[arch-commits] Commit in chromium/trunk (3 files)
Evangelos Foutras
foutrelis at archlinux.org
Tue Jun 4 21:49:17 UTC 2019
Date: Tuesday, June 4, 2019 @ 21:49:17
Author: foutrelis
Revision: 354859
upgpkg: chromium 75.0.3770.80-1
New upstream release.
Added:
chromium/trunk/libstdc-do-not-assume-unique_ptr-has-ostream-operator.patch
Modified:
chromium/trunk/PKGBUILD
Deleted:
chromium/trunk/chromium-glibc-2.29.patch
-------------------------------------------------------------+
PKGBUILD | 14 -
chromium-glibc-2.29.patch | 105 ----------
libstdc-do-not-assume-unique_ptr-has-ostream-operator.patch | 36 +++
3 files changed, 43 insertions(+), 112 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2019-06-04 19:01:15 UTC (rev 354858)
+++ PKGBUILD 2019-06-04 21:49:17 UTC (rev 354859)
@@ -4,8 +4,8 @@
# Contributor: Daniel J Griffiths <ghost1227 at archlinux.us>
pkgname=chromium
-pkgver=74.0.3729.169
-pkgrel=2
+pkgver=75.0.3770.80
+pkgrel=1
_launcher_ver=6
pkgdesc="A web browser built for speed, simplicity, and security"
arch=('x86_64')
@@ -24,14 +24,14 @@
source=(https://commondatastorage.googleapis.com/chromium-browser-official/$pkgname-$pkgver.tar.xz
chromium-launcher-$_launcher_ver.tar.gz::https://github.com/foutrelis/chromium-launcher/archive/v$_launcher_ver.tar.gz
chromium-system-icu.patch
- chromium-glibc-2.29.patch
+ libstdc-do-not-assume-unique_ptr-has-ostream-operator.patch
chromium-fix-window-flash-for-some-WMs.patch
chromium-widevine.patch
chromium-skia-harmony.patch)
-sha256sums=('070f0210017f54b65264f88726431da7582e36a04caa673fe50662e8b41a0cb4'
+sha256sums=('da828bc8d887821380b461abfbbd0e17538c211d56f240f03711b918c77a66d6'
'04917e3cd4307d8e31bfb0027a5dce6d086edb10ff8a716024fbb8bb0c7dccf1'
'e2d284311f49c529ea45083438a768db390bde52949995534034d2a814beab89'
- 'dd791f154b48e69cd47fd94753c45448655b529590995fd71ac1591c53a3d60c'
+ 'e309dfd9d790f32cb1d23103726ac25e405b6ae6757a1c957a8395667d753908'
'183d8cc712f0bcf1afcb01ce90c4c104a4c8d8070a06f94974a28b007d9e2ce4'
'd081f2ef8793544685aad35dea75a7e6264a2cb987ff3541e6377f4a3650a28b'
'5887f78b55c4ecbbcba5930f3f0bb7bc0117c2a41c2f761805fcf7f46f1ca2b3')
@@ -84,8 +84,8 @@
third_party/blink/renderer/core/xml/parser/xml_document_parser.cc \
third_party/libxml/chromium/libxml_utils.cc
- # https://crbug.com/949312
- patch -Np1 -i ../chromium-glibc-2.29.patch
+ # https://chromium-review.googlesource.com/1584292
+ patch -Np1 -i ../libstdc-do-not-assume-unique_ptr-has-ostream-operator.patch
# https://crbug.com/956061
patch -Np1 -i ../chromium-fix-window-flash-for-some-WMs.patch
Deleted: chromium-glibc-2.29.patch
===================================================================
--- chromium-glibc-2.29.patch 2019-06-04 19:01:15 UTC (rev 354858)
+++ chromium-glibc-2.29.patch 2019-06-04 21:49:17 UTC (rev 354859)
@@ -1,105 +0,0 @@
-From 65046b8f90d0336cbe5f2f15cc7da5cb798360ad Mon Sep 17 00:00:00 2001
-From: Matthew Denton <mpdenton at chromium.org>
-Date: Wed, 24 Apr 2019 15:44:40 +0000
-Subject: [PATCH] Update Linux Seccomp syscall restrictions to EPERM
- posix_spawn/vfork
-
-Glibc's system() function switched to using posix_spawn, which uses
-CLONE_VFORK. Pepperflash includes a sandbox debugging check which
-relies on us EPERM-ing process creation like this, rather than crashing
-the process with SIGSYS.
