From f39b48f3c96f1881eea8ba2bd5b3c0e19e091c4a Mon Sep 17 00:00:00 2001 From: Stephan Hartmann Date: Sun, 27 Oct 2019 13:29:32 +0100 Subject: [PATCH] www-client/chromium: security cleanup Bug: https://bugs.gentoo.org/698398 Closes: https://github.com/gentoo/gentoo/pull/13465 Package-Manager: Portage-2.3.76, Repoman-2.3.16 Signed-off-by: Stephan Hartmann Signed-off-by: Mike Gilbert --- www-client/chromium/Manifest | 1 - .../chromium/chromium-77.0.3865.120.ebuild | 733 ------------------ .../files/chromium-77-blink-include.patch | 28 - .../files/chromium-77-fix-gn-gen.patch | 11 - .../files/chromium-77-gcc-abstract.patch | 61 -- .../files/chromium-77-gcc-alignas.patch | 72 -- .../files/chromium-77-gcc-include.patch | 26 - .../chromium/files/chromium-77-no-cups.patch | 42 - .../files/chromium-77-std-string.patch | 130 ---- .../files/chromium-77-system-hb.patch | 13 - .../files/chromium-unbundle-zlib.patch | 25 - 11 files changed, 1142 deletions(-) delete mode 100644 www-client/chromium/chromium-77.0.3865.120.ebuild delete mode 100644 www-client/chromium/files/chromium-77-blink-include.patch delete mode 100644 www-client/chromium/files/chromium-77-fix-gn-gen.patch delete mode 100644 www-client/chromium/files/chromium-77-gcc-abstract.patch delete mode 100644 www-client/chromium/files/chromium-77-gcc-alignas.patch delete mode 100644 www-client/chromium/files/chromium-77-gcc-include.patch delete mode 100644 www-client/chromium/files/chromium-77-no-cups.patch delete mode 100644 www-client/chromium/files/chromium-77-std-string.patch delete mode 100644 www-client/chromium/files/chromium-77-system-hb.patch delete mode 100644 www-client/chromium/files/chromium-unbundle-zlib.patch diff --git a/www-client/chromium/Manifest b/www-client/chromium/Manifest index 1e46a565387c..f2606637827e 100644 --- a/www-client/chromium/Manifest +++ b/www-client/chromium/Manifest @@ -1,4 +1,3 @@ -DIST chromium-77.0.3865.120.tar.xz 729636120 BLAKE2B 7ff2467b5dd421c3962dd86503975fe042ced4a44e9d3705106ee9c9a7ceaa94c38fea2aefe4913bfe4af40775cb37b175d9a6c70b67d807c227f7e363ba5783 SHA512 4c72c9e9cd9a5d7f89e33c52d117018418ce0f5d23a57341b26ce47c8f90fa55f52a0c976b6959026dc273d5b37aa57306253a9b533172cd133a815edc7bccb4 DIST chromium-78-revert-noexcept-r1.patch.gz 12094 BLAKE2B 1fd0c939af773ed398c9ab14fa80b042b4237cabdbcb06425e4d1c72200ec49c3c1383cfc95013cce4df411b0a2397b79030d41a0379ae80a0c60bae1fbb5ffa SHA512 dcb62b82b34d5d6982762cacfe3ab7d3538d908b3befe7666f5d70d98ba4f979b5bf056e5c5343ed76aa744a643318fc5a75ddedfcb1b7de3e7c28eb2587439f DIST chromium-78.0.3904.70.tar.xz 742787108 BLAKE2B 623a0359f461672d8d6c97b4703f5b50c6ac423350ba96b7f37582be38d9cc66674e441b506405bc5f136df19df886036ef5abae4b8c2e4e953ec296e2a25bb4 SHA512 95d926ea92a0e744284a4c5fca619e3a067dd0fdfaa7c05b5a069d2a8d1159bf849335e21e5803bd28175c1994bd4ff15337ad0a3063445fab74eef113275545 DIST chromium-79.0.3941.4.tar.xz 772100680 BLAKE2B 2a510529ae9a58c2c831bd293eb1a9ea276422da6f49741be208bcf8c17eafa0e47c0adf8e3f1148f3da821188315e9d6c7f2de1c44dd844f5d481be17b35ef7 SHA512 5847f7c647737ea96c27f859e5b763100c4d0ecff83eb33d81d144e3be16a5a709290a66fa6754b8a38be68c850dee4be0abc2419f5a50e0cf22bc37a0563c80 diff --git a/www-client/chromium/chromium-77.0.3865.120.ebuild b/www-client/chromium/chromium-77.0.3865.120.ebuild deleted file mode 100644 index 0dbd8e2289d9..000000000000 --- a/www-client/chromium/chromium-77.0.3865.120.ebuild +++ /dev/null @@ -1,733 +0,0 @@ -# Copyright 2009-2019 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 -PYTHON_COMPAT=( python2_7 ) - -CHROMIUM_LANGS="am ar bg bn ca cs da de el en-GB es es-419 et fa fi fil fr gu he - hi hr hu id it ja kn ko lt lv ml mr ms nb nl pl pt-BR pt-PT ro ru sk sl sr - sv sw ta te th tr uk vi zh-CN zh-TW" - -inherit check-reqs chromium-2 desktop flag-o-matic multilib ninja-utils pax-utils portability python-any-r1 readme.gentoo-r1 toolchain-funcs xdg-utils - -DESCRIPTION="Open-source version of Google Chrome web browser" -HOMEPAGE="http://chromium.org/" -SRC_URI="https://commondatastorage.googleapis.com/chromium-browser-official/${P}.tar.xz" - -LICENSE="BSD" -SLOT="0" -KEYWORDS="amd64 ~arm64 ~x86" -IUSE="+closure-compile component-build cups cpu_flags_arm_neon gnome-keyring +hangouts jumbo-build kerberos pic +proprietary-codecs pulseaudio selinux +suid +system-ffmpeg +system-icu +system-libvpx +tcmalloc widevine" -RESTRICT="!system-ffmpeg? ( proprietary-codecs? ( bindist ) )" -REQUIRED_USE="component-build? ( !suid )" - -COMMON_DEPEND=" - >=app-accessibility/at-spi2-atk-2.26:2 - app-arch/bzip2:= - cups? ( >=net-print/cups-1.3.11:= ) - >=dev-libs/atk-2.26 - dev-libs/expat:= - dev-libs/glib:2 - system-icu? ( >=dev-libs/icu-64:= ) - >=dev-libs/libxml2-2.9.4-r3:=[icu] - dev-libs/libxslt:= - dev-libs/nspr:= - >=dev-libs/nss-3.26:= - >=dev-libs/re2-0.2016.11.01:= - gnome-keyring? ( >=gnome-base/libgnome-keyring-3.12:= ) - >=media-libs/alsa-lib-1.0.19:= - media-libs/fontconfig:= - media-libs/freetype:= - >=media-libs/harfbuzz-2.4.0:0=[icu(-)] - media-libs/libjpeg-turbo:= - media-libs/libpng:= - system-libvpx? ( media-libs/libvpx:=[postproc,svc] ) - >=media-libs/openh264-1.6.0:= - pulseaudio? ( media-sound/pulseaudio:= ) - system-ffmpeg? ( - >=media-video/ffmpeg-4:= - || ( - media-video/ffmpeg[-samba] - >=net-fs/samba-4.5.10-r1[-debug(-)] - ) - !=net-fs/samba-4.5.12-r0 - media-libs/opus:= - ) - sys-apps/dbus:= - sys-apps/pciutils:= - virtual/udev - x11-libs/cairo:= - x11-libs/gdk-pixbuf:2 - x11-libs/gtk+:3[X] - x11-libs/libX11:= - x11-libs/libXcomposite:= - x11-libs/libXcursor:= - x11-libs/libXdamage:= - x11-libs/libXext:= - x11-libs/libXfixes:= - >=x11-libs/libXi-1.6.0:= - x11-libs/libXrandr:= - x11-libs/libXrender:= - x11-libs/libXScrnSaver:= - x11-libs/libXtst:= - x11-libs/pango:= - app-arch/snappy:= - media-libs/flac:= - >=media-libs/libwebp-0.4.0:= - sys-libs/zlib:=[minizip] - kerberos? ( virtual/krb5 ) -" -# For nvidia-drivers blocker, see bug #413637 . -RDEPEND="${COMMON_DEPEND} - ! gn leftovers - base/third_party/libevent - third_party/adobe - third_party/speech-dispatcher - third_party/usb_ids - third_party/xdg-utils - third_party/yasm/run_yasm.py - ) - if ! use system-ffmpeg; then - keeplibs+=( third_party/ffmpeg third_party/opus ) - fi - if ! use system-icu; then - keeplibs+=( third_party/icu ) - fi - if ! use system-libvpx; then - keeplibs+=( third_party/libvpx ) - keeplibs+=( third_party/libvpx/source/libvpx/third_party/x86inc ) - fi - if use tcmalloc; then - keeplibs+=( third_party/tcmalloc ) - fi - - # Remove most bundled libraries. Some are still needed. - build/linux/unbundle/remove_bundled_libraries.py "${keeplibs[@]}" --do-remove || die -} - -src_configure() { - # Calling this here supports resumption via FEATURES=keepwork - python_setup - - local myconf_gn="" - - # Make sure the build system will use the right tools, bug #340795. - tc-export AR CC CXX NM - - if [[ ${CHROMIUM_FORCE_CLANG} == yes ]] && ! tc-is-clang; then - # Force clang since gcc is pretty broken at the moment. - CC=${CHOST}-clang - CXX=${CHOST}-clang++ - strip-unsupported-flags - fi - - if tc-is-clang; then - myconf_gn+=" is_clang=true clang_use_chrome_plugins=false" - else - myconf_gn+=" is_clang=false" - fi - - # Define a custom toolchain for GN - myconf_gn+=" custom_toolchain=\"//build/toolchain/linux/unbundle:default\"" - - if tc-is-cross-compiler; then - tc-export BUILD_{AR,CC,CXX,NM} - myconf_gn+=" host_toolchain=\"//build/toolchain/linux/unbundle:host\"" - myconf_gn+=" v8_snapshot_toolchain=\"//build/toolchain/linux/unbundle:host\"" - else - myconf_gn+=" host_toolchain=\"//build/toolchain/linux/unbundle:default\"" - fi - - # GN needs explicit config for Debug/Release as opposed to inferring it from build directory. - myconf_gn+=" is_debug=false" - - # Component build isn't generally intended for use by end users. It's mostly useful - # for development and debugging. - myconf_gn+=" is_component_build=$(usex component-build true false)" - - # https://chromium.googlesource.com/chromium/src/+/lkcr/docs/jumbo.md - myconf_gn+=" use_jumbo_build=$(usex jumbo-build true false)" - - myconf_gn+=" use_allocator=$(usex tcmalloc \"tcmalloc\" \"none\")" - - # Disable nacl, we can't build without pnacl (http://crbug.com/269560). - myconf_gn+=" enable_nacl=false" - - # Use system-provided libraries. - # TODO: freetype -- remove sources (https://bugs.chromium.org/p/pdfium/issues/detail?id=733). - # TODO: use_system_hunspell (upstream changes needed). - # TODO: use_system_libsrtp (bug #459932). - # TODO: use_system_protobuf (bug #525560). - # TODO: use_system_ssl (http://crbug.com/58087). - # TODO: use_system_sqlite (http://crbug.com/22208). - - # libevent: