From 2a1307f3d574e22f1aaf4ad9b9e271dd575f42d2 Mon Sep 17 00:00:00 2001
From: Martin Stransky <stransky@redhat.com>
Date: Tue, 21 Jul 2020 12:12:38 +0200
Subject: Added fix for mozbz#1651701/rhbz#1855730

---
 mozilla-1651701.patch | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)
 create mode 100644 mozilla-1651701.patch

(limited to 'mozilla-1651701.patch')

diff --git a/mozilla-1651701.patch b/mozilla-1651701.patch
new file mode 100644
index 0000000..7bcea2e
--- /dev/null
+++ b/mozilla-1651701.patch
@@ -0,0 +1,18 @@
+diff --git a/security/sandbox/linux/SandboxFilter.cpp b/security/sandbox/linux/SandboxFilter.cpp
+--- a/security/sandbox/linux/SandboxFilter.cpp
++++ b/security/sandbox/linux/SandboxFilter.cpp
+@@ -711,6 +711,13 @@
+         return Error(EPERM);
+ #endif
+ 
++        // Bug 1651701: an API for restartable atomic sequences and
++        // per-CPU data; exposing information about CPU numbers and
++        // when threads are migrated or preempted isn't great but the
++        // risk should be relatively low.
++      case __NR_rseq:
++        return Allow();
++
+ #ifdef MOZ_ASAN
+         // ASAN's error reporter wants to know if stderr is a tty.
+       case __NR_ioctl: {
+
-- 
cgit