From c3c01255da940f156b33f19376b7dbdaec138d24 Mon Sep 17 00:00:00 2001 From: Automatic Build System Date: Fri, 5 Jan 2024 21:13:37 +0100 Subject: [PATCH] automatic version update by autodist [release 92.0.4515.131-1mamba;Mon Aug 09 2021] --- chromium-83.0.4103.116-ffmpeg-4.3.patch | 41 - ...teForCurrentDocument-from-destructor.patch | 71 - ...3-files-to-have-a-start-time-of-zero.patch | 38 - ...calls-and-just-send-a-normal-message.patch | 42 - chromium-87.0.4280.88-icu-68.patch | 421 ----- ...-87.0.4280.88-missing-include-vector.patch | 10 - chromium-87.0.4280.88-v8-icu-68.patch | 192 --- ...ixel-anti-aliasing-in-FreeType-2.8.1.patch | 100 -- ...=> chromium-90.0.4430.212-glibc-2.33.patch | 0 ...se-oauth2-client-switches-as-default.patch | 17 + chromium-92.0.4515.107-clang-11-nomerge.patch | 11 + ...enable-accelerated-video-decode-flag.patch | 35 + ....107-linux-sandbox-fix-fstatat-crash.patch | 348 +++++ ...yscall-broker-use-struct-kernel_stat.patch | 1384 +++++++++++++++++ ...UsableSize-handle-nullptr-gracefully.patch | 49 + ...e-VirtualCursor-standard-layout-type.patch | 238 +++ ...um-92.0.4515.131-breakpad-gcc-11.2.0.patch | 11 + chromium-92.0.4515.131-freetype-2.11.patch | 50 + ...cc-fix-swiftshader-libEGL-visibility.patch | 26 + ...ium-92.0.4515.131-sandbox-gcc-11.2.0.patch | 11 + chromium.spec | 228 ++- 21 files changed, 2281 insertions(+), 1042 deletions(-) delete mode 100644 chromium-83.0.4103.116-ffmpeg-4.3.patch delete mode 100644 chromium-84.0.4147.89-avoid-calling-DeleteForCurrentDocument-from-destructor.patch delete mode 100644 chromium-84.0.4147.89-force-mp3-files-to-have-a-start-time-of-zero.patch delete mode 100644 chromium-84.0.4147.89-remove-NotifyError-calls-and-just-send-a-normal-message.patch delete mode 100644 chromium-87.0.4280.88-icu-68.patch delete mode 100644 chromium-87.0.4280.88-missing-include-vector.patch delete mode 100644 chromium-87.0.4280.88-v8-icu-68.patch delete mode 100644 chromium-88.0.4324.150-subpixel-anti-aliasing-in-FreeType-2.8.1.patch rename chromium-88.0.4324.150-glibc-2.33.patch => chromium-90.0.4430.212-glibc-2.33.patch (100%) create mode 100644 chromium-90.0.4430.212-use-oauth2-client-switches-as-default.patch create mode 100644 chromium-92.0.4515.107-clang-11-nomerge.patch create mode 100644 chromium-92.0.4515.107-extend-enable-accelerated-video-decode-flag.patch create mode 100644 chromium-92.0.4515.107-linux-sandbox-fix-fstatat-crash.patch create mode 100644 chromium-92.0.4515.107-linux-sandbox-syscall-broker-use-struct-kernel_stat.patch create mode 100644 chromium-92.0.4515.107-make-GetUsableSize-handle-nullptr-gracefully.patch create mode 100644 chromium-92.0.4515.107-sql-make-VirtualCursor-standard-layout-type.patch create mode 100644 chromium-92.0.4515.131-breakpad-gcc-11.2.0.patch create mode 100644 chromium-92.0.4515.131-freetype-2.11.patch create mode 100644 chromium-92.0.4515.131-gcc-fix-swiftshader-libEGL-visibility.patch create mode 100644 chromium-92.0.4515.131-sandbox-gcc-11.2.0.patch diff --git a/chromium-83.0.4103.116-ffmpeg-4.3.patch b/chromium-83.0.4103.116-ffmpeg-4.3.patch deleted file mode 100644 index 69f0229..0000000 --- a/chromium-83.0.4103.116-ffmpeg-4.3.patch +++ /dev/null @@ -1,41 +0,0 @@ -https://bugs.chromium.org/p/chromium/issues/detail?id=1095962 - ---- /media/base/media.cc -+++ /media/base/media.cc -@@ -2,6 +2,8 @@ - // Use of this source code is governed by a BSD-style license that can be - // found in the LICENSE file. - -+#include -+ - #include "media/base/media.h" - - #include "base/allocator/buildflags.h" -@@ -41,7 +43,7 @@ - - #if BUILDFLAG(USE_ALLOCATOR_SHIM) - // Remove allocation limit from ffmpeg, so calls go down to shim layer. -- av_max_alloc(0); -+ av_max_alloc(std::numeric_limits::max()); - #endif // BUILDFLAG(USE_ALLOCATOR_SHIM) - - #endif // BUILDFLAG(ENABLE_FFMPEG) ---- /third_party/ffmpeg/chromium/dllmain.cc -+++ /third_party/ffmpeg/chromium/dllmain.cc -@@ -3,6 +3,7 @@ - // found in the LICENSE file. - - #include -+#include - #include - #include - #include -@@ -28,7 +29,7 @@ - if (reason == DLL_PROCESS_ATTACH) { - DisableThreadLibraryCalls(instance); - // Remove allocation limit from ffmpeg, so calls go down to shim layer. -- av_max_alloc(0); -+ av_max_alloc(std::numeric_limits::max()); - // Enable OOM crashes in the shim for all malloc calls that fail. - _set_new_mode(1); - _set_new_handler(&OnNoMemory); diff --git a/chromium-84.0.4147.89-avoid-calling-DeleteForCurrentDocument-from-destructor.patch b/chromium-84.0.4147.89-avoid-calling-DeleteForCurrentDocument-from-destructor.patch deleted file mode 100644 index 30a3b33..0000000 --- a/chromium-84.0.4147.89-avoid-calling-DeleteForCurrentDocument-from-destructor.patch +++ /dev/null @@ -1,71 +0,0 @@ -From 128869693a2519578896b41765df029d7adc4ae0 Mon Sep 17 00:00:00 2001 -From: Yuzu Saijo -Date: Tue, 2 Jun 2020 04:51:11 +0000 -Subject: [PATCH] [content] Avoid calling DeleteForCurrentDocument from - destructor - -This CL removes the call to DeleteForCurrentDocument from the destructor -of ManifestManagerHost. - -This intends to fix a crash which happens from time to time using -RenderDocumentHostUserData. - -Change-Id: I1336fb62328dcb0cf9991499f399bf3665d29b75 -Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2224737 -Reviewed-by: Rakina Zata Amni -Reviewed-by: Alexander Timin -Reviewed-by: Sreeja Kamishetty -Reviewed-by: Kinuko Yasuda -Commit-Queue: Yuzu Saijo -Cr-Commit-Position: refs/heads/master@{#774006} ---- - content/browser/manifest/manifest_manager_host.cc | 7 +++++-- - content/browser/manifest/manifest_manager_host.h | 2 ++ - 2 files changed, 7 insertions(+), 2 deletions(-) - -diff --git a/content/browser/manifest/manifest_manager_host.cc b/content/browser/manifest/manifest_manager_host.cc -index 3a2efba889a..1bd88d91edc 100644 ---- a/content/browser/manifest/manifest_manager_host.cc -+++ b/content/browser/manifest/manifest_manager_host.cc -@@ -22,7 +22,7 @@ ManifestManagerHost::ManifestManagerHost(RenderFrameHost* render_frame_host) - } - - ManifestManagerHost::~ManifestManagerHost() { -- OnConnectionError(); -+ DispatchPendingCallbacks(); - } - - void ManifestManagerHost::BindObserver( -@@ -55,7 +55,7 @@ blink::mojom::ManifestManager& ManifestManagerHost::GetManifestManager() { - return *manifest_manager_; - } - --void ManifestManagerHost::OnConnectionError() { -+void ManifestManagerHost::DispatchPendingCallbacks() { - std::vector callbacks; - for (CallbackMap::iterator it(&callbacks_); !it.IsAtEnd(); it.Advance()) { - callbacks.push_back(std::move(*it.GetCurrentValue())); -@@ -63,7 +63,10 @@ void ManifestManagerHost::OnConnectionError() { - callbacks_.Clear(); - for (auto& callback : callbacks) - std::move(callback).Run(GURL(), blink::Manifest()); -+} - -+void ManifestManagerHost::OnConnectionError() { -+ DispatchPendingCallbacks(); - if (GetForCurrentDocument(manifest_manager_frame_)) { - DeleteForCurrentDocument(manifest_manager_frame_); - } -diff --git a/content/browser/manifest/manifest_manager_host.h b/content/browser/manifest/manifest_manager_host.h -index 96951ae30bc..f706c20bdb8 100644 ---- a/content/browser/manifest/manifest_manager_host.h -+++ b/content/browser/manifest/manifest_manager_host.h -@@ -55,6 +55,8 @@ class ManifestManagerHost - using CallbackMap = base::IDMap>; - - blink::mojom::ManifestManager& GetManifestManager(); -+ -+ void DispatchPendingCallbacks(); - void OnConnectionError(); - - void OnRequestManifestResponse(int request_id, diff --git a/chromium-84.0.4147.89-force-mp3-files-to-have-a-start-time-of-zero.patch b/chromium-84.0.4147.89-force-mp3-files-to-have-a-start-time-of-zero.patch deleted file mode 100644 index d018a87..0000000 --- a/chromium-84.0.4147.89-force-mp3-files-to-have-a-start-time-of-zero.patch +++ /dev/null @@ -1,38 +0,0 @@ -From 192fc3899f76e9487d77895f31df8d2d13bf9619 Mon Sep 17 00:00:00 2001 -From: Dale Curtis -Date: Fri, 26 Jun 2020 01:10:55 +0000 -Subject: [PATCH] Force mp3 files to have a start time of zero. - -This will allow us to remove our custom patch which breaks upstream -ffmpeg functionality for unknown reasons. - -R=sandersd - -Fixed: 1062037 -Change-Id: I253011843dee4dd6a8c958b14990ad836a9f1dca -Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2268221 -Auto-Submit: Dale Curtis -Reviewed-by: Dan Sanders -Commit-Queue: Dale Curtis -Cr-Commit-Position: refs/heads/master@{#782792} ---- - media/filters/ffmpeg_demuxer.cc | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/media/filters/ffmpeg_demuxer.cc b/media/filters/ffmpeg_demuxer.cc -index 01266e1a072..a7ed542b5fc 100644 ---- a/media/filters/ffmpeg_demuxer.cc -+++ b/media/filters/ffmpeg_demuxer.cc -@@ -1522,6 +1522,12 @@ void FFmpegDemuxer::OnFindStreamInfoDone(int result) { - if (glue_->container() == container_names::CONTAINER_AVI) - format_context->flags |= AVFMT_FLAG_GENPTS; - -+ // FFmpeg will incorrectly adjust the start time of MP3 files into the future -+ // based on discard samples. We were unable to fix this upstream without -+ // breaking ffmpeg functionality. https://crbug.com/1062037 -+ if (glue_->container() == container_names::CONTAINER_MP3) -+ start_time_ = base::TimeDelta(); -+ - // For testing purposes, don't overwrite the timeline offset if set already. - if (timeline_offset_.is_null()) { - timeline_offset_ = diff --git a/chromium-84.0.4147.89-remove-NotifyError-calls-and-just-send-a-normal-message.patch b/chromium-84.0.4147.89-remove-NotifyError-calls-and-just-send-a-normal-message.patch deleted file mode 100644 index ab638bb..0000000 --- a/chromium-84.0.4147.89-remove-NotifyError-calls-and-just-send-a-normal-message.patch +++ /dev/null @@ -1,42 +0,0 @@ -From 3bfec15358b788a2b7e1beefaa177ba84a6da328 Mon Sep 17 00:00:00 2001 -From: Ted Meyer -Date: Mon, 1 Jun 2020 19:31:18 +0000 -Subject: [PATCH] Remove NotifyError calls and just send a normal message - instead - -rewrote the TODO as well. - -Bug: 1088055 -Change-Id: If83ceeb3a786a1813e41bd3ac6c7309791e92400 -Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2223010 -Auto-Submit: Ted Meyer -Commit-Queue: Dale Curtis -Reviewed-by: Dale Curtis -Cr-Commit-Position: refs/heads/master@{#773776} ---- - media/filters/decoder_selector.cc | 12 +++++------- - 1 file changed, 5 insertions(+), 7 deletions(-) - -diff --git a/media/filters/decoder_selector.cc b/media/filters/decoder_selector.cc -index bb06378b92d..9f510bb578c 100644 ---- a/media/filters/decoder_selector.cc -+++ b/media/filters/decoder_selector.cc -@@ -165,13 +165,11 @@ void DecoderSelector::OnDecoderInitializeDone(Status status) { - DCHECK(task_runner_->BelongsToCurrentThread()); - - if (!status.is_ok()) { -- // TODO(tmathmeyer) this might be noisy in media log. Consider batching -- // all failures as causes to a single Status object and only surfacing it if -- // decoder selection fails entirely. -- media_log_->NotifyError( -- Status(StatusCode::kDecoderFailedInitialization) -- .WithData("Decoder name", decoder_->GetDisplayName()) -- .AddCause(std::move(status))); -+ // TODO(tmathmeyer) this was too noisy in media log. Batch all the logs -+ // together and then send them as an informational notice instead of -+ // using NotifyError. -+ MEDIA_LOG(INFO, media_log_) -+ << "Failed to initialize " << decoder_->GetDisplayName(); - - // Try the next decoder on the list. - decoder_.reset(); diff --git a/chromium-87.0.4280.88-icu-68.patch b/chromium-87.0.4280.88-icu-68.patch deleted file mode 100644 index bea451a..0000000 --- a/chromium-87.0.4280.88-icu-68.patch +++ /dev/null @@ -1,421 +0,0 @@ -From 4d16e52a5e6771c4aa5f892e14486bf0e87027d1 Mon Sep 17 00:00:00 2001 -From: Frank Tang -Date: Tue, 20 Oct 2020 00:11:50 +0000 -Subject: [PATCH] Prepare for landing ICU68 -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -In the landing process of ICU68 we found these need to be changed -since ICU68 no longer define TRUE and FALSE for UBool to -avoid C++20 problem. - -Bug: 1138555 -Change-Id: I64fd98c99864aa86b07280537a780105cb0eabbe -Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2473522 -Reviewed-by: Frank Tang -Reviewed-by: Colin Blundell -Reviewed-by: Dominic Battré -Reviewed-by: Guillaume Jenkins -Reviewed-by: Jungshik Shin -Reviewed-by: Mihai Sardarescu -Reviewed-by: Dave Tapuska -Reviewed-by: Mustafa Emre Acer -Reviewed-by: Marian Fechete -Reviewed-by: Matthew Denton -Commit-Queue: Frank Tang -Cr-Commit-Position: refs/heads/master@{#818713} ---- - base/i18n/icu_util.cc | 2 +- - base/i18n/string_compare.cc | 4 ++-- - base/i18n/time_formatting.cc | 2 +- - .../autofill/core/common/autofill_regexes.cc | 8 ++++---- - .../browser/string_conversions_util.cc | 6 +++--- - .../public/identity_manager/identity_utils.cc | 2 +- - .../renderer/spellcheck_worditerator.cc | 2 +- - .../spoof_checks/idn_spoof_checker.cc | 4 ++-- - .../spoof_checks/skeleton_generator.cc | 2 +- - content/zygote/zygote_linux.cc | 2 +- - .../time_zone_monitor_android.cc | 2 +- - .../renderer/core/exported/web_view_test.cc | 12 ++++++------ - .../blink/renderer/platform/text/locale_icu.cc | 4 ++-- - .../platform/text/text_break_iterator_icu.cc | 16 ++++++++-------- - .../renderer/platform/text/unicode_utilities.cc | 2 +- - .../renderer/platform/wtf/text/text_codec_icu.cc | 2 +- - ui/base/l10n/formatter.cc | 6 +++--- - 17 files changed, 39 insertions(+), 39 deletions(-) - -diff --git a/base/i18n/icu_util.cc b/base/i18n/icu_util.cc -index b225f1d46c0b7..20debbe655c46 100644 ---- a/base/i18n/icu_util.cc -+++ b/base/i18n/icu_util.cc -@@ -327,7 +327,7 @@ void InitializeIcuTimeZone() { - // https://ssl.icu-project.org/trac/ticket/13208 . - string16 zone_id = android::GetDefaultTimeZoneId(); - icu::TimeZone::adoptDefault(icu::TimeZone::createTimeZone( -- icu::UnicodeString(FALSE, zone_id.data(), zone_id.length()))); -+ icu::UnicodeString(false, zone_id.data(), zone_id.length()))); - #elif defined(OS_FUCHSIA) - // The platform-specific mechanisms used by ICU's detectHostTimeZone() to - // determine the default time zone will not work on Fuchsia. Therefore, -diff --git a/base/i18n/string_compare.cc b/base/i18n/string_compare.cc -index c0e83c6f7306f..e4fb687c14884 100644 ---- a/base/i18n/string_compare.cc -+++ b/base/i18n/string_compare.cc -@@ -18,8 +18,8 @@ UCollationResult CompareString16WithCollator(const icu::Collator& collator, - StringPiece16 rhs) { - UErrorCode error = U_ZERO_ERROR; - UCollationResult result = collator.compare( -- icu::UnicodeString(FALSE, lhs.data(), static_cast(lhs.length())), -- icu::UnicodeString(FALSE, rhs.data(), static_cast(rhs.length())), -+ icu::UnicodeString(false, lhs.data(), static_cast(lhs.length())), -+ icu::UnicodeString(false, rhs.data(), static_cast(rhs.length())), - error); - DCHECK(U_SUCCESS(error)); - return result; -diff --git a/base/i18n/time_formatting.cc b/base/i18n/time_formatting.cc -index c769b57d7162a..c085f5ef2448a 100644 ---- a/base/i18n/time_formatting.cc -+++ b/base/i18n/time_formatting.cc -@@ -240,7 +240,7 @@ bool TimeDurationFormatWithSeconds(const TimeDelta time, - icu::FieldPosition ignore(icu::FieldPosition::DONT_CARE); - measure_format.formatMeasures(measures, 3, formatted, ignore, status); - *out = i18n::UnicodeStringToString16(formatted); -- return U_SUCCESS(status) == TRUE; -+ return U_SUCCESS(status); - } - - string16 DateIntervalFormat(const Time& begin_time, -diff --git a/components/autofill/core/common/autofill_regexes.cc b/components/autofill/core/common/autofill_regexes.cc -index 02254fa266ac5..1cf12f310d077 100644 ---- a/components/autofill/core/common/autofill_regexes.cc -+++ b/components/autofill/core/common/autofill_regexes.cc -@@ -43,7 +43,7 @@ class AutofillRegexes { - icu::RegexMatcher* AutofillRegexes::GetMatcher(const base::string16& pattern) { - auto it = matchers_.find(pattern); - if (it == matchers_.end()) { -- const icu::UnicodeString icu_pattern(FALSE, pattern.data(), -+ const icu::UnicodeString icu_pattern(false, pattern.data(), - pattern.length()); - - UErrorCode status = U_ZERO_ERROR; -@@ -71,21 +71,21 @@ bool MatchesPattern(const base::string16& input, - base::AutoLock lock(*g_lock); - - icu::RegexMatcher* matcher = g_autofill_regexes->GetMatcher(pattern); -- icu::UnicodeString icu_input(FALSE, input.data(), input.length()); -+ icu::UnicodeString icu_input(false, input.data(), input.length()); - matcher->reset(icu_input); - - UErrorCode status = U_ZERO_ERROR; - UBool matched = matcher->find(0, status); - DCHECK(U_SUCCESS(status)); - -- if (matched == TRUE && match) { -+ if (matched && match) { - icu::UnicodeString match_unicode = - matcher->group(group_to_be_captured, status); - DCHECK(U_SUCCESS(status)); - *match = base::i18n::UnicodeStringToString16(match_unicode); - } - -- return matched == TRUE; -+ return matched; - } - - } // namespace autofill -diff --git a/components/autofill_assistant/browser/string_conversions_util.cc b/components/autofill_assistant/browser/string_conversions_util.cc -index 212bafa637288..1d00d68019fa3 100644 ---- a/components/autofill_assistant/browser/string_conversions_util.cc -+++ b/components/autofill_assistant/browser/string_conversions_util.cc -@@ -39,13 +39,13 @@ bool UnicodeToUTF8(const std::vector& source, std::string* target) { - // |target|. - bool AppendUnicodeToUTF8(const UChar32 source, std::string* target) { - char bytes[4]; -- UBool error = FALSE; -+ UBool error = false; - size_t offset = 0; - U8_APPEND(bytes, offset, base::size(bytes), source, error); -- if (error == FALSE) { -+ if (error == false) { - target->append(bytes, offset); - } -- return error == FALSE; -+ return !error; - } - - } // namespace autofill_assistant -diff --git a/components/signin/public/identity_manager/identity_utils.cc