1 // Copyright 2014 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "base/files/scoped_file.h" 6 7 #include "base/logging.h" 8 #include "build/build_config.h" 9 10 #if defined(OS_POSIX) 11 #include <errno.h> 12 #include <unistd.h> 13 14 #include "base/debug/alias.h" 15 #include "base/posix/eintr_wrapper.h" 16 #endif 17 18 namespace base { 19 namespace internal { 20 21 #if defined(OS_POSIX) 22 23 // static 24 void ScopedFDCloseTraits::Free(int fd) { 25 // It's important to crash here. 26 // There are security implications to not closing a file descriptor 27 // properly. As file descriptors are "capabilities", keeping them open 28 // would make the current process keep access to a resource. Much of 29 // Chrome relies on being able to "drop" such access. 30 // It's especially problematic on Linux with the setuid sandbox, where 31 // a single open directory would bypass the entire security model. 32 int ret = IGNORE_EINTR(close(fd)); 33 34 // TODO(davidben): Remove this once it's been determined whether 35 // https://crbug.com/603354 is caused by EBADF or a network filesystem 36 // returning some other error. 37 int close_errno = errno; 38 base::debug::Alias(&close_errno); 39 40 #if defined(OS_LINUX) 41 // NB: Some file descriptors can return errors from close() e.g. network 42 // filesystems such as NFS and Linux input devices. On Linux, errors from 43 // close other than EBADF do not indicate failure to actually close the fd. 44 if (ret != 0 && errno != EBADF) 45 ret = 0; 46 #endif 47 48 PCHECK(0 == ret); 49 } 50 51 #endif // OS_POSIX 52 53 } // namespace internal 54 } // namespace base 55
