1 // SPDX-License-Identifier: GPL-2.0 1 // SPDX-License-Identifier: GPL-2.0 2 /* 2 /* 3 * Capability utilities 3 * Capability utilities 4 */ 4 */ 5 5 6 #include "cap.h" 6 #include "cap.h" 7 #include "debug.h" 7 #include "debug.h" 8 #include <errno.h> 8 #include <errno.h> 9 #include <string.h> 9 #include <string.h> 10 #include <linux/capability.h> 10 #include <linux/capability.h> 11 #include <sys/syscall.h> 11 #include <sys/syscall.h> 12 #include <unistd.h> 12 #include <unistd.h> 13 13 14 #define MAX_LINUX_CAPABILITY_U32S _LINUX_CAPAB 14 #define MAX_LINUX_CAPABILITY_U32S _LINUX_CAPABILITY_U32S_3 15 15 16 bool perf_cap__capable(int cap, bool *used_roo 16 bool perf_cap__capable(int cap, bool *used_root) 17 { 17 { 18 struct __user_cap_header_struct header 18 struct __user_cap_header_struct header = { 19 .version = _LINUX_CAPABILITY_V 19 .version = _LINUX_CAPABILITY_VERSION_3, 20 .pid = 0, 20 .pid = 0, 21 }; 21 }; 22 struct __user_cap_data_struct data[MAX 22 struct __user_cap_data_struct data[MAX_LINUX_CAPABILITY_U32S] = {}; 23 __u32 cap_val; 23 __u32 cap_val; 24 24 25 *used_root = false; 25 *used_root = false; 26 while (syscall(SYS_capget, &header, &d 26 while (syscall(SYS_capget, &header, &data[0]) == -1) { 27 /* Retry, first attempt has se 27 /* Retry, first attempt has set the header.version correctly. */ 28 if (errno == EINVAL && header. 28 if (errno == EINVAL && header.version != _LINUX_CAPABILITY_VERSION_3 && 29 header.version == _LINUX_C 29 header.version == _LINUX_CAPABILITY_VERSION_1) 30 continue; 30 continue; 31 31 32 pr_debug2("capget syscall fail 32 pr_debug2("capget syscall failed (%s - %d) fall back on root check\n", 33 strerror(errno), err 33 strerror(errno), errno); 34 *used_root = true; 34 *used_root = true; 35 return geteuid() == 0; 35 return geteuid() == 0; 36 } 36 } 37 37 38 /* Extract the relevant capability bit 38 /* Extract the relevant capability bit. */ 39 if (cap >= 32) { 39 if (cap >= 32) { 40 if (header.version == _LINUX_C 40 if (header.version == _LINUX_CAPABILITY_VERSION_3) { 41 cap_val = data[1].effe 41 cap_val = data[1].effective; 42 } else { 42 } else { 43 /* Capability beyond 3 43 /* Capability beyond 32 is requested but only 32 are supported. */ 44 return false; 44 return false; 45 } 45 } 46 } else { 46 } else { 47 cap_val = data[0].effective; 47 cap_val = data[0].effective; 48 } 48 } 49 return (cap_val & (1 << (cap & 0x1f))) 49 return (cap_val & (1 << (cap & 0x1f))) != 0; 50 } 50 } 51 51
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.