From 80b4378314cf62148fd053e97018cc5c78dd6af6 Mon Sep 17 00:00:00 2001
From: David Herrmann <dh.herrmann@gmail.com>
Date: Mon, 29 Dec 2014 13:24:35 +0100
Subject: [PATCH] capability: use /proc/sys/kernel/cap_last_cap

This file was introduced with linux-3.2, use it instead of probing for it
via prctl(PR_CAPBSET_READ).

For now, keep the old code for backwards compat. We can drop it once 3.2
is our lowest requirement.

The test-cap-list code is extended to verify cap_last_cap() is the same as
we'd get via prctl probing and /proc.
---
 src/shared/capability.c  | 14 +++++++++++++
 src/test/test-cap-list.c | 44 +++++++++++++++++++++++++++++++++++++++-
 2 files changed, 57 insertions(+), 1 deletion(-)

diff --git a/src/shared/capability.c b/src/shared/capability.c
index 65d7e038a..b1be04380 100644
--- a/src/shared/capability.c
+++ b/src/shared/capability.c
@@ -54,11 +54,25 @@ int have_effective_cap(int value) {
 unsigned long cap_last_cap(void) {
         static thread_local unsigned long saved;
         static thread_local bool valid = false;
+        _cleanup_free_ char *content = NULL;
         unsigned long p;
+        int r;
 
         if (valid)
                 return saved;
 
+        /* available since linux-3.2 */
+        r = read_one_line_file("/proc/sys/kernel/cap_last_cap", &content);
+        if (r >= 0) {
+                r = safe_atolu(content, &p);
+                if (r >= 0) {
+                        saved = p;
+                        valid = true;
+                        return p;
+                }
+        }
+
+        /* fall back to syscall-probing for pre linux-3.2 */
         p = (unsigned long) CAP_LAST_CAP;
 
         if (prctl(PR_CAPBSET_READ, p) < 0) {
diff --git a/src/test/test-cap-list.c b/src/test/test-cap-list.c
index 4e7513649..632d62ff8 100644
--- a/src/test/test-cap-list.c
+++ b/src/test/test-cap-list.c
@@ -21,10 +21,13 @@
 
 #include "util.h"
 #include "log.h"
+#include "fileio.h"
 #include "cap-list.h"
 #include "capability.h"
+#include <sys/prctl.h>
 
-int main(int argc, char *argv[]) {
+/* verify the capability parser */
+static void test_cap_list(void) {
         int i;
 
         assert_se(!capability_to_name(-1));
@@ -64,6 +67,45 @@ int main(int argc, char *argv[]) {
 
                 assert_se(strcasecmp(a, b) == 0);
         }
+}
+
+/* verify cap_last_cap() against /proc/sys/kernel/cap_last_cap */
+static void test_last_cap_file(void) {
+        _cleanup_free_ char *content = NULL;
+        unsigned long val = 0;
+        int r;
+
+        r = read_one_line_file("/proc/sys/kernel/cap_last_cap", &content);
+        assert_se(r >= 0);
+
+        r = safe_atolu(content, &val);
+        assert_se(r >= 0);
+        assert_se(val != 0);
+        assert_se(val == cap_last_cap());
+}
+
+/* verify cap_last_cap() against syscall probing */
+static void test_last_cap_probe(void) {
+        unsigned long p = (unsigned long)CAP_LAST_CAP;
+
+        if (prctl(PR_CAPBSET_READ, p) < 0) {
+                for (p--; p > 0; p --)
+                        if (prctl(PR_CAPBSET_READ, p) >= 0)
+                                break;
+        } else {
+                for (;; p++)
+                        if (prctl(PR_CAPBSET_READ, p+1) < 0)
+                                break;
+        }
+
+        assert_se(p != 0);
+        assert_se(p == cap_last_cap());
+}
+
+int main(int argc, char *argv[]) {
+        test_cap_list();
+        test_last_cap_file();
+        test_last_cap_probe();
 
         return 0;
 }
-- 
2.30.2