Hello community,
here is the log from the commit of package chromium for openSUSE:Factory
checked in at 2020-06-26 21:45:45
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/chromium (Old)
and /work/SRC/openSUSE:Factory/.chromium.new.3060 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "chromium"
Fri Jun 26 21:45:45 2020 rev:259 rq:816970 version:83.0.4103.116
Changes:
--------
--- /work/SRC/openSUSE:Factory/chromium/chromium.changes 2020-06-08
23:45:35.725653831 +0200
+++ /work/SRC/openSUSE:Factory/.chromium.new.3060/chromium.changes
2020-06-26 21:47:08.058155802 +0200
@@ -1,0 +2,89 @@
+Thu Jun 25 07:12:24 UTC 2020 - Tomáš Chvátal <tchva...@suse.com>
+
+- Disable the LTO again as it still OOMs quite often
+
+-------------------------------------------------------------------
+Wed Jun 24 07:40:07 UTC 2020 - Tomáš Chvátal <tchva...@suse.com>
+
+- Add patch to work with new ffmpeg wrt bsc#1173292:
+ * chromium-84-mediaalloc.patch
+
+-------------------------------------------------------------------
+Tue Jun 23 14:20:46 UTC 2020 - Tomáš Chvátal <tchva...@suse.com>
+
+- Add multimedia fix for disabled location and also try one
+ additional patch from Debian on the same issue bsc#1173107
+ Update patch:
+ * no-location-leap151.patch
+
+-------------------------------------------------------------------
+Tue Jun 23 08:20:43 UTC 2020 - Tomáš Chvátal <tchva...@suse.com>
+
+- Add patch from Fedora to avoid attribute overrides in skia:
+ * chromium-83.0.4103.97-skia-gcc-no_sanitize-fixes.patch
+
+-------------------------------------------------------------------
+Tue Jun 23 08:08:08 UTC 2020 - Tomáš Chvátal <tchva...@suse.com>
+
+- Add patch to hopefully fix bsc#1173107:
+ * chromium-dev-shm.patch
+
+-------------------------------------------------------------------
+Tue Jun 23 07:51:28 UTC 2020 - Tomáš Chvátal <tchva...@suse.com>
+
+- Update to 83.0.4103.116 bsc#1173251:
+ * CVE-2020-6509: Use after free in extensions
+
+-------------------------------------------------------------------
+Fri Jun 19 07:34:53 UTC 2020 - Tomáš Chvátal <tchva...@suse.com>
+
+- Reduce constraints to say 20 GB disk space is enough
+
+-------------------------------------------------------------------
+Fri Jun 19 07:13:03 UTC 2020 - Tomáš Chvátal <tchva...@suse.com>
+
+- Disable wayland integration on 15.x bsc#1173187 bsc#1173188
+ bsc#1173254
+
+-------------------------------------------------------------------
+Thu Jun 18 07:39:50 UTC 2020 - Tomáš Chvátal <tchva...@suse.com>
+
+- Enforce to not use system borders bsc#1173063
+
+-------------------------------------------------------------------
+Wed Jun 17 08:32:06 UTC 2020 - Tomáš Chvátal <tchva...@suse.com>
+
+- Update to 83.0.4103.106 bsc#1173029:
+ * CVE-2020-6505: Use after free in speech
+ * CVE-2020-6506: Insufficient policy enforcement in WebView
+ * CVE-2020-6507: Out of bounds write in V8
+
+-------------------------------------------------------------------
+Mon Jun 15 14:05:36 UTC 2020 - Tomáš Chvátal <tchva...@suse.com>
+
+- Another attempt on the location handling for Leap 15.1:
+ * no-location-leap151.patch
+
+-------------------------------------------------------------------
+Thu Jun 11 16:31:50 UTC 2020 - Tomáš Chvátal <tchva...@suse.com>
+
+- Attempt to build with wayland/ozone enabled
+
+-------------------------------------------------------------------
