The test's set_capability() function needs to set CAP_CHECKPOINT_RESTORE (bit 40). But libcap's API (cap_set_flag) didn't support cap 40 when the test was written - it was too new. So the author worked around it by casting cap_t to an assumed internal layout.
This worked with older libcap versions where cap_t pointed directly to that layout. Newer libcap internally restructured its cap_t opaque type. Since 2.43, libcap natively supports CAP_CHECKPOINT_RESTORE, workaround is no longer needed. The fix directly uses the library interface. Signed-off-by: Eva Kurchatova <[email protected]> --- .../clone3/clone3_cap_checkpoint_restore.c | 20 +++++-------------- 1 file changed, 5 insertions(+), 15 deletions(-) diff --git a/tools/testing/selftests/clone3/clone3_cap_checkpoint_restore.c b/tools/testing/selftests/clone3/clone3_cap_checkpoint_restore.c index e82281efa273..49fb2edd5a7d 100644 --- a/tools/testing/selftests/clone3/clone3_cap_checkpoint_restore.c +++ b/tools/testing/selftests/clone3/clone3_cap_checkpoint_restore.c @@ -87,15 +87,11 @@ static int test_clone3_set_tid(struct __test_metadata *_metadata, return ret; } -struct libcap { - struct __user_cap_header_struct hdr; - struct __user_cap_data_struct data[2]; -}; - static int set_capability(void) { - cap_value_t cap_values[] = { CAP_SETUID, CAP_SETGID }; - struct libcap *cap; + cap_value_t cap_values[] = { + CAP_SETUID, CAP_SETGID, CAP_CHECKPOINT_RESTORE + }; int ret = -1; cap_t caps; @@ -111,14 +107,8 @@ static int set_capability(void) goto out; } - cap_set_flag(caps, CAP_EFFECTIVE, 2, cap_values, CAP_SET); - cap_set_flag(caps, CAP_PERMITTED, 2, cap_values, CAP_SET); - - cap = (struct libcap *) caps; - - /* 40 -> CAP_CHECKPOINT_RESTORE */ - cap->data[1].effective |= 1 << (40 - 32); - cap->data[1].permitted |= 1 << (40 - 32); + cap_set_flag(caps, CAP_EFFECTIVE, 3, cap_values, CAP_SET); + cap_set_flag(caps, CAP_PERMITTED, 3, cap_values, CAP_SET); if (cap_set_proc(caps)) { perror("cap_set_proc"); -- 2.54.0
