archlinuxarm/PKGBUILDs
1
0
Fork 0
mirror of https://github.com/archlinuxarm/PKGBUILDs.git synced 2024-11-18 22:54:00 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

extra/chromium to 74.0.3729.108-1

Browse source
This commit is contained in:
Kevin Mihelich 2019-04-23 23:57:29 +00:00
parent e89b31cba2
commit db61229bf0
5 changed files with 106 additions and 147 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
extra/chromium/PKGBUILD
View file

@ -13,10 +13,11 @@
buildarch=12
highmem=1
noautobuild=1
pkgname=chromium
pkgver=73.0.3683.103
pkgrel=2
pkgver=74.0.3729.108
pkgrel=1
_launcher_ver=6
pkgdesc="A web browser built for speed, simplicity, and security"
arch=('x86_64')
@ -34,18 +35,14 @@ install=chromium.install
source=(https://commondatastorage.googleapis.com/chromium-browser-official/$pkgname-$pkgver.tar.xz
chromium-launcher-$_launcher_ver.tar.gz::https://github.com/foutrelis/chromium-launcher/archive/v$_launcher_ver.tar.gz
chromium-system-icu.patch
chromium-color_utils-use-std-sqrt.patch
chromium-media-fix-build-with-libstdc++.patch
chromium-avoid-log-flooding-in-GLSurfacePresentationHelper.patch
chromium-glibc-2.29.patch
chromium-widevine.patch
chromium-skia-harmony.patch
0001-crashpad-include-limits.patch)
sha256sums=('eb02c419de98bb8849fd0a37a3e7bbb813938c37e3d6b2c2526df3e84f9653af'
sha256sums=('1e1e5e06fe24309377630800b44b5c6b624b7c722b5d9789abe80a962b945b6f'
'04917e3cd4307d8e31bfb0027a5dce6d086edb10ff8a716024fbb8bb0c7dccf1'
'e2d284311f49c529ea45083438a768db390bde52949995534034d2a814beab89'
'b3b6f5147d519c586cbdaf3b227dd1719676fa3a65edd6f08989087afd287afa'
'f51fe91427d8638c5551746d2ec7de99e8059dd76889cfeaee8ca3d8fed62265'
'f2b12ccf83a8e0adda4a87ae5c983df5e092ccf1f9a6f2e05799ce4d451dbda1'
'89ca1ac8394ec0920357ff64ba46573e978e9be64f82aa0fc225b36e30d5842c'
'd081f2ef8793544685aad35dea75a7e6264a2cb987ff3541e6377f4a3650a28b'
'5887f78b55c4ecbbcba5930f3f0bb7bc0117c2a41c2f761805fcf7f46f1ca2b3'
'df99f49ad58b70c9a3e1827d7e80b62e4363419334ed83373cf55b79c17b6f10')
@ -108,14 +105,8 @@ prepare() {
third_party/blink/renderer/core/xml/parser/xml_document_parser.cc \
third_party/libxml/chromium/libxml_utils.cc
# https://crbug.com/819294#c88
patch -Np1 -i ../chromium-color_utils-use-std-sqrt.patch
# https://crbug.com/931373
patch -d media -Np1 -i ../../chromium-media-fix-build-with-libstdc++.patch
# https://crbug.com/879929
patch -Np1 -i ../chromium-avoid-log-flooding-in-GLSurfacePresentationHelper.patch
# https://crbug.com/949312
patch -Np1 -i ../chromium-glibc-2.29.patch
# Load Widevine CDM if available
patch -Np1 -i ../chromium-widevine.patch

34
extra/chromium/chromium-avoid-log-flooding-in-GLSurfacePresentationHelper.patch
View file

@ -1,34 +0,0 @@
From 1fb4edaf534c278a0b7a3150efff8e712c1efe91 Mon Sep 17 00:00:00 2001
From: Peng Huang <penghuang@chromium.org>
Date: Tue, 19 Feb 2019 22:01:52 +0000
Subject: [PATCH] Avoid log flooding in GLSurfacePresentationHelper
Bug: 879929
Change-Id: Ifb452736573e65791ed5e3f143778f576854a167
Reviewed-on: https://chromium-review.googlesource.com/c/1477918
Commit-Queue: Peng Huang <penghuang@chromium.org>
Reviewed-by: Antoine Labour <piman@chromium.org>
Cr-Commit-Position: refs/heads/master@{#633415}
---
ui/gl/gl_surface_presentation_helper.cc | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/ui/gl/gl_surface_presentation_helper.cc b/ui/gl/gl_surface_presentation_helper.cc
index 987725ca1c931..e7bcd1a5b79ff 100644
--- a/ui/gl/gl_surface_presentation_helper.cc
+++ b/ui/gl/gl_surface_presentation_helper.cc
@@ -237,7 +237,13 @@ void GLSurfacePresentationHelper::CheckPendingFrames() {
&vsync_interval_)) {
vsync_timebase_ = base::TimeTicks();
vsync_interval_ = base::TimeDelta();
- LOG(ERROR) << "GetVSyncParametersIfAvailable() failed!";
+ static unsigned int count = 0;
+ ++count;
+ // GetVSyncParametersIfAvailable() could be called and failed frequently,
+ // so we have to limit the LOG to avoid flooding the log.
+ LOG_IF(ERROR, count < 20 || !(count & 0xff))
+ << "GetVSyncParametersIfAvailable() failed for " << count
+ << " times!";
}
}

