diff options
| -rw-r--r-- | chromium/chromium/chromium-angle-typedef.patch | 53 | ||||
| -rwxr-xr-x | chromium/chromium/chromium-ffmpeg-clean.sh | 1 | ||||
| -rw-r--r-- | chromium/chromium/chromium-gcc-11-r903595.patch | 58 | ||||
| -rw-r--r-- | chromium/chromium/chromium-gcc-11-r903819.patch | 39 | ||||
| -rw-r--r-- | chromium/chromium/chromium-gcc-11-r903820.patch | 39 | ||||
| -rw-r--r-- | chromium/chromium/chromium-gcc-11-r904696.patch | 39 | ||||
| -rw-r--r-- | chromium/chromium/chromium-gcc-11-r905300.patch | 39 | ||||
| -rw-r--r-- | chromium/chromium/chromium-gcc-11-r905634.patch | 45 | ||||
| -rw-r--r-- | chromium/chromium/chromium-gcc-11-r911787.patch | 30 | ||||
| -rw-r--r-- | chromium/chromium/chromium-glibc-2.33-r902981.patch | 1387 | ||||
| -rw-r--r-- | chromium/chromium/chromium-glibc-2.33-r903873.patch | 351 | ||||
| -rw-r--r-- | chromium/chromium/chromium-pdfium-string.patch | 129 | ||||
| -rw-r--r-- | chromium/chromium/chromium.spec | 33 |
13 files changed, 47 insertions, 2196 deletions
diff --git a/chromium/chromium/chromium-angle-typedef.patch b/chromium/chromium/chromium-angle-typedef.patch deleted file mode 100644 index 700030c..0000000 --- a/chromium/chromium/chromium-angle-typedef.patch +++ /dev/null @@ -1,53 +0,0 @@ -From 7108f83c8ad1bad4072e4f32da3db6d59cf51400 Mon Sep 17 00:00:00 2001 -From: Ivan Murashov <ivan.murashov@lge.com> -Date: Tue, 20 Jul 2021 13:16:44 +0300 -Subject: [PATCH] GCC: Remove double declaration of ContextSet - -After the CL -https://chromium-review.googlesource.com/c/angle/angle/+/2965780 -the build with GCC failed with error: -/third_party/angle/src/libANGLE/Display.h:325:37: error: declaration of -'typedef class std::__1::set<gl::Context*> egl::Display::ContextSet' -changes meaning of 'ContextSet' [-fpermissive] -/third_party/angle/src/libANGLE/Display.h:75:7: note: 'ContextSet' -declared here as 'using ContextSet = class std::__1::set<gl::Context*>' - -To fix the error the double declaration of ContextSet is removed. - -Bug: angleproject:5878, chromium:819294 -Change-Id: Id9e52061af53ea18dd5d13b960daaa67a14f61ca -Reviewed-on: https://chromium-review.googlesource.com/c/angle/angle/+/3038804 -Reviewed-by: Jamie Madill <jmadill@chromium.org> -Commit-Queue: Jamie Madill <jmadill@chromium.org> ---- - CONTRIBUTORS | 1 + - src/libANGLE/Display.h | 1 - - 2 files changed, 1 insertion(+), 1 deletion(-) - -diff --git a/CONTRIBUTORS b/CONTRIBUTORS -index 887ddc266..94b1b4d1d 100644 ---- a/third_party/angle/CONTRIBUTORS -+++ b/third_party/angle/CONTRIBUTORS -@@ -154,6 +154,7 @@ Advanced Micro Devices, Inc. - - LG Electronics, Inc. - Jani Hautakangas -+ Ivan Murashov - - IBM Inc. - Junliang Yan -diff --git a/src/libANGLE/Display.h b/src/libANGLE/Display.h -index f33123b71..f0c091044 100644 ---- a/third_party/angle/src/libANGLE/Display.h -+++ b/third_party/angle/src/libANGLE/Display.h -@@ -322,7 +322,6 @@ class Display final : public LabeledObject, - - ConfigSet mConfigSet; - -- typedef std::set<gl::Context *> ContextSet; - ContextSet mContextSet; - - typedef std::set<Image *> ImageSet; --- -2.31.1 - diff --git a/chromium/chromium/chromium-ffmpeg-clean.sh b/chromium/chromium/chromium-ffmpeg-clean.sh index ff0b368..167c50a 100755 --- a/chromium/chromium/chromium-ffmpeg-clean.sh +++ b/chromium/chromium/chromium-ffmpeg-clean.sh @@ -93,6 +93,7 @@ header_files=" libavcodec/x86/inline_asm.h \ libavcodec/codec_par.h \ libavcodec/dct.h \ libavcodec/dct32.h \ + libavcodec/defs.h \ libavcodec/error_resilience.h \ libavcodec/fdctdsp.h \ libavcodec/fft.h \ diff --git a/chromium/chromium/chromium-gcc-11-r903595.patch b/chromium/chromium/chromium-gcc-11-r903595.patch deleted file mode 100644 index 63fbc77..0000000 --- a/chromium/chromium/chromium-gcc-11-r903595.patch +++ /dev/null @@ -1,58 +0,0 @@ -From 802150d7be94e5317b257df545d55ce5b007ae65 Mon Sep 17 00:00:00 2001 -From: Jose Dapena Paz <jdapena@igalia.com> -Date: Tue, 20 Jul 2021 18:50:11 +0000 -Subject: [PATCH] libstdc++: do not use unique_ptr bool() operator in a - constexpr in form_forest.h -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Fix build breakage in GCC, because of calling non constexpr functions from a -constexpr function. In this case, libstdc++ unique_ptr bool() operator is not -constexpr, so it cannot be used inside CompareByFrameToken. - -An example of build breakage caused by this: - ../../components/autofill/content/browser/form_forest.h:157:21: error: call to non-‘constexpr’ function ‘std::unique_ptr<_Tp, _Dp>::operator bool() const [with _Tp = autofill::internal::FormForest::FrameData; _Dp = std::default_delete<autofill::internal::FormForest::FrameData>]’ - 157 | return f && g ? f->frame_token < g->frame_token : f.get() < g.get(); - | ^ - -Bug: 957519 -Change-Id: I3c49559084fe58886a03520729873b7c4ac89bbf -Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3041050 -Commit-Queue: Dominic Battré <battre@chromium.org> -Reviewed-by: Dominic Battré <battre@chromium.org> -Cr-Commit-Position: refs/heads/master@{#903595} ---- - components/autofill/content/browser/form_forest.h | 12 ++++++------ - 1 file changed, 6 insertions(+), 6 deletions(-) - -diff --git a/components/autofill/content/browser/form_forest.h b/components/autofill/content/browser/form_forest.h -index c89a8eb8976d0..f414ab8c89c71 100644 ---- a/components/autofill/content/browser/form_forest.h -+++ b/components/autofill/content/browser/form_forest.h -@@ -152,16 +152,16 @@ class FormForest { - // used by FrameData sets. - struct CompareByFrameToken { - using is_transparent = void; -- constexpr bool operator()(const std::unique_ptr<FrameData>& f, -- const std::unique_ptr<FrameData>& g) const { -+ bool operator()(const std::unique_ptr<FrameData>& f, -+ const std::unique_ptr<FrameData>& g) const { - return f && g ? f->frame_token < g->frame_token : f.get() < g.get(); - } -- constexpr bool operator()(const std::unique_ptr<FrameData>& f, -- const LocalFrameToken& g) const { -+ bool operator()(const std::unique_ptr<FrameData>& f, -+ const LocalFrameToken& g) const { - return f ? f->frame_token < g : true; - } -- constexpr bool operator()(const LocalFrameToken& f, -- const std::unique_ptr<FrameData>& g) const { -+ bool operator()(const LocalFrameToken& f, -+ const std::unique_ptr<FrameData>& g) const { - return g ? f < g->frame_token : false; - } - }; --- -2.31.1 - diff --git a/chromium/chromium/chromium-gcc-11-r903819.patch b/chromium/chromium/chromium-gcc-11-r903819.patch deleted file mode 100644 index 6964e38..0000000 --- a/chromium/chromium/chromium-gcc-11-r903819.patch +++ /dev/null @@ -1,39 +0,0 @@ -From 2f5514051210388bfcff605570d33f08cfa7bcaa Mon Sep 17 00:00:00 2001 -From: Jose Dapena Paz <jdapena@igalia.com> -Date: Wed, 21 Jul 2021 08:34:58 +0000 -Subject: [PATCH] IWYU: usage of unique_ptr requires including <memory> in - bluetooth low energy scan filter. -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Fix build because of missing include: -../../device/bluetooth/bluetooth_low_energy_scan_filter.h:57:15: error: ‘unique_ptr’ in namespace ‘std’ does not name a template type - 57 | static std::unique_ptr<BluetoothLowEnergyScanFilter> Create( - | ^~~~~~~~~~ - -Bug: 819294 -Change-Id: I347953a083f1bcdf744fd86e1a73954c6f86b32e -Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3041155 -Reviewed-by: Reilly Grant <reillyg@chromium.org> -Commit-Queue: José Dapena Paz <jdapena@igalia.com> -Cr-Commit-Position: refs/heads/master@{#903819} ---- - device/bluetooth/bluetooth_low_energy_scan_filter.h | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/device/bluetooth/bluetooth_low_energy_scan_filter.h b/device/bluetooth/bluetooth_low_energy_scan_filter.h -index a0436c184a967..7ae606cca014e 100644 ---- a/device/bluetooth/bluetooth_low_energy_scan_filter.h -+++ b/device/bluetooth/bluetooth_low_energy_scan_filter.h -@@ -7,6 +7,7 @@ - - #include <stddef.h> - #include <stdint.h> -+#include <memory> - #include <vector> - - #include "base/time/time.h" --- -2.31.1 - diff --git a/chromium/chromium/chromium-gcc-11-r903820.patch b/chromium/chromium/chromium-gcc-11-r903820.patch deleted file mode 100644 index 16d0b80..0000000 --- a/chromium/chromium/chromium-gcc-11-r903820.patch +++ /dev/null @@ -1,39 +0,0 @@ -From 8ae99ee447cf5f0160ea4ae978cdf37f5dcecd1e Mon Sep 17 00:00:00 2001 -From: Jose Dapena Paz <jdapena@igalia.com> -Date: Wed, 21 Jul 2021 08:36:20 +0000 -Subject: [PATCH] IWYU: missing memory include for unique_ptr usage in - class_property.h -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Fix GCC build breakage because of missing inclide: -./../ui/base/class_property.h:120:58: error: ‘std::unique_ptr’ has not been declared - 120 | T* SetProperty(const ClassProperty<T*>* property, std::unique_ptr<T> value); - | ^~~~~~~~~~ - -Bug: 819294 -Change-Id: I46b921876702b8d44674689bbb5acdc107db21e5 -Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3041030 -Reviewed-by: Peter Boström <pbos@chromium.org> -Commit-Queue: