community/chromium: upgrade to 73.0.3683.103

author: Natanael Copa <ncopa@alpinelinux.org> 2019-04-23 15:22:17 +0000
committer: Natanael Copa <ncopa@alpinelinux.org> 2019-04-23 15:23:53 +0000
commit: b6ee7c5d8a5f54c54c344ee055d7e9a1af034fd6 (patch)
tree: 3fb7662aba0678369cf7761bd11e532271f4dfb4 /community/chromium/musl-sandbox.patch
parent: 184d781b84f7990b784ec89f1d5fac34c51e0ee4 (diff)
download: aports-b6ee7c5d8a5f54c54c344ee055d7e9a1af034fd6.tar.bz2
aports-b6ee7c5d8a5f54c54c344ee055d7e9a1af034fd6.tar.xz
1 files changed, 108 insertions, 25 deletions
diff --git a/community/chromium/musl-sandbox.patch b/community/chromium/musl-sandbox.patch
index 5c4674f3c0..34717ec82c 100644
--- a/community/chromium/musl-sandbox.patch
+++ b/community/chromium/musl-sandbox.patch
@@ -1,6 +1,8 @@
---- ./sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc
-+++ ./sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc
-@@ -114,23 +114,13 @@
+diff --git sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc
+index 68ce32a..bb779c2 100644
+--- sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc
++++ sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc
+@@ -137,23 +137,13 @@ namespace sandbox {
  // CLONE_VM, nor CLONE_THREAD, which includes all fork() implementations.
  ResultExpr RestrictCloneToThreadsAndEPERMFork() {
    const Arg<unsigned long> flags(0);
@@ -30,29 +32,11 @@
        .ElseIf((flags & (CLONE_VM | CLONE_THREAD)) == 0, Error(EPERM))
        .Else(CrashSIGSYSClone());
  }
---- ./sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc.orig
-+++ ./sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc
-@@ -494,6 +494,7 @@
-     case __NR_mlock:
-     case __NR_munlock:
-     case __NR_munmap:
-+    case __NR_mremap:
-       return true;
-     case __NR_madvise:
-     case __NR_mincore:
-@@ -509,7 +510,6 @@
-     case __NR_modify_ldt:
- #endif
-     case __NR_mprotect:
--    case __NR_mremap:
-     case __NR_msync:
-     case __NR_munlockall:
-     case __NR_readahead:
-diff --git a/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc b/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc
-index 80f02c0..21fbe21 100644
+diff --git sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc
+index 7dbcc87..782be78 100644
 --- sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc
 +++ sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc
-@@ -373,6 +373,7 @@ bool SyscallSets::IsAllowedProcessStartOrDeath(int sysno) {
+@@ -391,6 +391,7 @@ bool SyscallSets::IsAllowedProcessStartOrDeath(int sysno) {
  #if defined(__i386__)
      case __NR_waitpid:
  #endif
@@ -60,7 +44,7 @@ index 80f02c0..21fbe21 100644
        return true;
      case __NR_clone:  // Should be parameter-restricted.
      case __NR_setns:  // Privileged.
-@@ -385,7 +386,6 @@ bool SyscallSets::IsAllowedProcessStartOrDeath(int sysno) {
+@@ -403,7 +404,6 @@ bool SyscallSets::IsAllowedProcessStartOrDeath(int sysno) {
  #if defined(__i386__) || defined(__x86_64__) || defined(__mips__)
      case __NR_set_thread_area:
  #endif
@@ -68,3 +52,102 @@ index 80f02c0..21fbe21 100644
      case __NR_unshare:
  #if !defined(__mips__) && !defined(__aarch64__)
      case __NR_vfork:
+@@ -513,6 +513,8 @@ bool SyscallSets::IsAllowedAddressSpaceAccess(int sysno) {
+     case __NR_mlock:
+     case __NR_munlock:
+     case __NR_munmap:
++    case __NR_mremap:
++    case __NR_membarrier:
+       return true;
+     case __NR_madvise:
+     case __NR_mincore:
+@@ -530,7 +532,6 @@ bool SyscallSets::IsAllowedAddressSpaceAccess(int sysno) {
+     case __NR_modify_ldt:
+ #endif
+     case __NR_mprotect:
+-    case __NR_mremap:
+     case __NR_msync:
+     case __NR_munlockall:
+     case __NR_readahead:
+diff --git sandbox/linux/system_headers/arm64_linux_syscalls.h sandbox/linux/system_headers/arm64_linux_syscalls.h
+index 59d0eab..7ae7002 100644
+--- sandbox/linux/system_headers/arm64_linux_syscalls.h
++++ sandbox/linux/system_headers/arm64_linux_syscalls.h
+@@ -1063,4 +1063,8 @@
+ #define __NR_memfd_create 279
+ #endif
+ 
++#if !defined(__NR_membarrier)
++#define __NR_membarrier 283
++#endif
++
+ #endif  // SANDBOX_LINUX_SYSTEM_HEADERS_ARM64_LINUX_SYSCALLS_H_
+diff --git sandbox/linux/system_headers/arm_linux_syscalls.h sandbox/linux/system_headers/arm_linux_syscalls.h
+index 1addd53..7843b5e 100644
+--- sandbox/linux/system_headers/arm_linux_syscalls.h
++++ sandbox/linux/system_headers/arm_linux_syscalls.h
+@@ -1385,6 +1385,10 @@
+ #define __NR_memfd_create (__NR_SYSCALL_BASE+385)
+ #endif
+ 
++#if !defined(__NR_membarrier)
++#define __NR_membarrier (__NR_SYSCALL_BASE+389)
++#endif
++
+ // ARM private syscalls.
