--- a/mozilla-sandbox-fips.patch Fri Oct 01 12:00:20 2021 +0200
+++ b/mozilla-sandbox-fips.patch Sun Oct 17 20:19:48 2021 +0200
@@ -7,7 +7,7 @@
diff --git a/security/sandbox/linux/Sandbox.cpp b/security/sandbox/linux/Sandbox.cpp
--- a/security/sandbox/linux/Sandbox.cpp
+++ b/security/sandbox/linux/Sandbox.cpp
-@@ -647,16 +647,17 @@ void SetMediaPluginSandbox(const char* a
+@@ -650,16 +650,17 @@ void SetMediaPluginSandbox(const char* a
SANDBOX_LOG_ERROR("failed to open plugin file %s: %s", aFilePath,
strerror(errno));
MOZ_CRASH("failed while trying to open the plugin file ");
@@ -15,8 +15,8 @@
auto files = new SandboxOpenedFiles();
files->Add(std::move(plugin));
- files->Add("/dev/urandom", true);
-+ files->Add("/dev/random", true);
+ files->Add("/dev/urandom", SandboxOpenedFile::Dup::YES);
++ files->Add("/dev/random", SandboxOpenedFile::Dup::YES);
files->Add("/etc/ld.so.cache"); // Needed for NSS in clearkey.
files->Add("/sys/devices/system/cpu/cpu0/tsc_freq_khz");
files->Add("/sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq");
@@ -28,7 +28,7 @@
diff --git a/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp b/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp
--- a/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp
+++ b/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp
-@@ -308,16 +308,18 @@ void SandboxBrokerPolicyFactory::InitCon
+@@ -315,16 +315,18 @@ void SandboxBrokerPolicyFactory::InitCon
policy->AddDir(rdwr, "/dev/dri");
}