https://bugs.gentoo.org/593458 - local gn_system_libraries=( - flac - fontconfig - freetype - # Need harfbuzz_from_pkgconfig target - #harfbuzz-ng - libdrm - libjpeg - libpng - libwebp - libxml - libxslt - openh264 - re2 - snappy - yasm - zlib - ) - if use system-ffmpeg; then - gn_system_libraries+=( ffmpeg opus ) - fi - if use system-icu; then - gn_system_libraries+=( icu ) - fi - if use system-libvpx; then - gn_system_libraries+=( libvpx ) - fi - build/linux/unbundle/replace_gn_files.py --system-libraries "${gn_system_libraries[@]}" || die - - # See dependency logic in third_party/BUILD.gn - myconf_gn+=" use_system_harfbuzz=true" - - # Optional dependencies. - myconf_gn+=" closure_compile=$(usex closure-compile true false)" - myconf_gn+=" enable_hangout_services_extension=$(usex hangouts true false)" - myconf_gn+=" enable_widevine=$(usex widevine true false)" - myconf_gn+=" use_cups=$(usex cups true false)" - myconf_gn+=" use_gnome_keyring=$(usex gnome-keyring true false)" - myconf_gn+=" use_kerberos=$(usex kerberos true false)" - myconf_gn+=" use_pulseaudio=$(usex pulseaudio true false)" - - # TODO: link_pulseaudio=true for GN. - - myconf_gn+=" fieldtrial_testing_like_official_build=true" - - # Never use bundled gold binary. Disable gold linker flags for now. - # Do not use bundled clang. - # Trying to use gold results in linker crash. - myconf_gn+=" use_gold=false use_sysroot=false linux_use_bundled_binutils=false use_custom_libcxx=false" - - # Disable forced lld, bug 641556 - myconf_gn+=" use_lld=false" - - ffmpeg_branding="$(usex proprietary-codecs Chrome Chromium)" - myconf_gn+=" proprietary_codecs=$(usex proprietary-codecs true false)" - myconf_gn+=" ffmpeg_branding=\"${ffmpeg_branding}\"" - - # Set up Google API keys, see http://www.chromium.org/developers/how-tos/api-keys . - # Note: these are for Gentoo use ONLY. For your own distribution, - # please get your own set of keys. Feel free to contact chromium@gentoo.org - # for more info. - local google_api_key="AIzaSyDEAOvatFo0eTgsV_ZlEzx0ObmepsMzfAc" - local google_default_client_id="329227923882.apps.googleusercontent.com" - local google_default_client_secret="vgKG0NNv7GoDpbtoFNLxCUXu" - myconf_gn+=" google_api_key=\"${google_api_key}\"" - myconf_gn+=" google_default_client_id=\"${google_default_client_id}\"" - myconf_gn+=" google_default_client_secret=\"${google_default_client_secret}\"" - - local myarch="$(tc-arch)" - - # Avoid CFLAGS problems, bug #352457, bug #390147. - if ! use custom-cflags; then - replace-flags "-Os" "-O2" - strip-flags - - # Prevent linker from running out of address space, bug #471810 . - if use x86; then - filter-flags "-g*" - fi - - # Prevent libvpx build failures. Bug 530248, 544702, 546984. - if [[ ${myarch} == amd64 || ${myarch} == x86 ]]; then - filter-flags -mno-mmx -mno-sse2 -mno-ssse3 -mno-sse4.1 -mno-avx -mno-avx2 - fi - fi - - if [[ $myarch = amd64 ]] ; then - myconf_gn+=" target_cpu=\"x64\"" - ffmpeg_target_arch=x64 - elif [[ $myarch = x86 ]] ; then - myconf_gn+=" target_cpu=\"x86\"" - ffmpeg_target_arch=ia32 - - # This is normally defined by compiler_cpu_abi in - # build/config/compiler/BUILD.gn, but we patch that part out. - append-flags -msse2 -mfpmath=sse -mmmx - elif [[ $myarch = arm64 ]] ; then - myconf_gn+=" target_cpu=\"arm64\"" - ffmpeg_target_arch=arm64 - elif [[ $myarch = arm ]] ; then - myconf_gn+=" target_cpu=\"arm\"" - ffmpeg_target_arch=$(usex cpu_flags_arm_neon arm-neon arm) - else - die "Failed to determine target arch, got '$myarch'." - fi - - # Make sure that -Werror doesn't get added to CFLAGS by the build system. - # Depending on GCC version the warnings are different and we don't want - # the build to fail because of that. - myconf_gn+=" treat_warnings_as_errors=false" - - # Disable fatal linker warnings, bug 506268. - myconf_gn+=" fatal_linker_warnings=false" - - # Bug 491582. - export TMPDIR="${WORKDIR}/temp" - mkdir -p -m 755 "${TMPDIR}" || die - - # https://bugs.gentoo.org/654216 - addpredict /dev/dri/ #nowarn - - #if ! use system-ffmpeg; then - if false; then - local build_ffmpeg_args="" - if use pic && [[ "${ffmpeg_target_arch}" == "ia32" ]]; then - build_ffmpeg_args+=" --disable-asm" - fi - - # Re-configure bundled ffmpeg. See bug #491378 for example reasons. - einfo "Configuring bundled ffmpeg..." - pushd