Hello community, here is the log from the commit of package chromium for openSUSE:Factory checked in at 2019-07-31 14:28:28 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/chromium (Old) and /work/SRC/openSUSE:Factory/.chromium.new.4126 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "chromium" Wed Jul 31 14:28:28 2019 rev:223 rq:719830 version:75.0.3770.142 Changes: -------- --- /work/SRC/openSUSE:Factory/chromium/chromium.changes 2019-06-20 18:55:29.828853776 +0200 +++ /work/SRC/openSUSE:Factory/.chromium.new.4126/chromium.changes 2019-07-31 14:29:10.702092087 +0200 @@ -1,0 +2,38 @@ +Tue Jul 30 12:47:02 UTC 2019 - Tomáš Chvátal <[email protected]> + +- Do not use lto flags from prjconf, we need to set them using + gn buildsystem + +------------------------------------------------------------------- +Tue Jul 30 10:07:34 UTC 2019 - Tomáš Chvátal <[email protected]> + +- Drop patch chromium-non-void-return.patch and just pass + a cxxflags disabler for the check + +------------------------------------------------------------------- +Wed Jul 17 08:31:56 UTC 2019 - Tomáš Chvátal <[email protected]> + +- Update gcc-enable-lto.patch to work on systems without the + lto + +------------------------------------------------------------------- +Tue Jul 16 14:26:18 UTC 2019 - Tomáš Chvátal <[email protected]> + +- Update to 75.0.3770.142 bsc#1141649: + * CVE-2019-5847: V8 sealed/frozen elements cause crash + * CVE-2019-5848: Font sizes may expose sensitive information +- Add patch chromium-renderprocess-crash.patch to hopefully fix + bsc#1141102 + +------------------------------------------------------------------- +Tue Jul 2 08:55:22 UTC 2019 - Martin Liška <[email protected]> + +- Enable LTO for x86_64 - add gcc-enable-lto.patch and + gcc-lto-rsp-clobber.patch patches. + +------------------------------------------------------------------- +Tue Jul 2 07:35:44 UTC 2019 - Tomáš Chvátal <[email protected]> + +- Install manpage + +------------------------------------------------------------------- @@ -208 +246 @@ -- Update to 72.0.3626.109: +- Update to 72.0.3626.109 bsc#1120892 CVE-2018-20073: Old: ---- chromium-75.0.3770.100.tar.xz chromium-non-void-return.patch New: ---- chromium-75.0.3770.142.tar.xz chromium-renderprocess-crash.patch gcc-enable-lto.patch gcc-lto-rsp-clobber.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ chromium.spec ++++++ --- /var/tmp/diff_new_pack.890S8z/_old 2019-07-31 14:29:24.858080633 +0200 +++ /var/tmp/diff_new_pack.890S8z/_new 2019-07-31 14:29:24.862080629 +0200 @@ -47,8 +47,17 @@ %bcond_with system_vpx %bcond_with clang %bcond_with wayland +%ifarch x86_64 +%if %{?suse_version} > 1500 +%bcond_without lto +%else +%bcond_with lto +%endif +%else +%bcond_with lto +%endif Name: chromium -Version: 75.0.3770.100 +Version: 75.0.3770.142 Release: 0 Summary: Google's open source browser project License: BSD-3-Clause AND LGPL-2.1-or-later @@ -74,16 +83,18 @@ Patch3: fix_building_widevinecdm_with_chromium.patch Patch4: chromium-dma-buf.patch Patch5: chromium-buildname.patch -Patch6: chromium-non-void-return.patch -Patch7: chromium-drm.patch -Patch8: chromium-sandbox-pie.patch -Patch9: chromium-system-icu.patch -Patch10: chromium-system-libusb.patch -Patch11: chromium-old-glibc.patch -Patch12: chromium-skia-aarch64-buildfix.patch -Patch13: chromium-gcc.patch -Patch14: chromium-75.0.3770.80-SIOCGSTAMP.patch -Patch15: chromium-75.0.3770.80-pure-virtual-crash-fix.patch +Patch6: chromium-drm.patch +Patch7: chromium-sandbox-pie.patch +Patch8: chromium-system-icu.patch +Patch9: chromium-system-libusb.patch +Patch10: chromium-old-glibc.patch +Patch11: chromium-skia-aarch64-buildfix.patch +Patch12: chromium-gcc.patch +Patch13: chromium-75.0.3770.80-SIOCGSTAMP.patch +Patch14: chromium-75.0.3770.80-pure-virtual-crash-fix.patch +Patch15: gcc-lto-rsp-clobber.patch +Patch16: gcc-enable-lto.patch +Patch17: chromium-renderprocess-crash.patch # Google seem not too keen on merging this but GPU accel is quite important # https://chromium-review.googlesource.com/c/chromium/src/+/532294 # https://github.com/saiarcot895/chromium-ubuntu-build/tree/master/debian/patches @@ -502,14 +513,20 @@ cp -a %{_includedir}/libusb-1.0/libusb.h third_party/libusb/src/libusb/libusb.h %build +# GN sets lto on its own and we need just ldflag options, not cflags +%if %{with lto} +export LDFLAGS="%{_lto_cflags}" +%endif +%define _lto_cflags %{nil} %if %{with clang} export CC=clang export CXX=clang++ %else # REDUCE DEBUG as it gets TOO large +# -Wno-error=return-type :: upstream does not care about this ARCH_FLAGS="`echo %{optflags} | sed -e 's/^-g / /g' -e 's/ -g / /g' -e 's/ -g$//g'`" -export CFLAGS="${ARCH_FLAGS} -fpermissive" -export CXXFLAGS="${ARCH_FLAGS} -fpermissive" +export CFLAGS="${ARCH_FLAGS} -fpermissive -Wno-error=return-type" +export CXXFLAGS="${ARCH_FLAGS} -fpermissive -Wno-error=return-type" export CC=gcc export CXX=g++ %if 0%{?suse_version} <= 1500 @@ -631,6 +648,9 @@ %else myconf_gn+=" is_clang=false" %endif +%if %{with lto} +myconf_gn+=" gcc_lto=true" +%endif # The proprietary codecs just force the chromium to say they can use it and # offload the actual computation to the ffmpeg, otherwise the chromium @@ -743,6 +763,7 @@ mkdir -p %{buildroot}%{_libdir}/browser-plugins pushd %{buildroot}%{_libdir}/chromium ln -s ../browser-plugins plugins +popd # Install the master_preferences file mkdir -p %{buildroot}%{_sysconfdir}/chromium @@ -752,6 +773,12 @@ chmod 755 %{buildroot}%{_libdir}/chromium/xdg-settings chmod 755 %{buildroot}%{_libdir}/chromium/xdg-mime +# install manpages +mkdir -p %{buildroot}%{_mandir}/man1/ +cp -a chrome/app/resources/manpage.1.in %{buildroot}%{_mandir}/man1/chromium.1 +sed -i "s|@@PACKAGE@@|chromium|g" %{buildroot}%{_mandir}/man1/chromium.1 +sed -i "s|@@MENUNAME@@|Chromium|g" %{buildroot}%{_mandir}/man1/chromium.1 + %fdupes %{buildroot} %verifyscript @@ -789,6 +816,7 @@ %{_libexecdir}/chrome_sandbox %exclude %{_libdir}/chromium/chromedriver %{_bindir}/chromium +%{_mandir}/man1/chromium.1%{?ext_man} %files -n chromedriver %{_libdir}/chromium/chromedriver ++++++ _constraints ++++++ --- /var/tmp/diff_new_pack.890S8z/_old 2019-07-31 14:29:24.902080597 +0200 +++ /var/tmp/diff_new_pack.890S8z/_new 2019-07-31 14:29:24.902080597 +0200 @@ -8,4 +8,14 @@ <size unit="G">8</size> </memory> </hardware> + <overwrite> + <conditions> + <arch>x86_64</arch> + </conditions> + <hardware> + <memory> + <size unit="G">16</size> + </memory> + </hardware> + </overwrite> </constraints> ++++++ chromium-75.0.3770.100.tar.xz -> chromium-75.0.3770.142.tar.xz ++++++ /work/SRC/openSUSE:Factory/chromium/chromium-75.0.3770.100.tar.xz /work/SRC/openSUSE:Factory/.chromium.new.4126/chromium-75.0.3770.142.tar.xz differ: char 25, line 1 ++++++ chromium-renderprocess-crash.patch ++++++ diff -up chromium-75.0.3770.100/chrome/browser/performance_manager/chrome_content_browser_client_performance_manager_part.cc.git00281713 chromium-75.0.3770.100/chrome/browser/performance_manager/chrome_content_browser_client_performance_manager_part.cc --- chromium-75.0.3770.100/chrome/browser/performance_manager/chrome_content_browser_client_performance_manager_part.cc.git00281713 2019-07-02 09:10:38.951369854 -0400 +++ chromium-75.0.3770.100/chrome/browser/performance_manager/chrome_content_browser_client_performance_manager_part.cc 2019-07-02 09:11:59.864642942 -0400 @@ -12,13 +12,19 @@ #include "chrome/browser/performance_manager/graph/process_node_impl.h" #include "chrome/browser/performance_manager/performance_manager.h" #include "chrome/browser/performance_manager/render_process_user_data.h" +#include "content/public/browser/render_process_host.h" #include "services/resource_coordinator/public/mojom/coordination_unit.mojom.h" namespace { void BindProcessNode( - content::RenderProcessHost* render_process_host, + int render_process_host_id, resource_coordinator::mojom::ProcessCoordinationUnitRequest request) { + content::RenderProcessHost* render_process_host = + content::RenderProcessHost::FromID(render_process_host_id); + if (!render_process_host) + return; + performance_manager::RenderProcessUserData* user_data = performance_manager::RenderProcessUserData::GetForRenderProcessHost( render_process_host); @@ -47,8 +53,7 @@ void ChromeContentBrowserClientPerforman blink::AssociatedInterfaceRegistry* associated_registry, content::RenderProcessHost* render_process_host) { registry->AddInterface( - base::BindRepeating(&BindProcessNode, - base::Unretained(render_process_host)), + base::BindRepeating(&BindProcessNode, render_process_host->GetID()), base::SequencedTaskRunnerHandle::Get()); // Ideally this would strictly be a "CreateForRenderProcess", but when a ++++++ gcc-enable-lto.patch ++++++ Index: chromium-75.0.3770.142/build/config/BUILDCONFIG.gn =================================================================== --- chromium-75.0.3770.142.orig/build/config/BUILDCONFIG.gn +++ chromium-75.0.3770.142/build/config/BUILDCONFIG.gn @@ -130,6 +130,8 @@ declare_args() { # separate flags. is_official_build = false + gcc_lto = false + # Whether we're a traditional desktop unix. is_desktop_linux = current_os == "linux" @@ -440,6 +442,12 @@ default_compiler_configs = [ "//build/config/sanitizers:default_sanitizer_flags", ] +if (gcc_lto) { + default_compiler_configs += [ + "//build/config/compiler:gcc_lto", + ] +} + if (is_win) { default_compiler_configs += [ "//build/config/win:default_crt", Index: chromium-75.0.3770.142/build/config/compiler/BUILD.gn =================================================================== --- chromium-75.0.3770.142.orig/build/config/compiler/BUILD.gn +++ chromium-75.0.3770.142/build/config/compiler/BUILD.gn @@ -1921,6 +1921,10 @@ if (is_win) { } } +config("gcc_lto") { + cflags = [ "-flto" ] +} + config("default_stack_frames") { if (is_posix || is_fuchsia) { if (enable_frame_pointers) { Index: chromium-75.0.3770.142/sandbox/linux/BUILD.gn =================================================================== --- chromium-75.0.3770.142.orig/sandbox/linux/BUILD.gn +++ chromium-75.0.3770.142/sandbox/linux/BUILD.gn @@ -256,6 +256,9 @@ component("seccomp_bpf") { "//base", "//base/third_party/dynamic_annotations", ] + if (gcc_lto) { + configs -= [ "//build/config/compiler:gcc_lto" ] + } if (is_nacl_nonsfi) { cflags = [ "-fgnu-inline-asm" ] ++++++ gcc-lto-rsp-clobber.patch ++++++ diff --git a/third_party/lss/linux_syscall_support.h b/third_party/lss/linux_syscall_support.h index 5d9c2e858..e64703ba0 100644 --- a/third_party/lss/linux_syscall_support.h +++ b/third_party/lss/linux_syscall_support.h @@ -2405,7 +2405,7 @@ struct kernel_statfs { "d"(LSS_SYSCALL_ARG(parent_tidptr)), "r"(LSS_SYSCALL_ARG(newtls)), "r"(LSS_SYSCALL_ARG(child_tidptr)) - : "rsp", "memory", "r8", "r10", "r11", "rcx"); + : "memory", "r8", "r10", "r11", "rcx"); } LSS_RETURN(int, __res); }
