[packages/qt5-qtwebengine.git] / glibc2.34.patch

From 5e08782516d24de536e75d6bf4ff2bc87be55124 Mon Sep 17 00:00:00 2001
From: Matthew Denton <mpdenton@chromium.org>
Date: Thu, 03 Jun 2021 19:02:10 +0000
Subject: [PATCH] Linux sandbox: update syscall numbers for all platforms.

This includes clone3 and the landlock system calls.

Bug: 1213452
Change-Id: Iaf14a7c9d455c7a22ad179b13541a60dcabaac09
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2934620
Auto-Submit: Matthew Denton <mpdenton@chromium.org>
Commit-Queue: Robert Sesek <rsesek@chromium.org>
Reviewed-by: Robert Sesek <rsesek@chromium.org>
Cr-Commit-Position: refs/heads/master@{#888958}
---

diff --git a/sandbox/linux/system_headers/arm64_linux_syscalls.h b/sandbox/linux/system_headers/arm64_linux_syscalls.h
index a242c18c..ab86b36 100644
--- a/sandbox/linux/system_headers/arm64_linux_syscalls.h
+++ b/sandbox/linux/system_headers/arm64_linux_syscalls.h
@@ -1119,4 +1119,100 @@
 #define __NR_rseq 293
 #endif
 
+#if !defined(__NR_kexec_file_load)
+#define __NR_kexec_file_load 294
+#endif
+
+#if !defined(__NR_pidfd_send_signal)
+#define __NR_pidfd_send_signal 424
+#endif
+
+#if !defined(__NR_io_uring_setup)
+#define __NR_io_uring_setup 425
+#endif
+
+#if !defined(__NR_io_uring_enter)
+#define __NR_io_uring_enter 426
+#endif
+
+#if !defined(__NR_io_uring_register)
+#define __NR_io_uring_register 427
+#endif
+
+#if !defined(__NR_open_tree)
+#define __NR_open_tree 428
+#endif
+
+#if !defined(__NR_move_mount)
+#define __NR_move_mount 429
+#endif
+
+#if !defined(__NR_fsopen)
+#define __NR_fsopen 430
+#endif
+
+#if !defined(__NR_fsconfig)
+#define __NR_fsconfig 431
+#endif
+
+#if !defined(__NR_fsmount)
+#define __NR_fsmount 432
+#endif
+
+#if !defined(__NR_fspick)
+#define __NR_fspick 433
+#endif
+
+#if !defined(__NR_pidfd_open)
+#define __NR_pidfd_open 434
+#endif
+
+#if !defined(__NR_clone3)
+#define __NR_clone3 435
+#endif
+
+#if !defined(__NR_close_range)
+#define __NR_close_range 436
+#endif
+
+#if !defined(__NR_openat2)
+#define __NR_openat2 437
+#endif
+
+#if !defined(__NR_pidfd_getfd)
+#define __NR_pidfd_getfd 438
+#endif
+
+#if !defined(__NR_faccessat2)
+#define __NR_faccessat2 439
+#endif
+
+#if !defined(__NR_process_madvise)
+#define __NR_process_madvise 440
+#endif
+
+#if !defined(__NR_epoll_pwait2)
+#define __NR_epoll_pwait2 441
+#endif
+
+#if !defined(__NR_mount_setattr)
+#define __NR_mount_setattr 442
+#endif
+
+#if !defined(__NR_quotactl_path)
+#define __NR_quotactl_path 443
+#endif
+
+#if !defined(__NR_landlock_create_ruleset)
+#define __NR_landlock_create_ruleset 444
+#endif
+
+#if !defined(__NR_landlock_add_rule)
+#define __NR_landlock_add_rule 445
+#endif
+
+#if !defined(__NR_landlock_restrict_self)
+#define __NR_landlock_restrict_self 446
+#endif
+
 #endif  // SANDBOX_LINUX_SYSTEM_HEADERS_ARM64_LINUX_SYSCALLS_H_
diff --git a/sandbox/linux/system_headers/mips64_linux_syscalls.h b/sandbox/linux/system_headers/mips64_linux_syscalls.h
index ec75815a..ae7cb48 100644
