Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

Split Close
Expand all
Collapse all
          --- old/usr/src/lib/libzonecfg/common/mapfile-vers
          +++ new/usr/src/lib/libzonecfg/common/mapfile-vers
↓ open down ↓ 50 lines elided ↑ open up ↑
  51   51          zonecfg_add_ds;
  52   52          zonecfg_add_filesystem;
  53   53          zonecfg_add_fs_option;
  54   54          zonecfg_add_admin;
  55   55          zonecfg_add_nwif;
  56   56          zonecfg_add_pkg;
  57   57          zonecfg_add_pset;
  58   58          zonecfg_add_rctl;
  59   59          zonecfg_add_rctl_value;
  60   60          zonecfg_add_scratch;
       61 +        zonecfg_add_secflags;
  61   62          zonecfg_aliased_rctl_ok;
  62   63          zonecfg_apply_rctls;
  63   64          zonecfg_attach_manifest;
  64   65          zonecfg_authorize_users;
  65   66          zonecfg_bind_pool;
  66   67          zonecfg_bind_tmp_pool;
  67   68          zonecfg_call_zoneadmd;
  68   69          zonecfg_check_handle;
  69   70          zonecfg_close_scratch;
  70   71          zonecfg_construct_rctlblk;
↓ open down ↓ 6 lines elided ↑ open up ↑
  77   78          zonecfg_delete_admins;
  78   79          zonecfg_delete_attr;
  79   80          zonecfg_delete_dev;
  80   81          zonecfg_delete_ds;
  81   82          zonecfg_delete_filesystem;
  82   83          zonecfg_delete_mcap;
  83   84          zonecfg_delete_nwif;
  84   85          zonecfg_delete_pset;
  85   86          zonecfg_delete_rctl;
  86   87          zonecfg_delete_scratch;
       88 +        zonecfg_delete_secflags;
  87   89          zonecfg_del_all_resources;
  88   90          zonecfg_destroy;
  89   91          zonecfg_destroy_snapshot;
  90   92          zonecfg_destroy_tmp_pool;
  91   93          zonecfg_detached;
  92   94          zonecfg_detach_save;
  93   95          zonecfg_devperms_apply;
  94   96          zonecfg_dev_manifest;
  95   97          zonecfg_enable_rcapd;
  96   98          zonecfg_endadminent;
↓ open down ↓ 33 lines elided ↑ open up ↑
 130  132          zonecfg_getmcapent;
 131  133          zonecfg_get_name;
 132  134          zonecfg_get_name_by_uuid;
 133  135          zonecfg_getnwifent;
 134  136          zonecfg_getpkgdata;
 135  137          zonecfg_get_pool;
 136  138          zonecfg_get_poolname;
 137  139          zonecfg_get_privset;
 138  140          zonecfg_getpsetent;
 139  141          zonecfg_getrctlent;
      142 +        zonecfg_getsecflagsent;
 140  143          zonecfg_get_root;
 141  144          zonecfg_get_sched_class;
 142  145          zonecfg_get_scratch;
 143  146          zonecfg_get_snapshot_handle;
 144  147          zonecfg_get_template_handle;
 145  148          zonecfg_get_uuid;
 146  149          zonecfg_get_xml_handle;
 147  150          zonecfg_get_zonepath;
 148  151          zonecfg_grab_lock_file;
 149  152          zonecfg_ifname_exists;
↓ open down ↓ 7 lines elided ↑ open up ↑
 157  160          zonecfg_lock_scratch;
 158  161          zonecfg_lookup_admin;
 159  162          zonecfg_lookup_attr;
 160  163          zonecfg_lookup_dev;
 161  164          zonecfg_lookup_ds;
 162  165          zonecfg_lookup_filesystem;
 163  166          zonecfg_lookup_mcap;
 164  167          zonecfg_lookup_nwif;
 165  168          zonecfg_lookup_pset;
 166  169          zonecfg_lookup_rctl;
      170 +        zonecfg_lookup_secflags;
 167  171          zonecfg_modify_admin;
 168  172          zonecfg_modify_attr;
 169  173          zonecfg_modify_dev;
 170  174          zonecfg_modify_ds;
 171  175          zonecfg_modify_filesystem;
 172  176          zonecfg_modify_mcap;
 173  177          zonecfg_modify_nwif;
 174  178          zonecfg_modify_pset;
 175  179          zonecfg_modify_rctl;
      180 +        zonecfg_modify_secflags;
 176  181          zonecfg_notify_bind;
 177  182          zonecfg_notify_critical_abort;
 178  183          zonecfg_notify_critical_enter;
 179  184          zonecfg_notify_critical_exit;
 180  185          zonecfg_notify_unbind;
 181  186          zonecfg_num_resources;
 182  187          zonecfg_open_scratch;
 183  188          zonecfg_ping_zoneadmd;
 184  189          zonecfg_release_lock_file;
 185  190          zonecfg_remove_fs_option;
↓ open down ↓ 56 lines elided ↑ open up ↑
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX