Fix double-close in EventConverterEvdevImpl

ui/events/ozone/evdev/scoped_input_device.cc

Index: ui/events/ozone/evdev/scoped_input_device.cc
diff --git a/ui/events/ozone/evdev/scoped_input_device.cc b/ui/events/ozone/evdev/scoped_input_device.cc
new file mode 100644
index 0000000000000000000000000000000000000000..3f8f62bd89c985000554d8ffbb4454bcb3d1bd6f
--- /dev/null
+++ b/ui/events/ozone/evdev/scoped_input_device.cc
@@ -0,0 +1,31 @@
+// Copyright 2017 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "ui/events/ozone/evdev/scoped_input_device.h"
+
+#include <errno.h>
+#include <unistd.h>
+
+#include "base/debug/alias.h"
+#include "base/logging.h"
+#include "base/posix/eintr_wrapper.h"
+
+namespace ui {
+namespace internal {
+
+// static
+void ScopedInputDeviceCloseTraits::Free(int fd) {
+  // It's important to crash here.
+  // There are security implications to not closing a file descriptor
+  // properly. As file descriptors are "capabilities", keeping them open
+  // would make the current process keep access to a resource. Much of
+  // Chrome relies on being able to "drop" such access.
+  // It's especially problematic on Linux with the setuid sandbox, where
+  // a single open directory would bypass the entire security model.
+  int ret = IGNORE_EINTR(close(fd));
+  PCHECK(0 == ret || errno != EBADF);

[satorux1, 2017/01/20 02:06:32]

dribe-by: maybe add a comment explaining why EBADF is allowed?

[satorux1, 2017/01/20 02:10:36]

my bad. errors other than EBADF are allowed.

+}
+
+}  // namespace internal
+}  // namespace ui