diff options
Diffstat (limited to 'community/qt5-qtwebengine/musl-sandbox.patch')
-rw-r--r-- | community/qt5-qtwebengine/musl-sandbox.patch | 95 |
1 files changed, 89 insertions, 6 deletions
diff --git a/community/qt5-qtwebengine/musl-sandbox.patch b/community/qt5-qtwebengine/musl-sandbox.patch index 46b5d0bce1..45e3d9336e 100644 --- a/community/qt5-qtwebengine/musl-sandbox.patch +++ b/community/qt5-qtwebengine/musl-sandbox.patch @@ -1,5 +1,5 @@ diff --git a/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc b/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc -index 5f81dff..85b7ea0 100644 +index 2577f02..b27300c 100644 --- a/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc +++ b/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc @@ -129,23 +129,13 @@ namespace sandbox { @@ -33,10 +33,10 @@ index 5f81dff..85b7ea0 100644 .Else(CrashSIGSYSClone()); } diff --git a/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc b/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc -index 1d9f95c..21fbe21 100644 +index 9f1cdef..a2d703b 100644 --- a/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc +++ b/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc -@@ -373,6 +373,7 @@ bool SyscallSets::IsAllowedProcessStartOrDeath(int sysno) { +@@ -375,6 +375,7 @@ bool SyscallSets::IsAllowedProcessStartOrDeath(int sysno) { #if defined(__i386__) case __NR_waitpid: #endif @@ -44,7 +44,7 @@ index 1d9f95c..21fbe21 100644 return true; case __NR_clone: // Should be parameter-restricted. case __NR_setns: // Privileged. -@@ -385,7 +386,6 @@ bool SyscallSets::IsAllowedProcessStartOrDeath(int sysno) { +@@ -387,7 +388,6 @@ bool SyscallSets::IsAllowedProcessStartOrDeath(int sysno) { #if defined(__i386__) || defined(__x86_64__) || defined(__mips__) case __NR_set_thread_area: #endif @@ -52,15 +52,16 @@ index 1d9f95c..21fbe21 100644 case __NR_unshare: #if !defined(__mips__) && !defined(__aarch64__) case __NR_vfork: -@@ -492,6 +492,7 @@ bool SyscallSets::IsAllowedAddressSpaceAccess(int sysno) { +@@ -496,6 +496,8 @@ bool SyscallSets::IsAllowedAddressSpaceAccess(int sysno) { case __NR_mlock: case __NR_munlock: case __NR_munmap: + case __NR_mremap: ++ case __NR_membarrier: return true; case __NR_madvise: case __NR_mincore: -@@ -507,7 +508,6 @@ bool SyscallSets::IsAllowedAddressSpaceAccess(int sysno) { +@@ -511,7 +513,6 @@ bool SyscallSets::IsAllowedAddressSpaceAccess(int sysno) { case __NR_modify_ldt: #endif case __NR_mprotect: @@ -68,3 +69,85 @@ index 1d9f95c..21fbe21 100644 case __NR_msync: case __NR_munlockall: case __NR_readahead: +diff --git a/src/3rdparty/chromium/sandbox/linux/system_headers/arm64_linux_syscalls.h b/src/3rdparty/chromium/sandbox/linux/system_headers/arm64_linux_syscalls.h +index 59d0eab..7ae7002 100644 +--- a/src/3rdparty/chromium/sandbox/linux/system_headers/arm64_linux_syscalls.h ++++ b/src/3rdparty/chromium/sandbox/linux/system_headers/arm64_linux_syscalls.h +@@ -1063,4 +1063,8 @@ + #define __NR_memfd_create 279 + #endif + ++#if !defined(__NR_membarrier) ++#define __NR_membarrier 