• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #include "base/files/scoped_file.h"
6 
7 #include "base/logging.h"
8 #include "build/build_config.h"
9 
10 #if defined(OS_POSIX)
11 #include <errno.h>
12 #include <unistd.h>
13 
14 #include "base/debug/alias.h"
15 #include "base/posix/eintr_wrapper.h"
16 #endif
17 
18 namespace base {
19 namespace internal {
20 
21 #if defined(OS_POSIX)
22 
23 // static
Free(int fd)24 void ScopedFDCloseTraits::Free(int fd) {
25   // It's important to crash here.
26   // There are security implications to not closing a file descriptor
27   // properly. As file descriptors are "capabilities", keeping them open
28   // would make the current process keep access to a resource. Much of
29   // Chrome relies on being able to "drop" such access.
30   // It's especially problematic on Linux with the setuid sandbox, where
31   // a single open directory would bypass the entire security model.
32   int ret = IGNORE_EINTR(close(fd));
33 
34   // TODO(davidben): Remove this once it's been determined whether
35   // https://crbug.com/603354 is caused by EBADF or a network filesystem
36   // returning some other error.
37   int close_errno = errno;
38   base::debug::Alias(&close_errno);
39 
40 #if defined(OS_LINUX)
41   // NB: Some file descriptors can return errors from close() e.g. network
42   // filesystems such as NFS and Linux input devices. On Linux, errors from
43   // close other than EBADF do not indicate failure to actually close the fd.
44   if (ret != 0 && errno != EBADF)
45     ret = 0;
46 #endif
47 
48   PCHECK(0 == ret);
49 }
50 
51 #endif  // OS_POSIX
52 
53 }  // namespace internal
54 }  // namespace base
55