Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.
@@ -87,12 +87,12 @@
#else
int alloc_test_priv = priv_debug;
#endif
rw_init(&privinfo_lock, NULL, RW_DRIVER, NULL);
- PRIV_BASIC_ASSERT(priv_basic);
- PRIV_UNSAFE_ASSERT(&priv_unsafe);
+ PRIV_BASIC_ADDSET(priv_basic);
+ PRIV_UNSAFE_ADDSET(&priv_unsafe);
priv_fillset(&priv_fullset);
/*
* When booting with priv_debug set or in a DEBUG kernel, then we'll
* add an additional basic privilege and we verify that it is always
@@ -478,25 +478,25 @@
void
priv_addset(priv_set_t *set, int priv)
{
ASSERT(priv >= 0 && priv < MAX_PRIVILEGE);
- __PRIV_ASSERT(set, priv);
+ __PRIV_ADDSET(set, priv);
}
void
priv_delset(priv_set_t *set, int priv)
{
ASSERT(priv >= 0 && priv < MAX_PRIVILEGE);
- __PRIV_CLEAR(set, priv);
+ __PRIV_DELSET(set, priv);
}
boolean_t
priv_ismember(const priv_set_t *set, int priv)
{
ASSERT(priv >= 0 && priv < MAX_PRIVILEGE);
- return (__PRIV_ISASSERT(set, priv) ? B_TRUE : B_FALSE);
+ return (__PRIV_ISMEMBER(set, priv) ? B_TRUE : B_FALSE);
}
#define PRIV_TEST_BODY(test) \
int i; \
\