+ #if !defined(__ARM_NR_BASE)
+ #define __ARM_NR_BASE (__NR_SYSCALL_BASE + 0xF0000)
+diff --git sandbox/linux/system_headers/mips64_linux_syscalls.h sandbox/linux/system_headers/mips64_linux_syscalls.h
+index ec75815..612fcfa 100644
+--- sandbox/linux/system_headers/mips64_linux_syscalls.h
++++ sandbox/linux/system_headers/mips64_linux_syscalls.h
+@@ -1271,4 +1271,8 @@
+ #define __NR_memfd_create (__NR_Linux + 314)
+ #endif
+ 
++#if !defined(__NR_membarrier)
++#define __NR_membarrier (__NR_Linux + 318)
++#endif
++
+ #endif  // SANDBOX_LINUX_SYSTEM_HEADERS_MIPS64_LINUX_SYSCALLS_H_
+diff --git sandbox/linux/system_headers/mips_linux_syscalls.h sandbox/linux/system_headers/mips_linux_syscalls.h
+index ddbf97f..1742acd 100644
+--- sandbox/linux/system_headers/mips_linux_syscalls.h
++++ sandbox/linux/system_headers/mips_linux_syscalls.h
+@@ -1433,4 +1433,8 @@
+ #define __NR_memfd_create (__NR_Linux + 354)
+ #endif
+ 
++#if !defined(__NR_membarrier)
++#define __NR_membarrier (__NR_Linux + 358)
++#endif
++
+ #endif  // SANDBOX_LINUX_SYSTEM_HEADERS_MIPS_LINUX_SYSCALLS_H_
+diff --git sandbox/linux/system_headers/x86_32_linux_syscalls.h sandbox/linux/system_headers/x86_32_linux_syscalls.h
+index a6afc62..7ed0a3b 100644
+--- sandbox/linux/system_headers/x86_32_linux_syscalls.h
++++ sandbox/linux/system_headers/x86_32_linux_syscalls.h
+@@ -1422,5 +1422,9 @@
+ #define __NR_memfd_create 356
+ #endif
+ 
++#if !defined(__NR_membarrier)
++#define __NR_membarrier 375
++#endif
++
+ #endif  // SANDBOX_LINUX_SYSTEM_HEADERS_X86_32_LINUX_SYSCALLS_H_
+ 
+diff --git sandbox/linux/system_headers/x86_64_linux_syscalls.h sandbox/linux/system_headers/x86_64_linux_syscalls.h
+index 349504a..ea3c7c9 100644
+--- sandbox/linux/system_headers/x86_64_linux_syscalls.h
++++ sandbox/linux/system_headers/x86_64_linux_syscalls.h
+@@ -1290,5 +1290,9 @@
+ #define __NR_memfd_create 319
+ #endif
+ 
++#if !defined(__NR_membarrier)
++#define __NR_membarrier 324
++#endif
++
+ #endif  // SANDBOX_LINUX_SYSTEM_HEADERS_X86_64_LINUX_SYSCALLS_H_
+
author	Natanael Copa <ncopa@alpinelinux.org>	2019-04-23 15:22:17 +0000
committer	Natanael Copa <ncopa@alpinelinux.org>	2019-04-23 15:23:53 +0000
commit	b6ee7c5d8a5f54c54c344ee055d7e9a1af034fd6 (patch)
tree	3fb7662aba0678369cf7761bd11e532271f4dfb4 /community/chromium/musl-sandbox.patch
parent	184d781b84f7990b784ec89f1d5fac34c51e0ee4 (diff)
download	aports-b6ee7c5d8a5f54c54c344ee055d7e9a1af034fd6.tar.bz2 aports-b6ee7c5d8a5f54c54c344ee055d7e9a1af034fd6.tar.xz