Support ExecProcess in shim

[fuweid]

[PATCH 7] init exec_process support

Unlike runc-init, the exec process needs a runc-exec wrapper to be
subreaper so that the embedshim can use pidfd to watch the process's
exit event correctly.

Since there is no way to recover the exec process after containerd
restarted, this commit introduces new in-memory exitsnoop store to trace
the exec process, just in case that there is no leaky items in map.

And it is based release/1.5's exec_process code base. I make it to be
implementation of runtime.Process. Basically, we don't need to use shim
to wrap exec_process like init_process. I think in the future,
init_process will be up to the shim layer.

And one more thing, it is alpha version of exec :).

[PATCH 6] .github: align goversion with matrix

According to golangci-lint doc[1], the new version of golangci-lint
action will use actions/setup-go@v2 result. Otherwise, it will use
latest version of golang[2].

REF:

[1] https://github.com/golangci/golangci-lint-action
[2] https://github.com/golangci/golangci-lint-action/issues/435

[PATCH 5] cmd: add a runc-exec wrapper helper commandline

[PATCH 4] pkg/runcext: introduce process sync proto

[PATCH 3] pkg/pidfd: support pidfd_getfd

[PATCH 2] .github: update go to 1.17.x

[PATCH 1] pkg/pidfd: support waitid API

[PATCH 0] pkg/es: support store from non-pinned maps

Since the runC doesn't support check the exec-process's state in
current, if we trace the exec-process in the same BPF map with
container, the recover will be more complicated. And the runC-exec
doesn't support fork-execve two steps pattern like init, it is also hard
to recover it after restart containerd.

So, we need other exitsnoop.Store to trace the exec process's exit event.
The exitsnoop will be gone if containerd exits.

[fuweid]

OK. Alpha version !