summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--extra/qt5-webengine/PKGBUILD14
-rw-r--r--extra/qt5-webengine/qtwebengine-everywhere-src-5.15.2-glibc-2.33.patch81
2 files changed, 95 insertions, 0 deletions
diff --git a/extra/qt5-webengine/PKGBUILD b/extra/qt5-webengine/PKGBUILD
index 3a6bd03e..9da2d7d4 100644
--- a/extra/qt5-webengine/PKGBUILD
+++ b/extra/qt5-webengine/PKGBUILD
@@ -50,3 +50,17 @@ eval "$(
$ i cd "$srcdir/${_pkgfqn}"; patch -Np1 -i "${srcdir}"/qtwebengine-everywhere-src-5.15.0-sandbox-Aw-snap-for-syscalls-403-and-407.patch
'
)"
+
+# glibc 2.33, some more tim64-affected functions for seccomp (futex_time64,
+# pselect6_time64), also added missing network functions for __i386__ and missing statx
+# (see also FS32#162)
+source+=('qtwebengine-everywhere-src-5.15.2-glibc-2.33.patch')
+sha256sums+=('6504c3a3ea58f9e870ba2108c9000f9ca7fb3dfb52213d79aa946c94f886b63a')
+
+eval "$(
+ declare -f prepare | \
+ sed '
+ /patch.*qtwebengine-everywhere-src-5.15.0-sandbox-Aw-snap-for-syscalls-403-and-407/ a \
+ patch -Np1 -i "${srcdir}"/qtwebengine-everywhere-src-5.15.2-glibc-2.33.patch
+ '
+)"
diff --git a/extra/qt5-webengine/qtwebengine-everywhere-src-5.15.2-glibc-2.33.patch b/extra/qt5-webengine/qtwebengine-everywhere-src-5.15.2-glibc-2.33.patch
new file mode 100644
index 00000000..6ede875a
--- /dev/null
+++ b/extra/qt5-webengine/qtwebengine-everywhere-src-5.15.2-glibc-2.33.patch
@@ -0,0 +1,81 @@
+diff -rauN qtwebengine-everywhere-src-5.15.2/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc qtwebengine-everywhere-src-5.15.2-glibc-2.33-patch/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
+--- qtwebengine-everywhere-src-5.15.2/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc 2021-02-28 20:45:08.235833271 +0100
++++ qtwebengine-everywhere-src-5.15.2-glibc-2.33-patch/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc 2021-02-28 20:31:10.781033251 +0100
+@@ -189,7 +189,11 @@
+ }
+ #endif
+
+- if (sysno == __NR_futex)
++ if (sysno == __NR_futex
++#if defined(__NR_futex_time64)
++ || sysno == __NR_futex_time64
++#endif
++ )
+ return RestrictFutex();
+
+ if (sysno == __NR_set_robust_list)
+@@ -235,7 +239,7 @@
+ return RestrictPrctl();
+
+ #if defined(__x86_64__) || defined(__arm__) || defined(__mips__) || \
+- defined(__aarch64__)
++ defined(__aarch64__) || defined(__i386__)
+ if (sysno == __NR_socketpair) {
+ // Only allow AF_UNIX, PF_UNIX. Crash if anything else is seen.
+ static_assert(AF_UNIX == PF_UNIX,
+diff -rauN qtwebengine-everywhere-src-5.15.2/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc qtwebengine-everywhere-src-5.15.2-glibc-2.33-patch/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc
+--- qtwebengine-everywhere-src-5.15.2/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc 2021-02-28 20:45:08.269166536 +0100
++++ qtwebengine-everywhere-src-5.15.2-glibc-2.33-patch/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc 2021-02-28 20:31:19.874344479 +0100
+@@ -563,6 +563,9 @@
+ #endif
+ case __NR_ppoll:
+ case __NR_pselect6:
++#if defined(__i386)
++ case __NR_pselect6_time64:
++#endif
+ case __NR_read:
+ case __NR_readv:
+ case __NR_pread64:
+@@ -571,7 +574,7 @@
+ case __NR_recv:
+ #endif
+ #if defined(__x86_64__) || defined(__arm__) || defined(__mips__) || \
+- defined(__aarch64__)
++ defined(__aarch64__) || defined(__i386__)
+ case __NR_recvfrom: // Could specify source.
+ case __NR_recvmsg: // Could specify source.
+ #endif
+@@ -586,7 +589,7 @@
+ case __NR_send:
+ #endif
+ #if defined(__x86_64__) || defined(__arm__) || defined(__mips__) || \
+- defined(__aarch64__)
++ defined(__aarch64__) || defined(__i386__)
+ case __NR_sendmsg: // Could specify destination.
+ case __NR_sendto: // Could specify destination.
+ #endif
+diff -rauN qtwebengine-everywhere-src-5.15.2/src/3rdparty/chromium/sandbox/linux/system_headers/x86_32_linux_syscalls.h qtwebengine-everywhere-src-5.15.2-glibc-2.33-patch/src/3rdparty/chromium/sandbox/linux/system_headers/x86_32_linux_syscalls.h
+--- qtwebengine-everywhere-src-5.15.2/src/3rdparty/chromium/sandbox/linux/system_headers/x86_32_linux_syscalls.h 2020-11-07 02:22:36.000000000 +0100
++++ qtwebengine-everywhere-src-5.15.2-glibc-2.33-patch/src/3rdparty/chromium/sandbox/linux/system_headers/x86_32_linux_syscalls.h 2021-02-28 20:31:15.447688573 +0100
+@@ -446,6 +446,10 @@
+ #define __NR_fstat 108
+ #endif
+
++#if !defined(__NR_statx)
++#define __NR_stat 383
++#endif
++
+ #if !defined(__NR_olduname)
+ #define __NR_olduname 109
+ #endif
+@@ -966,6 +970,10 @@
+ #define __NR_futex 240
+ #endif
+
++#if !defined(__NR_futex_time64)
++#define __NR_futex_time64 422
++#endif
++
+ #if !defined(__NR_sched_setaffinity)
+ #define __NR_sched_setaffinity 241
+ #endif