|
|
|
|
@ -82,3 +82,32 @@ diff -up chromium-90.0.4430.85/sandbox/policy/linux/bpf_gpu_policy_linux.cc.epel
|
|
|
|
|
using sandbox::bpf_dsl::Allow;
|
|
|
|
|
using sandbox::bpf_dsl::Arg;
|
|
|
|
|
using sandbox::bpf_dsl::Error;
|
|
|
|
|
diff -up chromium-90.0.4430.93/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc.epel7-kcmp chromium-90.0.4430.93/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc
|
|
|
|
|
--- chromium-90.0.4430.93/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc.epel7-kcmp 2021-04-27 16:08:22.416365113 -0400
|
|
|
|
|
+++ chromium-90.0.4430.93/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc 2021-04-27 16:08:43.571725851 -0400
|
|
|
|
|
@@ -57,6 +57,25 @@
|
|
|
|
|
|
|
|
|
|
#endif // defined(OS_ANDROID)
|
|
|
|
|
|
|
|
|
|
+#ifndef F_LINUX_SPECIFIC_BASE
|
|
|
|
|
+#define F_LINUX_SPECIFIC_BASE 1024
|
|
|
|
|
+#endif
|
|
|
|
|
+#ifndef F_SEAL_SEAL
|
|
|
|
|
+#define F_SEAL_SEAL 0x0001
|
|
|
|
|
+#endif
|
|
|
|
|
+#ifndef F_SEAL_SHRINK
|
|
|
|
|
+#define F_SEAL_SHRINK 0x0002
|
|
|
|
|
+#endif
|
|
|
|
|
+#ifndef F_SEAL_GROW
|
|
|
|
|
+#define F_SEAL_GROW 0x0004
|
|
|
|
|
+#endif
|
|
|
|
|
+#ifndef F_ADD_SEALS
|
|
|
|
|
+#define F_ADD_SEALS (F_LINUX_SPECIFIC_BASE + 9)
|
|
|
|
|
+#endif
|
|
|
|
|
+#ifndef F_GET_SEALS
|
|
|
|
|
+#define F_GET_SEALS (F_LINUX_SPECIFIC_BASE + 10)
|
|
|
|
|
+#endif
|
|
|
|
|
+
|
|
|
|
|
#if defined(__arm__) && !defined(MAP_STACK)
|
|
|
|
|
#define MAP_STACK 0x20000 // Daisy build environment has old headers.
|
|
|
|
|
#endif
|
|
|
|
|
|
Tom spot Callaway
4 years ago