+Thu Jun 11 12:14:32 UTC 2020 - Tomáš Chvátal <tchva...@suse.com>
+
+- Enable more system libs on 15.2+
+- Remove the chromium-83-gcc-location-revert.patch as it is wrong
+ approach to fix the problem
+
+-------------------------------------------------------------------
+Thu Jun 11 09:05:00 UTC 2020 - Tomáš Chvátal <tchva...@suse.com>
+
+- Update _constraints to match up LTO enablement
+
+-------------------------------------------------------------------
+Wed Jun 10 12:20:57 UTC 2020 - Tomáš Chvátal <tchva...@suse.com>
+
+- With GCC 10 released we should be able to enable LTO again
+
+-------------------------------------------------------------------
Old:
----
chromium-83-gcc-location-revert.patch
chromium-83.0.4103.97.tar.xz
New:
----
chromium-83.0.4103.116.tar.xz
chromium-83.0.4103.97-skia-gcc-no_sanitize-fixes.patch
chromium-84-mediaalloc.patch
chromium-dev-shm.patch
no-location-leap151.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ chromium.spec ++++++
--- /var/tmp/diff_new_pack.Xztf07/_old 2020-06-26 21:47:15.142178476 +0200
+++ /var/tmp/diff_new_pack.Xztf07/_new 2020-06-26 21:47:15.146178489 +0200
@@ -19,12 +19,19 @@
%define rname chromium
# bsc#1108175
%define __provides_exclude ^lib.*\\.so.*$
-%if 0%{?suse_version} >= 1550
+%if 0%{?suse_vesrion} > 1500
%bcond_without system_icu
+%bcond_without system_vpx
+%bcond_without wayland
+%else
+%bcond_with system_icu
+%bcond_with system_vpx
+%bcond_with wayland
+%endif
+%if 0%{?suse_version} > 1500 || 0%{?sle_version} >= 150200
%bcond_without system_harfbuzz
%bcond_without pipewire
%else
-%bcond_with system_icu
%bcond_with system_harfbuzz
%bcond_with pipewire
%endif
@@ -42,11 +49,9 @@
%else
%bcond_with lto
%endif
-%bcond_with system_vpx
%bcond_with clang
-%bcond_with wayland
Name: chromium
-Version: 83.0.4103.97
+Version: 83.0.4103.116
Release: 0
Summary: Google's open source browser project
License: BSD-3-Clause AND LGPL-2.1-or-later
@@ -89,9 +94,13 @@
Patch27: chromium-83-gcc-include.patch
Patch28: chromium-83-gcc-10.patch
Patch29: chromium-81-re2-0.2020.05.01.patch
-Patch30: chromium-83-gcc-location-revert.patch
# Do not use unrar code, it is non-free
-Patch31: chromium-norar.patch
+Patch30: chromium-norar.patch
+# specific patch to disable location on Leap; works on 15.2 but not on 15.1
+Patch31: no-location-leap151.patch
+Patch32: chromium-dev-shm.patch
+Patch33: chromium-83.0.4103.97-skia-gcc-no_sanitize-fixes.patch
+Patch34: chromium-84-mediaalloc.patch
# Google seem not too keen on merging this but GPU accel is quite important
# https://chromium-review.googlesource.com/c/chromium/src/+/532294
#
https://github.com/saiarcot895/chromium-ubuntu-build/tree/master/debian/patches
@@ -232,9 +241,9 @@
BuildRequires: pkgconfig(wayland-cursor)
BuildRequires: pkgconfig(wayland-scanner)
BuildRequires: pkgconfig(wayland-server)
-%else
-BuildRequires: pkgconfig(libva)
+BuildRequires: pkgconfig(xkbcommon)
%endif
+BuildRequires: pkgconfig(libva)
%ifnarch aarch64
# Current tcmalloc does not support AArch64
BuildRequires: pkgconfig(libtcmalloc)
@@ -243,10 +252,10 @@
BuildRequires: pkgconfig(harfbuzz) > 2.3.0
%endif
%if %{with system_icu}
-BuildRequires: pkgconfig(icu-i18n) >= 63.0
+BuildRequires: pkgconfig(icu-i18n) >= 67.0
%endif
%if %{with system_vpx}
-BuildRequires: pkgconfig(vpx) >= 1.6.1
+BuildRequires: pkgconfig(vpx) >= 1.8.2
%endif
%if %{with clang}
