mirror of
https://github.com/containers/youki
synced 2024-11-23 01:11:58 +01:00
3151278420
For a number of reasons, platforms can choose to block clone3 and force return ENOSYS. We implement a clone fallback in the case that we can't use clone3. Also, clone3 has no libc wrapper at this point. The current implementation calls the kernel version of the syscall directly. There are undefined behaviors potentially when we create process bypassing the libc. However, we have not observed any issue with our tests. This is likely because `youki` runs short lived process and calls exec or exit in the end. Nonetheless, we should have a backup plan and this change is our way out in the case that we discover clone3 has issue as the default code path. Remove the use of the clone3 crate. We use `clone3` is a very specific way to create a process. We don't have to support the many other flags and usecases of the `clone3` call. So it is simpler for us to use the libc crate directly for the syscall. This avoids an extra dependency and reduces our binary size. Signed-off-by: yihuaf <yihuaf@unkies.org> |
||
|---|---|---|
| .. | ||
| libcgroups | ||
| libcontainer | ||
| liboci-cli | ||
| youki | ||
| .gitignore | ||