José Dapena Paz <jdapena@igalia.com> -Cr-Commit-Position: refs/heads/master@{#903820} ---- - ui/base/class_property.h | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/ui/base/class_property.h b/ui/base/class_property.h -index f7b2f559858b7..88b49386ae0ad 100644 ---- a/ui/base/class_property.h -+++ b/ui/base/class_property.h -@@ -8,6 +8,7 @@ - #include <stdint.h> - - #include <map> -+#include <memory> - #include <set> - #include <type_traits> - --- -2.31.1 - diff --git a/chromium/chromium/chromium-gcc-11-r904696.patch b/chromium/chromium/chromium-gcc-11-r904696.patch deleted file mode 100644 index 9b65b8a..0000000 --- a/chromium/chromium/chromium-gcc-11-r904696.patch +++ /dev/null @@ -1,39 +0,0 @@ -From 17d0e3dfcd0690df0e7b212fedcb95402f16935d Mon Sep 17 00:00:00 2001 -From: Jose Dapena Paz <jdapena@igalia.com> -Date: Fri, 23 Jul 2021 10:17:49 +0000 -Subject: [PATCH] IWYU: missing include for using std::vector in hash password - manager. -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Fix build breakage: -../../components/password_manager/core/browser/hash_password_manager.h:44:8: error: ‘vector’ in namespace ‘std’ does not name a template type - 44 | std::vector<PasswordHashData> RetrieveAllPasswordHashes(); - | ^~~~~~ - -Bug: 819294 -Change-Id: I8c8a4ec3972eedb87a312c5ec56adf4a21b1b2a2 -Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3041046 -Commit-Queue: Vasilii Sukhanov <vasilii@chromium.org> -Reviewed-by: Vasilii Sukhanov <vasilii@chromium.org> -Cr-Commit-Position: refs/heads/master@{#904696} ---- - components/password_manager/core/browser/hash_password_manager.h | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/components/password_manager/core/browser/hash_password_manager.h b/components/password_manager/core/browser/hash_password_manager.h -index c762c5a8c7713..85e656edcba11 100644 ---- a/components/password_manager/core/browser/hash_password_manager.h -+++ b/components/password_manager/core/browser/hash_password_manager.h -@@ -6,6 +6,7 @@ - #define COMPONENTS_PASSWORD_MANAGER_CORE_BROWSER_HASH_PASSWORD_MANAGER_H_ - - #include <string> -+#include <vector> - - #include "base/callback.h" - #include "base/callback_list.h" --- -2.31.1 - diff --git a/chromium/chromium/chromium-gcc-11-r905300.patch b/chromium/chromium/chromium-gcc-11-r905300.patch deleted file mode 100644 index da17938..0000000 --- a/chromium/chromium/chromium-gcc-11-r905300.patch +++ /dev/null @@ -1,39 +0,0 @@ -From 9c675a1051551af26aaefc6fcd33502a51725396 Mon Sep 17 00:00:00 2001 -From: Jose Dapena Paz <jdapena@igalia.com> -Date: Mon, 26 Jul 2021 17:14:51 +0000 -Subject: [PATCH] IWYU: missing include for std::vector usage in devtools - embedded message dispatcher. -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Fix GCC build breakage: - ../../chrome/browser/devtools/devtools_embedder_message_dispatcher.h:116:36: error: ‘vector’ in namespace ‘std’ does not name a template type - 116 | const std::vector<base::Value>& params) = 0; - | ^~~~~~ - -Bug: 819294 -Change-Id: I379bf14416c3bfd3c0cdac7bb2542b79781261ec -Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3041156 -Reviewed-by: Joe Mason <joenotcharles@chromium.org> -Commit-Queue: José Dapena Paz <jdapena@igalia.com> -Cr-Commit-Position: refs/heads/master@{#905300} ---- - chrome/browser/devtools/devtools_embedder_message_dispatcher.h | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/chrome/browser/devtools/devtools_embedder_message_dispatcher.h b/chrome/browser/devtools/devtools_embedder_message_dispatcher.h -index 12f8500b7811d..4007112f39410 100644 ---- a/chrome/browser/devtools/devtools_embedder_message_dispatcher.h -+++ b/chrome/browser/devtools/devtools_embedder_message_dispatcher.h -@@ -8,6 +8,7 @@ - #include <map> - #include <memory> - #include <string> -+#include <vector> - - #include "base/callback.h" - #include "ui/gfx/geometry/insets.h" --- -2.31.1 - diff --git a/chromium/chromium/chromium-gcc-11-r905634.patch b/chromium/chromium/chromium-gcc-11-r905634.patch deleted file mode 100644 index c126080..0000000 --- a/chromium/chromium/chromium-gcc-11-r905634.patch +++ /dev/null @@ -1,45 +0,0 @@ -From 82e2c8b484c18c621d4b194635e41f171543f1df Mon Sep 17 00:00:00 2001 -From: Jose Dapena Paz <jdapena@igalia.com> -Date: Tue, 27 Jul 2021 08:09:39 +0000 -Subject: [PATCH] IWYU: usage of std::strcpy requires including cstring, in - extension dialog auto confirm. -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Fix build breakage with libstdc++: - ../../extensions/browser/extension_dialog_auto_confirm.cc: In destructor ‘extensions::ScopedTestDialogAutoConfirm::~ScopedTestDialogAutoConfirm()’: - ../../extensions/browser/extension_dialog_auto_confirm.cc:43:8: error: ‘strcpy’ is not a member of ‘std’ - 43 | std::strcpy(g_extension_dialog_justification, old_justification_.c_str()); - | ^~~~~~ - ../../extensions/browser/extension_dialog_auto_confirm.cc: In member function ‘void extensions::ScopedTestDialogAutoConfirm::set_justification(const string&)’: - ../../extensions/browser/extension_dialog_auto_confirm.cc:66:8: error: ‘strcpy’ is not a member of ‘std’ - 66 | std::strcpy(g_extension_dialog_justification, justification.c_str()); - | ^~~~~~ - -Bug: 957519 -Change-Id: I313c38f22cab599fb8f0e4a339e8143af5bda3ee -Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3041001 -Reviewed-by: David Bertoni <dbertoni@chromium.org> -Reviewed-by: Ben Wells <benwells@chromium.org> -Commit-Queue: José Dapena Paz <jdapena@igalia.com> -Cr-Commit-Position: refs/heads/master@{#905634} ---- - extensions/browser/extension_dialog_auto_confirm.cc | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/extensions/browser/extension_dialog_auto_confirm.cc b/extensions/browser/extension_dialog_auto_confirm.cc -index adb4ac3f92ec8..be8b161bc1658 100644 ---- a/extensions/browser/extension_dialog_auto_confirm.cc -+++ b/extensions/browser/extension_dialog_auto_confirm.cc -@@ -4,6 +4,7 @@ - - #include "extensions/browser/extension_dialog_auto_confirm.h" - -+#include <cstring> - #include <utility> - - #include "base/check.h" --- -2.31.1 - diff --git a/chromium/chromium/chromium-gcc-11-r911787.patch b/chromium/chromium/chromium-gcc-11-r911787.patch new file mode 100644 index 0000000..a051d1e --- /dev/null +++ b/chromium/chromium/chromium-gcc-11-r911787.patch @@ -0,0 +1,30 @@ +From 1d1ec5b48c4e55c273d801aa82d57e9b1e24f239 Mon Sep 17 00:00:00 2001 +From: Stephan Hartmann <stha09@googlemail.com> +Date: Fri, 13 Aug 2021 16:57:20 +0000 +Subject: [PATCH] IWYU: add memory for std::unique_ptr in blink::CustomSpaces + +Bug: None +Change-Id: I415e68638d230d201f6cf72b109ad39da917a53b +Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3094266 +Reviewed-by: Anton Bikineev <bikineev@chromium.org> +Commit-Queue: Stephan Hartmann <stha09@googlemail.com> +Cr-Commit-Position: refs/heads/master@{#911787} +--- + .../blink/renderer/platform/heap/v8_wrapper/custom_spaces.h | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/third_party/blink/renderer/platform/heap/v8_wrapper/custom_spaces.h b/third_party/blink/renderer/platform/heap/v8_wrapper/custom_spaces.h +index df0465a6a5658..640cb332c35e1 100644 +--- a/third_party/blink/renderer/platform/heap/v8_wrapper/custom_spaces.h ++++ b/third_party/blink/renderer/platform/heap/v8_wrapper/custom_spaces.h +@@ -5,6 +5,7 @@ + #ifndef THIRD_PARTY_BLINK_RENDERER_PLATFORM_HEAP_V8_WRAPPER_CUSTOM_SPACES_H_ + #define THIRD_PARTY_BLINK_RENDERER_PLATFORM_HEAP_V8_WRAPPER_CUSTOM_SPACES_H_ + ++#include <memory> + #include <vector> + + #include "third_party/blink/renderer/platform/platform_export.h" +-- +2.31.1 + diff --git a/chromium/chromium/chromium-glibc-2.33-r902981.patch b/chromium/chromium/chromium-glibc-2.33-r902981.patch deleted file mode 100644 index 499294a..0000000 --- a/chromium/chromium/chromium-glibc-2.33-r902981.patch +++ /dev/null @@ -1,1387 +0,0 @@ -From 4b438323d68840453b5ef826c3997568e2e0e8c7 Mon Sep 17 00:00:00 2001 -From: Matthew Denton <mpdenton@chromium.org> -Date: Mon, 19 Jul 2021 14:03:13 +0000 -Subject: [PATCH] Reland "Reland "Linux sandbox syscall broker: use struct - kernel_stat"" - -This reverts commit ff277a52ece0b216617d770f201ed66955fe70b9. - -Reason for revert: reland - -The fix included in the reland is that fstatat64() needs to be -allowed in the broker process's seccomp policy. - -This CL also includes some extra tests that the kernel_stat structures -match the layout the kernel expects. - -Bug: 1164975, 1199431 -Test: trogdor Chromebook successfully boots and allows login. - -Original change's description: -> Revert "Reland "Linux sandbox syscall broker: use struct kernel_stat"" -> -> This reverts commit cffbc4432af79f720ae3c75dff380b853701bd64. -> -> Reason for revert: https://bugs.chromium.org/p/chromium/issues/detail?id=1199431 -> -> Original change's description: -> > Reland "Linux sandbox syscall broker: use struct kernel_stat" -> > -> > This reverts commit 