BuildRequires: clang >= 5.0.0
@@ -446,7 +455,6 @@
third_party/swiftshader/third_party/subzero
third_party/swiftshader/third_party/SPIRV-Headers/include/spirv/unified1
third_party/tcmalloc
- third_party/unrar
third_party/usrsctp
third_party/vulkan
third_party/web-animations-js
@@ -473,7 +481,8 @@
)
%if %{with wayland}
keeplibs+=(
- third_party/mingbm
+ third_party/libdrm/src/include
+ third_party/v4l-utils
third_party/wayland
third_party/wayland-protocols
)
@@ -528,6 +537,10 @@
export CXXFLAGS="${CXXFLAGS} -Wno-ignored-attributes"
# ingore new gcc 8 warnings that aren't yet handled upstream
export CXXFLAGS="${CXXFLAGS} -Wno-address -Wno-dangling-else
-Wno-class-memaccess -Wno-invalid-offsetof -Wno-packed-not-aligned"
+%if %{with wayland}
+# for wayland
+export CXXFLAGS="${CXXFLAGS} -I/usr/include/libxkbcommon"
+%endif
export CFLAGS="${CXXFLAGS}"
export CC=gcc
export CXX=g++
@@ -638,7 +651,9 @@
%endif
# ozone stuff
%if %{with wayland}
-myconf_gn+=" use_ozone=true use_xkbcommon=true use_v4lplugin=true
use_v4l2_codec=true use_linux_v4l2_only=true"
+myconf_gn+=" use_ozone=true ozone_platform=\"x11\" ozone_platform_x11=true"
+# use_v4l2_codec - uses patches in kernel-headers present on chromeos only
+myconf_gn+=" use_v4lplugin=true use_v4l2_codec=false use_linux_v4l2_only=true"
%endif
%if %{with clang}
myconf_gn+=" is_clang=true clang_base_path=\"/usr\"
clang_use_chrome_plugins=false"
++++++ _constraints ++++++
--- /var/tmp/diff_new_pack.Xztf07/_old 2020-06-26 21:47:15.178178591 +0200
+++ /var/tmp/diff_new_pack.Xztf07/_new 2020-06-26 21:47:15.178178591 +0200
@@ -2,7 +2,7 @@
<constraints>
<hardware>
<disk>
- <size unit="G">16</size>
+ <size unit="G">20</size>
</disk>
<physicalmemory>
<size unit="G">8</size>
++++++ chromium-83.0.4103.97.tar.xz -> chromium-83.0.4103.116.tar.xz ++++++
/work/SRC/openSUSE:Factory/chromium/chromium-83.0.4103.97.tar.xz
/work/SRC/openSUSE:Factory/.chromium.new.3060/chromium-83.0.4103.116.tar.xz
differ: char 27, line 1
++++++ chromium-83.0.4103.97-skia-gcc-no_sanitize-fixes.patch ++++++
diff -up
chromium-83.0.4103.97/third_party/skia/include/private/SkFloatingPoint.h.gcc-float-divide-by-zero
chromium-83.0.4103.97/third_party/skia/include/private/SkFloatingPoint.h
---
chromium-83.0.4103.97/third_party/skia/include/private/SkFloatingPoint.h.gcc-float-divide-by-zero
2020-06-15 11:09:01.218290365 -0400
+++ chromium-83.0.4103.97/third_party/skia/include/private/SkFloatingPoint.h
2020-06-15 11:14:15.900470624 -0400
@@ -159,7 +159,15 @@ static inline int64_t sk_float_saturate2
// Cast double to float, ignoring any warning about too-large finite values
being cast to float.
// Clang thinks this is undefined, but it's actually implementation defined to
return either
// the largest float or infinity (one of the two bracketing representable
floats). Good enough!
+#if defined(__GNUC__) && __GNUC__ >= 8
+__attribute__((no_sanitize("float-cast-overflow")))
+#else
+# if defined(__GNUC__)
+__attribute__((no_sanitize_undefined))
+# else
[[clang::no_sanitize("float-cast-overflow")]]
+# endif
+#endif
static inline float sk_double_to_float(double x) {
return static_cast<float>(x);
}
@@ -226,12 +234,28 @@ static inline float sk_float_rsqrt(float
// IEEE defines how float divide behaves for non-finite values and
zero-denoms, but C does not
// so we have a helper that suppresses the possible undefined-behavior
warnings.
