capability: add a test that fails if we ever enter > 64bit capability territory

diff --git a/src/test/test-capability.c b/src/test/test-capability.c
index 325d7c8cc2fa8f979aabe378766f4151a4e03e36..6b2de66bb7ff7f7b103098bb136914272420b079 100644 (file)
--- a/src/test/test-capability.c
+++ b/src/test/test-capability.c
@@ -215,11 +215,32 @@ static void test_set_ambient_caps(void) {
         assert_se(prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_IS_SET, CAP_CHOWN, 0, 0) == 1);
 }
 
+static void test_ensure_cap_64bit(void) {
+        _cleanup_free_ char *content = NULL;
+        unsigned long p = 0;
+        int r;
+
+        r = read_one_line_file("/proc/sys/kernel/cap_last_cap", &content);
+        if (r == -ENOENT) /* kernel pre 3.2 */
+                return;
+        assert_se(r >= 0);
+
+        assert_se(safe_atolu(content, &p) >= 0);
+
+        /* If caps don't fit into 64bit anymore, we have a problem, fail the test. */
+        assert_se(p <= 63);
+
+        /* Also check for the header definition */
+        assert_se(CAP_LAST_CAP <= 63);
+}
+
 int main(int argc, char *argv[]) {
         bool run_ambient;
 
         test_setup_logging(LOG_INFO);
 
+        test_ensure_cap_64bit();
+
         test_last_cap_file();
         test_last_cap_probe();