b/components/signin/public/identity_manager/identity_utils.cc -index 1c414e20e5de4..014d6746d95f2 100644 ---- a/components/signin/public/identity_manager/identity_utils.cc -+++ b/components/signin/public/identity_manager/identity_utils.cc -@@ -33,7 +33,7 @@ bool IsUsernameAllowedByPattern(base::StringPiece username, - - // See if the username matches the policy-provided pattern. - UErrorCode status = U_ZERO_ERROR; -- const icu::UnicodeString icu_pattern(FALSE, utf16_pattern.data(), -+ const icu::UnicodeString icu_pattern(false, utf16_pattern.data(), - utf16_pattern.length()); - icu::RegexMatcher matcher(icu_pattern, UREGEX_CASE_INSENSITIVE, status); - if (!U_SUCCESS(status)) { -diff --git a/components/spellcheck/renderer/spellcheck_worditerator.cc b/components/spellcheck/renderer/spellcheck_worditerator.cc -index ec16fefbebc91..3b1f060866021 100644 ---- a/components/spellcheck/renderer/spellcheck_worditerator.cc -+++ b/components/spellcheck/renderer/spellcheck_worditerator.cc -@@ -442,7 +442,7 @@ bool SpellcheckWordIterator::Normalize(size_t input_start, - // spellchecker and we need manual normalization as well. The normalized - // text does not have to be NUL-terminated since its characters are copied to - // string16, which adds a NUL character when we need. -- icu::UnicodeString input(FALSE, &text_[input_start], -+ icu::UnicodeString input(false, &text_[input_start], - base::checked_cast(input_length)); - UErrorCode status = U_ZERO_ERROR; - icu::UnicodeString output; -diff --git a/components/url_formatter/spoof_checks/idn_spoof_checker.cc b/components/url_formatter/spoof_checks/idn_spoof_checker.cc -index 6d66a7c4db885..d73192b1426a4 100644 ---- a/components/url_formatter/spoof_checks/idn_spoof_checker.cc -+++ b/components/url_formatter/spoof_checks/idn_spoof_checker.cc -@@ -368,7 +368,7 @@ IDNSpoofChecker::Result IDNSpoofChecker::SafeToDisplayAsUnicode( - return Result::kICUSpoofChecks; - } - -- icu::UnicodeString label_string(FALSE /* isTerminated */, label.data(), -+ icu::UnicodeString label_string(false /* isTerminated */, label.data(), - base::checked_cast(label.size())); - - // A punycode label with 'xn--' prefix is not subject to the URL -@@ -711,7 +711,7 @@ bool IDNSpoofChecker::IsWholeScriptConfusableAllowedForTLD( - base::StringPiece tld, - base::StringPiece16 tld_unicode) { - icu::UnicodeString tld_string( -- FALSE /* isTerminated */, tld_unicode.data(), -+ false /* isTerminated */, tld_unicode.data(), - base::checked_cast(tld_unicode.size())); - // Allow if the TLD contains any letter from the script, in which case it's - // likely to be a TLD in that script. -diff --git a/components/url_formatter/spoof_checks/skeleton_generator.cc b/components/url_formatter/spoof_checks/skeleton_generator.cc -index 9628626600df5..9a779018ebfae 100644 ---- a/components/url_formatter/spoof_checks/skeleton_generator.cc -+++ b/components/url_formatter/spoof_checks/skeleton_generator.cc -@@ -116,7 +116,7 @@ SkeletonGenerator::~SkeletonGenerator() = default; - Skeletons SkeletonGenerator::GetSkeletons(base::StringPiece16 hostname) { - Skeletons skeletons; - size_t hostname_length = hostname.length() - (hostname.back() == '.' ? 1 : 0); -- icu::UnicodeString host(FALSE, hostname.data(), hostname_length); -+ icu::UnicodeString host(false, hostname.data(), hostname_length); - // If input has any characters outside Latin-Greek-Cyrillic and [0-9._-], - // there is no point in getting rid of diacritics because combining marks - // attached to non-LGC characters are already blocked. -diff --git a/content/zygote/zygote_linux.cc b/content/zygote/zygote_linux.cc -index 95d5a82c25082..b6d8e5a29c55e 100644 ---- a/content/zygote/zygote_linux.cc -+++ b/content/zygote/zygote_linux.cc -@@ -557,7 +557,7 @@ base::ProcessId Zygote::ReadArgsAndFork(base::PickleIterator iter, - if (!iter.ReadString16(&timezone_id)) - return -1; - icu::TimeZone::adoptDefault(icu::TimeZone::createTimeZone( -- icu::UnicodeString(FALSE, timezone_id.data(), timezone_id.length()))); -+ icu::UnicodeString(false, timezone_id.data(), timezone_id.length()))); - - if (!iter.ReadInt(&numfds)) - return -1; -diff --git a/services/device/time_zone_monitor/time_zone_monitor_android.cc b/services/device/time_zone_monitor/time_zone_monitor_android.cc -index 818670a821e41..f57f9724e5d48 100644 ---- a/services/device/time_zone_monitor/time_zone_monitor_android.cc -+++ b/services/device/time_zone_monitor/time_zone_monitor_android.cc -@@ -34,7 +34,7 @@ void TimeZoneMonitorAndroid::TimeZoneChangedFromJava( - // See base/i18n/icu_util.cc:InitializeIcuTimeZone() for more information. - base::string16 zone_id = base::android::GetDefaultTimeZoneId(); - std::unique_ptr new_zone(icu::TimeZone::createTimeZone( -- icu::UnicodeString(FALSE, zone_id.data(), zone_id.length()))); -+ icu::UnicodeString(false, zone_id.data(), zone_id.length()))); - UpdateIcuAndNotifyClients(std::move(new_zone)); - } - -diff --git a/third_party/blink/renderer/core/exported/web_view_test.cc b/third_party/blink/renderer/core/exported/web_view_test.cc -index a6b9552bb18d9..36809d914d1af 100644 ---- a/third_party/blink/renderer/core/exported/web_view_test.cc -+++ b/third_party/blink/renderer/core/exported/web_view_test.cc -@@ -4868,18 +4868,18 @@ TEST_F(ShowUnhandledTapTest, ShowUnhandledTapUIIfNeeded) { - - TEST_F(ShowUnhandledTapTest, ShowUnhandledTapUIIfNeededWithMutateDom) { - // Test dom mutation. -- TestEachMouseEvent("mutateDom", FALSE); -+ TestEachMouseEvent("mutateDom", false); - - // Test without any DOM mutation. -- TestEachMouseEvent("none", TRUE); -+ TestEachMouseEvent("none", true); - } - - TEST_F(ShowUnhandledTapTest, ShowUnhandledTapUIIfNeededWithMutateStyle) { - // Test style mutation. -- TestEachMouseEvent("mutateStyle", FALSE); -+ TestEachMouseEvent("mutateStyle", false); - - // Test checkbox:indeterminate style mutation. -- TestEachMouseEvent("mutateIndeterminate", FALSE); -+ TestEachMouseEvent("mutateIndeterminate", false); - - // Test click div with :active style. - Tap("style_active"); -@@ -4888,10 +4888,10 @@ TEST_F(ShowUnhandledTapTest, ShowUnhandledTapUIIfNeededWithMutateStyle) { - - TEST_F(ShowUnhandledTapTest, ShowUnhandledTapUIIfNeededWithPreventDefault) { - // Test swallowing. -- TestEachMouseEvent("preventDefault", FALSE); -+ TestEachMouseEvent("preventDefault", false); - - // Test without any preventDefault. -- TestEachMouseEvent("none", TRUE); -+ TestEachMouseEvent("none", true); - } - - TEST_F(ShowUnhandledTapTest, ShowUnhandledTapUIIfNeededWithNonTriggeringNodes) { -diff --git a/third_party/blink/renderer/platform/text/locale_icu.cc b/third_party/blink/renderer/platform/text/locale_icu.cc -index 92fb99e0cc027..f991b5137728c 100644 ---- a/third_party/blink/renderer/platform/text/locale_icu.cc -+++ b/third_party/blink/renderer/platform/text/locale_icu.cc -@@ -169,12 +169,12 @@ static String GetDateFormatPattern(const UDateFormat* date_format) { - return g_empty_string; - - UErrorCode status = U_ZERO_ERROR; -- int32_t length = udat_toPattern(date_format, TRUE, nullptr, 0, &status); -+ int32_t length = udat_toPattern(date_format, true, nullptr, 0, &status); - if (status != U_BUFFER_OVERFLOW_ERROR || !length) - return g_empty_string; - StringBuffer buffer(length); - status = U_ZERO_ERROR; -- udat_toPattern(date_format, TRUE, buffer.Characters(), length, &status); -+ udat_toPattern(date_format, true, buffer.Characters(), length, &status); - if (U_FAILURE(status)) - return g_empty_string; - return String::Adopt(buffer); -diff --git a/third_party/blink/renderer/platform/text/text_break_iterator_icu.cc b/third_party/blink/renderer/platform/text/text_break_iterator_icu.cc -index 5bea0079dd343..0e8c60a31599e 100644 ---- a/third_party/blink/renderer/platform/text/text_break_iterator_icu.cc -+++ b/third_party/blink/renderer/platform/text/text_break_iterator_icu.cc -@@ -312,13 +312,13 @@ static inline bool TextInChunkOrOutOfRange(UText* text, - text->chunkOffset = offset <= std::numeric_limits::max() - ? static_cast(offset) - : 0; -- is_accessible = TRUE; -+ is_accessible = true; - return true; - } - if (native_index >= native_length && - text->chunkNativeLimit == native_length) { - text->chunkOffset = text->chunkLength; -- is_accessible = FALSE; -+ is_accessible = false; - return true; - } - } else { -@@ -331,12 +331,12 @@ static inline bool TextInChunkOrOutOfRange(UText* text, - text->chunkOffset = offset <= std::numeric_limits::max() - ? static_cast(offset) - : 0; -- is_accessible = TRUE; -+ is_accessible = true; - return true; - } - if (native_index <= 0 && !text->chunkNativeStart) { - text->chunkOffset = 0; -- is_accessible = FALSE; -+ is_accessible = false; - return true; - } - } -@@ -347,7 +347,7 @@ static UBool TextLatin1Access(UText* text, - int64_t native_index, - UBool forward) { - if (!text->context) -- return FALSE; -+ return false; - int64_t native_length = TextNativeLength(text); - UBool is_accessible; - if (TextInChunkOrOutOfRange(text, native_index, native_length, forward, -@@ -371,7 +371,7 @@ static UBool TextLatin1Access(UText* text, - DCHECK_EQ(new_context, kPriorContext); - TextLatin1SwitchToPriorContext(text, native_index, native_length, forward); - } -- return TRUE; -+ return true; - } - - static const struct UTextFuncs kTextLatin1Funcs = { -@@ -511,7 +511,7 @@ static void TextUTF16SwitchToPriorContext(UText* text, - - static UBool TextUTF16Access(UText* text, int64_t native_index, UBool forward) { - if (!text->context) -- return FALSE; -+ return false; - int64_t native_length = TextNativeLength(text); - UBool is_accessible; - if (TextInChunkOrOutOfRange(text, native_index, native_length, forward, -@@ -533,7 +533,7 @@ static UBool TextUTF16Access(UText* text, int64_t native_index, UBool forward) { - DCHECK_EQ(new_context, kPriorContext); - TextUTF16SwitchToPriorContext(text, native_index, native_length, forward); - } -- return TRUE; -+ return true; - } - - static const struct UTextFuncs kTextUTF16Funcs = { -diff --git a/third_party/blink/renderer/platform/text/unicode_utilities.cc b/third_party/blink/renderer/platform/text/unicode_utilities.cc -index 2cefd5390b6b0..b8c4515dc13ca 100644 ---- a/third_party/blink/renderer/platform/text/unicode_utilities.cc -+++ b/third_party/blink/renderer/platform/text/unicode_utilities.cc -@@ -300,7 +300,7 @@ void NormalizeCharactersIntoNFCForm(const UChar* characters, - DCHECK(U_SUCCESS(status)); - int32_t input_length = static_cast(length); - // copy-on-write. -- icu::UnicodeString normalized(FALSE, characters, input_length); -+ icu::UnicodeString normalized(false, characters, input_length); - // In the vast majority of cases, input is already NFC. Run a quick check - // to avoid normalizing the entire input unnecessarily. - int32_t normalized_prefix_length = -diff --git a/third_party/blink/renderer/platform/wtf/text/text_codec_icu.cc b/third_party/blink/renderer/platform/wtf/text/text_codec_icu.cc -index b62573550a1cb..fb8ab0530c51e 100644 ---- a/third_party/blink/renderer/platform/wtf/text/text_codec_icu.cc -+++ b/third_party/blink/renderer/platform/wtf/text/text_codec_icu.cc -@@ -327,7 +327,7 @@ void TextCodecICU::CreateICUConverter() const { - DLOG_IF(ERROR, err == U_AMBIGUOUS_ALIAS_WARNING) - << "ICU ambiguous alias warning for encoding: " << encoding_.GetName(); - if (converter_icu_) -- ucnv_setFallback(converter_icu_, TRUE); -+ ucnv_setFallback(converter_icu_, true); - } - - int TextCodecICU::DecodeToBuffer(UChar* target, -diff --git a/ui/base/l10n/formatter.cc b/ui/base/l10n/formatter.cc -index e4446d4786f49..684ead8c0a0df 100644 ---- a/ui/base/l10n/formatter.cc -+++ b/ui/base/l10n/formatter.cc -@@ -234,7 +234,7 @@ void Formatter::Format(Unit unit, - int value, - icu::UnicodeString* formatted_string) const { - DCHECK(simple_format_[unit]); -- DCHECK(formatted_string->isEmpty() == TRUE); -+ DCHECK(formatted_string->isEmpty()); - UErrorCode error = U_ZERO_ERROR; - FormatNumberInPlural(*simple_format_[unit], - value, formatted_string, &error); -@@ -250,7 +250,7 @@ void Formatter::Format(TwoUnits units, - << "Detailed() not implemented for your (format, length) combination!"; - DCHECK(detailed_format_[units][1]) - << "Detailed() not implemented for your (format, length) combination!"; -- DCHECK(formatted_string->isEmpty() == TRUE); -+ DCHECK(formatted_string->isEmpty()); - UErrorCode error = U_ZERO_ERROR; - FormatNumberInPlural(*detailed_format_[units][0], value_1, - formatted_string, &error); -@@ -283,7 +283,7 @@ std::unique_ptr Formatter::InitFormat( - base::string16 pattern = l10n_util::GetStringUTF16(pluralities.id); - UErrorCode error = U_ZERO_ERROR; - std::unique_ptr format(new icu::MessageFormat( -- icu::UnicodeString(FALSE, pattern.data(), pattern.length()), error)); -+ icu::UnicodeString(false, pattern.data(), pattern.length()), error)); - DCHECK(U_SUCCESS(error)); - if (format.get()) - return format; diff --git a/chromium-87.0.4280.88-missing-include-vector.patch b/chromium-87.0.4280.88-missing-include-vector.patch deleted file mode 100644 index 08f1c81..0000000 --- a/chromium-87.0.4280.88-missing-include-vector.patch +++ /dev/null @@ -1,10 +0,0 @@ ---- chromium-87.0.4280.88/components/autofill/core/browser/pattern_provider/pattern_provider.h.orig 2021-01-02 13:49:47.136200998 +0100 -+++ chromium-87.0.4280.88/components/autofill/core/browser/pattern_provider/pattern_provider.h 2021-01-02 13:49:52.827306114 +0100 -@@ -6,6 +6,7 @@ - #define COMPONENTS_AUTOFILL_CORE_BROWSER_PATTERN_PROVIDER_PATTERN_PROVIDER_H_ - - #include -+#include - - #include "base/macros.h" - #include "base/no_destructor.h" diff --git a/chromium-87.0.4280.88-v8-icu-68.patch b/chromium-87.0.4280.88-v8-icu-68.patch deleted file mode 100644 index 98739ea..0000000 --- a/chromium-87.0.4280.88-v8-icu-68.patch +++ /dev/null @@ -1,192 +0,0 @@ -From b0a7f5691113534c2cf771f2dd3cece5e93bc7d4 Mon Sep 17 00:00:00 2001 -From: Frank Tang -Date: Tue, 03 Nov 2020 23:20:37 -0800 -Subject: [PATCH] Update to ICU68-1 - -ICU68-1 change the output skeleton format. So we need to change -resolvedOptions code for 68 migration. - -Chromium roll -https://chromium-review.googlesource.com/c/chromium/src/+/2474093 - -Bug: v8:10945 -Change-Id: I3b2c7fbe8abb22df8fa51287c498ca3245b8c55b -Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2477431 -Commit-Queue: Frank Tang -Reviewed-by: Jakob Kummerow -Reviewed-by: Shu-yu Guo -Cr-Commit-Position: refs/heads/master@{#70972} - -(ported to work with CurrencySignString(Isolate* isolate, - Handle UnitDisplayString(Isolate* isolate, - const icu::UnicodeString& skeleton) { - // Ex: skeleton as -- // "measure-unit/length-meter .### rounding-mode-half-up unit-width-full-name" -+ // =ICU-68.1: "unit/length-meter .### rounding-mode-half-up unit-width-full-name" - if (skeleton.indexOf("unit-width-full-name") >= 0) { - return ReadOnlyRoots(isolate).long_string_handle(); - } - // Ex: skeleton as -- // "measure-unit/length-meter .### rounding-mode-half-up unit-width-narrow". -+ // =ICU-68.1: "unit/length-meter .### rounding-mode-half-up unit-width-narrow". - if (skeleton.indexOf("unit-width-narrow") >= 0) { - return ReadOnlyRoots(isolate).narrow_string_handle(); - } - // Ex: skeleton as -- // "measure-unit/length-foot .### rounding-mode-half-up" -+ // =ICU-68.1: "unit/length-foot .### rounding-mode-half-up" - return ReadOnlyRoots(isolate).short_string_handle(); - } - -@@ -422,7 +425,8 @@ Notation NotationFromSkeleton(const icu::UnicodeString& skeleton) { - return Notation::COMPACT; - } - // Ex: skeleton as -- // "measure-unit/length-foot .### rounding-mode-half-up" -+ // =ICU-68.1: "unit/length-foot .### rounding-mode-half-up" - return Notation::STANDARD; - } - -@@ -562,14 +566,23 @@ namespace { - - // Ex: percent .### rounding-mode-half-up - // Special case for "percent" --// Ex: "measure-unit/length-kilometer per-measure-unit/duration-hour .### --// rounding-mode-half-up" should return "kilometer-per-unit". --// Ex: "measure-unit/duration-year .### rounding-mode-half-up" should return --// "year". -+// =ICU-68.1: -+// Ex: "unit/milliliter-per-acre .### rounding-mode-half-up" -+// should return "milliliter-per-acre". -+// Ex: "unit/year .### rounding-mode-half-up" should return -+// "year". - std::string UnitFromSkeleton(const icu::UnicodeString& skeleton) { - std::string str; - str = skeleton.toUTF8String(str); -+#if U_ICU_VERSION_MAJOR_NUM < 68 - std::string search("measure-unit/"); -+#else -+ std::string search("unit/"); -+#endif - size_t begin = str.find(search); - if (begin == str.npos) { - // Special case for "percent". -@@ -578,20 +591,41 @@ std::string UnitFromSkeleton(const icu::UnicodeString& skeleton) { - } - return ""; - } -+#if U_ICU_VERSION_MAJOR_NUM < 68 - // Skip the type (ex: "length"). - // "measure-unit/length-kilometer per-measure-unit/duration-hour" - // b - begin = str.find("-", begin + search.size()); -+#else -+ // Ex: -+ // "unit/acre .### rounding-mode-half-up" -+ // b -+ // Ex: -+ // "unit/milliliter-per-acre .### rounding-mode-half-up" -+ // b -+ begin += search.size(); -+#endif - if (begin == str.npos) { - return ""; - } -+#if U_ICU_VERSION_MAJOR_NUM < 68 - begin++; // Skip the '-'. -+#endif - // Find the end of the subtype. - size_t end = str.find(" ", begin); -- // "measure-unit/length-kilometer per-measure-unit/duration-hour" -- // b e -+ // =ICU-68.1: -+ // Ex: -+ // "unit/acre .### rounding-mode-half-up" -+ // b e -+ // Ex: -+ // "unit/milliliter-per-acre .