github.com/psiphon-Labs/psiphon-tunnel-core@v2.0.28+incompatible/psiphon/common/tun/tun_unix.go (about) 1 //go:build darwin || linux 2 // +build darwin linux 3 4 /* 5 * Copyright (c) 2021, Psiphon Inc. 6 * All rights reserved. 7 * 8 * This program is free software: you can redistribute it and/or modify 9 * it under the terms of the GNU General Public License as published by 10 * the Free Software Foundation, either version 3 of the License, or 11 * (at your option) any later version. 12 * 13 * This program is distributed in the hope that it will be useful, 14 * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 * GNU General Public License for more details. 17 * 18 * You should have received a copy of the GNU General Public License 19 * along with this program. If not, see <http://www.gnu.org/licenses/>. 20 * 21 */ 22 23 package tun 24 25 import ( 26 "os" 27 "syscall" 28 29 "github.com/Psiphon-Labs/psiphon-tunnel-core/psiphon/common/errors" 30 "golang.org/x/sys/unix" 31 ) 32 33 // fileFromFD duplicates the file descriptor; sets O_CLOEXEC to avoid leaking 34 // to child processes; sets the mode to nonblocking; and creates a os.File 35 // using os.NewFile. 36 func fileFromFD(fd int, name string) (*os.File, error) { 37 38 // Prevent fork between duplicating fd and setting CLOEXEC 39 syscall.ForkLock.RLock() 40 defer syscall.ForkLock.RUnlock() 41 42 dupfd, err := unix.Dup(fd) 43 if err != nil { 44 return nil, errors.Trace(err) 45 } 46 47 // Set CLOEXEC so file descriptor not leaked to network config command 48 // subprocesses. 49 unix.CloseOnExec(dupfd) 50 51 err = unix.SetNonblock(dupfd, true) 52 if err != nil { 53 unix.Close(dupfd) 54 return nil, errors.Trace(err) 55 } 56 57 return os.NewFile(uintptr(dupfd), name), nil 58 }