chromium: Disable legacy seccomp sandbox in v23.

This removes the patch introduced in 949afcc0f2.
The reason behind this is because even though we patch in the legacy seccomp
sandbox by default, it won't be used anyway as both cannot coexist anymore.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
This commit is contained in:
aszlig 2012-10-08 07:16:23 +02:00
parent 10679a7ba6
commit 17fe198695
No known key found for this signature in database
GPG Key ID: D0EBD0EC8C2DC961
2 changed files with 5 additions and 24 deletions

View File

@ -80,12 +80,11 @@ let
xdg_utils yasm zlib
];
seccompPatch = let
maybeSeccompPatch = let
pre22 = versionOlder sourceInfo.version "22.0.0.0";
pre23 = versionOlder sourceInfo.version "23.0.0.0";
in if pre22 then ./enable_seccomp.patch
else if pre23 then ./enable_seccomp22.patch
else ./enable_seccomp23.patch;
patch = if pre22 then ./enable_seccomp.patch else ./enable_seccomp22.patch;
in optional pre23 patch;
maybeBpfTemporaryFix = let
patch = fetchurl {
@ -126,9 +125,9 @@ in stdenv.mkDerivation rec {
prePatch = "patchShebangs .";
patches = optional (!cfg.selinux) seccompPatch
++ optional cfg.cups ./cups_allow_deprecated.patch
patches = optional cfg.cups ./cups_allow_deprecated.patch
++ optional cfg.pulseaudio ./pulseaudio_array_bounds.patch
++ maybeSeccompPatch
++ maybeBpfTemporaryFix;
postPatch = optionalString cfg.openssl ''

View File

@ -1,18 +0,0 @@
diff --git a/content/common/sandbox_linux.cc b/content/common/sandbox_linux.cc
index ad73fe6..ee3e6e6 100644
--- a/content/common/sandbox_linux.cc
+++ b/content/common/sandbox_linux.cc
@@ -42,13 +42,8 @@ bool IsSeccompLegacyDesired() {
return false;
}
#if defined(SECCOMP_SANDBOX)
-#if defined(NDEBUG)
- // Off by default. Allow turning on with a switch.
- return command_line->HasSwitch(switches::kEnableSeccompSandbox);
-#else
// On by default. Allow turning off with a switch.
return !command_line->HasSwitch(switches::kDisableSeccompSandbox);
-#endif // NDEBUG
#endif // SECCOMP_SANDBOX
return false;
}