mirror of
https://github.com/archlinuxarm/PKGBUILDs.git
synced 2025-03-09 00:17:31 +00:00
extra/chromium to 65.0.3325.181-5
This commit is contained in:
parent
c82e41db49
commit
4717f194d5
2 changed files with 95 additions and 2 deletions
|
@ -14,7 +14,7 @@ highmem=1
|
|||
|
||||
pkgname=chromium
|
||||
pkgver=65.0.3325.181
|
||||
pkgrel=4
|
||||
pkgrel=5
|
||||
_launcher_ver=6
|
||||
pkgdesc="A web browser built for speed, simplicity, and security"
|
||||
arch=('i686' 'x86_64' 'armv7h' 'aarch64')
|
||||
|
@ -32,6 +32,7 @@ source=(https://commondatastorage.googleapis.com/chromium-browser-official/$pkgn
|
|||
chromium-launcher-$_launcher_ver.tar.gz::https://github.com/foutrelis/chromium-launcher/archive/v$_launcher_ver.tar.gz
|
||||
chromium-$pkgver.txt::https://chromium.googlesource.com/chromium/src.git/+/$pkgver?format=TEXT
|
||||
fix-crash-in-is_cfi-true-builds-with-unbundled-ICU.patch
|
||||
allow-stat-in-Linux-for-GPU-process-for-a-list-of-files.patch
|
||||
chromium-skia-harmony.patch
|
||||
chromium-clang-r2.patch
|
||||
chromium-math.h-r0.patch
|
||||
|
@ -52,6 +53,7 @@ sha256sums=('93666448c6b96ec83e6a35a64cff40db4eb92a154fe1db4e7dab4761d0e38687'
|
|||
'04917e3cd4307d8e31bfb0027a5dce6d086edb10ff8a716024fbb8bb0c7dccf1'
|
||||
'2771c049b66c9aba3b945fe065f2610f164d55506eb5d71751a26aaf8b40d4ee'
|
||||
'e3fb73b43bb8c69ff517e66b2cac73d6e759fd240003eb35598df9af442422fe'
|
||||
'4327289866d0b3006de62799ec06b07198a738e50e0a5c2e41ff62dbe00b4a2c'
|
||||
'feca54ab09ac0fc9d0626770a6b899a6ac5a12173c7d0c1005bc3964ec83e7b3'
|
||||
'4495e8b29dae242c79ffe4beefc5171eb3c7aacb7e9aebfd2d4d69b9d8c958d3'
|
||||
'fe0ab86aa5b0072db730eccda3e1582ebed4af25815bfd49fe0da24cf63ca902'
|
||||
|
@ -145,6 +147,9 @@ prepare() {
|
|||
# https://crbug.com/822820
|
||||
patch -Np1 -i ../fix-crash-in-is_cfi-true-builds-with-unbundled-ICU.patch
|
||||
|
||||
# https://crbug.com/817400
|
||||
patch -Np1 -i ../allow-stat-in-Linux-for-GPU-process-for-a-list-of-files.patch
|
||||
|
||||
# https://crbug.com/skia/6663#c10
|
||||
patch -Np4 -i ../chromium-skia-harmony.patch
|
||||
|
||||
|
@ -191,7 +196,7 @@ build() {
|
|||
local _flags=(
|
||||
'is_clang=false'
|
||||
'clang_use_chrome_plugins=false'
|
||||
'is_official_build=true'
|
||||
'is_official_build=true' # implies is_cfi=true on x86_64
|
||||
'is_cfi=false'
|
||||
'is_debug=false'
|
||||
'fatal_linker_warnings=false'
|
||||
|
|
|
@ -0,0 +1,88 @@
|
|||
From 6b1b6d3a8555075e23cca89335e855d55f35fba9 Mon Sep 17 00:00:00 2001
|
||||
From: Zhenyao Mo <zmo@chromium.org>
|
||||
Date: Thu, 29 Mar 2018 23:48:19 +0000
|
||||
Subject: [PATCH] Allow `stat` in Linux for GPU process for a list of files.
|
||||
|
||||
This is to unblock certain NVidia driver's glReadPixels calls in the sandboxed
|
||||
GPU process.
|
||||
|
||||
Note that the needed file /dev/nvidiactl is already in the list for read/write.
|
||||
|
||||
BUG=817400
|
||||
TEST=manual
|
||||
R=tsepez@chromium.org
|
||||
|
||||
Change-Id: I9074a8335a9c4df1487f5a288d5e284bbedf67c3
|
||||
Reviewed-on: https://chromium-review.googlesource.com/965462
|
||||
Reviewed-by: Zhenyao Mo <zmo@chromium.org>
|
||||
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
||||
Reviewed-by: Robert Sesek <rsesek@chromium.org>
|
||||
Reviewed-by: Kenneth Russell <kbr@chromium.org>
|
||||
Commit-Queue: Zhenyao Mo <zmo@chromium.org>
|
||||
Cr-Commit-Position: refs/heads/master@{#547027}
|
||||
---
|
||||
content/gpu/gpu_sandbox_hook_linux.cc | 5 ++++-
|
||||
.../service_manager/sandbox/linux/bpf_gpu_policy_linux.cc | 15 ++++++++++++++-
|
||||
2 files changed, 18 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/content/gpu/gpu_sandbox_hook_linux.cc b/content/gpu/gpu_sandbox_hook_linux.cc
|
||||
index ddd7b99485fe..cd914e2f9926 100644
|
||||
--- a/content/gpu/gpu_sandbox_hook_linux.cc
|
||||
+++ b/content/gpu/gpu_sandbox_hook_linux.cc
|
||||
@@ -153,6 +153,7 @@ void AddStandardGpuWhiteList(std::vector<BrokerFilePermission>* permissions) {
|
||||
static const char kDriCardBasePath[] = "/dev/dri/card";
|
||||
static const char kNvidiaCtlPath[] = "/dev/nvidiactl";
|
||||
static const char kNvidiaDeviceBasePath[] = "/dev/nvidia";
|
||||
+ static const char kNvidiaDeviceModeSetPath[] = "/dev/nvidia-modeset";
|
||||
static const char kNvidiaParamsPath[] = "/proc/driver/nvidia/params";
|
||||
static const char kDevShm[] = "/dev/shm/";
|
||||
|
||||
@@ -172,6 +173,8 @@ void AddStandardGpuWhiteList(std::vector<BrokerFilePermission>* permissions) {
|
||||
permissions->push_back(BrokerFilePermission::ReadWrite(
|
||||
base::StringPrintf("%s%d", kNvidiaDeviceBasePath, i)));
|
||||
}
|
||||
+ permissions->push_back(
|
||||
+ BrokerFilePermission::ReadWrite(kNvidiaDeviceModeSetPath));
|
||||
permissions->push_back(BrokerFilePermission::ReadOnly(kNvidiaParamsPath));
|
||||
}
|
||||
|
||||
@@ -262,9 +265,9 @@ sandbox::syscall_broker::BrokerCommandSet CommandSetForGPU(
|
||||
sandbox::syscall_broker::BrokerCommandSet command_set;
|
||||
command_set.set(sandbox::syscall_broker::COMMAND_ACCESS);
|
||||
command_set.set(sandbox::syscall_broker::COMMAND_OPEN);
|
||||
+ command_set.set(sandbox::syscall_broker::COMMAND_STAT);
|
||||
if (IsChromeOS() && options.use_amd_specific_policies) {
|
||||
command_set.set(sandbox::syscall_broker::COMMAND_READLINK);
|
||||
- command_set.set(sandbox::syscall_broker::COMMAND_STAT);
|
||||
}
|
||||
return command_set;
|
||||
}
|
||||
diff --git a/services/service_manager/sandbox/linux/bpf_gpu_policy_linux.cc b/services/service_manager/sandbox/linux/bpf_gpu_policy_linux.cc
|
||||
index bc16952c0898..d683aacc76f4 100644
|
||||
--- a/services/service_manager/sandbox/linux/bpf_gpu_policy_linux.cc
|
||||
+++ b/services/service_manager/sandbox/linux/bpf_gpu_policy_linux.cc
|
||||
@@ -61,7 +61,20 @@ ResultExpr GpuProcessPolicy::EvaluateSyscall(int sysno) const {
|
||||
case __NR_open:
|
||||
#endif // !defined(__aarch64__)
|
||||
case __NR_faccessat:
|
||||
- case __NR_openat: {
|
||||
+ case __NR_openat:
|
||||
+#if defined(__NR_stat)
|
||||
+ case __NR_stat:
|
||||
+#endif
|
||||
+#if defined(__NR_stat64)
|
||||
+ case __NR_stat64:
|
||||
+#endif
|
||||
+#if defined(__NR_fstatat)
|
||||
+ case __NR_fstatat:
|
||||
+#endif
|
||||
+#if defined(__NR_newfstatat)
|
||||
+ case __NR_newfstatat:
|
||||
+#endif
|
||||
+ {
|
||||
auto* broker_process = SandboxLinux::GetInstance()->broker_process();
|
||||
DCHECK(broker_process);
|
||||
return Trap(BrokerProcess::SIGSYS_Handler, broker_process);
|
||||
--
|
||||
2.16.2
|
||||
|
Loading…
Reference in a new issue