1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
|
diff -rauN qtwebengine-everywhere-src-5.15.2/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc qtwebengine-everywhere-src-5.15.2-glibc-2.33-patch/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
--- qtwebengine-everywhere-src-5.15.2/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc 2021-02-28 20:45:08.235833271 +0100
+++ qtwebengine-everywhere-src-5.15.2-glibc-2.33-patch/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc 2021-02-28 20:31:10.781033251 +0100
@@ -189,7 +189,11 @@
}
#endif
- if (sysno == __NR_futex)
+ if (sysno == __NR_futex
+#if defined(__NR_futex_time64)
+ || sysno == __NR_futex_time64
+#endif
+ )
return RestrictFutex();
if (sysno == __NR_set_robust_list)
@@ -235,7 +239,7 @@
return RestrictPrctl();
#if defined(__x86_64__) || defined(__arm__) || defined(__mips__) || \
- defined(__aarch64__)
+ defined(__aarch64__) || defined(__i386__)
if (sysno == __NR_socketpair) {
// Only allow AF_UNIX, PF_UNIX. Crash if anything else is seen.
static_assert(AF_UNIX == PF_UNIX,
diff -rauN qtwebengine-everywhere-src-5.15.2/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc qtwebengine-everywhere-src-5.15.2-glibc-2.33-patch/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc
--- qtwebengine-everywhere-src-5.15.2/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc 2021-02-28 20:45:08.269166536 +0100
+++ qtwebengine-everywhere-src-5.15.2-glibc-2.33-patch/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc 2021-02-28 20:31:19.874344479 +0100
@@ -563,6 +563,9 @@
#endif
case __NR_ppoll:
case __NR_pselect6:
+#if defined(__i386__)
+ case __NR_pselect6_time64:
+#endif
case __NR_read:
case __NR_readv:
case __NR_pread64:
@@ -571,7 +574,7 @@
case __NR_recv:
#endif
#if defined(__x86_64__) || defined(__arm__) || defined(__mips__) || \
- defined(__aarch64__)
+ defined(__aarch64__) || defined(__i386__)
case __NR_recvfrom: // Could specify source.
case __NR_recvmsg: // Could specify source.
#endif
@@ -586,7 +589,7 @@
case __NR_send:
#endif
#if defined(__x86_64__) || defined(__arm__) || defined(__mips__) || \
- defined(__aarch64__)
+ defined(__aarch64__) || defined(__i386__)
case __NR_sendmsg: // Could specify destination.
case __NR_sendto: // Could specify destination.
#endif
diff -rauN qtwebengine-everywhere-src-5.15.2/src/3rdparty/chromium/sandbox/linux/system_headers/x86_32_linux_syscalls.h qtwebengine-everywhere-src-5.15.2-glibc-2.33-patch/src/3rdparty/chromium/sandbox/linux/system_headers/x86_32_linux_syscalls.h
--- qtwebengine-everywhere-src-5.15.2/src/3rdparty/chromium/sandbox/linux/system_headers/x86_32_linux_syscalls.h 2020-11-07 02:22:36.000000000 +0100
+++ qtwebengine-everywhere-src-5.15.2-glibc-2.33-patch/src/3rdparty/chromium/sandbox/linux/system_headers/x86_32_linux_syscalls.h 2021-02-28 20:31:15.447688573 +0100
@@ -446,6 +446,10 @@
#define __NR_fstat 108
#endif
+#if !defined(__NR_statx)
+#define __NR_statx 383
+#endif
+
#if !defined(__NR_olduname)
#define __NR_olduname 109
#endif
@@ -966,6 +970,10 @@
#define __NR_futex 240
#endif
+#if !defined(__NR_futex_time64)
+#define __NR_futex_time64 422
+#endif
+
#if !defined(__NR_sched_setaffinity)
#define __NR_sched_setaffinity 241
#endif
|