rune/libenclave: Fix duplications of staging fds

It was intended to have fds without close-on-exec with the side effect of dup(), but acutally all fds staged are already close-on-exec clear. Thus dup() makes extra duplications of fds passed to init-runelet. Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>

rune/libenclave: Fix duplications of staging fds
It was intended to have fds without close-on-exec with the side effect of dup(), but acutally all fds staged are already close-on-exec clear. Thus dup() makes extra duplications of fds passed to init-runelet. Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>
cae9a39b · jia zhang · addc406d · cae9a39b
隐藏空白更改
内联并排

Showing with 7 addition and 13 deletion

rune/libenclave/utils.go rune/libenclave/utils.go +7 -13

未找到文件。
--- a/rune/libenclave/utils.go
+++ b/rune/libenclave/utils.go
@@ -12,6 +12,7 @@ import (
 	"net"
 	"os"
 	"strconv"
+	"syscall"
 	"time"
 	"unsafe"
 )
@@ -47,24 +48,17 @@ func stageFd(env string, f interface{}) (err error) {
 		return fmt.Errorf("unsupported type of environment variable %s", env)
 	}
-	// We make full use of one important side effect of Dup(): The
+	flags, err := unix.FcntlInt(uintptr(fd), syscall.F_GETFD, 0)
-	// close-on-exec flag for the duplicate fd is off. Using fnctl()
-	// can also clear close-on-exec flag but it is too OS specific.
-	//
-	//   flags, err := unix.FcntlInt(uintptr(fd), syscall.F_GETFD, 0)
-	//   if flags & syscall.FD_CLOEXEC == syscall.FD_CLOEXEC {
-	//       flags &^= syscall.FD_CLOEXEC
-	//       unix.FcntlInt(uintptr(fd), syscall.F_SETFD, flags)
-	//   }
-	fd, err = unix.Dup(fd)
 	if err != nil {
 		return err
 	}
-	defer func() {
+	if flags&syscall.FD_CLOEXEC == syscall.FD_CLOEXEC {
+		flags &^= syscall.FD_CLOEXEC
+		_, err := unix.FcntlInt(uintptr(fd), syscall.F_SETFD, flags)
 		if err != nil {
-			unix.Close(fd)
+			return err
 		}
-	}()
+	}
 	err = os.Setenv(env, strconv.Itoa(fd))
 	if err != nil {