|
30 | 30 | #include <sched.h> |
31 | 31 | #include <time.h> |
32 | 32 | #include <cpuid.h> |
33 | | -#include <linux/capability.h> |
| 33 | +#include <sys/capability.h> |
34 | 34 | #include <errno.h> |
35 | 35 | #include <math.h> |
36 | 36 |
|
@@ -3150,28 +3150,42 @@ void check_dev_msr() |
3150 | 3150 | err(-5, "no /dev/cpu/0/msr, Try \"# modprobe msr\" "); |
3151 | 3151 | } |
3152 | 3152 |
|
3153 | | -void check_permissions() |
| 3153 | +/* |
| 3154 | + * check for CAP_SYS_RAWIO |
| 3155 | + * return 0 on success |
| 3156 | + * return 1 on fail |
| 3157 | + */ |
| 3158 | +int check_for_cap_sys_rawio(void) |
3154 | 3159 | { |
3155 | | - struct __user_cap_header_struct cap_header_data; |
3156 | | - cap_user_header_t cap_header = &cap_header_data; |
3157 | | - struct __user_cap_data_struct cap_data_data; |
3158 | | - cap_user_data_t cap_data = &cap_data_data; |
3159 | | - extern int capget(cap_user_header_t hdrp, cap_user_data_t datap); |
3160 | | - int do_exit = 0; |
3161 | | - char pathname[32]; |
| 3160 | + cap_t caps; |
| 3161 | + cap_flag_value_t cap_flag_value; |
3162 | 3162 |
|
3163 | | - /* check for CAP_SYS_RAWIO */ |
3164 | | - cap_header->pid = getpid(); |
3165 | | - cap_header->version = _LINUX_CAPABILITY_VERSION; |
3166 | | - if (capget(cap_header, cap_data) < 0) |
3167 | | - err(-6, "capget(2) failed"); |
| 3163 | + caps = cap_get_proc(); |
| 3164 | + if (caps == NULL) |
| 3165 | + err(-6, "cap_get_proc\n"); |
3168 | 3166 |
|
3169 | | - if ((cap_data->effective & (1 << CAP_SYS_RAWIO)) == 0) { |
3170 | | - do_exit++; |
| 3167 | + if (cap_get_flag(caps, CAP_SYS_RAWIO, CAP_EFFECTIVE, &cap_flag_value)) |
| 3168 | + err(-6, "cap_get\n"); |
| 3169 | + |
| 3170 | + if (cap_flag_value != CAP_SET) { |
3171 | 3171 | warnx("capget(CAP_SYS_RAWIO) failed," |
3172 | 3172 | " try \"# setcap cap_sys_rawio=ep %s\"", progname); |
| 3173 | + return 1; |
3173 | 3174 | } |
3174 | 3175 |
|
| 3176 | + if (cap_free(caps) == -1) |
| 3177 | + err(-6, "cap_free\n"); |
| 3178 | + |
| 3179 | + return 0; |
| 3180 | +} |
| 3181 | +void check_permissions(void) |
| 3182 | +{ |
| 3183 | + int do_exit = 0; |
| 3184 | + char pathname[32]; |
| 3185 | + |
| 3186 | + /* check for CAP_SYS_RAWIO */ |
| 3187 | + do_exit += check_for_cap_sys_rawio(); |
| 3188 | + |
3175 | 3189 | /* test file permissions */ |
3176 | 3190 | sprintf(pathname, "/dev/cpu/%d/msr", base_cpu); |
3177 | 3191 | if (euidaccess(pathname, R_OK)) { |
|
0 commit comments