From 65434a912bace28b7c2684f3bafa356f4f20f3f33bf4f874c706518398129b8b Mon Sep 17 00:00:00 2001 From: Christophe Giboudeaux Date: Wed, 14 Apr 2021 08:08:35 +0000 Subject: [PATCH] Accepting request 885269 from home:Vogtinator:qt5.15 - Add back missing part in fix1163766.patch (boo#1184610) OBS-URL: https://build.opensuse.org/request/show/885269 OBS-URL: https://build.opensuse.org/package/show/KDE:Qt:5.15/libqt5-qtwebengine?expand=0&rev=25 --- fix1163766.patch | 51 ++++++++++++++++++++++++-------------- libqt5-qtwebengine.changes | 5 ++++ 2 files changed, 38 insertions(+), 18 deletions(-) diff --git a/fix1163766.patch b/fix1163766.patch index 557035d..31db231 100644 --- a/fix1163766.patch +++ b/fix1163766.patch @@ -6,14 +6,15 @@ Subject: [PATCH] https://bugzilla.opensuse.org/show_bug.cgi?id=1163766 seccomp filters disallow a new kernel syscall to get time used on i586 --- - .../sandbox/linux/system_headers/x86_32_linux_syscalls.h | 8 ++++++++ - .../chromium/sandbox/policy/linux/bpf_ime_policy_linux.cc | 3 +++ - 3 files changed, 16 insertions(+) + src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc | 6 ++++++ + src/3rdparty/chromium/sandbox/linux/system_headers/x86_32_linux_syscalls.h | 8 ++++++++ + src/3rdparty/chromium/sandbox/policy/linux/bpf_ime_policy_linux.cc | 3 +++ + 3 files changed, 17 insertions(+) -diff --git a/src/3rdparty/chromium/sandbox/linux/system_headers/x86_32_linux_syscalls.h b/src/3rdparty/chromium/sandbox/linux/system_headers/x86_32_linux_syscalls.h -index 7613c9bbc..7093ac054 100644 ---- a/src/3rdparty/chromium/sandbox/linux/system_headers/x86_32_linux_syscalls.h -+++ b/src/3rdparty/chromium/sandbox/linux/system_headers/x86_32_linux_syscalls.h +Index: qtwebengine-everywhere-src-5.15.3/src/3rdparty/chromium/sandbox/linux/system_headers/x86_32_linux_syscalls.h +=================================================================== +--- qtwebengine-everywhere-src-5.15.3.orig/src/3rdparty/chromium/sandbox/linux/system_headers/x86_32_linux_syscalls.h ++++ qtwebengine-everywhere-src-5.15.3/src/3rdparty/chromium/sandbox/linux/system_headers/x86_32_linux_syscalls.h @@ -1710,5 +1710,13 @@ #define __NR_clone3 435 #endif @@ -28,20 +29,34 @@ index 7613c9bbc..7093ac054 100644 + #endif // SANDBOX_LINUX_SYSTEM_HEADERS_X86_32_LINUX_SYSCALLS_H_ -diff --git a/src/3rdparty/chromium/sandbox/policy/linux/bpf_ime_policy_linux.cc b/src/3rdparty/chromium/sandbox/policy/linux/bpf_ime_policy_linux.cc -index 3fcdbcc18..c7a00c2c2 100644 ---- a/src/3rdparty/chromium/sandbox/policy/linux/bpf_ime_policy_linux.cc -+++ b/src/3rdparty/chromium/sandbox/policy/linux/bpf_ime_policy_linux.cc -@@ -31,6 +31,9 @@ ResultExpr ImeProcessPolicy::EvaluateSyscall(int sysno) const { - #endif +Index: qtwebengine-everywhere-src-5.15.3/src/3rdparty/chromium/sandbox/policy/linux/bpf_ime_policy_linux.cc +=================================================================== +--- qtwebengine-everywhere-src-5.15.3.orig/src/3rdparty/chromium/sandbox/policy/linux/bpf_ime_policy_linux.cc ++++ qtwebengine-everywhere-src-5.15.3/src/3rdparty/chromium/sandbox/policy/linux/bpf_ime_policy_linux.cc +@@ -32,6 +32,9 @@ ResultExpr ImeProcessPolicy::EvaluateSys #if defined(__NR_clock_gettime) case __NR_clock_gettime: -+#endif + #endif +#if defined(__NR_clock_gettime64) + case __NR_clock_gettime64: - #endif ++#endif return Allow(); // https://crbug.com/991435 --- -2.30.2 - + #if defined(__NR_getrusage) +Index: qtwebengine-everywhere-src-5.15.3/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc +=================================================================== +--- qtwebengine-everywhere-src-5.15.3.orig/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc ++++ qtwebengine-everywhere-src-5.15.3/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc +@@ -161,6 +161,12 @@ ResultExpr EvaluateSyscallImpl(int fs_de + return RestrictClockID(); + } + ++#if defined(__NR_clock_gettime64) ++ if (sysno == __NR_clock_gettime64 || sysno == __NR_clock_nanosleep_time64) { ++ return RestrictClockID(); ++ } ++#endif ++ + if (sysno == __NR_clone) { + return RestrictCloneToThreadsAndEPERMFork(); + } diff --git a/libqt5-qtwebengine.changes b/libqt5-qtwebengine.changes index 17fc4b4..1390f49 100644 --- a/libqt5-qtwebengine.changes +++ b/libqt5-qtwebengine.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Tue Apr 13 20:12:47 UTC 2021 - Fabian Vogt + +- Add back missing part in fix1163766.patch (boo#1184610) + ------------------------------------------------------------------- Wed Mar 24 12:45:13 UTC 2021 - christophe@krop.fr