rpms
/
chromium
20
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

allow clock_nanosleep through seccomp (bz #1773289)

Browse Source
epel8
Tom Callaway 5 years ago
parent 978a69928b
commit 0dd9dad819
2 changed files with 25 additions and 1 deletions
Show Stats Download Patch File Download Diff File

17
chromium-78.0.3904.97-glibc-clock-nanosleep.patch
Unescape View File

@ -0,0 +1,17 @@
diff -up chromium-78.0.3904.97/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc.glibc-clock-nanosleep chromium-78.0.3904.97/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc
--- chromium-78.0.3904.97/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc.glibc-clock-nanosleep 2019-11-17 16:48:03.463997928 -0500
+++ chromium-78.0.3904.97/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc 2019-11-17 16:48:37.057222139 -0500
@@ -32,12 +32,12 @@ bool SyscallSets::IsAllowedGettime(int s
(defined(ARCH_CPU_MIPS_FAMILY) && defined(ARCH_CPU_32_BITS))
case __NR_time:
#endif
+ case __NR_clock_nanosleep:
return true;
case __NR_adjtimex: // Privileged.
case __NR_clock_adjtime: // Privileged.
case __NR_clock_getres: // Could be allowed.
case __NR_clock_gettime:
- case __NR_clock_nanosleep: // Could be allowed.
case __NR_clock_settime: // Privileged.
#if defined(__i386__) || \
(defined(ARCH_CPU_MIPS_FAMILY) && defined(ARCH_CPU_32_BITS))

9
chromium.spec
Unescape View File

@ -168,7 +168,7 @@ Name: chromium%{chromium_channel}%{nsuffix}
Name: chromium%{chromium_channel} Name: chromium%{chromium_channel}
%endif %endif
Version: %{majorversion}.0.3904.97 Version: %{majorversion}.0.3904.97
Release: 1%{?dist} Release: 2%{?dist}
%if %{?freeworld} %if %{?freeworld}
%if %{?shared} %if %{?shared}
# chromium-libs-media-freeworld # chromium-libs-media-freeworld
@ -255,6 +255,9 @@ Patch67: chromium-78.0.3904.70-v8-tracedreference-fix.patch
Patch68: v8-implement-tracedreference.patch Patch68: v8-implement-tracedreference.patch
# https://gitweb.gentoo.org/repo/gentoo.git/plain/www-client/chromium/files/chromium-77-clang.patch # https://gitweb.gentoo.org/repo/gentoo.git/plain/www-client/chromium/files/chromium-77-clang.patch
Patch69: chromium-77-clang.patch Patch69: chromium-77-clang.patch
# Needs upstreaming
Patch70: chromium-78.0.3904.97-glibc-clock-nanosleep.patch
# Use lstdc++ on EPEL7 only # Use lstdc++ on EPEL7 only
Patch101: chromium-75.0.3770.100-epel7-stdc++.patch Patch101: chromium-75.0.3770.100-epel7-stdc++.patch
@ -806,6 +809,7 @@ udev.
%patch67 -p1 -b .implement-TraceWrapperV8Reference-without-destructor %patch67 -p1 -b .implement-TraceWrapperV8Reference-without-destructor
%patch68 -p1 -b .v8-implement-tracedreference %patch68 -p1 -b .v8-implement-tracedreference
%patch69 -p1 -b .clang-supports-location-builtins %patch69 -p1 -b .clang-supports-location-builtins
%patch70 -p1 -b .glibc-clock-nanosleep
# Fedora branded user agent # Fedora branded user agent
%if 0%{?fedora} %if 0%{?fedora}
@ -1726,6 +1730,9 @@ getent group chrome-remote-desktop >/dev/null || groupadd -r chrome-remote-deskt
%changelog %changelog
* Sun Nov 17 2019 Tom Callaway <spot@fedoraproject.org> - 78.0.3904.97-2
- allow clock_nanosleep through seccomp (bz #1773289)
* Thu Nov 7 2019 Tom Callaway <spot@fedoraproject.org> - 78.0.3904.97-1 * Thu Nov 7 2019 Tom Callaway <spot@fedoraproject.org> - 78.0.3904.97-1
- update to 78.0.3904.97 - update to 78.0.3904.97

Write Preview
Loading…
Cancel
Save