aboutsummaryrefslogtreecommitdiff
path: root/devel/electron29/files/patch-sandbox_policy_features.cc
diff options
context:
space:
mode:
Diffstat (limited to 'devel/electron29/files/patch-sandbox_policy_features.cc')
-rw-r--r--devel/electron29/files/patch-sandbox_policy_features.cc23
1 files changed, 23 insertions, 0 deletions
diff --git a/devel/electron29/files/patch-sandbox_policy_features.cc b/devel/electron29/files/patch-sandbox_policy_features.cc
new file mode 100644
index 000000000000..9898de0c3b7b
--- /dev/null
+++ b/devel/electron29/files/patch-sandbox_policy_features.cc
@@ -0,0 +1,23 @@
+--- sandbox/policy/features.cc.orig 2024-02-21 00:20:51 UTC
++++ sandbox/policy/features.cc
+@@ -20,7 +20,11 @@ BASE_FEATURE(kNetworkServiceSandbox,
+ // (Only causes an effect when feature kNetworkServiceInProcess is disabled.)
+ BASE_FEATURE(kNetworkServiceSandbox,
+ "NetworkServiceSandbox",
++#if BUILDFLAG(IS_BSD)
++ base::FEATURE_ENABLED_BY_DEFAULT);
++#else
+ base::FEATURE_DISABLED_BY_DEFAULT);
++#endif
+
+ #if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)
+ // Enables a fine-grained seccomp-BPF syscall filter for the network service.
+@@ -128,7 +132,7 @@ BASE_FEATURE(kForceSpectreVariant2Mitigation,
+ base::FEATURE_DISABLED_BY_DEFAULT);
+ #endif // BUILDFLAG(IS_CHROMEOS_ASH)
+
+-#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)
++#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS) || BUILDFLAG(IS_BSD)
+ // Enabling the kNetworkServiceSandbox feature automatically enables Spectre
+ // variant 2 mitigations in the network service. This can lead to performance
+ // regressions, so enabling this feature will turn off the Spectre Variant 2
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-05 16:43:05 +0000