archlinuxarm/PKGBUILDs
1
0
Fork 0
mirror of https://github.com/archlinuxarm/PKGBUILDs.git synced 2025-01-27 23:44:04 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

extra/chromium to 74.0.3729.131-1

Browse source
This commit is contained in:
Kevin Mihelich 2019-05-01 12:58:00 +00:00
parent 4979925ad1
commit fae446c944
2 changed files with 21 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
extra/chromium/PKGBUILD
View file

@ -16,7 +16,7 @@ highmem=1
noautobuild=1
pkgname=chromium
pkgver=74.0.3729.108
pkgver=74.0.3729.131
pkgrel=1
_launcher_ver=6
pkgdesc="A web browser built for speed, simplicity, and security"
@ -39,10 +39,10 @@ source=(https://commondatastorage.googleapis.com/chromium-browser-official/$pkgn
chromium-widevine.patch
chromium-skia-harmony.patch
0001-crashpad-include-limits.patch)
sha256sums=('1e1e5e06fe24309377630800b44b5c6b624b7c722b5d9789abe80a962b945b6f'
sha256sums=('d178c7842f8f858ac876d88ce866cbd2132d7ca6c73940613ebf7e9c3fada986'
'04917e3cd4307d8e31bfb0027a5dce6d086edb10ff8a716024fbb8bb0c7dccf1'
'e2d284311f49c529ea45083438a768db390bde52949995534034d2a814beab89'
'89ca1ac8394ec0920357ff64ba46573e978e9be64f82aa0fc225b36e30d5842c'
'dd791f154b48e69cd47fd94753c45448655b529590995fd71ac1591c53a3d60c'
'd081f2ef8793544685aad35dea75a7e6264a2cb987ff3541e6377f4a3650a28b'
'5887f78b55c4ecbbcba5930f3f0bb7bc0117c2a41c2f761805fcf7f46f1ca2b3'
'df99f49ad58b70c9a3e1827d7e80b62e4363419334ed83373cf55b79c17b6f10')

29
extra/chromium/chromium-glibc-2.29.patch
View file

@ -1,9 +1,8 @@
tree 0f4b37852646eae176de06a5d92cd2f68ffaf318
parent a38dc4152f043e81310b0deff46f9a770b9f5fcb
author Matthew Denton <mpdenton@chromium.org> 1555962368 -0700
committer Matthew Denton <mpdenton@chromium.org> 1555962368 -0700
Update Linux Seccomp syscall restrictions to EPERM posix_spawn/vfork
From 65046b8f90d0336cbe5f2f15cc7da5cb798360ad Mon Sep 17 00:00:00 2001
From: Matthew Denton <mpdenton@chromium.org>
Date: Wed, 24 Apr 2019 15:44:40 +0000
Subject: [PATCH] Update Linux Seccomp syscall restrictions to EPERM
posix_spawn/vfork
Glibc's system() function switched to using posix_spawn, which uses
CLONE_VFORK. Pepperflash includes a sandbox debugging check which
@ -15,9 +14,17 @@ CLONE_VFORK and CLONE_VM.
Bug: 949312
Change-Id: I3f4b90114b2fc1d9929e3c0a85bbe8f10def3c20
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1568086
Commit-Queue: Robert Sesek <rsesek@chromium.org>
Reviewed-by: Robert Sesek <rsesek@chromium.org>
Cr-Commit-Position: refs/heads/master@{#653590}
---
.../baseline_policy_unittest.cc | 29 +++++++++++++++++++
.../syscall_parameters_restrictions.cc | 13 +++++++--
2 files changed, 40 insertions(+), 2 deletions(-)
diff --git a/sandbox/linux/seccomp-bpf-helpers/baseline_policy_unittest.cc b/sandbox/linux/seccomp-bpf-helpers/baseline_policy_unittest.cc
index cdeb210..40fcebf 100644
index cdeb210ccb..40fcebf933 100644
--- a/sandbox/linux/seccomp-bpf-helpers/baseline_policy_unittest.cc
+++ b/sandbox/linux/seccomp-bpf-helpers/baseline_policy_unittest.cc
@@ -10,7 +10,9 @@
@ -30,7 +37,7 @@ index cdeb210..40fcebf 100644
#include <sys/prctl.h>
#include <sys/resource.h>
#include <sys/socket.h>
@@ -130,6 +132,33 @@
@@ -130,6 +132,33 @@ BPF_TEST_C(BaselinePolicy, ForkArmEperm, BaselinePolicy) {
BPF_ASSERT_EQ(EPERM, fork_errno);
}
@ -65,10 +72,10 @@ index cdeb210..40fcebf 100644
base::Thread thread("sandbox_tests");
BPF_ASSERT(thread.Start());
diff --git a/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc b/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc
index 100afe5..348ab6e 100644
index 100afe50e3..348ab6e8c5 100644
--- a/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc
+++ b/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc
@@ -135,7 +135,8 @@
@@ -135,7 +135,8 @@ namespace sandbox {
#if !defined(OS_NACL_NONSFI)
// Allow Glibc's and Android pthread creation flags, crash on any other
// thread creation attempts and EPERM attempts to use neither
@ -78,7 +85,7 @@ index 100afe5..348ab6e 100644
ResultExpr RestrictCloneToThreadsAndEPERMFork() {
const Arg<unsigned long> flags(0);
@@ -154,8 +155,16 @@
@@ -154,8 +155,16 @@ ResultExpr RestrictCloneToThreadsAndEPERMFork() {
AnyOf(flags == kAndroidCloneMask, flags == kObsoleteAndroidCloneMask,
flags == kGlibcPthreadFlags);