### rounding-mode-half-up" -+ // b e - if (end == str.npos) { - end = str.size(); -+#if U_ICU_VERSION_MAJOR_NUM < 68 - return str.substr(begin, end - begin); - } - // "measure-unit/length-kilometer per-measure-unit/duration-hour" -@@ -625,17 +659,36 @@ std::string UnitFromSkeleton(const icu::UnicodeString& skeleton) { - // "measure-unit/length-kilometer per-measure-unit/duration-hour" - // [result ] b e - return result + "-per-" + str.substr(begin, end - begin); -+#else -+ } -+ return str.substr(begin, end - begin); -+#endif - } - - Style StyleFromSkeleton(const icu::UnicodeString& skeleton) { - if (skeleton.indexOf("currency/") >= 0) { - return Style::CURRENCY; - } -+#if U_ICU_VERSION_MAJOR_NUM < 68 - if (skeleton.indexOf("measure-unit/") >= 0) { - if (skeleton.indexOf("scale/100") >= 0 && - skeleton.indexOf("measure-unit/concentr-percent") >= 0) { -+#else -+ if (skeleton.indexOf("percent") >= 0) { -+ // percent precision-integer rounding-mode-half-up scale/100 -+ if (skeleton.indexOf("scale/100") >= 0) { -+#endif - return Style::PERCENT; -+#if U_ICU_VERSION_MAJOR_NUM >= 68 -+ } else { -+ return Style::UNIT; -+#endif - } -+#if U_ICU_VERSION_MAJOR_NUM >= 68 -+ } -+ // Before ICU68: "measure-unit/", since ICU68 "unit/" -+ if (skeleton.indexOf("unit/") >= 0) { -+#endif - return Style::UNIT; - } - return Style::DECIMAL; -diff --git a/src/objects/js-relative-time-format.cc b/src/objects/js-relative-time-format.cc -index 267343aaae..64d56a1c12 100644 ---- a/src/objects/js-relative-time-format.cc -+++ b/src/objects/js-relative-time-format.cc -@@ -195,9 +195,18 @@ MaybeHandle JSRelativeTimeFormat::New( - } - } - -+#if U_ICU_VERSION_MAJOR_NUM < 68 - icu::DecimalFormat* decimal_format = - static_cast(number_format); - decimal_format->setMinimumGroupingDigits(-2); -+#else -+ if (number_format->getDynamicClassID() == -+ icu::DecimalFormat::getStaticClassID()) { -+ icu::DecimalFormat* decimal_format = -+ static_cast(number_format); -+ decimal_format->setMinimumGroupingDigits(-2); -+ } -+#endif - - // Change UDISPCTX_CAPITALIZATION_NONE to other values if - // ECMA402 later include option to change capitalization. diff --git a/chromium-88.0.4324.150-subpixel-anti-aliasing-in-FreeType-2.8.1.patch b/chromium-88.0.4324.150-subpixel-anti-aliasing-in-FreeType-2.8.1.patch deleted file mode 100644 index c11b512..0000000 --- a/chromium-88.0.4324.150-subpixel-anti-aliasing-in-FreeType-2.8.1.patch +++ /dev/null @@ -1,100 +0,0 @@ -From f25787b72c20e97cdeb74e037dc1ff56a88b45c6 Mon Sep 17 00:00:00 2001 -From: Ben Wagner -Date: Tue, 1 Dec 2020 20:22:00 -0500 -Subject: [PATCH] Subpixel anti-aliasing in FreeType 2.8.1+ - -FreeType 2.8.1 and later always provide some form of subpixel -anti-aliasing. - -Bug: skia:10950,skia:6663 -Change-Id: I666cc942e73b73073cdabf900c25faa10d9aaf0f -Reviewed-on: https://skia-review.googlesource.com/c/skia/+/339861 -Reviewed-by: Herb Derby -Commit-Queue: Ben Wagner ---- - src/ports/SkFontHost_FreeType.cpp | 33 ++++++++++++++++++++----------- - 1 file changed, 22 insertions(+), 11 deletions(-) - -diff --git a/src/ports/SkFontHost_FreeType.cpp b/src/ports/SkFontHost_FreeType.cpp -index 990eff4f5e..c0aeb792da 100644 ---- a/src/ports/SkFontHost_FreeType.cpp -+++ b/src/ports/SkFontHost_FreeType.cpp -@@ -32,6 +32,7 @@ - #include "src/utils/SkMatrix22.h" - - #include -+#include - - #include - #include FT_ADVANCES_H -@@ -147,13 +148,16 @@ public: - // *reinterpret_cast(&procPtr) = dlsym(self, "proc"); - // because clang has not implemented DR573. See http://clang.llvm.org/cxx_dr_status.html . - -- FT_Int major, minor, patch; -- FT_Library_Version(fLibrary, &major, &minor, &patch); -+ using Version = std::tuple; -+ Version version; -+ FT_Library_Version(fLibrary, &std::get<0>(version), -+ &std::get<1>(version), -+ &std::get<2>(version)); - - #if SK_FREETYPE_MINIMUM_RUNTIME_VERSION >= 0x02070100 - fGetVarDesignCoordinates = FT_Get_Var_Design_Coordinates; - #elif SK_FREETYPE_MINIMUM_RUNTIME_VERSION & SK_FREETYPE_DLOPEN -- if (major > 2 || ((major == 2 && minor > 7) || (major == 2 && minor == 7 && patch >= 0))) { -+ if (Version(2,7,0) <= version) { - //The FreeType library is already loaded, so symbols are available in process. - void* self = dlopen(nullptr, RTLD_LAZY); - if (self) { -@@ -166,7 +170,7 @@ public: - #if SK_FREETYPE_MINIMUM_RUNTIME_VERSION >= 0x02070200 - FT_Set_Default_Properties(fLibrary); - #elif SK_FREETYPE_MINIMUM_RUNTIME_VERSION & SK_FREETYPE_DLOPEN -- if (major > 2 || ((major == 2 && minor > 7) || (major == 2 && minor == 7 && patch >= 1))) { -+ if (Version(2,7,1) <= version) { - //The FreeType library is already loaded, so symbols are available in process. - void* self = dlopen(nullptr, RTLD_LAZY); - if (self) { -@@ -185,7 +189,7 @@ public: - #if SK_FREETYPE_MINIMUM_RUNTIME_VERSION >= 0x02080000 - fLightHintingIsYOnly = true; - #else -- if (major > 2 || ((major == 2 && minor > 8) || (major == 2 && minor == 8 && patch >= 0))) { -+ if (Version(2,8,0) <= version) { - fLightHintingIsYOnly = true; - } - #endif -@@ -194,7 +198,7 @@ public: - #if SK_FREETYPE_MINIMUM_RUNTIME_VERSION >= 0x02080100 - fGetVarAxisFlags = FT_Get_Var_Axis_Flags; - #elif SK_FREETYPE_MINIMUM_RUNTIME_VERSION & SK_FREETYPE_DLOPEN -- if (major > 2 || ((major == 2 && minor > 7) || (major == 2 && minor == 7 && patch >= 0))) { -+ if (Version(2,7,0) <= version) { - //The FreeType library is already loaded, so symbols are available in process. - void* self = dlopen(nullptr, RTLD_LAZY); - if (self) { -@@ -204,11 +208,18 @@ public: - } - #endif - -- // Setup LCD filtering. This reduces color fringes for LCD smoothed glyphs. -- // The default has changed over time, so this doesn't mean the same thing to all users. -- if (FT_Library_SetLcdFilter(fLibrary, FT_LCD_FILTER_DEFAULT) == 0) { -- fIsLCDSupported = true; -- fLCDExtra = 2; //Using a filter adds one full pixel to each side. -+ fIsLCDSupported = -+ // Subpixel anti-aliasing may be unfiltered until the LCD filter is set. -+ // Newer versions may still need this, so this test with side effects must come first. -+ // The default has changed over time, so this doesn't mean the same thing to all users. -+ (FT_Library_SetLcdFilter(fLibrary, FT_LCD_FILTER_DEFAULT) == 0) || -+ -+ // In 2.8.1 and later FreeType always provides some form of subpixel anti-aliasing. -+ ((SK_FREETYPE_MINIMUM_RUNTIME_VERSION) >= 0x02080100) || -+ (Version(2,8,1) <= version); -+ -+ if (fIsLCDSupported) { -+ fLCDExtra = 2; // Using a filter may require up to one full pixel to each side. - } - } - ~FreeTypeLibrary() { diff --git a/chromium-88.0.4324.150-glibc-2.33.patch b/chromium-90.0.4430.212-glibc-2.33.patch similarity index 100% rename from chromium-88.0.4324.150-glibc-2.33.patch rename to chromium-90.0.4430.212-glibc-2.33.patch diff --git a/chromium-90.0.4430.212-use-oauth2-client-switches-as-default.patch b/chromium-90.0.4430.212-use-oauth2-client-switches-as-default.patch new file mode 100644 index 0000000..9d9c57b --- /dev/null +++ b/chromium-90.0.4430.212-use-oauth2-client-switches-as-default.patch @@ -0,0 +1,17 @@ +diff -upr chromium-89.0.4389.58.orig/google_apis/google_api_keys.cc chromium-89.0.4389.58/google_apis/google_api_keys.cc +--- chromium-89.0.4389.58.orig/google_apis/google_api_keys.cc 2021-02-24 22:37:18.494007649 +0000 ++++ chromium-89.0.4389.58/google_apis/google_api_keys.cc 2021-02-24 22:35:00.865777600 +0000 +@@ -154,11 +154,11 @@ class APIKeyCache { + + std::string default_client_id = CalculateKeyValue( + GOOGLE_DEFAULT_CLIENT_ID, +- STRINGIZE_NO_EXPANSION(GOOGLE_DEFAULT_CLIENT_ID), nullptr, ++ STRINGIZE_NO_EXPANSION(GOOGLE_DEFAULT_CLIENT_ID), ::switches::kOAuth2ClientID, + std::string(), environment.get(), command_line, gaia_config); + std::string default_client_secret = CalculateKeyValue( + GOOGLE_DEFAULT_CLIENT_SECRET, +- STRINGIZE_NO_EXPANSION(GOOGLE_DEFAULT_CLIENT_SECRET), nullptr, ++ STRINGIZE_NO_EXPANSION(GOOGLE_DEFAULT_CLIENT_SECRET), ::switches::kOAuth2ClientSecret, + std::string(), environment.get(), command_line, gaia_config); + + // We currently only allow overriding the baked-in values for the diff --git a/chromium-92.0.4515.107-clang-11-nomerge.patch b/chromium-92.0.4515.107-clang-11-nomerge.patch new file mode 100644 index 0000000..5d8dd88 --- /dev/null +++ b/chromium-92.0.4515.107-clang-11-nomerge.patch @@ -0,0 +1,11 @@ +--- chromium-92.0.4515.107/base/compiler_specific.h.orig 2021-07-25 22:15:52.001031942 +0200 ++++ chromium-92.0.4515.107/base/compiler_specific.h 2021-07-25 22:16:50.264104515 +0200 +@@ -340,7 +340,7 @@ + #endif // defined(__clang_analyzer__) + + // Use nomerge attribute to disable optimization of merging multiple same calls. +-#if defined(__clang__) && __has_attribute(nomerge) ++#if defined(__clang__) && (__clang_major__ >= 12) && __has_attribute(nomerge) + #define NOMERGE [[clang::nomerge]] + #else + #define NOMERGE diff --git a/chromium-92.0.4515.107-extend-enable-accelerated-video-decode-flag.patch b/chromium-92.0.4515.107-extend-enable-accelerated-video-decode-flag.patch new file mode 100644 index 0000000..51e346f --- /dev/null +++ b/chromium-92.0.4515.107-extend-enable-accelerated-video-decode-flag.patch @@ -0,0 +1,35 @@ +From e48f18eba0eae199ba7bc8a6a09ebf39799447c1 Mon Sep 17 00:00:00 2001 +From: Ted Meyer +Date: Wed, 2 Jun 2021 05:35:22 +0000 +Subject: [PATCH] Extend enable-accelerated-video-decode flag for linux to m93 + +It appears that there is insistence that the flag be totally removed or +have its end-milestone increased, I can't just let it wait until the +feature is working again and then re-enable it. So i've moved it to 93. + +R=dalecurtis + +Fixed: 1207478 +Change-Id: I26a5e790cd390825516b4a4b6af88e89b2d4f4eb +Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2918478 +Reviewed-by: Dale Curtis +Reviewed-by: Ted Meyer +Commit-Queue: Ted Meyer +Cr-Commit-Position: refs/heads/master@{#888312} +--- + chrome/browser/flag-metadata.json | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/chrome/browser/flag-metadata.json b/chrome/browser/flag-metadata.json +index 67e0330436..34542671f2 100644 +--- a/chrome/browser/flag-metadata.json ++++ b/chrome/browser/flag-metadata.json +@@ -1193,7 +1193,7 @@ + { + "name": "enable-accelerated-video-decode", + "owners": [ "media-dev@chromium.org" ], +- "expiry_milestone": 90 ++ "expiry_milestone": 93 + }, + { + "name": "enable-accessibility-live-caption", diff --git a/chromium-92.0.4515.107-linux-sandbox-fix-fstatat-crash.patch b/chromium-92.0.4515.107-linux-sandbox-fix-fstatat-crash.patch new file mode 100644 index 0000000..899e48e --- /dev/null +++ b/chromium-92.0.4515.107-linux-sandbox-fix-fstatat-crash.patch @@ -0,0 +1,348 @@ +From 60d5e803ef2a4874d29799b638754152285e0ed9 Mon Sep 17 00:00:00 2001 +From: Matthew Denton +Date: Wed, 21 Jul 2021 12:55:11 +0000 +Subject: [PATCH] Linux sandbox: fix fstatat() crash + +This is a reland of https://crrev.com/c/2801873. + +Glibc has started rewriting fstat(fd, stat_buf) to +fstatat(fd, "", stat_buf, AT_EMPTY_PATH). This works because when +AT_EMPTY_PATH is specified, and the second argument is an empty string, +then fstatat just performs an fstat on fd like normal. + +Unfortunately, fstatat() also allows stat-ing arbitrary pathnames like +with fstatat(AT_FDCWD, "/i/am/a/file", stat_buf, 0); +The baseline policy needs to prevent this usage of fstatat() since it +doesn't allow access to arbitrary pathnames. + +Sadly, if the second argument is not an empty string, AT_EMPTY_PATH is +simply ignored by current kernels. + +This means fstatat() is completely unsandboxable with seccomp, since +we *need* to verify that the second argument is the empty string, but +we can't dereference pointers in seccomp (due to limitations of BPF, +and the difficulty of addressing these limitations due to TOCTOU +issues). + +So, this CL Traps (raises a SIGSYS via seccomp) on any fstatat syscall. +The signal handler, which runs in the sandboxed process, checks for +AT_EMPTY_PATH and the empty string, and then rewrites any applicable +fstatat() back into the old-style fstat(). + +Bug: 1164975 +Change-Id: I3df6c04c0d781eb1f181d707ccaaead779337291 +Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3042179 +Reviewed-by: Robert Sesek +Commit-Queue: Matthew Denton +Cr-Commit-Position: refs/heads/master@{#903873} +--- + .../seccomp-bpf-helpers/baseline_policy.cc | 8 ++++++ + .../baseline_policy_unittest.cc | 17 ++++++++++++- + .../seccomp-bpf-helpers/sigsys_handlers.cc | 25 +++++++++++++++++++ + .../seccomp-bpf-helpers/sigsys_handlers.h | 14 +++++++++++ + .../linux/syscall_broker/broker_process.cc | 21 ++++++++++------ + .../syscall_broker/broker_process_unittest.cc | 18 ++++++------- + sandbox/linux/system_headers/linux_stat.h | 4 +++ + 7 files changed, 89 insertions(+), 18 deletions(-) + +diff --git a/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc b/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc +index f2a60bb4d7..9df0d2dbd3 100644 +--- a/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc ++++ b/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc +@@ -20,6 +20,7 @@ + #include "sandbox/linux/seccomp-bpf-helpers/syscall_sets.h" + #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" + #include "sandbox/linux/services/syscall_wrappers.h" ++#include "sandbox/linux/system_headers/linux_stat.h" + #include "sandbox/linux/system_headers/linux_syscalls.h" + + #if !defined(SO_PEEK_OFF) +@@ -304,6 +305,13 @@ ResultExpr EvaluateSyscallImpl(int fs_denied_errno, + return Allow(); + } + ++ // The fstatat syscalls are file system syscalls, which will be denied below ++ // with fs_denied_errno. However some allowed fstat syscalls are rewritten by ++ // libc implementations to fstatat syscalls, and we need to rewrite them back. ++ if (sysno == __NR_fstatat_default) { ++ return RewriteFstatatSIGSYS(fs_denied_errno); ++ } ++ + if (SyscallSets::IsFileSystem(sysno) || + SyscallSets::IsCurrentDirectory(sysno)) { + return Error(fs_denied_errno); +diff --git a/sandbox/linux/seccomp-bpf-helpers/baseline_policy_unittest.cc b/sandbox/linux/seccomp-bpf-helpers/baseline_policy_unittest.cc +index 68c29b564b..57d307e09d 100644 +--- a/sandbox/linux/seccomp-bpf-helpers/baseline_policy_unittest.cc ++++ b/sandbox/linux/seccomp-bpf-helpers/baseline_policy_unittest.cc +@@ -51,7 +51,8 @@ namespace sandbox { + + namespace { + +-// This also tests that read(), write() and fstat() are allowed. ++// This also tests that read(), write(), fstat(), and fstatat(.., "", .., ++// AT_EMPTY_PATH) are allowed. + void TestPipeOrSocketPair(base::ScopedFD read_end, base::ScopedFD write_end) { + BPF_ASSERT_LE(0, read_end.get()); + BPF_ASSERT_LE(0, write_end.get()); +@@ -60,6 +61,20 @@ void TestPipeOrSocketPair(base::ScopedFD read_end, base::ScopedFD write_end) { + BPF_ASSERT_EQ(0, sys_ret); + BPF_ASSERT(S_ISFIFO(stat_buf.st_mode) || S_ISSOCK(stat_buf.st_mode)); + ++ sys_ret = fstatat(read_end.get(), "", &stat_buf, AT_EMPTY_PATH); ++ BPF_ASSERT_EQ(0, sys_ret); ++ BPF_ASSERT(S_ISFIFO(stat_buf.st_mode) || S_ISSOCK(stat_buf.st_mode)); ++ ++ // Make sure fstatat with anything other than an empty string is denied. ++ sys_ret = fstatat(read_end.get(), "/", &stat_buf, AT_EMPTY_PATH); ++ BPF_ASSERT_EQ(sys_ret, -1); ++ BPF_ASSERT_EQ(EPERM, errno); ++ ++ // Make sure fstatat without AT_EMPTY_PATH is denied. ++ sys_ret = fstatat(read_end.get(), "", &stat_buf, 0); ++ BPF_ASSERT_EQ(sys_ret, -1); ++ BPF_ASSERT_EQ(EPERM, errno); ++ + const ssize_t kTestTransferSize = 4; + static const char kTestString[kTestTransferSize] = {'T', 'E', 'S', 'T'}; + ssize_t transfered = 0; +diff --git a/sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.cc b/sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.cc +index 64edbd68bd..71068a0452 100644 +--- a/sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.cc ++++ b/sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.cc +@@ -6,6 +6,7 @@ + + #include "sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h" + ++#include + #include + #include + #include +@@ -22,6 +23,7 @@ + #include "sandbox/linux/seccomp-bpf/syscall.h" + #include "sandbox/linux/services/syscall_wrappers.h" + #include "sandbox/linux/system_headers/linux_seccomp.h" ++#include "sandbox/linux/system_headers/linux_stat.h" + #include "sandbox/linux/system_headers/linux_syscalls.h" + + #if defined(__mips__) +@@ -355,6 +357,24 @@ intptr_t SIGSYSSchedHandler(const struct arch_seccomp_data& args, + return -ENOSYS; + } + ++intptr_t SIGSYSFstatatHandler(const struct arch_seccomp_data& args, ++ void* fs_denied_errno) { ++ if (args.nr == __NR_fstatat_default) { ++ if (*reinterpret_cast(args.args[1]) == '\0' && ++ args.args[3] == static_cast(AT_EMPTY_PATH)) { ++ return syscall(__NR_fstat_default, static_cast(args.args[0]), ++ reinterpret_cast(args.args[2])); ++ } ++ return -reinterpret_cast(fs_denied_errno); ++ } ++ ++ CrashSIGSYS_Handler(args, fs_denied_errno); ++ ++ // Should never be reached. ++ RAW_CHECK(false); ++ return -ENOSYS; ++} ++ + bpf_dsl::ResultExpr CrashSIGSYS() { + return bpf_dsl::Trap(CrashSIGSYS_Handler, NULL); + } +@@ -387,6 +407,11 @@ bpf_dsl::ResultExpr RewriteSchedSIGSYS() { + return bpf_dsl::Trap(SIGSYSSchedHandler, NULL); + } + ++bpf_dsl::ResultExpr RewriteFstatatSIGSYS(int fs_denied_errno) { ++ return bpf_dsl::Trap(SIGSYSFstatatHandler, ++ reinterpret_cast(fs_denied_errno)); ++} ++ + void AllocateCrashKeys() { + #if !defined(OS_NACL_NONSFI) + if (seccomp_crash_key) +diff --git a/sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h b/sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h +index 7a958b93b2..8cd735ce15 100644 +--- a/sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h ++++ b/sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h +@@ -62,6 +62,19 @@ SANDBOX_EXPORT intptr_t SIGSYSPtraceFailure(const arch_seccomp_data& args, + // sched_setparam(), sched_setscheduler() + SANDBOX_EXPORT intptr_t SIGSYSSchedHandler(const arch_seccomp_data& args, + void* aux); ++// If