feat(systemd): enable support for systemd compiled with ASAN

When systemd is compiled with ASAN library to troubleshoot memory issues
within systemd code, the libasan library expects to have /proc be
available as soon as systemd starts, which isn't the case currently,
causing an assertion to fail, systemd to crash and kernel to panic:

==1==AddressSanitizer CHECK failed: ../../../../libsanitizer/sanitizer_common/sanitizer_procmaps_common.cc:75 "((data_.proc_self_maps.len)) > ((0))" (0x0, 0x0)
    <empty stack>

X.XXXXXXX Kernel panic - not syncing: Attempted to kill init! exitcode=0x00000100
[...]

diff --git a/modules.d/00systemd/module-setup.sh b/modules.d/00systemd/module-setup.sh
index 0a61d430fe14cf07a075474256aea661136f92e4..433e475851564401e4d66738627a519555a53db7 100755 (executable)
--- a/modules.d/00systemd/module-setup.sh
+++ b/modules.d/00systemd/module-setup.sh
@@ -213,8 +213,23 @@ install() {
         grep '^systemd-network:' "$dracutsysrootdir"/etc/group 2> /dev/null
     } >> "$initdir/etc/group"
 
-    ln_r "$systemdutildir"/systemd "/init"
-    ln_r "$systemdutildir"/systemd "/sbin/init"
+    local _systemdbinary="$systemdutildir"/systemd
+
+    if ldd "$_systemdbinary" | grep -qw libasan; then
+        local _wrapper="$systemdutildir"/systemd-asan-wrapper
+        cat > "$initdir"/"$_wrapper" << EOF
+#!/bin/sh
+mount -t proc -o nosuid,nodev,noexec proc /proc
+exec $_systemdbinary
+EOF
+        chmod 755 "$initdir"/"$_wrapper"
+        _systemdbinary="$_wrapper"
+        unset _wrapper
+    fi
+    ln_r "$_systemdbinary" "/init"
+    ln_r "$_systemdbinary" "/sbin/init"
+
+    unset _systemdbinary
 
     inst_binary true
     ln_r "$(find_binary true)" "/usr/bin/loginctl"