ui/input-linux: close evdev fd when qemu_set_blocking fails

[PATCH] ui/input-linux: close evdev fd when qemu_set_blocking fails

zhaoguohan@kylinos.cn posted 1 patch 3 days, 14 hours ago

Download mbox

Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/qemu tags/patchew/20260408024024.606222-1-zhaoguohan@kylinos.cn

Maintainers: "Marc-André Lureau" <marcandre.lureau@redhat.com>

ui/input-linux.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

Expand all Fold all

[PATCH] ui/input-linux: close evdev fd when qemu_set_blocking fails

Posted by zhaoguohan@kylinos.cn 3 days, 14 hours ago

From: GuoHan Zhao <zhaoguohan@kylinos.cn>

input_linux_complete() opens the evdev node before switching it to
non-blocking mode. If qemu_set_blocking() fails, the function returns
without closing the file descriptor.

The finalize path only closes initialized devices, so this leaks the fd
on an error path.

Jump to err_close when qemu_set_blocking() fails so the descriptor is
released before returning.

Fixes: c7b1172026a0 ("ui: replace qemu_set_nonblock()")
Signed-off-by: GuoHan Zhao <zhaoguohan@kylinos.cn>
---
 ui/input-linux.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ui/input-linux.c b/ui/input-linux.c
index c16726a3b799..74bc8511428a 100644
--- a/ui/input-linux.c
+++ b/ui/input-linux.c
@@ -316,7 +316,7 @@ static void input_linux_complete(UserCreatable *uc, Error **errp)
         return;
     }
     if (!qemu_set_blocking(il->fd, false, errp)) {
-        return;
+        goto err_close;
     }
 
     rc = ioctl(il->fd, EVIOCGVERSION, &ver);
-- 
2.43.0

Re: [PATCH] ui/input-linux: close evdev fd when qemu_set_blocking fails

Posted by Marc-André Lureau 3 days, 11 hours ago

On Wed, Apr 8, 2026 at 6:41 AM <zhaoguohan@kylinos.cn> wrote:
>
> From: GuoHan Zhao <zhaoguohan@kylinos.cn>
>
> input_linux_complete() opens the evdev node before switching it to
> non-blocking mode. If qemu_set_blocking() fails, the function returns
> without closing the file descriptor.
>
> The finalize path only closes initialized devices, so this leaks the fd
> on an error path.
>
> Jump to err_close when qemu_set_blocking() fails so the descriptor is
> released before returning.
>
> Fixes: c7b1172026a0 ("ui: replace qemu_set_nonblock()")
> Signed-off-by: GuoHan Zhao <zhaoguohan@kylinos.cn>

Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>

> ---
>  ui/input-linux.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/ui/input-linux.c b/ui/input-linux.c
> index c16726a3b799..74bc8511428a 100644
> --- a/ui/input-linux.c
> +++ b/ui/input-linux.c
> @@ -316,7 +316,7 @@ static void input_linux_complete(UserCreatable *uc, Error **errp)
>          return;
>      }
>      if (!qemu_set_blocking(il->fd, false, errp)) {
> -        return;
> +        goto err_close;
>      }
>
>      rc = ioctl(il->fd, EVIOCGVERSION, &ver);
> --
> 2.43.0
>