From d59a755c2a8c38cbfe1394859ad91ad01bec56eb Mon Sep 17 00:00:00 2001 From: John Date: Tue, 19 Jan 2021 23:55:22 +0100 Subject: [PATCH] electron10: update to 10.3.0. --- .../files/patches/chromium-time64.patch | 51 +++++++++++++++++++ srcpkgs/electron10/template | 4 +- 2 files changed, 53 insertions(+), 2 deletions(-) create mode 100644 srcpkgs/electron10/files/patches/chromium-time64.patch diff --git a/srcpkgs/electron10/files/patches/chromium-time64.patch b/srcpkgs/electron10/files/patches/chromium-time64.patch new file mode 100644 index 00000000000..0330ce057f4 --- /dev/null +++ b/srcpkgs/electron10/files/patches/chromium-time64.patch @@ -0,0 +1,51 @@ +Description: allow sandboxed code to call gettime64 + Add __NR_clock_gettime64 and __NR_clock_nanosleep_time64 to syscall whitelist + and clock selection parameter filtering code. + + Add __NR_utimensat_time64 to syscall whitelist + + Conditionalise additions on the new calls existing, because they do not exist + on 64-bit architectures. +Author: Peter Michael Green + +Index: chromium-83.0.4103.116/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc +=================================================================== +--- a/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc ++++ b/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc +@@ -148,7 +148,11 @@ ResultExpr EvaluateSyscallImpl(int fs_de + return Allow(); + #endif + ++#ifdef __NR_clock_gettime64 ++ if (sysno == __NR_clock_gettime || sysno == __NR_clock_gettime64 || sysno == __NR_clock_nanosleep || sysno == __NR_clock_nanosleep_time64) { ++#else + if (sysno == __NR_clock_gettime || sysno == __NR_clock_nanosleep) { ++#endif + return RestrictClockID(); + } + +Index: chromium-83.0.4103.116/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc +=================================================================== +--- a/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc ++++ b/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc +@@ -38,6 +38,10 @@ bool SyscallSets::IsAllowedGettime(int s + case __NR_clock_getres: // Allowed only on Android with parameters + // filtered by RestrictClokID(). + case __NR_clock_gettime: // Parameters filtered by RestrictClockID(). ++#ifdef __NR_clock_gettime64 ++ case __NR_clock_gettime64: // Parameters filtered by RestrictClockID(). ++ case __NR_clock_nanosleep_time64: // Parameters filtered by RestrictClockID(). ++#endif + case __NR_clock_nanosleep: // Parameters filtered by RestrictClockID(). + case __NR_clock_settime: // Privileged. + #if defined(__i386__) || \ +@@ -159,6 +163,9 @@ bool SyscallSets::IsFileSystem(int sysno + case __NR_utime: + #endif + case __NR_utimensat: // New. ++#ifdef __NR_utimensat_time64 ++ case __NR_utimensat_time64: ++#endif + return true; + default: + return false; diff --git a/srcpkgs/electron10/template b/srcpkgs/electron10/template index 26d6309c819..e529c6341ff 100644 --- a/srcpkgs/electron10/template +++ b/srcpkgs/electron10/template @@ -1,6 +1,6 @@ # Template file for 'electron10' pkgname=electron10 -version=10.2.0 +version=10.3.0 _nodever=12.16.3 _chromiumver=85.0.4183.121 revision=1 @@ -30,7 +30,7 @@ homepage="https://electronjs.org" distfiles="https://github.com/electron/electron/archive/v$version.tar.gz>electron-${version}.tar.gz https://commondatastorage.googleapis.com/chromium-browser-official/chromium-$_chromiumver.tar.xz https://github.com/nodejs/node/archive/v$_nodever.tar.gz>node-$_nodever.tar.gz" -checksum="e1de6c43215594936af7b8f40f383e28069a8e4666bae1e447491353a506c6d4 +checksum="2938b0fd433d2a3f89eecaf3d28ecfec333ab15da84ae2e0a0db70cc3b047d75 e018547e54566410fb365d9f3dae10037c30fca5debe6ba8baceef3ad3b03d28 dcd0a1e619ff326399ca8fd87f61c255f4d1e9bff47860064993f01e4ff37fe1"