meson: add option for fexecve use

There are downsides to using fexecve:

when fexecve is used (for normal executables), /proc/pid/status shows Name: 3,
which means that ps -C foobar doesn't work. pidof works, because it checks
/proc/self/cmdline. /proc/self/exe also shows the correct link, but requires
privileges to read. /proc/self/comm also shows "3".

I think this can be considered a kernel deficiency: when O_CLOEXEC is used, this
"3" is completely meaningless. It could be any number. The kernel should use
argv[0] instead, which at least has *some* meaning.

I think the approach with fexecve/execveat is instersting, so let's provide it
as opt-in.

diff --git a/meson.build b/meson.build
index 68ead1f849fc59380345d80bf8d8fb7fcfee2165..a800959ba935d0fc463a755c67ed3b6248586f84 100644 (file)
--- a/meson.build
+++ b/meson.build
@@ -215,6 +215,7 @@ conf.set_quoted('SYSTEM_SYSVRCND_PATH',                       sysvrcnd_path)
 conf.set_quoted('RC_LOCAL_PATH',                              get_option('rc-local'))
 
 conf.set('ANSI_OK_COLOR',                                     'ANSI_' + get_option('ok-color').underscorify().to_upper())
+conf.set10('ENABLE_FEXECVE',                                  get_option('fexecve'))
 
 conf.set_quoted('USER_CONFIG_UNIT_DIR',                       join_paths(pkgsysconfdir, 'user'))
 conf.set_quoted('USER_DATA_UNIT_DIR',                         userunitdir)
@@ -3787,6 +3788,7 @@ foreach tuple : [
         ['link-timesyncd-shared', get_option('link-timesyncd-shared')],
         ['kernel-install',        get_option('kernel-install')],
         ['systemd-analyze',  conf.get('ENABLE_ANALYZE') == 1],
+        ['fexecve'],
 ]
 
         if tuple.length() >= 2

diff --git a/meson_options.txt b/meson_options.txt
index d5ce647ae6eb3d7a63a89093c36fc92cb3cc30e3..9d14eca7f97f64559d6e6f1d3306a0973aa76af3 100644 (file)
--- a/meson_options.txt
+++ b/meson_options.txt
@@ -371,13 +371,15 @@ option('fuzz-tests', type : 'boolean', value : 'false',
 option('install-tests', type : 'boolean', value : 'false',
        description : 'install test executables')
 
-option('ok-color', type: 'combo',
+option('ok-color', type : 'combo',
        choices : ['black', 'red', 'green', 'yellow', 'blue', 'magenta', 'cyan',
                   'white', 'highlight-black', 'highlight-red', 'highlight-green',
                   'highlight-yellow', 'highlight-blue', 'highlight-magenta',
                   'highlight-cyan', 'highlight-white'],
        value : 'green',
        description: 'color of the "OK" status message')
+option('fexecve', type : 'boolean', value : 'false',
+       description : 'use fexecve() to spawn children')
 
 option('oss-fuzz', type : 'boolean', value : 'false',
        description : 'build against oss-fuzz')

diff --git a/src/shared/exec-util.c b/src/shared/exec-util.c
index e6f0af7dc2bdac4e50f8350e4f410419c52b58f2..b7303f0aef6f563a8f8f255f8632ed6e6b82262b 100644 (file)
--- a/src/shared/exec-util.c
+++ b/src/shared/exec-util.c
@@ -447,6 +447,7 @@ ExecCommandFlags exec_command_flags_from_string(const char *s) {
 }
 
 int fexecve_or_execve(int executable_fd, const char *executable, char *const argv[], char *const envp[]) {
+#if ENABLE_FEXECVE
         execveat(executable_fd, "", argv, envp, AT_EMPTY_PATH);
 
         if (IN_SET(errno, ENOSYS, ENOENT) || ERRNO_IS_PRIVILEGE(errno))
@@ -463,6 +464,7 @@ int fexecve_or_execve(int executable_fd, const char *executable, char *const arg
                  * least in case of bash) the script name, $0, will be shown as /dev/fd/nnn, which breaks
                  * scripts which make use of $0. Thus, let's fall back to execve() in this case.
                  */
+#endif
                 execve(executable, argv, envp);
         return -errno;
 }