--- a/sandbox/linux/system_headers/mips64_linux_syscalls.h
+++ b/sandbox/linux/system_headers/mips64_linux_syscalls.h
@@ -1271,4 +1271,148 @@
 #define __NR_memfd_create (__NR_Linux + 314)
 #endif
 
+#if !defined(__NR_bpf)
+#define __NR_bpf (__NR_Linux + 315)
+#endif
+
+#if !defined(__NR_execveat)
+#define __NR_execveat (__NR_Linux + 316)
+#endif
+
+#if !defined(__NR_userfaultfd)
+#define __NR_userfaultfd (__NR_Linux + 317)
+#endif
+
+#if !defined(__NR_membarrier)
+#define __NR_membarrier (__NR_Linux + 318)
+#endif
+
+#if !defined(__NR_mlock2)
+#define __NR_mlock2 (__NR_Linux + 319)
+#endif
+
+#if !defined(__NR_copy_file_range)
+#define __NR_copy_file_range (__NR_Linux + 320)
+#endif
+
+#if !defined(__NR_preadv2)
+#define __NR_preadv2 (__NR_Linux + 321)
+#endif
+
+#if !defined(__NR_pwritev2)
+#define __NR_pwritev2 (__NR_Linux + 322)
+#endif
+
+#if !defined(__NR_pkey_mprotect)
+#define __NR_pkey_mprotect (__NR_Linux + 323)
+#endif
+
+#if !defined(__NR_pkey_alloc)
+#define __NR_pkey_alloc (__NR_Linux + 324)
+#endif
+
+#if !defined(__NR_pkey_free)
+#define __NR_pkey_free (__NR_Linux + 325)
+#endif
+
+#if !defined(__NR_statx)
+#define __NR_statx (__NR_Linux + 326)
+#endif
+
+#if !defined(__NR_rseq)
+#define __NR_rseq (__NR_Linux + 327)
+#endif
+
+#if !defined(__NR_io_pgetevents)
+#define __NR_io_pgetevents (__NR_Linux + 328)
+#endif
+
+#if !defined(__NR_pidfd_send_signal)
+#define __NR_pidfd_send_signal (__NR_Linux + 424)
+#endif
+
+#if !defined(__NR_io_uring_setup)
+#define __NR_io_uring_setup (__NR_Linux + 425)
+#endif
+
+#if !defined(__NR_io_uring_enter)
+#define __NR_io_uring_enter (__NR_Linux + 426)
+#endif
+
+#if !defined(__NR_io_uring_register)
+#define __NR_io_uring_register (__NR_Linux + 427)
+#endif
+
+#if !defined(__NR_open_tree)
+#define __NR_open_tree (__NR_Linux + 428)
+#endif
+
+#if !defined(__NR_move_mount)
+#define __NR_move_mount (__NR_Linux + 429)
+#endif
+
+#if !defined(__NR_fsopen)
+#define __NR_fsopen (__NR_Linux + 430)
+#endif
+
+#if !defined(__NR_fsconfig)
+#define __NR_fsconfig (__NR_Linux + 431)
+#endif
+
+#if !defined(__NR_fsmount)
+#define __NR_fsmount (__NR_Linux + 432)
+#endif
+
+#if !defined(__NR_fspick)
+#define __NR_fspick (__NR_Linux + 433)
+#endif
+
+#if !defined(__NR_pidfd_open)
+#define __NR_pidfd_open (__NR_Linux + 434)
+#endif
+
+#if !defined(__NR_clone3)
+#define __NR_clone3 (__NR_Linux + 435)
+#endif
+
+#if !defined(__NR_close_range)
+#define __NR_close_range (__NR_Linux + 436)
+#endif
+
+#if !defined(__NR_openat2)
+#define __NR_openat2 (__NR_Linux + 437)
+#endif
+
+#if !defined(__NR_pidfd_getfd)
+#define __NR_pidfd_getfd (__NR_Linux + 438)
+#endif
+
+#if !defined(__NR_faccessat2)
+#define __NR_faccessat2 (__NR_Linux + 439)
+#endif
+
+#if !defined(__NR_process_madvise)
+#define __NR_process_madvise (__NR_Linux + 440)
+#endif
+
+#if !defined(__NR_epoll_pwait2)
+#define __NR_epoll_pwait2 (__NR_Linux + 441)
+#endif
+
+#if !defined(__NR_mount_setattr)
+#define __NR_mount_setattr (__NR_Linux + 442)
+#endif
+
+#if !defined(__NR_landlock_create_ruleset)
+#define __NR_landlock_create_ruleset (__NR_Linux + 444)
+#endif
+
+#if !defined(__NR_landlock_add_rule)
+#define __NR_landlock_add_rule (__NR_Linux + 445)
+#endif
+
+#if !defined(__NR_landlock_restrict_self)
+#define __NR_landlock_restrict_self (__NR_Linux + 446)
+#endif
+
 #endif  // SANDBOX_LINUX_SYSTEM_HEADERS_MIPS64_LINUX_SYSCALLS_H_
diff --git a/sandbox/linux/system_headers/x86_64_linux_syscalls.h b/sandbox/linux/system_headers/x86_64_linux_syscalls.h
index b0ae0a2..e618c62 100644
--- a/sandbox/linux/system_headers/x86_64_linux_syscalls.h
+++ b/sandbox/linux/system_headers/x86_64_linux_syscalls.h
@@ -1350,5 +1350,93 @@
 #define __NR_rseq 334
 #endif
 
+#if !defined(__NR_pidfd_send_signal)
+#define __NR_pidfd_send_signal 424
+#endif
+
+#if !defined(__NR_io_uring_setup)
+#define __NR_io_uring_setup 425
+#endif
+
+#if !defined(__NR_io_uring_enter)
+#define __NR_io_uring_enter 426
+#endif
+
+#if !defined(__NR_io_uring_register)
+#define __NR_io_uring_register 427
+#endif
+
+#if !defined(__NR_open_tree)
+#define __NR_open_tree 428
+#endif
+
+#if !defined(__NR_move_mount)
+#define __NR_move_mount 429
+#endif
+
+#if !defined(__NR_fsopen)
+#define __NR_fsopen 430
+#endif
+
+#if !defined(__NR_fsconfig)
+#define __NR_fsconfig 431
+#endif
+
+#if !defined(__NR_fsmount)
+#define __NR_fsmount 432
+#endif
+
+#if !defined(__NR_fspick)
+#define __NR_fspick 433
+#endif
+
+#if !defined(__NR_pidfd_open)
+#define __NR_pidfd_open 434
+#endif
+
+#if !defined(__NR_clone3)
+#define __NR_clone3 435
+#endif
+
+#if !defined(__NR_close_range)
+#define __NR_close_range 436
+#endif
+
+#if !defined(__NR_openat2)
+#define __NR_openat2 437
+#endif
+
+#if !defined(__NR_pidfd_getfd)
+#define __NR_pidfd_getfd 438
+#endif
+
+#if !defined(__NR_faccessat2)
+#define __NR_faccessat2 439
+#endif
+
+#if !defined(__NR_process_madvise)
+#define __NR_process_madvise 440
+#endif
+
+#if !defined(__NR_epoll_pwait2)
+#define __NR_epoll_pwait2 441
+#endif
+
+#if !defined(__NR_mount_setattr)
+#define __NR_mount_setattr 442
+#endif
+
+#if !defined(__NR_landlock_create_ruleset)
+#define __NR_landlock_create_ruleset 444
+#endif
+
+#if !defined(__NR_landlock_add_rule)
+#define __NR_landlock_add_rule 445
+#endif
+
+#if !defined(__NR_landlock_restrict_self)
+#define __NR_landlock_restrict_self 446
+#endif
+
 #endif  // SANDBOX_LINUX_SYSTEM_HEADERS_X86_64_LINUX_SYSCALLS_H_
 
From 218438259dd795456f0a48f67cbe5b4e520db88b Mon Sep 17 00:00:00 2001
From: Matthew Denton <mpdenton@chromium.org>
Date: Thu, 03 Jun 2021 20:06:13 +0000
Subject: [PATCH] Linux sandbox: return ENOSYS for clone3

Because clone3 uses a pointer argument rather than a flags argument, we
cannot examine the contents with seccomp, which is essential to
preventing sandboxed processes from starting other processes. So, we
won't be able to support clone3 in Chromium. This CL modifies the
BPF policy to return ENOSYS for clone3 so glibc always uses the fallback
to clone.

