        .pop_secflags   = (pop_secflags_t)Pdefault_int,
 #if defined(__i386) || defined(__amd64)
         .pop_ldt        = (pop_ldt_t)Pdefault_int
 #endif
 };
 

@@ -237,10 +238,12 @@
                 dst->pop_uname = src->pop_uname;
         if (src->pop_zonename != NULL)
                 dst->pop_zonename = src->pop_zonename;
         if (src->pop_execname != NULL)
                 dst->pop_execname = src->pop_execname;
+        if (src->pop_secflags != NULL)
+                dst->pop_secflags = src->pop_secflags;
 #if defined(__i386) || defined(__amd64)
         if (src->pop_ldt != NULL)
                 dst->pop_ldt = src->pop_ldt;
 #endif
 }