Fabian Vogt
077d7da9fe
Add fix1163766.patch to fix opensuse-welcome on i686 (boo#1163766) helps to make openQA greener. more testing wanted OBS-URL: https://build.opensuse.org/request/show/792651 OBS-URL: https://build.opensuse.org/package/show/KDE:Qt:5.14/libqt5-qtwebengine?expand=0&rev=14
57 lines
2.4 KiB
Diff
57 lines
2.4 KiB
Diff
Author Bernhard M. Wiedemann <bwiedemann suse de>
|
|
Date: 2020-04-07
|
|
|
|
https://bugzilla.opensuse.org/show_bug.cgi?id=1163766
|
|
|
|
seccomp filters disallow a new kernel syscall to get time
|
|
used on i586
|
|
|
|
Index: qtwebengine-everywhere-src-5.14.1/src/3rdparty/chromium/sandbox/linux/system_headers/x86_32_linux_syscalls.h
|
|
===================================================================
|
|
--- qtwebengine-everywhere-src-5.14.1.orig/src/3rdparty/chromium/sandbox/linux/system_headers/x86_32_linux_syscalls.h
|
|
+++ qtwebengine-everywhere-src-5.14.1/src/3rdparty/chromium/sandbox/linux/system_headers/x86_32_linux_syscalls.h
|
|
@@ -1422,5 +1422,13 @@
|
|
#define __NR_memfd_create 356
|
|
#endif
|
|
|
|
+#if !defined(__NR_clock_gettime64)
|
|
+#define __NR_clock_gettime64 403
|
|
+#endif
|
|
+
|
|
+#if !defined(__NR_clock_nanosleep_time64)
|
|
+#define __NR_clock_nanosleep_time64 407
|
|
+#endif
|
|
+
|
|
#endif // SANDBOX_LINUX_SYSTEM_HEADERS_X86_32_LINUX_SYSCALLS_H_
|
|
|
|
Index: qtwebengine-everywhere-src-5.14.1/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
|
|
===================================================================
|
|
--- qtwebengine-everywhere-src-5.14.1.orig/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
|
|
+++ qtwebengine-everywhere-src-5.14.1/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
|
|
@@ -151,6 +151,11 @@ ResultExpr EvaluateSyscallImpl(int fs_de
|
|
if (sysno == __NR_clock_gettime || sysno == __NR_clock_nanosleep) {
|
|
return RestrictClockID();
|
|
}
|
|
+#if defined(__NR_clock_gettime64)
|
|
+ if (sysno == __NR_clock_gettime64 || sysno == __NR_clock_nanosleep_time64) {
|
|
+ return RestrictClockID();
|
|
+ }
|
|
+#endif
|
|
|
|
if (sysno == __NR_clone) {
|
|
return RestrictCloneToThreadsAndEPERMFork();
|
|
Index: qtwebengine-everywhere-src-5.14.1/src/3rdparty/chromium/services/service_manager/sandbox/linux/bpf_ime_policy_linux.cc
|
|
===================================================================
|
|
--- qtwebengine-everywhere-src-5.14.1.orig/src/3rdparty/chromium/services/service_manager/sandbox/linux/bpf_ime_policy_linux.cc
|
|
+++ qtwebengine-everywhere-src-5.14.1/src/3rdparty/chromium/services/service_manager/sandbox/linux/bpf_ime_policy_linux.cc
|
|
@@ -30,6 +30,9 @@ ResultExpr ImeProcessPolicy::EvaluateSys
|
|
#if defined(__NR_clock_gettime)
|
|
case __NR_clock_gettime:
|
|
#endif
|
|
+#if defined(__NR_clock_gettime64)
|
|
+ case __NR_clock_gettime64:
|
|
+#endif
|
|
return Allow();
|
|
default:
|
|
auto* broker_process = SandboxLinux::GetInstance()->broker_process();
|