capability: add a test that fails if we ever enter > 64bit capability territory
This commit is contained in:
parent
46eda04373
commit
74b6ce90a0
|
@ -215,11 +215,32 @@ static void test_set_ambient_caps(void) {
|
|||
assert_se(prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_IS_SET, CAP_CHOWN, 0, 0) == 1);
|
||||
}
|
||||
|
||||
static void test_ensure_cap_64bit(void) {
|
||||
_cleanup_free_ char *content = NULL;
|
||||
unsigned long p = 0;
|
||||
int r;
|
||||
|
||||
r = read_one_line_file("/proc/sys/kernel/cap_last_cap", &content);
|
||||
if (r == -ENOENT) /* kernel pre 3.2 */
|
||||
return;
|
||||
assert_se(r >= 0);
|
||||
|
||||
assert_se(safe_atolu(content, &p) >= 0);
|
||||
|
||||
/* If caps don't fit into 64bit anymore, we have a problem, fail the test. */
|
||||
assert_se(p <= 63);
|
||||
|
||||
/* Also check for the header definition */
|
||||
assert_se(CAP_LAST_CAP <= 63);
|
||||
}
|
||||
|
||||
int main(int argc, char *argv[]) {
|
||||
bool run_ambient;
|
||||
|
||||
test_setup_logging(LOG_INFO);
|
||||
|
||||
test_ensure_cap_64bit();
|
||||
|
||||
test_last_cap_file();
|
||||
test_last_cap_probe();
|
||||
|
||||
|
|
Loading…
Reference in a new issue