代码拉取完成,页面将自动刷新
同步操作将从 src-openEuler/firefox 强制同步,此操作会覆盖自 Fork 仓库以来所做的任何修改,且无法恢复!!!
确定后同步将在后台操作,完成时将刷新页面,请耐心等待。
# HG changeset patch
# User Alexandre Lissy <lissyx+mozillians@lissyx.dyndns.org>
# Date 1623246328 0
# Node ID ecb4011a0c76a1c7040054a44712e277f3dc24a1
# Parent 9ec189804055442e5cc98d69dd01b71e90ed0cb5
Bug 1715254 - Deny clone3 to force glibc fallback r=gcp
Differential Revision: https://phabricator.services.mozilla.com/D117297
diff --git a/security/sandbox/linux/SandboxFilter.cpp b/security/sandbox/linux/SandboxFilter.cpp
--- a/security/sandbox/linux/SandboxFilter.cpp
+++ b/security/sandbox/linux/SandboxFilter.cpp
@@ -853,16 +853,19 @@ class SandboxPolicyCommon : public Sandb
// Yield
case __NR_sched_yield:
return Allow();
// Thread creation.
case __NR_clone:
return ClonePolicy(InvalidSyscall());
+ case __NR_clone3:
+ return Error(ENOSYS);
+
// More thread creation.
#ifdef __NR_set_robust_list
case __NR_set_robust_list:
return Allow();
#endif
#ifdef ANDROID
case __NR_set_tid_address:
return Allow();
@@ -1499,16 +1502,19 @@ class ContentSandboxPolicy : public Sand
// the child would inherit the seccomp-bpf policy and almost
// certainly die from an unexpected SIGSYS. We also can't have
// fork() crash, currently, because there are too many system
// libraries/plugins that try to run commands. But they can
// usually do something reasonable on error.
case __NR_clone:
return ClonePolicy(Error(EPERM));
+ case __NR_clone3:
+ return Error(ENOSYS);
+
# ifdef __NR_fadvise64
case __NR_fadvise64:
return Allow();
# endif
# ifdef __NR_fadvise64_64
case __NR_fadvise64_64:
return Allow();
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。