Bug: 1213452
Change-Id: I7c7c585a319e0264eac5b1ebee1a45be2d782303
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2936184
Reviewed-by: Robert Sesek <rsesek@chromium.org>
Commit-Queue: Matthew Denton <mpdenton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#888980}
---

diff --git a/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc b/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
index 05c39f0..086c56a2 100644
--- a/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
+++ b/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
@@ -178,6 +178,12 @@
     return RestrictCloneToThreadsAndEPERMFork();
   }
 
+  // clone3 takes a pointer argument which we cannot examine, so return ENOSYS
+  // to force the libc to use clone. See https://crbug.com/1213452.
+  if (sysno == __NR_clone3) {
+    return Error(ENOSYS);
+  }
+
   if (sysno == __NR_fcntl)
     return RestrictFcntlCommands();
 
--- chromium/third_party/abseil-cpp/absl/debugging/failure_signal_handler.cc.orig	2021-08-13 12:36:58.000000000 +0200
+++ chromium/third_party/abseil-cpp/absl/debugging/failure_signal_handler.cc	2021-08-18 22:04:02.165382504 +0200
@@ -135,7 +135,7 @@
 #else
   const size_t page_mask = sysconf(_SC_PAGESIZE) - 1;
 #endif
-  size_t stack_size = (std::max(SIGSTKSZ, 65536) + page_mask) & ~page_mask;
+  size_t stack_size = (std::max<size_t>(SIGSTKSZ, 65536) + page_mask) & ~page_mask;
 #if defined(ABSL_HAVE_ADDRESS_SANITIZER) || \
     defined(ABSL_HAVE_MEMORY_SANITIZER) || defined(ABSL_HAVE_THREAD_SANITIZER)
   // Account for sanitizer instrumentation requiring additional stack space.
--- chromium/third_party/breakpad/breakpad/src/client/linux/handler/exception_handler.cc.orig	2021-08-18 22:05:45.366849996 +0200
+++ chromium/third_party/breakpad/breakpad/src/client/linux/handler/exception_handler.cc	2021-08-18 22:05:57.647024518 +0200
@@ -138,7 +138,7 @@
   // SIGSTKSZ may be too small to prevent the signal handlers from overrunning
   // the alternative stack. Ensure that the size of the alternative stack is
   // large enough.
-  static const unsigned kSigStackSize = std::max(16384, SIGSTKSZ);
+  static const unsigned kSigStackSize = std::max<size_t>(16384, SIGSTKSZ);
 
   // Only set an alternative stack if there isn't already one, or if the current
   // one is too small.
Commit	Line	Data
7b92ae8b JP	1	From 5e08782516d24de536e75d6bf4ff2bc87be55124 Mon Sep 17 00:00:00 2001
