index : packages | |
Archlinux32 package modifications | gitolite user |
summaryrefslogtreecommitdiff |
author | Andreas Baumann <mail@andreasbaumann.cc> | 2021-02-28 20:48:17 +0100 |
---|---|---|
committer | Andreas Baumann <mail@andreasbaumann.cc> | 2021-02-28 20:48:17 +0100 |
commit | 0d971c0526a1363df78cd09154b946985b726bc1 (patch) | |
tree | 7b1907e4a062ffcac57076b66edbe69b201ce52b | |
parent | e3e2f047a01d9570a549fab717d65953bbc67b75 (diff) |
-rw-r--r-- | extra/qt5-webengine/PKGBUILD | 14 | ||||
-rw-r--r-- | extra/qt5-webengine/qtwebengine-everywhere-src-5.15.2-glibc-2.33.patch | 81 |
diff --git a/extra/qt5-webengine/PKGBUILD b/extra/qt5-webengine/PKGBUILD index 3a6bd03e..9da2d7d4 100644 --- a/extra/qt5-webengine/PKGBUILD +++ b/extra/qt5-webengine/PKGBUILD @@ -50,3 +50,17 @@ eval "$( $ i cd "$srcdir/${_pkgfqn}"; patch -Np1 -i "${srcdir}"/qtwebengine-everywhere-src-5.15.0-sandbox-Aw-snap-for-syscalls-403-and-407.patch ' )" + +# glibc 2.33, some more tim64-affected functions for seccomp (futex_time64, +# pselect6_time64), also added missing network functions for __i386__ and missing statx +# (see also FS32#162) +source+=('qtwebengine-everywhere-src-5.15.2-glibc-2.33.patch') +sha256sums+=('6504c3a3ea58f9e870ba2108c9000f9ca7fb3dfb52213d79aa946c94f886b63a') + +eval "$( + declare -f prepare | \ + sed ' + /patch.*qtwebengine-everywhere-src-5.15.0-sandbox-Aw-snap-for-syscalls-403-and-407/ a \ + patch -Np1 -i "${srcdir}"/qtwebengine-everywhere-src-5.15.2-glibc-2.33.patch + ' +)" diff --git a/extra/qt5-webengine/qtwebengine-everywhere-src-5.15.2-glibc-2.33.patch b/extra/qt5-webengine/qtwebengine-everywhere-src-5.15.2-glibc-2.33.patch new file mode 100644 index 00000000..6ede875a --- /dev/null +++ b/extra/qt5-webengine/qtwebengine-everywhere-src-5.15.2-glibc-2.33.patch @@ -0,0 +1,81 @@ +diff -rauN qtwebengine-everywhere-src-5.15.2/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc qtwebengine-everywhere-src-5.15.2-glibc-2.33-patch/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc +--- qtwebengine-everywhere-src-5.15.2/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc 2021-02-28 20:45:08.235833271 +0100 ++++ qtwebengine-everywhere-src-5.15.2-glibc-2.33-patch/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc 2021-02-28 20:31:10.781033251 +0100 +@@ -189,7 +189,11 @@ + } + #endif + +- if (sysno == __NR_futex) ++ if (sysno == __NR_futex ++#if defined(__NR_futex_time64) ++ || sysno == __NR_futex_time64 ++#endif ++ ) + return RestrictFutex(); + + if (sysno == __NR_set_robust_list) +@@ -235,7 +239,7 @@ + return RestrictPrctl(); + + #if defined(__x86_64__) || defined(__arm__) || defined(__mips__) || \ +- defined(__aarch64__) ++ defined(__aarch64__) || defined(__i386__) + if (sysno == __NR_socketpair) { + // Only allow AF_UNIX, PF_UNIX. Crash if anything else is seen. + static_assert(AF_UNIX == PF_UNIX, +diff -rauN qtwebengine-everywhere-src-5.15.2/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc qtwebengine-everywhere-src-5.15.2-glibc-2.33-patch/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc +--- qtwebengine-everywhere-src-5.15.2/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc 2021-02-28 20:45:08.269166536 +0100 ++++ qtwebengine-everywhere-src-5.15.2-glibc-2.33-patch/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc 2021-02-28 20:31:19.874344479 +0100 +@@ -563,6 +563,9 @@ + #endif + case __NR_ppoll: + case __NR_pselect6: ++#if defined(__i386) ++ case __NR_pselect6_time64: ++#endif + case __NR_read: + case __NR_readv: + case __NR_pread64: +@@ -571,7 +574,7 @@ + case __NR_recv: + #endif + #if defined(__x86_64__) || defined(__arm__) || defined(__mips__) || \ +- defined(__aarch64__) ++ defined(__aarch64__) || defined(__i386__) + case __NR_recvfrom: // Could specify source. + case __NR_recvmsg: // Could specify source. + #endif +@@ -586,7 +589,7 @@ + case __NR_send: + #endif + #if defined(__x86_64__) || defined(__arm__) || defined(__mips__) || \ +- defined(__aarch64__) ++ defined(__aarch64__) || defined(__i386__) + case __NR_sendmsg: // Could specify destination. + case __NR_sendto: // Could specify destination. + #endif +diff -rauN qtwebengine-everywhere-src-5.15.2/src/3rdparty/chromium/sandbox/linux/system_headers/x86_32_linux_syscalls.h qtwebengine-everywhere-src-5.15.2-glibc-2.33-patch/src/3rdparty/chromium/sandbox/linux/system_headers/x86_32_linux_syscalls.h +--- qtwebengine-everywhere-src-5.15.2/src/3rdparty/chromium/sandbox/linux/system_headers/x86_32_linux_syscalls.h 2020-11-07 02:22:36.000000000 +0100 ++++ qtwebengine-everywhere-src-5.15.2-glibc-2.33-patch/src/3rdparty/chromium/sandbox/linux/system_headers/x86_32_linux_syscalls.h 2021-02-28 20:31:15.447688573 +0100 +@@ -446,6 +446,10 @@ + #define __NR_fstat 108 + #endif + ++#if !defined(__NR_statx) ++#define __NR_stat 383 ++#endif ++ + #if !defined(__NR_olduname) + #define __NR_olduname 109 + #endif +@@ -966,6 +970,10 @@ + #define __NR_futex 240 + #endif + ++#if !defined(__NR_futex_time64) ++#define __NR_futex_time64 422 ++#endif ++ + #if !defined(__NR_sched_setaffinity) + #define __NR_sched_setaffinity 241 + #endif |