48
extra/chromium/chromium-color_utils-use-std-sqrt.patch
View file

@ -1,48 +0,0 @@
From a5ba6f9bb7665040045dc0f8087407096630ad7b Mon Sep 17 00:00:00 2001
From: Raphael Kubo da Costa <raphael.kubo.da.costa@intel.com>
Date: Fri, 8 Feb 2019 02:57:28 +0000
Subject: [PATCH] color_utils: Use std::sqrt() instead of std::sqrtf()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
This fixes the build with libstdc++:
../../ui/gfx/color_utils.cc: In function SkColor color_utils::SetDarkestColorForTesting(SkColor):
../../ui/gfx/color_utils.cc:434:12: error: sqrtf is not a member of std
std::sqrtf((dark_luminance + 0.05f) * (kWhiteLuminance + 0.05f)) - 0.05f;
^~~~~
../../ui/gfx/color_utils.cc:434:12: note: suggested alternative: sqrt
std::sqrtf((dark_luminance + 0.05f) * (kWhiteLuminance + 0.05f)) - 0.05f;
^~~~~
sqrt
sqrtf() is not formally part of C++14 as far as I can see even though libc++
has it in <cmath>. Additionally, we're only dealing with floats in all parts
of the expression above, so using the float sqrt() overload should be
harmless anyway.
Bug: 819294
Change-Id: If6c7bf31819df97a761e6963def6d6506154c34d
Reviewed-on: https://chromium-review.googlesource.com/c/1458193
Auto-Submit: Raphael Kubo da Costa <raphael.kubo.da.costa@intel.com>
Reviewed-by: Peter Kasting <pkasting@chromium.org>
Commit-Queue: Raphael Kubo da Costa <raphael.kubo.da.costa@intel.com>
Cr-Commit-Position: refs/heads/master@{#630140}
---
ui/gfx/color_utils.cc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ui/gfx/color_utils.cc b/ui/gfx/color_utils.cc
index c868cd54bac3f..92ba1407d594f 100644
--- a/ui/gfx/color_utils.cc
+++ b/ui/gfx/color_utils.cc
@@ -431,7 +431,7 @@ SkColor SetDarkestColorForTesting(SkColor color) {
// GetContrastRatio(kWhiteLuminance, g_luminance_midpoint). The formula below
// can be verified by plugging it into how GetContrastRatio() operates.
g_luminance_midpoint =
- std::sqrtf((dark_luminance + 0.05f) * (kWhiteLuminance + 0.05f)) - 0.05f;
+ std::sqrt((dark_luminance + 0.05f) * (kWhiteLuminance + 0.05f)) - 0.05f;
return previous_darkest_color;
}

