From: Duncaen <Duncaen@users.noreply.github.com>
To: ml@inbox.vuxu.org
Subject: Re: [PR PATCH] [Updated] chromium: update to 112.0.5615.49.
Date: Thu, 06 Apr 2023 14:54:38 +0200 [thread overview]
Message-ID: <20230406125438.EF9gV1WIVEoWSxMH8nwcb5rjS-QH6ePAhHmLMMVBb8k@z> (raw)
In-Reply-To: <gh-mailinglist-notifications-41a7ca26-5023-4802-975b-f1789d68868e-void-packages-43294@inbox.vuxu.org>
[-- Attachment #1: Type: text/plain, Size: 411 bytes --]
There is an updated pull request by Duncaen against master on the void-packages repository
https://github.com/Duncaen/void-packages chromium-112
https://github.com/void-linux/void-packages/pull/43294
chromium: update to 112.0.5615.49.
[ci skip]
* [x] x86_64-glibc
* [ ] x86_64-musl
* [ ] aarch64-musl
* [ ] i686
A patch file from https://github.com/void-linux/void-packages/pull/43294.patch is attached
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-chromium-112-43294.patch --]
[-- Type: text/x-diff, Size: 14639 bytes --]
From 4f235149ebb4f92040826c1d8eb5856562a2b6d1 Mon Sep 17 00:00:00 2001
From: Duncaen <duncaen@voidlinux.org>
Date: Thu, 6 Apr 2023 00:04:37 +0200
Subject: [PATCH] chromium: update to 112.0.5615.49.
---
.../files/musl-patches/musl-sandbox.patch | 135 ++++++++++++------
.../chromium/patches/fc-cache-version.patch | 13 ++
.../patches/fix-build-with-old-clang.patch | 20 ---
.../chromium/patches/fix-resolver-musl.patch | 66 ---------
srcpkgs/chromium/template | 7 +-
5 files changed, 106 insertions(+), 135 deletions(-)
create mode 100644 srcpkgs/chromium/patches/fc-cache-version.patch
delete mode 100644 srcpkgs/chromium/patches/fix-build-with-old-clang.patch
delete mode 100644 srcpkgs/chromium/patches/fix-resolver-musl.patch
diff --git a/srcpkgs/chromium/files/musl-patches/musl-sandbox.patch b/srcpkgs/chromium/files/musl-patches/musl-sandbox.patch
index c770e76d8688..52c3b2105034 100644
--- a/srcpkgs/chromium/files/musl-patches/musl-sandbox.patch
+++ b/srcpkgs/chromium/files/musl-patches/musl-sandbox.patch
@@ -1,20 +1,21 @@
---- ./sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc.orig 2019-07-03 11:53:21.213479736 -0400
-+++ ./sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc 2019-07-03 11:57:01.304998253 -0400
-@@ -140,31 +140,14 @@
+musl uses different syscalls from glibc for some functions, so the sandbox has
+to account for that
+--
+diff --git a/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc ./sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc
+index ff5a1c0..da56b9b 100644
+--- a/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc
++++ ./sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc
+@@ -139,21 +139,11 @@ namespace sandbox {
+ // present (as in newer versions of posix_spawn).
ResultExpr RestrictCloneToThreadsAndEPERMFork() {
const Arg<unsigned long> flags(0);
-
+-
- // TODO(mdempsky): Extend DSL to support (flags & ~mask1) == mask2.
- const uint64_t kAndroidCloneMask = CLONE_VM | CLONE_FS | CLONE_FILES |
- CLONE_SIGHAND | CLONE_THREAD |
- CLONE_SYSVSEM;
- const uint64_t kObsoleteAndroidCloneMask = kAndroidCloneMask | CLONE_DETACHED;
-+ const int required = CLONE_VM | CLONE_FS | CLONE_FILES | CLONE_SIGHAND |
-+ CLONE_THREAD | CLONE_SYSVSEM;
-+ const int safe = CLONE_SETTLS | CLONE_PARENT_SETTID | CLONE_CHILD_CLEARTID |
-+ CLONE_DETACHED;
-+ const BoolExpr thread_clone_ok = (flags&~safe)==required;
-
+-
- const uint64_t kGlibcPthreadFlags =
- CLONE_VM | CLONE_FS | CLONE_FILES | CLONE_SIGHAND | CLONE_THREAD |
- CLONE_SYSVSEM | CLONE_SETTLS | CLONE_PARENT_SETTID | CLONE_CHILD_CLEARTID;
@@ -23,45 +24,28 @@
- const BoolExpr android_test =
- AnyOf(flags == kAndroidCloneMask, flags == kObsoleteAndroidCloneMask,
- flags == kGlibcPthreadFlags);
--
-- // The following two flags are the two important flags in any vfork-emulating
-- // clone call. EPERM any clone call that contains both of them.
