Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

*** 143,156 **** #define HAS_ALLPRIVS(cr) priv_isfullset(&CR_OEPRIV(cr)) #define ZONEPRIVS(cr) ((cr)->cr_zone->zone_privset) #define HAS_ALLZONEPRIVS(cr) priv_issubset(ZONEPRIVS(cr), &CR_OEPRIV(cr)) #define HAS_PRIVILEGE(cr, pr) ((pr) == PRIV_ALL ? \ HAS_ALLPRIVS(cr) : \ ! PRIV_ISASSERT(&CR_OEPRIV(cr), pr)) #define FAST_BASIC_CHECK(cr, priv) \ ! if (PRIV_ISASSERT(&CR_OEPRIV(cr), priv)) { \ DTRACE_PROBE2(priv__ok, int, priv, boolean_t, B_FALSE); \ return (0); \ } /* --- 143,156 ---- #define HAS_ALLPRIVS(cr) priv_isfullset(&CR_OEPRIV(cr)) #define ZONEPRIVS(cr) ((cr)->cr_zone->zone_privset) #define HAS_ALLZONEPRIVS(cr) priv_issubset(ZONEPRIVS(cr), &CR_OEPRIV(cr)) #define HAS_PRIVILEGE(cr, pr) ((pr) == PRIV_ALL ? \ HAS_ALLPRIVS(cr) : \ ! PRIV_ISMEMBER(&CR_OEPRIV(cr), pr)) #define FAST_BASIC_CHECK(cr, priv) \ ! if (PRIV_ISMEMBER(&CR_OEPRIV(cr), priv)) { \ DTRACE_PROBE2(priv__ok, int, priv, boolean_t, B_FALSE); \ return (0); \ } /*
*** 399,409 **** { if ((HAS_PRIVILEGE(cr, priv) && (!allzone || HAS_ALLZONEPRIVS(cr))) || (!servicing_interrupt() && priv_policy_override(cr, priv, allzone, ap) == 0)) { if ((allzone || priv == PRIV_ALL || ! !PRIV_ISASSERT(priv_basic, priv)) && !servicing_interrupt()) { PTOU(curproc)->u_acflag |= ASU; /* Needed for SVVS */ if (AU_AUDITING()) audit_priv(priv, allzone ? ZONEPRIVS(cr) : NULL, 1); --- 399,409 ---- { if ((HAS_PRIVILEGE(cr, priv) && (!allzone || HAS_ALLZONEPRIVS(cr))) || (!servicing_interrupt() && priv_policy_override(cr, priv, allzone, ap) == 0)) { if ((allzone || priv == PRIV_ALL || ! !PRIV_ISMEMBER(priv_basic, priv)) && !servicing_interrupt()) { PTOU(curproc)->u_acflag |= ASU; /* Needed for SVVS */ if (AU_AUDITING()) audit_priv(priv, allzone ? ZONEPRIVS(cr) : NULL, 1);
*** 447,457 **** boolean_t res = HAS_PRIVILEGE(cr, priv) && (!allzone || HAS_ALLZONEPRIVS(cr)); /* Audit success only */ if (res && AU_AUDITING() && ! (allzone || priv == PRIV_ALL || !PRIV_ISASSERT(priv_basic, priv)) && !servicing_interrupt()) { audit_priv(priv, allzone ? ZONEPRIVS(cr) : NULL, 1); } if (res) { DTRACE_PROBE2(priv__ok, int, priv, boolean_t, allzone); --- 447,457 ---- boolean_t res = HAS_PRIVILEGE(cr, priv) && (!allzone || HAS_ALLZONEPRIVS(cr)); /* Audit success only */ if (res && AU_AUDITING() && ! (allzone || priv == PRIV_ALL || !PRIV_ISMEMBER(priv_basic, priv)) && !servicing_interrupt()) { audit_priv(priv, allzone ? ZONEPRIVS(cr) : NULL, 1); } if (res) { DTRACE_PROBE2(priv__ok, int, priv, boolean_t, allzone);
*** 970,987 **** { mode_t mode; /* Inline the basic privileges tests. */ if ((wantmode & VREAD) && ! !PRIV_ISASSERT(&CR_OEPRIV(cr), PRIV_FILE_READ) && priv_policy_va(cr, PRIV_FILE_READ, B_FALSE, EACCES, NULL, KLPDARG_VNODE, vp, (char *)NULL, KLPDARG_NOMORE) != 0) { return (EACCES); } if ((wantmode & VWRITE) && ! !PRIV_ISASSERT(&CR_OEPRIV(cr), PRIV_FILE_WRITE) && priv_policy_va(cr, PRIV_FILE_WRITE, B_FALSE, EACCES, NULL, KLPDARG_VNODE, vp, (char *)NULL, KLPDARG_NOMORE) != 0) { return (EACCES); } --- 970,987 ---- { mode_t mode; /* Inline the basic privileges tests. */ if ((wantmode & VREAD) && ! !PRIV_ISMEMBER(&CR_OEPRIV(cr), PRIV_FILE_READ) && priv_policy_va(cr, PRIV_FILE_READ, B_FALSE, EACCES, NULL, KLPDARG_VNODE, vp, (char *)NULL, KLPDARG_NOMORE) != 0) { return (EACCES); } if ((wantmode & VWRITE) && ! !PRIV_ISMEMBER(&CR_OEPRIV(cr), PRIV_FILE_WRITE) && priv_policy_va(cr, PRIV_FILE_WRITE, B_FALSE, EACCES, NULL, KLPDARG_VNODE, vp, (char *)NULL, KLPDARG_NOMORE) != 0) { return (EACCES); }
*** 1726,1735 **** --- 1726,1748 ---- secpolicy_pset(const cred_t *cr) { return (PRIV_POLICY(cr, PRIV_SYS_RES_CONFIG, B_FALSE, EPERM, NULL)); } + /* Process security flags */ + int + secpolicy_psecflags(const cred_t *cr, proc_t *tp, proc_t *sp) + { + if (PRIV_POLICY(cr, PRIV_PROC_SECFLAGS, B_FALSE, EPERM, NULL) != 0) + return (EPERM); + + if (!prochasprocperm(tp, sp, cr)) + return (EPERM); + + return (0); + } + /* * Processor set binding. */ int secpolicy_pbind(const cred_t *cr)