	2	From: Matthew Denton <mpdenton@chromium.org>
	3	Date: Thu, 03 Jun 2021 19:02:10 +0000
	4	Subject: [PATCH] Linux sandbox: update syscall numbers for all platforms.
	5
	6	This includes clone3 and the landlock system calls.
	7
	8	Bug: 1213452
	9	Change-Id: Iaf14a7c9d455c7a22ad179b13541a60dcabaac09
	10	Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2934620
	11	Auto-Submit: Matthew Denton <mpdenton@chromium.org>
	12	Commit-Queue: Robert Sesek <rsesek@chromium.org>
	13	Reviewed-by: Robert Sesek <rsesek@chromium.org>
	14	Cr-Commit-Position: refs/heads/master@{#888958}
	15	---
	16
	17	diff --git a/sandbox/linux/system_headers/arm64_linux_syscalls.h b/sandbox/linux/system_headers/arm64_linux_syscalls.h
	18	index a242c18c..ab86b36 100644
	19	--- a/sandbox/linux/system_headers/arm64_linux_syscalls.h
	20	+++ b/sandbox/linux/system_headers/arm64_linux_syscalls.h
	21	@@ -1119,4 +1119,100 @@
	22	#define __NR_rseq 293
	23	#endif
	24
	25	+#if !defined(__NR_kexec_file_load)
	26	+#define __NR_kexec_file_load 294
	27	+#endif
	28	+
	29	+#if !defined(__NR_pidfd_send_signal)
	30	+#define __NR_pidfd_send_signal 424
	31	+#endif
	32	+
	33	+#if !defined(__NR_io_uring_setup)
	34	+#define __NR_io_uring_setup 425
	35	+#endif
	36	+
	37	+#if !defined(__NR_io_uring_enter)
	38	+#define __NR_io_uring_enter 426
	39	+#endif
	40	+
	41	+#if !defined(__NR_io_uring_register)
	42	+#define __NR_io_uring_register 427
	43	+#endif
	44	+
	45	+#if !defined(__NR_open_tree)
	46	+#define __NR_open_tree 428
	47	+#endif
	48	+
	49	+#if !defined(__NR_move_mount)
	50	+#define __NR_move_mount 429
	51	+#endif
	52	+
	53	+#if !defined(__NR_fsopen)
	54	+#define __NR_fsopen 430
	55	+#endif
	56	+
	57	+#if !defined(__NR_fsconfig)
	58	+#define __NR_fsconfig 431
	59	+#endif
	60	+
	61	+#if !defined(__NR_fsmount)
	62	+#define __NR_fsmount 432
	63	+#endif
	64	+
65	+#if !defined(__NR_fspick)
66	+#define __NR_fspick 433
67	+#endif
68	+
69	+#if !defined(__NR_pidfd_open)
70	+#define __NR_pidfd_open 434
71	+#endif
72	+
73	+#if !defined(__NR_clone3)
74	+#define __NR_clone3 435
75	+#endif
76	+
77	+#if !defined(__NR_close_range)
78	+#define __NR_close_range 436
79	+#endif
80	+
81	+#if !defined(__NR_openat2)
82	+#define __NR_openat2 437
83	+#endif
84	+
85	+#if !defined(__NR_pidfd_getfd)
86	+#define __NR_pidfd_getfd 438
87	+#endif
88	+
89	+#if !defined(__NR_faccessat2)
90	+#define __NR_faccessat2 439
91	+#endif
92	+
93	+#if !defined(__NR_process_madvise)
94	+#define __NR_process_madvise 440
95	+#endif
96	+
97	+#if !defined(__NR_epoll_pwait2)
98	+#define __NR_epoll_pwait2 441
99	+#endif
100	+
101	+#if !defined(__NR_mount_setattr)
102	+#define __NR_mount_setattr 442
103	+#endif
104	+
105	+#if !defined(__NR_quotactl_path)
106	+#define __NR_quotactl_path 443
107	+#endif
108	+
109	+#if !defined(__NR_landlock_create_ruleset)
110	+#define __NR_landlock_create_ruleset 444
111	+#endif
112	+
113	+#if !defined(__NR_landlock_add_rule)
114	+#define __NR_landlock_add_rule 445
115	+#endif
116	+
117	+#if !defined(__NR_landlock_restrict_self)
118	+#define __NR_landlock_restrict_self 446
119	+#endif
120	+
121	#endif // SANDBOX_LINUX_SYSTEM_HEADERS_ARM64_LINUX_SYSCALLS_H_