+#if defined(__GNUC__) && __GNUC__ >= 8
+__attribute__((no_sanitize("float-divide-by-zero")))
+#else
+# if defined(__GNUC__)
+__attribute__((no_sanitize_undefined))
+# else
[[clang::no_sanitize("float-divide-by-zero")]]
+# endif
+#endif
static inline float sk_ieee_float_divide(float numer, float denom) {
return numer / denom;
}
+#if defined(__GNUC__) && __GNUC__ >= 8
+__attribute__((no_sanitize("float-divide-by-zero")))
+#else
+# if defined(__GNUC__)
+__attribute__((no_sanitize_undefined))
+# else
[[clang::no_sanitize("float-divide-by-zero")]]
+# endif
+#endif
static inline double sk_ieee_double_divide(double numer, double denom) {
return numer / denom;
}
++++++ chromium-84-mediaalloc.patch ++++++
https://bugs.chromium.org/p/chromium/issues/detail?id=1095962
Index: chromium-83.0.4103.116/media/base/media.cc
===================================================================
--- chromium-83.0.4103.116.orig/media/base/media.cc
+++ chromium-83.0.4103.116/media/base/media.cc
@@ -2,6 +2,8 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
+#include <limits>
+
#include "media/base/media.h"
#include "base/allocator/buildflags.h"
@@ -41,7 +43,7 @@ class MediaInitializer {
#if BUILDFLAG(USE_ALLOCATOR_SHIM)
// Remove allocation limit from ffmpeg, so calls go down to shim layer.
- av_max_alloc(0);
+ av_max_alloc(std::numeric_limits<size_t>::max());
#endif // BUILDFLAG(USE_ALLOCATOR_SHIM)
#endif // BUILDFLAG(ENABLE_FFMPEG)
++++++ chromium-dev-shm.patch ++++++
>From 128c6f2ce4ff5330340e54b93fa177657896e8e7 Mon Sep 17 00:00:00 2001
From: Daniel Cheng <dch...@chromium.org>
Date: Tue, 9 Jun 2020 23:31:36 +0000
Subject: [PATCH] Propagate --disable-dev-shm-usage to child processes.
Processes that directly allocate shared memory need to know about this
flag; otherwise, they will use the wrong allocation strategy and
potentially encounter OOM failures.
Most processes are sandboxed by default on Linux, so shared memory
creation is brokered through the browser process, which already knows
about this flag; however, any processes which aren't sandboxed will have
this problem.
The unsupported --no-sandbox flag compounds this issue, since all
renderer processes begin allocating shared memory directly as well. If
/dev/shm is limited in size (often the case in containerized
environments), then the renderer will start encountering OOM crashes
when shared memory creation fails due to the size constraints.
(cherry picked from commit 5e2363b351562d9ffe6181f5458ac0240cefe762)
Fixed: 1085829
Change-Id: I5f321ba5f91360b72524614e1e91e0e5d805d4c7
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2220891
Reviewed-by: Ken Rockot <roc...@google.com>
Reviewed-by: Matt Falkenhagen <fal...@chromium.org>
Commit-Queue: Daniel Cheng <dch...@chromium.org>
Cr-Original-Commit-Position: refs/heads/master@{#774047}
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2238868
Reviewed-by: Lei Zhang <thes...@chromium.org>
Cr-Commit-Position: refs/branch-heads/4147@{#559}
Cr-Branched-From:
16307825352720ae04d898f37efa5449ad68b606-refs/heads/master@{#768962}
---
content/browser/gpu/gpu_process_host.cc | 3 +++
content/browser/renderer_host/render_process_host_impl.cc | 3 +++
content/browser/utility_process_host.cc | 3 +++
3 files changed, 9 insertions(+)
diff --git a/content/browser/gpu/gpu_process_host.cc
b/content/browser/gpu/gpu_process_host.cc
index ae8f3b6597193..d39f52a896c0f 100644
--- a/content/browser/gpu/gpu_process_host.cc
+++ b/content/browser/gpu/gpu_process_host.cc
@@ -215,6 +215,9 @@ static const char* const kSwitchNames[] = {
service_manager::switches::kGpuSandboxFailuresFatal,
service_manager::switches::kDisableGpuSandbox,
service_manager::switches::kNoSandbox,
+#if defined(OS_LINUX) && !defined(OS_CHROMEOS)
+ switches::kDisableDevShmUsage,
+#endif
#if defined(OS_WIN)
switches::kDisableHighResTimer,
#endif // defined(OS_WIN)
diff --git a/content/browser/renderer_host/render_process_host_impl.cc
b/content/browser/renderer_host/render_process_host_impl.cc
index e7530931e0672..a37c3125a3431 100644
--- a/content/browser/renderer_host/render_process_host_impl.cc
+++ b/content/browser/renderer_host/render_process_host_impl.cc
@@ -3232,6 +3232,9 @@ void
RenderProcessHostImpl::PropagateBrowserCommandLineToRenderer(
service_manager::switches::kDisableInProcessStackTraces,
service_manager::switches::kDisableSeccompFilterSandbox,
service_manager::switches::kNoSandbox,
+#if defined(OS_LINUX) && !defined(OS_CHROMEOS)
+ switches::kDisableDevShmUsage,
+#endif
#if defined(OS_MACOSX)
// Allow this to be set when invoking the browser and relayed along.
