From 66ee7c0e98a98d4046a23b85af42bc68b5ab6b13 Mon Sep 17 00:00:00 2001 From: Tiwei Bie Date: Tue, 1 Sep 2020 14:55:57 +0800 Subject: Dup stdio FDs for VFS2 when starting a child container Currently the stdio FDs are not dupped and will be closed unexpectedly in VFS2 when starting a child container. This patch fixes this issue. Fixes: #3821 Signed-off-by: Tiwei Bie --- runsc/boot/loader.go | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/runsc/boot/loader.go b/runsc/boot/loader.go index c3c754046..882cf270b 100644 --- a/runsc/boot/loader.go +++ b/runsc/boot/loader.go @@ -689,9 +689,18 @@ func (l *Loader) startContainer(spec *specs.Spec, conf *config.Config, cid strin return fmt.Errorf("creating new process: %v", err) } - // setupContainerFS() dups stdioFDs, so we don't need to dup them here. + // VFS1 dups stdioFDs, so we don't need to dup them here. VFS2 takes + // ownership of the passed FDs, and we need to dup them here. for _, f := range files[:3] { - info.stdioFDs = append(info.stdioFDs, int(f.Fd())) + if !kernel.VFS2Enabled { + info.stdioFDs = append(info.stdioFDs, int(f.Fd())) + } else { + fd, err := unix.Dup(int(f.Fd())) + if err != nil { + return fmt.Errorf("failed to dup file: %v", err) + } + info.stdioFDs = append(info.stdioFDs, fd) + } } // Can't take ownership away from os.File. dup them to get a new FDs. -- cgit v1.2.3