From cd1ecf258bacc64f59cb86fc762c0e97ed06611c Mon Sep 17 00:00:00 2001 From: Patrick J Volkerding Date: Tue, 22 Feb 2022 21:24:29 +0000 Subject: Tue Feb 22 21:24:29 UTC 2022 a/aaa_glibc-solibs-2.35-x86_64-2.txz: Rebuilt. l/glibc-2.35-x86_64-2.txz: Rebuilt. Disable clone3() unless built with -DSLACKWARE_USE_CLONE3, since this is causing sandbox failures with applications using Electron (and others). Thanks to Sam James of Gentoo for the patch. Unfortunately, this doesn't solve the issues with kmail/falkon/konqueror, but we'll keep testing glibc-2.35 for now. l/glibc-i18n-2.35-x86_64-2.txz: Rebuilt. l/glibc-profile-2.35-x86_64-2.txz: Rebuilt. --- source/l/glibc/glibc.SlackBuild | 2 +- ...e-internal.c-make-clone3-syscall-optional.patch | 50 ++++++++++++++++++++++ 2 files changed, 51 insertions(+), 1 deletion(-) create mode 100644 source/l/glibc/patches/0011-clone-internal.c-make-clone3-syscall-optional.patch (limited to 'source') diff --git a/source/l/glibc/glibc.SlackBuild b/source/l/glibc/glibc.SlackBuild index f1eb962f8..551276a55 100755 --- a/source/l/glibc/glibc.SlackBuild +++ b/source/l/glibc/glibc.SlackBuild @@ -25,7 +25,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=glibc VERSION=${VERSION:-$(echo glibc-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} CHECKOUT=${CHECKOUT:-""} -BUILD=${BUILD:-1} +BUILD=${BUILD:-2} # I was considering disabling NSCD, but MoZes talked me out of it. :) #DISABLE_NSCD=" --disable-nscd " diff --git a/source/l/glibc/patches/0011-clone-internal.c-make-clone3-syscall-optional.patch b/source/l/glibc/patches/0011-clone-internal.c-make-clone3-syscall-optional.patch new file mode 100644 index 000000000..661cd770f --- /dev/null +++ b/source/l/glibc/patches/0011-clone-internal.c-make-clone3-syscall-optional.patch @@ -0,0 +1,50 @@ +From 06b01dfa4e29b5a6838dd9050f3e9418c5dc77f5 Mon Sep 17 00:00:00 2001 +From: Sam James +Date: Wed, 1 Dec 2021 14:58:40 +0000 +Subject: [PATCH 11/29] clone-internal.c: make clone3 syscall optional + +[MODIFIED FOR SLACKWARE] + +We're disabling clone3 for now _CONDITIONALLY_ (not by default) to allow +compatibility with applications using older Electron. + +Use -DSLACKWARE_USE_CLONE3 to enable clone3 for now. In future, we will +revert back to always using clone3. + +This was impacting e.g. Discord and Skype. This patch stops glibc from using +clone3 internally (which is the only real use of it) and falls back to the old +behaviour. + +Specifically, we want https://github.com/electron/electron/pull/31091 +to work its way downstream to various Electron applications. + +https://bugs.gentoo.org/819045 +https://bugs.gentoo.org/827386 + +https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/glibc/plain/debian/patches/ubuntu/disable-clone3.patch + +This is the same as the patch that was considered but ultimately rejected +for 2.34 because Docker got sorted out in time: +https://patchwork.ozlabs.org/project/glibc/patch/87eebkf8ph.fsf@oldenburg.str.redhat.com/. + +Signed-off-by: Sam James +--- + sysdeps/unix/sysv/linux/clone-internal.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/sysdeps/unix/sysv/linux/clone-internal.c b/sysdeps/unix/sysv/linux/clone-internal.c +index a71effcbd3..60efe1f453 100644 +--- a/sysdeps/unix/sysv/linux/clone-internal.c ++++ b/sysdeps/unix/sysv/linux/clone-internal.c +@@ -48,7 +48,7 @@ __clone_internal (struct clone_args *cl_args, + int (*func) (void *arg), void *arg) + { + int ret; +-#ifdef HAVE_CLONE3_WRAPPER ++#if defined(HAVE_CLONE3_WRAPPER) && defined(SLACKWARE_USE_CLONE3) + /* Try clone3 first. */ + int saved_errno = errno; + ret = __clone3 (cl_args, sizeof (*cl_args), func, arg); +-- +2.34.1 + -- cgit v1.2.3-65-gdbad