diff --git a/extra/chromium/0001-system-ffmpeg-fixes.patch b/extra/chromium/0001-system-ffmpeg-fixes.patch new file mode 100644 index 000000000..ecc008fff --- /dev/null +++ b/extra/chromium/0001-system-ffmpeg-fixes.patch @@ -0,0 +1,65 @@ +From 8790632dee783eb26997715df33c600128cf217b Mon Sep 17 00:00:00 2001 +From: Kevin Mihelich +Date: Sun, 6 Mar 2016 20:26:53 -0700 +Subject: [PATCH 1/3] system ffmpeg fixes + +--- + media/ffmpeg/ffmpeg_common.h | 5 ----- + media/filters/ffmpeg_demuxer.cc | 18 ------------------ + 2 files changed, 23 deletions(-) + +diff --git a/media/ffmpeg/ffmpeg_common.h b/media/ffmpeg/ffmpeg_common.h +index 55e3ab7..0ec595c 100644 +--- a/media/ffmpeg/ffmpeg_common.h ++++ b/media/ffmpeg/ffmpeg_common.h +@@ -21,10 +21,6 @@ + + // Include FFmpeg header files. + extern "C" { +-// Disable deprecated features which result in spammy compile warnings. This +-// list of defines must mirror those in the 'defines' section of BUILD.gn file & +-// ffmpeg.gyp file or the headers below will generate different structures! +-#define FF_API_CONVERGENCE_DURATION 0 + // Upstream libavcodec/utils.c still uses the deprecated + // av_dup_packet(), causing deprecation warnings. + // The normal fix for such things is to disable the feature as below, +@@ -38,7 +34,6 @@ extern "C" { + MSVC_PUSH_DISABLE_WARNING(4244); + #include + #include +-#include + #include + #include + #include +diff --git a/media/filters/ffmpeg_demuxer.cc b/media/filters/ffmpeg_demuxer.cc +index 18863e6..a7cd444 100644 +--- a/media/filters/ffmpeg_demuxer.cc ++++ b/media/filters/ffmpeg_demuxer.cc +@@ -1035,24 +1035,6 @@ void FFmpegDemuxer::OnFindStreamInfoDone(const PipelineStatusCB& status_cb, + // If no estimate is found, the stream entry will be kInfiniteDuration(). + std::vector start_time_estimates(format_context->nb_streams, + kInfiniteDuration()); +- const AVFormatInternal* internal = format_context->internal; +- if (internal && internal->packet_buffer && +- format_context->start_time != static_cast(AV_NOPTS_VALUE)) { +- struct AVPacketList* packet_buffer = internal->packet_buffer; +- while (packet_buffer != internal->packet_buffer_end) { +- DCHECK_LT(static_cast(packet_buffer->pkt.stream_index), +- start_time_estimates.size()); +- const AVStream* stream = +- format_context->streams[packet_buffer->pkt.stream_index]; +- if (packet_buffer->pkt.pts != static_cast(AV_NOPTS_VALUE)) { +- const base::TimeDelta packet_pts = +- ConvertFromTimeBase(stream->time_base, packet_buffer->pkt.pts); +- if (packet_pts < start_time_estimates[stream->index]) +- start_time_estimates[stream->index] = packet_pts; +- } +- packet_buffer = packet_buffer->next; +- } +- } + + AVStream* audio_stream = NULL; + AudioDecoderConfig audio_config; +-- +2.7.2 + diff --git a/extra/chromium/0002-sandbox-arm64-align-stack-16-bytes.patch b/extra/chromium/0002-sandbox-arm64-align-stack-16-bytes.patch new file mode 100644 index 000000000..8083ca39e --- /dev/null +++ b/extra/chromium/0002-sandbox-arm64-align-stack-16-bytes.patch @@ -0,0 +1,69 @@ +From a6a7d9a4ad84da293071fbbbc7eedd2ce51abdf4 Mon Sep 17 00:00:00 2001 +From: "riku.voipio" +Date: Wed, 27 Jan 2016 09:13:57 -0800 +Subject: [PATCH 2/3] sandbox arm64: align stack 16 bytes + +chrome fails to start with user namespace sandboxing: + +[866:866:0120/134742:FATAL:zygote_host_impl_linux.cc(182)] Check failed: process.IsValid(). +Failed to launch zygote process + +With strace.. + +clone(child_stack=0x7ffd28fd98, flags=CLONE_NEWUSER|CLONE_NEWPID|CLONE_NEWNET|SIGCHLD) = -1 EINVAL (Invalid argument) + +Which compared to kernel sources[1], shows that stack needs to be 16 +bytes aligned. because stack grows downward, this patch assumes +PTHREAD_STACK_MIN is dividable by 16 too. + +[1] http://lxr.free-electrons.com/source/arch/arm64/kernel/process.c#L267 + +BUG=581018 +R=keescook@chromium.org,jln@chromium.org,rsesek@chromium.org,thakis@chromium.org +TEST=base_unittests ProcessUtilTest.* and sandbox_linux_unittests NamespaceSandboxTest.* + +Review URL: https://codereview.chromium.org/1617763002 + +Cr-Commit-Position: refs/heads/master@{#371809} +--- + base/process/launch_posix.cc | 2 +- + sandbox/linux/services/credentials.cc | 3 ++- + 2 files changed, 3 insertions(+), 2 deletions(-) + +diff --git a/base/process/launch_posix.cc b/base/process/launch_posix.cc +index 4bd3da3..4019de5 100644 +--- a/base/process/launch_posix.cc ++++ b/base/process/launch_posix.cc +@@ -736,7 +736,7 @@ NOINLINE pid_t CloneAndLongjmpInChild(unsigned long flags, + // internal pid cache. The libc interface unfortunately requires + // specifying a new stack, so we use setjmp/longjmp to emulate + // fork-like behavior. +- char stack_buf[PTHREAD_STACK_MIN]; ++ char stack_buf[PTHREAD_STACK_MIN] ALIGNAS(16); + #if defined(ARCH_CPU_X86_FAMILY) || defined(ARCH_CPU_ARM_FAMILY) || \ + defined(ARCH_CPU_MIPS64_FAMILY) || defined(ARCH_CPU_MIPS_FAMILY) + // The stack grows downward. +diff --git a/sandbox/linux/services/credentials.cc b/sandbox/linux/services/credentials.cc +index fb6b6b4..76038af 100644 +--- a/sandbox/linux/services/credentials.cc ++++ b/sandbox/linux/services/credentials.cc +@@ -16,6 +16,7 @@ + #include + + #include "base/bind.h" ++#include "base/compiler_specific.h" + #include "base/files/file_path.h" + #include "base/files/file_util.h" + #include "base/logging.h" +@@ -94,7 +95,7 @@ bool ChrootToSafeEmptyDir() { + // /proc/tid directory for the thread (since /proc may not be aware of the + // PID namespace). With a process, we can just use /proc/self. + pid_t pid = -1; +- char stack_buf[PTHREAD_STACK_MIN]; ++ char stack_buf[PTHREAD_STACK_MIN] ALIGNAS(16); + #if defined(ARCH_CPU_X86_FAMILY) || defined(ARCH_CPU_ARM_FAMILY) || \ + defined(ARCH_CPU_MIPS64_FAMILY) || defined(ARCH_CPU_MIPS_FAMILY) + // The stack grows downward. +-- +2.7.2 + diff --git a/extra/chromium/0003-Linux-Sandbox-whitelist-arm64-syscalls.patch b/extra/chromium/0003-Linux-Sandbox-whitelist-arm64-syscalls.patch new file mode 100644 index 000000000..beb3f1efd --- /dev/null +++ b/extra/chromium/0003-Linux-Sandbox-whitelist-arm64-syscalls.patch @@ -0,0 +1,90 @@ +From 76610303d10f886c382fe6ba54f0d89ed652497f Mon Sep 17 00:00:00 2001 +From: "riku.voipio" +Date: Tue, 1 Mar 2016 08:02:43 -0800 +Subject: [PATCH 3/3] Linux Sandbox: whitelist arm64 syscalls + +On debian/arm64, two syscalls needed whitelisting for chromium to work with seccomp: + +epoll_pwait, replacing epoll_wait which is a legacy syscall not available on arm64. epoll_wait implmentation in glibc calls epoll_pwait behind scenes, so this needs to be enabled. + +getrlimit, missing #ifdef for arm64 in several policy definitions. test for arm64 added for each case. + +BUG=581018 +R=keescook@chromium.org,jln@chromium.org,rsesek@chromium.org +TEST=Start chrome on arm64 with seccomp enabled kernel + +Review URL: https://codereview.chromium.org/1613883002 + +Cr-Commit-Position: refs/heads/master@{#378440} +--- + components/nacl/loader/sandbox_linux/nacl_bpf_sandbox_linux.cc | 3 ++- + content/common/sandbox_linux/bpf_renderer_policy_linux.cc | 3 ++- + content/common/sandbox_linux/bpf_utility_policy_linux.cc | 3 ++- + sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc | 2 +- + 4 files changed, 7 insertions(+), 4 deletions(-) + +diff --git a/components/nacl/loader/sandbox_linux/nacl_bpf_sandbox_linux.cc b/components/nacl/loader/sandbox_linux/nacl_bpf_sandbox_linux.cc +index 66a606a..3e88304 100644 +--- a/components/nacl/loader/sandbox_linux/nacl_bpf_sandbox_linux.cc ++++ b/components/nacl/loader/sandbox_linux/nacl_bpf_sandbox_linux.cc +@@ -106,7 +106,8 @@ ResultExpr NaClBPFSandboxPolicy::EvaluateSyscall(int sysno) const { + // NaCl uses custom signal stacks. + case __NR_sigaltstack: + // Below is fairly similar to the policy for a Chromium renderer. +-#if defined(__i386__) || defined(__x86_64__) || defined(__mips__) ++#if defined(__i386__) || defined(__x86_64__) || defined(__mips__) || \ ++ defined(__aarch64__) + case __NR_getrlimit: + #endif + #if defined(__i386__) || defined(__arm__) +diff --git a/content/common/sandbox_linux/bpf_renderer_policy_linux.cc b/content/common/sandbox_linux/bpf_renderer_policy_linux.cc +index e799273..993e2a5 100644 +--- a/content/common/sandbox_linux/bpf_renderer_policy_linux.cc ++++ b/content/common/sandbox_linux/bpf_renderer_policy_linux.cc +@@ -60,7 +60,8 @@ ResultExpr RendererProcessPolicy::EvaluateSyscall(int sysno) const { + // Allow the system calls below. + case __NR_fdatasync: + case __NR_fsync: +-#if defined(__i386__) || defined(__x86_64__) || defined(__mips__) ++#if defined(__i386__) || defined(__x86_64__) || defined(__mips__) || \ ++ defined(__aarch64__) + case __NR_getrlimit: + #endif + #if defined(__i386__) || defined(__arm__) +diff --git a/content/common/sandbox_linux/bpf_utility_policy_linux.cc b/content/common/sandbox_linux/bpf_utility_policy_linux.cc +index 3ead1c8..1336796 100644 +--- a/content/common/sandbox_linux/bpf_utility_policy_linux.cc ++++ b/content/common/sandbox_linux/bpf_utility_policy_linux.cc +@@ -32,7 +32,8 @@ ResultExpr UtilityProcessPolicy::EvaluateSyscall(int sysno) const { + // Allow the system calls below. + case __NR_fdatasync: + case __NR_fsync: +-#if defined(__i386__) || defined(__x86_64__) ++#if defined(__i386__) || defined(__x86_64__) || defined(__mips__) || \ ++ defined(__aarch64__) + case __NR_getrlimit: + #endif + #if defined(__i386__) || defined(__arm__) +diff --git a/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc b/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc +index c217d47..21147b4 100644 +--- a/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc ++++ b/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc +@@ -414,6 +414,7 @@ bool SyscallSets::IsAllowedEpoll(int sysno) { + case __NR_epoll_create: + case __NR_epoll_wait: + #endif ++ case __NR_epoll_pwait: + case __NR_epoll_create1: + case __NR_epoll_ctl: + return true; +@@ -421,7 +422,6 @@ bool SyscallSets::IsAllowedEpoll(int sysno) { + #if defined(__x86_64__) + case __NR_epoll_ctl_old: + #endif +- case __NR_epoll_pwait: + #if defined(__x86_64__) + case __NR_epoll_wait_old: + #endif +-- +2.7.2 + diff --git a/extra/chromium/PKGBUILD b/extra/chromium/PKGBUILD index bb963caf7..411ba9b7e 100644 --- a/extra/chromium/PKGBUILD +++ b/extra/chromium/PKGBUILD @@ -10,12 +10,13 @@ # ALARM: Kevin Mihelich # - removed NaCl, not for ARM -# - adjusted gyp flags for v7h -# - patch to fix webrtc code for non-android ARM -# - patch (hack) to fix skia -# - makeflags to -j3, seems to barf higher +# - adjusted gyp flags for v7/aarch64 +# - makeflags to -j4 on v7, RAM constraints +# - Gentoo patch to remove lingering built-in ffmpeg code +# - upstream patches to fix AArch64 -buildarch=4 +buildarch=12 +highmem=1 pkgname=chromium pkgver=49.0.2623.75 @@ -29,7 +30,7 @@ depends=('gtk2' 'nss' 'alsa-lib' 'xdg-utils' 'bzip2' 'libevent' 'libxss' 'icu' 'libexif' 'libgcrypt' 'ttf-font' 'systemd' 'dbus' 'flac' 'snappy' 'speech-dispatcher' 'pciutils' 'libpulse' 'harfbuzz' 'libsecret' 'libvpx' 'perl' 'perl-file-basedir' 'desktop-file-utils' - 'hicolor-icon-theme') + 'hicolor-icon-theme' 'ffmpeg') makedepends=('python2' 'gperf' 'yasm' 'mesa' 'ninja') optdepends=('kdebase-kdialog: needed for file dialogs in KDE' 'gnome-keyring: for storing passwords in GNOME keyring' @@ -40,15 +41,17 @@ install=chromium.install source=(https://commondatastorage.googleapis.com/chromium-browser-official/$pkgname-$pkgver.tar.xz chromium-launcher-$_launcher_ver.tar.gz::https://github.com/foutrelis/chromium-launcher/archive/v$_launcher_ver.tar.gz chromium.desktop - arm-webrtc-fix.patch - chromium-arm-r0.patch - chromium-widevine.patch) + chromium-widevine.patch + 0001-system-ffmpeg-fixes.patch + 0002-sandbox-arm64-align-stack-16-bytes.patch + 0003-Linux-Sandbox-whitelist-arm64-syscalls.patch) sha256sums=('a4fd4c85b12b021789d8afc33b27555396e47d9f67c8a062ee3609c4d6b582f5' '8b01fb4efe58146279858a754d90b49e5a38c9a0b36a1f84cbb7d12f92b84c28' '028a748a5c275de9b8f776f97909f999a8583a4b77fd1cd600b4fc5c0c3e91e9' - '9db0f01517c52e3236ff52e8a664840542a19144a54923ae6aabea3dcfa92c52' - 'df4be49770d508b772f98eda9fc5f37fa71d4c0459437e12f7f3db5892aa1611' - '4660344789c45c9b9e52cb6d86f7cb6edb297b39320d04f6947e5216d6e5f64c') + '4660344789c45c9b9e52cb6d86f7cb6edb297b39320d04f6947e5216d6e5f64c' + '9f0d843fcda221b97386f8686a00918a5e165e65e9eb34df19ba6bc11ec91eee' + '48e83c69c33d5b0882982e71c1a3c55a093d2c0416374db6159a87fd4b836ece' + 'c5b6a12756eb50ecf9bf0763b9ab3e6822fe6365083b73595ca8c593c963145b') # Google API keys (see http://www.chromium.org/developers/how-tos/api-keys) # Note: These are for Arch Linux use ONLY. For your own distribution, please @@ -74,18 +77,19 @@ prepare() { sed "s/@WIDEVINE_VERSION@/Pinkie Pie/" ../chromium-widevine.patch | patch -Np1 - # Fix WebRTC for ARM - patch -Np0 -i "$srcdir/arm-webrtc-fix.patch" + # Fix building with system ffmpeg + patch -Np1 -i ../0001-system-ffmpeg-fixes.patch - # Fix icu build on ARM - patch -Np0 -i ../chromium-arm-r0.patch + # Upstream AArch64 fixes + patch -Np1 -i ../0002-sandbox-arm64-align-stack-16-bytes.patch + patch -Np1 -i ../0003-Linux-Sandbox-whitelist-arm64-syscalls.patch # Remove bundled ICU; its header files appear to get picked up instead of # the system ones, leading to errors during the final link stage. # https://groups.google.com/a/chromium.org/d/topic/chromium-packagers/BNGvJc08B6Q find third_party/icu -type f \! -regex '.*\.\(gyp\|gypi\|isolate\)' -delete - MAKEFLAGS=-j4 + [[ $CARCH == "armv7h" ]] && MAKEFLAGS=-j4 # Use Python 2 find . -name '*.py' -exec sed -i -r 's|/usr/bin/python$|&2|g' {} + @@ -135,7 +139,7 @@ build() { -Duse_gnome_keyring=0 -Duse_system_bzip2=1 -Duse_system_flac=1 - -Duse_system_ffmpeg=0 + -Duse_system_ffmpeg=1 -Duse_system_harfbuzz=1 -Duse_system_icu=1 -Duse_system_libevent=1 @@ -156,16 +160,23 @@ build() { -Ddisable_fatal_linker_warnings=1 -Ddisable_glibc=1 -Ddisable_sse2=1 - -Dtarget_arch=arm - -Darm_neon=1 -Ddisable_nacl=1 -Ddisable_pnacl=1 + -Dsysroot=) + + [[ $CARCH == "armv7h" ]] && _chromium_conf+=( + -Dtarget_arch=arm + -Darm_neon=1 -Dv8_use_arm_eabi_hardfloat=true -Darm_float_abi=hard - -Dsysroot= -Darmv7=1 -Darm_fpu=neon) + [[ $CARCH == "aarch64" ]] && _chromium_conf+=( + -Dtarget_arch=arm64 + -Darm_neon=0 + -Duse_allocator=none) + # Re-configure bundled ffmpeg. #pushd third_party/ffmpeg > /dev/null || exit 1 #python2 chromium/scripts/build_ffmpeg.py linux arm --config-only || exit 1 diff --git a/extra/chromium/arm-webrtc-fix.patch b/extra/chromium/arm-webrtc-fix.patch deleted file mode 100644 index e5d237d98..000000000 --- a/extra/chromium/arm-webrtc-fix.patch +++ /dev/null @@ -1,50 +0,0 @@ ---- third_party/webrtc/system_wrappers/source/cpu_features.cc.orig 2014-01-15 18:38:50.331954791 -0700 -+++ third_party/webrtc/system_wrappers/source/cpu_features.cc 2014-01-15 18:38:37.902004379 -0700 -@@ -18,6 +18,47 @@ - - #include "webrtc/typedefs.h" - -+#include -+#ifdef __arm__ -+#include -+#include -+#include -+#include -+#endif -+ -+#ifdef __arm__ -+uint64_t WebRtc_GetCPUFeaturesARM() { -+ static bool detected = false; -+ static uint64_t have_neon = 0; -+ -+ int fd; -+ Elf32_auxv_t auxv; -+ unsigned int hwcaps; -+ -+ if (!detected) { -+ int fd; -+ Elf32_auxv_t auxv; -+ unsigned int hwcaps; -+ -+ fd = open("/proc/self/auxv", O_RDONLY); -+ if (fd >= 0) { -+ while (read(fd, &auxv, sizeof(Elf32_auxv_t)) == sizeof(Elf32_auxv_t)) { -+ if (auxv.a_type == AT_HWCAP) { -+ have_neon = (auxv.a_un.a_val & HWCAP_NEON) ? kCPUFeatureNEON : 0; -+ break; -+ } -+ } -+ close (fd); -+ } else { -+ have_neon = 0; -+ } -+ detected = true; -+ } -+ -+ return 0 | have_neon; // others here as we need them -+} -+#endif -+ - // No CPU feature is available => straight C path. - int GetCPUInfoNoASM(CPUFeature feature) { - (void)feature; diff --git a/extra/chromium/chromium-arm-r0.patch b/extra/chromium/chromium-arm-r0.patch deleted file mode 100644 index c17feb3ff..000000000 --- a/extra/chromium/chromium-arm-r0.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- third_party/icu/icu.gyp.orig 2014-05-20 19:17:22.879538568 -0600 -+++ third_party/icu/icu.gyp 2014-05-20 19:19:42.204032167 -0600 -@@ -30,7 +30,7 @@ - }], - ['(OS=="linux" or OS=="freebsd" or OS=="openbsd" or OS=="solaris" \ - or OS=="netbsd" or OS=="mac" or OS=="android" or OS=="qnx") and \ -- (target_arch=="arm" or target_arch=="ia32" or \ -+ (target_arch=="ia32" or \ - target_arch=="mipsel")', { - 'target_conditions': [ - ['_toolset=="host"', { diff --git a/extra/chromium/v6-ffmpeg.patch b/extra/chromium/v6-ffmpeg.patch deleted file mode 100644 index 205947cb9..000000000 --- a/extra/chromium/v6-ffmpeg.patch +++ /dev/null @@ -1,42 +0,0 @@ ---- ./third_party/ffmpeg/chromium/scripts/build_ffmpeg.sh.orig 2013-10-18 18:18:28.032701497 -0600 -+++ ./third_party/ffmpeg/chromium/scripts/build_ffmpeg.sh 2013-10-18 18:37:10.817807244 -0600 -@@ -310,13 +310,12 @@ - # much smaller than optimized arm builds, hence we go with the global - # CrOS settings. - add_flag_common --enable-armv6 -- add_flag_common --enable-armv6t2 -+ add_flag_common --disable-armv6t2 - add_flag_common --enable-vfp -- add_flag_common --enable-thumb -+ add_flag_common --disable-thumb - add_flag_common --disable-neon -- add_flag_common --extra-cflags=-march=armv7-a -- add_flag_common --extra-cflags=-mtune=cortex-a8 -- add_flag_common --extra-cflags=-mfpu=vfpv3-d16 -+ add_flag_common --extra-cflags=-march=armv6 -+ add_flag_common --extra-cflags=-mfpu=vfp - # NOTE: softfp/hardfp selected at gyp time. - add_flag_common --extra-cflags=-mfloat-abi=hard - elif [ "$TARGET_ARCH" = "arm-neon" ]; then ---- ./third_party/ffmpeg/ffmpeg.gyp.orig 2013-10-18 18:07:27.025272782 -0600 -+++ ./third_party/ffmpeg/ffmpeg.gyp 2013-10-18 18:38:58.462388238 -0600 -@@ -234,9 +234,7 @@ - '-marm', - ], - 'cflags': [ -- '-mthumb', -- '-march=armv7-a', -- '-mtune=cortex-a8', -+ '-march=armv6', - ], - # On arm we use gcc to compile the assembly. - 'sources': [ -@@ -245,7 +243,7 @@ - 'conditions': [ - ['arm_neon == 0', { - 'cflags': [ -- '-mfpu=vfpv3-d16', -+ '-mfpu=vfp', - ], - }, { - 'cflags': [