1 files changed, 39 insertions, 0 deletions

diff --git a/debian/patches/revert-x32-sandbox-breakage.patch b/debian/patches/revert-x32-sandbox-breakage.patch
new file mode 100644
index 0000000..32cff92
--- /dev/null
+++ b/debian/patches/revert-x32-sandbox-breakage.patch
@@ -0,0 +1,39 @@
+From 67434174b3d64b352a794275f77489ebf1575849 Mon Sep 17 00:00:00 2001
+From: Colin Watson <cjwatson@debian.org>
+Date: Mon, 26 Oct 2020 17:36:22 +0000
+Subject: Revert "detect Linux/X32 systems"
+
+This reverts commit 5b56bd0affea7b02b540bdbc4d1d271b0e4fc885.  The bug
+reporter wasn't actually using x32, but rather an ordinary 32-bit
+userspace on a 64-bit kernel; this patch broke the seccomp sandbox on
+the actual x32 architecture.
+
+Patch-Name: revert-x32-sandbox-breakage.patch
+---
+ configure.ac | 6 ------
+ 1 file changed, 6 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index 5944299fa..15fc0d653 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -521,8 +521,6 @@ SPP_MSG="no"
+ # the --with-solaris-privs option and --with-sandbox=solaris).
+ SOLARIS_PRIVS="no"
+ 
+-AC_CHECK_SIZEOF([size_t])
+-
+ # Check for some target-specific stuff
+ case "$host" in
+ *-*-aix*)
+@@ -891,10 +889,6 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
+ 	case "$host" in
+ 	x86_64-*)
+ 		seccomp_audit_arch=AUDIT_ARCH_X86_64
+-		# X32: AMD64 instructions in 32bit address space.
+-		if test "x$ac_cv_sizeof_size_t" = "x4" ; then
+-			seccomp_audit_arch=AUDIT_ARCH_I386
+-		fi
+ 		;;
+ 	i*86-*)
+ 		seccomp_audit_arch=AUDIT_ARCH_I386