fix(vault): maybe fix netpollBreak issues

- Updated the flake.lock for nixsgx dependency with new revision to get a patched gramine matter-labs/nixsgx#54 - Enabled `sys.insecure__allow_eventfd` to support recent golang changes in the `netpoll` implementation
matter-labs · Aug 8, 2024 · 33fe7f1 · 33fe7f1
1 parent 49fb234
commit 33fe7f1
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 3 deletions.
diff --git a/flake.lock b/flake.lock
diff --git a/packages/container-vault-sgx-azure/default.nix b/packages/container-vault-sgx-azure/default.nix
@@ -84,6 +84,11 @@ nixsgxLib.mkSGXContainer {
     sys.stack.size = "16M";
     # vault needs flock
     sys.experimental__enable_flock = true;
+
+    # recent golang switched to eventfd for netpoll
+    # https://github.com/golang/go/commit/d068c2cb620c1daeedc8b9cce488af45a6c2c889
+    # enable it to mitigate surprises for golang >= 1.23
+    sys.insecure__allow_eventfd = true;
   };
 }