122	diff --git a/sandbox/linux/system_headers/mips64_linux_syscalls.h b/sandbox/linux/system_headers/mips64_linux_syscalls.h
123	index ec75815a..ae7cb48 100644
124	--- a/sandbox/linux/system_headers/mips64_linux_syscalls.h
125	+++ b/sandbox/linux/system_headers/mips64_linux_syscalls.h
126	@@ -1271,4 +1271,148 @@
127	#define __NR_memfd_create (__NR_Linux + 314)
128	#endif
129
130	+#if !defined(__NR_bpf)
131	+#define __NR_bpf (__NR_Linux + 315)
132	+#endif
133	+
134	+#if !defined(__NR_execveat)
135	+#define __NR_execveat (__NR_Linux + 316)
136	+#endif
137	+
138	+#if !defined(__NR_userfaultfd)
139	+#define __NR_userfaultfd (__NR_Linux + 317)
140	+#endif
141	+
142	+#if !defined(__NR_membarrier)
143	+#define __NR_membarrier (__NR_Linux + 318)
144	+#endif
145	+
146	+#if !defined(__NR_mlock2)
147	+#define __NR_mlock2 (__NR_Linux + 319)
148	+#endif
149	+
150	+#if !defined(__NR_copy_file_range)
151	+#define __NR_copy_file_range (__NR_Linux + 320)
152	+#endif
153	+
154	+#if !defined(__NR_preadv2)
155	+#define __NR_preadv2 (__NR_Linux + 321)
156	+#endif
157	+
158	+#if !defined(__NR_pwritev2)
159	+#define __NR_pwritev2 (__NR_Linux + 322)
160	+#endif
161	+
162	+#if !defined(__NR_pkey_mprotect)
163	+#define __NR_pkey_mprotect (__NR_Linux + 323)
164	+#endif
165	+
166	+#if !defined(__NR_pkey_alloc)
167	+#define __NR_pkey_alloc (__NR_Linux + 324)
168	+#endif
169	+
170	+#if !defined(__NR_pkey_free)
171	+#define __NR_pkey_free (__NR_Linux + 325)
172	+#endif
173	+
174	+#if !defined(__NR_statx)
175	+#define __NR_statx (__NR_Linux + 326)
176	+#endif
177	+
178	+#if !defined(__NR_rseq)
179	+#define __NR_rseq (__NR_Linux + 327)
180	+#endif
181	+
182	+#if !defined(__NR_io_pgetevents)
183	+#define __NR_io_pgetevents (__NR_Linux + 328)
184	+#endif
185	+
186	+#if !defined(__NR_pidfd_send_signal)
187	+#define __NR_pidfd_send_signal (__NR_Linux + 424)
188	+#endif
189	+
190	+#if !defined(__NR_io_uring_setup)
191	+#define __NR_io_uring_setup (__NR_Linux + 425)
192	+#endif
193	+
194	+#if !defined(__NR_io_uring_enter)
195	+#define __NR_io_uring_enter (__NR_Linux + 426)
196	+#endif
197	+
198	+#if !defined(__NR_io_uring_register)
199	+#define __NR_io_uring_register (__NR_Linux + 427)
200	+#endif
201	+
202	+#if !defined(__NR_open_tree)
203	+#define __NR_open_tree (__NR_Linux + 428)
204	+#endif
205	+
206	+#if !defined(__NR_move_mount)
207	+#define __NR_move_mount (__NR_Linux + 429)
208	+#endif
209	+
210	+#if !defined(__NR_fsopen)
211	+#define __NR_fsopen (__NR_Linux + 430)
212	+#endif
213	+
214	+#if !defined(__NR_fsconfig)
215	+#define __NR_fsconfig (__NR_Linux + 431)
216	+#endif
217	+
218	+#if !defined(__NR_fsmount)
219	+#define __NR_fsmount (__NR_Linux + 432)
220	+#endif
221	+
222	+#if !defined(__NR_fspick)
223	+#define __NR_fspick (__NR_Linux + 433)
224	+#endif
225	+
226	+#if !defined(__NR_pidfd_open)
227	+#define __NR_pidfd_open (__NR_Linux + 434)
228	+#endif
229	+
230	+#if !defined(__NR_clone3)
231	+#define __NR_clone3 (__NR_Linux + 435)
232	+#endif
233	+
234	+#if !defined(__NR_close_range)
235	+#define __NR_close_range (__NR_Linux + 436)
236	+#endif
237	+
238	+#if !defined(__NR_openat2)
239	+#define __NR_openat2 (__NR_Linux + 437)
240	+#endif
241	+
242	+#if !defined(__NR_pidfd_getfd)
