Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package libqt5-qtwebengine for
openSUSE:Factory checked in at 2021-02-22 14:22:40
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/libqt5-qtwebengine (Old)
and /work/SRC/openSUSE:Factory/.libqt5-qtwebengine.new.2378 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libqt5-qtwebengine"
Mon Feb 22 14:22:40 2021 rev:66 rq:873181 version:5.15.2
Changes:
--------
--- /work/SRC/openSUSE:Factory/libqt5-qtwebengine/libqt5-qtwebengine.changes
2021-02-15 23:17:09.839473206 +0100
+++
/work/SRC/openSUSE:Factory/.libqt5-qtwebengine.new.2378/libqt5-qtwebengine.changes
2021-02-22 14:22:42.119569453 +0100
@@ -1,0 +2,11 @@
+Wed Feb 17 13:19:20 UTC 2021 - Fabian Vogt <fab...@ritter-vogt.de>
+
+- Add patch to fix sandbox with glibc 2.33 on 32bit:
+ * sandbox-statx-futex_time64.patch
+
+-------------------------------------------------------------------
+Tue Feb 16 09:52:13 UTC 2021 - Guillaume GARDET <guillaume.gar...@opensuse.org>
+
+- Relax constraints for armv6 and armv7
+
+-------------------------------------------------------------------
New:
----
sandbox-statx-futex_time64.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ libqt5-qtwebengine.spec ++++++
--- /var/tmp/diff_new_pack.E5th7A/_old 2021-02-22 14:22:43.747571042 +0100
+++ /var/tmp/diff_new_pack.E5th7A/_new 2021-02-22 14:22:43.751571046 +0100
@@ -53,8 +53,9 @@
Patch1: armv6-ffmpeg-no-thumb.patch
# PATCH-FIX-OPENSUSE disable-gpu-when-using-nouveau-boo-1005323.diff
Patch2: disable-gpu-when-using-nouveau-boo-1005323.diff
-Patch7: fix1163766.patch
-Patch8: chromium-glibc-2.33.patch
+Patch3: fix1163766.patch
+Patch4: chromium-glibc-2.33.patch
+Patch5: sandbox-statx-futex_time64.patch
# PATCH-FIX-OPENSUSE
Patch9: rtc-dont-use-h264.patch
# PATCH-FIX-UPSTREAM
++++++ _constraints ++++++
--- /var/tmp/diff_new_pack.E5th7A/_old 2021-02-22 14:22:43.775571070 +0100
+++ /var/tmp/diff_new_pack.E5th7A/_new 2021-02-22 14:22:43.775571070 +0100
@@ -11,4 +11,18 @@
</physicalmemory>
<processors>4</processors>
</hardware>
+ <overwrite>
+ <conditions>
+ <arch>armv6l</arch>
+ <arch>armv7l</arch>
+ </conditions>
+ <hardware>
+ <memory>
+ <size unit="G">9</size>
+ </memory>
+ <physicalmemory>
+ <size unit="G">8</size>
+ </physicalmemory>
+ </hardware>
+ </overwrite>
</constraints>
++++++ sandbox-statx-futex_time64.patch ++++++
From: Fabian Vogt <fab...@ritter-vogt.de>
Subject: Sandbox: Handle statx and futex_time64
glibc uses statx in some more places now (e.g stat64 -> __fstatat64_time64),
but it's caught by the sandbox, which doesn't handle it and breaks.
Return -ENOSYS instead to trigger the fallback in glibc.
futex_time64 is also used internally in glibc, so handle that as well.
The signature is identical where it matters.
Index:
qtwebengine-everywhere-src-5.15.2/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
===================================================================
---
qtwebengine-everywhere-src-5.15.2.orig/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
+++
qtwebengine-everywhere-src-5.15.2/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
@@ -190,6 +190,11 @@ ResultExpr EvaluateSyscallImpl(int fs_de
if (sysno == __NR_futex)
return RestrictFutex();
+#if defined(__NR_futex_time64)
+ if (sysno == __NR_futex_time64)
+ return RestrictFutex();
+#endif
+
if (sysno == __NR_set_robust_list)
return Error(EPERM);
@@ -265,6 +270,12 @@ ResultExpr EvaluateSyscallImpl(int fs_de
}
#endif
+#if defined(__NR_statx)
+ if (sysno == __NR_statx) {
+ return Error(ENOSYS);
+ }
+#endif
+
if (SyscallSets::IsFileSystem(sysno) ||
SyscallSets::IsCurrentDirectory(sysno)) {
return Error(fs_denied_errno);
