From 08bf7d3aec9c1a05ffc5b5e6c7a977ec469462dc Mon Sep 17 00:00:00 2001
From: John <me@johnnynator.dev>
Date: Tue, 19 Jan 2021 23:55:02 +0100
Subject: [PATCH 1/2] electron9: update to 9.3.5.

---
 .../files/patches/chromium-time64.patch       | 51 +++++++++++++++++++
 ...lectron-exclude-content-test-patches.patch |  2 +-
 srcpkgs/electron9/template                    |  4 +-
 3 files changed, 54 insertions(+), 3 deletions(-)
 create mode 100644 srcpkgs/electron9/files/patches/chromium-time64.patch

diff --git a/srcpkgs/electron9/files/patches/chromium-time64.patch b/srcpkgs/electron9/files/patches/chromium-time64.patch
new file mode 100644
index 00000000000..0330ce057f4
--- /dev/null
+++ b/srcpkgs/electron9/files/patches/chromium-time64.patch
@@ -0,0 +1,51 @@
+Description: allow sandboxed code to call gettime64
+ Add __NR_clock_gettime64 and __NR_clock_nanosleep_time64 to syscall whitelist
+ and clock selection parameter filtering code.
+
+ Add __NR_utimensat_time64 to syscall whitelist
+
+ Conditionalise additions on the new calls existing, because they do not exist
+ on 64-bit architectures.
+Author: Peter Michael Green <plugwash@raspbian.org>
+
+Index: chromium-83.0.4103.116/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
+===================================================================
+--- a/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
++++ b/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
+@@ -148,7 +148,11 @@ ResultExpr EvaluateSyscallImpl(int fs_de
+     return Allow();
+ #endif
+ 
++#ifdef __NR_clock_gettime64
++  if (sysno == __NR_clock_gettime || sysno == __NR_clock_gettime64 || sysno == __NR_clock_nanosleep || sysno == __NR_clock_nanosleep_time64) {
++#else
+   if (sysno == __NR_clock_gettime || sysno == __NR_clock_nanosleep) {
++#endif
+     return RestrictClockID();
+   }
+ 
+Index: chromium-83.0.4103.116/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc
+===================================================================
+--- a/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc
++++ b/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc
+@@ -38,6 +38,10 @@ bool SyscallSets::IsAllowedGettime(int s
+     case __NR_clock_getres:     // Allowed only on Android with parameters
+                                 // filtered by RestrictClokID().
+     case __NR_clock_gettime:    // Parameters filtered by RestrictClockID().
++#ifdef __NR_clock_gettime64
++    case __NR_clock_gettime64:    // Parameters filtered by RestrictClockID().
++    case __NR_clock_nanosleep_time64:  // Parameters filtered by RestrictClockID().
++#endif
+     case __NR_clock_nanosleep:  // Parameters filtered by RestrictClockID().
+     case __NR_clock_settime:    // Privileged.
+ #if defined(__i386__) || \
+@@ -159,6 +163,9 @@ bool SyscallSets::IsFileSystem(int sysno
+     case __NR_utime:
+ #endif
+     case __NR_utimensat:  // New.
++#ifdef __NR_utimensat_time64
++    case __NR_utimensat_time64:
++#endif
+       return true;
+     default:
+       return false;
diff --git a/srcpkgs/electron9/files/patches/electron-exclude-content-test-patches.patch b/srcpkgs/electron9/files/patches/electron-exclude-content-test-patches.patch
index bef16e1f0e2..15735c75770 100644
--- a/srcpkgs/electron9/files/patches/electron-exclude-content-test-patches.patch
+++ b/srcpkgs/electron9/files/patches/electron-exclude-content-test-patches.patch
@@ -4,7 +4,7 @@
    for patch_dir, repo in dirs.items():
      git.import_patches(repo=repo, patch_data=patch_from_dir(patch_dir),
        threeway=threeway is not None,
-+      exclude=['content/test/**', 'test/cctest/wasm/**'],
++      exclude=['content/test/**', 'test/cctest/**'],
        committer_name="Electron Scripts", committer_email="scripts@electron")
  
  
diff --git a/srcpkgs/electron9/template b/srcpkgs/electron9/template
index d598cf62ff7..9d8ce3dd5e6 100644
--- a/srcpkgs/electron9/template
+++ b/srcpkgs/electron9/template
@@ -1,6 +1,6 @@
 # Template file for 'electron9'
 pkgname=electron9
-version=9.3.4
+version=9.4.1
 _nodever=12.14.1
 _chromiumver=83.0.4103.119
 revision=1
@@ -30,7 +30,7 @@ homepage="https://electronjs.org"
 distfiles="https://github.com/electron/electron/archive/v$version.tar.gz>electron-${version}.tar.gz
  https://commondatastorage.googleapis.com/chromium-browser-official/chromium-$_chromiumver.tar.xz
  https://github.com/nodejs/node/archive/v$_nodever.tar.gz>node-$_nodever.tar.gz"
-checksum="067399edbbadf7d975e293230ee716a441dc63bcc0bbf1ad41bd0e1063588867
+checksum="953e34b156fc9cd49b8f39daf662b279930913eea7bf47265ce60b576dfc7a36
  452cbc58895a46b2b87ba450a3f86897de92ad08ce28ffdbed6b3f12101d3788
  01e4a960be3e26b87c55509ee1cb44a14946a4169d5cdec046dd05058d995b26"
 

