2
0
mirror of https://codeberg.org/kiss-community/repo synced 2025-01-22 02:14:41 -07:00
repo/extra/firefox/patches/musl-sandbox.patch
2025-01-07 00:42:36 -06:00

34 lines
1.3 KiB
Diff

diff --git a/security/sandbox/linux/SandboxFilter.cpp b/security/sandbox/linux/SandboxFilter.cpp
index 5f14e78..1b968ea 100644
--- a/security/sandbox/linux/SandboxFilter.cpp
+++ b/security/sandbox/linux/SandboxFilter.cpp
@@ -1763,10 +1763,10 @@ class GMPSandboxPolicy : public SandboxPolicyCommon {
return Allow();
case __NR_sched_get_priority_min:
case __NR_sched_get_priority_max:
+ case __NR_sched_setscheduler:
return Allow();
case __NR_sched_getparam:
- case __NR_sched_getscheduler:
- case __NR_sched_setscheduler: {
+ case __NR_sched_getscheduler: {
Arg<pid_t> pid(0);
return If(pid == 0, Allow()).Else(Trap(SchedTrap, nullptr));
}
@@ -1956,12 +1956,14 @@ class RDDSandboxPolicy final : public SandboxPolicyCommon {
case __NR_sched_getparam:
case __NR_sched_setparam:
case __NR_sched_getscheduler:
- case __NR_sched_setscheduler:
case __NR_sched_getattr:
case __NR_sched_setattr: {
Arg<pid_t> pid(0);
return If(pid == 0, Allow()).Else(Trap(SchedTrap, nullptr));
}
+ // sched_setscheduler gets special treatment here (bug 1657849):
+ case __NR_sched_setscheduler:
+ return Allow();
// The priority bounds are also used, sometimes (bug 1838675):
case __NR_sched_get_priority_min: