From f04394ed06e7e6040b7a3ee007e23d5c73b6702f Mon Sep 17 00:00:00 2001 From: Rootkit404 <175176948+RKNF404@users.noreply.github.com> Date: Wed, 1 Oct 2025 12:05:21 -0400 Subject: [PATCH] chore: remove old patch --- patches/140-audio-sandbox-fix.patch | 49 ----------------------------- 1 file changed, 49 deletions(-) delete mode 100644 patches/140-audio-sandbox-fix.patch diff --git a/patches/140-audio-sandbox-fix.patch b/patches/140-audio-sandbox-fix.patch deleted file mode 100644 index f896137a..00000000 --- a/patches/140-audio-sandbox-fix.patch +++ /dev/null @@ -1,49 +0,0 @@ -Copyright 2024-2025 The Trivalent Authors - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software distributed under the License is -distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and limitations under the License. ---- -diff --git a/sandbox/policy/linux/bpf_audio_policy_linux.cc b/sandbox/policy/linux/bpf_audio_policy_linux.cc -index 3c24c69d02134..ca2b3b4d746e8 100644 ---- a/sandbox/policy/linux/bpf_audio_policy_linux.cc -+++ b/sandbox/policy/linux/bpf_audio_policy_linux.cc -@@ -5,6 +5,7 @@ - #include "sandbox/policy/linux/bpf_audio_policy_linux.h" - - #include -+#include - - #include "sandbox/linux/bpf_dsl/bpf_dsl.h" - #include "sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h" -@@ -60,10 +61,6 @@ ResultExpr AudioProcessPolicy::EvaluateSyscall(int system_call_number) const { - #if defined(__NR_ioctl) - case __NR_ioctl: - #endif --#if defined(__NR_memfd_create) -- case __NR_memfd_create: -- // TODO(crbug.com/442771181): temporary allowance for crasher. --#endif - #if defined(__NR_pwrite) - case __NR_pwrite: - #endif -@@ -122,6 +119,13 @@ ResultExpr AudioProcessPolicy::EvaluateSyscall(int system_call_number) const { - const Arg domain(0); - return If(domain == AF_UNIX, Allow()).Else(Error(EPERM)); - } -+#endif -+#if defined(__NR_memfd_create) -+ case __NR_memfd_create: { -+ const Arg flags(1); -+ return If((flags & ~(MFD_NOEXEC_SEAL | MFD_CLOEXEC | MFD_ALLOW_SEALING)) == 0, Allow()) -+ .Else(CrashSIGSYS()); -+ } - #endif - default: - #if defined(__x86_64__)