CoCalc -- cap_helpers.c

GitHub Repository: torvalds/linux
Path: blob/master/tools/testing/selftests/bpf/cap_helpers.c
²⁶²⁸⁵ views
1
// SPDX-License-Identifier: GPL-2.0
2
#include "cap_helpers.h"
3

4
/* Avoid including <sys/capability.h> from the libcap-devel package,
5
 * so directly declare them here and use them from glibc.
6
 */
7
int capget(cap_user_header_t header, cap_user_data_t data);
8
int capset(cap_user_header_t header, const cap_user_data_t data);
9

10
int cap_enable_effective(__u64 caps, __u64 *old_caps)
11
{
12
	struct __user_cap_data_struct data[_LINUX_CAPABILITY_U32S_3];
13
	struct __user_cap_header_struct hdr = {
14
		.version = _LINUX_CAPABILITY_VERSION_3,
15
	};
16
	__u32 cap0 = caps;
17
	__u32 cap1 = caps >> 32;
18
	int err;
19

20
	err = capget(&hdr, data);
21
	if (err)
22
		return -errno;
23

24
	if (old_caps)
25
		*old_caps = (__u64)(data[1].effective) << 32 | data[0].effective;
26

27
	if ((data[0].effective & cap0) == cap0 &&
28
	    (data[1].effective & cap1) == cap1)
29
		return 0;
30

31
	data[0].effective |= cap0;
32
	data[1].effective |= cap1;
33
	err = capset(&hdr, data);
34
	if (err)
35
		return -errno;
36

37
	return 0;
38
}
39

40
int cap_disable_effective(__u64 caps, __u64 *old_caps)
41
{
42
	struct __user_cap_data_struct data[_LINUX_CAPABILITY_U32S_3];
43
	struct __user_cap_header_struct hdr = {
44
		.version = _LINUX_CAPABILITY_VERSION_3,
45
	};
46
	__u32 cap0 = caps;
47
	__u32 cap1 = caps >> 32;
48
	int err;
49

50
	err = capget(&hdr, data);
51
	if (err)
52
		return -errno;
53

54
	if (old_caps)
55
		*old_caps = (__u64)(data[1].effective) << 32 | data[0].effective;
56

57
	if (!(data[0].effective & cap0) && !(data[1].effective & cap1))
58
		return 0;
59

60
	data[0].effective &= ~cap0;
61
	data[1].effective &= ~cap1;
62
	err = capset(&hdr, data);
63
	if (err)
64
		return -errno;
65

66
	return 0;
67
}
68

69
Product

Resources

Company
