summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorA. Wilcox <awilcox@wilcox-tech.com>2020-05-05 03:25:00 +0000
committerA. Wilcox <awilcox@wilcox-tech.com>2020-05-05 03:25:00 +0000
commit9680fd28fc8dd8ff8abcb504a0f820ad655d5dfb (patch)
tree4839cecbf4b82a8d2ae03b343eda0f5f461fcdf3
parenta2fa7dc1a27961d625ed32d3187599a248a3089a (diff)
parent12232c95aa083ff2f7b4d8eb85f8e921775b6402 (diff)
downloadpackages-9680fd28fc8dd8ff8abcb504a0f820ad655d5dfb.tar.gz
packages-9680fd28fc8dd8ff8abcb504a0f820ad655d5dfb.tar.bz2
packages-9680fd28fc8dd8ff8abcb504a0f820ad655d5dfb.tar.xz
packages-9680fd28fc8dd8ff8abcb504a0f820ad655d5dfb.zip
Merge branch 'fix/ff-seccomp' into 'master'
user/firefox-esr: allow membarrier(2) in content process sandbox (#261) See merge request adelie/packages!440
-rw-r--r--user/firefox-esr/APKBUILD4
-rw-r--r--user/firefox-esr/seccomp-membarrier.patch12
2 files changed, 15 insertions, 1 deletions
diff --git a/user/firefox-esr/APKBUILD b/user/firefox-esr/APKBUILD
index a04dacd5f..8dfad228a 100644
--- a/user/firefox-esr/APKBUILD
+++ b/user/firefox-esr/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: A. Wilcox <awilfox@adelielinux.org>
pkgname=firefox-esr
pkgver=68.7.0
-pkgrel=0
+pkgrel=1
pkgdesc="Firefox web browser (extended support release)"
url="https://www.mozilla.org/firefox/"
arch="all"
@@ -42,6 +42,7 @@ source="https://ftp.mozilla.org/pub/firefox/releases/$_ffxver/source/firefox-$_f
ppc32-fix.patch
rust-32bit.patch
rust-config.patch
+ seccomp-membarrier.patch
shut-up-warning.patch
skia-sucks1.patch
skia-sucks2.patch
@@ -247,6 +248,7 @@ e61664bc93eadce5016a06a4d0684b34a05074f1815e88ef2613380d7b369c6fd305fb34f83b5eb1
06a3f4ee6d3726adf3460952fcbaaf24bb15ef8d15b3357fdd1766c7a62b00bd53a1e943b5df7f4e1a69f4fae0d44b64fae1e027d7812499c77894975969ea10 ppc32-fix.patch
7c615703dc9b8427eeadd13bc9beda02e1c3d986cac1167feaf48fdfdcc15b7456460d4d58f301054cf459242ee75bbcd76bf67e26c2a443bc5655975d24ca1b rust-32bit.patch
45613d476e85fe333ef8091acce4806803953c1a99de4f03ff577cf20c5a1a3d635d0589e1490da104ef80721f4f1b1d35045af3c6892c1a468fa84095f27ad8 rust-config.patch
+36369f2e237e894b2f9e70ffa0579bb3cddf1efa638a36b3469e9f529c28d7b72611fa426c5534d93094a8deb1376f43f6661447072dc6dfc6191ca5eebd4604 seccomp-membarrier.patch
39ddb15d1453a8412275c36fc8db3befc69dffd4a362e932d280fb7fd1190db595a2af9b468ee49e0714f5e9df6e48eb5794122a64fa9f30d689de8693acbb15 shut-up-warning.patch
e751ffab263f03d4c74feebc617e3af115b1b53cf54fe16c3acc585eec67773f37aa8de4c19599fa6478179b01439025112ef2b759aa9923c9900e7081cb65a9 skia-sucks1.patch
9152bd3e6dc446337e6a2ed602279c620aedecc796ba28e777854c4f41fcf3067f9ebd086a4b63a6b76c2e69ec599ac6435b8eeda4f7488b1c45f69113facba4 skia-sucks2.patch
diff --git a/user/firefox-esr/seccomp-membarrier.patch b/user/firefox-esr/seccomp-membarrier.patch
new file mode 100644
index 000000000..be1744113
--- /dev/null
+++ b/user/firefox-esr/seccomp-membarrier.patch
@@ -0,0 +1,12 @@
+musl ldso issues a membarrier when setting up TLS
+
+--- firefox-68.7.0/security/sandbox/linux/SandboxFilter.cpp 2020-04-03 19:30:03.000000000 +0000
++++ firefox-68.7.0/security/sandbox/linux/SandboxFilter.cpp 2020-04-19 04:59:30.280000000 +0000
+@@ -529,6 +529,7 @@ class SandboxPolicyCommon : public Sandb
+
+ // ipc::Shmem; also, glibc when creating threads:
+ case __NR_mprotect:
++ case __NR_membarrier:
+ return Allow();
+
+ // madvise hints used by malloc; see bug 1303813 and bug 1364533