From: Corey Minyard <cminy...@mvista.com>
The chardev backends that used qemu_chr_open_fd did not get their
file descriptors closed at end of file or when the chardev was closed.
This could result in a file descriptor leak.
Signed-off-by: Corey Minyard <cminy...@mvista.com>
---
qemu-char.c | 35 +++++++++++++++++++++++++++++------
1 file changed, 29 insertions(+), 6 deletions(-)
diff --git a/qemu-char.c b/qemu-char.c
index 4ac131d..427bb34 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -851,6 +851,8 @@ typedef struct FDCharDriver {
GIOChannel *fd_in, *fd_out;
int max_size;
QTAILQ_ENTRY(FDCharDriver) node;
+ int close_fdin;
+ int close_fdout;
} FDCharDriver;
static int fd_chr_write(CharDriverState *chr, const uint8_t *buf, int len)
@@ -860,6 +862,18 @@ static int fd_chr_write(CharDriverState *chr, const
uint8_t *buf, int len)
return io_channel_send(s->fd_out, buf, len);
}
+static void fd_close_fds(FDCharDriver *s)
+{
+ if ((s->close_fdin != s->close_fdout) && (s->close_fdout != -1)) {
+ close(s->close_fdout);
+ }
+ s->close_fdout = -1;
+ if (s->close_fdin != -1) {
+ close(s->close_fdin);
+ }
+ s->close_fdin = -1;
+}
+
static gboolean fd_chr_read(GIOChannel *chan, GIOCondition cond, void *opaque)
{
CharDriverState *chr = opaque;
@@ -881,6 +895,7 @@ static gboolean fd_chr_read(GIOChannel *chan, GIOCondition
cond, void *opaque)
len, &bytes_read, NULL);
if (status == G_IO_STATUS_EOF) {
remove_fd_in_watch(chr);
+ fd_close_fds(s);
qemu_chr_be_event(chr, CHR_EVENT_CLOSED);
return FALSE;
}
@@ -929,19 +944,27 @@ static void fd_chr_close(struct CharDriverState *chr)
g_io_channel_unref(s->fd_out);
}
+ fd_close_fds(s);
g_free(s);
qemu_chr_be_event(chr, CHR_EVENT_CLOSED);
}
/* open a character device to a unix fd */
static CharDriverState *qemu_chr_open_fd(CharDriverState *chr,
- int fd_in, int fd_out)
+ int fd_in, int fd_out,
+ int close_fds_on_close)
{
FDCharDriver *s;
s = g_malloc0(sizeof(FDCharDriver));
s->fd_in = io_channel_from_fd(fd_in);
s->fd_out = io_channel_from_fd(fd_out);
+ if (close_fds_on_close) {
+ s->close_fdin = fd_in;
+ s->close_fdout = fd_out;
+ } else {
+ s->close_fdin = s->close_fdout = -1;
+ }
fcntl(fd_out, F_SETFL, O_NONBLOCK);
s->chr = chr;
chr->opaque = s;
@@ -979,7 +1002,7 @@ static CharDriverState *qemu_chr_open_pipe(CharDriverState
*chr,
return NULL;
}
}
- return qemu_chr_open_fd(chr, fd_in, fd_out);
+ return qemu_chr_open_fd(chr, fd_in, fd_out, TRUE);
}
/* init terminal so that we can grab keys */
@@ -1032,7 +1055,7 @@ static CharDriverState
*qemu_chr_open_stdio(CharDriverState *chr,
fcntl(0, F_SETFL, O_NONBLOCK);
atexit(term_exit);
- qemu_chr_open_fd(chr, 0, 1);
+ qemu_chr_open_fd(chr, 0, 1, FALSE);
chr->chr_close = qemu_chr_close_stdio;
chr->chr_set_echo = qemu_chr_set_echo_stdio;
if (opts->has_signal) {
@@ -1438,7 +1461,7 @@ static void qemu_chr_close_tty(CharDriverState *chr)
static CharDriverState *qemu_chr_open_tty_fd(CharDriverState *chr, int fd)
{
tty_serial_init(fd, 115200, 'N', 8, 1);
- qemu_chr_open_fd(chr, fd, fd);
+ qemu_chr_open_fd(chr, fd, fd, TRUE);
chr->chr_ioctl = tty_serial_ioctl;
chr->chr_close = qemu_chr_close_tty;
return chr;
@@ -2514,7 +2537,7 @@ static gboolean tcp_chr_read(GIOChannel *chan,
GIOCondition cond, void *opaque)
#ifndef _WIN32
CharDriverState *qemu_chr_open_eventfd(CharDriverState *chr, int eventfd)
{
- return qemu_chr_open_fd(chr, eventfd, eventfd);
+ return qemu_chr_open_fd(chr, eventfd, eventfd, FALSE);
}
#endif
@@ -3769,7 +3792,7 @@ static CharDriverState
*qmp_chardev_open_file(CharDriverState *chr,
}
}
- return qemu_chr_open_fd(chr, in, out);
+ return qemu_chr_open_fd(chr, in, out, TRUE);
}
static CharDriverState *qmp_chardev_open_serial(CharDriverState *chr,
--
1.8.3.1
