openbsd-file: patch seccomp filter for new glibc, add riscv64

srcpkgs/openbsd-file/patches/glibc.patch

@@ -0,0 +1,27 @@
+From 62ee6ab013285b8f6dce1f729d97a1c31abf5071 Mon Sep 17 00:00:00 2001
+From: Bryan Steele <brynet@gmail.com>
+Date: Tue, 3 Aug 2021 21:16:44 -0400
+Subject: [PATCH] portable; Non-fatally deny newfstatat/statx(2) syscalls used
+ by newer glibc.
+
+---
+ seccomp-sandbox.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/seccomp-sandbox.c b/seccomp-sandbox.c
+index d65b813..03d70dd 100644
+--- a/seccomp-sandbox.c
++++ b/seccomp-sandbox.c
+@@ -132,6 +132,12 @@ static const struct sock_filter filt_insns[] = {
+ #ifdef __NR_openat
+ 	SC_DENY(__NR_openat, EACCES),
+ #endif
++#ifdef __NR_newfstatat
++	SC_DENY(__NR_newfstatat, EACCES),
++#endif
++#ifdef __NR_statx
++	SC_DENY(__NR_statx, EACCES),
++#endif
+ 
+ 	/* Syscalls to permit. */
+ #ifdef __NR_brk

srcpkgs/openbsd-file/patches/no-x86-seccomp.patch

@@ -1,6 +1,6 @@
 --- a/seccomp-sandbox.c	2020-01-30 15:59:29.517540311 +0100
 +++ b/seccomp-sandbox.c	2020-01-30 16:03:43.046273793 +0100
-@@ -40,6 +40,16 @@
+@@ -40,6 +40,18 @@
  #define SECCOMP_AUDIT_ARCH AUDIT_ARCH_I386
  #elif defined __x86_64__ || defined __amd64__
  #define SECCOMP_AUDIT_ARCH AUDIT_ARCH_X86_64
@@ -14,6 +14,8 @@
 +#define SECCOMP_AUDIT_ARCH AUDIT_ARCH_PPC64
 +#elif defined __powerpc__
 +#define SECCOMP_AUDIT_ARCH AUDIT_ARCH_PPC
++#elif defined(__riscv) && defined(__riscv_xlen) && __riscv_xlen == 64
++#define SECCOMP_AUDIT_ARCH AUDIT_ARCH_RISCV64
  #endif
  #endif /* SECCOMP_AUDIT_ARCH */
  

srcpkgs/openbsd-file/template

@@ -1,7 +1,7 @@
 # Template file for 'openbsd-file'
 pkgname=openbsd-file
 version=6.2
-revision=3
+revision=4
 build_style=gnu-configure
 configure_args="--program-prefix=openbsd-"
 hostmakedepends="automake libtool"