-- const uint64_t kImportantCloneVforkFlags = CLONE_VFORK | CLONE_VM;
--
-- const BoolExpr is_fork_or_clone_vfork =
-- AnyOf((flags & (CLONE_VM | CLONE_THREAD)) == 0,
-- (flags & kImportantCloneVforkFlags) == kImportantCloneVforkFlags);
--
++ const int required = CLONE_VM | CLONE_FS | CLONE_FILES | CLONE_SIGHAND |
++ CLONE_THREAD | CLONE_SYSVSEM;
++ const int safe = CLONE_SETTLS | CLONE_PARENT_SETTID | CLONE_CHILD_CLEARTID |
++ CLONE_DETACHED;
++ const BoolExpr thread_clone_ok = (flags&~safe)==required;
+
+ // The following two flags are the two important flags in any vfork-emulating
+ // clone call. EPERM any clone call that contains both of them.
+@@ -163,7 +153,7 @@ ResultExpr RestrictCloneToThreadsAndEPERMFork() {
+ AnyOf((flags & (CLONE_VM | CLONE_THREAD)) == 0,
+ (flags & kImportantCloneVforkFlags) == kImportantCloneVforkFlags);
+
- return If(IsAndroid() ? android_test : glibc_test, Allow())
-- .ElseIf(is_fork_or_clone_vfork, Error(EPERM))
+ return If(thread_clone_ok, Allow())
-+ .ElseIf((flags & (CLONE_VM | CLONE_THREAD)) == 0, Error(EPERM))
+ .ElseIf(is_fork_or_clone_vfork, Error(EPERM))
.Else(CrashSIGSYSClone());
}
-
---- ./sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc.orig
+diff --git a/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc ./sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc
+index d9d1882..0567557 100644
+--- a/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc
+++ ./sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc
-@@ -494,6 +494,7 @@
- case __NR_mlock:
- case __NR_munlock:
- case __NR_munmap:
-+ case __NR_mremap:
- return true;
- case __NR_madvise:
- case __NR_mincore:
-@@ -509,7 +510,6 @@
- case __NR_modify_ldt:
- #endif
- case __NR_mprotect:
-- case __NR_mremap:
- case __NR_msync:
- case __NR_munlockall:
- case __NR_readahead:
-diff --git a/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc b/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc
-index 80f02c0..21fbe21 100644
---- sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc
-+++ sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc
-@@ -373,6 +373,7 @@ bool SyscallSets::IsAllowedProcessStartOrDeath(int sysno) {
+@@ -392,6 +392,7 @@ bool SyscallSets::IsAllowedProcessStartOrDeath(int sysno) {
#if defined(__i386__)
case __NR_waitpid:
#endif
@@ -69,7 +53,7 @@ index 80f02c0..21fbe21 100644
return true;
case __NR_clone: // Should be parameter-restricted.
case __NR_setns: // Privileged.