third_party/ffmpeg > /dev/null || die - chromium/scripts/build_ffmpeg.py linux ${ffmpeg_target_arch} \ - --branding ${ffmpeg_branding} -- ${build_ffmpeg_args} || die - chromium/scripts/copy_config.sh || die - chromium/scripts/generate_gn.py || die - popd > /dev/null || die - fi - - einfo "Configuring Chromium..." - set -- gn gen --args="${myconf_gn} ${EXTRA_GN}" out/Release - echo "$@" - "$@" || die -} - -src_compile() { - # Final link uses lots of file descriptors. - ulimit -n 2048 - - # Calling this here supports resumption via FEATURES=keepwork - python_setup - - #"${EPYTHON}" tools/clang/scripts/update.py --force-local-build --gcc-toolchain /usr --skip-checkout --use-system-cmake --without-android || die - - # Build mksnapshot and pax-mark it. - local x - for x in mksnapshot v8_context_snapshot_generator; do - if tc-is-cross-compiler; then - eninja -C out/Release "host/${x}" - pax-mark m "out/Release/host/${x}" - else - eninja -C out/Release "${x}" - pax-mark m "out/Release/${x}" - fi - done - - # Even though ninja autodetects number of CPUs, we respect - # user's options, for debugging with -j 1 or any other reason. - eninja -C out/Release chrome chromedriver - use suid && eninja -C out/Release chrome_sandbox - - pax-mark m out/Release/chrome - - # Build manpage; bug #684550 - sed -e 's|@@PACKAGE@@|chromium-browser|g; - s|@@MENUNAME@@|Chromium|g;' \ - chrome/app/resources/manpage.1.in > \ - out/Release/chromium-browser.1 || die -} - -src_install() { - local CHROMIUM_HOME="/usr/$(get_libdir)/chromium-browser" - exeinto "${CHROMIUM_HOME}" - doexe out/Release/chrome - - if use suid; then - newexe out/Release/chrome_sandbox chrome-sandbox - fperms 4755 "${CHROMIUM_HOME}/chrome-sandbox" - fi - - doexe out/Release/chromedriver - - local sedargs=( -e "s:/usr/lib/:/usr/$(get_libdir)/:g" ) - sed "${sedargs[@]}" "${FILESDIR}/chromium-launcher-r3.sh" > chromium-launcher.sh || die - doexe chromium-launcher.sh - - # It is important that we name the target "chromium-browser", - # xdg-utils expect it; bug #355517. - dosym "${CHROMIUM_HOME}/chromium-launcher.sh" /usr/bin/chromium-browser - # keep the old symlink around for consistency - dosym "${CHROMIUM_HOME}/chromium-launcher.sh" /usr/bin/chromium - - dosym "${CHROMIUM_HOME}/chromedriver" /usr/bin/chromedriver - - # Allow users to override command-line options, bug #357629. - insinto /etc/chromium - newins "${FILESDIR}/chromium.default" "default" - - pushd out/Release/locales > /dev/null || die - chromium_remove_language_paks - popd - - insinto "${CHROMIUM_HOME}" - doins out/Release/*.bin - doins out/Release/*.pak - doins out/Release/*.so - - if ! use system-icu; then - doins out/Release/icudtl.dat - fi - - doins -r out/Release/locales - doins -r out/Release/resources - - if [[ -d out/Release/swiftshader ]]; then - insinto "${CHROMIUM_HOME}/swiftshader" - doins out/Release/swiftshader/*.so - fi - - # Install icons and desktop entry. - local branding size - for size in 16 24 32 48 64 128 256 ; do - case ${size} in - 16|32) branding="chrome/app/theme/default_100_percent/chromium" ;; - *) branding="chrome/app/theme/chromium" ;; - esac - newicon -s ${size} "${branding}/product_logo_${size}.png" \ - chromium-browser.png - done - - local mime_types="text/html;text/xml;application/xhtml+xml;" - mime_types+="x-scheme-handler/http;x-scheme-handler/https;" # bug #360797 - mime_types+="x-scheme-handler/ftp;" # bug #412185 - mime_types+="x-scheme-handler/mailto;x-scheme-handler/webcal;" # bug #416393 - make_desktop_entry \ - chromium-browser \ - "Chromium" \ - chromium-browser \ - "Network;WebBrowser" \ - "MimeType=${mime_types}\nStartupWMClass=chromium-browser" - sed -e "/^Exec/s/$/ %U/" -i "${ED}"/usr/share/applications/*.desktop || die - - # Install GNOME default application entry (bug #303100). - insinto /usr/share/gnome-control-center/default-apps - newins "${FILESDIR}"/chromium-browser.xml chromium-browser.xml - - # Install manpage; bug #684550 - doman out/Release/chromium-browser.1 - dosym chromium-browser.1 /usr/share/man/man1/chromium.1 - - readme.gentoo_create_doc -} - -pkg_postrm() { - xdg_icon_cache_update - xdg_desktop_database_update -} - -pkg_postinst() { - xdg_icon_cache_update - xdg_desktop_database_update - readme.gentoo_print_elog -} diff --git a/www-client/chromium/files/chromium-77-blink-include.patch b/www-client/chromium/files/chromium-77-blink-include.patch deleted file mode 100644 index 3ac1770fb8ed..000000000000 --- a/www-client/chromium/files/chromium-77-blink-include.