jaredallard/overlay
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions 1
overlay/www-client/chromium/files/chromium-134-map_droppable-glibc.patch
github-actions[bot] 04e93b9015
Some checks failed
Test / elint (push) Failing after 33s
Details
Docker / updater-base-image (push) Has been cancelled
Details
www-client/chromium: sync with upstream
2025-02-14 00:03:08 +00:00

35 lines
1.5 KiB
Diff
Raw Permalink Blame History

From d1e4332f1a2361014175646fae4f4549b8c1abbf Mon Sep 17 00:00:00 2001
From: Matt Jolly <kangie@gentoo.org>
Date: Thu, 13 Feb 2025 16:56:53 +1000
Subject: [PATCH] seccomp: Define MAP_DROPPABLE for glibc 2.41
Bug: https://bugs.gentoo.org/949654
--- a/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc
+++ b/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc
@@ -1,3 +1,4 @@
+
// Copyright 2013 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
@@ -35,6 +36,10 @@
#include "sandbox/linux/system_headers/linux_syscalls.h"
#include "sandbox/linux/system_headers/linux_time.h"
+#if !defined(MAP_DROPPABLE)
+#define MAP_DROPPABLE 0x08 // Zero memory under memory pressure.
+#endif
+
#if (BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS_LACROS)) && \
!defined(__arm__) && !defined(__aarch64__) && \
!defined(PTRACE_GET_THREAD_AREA)
@@ -238,7 +243,7 @@ ResultExpr RestrictMmapFlags() {
// TODO(davidung), remove MAP_DENYWRITE with updated Tegra libraries.
const uint64_t kAllowedMask = MAP_SHARED | MAP_PRIVATE | MAP_ANONYMOUS |
MAP_STACK | MAP_NORESERVE | MAP_FIXED |
- MAP_DENYWRITE | MAP_LOCKED |
+ MAP_DENYWRITE | MAP_LOCKED | MAP_DROPPABLE |
kArchSpecificAllowedMask;
const Arg<int> flags(3);
return If((flags & ~kAllowedMask) == 0, Allow()).Else(CrashSIGSYS());
--
2.48.0
Reference in a new issue View git blame Copy permalink