-@@ -385,7 +386,6 @@ bool SyscallSets::IsAllowedProcessStartOrDeath(int sysno) {
+@@ -404,7 +405,6 @@ bool SyscallSets::IsAllowedProcessStartOrDeath(int sysno) {
#if defined(__i386__) || defined(__x86_64__) || defined(__mips__)
case __NR_set_thread_area:
#endif
@@ -77,3 +61,64 @@ index 80f02c0..21fbe21 100644
case __NR_unshare:
#if !defined(__mips__) && !defined(__aarch64__)
case __NR_vfork:
+@@ -514,6 +514,8 @@ bool SyscallSets::IsAllowedAddressSpaceAccess(int sysno) {
+ case __NR_mlock:
+ case __NR_munlock:
+ case __NR_munmap:
++ case __NR_mremap:
++ case __NR_membarrier:
+ return true;
+ case __NR_madvise:
+ case __NR_mincore:
+@@ -531,7 +533,6 @@ bool SyscallSets::IsAllowedAddressSpaceAccess(int sysno) {
+ case __NR_modify_ldt:
+ #endif
+ case __NR_mprotect:
+- case __NR_mremap:
+ case __NR_msync:
+ case __NR_munlockall:
+ case __NR_readahead:
+diff --git a/sandbox/linux/system_headers/linux_syscalls.h ./sandbox/linux/system_headers/linux_syscalls.h
+index 2b78a0c..b6fedb5 100644
+--- a/sandbox/linux/system_headers/linux_syscalls.h
++++ b/sandbox/linux/system_headers/linux_syscalls.h
+@@ -10,6 +10,7 @@
+ #define SANDBOX_LINUX_SYSTEM_HEADERS_LINUX_SYSCALLS_H_
+
+ #include "build/build_config.h"
++#include <sys/syscall.h>
+
+ #if defined(__x86_64__)
+ #include "sandbox/linux/system_headers/x86_64_linux_syscalls.h"
+--- a/sandbox/policy/linux/bpf_renderer_policy_linux.cc
++++ b/sandbox/policy/linux/bpf_renderer_policy_linux.cc
+@@ -94,6 +94,9 @@
+ case __NR_pwrite64:
+ case __NR_sched_get_priority_max:
+ case __NR_sched_get_priority_min:
++ case __NR_sched_getparam:
++ case __NR_sched_getscheduler:
++ case __NR_sched_setscheduler:
+ case __NR_sysinfo:
+ case __NR_times:
+ case __NR_uname:
+--- a/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
++++ b/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
+@@ -225,10 +225,15 @@
+ if (sysno == __NR_getpriority || sysno ==__NR_setpriority)
+ return RestrictGetSetpriority(current_pid);
+
++ // XXX: hacks for musl sandbox, calls needed?
++ if (sysno == __NR_sched_getparam || sysno == __NR_sched_getscheduler ||
++ sysno == __NR_sched_setscheduler) {
++ return Allow();
++ }
++
+ // The scheduling syscalls are used in threading libraries and also heavily in
+ // abseil. See for example https://crbug.com/1370394.
+- if (sysno == __NR_sched_getaffinity || sysno == __NR_sched_getparam ||
+- sysno == __NR_sched_getscheduler || sysno == __NR_sched_setscheduler) {
++ if (sysno == __NR_sched_getaffinity) {
+ return RestrictSchedTarget(current_pid, sysno);
+ }
+
diff --git a/srcpkgs/chromium/patches/fc-cache-version.patch b/srcpkgs/chromium/patches/fc-cache-version.patch
new file mode 100644
index 000000000000..3b768978a43d
--- /dev/null
+++ b/srcpkgs/chromium/patches/fc-cache-version.patch
@@ -0,0 +1,13 @@
+instead of hardcoding the version, use the defined macro.
+--
+--- a/third_party/test_fonts/fontconfig/generate_fontconfig_caches.cc
++++ b/third_party/test_fonts/fontconfig/generate_fontconfig_caches.cc
+@@ -56,7 +56,7 @@
+ FcFini();
+
+ // Check existence of intended fontconfig cache file.
+- auto cache = fontconfig_caches + "/" + kCacheKey + "-le64.cache-9";
++ auto cache = fontconfig_caches + "/" + kCacheKey + "-le64.cache-" + FC_CACHE_VERSION;
+ bool cache_exists = access(cache.c_str(), F_OK) == 0;
+ return !cache_exists;
+ }
diff --git a/srcpkgs/chromium/patches/fix-build-with-old-clang.patch b/srcpkgs/chromium/patches/fix-build-with-old-clang.patch
deleted file mode 100644
index f23218e71e4d..000000000000
--- a/srcpkgs/chromium/patches/fix-build-with-old-clang.patch
+++ /dev/null
@@ -1,20 +0,0 @@
---- a/build/config/compiler/BUILD.gn
-+++ b/build/config/compiler/BUILD.gn
-@@ -805,17 +805,6 @@
- cflags += [ "-fcomplete-member-pointers" ]
- }
-
-- # Use DWARF simple template names, with the following exceptions:
-- #
-- # * Windows is not supported as it doesn't use DWARF.
