Changeset View
Changeset View
Standalone View
Standalone View
sys/sys/jail.h
Context not available. | |||||
char pr_hostname[MAXHOSTNAMELEN]; /* (p) jail hostname */ | char pr_hostname[MAXHOSTNAMELEN]; /* (p) jail hostname */ | ||||
char pr_domainname[MAXHOSTNAMELEN]; /* (p) jail domainname */ | char pr_domainname[MAXHOSTNAMELEN]; /* (p) jail domainname */ | ||||
char pr_hostuuid[HOSTUUIDLEN]; /* (p) jail hostuuid */ | char pr_hostuuid[HOSTUUIDLEN]; /* (p) jail hostuuid */ | ||||
/* Lock only needed for pax_* if pr_pax_set == 0 */ | |||||
int pr_pax_set; /* (p) PaX settings initialized */ | |||||
int pr_pax_aslr_status; /* (p) PaX ASLR enabled */ | |||||
int pr_pax_aslr_debug; /* (p) PaX ASLR debug */ | |||||
int pr_pax_aslr_mmap_len; /* (p) Number of bits randomized with mmap */ | |||||
int pr_pax_aslr_stack_len; /* (p) Number of bits randomized with stack */ | |||||
int pr_pax_aslr_exec_len; /* (p) Number of bits randomized with the execbase */ | |||||
rwatson: Elsewhere, you use "pax" in many variable and data-structure names; why not call this… | |||||
Not Done Inline ActionsSome of the hardening/exploit mitigation features we hope to upstream from HardenedBSD have nothing to do with PaX. pr_hardening makes the most sense when that is taken into account. lattera-gmail.com: Some of the hardening/exploit mitigation features we hope to upstream from HardenedBSD have… | |||||
int pr_pax_aslr_compat_status; /* (p) PaX ASLR enabled (compat32) */ | |||||
int pr_pax_aslr_compat_mmap_len; /* (p) Number of bits randomized with mmap (compat32) */ | |||||
int pr_pax_aslr_compat_stack_len; /* (p) Number of bits randomized with stack (compat32) */ | |||||
int pr_pax_aslr_compat_exec_len; /* (p) Number of bits randomized with the execbase (compat32) */ | |||||
int pr_pax_log_log; /* (p) XXX */ | |||||
int pr_pax_log_ulog; /* (p) XXX */ | |||||
}; | }; | ||||
struct prison_racct { | struct prison_racct { | ||||
Context not available. |
Elsewhere, you use "pax" in many variable and data-structure names; why not call this pax_features and pr_pax?