From 584b8688d18244a40a57160627580ab33ff976a3 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 1 Aug 2017 10:51:18 +0200
Subject: [PATCH] execute: also fold the cgroup delegate bit into ExecFlags

---
 src/core/execute.c |  2 +-
 src/core/execute.h | 10 +++++-----
 src/core/mount.c   |  2 +-
 src/core/service.c |  3 ++-
 src/core/socket.c  |  3 ++-
 src/core/swap.c    |  2 +-
 6 files changed, 12 insertions(+), 10 deletions(-)

diff --git a/src/core/execute.c b/src/core/execute.c
index 9498ebe098..194fb4b4c0 100644
--- a/src/core/execute.c
+++ b/src/core/execute.c
@@ -2589,7 +2589,7 @@ static int exec_child(
         /* If delegation is enabled we'll pass ownership of the cgroup
          * (but only in systemd's own controller hierarchy!) to the
          * user of the new process. */
-        if (params->cgroup_path && context->user && params->cgroup_delegate) {
+        if (params->cgroup_path && context->user && (params->flags & EXEC_CGROUP_DELEGATE)) {
                 r = cg_set_task_access(SYSTEMD_CGROUP_CONTROLLER, params->cgroup_path, 0644, uid, gid);
                 if (r < 0) {
                         *exit_status = EXIT_CGROUP;
diff --git a/src/core/execute.h b/src/core/execute.h
index 14a3bdde1f..69cb0e5646 100644
--- a/src/core/execute.h
+++ b/src/core/execute.h
@@ -262,12 +262,13 @@ typedef enum ExecFlags {
         EXEC_PASS_LOG_UNIT     = 1U << 4, /* Whether to pass the unit name to the service's journal stream connection */
         EXEC_CHOWN_DIRECTORIES = 1U << 5, /* chown() the runtime/state/cache/log directories to the user we run as, under all conditions */
         EXEC_NSS_BYPASS_BUS    = 1U << 6, /* Set the SYSTEMD_NSS_BYPASS_BUS environment variable, to disable nss-systemd for dbus */
+        EXEC_CGROUP_DELEGATE   = 1U << 7,
 
         /* The following are not used by execute.c, but by consumers internally */
-        EXEC_PASS_FDS          = 1U << 7,
-        EXEC_IS_CONTROL        = 1U << 8,
-        EXEC_SETENV_RESULT     = 1U << 9,
-        EXEC_SET_WATCHDOG      = 1U << 10,
+        EXEC_PASS_FDS          = 1U << 8,
+        EXEC_IS_CONTROL        = 1U << 9,
+        EXEC_SETENV_RESULT     = 1U << 10,
+        EXEC_SET_WATCHDOG      = 1U << 11,
 } ExecFlags;
 
 struct ExecParameters {
@@ -282,7 +283,6 @@ struct ExecParameters {
         ExecFlags flags;
         bool selinux_context_net:1;
 
-        bool cgroup_delegate:1;
         CGroupMask cgroup_supported;
         const char *cgroup_path;
 
diff --git a/src/core/mount.c b/src/core/mount.c
index 25f27909dd..0114efb648 100644
--- a/src/core/mount.c
+++ b/src/core/mount.c
@@ -775,7 +775,7 @@ static int mount_spawn(Mount *m, ExecCommand *c, pid_t *_pid) {
                 return r;
 
         exec_params.cgroup_path = UNIT(m)->cgroup_path;
-        exec_params.cgroup_delegate = m->cgroup_context.delegate;
+        SET_FLAG(exec_params.flags, EXEC_CGROUP_DELEGATE, m->cgroup_context.delegate);
 
         r = exec_spawn(UNIT(m),
                        c,
diff --git a/src/core/service.c b/src/core/service.c
index 01cc0a5d2a..c35a41bbe0 100644
--- a/src/core/service.c
+++ b/src/core/service.c
@@ -1365,6 +1365,8 @@ static int service_spawn(
         SET_FLAG(exec_params.flags, EXEC_NSS_BYPASS_BUS,
                  MANAGER_IS_SYSTEM(UNIT(s)->manager) && unit_has_name(UNIT(s), SPECIAL_DBUS_SERVICE));
 
+        SET_FLAG(exec_params.flags, EXEC_CGROUP_DELEGATE, s->cgroup_context.delegate);
+
         exec_params.argv = c->argv;
         exec_params.environment = final_env;
         exec_params.fds = fds;
@@ -1372,7 +1374,6 @@ static int service_spawn(
         exec_params.n_storage_fds = n_storage_fds;
         exec_params.n_socket_fds = n_socket_fds;
         exec_params.cgroup_path = path;
-        exec_params.cgroup_delegate = s->cgroup_context.delegate;
         exec_params.watchdog_usec = s->watchdog_usec;
         exec_params.selinux_context_net = s->socket_fd_selinux_context_net;
         if (s->type == SERVICE_IDLE)
diff --git a/src/core/socket.c b/src/core/socket.c
index 3ab92f72c3..871f09825c 100644
--- a/src/core/socket.c
+++ b/src/core/socket.c
@@ -1796,7 +1796,8 @@ static int socket_spawn(Socket *s, ExecCommand *c, pid_t *_pid) {
 
         exec_params.argv = c->argv;
         exec_params.cgroup_path = UNIT(s)->cgroup_path;
-        exec_params.cgroup_delegate = s->cgroup_context.delegate;
+
+        SET_FLAG(exec_params.flags, EXEC_CGROUP_DELEGATE, s->cgroup_context.delegate);
 
         r = exec_spawn(UNIT(s),
                        c,
diff --git a/src/core/swap.c b/src/core/swap.c
index e839c26141..7bea2e8505 100644
--- a/src/core/swap.c
+++ b/src/core/swap.c
@@ -641,7 +641,7 @@ static int swap_spawn(Swap *s, ExecCommand *c, pid_t *_pid) {
                 goto fail;
 
         exec_params.cgroup_path = UNIT(s)->cgroup_path;
-        exec_params.cgroup_delegate = s->cgroup_context.delegate;
+        SET_FLAG(exec_params.flags, EXEC_CGROUP_DELEGATE, s->cgroup_context.delegate);
 
         r = exec_spawn(UNIT(s),
                        c,