From 8e463f52d41903a7253002aabe24e9447c0c14ed Mon Sep 17 00:00:00 2001
From: Luca Bruno <lucab@debian.org>
Date: Sun, 19 Nov 2017 09:13:53 +0000
Subject: unistd: add execveat() on Linux and Android

This adds execveat() to `nix::unistd`. It uses the execveat(2) Linux
kernel syscall, which is available since 3.19.
This is a Linux-specific extension which is not covered by POSIX and
does not have any userland libc wrapper.

Ref: http://man7.org/linux/man-pages/man2/execveat.2.html
---
 CHANGELOG.md        |  2 ++
 src/unistd.rs       | 25 +++++++++++++++++++++++++
 test/test_unistd.rs | 25 +++++++++++++++++++++++--
 3 files changed, 50 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 8f906b6b..3e3994c8 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -43,6 +43,8 @@ This project adheres to [Semantic Versioning](http://semver.org/).
 - Added `nix::unistd::{getgroups, setgroups, getgrouplist, initgroups}`. ([#733](https://github.com/nix-rust/nix/pull/733))
 - Added `nix::sys::socket::UnixAddr::as_abstract` on Linux and Android.
   ([#785](https://github.com/nix-rust/nix/pull/785))
+- Added `nix::unistd::execveat` on Linux and Android.
+  ([#800](https://github.com/nix-rust/nix/pull/800))
 
 ### Changed
 - Renamed existing `ptrace` wrappers to encourage namespacing ([#692](https://github.com/nix-rust/nix/pull/692))
diff --git a/src/unistd.rs b/src/unistd.rs
index dc0d5d07..52dfbb70 100644
--- a/src/unistd.rs
+++ b/src/unistd.rs
@@ -644,6 +644,31 @@ pub fn fexecve(fd: RawFd, args: &[CString], env: &[CString]) -> Result<Void> {
     Err(Error::Sys(Errno::last()))
 }
 
+/// Execute program relative to a directory file descriptor (see
+/// [execveat(2)](http://man7.org/linux/man-pages/man2/execveat.2.html)).
+///
+/// The `execveat` function allows for another process to be "called" which will
+/// replace the current process image.  That is, this process becomes the new
+/// command that is run. On success, this function will not return. Instead,
+/// the new program will run until it exits.
+///
+/// This function is similar to `execve`, except that the program to be executed
+/// is referenced as a file descriptor to the base directory plus a path.
+#[cfg(any(target_os = "android", target_os = "linux"))]
+#[inline]
+pub fn execveat(dirfd: RawFd, pathname: &CString, args: &[CString],
+                env: &[CString], flags: super::fcntl::AtFlags) -> Result<Void> {
+    let args_p = to_exec_array(args);
+    let env_p = to_exec_array(env);
+
+    unsafe {
+        libc::syscall(libc::SYS_execveat, dirfd, pathname.as_ptr(),
+                      args_p.as_ptr(), env_p.as_ptr(), flags);
+    };
+
+    Err(Error::Sys(Errno::last()))
+}
+
 /// Daemonize this process by detaching from the controlling terminal (see
 /// [daemon(3)](http://man7.org/linux/man-pages/man3/daemon.3.html)).
 ///
diff --git a/test/test_unistd.rs b/test/test_unistd.rs
index 672cbb9c..442c5921 100644
--- a/test/test_unistd.rs
+++ b/test/test_unistd.rs
@@ -1,5 +1,6 @@
 extern crate tempdir;
 
+use nix::fcntl;
 use nix::unistd::*;
 use nix::unistd::ForkResult::*;
 use nix::sys::wait::*;
@@ -190,7 +191,7 @@ fn test_initgroups() {
 }
 
 macro_rules! execve_test_factory(
-    ($test_name:ident, $syscall:ident, $exe: expr) => (
+    ($test_name:ident, $syscall:ident, $exe: expr $(, $pathname:expr, $flags:expr)*) => (
     #[test]
     fn $test_name() {
         #[allow(unused_variables)]
@@ -211,12 +212,14 @@ macro_rules! execve_test_factory(
                 // exec!
                 $syscall(
                     $exe,
+                    $(&CString::new($pathname).unwrap(), )*
                     &[CString::new(b"".as_ref()).unwrap(),
                       CString::new(b"-c".as_ref()).unwrap(),
                       CString::new(b"echo nix!!! && echo foo=$foo && echo baz=$baz"
                                    .as_ref()).unwrap()],
                     &[CString::new(b"foo=bar".as_ref()).unwrap(),
-                      CString::new(b"baz=quux".as_ref()).unwrap()]).unwrap();
+                      CString::new(b"baz=quux".as_ref()).unwrap()]
+                    $(, $flags)*).unwrap();
             },
             Parent { child } => {
                 // Wait for the child to exit.
@@ -252,6 +255,24 @@ cfg_if!{
     }
 }
 
+cfg_if!{
+    if #[cfg(target_os = "android")] {
+        execve_test_factory!(test_execveat_empty, execveat, File::open("/system/bin/sh").unwrap().into_raw_fd(),
+                             "", fcntl::AT_EMPTY_PATH);
+        execve_test_factory!(test_execveat_relative, execveat, File::open("/system/bin/").unwrap().into_raw_fd(),
+                             "./sh", fcntl::AtFlags::empty());
+        execve_test_factory!(test_execveat_absolute, execveat, File::open("/").unwrap().into_raw_fd(),
+                             "/system/bin/sh", fcntl::AtFlags::empty());
+    } else if #[cfg(all(target_os = "linux"), any(target_arch ="x86_64", target_arch ="x86"))] {
+        execve_test_factory!(test_execveat_empty, execveat, File::open("/bin/sh").unwrap().into_raw_fd(),
+                             "", fcntl::AT_EMPTY_PATH);
+        execve_test_factory!(test_execveat_relative, execveat, File::open("/bin/").unwrap().into_raw_fd(),
+                             "./sh", fcntl::AtFlags::empty());
+        execve_test_factory!(test_execveat_absolute, execveat, File::open("/").unwrap().into_raw_fd(),
+                             "/bin/sh", fcntl::AtFlags::empty());
+    }
+}
+
 #[test]
 fn test_fchdir() {
     // fchdir changes the process's cwd
-- 
cgit v1.2.3