23030dc650cdfa22631f25bef937905f27f06a2c. -> > -> > Original change's description: -> > > Revert "Linux sandbox syscall broker: use struct kernel_stat" -> > > -> > > This reverts commit 784b0fcd8a3ca6bcd3acb9cfd624ec9cbbac2789. -> > > -> > > Reason for revert: Causing failure in -> > > Step "sandbox_linux_unittests" failing on builder "Linux ChromiumOS MSan Tests" -> > > See crbug.com/1198480 -> > > -> > > Original change's description: -> > > > Linux sandbox syscall broker: use struct kernel_stat -> > > > -> > > > The struct stat used in libc is different (in size and field ordering) -> > > > from the structure assumed by the Linux kernel. So, when emulating -> > > > system calls, we need to use the struct definition the kernel expects. -> > > > -> > > > This CL adds linux_stat.h that includes definitions of the different -> > > > kernel structs. -> > > > -> > > > Change-Id: I53cad35c2251dff0f6b7ea77528cfa58ef3cab4a -> > > > Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2780876 -> > > > Commit-Queue: Matthew Denton <mpdenton@chromium.org> -> > > > Reviewed-by: Robert Sesek <rsesek@chromium.org> -> > > > Cr-Commit-Position: refs/heads/master@{#871767} -> > > -> > > Change-Id: Icbec38f2103c8424dec79ab1870b97c3e83f9361 -> > > No-Presubmit: true -> > > No-Tree-Checks: true -> > > No-Try: true -> > > Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2821812 -> > > Auto-Submit: Victor Vianna <victorvianna@google.com> -> > > Owners-Override: Victor Vianna <victorvianna@google.com> -> > > Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> -> > > Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> -> > > Cr-Commit-Position: refs/heads/master@{#871882} -> > -> > Change-Id: I1f39bb5242961474def594ff7dbea52009f2cee4 -> > Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2824115 -> > Auto-Submit: Matthew Denton <mpdenton@chromium.org> -> > Commit-Queue: Matthew Denton <mpdenton@chromium.org> -> > Reviewed-by: Robert Sesek <rsesek@chromium.org> -> > Cr-Commit-Position: refs/heads/master@{#872812} -> -> Fixed: 1199431 -> Change-Id: Iebfc0c48201bf22ff9c54d8d5c8a43d26a880098 -> No-Presubmit: true -> No-Tree-Checks: true -> No-Try: true -> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2830459 -> Auto-Submit: Kyle Horimoto <khorimoto@chromium.org> -> Commit-Queue: Matthew Denton <mpdenton@chromium.org> -> Commit-Queue: Kinuko Yasuda <kinuko@chromium.org> -> Reviewed-by: Matthew Denton <mpdenton@chromium.org> -> Reviewed-by: Kinuko Yasuda <kinuko@chromium.org> -> Owners-Override: Kinuko Yasuda <kinuko@chromium.org> -> Cr-Commit-Position: refs/heads/master@{#873173} - -Change-Id: Ibe6a485070f33489aaa157b51b908c2d23d174d7 -Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2848936 -Reviewed-by: Robert Sesek <rsesek@chromium.org> -Commit-Queue: Matthew Denton <mpdenton@chromium.org> -Cr-Commit-Position: refs/heads/master@{#902981} ---- - sandbox/linux/BUILD.gn | 1 + - .../seccomp_broker_process_unittest.cc | 40 +++- - sandbox/linux/seccomp-bpf-helpers/DEPS | 1 - - ...scall_parameters_restrictions_unittests.cc | 4 - - sandbox/linux/services/syscall_wrappers.cc | 50 ++++- - sandbox/linux/services/syscall_wrappers.h | 15 ++ - .../services/syscall_wrappers_unittest.cc | 129 +++++++++++- - sandbox/linux/syscall_broker/DEPS | 3 +- - sandbox/linux/syscall_broker/broker_client.cc | 4 +- - sandbox/linux/syscall_broker/broker_client.h | 4 +- - sandbox/linux/syscall_broker/broker_host.cc | 23 ++- - .../syscall_broker/broker_process_unittest.cc | 74 +++---- - .../remote_syscall_arg_handler_unittest.cc | 36 ++-- - .../syscall_broker/syscall_dispatcher.cc | 67 ++++--- - .../linux/syscall_broker/syscall_dispatcher.h | 27 ++- - sandbox/linux/system_headers/linux_stat.h | 188 ++++++++++++++++++ - sandbox/linux/system_headers/linux_time.h | 26 +++ - sandbox/linux/tests/test_utils.cc | 15 ++ - sandbox/linux/tests/test_utils.h | 2 + - .../policy/linux/bpf_broker_policy_linux.cc | 4 +- - 20 files changed, 595 insertions(+), 118 deletions(-) - create mode 100644 sandbox/linux/system_headers/linux_stat.h - -diff --git a/sandbox/linux/BUILD.gn b/sandbox/linux/BUILD.gn -index 2f778dd0bcab2..ccbbc91716e71 100644 ---- a/sandbox/linux/BUILD.gn -+++ b/sandbox/linux/BUILD.gn -@@ -443,6 +443,7 @@ source_set("sandbox_services_headers") { - "system_headers/linux_ptrace.h", - "system_headers/linux_seccomp.h", - "system_headers/linux_signal.h", -+ "system_headers/linux_stat.h", - "system_headers/linux_syscalls.h", - "system_headers/linux_time.h", - "system_headers/linux_ucontext.h", -diff --git a/sandbox/linux/integration_tests/seccomp_broker_process_unittest.cc b/sandbox/linux/integration_tests/seccomp_broker_process_unittest.cc -index 9da9c68911428..8a941983b198d 100644 ---- a/sandbox/linux/integration_tests/seccomp_broker_process_unittest.cc -+++ b/sandbox/linux/integration_tests/seccomp_broker_process_unittest.cc -@@ -34,6 +34,7 @@ - #include "sandbox/linux/syscall_broker/broker_file_permission.h" - #include "sandbox/linux/syscall_broker/broker_process.h" - #include "sandbox/linux/system_headers/linux_seccomp.h" -+#include "sandbox/linux/system_headers/linux_stat.h" - #include "sandbox/linux/system_headers/linux_syscalls.h" - #include "sandbox/linux/tests/scoped_temporary_file.h" - #include "sandbox/linux/tests/test_utils.h" -@@ -202,6 +203,26 @@ namespace { - // not accept this as a valid error number. E.g. bionic accepts up to 255, glibc - // and musl up to 4096. - const int kFakeErrnoSentinel = 254; -+ -+void ConvertKernelStatToLibcStat(default_stat_struct& in_stat, -+ struct stat& out_stat) { -+ out_stat.st_dev = in_stat.st_dev; -+ out_stat.st_ino = in_stat.st_ino; -+ out_stat.st_mode = in_stat.st_mode; -+ out_stat.st_nlink = in_stat.st_nlink; -+ out_stat.st_uid = in_stat.st_uid; -+ out_stat.st_gid = in_stat.st_gid; -+ out_stat.st_rdev = in_stat.st_rdev; -+ out_stat.st_size = in_stat.st_size; -+ out_stat.st_blksize = in_stat.st_blksize; -+ out_stat.st_blocks = in_stat.st_blocks; -+ out_stat.st_atim.tv_sec = in_stat.st_atime_; -+ out_stat.st_atim.tv_nsec = in_stat.st_atime_nsec_; -+ out_stat.st_mtim.tv_sec = in_stat.st_mtime_; -+ out_stat.st_mtim.tv_nsec = in_stat.st_mtime_nsec_; -+ out_stat.st_ctim.tv_sec = in_stat.st_ctime_; -+ out_stat.st_ctim.tv_nsec = in_stat.st_ctime_nsec_; -+} - } // namespace - - // There are a variety of ways to make syscalls in a sandboxed process. One is -@@ -217,6 +238,10 @@ class Syscaller { - - virtual int Open(const char* filepath, int flags) = 0; - virtual int Access(const char* filepath, int mode) = 0; -+ // NOTE: we use struct stat instead of default_stat_struct, to make the libc -+ // syscaller simpler. Copying from default_stat_struct (the structure returned -+ // from a stat sycall) to struct stat (the structure exposed by a libc to its -+ // users) is simpler than going in the opposite direction. - virtual int Stat(const char* filepath, - bool follow_links, - struct stat* statbuf) = 0; -@@ -243,8 +268,12 @@ class IPCSyscaller : public Syscaller { - int Stat(const char* filepath, - bool follow_links, - struct stat* statbuf) override { -- return broker_->GetBrokerClientSignalBased()->Stat(filepath, follow_links, -- statbuf); -+ default_stat_struct buf; -+ int ret = broker_->GetBrokerClientSignalBased()->DefaultStatForTesting( -+ filepath, follow_links, &buf); -+ if (ret >= 0) -+ ConvertKernelStatToLibcStat(buf, *statbuf); -+ return ret; - } - - int Rename(const char* oldpath, const char* newpath) override { -@@ -300,10 +329,13 @@ class DirectSyscaller : public Syscaller { - int Stat(const char* filepath, - bool follow_links, - struct stat* statbuf) override { -- int ret = follow_links ? syscall(__NR_stat, filepath, statbuf) -- : syscall(__NR_lstat, filepath, statbuf); -+ struct kernel_stat buf; -+ int ret = syscall(__NR_newfstatat, AT_FDCWD, filepath, &buf, -+ follow_links ? 