forked from pool/libqt5-qtwebengine
Accepting request 885269 from home:Vogtinator:qt5.15
- Add back missing part in fix1163766.patch (boo#1184610) OBS-URL: https://build.opensuse.org/request/show/885269 OBS-URL: https://build.opensuse.org/package/show/KDE:Qt:5.15/libqt5-qtwebengine?expand=0&rev=25
This commit is contained in:
Christophe Giboudeaux
Git OBS Bridge
parent
89f4028e6d
commit
65434a912b
@ -6,14 +6,15 @@ Subject: [PATCH] https://bugzilla.opensuse.org/show_bug.cgi?id=1163766
|
|||||||
seccomp filters disallow a new kernel syscall to get time
|
seccomp filters disallow a new kernel syscall to get time
|
||||||
used on i586
|
used on i586
|
||||||
---
|
---
|
||||||
.../sandbox/linux/system_headers/x86_32_linux_syscalls.h | 8 ++++++++
|
src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc | 6 ++++++
|
||||||
.../chromium/sandbox/policy/linux/bpf_ime_policy_linux.cc | 3 +++
|
src/3rdparty/chromium/sandbox/linux/system_headers/x86_32_linux_syscalls.h | 8 ++++++++
|
||||||
3 files changed, 16 insertions(+)
|
src/3rdparty/chromium/sandbox/policy/linux/bpf_ime_policy_linux.cc | 3 +++
|
||||||
|
3 files changed, 17 insertions(+)
|
||||||
|
|
||||||
diff --git a/src/3rdparty/chromium/sandbox/linux/system_headers/x86_32_linux_syscalls.h b/src/3rdparty/chromium/sandbox/linux/system_headers/x86_32_linux_syscalls.h
|
Index: qtwebengine-everywhere-src-5.15.3/src/3rdparty/chromium/sandbox/linux/system_headers/x86_32_linux_syscalls.h
|
||||||
index 7613c9bbc..7093ac054 100644
|
===================================================================
|
||||||
--- a/src/3rdparty/chromium/sandbox/linux/system_headers/x86_32_linux_syscalls.h
|
--- qtwebengine-everywhere-src-5.15.3.orig/src/3rdparty/chromium/sandbox/linux/system_headers/x86_32_linux_syscalls.h
|
||||||
+++ b/src/3rdparty/chromium/sandbox/linux/system_headers/x86_32_linux_syscalls.h
|
+++ qtwebengine-everywhere-src-5.15.3/src/3rdparty/chromium/sandbox/linux/system_headers/x86_32_linux_syscalls.h
|
||||||
@@ -1710,5 +1710,13 @@
|
@@ -1710,5 +1710,13 @@
|
||||||
#define __NR_clone3 435
|
#define __NR_clone3 435
|
||||||
#endif
|
#endif
|
||||||
@ -28,20 +29,34 @@ index 7613c9bbc..7093ac054 100644
|
|||||||
+
|
+
|
||||||
#endif // SANDBOX_LINUX_SYSTEM_HEADERS_X86_32_LINUX_SYSCALLS_H_
|
#endif // SANDBOX_LINUX_SYSTEM_HEADERS_X86_32_LINUX_SYSCALLS_H_
|
||||||
|
|
||||||
diff --git a/src/3rdparty/chromium/sandbox/policy/linux/bpf_ime_policy_linux.cc b/src/3rdparty/chromium/sandbox/policy/linux/bpf_ime_policy_linux.cc
|
Index: qtwebengine-everywhere-src-5.15.3/src/3rdparty/chromium/sandbox/policy/linux/bpf_ime_policy_linux.cc
|
||||||
index 3fcdbcc18..c7a00c2c2 100644
|
===================================================================
|
||||||
--- a/src/3rdparty/chromium/sandbox/policy/linux/bpf_ime_policy_linux.cc
|
--- qtwebengine-everywhere-src-5.15.3.orig/src/3rdparty/chromium/sandbox/policy/linux/bpf_ime_policy_linux.cc
|
||||||
+++ b/src/3rdparty/chromium/sandbox/policy/linux/bpf_ime_policy_linux.cc
|
+++ qtwebengine-everywhere-src-5.15.3/src/3rdparty/chromium/sandbox/policy/linux/bpf_ime_policy_linux.cc
|
||||||
@@ -31,6 +31,9 @@ ResultExpr ImeProcessPolicy::EvaluateSyscall(int sysno) const {
|
@@ -32,6 +32,9 @@ ResultExpr ImeProcessPolicy::EvaluateSys
|
||||||
#endif
|
|
||||||
#if defined(__NR_clock_gettime)
|
#if defined(__NR_clock_gettime)
|
||||||
case __NR_clock_gettime:
|
case __NR_clock_gettime:
|
||||||
+#endif
|
#endif
|
||||||
+#if defined(__NR_clock_gettime64)
|
+#if defined(__NR_clock_gettime64)
|
||||||
+ case __NR_clock_gettime64:
|
+ case __NR_clock_gettime64:
|
||||||
#endif
|
+#endif
|
||||||
return Allow();
|
return Allow();
|
||||||
// https://crbug.com/991435
|
// https://crbug.com/991435
|
||||||
--
|
#if defined(__NR_getrusage)
|
||||||
2.30.2
|
Index: qtwebengine-everywhere-src-5.15.3/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
|
||||||
|
===================================================================
|
||||||
|
--- qtwebengine-everywhere-src-5.15.3.orig/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
|
||||||
|
+++ qtwebengine-everywhere-src-5.15.3/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
|
||||||
|
@@ -161,6 +161,12 @@ ResultExpr EvaluateSyscallImpl(int fs_de
|
||||||
|
return RestrictClockID();
|
||||||
|
}
|
||||||
|
|
||||||
|
+#if defined(__NR_clock_gettime64)
|
||||||
|
+ if (sysno == __NR_clock_gettime64 || sysno == __NR_clock_nanosleep_time64) {
|
||||||
|
+ return RestrictClockID();
|
||||||
|
+ }
|
||||||
|
+#endif
|
||||||
|
+
|
||||||
|
if (sysno == __NR_clone) {
|
||||||
|
return RestrictCloneToThreadsAndEPERMFork();
|
||||||
|
}
|
||||||
|
|||||||
@ -1,3 +1,8 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Tue Apr 13 20:12:47 UTC 2021 - Fabian Vogt <fabian@ritter-vogt.de>
|
||||||
|
|
||||||
|
- Add back missing part in fix1163766.patch (boo#1184610)
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Wed Mar 24 12:45:13 UTC 2021 - christophe@krop.fr
|
Wed Mar 24 12:45:13 UTC 2021 - christophe@krop.fr
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user