From bdfccdc67a46fe67c63a434e9b119b14e01627ce Mon Sep 17 00:00:00 2001 From: Juan RP Date: Wed, 6 Apr 2016 08:15:06 +0200 Subject: [PATCH] chromium: add musl patches from Alpine; this now works correctly. --- .../files/musl-patches/musl-fixes.patch | 29 ++++---- .../files/musl-patches/musl-sandbox.patch | 66 +++++++++++++++++++ srcpkgs/chromium/template | 2 +- 3 files changed, 81 insertions(+), 16 deletions(-) create mode 100644 srcpkgs/chromium/files/musl-patches/musl-sandbox.patch diff --git a/srcpkgs/chromium/files/musl-patches/musl-fixes.patch b/srcpkgs/chromium/files/musl-patches/musl-fixes.patch index ebbac8f34ef..1410502b3bd 100644 --- a/srcpkgs/chromium/files/musl-patches/musl-fixes.patch +++ b/srcpkgs/chromium/files/musl-patches/musl-fixes.patch @@ -94,6 +94,17 @@ // This adjusts /proc/process/oom_score_adj so the Linux OOM killer // will prefer certain process types over others. The range for the // adjustment is [-1000, 1000], with [0, 1000] being user accessible. +--- ./sandbox/linux/seccomp-bpf/trap.cc.orig ++++ ./sandbox/linux/seccomp-bpf/trap.cc +@@ -156,7 +156,7 @@ + // most versions of glibc don't include this information in siginfo_t. So, + // we need to explicitly copy it into a arch_sigsys structure. + struct arch_sigsys sigsys; +- memcpy(&sigsys, &info->_sifields, sizeof(sigsys)); ++ memcpy(&sigsys, &info->__si_fields, sizeof(sigsys)); + + #if defined(__mips__) + // When indirect syscall (syscall(__NR_foo, ...)) is made on Mips, the --- ./net/dns/dns_config_service_posix.cc.orig +++ ./net/dns/dns_config_service_posix.cc @@ -116,7 +116,7 @@ @@ -195,21 +206,9 @@ #include "base/posix/eintr_wrapper.h" ---- sandbox/linux/seccomp-bpf/trap.cc.orig 2015-12-04 15:29:27.234784177 +0100 -+++ sandbox/linux/seccomp-bpf/trap.cc 2015-12-04 15:30:39.449405781 +0100 -@@ -165,7 +165,9 @@ void Trap::SigSys(int nr, LinuxSigInfo* - // most versions of glibc don't include this information in siginfo_t. So, - // we need to explicitly copy it into a arch_sigsys structure. - struct arch_sigsys sigsys; -+#if defined(__native_client_nonsfi__) - memcpy(&sigsys, &info->_sifields, sizeof(sigsys)); -+#endif - - #if defined(__mips__) - // When indirect syscall (syscall(__NR_foo, ...)) is made on Mips, the ---- base/logging.cc.orig 2015-12-05 09:56:03.395917935 +0100 -+++ base/logging.cc 2015-12-05 09:56:48.339334134 +0100 -@@ -494,7 +494,7 @@ LogMessage::LogMessage(const char* file, +--- ./base/logging.cc.orig ++++ ./base/logging.cc +@@ -494,7 +494,7 @@ } LogMessage::~LogMessage() { diff --git a/srcpkgs/chromium/files/musl-patches/musl-sandbox.patch b/srcpkgs/chromium/files/musl-patches/musl-sandbox.patch new file mode 100644 index 00000000000..9a6cad4f0fd --- /dev/null +++ b/srcpkgs/chromium/files/musl-patches/musl-sandbox.patch @@ -0,0 +1,66 @@ +--- ./sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc ++++ ./sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc +@@ -114,23 +114,13 @@ + // CLONE_VM, nor CLONE_THREAD, which includes all fork() implementations. + ResultExpr RestrictCloneToThreadsAndEPERMFork() { + const Arg flags(0); ++ const int required = CLONE_VM | CLONE_FS | CLONE_FILES | CLONE_SIGHAND | ++ CLONE_THREAD | CLONE_SYSVSEM; ++ const int safe = CLONE_SETTLS | CLONE_PARENT_SETTID | CLONE_CHILD_CLEARTID | ++ CLONE_DETACHED; ++ const BoolExpr thread_clone_ok = (flags&~safe)==required; + +- // TODO(mdempsky): Extend DSL to support (flags & ~mask1) == mask2. +- const uint64_t kAndroidCloneMask = CLONE_VM | CLONE_FS | CLONE_FILES | +- CLONE_SIGHAND | CLONE_THREAD | +- CLONE_SYSVSEM; +- const uint64_t kObsoleteAndroidCloneMask = kAndroidCloneMask | CLONE_DETACHED; +- +- const uint64_t kGlibcPthreadFlags = +- CLONE_VM | CLONE_FS | CLONE_FILES | CLONE_SIGHAND | CLONE_THREAD | +- CLONE_SYSVSEM | CLONE_SETTLS | CLONE_PARENT_SETTID | CLONE_CHILD_CLEARTID; +- const BoolExpr glibc_test = flags == kGlibcPthreadFlags; +- +- const BoolExpr android_test = +- AnyOf(flags == kAndroidCloneMask, flags == kObsoleteAndroidCloneMask, +- flags == kGlibcPthreadFlags); +- +- return If(IsAndroid() ? android_test : glibc_test, Allow()) ++ return If(thread_clone_ok, Allow()) + .ElseIf((flags & (CLONE_VM | CLONE_THREAD)) == 0, Error(EPERM)) + .Else(CrashSIGSYSClone()); + } +--- ./sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc.orig ++++ ./sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc +@@ -416,12 +416,12 @@ + #endif + case __NR_epoll_create1: + case __NR_epoll_ctl: ++ case __NR_epoll_pwait: + return true; + default: + #if defined(__x86_64__) + case __NR_epoll_ctl_old: + #endif +- case __NR_epoll_pwait: + #if defined(__x86_64__) + case __NR_epoll_wait_old: + #endif +--- ./sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc.orig ++++ ./sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc +@@ -494,6 +494,7 @@ + case __NR_mlock: + case __NR_munlock: + case __NR_munmap: ++ case __NR_mremap: + return true; + case __NR_madvise: + case __NR_mincore: +@@ -509,7 +510,6 @@ + case __NR_modify_ldt: + #endif + case __NR_mprotect: +- case __NR_mremap: + case __NR_msync: + case __NR_munlockall: + case __NR_readahead: diff --git a/srcpkgs/chromium/template b/srcpkgs/chromium/template index 6de97a5ff65..e77f86079a0 100644 --- a/srcpkgs/chromium/template +++ b/srcpkgs/chromium/template @@ -10,7 +10,7 @@ license="BSD" distfiles="https://commondatastorage.googleapis.com/chromium-browser-official/${pkgname}-${version}.tar.xz" checksum=41840925d3769555ce4ebd780ee0dc6789ffae27b1684006c9b543bcaa35bbd2 -only_for_archs="i686 x86_64" +only_for_archs="i686 x86_64 x86_64-musl" lib32disabled=yes nodebug=yes