picnoir/Systemd
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

capability: add a test that fails if we ever enter > 64bit capability territory

Browse source
This commit is contained in:
Lennart Poettering 2019-03-21 12:38:18 +01:00
parent 46eda04373
commit 74b6ce90a0
1 changed files with 21 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
src/test/test-capability.c
View file

@ -215,11 +215,32 @@ static void test_set_ambient_caps(void) {
assert_se(prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_IS_SET, CAP_CHOWN, 0, 0) == 1);
}
static void test_ensure_cap_64bit(void) {
_cleanup_free_ char *content = NULL;
unsigned long p = 0;
int r;
r = read_one_line_file("/proc/sys/kernel/cap_last_cap", &content);
if (r == -ENOENT) /* kernel pre 3.2 */
return;
assert_se(r >= 0);
assert_se(safe_atolu(content, &p) >= 0);
/* If caps don't fit into 64bit anymore, we have a problem, fail the test. */
assert_se(p <= 63);
/* Also check for the header definition */
assert_se(CAP_LAST_CAP <= 63);
}
int main(int argc, char *argv[]) {
bool run_ambient;
test_setup_logging(LOG_INFO);
test_ensure_cap_64bit();
test_last_cap_file();
test_last_cap_probe();