aboutsummaryrefslogtreecommitdiffstats
path: root/community/firefox/sandbox-sched_setscheduler.patch
blob: 1db645aebbdc4cd4f727fe0df9ea866341aad3a8 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
upstream bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1657849
diff --git a/security/sandbox/linux/SandboxFilter.cpp b/security/sandbox/linux/SandboxFilter.cpp
index 27da4e7..5a607a4 100644
--- a/security/sandbox/linux/SandboxFilter.cpp
+++ b/security/sandbox/linux/SandboxFilter.cpp
@@ -1455,6 +1455,7 @@ class GMPSandboxPolicy : public SandboxPolicyCommon {
         return Trap(OpenTrap, mFiles);
 
       case __NR_brk:
+      case __NR_sched_setscheduler:
       // Because Firefox on glibc resorts to the fallback implementation
       // mentioned in bug 1576006, we must explicitly allow the get*id()
       // functions in order to use NSS in the clearkey CDM.
@@ -1467,8 +1468,7 @@ class GMPSandboxPolicy : public SandboxPolicyCommon {
       case __NR_sched_get_priority_max:
         return Allow();
       case __NR_sched_getparam:
-      case __NR_sched_getscheduler:
-      case __NR_sched_setscheduler: {
+      case __NR_sched_getscheduler: {
         Arg<pid_t> pid(0);
         return If(pid == 0, Allow()).Else(Trap(SchedTrap, nullptr));
       }