pid_t spawn(const char *path, int path_len, char *const argv[], int argv_len, char *const envp[], int envp_len, uint64_t *caps);
This syscall spawns a child process in a way similar to what a
clone+exec could be used for, but more efficiently, given it
doesn’t need to copy the address space just to overwrite it.
File descriptors are copied and treated the same way a fork followed
by an exec call would. That is, FD_CLOEXEC FDs are closed, and
FD_CLOFORK FDs are not carried over.
The argument caps, if not NULL, points to a capability set in
the same format as mac_capabilities. This can be useful for deescalating
capabilities in the same convenient way as a call to mac_capabilities in
between clone and exec could.
The syscall returns the created PID on success and 0 on failure, with
the errno codes being:
EAGAIN: The system could not create the process right now.
EFAULT: One or more of the passed arguments point to invalid memory.
EACCES: MAC disallowed this.