git: 98a868c61b93 - main - linux: Support LINUX_PR_GET_NO_NEW_PRIVS prctl(2)

From: Pouria Mousavizadeh Tehrani <pouria_at_FreeBSD.org>
Date: Wed, 22 Apr 2026 09:56:18 UTC 
The branch main has been updated by pouria:

URL: https://cgit.FreeBSD.org/src/commit/?id=98a868c61b931e37cf09adecd8542cbd874d333f

commit 98a868c61b931e37cf09adecd8542cbd874d333f
Author:     Ricardo Branco <rbranco@suse.de>
AuthorDate: 2026-04-19 21:16:48 +0000
Commit:     Pouria Mousavizadeh Tehrani <pouria@FreeBSD.org>
CommitDate: 2026-04-22 09:27:41 +0000

    linux: Support LINUX_PR_GET_NO_NEW_PRIVS prctl(2)
    
    PR: 294651
    Signed-off-by: Ricardo Branco <rbranco@suse.de>
    Reviewed by: kib, pouria
    Pull-Request: https://github.com/freebsd/freebsd-src/pull/2151
---
 sys/compat/linux/linux_misc.c | 8 ++++++++
 sys/compat/linux/linux_misc.h | 3 ++-
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/sys/compat/linux/linux_misc.c b/sys/compat/linux/linux_misc.c
index 6080bbd058f0..85088e8ed7ca 100644
--- a/sys/compat/linux/linux_misc.c
+++ b/sys/compat/linux/linux_misc.c
@@ -1822,6 +1822,14 @@ linux_prctl(struct thread *td, struct linux_prctl_args *args)
 		error = kern_procctl(td, P_PID, p->p_pid,
 		    PROC_NO_NEW_PRIVS_CTL, &arg);
 		break;
+	case LINUX_PR_GET_NO_NEW_PRIVS:
+		error = kern_procctl(td, P_PID, p->p_pid,
+		    PROC_NO_NEW_PRIVS_STATUS, &arg);
+		if (error != 0)
+			return (error);
+		/* Linux returns the value as the syscall return */
+		td->td_retval[0] = arg == PROC_NO_NEW_PRIVS_ENABLE ? 1 : 0;
+		break;
 	case LINUX_PR_SET_PTRACER:
 		linux_msg(td, "unsupported prctl PR_SET_PTRACER");
 		error = EINVAL;
diff --git a/sys/compat/linux/linux_misc.h b/sys/compat/linux/linux_misc.h
index 4412ff5b0f92..abd3a6df76f1 100644
--- a/sys/compat/linux/linux_misc.h
+++ b/sys/compat/linux/linux_misc.h
@@ -59,7 +59,8 @@
 #define	LINUX_PR_CAPBSET_READ	23
 #define	LINUX_PR_SET_CHILD_SUBREAPER	36 /* Get child subreaper status */
 #define	LINUX_PR_GET_CHILD_SUBREAPER	37 /* Set child subreaper status */
-#define	LINUX_PR_SET_NO_NEW_PRIVS	38
+#define	LINUX_PR_SET_NO_NEW_PRIVS	38 /* Set no_new_privs attribute */
+#define	LINUX_PR_GET_NO_NEW_PRIVS	39 /* Get no_new_privs attribute */
 #define	LINUX_PR_SET_PTRACER	1499557217
 
 #define	LINUX_MAX_COMM_LEN	16	/* Maximum length of the process name. */