From 6d460f7c7e3d73270f8fea7c4d325fe4be0bdd1b Mon Sep 17 00:00:00 2001
From: John <me@johnnynator.dev>
Date: Tue, 19 Jan 2021 23:55:22 +0100
Subject: [PATCH 2/2] electron10: update to 10.3.0.

---
 .../files/patches/chromium-time64.patch       | 51 +++++++++++++++++++
 srcpkgs/electron10/template                   |  4 +-
 2 files changed, 53 insertions(+), 2 deletions(-)
 create mode 100644 srcpkgs/electron10/files/patches/chromium-time64.patch

diff --git a/srcpkgs/electron10/files/patches/chromium-time64.patch b/srcpkgs/electron10/files/patches/chromium-time64.patch
new file mode 100644
index 00000000000..0330ce057f4
--- /dev/null
+++ b/srcpkgs/electron10/files/patches/chromium-time64.patch
@@ -0,0 +1,51 @@
+Description: allow sandboxed code to call gettime64
+ Add __NR_clock_gettime64 and __NR_clock_nanosleep_time64 to syscall whitelist
+ and clock selection parameter filtering code.
+
+ Add __NR_utimensat_time64 to syscall whitelist
+
+ Conditionalise additions on the new calls existing, because they do not exist
+ on 64-bit architectures.
+Author: Peter Michael Green <plugwash@raspbian.org>
+
+Index: chromium-83.0.4103.116/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
+===================================================================
+--- a/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
++++ b/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
+@@ -148,7 +148,11 @@ ResultExpr EvaluateSyscallImpl(int fs_de
+     return Allow();
+ #endif
+ 
++#ifdef __NR_clock_gettime64
++  if (sysno == __NR_clock_gettime || sysno == __NR_clock_gettime64 || sysno == __NR_clock_nanosleep || sysno == __NR_clock_nanosleep_time64) {
++#else
+   if (sysno == __NR_clock_gettime || sysno == __NR_clock_nanosleep) {
++#endif
+     return RestrictClockID();
+   }
+ 
+Index: chromium-83.0.4103.116/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc
+===================================================================
+--- a/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc
++++ b/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc
+@@ -38,6 +38,10 @@ bool SyscallSets::IsAllowedGettime(int s
+     case __NR_clock_getres:     // Allowed only on Android with parameters
+                                 // filtered by RestrictClokID().
+     case __NR_clock_gettime:    // Parameters filtered by RestrictClockID().
++#ifdef __NR_clock_gettime64
++    case __NR_clock_gettime64:    // Parameters filtered by RestrictClockID().
++    case __NR_clock_nanosleep_time64:  // Parameters filtered by RestrictClockID().
++#endif
+     case __NR_clock_nanosleep:  // Parameters filtered by RestrictClockID().
+     case __NR_clock_settime:    // Privileged.
+ #if defined(__i386__) || \
+@@ -159,6 +163,9 @@ bool SyscallSets::IsFileSystem(int sysno
+     case __NR_utime:
+ #endif
+     case __NR_utimensat:  // New.
++#ifdef __NR_utimensat_time64
++    case __NR_utimensat_time64:
++#endif
+       return true;
+     default:
+       return false;
diff --git a/srcpkgs/electron10/template b/srcpkgs/electron10/template
index 26d6309c819..e529c6341ff 100644
--- a/srcpkgs/electron10/template
+++ b/srcpkgs/electron10/template
@@ -1,6 +1,6 @@
 # Template file for 'electron10'
 pkgname=electron10
-version=10.2.0
+version=10.3.0
 _nodever=12.16.3
 _chromiumver=85.0.4183.121
 revision=1
@@ -30,7 +30,7 @@ homepage="https://electronjs.org"
 distfiles="https://github.com/electron/electron/archive/v$version.tar.gz>electron-${version}.tar.gz
  https://commondatastorage.googleapis.com/chromium-browser-official/chromium-$_chromiumver.tar.xz
  https://github.com/nodejs/node/archive/v$_nodever.tar.gz>node-$_nodever.tar.gz"
-checksum="e1de6c43215594936af7b8f40f383e28069a8e4666bae1e447491353a506c6d4
+checksum="2938b0fd433d2a3f89eecaf3d28ecfec333ab15da84ae2e0a0db70cc3b047d75
  e018547e54566410fb365d9f3dae10037c30fca5debe6ba8baceef3ad3b03d28
  dcd0a1e619ff326399ca8fd87f61c255f4d1e9bff47860064993f01e4ff37fe1"