Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

@@ -157,5 +157,17 @@
                         (pctx->free_op)(pctx->arg, isexec);
                 kmem_free(pctx, sizeof (struct pctxop));
         }
         kpreempt_enable();
 }
+
+boolean_t
+secflag_enabled(proc_t *p, secflag_t flag)
+{
+        return (secflag_isset(p->p_secflags.psf_effective, flag));
+}
+
+void
+secflags_promote(proc_t *p)
+{
+        secflags_copy(&p->p_secflags.psf_effective, &p->p_secflags.psf_inherit);
+}