From 081091c56488de5b4e63df3f4d7e9f1e39d9ed6c Mon Sep 17 00:00:00 2001
From: Kir Kolyshkin <kolyshkin@gmail.com>
Date: Wed, 15 Jan 2025 19:58:13 -0800
Subject: [PATCH] setupIO: optimize

The rootuid and rootgid are only needed when detach and createTTY are
both false. We also call c.Config() twice, every time creating a copy
of struct Config.

Solve both issues by passing container pointer to setupIO, and get
rootuid/rootgid only when we need those.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
---
 utils_linux.go | 23 +++++++++++++----------
 1 file changed, 13 insertions(+), 10 deletions(-)

diff --git a/utils_linux.go b/utils_linux.go
index eef78ea3845..0cac09f5924 100644
--- a/utils_linux.go
+++ b/utils_linux.go
@@ -86,7 +86,7 @@ func newProcess(p specs.Process) (*libcontainer.Process, error) {
 }
 
 // setupIO modifies the given process config according to the options.
-func setupIO(process *libcontainer.Process, rootuid, rootgid int, createTTY, detach bool, sockpath string) (*tty, error) {
+func setupIO(process *libcontainer.Process, container *libcontainer.Container, createTTY, detach bool, sockpath string) (*tty, error) {
 	if createTTY {
 		process.Stdin = nil
 		process.Stdout = nil
@@ -132,6 +132,17 @@ func setupIO(process *libcontainer.Process, rootuid, rootgid int, createTTY, det
 		inheritStdio(process)
 		return &tty{}, nil
 	}
+
+	config := container.Config()
+	rootuid, err := config.HostRootUID()
+	if err != nil {
+		return nil, err
+	}
+	rootgid, err := config.HostRootGID()
+	if err != nil {
+		return nil, err
+	}
+
 	return setupProcessPipes(process, rootuid, rootgid)
 }
 
@@ -229,20 +240,12 @@ func (r *runner) run(config *specs.Process) (int, error) {
 		}
 		process.ExtraFiles = append(process.ExtraFiles, os.NewFile(uintptr(i), "PreserveFD:"+strconv.Itoa(i)))
 	}
-	rootuid, err := r.container.Config().HostRootUID()
-	if err != nil {
-		return -1, err
-	}
-	rootgid, err := r.container.Config().HostRootGID()
-	if err != nil {
-		return -1, err
-	}
 	detach := r.detach || (r.action == CT_ACT_CREATE)
 	// Setting up IO is a two stage process. We need to modify process to deal
 	// with detaching containers, and then we get a tty after the container has
 	// started.
 	handler := newSignalHandler(r.enableSubreaper, r.notifySocket)
-	tty, err := setupIO(process, rootuid, rootgid, config.Terminal, detach, r.consoleSocket)
+	tty, err := setupIO(process, r.container, config.Terminal, detach, r.consoleSocket)
 	if err != nil {
 		return -1, err
 	}