mozilla: comparison mozilla-sandbox-fips.patch

equal deleted inserted replaced

-:849d6343405b
+:bb219fd0d646
 bsc#1174284 - Firefox tab just crashed in FIPS mode
 diff --git a/security/sandbox/linux/Sandbox.cpp b/security/sandbox/linux/Sandbox.cpp
 --- a/security/sandbox/linux/Sandbox.cpp
 +++ b/security/sandbox/linux/Sandbox.cpp
-@@ -647,16 +647,17 @@ void SetMediaPluginSandbox(const char* a
+@@ -650,16 +650,17 @@ void SetMediaPluginSandbox(const char* a
 SANDBOX_LOG_ERROR("failed to open plugin file %s: %s", aFilePath,
 strerror(errno));
 MOZ_CRASH("failed while trying to open the plugin file ");
 }
 auto files = new SandboxOpenedFiles();
 files->Add(std::move(plugin));
-files->Add("/dev/urandom", true);
+files->Add("/dev/urandom", SandboxOpenedFile::Dup::YES);
-+  files->Add("/dev/random", true);
++  files->Add("/dev/random", SandboxOpenedFile::Dup::YES);
 files->Add("/etc/ld.so.cache");  // Needed for NSS in clearkey.
 files->Add("/sys/devices/system/cpu/cpu0/tsc_freq_khz");
 files->Add("/sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq");
 files->Add("/proc/cpuinfo");  // Info also available via CPUID instruction.
 files->Add("/proc/sys/crypto/fips_enabled");  // Needed for NSS in clearkey.
 files->Add("/proc/self/auxv");  // Info also in process's address space.
 #endif
 diff --git a/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp b/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp
 --- a/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp
 +++ b/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp
-@@ -308,16 +308,18 @@ void SandboxBrokerPolicyFactory::InitCon
+@@ -315,16 +315,18 @@ void SandboxBrokerPolicyFactory::InitCon
 policy->AddDir(rdwr, "/dev/dri");
 }
 // Bug 1575985: WASM library sandbox needs RW access to /dev/null
 policy->AddPath(rdwr, "/dev/null");

branch	firefox93
changeset 1164	bb219fd0d646
parent 1142	c5e32127317c
child 1165	e009fde1282b