98
extra/chromium/chromium-glibc-2.29.patch Normal file
View file

@ -0,0 +1,98 @@
tree 0f4b37852646eae176de06a5d92cd2f68ffaf318
parent a38dc4152f043e81310b0deff46f9a770b9f5fcb
author Matthew Denton <mpdenton@chromium.org> 1555962368 -0700
committer Matthew Denton <mpdenton@chromium.org> 1555962368 -0700
Update Linux Seccomp syscall restrictions to EPERM posix_spawn/vfork
Glibc's system() function switched to using posix_spawn, which uses
CLONE_VFORK. Pepperflash includes a sandbox debugging check which
relies on us EPERM-ing process creation like this, rather than crashing
the process with SIGSYS.
So whitelist clone() calls, like posix_spawn, that include the flags
CLONE_VFORK and CLONE_VM.
Bug: 949312
Change-Id: I3f4b90114b2fc1d9929e3c0a85bbe8f10def3c20
diff --git a/sandbox/linux/seccomp-bpf-helpers/baseline_policy_unittest.cc b/sandbox/linux/seccomp-bpf-helpers/baseline_policy_unittest.cc
index cdeb210..40fcebf 100644
--- a/sandbox/linux/seccomp-bpf-helpers/baseline_policy_unittest.cc
+++ b/sandbox/linux/seccomp-bpf-helpers/baseline_policy_unittest.cc
@@ -10,7 +10,9 @@
#include <sched.h>
#include <signal.h>
#include <stddef.h>
+#include <stdlib.h>
#include <string.h>
+#include <sys/mman.h>
#include <sys/prctl.h>
#include <sys/resource.h>
#include <sys/socket.h>
@@ -130,6 +132,33 @@
BPF_ASSERT_EQ(EPERM, fork_errno);
}
+BPF_TEST_C(BaselinePolicy, SystemEperm, BaselinePolicy) {
+ errno = 0;
+ int ret_val = system("echo SHOULD NEVER RUN");
+ BPF_ASSERT_EQ(-1, ret_val);
+ BPF_ASSERT_EQ(EPERM, errno);
+}
+
+BPF_TEST_C(BaselinePolicy, CloneVforkEperm, BaselinePolicy) {
+ errno = 0;
+ // Allocate a couple pages for the child's stack even though the child should
+ // never start.
+ constexpr size_t kStackSize = 4096 * 4;
+ void* child_stack = mmap(nullptr, kStackSize, PROT_READ | PROT_WRITE,
+ MAP_PRIVATE | MAP_ANONYMOUS | MAP_STACK, -1, 0);
+ BPF_ASSERT_NE(child_stack, nullptr);
+ pid_t pid = syscall(__NR_clone, CLONE_VM | CLONE_VFORK | SIGCHLD,
+ static_cast<char*>(child_stack) + kStackSize, nullptr,
+ nullptr, nullptr);
+ const int clone_errno = errno;
+ TestUtils::HandlePostForkReturn(pid);
+
+ munmap(child_stack, kStackSize);
+
+ BPF_ASSERT_EQ(-1, pid);
+ BPF_ASSERT_EQ(EPERM, clone_errno);
+}
+
BPF_TEST_C(BaselinePolicy, CreateThread, BaselinePolicy) {
base::Thread thread("sandbox_tests");
BPF_ASSERT(thread.Start());
diff --git a/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc b/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc
index 100afe5..348ab6e 100644
--- a/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc
+++ b/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc
@@ -135,7 +135,8 @@
#if !defined(OS_NACL_NONSFI)
// Allow Glibc's and Android pthread creation flags, crash on any other
// thread creation attempts and EPERM attempts to use neither
-// CLONE_VM, nor CLONE_THREAD, which includes all fork() implementations.
+// CLONE_VM nor CLONE_THREAD (all fork implementations), unless CLONE_VFORK is
+// present (as in newer versions of posix_spawn).
ResultExpr RestrictCloneToThreadsAndEPERMFork() {
const Arg<unsigned long> flags(0);
@@ -154,8 +155,16 @@
AnyOf(flags == kAndroidCloneMask, flags == kObsoleteAndroidCloneMask,
flags == kGlibcPthreadFlags);
+ // The following two flags are the two important flags in any vfork-emulating
+ // clone call. EPERM any clone call that contains both of them.
+ const uint64_t kImportantCloneVforkFlags = CLONE_VFORK | CLONE_VM;
+
+ const BoolExpr is_fork_or_clone_vfork =
+ AnyOf((flags & (CLONE_VM | CLONE_THREAD)) == 0,
+ (flags & kImportantCloneVforkFlags) == kImportantCloneVforkFlags);
+
return If(IsAndroid() ? android_test : glibc_test, Allow())
- .ElseIf((flags & (CLONE_VM | CLONE_THREAD)) == 0, Error(EPERM))
+ .ElseIf(is_fork_or_clone_vfork, Error(EPERM))
.Else(CrashSIGSYSClone());
}

48
extra/chromium/chromium-media-fix-build-with-libstdc++.patch
View file

@ -1,48 +0,0 @@
From d4824fb46a07f3dbecf6358020f0f0da2c586475 Mon Sep 17 00:00:00 2001
From: Tom Anderson <thomasanderson@chromium.org>
Date: Sat, 16 Feb 2019 05:35:55 +0000
Subject: [PATCH] Fix build with libstdc++
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
When building with libstdc++ (use_custom_libcxx=false), we get (different) build
erros when building with clang and gcc.
clang:
base/optional.h:348:61: error: no member named 'value' in
'std::is_constructible<media::learning::Value, const
base::Optional<media::learning::Value> &>'
gcc:
base/optional.h:347:57: error: incomplete type
std::is_constructible<media::learning::Value,
base::Optional<media::learning::Value>&> used in nested name specifier
BUG=931373
Change-Id: I133ff4f30398202b5726c605fafee8aa916179d3
Reviewed-on: https://chromium-review.googlesource.com/c/1475936
Auto-Submit: Thomas Anderson <thomasanderson@chromium.org>
Commit-Queue: Frank Liberato <liberato@chromium.org>
Reviewed-by: Frank Liberato <liberato@chromium.org>
Cr-Original-Commit-Position: refs/heads/master@{#632921}
Cr-Mirrored-From: https://chromium.googlesource.com/chromium/src
Cr-Mirrored-Commit: 08b9fbc728043c89f21af46796bacd7324b7ce06
---
learning/common/value.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/learning/common/value.h b/learning/common/value.h
index 62f4953f6..ef37eebd4 100644
--- a/learning/common/value.h
+++ b/learning/common/value.h
@@ -27,7 +27,7 @@ class COMPONENT_EXPORT(LEARNING_COMMON) Value {
public:
Value();
template <typename T>
- explicit Value(T x) : value_(x) {
+ explicit Value(const T& x) : value_(x) {
// We want to rule out mostly pointers, since they wouldn't make much sense.
// Note that the implicit cast would likely fail anyway.
static_assert(std::is_arithmetic<T>::value || std::is_enum<T>::value,