[packages/firefox] - added time64 patch (add time64 syscall variants in seccomp filters)

qboosh qboosh at pld-linux.org
Mon Oct 5 17:06:34 CEST 2020 

commit 3aa7732ffbfab781f627f5ff997d85cddc2d1379
Author: Jakub Bogusz <qboosh at pld-linux.org>
Date:   Mon Oct 5 17:09:34 2020 +0200

    - added time64 patch (add time64 syscall variants in seccomp filters)

 firefox-time64.patch | 46 ++++++++++++++++++++++++++++++++++++++++++++++
 firefox.spec         |  3 ++-
 2 files changed, 48 insertions(+), 1 deletion(-)
---
diff --git a/firefox.spec b/firefox.spec
index e53c12a..5016645 100644
--- a/firefox.spec
+++ b/firefox.spec
@@ -249,7 +249,7 @@ Source194:	http://releases.mozilla.org/pub/firefox/releases/%{version}/linux-i68
 # Source194-md5:	ee79c5c8a4cfbde96d2869a783eb130d
 Source195:	http://releases.mozilla.org/pub/firefox/releases/%{version}/linux-i686/xpi/zh-TW.xpi
 # Source195-md5:	2c8465e58832bd0eea59d13e36d09e7f
-
+Patch0:		%{name}-time64.patch
 Patch4:		%{name}-prefs.patch
 Patch5:		%{name}-pld-bookmarks.patch
 Patch6:		%{name}-no-subshell.patch
@@ -2072,6 +2072,7 @@ unpack() {
 %define __unzip unpack
 %setup -q %(seq -f '-a %g' 100 195 | xargs)
 
+%patch0 -p1
 %patch4 -p1
 %patch5 -p1
 %patch6 -p2
diff --git a/firefox-time64.patch b/firefox-time64.patch
new file mode 100644
index 0000000..9bdd6a6
--- /dev/null
+++ b/firefox-time64.patch
@@ -0,0 +1,46 @@
+--- firefox-81.0.1/security/sandbox/linux/SandboxFilter.cpp.orig	2020-09-30 19:41:50.000000000 +0200
++++ firefox-81.0.1/security/sandbox/linux/SandboxFilter.cpp	2020-10-04 20:11:32.552050641 +0200
+@@ -479,7 +479,13 @@
+ 
+     switch (sysno) {
+         // Timekeeping
++#ifdef __NR_clock_nanosleep_time64
++      case __NR_clock_nanosleep_time64:
++#endif
+       case __NR_clock_nanosleep:
++#ifdef __NR_clock_nanosleep_time64
++      case __NR_clock_getres_time64:
++#endif
+       case __NR_clock_getres:
+ #ifdef __NR_clock_gettime64
+       case __NR_clock_gettime64:
+@@ -513,6 +519,9 @@
+         return Allow();
+ 
+         // Thread synchronization
++#ifdef __NR_futex_time64
++      case __NR_futex_time64:
++#endif
+       case __NR_futex:
+         // FIXME: This could be more restrictive....
+         return Allow();
+@@ -523,6 +532,9 @@
+       case __NR_epoll_wait:
+       case __NR_epoll_pwait:
+       case __NR_epoll_ctl:
++#ifdef __NR_ppoll_time64
++      case __NR_ppoll_time64:
++#endif
+       case __NR_ppoll:
+       case __NR_poll:
+         return Allow();
+@@ -1095,6 +1107,9 @@
+ #endif
+ 
+       CASES_FOR_select:
++#ifdef __NR_pselect6_time64
++      case __NR_pselect6_time64:
++#endif
+       case __NR_pselect6:
+         return Allow();
+ 
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/firefox.git/commitdiff/3aa7732ffbfab781f627f5ff997d85cddc2d1379

More information about the pld-cvs-commit mailing list