From ceedbf8185fc7593366679f02d31da63af8c4bd1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Fri, 6 Nov 2020 15:01:13 +0100 Subject: [PATCH] meson: add option for fexecve use There are downsides to using fexecve: when fexecve is used (for normal executables), /proc/pid/status shows Name: 3, which means that ps -C foobar doesn't work. pidof works, because it checks /proc/self/cmdline. /proc/self/exe also shows the correct link, but requires privileges to read. /proc/self/comm also shows "3". I think this can be considered a kernel deficiency: when O_CLOEXEC is used, this "3" is completely meaningless. It could be any number. The kernel should use argv[0] instead, which at least has *some* meaning. I think the approach with fexecve/execveat is instersting, so let's provide it as opt-in. --- meson.build | 2 ++ meson_options.txt | 4 +++- src/shared/exec-util.c | 2 ++ 3 files changed, 7 insertions(+), 1 deletion(-) diff --git a/meson.build b/meson.build index 68ead1f849f..a800959ba93 100644 --- a/meson.build +++ b/meson.build @@ -215,6 +215,7 @@ conf.set_quoted('SYSTEM_SYSVRCND_PATH', sysvrcnd_path) conf.set_quoted('RC_LOCAL_PATH', get_option('rc-local')) conf.set('ANSI_OK_COLOR', 'ANSI_' + get_option('ok-color').underscorify().to_upper()) +conf.set10('ENABLE_FEXECVE', get_option('fexecve')) conf.set_quoted('USER_CONFIG_UNIT_DIR', join_paths(pkgsysconfdir, 'user')) conf.set_quoted('USER_DATA_UNIT_DIR', userunitdir) @@ -3787,6 +3788,7 @@ foreach tuple : [ ['link-timesyncd-shared', get_option('link-timesyncd-shared')], ['kernel-install', get_option('kernel-install')], ['systemd-analyze', conf.get('ENABLE_ANALYZE') == 1], + ['fexecve'], ] if tuple.length() >= 2 diff --git a/meson_options.txt b/meson_options.txt index d5ce647ae6e..9d14eca7f97 100644 --- a/meson_options.txt +++ b/meson_options.txt @@ -371,13 +371,15 @@ option('fuzz-tests', type : 'boolean', value : 'false', option('install-tests', type : 'boolean', value : 'false', description : 'install test executables') -option('ok-color', type: 'combo', +option('ok-color', type : 'combo', choices : ['black', 'red', 'green', 'yellow', 'blue', 'magenta', 'cyan', 'white', 'highlight-black', 'highlight-red', 'highlight-green', 'highlight-yellow', 'highlight-blue', 'highlight-magenta', 'highlight-cyan', 'highlight-white'], value : 'green', description: 'color of the "OK" status message') +option('fexecve', type : 'boolean', value : 'false', + description : 'use fexecve() to spawn children') option('oss-fuzz', type : 'boolean', value : 'false', description : 'build against oss-fuzz') diff --git a/src/shared/exec-util.c b/src/shared/exec-util.c index e6f0af7dc2b..b7303f0aef6 100644 --- a/src/shared/exec-util.c +++ b/src/shared/exec-util.c @@ -447,6 +447,7 @@ ExecCommandFlags exec_command_flags_from_string(const char *s) { } int fexecve_or_execve(int executable_fd, const char *executable, char *const argv[], char *const envp[]) { +#if ENABLE_FEXECVE execveat(executable_fd, "", argv, envp, AT_EMPTY_PATH); if (IN_SET(errno, ENOSYS, ENOENT) || ERRNO_IS_PRIVILEGE(errno)) @@ -463,6 +464,7 @@ int fexecve_or_execve(int executable_fd, const char *executable, char *const arg * least in case of bash) the script name, $0, will be shown as /dev/fd/nnn, which breaks * scripts which make use of $0. Thus, let's fall back to execve() in this case. */ +#endif execve(executable, argv, envp); return -errno; }