From: Fabian Vogt <fabian@ritter-vogt.de>
Subject: Sandbox: Handle statx and futex_time64

glibc uses statx in some more places now (e.g stat64 -> __fstatat64_time64),
but it's caught by the sandbox, which doesn't handle it and breaks.
Return -ENOSYS instead to trigger the fallback in glibc.

futex_time64 is also used internally in glibc, so handle that as well.
The signature is identical where it matters.

Index: qtwebengine-everywhere-src-5.15.2/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
===================================================================
--- qtwebengine-everywhere-src-5.15.2.orig/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
+++ qtwebengine-everywhere-src-5.15.2/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
@@ -190,6 +190,11 @@ ResultExpr EvaluateSyscallImpl(int fs_de
   if (sysno == __NR_futex)
     return RestrictFutex();
 
+#if defined(__NR_futex_time64)
+  if (sysno == __NR_futex_time64)
+    return RestrictFutex();
+#endif
+
   if (sysno == __NR_set_robust_list)
     return Error(EPERM);
 
@@ -265,6 +270,12 @@ ResultExpr EvaluateSyscallImpl(int fs_de
   }
 #endif
 
+#if defined(__NR_statx)
+  if (sysno == __NR_statx) {
+    return Error(ENOSYS);
+  }
+#endif
+
   if (SyscallSets::IsFileSystem(sysno) ||
       SyscallSets::IsCurrentDirectory(sysno)) {
     return Error(fs_denied_errno);