-- # * Apple platforms (e.g. MacOS, iPhone, iPad) aren't supported because xcode
-- # lldb doesn't have the needed changes yet.
-- # * Fuchsia isn't supported as zxdb doesn't support simple template names yet.
-- # TODO(crbug.com/1379070): Remove if the upstream default ever changes.
-- if (is_clang && !is_nacl && !is_win && !is_apple && !is_fuchsia) {
-- cflags_cc += [ "-gsimple-template-names" ]
-- }
--
- # MLGO specific flags. These flags enable an ML-based inliner trained on
- # Chrome on Android (arm32) with ThinLTO enabled, optimizing for size.
- # The "release" ML model is embedded into clang as part of its build.
diff --git a/srcpkgs/chromium/patches/fix-resolver-musl.patch b/srcpkgs/chromium/patches/fix-resolver-musl.patch
deleted file mode 100644
index 567d74174ede..000000000000
--- a/srcpkgs/chromium/patches/fix-resolver-musl.patch
+++ /dev/null
@@ -1,66 +0,0 @@
---- a/net/dns/public/scoped_res_state.cc.orig
-+++ b/net/dns/public/scoped_res_state.cc
-@@ -13,7 +13,7 @@
- namespace net {
-
- ScopedResState::ScopedResState() {
--#if BUILDFLAG(IS_OPENBSD) || BUILDFLAG(IS_FUCHSIA)
-+#if BUILDFLAG(IS_OPENBSD) || BUILDFLAG(IS_FUCHSIA) || (BUILDFLAG(IS_LINUX) && !defined(__GLIBC__))
- // Note: res_ninit in glibc always returns 0 and sets RES_INIT.
- // res_init behaves the same way.
- memset(&_res, 0, sizeof(_res));
---- a/net/dns/public/scoped_res_state.cc
-+++ b/net/dns/public/scoped_res_state.cc
-@@ -25,7 +25,7 @@
- }
-
- ScopedResState::~ScopedResState() {
--#if !BUILDFLAG(IS_OPENBSD) && !BUILDFLAG(IS_FUCHSIA)
-+#if !BUILDFLAG(IS_OPENBSD) && !BUILDFLAG(IS_FUCHSIA) && !(BUILDFLAG(IS_LINUX) && !defined(__GLIBC__))
-
- // Prefer res_ndestroy where available.
- #if BUILDFLAG(IS_APPLE) || BUILDFLAG(IS_FREEBSD)
-@@ -34,7 +34,7 @@
- res_nclose(&res_);
- #endif // BUILDFLAG(IS_APPLE) || BUILDFLAG(IS_FREEBSD)
-
--#endif // !BUILDFLAG(IS_OPENBSD) && !BUILDFLAG(IS_FUCHSIA)
-+#endif // !BUILDFLAG(IS_OPENBSD) && !BUILDFLAG(IS_FUCHSIA) && !(BUILDFLAG(IS_LINUX) && !defined(__GLIBC__))
- }
-
- bool ScopedResState::IsValid() const {
---- a/net/dns/host_resolver_system_task.cc.orig
-+++ b/net/dns/host_resolver_system_task.cc
-@@ -311,7 +311,7 @@
-
- void EnsureSystemHostResolverCallReady() {
- #if BUILDFLAG(IS_POSIX) && !BUILDFLAG(IS_APPLE) && !BUILDFLAG(IS_OPENBSD) && \
-- !BUILDFLAG(IS_ANDROID)
-+ !BUILDFLAG(IS_ANDROID) && !(BUILDFLAG(IS_LINUX) && !defined(__GLIBC__))
- EnsureDnsReloaderInit();
- #elif BUILDFLAG(IS_WIN)
- EnsureWinsockInit();
---- a/net/dns/dns_reloader.cc.orig
-+++ b/net/dns/dns_reloader.cc
-@@ -7,7 +7,8 @@
- #include "build/build_config.h"
-
