diff options
Diffstat (limited to 'community/firefox/sandbox-sched_setscheduler.patch')
-rw-r--r-- | community/firefox/sandbox-sched_setscheduler.patch | 23 |
1 files changed, 12 insertions, 11 deletions
diff --git a/community/firefox/sandbox-sched_setscheduler.patch b/community/firefox/sandbox-sched_setscheduler.patch index 1db645aebbd..ffdf12678bc 100644 --- a/community/firefox/sandbox-sched_setscheduler.patch +++ b/community/firefox/sandbox-sched_setscheduler.patch @@ -1,23 +1,24 @@ upstream bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1657849 diff --git a/security/sandbox/linux/SandboxFilter.cpp b/security/sandbox/linux/SandboxFilter.cpp -index 27da4e7..5a607a4 100644 +index ed958bc..9824433 100644 --- a/security/sandbox/linux/SandboxFilter.cpp +++ b/security/sandbox/linux/SandboxFilter.cpp -@@ -1455,6 +1455,7 @@ class GMPSandboxPolicy : public SandboxPolicyCommon { - return Trap(OpenTrap, mFiles); - - case __NR_brk: -+ case __NR_sched_setscheduler: - // Because Firefox on glibc resorts to the fallback implementation - // mentioned in bug 1576006, we must explicitly allow the get*id() - // functions in order to use NSS in the clearkey CDM. -@@ -1467,8 +1468,7 @@ class GMPSandboxPolicy : public SandboxPolicyCommon { +@@ -1751,6 +1751,6 @@ class GMPSandboxPolicy : public SandboxPolicyCommon { case __NR_sched_get_priority_max: ++ case __NR_sched_setscheduler: return Allow(); case __NR_sched_getparam: - case __NR_sched_getscheduler: - case __NR_sched_setscheduler: { + case __NR_sched_getscheduler: { Arg<pid_t> pid(0); - return If(pid == 0, Allow()).Else(Trap(SchedTrap, nullptr)); +@@ -1926,3 +1926,2 @@ class RDDSandboxPolicy final : public SandboxPolicyCommon { + case __NR_sched_getscheduler: +- case __NR_sched_setscheduler: + case __NR_sched_getattr: +@@ -1932,2 +1931,5 @@ class RDDSandboxPolicy final : public SandboxPolicyCommon { } ++ // sched_setscheduler gets special treatment here (bug 1657849): ++ case __NR_sched_setscheduler: ++ return Allow(); + |