electron9: update to 9.3.5.

2021-01-19 23:55:02 +01:00 · 2021-01-19 23:55:02 +01:00 · 2500dc9d8d
parent ae437efae4
commit 2500dc9d8d
3 changed files with 54 additions and 3 deletions
--- a/srcpkgs/electron9/files/patches/chromium-time64.patch
+++ b/srcpkgs/electron9/files/patches/chromium-time64.patch
@ -0,0 +1,51 @@
+Description: allow sandboxed code to call gettime64
+ Add __NR_clock_gettime64 and __NR_clock_nanosleep_time64 to syscall whitelist
+ and clock selection parameter filtering code.
+
+ Add __NR_utimensat_time64 to syscall whitelist
+
+ Conditionalise additions on the new calls existing, because they do not exist
+ on 64-bit architectures.
+Author: Peter Michael Green <plugwash@raspbian.org>
+
+Index: chromium-83.0.4103.116/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
+===================================================================
+--- a/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
+++ b/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
+@@ -148,7 +148,11 @@ ResultExpr EvaluateSyscallImpl(int fs_de
+     return Allow();
+ #endif
+ 
+#ifdef __NR_clock_gettime64
+  if (sysno == __NR_clock_gettime || sysno == __NR_clock_gettime64 || sysno == __NR_clock_nanosleep || sysno == __NR_clock_nanosleep_time64) {
+#else
+   if (sysno == __NR_clock_gettime || sysno == __NR_clock_nanosleep) {
+#endif
+     return RestrictClockID();
+   }
+ 
+Index: chromium-83.0.4103.116/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc
+===================================================================
+--- a/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc
+++ b/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc
+@@ -38,6 +38,10 @@ bool SyscallSets::IsAllowedGettime(int s
+     case __NR_clock_getres:     // Allowed only on Android with parameters
+                                 // filtered by RestrictClokID().
+     case __NR_clock_gettime:    // Parameters filtered by RestrictClockID().
+#ifdef __NR_clock_gettime64
+    case __NR_clock_gettime64:    // Parameters filtered by RestrictClockID().
+    case __NR_clock_nanosleep_time64:  // Parameters filtered by RestrictClockID().
+#endif
+     case __NR_clock_nanosleep:  // Parameters filtered by RestrictClockID().
+     case __NR_clock_settime:    // Privileged.
+ #if defined(__i386__) || \
+@@ -159,6 +163,9 @@ bool SyscallSets::IsFileSystem(int sysno
+     case __NR_utime:
+ #endif
+     case __NR_utimensat:  // New.
+#ifdef __NR_utimensat_time64
+    case __NR_utimensat_time64:
+#endif
+       return true;
+     default:
+       return false;
--- a/srcpkgs/electron9/files/patches/electron-exclude-content-test-patches.patch
+++ b/srcpkgs/electron9/files/patches/electron-exclude-content-test-patches.patch
@ -4,7 +4,7 @@
   for patch_dir, repo in dirs.items():
     git.import_patches(repo=repo, patch_data=patch_from_dir(patch_dir),
       threeway=threeway is not None,
-+      exclude=['content/test/**', 'test/cctest/wasm/**'],
+      exclude=['content/test/**', 'test/cctest/**'],
       committer_name="Electron Scripts", committer_email="scripts@electron")
 
 
--- a/srcpkgs/electron9/template
+++ b/srcpkgs/electron9/template
@ -1,6 +1,6 @@
 # Template file for 'electron9'
 pkgname=electron9
-version=9.3.4
+version=9.4.1
 _nodever=12.14.1
 _chromiumver=83.0.4103.119
 revision=1
@ -30,7 +30,7 @@ homepage="https://electronjs.org"
 distfiles="https://github.com/electron/electron/archive/v$version.tar.gz>electron-${version}.tar.gz
 https://commondatastorage.googleapis.com/chromium-browser-official/chromium-$_chromiumver.tar.xz
 https://github.com/nodejs/node/archive/v$_nodever.tar.gz>node-$_nodever.tar.gz"
-checksum="067399edbbadf7d975e293230ee716a441dc63bcc0bbf1ad41bd0e1063588867
+checksum="953e34b156fc9cd49b8f39daf662b279930913eea7bf47265ce60b576dfc7a36
 452cbc58895a46b2b87ba450a3f86897de92ad08ce28ffdbed6b3f12101d3788
 01e4a960be3e26b87c55509ee1cb44a14946a4169d5cdec046dd05058d995b26"