Quoting Cedric Le Goater (clg@xxxxxxxxxx): > to be more precise : > > long sys_clone_something(struct clone_something_args args) > > and > > long sys_unshare_something(struct unshare_something_args args) > > The arg passing will be slower bc of the copy_from_user() but we will > still have the sys_clone syscall for the fast path. > > C. I'm fine with the direction you're going, but just as one more option, we could follow more of the selinux/lsm approach of first requesting clone/unshare options, then doing the actual clone/unshare. So something like sys_clone_request(extended_64bit_clone_flags) sys_clone(usual args) or echo pid,mqueue,user,ipc,uts,net > /proc/self/clone_unshare clone() -serge _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers