tests/ui/command/command-create-pidfd.rs - toolchain/rustc - Git at Google

 // run-pass
 // only-linux - pidfds are a linux-specific concept

 #![feature(linux_pidfd)]
 #![feature(rustc_private)]

 extern crate libc;

 use std::io::Error;
 use std::os::linux::process::{ChildExt, CommandExt};
 use std::process::Command;

 fn has_clone3() -> bool {
     let res = unsafe { libc::syscall(libc::SYS_clone3, 0, 0) };
     let err = (res == -1)
         .then(|| Error::last_os_error())
         .expect("probe syscall should not succeed");

     // If the `clone3` syscall is not implemented in the current kernel version it should return an
     // `ENOSYS` error. Docker also blocks the whole syscall inside unprivileged containers, and
     // returns `EPERM` (instead of `ENOSYS`) when a program tries to invoke the syscall. Because of
     // that we need to check for *both* `ENOSYS` and `EPERM`.
     //
     // Note that Docker's behavior is breaking other projects (notably glibc), so they're planning
     // to update their filtering to return `ENOSYS` in a future release:
     //
     //     https://github.com/moby/moby/issues/42680
     //
     err.raw_os_error() != Some(libc::ENOSYS) && err.raw_os_error() != Some(libc::EPERM)
 }

 fn main() {
     // pidfds require the clone3 syscall
     if !has_clone3() {
         return;
     }

     // We don't assert the precise value, since the standard library
     // might have opened other file descriptors before our code runs.
     let _ = Command::new("echo")
         .create_pidfd(true)
         .spawn()
         .unwrap()
         .pidfd().expect("failed to obtain pidfd");

     let _ = Command::new("echo")
         .create_pidfd(false)
         .spawn()
         .unwrap()
         .pidfd().expect_err("pidfd should not have been created when create_pid(false) is set");

     let _ = Command::new("echo")
         .spawn()
         .unwrap()
         .pidfd().expect_err("pidfd should not have been created");
 }
	// run-pass
	// only-linux - pidfds are a linux-specific concept

	#![feature(linux_pidfd)]
	#![feature(rustc_private)]

	extern crate libc;

	use std::io::Error;
	use std::os::linux::process::{ChildExt, CommandExt};
	use std::process::Command;

	fn has_clone3() -> bool {
	let res = unsafe { libc::syscall(libc::SYS_clone3, 0, 0) };
	let err = (res == -1)
	.then(\|\| Error::last_os_error())
	.expect("probe syscall should not succeed");

	// If the `clone3` syscall is not implemented in the current kernel version it should return an
	// `ENOSYS` error. Docker also blocks the whole syscall inside unprivileged containers, and
	// returns `EPERM` (instead of `ENOSYS`) when a program tries to invoke the syscall. Because of
	// that we need to check for both `ENOSYS` and `EPERM`.
	//
	// Note that Docker's behavior is breaking other projects (notably glibc), so they're planning
	// to update their filtering to return `ENOSYS` in a future release:
	//
	// https://github.com/moby/moby/issues/42680
	//
	err.raw_os_error() != Some(libc::ENOSYS) && err.raw_os_error() != Some(libc::EPERM)
	}

	fn main() {
	// pidfds require the clone3 syscall
	if !has_clone3() {
	return;
	}

	// We don't assert the precise value, since the standard library
	// might have opened other file descriptors before our code runs.
	let _ = Command::new("echo")
	.create_pidfd(true)
	.spawn()
	.unwrap()
	.pidfd().expect("failed to obtain pidfd");

	let _ = Command::new("echo")
	.create_pidfd(false)
	.spawn()
	.unwrap()
	.pidfd().expect_err("pidfd should not have been created when create_pid(false) is set");

	let _ = Command::new("echo")
	.spawn()
	.unwrap()
	.pidfd().expect_err("pidfd should not have been created");
	}