5 files changed, 247 insertions, 0 deletions
diff --git a/pkg/bubblewrap/patch/0001-utils-Avoid-unnecessary-VLAs.patch b/pkg/bubblewrap/patch/0001-utils-Avoid-unnecessary-VLAs.patch
new file mode 100644
index 00000000..9bac2a2f
--- /dev/null
+++ b/pkg/bubblewrap/patch/0001-utils-Avoid-unnecessary-VLAs.patch
@@ -0,0 +1,51 @@
+From f399ecdc5cc4a3d6563b9ea3c8984c3832d655ea Mon Sep 17 00:00:00 2001
+From: Michael Forney <mforney@mforney.org>
+Date: Tue, 4 Jul 2023 10:44:15 -0700
+Subject: [PATCH] utils: Avoid unnecessary VLAs
+
+---
+ utils.c | 10 ++++------
+ 1 file changed, 4 insertions(+), 6 deletions(-)
+
+diff --git a/utils.c b/utils.c
+index 693273b..6845283 100644
+--- a/utils.c
++++ b/utils.c
+@@ -727,15 +727,14 @@ send_pid_on_socket (int socket)
+   char buf[1] = { 0 };
+   struct msghdr msg = {};
+   struct iovec iov = { buf, sizeof (buf) };
+-  const ssize_t control_len_snd = CMSG_SPACE(sizeof(struct ucred));
+-  char control_buf_snd[control_len_snd];
++  char control_buf_snd[CMSG_SPACE(sizeof(struct ucred))];
+   struct cmsghdr *cmsg;
+   struct ucred *cred;
+ 
+   msg.msg_iov = &iov;
+   msg.msg_iovlen = 1;
+   msg.msg_control = control_buf_snd;
+-  msg.msg_controllen = control_len_snd;
++  msg.msg_controllen = sizeof (control_buf_snd);
+ 
+   cmsg = CMSG_FIRSTHDR(&msg);
+   cmsg->cmsg_level = SOL_SOCKET;
+@@ -769,14 +768,13 @@ read_pid_from_socket (int socket)
+   char recv_buf[1] = { 0 };
+   struct msghdr msg = {};
+   struct iovec iov = { recv_buf, sizeof (recv_buf) };
+-  const ssize_t control_len_rcv = CMSG_SPACE(sizeof(struct ucred));
+-  char control_buf_rcv[control_len_rcv];
++  char control_buf_rcv[CMSG_SPACE(sizeof(struct ucred))];
+   struct cmsghdr* cmsg;
+ 
+   msg.msg_iov = &iov;
+   msg.msg_iovlen = 1;
+   msg.msg_control = control_buf_rcv;
+-  msg.msg_controllen = control_len_rcv;
++  msg.msg_controllen = sizeof (control_buf_rcv);
+ 
+   if (recvmsg (socket, &msg, 0) < 0)
+     die_with_error ("Can't read pid from socket");
+-- 
+2.37.3
+
diff --git a/pkg/bubblewrap/patch/0002-utils-Avoid-empty-initializer-lists.patch b/pkg/bubblewrap/patch/0002-utils-Avoid-empty-initializer-lists.patch
new file mode 100644
index 00000000..8e4d700f
--- /dev/null
+++ b/pkg/bubblewrap/patch/0002-utils-Avoid-empty-initializer-lists.patch
@@ -0,0 +1,34 @@
+From 94d4083d5e11206676fc2015ff881141c62ad3a3 Mon Sep 17 00:00:00 2001
+From: Michael Forney <mforney@mforney.org>
+Date: Tue, 4 Jul 2023 10:47:29 -0700
+Subject: [PATCH] utils: Avoid empty initializer lists
+
+---
+ utils.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/utils.c b/utils.c
+index 6845283..13d42c7 100644
+--- a/utils.c
++++ b/utils.c
+@@ -725,7 +725,7 @@ void
+ send_pid_on_socket (int socket)
+ {
+   char buf[1] = { 0 };
+-  struct msghdr msg = {};
++  struct msghdr msg = { 0 };
+   struct iovec iov = { buf, sizeof (buf) };
+   char control_buf_snd[CMSG_SPACE(sizeof(struct ucred))];
+   struct cmsghdr *cmsg;
+@@ -766,7 +766,7 @@ int
+ read_pid_from_socket (int socket)
+ {
+   char recv_buf[1] = { 0 };
+-  struct msghdr msg = {};
++  struct msghdr msg = { 0 };
+   struct iovec iov = { recv_buf, sizeof (recv_buf) };
+   char control_buf_rcv[CMSG_SPACE(sizeof(struct ucred))];
+   struct cmsghdr* cmsg;
+-- 
+2.37.3
+
diff --git a/pkg/bubblewrap/patch/0003-Break-up-long-string-literal.patch b/pkg/bubblewrap/patch/0003-Break-up-long-string-literal.patch
new file mode 100644
index 00000000..c365b159
--- /dev/null
+++ b/pkg/bubblewrap/patch/0003-Break-up-long-string-literal.patch
@@ -0,0 +1,25 @@
+From 21b0b65179640a795394a9664862d797aaca9120 Mon Sep 17 00:00:00 2001
+From: Michael Forney <mforney@mforney.org>
+Date: Tue, 4 Jul 2023 18:57:02 -0700
+Subject: [PATCH] Break up long string literal
+
+---
+ bubblewrap.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/bubblewrap.c b/bubblewrap.c
+index 8322ea0..ceb4beb 100644
+--- a/bubblewrap.c
++++ b/bubblewrap.c
+@@ -339,6 +339,8 @@ usage (int ecode, FILE *out)
+            "    --dev-bind-try SRC DEST      Equal to --dev-bind but ignores non-existent SRC\n"
+            "    --ro-bind SRC DEST           Bind mount the host path SRC readonly on DEST\n"
+            "    --ro-bind-try SRC DEST       Equal to --ro-bind but ignores non-existent SRC\n"
++           );
++  fprintf (out,
+            "    --remount-ro DEST            Remount DEST as readonly; does not recursively remount\n"
+            "    --exec-label LABEL           Exec label for the sandbox\n"
+            "    --file-label LABEL           File label for temporary sandbox content\n"
+-- 
+2.37.3
+
diff --git a/pkg/bubblewrap/patch/0004-Avoid-statement-expressions-for-TEMP_FAILURE_RETRY.patch b/pkg/bubblewrap/patch/0004-Avoid-statement-expressions-for-TEMP_FAILURE_RETRY.patch
new file mode 100644
index 00000000..d24860ed
--- /dev/null
+++ b/pkg/bubblewrap/patch/0004-Avoid-statement-expressions-for-TEMP_FAILURE_RETRY.patch
@@ -0,0 +1,63 @@
+From 095786df5a2eb12f7996a183a16912cbb8368105 Mon Sep 17 00:00:00 2001
+From: Michael Forney <mforney@mforney.org>
+Date: Tue, 4 Jul 2023 19:04:48 -0700
+Subject: [PATCH] Avoid statement expressions for TEMP_FAILURE_RETRY
+
+---
+ bubblewrap.c | 19 ++++++++-----------
+ 1 file changed, 8 insertions(+), 11 deletions(-)
+
+diff --git a/bubblewrap.c b/bubblewrap.c
+index ceb4beb..608009d 100644
+--- a/bubblewrap.c
++++ b/bubblewrap.c
+@@ -44,14 +44,6 @@
+ #define CLONE_NEWCGROUP 0x02000000 /* New cgroup namespace */
+ #endif
+ 
+-#ifndef TEMP_FAILURE_RETRY
+-#define TEMP_FAILURE_RETRY(expression) \
+-  (__extension__                                                              \
+-    ({ long int __result;                                                     \
+-       do __result = (long int) (expression);                                 \
+-       while (__result == -1L && errno == EINTR);                             \
+-       __result; }))
+-#endif
+ 
+ /* We limit the size of a tmpfs to half the architecture's address space,
+  * to avoid hitting arbitrary limits in the kernel.
+@@ -467,7 +459,8 @@ report_child_exit_status (int exitc, int setup_finished_fd)
+   if (opt_json_status_fd == -1 || setup_finished_fd == -1)
+     return;
+ 
+-  s = TEMP_FAILURE_RETRY (read (setup_finished_fd, data, sizeof data));
++  do s = read (setup_finished_fd, data, sizeof data);
++  while (s == -1 && errno == EINTR);
+   if (s == -1 && errno != EAGAIN)
+     die_with_error ("read eventfd");
+   if (s != 1) // Is 0 if pipe closed before exec, is 2 if closed after exec.