283 ++#endif ++ + #endif // SANDBOX_LINUX_SYSTEM_HEADERS_ARM64_LINUX_SYSCALLS_H_ +diff --git a/src/3rdparty/chromium/sandbox/linux/system_headers/arm_linux_syscalls.h b/src/3rdparty/chromium/sandbox/linux/system_headers/arm_linux_syscalls.h +index 1addd53..7843b5e 100644 +--- a/src/3rdparty/chromium/sandbox/linux/system_headers/arm_linux_syscalls.h ++++ b/src/3rdparty/chromium/sandbox/linux/system_headers/arm_linux_syscalls.h +@@ -1385,6 +1385,10 @@ + #define __NR_memfd_create (__NR_SYSCALL_BASE+385) + #endif + ++#if !defined(__NR_membarrier) ++#define __NR_membarrier (__NR_SYSCALL_BASE+389) ++#endif ++ + // ARM private syscalls. + #if !defined(__ARM_NR_BASE) + #define __ARM_NR_BASE (__NR_SYSCALL_BASE + 0xF0000) +diff --git a/src/3rdparty/chromium/sandbox/linux/system_headers/mips64_linux_syscalls.h b/src/3rdparty/chromium/sandbox/linux/system_headers/mips64_linux_syscalls.h +index ec75815..612fcfa 100644 +--- a/src/3rdparty/chromium/sandbox/linux/system_headers/mips64_linux_syscalls.h ++++ b/src/3rdparty/chromium/sandbox/linux/system_headers/mips64_linux_syscalls.h +@@ -1271,4 +1271,8 @@ + #define __NR_memfd_create (__NR_Linux + 314) + #endif + ++#if !defined(__NR_membarrier) ++#define __NR_membarrier (__NR_Linux + 318) ++#endif ++ + #endif // SANDBOX_LINUX_SYSTEM_HEADERS_MIPS64_LINUX_SYSCALLS_H_ +diff --git a/src/3rdparty/chromium/sandbox/linux/system_headers/mips_linux_syscalls.h b/src/3rdparty/chromium/sandbox/linux/system_headers/mips_linux_syscalls.h +index ddbf97f..1742acd 100644 +--- a/src/3rdparty/chromium/sandbox/linux/system_headers/mips_linux_syscalls.h ++++ b/src/3rdparty/chromium/sandbox/linux/system_headers/mips_linux_syscalls.h +@@ -1433,4 +1433,8 @@ + #define __NR_memfd_create (__NR_Linux + 354) + #endif + ++#if !defined(__NR_membarrier) ++#define __NR_membarrier (__NR_Linux + 358) ++#endif ++ + #endif // SANDBOX_LINUX_SYSTEM_HEADERS_MIPS_LINUX_SYSCALLS_H_ +diff --git a/src/3rdparty/chromium/sandbox/linux/system_headers/x86_32_linux_syscalls.h b/src/3rdparty/chromium/sandbox/linux/system_headers/x86_32_linux_syscalls.h +index a6afc62..7ed0a3b 100644 +--- a/src/3rdparty/chromium/sandbox/linux/system_headers/x86_32_linux_syscalls.h ++++ b/src/3rdparty/chromium/sandbox/linux/system_headers/x86_32_linux_syscalls.h +@@ -1422,5 +1422,9 @@ + #define __NR_memfd_create 356 + #endif + ++#if !defined(__NR_membarrier) ++#define __NR_membarrier 375 ++#endif ++ + #endif // SANDBOX_LINUX_SYSTEM_HEADERS_X86_32_LINUX_SYSCALLS_H_ + +diff --git a/src/3rdparty/chromium/sandbox/linux/system_headers/x86_64_linux_syscalls.h b/src/3rdparty/chromium/sandbox/linux/system_headers/x86_64_linux_syscalls.h +index 349504a..ea3c7c9 100644 +--- a/src/3rdparty/chromium/sandbox/linux/system_headers/x86_64_linux_syscalls.h ++++ b/src/3rdparty/chromium/sandbox/linux/system_headers/x86_64_linux_syscalls.h +@@ -1290,5 +1290,9 @@ + #define __NR_memfd_create 319 + #endif + ++#if !defined(__NR_membarrier) ++#define __NR_membarrier 324 ++#endif ++ + #endif // SANDBOX_LINUX_SYSTEM_HEADERS_X86_64_LINUX_SYSCALLS_H_ + |