Add clone3 and statx syscalls

[MasloMaslane]

Closes #39

[Wolf480pl]

uhh... just checked what the args of clone3 are, and

long syscall(SYS_clone3, struct clone_args *cl_args, size_t size);

which translates to

clone3(struct clone_args *cl_args, size_t size);

Arg(0) is a pointer to a struct with all the stuff that'd normally go into clone args
Arg(1) is the size of that struct
Arg(2) is not a thing

So our check for CLONE_VM flag won't work correctly.

I don't think we can support clone3. Unless the kernel and libseccomp have some nice way of getting at the parameters in the struct, I think we should just ENOSYS this one too.

[MasloMaslane]

I added ENOSYS for clone3, but now this test is failing:

1: ======================================================================
1: ERROR: test_1_sec_program_threads_1 (testsuits.test_times.TestReportedTimes)
1: ----------------------------------------------------------------------
1: Traceback (most recent call last):
1:   File "/sio2jail/test/testsuits/test_times.py", line 24, in test_1_sec_program_threads_1
1:     self.assertAlmostEqual(result.time, 1.0)
1:   File "/usr/local/lib/python3.9/unittest/case.py", line 868, in assertAlmostEqual
1:     diff = abs(first - second)
1: TypeError: unsupported operand type(s) for -: 'NoneType' and 'float'
1: -------------------- >> begin captured stdout << ---------------------
1: running:
1: /sio2jail/build/./src/sio2jail -b /sio2jail/build/./boxes/./minimal/:/:ro -t 1 -m 1G /sio2jail/build/./test/src/1-sec-prog-th flat 1
1:
1: result: 2
1:
1: stdout:
1:
1: stderr:
1: Exception occurred: System error occured: ptrace setopts child failed: No such process: error 3: No such process
1:
1:
1: --------------------- >> end captured stdout << ----------------------
1:
1: ----------------------------------------------------------------------
1: Ran 14 tests in 1.575s
1:
1: FAILED (errors=1)
1/1 Test #1: python ...........................***Failed    1.75 sec

When clone3 is allowed, this test passes

[Wolf480pl]

ok, I think I know why this happens.

TraceExecutor gets clone events here

sio2jail/src/tracer/TraceExecutor.cc

Lines 94 to 95 in 8e65e31

	if (executeEvent.signal == (SIGTRAP | (PTRACE_EVENT_CLONE << 8))) {
	action = std::max(action, onEventClone(event, tracee));

not due to seccomp traps, but due to PTRACE_O_TRACECLONE.

It then tries to get child's pid, and set up ptrace of the child too:

sio2jail/src/tracer/TraceExecutor.cc

Lines 137 to 156 in 8e65e31

	TraceAction TraceExecutor::onEventClone(
	const TraceEvent& event,
	Tracee& tracee) {
	pid_t traceeChildPid{-1};
	withErrnoCheck(
	"ptrace get child pid",
	ptrace,
	PTRACE_GETEVENTMSG,
	event.executeEvent.pid,
	nullptr,
	&traceeChildPid);
	logger::debug(VAR(event.executeEvent.pid), VAR(traceeChildPid));
	withErrnoCheck(
	"ptrace setopts child",
	ptrace,
	PTRACE_SETOPTIONS,
	traceeChildPid,
	nullptr,
	PTRACE_OPTIONS);

I suspect this triggers even if the a clone (in this case clone3) fails, and TraceExecutor doesn't check for that.

Maybe ptrace has some way to get the clone's error code, so that we can check if it succeeded.
If there's no way to do that, I guess we can just catch the ESRCH returned by PTRACE_SETOPTIONS, assume clone failed and move on, so that the process can retry with the old clone instead of clone3.

[MasloMaslane]

I also added fstatat64, because tests were failing. From what I read it's safe to add

[MasloMaslane]

We can't merge this, the tests are currently failing

[Wolf480pl]

oh, that's weird

[Wolf480pl]

ok, looks like it failed when trying to trace the cloned thread, see comment in diff