243	+#define __NR_pidfd_getfd (__NR_Linux + 438)
244	+#endif
245	+
246	+#if !defined(__NR_faccessat2)
247	+#define __NR_faccessat2 (__NR_Linux + 439)
248	+#endif
249	+
250	+#if !defined(__NR_process_madvise)
251	+#define __NR_process_madvise (__NR_Linux + 440)
252	+#endif
253	+
254	+#if !defined(__NR_epoll_pwait2)
255	+#define __NR_epoll_pwait2 (__NR_Linux + 441)
256	+#endif
257	+
258	+#if !defined(__NR_mount_setattr)
259	+#define __NR_mount_setattr (__NR_Linux + 442)
260	+#endif
261	+
262	+#if !defined(__NR_landlock_create_ruleset)
263	+#define __NR_landlock_create_ruleset (__NR_Linux + 444)
264	+#endif
265	+
266	+#if !defined(__NR_landlock_add_rule)
267	+#define __NR_landlock_add_rule (__NR_Linux + 445)
268	+#endif
269	+
270	+#if !defined(__NR_landlock_restrict_self)
271	+#define __NR_landlock_restrict_self (__NR_Linux + 446)
272	+#endif
273	+
274	#endif // SANDBOX_LINUX_SYSTEM_HEADERS_MIPS64_LINUX_SYSCALLS_H_
275	diff --git a/sandbox/linux/system_headers/x86_64_linux_syscalls.h b/sandbox/linux/system_headers/x86_64_linux_syscalls.h
276	index b0ae0a2..e618c62 100644
277	--- a/sandbox/linux/system_headers/x86_64_linux_syscalls.h
278	+++ b/sandbox/linux/system_headers/x86_64_linux_syscalls.h
279	@@ -1350,5 +1350,93 @@
280	#define __NR_rseq 334
281	#endif
282
283	+#if !defined(__NR_pidfd_send_signal)
284	+#define __NR_pidfd_send_signal 424
285	+#endif
286	+
287	+#if !defined(__NR_io_uring_setup)
288	+#define __NR_io_uring_setup 425
289	+#endif
290	+
291	+#if !defined(__NR_io_uring_enter)
292	+#define __NR_io_uring_enter 426
293	+#endif
294	+
295	+#if !defined(__NR_io_uring_register)
296	+#define __NR_io_uring_register 427
297	+#endif
298	+
299	+#if !defined(__NR_open_tree)
300	+#define __NR_open_tree 428
301	+#endif
302	+
303	+#if !defined(__NR_move_mount)
304	+#define __NR_move_mount 429
305	+#endif
306	+
307	+#if !defined(__NR_fsopen)
308	+#define __NR_fsopen 430
309	+#endif
310	+
311	+#if !defined(__NR_fsconfig)
312	+#define __NR_fsconfig 431
313	+#endif
314	+
315	+#if !defined(__NR_fsmount)
316	+#define __NR_fsmount 432
317	+#endif
318	+
319	+#if !defined(__NR_fspick)
320	+#define __NR_fspick 433
321	+#endif
322	+
323	+#if !defined(__NR_pidfd_open)
324	+#define __NR_pidfd_open 434
325	+#endif
326	+
327	+#if !defined(__NR_clone3)
328	+#define __NR_clone3 435
329	+#endif
330	+
331	+#if !defined(__NR_close_range)
332	+#define __NR_close_range 436
333	+#endif
334	+
335	+#if !defined(__NR_openat2)
336	+#define __NR_openat2 437
337	+#endif
338	+
339	+#if !defined(__NR_pidfd_getfd)
340	+#define __NR_pidfd_getfd 438
341	+#endif
342	+
343	+#if !defined(__NR_faccessat2)
344	+#define __NR_faccessat2 439
345	+#endif
346	+
347	+#if !defined(__NR_process_madvise)
348	+#define __NR_process_madvise 440
349	+#endif
350	+
351	+#if !defined(__NR_epoll_pwait2)
352	+#define __NR_epoll_pwait2 441
353	+#endif
354	+
355	+#if !defined(__NR_mount_setattr)
356	+#define __NR_mount_setattr 442
357	+#endif
358	+
359	+#if !defined(__NR_landlock_create_ruleset)
360	+#define __NR_landlock_create_ruleset 444
361	+#endif
362	+
363	+#if !defined(__NR_landlock_add_rule)
364	+#define __NR_landlock_add_rule 445
365	+#endif
366	+
367	+#if !defined(__NR_landlock_restrict_self)
