1 // Copyright 2014 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "base/files/scoped_file.h" 6 7 #include "base/logging.h" 8 #include "util/build_config.h" 9 10 #if defined(OS_POSIX) || defined(OS_FUCHSIA) 11 #include <errno.h> 12 #include <unistd.h> 13 14 #include "base/posix/eintr_wrapper.h" 15 #endif 16 17 namespace base { 18 namespace internal { 19 20 #if defined(OS_POSIX) || defined(OS_FUCHSIA) 21 22 // static Free(int fd)23void ScopedFDCloseTraits::Free(int fd) { 24 // It's important to crash here. 25 // There are security implications to not closing a file descriptor 26 // properly. As file descriptors are "capabilities", keeping them open 27 // would make the current process keep access to a resource. Much of 28 // Chrome relies on being able to "drop" such access. 29 // It's especially problematic on Linux with the setuid sandbox, where 30 // a single open directory would bypass the entire security model. 31 int ret = IGNORE_EINTR(close(fd)); 32 33 #if defined(OS_LINUX) || defined(OS_MACOSX) || defined(OS_FUCHSIA) || \ 34 defined(OS_ANDROID) || defined(OS_BSD) 35 // NB: Some file descriptors can return errors from close() e.g. network 36 // filesystems such as NFS and Linux input devices. On Linux, macOS, and 37 // Fuchsia's POSIX layer, errors from close other than EBADF do not indicate 38 // failure to actually close the fd. 39 if (ret != 0 && errno != EBADF) 40 ret = 0; 41 #endif 42 43 PCHECK(0 == ret); 44 } 45 46 #endif // OS_POSIX || OS_FUCHSIA 47 48 } // namespace internal 49 } // namespace base 50