- #if BUILDFLAG(IS_POSIX) && !BUILDFLAG(IS_APPLE) && !BUILDFLAG(IS_OPENBSD) && \
-- !BUILDFLAG(IS_ANDROID) && !BUILDFLAG(IS_FUCHSIA)
-+ !BUILDFLAG(IS_ANDROID) && !BUILDFLAG(IS_FUCHSIA) && \
-+ !(BUILDFLAG(IS_LINUX) && !defined(__GLIBC__))
-
- #include <resolv.h>
-
---- a/net/dns/host_resolver_system_task.cc
-+++ b/net/dns/host_resolver_system_task.cc
-@@ -397,7 +397,8 @@
- base::BlockingType::WILL_BLOCK);
-
- #if BUILDFLAG(IS_POSIX) && \
-- !(BUILDFLAG(IS_APPLE) || BUILDFLAG(IS_OPENBSD) || BUILDFLAG(IS_ANDROID))
-+ !(BUILDFLAG(IS_APPLE) || BUILDFLAG(IS_OPENBSD) || BUILDFLAG(IS_ANDROID) || \
-+ (BUILDFLAG(IS_LINUX) && !defined(__GLIBC__)))
- DnsReloaderMaybeReload();
- #endif
- auto [ai, err, os_error] = AddressInfo::Get(host, hints, nullptr, network);
diff --git a/srcpkgs/chromium/template b/srcpkgs/chromium/template
index 3c1c1caf3765..fd69b22560af 100644
--- a/srcpkgs/chromium/template
+++ b/srcpkgs/chromium/template
@@ -1,11 +1,11 @@
# Template file for 'chromium'
pkgname=chromium
# See https://chromiumdash.appspot.com/releases?platform=Linux for the latest version
-version=111.0.5563.64
+version=112.0.5615.49
revision=1
archs="i686* x86_64* aarch64* armv7l*"
hostmakedepends="
- $(vopt_if clang "clang lld llvm12")
+ $(vopt_if clang "clang lld llvm15")
$(vopt_if js_optimize openjdk)
bison git gperf hwids ninja nodejs perl pkg-config python3
libatomic-devel libepoxy-devel libevent-devel libglib-devel"
@@ -28,7 +28,7 @@ maintainer="Duncaen <duncaen@voidlinux.org>"
license="BSD-3-Clause"
homepage="https://www.chromium.org/"
distfiles="https://commondatastorage.googleapis.com/chromium-browser-official/${pkgname}-${version}.tar.xz"
-checksum=7d5ca0e2bdb22a97713e6bfce74c651006d71aa883056c8e2c2a148039fe4074
+checksum=ddfd37373c1fa0f433a6ac11f0baa2b1f3fdfb9c7b5867e32a4300f2eb5aff41
lib32disabled=yes
@@ -195,7 +195,6 @@ do_configure() {
"use_lld=$(vopt_if clang true false)"
'clang_use_chrome_plugins=false'
'clang_base_path="/usr"'
- 'use_cxx17=true'
"gold_path=\"${XBPS_CROSS_BASE}/usr/bin/ld.gold\""
'use_custom_libcxx=false'
next prev parent reply other threads:[~2023-04-06 12:54 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-04-05 23:34 [PR PATCH] " Duncaen
2023-04-06 12:54 ` Duncaen [this message]
2023-04-06 14:08 ` [PR PATCH] [Updated] " Duncaen
2023-04-06 22:54 ` Duncaen
2023-04-12 2:11 ` Duncaen
2023-04-12 2:12 ` [PR PATCH] [Merged]: " Duncaen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230406125438.EF9gV1WIVEoWSxMH8nwcb5rjS-QH6ePAhHmLMMVBb8k@z \
--to=duncaen@users.noreply.github.com \
--cc=ml@inbox.vuxu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).