Add PR_{GET,SET}_NO_NEW_PRIVS to prevent execve from granting privs

[platform/adaptation/renesas_rcar/renesas_kernel.git] / include / linux / sched.h

diff --git a/include/linux/sched.h b/include/linux/sched.h
index 81a173c..ba60897 100644 (file)
--- a/include/linux/sched.h
+++ b/include/linux/sched.h
@@ -1341,6 +1341,8 @@ struct task_struct {
                                 * execve */
        unsigned in_iowait:1;
 
+       /* task may not gain privileges */
+       unsigned no_new_privs:1;
 
        /* Revert to default priority/policy when forking */
        unsigned sched_reset_on_fork:1;