368	+#define __NR_landlock_restrict_self 446
369	+#endif
370	+
371	#endif // SANDBOX_LINUX_SYSTEM_HEADERS_X86_64_LINUX_SYSCALLS_H_
372
373	From 218438259dd795456f0a48f67cbe5b4e520db88b Mon Sep 17 00:00:00 2001
374	From: Matthew Denton <mpdenton@chromium.org>
375	Date: Thu, 03 Jun 2021 20:06:13 +0000
376	Subject: [PATCH] Linux sandbox: return ENOSYS for clone3
377
378	Because clone3 uses a pointer argument rather than a flags argument, we
379	cannot examine the contents with seccomp, which is essential to
380	preventing sandboxed processes from starting other processes. So, we
381	won't be able to support clone3 in Chromium. This CL modifies the
382	BPF policy to return ENOSYS for clone3 so glibc always uses the fallback
383	to clone.
384
385	Bug: 1213452
386	Change-Id: I7c7c585a319e0264eac5b1ebee1a45be2d782303
387	Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2936184
388	Reviewed-by: Robert Sesek <rsesek@chromium.org>
389	Commit-Queue: Matthew Denton <mpdenton@chromium.org>
390	Cr-Commit-Position: refs/heads/master@{#888980}
391	---
392
393	diff --git a/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc b/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
394	index 05c39f0..086c56a2 100644
395	--- a/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
396	+++ b/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
397	@@ -178,6 +178,12 @@
398	return RestrictCloneToThreadsAndEPERMFork();
399	}
400
401	+ // clone3 takes a pointer argument which we cannot examine, so return ENOSYS
402	+ // to force the libc to use clone. See https://crbug.com/1213452.
403	+ if (sysno == __NR_clone3) {
404	+ return Error(ENOSYS);
405	+ }
406	+
407	if (sysno == __NR_fcntl)
408	return RestrictFcntlCommands();
409
410	--- chromium/third_party/abseil-cpp/absl/debugging/failure_signal_handler.cc.orig 2021-08-13 12:36:58.000000000 +0200
411	+++ chromium/third_party/abseil-cpp/absl/debugging/failure_signal_handler.cc 2021-08-18 22:04:02.165382504 +0200
412	@@ -135,7 +135,7 @@
413	#else
414	const size_t page_mask = sysconf(_SC_PAGESIZE) - 1;
415	#endif
416	- size_t stack_size = (std::max(SIGSTKSZ, 65536) + page_mask) & ~page_mask;
417	+ size_t stack_size = (std::max<size_t>(SIGSTKSZ, 65536) + page_mask) & ~page_mask;
418	#if defined(ABSL_HAVE_ADDRESS_SANITIZER) \|\| \
419	defined(ABSL_HAVE_MEMORY_SANITIZER) \|\| defined(ABSL_HAVE_THREAD_SANITIZER)
420	// Account for sanitizer instrumentation requiring additional stack space.
421	--- chromium/third_party/breakpad/breakpad/src/client/linux/handler/exception_handler.cc.orig 2021-08-18 22:05:45.366849996 +0200
422	+++ chromium/third_party/breakpad/breakpad/src/client/linux/handler/exception_handler.cc 2021-08-18 22:05:57.647024518 +0200
423	@@ -138,7 +138,7 @@
424	// SIGSTKSZ may be too small to prevent the signal handlers from overrunning
425	// the alternative stack. Ensure that the size of the alternative stack is
426	// large enough.
427	- static const unsigned kSigStackSize = std::max(16384, SIGSTKSZ);
428	+ static const unsigned kSigStackSize = std::max<size_t>(16384, SIGSTKSZ);
429
430	// Only set an alternative stack if there isn't already one, or if the current
431	// one is too small.