CVSROOT: /cvs Module name: ports Changes by: t...@cvs.openbsd.org 2023/09/13 00:15:48
Modified files: www/tor-browser/browser: Makefile www/tor-browser/browser/files: unveil.content unveil.gpu unveil.main Log message: tor-browser: sync DRM unveil with firefox-esr Instead of unveiling /dev/dri/card0 only, unveil the entire directory. It only contains four card* and and four renderD* with tight permissions. This is also the approach taken by the chromium based browsers. According to kettenis, acceleration on rare multi-graphics card setups can require multiple renderD* devices. Starting with firefox 118, if the directory isn't present, fallback code can exercise ioctls that aren't permitted by the kernel, leading to crashes. ok landry