1
0
mirror of https://github.com/systemd/systemd.git synced 2025-01-05 13:18:06 +03:00

meson: add option for fexecve use

There are downsides to using fexecve:

when fexecve is used (for normal executables), /proc/pid/status shows Name: 3,
which means that ps -C foobar doesn't work. pidof works, because it checks
/proc/self/cmdline. /proc/self/exe also shows the correct link, but requires
privileges to read. /proc/self/comm also shows "3".

I think this can be considered a kernel deficiency: when O_CLOEXEC is used, this
"3" is completely meaningless. It could be any number. The kernel should use
argv[0] instead, which at least has *some* meaning.

I think the approach with fexecve/execveat is instersting, so let's provide it
as opt-in.
This commit is contained in:
Zbigniew Jędrzejewski-Szmek 2020-11-06 15:01:13 +01:00
parent 3f51bbff55
commit ceedbf8185
3 changed files with 7 additions and 1 deletions

View File

@ -215,6 +215,7 @@ conf.set_quoted('SYSTEM_SYSVRCND_PATH', sysvrcnd_path)
conf.set_quoted('RC_LOCAL_PATH', get_option('rc-local')) conf.set_quoted('RC_LOCAL_PATH', get_option('rc-local'))
conf.set('ANSI_OK_COLOR', 'ANSI_' + get_option('ok-color').underscorify().to_upper()) conf.set('ANSI_OK_COLOR', 'ANSI_' + get_option('ok-color').underscorify().to_upper())
conf.set10('ENABLE_FEXECVE', get_option('fexecve'))
conf.set_quoted('USER_CONFIG_UNIT_DIR', join_paths(pkgsysconfdir, 'user')) conf.set_quoted('USER_CONFIG_UNIT_DIR', join_paths(pkgsysconfdir, 'user'))
conf.set_quoted('USER_DATA_UNIT_DIR', userunitdir) conf.set_quoted('USER_DATA_UNIT_DIR', userunitdir)
@ -3787,6 +3788,7 @@ foreach tuple : [
['link-timesyncd-shared', get_option('link-timesyncd-shared')], ['link-timesyncd-shared', get_option('link-timesyncd-shared')],
['kernel-install', get_option('kernel-install')], ['kernel-install', get_option('kernel-install')],
['systemd-analyze', conf.get('ENABLE_ANALYZE') == 1], ['systemd-analyze', conf.get('ENABLE_ANALYZE') == 1],
['fexecve'],
] ]
if tuple.length() >= 2 if tuple.length() >= 2

View File

@ -371,13 +371,15 @@ option('fuzz-tests', type : 'boolean', value : 'false',
option('install-tests', type : 'boolean', value : 'false', option('install-tests', type : 'boolean', value : 'false',
description : 'install test executables') description : 'install test executables')
option('ok-color', type: 'combo', option('ok-color', type : 'combo',
choices : ['black', 'red', 'green', 'yellow', 'blue', 'magenta', 'cyan', choices : ['black', 'red', 'green', 'yellow', 'blue', 'magenta', 'cyan',
'white', 'highlight-black', 'highlight-red', 'highlight-green', 'white', 'highlight-black', 'highlight-red', 'highlight-green',
'highlight-yellow', 'highlight-blue', 'highlight-magenta', 'highlight-yellow', 'highlight-blue', 'highlight-magenta',
'highlight-cyan', 'highlight-white'], 'highlight-cyan', 'highlight-white'],
value : 'green', value : 'green',
description: 'color of the "OK" status message') description: 'color of the "OK" status message')
option('fexecve', type : 'boolean', value : 'false',
description : 'use fexecve() to spawn children')
option('oss-fuzz', type : 'boolean', value : 'false', option('oss-fuzz', type : 'boolean', value : 'false',
description : 'build against oss-fuzz') description : 'build against oss-fuzz')

View File

@ -447,6 +447,7 @@ ExecCommandFlags exec_command_flags_from_string(const char *s) {
} }
int fexecve_or_execve(int executable_fd, const char *executable, char *const argv[], char *const envp[]) { int fexecve_or_execve(int executable_fd, const char *executable, char *const argv[], char *const envp[]) {
#if ENABLE_FEXECVE
execveat(executable_fd, "", argv, envp, AT_EMPTY_PATH); execveat(executable_fd, "", argv, envp, AT_EMPTY_PATH);
if (IN_SET(errno, ENOSYS, ENOENT) || ERRNO_IS_PRIVILEGE(errno)) if (IN_SET(errno, ENOSYS, ENOENT) || ERRNO_IS_PRIVILEGE(errno))
@ -463,6 +464,7 @@ int fexecve_or_execve(int executable_fd, const char *executable, char *const arg
* least in case of bash) the script name, $0, will be shown as /dev/fd/nnn, which breaks * least in case of bash) the script name, $0, will be shown as /dev/fd/nnn, which breaks
* scripts which make use of $0. Thus, let's fall back to execve() in this case. * scripts which make use of $0. Thus, let's fall back to execve() in this case.
*/ */
#endif
execve(executable, argv, envp); execve(executable, argv, envp);
return -errno; return -errno;
} }