-
-So whitelist clone() calls, like posix_spawn, that include the flags
-CLONE_VFORK and CLONE_VM.
-
-Bug: 949312
-Change-Id: I3f4b90114b2fc1d9929e3c0a85bbe8f10def3c20
-Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1568086
-Commit-Queue: Robert Sesek <rsesek at chromium.org>
-Reviewed-by: Robert Sesek <rsesek at chromium.org>
-Cr-Commit-Position: refs/heads/master@{#653590}
----
- .../baseline_policy_unittest.cc | 29 +++++++++++++++++++
- .../syscall_parameters_restrictions.cc | 13 +++++++--
- 2 files changed, 40 insertions(+), 2 deletions(-)
-
-diff --git a/sandbox/linux/seccomp-bpf-helpers/baseline_policy_unittest.cc b/sandbox/linux/seccomp-bpf-helpers/baseline_policy_unittest.cc
-index cdeb210ccb..40fcebf933 100644
---- a/sandbox/linux/seccomp-bpf-helpers/baseline_policy_unittest.cc
-+++ b/sandbox/linux/seccomp-bpf-helpers/baseline_policy_unittest.cc
-@@ -10,7 +10,9 @@
- #include <sched.h>
- #include <signal.h>
- #include <stddef.h>
-+#include <stdlib.h>
- #include <string.h>
-+#include <sys/mman.h>
- #include <sys/prctl.h>
- #include <sys/resource.h>
- #include <sys/socket.h>
-@@ -130,6 +132,33 @@ BPF_TEST_C(BaselinePolicy, ForkArmEperm, BaselinePolicy) {
- BPF_ASSERT_EQ(EPERM, fork_errno);
- }
-
-+BPF_TEST_C(BaselinePolicy, SystemEperm, BaselinePolicy) {
-+ errno = 0;
-+ int ret_val = system("echo SHOULD NEVER RUN");
-+ BPF_ASSERT_EQ(-1, ret_val);
-+ BPF_ASSERT_EQ(EPERM, errno);
-+}
-+
-+BPF_TEST_C(BaselinePolicy, CloneVforkEperm, BaselinePolicy) {
-+ errno = 0;
-+ // Allocate a couple pages for the child's stack even though the child should
-+ // never start.
-+ constexpr size_t kStackSize = 4096 * 4;
-+ void* child_stack = mmap(nullptr, kStackSize, PROT_READ | PROT_WRITE,
-+ MAP_PRIVATE | MAP_ANONYMOUS | MAP_STACK, -1, 0);
-+ BPF_ASSERT_NE(child_stack, nullptr);
-+ pid_t pid = syscall(__NR_clone, CLONE_VM | CLONE_VFORK | SIGCHLD,
-+ static_cast<char*>(child_stack) + kStackSize, nullptr,
-+ nullptr, nullptr);
-+ const int clone_errno = errno;
-+ TestUtils::HandlePostForkReturn(pid);
-+
-+ munmap(child_stack, kStackSize);
-+
-+ BPF_ASSERT_EQ(-1, pid);
-+ BPF_ASSERT_EQ(EPERM, clone_errno);
-+}
-+
- BPF_TEST_C(BaselinePolicy, CreateThread, BaselinePolicy) {
- base::Thread thread("sandbox_tests");
- BPF_ASSERT(thread.Start());
-diff --git a/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc b/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc
-index 100afe50e3..348ab6e8c5 100644
---- a/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc
-+++ b/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc
-@@ -135,7 +135,8 @@ namespace sandbox {
- #if !defined(OS_NACL_NONSFI)
- // Allow Glibc's and Android pthread creation flags, crash on any other
- // thread creation attempts and EPERM attempts to use neither
--// CLONE_VM, nor CLONE_THREAD, which includes all fork() implementations.
