kscreenlocker/0001-Disable-the-seccomp-sandbox.patch

52 lines
1.7 KiB
Diff
Raw Normal View History

From cd2d031b191c6b4e6a0eb4bd51ed8b2c72c21f76 Mon Sep 17 00:00:00 2001
From: Fabian Vogt <fabian@ritter-vogt.de>
Date: Fri, 24 Jul 2020 13:22:50 +0200
Subject: [PATCH] Disable the seccomp sandbox
References: boo#1174448
In the referenced bug, it somehow fails to make the created context current,
so no GL vendor detection is performed and it is assumed to not be Nvidia
or on Wayland. This breaks rendering.
While it would be enough to only disable the sandbox in this particular case,
it's planned to drop sandboxing anyway
(https://invent.kde.org/plasma/kscreenlocker/-/merge_requests/9) so just do the
same here, just in a simpler way with less side effects.
---
greeter/seccomp_filter.cpp | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/greeter/seccomp_filter.cpp b/greeter/seccomp_filter.cpp
index bca3001..8e2f156 100644
--- a/greeter/seccomp_filter.cpp
+++ b/greeter/seccomp_filter.cpp
@@ -28,6 +28,7 @@ along with this program. If not, see <http://www.gnu.org/licenses/>.
#include <QDBusConnection>
#include <QOpenGLContext>
#include <QOffscreenSurface>
+#include <QDebug>
#include <seccomp.h>
#include <sys/socket.h>
@@ -62,11 +63,18 @@ void init()
else if (gl->isSoftwareEmulation() && KWindowSystem::isPlatformWayland()) {
createSupported = writeSupported = false;
}
+ } else {
+ qWarning() << "Making the context current failed";
+ return;
}
+ } else {
+ qWarning() << "Creating an offscreen context failed";
+ return;
}
// access DBus to have the socket open
QDBusConnection::sessionBus();
+ return;
// default action: allow
// we cannot use a whitelist approach of syscalls
--
2.25.1