service_manager::switches::kEnableSandboxLogging,
diff --git a/content/browser/utility_process_host.cc
b/content/browser/utility_process_host.cc
index 313e00d752351..8ccfbf0a60258 100644
--- a/content/browser/utility_process_host.cc
+++ b/content/browser/utility_process_host.cc
@@ -420,6 +420,9 @@ bool UtilityProcessHost::StartProcess() {
network::switches::kNetLogCaptureMode,
network::switches::kExplicitlyAllowedPorts,
service_manager::switches::kNoSandbox,
+#if defined(OS_LINUX) && !defined(OS_CHROMEOS)
+ switches::kDisableDevShmUsage,
+#endif
service_manager::switches::kEnableAudioServiceSandbox,
#if defined(OS_MACOSX)
service_manager::switches::kEnableSandboxLogging,
++++++ chromium.default ++++++
--- /var/tmp/diff_new_pack.Xztf07/_old 2020-06-26 21:47:15.366179193 +0200
+++ /var/tmp/diff_new_pack.Xztf07/_new 2020-06-26 21:47:15.366179193 +0200
@@ -1,5 +1,5 @@
# Default settings for chromium. This file is sourced by /usr/bin/chromium
# Options to pass to chromium
-# Ie. debugging: --enable-logging=stderr --v=2
+# Ie. debugging: --enable-logging=stderr --v=2 --debug --single-process
CHROMIUM_FLAGS=""
++++++ master_preferences ++++++
--- /var/tmp/diff_new_pack.Xztf07/_old 2020-06-26 21:47:15.410179334 +0200
+++ /var/tmp/diff_new_pack.Xztf07/_new 2020-06-26 21:47:15.414179347 +0200
@@ -16,7 +16,8 @@
},
"browser": {
"show_home_button": true,
- "check_default_browser": false
+ "check_default_browser": false,
+ "custom_chrome_frame": true
},
"bookmark_bar": {
"show_on_all_tabs": true
++++++ no-location-leap151.patch ++++++
Index: chromium-83.0.4103.116/base/location.h
===================================================================
--- chromium-83.0.4103.116.orig/base/location.h
+++ chromium-83.0.4103.116/base/location.h
@@ -18,12 +18,7 @@
namespace base {
-#if defined(__has_builtin)
-// Clang allows detection of these builtins.
-#define SUPPORTS_LOCATION_BUILTINS \
- (__has_builtin(__builtin_FUNCTION) && __has_builtin(__builtin_FILE) && \
- __has_builtin(__builtin_LINE))
-#elif defined(COMPILER_GCC) && __GNUC__ >= 7
+#if defined(COMPILER_GCC) && __GNUC__ >= 10
// GCC has supported these for a long time, but they point at the function
// declaration in the case of default arguments, rather than at the call site.
#define SUPPORTS_LOCATION_BUILTINS 1
Index: chromium-83.0.4103.116/base/location.cc
===================================================================
--- chromium-83.0.4103.116.orig/base/location.cc
+++ chromium-83.0.4103.116/base/location.cc
@@ -92,7 +92,7 @@ NOINLINE Location Location::Current(cons
#else
// static
NOINLINE Location Location::Current() {
- return Location(nullptr, RETURN_ADDRESS());
+ return Location("[unknown file]", RETURN_ADDRESS());
}
#endif
Index: chromium-83.0.4103.116/media/base/media_serializers.h
===================================================================
--- chromium-83.0.4103.116.orig/media/base/media_serializers.h
+++ chromium-83.0.4103.116/media/base/media_serializers.h
@@ -377,8 +377,8 @@ template <>
struct MediaSerializer<base::Location> {
static base::Value Serialize(const base::Location& value) {
base::Value result(base::Value::Type::DICTIONARY);
- FIELD_SERIALIZE("file", value.file_name());
- FIELD_SERIALIZE("line", value.line_number());
+ FIELD_SERIALIZE("file", value.file_name() ? value.file_name() : "unknown");
+ FIELD_SERIALIZE("line", value.line_number() ? value.line_number() : 0);
return result;
}
};