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 5baf7df7f4c5971dab552897eeef94b194650ce5 Mon Sep 17 00:00:00 2001 -From: Dave Tapuska -Date: Mon, 12 Aug 2019 22:30:13 +0000 -Subject: [PATCH] Fix build failure due to missing include for std::numeric_limits usage. - -Some configurations fail to build, limits should have been included. - -BUG=992832 - -Change-Id: I894ba0543bfcef101c93259e39a31d12ae6d035c -Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1747981 -Commit-Queue: Dave Tapuska -Reviewed-by: Mostyn Bramley-Moore -Cr-Commit-Position: refs/heads/master@{#686214} ---- - -diff --git a/third_party/blink/renderer/platform/exported/web_time_range.cc b/third_party/blink/renderer/platform/exported/web_time_range.cc -index 384566a..68d83e1 100644 ---- a/third_party/blink/renderer/platform/exported/web_time_range.cc -+++ b/third_party/blink/renderer/platform/exported/web_time_range.cc -@@ -31,6 +31,7 @@ - #include "third_party/blink/public/platform/web_time_range.h" - - #include -+#include - - namespace blink { - diff --git a/www-client/chromium/files/chromium-77-fix-gn-gen.patch b/www-client/chromium/files/chromium-77-fix-gn-gen.patch deleted file mode 100644 index 2c5f128cbc9b..000000000000 --- a/www-client/chromium/files/chromium-77-fix-gn-gen.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/third_party/blink/tools/BUILD.gn -+++ b/third_party/blink/tools/BUILD.gn -@@ -11,7 +11,7 @@ action("build_wpt_metadata") { - rebase_path("$root_out_dir/wpt_expectations_metadata"), - ] - outputs = [ -- "$root_out_dir/wpt_expectations_metadata/", -+ "$root_out_dir/wpt_expectations_metadata", - ] - data = [ - # Include the blinkpy tools to access expectations data diff --git a/www-client/chromium/files/chromium-77-gcc-abstract.patch b/www-client/chromium/files/chromium-77-gcc-abstract.patch deleted file mode 100644 index 6d77299ee6c3..000000000000 --- a/www-client/chromium/files/chromium-77-gcc-abstract.patch +++ /dev/null @@ -1,61 +0,0 @@ -From f08cb0022527081c078e8b96062e6c9b4fbda151 Mon Sep 17 00:00:00 2001 -From: Jose Dapena Paz -Date: Fri, 26 Jul 2019 16:48:06 +0000 -Subject: [PATCH] BinaryUploadService: change parameter passing that cannot afford abstract class - -The method UploadForDeepScanning gets a Request as parameter. But Request is an -abstract class, so GCC will not allow that declaration (polimorphycs should be -passed by reference). Use std::unique_ptr so BinaryUploadService can assume -ownership. - -Bug: 819294 -Change-Id: I9e8c75cc92b01abd704d9049b0421555377da5ba -Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1713550 -Reviewed-by: Daniel Rubery -Commit-Queue: José Dapena Paz -Cr-Commit-Position: refs/heads/master@{#681333} ---- - -diff --git a/chrome/browser/safe_browsing/download_protection/binary_upload_service.cc b/chrome/browser/safe_browsing/download_protection/binary_upload_service.cc -index 6430c89..4e90487 100644 ---- a/chrome/browser/safe_browsing/download_protection/binary_upload_service.cc -+++ b/chrome/browser/safe_browsing/download_protection/binary_upload_service.cc -@@ -10,7 +10,7 @@ - namespace safe_browsing { - - void BinaryUploadService::UploadForDeepScanning( -- BinaryUploadService::Request request) { -+ std::unique_ptr request) { - DCHECK_CURRENTLY_ON(content::BrowserThread::UI); - NOTREACHED(); - } -diff --git a/chrome/browser/safe_browsing/download_protection/binary_upload_service.h b/chrome/browser/safe_browsing/download_protection/binary_upload_service.h -index d2dfd83..9b6f395 100644 ---- a/chrome/browser/safe_browsing/download_protection/binary_upload_service.h -+++ b/chrome/browser/safe_browsing/download_protection/binary_upload_service.h -@@ -5,6 +5,8 @@ - #ifndef CHROME_BROWSER_SAFE_BROWSING_DOWNLOAD_PROTECTION_BINARY_UPLOAD_SERVICE_H_ - #define CHROME_BROWSER_SAFE_BROWSING_DOWNLOAD_PROTECTION_BINARY_UPLOAD_SERVICE_H_ - -+#include -+ - #include "base/callback.h" - #include "components/safe_browsing/proto/webprotect.pb.h" - -@@ -40,6 +42,7 @@ - public: - // |callback| will run on the UI thread. - explicit Request(Callback callback); -+ virtual ~Request() = default; - Request(const Request&) = delete; - Request& operator=(const