-+// CLONE_VM nor CLONE_THREAD (all fork implementations), unless CLONE_VFORK is
-+// present (as in newer versions of posix_spawn).
- ResultExpr RestrictCloneToThreadsAndEPERMFork() {
- const Arg<unsigned long> flags(0);
-
-@@ -154,8 +155,16 @@ ResultExpr RestrictCloneToThreadsAndEPERMFork() {
- AnyOf(flags == kAndroidCloneMask, flags == kObsoleteAndroidCloneMask,
- flags == kGlibcPthreadFlags);
-
-+ // The following two flags are the two important flags in any vfork-emulating
-+ // clone call. EPERM any clone call that contains both of them.
-+ const uint64_t kImportantCloneVforkFlags = CLONE_VFORK | CLONE_VM;
-+
-+ const BoolExpr is_fork_or_clone_vfork =
-+ AnyOf((flags & (CLONE_VM | CLONE_THREAD)) == 0,
-+ (flags & kImportantCloneVforkFlags) == kImportantCloneVforkFlags);
-+
- return If(IsAndroid() ? android_test : glibc_test, Allow())
-- .ElseIf((flags & (CLONE_VM | CLONE_THREAD)) == 0, Error(EPERM))
-+ .ElseIf(is_fork_or_clone_vfork, Error(EPERM))
- .Else(CrashSIGSYSClone());
- }
-
Added: libstdc-do-not-assume-unique_ptr-has-ostream-operator.patch
===================================================================
--- libstdc-do-not-assume-unique_ptr-has-ostream-operator.patch (rev 0)
+++ libstdc-do-not-assume-unique_ptr-has-ostream-operator.patch 2019-06-04 21:49:17 UTC (rev 354859)
@@ -0,0 +1,36 @@
+From aeed4d1f15ce84a17ea0bc219e258dc4982b2368 Mon Sep 17 00:00:00 2001
+From: Jose Dapena Paz <jose.dapena at lge.com>
+Date: Fri, 26 Apr 2019 20:07:05 +0000
+Subject: [PATCH] libstdc++: do not assume unique_ptr has ostream operator
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+CompositorFrameReportingController is using DCHECK_NE to compare
+several unique_ptr. This is valid in libc++, but on libstdc++ unique_ptr
+does not have an ostream operator.
+
+Change-Id: I9f23ef17f02b9e107694ba493f6f8f3caf5cac4d
+Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1584292
+Reviewed-by: Sunny Sachanandani <sunnyps at chromium.org>
+Commit-Queue: José Dapena Paz <jose.dapena at lge.com>
+Cr-Commit-Position: refs/heads/master@{#654570}
+---
+ cc/scheduler/compositor_frame_reporting_controller.cc | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/cc/scheduler/compositor_frame_reporting_controller.cc b/cc/scheduler/compositor_frame_reporting_controller.cc
+index f1587ed158..1b17021fd2 100644
+--- a/cc/scheduler/compositor_frame_reporting_controller.cc
++++ b/cc/scheduler/compositor_frame_reporting_controller.cc
+@@ -31,8 +31,8 @@ void CompositorFrameReportingController::WillBeginImplFrame() {
+
+ void CompositorFrameReportingController::WillBeginMainFrame() {
+ DCHECK(reporters_[PipelineStage::kBeginImplFrame]);
+- DCHECK_NE(reporters_[PipelineStage::kBeginMainFrame],
+- reporters_[PipelineStage::kBeginImplFrame]);
++ DCHECK(reporters_[PipelineStage::kBeginMainFrame] !=
++ reporters_[PipelineStage::kBeginImplFrame]);
+ reporters_[PipelineStage::kBeginImplFrame]->StartStage(
+ "SendBeginMainFrameToCommit");
+ AdvanceReporterStage(PipelineStage::kBeginImplFrame,
More information about the arch-commits
mailing list