binfmt_misc: add persistent opened binary handler for containers

This patch adds a new flag 'F' to the binfmt handlers.  If you pass in
'F' the binary that runs the emulation will be opened immediately and
in future, will be cloned from the open file.

The net effect is that the handler survives both changeroots and mount
namespace changes, making it easy to work with foreign architecture
containers without contaminating the container image with the

Signed-off-by: James Bottomley <>
Acked-by: Serge Hallyn <>
