selftests/clone3: fix libcap interface usage

The test's set_capability() function needs to set CAP_CHECKPOINT_RESTORE
(bit 40). But libcap's API (cap_set_flag) didn't support cap 40 when the
test was written - it was too new. So the author worked around it by
casting cap_t to an assumed internal layout.

This worked with older libcap versions where cap_t pointed directly to
that layout. Newer libcap internally restructured its cap_t opaque type.

Since 2.43, libcap natively supports CAP_CHECKPOINT_RESTORE, workaround
is no longer needed. The fix directly uses the library interface.

Signed-off-by: Eva Kurchatova <eva.kurchatova@virtuozzo.com>
Link: https://patch.msgid.link/20260524163840.34247-2-eva.kurchatova@virtuozzo.com
Signed-off-by: Christian Brauner (Amutable) <brauner@kernel.org>

diff --git a/tools/testing/selftests/clone3/clone3_cap_checkpoint_restore.c b/tools/testing/selftests/clone3/clone3_cap_checkpoint_restore.c
index e82281efa273e2953d6e7b12c97116def8591814..49fb2edd5a7daf2276a8d6913f524d1661304de2 100644 (file)
--- a/tools/testing/selftests/clone3/clone3_cap_checkpoint_restore.c
+++ b/tools/testing/selftests/clone3/clone3_cap_checkpoint_restore.c
@@ -87,15 +87,11 @@ static int test_clone3_set_tid(struct __test_metadata *_metadata,
        return ret;
 }
 
-struct libcap {
-       struct __user_cap_header_struct hdr;
-       struct __user_cap_data_struct data[2];
-};
-
 static int set_capability(void)
 {
-       cap_value_t cap_values[] = { CAP_SETUID, CAP_SETGID };
-       struct libcap *cap;
+       cap_value_t cap_values[] = {
+               CAP_SETUID, CAP_SETGID, CAP_CHECKPOINT_RESTORE
+       };
        int ret = -1;
        cap_t caps;
 
@@ -111,14 +107,8 @@ static int set_capability(void)
                goto out;
        }
 
-       cap_set_flag(caps, CAP_EFFECTIVE, 2, cap_values, CAP_SET);
-       cap_set_flag(caps, CAP_PERMITTED, 2, cap_values, CAP_SET);
-
-       cap = (struct libcap *) caps;
-
-       /* 40 -> CAP_CHECKPOINT_RESTORE */
-       cap->data[1].effective |= 1 << (40 - 32);
-       cap->data[1].permitted |= 1 << (40 - 32);
+       cap_set_flag(caps, CAP_EFFECTIVE, 3, cap_values, CAP_SET);
+       cap_set_flag(caps, CAP_PERMITTED, 3, cap_values, CAP_SET);
 
        if (cap_set_proc(caps)) {
                perror("cap_set_proc");