+@@ -2953,7 +2946,9 @@ main (int    argc,
+       if (opt_userns_block_fd != -1)
+         {
+           char b[1];
+-          (void) TEMP_FAILURE_RETRY (read (opt_userns_block_fd, b, 1));
++          ssize_t s;
++          do s = read (opt_userns_block_fd, b, 1);
++          while (s == -1 && errno == EINTR);
+           close (opt_userns_block_fd);
+         }
+ 
+@@ -3238,7 +3233,9 @@ main (int    argc,
+   if (opt_block_fd != -1)
+     {
+       char b[1];
+-      (void) TEMP_FAILURE_RETRY (read (opt_block_fd, b, 1));
++      ssize_t s;
++      do s = read (opt_block_fd, b, 1);
++      while (s == -1 && errno == EINTR);
+       close (opt_block_fd);
+     }
+ 
+-- 
+2.37.3
+
diff --git a/pkg/bubblewrap/patch/0005-Use-external-string-to-cap-function.patch b/pkg/bubblewrap/patch/0005-Use-external-string-to-cap-function.patch
new file mode 100644
index 00000000..3ed79d15
--- /dev/null
+++ b/pkg/bubblewrap/patch/0005-Use-external-string-to-cap-function.patch
@@ -0,0 +1,74 @@
+From 1939348d3a1e8238464cd4c52743b04fa52ebed1 Mon Sep 17 00:00:00 2001
+From: Michael Forney <mforney@mforney.org>
+Date: Tue, 4 Jul 2023 19:20:51 -0700
+Subject: [PATCH] Use external string-to-cap function
+
+---
+ bubblewrap.c | 15 ++++++++++-----
+ 1 file changed, 10 insertions(+), 5 deletions(-)
+
+diff --git a/bubblewrap.c b/bubblewrap.c
+index 608009d..71c8bd0 100644
+--- a/bubblewrap.c
++++ b/bubblewrap.c
+@@ -30,8 +30,8 @@
+ #include <sys/eventfd.h>
+ #include <sys/fsuid.h>
+ #include <sys/signalfd.h>
+-#include <sys/capability.h>
+ #include <sys/prctl.h>
++#include <linux/capability.h>
+ #include <linux/sched.h>
+ #include <linux/seccomp.h>
+ #include <linux/filter.h>
+@@ -44,6 +44,9 @@
+ #define CLONE_NEWCGROUP 0x02000000 /* New cgroup namespace */
+ #endif
+ 
++int capset(void *, void *);
++int capget(void *, void *);
++int cap_from_name(const char *);
+ 
+ /* We limit the size of a tmpfs to half the architecture's address space,
+  * to avoid hitting arbitrary limits in the kernel.
+@@ -2358,7 +2361,7 @@ parse_args_recurse (int          *argcp,
+         }
+       else if (strcmp (arg, "--cap-add") == 0)
+         {
+-          cap_value_t cap;
++          int cap;
+           if (argc < 2)
+             die ("--cap-add takes an argument");
+ 
+@@ -2370,7 +2373,8 @@ parse_args_recurse (int          *argcp,
+             }
+           else
+             {
+-              if (cap_from_name (argv[1], &cap) < 0)
++              cap = cap_from_name (argv[1]);
++              if (cap < 0)
+                 die ("unknown cap: %s", argv[1]);
+ 
+               if (cap < 32)
+@@ -2384,7 +2388,7 @@ parse_args_recurse (int          *argcp,
+         }
+       else if (strcmp (arg, "--cap-drop") == 0)
+         {
+-          cap_value_t cap;
++          int cap;
+           if (argc < 2)
+             die ("--cap-drop takes an argument");
+ 
+@@ -2396,7 +2400,8 @@ parse_args_recurse (int          *argcp,
+             }
+           else
+             {
+-              if (cap_from_name (argv[1], &cap) < 0)
++              cap = cap_from_name (argv[1]);
++              if (cap < 0)
+                 die ("unknown cap: %s", argv[1]);
+ 
+               if (cap < 32)
+-- 
+2.37.3
+