From: Eva Kurchatova Date: Sun, 24 May 2026 16:35:49 +0000 (+0300) Subject: selftests/clone3: fix libcap interface usage X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=00429def23a684f19eb1e95083f4579b3ac73810;p=thirdparty%2Flinux.git selftests/clone3: fix libcap interface usage The test's set_capability() function needs to set CAP_CHECKPOINT_RESTORE (bit 40). But libcap's API (cap_set_flag) didn't support cap 40 when the test was written - it was too new. So the author worked around it by casting cap_t to an assumed internal layout. This worked with older libcap versions where cap_t pointed directly to that layout. Newer libcap internally restructured its cap_t opaque type. Since 2.43, libcap natively supports CAP_CHECKPOINT_RESTORE, workaround is no longer needed. The fix directly uses the library interface. Signed-off-by: Eva Kurchatova Link: https://patch.msgid.link/20260524163840.34247-2-eva.kurchatova@virtuozzo.com Signed-off-by: Christian Brauner (Amutable) --- diff --git a/tools/testing/selftests/clone3/clone3_cap_checkpoint_restore.c b/tools/testing/selftests/clone3/clone3_cap_checkpoint_restore.c index e82281efa273e..49fb2edd5a7da 100644 --- a/tools/testing/selftests/clone3/clone3_cap_checkpoint_restore.c +++ b/tools/testing/selftests/clone3/clone3_cap_checkpoint_restore.c @@ -87,15 +87,11 @@ static int test_clone3_set_tid(struct __test_metadata *_metadata, return ret; } -struct libcap { - struct __user_cap_header_struct hdr; - struct __user_cap_data_struct data[2]; -}; - static int set_capability(void) { - cap_value_t cap_values[] = { CAP_SETUID, CAP_SETGID }; - struct libcap *cap; + cap_value_t cap_values[] = { + CAP_SETUID, CAP_SETGID, CAP_CHECKPOINT_RESTORE + }; int ret = -1; cap_t caps; @@ -111,14 +107,8 @@ static int set_capability(void) goto out; } - cap_set_flag(caps, CAP_EFFECTIVE, 2, cap_values, CAP_SET); - cap_set_flag(caps, CAP_PERMITTED, 2, cap_values, CAP_SET); - - cap = (struct libcap *) caps; - - /* 40 -> CAP_CHECKPOINT_RESTORE */ - cap->data[1].effective |= 1 << (40 - 32); - cap->data[1].permitted |= 1 << (40 - 32); + cap_set_flag(caps, CAP_EFFECTIVE, 3, cap_values, CAP_SET); + cap_set_flag(caps, CAP_PERMITTED, 3, cap_values, CAP_SET); if (cap_set_proc(caps)) { perror("cap_set_proc");