basic/capability-util: let cap_last_cap() return unsigned integer

keszybz · keszybz · commit 261680bc0ea6 · 2020-09-21T09:28:13.000+02:00
We never return anything higher than 63, so using "long unsigned" as the type only confused the reader. (We can still use "long unsigned" and safe_atolu() to parse the kernel file.) (cherry picked from commit 864a25d)
diff --git a/src/basic/cap-list.c b/src/basic/cap-list.c
@@ -57,20 +57,19 @@ int capability_list_length(void) {
 
 int capability_set_to_string_alloc(uint64_t set, char **s) {
         _cleanup_free_ char *str = NULL;
-        unsigned long i;
         size_t allocated = 0, n = 0;
 
         assert(s);
 
-        for (i = 0; i <= cap_last_cap(); i++)
+        for (unsigned i = 0; i <= cap_last_cap(); i++)
                 if (set & (UINT64_C(1) << i)) {
                         const char *p;
                         char buf[2 + 16 + 1];
                         size_t add;
 
                         p = capability_to_name(i);
                         if (!p) {
-                                xsprintf(buf, "0x%lx", i);
+                                xsprintf(buf, "0x%x", i);
                                 p = buf;
                         }
 
diff --git a/src/basic/capability-util.c b/src/basic/capability-util.c
@@ -31,8 +31,8 @@ int have_effective_cap(int value) {
         return fv == CAP_SET;
 }
 
-unsigned long cap_last_cap(void) {
-        static thread_local unsigned long saved;
+unsigned cap_last_cap(void) {
+        static thread_local unsigned saved;
         static thread_local bool valid = false;
         _cleanup_free_ char *content = NULL;
         unsigned long p = 0;
@@ -65,7 +65,7 @@ unsigned long cap_last_cap(void) {
         if (prctl(PR_CAPBSET_READ, p) < 0) {
 
                 /* Hmm, look downwards, until we find one that works */
-                for (p--; p > 0; p --)
+                for (p--; p > 0; p--)
                         if (prctl(PR_CAPBSET_READ, p) >= 0)
                                 break;
 
@@ -84,12 +84,10 @@ unsigned long cap_last_cap(void) {
 }
 
 int capability_update_inherited_set(cap_t caps, uint64_t set) {
-        unsigned long i;
-
         /* Add capabilities in the set to the inherited caps, drops capabilities not in the set.
          * Do not apply them yet. */
 
-        for (i = 0; i <= cap_last_cap(); i++) {
+        for (unsigned i = 0; i <= cap_last_cap(); i++) {
                 cap_flag_value_t flag = set & (UINT64_C(1) << i) ? CAP_SET : CAP_CLEAR;
                 cap_value_t v;
 
@@ -104,11 +102,10 @@ int capability_update_inherited_set(cap_t caps, uint64_t set) {
 
 int capability_ambient_set_apply(uint64_t set, bool also_inherit) {
         _cleanup_cap_free_ cap_t caps = NULL;
-        unsigned long i;
         int r;
 
         /* Remove capabilities requested in ambient set, but not in the bounding set */
-        for (i = 0; i <= cap_last_cap(); i++) {
+        for (unsigned i = 0; i <= cap_last_cap(); i++) {
                 if (set == 0)
                         break;
 
@@ -140,7 +137,7 @@ int capability_ambient_set_apply(uint64_t set, bool also_inherit) {
                         return -errno;
         }
 
-        for (i = 0; i <= cap_last_cap(); i++) {
+        for (unsigned i = 0; i <= cap_last_cap(); i++) {
 
                 if (set & (UINT64_C(1) << i)) {
 
@@ -167,7 +164,6 @@ int capability_ambient_set_apply(uint64_t set, bool also_inherit) {
 int capability_bounding_set_drop(uint64_t keep, bool right_now) {
         _cleanup_cap_free_ cap_t before_cap = NULL, after_cap = NULL;
         cap_flag_value_t fv;
-        unsigned long i;
         int r;
 
         /* If we are run as PID 1 we will lack CAP_SETPCAP by default
@@ -204,7 +200,7 @@ int capability_bounding_set_drop(uint64_t keep, bool right_now) {
         if (!after_cap)
                 return -errno;
 
-        for (i = 0; i <= cap_last_cap(); i++) {
+        for (unsigned i = 0; i <= cap_last_cap(); i++) {
                 cap_value_t v;
 
                 if ((keep & (UINT64_C(1) << i)))
@@ -390,7 +386,6 @@ bool ambient_capabilities_supported(void) {
 }
 
 bool capability_quintet_mangle(CapabilityQuintet *q) {
-        unsigned long i;
         uint64_t combined, drop = 0;
         bool ambient_supported;
 
@@ -402,7 +397,7 @@ bool capability_quintet_mangle(CapabilityQuintet *q) {
         if (ambient_supported)
                 combined |= q->ambient;
 
-        for (i = 0; i <= cap_last_cap(); i++) {
+        for (unsigned i = 0; i <= cap_last_cap(); i++) {
                 unsigned long bit = UINT64_C(1) << i;
                 if (!FLAGS_SET(combined, bit))
                         continue;
@@ -431,16 +426,15 @@ int capability_quintet_enforce(const CapabilityQuintet *q) {
         int r;
 
         if (q->ambient != (uint64_t) -1) {
-                unsigned long i;
                 bool changed = false;
 
                 c = cap_get_proc();
                 if (!c)
                         return -errno;
 
-                /* In order to raise the ambient caps set we first need to raise the matching inheritable + permitted
-                 * cap */
-                for (i = 0; i <= cap_last_cap(); i++) {
+                /* In order to raise the ambient caps set we first need to raise the matching
+                 * inheritable + permitted cap */
+                for (unsigned i = 0; i <= cap_last_cap(); i++) {
                         uint64_t m = UINT64_C(1) << i;
                         cap_value_t cv = (cap_value_t) i;
                         cap_flag_value_t old_value_inheritable, old_value_permitted;
@@ -475,15 +469,14 @@ int capability_quintet_enforce(const CapabilityQuintet *q) {
 
         if (q->inheritable != (uint64_t) -1 || q->permitted != (uint64_t) -1 || q->effective != (uint64_t) -1) {
                 bool changed = false;
-                unsigned long i;
 
                 if (!c) {
                         c = cap_get_proc();
                         if (!c)
                                 return -errno;
                 }
 
-                for (i = 0; i <= cap_last_cap(); i++) {
+                for (unsigned i = 0; i <= cap_last_cap(); i++) {
                         uint64_t m = UINT64_C(1) << i;
                         cap_value_t cv = (cap_value_t) i;
 
diff --git a/src/basic/capability-util.h b/src/basic/capability-util.h
@@ -12,7 +12,7 @@
 
 #define CAP_ALL (uint64_t) -1
 
-unsigned long cap_last_cap(void);
+unsigned cap_last_cap(void);
 int have_effective_cap(int value);
 int capability_bounding_set_drop(uint64_t keep, bool right_now);
 int capability_bounding_set_drop_usermode(uint64_t keep);
diff --git a/src/libsystemd/sd-bus/bus-creds.c b/src/libsystemd/sd-bus/bus-creds.c
@@ -650,16 +650,15 @@ _public_ int sd_bus_creds_get_description(sd_bus_creds *c, const char **ret) {
 }
 
 static int has_cap(sd_bus_creds *c, size_t offset, int capability) {
-        unsigned long lc;
         size_t sz;
 
         assert(c);
         assert(capability >= 0);
         assert(c->capability);
 
-        lc = cap_last_cap();
+        unsigned lc = cap_last_cap();
 
-        if ((unsigned long) capability > lc)
+        if ((unsigned) capability > lc)
                 return 0;
 
         /* If the last cap is 63, then there are 64 caps defined, and we need 2 entries á 32bit hence. *
diff --git a/src/test/test-capability.c b/src/test/test-capability.c
@@ -240,7 +240,7 @@ static void test_ensure_cap_64bit(void) {
         assert_se(p <= 63);
 
         /* Also check for the header definition */
-        assert_se(CAP_LAST_CAP <= 63);
+        assert_cc(CAP_LAST_CAP <= 63);
 }
 
 int main(int argc, char *argv[]) {

Original file line number	Diff line number	Diff line change
`@@ -240,7 +240,7 @@ static void test_ensure_cap_64bit(void) {`
`240`	`240`	`assert_se(p <= 63);`
`241`	`241`
`242`	`242`	`/* Also check for the header definition */`
`243`		`- assert_se(CAP_LAST_CAP <= 63);`
	`243`	`+ assert_cc(CAP_LAST_CAP <= 63);`
`244`	`244`	`}`
`245`	`245`
`246`	`246`	`int main(int argc, char *argv[]) {`