Hi Mariusz,
On Sun, Jan 21, 2024 at 5:04 AM Mariusz Kozłowski <mk@xxxxxxxxxxxx> wrote:
>
> Version 3 capability masks are 64 bits in size.
> ---
> tools/btmon-logger.c | 12 ++++++------
> 1 file changed, 6 insertions(+), 6 deletions(-)
>
> diff --git a/tools/btmon-logger.c b/tools/btmon-logger.c
> index a770ad575..1f6db3751 100644
> --- a/tools/btmon-logger.c
> +++ b/tools/btmon-logger.c
> @@ -161,14 +161,14 @@ extern int capset(struct __user_cap_header_struct *header,
> static void drop_capabilities(void)
> {
> struct __user_cap_header_struct header;
> - struct __user_cap_data_struct cap;
> + struct __user_cap_data_struct cap[_LINUX_CAPABILITY_U32S_3];
Ok, but this doesn't change the field, it makes it an array, or are
you talking about the following note:
Note that 64-bit capabilities use datap[0] and datap[1], whereas
32-bit capabilities use only datap[0].
In that case Ive just pointed out to this note to explain why this is needed.
> unsigned int mask;
> int err;
>
> header.version = _LINUX_CAPABILITY_VERSION_3;
> header.pid = 0;
>
> - err = capget(&header, &cap);
> + err = capget(&header, cap);
> if (err) {
> perror("Unable to get current capabilities");
> return;
> @@ -177,11 +177,11 @@ static void drop_capabilities(void)
> /* not needed anymore since monitor socket is already open */
> mask = ~CAP_TO_MASK(CAP_NET_RAW);
>
> - cap.effective &= mask;
> - cap.permitted &= mask;
> - cap.inheritable &= mask;
> + cap[0].effective &= mask;
> + cap[0].permitted &= mask;
> + cap[0].inheritable &= mask;
>
> - err = capset(&header, &cap);
> + err = capset(&header, cap);
> if (err)
> perror("Failed to set capabilities");
> }
> --
> 2.34.1
>
>
--
Luiz Augusto von Dentz