0 : AT_SYMLINK_NOFOLLOW); - if (ret < 0) - return -errno; -+ -+ ConvertKernelStatToLibcStat(buf, *statbuf); - return ret; - } - -diff --git a/sandbox/linux/seccomp-bpf-helpers/DEPS b/sandbox/linux/seccomp-bpf-helpers/DEPS -index 4419fd1da34e8..95d1bb6cbbabf 100644 ---- a/sandbox/linux/seccomp-bpf-helpers/DEPS -+++ b/sandbox/linux/seccomp-bpf-helpers/DEPS -@@ -3,5 +3,4 @@ include_rules = [ - "+sandbox/linux/seccomp-bpf", - "+sandbox/linux/services", - "+sandbox/linux/system_headers", -- "+third_party/lss/linux_syscall_support.h", - ] -diff --git a/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions_unittests.cc b/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions_unittests.cc -index 903e702eab14b..76c393032c1fe 100644 ---- a/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions_unittests.cc -+++ b/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions_unittests.cc -@@ -37,10 +37,6 @@ - #include "sandbox/linux/system_headers/linux_time.h" - #include "sandbox/linux/tests/unit_tests.h" - --#if !defined(OS_ANDROID) --#include "third_party/lss/linux_syscall_support.h" // for MAKE_PROCESS_CPUCLOCK --#endif -- - namespace sandbox { - - namespace { -diff --git a/sandbox/linux/services/syscall_wrappers.cc b/sandbox/linux/services/syscall_wrappers.cc -index fcfd2aa129d4b..3bec18a14e91e 100644 ---- a/sandbox/linux/services/syscall_wrappers.cc -+++ b/sandbox/linux/services/syscall_wrappers.cc -@@ -4,6 +4,7 @@ - - #include "sandbox/linux/services/syscall_wrappers.h" - -+#include <fcntl.h> - #include <pthread.h> - #include <sched.h> - #include <setjmp.h> -@@ -14,11 +15,13 @@ - #include <unistd.h> - #include <cstring> - -+#include "base/check.h" - #include "base/compiler_specific.h" - #include "base/logging.h" - #include "build/build_config.h" - #include "sandbox/linux/system_headers/capability.h" - #include "sandbox/linux/system_headers/linux_signal.h" -+#include "sandbox/linux/system_headers/linux_stat.h" - #include "sandbox/linux/system_headers/linux_syscalls.h" - - namespace sandbox { -@@ -217,7 +220,7 @@ asm( - #undef STR - #undef XSTR - --#endif -+#endif // defined(ARCH_CPU_X86_FAMILY) - - int sys_sigaction(int signum, - const struct sigaction* act, -@@ -241,7 +244,7 @@ int sys_sigaction(int signum, - #error "Unsupported architecture." - #endif - } --#endif -+#endif // defined(ARCH_CPU_X86_FAMILY) - } - - LinuxSigAction linux_oldact = {}; -@@ -259,6 +262,47 @@ int sys_sigaction(int signum, - return result; - } - --#endif // defined(MEMORY_SANITIZER) -+#endif // !defined(OS_NACL_NONSFI) -+ -+int sys_stat(const char* path, struct kernel_stat* stat_buf) { -+ int res; -+#if !defined(__NR_stat) -+ res = syscall(__NR_newfstatat, AT_FDCWD, path, stat_buf, 0); -+#else -+ res = syscall(__NR_stat, path, stat_buf); -+#endif -+ if (res == 0) -+ MSAN_UNPOISON(stat_buf, sizeof(*stat_buf)); -+ return res; -+} -+ -+int sys_lstat(const char* path, struct kernel_stat* stat_buf) { -+ int res; -+#if !defined(__NR_lstat) -+ res = syscall(__NR_newfstatat, AT_FDCWD, path, stat_buf, AT_SYMLINK_NOFOLLOW); -+#else -+ res = syscall(__NR_lstat, path, stat_buf); -+#endif -+ if (res == 0) -+ MSAN_UNPOISON(stat_buf, sizeof(*stat_buf)); -+ return res; -+} -+ -+int sys_fstatat64(int dirfd, -+ const char* pathname, -+ struct kernel_stat64* stat_buf, -+ int flags) { -+#if defined(__NR_fstatat64) -+ int res = syscall(__NR_fstatat64, dirfd, pathname, stat_buf, flags); -+ if (res == 0) -+ MSAN_UNPOISON(stat_buf, sizeof(*stat_buf)); -+ return res; -+#else // defined(__NR_fstatat64) -+ // We should not reach here on 64-bit systems, as the *stat*64() are only -+ // necessary on 32-bit. -+ RAW_CHECK(false); -+ return -ENOSYS; -+#endif -+} - - } // namespace sandbox -diff --git a/sandbox/linux/services/syscall_wrappers.h b/sandbox/linux/services/syscall_wrappers.h -index 1975bfbd88a6d..b55340e4a26b7 100644 ---- a/sandbox/linux/services/syscall_wrappers.h -+++ b/sandbox/linux/services/syscall_wrappers.h -@@ -17,6 +17,8 @@ struct sock_fprog; - struct rlimit64; - struct cap_hdr; - struct cap_data; -+struct kernel_stat; -+struct kernel_stat64; - - namespace sandbox { - -@@ -84,6 +86,19 @@ SANDBOX_EXPORT int sys_sigaction(int signum, - const struct sigaction* act, - struct sigaction* oldact); - -+// Some architectures do not have stat() and lstat() syscalls. In that case, -+// these wrappers will use newfstatat(), which is available on all other -+// architectures, with the same capabilities as stat() and lstat(). -+SANDBOX_EXPORT int sys_stat(const char* path, struct kernel_stat* stat_buf); -+SANDBOX_EXPORT int sys_lstat(const char* path, struct kernel_stat* stat_buf); -+ -+// Takes care of unpoisoning |stat_buf| for MSAN. Check-fails if fstatat64() is -+// not a supported syscall on the current platform. -+SANDBOX_EXPORT int sys_fstatat64(int dirfd, -+ const char* pathname, -+ struct kernel_stat64* stat_buf, -+ int flags); -+ - } // namespace sandbox - - #endif // SANDBOX_LINUX_SERVICES_SYSCALL_WRAPPERS_H_ -diff --git a/sandbox/linux/services/syscall_wrappers_unittest.cc b/sandbox/linux/services/syscall_wrappers_unittest.cc -index 32820f60a8cee..64b9cea80f319 100644 ---- a/sandbox/linux/services/syscall_wrappers_unittest.cc -+++ b/sandbox/linux/services/syscall_wrappers_unittest.cc -@@ -5,15 +5,19 @@ - #include "sandbox/linux/services/syscall_wrappers.h" - - #include <stdint.h> -+#include <string.h> - #include <sys/syscall.h> - #include <sys/types.h> - #include <sys/wait.h> - #include <unistd.h> --#include <cstring> - -+#include "base/logging.h" -+#include "base/memory/page_size.h" - #include "base/posix/eintr_wrapper.h" - #include "build/build_config.h" - #include "sandbox/linux/system_headers/linux_signal.h" -+#include "sandbox/linux/system_headers/linux_stat.h" -+#include "sandbox/linux/tests/scoped_temporary_file.h" - #include "sandbox/linux/tests/test_utils.h" - #include "sandbox/linux/tests/unit_tests.h" - #include "testing/gtest/include/gtest/gtest.h" -@@ -93,6 +97,129 @@ TEST(SyscallWrappers, LinuxSigSet) { - linux_sigset); - } - -+TEST(SyscallWrappers, Stat) { -+ // Create a file to stat, with 12 bytes of data. -+ ScopedTemporaryFile tmp_file; -+ EXPECT_EQ(12, write(tmp_file.fd(), "blahblahblah", 12)); -+ -+ // To test we have the correct stat structures for each kernel/platform, we -+ // will right-align them on a page, with a guard page after. -+ char* two_pages = static_cast<char*>(TestUtils::MapPagesOrDie(2)); -+ TestUtils::MprotectLastPageOrDie(two_pages, 2); -+ char* page1_end = two_pages + base::GetPageSize(); -+ -+ // First, check that calling stat with |stat_buf| pointing to the last byte on -+ // a page causes EFAULT. -+ int res = sys_stat(tmp_file.full_file_name(), -+ reinterpret_cast<struct kernel_stat*>(page1_end - 1)); -+ ASSERT_EQ(res, -1); -+ ASSERT_EQ(errno, EFAULT); -+ -+ // Now, check that we have the correctly sized stat structure. -+ struct kernel_stat* sb = reinterpret_cast<struct kernel_stat*>( -+ page1_end - sizeof(struct kernel_stat)); -+ // Memset to c's so we can check the kernel zero'd the padding... -+ memset(sb, 'c', sizeof(struct kernel_stat)); -+ res = sys_stat(tmp_file.full_file_name(), sb); -+ ASSERT_EQ(res, 0); -+ -+ // Following fields may never be consistent but should be non-zero. -+ // Don't trust the platform to define fields with any particular sign. -+ EXPECT_NE(0u, static_cast<unsigned int>(sb->st_dev)); -+ EXPECT_NE(0u, static_cast<unsigned int>(sb->st_ino)); -+ EXPECT_NE(0u, static_cast<unsigned int>(sb->st_mode)); -+ EXPECT_NE(0u, static_cast<unsigned int>(sb->st_blksize)); -+ EXPECT_NE(0u, static_cast<unsigned int>(sb->st_blocks)); -+ -+// We are the ones that made the file. -+// Note: normally gid and uid overflow on backwards-compatible 32-bit systems -+// and we end up with dummy uids and gids in place here. -+#if defined(ARCH_CPU_64_BITS) -+ EXPECT_EQ(geteuid(), sb->st_uid); -+ EXPECT_EQ(getegid(), sb->st_gid); -+#endif -+ -+ // Wrote 12 bytes above which should fit in one block. -+ EXPECT_EQ(12u, sb->st_size); -+ -+ // Can't go backwards in time, 1500000000 was some time ago. -+ EXPECT_LT(1500000000u, static_cast<unsigned int>(sb->st_atime_)); -+ EXPECT_LT(1500000000u, static_cast<unsigned int>(sb->st_mtime_)); -+ EXPECT_LT(1500000000u, static_cast<unsigned int>(sb->st_ctime_)); -+ -+ // Checking the padding for good measure. -+#if defined(__x86_64__) -+ EXPECT_EQ(0u, sb->__pad0); -+ EXPECT_EQ(0u, sb->__unused4[0]); -+ EXPECT_EQ(0u, sb->__unused4[1]); -+ EXPECT_EQ(0u, sb->__unused4[2]); -+#elif defined(__aarch64__) -+ EXPECT_EQ(0u, sb->__pad1); -+ EXPECT_EQ(0, sb->__pad2); -+ EXPECT_EQ(0u, sb->__unused4); -+ EXPECT_EQ(0u, sb->__unused5); -+#endif -+} -+ -+TEST(SyscallWrappers, LStat) { -+ // Create a file to stat, with 12 bytes of data. -+ ScopedTemporaryFile tmp_file; -+ EXPECT_EQ(12, write(tmp_file.fd(), "blahblahblah", 12)); -+ -+ // Also create a symlink. -+ std::string symlink_name; -+ { -+ ScopedTemporaryFile tmp_file2; -+ symlink_name = tmp_file2.full_file_name(); -+ } -+ int rc = symlink(tmp_file.full_file_name(), symlink_name.c_str()); -+ if (rc != 0) { -+ PLOG(ERROR) << "Couldn't symlink " << symlink_name << " to target " -+ << tmp_file.full_file_name(); -+ GTEST_FAIL(); -+ } -+ -+ struct kernel_stat lstat_info; -+ rc = sys_lstat(symlink_name.c_str(), &lstat_info); -+ if (rc < 0 && errno == EOVERFLOW) { -+ GTEST_SKIP(); -+ } -+ if (rc != 0) { -+ PLOG(ERROR) << "Couldn't sys_lstat " << symlink_name; -+ GTEST_FAIL(); -+ } -+ -+ struct kernel_stat stat_info; -+ rc = sys_stat(symlink_name.c_str(), &stat_info); -+ if (rc < 0 && errno == EOVERFLOW) { -+ GTEST_SKIP(); -+ } -+ if (rc != 0) { -+ PLOG(ERROR) << "Couldn't sys_stat " << symlink_name; -+ GTEST_FAIL(); -+ } -+ -+ struct kernel_stat tmp_file_stat_info; -+ rc = sys_stat(tmp_file.full_file_name(), &tmp_file_stat_info); -+ if (rc < 0 && errno == EOVERFLOW) { -+ GTEST_SKIP(); -+ } -+ if (rc != 0) { -+ PLOG(ERROR) << "Couldn't sys_stat " << tmp_file.full_file_name(); -+ GTEST_FAIL(); -+ } -+ -+ // lstat should produce information about a symlink. -+ ASSERT_TRUE(S_ISLNK(lstat_info.st_mode)); -+ -+ // stat-ing symlink_name and tmp_file should produce the same inode. -+ ASSERT_EQ(stat_info.st_ino, tmp_file_stat_info.st_ino); -+ -+ // lstat-ing symlink_name should give a different inode than stat-ing -+ // symlink_name. -+ ASSERT_NE(stat_info.st_ino, lstat_info.st_ino); -+} -+ - } // namespace - - } // namespace sandbox -diff --git a/sandbox/linux/syscall_broker/DEPS b/sandbox/linux/syscall_broker/DEPS -index c477f7d36394b..149c463b06839 100644 ---- a/sandbox/linux/syscall_broker/DEPS -+++ b/sandbox/linux/syscall_broker/DEPS -@@ -1,4 +1,5 @@ - include_rules = [ -- "+sandbox/linux/system_headers", - "+sandbox/linux/bpf_dsl", -+ "+sandbox/linux/services", -+ "+sandbox/linux/system_headers", - ] -diff --git a/sandbox/linux/syscall_broker/broker_client.cc b/sandbox/linux/syscall_broker/broker_client.cc -index 6b1b5be433899..e24f659fcf872 100644 ---- a/sandbox/linux/syscall_broker/broker_client.cc -+++ b/sandbox/linux/syscall_broker/broker_client.cc -@@ -166,7 +166,7 @@ int BrokerClient::Rmdir(const char* path) const { - - int BrokerClient::Stat(const char* pathname, - bool follow_links, -- struct stat* sb) const { -+ struct kernel_stat* sb) const { - if (!pathname || !sb) - return -EFAULT; - -@@ -181,7 +181,7 @@ int BrokerClient::Stat(const char* pathname, - - int BrokerClient::Stat64(const char* pathname, - bool follow_links, -- struct stat64* sb) const { -+ struct kernel_stat64* sb) const { - if (!pathname || !sb) - return -EFAULT; - -diff --git a/sandbox/linux/syscall_broker/broker_client.h b/sandbox/linux/syscall_broker/broker_client.h -index 05e14c83f2010..26ca78101c71c 100644 ---- a/sandbox/linux/syscall_broker/broker_client.h -+++ b/sandbox/linux/syscall_broker/broker_client.h -@@ -61,10 +61,10 @@ class SANDBOX_EXPORT BrokerClient : public SyscallDispatcher { - int Rmdir(const char* path) const override; - int Stat(const char* pathname, - bool follow_links, -- struct stat* sb) const override; -+ struct kernel_stat* sb) const override; - int Stat64(const char* pathname, - bool follow_links, -- struct stat64* sb) const override; -+ struct kernel_stat64* sb) const override; - int Unlink(const char* unlink) const override; - - private: -diff --git a/sandbox/linux/syscall_broker/broker_host.cc b/sandbox/linux/syscall_broker/broker_host.cc -index 1cd03a18df809..1cdc01a888f41 100644 ---- a/sandbox/linux/syscall_broker/broker_host.cc -+++ b/sandbox/linux/syscall_broker/broker_host.cc -@@ -20,9 +20,11 @@ - #include "base/files/scoped_file.h" - #include "base/logging.h" - #include "base/posix/eintr_wrapper.h" -+#include "sandbox/linux/services/syscall_wrappers.h" - #include "sandbox/linux/syscall_broker/broker_command.h" - #include "sandbox/linux/syscall_broker/broker_permission_list.h" - #include "sandbox/linux/syscall_broker/broker_simple_message.h" -+#include "sandbox/linux/system_headers/linux_stat.h" - #include "sandbox/linux/system_headers/linux_syscalls.h" - - namespace sandbox { -@@ -193,10 +195,12 @@ void StatFileForIPC(const BrokerCommandSet& allowed_command_set, - RAW_CHECK(reply->AddIntToMessage(-permission_list.denied_errno())); - return; - } -+ - if (command_type == COMMAND_STAT) { -- struct stat sb; -- int sts = -- follow_links ? stat(file_to_access, &sb) : lstat(file_to_access, &sb); -+ struct kernel_stat sb; -+ -+ int sts = follow_links ? sandbox::sys_stat(file_to_access, &sb) -+ : sandbox::sys_lstat(file_to_access, &sb); - if (sts < 0) { - RAW_CHECK(reply->AddIntToMessage(-errno)); - return; -@@ -205,10 +209,12 @@ void StatFileForIPC(const BrokerCommandSet& allowed_command_set, - RAW_CHECK( - reply->AddDataToMessage(reinterpret_cast<char*>(&sb), sizeof(sb))); - } else { -+#if defined(__NR_fstatat64) - DCHECK(command_type == COMMAND_STAT64); -- struct stat64 sb; -- int sts = follow_links ? stat64(file_to_access, &sb) -- : lstat64(file_to_access, &sb); -+ struct kernel_stat64 sb; -+ -+ int sts = sandbox::sys_fstatat64(AT_FDCWD, file_to_access, &sb, -+ follow_links ? 0 : AT_SYMLINK_NOFOLLOW); - if (sts < 0) { - RAW_CHECK(reply->AddIntToMessage(-errno)); - return; -@@ -216,6 +222,11 @@ void StatFileForIPC(const BrokerCommandSet& allowed_command_set, - RAW_CHECK(reply->AddIntToMessage(0)); - RAW_CHECK( - reply->AddDataToMessage(reinterpret_cast<char*>(&sb), sizeof(sb))); -+#else // defined(__NR_fstatat64) -+ // We should not reach here on 64-bit systems, as the *stat*64() are only -+ // necessary on 32-bit. -+ RAW_CHECK(false); -+#endif - } - } - -diff --git a/sandbox/linux/syscall_broker/broker_process_unittest.cc b/sandbox/linux/syscall_broker/broker_process_unittest.cc -index 55ba6bccb29ec..c65f25a78a999 100644 ---- a/sandbox/linux/syscall_broker/broker_process_unittest.cc -+++ b/sandbox/linux/syscall_broker/broker_process_unittest.cc -@@ -811,7 +811,7 @@ void TestStatHelper(bool fast_check_in_client, bool follow_links) { - const char* bad_leading_path5 = "/mbogo/fictitioux"; - const char* bad_leading_path6 = "/mbogo/fictitiousa"; - -- struct stat sb; -+ default_stat_struct sb; - - { - // Actual file with permissions to see file but command not allowed. -@@ -824,7 +824,7 @@ void TestStatHelper(bool fast_check_in_client, bool follow_links) { - - memset(&sb, 0, sizeof(sb)); - EXPECT_EQ(-kFakeErrnoSentinel, -- open_broker.GetBrokerClientSignalBased()->Stat( -+ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( - tempfile_name, follow_links, &sb)); - } - -@@ -840,7 +840,7 @@ void TestStatHelper(bool fast_check_in_client, bool follow_links) { - - memset(&sb, 0, sizeof(sb)); - EXPECT_EQ(-kFakeErrnoSentinel, -- open_broker.GetBrokerClientSignalBased()->Stat( -+ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( - nonesuch_name, follow_links, &sb)); - } - { -@@ -852,7 +852,7 @@ void TestStatHelper(bool fast_check_in_client, bool follow_links) { - - memset(&sb, 0, sizeof(sb)); - EXPECT_EQ(-kFakeErrnoSentinel, -- open_broker.GetBrokerClientSignalBased()->Stat( -+ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( - tempfile_name, follow_links, &sb)); - } - { -@@ -864,38 +864,39 @@ void TestStatHelper(bool fast_check_in_client, bool follow_links) { - ASSERT_TRUE(open_broker.Init(base::BindOnce(&NoOpCallback))); - - memset(&sb, 0, sizeof(sb)); -- EXPECT_EQ(-ENOENT, open_broker.GetBrokerClientSignalBased()->Stat( -- nonesuch_name, follow_links, &sb)); -+ EXPECT_EQ(-ENOENT, -+ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( -+ nonesuch_name, follow_links, &sb)); - - // Gets denied all the way back to root since no create permission. - EXPECT_EQ(-kFakeErrnoSentinel, -- open_broker.GetBrokerClientSignalBased()->Stat( -+ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( - leading_path1, follow_links, &sb)); - EXPECT_EQ(-kFakeErrnoSentinel, -- open_broker.GetBrokerClientSignalBased()->Stat( -+ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( - leading_path2, follow_links, &sb)); - EXPECT_EQ(-kFakeErrnoSentinel, -- open_broker.GetBrokerClientSignalBased()->Stat( -+ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( - leading_path3, follow_links, &sb)); - - // Not fooled by substrings. - EXPECT_EQ(-kFakeErrnoSentinel, -- open_broker.GetBrokerClientSignalBased()->Stat( -+ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( - bad_leading_path1, follow_links, &sb)); - EXPECT_EQ(-kFakeErrnoSentinel, -- open_broker.GetBrokerClientSignalBased()->Stat( -+ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( - bad_leading_path2, follow_links, &sb)); - EXPECT_EQ(-kFakeErrnoSentinel, -- open_broker.GetBrokerClientSignalBased()->Stat( -+ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( - bad_leading_path3, follow_links, &sb)); - EXPECT_EQ(-kFakeErrnoSentinel, -- open_broker.GetBrokerClientSignalBased()->Stat( -+ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( - bad_leading_path4, follow_links, &sb)); - EXPECT_EQ(-kFakeErrnoSentinel, -- open_broker.GetBrokerClientSignalBased()->Stat( -+ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( - bad_leading_path5, follow_links, &sb)); - EXPECT_EQ(-kFakeErrnoSentinel, -- open_broker.GetBrokerClientSignalBased()->Stat( -+ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( - bad_leading_path6, follow_links, &sb)); - } - { -@@ -907,37 +908,41 @@ void TestStatHelper(bool fast_check_in_client, bool follow_links) { - ASSERT_TRUE(open_broker.Init(base::BindOnce(&NoOpCallback))); - - memset(&sb, 0, sizeof(sb)); -- EXPECT_EQ(-ENOENT, open_broker.GetBrokerClientSignalBased()->Stat( -- nonesuch_name, follow_links, &sb)); -+ EXPECT_EQ(-ENOENT, -+ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( -+ nonesuch_name, follow_links, &sb)); - - // Gets ENOENT all the way back to root since it has create permission. -- EXPECT_EQ(-ENOENT, open_broker.GetBrokerClientSignalBased()->Stat( -- leading_path1, follow_links, &sb)); -- EXPECT_EQ(-ENOENT, open_broker.GetBrokerClientSignalBased()->Stat( -- leading_path2, follow_links, &sb)); -+ EXPECT_EQ(-ENOENT, -+ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( -+ leading_path1, follow_links, &sb)); -+ EXPECT_EQ(-ENOENT, -+ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( -+ leading_path2, follow_links, &sb)); - - // But can always get the root. -- EXPECT_EQ(0, open_broker.GetBrokerClientSignalBased()->Stat( -- leading_path3, follow_links, &sb)); -+ EXPECT_EQ(0, -+ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( -+ leading_path3, follow_links, &sb)); - - // Not fooled by substrings. - EXPECT_EQ(-kFakeErrnoSentinel, -- open_broker.GetBrokerClientSignalBased()->Stat( -+ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( - bad_leading_path1, follow_links, &sb)); - EXPECT_EQ(-kFakeErrnoSentinel, -- open_broker.GetBrokerClientSignalBased()->Stat( -+ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( - bad_leading_path2, follow_links, &sb)); - EXPECT_EQ(-kFakeErrnoSentinel, -- open_broker.GetBrokerClientSignalBased()->Stat( -+ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( - bad_leading_path3, follow_links, &sb)); - EXPECT_EQ(-kFakeErrnoSentinel, -- open_broker.GetBrokerClientSignalBased()->Stat( -+ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( - bad_leading_path4, follow_links, &sb)); - EXPECT_EQ(-kFakeErrnoSentinel, -- open_broker.GetBrokerClientSignalBased()->Stat( -+ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( - bad_leading_path5, follow_links, &sb)); - EXPECT_EQ(-kFakeErrnoSentinel, -- open_broker.GetBrokerClientSignalBased()->Stat( -+ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( - bad_leading_path6, follow_links, &sb)); - } - { -@@ -949,8 +954,9 @@ void TestStatHelper(bool fast_check_in_client, bool follow_links) { - ASSERT_TRUE(open_broker.Init(base::BindOnce(&NoOpCallback))); - - memset(&sb, 0, sizeof(sb)); -- EXPECT_EQ(0, open_broker.GetBrokerClientSignalBased()->Stat( -- tempfile_name, follow_links, &sb)); -+ EXPECT_EQ(0, -+ open_broker.GetBrokerClientSignalBased()->DefaultStatForTesting( -+ tempfile_name, follow_links, &sb)); - - // Following fields may never be consistent but should be non-zero. - // Don't trust the platform to define fields with any particular sign. -@@ -968,9 +974,9 @@ void TestStatHelper(bool fast_check_in_client, bool follow_links) { - EXPECT_EQ(12, sb.st_size); - - // Can't go backwards in time, 1500000000 was some time ago. -- EXPECT_LT(1500000000u, static_cast<unsigned int>(sb.st_atime)); -- EXPECT_LT(1500000000u, static_cast<unsigned int>(sb.st_mtime)); -- EXPECT_LT(1500000000u, static_cast<unsigned int>(sb.st_ctime)); -+ EXPECT_LT(1500000000u, static_cast<unsigned int>(sb.st_atime_)); -+ EXPECT_LT(1500000000u, static_cast<unsigned int>(sb.st_mtime_)); -+ EXPECT_LT(1500000000u, static_cast<unsigned int>(sb.st_ctime_)); - } - } - -diff --git a/sandbox/linux/syscall_broker/remote_syscall_arg_handler_unittest.cc b/sandbox/linux/syscall_broker/remote_syscall_arg_handler_unittest.cc -index fffa9bb7082ce..f517a9867c5de 100644 ---- a/sandbox/linux/syscall_broker/remote_syscall_arg_handler_unittest.cc -+++ b/sandbox/linux/syscall_broker/remote_syscall_arg_handler_unittest.cc -@@ -16,6 +16,7 @@ - #include "base/memory/page_size.h" - #include "base/posix/unix_domain_socket.h" - #include "base/test/bind.h" -+#include "sandbox/linux/tests/test_utils.h" - #include "sandbox/linux/tests/unit_tests.h" - #include "testing/gtest/include/gtest/gtest.h" - -@@ -52,19 +53,6 @@ void VerifyCorrectString(std::string str, size_t size) { - } - } - --void* MapPagesOrDie(size_t num_pages) { -- void* addr = mmap(nullptr, num_pages * base::GetPageSize(), -- PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); -- PCHECK(addr); -- return addr; --} -- --void MprotectLastPageOrDie(char* addr, size_t num_pages) { -- size_t last_page_offset = (num_pages - 1) * base::GetPageSize(); -- PCHECK(mprotect(addr + last_page_offset, base::GetPageSize(), PROT_NONE) >= -- 0); --} -- - pid_t ForkWaitingChild(base::OnceCallback<void(int)> - after_parent_signals_callback = base::DoNothing(), - base::ScopedFD* parent_sync_fd = nullptr) { -@@ -105,13 +93,13 @@ void ReadTest(const ReadTestConfig& test_config) { - size_t total_pages = (test_config.start_at + test_config.total_size + - base::GetPageSize() - 1) / - base::GetPageSize(); -- char* mmap_addr = static_cast<char*>(MapPagesOrDie(total_pages)); -+ char* mmap_addr = static_cast<char*>(TestUtils::MapPagesOrDie(total_pages)); - char* addr = mmap_addr + test_config.start_at; - FillBufferWithPath(addr, test_config.total_size, - test_config.include_null_byte); - - if (test_config.last_page_inaccessible) -- MprotectLastPageOrDie(mmap_addr, total_pages); -+ TestUtils::MprotectLastPageOrDie(mmap_addr, total_pages); - - pid_t pid = ForkWaitingChild(); - munmap(mmap_addr, base::GetPageSize() * total_pages); -@@ -212,7 +200,7 @@ SANDBOX_TEST(BrokerRemoteSyscallArgHandler, ReadChunkPlus1EndingOnePastPage) { - } - - SANDBOX_TEST(BrokerRemoteSyscallArgHandler, ReadChildExited) { -- void* addr = MapPagesOrDie(1); -+ void* addr = TestUtils::MapPagesOrDie(1); - FillBufferWithPath(static_cast<char*>(addr), strlen(kPathPart) + 1, true); - - base::ScopedFD parent_sync, child_sync; -@@ -240,10 +228,10 @@ SANDBOX_TEST(BrokerRemoteSyscallArgHandler, ReadChildExited) { - } - - SANDBOX_TEST(BrokerRemoteSyscallArgHandler, BasicWrite) { -- void* read_from = MapPagesOrDie(1); -+ void* read_from = TestUtils::MapPagesOrDie(1); - const size_t write_size = base::GetPageSize(); - FillBufferWithPath(static_cast<char*>(read_from), write_size, false); -- char* write_to = static_cast<char*>(MapPagesOrDie(1)); -+ char* write_to = static_cast<char*>(TestUtils::MapPagesOrDie(1)); - base::ScopedFD parent_signal_fd; - const std::vector<int> empty_fd_vec; - -@@ -278,8 +266,8 @@ SANDBOX_TEST(BrokerRemoteSyscallArgHandler, BasicWrite) { - } - - SANDBOX_TEST(BrokerRemoteSyscallArgHandler, WriteToInvalidAddress) { -- char* write_to = static_cast<char*>(MapPagesOrDie(1)); -- MprotectLastPageOrDie(write_to, 1); -+ char* write_to = static_cast<char*>(TestUtils::MapPagesOrDie(1)); -+ TestUtils::MprotectLastPageOrDie(write_to, 1); - base::ScopedFD parent_signal_fd; - const std::vector<int> empty_fd_vec; - -@@ -295,11 +283,11 @@ SANDBOX_TEST(BrokerRemoteSyscallArgHandler, WriteToInvalidAddress) { - } - - SANDBOX_TEST(BrokerRemoteSyscallArgHandler, WritePartiallyToInvalidAddress) { -- char* read_from = static_cast<char*>(MapPagesOrDie(2)); -+ char* read_from = static_cast<char*>(TestUtils::MapPagesOrDie(2)); - const size_t write_size = base::GetPageSize(); - FillBufferWithPath(static_cast<char*>(read_from), write_size, false); -- char* write_to = static_cast<char*>(MapPagesOrDie(2)); -- MprotectLastPageOrDie(write_to, 2); -+ char* write_to = static_cast<char*>(TestUtils::MapPagesOrDie(2)); -+ TestUtils::MprotectLastPageOrDie(write_to, 2); - write_to += base::GetPageSize() / 2; - base::ScopedFD parent_signal_fd; - const std::vector<int> empty_fd_vec; -@@ -314,7 +302,7 @@ SANDBOX_TEST(BrokerRemoteSyscallArgHandler, WritePartiallyToInvalidAddress) { - } - - SANDBOX_TEST(BrokerRemoteSyscallArgHandler, WriteChildExited) { -- char* addr = static_cast<char*>(MapPagesOrDie(1)); -+ char* addr = static_cast<char*>(TestUtils::MapPagesOrDie(1)); - FillBufferWithPath(static_cast<char*>(addr), strlen(kPathPart) + 1, true); - - base::ScopedFD parent_sync, child_sync; -diff --git a/sandbox/linux/syscall_broker/syscall_dispatcher.cc b/sandbox/linux/syscall_broker/syscall_dispatcher.cc -index b9ee93c14ac59..8a42397ef872e 100644 ---- a/sandbox/linux/syscall_broker/syscall_dispatcher.cc -+++ b/sandbox/linux/syscall_broker/syscall_dispatcher.cc -@@ -19,8 +19,18 @@ namespace syscall_broker { - #define BROKER_UNPOISON_STRING(x) - #endif - -+int SyscallDispatcher::DefaultStatForTesting(const char* pathname, -+ bool follow_links, -+ default_stat_struct* sb) { -+#if defined(__NR_fstatat64) -+ return Stat64(pathname, follow_links, sb); -+#elif defined(__NR_newfstatat) -+ return Stat(pathname, follow_links, sb); -+#endif -+} -+ - int SyscallDispatcher::PerformStatat(const arch_seccomp_data& args, -- bool arch64) { -+ bool stat64) { - if (static_cast<int>(args.args[0]) != AT_FDCWD) - return -EPERM; - // Only allow the AT_SYMLINK_NOFOLLOW flag which is used by some libc -@@ -30,13 +40,29 @@ int SyscallDispatcher::PerformStatat(const arch_seccomp_data& args, - - const bool follow_links = - !