the fstatat() syscall is functionally equivalent to an fstat() syscall, ++// then rewrite the syscall to the equivalent fstat() syscall which can be ++// adequately sandboxed. ++// If the fstatat() is not functionally equivalent to an fstat() syscall, we ++// fail with -fs_denied_errno. ++// If the syscall is not an fstatat() at all, crash in the same way as ++// CrashSIGSYS_Handler. ++// This is necessary because glibc and musl have started rewriting fstat(fd, ++// stat_buf) as fstatat(fd, "", stat_buf, AT_EMPTY_PATH). We rewrite the latter ++// back to the former, which is actually sandboxable. ++SANDBOX_EXPORT intptr_t ++SIGSYSFstatatHandler(const struct arch_seccomp_data& args, ++ void* fs_denied_errno); + + // Variants of the above functions for use with bpf_dsl. + SANDBOX_EXPORT bpf_dsl::ResultExpr CrashSIGSYS(); +@@ -72,6 +85,7 @@ SANDBOX_EXPORT bpf_dsl::ResultExpr CrashSIGSYSKill(); + SANDBOX_EXPORT bpf_dsl::ResultExpr CrashSIGSYSFutex(); + SANDBOX_EXPORT bpf_dsl::ResultExpr CrashSIGSYSPtrace(); + SANDBOX_EXPORT bpf_dsl::ResultExpr RewriteSchedSIGSYS(); ++SANDBOX_EXPORT bpf_dsl::ResultExpr RewriteFstatatSIGSYS(int fs_denied_errno); + + // Allocates a crash key so that Seccomp information can be recorded. + void AllocateCrashKeys(); +diff --git a/sandbox/linux/syscall_broker/broker_process.cc b/sandbox/linux/syscall_broker/broker_process.cc +index c2176eb785..e9dad37485 100644 +--- a/sandbox/linux/syscall_broker/broker_process.cc ++++ b/sandbox/linux/syscall_broker/broker_process.cc +@@ -113,44 +113,49 @@ bool BrokerProcess::IsSyscallAllowed(int sysno) const { + } + + bool BrokerProcess::IsSyscallBrokerable(int sysno, bool fast_check) const { ++ // The syscalls unavailable on aarch64 are all blocked by Android's default ++ // seccomp policy, even on non-aarch64 architectures. I.e., the syscalls XX() ++ // with a corresponding XXat() versions are typically unavailable in aarch64 ++ // and are default disabled in Android. So, we should refuse to broker them ++ // to be consistent with the platform's restrictions. + switch (sysno) { +-#if !defined(__aarch64__) ++#if !defined(__aarch64__) && !defined(OS_ANDROID) + case __NR_access: + #endif + case __NR_faccessat: + return !fast_check || allowed_command_set_.test(COMMAND_ACCESS); + +-#if !defined(__aarch64__) ++#if !defined(__aarch64__) && !defined(OS_ANDROID) + case __NR_mkdir: + #endif + case __NR_mkdirat: + return !fast_check || allowed_command_set_.test(COMMAND_MKDIR); + +-#if !defined(__aarch64__) ++#if !defined(__aarch64__) && !defined(OS_ANDROID) + case __NR_open: + #endif + case __NR_openat: + return !fast_check || allowed_command_set_.test(COMMAND_OPEN); + +-#if !defined(__aarch64__) ++#if !defined(__aarch64__) && !defined(OS_ANDROID) + case __NR_readlink: + #endif + case __NR_readlinkat: + return !fast_check || allowed_command_set_.test(COMMAND_READLINK); + +-#if !defined(__aarch64__) ++#if !defined(__aarch64__) && !defined(OS_ANDROID) + case __NR_rename: + #endif + case __NR_renameat: + case __NR_renameat2: + return !fast_check || allowed_command_set_.test(COMMAND_RENAME); + +-#if !defined(__aarch64__) ++#if !defined(__aarch64__) && !defined(OS_ANDROID) + case __NR_rmdir: + return !fast_check || allowed_command_set_.test(COMMAND_RMDIR); + #endif + +-#if !defined(__aarch64__) ++#if !defined(__aarch64__) && !defined(OS_ANDROID) + case __NR_stat: + case __NR_lstat: + #endif +@@ -175,7 +180,7 @@ bool BrokerProcess::IsSyscallBrokerable(int sysno, bool fast_check) const { + return !fast_check || allowed_command_set_.test(COMMAND_STAT); + #endif + +-#if !defined(__aarch64__) ++#if !defined(__aarch64__) && !defined(OS_ANDROID) + case __NR_unlink: + return !fast_check || allowed_command_set_.test(COMMAND_UNLINK); + #endif +diff --git a/sandbox/linux/syscall_broker/broker_process_unittest.cc b/sandbox/linux/syscall_broker/broker_process_unittest.cc +index c65f25a78a..f0db08d84e 100644 +--- a/sandbox/linux/syscall_broker/broker_process_unittest.cc ++++ b/sandbox/linux/syscall_broker/broker_process_unittest.cc +@@ -1596,52 +1596,52 @@ TEST(BrokerProcess, IsSyscallAllowed) { + const base::flat_map> kSysnosForCommand = { + {COMMAND_ACCESS, + {__NR_faccessat, +-#if defined(__NR_access) ++#if defined(__NR_access) && !defined(OS_ANDROID) + __NR_access + #endif + }}, + {COMMAND_MKDIR, + {__NR_mkdirat, +-#if defined(__NR_mkdir) ++#if defined(__NR_mkdir) && !defined(OS_ANDROID) + __NR_mkdir + #endif + }}, + {COMMAND_OPEN, + {__NR_openat, +-#if defined(__NR_open) ++#if defined(__NR_open) && !defined(OS_ANDROID) + __NR_open + #endif + }}, + {COMMAND_READLINK, + {__NR_readlinkat, +-#if defined(__NR_readlink) ++#if defined(__NR_readlink) && !defined(OS_ANDROID) + __NR_readlink + #endif + }}, + {COMMAND_RENAME, + {__NR_renameat, +-#if defined(__NR_rename) ++#if defined(__NR_rename) && !defined(OS_ANDROID) + __NR_rename + #endif + }}, + {COMMAND_UNLINK, + {__NR_unlinkat, +-#if defined(__NR_unlink) ++#if defined(__NR_unlink) && !defined(OS_ANDROID) + __NR_unlink + #endif + }}, + {COMMAND_RMDIR, + {__NR_unlinkat, +-#if defined(__NR_rmdir) ++#if defined(__NR_rmdir) && !defined(OS_ANDROID) + __NR_rmdir + #endif + }}, + {COMMAND_STAT, + { +-#if defined(__NR_stat) ++#if defined(__NR_stat) && !defined(OS_ANDROID) + __NR_stat, + #endif +-#if defined(__NR_lstat) ++#if defined(__NR_lstat) && !defined(OS_ANDROID) + __NR_lstat, + #endif + #if defined(__NR_fstatat) +diff --git a/sandbox/linux/system_headers/linux_stat.h b/sandbox/linux/system_headers/linux_stat.h +index 35788eb22a..83b89efc75 100644 +--- a/sandbox/linux/system_headers/linux_stat.h ++++ b/sandbox/linux/system_headers/linux_stat.h +@@ -157,6 +157,10 @@ struct kernel_stat { + }; + #endif + ++#if !defined(AT_EMPTY_PATH) ++#define AT_EMPTY_PATH 0x1000 ++#endif ++ + // On 32-bit systems, we default to the 64-bit stat struct like libc + // implementations do. Otherwise we default to the normal stat struct which is + // already 64-bit. diff --git a/chromium-92.0.4515.107-linux-sandbox-syscall-broker-use-struct-kernel_stat.patch b/chromium-92.0.4515.107-linux-sandbox-syscall-broker-use-struct-kernel_stat.patch new file mode 100644 index 0000000..7aa43a7 --- /dev/null +++ b/chromium-92.0.4515.107-linux-sandbox-syscall-broker-use-struct-kernel_stat.patch @@ -0,0 +1,1384 @@ +From 4b438323d68840453b5ef826c3997568e2e0e8c7 Mon Sep 17 00:00:00 2001 +From: Matthew Denton +Date: Mon, 19 Jul 2021 14:03:13 +0000 +Subject: [PATCH] Reland "Reland "Linux sandbox syscall broker: use struct + kernel_stat"" + +This reverts commit ff277a52ece0b216617d770f201ed66955fe70b9. + +Reason for revert: reland + +The fix included in the reland is that fstatat64() needs to be +allowed in the broker process's seccomp policy. + +This CL also includes some extra tests that the kernel_stat structures +match the layout the kernel expects. + +Bug: 1164975, 1199431 +Test: trogdor Chromebook successfully boots and allows login. + +Original change's description: +> Revert "Reland "Linux sandbox syscall broker: use struct kernel_stat"" +> +> This reverts commit cffbc4432af79f720ae3c75dff380b853701bd64. +> +> Reason for revert: https://bugs.chromium.org/p/chromium/issues/detail?id=1199431 +> +> Original change's description: +> > Reland "Linux sandbox syscall broker: use struct kernel_stat" +> > +> > This reverts commit 23030dc650cdfa22631f25bef937905f27f06a2c. +> > +> > Original change's description: +> > > Revert "Linux sandbox syscall broker: use struct kernel_stat" +> > > +> > > This reverts commit 784b0fcd8a3ca6bcd3acb9cfd624ec9cbbac2789. +> > > +> > > Reason for revert: Causing failure in +> > > Step "sandbox_linux_unittests" failing on builder "Linux ChromiumOS MSan Tests" +> > > See crbug.com/1198480 +> > > +> > > Original change's description: +> > > > Linux sandbox syscall broker: use struct kernel_stat +> > > > +> > > > The struct stat used in libc is different (in size and field ordering) +> > > > from the structure assumed by the Linux kernel. So, when emulating +> > > > system calls, we need to use the struct definition the kernel expects. +> > > > +> > > > This CL adds linux_stat.h that includes definitions of the different +> > > > kernel structs. +> > > > +> > > > Change-Id: I53cad35c2251dff0f6b7ea77528cfa58ef3cab4a +> > > > Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2780876 +> > > > Commit-Queue: Matthew Denton +> > > > Reviewed-by: Robert Sesek +> > > > Cr-Commit-Position: refs/heads/master@{#871767} +> > > +> > > Change-Id: Icbec38f2103c8424dec79ab1870b97c3e83f9361 +> > > No-Presubmit: true +> > > No-Tree-Checks: true +> > > No-Try: true +> > > Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2821812 +> > > Auto-Submit: Victor Vianna +> > > Owners-Override: Victor Vianna +> > > Commit-Queue: Rubber Stamper +> > > Bot-Commit: Rubber Stamper +> > > Cr-Commit-Position: refs/heads/master@{#871882} +> > +> > Change-Id: I1f39bb5242961474def594ff7dbea52009f2cee4 +> > Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2824115 +> > Auto-Submit: Matthew Denton +> > Commit-Queue: Matthew Denton +> > Reviewed-by: Robert Sesek +> > Cr-Commit-Position: refs/heads/master@{#872812} +> +> Fixed: 1199431 +> Change-Id: Iebfc0c48201bf22ff9c54d8d5c8a43d26a880098 +> No-Presubmit: true +> No-Tree-Checks: true +> No-Try: true +> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2830459 +> Auto-Submit: Kyle Horimoto +> Commit-Queue: Matthew Denton +> Commit-Queue: Kinuko Yasuda +> Reviewed-by: Matthew Denton +> Reviewed-by: Kinuko Yasuda +> Owners-Override: Kinuko Yasuda +> Cr-Commit-Position: refs/heads/master@{#873173} + +Change-Id: Ibe6a485070f33489aaa157b51b908c2d23d174d7 +Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2848936 +Reviewed-by: Robert Sesek +Commit-Queue: Matthew Denton +Cr-Commit-Position: refs/heads/master@{#902981} +--- + sandbox/linux/BUILD.gn | 1 + + .../seccomp_broker_process_unittest.cc | 40 +++- + sandbox/linux/seccomp-bpf-helpers/DEPS | 1 - + ...scall_parameters_restrictions_unittests.cc | 4 - + sandbox/linux/services/syscall_wrappers.cc | 50 ++++- + sandbox/linux/services/syscall_wrappers.h | 15 ++ + .../services/syscall_wrappers_unittest.cc | 129 +++++++++++- + sandbox/linux/syscall_broker/DEPS | 3 +- + sandbox/linux/syscall_broker/broker_client.cc | 4 +- + sandbox/linux/syscall_broker/broker_client.h | 4 +- + sandbox/linux/syscall_broker/broker_host.cc | 23 ++- + .../syscall_broker/broker_process_unittest.cc | 74 +++---- + .../remote_syscall_arg_handler_unittest.cc | 36 ++-- + .../syscall_broker/syscall_dispatcher.cc | 67 ++++--- + .../linux/syscall_broker/syscall_dispatcher.h | 27 ++- + sandbox/linux/system_headers/linux_stat.h | 188 ++++++++++++++++++ + sandbox/linux/system_headers/linux_time.h | 26 +++ + sandbox/linux/tests/test_utils.cc | 15 ++ + sandbox/linux/tests/test_utils.h | 2 + + .../policy/linux/bpf_broker_policy_linux.cc | 4 +- + 20 files changed, 595 insertions(+), 118 deletions(-) + create mode 100644 sandbox/linux/system_headers/linux_stat.h + +diff --git a/sandbox/linux/BUILD.gn b/sandbox/linux/BUILD.gn +index 2f778dd0bc..ccbbc91716 100644 +--- a/sandbox/linux/BUILD.gn ++++ b/sandbox/linux/BUILD.gn +@@ -443,6 +443,7 @@ source_set("sandbox_services_headers") { + "system_headers/linux_ptrace.h", + "system_headers/linux_seccomp.h", + "system_headers/linux_signal.h", ++ "system_headers/linux_stat.h", + "system_headers/linux_syscalls.h", + "system_headers/linux_time.h", + "system_headers/linux_ucontext.h", +diff --git a/sandbox/linux/integration_tests/seccomp_broker_process_unittest.cc b/sandbox/linux/integration_tests/seccomp_broker_process_unittest.cc +index 9da9c68911..8a941983b1 100644 +--- a/sandbox/linux/integration_tests/seccomp_broker_process_unittest.cc ++++ b/sandbox/linux/integration_tests/seccomp_broker_process_unittest.cc +@@ -34,6 +34,7 @@ + #include "sandbox/linux/syscall_broker/broker_file_permission.h" + #include "sandbox/linux/syscall_broker/broker_process.h" + #include "sandbox/linux/system_headers/linux_seccomp.h" ++#include "sandbox/linux/system_headers/linux_stat.h" + #include "sandbox/linux/system_headers/linux_syscalls.h" + #include "sandbox/linux/tests/scoped_temporary_file.h" + #include "sandbox/linux/tests/test_utils.h" +@@ -202,6 +203,26 @@ namespace { + // not accept this as a valid error number. E.g. bionic accepts up to 255, glibc + // and musl up to 4096. + const int kFakeErrnoSentinel = 254; ++ ++void ConvertKernelStatToLibcStat(default_stat_struct& in_stat, ++ struct stat& out_stat) { ++ out_stat.st_dev = in_stat.st_dev; ++ out_stat.st_ino = in_stat.st_ino; ++ out_stat.st_mode = in_stat.st_mode; ++ out_stat.st_nlink = in_stat.st_nlink; ++ out_stat.st_uid = in_stat.st_uid; ++ out_stat.st_gid = in_stat.st_gid; ++ out_stat.st_rdev = in_stat.st_rdev; ++ out_stat.st_size = in_stat.st_size; ++ out_stat.st_blksize = in_stat.st_blksize; ++ out_stat.st_blocks = in_stat.st_blocks; ++ out_stat.st_atim.tv_sec = in_stat.st_atime_; ++ out_stat.st_atim.tv_nsec = in_stat.st_atime_nsec_; ++ out_stat.st_mtim.tv_sec = in_stat.st_mtime_; ++ out_stat.st_mtim.tv_nsec = in_stat.st_mtime_nsec_; ++ out_stat.st_ctim.tv_sec = in_stat.st_ctime_; ++ out_stat.st_ctim.tv_nsec = in_stat.st_ctime_nsec_; ++} + } // namespace + + // There are a variety of ways to make syscalls in a sandboxed process. One is +@@ -217,6 +238,10 @@ class Syscaller { + + virtual int Open(const char* filepath, int flags) = 0; + virtual int Access(const char* filepath, int mode) = 0; ++ // NOTE: we use struct stat instead of default_stat_struct, to make the libc ++ // syscaller simpler. Copying from default_stat_struct (the structure returned ++ // from a stat sycall) to struct stat (the structure exposed by a libc to its ++ // users) is simpler than going in the opposite direction. + virtual int Stat(const char* filepath, + bool follow_links, + struct stat* statbuf) = 0; +@@ -243,8 +268,12 @@ class IPCSyscaller : public Syscaller { + int Stat(const char* filepath, + bool follow_links, + struct stat* statbuf) override { +- return broker_->GetBrokerClientSignalBased()->Stat(filepath, follow_links, +- statbuf); ++ default_stat_struct buf; ++ int ret = broker_->GetBrokerClientSignalBased()->DefaultStatForTesting( ++ filepath, follow_links, &buf); ++ if (ret >= 0) ++ ConvertKernelStatToLibcStat(buf, *statbuf); ++ return ret; + } + + int Rename(const char* oldpath, const char* newpath) override { +@@ -300,10 +329,13 @@ class DirectSyscaller : public Syscaller { + int Stat(const char* filepath, + bool follow_links, + struct stat* statbuf) override { +- int ret = follow_links ? syscall(__NR_stat, filepath, statbuf) +- : syscall(__NR_lstat, filepath, statbuf); ++ struct kernel_stat buf; ++ int ret = syscall(__NR_newfstatat, AT_FDCWD, filepath, &buf, ++ follow_links ? 0 : AT_SYMLINK_NOFOLLOW); + if (ret < 0) + return -errno; ++ ++ ConvertKernelStatToLibcStat(buf, *statbuf); + return ret; + } + +diff --git a/sandbox/linux/seccomp-bpf-helpers/DEPS b/sandbox/linux/seccomp-bpf-helpers/DEPS +index 4419fd1da3..95d1bb6cbb 100644 +--- a/sandbox/linux/seccomp-bpf-helpers/DEPS ++++ b/sandbox/linux/seccomp-bpf-helpers/DEPS +@@ -3,5 +3,4 @@ include_rules = [ + "+sandbox/linux/seccomp-bpf", + "+sandbox/linux/services", + "+sandbox/linux/system_headers", +- "+third_party/lss/linux_syscall_support.h", + ] +diff --git a/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions_unittests.cc b/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions_unittests.cc +index 903e702eab..76c393032c 100644 +--- a/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions_unittests.cc ++++ b/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions_unittests.cc +@@ -37,10 +37,6 @@ + #include "sandbox/linux/system_headers/linux_time.h" + #include "sandbox/linux/tests/unit_tests.h" + +-#if !defined(OS_ANDROID) +-#include "third_party/lss/linux_syscall_support.h" // for MAKE_PROCESS_CPUCLOCK +-#endif +- + namespace sandbox { + + namespace { +diff --git a/sandbox/linux/services/syscall_wrappers.cc b/sandbox/linux/services/syscall_wrappers.cc +index fcfd2aa129..3bec18a14e 100644 +--- a/sandbox/linux/services/syscall_wrappers.cc ++++ b/sandbox/linux/services/syscall_wrappers.cc +@@ -4,6 +4,7 @@ + + #include "sandbox/linux/services/syscall_wrappers.h" + ++#include + #include + #include + #include +@@ -14,11 +15,13 @@ + #include + #include + ++#include "base/check.h" + #include "base/compiler_specific.h" + #include "base/logging.h" + #include "build/build_config.h" + #include "sandbox/linux/system_headers/capability.h" + #include "sandbox/linux/system_headers/linux_signal.h" ++#include "sandbox/linux/system_headers/linux_stat.h" + #include "sandbox/linux/system_headers/linux_syscalls.h" + + namespace sandbox { +@@ -217,7 +220,7 @@ asm( + #undef STR + #undef XSTR + +-#endif ++#endif // defined(ARCH_CPU_X86_FAMILY) + + int sys_sigaction(int signum, + const struct sigaction* act, +@@ -241,7 +244,7 @@ int sys_sigaction(int signum, + #error "Unsupported architecture." + #endif + } +-#endif ++#endif // defined(ARCH_CPU_X86_FAMILY) + } + + LinuxSigAction linux_oldact = {}; +@@ -259,6 +262,47 @@ int sys_sigaction(int signum, + return result; + } + +-#endif // defined(MEMORY_SANITIZER) ++#endif // !defined(OS_NACL_NONSFI) ++ ++int sys_stat(const char* path, struct kernel_stat* stat_buf) { ++ int res; ++#if !defined(__NR_stat) ++ res = syscall(__NR_newfstatat, AT_FDCWD, path, stat_buf, 0); ++#else ++ res = syscall(__NR_stat, path, stat_buf); ++#endif ++ if (res == 0) ++ MSAN_UNPOISON(stat_buf, sizeof(*stat_buf)); ++ return res; ++} ++ ++int sys_lstat(const char* path, struct kernel_stat* stat_buf) { ++ int res; ++#if !defined(__NR_lstat) ++ res = syscall(__NR_newfstatat, AT_FDCWD, path, stat_buf, AT_SYMLINK_NOFOLLOW); ++#else ++ res = syscall(__NR_lstat, path, stat_buf); ++#endif ++ if (res == 0) ++ MSAN_UNPOISON(stat_buf, sizeof(*stat_buf)); ++ return res; ++} ++ ++int sys_fstatat64(int dirfd, ++ const char* pathname, ++ struct kernel_stat64* stat_buf, ++ int flags) { ++#if defined(__NR_fstatat64) ++ int res = syscall(__NR_fstatat64, dirfd, pathname, stat_buf, flags); ++ if (res == 0) ++ MSAN_UNPOISON(stat_buf, sizeof(*stat_buf)); ++ return res; ++#else // defined(__NR_fstatat64) ++ // We should not reach here on 64-bit systems, as the *stat*64() are only ++ // necessary on 32-bit. ++ RAW_CHECK(false); ++ return -ENOSYS; ++#endif ++} + + } // namespace sandbox +diff --git a/sandbox/linux/services/syscall_wrappers.h b/sandbox/linux/services/syscall_wrappers.h +index 1975bfbd88..b55340e4a2 100644 +--- a/sandbox/linux/services/syscall_wrappers.h ++++ b/sandbox/linux/services/syscall_wrappers.h +@@ -17,6 +17,8 @@ struct sock_fprog; + struct rlimit64; + struct cap_hdr; + struct cap_data; ++struct kernel_stat; ++struct kernel_stat64; + + namespace sandbox { + +@@ -84,6 +86,19 @@ SANDBOX_EXPORT int sys_sigaction(int signum, + const struct sigaction* act, + struct sigaction* oldact); + ++// Some architectures do not have stat() and lstat() syscalls. In that case, ++// these wrappers will use newfstatat(), which is available on all other ++// architectures, with the same capabilities as stat() and lstat(). ++SANDBOX_EXPORT int sys_stat(const char* path, struct kernel_stat* stat_buf); ++SANDBOX_EXPORT int sys_lstat(const char* path, struct kernel_stat* stat_buf); ++ ++// Takes care of unpoisoning |stat_buf| for MSAN. Check-fails if fstatat64() is ++// not a supported syscall on the current platform. ++SANDBOX_EXPORT int sys_fstatat64(int dirfd, ++ const char* pathname, ++ struct kernel_stat64* stat_buf, ++ int flags); ++ + } // namespace sandbox + + #endif // SANDBOX_LINUX_SERVICES_SYSCALL_WRAPPERS_H_ +diff --git a/sandbox/linux/services/syscall_wrappers_unittest.cc b/sandbox/linux/services/syscall_wrappers_unittest.cc +index 32820f60a8..64b9cea80f 100644 +--- a/sandbox/linux/services/syscall_wrappers_unittest.cc ++++ b/sandbox/linux/services/syscall_wrappers_unittest.cc +@@ -5,15 +5,19 @@ + #include "sandbox/linux/services/syscall_wrappers.h" + + #include ++#include + #include + #include + #include + #include +-#include + ++#include "base/logging.h" ++#include "base/memory/page_size.h" + #include "base/posix/eintr_wrapper.h" + #include "build/build_config.h" + #include "sandbox/linux/system_headers/linux_signal.h" ++#include "sandbox/linux/system_headers/linux_stat.h" ++#include "sandbox/linux/tests/scoped_temporary_file.h" + #include "sandbox/linux/tests/test_utils.h" + #include "sandbox/linux/tests/unit_tests.h" + #include "testing/gtest/include/gtest/gtest.h" +@@ -93,6 +97,129 @@ TEST(SyscallWrappers, LinuxSigSet) { + linux_sigset); + } + ++TEST(SyscallWrappers, Stat) { ++ // Create a file to stat, with 12 bytes of data. ++ ScopedTemporaryFile tmp_file; ++ EXPECT_EQ(12, write(tmp_file.fd(), "blahblahblah", 12)); ++ ++ // To test we have the correct stat structures for each kernel/platform, we ++ // will right-align them on a page, with a guard page after. ++ char* two_pages = static_cast(TestUtils::MapPagesOrDie(2)); ++ TestUtils::MprotectLastPageOrDie(two_pages, 2); ++ char* page1_end = two_pages + base::GetPageSize(); ++ ++ // First, check that calling stat with |stat_buf| pointing to the last byte on ++ // a page causes EFAULT. ++ int res = sys_stat(tmp_file.full_file_name(), ++ reinterpret_cast(page1_end - 1)); ++ ASSERT_EQ(res, -1); ++ ASSERT_EQ(errno, EFAULT); ++ ++ // Now, check that we have the correctly sized stat structure. ++ struct kernel_stat* sb = reinterpret_cast( ++ page1_end - sizeof(struct kernel_stat)); ++ // Memset to c's so we can check the kernel zero'd the padding... ++ memset(sb, 'c', sizeof(struct kernel_stat)); ++ res = sys_stat(tmp_file.full_file_name(), sb); ++ ASSERT_EQ(res, 0); ++ ++ // Following fields may never be consistent but should be non-zero. ++ // Don't trust the platform to define fields with any particular sign. ++ EXPECT_NE(0u, static_cast(sb->st_dev)); ++ EXPECT_NE(0u, static_cast(sb->st_ino)); ++ EXPECT_NE(0u, static_cast(sb->st_mode)); ++ EXPECT_NE(0u, static_cast(sb->st_blksize)); ++ EXPECT_NE(0u, static_cast(sb->st_blocks)); ++ ++// We are the ones that made the file. ++// Note: normally gid and uid overflow on backwards-compatible 32-bit systems ++// and we end up with dummy uids and gids in place here. ++#if defined(ARCH_CPU_64_BITS) ++ EXPECT_EQ(geteuid(), sb->st_uid); ++ EXPECT_EQ(getegid(), sb->st_gid); ++#endif ++ ++ // Wrote 12 bytes above which should fit in one block. ++ EXPECT_EQ(12u, sb->st_size); ++ ++ // Can't go backwards in time, 1500000000 was some time ago. ++ EXPECT_LT(1500000000u, static_cast(sb->st_atime_)); ++ EXPECT_LT(1500000000u, static_cast(sb->st_mtime_)); ++ EXPECT_LT(1500000000u, static_cast(sb->st_ctime_)); ++ ++ // Checking the padding for good measure. ++#if defined(__x86_64__) ++ EXPECT_EQ(0u, sb->__pad0); ++ EXPECT_EQ(0u, sb->__unused4[0]); ++ EXPECT_EQ(0u, sb->__unused4[1]); ++ EXPECT_EQ(0u, sb->__unused4[2]); ++#elif defined(__aarch64__) ++ EXPECT_EQ(0u, sb->__pad1); ++ EXPECT_EQ(0, sb->__pad2); ++ EXPECT_EQ(0u, sb->__unused4); ++ EXPECT_EQ(0u, sb->__unused5); ++#endif ++} ++ ++TEST(SyscallWrappers, LStat) { ++ // Create a file to stat, with 12 bytes of data. ++ ScopedTemporaryFile tmp_file; ++ EXPECT_EQ(12, write(tmp_file.fd(), "blahblahblah", 12)); ++ ++ // Also create a symlink. ++ std::string symlink_name; ++ { ++ ScopedTemporaryFile tmp_file2; ++ symlink_name = tmp_file2.full_file_name(); ++ } ++ int rc = symlink(tmp_file.full_file_name(), symlink_name.c_str()); ++ if (rc != 0) { ++ PLOG(ERROR) << "Couldn't symlink " << symlink_name << " to target " ++ << tmp_file.full_file_name(); ++ GTEST_FAIL(); ++ } ++ ++ struct kernel_stat lstat_info; ++ rc = sys_lstat(symlink_name.c_str(), &lstat_info); ++ if (rc < 0 && errno == EOVERFLOW) { ++ GTEST_SKIP(); ++ } ++ if (rc != 0) { ++ PLOG(ERROR) << "Couldn't sys_lstat " << symlink_name; ++ GTEST_FAIL(); ++ } ++ ++ struct kernel_stat stat_info; ++ rc = sys_stat(symlink_name.c_str(), &stat_info); ++ if (rc < 0 && errno == EOVERFLOW) { ++ GTEST_SKIP(); ++ } ++ if (rc != 0) { ++ PLOG(ERROR) << "Couldn't sys_stat " << symlink_name; ++ GTEST_FAIL(); ++ } ++ ++ struct kernel_stat tmp_file_stat_info; ++ rc = sys_stat(tmp_file.full_file_name(), &tmp_file_stat_info); ++ if (rc < 0 && errno == EOVERFLOW) { ++ GTEST_SKIP(); ++ } ++ if (rc != 0) { ++ PLOG(ERROR) << "Couldn't sys_stat " << tmp_file.full_file_name(); ++ GTEST_FAIL(); ++ } ++ ++ // lstat should produce information about a symlink. ++ ASSERT_TRUE(S_ISLNK(lstat_info.st_mode)); ++ ++ // stat-ing symlink_name and tmp_file should produce the same inode. ++ ASSERT_EQ(stat_info.st_ino, tmp_file_stat_info.st_ino); ++ ++ // lstat-ing symlink_name should give a different inode than stat-ing ++ // symlink_name. ++ ASSERT_NE(stat_info.st_ino, lstat_info.st_ino); ++} ++ + } // namespace + + } // namespace sandbox +diff --git a/sandbox/linux/syscall_broker/DEPS b/sandbox/linux/syscall_broker/DEPS +index c477f7d363..149c463b06 100644 +--- a/sandbox/linux/syscall_broker/DEPS ++++ b/sandbox/linux/syscall_broker/DEPS +@@ -1,4 +1,5 @@ + include_rules = [ +- "+sandbox/linux/system_headers", + "+sandbox/linux/bpf_dsl", ++ "+sandbox/linux/services", ++ "+sandbox/linux/system_headers", + ] +diff --git a/sandbox/linux/syscall_broker/broker_client.cc b/sandbox/linux/syscall_broker/broker_client.cc +index 6b1b5be433..e24f659fcf 100644 +--- a/sandbox/linux/syscall_broker/broker_client.cc ++++ b/sandbox/linux/syscall_broker/broker_client.cc +@@ -166,7 +166,7 @@ int BrokerClient::Rmdir(const char* path) const { + + int BrokerClient::Stat(const char* pathname, + bool follow_links, +- struct stat* sb) const { ++ struct kernel_stat* sb) const { + if (!pathname || !sb) + return -EFAULT; + +@@ -181,7 +181,7 @@ int BrokerClient::Stat(const char* pathname, + + int BrokerClient::Stat64(const char* pathname, + bool follow_links, +- struct stat64* sb) const { ++ struct kernel_stat64* sb) const { + if (!pathname || !sb) + return -EFAULT; + +diff --git a/sandbox/linux/syscall_broker/broker_client.h b/sandbox/linux/syscall_broker/broker_client.h +index 05e14c83f2..26ca78101c 100644 +--- a/sandbox/linux/syscall_broker/broker_client.h ++++ b/sandbox/linux/syscall_broker/broker_client.h +@@ -61,10 +61,10 @@ class SANDBOX_EXPORT BrokerClient : public SyscallDispatcher { + int Rmdir(const char* path) const override; + int Stat(const char* pathname, + bool follow_links, +- struct stat* sb) const override; ++ struct kernel_stat* sb) const override; + int Stat64(const char* pathname, + bool follow_links, +- struct stat64* sb) const override; ++ struct kernel_stat64* sb) const override; + int Unlink(const char* unlink) const override; + + private: +diff --git a/sandbox/linux/syscall_broker/broker_host.cc b/sandbox/linux/syscall_broker/broker_host.cc +index 1cd03a18df..1cdc01a888 100644 +--- a/sandbox/linux/syscall_broker/broker_host.cc ++++ b/sandbox/linux/syscall_broker/broker_host.cc +@@ -20,9 +20,11 @@ + #include "base/files/scoped_file.h" + #include "base/logging.h" + #include "base/posix/eintr_wrapper.h" ++#include "sandbox/linux/services/syscall_wrappers.h" + #include "sandbox/linux/syscall_broker/broker_command.h" + #include "sandbox/linux/syscall_broker/broker_permission_list.h" + #include "sandbox/linux/syscall_broker/broker_simple_message.h" ++#include "sandbox/linux/system_headers/linux_stat.h" + #include "sandbox/linux/system_headers/linux_syscalls.h" + + namespace sandbox { +@@ -193,10 +195,12 @@ void StatFileForIPC(const BrokerCommandSet& allowed_command_set, + RAW_CHECK(reply->AddIntToMessage(-permission_list.denied_errno())); + return; + } ++ + if (command_type == COMMAND_STAT) { +- struct stat sb; +- int sts = +- follow_links ? stat(file_to_access, &sb) : lstat(file_to_access, &sb); ++ struct kernel_stat sb; ++ ++ int sts = follow_links ? sandbox::sys_stat(file_to_access, &sb) ++ : sandbox::sys_lstat(file_to_access, &sb); + if (sts < 0) { + RAW_CHECK(reply->AddIntToMessage(-errno)); + return; +@@ -205,10 +209,12 @@ void StatFileForIPC(const BrokerCommandSet& allowed_command_set, + RAW_CHECK( + reply->AddDataToMessage(reinterpret_cast(&sb), sizeof(sb))); + } else { ++#if defined(__NR_fstatat64) + DCHECK(command_type == COMMAND_STAT64); +- struct stat64 sb; +- int sts = follow_links ? stat64(file_to_access, &sb) +- : lstat64(file_to_access, &sb); ++ struct kernel_stat64 sb; ++ ++ int sts = sandbox::sys_fstatat64(AT_FDCWD, file_to_access, &sb, ++ follow_links ? 0 : AT_SYMLINK_NOFOLLOW); + if (sts < 0) { + RAW_CHECK(reply->AddIntToMessage(-errno)); + return; +@@ -216,6 +222,11 @@ void StatFileForIPC(const BrokerCommandSet& allowed_command_set, + RAW_CHECK(reply->AddIntToMessage(0)); + RAW_CHECK( + reply->AddDataToMessage(reinterpret_cast(&sb), sizeof(sb))); ++#else // defined(__NR_fstatat64) ++ // We should not reach here on 64-bit systems, as the *stat*64() are only ++ // necessary on 32-bit. ++ RAW_CHECK(false); ++#endif + } + } + +diff --git a/sandbox/linux/syscall_broker/broker_process_unittest.cc b/sandbox/linux/syscall_broker/broker_process_unittest.cc +index 55ba6bccb2..c65f25a78a 100644 +--- a/sandbox/linux/syscall_broker/broker_process_unittest.cc ++++ b/sandbox/linux/syscall_broker/broker_process_unittest.cc +@@ -811,7 +811,7 @@ void TestStatHelper(bool fast_check_in_client, bool follow_links) { + const char* bad_leading_path5 = "/mbogo/fictitioux"; + const char* bad_leading_path6 = "/mbogo/fictitiousa"; + +- struct stat sb; ++ default_stat_struct sb; + + { + // Actual file with permissions to see file but command not allowed. +@@ -824,7 +824,7 @@ void TestStatHelper(bool fast_check_in_client, bool follow_links) { + + memset(&sb, 0, sizeof(sb)); + EXPECT_EQ(-kFakeErrnoSentinel, +- open_broker.GetBrokerClientSignalBased()->Stat( ++ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( + tempfile_name, follow_links, &sb)); + } + +@@ -840,7 +840,7 @@ void TestStatHelper(bool fast_check_in_client, bool follow_links) { + + memset(&sb, 0, sizeof(sb)); + EXPECT_EQ(-kFakeErrnoSentinel, +- open_broker.GetBrokerClientSignalBased()->Stat( ++ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( + nonesuch_name, follow_links, &sb)); + } + { +@@ -852,7 +852,7 @@ void TestStatHelper(bool fast_check_in_client, bool follow_links) { + + memset(&sb, 0, sizeof(sb)); + EXPECT_EQ(-kFakeErrnoSentinel, +- open_broker.GetBrokerClientSignalBased()->Stat( ++ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( + tempfile_name, follow_links, &sb)); + } + { +@@ -864,38 +864,39 @@ void TestStatHelper(bool fast_check_in_client, bool follow_links) { + ASSERT_TRUE(open_broker.Init(base::BindOnce(&NoOpCallback))); + + memset(&sb, 0, sizeof(sb)); +- EXPECT_EQ(-ENOENT, open_broker.GetBrokerClientSignalBased()->Stat( +- nonesuch_name, follow_links, &sb)); ++ EXPECT_EQ(-ENOENT, ++ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( ++ nonesuch_name, follow_links, &sb)); + + // Gets denied all the way back to root since no create permission. + EXPECT_EQ(-kFakeErrnoSentinel, +- open_broker.GetBrokerClientSignalBased()->Stat( ++ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( + leading_path1, follow_links, &sb)); + EXPECT_EQ(-kFakeErrnoSentinel, +- open_broker.GetBrokerClientSignalBased()->Stat( ++ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( + leading_path2, follow_links, &sb)); + EXPECT_EQ(-kFakeErrnoSentinel, +- open_broker.GetBrokerClientSignalBased()->Stat( ++ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( + leading_path3, follow_links, &sb)); + + // Not fooled by substrings. + EXPECT_EQ(-kFakeErrnoSentinel, +- open_broker.GetBrokerClientSignalBased()->Stat( ++ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( + bad_leading_path1, follow_links, &sb)); + EXPECT_EQ(-kFakeErrnoSentinel, +- open_broker.GetBrokerClientSignalBased()->Stat( ++ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( + bad_leading_path2, follow_links, &sb)); + EXPECT_EQ(-kFakeErrnoSentinel, +- open_broker.GetBrokerClientSignalBased()->Stat( ++ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( + bad_leading_path3, follow_links, &sb)); + EXPECT_EQ(-kFakeErrnoSentinel, +- open_broker.GetBrokerClientSignalBased()->Stat( ++ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( + bad_leading_path4, follow_links, &sb)); + EXPECT_EQ(-kFakeErrnoSentinel, +- open_broker.GetBrokerClientSignalBased()->Stat( ++ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( + bad_leading_path5, follow_links, &sb)); + EXPECT_EQ(-kFakeErrnoSentinel, +- open_broker.GetBrokerClientSignalBased()->Stat( ++ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( + bad_leading_path6, follow_links, &sb)); + } + { +@@ -907,37 +908,41 @@ void TestStatHelper(bool fast_check_in_client, bool follow_links) { + ASSERT_TRUE(open_broker.Init(base::BindOnce(&NoOpCallback))); + + memset(&sb, 0, sizeof(sb)); +- EXPECT_EQ(-ENOENT, open_broker.GetBrokerClientSignalBased()->Stat( +- nonesuch_name, follow_links, &sb)); ++ EXPECT_EQ(-ENOENT, ++ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( ++ nonesuch_name, follow_links, &sb)); + + // Gets ENOENT all the way back to root since it has create permission. +- EXPECT_EQ(-ENOENT, open_broker.GetBrokerClientSignalBased()->Stat( +- leading_path1, follow_links, &sb)); +- EXPECT_EQ(-ENOENT, open_broker.GetBrokerClientSignalBased()->Stat( +- leading_path2, follow_links, &sb)); ++ EXPECT_EQ(-ENOENT, ++ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( ++ leading_path1, follow_links, &sb)); ++ EXPECT_EQ(-ENOENT, ++ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( ++ leading_path2, follow_links, &sb)); + + // But can always get the root. +- EXPECT_EQ(0, open_broker.GetBrokerClientSignalBased()->Stat( +- leading_path3, follow_links, &sb)); ++ EXPECT_EQ(0, ++ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( ++ leading_path3, follow_links, &sb)); + + // Not fooled by substrings. + EXPECT_EQ(-kFakeErrnoSentinel, +- open_broker.GetBrokerClientSignalBased()->Stat( ++ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( + bad_leading_path1, follow_links, &sb)); + EXPECT_EQ(-kFakeErrnoSentinel, +- open_broker.GetBrokerClientSignalBased()->Stat( ++ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( + bad_leading_path2, follow_links, &sb)); + EXPECT_EQ(-kFakeErrnoSentinel, +- open_broker.GetBrokerClientSignalBased()->Stat( ++ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( + bad_leading_path3, follow_links, &sb)); + EXPECT_EQ(-kFakeErrnoSentinel, +- open_broker.GetBrokerClientSignalBased()->Stat( ++ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( + bad_leading_path4, follow_links, &sb)); + EXPECT_EQ(-kFakeErrnoSentinel, +- open_broker.GetBrokerClientSignalBased()->Stat( ++ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( + bad_leading_path5, follow_links, &sb)); + EXPECT_EQ(-kFakeErrnoSentinel, +- open_broker.GetBrokerClientSignalBased()->Stat( ++ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( + bad_leading_path6, follow_links, &sb)); + } + { +@@ -949,8 +954,9 @@ void TestStatHelper(bool fast_check_in_client, bool follow_links) { + ASSERT_TRUE(open_broker.Init(base::BindOnce(&NoOpCallback))); + + memset(&sb, 0, sizeof(sb)); +- EXPECT_EQ(0, open_broker.GetBrokerClientSignalBased()->Stat( +- tempfile_name, follow_links, &sb)); ++ EXPECT_EQ(0, ++ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( ++ tempfile_name, follow_links, &sb)); + + // Following fields may never be consistent but should be non-zero. + // Don't trust the platform to define fields with any particular sign. +@@ -968,9 +974,9 @@ void TestStatHelper(bool fast_check_in_client, bool follow_links) { + EXPECT_EQ(12, sb.st_size); + + // Can't go backwards in time, 1500000000 was some time ago. +- EXPECT_LT(1500000000u, static_cast(sb.st_atime)); +- EXPECT_LT(1500000000u, static_cast(sb.st_mtime)); +- EXPECT_LT(1500000000u, static_cast(sb.st_ctime)); ++ EXPECT_LT(1500000000u, static_cast(sb.st_atime_)); ++ EXPECT_LT(1500000000u, static_cast(sb.st_mtime_)); ++ EXPECT_LT(1500000000u, static_cast(sb.st_ctime_)); + } + } + +diff --git a/sandbox/linux/syscall_broker/remote_syscall_arg_handler_unittest.cc b/sandbox/linux/syscall_broker/remote_syscall_arg_handler_unittest.cc +index fffa9bb708..f517a9867c 100644 +--- a/sandbox/linux/syscall_broker/remote_syscall_arg_handler_unittest.cc ++++ b/sandbox/linux/syscall_broker/remote_syscall_arg_handler_unittest.cc +@@ -16,6 +16,7 @@ + #include "base/memory/page_size.h" + #include "base/posix/unix_domain_socket.h" + #include "base/test/bind.h" ++#include "sandbox/linux/tests/test_utils.h" + #include "sandbox/linux/tests/unit_tests.h" + #include "testing/gtest/include/gtest/gtest.h" + +@@ -52,19 +53,6 @@ void VerifyCorrectString(std::string str, size_t size) { + } + } + +-void* MapPagesOrDie(size_t num_pages) { +- void* addr = mmap(nullptr, num_pages * base::GetPageSize(), +- PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); +- PCHECK(addr); +- return addr; +-} +- +-void MprotectLastPageOrDie(char* addr, size_t num_pages) { +- size_t last_page_offset = (num_pages - 1) * base::GetPageSize(); +- PCHECK(mprotect(addr + last_page_offset, base::GetPageSize(), PROT_NONE) >= +- 0); +-} +- + pid_t ForkWaitingChild(base::OnceCallback + after_parent_signals_callback = base::DoNothing(), + base::ScopedFD* parent_sync_fd = nullptr) { +@@ -105,13 +93,13 @@ void ReadTest(const ReadTestConfig& test_config) { + size_t total_pages = (test_config.start_at + test_config.total_size + + base::GetPageSize() - 1) / + base::GetPageSize(); +- char* mmap_addr = static_cast(MapPagesOrDie(total_pages)); ++ char* mmap_addr = static_cast(TestUtils::MapPagesOrDie(total_pages)); + char* addr = mmap_addr + test_config.start_at; + FillBufferWithPath(addr, test_config.total_size, + test_config.include_null_byte); + + if (test_config.last_page_inaccessible) +- MprotectLastPageOrDie(mmap_addr, total_pages); ++ TestUtils::MprotectLastPageOrDie(mmap_addr, total_pages); + + pid_t pid = ForkWaitingChild(); + munmap(mmap_addr, base::GetPageSize() * total_pages); +@@ -212,7 +200,7 @@ SANDBOX_TEST(BrokerRemoteSyscallArgHandler, ReadChunkPlus1EndingOnePastPage) { + } + + SANDBOX_TEST(BrokerRemoteSyscallArgHandler, ReadChildExited) { +- void* addr = MapPagesOrDie(1); ++ void* addr = TestUtils::MapPagesOrDie(1); + FillBufferWithPath(static_cast(addr), strlen(kPathPart) + 1, true); + + base::ScopedFD parent_sync, child_sync; +@@ -240,10 +228,10 @@ SANDBOX_TEST(BrokerRemoteSyscallArgHandler, ReadChildExited) { + } + + SANDBOX_TEST(BrokerRemoteSyscallArgHandler, BasicWrite) { +- void* read_from = MapPagesOrDie(1); ++ void* read_from = TestUtils::MapPagesOrDie(1); + const size_t write_size = base::GetPageSize(); + FillBufferWithPath(static_cast(read_from), write_size, false); +- char* write_to = static_cast(MapPagesOrDie(1)); ++ char* write_to = static_cast(TestUtils::MapPagesOrDie(1)); + base::ScopedFD parent_signal_fd; + const std::vector empty_fd_vec; + +@@ -278,8 +266,8 @@ SANDBOX_TEST(BrokerRemoteSyscallArgHandler, BasicWrite) { + } + + SANDBOX_TEST(BrokerRemoteSyscallArgHandler, WriteToInvalidAddress) { +- char* write_to = static_cast(MapPagesOrDie(1)); +- MprotectLastPageOrDie(write_to, 1); ++ char* write_to = static_cast(TestUtils::MapPagesOrDie(1)); ++ TestUtils::MprotectLastPageOrDie(write_to, 1); + base::ScopedFD parent_signal_fd; + const std::vector empty_fd_vec; + +@@ -295,11 +283,11 @@ SANDBOX_TEST(BrokerRemoteSyscallArgHandler, WriteToInvalidAddress) { + } + + SANDBOX_TEST(BrokerRemoteSyscallArgHandler, WritePartiallyToInvalidAddress) { +- char* read_from = static_cast(MapPagesOrDie(2)); ++ char* read_from = static_cast(TestUtils::MapPagesOrDie(2)); + const size_t write_size = base::GetPageSize(); + FillBufferWithPath(static_cast(read_from), write_size, false); +- char* write_to = static_cast(MapPagesOrDie(2)); +- MprotectLastPageOrDie(write_to, 2); ++ char* write_to = static_cast(TestUtils::MapPagesOrDie(2)); ++ TestUtils::MprotectLastPageOrDie(write_to, 2); + write_to += base::GetPageSize() / 2; + base::ScopedFD parent_signal_fd; + const std::vector empty_fd_vec; +@@ -314,7 +302,7 @@ SANDBOX_TEST(BrokerRemoteSyscallArgHandler, WritePartiallyToInvalidAddress) { + } + + SANDBOX_TEST(BrokerRemoteSyscallArgHandler, WriteChildExited) { +- char* addr = static_cast(MapPagesOrDie(1)); ++ char* addr = static_cast(TestUtils::MapPagesOrDie(1)); + FillBufferWithPath(static_cast(addr), strlen(kPathPart) + 1, true); + + base::ScopedFD parent_sync, child_sync; +diff --git a/sandbox/linux/syscall_broker/syscall_dispatcher.cc b/sandbox/linux/syscall_broker/syscall_dispatcher.cc +index b9ee93c14a..8a42397ef8 100644 +--- a/sandbox/linux/syscall_broker/syscall_dispatcher.cc ++++ b/sandbox/linux/syscall_broker/syscall_dispatcher.cc +@@ -19,8 +19,18 @@ namespace syscall_broker { + #define BROKER_UNPOISON_STRING(x) + #endif + ++int SyscallDispatcher::DefaultStatForTesting(const char* pathname, ++ bool follow_links, ++ default_stat_struct* sb) { ++#if defined(__NR_fstatat64) ++ return Stat64(pathname, follow_links, sb); ++#elif defined(__NR_newfstatat) ++ return Stat(pathname, follow_links, sb); ++#endif ++} ++ + int SyscallDispatcher::PerformStatat(const arch_seccomp_data& args, +- bool arch64) { ++ bool stat64) { + if (static_cast(args.args[0]) != AT_FDCWD) + return -EPERM; + // Only allow the AT_SYMLINK_NOFOLLOW flag which is used by some libc +@@ -30,13 +40,29 @@ int SyscallDispatcher::PerformStatat(const arch_seccomp_data& args, + + const bool follow_links = + !(static_cast(args.args[3]) & AT_SYMLINK_NOFOLLOW); +- if (arch64) { ++ if (stat64) { + return Stat64(reinterpret_cast(args.args[1]), follow_links, +- reinterpret_cast(args.args[2])); ++ reinterpret_cast(args.args[2])); + } + + return Stat(reinterpret_cast(args.args[1]), follow_links, +- reinterpret_cast(args.args[2])); ++ reinterpret_cast(args.args[2])); ++} ++ ++int SyscallDispatcher::PerformUnlinkat(const arch_seccomp_data& args) { ++ if (static_cast(args.args[0]) != AT_FDCWD) ++ return -EPERM; ++ ++ int flags = static_cast(args.args[2]); ++ ++ if (flags == AT_REMOVEDIR) { ++ return Rmdir(reinterpret_cast(args.args[1])); ++ } ++ ++ if (flags != 0) ++ return -EPERM; ++ ++ return Unlink(reinterpret_cast(args.args[1])); + } + + int SyscallDispatcher::DispatchSyscall(const arch_seccomp_data& args) { +@@ -127,59 +153,42 @@ int SyscallDispatcher::DispatchSyscall(const arch_seccomp_data& args) { + #if defined(__NR_stat) + case __NR_stat: + return Stat(reinterpret_cast(args.args[0]), true, +- reinterpret_cast(args.args[1])); ++ reinterpret_cast(args.args[1])); + #endif + #if defined(__NR_stat64) + case __NR_stat64: + return Stat64(reinterpret_cast(args.args[0]), true, +- reinterpret_cast(args.args[1])); ++ reinterpret_cast(args.args[1])); + #endif + #if defined(__NR_lstat) + case __NR_lstat: + // See https://crbug.com/847096 + BROKER_UNPOISON_STRING(reinterpret_cast(args.args[0])); + return Stat(reinterpret_cast(args.args[0]), false, +- reinterpret_cast(args.args[1])); ++ reinterpret_cast(args.args[1])); + #endif + #if defined(__NR_lstat64) + case __NR_lstat64: + // See https://crbug.com/847096 + BROKER_UNPOISON_STRING(reinterpret_cast(args.args[0])); + return Stat64(reinterpret_cast(args.args[0]), false, +- reinterpret_cast(args.args[1])); +-#endif +-#if defined(__NR_fstatat) +- case __NR_fstatat: +- return PerformStatat(args, /*arch64=*/false); ++ reinterpret_cast(args.args[1])); + #endif + #if defined(__NR_fstatat64) + case __NR_fstatat64: +- return PerformStatat(args, /*arch64=*/true); ++ return PerformStatat(args, /*stat64=*/true); + #endif + #if defined(__NR_newfstatat) + case __NR_newfstatat: +- return PerformStatat(args, /*arch64=*/false); ++ return PerformStatat(args, /*stat64=*/false); + #endif + #if defined(__NR_unlink) + case __NR_unlink: + return Unlink(reinterpret_cast(args.args[0])); + #endif + #if defined(__NR_unlinkat) +- case __NR_unlinkat: { +- if (static_cast(args.args[0]) != AT_FDCWD) +- return -EPERM; +- +- int flags = static_cast(args.args[2]); +- +- if (flags == AT_REMOVEDIR) { +- return Rmdir(reinterpret_cast(args.args[1])); +- } +- +- if (flags != 0) +- return -EPERM; +- +- return Unlink(reinterpret_cast(args.args[1])); +- } ++ case __NR_unlinkat: ++ return PerformUnlinkat(args); + #endif // defined(__NR_unlinkat) + default: + RAW_CHECK(false); +diff --git a/sandbox/linux/syscall_broker/syscall_dispatcher.h b/sandbox/linux/syscall_broker/syscall_dispatcher.h +index d8b8874ad9..1d6653caf3 100644 +--- a/sandbox/linux/syscall_broker/syscall_dispatcher.h ++++ b/sandbox/linux/syscall_broker/syscall_dispatcher.h +@@ -9,13 +9,15 @@ + #include + + #include "sandbox/linux/system_headers/linux_seccomp.h" ++#include "sandbox/linux/system_headers/linux_stat.h" ++#include "sandbox/sandbox_export.h" + + namespace sandbox { + namespace syscall_broker { + + // An abstract class that defines all the system calls we perform for the + // sandboxed process. +-class SyscallDispatcher { ++class SANDBOX_EXPORT SyscallDispatcher { + public: + // Emulates access()/faccessat(). + // X_OK will always return an error in practice since the broker process +@@ -40,19 +42,34 @@ class SyscallDispatcher { + virtual int Rmdir(const char* path) const = 0; + + // Emulates stat()/stat64()/lstat()/lstat64()/fstatat()/newfstatat(). ++ // Stat64 is only available on 32-bit systems. + virtual int Stat(const char* pathname, + bool follow_links, +- struct stat* sb) const = 0; ++ struct kernel_stat* sb) const = 0; + virtual int Stat64(const char* pathname, + bool follow_links, +- struct stat64* sb) const = 0; ++ struct kernel_stat64* sb) const = 0; + + // Emulates unlink()/unlinkat(). + virtual int Unlink(const char* unlink) const = 0; + ++ // Different architectures use a different syscall from the stat family by ++ // default in glibc. E.g. 32-bit systems use *stat*64() and fill out struct ++ // kernel_stat64, whereas 64-bit systems use *stat*() and fill out struct ++ // kernel_stat. Some tests want to call the SyscallDispatcher directly, and ++ // should be using the default stat in order to test against glibc. ++ int DefaultStatForTesting(const char* pathname, ++ bool follow_links, ++ default_stat_struct* sb); ++ + // Validates the args passed to a *statat*() syscall and performs the syscall +- // using Stat() or Stat64(). +- int PerformStatat(const arch_seccomp_data& args, bool arch64); ++ // using Stat(), or on 32-bit systems it uses Stat64() for the *statat64() ++ // syscalls. ++ int PerformStatat(const arch_seccomp_data& args, bool stat64); ++ ++ // Validates the args passed to an unlinkat() syscall and performs the syscall ++ // using either Unlink() or Rmdir(). ++ int PerformUnlinkat(const arch_seccomp_data& args); + + // Reads the syscall number and arguments, imposes some policy (e.g. the *at() + // system calls must only allow AT_FDCWD as the first argument), and +diff --git a/sandbox/linux/system_headers/linux_stat.h b/sandbox/linux/system_headers/linux_stat.h +new file mode 100644 +index 0000000000..35788eb22a +--- /dev/null ++++ b/sandbox/linux/system_headers/linux_stat.h +@@ -0,0 +1,188 @@ ++// Copyright 2021 The Chromium Authors. All rights reserved. ++// Use of this source code is governed by a BSD-style license that can be ++// found in the LICENSE file. ++ ++#ifndef SANDBOX_LINUX_SYSTEM_HEADERS_LINUX_STAT_H_ ++#define SANDBOX_LINUX_SYSTEM_HEADERS_LINUX_STAT_H_ ++ ++#include ++ ++#include "build/build_config.h" ++#include "sandbox/linux/system_headers/linux_syscalls.h" ++ ++#if defined(ARCH_CPU_MIPS_FAMILY) ++#if defined(ARCH_CPU_64_BITS) ++struct kernel_stat { ++#else ++struct kernel_stat64 { ++#endif ++ unsigned st_dev; ++ unsigned __pad0[3]; ++ unsigned long long st_ino; ++ unsigned st_mode; ++ unsigned st_nlink; ++ unsigned st_uid; ++ unsigned st_gid; ++ unsigned st_rdev; ++ unsigned __pad1[3]; ++ long long st_size; ++ unsigned st_atime_; ++ unsigned st_atime_nsec_; ++ unsigned st_mtime_; ++ unsigned st_mtime_nsec_; ++ unsigned st_ctime_; ++ unsigned st_ctime_nsec_; ++ unsigned st_blksize; ++ unsigned __pad2; ++ unsigned long long st_blocks; ++}; ++#else ++struct kernel_stat64 { ++ unsigned long long st_dev; ++ unsigned char __pad0[4]; ++ unsigned __st_ino; ++ unsigned st_mode; ++ unsigned st_nlink; ++ unsigned st_uid; ++ unsigned st_gid; ++ unsigned long long st_rdev; ++ unsigned char __pad3[4]; ++ long long st_size; ++ unsigned st_blksize; ++ unsigned long long st_blocks; ++ unsigned st_atime_; ++ unsigned st_atime_nsec_; ++ unsigned st_mtime_; ++ unsigned st_mtime_nsec_; ++ unsigned st_ctime_; ++ unsigned st_ctime_nsec_; ++ unsigned long long st_ino; ++}; ++#endif ++ ++#if defined(__i386__) || defined(__ARM_ARCH_3__) || defined(__ARM_EABI__) ++struct kernel_stat { ++ /* The kernel headers suggest that st_dev and st_rdev should be 32bit ++ * quantities encoding 12bit major and 20bit minor numbers in an interleaved ++ * format. In reality, we do not see useful data in the top bits. So, ++ * we'll leave the padding in here, until we find a better solution. ++ */ ++ unsigned short st_dev; ++ short pad1; ++ unsigned st_ino; ++ unsigned short st_mode; ++ unsigned short st_nlink; ++ unsigned short st_uid; ++ unsigned short st_gid; ++ unsigned short st_rdev; ++ short pad2; ++ unsigned st_size; ++ unsigned st_blksize; ++ unsigned st_blocks; ++ unsigned st_atime_; ++ unsigned st_atime_nsec_; ++ unsigned st_mtime_; ++ unsigned st_mtime_nsec_; ++ unsigned st_ctime_; ++ unsigned st_ctime_nsec_; ++ unsigned __unused4; ++ unsigned __unused5; ++}; ++#elif defined(__x86_64__) ++struct kernel_stat { ++ uint64_t st_dev; ++ uint64_t st_ino; ++ uint64_t st_nlink; ++ unsigned st_mode; ++ unsigned st_uid; ++ unsigned st_gid; ++ unsigned __pad0; ++ uint64_t st_rdev; ++ int64_t st_size; ++ int64_t st_blksize; ++ int64_t st_blocks; ++ uint64_t st_atime_; ++ uint64_t st_atime_nsec_; ++ uint64_t st_mtime_; ++ uint64_t st_mtime_nsec_; ++ uint64_t st_ctime_; ++ uint64_t st_ctime_nsec_; ++ int64_t __unused4[3]; ++}; ++#elif (defined(ARCH_CPU_MIPS_FAMILY) && defined(ARCH_CPU_32_BITS)) ++struct kernel_stat { ++ unsigned st_dev; ++ int st_pad1[3]; ++ unsigned st_ino; ++ unsigned st_mode; ++ unsigned st_nlink; ++ unsigned st_uid; ++ unsigned st_gid; ++ unsigned st_rdev; ++ int st_pad2[2]; ++ long st_size; ++ int st_pad3; ++ long st_atime_; ++ long st_atime_nsec_; ++ long st_mtime_; ++ long st_mtime_nsec_; ++ long st_ctime_; ++ long st_ctime_nsec_; ++ int st_blksize; ++ int st_blocks; ++ int st_pad4[14]; ++}; ++#elif defined(__aarch64__) ++struct kernel_stat { ++ unsigned long st_dev; ++ unsigned long st_ino; ++ unsigned int st_mode; ++ unsigned int st_nlink; ++ unsigned int st_uid; ++ unsigned int st_gid; ++ unsigned long st_rdev; ++ unsigned long __pad1; ++ long st_size; ++ int st_blksize; ++ int __pad2; ++ long st_blocks; ++ long st_atime_; ++ unsigned long st_atime_nsec_; ++ long st_mtime_; ++ unsigned long st_mtime_nsec_; ++ long st_ctime_; ++ unsigned long st_ctime_nsec_; ++ unsigned int __unused4; ++ unsigned int __unused5; ++}; ++#endif ++ ++// On 32-bit systems, we default to the 64-bit stat struct like libc ++// implementations do. Otherwise we default to the normal stat struct which is ++// already 64-bit. ++// These defines make it easy to call the right syscall to fill out a 64-bit ++// stat struct, which is the default in libc implementations but requires ++// different syscall names on 32 and 64-bit platforms. ++#if defined(__NR_fstatat64) ++ ++namespace sandbox { ++using default_stat_struct = struct kernel_stat64; ++} // namespace sandbox ++ ++#define __NR_fstatat_default __NR_fstatat64 ++#define __NR_fstat_default __NR_fstat64 ++ ++#elif defined(__NR_newfstatat) ++ ++namespace sandbox { ++using default_stat_struct = struct kernel_stat; ++} // namespace sandbox ++ ++#define __NR_fstatat_default __NR_newfstatat ++#define __NR_fstat_default __NR_fstat ++ ++#else ++#error "one of fstatat64 and newfstatat must be defined" ++#endif ++ ++#endif // SANDBOX_LINUX_SYSTEM_HEADERS_LINUX_STAT_H_ +diff --git a/sandbox/linux/system_headers/linux_time.h b/sandbox/linux/system_headers/linux_time.h +index 780f24dddd..f18c806611 100644 +--- a/sandbox/linux/system_headers/linux_time.h ++++ b/sandbox/linux/system_headers/linux_time.h +@@ -11,6 +11,32 @@ + #define CPUCLOCK_CLOCK_MASK 3 + #endif + ++#if !defined(CPUCLOCK_PROF) ++#define CPUCLOCK_PROF 0 ++#endif ++ ++#if !defined(CPUCLOCK_VIRT) ++#define CPUCLOCK_VIRT 1 ++#endif ++ ++#if !defined(CPUCLOCK_SCHED) ++#define CPUCLOCK_SCHED 2 ++#endif ++ ++#if !defined(CPUCLOCK_PERTHREAD_MASK) ++#define CPUCLOCK_PERTHREAD_MASK 4 ++#endif ++ ++#if !defined(MAKE_PROCESS_CPUCLOCK) ++#define MAKE_PROCESS_CPUCLOCK(pid, clock) \ ++ ((int)(~(unsigned)(pid) << 3) | (int)(clock)) ++#endif ++ ++#if !defined(MAKE_THREAD_CPUCLOCK) ++#define MAKE_THREAD_CPUCLOCK(tid, clock) \ ++ ((int)(~(unsigned)(tid) << 3) | (int)((clock) | CPUCLOCK_PERTHREAD_MASK)) ++#endif ++ + #if !defined(CLOCKFD) + #define CLOCKFD 3 + #endif +diff --git a/sandbox/linux/tests/test_utils.cc b/sandbox/linux/tests/test_utils.cc +index 847c20b20c..cf6041a4b4 100644 +--- a/sandbox/linux/tests/test_utils.cc ++++ b/sandbox/linux/tests/test_utils.cc +@@ -5,12 +5,14 @@ + #include "sandbox/linux/tests/test_utils.h" + + #include ++#include + #include + #include + #include + #include + + #include "base/check_op.h" ++#include "base/memory/page_size.h" + #include "base/posix/eintr_wrapper.h" + + namespace sandbox { +@@ -39,4 +41,17 @@ void TestUtils::HandlePostForkReturn(pid_t pid) { + } + } + ++void* TestUtils::MapPagesOrDie(size_t num_pages) { ++ void* addr = mmap(nullptr, num_pages * base::GetPageSize(), ++ PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); ++ PCHECK(addr); ++ return addr; ++} ++ ++void TestUtils::MprotectLastPageOrDie(char* addr, size_t num_pages) { ++ size_t last_page_offset = (num_pages - 1) * base::GetPageSize(); ++ PCHECK(mprotect(addr + last_page_offset, base::GetPageSize(), PROT_NONE) >= ++ 0); ++} ++ + } // namespace sandbox +diff --git a/sandbox/linux/tests/test_utils.h b/sandbox/linux/tests/test_utils.h +index 7cf9749fe4..43b028b1e3 100644 +--- a/sandbox/linux/tests/test_utils.h ++++ b/sandbox/linux/tests/test_utils.h +@@ -19,6 +19,8 @@ class TestUtils { + // makes sure that if fork() succeeded the child exits + // and the parent waits for it. + static void HandlePostForkReturn(pid_t pid); ++ static void* MapPagesOrDie(size_t num_pages); ++ static void MprotectLastPageOrDie(char* addr, size_t num_pages); + + private: + DISALLOW_IMPLICIT_CONSTRUCTORS(TestUtils); +diff --git a/sandbox/policy/linux/bpf_broker_policy_linux.cc b/sandbox/policy/linux/bpf_broker_policy_linux.cc +index 2963bb9ca8..6dc8c0581b 100644 +--- a/sandbox/policy/linux/bpf_broker_policy_linux.cc ++++ b/sandbox/policy/linux/bpf_broker_policy_linux.cc +@@ -93,8 +93,8 @@ ResultExpr BrokerProcessPolicy::EvaluateSyscall(int sysno) const { + return Allow(); + break; + #endif +-#if defined(__NR_fstatat) +- case __NR_fstatat: ++#if defined(__NR_fstatat64) ++ case __NR_fstatat64: + if (allowed_command_set_.test(syscall_broker::COMMAND_STAT)) + return Allow(); + break; diff --git a/chromium-92.0.4515.107-make-GetUsableSize-handle-nullptr-gracefully.patch b/chromium-92.0.4515.107-make-GetUsableSize-handle-nullptr-gracefully.patch new file mode 100644 index 0000000..3a03645 --- /dev/null +++ b/chromium-92.0.4515.107-make-GetUsableSize-handle-nullptr-gracefully.patch @@ -0,0 +1,49 @@ +From 61e16c92ff24bb71b9b7309a9d6d470ee91738bc Mon Sep 17 00:00:00 2001 +From: Bartek Nowierski +Date: Wed, 21 Jul 2021 15:01:38 +0000 +Subject: [PATCH] [PA] Make GetUsableSize() handle nullptr gracefully + +malloc_usable_size() is expected to not crush on NULL and return 0. + +Bug: 1221442 +Change-Id: I6a3b90dcf3a8ad18114c206d87b98f60d5f50eb1 +Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3042177 +Commit-Queue: Bartek Nowierski +Commit-Queue: Kentaro Hara +Auto-Submit: Bartek Nowierski +Reviewed-by: Kentaro Hara +Cr-Commit-Position: refs/heads/master@{#903900} +--- + .../allocator/partition_allocator/partition_alloc_unittest.cc | 4 ++++ + base/allocator/partition_allocator/partition_root.h | 3 +++ + 2 files changed, 7 insertions(+) + +diff --git a/base/allocator/partition_allocator/partition_alloc_unittest.cc b/base/allocator/partition_allocator/partition_alloc_unittest.cc +index c12120114aa7..8863984cd805 100644 +--- a/base/allocator/partition_allocator/partition_alloc_unittest.cc ++++ b/base/allocator/partition_allocator/partition_alloc_unittest.cc +@@ -2838,6 +2838,10 @@ TEST_F(PartitionAllocTest, OptimizedGetSlotNumber) { + } + } + ++TEST_F(PartitionAllocTest, GetUsableSizeNull) { ++ EXPECT_EQ(0ULL, PartitionRoot::GetUsableSize(nullptr)); ++} ++ + TEST_F(PartitionAllocTest, GetUsableSize) { + size_t delta = SystemPageSize() + 1; + for (size_t size = 1; size <= kMinDirectMappedDownsize; size += delta) { +diff --git a/base/allocator/partition_allocator/partition_root.h b/base/allocator/partition_allocator/partition_root.h +index b72a1d94a4e4..baac952597d1 100644 +--- a/base/allocator/partition_allocator/partition_root.h ++++ b/base/allocator/partition_allocator/partition_root.h +@@ -1220,6 +1220,9 @@ ALWAYS_INLINE bool PartitionRoot::TryRecommitSystemPagesForData( + // PartitionAlloc's internal data. Used as malloc_usable_size. + template + ALWAYS_INLINE size_t PartitionRoot::GetUsableSize(void* ptr) { ++ // malloc_usable_size() is expected to handle NULL gracefully and return 0. ++ if (!ptr) ++ return 0; + auto* slot_span = SlotSpan::FromSlotInnerPtr(ptr); + auto* root = FromSlotSpan(slot_span); + return slot_span->GetUsableSize(root); diff --git a/chromium-92.0.4515.107-sql-make-VirtualCursor-standard-layout-type.patch b/chromium-92.0.4515.107-sql-make-VirtualCursor-standard-layout-type.patch new file mode 100644 index 0000000..c1c68f1 --- /dev/null +++ b/chromium-92.0.4515.107-sql-make-VirtualCursor-standard-layout-type.patch @@ -0,0 +1,238 @@ +From 80368f8ba7a8bab13440463a254888311efe3986 Mon Sep 17 00:00:00 2001 +From: Stephan Hartmann +Date: Tue, 4 May 2021 15:00:19 +0000 +Subject: [PATCH] sql: make VirtualCursor standard layout type + +sql::recover::VirtualCursor needs to be a standard layout type, but +has members of type std::unique_ptr. However, std::unique_ptr is not +guaranteed to be standard layout. Compiling with clang combined with +gcc-11 libstdc++ fails because of this. Replace std::unique_ptr with +raw pointers. + +Bug: 1189788 +Change-Id: Ia6dc388cc5ef1c0f2afc75f8ca45b9f12687ca9c +--- + sql/recover_module/btree.cc | 21 +++++++++++++++------ + sql/recover_module/btree.h | 17 +++++++++++++---- + sql/recover_module/cursor.cc | 24 ++++++++++++------------ + sql/recover_module/cursor.h | 2 +- + sql/recover_module/pager.cc | 7 +++---- + sql/recover_module/pager.h | 5 +++-- + 6 files changed, 47 insertions(+), 29 deletions(-) + +diff --git a/sql/recover_module/btree.cc b/sql/recover_module/btree.cc +index 9ecaafe8a3..839318abf9 100644 +--- a/sql/recover_module/btree.cc ++++ b/sql/recover_module/btree.cc +@@ -135,16 +135,25 @@ static_assert(std::is_trivially_destructible::value, + "Move the destructor to the .cc file if it's non-trival"); + #endif // !DCHECK_IS_ON() + +-LeafPageDecoder::LeafPageDecoder(DatabasePageReader* db_reader) noexcept +- : page_id_(db_reader->page_id()), +- db_reader_(db_reader), +- cell_count_(ComputeCellCount(db_reader)), +- next_read_index_(0), +- last_record_size_(0) { ++void LeafPageDecoder::Initialize(DatabasePageReader* db_reader) { ++ DCHECK(db_reader); + DCHECK(IsOnValidPage(db_reader)); ++ page_id_ = db_reader->page_id(); ++ db_reader_ = db_reader; ++ cell_count_ = ComputeCellCount(db_reader); ++ next_read_index_ = 0; ++ last_record_size_ = 0; + DCHECK(DatabasePageReader::IsValidPageId(page_id_)); + } + ++void LeafPageDecoder::Reset() { ++ db_reader_ = nullptr; ++ page_id_ = 0; ++ cell_count_ = 0; ++ next_read_index_ = 0; ++ last_record_size_ = 0; ++} ++ + bool LeafPageDecoder::TryAdvance() { + DCHECK_CALLED_ON_VALID_SEQUENCE(sequence_checker_); + DCHECK(CanAdvance()); +diff --git a/sql/recover_module/btree.h b/sql/recover_module/btree.h +index d76d076bf6..33114b01fa 100644 +--- a/sql/recover_module/btree.h ++++ b/sql/recover_module/btree.h +@@ -102,7 +102,7 @@ class LeafPageDecoder { + // + // |db_reader| must have been used to read an inner page of a table B-tree. + // |db_reader| must outlive this instance. +- explicit LeafPageDecoder(DatabasePageReader* db_reader) noexcept; ++ explicit LeafPageDecoder() noexcept = default; + ~LeafPageDecoder() noexcept = default; + + LeafPageDecoder(const LeafPageDecoder&) = delete; +@@ -150,6 +150,15 @@ class LeafPageDecoder { + // read as long as CanAdvance() returns true. + bool TryAdvance(); + ++ // Initialize with DatabasePageReader ++ void Initialize(DatabasePageReader* db_reader); ++ ++ // Reset internal DatabasePageReader ++ void Reset(); ++ ++ // True if DatabasePageReader is valid ++ bool IsValid() { return (db_reader_ != nullptr); } ++ + // True if the given reader may point to an inner page in a table B-tree. + // + // The last ReadPage() call on |db_reader| must have succeeded. +@@ -163,14 +172,14 @@ class LeafPageDecoder { + static int ComputeCellCount(DatabasePageReader* db_reader); + + // The number of the B-tree page this reader is reading. +- const int64_t page_id_; ++ int64_t page_id_; + // Used to read the tree page. + // + // Raw pointer usage is acceptable because this instance's owner is expected + // to ensure that the DatabasePageReader outlives this. +- DatabasePageReader* const db_reader_; ++ DatabasePageReader* db_reader_; + // Caches the ComputeCellCount() value for this reader's page. +- const int cell_count_ = ComputeCellCount(db_reader_); ++ int cell_count_; + + // The reader's cursor state. + // +diff --git a/sql/recover_module/cursor.cc b/sql/recover_module/cursor.cc +index 0029ff9295..42548bc4b5 100644 +--- a/sql/recover_module/cursor.cc ++++ b/sql/recover_module/cursor.cc +@@ -26,7 +26,7 @@ VirtualCursor::~VirtualCursor() { + int VirtualCursor::First() { + DCHECK_CALLED_ON_VALID_SEQUENCE(sequence_checker_); + inner_decoders_.clear(); +- leaf_decoder_ = nullptr; ++ leaf_decoder_.Reset(); + + AppendPageDecoder(table_->root_page_id()); + return Next(); +@@ -36,18 +36,18 @@ int VirtualCursor::Next() { + DCHECK_CALLED_ON_VALID_SEQUENCE(sequence_checker_); + record_reader_.Reset(); + +- while (!inner_decoders_.empty() || leaf_decoder_.get()) { +- if (leaf_decoder_.get()) { +- if (!leaf_decoder_->CanAdvance()) { ++ while (!inner_decoders_.empty() || leaf_decoder_.IsValid()) { ++ if (leaf_decoder_.IsValid()) { ++ if (!leaf_decoder_.CanAdvance()) { + // The leaf has been exhausted. Remove it from the DFS stack. +- leaf_decoder_ = nullptr; ++ leaf_decoder_.Reset(); + continue; + } +- if (!leaf_decoder_->TryAdvance()) ++ if (!leaf_decoder_.TryAdvance()) + continue; + +- if (!payload_reader_.Initialize(leaf_decoder_->last_record_size(), +- leaf_decoder_->last_record_offset())) { ++ if (!payload_reader_.Initialize(leaf_decoder_.last_record_size(), ++ leaf_decoder_.last_record_offset())) { + continue; + } + if (!record_reader_.Initialize()) +@@ -99,13 +99,13 @@ int VirtualCursor::ReadColumn(int column_index, + int64_t VirtualCursor::RowId() { + DCHECK_CALLED_ON_VALID_SEQUENCE(sequence_checker_); + DCHECK(record_reader_.IsInitialized()); +- DCHECK(leaf_decoder_.get()); +- return leaf_decoder_->last_record_rowid(); ++ DCHECK(leaf_decoder_.IsValid()); ++ return leaf_decoder_.last_record_rowid(); + } + + void VirtualCursor::AppendPageDecoder(int page_id) { + DCHECK_CALLED_ON_VALID_SEQUENCE(sequence_checker_); +- DCHECK(leaf_decoder_.get() == nullptr) ++ DCHECK(!leaf_decoder_.IsValid()) + << __func__ + << " must only be called when the current path has no leaf decoder"; + +@@ -113,7 +113,7 @@ void VirtualCursor::AppendPageDecoder(int page_id) { + return; + + if (LeafPageDecoder::IsOnValidPage(&db_reader_)) { +- leaf_decoder_ = std::make_unique(&db_reader_); ++ leaf_decoder_.Initialize(&db_reader_); + return; + } + +diff --git a/sql/recover_module/cursor.h b/sql/recover_module/cursor.h +index afcd6900e1..b15c31d425 100644 +--- a/sql/recover_module/cursor.h ++++ b/sql/recover_module/cursor.h +@@ -129,7 +129,7 @@ class VirtualCursor { + std::vector> inner_decoders_; + + // Decodes the leaf page containing records. +- std::unique_ptr leaf_decoder_; ++ LeafPageDecoder leaf_decoder_; + + SEQUENCE_CHECKER(sequence_checker_); + }; +diff --git a/sql/recover_module/pager.cc b/sql/recover_module/pager.cc +index 58e75de270..5fe96204e5 100644 +--- a/sql/recover_module/pager.cc ++++ b/sql/recover_module/pager.cc +@@ -23,8 +23,7 @@ static_assert(DatabasePageReader::kMaxPageId <= std::numeric_limits::max(), + "ints are not appropriate for representing page IDs"); + + DatabasePageReader::DatabasePageReader(VirtualTable* table) +- : page_data_(std::make_unique(table->page_size())), +- table_(table) { ++ : page_data_(), table_(table) { + DCHECK(table != nullptr); + DCHECK(IsValidPageSize(table->page_size())); + } +@@ -57,8 +56,8 @@ int DatabasePageReader::ReadPage(int page_id) { + std::numeric_limits::max(), + "The |read_offset| computation above may overflow"); + +- int sqlite_status = +- RawRead(sqlite_file, read_size, read_offset, page_data_.get()); ++ int sqlite_status = RawRead(sqlite_file, read_size, read_offset, ++ const_cast(page_data_.data())); + + // |page_id_| needs to be set to kInvalidPageId if the read failed. + // Otherwise, future ReadPage() calls with the previous |page_id_| value +diff --git a/sql/recover_module/pager.h b/sql/recover_module/pager.h +index 0e388ddc3b..99314e30ff 100644 +--- a/sql/recover_module/pager.h ++++ b/sql/recover_module/pager.h +@@ -5,6 +5,7 @@ + #ifndef SQL_RECOVER_MODULE_PAGER_H_ + #define SQL_RECOVER_MODULE_PAGER_H_ + ++#include + #include + #include + +@@ -70,7 +71,7 @@ class DatabasePageReader { + DCHECK_CALLED_ON_VALID_SEQUENCE(sequence_checker_); + DCHECK_NE(page_id_, kInvalidPageId) + << "Successful ReadPage() required before accessing pager state"; +- return page_data_.get(); ++ return page_data_.data(); + } + + // The number of bytes in the page read by the last ReadPage() call. +@@ -137,7 +138,7 @@ class DatabasePageReader { + int page_id_ = kInvalidPageId; + // Stores the bytes of the last page successfully read by ReadPage(). + // The content is undefined if the last call to ReadPage() did not succeed. +- const std::unique_ptr page_data_; ++ const std::array page_data_; + // Raw pointer usage is acceptable because this instance's owner is expected + // to ensure that the VirtualTable outlives this. + VirtualTable* const table_; diff --git a/chromium-92.0.4515.131-breakpad-gcc-11.2.0.patch b/chromium-92.0.4515.131-breakpad-gcc-11.2.0.patch new file mode 100644 index 0000000..89e4e9f --- /dev/null +++ b/chromium-92.0.4515.131-breakpad-gcc-11.2.0.patch @@ -0,0 +1,11 @@ +--- chromium-92.0.4515.131/third_party/breakpad/breakpad/src/client/linux/handler/exception_handler.cc.orig 2021-08-16 19:38:33.386147431 +0200 ++++ chromium-92.0.4515.131/third_party/breakpad/breakpad/src/client/linux/handler/exception_handler.cc 2021-08-16 19:39:12.914789827 +0200 +@@ -138,7 +138,7 @@ + // SIGSTKSZ may be too small to prevent the signal handlers from overrunning + // the alternative stack. Ensure that the size of the alternative stack is + // large enough. +- static const unsigned kSigStackSize = std::max(16384, SIGSTKSZ); ++ static const unsigned kSigStackSize = std::max((long int)16384, SIGSTKSZ); + + // Only set an alternative stack if there isn't already one, or if the current + // one is too small. diff --git a/chromium-92.0.4515.131-freetype-2.11.patch b/chromium-92.0.4515.131-freetype-2.11.patch new file mode 100644 index 0000000..aee6dc8 --- /dev/null +++ b/chromium-92.0.4515.131-freetype-2.11.patch @@ -0,0 +1,50 @@ +--- a/third_party/skia/src/ports/SkFontHost_FreeType_common.cpp ++++ b/third_party/skia/src/ports/SkFontHost_FreeType_common.cpp +@@ -712,7 +712,11 @@ void colrv1_draw_paint(SkCanvas* canvas, + canvas->drawPaint(colrPaint); + break; + } ++#if FREETYPE_MAJOR == 2 && FREETYPE_MINOR >= 11 ++ case FT_COLR_PAINTFORMAT_TRANSFORM: ++#else + case FT_COLR_PAINTFORMAT_TRANSFORMED: ++#endif + case FT_COLR_PAINTFORMAT_TRANSLATE: + case FT_COLR_PAINTFORMAT_ROTATE: + case FT_COLR_PAINTFORMAT_SKEW: +@@ -759,10 +763,17 @@ void colrv1_transform(SkCanvas* canvas, FT_Face face, FT_COLR_Paint colrv1_paint + SkMatrix transform; + + switch (colrv1_paint.format) { ++#if FREETYPE_MAJOR == 2 && FREETYPE_MINOR >= 11 ++ case FT_COLR_PAINTFORMAT_TRANSFORM: { ++ transform = ToSkMatrix(colrv1_paint.u.transform.affine); ++ break; ++ } ++#else + case FT_COLR_PAINTFORMAT_TRANSFORMED: { + transform = ToSkMatrix(colrv1_paint.u.transformed.affine); + break; + } ++#endif + case FT_COLR_PAINTFORMAT_TRANSLATE: { + transform = SkMatrix::Translate( + SkFixedToScalar(colrv1_paint.u.translate.dx), +@@ -880,10 +891,17 @@ bool colrv1_traverse_paint(SkCanvas* canvas, + traverse_result = colrv1_start_glyph(canvas, palette, face, paint.u.colr_glyph.glyphID, + FT_COLOR_NO_ROOT_TRANSFORM); + break; ++#if FREETYPE_MAJOR == 2 && FREETYPE_MINOR >= 11 ++ case FT_COLR_PAINTFORMAT_TRANSFORM: ++ colrv1_transform(canvas, face, paint); ++ traverse_result = colrv1_traverse_paint(canvas, palette, face, ++ paint.u.transform.paint, visited_set); ++#else + case FT_COLR_PAINTFORMAT_TRANSFORMED: + colrv1_transform(canvas, face, paint); + traverse_result = colrv1_traverse_paint(canvas, palette, face, + paint.u.transformed.paint, visited_set); ++#endif + break; + case FT_COLR_PAINTFORMAT_TRANSLATE: + colrv1_transform(canvas, face, paint); diff --git a/chromium-92.0.4515.131-gcc-fix-swiftshader-libEGL-visibility.patch b/chromium-92.0.4515.131-gcc-fix-swiftshader-libEGL-visibility.patch new file mode 100644 index 0000000..d1bbe88 --- /dev/null +++ b/chromium-92.0.4515.131-gcc-fix-swiftshader-libEGL-visibility.patch @@ -0,0 +1,26 @@ +diff -up chromium-88.0.4324.182/third_party/swiftshader/src/OpenGL/libEGL/BUILD.gn.gcc-swiftshader-visibility chromium-88.0.4324.182/third_party/swiftshader/src/OpenGL/libEGL/BUILD.gn +--- chromium-88.0.4324.182/third_party/swiftshader/src/OpenGL/libEGL/BUILD.gn.gcc-swiftshader-visibility 2021-02-25 16:31:51.929335783 +0000 ++++ chromium-88.0.4324.182/third_party/swiftshader/src/OpenGL/libEGL/BUILD.gn 2021-02-25 16:31:51.929335783 +0000 +@@ -42,7 +42,8 @@ config("swiftshader_libEGL_private_confi + } else if (is_clang) { + defines += [ "EGLAPI=__attribute__((visibility(\"protected\"))) __attribute__((no_sanitize(\"function\")))" ] + } else { +- defines += [ "EGLAPI= " ] ++ cflags += [ "-fvisibility=protected" ] ++ defines += [ "EGLAPI=__attribute__((visibility(\"protected\")))" ] + } + } + } +diff -up chromium-88.0.4324.182/third_party/swiftshader/src/OpenGL/libGLESv2/BUILD.gn.gcc-swiftshader-visibility chromium-88.0.4324.182/third_party/swiftshader/src/OpenGL/libGLESv2/BUILD.gn +--- chromium-88.0.4324.182/third_party/swiftshader/src/OpenGL/libGLESv2/BUILD.gn.gcc-swiftshader-visibility 2021-02-25 18:16:28.576901417 +0000 ++++ chromium-88.0.4324.182/third_party/swiftshader/src/OpenGL/libGLESv2/BUILD.gn 2021-02-25 18:17:50.356567690 +0000 +@@ -57,7 +57,8 @@ config("swiftshader_libGLESv2_private_co + } else if (is_clang) { + defines += [ "GL_APICALL=__attribute__((visibility(\"protected\"))) __attribute__((no_sanitize(\"function\")))" ] + } else { +- defines += [ "GL_APICALL= " ] ++ cflags += [ "-fvisibility=protected" ] ++ defines += [ "GL_APICALL=__attribute__((visibility(\"protected\")))" ] + } + } + } diff --git a/chromium-92.0.4515.131-sandbox-gcc-11.2.0.patch b/chromium-92.0.4515.131-sandbox-gcc-11.2.0.patch new file mode 100644 index 0000000..1db2e95 --- /dev/null +++ b/chromium-92.0.4515.131-sandbox-gcc-11.2.0.patch @@ -0,0 +1,11 @@ +--- chromium-92.0.4515.131/sandbox/linux/services/credentials.cc.orig 2021-08-16 22:20:24.580175771 +0200 ++++ chromium-92.0.4515.131/sandbox/linux/services/credentials.cc 2021-08-16 22:20:32.025287245 +0200 +@@ -98,7 +98,7 @@ + // attempt this optimization. + clone_flags |= CLONE_VM | CLONE_VFORK | CLONE_SETTLS; + +- char tls_buf[PTHREAD_STACK_MIN] = {0}; ++ char tls_buf[PTHREAD_STACK_MIN]; + tls = tls_buf; + #endif + diff --git a/chromium.spec b/chromium.spec index 0c4d9f5..d9e31e8 100644 --- a/chromium.spec +++ b/chromium.spec @@ -1,8 +1,8 @@ %define MAJver %(echo %version | cut -d. -f1) -%define gcc_patchset 3 +%define gcc_patchset 7 Name: chromium Epoch: 3 -Version: 88.0.4324.150 +Version: 92.0.4515.131 Release: 1mamba Summary: An open-source browser project that aims to build a safer, faster, and more stable way to experience the web Group: Graphical Desktop/Applications/Internet @@ -18,19 +18,22 @@ URL: https://www.chromium.org Source: http://gsdview.appspot.com/chromium-browser-official/chromium-%{version}.tar.xz Source1: %{name}-master_preferences Source2: https://github.com/stha09/chromium-patches/releases/download/chromium-%{MAJver}-patchset-%{gcc_patchset}/chromium-%{MAJver}-patchset-%{gcc_patchset}.tar.xz -Patch19: chromium-37.0.2062.120-chrome-wrapper-pepper-flash.patch -Patch28: chromium-79.0.3945.79-widevine.patch -Patch38: chromium-76.0.3809.100-x86-openh264-add-fPIC.patch -Patch56: chromium-80.0.3987.122-x86-v8_context_snapsht-pic-error.patch -Patch66: chromium-83.0.4103.116-ffmpeg-4.3.patch -Patch67: chromium-84.0.4147.89-avoid-calling-DeleteForCurrentDocument-from-destructor.patch -Patch68: chromium-84.0.4147.89-force-mp3-files-to-have-a-start-time-of-zero.patch -Patch69: chromium-84.0.4147.89-remove-NotifyError-calls-and-just-send-a-normal-message.patch -Patch70: chromium-87.0.4280.88-icu-68.patch -Patch71: chromium-87.0.4280.88-v8-icu-68.patch -Patch72: chromium-87.0.4280.88-missing-include-vector.patch -Patch73: chromium-88.0.4324.150-glibc-2.33.patch -Patch74: chromium-88.0.4324.150-subpixel-anti-aliasing-in-FreeType-2.8.1.patch +Patch1: chromium-37.0.2062.120-chrome-wrapper-pepper-flash.patch +Patch2: chromium-79.0.3945.79-widevine.patch +Patch3: chromium-76.0.3809.100-x86-openh264-add-fPIC.patch +Patch4: chromium-80.0.3987.122-x86-v8_context_snapsht-pic-error.patch +Patch5: chromium-90.0.4430.212-glibc-2.33.patch +Patch6: chromium-92.0.4515.107-clang-11-nomerge.patch +Patch7: chromium-90.0.4430.212-use-oauth2-client-switches-as-default.patch +Patch8: chromium-92.0.4515.107-extend-enable-accelerated-video-decode-flag.patch +Patch9: chromium-92.0.4515.107-linux-sandbox-syscall-broker-use-struct-kernel_stat.patch +Patch10: chromium-92.0.4515.107-linux-sandbox-fix-fstatat-crash.patch +Patch11: chromium-92.0.4515.107-make-GetUsableSize-handle-nullptr-gracefully.patch +Patch12: chromium-92.0.4515.107-sql-make-VirtualCursor-standard-layout-type.patch +Patch13: chromium-92.0.4515.131-breakpad-gcc-11.2.0.patch +Patch14: chromium-92.0.4515.131-sandbox-gcc-11.2.0.patch +Patch15: chromium-92.0.4515.131-freetype-2.11.patch +Patch16: chromium-92.0.4515.131-gcc-fix-swiftshader-libEGL-visibility.patch License: BSD ## AUTOBUILDREQ-BEGIN BuildRequires: glibc-devel @@ -56,14 +59,12 @@ BuildRequires: libexpat-devel BuildRequires: libflac-devel BuildRequires: libfontconfig-devel BuildRequires: libfreetype-devel -BuildRequires: libgbm-devel BuildRequires: libgcc -BuildRequires: libgdk-pixbuf-devel BuildRequires: libglib-devel -BuildRequires: libgtk-devel BuildRequires: libharfbuzz-devel BuildRequires: libicu-devel BuildRequires: libjpeg-devel +BuildRequires: libmesa-devel BuildRequires: libminizip1-devel BuildRequires: libnspr-devel BuildRequires: libnss-devel @@ -78,6 +79,7 @@ BuildRequires: libwebp-devel BuildRequires: libxcb-devel BuildRequires: libxkbcommon-devel BuildRequires: libxml2-devel +BuildRequires: libxshmfence-devel BuildRequires: libxslt-devel BuildRequires: libz-devel ## AUTOBUILDREQ-END @@ -94,7 +96,7 @@ BuildRequires: libXxf86vm-devel BuildRequires: libkrb5-devel BuildRequires: libe2fs-devel BuildRequires: speech-dispatcher-devel >= 0.8-2mamba -BuildRequires: python-markupsafe +BuildRequires: python-markupsafe-py3 BuildRequires: libxshmfence-devel BuildRequires: libkeyutils-devel BuildRequires: libgnutls-devel @@ -111,7 +113,6 @@ BuildRequires: compiler-rt Requires(post): %{__install_info} Requires: xdg-utils Requires: libvdpau-Mesa -BuildRoot: %{_tmppath}/%{name}-%{version}-root # latest releases code version visible here: http://src.chromium.org/viewvc/chrome/releases/ # create release tarball with: (requires gclient from depot_tools) @@ -125,66 +126,47 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-root Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all Internet users to experience the web. %prep -%setup -q -a2 -D -T +#% setup -q -a2 +%setup -q -D -T :<< ___EOF -%define _use_internal_dependency_generator 0 - -%define __find_provides %{_builddir}/%{name}-%{version}/find_provides.sh -cat > %{_builddir}/%{name}-%{version}/find_provides.sh <<_EOF -#! /bin/sh -grep -v %{buildroot}%{_libdir}/chromium | \ -%{_prefix}/lib/rpm/find-provides %{buildroot} %{_target_cpu} -_EOF -chmod +x %{_builddir}/%{name}-%{version}/find_provides.sh - -%define __find_requires %{_builddir}/%{name}-%{version}/find_requires.sh -cat > %{_builddir}/%{name}-%{version}/find_requires.sh <<_EOF -#! /bin/sh -%{_prefix}/lib/rpm/find-requires %{buildroot} %{_target_cpu} 2>/dev/null | -while read line; do - echo "\$line" -done -_EOF -chmod +x %{_builddir}/%{name}-%{version}/find_requires.sh +%global __provides_exclude_from ^%{_libdir}/chromium/.*$ # Allow building against system libraries in official builds sed -i 's/OFFICIAL_BUILD/GOOGLE_CHROME_BUILD/' \ tools/generate_shim_headers/generate_shim_headers.py -%patch19 -p1 -%patch28 -p1 +#%patch1 -p1 +#%patch2 -p1 %ifarch %{ix86} -%patch38 -p1 -%patch56 -p1 +%patch3 -p1 +#%patch4 -p1 %endif -#%patch70 -p1 -#cd v8 -#%patch71 -p1 -#cd .. -#%patch72 -p1 -%patch73 -p1 -%patch74 -p1 -d third_party/skia +#%patch5 -p1 +%patch6 -p1 +%patch7 -p1 +%patch8 -p1 +%patch9 -p1 +%patch10 -p1 +#%patch11 -p1 +%patch12 -p1 +%patch13 -p1 +%patch14 -p1 +%patch15 -p1 +%patch16 -p1 # Fixes for building with libstdc++ instead of libc++ -#for f in patches/chromium-%{MAJver}-*.patch; do -#patch -p1 < $f -#done -patch -Np1 -i patches/chromium-87-openscreen-include.patch -patch -Np1 -i patches/chromium-88-CompositorFrameReporter-dcheck.patch -patch -Np1 -i patches/chromium-88-ideographicSpaceCharacter.patch -patch -Np1 -i patches/chromium-88-AXTreeFormatter-include.patch +patch -Np1 -i patches/chromium-90-ruy-include.patch -# Allow building against system libraries in official builds -sed -i 's/OFFICIAL_BUILD/GOOGLE_CHROME_BUILD/' \ - tools/generate_shim_headers/generate_shim_headers.py +# Force script incompatible with Python 3 to use /usr/bin/python2 +sed -i '1s|python$|&2|' third_party/dom_distiller_js/protoc_plugins/*.py # Remove compiler flags not supported by our system clang sed -i \ -e '/"-Wno-defaulted-function-deleted"/d' \ build/config/compiler/BUILD.gn -# Use Python 2 -find . -name '*.py' -exec sed -i -r 's|/usr/bin/python$|&2|g' {} + +## Use Python 2 +#find . -name '*.py' -exec sed -i -r 's|/usr/bin/python$|&2|g' {} + # https://crbug.com/893950 sed -i -e 's/\/malloc/' -e 's/\/free/' \ @@ -192,9 +174,9 @@ sed -i -e 's/\/malloc/' -e 's/\/free/' \ third_party/blink/renderer/core/xml/parser/xml_document_parser.cc \ third_party/libxml/chromium/libxml_utils.cc -# There are still a lot of relative calls which need a workaround -mkdir -p python2-path -ln -sf %{_bindir}/python2 python2-path/python +## There are still a lot of relative calls which need a workaround +#mkdir -p python2-path +#ln -sf %{_bindir}/python2 python2-path/python # Possible replacements are listed in build/linux/unbundle/replace_gn_files.py # Keys are the names in the above script; values are the dependencies in Arch @@ -240,13 +222,24 @@ python2 build/linux/unbundle/replace_gn_files.py \ mkdir -p third_party/node/linux/node-linux-x64/bin ln -s %{_bindir}/node third_party/node/linux/node-linux-x64/bin/ +ln -s /usr/bin/java third_party/jdk/current/bin/ + +# Local eu-strip built has problem seen on x86 as of 92.0.4515.131 +rm buildtools/third_party/eu-strip/bin/eu-strip +ln -s %{_bindir}/eu-strip buildtools/third_party/eu-strip/bin/eu-strip # Remove compiler flags not supported by our system clang sed -i \ -e '/"-fsplit-lto-unit"/d' \ -e '/"-Wno-defaulted-function-deleted"/d' \ build/config/compiler/BUILD.gn - + +%ifarch aarch64 +sed -i "s|aarch64-linux-gnu|aarch64-openmamba-linux-gnu|" \ + build/config/compiler/BUILD.gn \ + build/toolchain/linux/BUILD.gn +%endif + %build #:<< _EOF export CC=clang @@ -256,7 +249,7 @@ export NM=llvm-nm # Facilitate deterministic builds (taken from build/config/compiler/BUILD.gn) CFLAGS+=' -Wno-builtin-macro-redefined -Wno-unknown-warning-option' -CXXFLAGS+=' -Wno-builtin-macro-redefined -Wno-unknown-warning-option' +CXXFLAGS+=' -Wno-builtin-macro-redefined -Wno-unknown-warning-option -stdlib=libstdc++' CPPFLAGS+=' -D__DATE__= -D__TIME__= -D__TIMESTAMP__=' %ifarch arm @@ -275,6 +268,7 @@ chromium_conf=( 'host_toolchain="//build/toolchain/linux/unbundle:default"' 'clang_use_chrome_plugins=false' 'is_official_build=true' # implies is_cfi=true on x86_64 + 'chrome_pgo_phase=0' # pgo incompatible with llvm 11 'treat_warnings_as_errors=false' 'fieldtrial_testing_like_official_build=true' 'ffmpeg_branding="Chrome"' @@ -286,34 +280,26 @@ chromium_conf=( 'use_custom_libcxx=false' 'enable_hangout_services_extension=true' 'enable_widevine=true' - 'use_vaapi=true' 'enable_nacl=false' - 'enable_swiftshader=false' + 'use_vaapi=true' 'google_api_key="AIzaSyBT3wXwxmFuUQcyeMyp0MbHHhhFwNfWKTc"' - 'google_default_client_id="72870267994-r1bkll5bq0v275nnsa66d21h3t6ne10s.apps.googleusercontent.com"' - 'google_default_client_secret="Pcdh5bzXx3nsECO_AlMlPXXk"' 'symbol_level=0' 'is_debug=false' 'icu_use_data_file=false' + 'toolprefix="%{_target_platform}-"' ) +# 'google_default_client_id="72870267994-r1bkll5bq0v275nnsa66d21h3t6ne10s.apps.googleusercontent.com"' +# 'google_default_client_secret="Pcdh5bzXx3nsECO_AlMlPXXk"' + #%ifarch %{ix86} # 'use_lld=false' #%endif -# 'linux_use_bundled_binutils=false' - -# 'rtc_link_pipewire=true' - -# 'is_clang=true' -# 'is_cfi=false' -# 'use_lld=false' -# 'remove_webcore_debug_symbols=true' - gn gen out/Release --args="${chromium_conf[*]}" \ - --script-executable=/usr/bin/python2 - -# --fail-on-unused-args + --script-executable=%{__python3} + +# --fail-on-unused-args #_EOF @@ -326,13 +312,14 @@ install -d -m0755 %{buildroot}%{_libdir}/chromium/ %{buildroot}%{_bindir} install -m0755 out/Release/chrome %{buildroot}%{_libdir}/chromium/chromium install -m0755 out/Release/chrome_sandbox %{buildroot}%{_libdir}/chromium/chrome-sandbox install -m0755 out/Release/chromedriver %{buildroot}%{_libdir}/chromium/chromedriver +install -m0755 out/Release/crashpad_handler %{buildroot}%{_libdir}/chromium/crashpad_handler install -m0755 out/Release/libEGL.so %{buildroot}%{_libdir}/chromium/libEGL.so install -m0755 out/Release/libGLESv2.so %{buildroot}%{_libdir}/chromium/libGLESv2.so #install -m0755 out/Release/libwidevinecdm.so %{buildroot}%{_libdir}/chromium/libwidevinecdm.so #install -m0755 out/Release/libwidevinecdmadapter.so %{buildroot}%{_libdir}/chromium/libwidevinecdmadapter.so cp out/Release/*.bin %{buildroot}%{_libdir}/chromium/ -install -m0755 chrome/tools/build/linux/chrome-wrapper %{buildroot}%{_libdir}/chromium/ +#install -m0755 chrome/tools/build/linux/chrome-wrapper %{buildroot}%{_libdir}/chromium/ #install -m0755 third_party/xdg-utils/scripts/xdg-settings %{buildroot}/opt/chromium/xdg-settings %if "%cross_target_cpu" != "i586" @@ -343,13 +330,12 @@ cp -a out/Release/*.pak %{buildroot}%{_libdir}/chromium/ #install -D -m0644 out/Release/chrome.1 %{buildroot}%{_mandir}/man1/chromium.1 install -D -m0644 chrome/app/theme/chromium/product_logo_48.png %{buildroot}%{_datadir}/pixmaps/chromium.png cp -a out/Release/locales %{buildroot}%{_libdir}/chromium/ +install -d -m0755 %{buildroot}%{_libdir}/chromium/swiftshader +cp -a out/Release/swiftshader/*.so %{buildroot}%{_libdir}/chromium/swiftshader/ -#ln -s %{_libdir}/chromium/chrome-wrapper %{buildroot}%{_bindir}/chromium - +# Install deskktop file and man install -Dm644 chrome/installer/linux/common/desktop.template %{buildroot}%{_datadir}/applications/chromium.desktop - install -Dm644 chrome/app/resources/manpage.1.in %{buildroot}%{_mandir}/man1/chromium.1 - sed -i \ -e "s/@@MENUNAME@@/Chromium/g" \ -e "s/@@PACKAGE@@/chromium/g" \ @@ -357,23 +343,15 @@ sed -i \ %{buildroot}%{_datadir}/applications/chromium.desktop \ %{buildroot}%{_mandir}/man1/chromium.1 -#mkdir -p %{buildroot}%{_datadir}/applications -#cat > %{buildroot}%{_datadir}/applications/chromium.desktop << EOF -#[Desktop Entry] -#Name=Chromium Browser -#Name[it]=Browser Chromium -#GenericName=Web Browser -#GenericName[it]=Browser Web -#Comment=An open-source browser to help move the web forward -#Comment[it]=Un browser open source pensato per un web più moderno -#Exec=chromium --password-store=detect --ignore-gpu-blacklist %u -#Type=Application -#Terminal=0 -#Icon=%{_datadir}/pixmaps/chromium.png -#Categories=Network; -#MimeType=text/html; -#X-KDE-StartupNotify=true -#EOF +# Install metainfo file +install -Dm644 chrome/installer/linux/common/chromium-browser/chromium-browser.appdata.xml \ + %{buildroot}%{_datadir}/metainfo/chromium.appdata.xml +sed -ni \ + -e 's/chromium-browser\.desktop/chromium.desktop/' \ + -e '//d' \ + -e '/

/N;/

\n.*\(We invite\|Chromium supports Vorbis\)/,/<\/p>/d' \ + -e '/^ %{buildroot}%{_bindir}/chromium << _EOF #!/bin/bash set -- "\${ARGS[@]}" "\$@" +# FIXME: --no-sandbox: added as of 92.0.4515.131 as a temporary workaround + if [ -r /opt/chromium/PepperFlash/manifest.json ]; then PEPPER_FLASH_VERSION="\$(grep '"version":' /opt/chromium/PepperFlash/manifest.json | grep -Po '(?<=version": ")(?:\d|\.)*')" exec %{_libdir}/chromium/chromium \\ - --ignore-gpu-blacklist \\ + --ignore-gpu-blacklist --no-sandbox \\ --ppapi-flash-path=/opt/chromium/PepperFlash/libpepflashplayer.so \\ --ppapi-flash-version=\${PEPPER_FLASH_VERSION} "\$@" else - exec %{_libdir}/chromium/chromium --ignore-gpu-blacklist "\$@" + exec %{_libdir}/chromium/chromium --ignore-gpu-blacklist --no-sandbox "\$@" fi _EOF chmod 755 %{buildroot}%{_bindir}/chromium @@ -401,21 +381,8 @@ ln -s %{_libdir}/chromium/chromedriver %{buildroot}%{_bindir}/chromedriver ## legacy favorites symlink #ln -s chromium.desktop %{buildroot}%{_datadir}/applications/chromium-devel.desktop -%post -/sbin/ldconfig -#if [ $1 -ge 1 ]; then -# [ -e %{_kde4_bindir}/kickoffcfg ] && \ -# %{_kde4_bindir}/kickoffcfg --add-favorite %{_datadir}/applications/chromium.desktop -#fi -: - -%postun -/sbin/ldconfig -#if [ $1 -eq 0 ]; then -# [ -e %{_kde4_bindir}/kickoffcfg ] && \ -# %{_kde4_bindir}/kickoffcfg --del-favorite %{_datadir}/applications/chromium.desktop -#fi -: +%post -p /sbin/ldconfig +%postun -p /sbin/ldconfig %posttrans /usr/bin/update-desktop-database -q @@ -429,30 +396,37 @@ ln -s %{_libdir}/chromium/chromedriver %{buildroot}%{_bindir}/chromedriver %{_bindir}/chromium %{_bindir}/chromedriver %{_datadir}/applications/chromium.desktop -#%{_datadir}/applications/chromium-devel.desktop +%{_datadir}/metainfo/chromium.appdata.xml %{_datadir}/pixmaps/chromium.png %dir %{_libdir}/chromium %{_libdir}/chromium/chromium %{_libdir}/chromium/chromedriver +%{_libdir}/chromium/crashpad_handler %{_libdir}/chromium/*.bin %{_libdir}/chromium/*.pak -%{_libdir}/chromium/chrome-wrapper +#%{_libdir}/chromium/chrome-wrapper %attr(4755,root,root) %{_libdir}/chromium/chrome-sandbox #%{_libdir}/chromium/icudtl.dat %{_libdir}/chromium/libEGL.so %{_libdir}/chromium/libGLESv2.so -#%{_libdir}/chromium/libwidevinecdm.so -#%{_libdir}/chromium/libwidevinecdmadapter.so %{_libdir}/chromium/master_preferences %if "%cross_target_cpu" != "i586" %{_libdir}/chromium/protoc %endif +%dir %{_libdir}/chromium/swiftshader +%{_libdir}/chromium/swiftshader/*.so %dir %{_libdir}/chromium/locales %{_libdir}/chromium/locales/*.pak %{_libdir}/chromium/locales/*.pak.info %{_mandir}/man1/chromium.1* %changelog +* Mon Aug 09 2021 Automatic Build System 92.0.4515.131-1mamba +- automatic version update by autodist + +* Sat Mar 27 2021 Automatic Build System 89.0.4389.90-1mamba +- automatic version update by autodist + * Wed Feb 10 2021 Silvan Calarco 88.0.4324.150-1mamba - update to 88.0.4324.150