technocloud-public/nginx-unit
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Using the 64-bit Linux capability mode when available.

Browse Source 
For backward compatibility, the Linux capabilities macros exposes v1 semantics
(32-bit) by default.  We probe the version at runtime (because of pre-compiled
binaries) but the kernel syscall API is conservative and it doesn't return a
64-bit capability version if the input version is v1.

This patch suppress the kernel > 5.0 dmesg log below:

  capability: warning: 'unitd' uses 32-bit capabilities (legacy support in use)
This commit is contained in:
Tiago Natel de Moura
2019-12-16 17:12:09 +00:00
parent 96a9a790a0
commit eced72ba25
1 changed files with 11 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
src/nxt_capability.c
View File

@@ -10,6 +10,16 @@
#include <linux/capability.h>
#include <sys/syscall.h>
#if (_LINUX_CAPABILITY_VERSION_3)
#define NXT_CAPABILITY_VERSION _LINUX_CAPABILITY_VERSION_3
#elif (_LINUX_CAPABILITY_VERSION_2)
#define NXT_CAPABILITY_VERSION _LINUX_CAPABILITY_VERSION_2
#else
#define NXT_CAPABILITY_VERSION _LINUX_CAPABILITY_VERSION
#endif
#define nxt_capget(hdrp, datap) \
syscall(SYS_capget, hdrp, datap)
#define nxt_capset(hdrp, datap) \
@@ -43,7 +53,7 @@ nxt_capability_linux_get_version()
{
struct __user_cap_header_struct hdr;
hdr.version = _LINUX_CAPABILITY_VERSION;
hdr.version = NXT_CAPABILITY_VERSION;
hdr.pid = nxt_pid;
nxt_capget(&hdr, NULL);