(static_cast<int>(args.args[3]) & AT_SYMLINK_NOFOLLOW); -- if (arch64) { -+ if (stat64) { - return Stat64(reinterpret_cast<const char*>(args.args[1]), follow_links, -- reinterpret_cast<struct stat64*>(args.args[2])); -+ reinterpret_cast<struct kernel_stat64*>(args.args[2])); - } - - return Stat(reinterpret_cast<const char*>(args.args[1]), follow_links, -- reinterpret_cast<struct stat*>(args.args[2])); -+ reinterpret_cast<struct kernel_stat*>(args.args[2])); -+} -+ -+int SyscallDispatcher::PerformUnlinkat(const arch_seccomp_data& args) { -+ if (static_cast<int>(args.args[0]) != AT_FDCWD) -+ return -EPERM; -+ -+ int flags = static_cast<int>(args.args[2]); -+ -+ if (flags == AT_REMOVEDIR) { -+ return Rmdir(reinterpret_cast<const char*>(args.args[1])); -+ } -+ -+ if (flags != 0) -+ return -EPERM; -+ -+ return Unlink(reinterpret_cast<const char*>(args.args[1])); - } - - int SyscallDispatcher::DispatchSyscall(const arch_seccomp_data& args) { -@@ -127,59 +153,42 @@ int SyscallDispatcher::DispatchSyscall(const arch_seccomp_data& args) { - #if defined(__NR_stat) - case __NR_stat: - return Stat(reinterpret_cast<const char*>(args.args[0]), true, -- reinterpret_cast<struct stat*>(args.args[1])); -+ reinterpret_cast<struct kernel_stat*>(args.args[1])); - #endif - #if defined(__NR_stat64) - case __NR_stat64: - return Stat64(reinterpret_cast<const char*>(args.args[0]), true, -- reinterpret_cast<struct stat64*>(args.args[1])); -+ reinterpret_cast<struct kernel_stat64*>(args.args[1])); - #endif - #if defined(__NR_lstat) - case __NR_lstat: - // See https://crbug.com/847096 - BROKER_UNPOISON_STRING(reinterpret_cast<const char*>(args.args[0])); - return Stat(reinterpret_cast<const char*>(args.args[0]), false, -- reinterpret_cast<struct stat*>(args.args[1])); -+ reinterpret_cast<struct kernel_stat*>(args.args[1])); - #endif - #if defined(__NR_lstat64) - case __NR_lstat64: - // See https://crbug.com/847096 - BROKER_UNPOISON_STRING(reinterpret_cast<const char*>(args.args[0])); - return Stat64(reinterpret_cast<const char*>(args.args[0]), false, -- reinterpret_cast<struct stat64*>(args.args[1])); --#endif --#if defined(__NR_fstatat) -- case __NR_fstatat: -- return PerformStatat(args, /*arch64=*/false); -+ reinterpret_cast<struct kernel_stat64*>(args.args[1])); - #endif - #if defined(__NR_fstatat64) - case __NR_fstatat64: -- return PerformStatat(args, /*arch64=*/true); -+ return PerformStatat(args, /*stat64=*/true); - #endif - #if defined(__NR_newfstatat) - case __NR_newfstatat: -- return PerformStatat(args, /*arch64=*/false); -+ return PerformStatat(args, /*stat64=*/false); - #endif - #if defined(__NR_unlink) - case __NR_unlink: - return Unlink(reinterpret_cast<const char*>(args.args[0])); - #endif - #if defined(__NR_unlinkat) -- case __NR_unlinkat: { -- if (static_cast<int>(args.args[0]) != AT_FDCWD) -- return -EPERM; -- -- int flags = static_cast<int>(args.args[2]); -- -- if (flags == AT_REMOVEDIR) { -- return Rmdir(reinterpret_cast<const char*>(args.args[1])); -- } -- -- if (flags != 0) -- return -EPERM; -- -- return Unlink(reinterpret_cast<const char*>(args.args[1])); -- } -+ case __NR_unlinkat: -+ return PerformUnlinkat(args); - #endif // defined(__NR_unlinkat) - default: - RAW_CHECK(false); -diff --git a/sandbox/linux/syscall_broker/syscall_dispatcher.h b/sandbox/linux/syscall_broker/syscall_dispatcher.h -index d8b8874ad9ce4..1d6653caf3bd2 100644 ---- a/sandbox/linux/syscall_broker/syscall_dispatcher.h -+++ b/sandbox/linux/syscall_broker/syscall_dispatcher.h -@@ -9,13 +9,15 @@ - #include <cstddef> - - #include "sandbox/linux/system_headers/linux_seccomp.h" -+#include "sandbox/linux/system_headers/linux_stat.h" -+#include "sandbox/sandbox_export.h" - - namespace sandbox { - namespace syscall_broker { - - // An abstract class that defines all the system calls we perform for the - // sandboxed process. --class SyscallDispatcher { -+class SANDBOX_EXPORT SyscallDispatcher { - public: - // Emulates access()/faccessat(). - // X_OK will always return an error in practice since the broker process -@@ -40,19 +42,34 @@ class SyscallDispatcher { - virtual int Rmdir(const char* path) const = 0; - - // Emulates stat()/stat64()/lstat()/lstat64()/fstatat()/newfstatat(). -+ // Stat64 is only available on 32-bit systems. - virtual int Stat(const char* pathname, - bool follow_links, -- struct stat* sb) const = 0; -+ struct kernel_stat* sb) const = 0; - virtual int Stat64(const char* pathname, - bool follow_links, -- struct stat64* sb) const = 0; -+ struct kernel_stat64* sb) const = 0; - - // Emulates unlink()/unlinkat(). - virtual int Unlink(const char* unlink) const = 0; - -+ // Different architectures use a different syscall from the stat family by -+ // default in glibc. E.g. 32-bit systems use *stat*64() and fill out struct -+ // kernel_stat64, whereas 64-bit systems use *stat*() and fill out struct -+ // kernel_stat. Some tests want to call the SyscallDispatcher directly, and -+ // should be using the default stat in order to test against glibc. -+ int DefaultStatForTesting(const char* pathname, -+ bool follow_links, -+ default_stat_struct* sb); -+ - // Validates the args passed to a *statat*() syscall and performs the syscall -- // using Stat() or Stat64(). -- int PerformStatat(const arch_seccomp_data& args, bool arch64); -+ // using Stat(), or on 32-bit systems it uses Stat64() for the *statat64() -+ // syscalls. -+ int PerformStatat(const arch_seccomp_data& args, bool stat64); -+ -+ // Validates the args passed to an unlinkat() syscall and performs the syscall -+ // using either Unlink() or Rmdir(). -+ int PerformUnlinkat(const arch_seccomp_data& args); - - // Reads the syscall number and arguments, imposes some policy (e.g. the *at() - // system calls must only allow AT_FDCWD as the first argument), and -diff --git a/sandbox/linux/system_headers/linux_stat.h b/sandbox/linux/system_headers/linux_stat.h -new file mode 100644 -index 0000000000000..35788eb22a4e5 ---- /dev/null -+++ b/sandbox/linux/system_headers/linux_stat.h -@@ -0,0 +1,188 @@ -+// Copyright 2021 The Chromium Authors. All rights reserved. -+// Use of this source code is governed by a BSD-style license that can be -+// found in the LICENSE file. -+ -+#ifndef SANDBOX_LINUX_SYSTEM_HEADERS_LINUX_STAT_H_ -+#define SANDBOX_LINUX_SYSTEM_HEADERS_LINUX_STAT_H_ -+ -+#include <stdint.h> -+ -+#include "build/build_config.h" -+#include "sandbox/linux/system_headers/linux_syscalls.h" -+ -+#if defined(ARCH_CPU_MIPS_FAMILY) -+#if defined(ARCH_CPU_64_BITS) -+struct kernel_stat { -+#else -+struct kernel_stat64 { -+#endif -+ unsigned st_dev; -+ unsigned __pad0[3]; -+ unsigned long long st_ino; -+ unsigned st_mode; -+ unsigned st_nlink; -+ unsigned st_uid; -+ unsigned st_gid; -+ unsigned st_rdev; -+ unsigned __pad1[3]; -+ long long st_size; -+ unsigned st_atime_; -+ unsigned st_atime_nsec_; -+ unsigned st_mtime_; -+ unsigned st_mtime_nsec_; -+ unsigned st_ctime_; -+ unsigned st_ctime_nsec_; -+ unsigned st_blksize; -+ unsigned __pad2; -+ unsigned long long st_blocks; -+}; -+#else -+struct kernel_stat64 { -+ unsigned long long st_dev; -+ unsigned char __pad0[4]; -+ unsigned __st_ino; -+ unsigned st_mode; -+ unsigned st_nlink; -+ unsigned st_uid; -+ unsigned st_gid; -+ unsigned long long st_rdev; -+ unsigned char __pad3[4]; -+ long long st_size; -+ unsigned st_blksize; -+ unsigned long long st_blocks; -+ unsigned st_atime_; -+ unsigned st_atime_nsec_; -+ unsigned st_mtime_; -+ unsigned st_mtime_nsec_; -+ unsigned st_ctime_; -+ unsigned st_ctime_nsec_; -+ unsigned long long st_ino; -+}; -+#endif -+ -+#if defined(__i386__) || defined(__ARM_ARCH_3__) || defined(__ARM_EABI__) -+struct kernel_stat { -+ /* The kernel headers suggest that st_dev and st_rdev should be 32bit -+ * quantities encoding 12bit major and 20bit minor numbers in an interleaved -+ * format. In reality, we do not see useful data in the top bits. So, -+ * we'll leave the padding in here, until we find a better solution. -+ */ -+ unsigned short st_dev; -+ short pad1; -+ unsigned st_ino; -+ unsigned short st_mode; -+ unsigned short st_nlink; -+ unsigned short st_uid; -+ unsigned short st_gid; -+ unsigned short st_rdev; -+ short pad2; -+ unsigned st_size; -+ unsigned st_blksize; -+ unsigned st_blocks; -+ unsigned st_atime_; -+ unsigned st_atime_nsec_; -+ unsigned st_mtime_; -+ unsigned st_mtime_nsec_; -+ unsigned st_ctime_; -+ unsigned st_ctime_nsec_; -+ unsigned __unused4; -+ unsigned __unused5; -+}; -+#elif defined(__x86_64__) -+struct kernel_stat { -+ uint64_t st_dev; -+ uint64_t st_ino; -+ uint64_t st_nlink; -+ unsigned st_mode; -+ unsigned st_uid; -+ unsigned st_gid; -+ unsigned __pad0; -+ uint64_t st_rdev; -+ int64_t st_size; -+ int64_t st_blksize; -+ int64_t st_blocks; -+ uint64_t st_atime_; -+ uint64_t st_atime_nsec_; -+ uint64_t st_mtime_; -+ uint64_t st_mtime_nsec_; -+ uint64_t st_ctime_; -+ uint64_t st_ctime_nsec_; -+ int64_t __unused4[3]; -+}; -+#elif (defined(ARCH_CPU_MIPS_FAMILY) && defined(ARCH_CPU_32_BITS)) -+struct kernel_stat { -+ unsigned st_dev; -+ int st_pad1[3]; -+ unsigned st_ino; -+ unsigned st_mode; -+ unsigned st_nlink; -+ unsigned st_uid; -+ unsigned st_gid; -+ unsigned st_rdev; -+ int st_pad2[2]; -+ long st_size; -+ int st_pad3; -+ long st_atime_; -+ long st_atime_nsec_; -+ long st_mtime_; -+ long st_mtime_nsec_; -+ long st_ctime_; -+ long st_ctime_nsec_; -+ int st_blksize; -+ int st_blocks; -+ int st_pad4[14]; -+}; -+#elif defined(__aarch64__) -+struct kernel_stat { -+ unsigned long st_dev; -+ unsigned long st_ino; -+ unsigned int