Request&) = delete; - -@@ -67,7 +70,7 @@ - // Upload the given file contents for deep scanning. The results will be - // returned asynchronously by calling |request|'s |callback|. This must be - // called on the UI thread. -- void UploadForDeepScanning(Request request); -+ void UploadForDeepScanning(std::unique_ptr request); - }; - - } // namespace safe_browsing diff --git a/www-client/chromium/files/chromium-77-gcc-alignas.patch b/www-client/chromium/files/chromium-77-gcc-alignas.patch deleted file mode 100644 index 3693ef50bed4..000000000000 --- a/www-client/chromium/files/chromium-77-gcc-alignas.patch +++ /dev/null @@ -1,72 +0,0 @@ -From 6b633c4b14850df376d5cec571699018772f358e Mon Sep 17 00:00:00 2001 -From: Tomas Popela -Date: Tue, 17 Sep 2019 19:48:48 +0000 -Subject: [PATCH] GCC: Can't use alignas() together with __attribute__() - -It's because GCC has problems when mixing the alignas() together with -__attribute__() (that is used to export the symbols). The best -solution is to use ALIGNAS() macro from //base/compiler_specific.h -together with alignof() to have the equal functionality that compiles on -GCC as well as on clang. - -Bug: 819294 -Change-Id: Ieb169592a2965f17a18bfc88d28418eb723a4e5a -Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1806735 -Auto-Submit: Tomáš Popela -Commit-Queue: Alex Clarke -Reviewed-by: Alex Clarke -Cr-Commit-Position: refs/heads/master@{#697330} ---- - -diff --git a/base/task/promise/dependent_list.h b/base/task/promise/dependent_list.h -index 020bdbfc..3245c1c 100644 ---- a/base/task/promise/dependent_list.h -+++ b/base/task/promise/dependent_list.h -@@ -59,7 +59,7 @@ - - // Align Node on an 8-byte boundary to ensure the first 3 bits are 0 and can - // be used to store additional state (see static_asserts below). -- class BASE_EXPORT alignas(8) Node { -+ class BASE_EXPORT ALIGNAS(8) Node { - public: - Node(); - explicit Node(Node&& other) noexcept; - -From 8148fd96ae04a1150a9c6012634dcd2a7335f87a Mon Sep 17 00:00:00 2001 -From: Tomas Popela -Date: Tue, 20 Aug 2019 05:23:14 +0000 -Subject: [PATCH] GCC: Can't use alignas() together with __attribute__() - -It's because GCC has problems when mixing the alignas() together with -__attribute__() (that is used to export the symbols). The best -solution is to use ALIGNAS() macro from //base/compiler_specific.h -together with alignof() to have the equal functionality that compiles on -GCC as well as on clang. - -This is a regression after https://crrev.com/659933. - -Bug: 994581 -Change-Id: Ia376866ff9ac57d52d2e907fa325ae5a51893d07 -Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1758064 -Reviewed-by: Eric Willigers -Commit-Queue: Eric Willigers -Commit-Queue: Tomáš Popela -Auto-Submit: Tomáš Popela -Cr-Commit-Position: refs/heads/master@{#688417} ---- - -diff --git a/third_party/blink/renderer/core/css/css_property_value_set.h b/third_party/blink/renderer/core/css/css_property_value_set.h -index 67b353d..1bd404e 100644 ---- a/third_party/blink/renderer/core/css/css_property_value_set.h -+++ b/third_party/blink/renderer/core/css/css_property_value_set.h -@@ -175,8 +175,8 @@ - DISALLOW_COPY_AND_ASSIGN(CSSLazyPropertyParser); - }; - --class CORE_EXPORT alignas(Member) alignas( -- CSSPropertyValueMetadata) ImmutableCSSPropertyValueSet -+class CORE_EXPORT ALIGNAS(alignof(Member)) -+ ALIGNAS(alignof(CSSPropertyValueMetadata)) ImmutableCSSPropertyValueSet - : public CSSPropertyValueSet { - public: - ImmutableCSSPropertyValueSet(const CSSPropertyValue*, diff --git a/www-client/chromium/files/chromium-77-gcc-include.patch b/www-client/chromium/files/chromium-77-gcc-include.patch deleted file mode 100644 index 391f48fd2d91..000000000000 --- a/www-client/chromium/files/chromium-77-gcc-include.patch +++ /dev/null @@ -1,26 +0,0 @@ -From 8c747a9c14ed4905f60f6680e2e09e33ea34163e Mon Sep 17 00:00:00 2001 -From: Jose Dapena Paz -Date: Fri, 26 Jul 2019 16:18:17 +0000 -Subject: [PATCH] IWYU: include in one_euro_filter.h as it uses std::unique_ptr - -Bug: 819294 -Change-Id: Ie1530f7046b0c8eb76e26adca530fa57c67ed876 -Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1720637 -Reviewed-by: Ella Ge -Commit-Queue: José Dapena Paz -Cr-Commit-Position: refs/heads/master@{#681321} ---- - -diff --git a/third_party/one_euro_filter/src/one_euro_filter.h