summaryrefslogtreecommitdiff
path: root/user
diff options
context:
space:
mode:
authorMax Rees <maxcrees@me.com>2020-04-19 00:42:37 -0500
committerMax Rees <maxcrees@me.com>2020-04-19 00:42:37 -0500
commit12232c95aa083ff2f7b4d8eb85f8e921775b6402 (patch)
treee2bcb71d9485f0492e8e04df55b3d945f03496c1 /user
parent1a6055b6ee2e394377aeb9b28c5adc2ec79a8e35 (diff)
downloadpackages-12232c95aa083ff2f7b4d8eb85f8e921775b6402.tar.gz
packages-12232c95aa083ff2f7b4d8eb85f8e921775b6402.tar.bz2
packages-12232c95aa083ff2f7b4d8eb85f8e921775b6402.tar.xz
packages-12232c95aa083ff2f7b4d8eb85f8e921775b6402.zip
user/firefox-esr: allow membarrier(2) in content process sandbox (#261)
Diffstat (limited to 'user')
-rw-r--r--user/firefox-esr/APKBUILD4
-rw-r--r--user/firefox-esr/seccomp-membarrier.patch12
2 files changed, 15 insertions, 1 deletions
diff --git a/user/firefox-esr/APKBUILD b/user/firefox-esr/APKBUILD
index a04dacd5f..8dfad228a 100644
--- a/user/firefox-esr/APKBUILD
+++ b/user/firefox-esr/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: A. Wilcox <awilfox@adelielinux.org>
pkgname=firefox-esr
pkgver=68.7.0
-pkgrel=0
+pkgrel=1
pkgdesc="Firefox web browser (extended support release)"
url="https://www.mozilla.org/firefox/"
arch="all"
@@ -42,6 +42,7 @@ source="https://ftp.mozilla.org/pub/firefox/releases/$_ffxver/source/firefox-$_f
ppc32-fix.patch
rust-32bit.patch
rust-config.patch
+ seccomp-membarrier.patch
shut-up-warning.patch
skia-sucks1.patch
skia-sucks2.patch
@@ -247,6 +248,7 @@ e61664bc93eadce5016a06a4d0684b34a05074f1815e88ef2613380d7b369c6fd305fb34f83b5eb1
06a3f4ee6d3726adf3460952fcbaaf24bb15ef8d15b3357fdd1766c7a62b00bd53a1e943b5df7f4e1a69f4fae0d44b64fae1e027d7812499c77894975969ea10 ppc32-fix.patch
7c615703dc9b8427eeadd13bc9beda02e1c3d986cac1167feaf48fdfdcc15b7456460d4d58f301054cf459242ee75bbcd76bf67e26c2a443bc5655975d24ca1b rust-32bit.patch
45613d476e85fe333ef8091acce4806803953c1a99de4f03ff577cf20c5a1a3d635d0589e1490da104ef80721f4f1b1d35045af3c6892c1a468fa84095f27ad8 rust-config.patch
+36369f2e237e894b2f9e70ffa0579bb3cddf1efa638a36b3469e9f529c28d7b72611fa426c5534d93094a8deb1376f43f6661447072dc6dfc6191ca5eebd4604 seccomp-membarrier.patch
39ddb15d1453a8412275c36fc8db3befc69dffd4a362e932d280fb7fd1190db595a2af9b468ee49e0714f5e9df6e48eb5794122a64fa9f30d689de8693acbb15 shut-up-warning.patch
e751ffab263f03d4c74feebc617e3af115b1b53cf54fe16c3acc585eec67773f37aa8de4c19599fa6478179b01439025112ef2b759aa9923c9900e7081cb65a9 skia-sucks1.patch
9152bd3e6dc446337e6a2ed602279c620aedecc796ba28e777854c4f41fcf3067f9ebd086a4b63a6b76c2e69ec599ac6435b8eeda4f7488b1c45f69113facba4 skia-sucks2.patch
diff --git a/user/firefox-esr/seccomp-membarrier.patch b/user/firefox-esr/seccomp-membarrier.patch
new file mode 100644
index 000000000..be1744113
--- /dev/null
+++ b/user/firefox-esr/seccomp-membarrier.patch
@@ -0,0 +1,12 @@
+musl ldso issues a membarrier when setting up TLS
+
+--- firefox-68.7.0/security/sandbox/linux/SandboxFilter.cpp 2020-04-03 19:30:03.000000000 +0000
++++ firefox-68.7.0/security/sandbox/linux/SandboxFilter.cpp 2020-04-19 04:59:30.280000000 +0000
+@@ -529,6 +529,7 @@ class SandboxPolicyCommon : public Sandb
+
+ // ipc::Shmem; also, glibc when creating threads:
+ case __NR_mprotect:
++ case __NR_membarrier:
+ return Allow();
+
+ // madvise hints used by malloc; see bug 1303813 and bug 1364533