[PATCH 1/2] selftests/clone3: fix libcap interface usage
From: Eva Kurchatova
Date: Sun May 24 2026 - 12:39:29 EST
The test's set_capability() function needs to set CAP_CHECKPOINT_RESTORE
(bit 40). But libcap's API (cap_set_flag) didn't support cap 40 when the
test was written - it was too new. So the author worked around it by
casting cap_t to an assumed internal layout.
This worked with older libcap versions where cap_t pointed directly to
that layout. Newer libcap internally restructured its cap_t opaque type.
Since 2.43, libcap natively supports CAP_CHECKPOINT_RESTORE, workaround
is no longer needed. The fix directly uses the library interface.
Signed-off-by: Eva Kurchatova <eva.kurchatova@xxxxxxxxxxxxx>
---
.../clone3/clone3_cap_checkpoint_restore.c | 20 +++++--------------
1 file changed, 5 insertions(+), 15 deletions(-)
diff --git a/tools/testing/selftests/clone3/clone3_cap_checkpoint_restore.c b/tools/testing/selftests/clone3/clone3_cap_checkpoint_restore.c
index e82281efa273..49fb2edd5a7d 100644
--- a/tools/testing/selftests/clone3/clone3_cap_checkpoint_restore.c
+++ b/tools/testing/selftests/clone3/clone3_cap_checkpoint_restore.c
@@ -87,15 +87,11 @@ static int test_clone3_set_tid(struct __test_metadata *_metadata,
return ret;
}
-struct libcap {
- struct __user_cap_header_struct hdr;
- struct __user_cap_data_struct data[2];
-};
-
static int set_capability(void)
{
- cap_value_t cap_values[] = { CAP_SETUID, CAP_SETGID };
- struct libcap *cap;
+ cap_value_t cap_values[] = {
+ CAP_SETUID, CAP_SETGID, CAP_CHECKPOINT_RESTORE
+ };
int ret = -1;
cap_t caps;
@@ -111,14 +107,8 @@ static int set_capability(void)
goto out;
}
- cap_set_flag(caps, CAP_EFFECTIVE, 2, cap_values, CAP_SET);
- cap_set_flag(caps, CAP_PERMITTED, 2, cap_values, CAP_SET);
-
- cap = (struct libcap *) caps;
-
- /* 40 -> CAP_CHECKPOINT_RESTORE */
- cap->data[1].effective |= 1 << (40 - 32);
- cap->data[1].permitted |= 1 << (40 - 32);
+ cap_set_flag(caps, CAP_EFFECTIVE, 3, cap_values, CAP_SET);
+ cap_set_flag(caps, CAP_PERMITTED, 3, cap_values, CAP_SET);
if (cap_set_proc(caps)) {
perror("cap_set_proc");
--
2.54.0