b/third_party/one_euro_filter/src/one_euro_filter.h -index 7f8d15b..a8cd0ab 100644 ---- a/third_party/one_euro_filter/src/one_euro_filter.h -+++ b/third_party/one_euro_filter/src/one_euro_filter.h -@@ -1,6 +1,8 @@ - #ifndef ONE_EURO_ONE_EURO_FILTER_H_ - #define ONE_EURO_ONE_EURO_FILTER_H_ - -+#include -+ - #include "low_pass_filter.h" - - namespace one_euro_filter { diff --git a/www-client/chromium/files/chromium-77-no-cups.patch b/www-client/chromium/files/chromium-77-no-cups.patch deleted file mode 100644 index ac714178ed3b..000000000000 --- a/www-client/chromium/files/chromium-77-no-cups.patch +++ /dev/null @@ -1,42 +0,0 @@ -From f768afdd3104e7da663aa82e1e8f969aea3f85c3 Mon Sep 17 00:00:00 2001 -From: Lei Zhang -Date: Thu, 22 Aug 2019 11:44:27 -0700 -Subject: [PATCH] Handle unsupported configs in CreatePrinterHandlerTaskRunner(). - -CreatePrinterHandlerTaskRunner(), which was added in -https://crrev.com/658397, used ifdefs to only handle the supported build -configs. Add a #else case as a catch-all to conservatively handle the -unsupported configs. Since it is only a couple lines of trivial code, -doing this does not create much of a maintenance burden. - -(backported to chromium-77) - -Bug: 990727 -Change-Id: I07bd21abaeffc8223e88b519c3891185d5d2be12 ---- - -diff --git a/chrome/browser/ui/webui/print_preview/local_printer_handler_default.cc b/chrome/browser/ui/webui/print_preview/local_printer_handler_default.cc -index a1f3fd3..6e81f5e 100644 ---- a/chrome/browser/ui/webui/print_preview/local_printer_handler_default.cc -+++ b/chrome/browser/ui/webui/print_preview/local_printer_handler_default.cc -@@ -33,12 +33,15 @@ scoped_refptr CreatePrinterHandlerTaskRunner() { - static constexpr base::TaskTraits kTraits = { - base::MayBlock(), base::TaskPriority::USER_VISIBLE}; - --#if defined(OS_WIN) -- // Windows drivers are likely not thread-safe. -- return base::CreateSingleThreadTaskRunnerWithTraits(kTraits); --#elif defined(USE_CUPS) -+#if defined(USE_CUPS) - // CUPS is thread safe. -- return base::CreateTaskRunnerWithTraits(kTraits); -+ return base::CreateTaskRunner(kTraits); -+#elif defined(OS_WIN) -+ // Windows drivers are likely not thread-safe. -+ return base::CreateSingleThreadTaskRunner(kTraits); -+#else -+ // Be conservative on unsupported platforms. -+ return base::CreateSingleThreadTaskRunner(kTraits); - #endif - } - diff --git a/www-client/chromium/files/chromium-77-std-string.patch b/www-client/chromium/files/chromium-77-std-string.patch deleted file mode 100644 index f921f1aac94d..000000000000 --- a/www-client/chromium/files/chromium-77-std-string.patch +++ /dev/null @@ -1,130 +0,0 @@ -From 74138b9febd37eac0fc26b8efb110014a83a52c6 Mon Sep 17 00:00:00 2001 -From: Jeremy Roman -Date: Wed, 07 Aug 2019 13:26:48 +0000 -Subject: [PATCH] WTF: Make LinkedHashSet understand values for which memset initialization would be bad. - -Includes a unit test which fails before, and uses this to fix FontCacheKeyTraits. - -Bug: 980025 -Change-Id: If41f97444c7fd37b9b95d6dadaf3da5689079e9e -Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1739948 -Reviewed-by: Kentaro Hara -Reviewed-by: Yutaka Hirano -Commit-Queue: Jeremy Roman -Cr-Commit-Position: refs/heads/master@{#684731} ---- - -diff --git a/third_party/blink/renderer/platform/fonts/font_cache_key.h b/third_party/blink/renderer/platform/fonts/font_cache_key.h -index 0efc8fb..90063cb 100644 ---- a/third_party/blink/renderer/platform/fonts/font_cache_key.h -+++ b/third_party/blink/renderer/platform/fonts/font_cache_key.h -@@ -133,6 +133,10 @@ - - struct FontCacheKeyTraits : WTF::SimpleClassHashTraits { - STATIC_ONLY(FontCacheKeyTraits); -+ -+ // std::string's empty state need not be zero in all implementations, -+ // and it is held within FontFaceCreationParams. -+ static const bool kEmptyValueIsZero = false; - }; - - } // namespace blink -diff --git a/third_party/blink/renderer/platform/wtf/linked_hash_set.h b/third_party/blink/renderer/platform/wtf/linked_hash_set.h -index b35b6e9..77e524c 100644 ---- a/third_party/blink/renderer/platform/wtf/linked_hash_set.h -+++ b/third_party/blink/renderer/platform/wtf/linked_hash_set.h -@@ -146,6 +146,11 @@ - LinkedHashSetNodeBase* next) - : LinkedHashSetNodeBase(prev, next), value_(value) {} - -+ LinkedHashSetNode(ValueArg&& value, -+ LinkedHashSetNodeBase* prev, -+ LinkedHashSetNodeBase* next) -+ : LinkedHashSetNodeBase(prev, next), value_(std::move(value)) {} -+ - LinkedHashSetNode(LinkedHashSetNode&& other) - : LinkedHashSetNodeBase(std::move(other)), - value_(std::move(other.value_)) {} -@@ -445,10 +450,13 @@ - - // The slot is empty when the next_ field is zero so it's safe to zero - // the backing. -- static const bool kEmptyValueIsZero = true; -+ static const bool kEmptyValueIsZero = ValueTraits::kEmptyValueIsZero; - - static const bool kHasIsEmptyValueFunction = true; - static bool IsEmptyValue(const Node& node) { return !node.next_; } -+ static Node EmptyValue() { -+ return Node(ValueTraits::EmptyValue(), nullptr, nullptr); -+ } - - static const int kDeletedValue = -1; - -diff --git a/third_party/blink/renderer/platform/wtf/list_hash_set_test.cc b/third_party/blink/renderer/platform/wtf/list_hash_set_test.cc -index 4c3f899..cd1be00 100644 ---- a/third_party/blink/renderer/platform/wtf/list_hash_set_test.cc -+++ b/third_party/blink/renderer/platform/wtf/list_hash_set_test.cc -@@ -487,6 +487,7 @@ - }; - - struct Complicated { -+ Complicated() : Complicated(0) {} - Complicated(int value) : simple_(value) { objects_constructed_++; } - - Complicated(const Complicated& other) : simple_(other.simple_) { -@@ -495,9 +496,6 @@ - - Simple simple_; - static int objects_constructed_; -- -- private: -- Complicated() = delete; - }; - - int Complicated::objects_constructed_ = 0; -@@ -731,4 +729,45 @@ - - } // anonymous namespace - -+// A unit type which objects to its state being initialized wrong. -+struct InvalidZeroValue { -+ InvalidZeroValue() = default; -+ InvalidZeroValue(WTF::HashTableDeletedValueType) : deleted_(true) {} -+ ~InvalidZeroValue() { CHECK(ok_); } -+ bool IsHashTableDeletedValue() const { return deleted_; } -+ -+ bool ok_ = true; -+ bool deleted_ = false; -+}; -+ -+template <> -+struct HashTraits : SimpleClassHashTraits { -+ static const bool kEmptyValueIsZero = false; -+}; -+ -+template <> -+struct DefaultHash { -+ struct Hash { -+ static unsigned GetHash(const InvalidZeroValue&) { return 0; } -+ static bool Equal(const InvalidZeroValue&, const InvalidZeroValue&) { -+ return true; -+ } -+ }; -+}; -+ -+template -+class ListOrLinkedHashSetInvalidZeroTest : public testing::Test {}; -+ -+using InvalidZeroValueSetTypes = -+ testing::Types, -+ ListHashSet, -+ LinkedHashSet>; -+TYPED_TEST_SUITE(ListOrLinkedHashSetInvalidZeroTest, InvalidZeroValueSetTypes); -+ -+TYPED_TEST(ListOrLinkedHashSetInvalidZeroTest, InvalidZeroValue) { -+ using Set = TypeParam; -+ Set set; -+ set.insert(InvalidZeroValue()); -+} -+ - } // namespace WTF diff --git a/www-client/chromium/files/chromium-77-system-hb.patch b/www-client/chromium/files/chromium-77-system-hb.patch deleted file mode 100644 index 9cea0fac6c5e..000000000000 --- a/www-client/chromium/files/chromium-77-system-hb.patch +++ /dev/null @@ -1,13 +0,0 @@ -diff --git a/third_party/harfbuzz-ng/BUILD.gn b/third_party/harfbuzz-ng/BUILD.gn -index 37d8e33..6610cc6 100644 ---- a/third_party/harfbuzz-ng/BUILD.gn -+++ b/third_party/harfbuzz-ng/BUILD.gn -@@ -16,7 +16,7 @@ if (use_system_harfbuzz) { - "//third_party:freetype_harfbuzz", - "//third_party/freetype:freetype_source", - ] -- packages = [ "harfbuzz" ] -+ packages = [ "harfbuzz", "harfbuzz-subset" ] - } - } else { - config("harfbuzz_config") { diff --git a/www-client/chromium/files/chromium-unbundle-zlib.patch b/www-client/chromium/files/chromium-unbundle-zlib.patch deleted file mode 100644 index d6c45ad816d8..000000000000 --- a/www-client/chromium/files/chromium-unbundle-zlib.patch +++ /dev/null @@ -1,25 +0,0 @@ -From e1bbdec720a333937bd1b990ae0f7ee97db0d3b0 Mon Sep 17 00:00:00 2001 -From: Your Name -Date: Fri, 28 Jun 2019 15:56:23 +0000 -Subject: [PATCH] update zlib - ---- - third_party/perfetto/gn/BUILD.gn | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/third_party/perfetto/gn/BUILD.gn b/third_party/perfetto/gn/BUILD.gn -index c951f5f..297eee3 100644 ---- a/third_party/perfetto/gn/BUILD.gn -+++ b/third_party/perfetto/gn/BUILD.gn -@@ -200,7 +200,7 @@ group("zlib") { - "//buildtools:zlib", - ] - } else if (build_with_chromium) { -- public_configs = [ "//third_party/zlib:zlib_config" ] -+ public_configs = [ "//third_party/zlib:system_zlib" ] - public_deps = [ - "//third_party/zlib", - ] --- -2.21.0 - -- 2.26.2