blob: c44d9ea48e46640b800c339b8c55ef63acebd623 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
diff --git a/security/sandbox/chromium/sandbox/linux/seccomp-bpf/trap.cc b/security/sandbox/chromium/sandbox/linux/seccomp-bpf/trap.cc
index 003708d2c..79488795d 100644
--- a/security/sandbox/chromium/sandbox/linux/seccomp-bpf/trap.cc
+++ b/security/sandbox/chromium/sandbox/linux/seccomp-bpf/trap.cc
@@ -25,6 +25,11 @@
#include "sandbox/linux/system_headers/linux_seccomp.h"
#include "sandbox/linux/system_headers/linux_signal.h"
+// musl libc defines siginfo_t __si_fields instead of _sifields
+#if defined(OS_LINUX) && !defined(__GLIBC__)
+#define _sifields __si_fields
+#endif
+
namespace {
struct arch_sigsys {
diff --git a/security/sandbox/linux/SandboxFilter.cpp b/security/sandbox/linux/SandboxFilter.cpp
index 0f59f2a87..5c07dbb31 100644
--- a/security/sandbox/linux/SandboxFilter.cpp
+++ b/security/sandbox/linux/SandboxFilter.cpp
@@ -989,6 +989,7 @@ class ContentSandboxPolicy : public SandboxPolicyCommon {
// ffmpeg, and anything else that calls isatty(), will be told
// that nothing is a typewriter:
.ElseIf(request == TCGETS, Error(ENOTTY))
+ .ElseIf(request == TIOCGWINSZ, Error(ENOTTY))
// Allow anything that isn't a tty ioctl, for now; bug 1302711
// will cover changing this to a default-deny policy.
.ElseIf(shifted_type != kTtyIoctls, Allow())
|