st_mode; -+ unsigned int st_nlink; -+ unsigned int st_uid; -+ unsigned int st_gid; -+ unsigned long st_rdev; -+ unsigned long __pad1; -+ long st_size; -+ int st_blksize; -+ int __pad2; -+ long st_blocks; -+ long st_atime_; -+ unsigned long st_atime_nsec_; -+ long st_mtime_; -+ unsigned long st_mtime_nsec_; -+ long st_ctime_; -+ unsigned long st_ctime_nsec_; -+ unsigned int __unused4; -+ unsigned int __unused5; -+}; -+#endif -+ -+// On 32-bit systems, we default to the 64-bit stat struct like libc -+// implementations do. Otherwise we default to the normal stat struct which is -+// already 64-bit. -+// These defines make it easy to call the right syscall to fill out a 64-bit -+// stat struct, which is the default in libc implementations but requires -+// different syscall names on 32 and 64-bit platforms. -+#if defined(__NR_fstatat64) -+ -+namespace sandbox { -+using default_stat_struct = struct kernel_stat64; -+} // namespace sandbox -+ -+#define __NR_fstatat_default __NR_fstatat64 -+#define __NR_fstat_default __NR_fstat64 -+ -+#elif defined(__NR_newfstatat) -+ -+namespace sandbox { -+using default_stat_struct = struct kernel_stat; -+} // namespace sandbox -+ -+#define __NR_fstatat_default __NR_newfstatat -+#define __NR_fstat_default __NR_fstat -+ -+#else -+#error "one of fstatat64 and newfstatat must be defined" -+#endif -+ -+#endif // SANDBOX_LINUX_SYSTEM_HEADERS_LINUX_STAT_H_ -diff --git a/sandbox/linux/system_headers/linux_time.h b/sandbox/linux/system_headers/linux_time.h -index 780f24dddd9fa..f18c806611f83 100644 ---- a/sandbox/linux/system_headers/linux_time.h -+++ b/sandbox/linux/system_headers/linux_time.h -@@ -11,6 +11,32 @@ - #define CPUCLOCK_CLOCK_MASK 3 - #endif - -+#if !defined(CPUCLOCK_PROF) -+#define CPUCLOCK_PROF 0 -+#endif -+ -+#if !defined(CPUCLOCK_VIRT) -+#define CPUCLOCK_VIRT 1 -+#endif -+ -+#if !defined(CPUCLOCK_SCHED) -+#define CPUCLOCK_SCHED 2 -+#endif -+ -+#if !defined(CPUCLOCK_PERTHREAD_MASK) -+#define CPUCLOCK_PERTHREAD_MASK 4 -+#endif -+ -+#if !defined(MAKE_PROCESS_CPUCLOCK) -+#define MAKE_PROCESS_CPUCLOCK(pid, clock) \ -+ ((int)(~(unsigned)(pid) << 3) | (int)(clock)) -+#endif -+ -+#if !defined(MAKE_THREAD_CPUCLOCK) -+#define MAKE_THREAD_CPUCLOCK(tid, clock) \ -+ ((int)(~(unsigned)(tid) << 3) | (int)((clock) | CPUCLOCK_PERTHREAD_MASK)) -+#endif -+ - #if !defined(CLOCKFD) - #define CLOCKFD 3 - #endif -diff --git a/sandbox/linux/tests/test_utils.cc b/sandbox/linux/tests/test_utils.cc -index 847c20b20c5d2..cf6041a4b476a 100644 ---- a/sandbox/linux/tests/test_utils.cc -+++ b/sandbox/linux/tests/test_utils.cc -@@ -5,12 +5,14 @@ - #include "sandbox/linux/tests/test_utils.h" - - #include <errno.h> -+#include <sys/mman.h> - #include <sys/stat.h> - #include <sys/types.h> - #include <sys/wait.h> - #include <unistd.h> - - #include "base/check_op.h" -+#include "base/memory/page_size.h" - #include "base/posix/eintr_wrapper.h" - - namespace sandbox { -@@ -39,4 +41,17 @@ void TestUtils::HandlePostForkReturn(pid_t pid) { - } - } - -+void* TestUtils::MapPagesOrDie(size_t num_pages) { -+ void* addr = mmap(nullptr, num_pages * base::GetPageSize(), -+ PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); -+ PCHECK(addr); -+ return addr; -+} -+ -+void TestUtils::MprotectLastPageOrDie(char* addr, size_t num_pages) { -+ size_t last_page_offset = (num_pages - 1) * base::GetPageSize(); -+ PCHECK(mprotect(addr + last_page_offset, base::GetPageSize(), PROT_NONE) >= -+ 0); -+} -+ - } // namespace sandbox -diff --git a/sandbox/linux/tests/test_utils.h b/sandbox/linux/tests/test_utils.h -index 7cf9749fe4f1f..43b028b1e34ef 100644 ---- a/sandbox/linux/tests/test_utils.h -+++ b/sandbox/linux/tests/test_utils.h -@@ -19,6 +19,8 @@ class TestUtils { - // makes sure that if fork() succeeded the child exits - // and the parent waits for it. - static void HandlePostForkReturn(pid_t pid); -+ static void* MapPagesOrDie(size_t num_pages); -+ static void MprotectLastPageOrDie(char* addr, size_t num_pages); - - private: - DISALLOW_IMPLICIT_CONSTRUCTORS(TestUtils); -diff --git a/sandbox/policy/linux/bpf_broker_policy_linux.cc b/sandbox/policy/linux/bpf_broker_policy_linux.cc -index 2963bb9ca8612..6dc8c0581b43c 100644 ---- a/sandbox/policy/linux/bpf_broker_policy_linux.cc -+++ b/sandbox/policy/linux/bpf_broker_policy_linux.cc -@@ -93,8 +93,8 @@ ResultExpr BrokerProcessPolicy::EvaluateSyscall(int sysno) const { - return Allow(); - break; - #endif --#if defined(__NR_fstatat) -- case __NR_fstatat: -+#if defined(__NR_fstatat64) -+ case __NR_fstatat64: - if (allowed_command_set_.test(syscall_broker::COMMAND_STAT)) - return Allow(); - break; --- -2.31.1 - diff --git a/chromium/chromium/chromium-glibc-2.33-r903873.patch b/chromium/chromium/chromium-glibc-2.33-r903873.patch deleted file mode 100644 index 35db6b6..0000000 --- a/chromium/chromium/chromium-glibc-2.33-r903873.patch +++ /dev/null @@ -1,351 +0,0 @@ -From 60d5e803ef2a4874d29799b638754152285e0ed9 Mon Sep 17 00:00:00 2001 -From: Matthew Denton <mpdenton@chromium.org> -Date: Wed, 21 Jul 2021 12:55:11 +0000 -Subject: [PATCH] Linux sandbox: fix fstatat() crash - -This is a reland of https://crrev.com/c/2801873. - -Glibc has started rewriting fstat(fd, stat_buf) to -fstatat(fd, "", stat_buf, AT_EMPTY_PATH). This works because when -AT_EMPTY_PATH is specified, and the second argument is an empty string, -then fstatat just performs an fstat on fd like normal. - -Unfortunately, fstatat() also allows stat-ing arbitrary pathnames like -with fstatat(AT_FDCWD, "/i/am/a/file", stat_buf, 0); -The baseline policy needs to prevent this usage of fstatat() since it -doesn't allow access to arbitrary pathnames. - -Sadly, if the second argument is not an empty string, AT_EMPTY_PATH is -simply ignored by current kernels. - -This means fstatat() is completely unsandboxable with seccomp, since -we *need* to verify that the second argument is the empty string, but -we can't dereference pointers in seccomp (due to limitations of BPF, -and the difficulty of addressing these limitations due to TOCTOU -issues). - -So, this CL Traps (raises a SIGSYS via seccomp) on any fstatat syscall. -The signal handler, which runs in the sandboxed process, checks for -AT_EMPTY_PATH and the empty string, and then rewrites any applicable -fstatat() back into the old-style fstat(). - -Bug: 1164975 -Change-Id: I3df6c04c0d781eb1f181d707ccaaead779337291 -Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3042179 -Reviewed-by: Robert Sesek <rsesek@chromium.org> -Commit-Queue: Matthew Denton <mpdenton@chromium.org> -Cr-Commit-Position: refs/heads/master@{#903873} ---- - .../seccomp-bpf-helpers/baseline_policy.cc | 8 ++++++ - .../baseline_policy_unittest.cc | 17 ++++++++++++- - .../seccomp-bpf-helpers/sigsys_handlers.cc | 25 +++++++++++++++++++ - .../seccomp-bpf-helpers/sigsys_handlers.h | 14 +++++++++++ - .../linux/syscall_broker/broker_process.cc | 21 ++++++++++------ - .../syscall_broker/broker_process_unittest.cc | 18 ++++++------- - sandbox/linux/system_headers/linux_stat.h | 4 +++ - 7 files changed, 89 insertions(+), 18 deletions(-) - -diff --git a/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc b/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc -index f2a60bb4d738d..9df0d2dbd3b5f 100644 ---- a/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc -+++ b/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc -@@ -20,6 +20,7 @@ - #include "sandbox/linux/seccomp-bpf-helpers/syscall_sets.h" - #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" - #include "sandbox/linux/services/syscall_wrappers.h" -+#include "sandbox/linux/system_headers/linux_stat.h" - #include "sandbox/linux/system_headers/linux_syscalls.h" - - #if !defined(SO_PEEK_OFF) -@@ -304,6 +305,13 @@ ResultExpr EvaluateSyscallImpl(int fs_denied_errno, - return Allow(); - } - -+ // The fstatat syscalls are file system syscalls, which will be denied below -+ // with fs_denied_errno. However some allowed fstat syscalls are rewritten by -+ // libc implementations to fstatat syscalls, and we need to rewrite them back. -+ if (sysno == __NR_fstatat_default) { -+ return RewriteFstatatSIGSYS(fs_denied_errno); -+ } -+ - if (SyscallSets::IsFileSystem(sysno) || - SyscallSets::IsCurrentDirectory(sysno)) { - return Error(fs_denied_errno); -diff --git a/sandbox/linux/seccomp-bpf-helpers/baseline_policy_unittest.cc b/sandbox/linux/seccomp-bpf-helpers/baseline_policy_unittest.cc -index 68c29b564bb8f..57d307e09d36b 100644 ---- a/sandbox/linux/seccomp-bpf-helpers/baseline_policy_unittest.cc -+++ b/sandbox/linux/seccomp-bpf-helpers/baseline_policy_unittest.cc -@@ -51,7 +51,8 @@ namespace sandbox { - - namespace { - --// This also tests that read(), write() and fstat() are allowed. -+// This also tests that read(), write(), fstat(), and fstatat(.., "", .., -+// AT_EMPTY_PATH) are allowed. - void TestPipeOrSocketPair(base::ScopedFD read_end, base::ScopedFD write_end) { - BPF_ASSERT_LE(0, read_end.get()); - BPF_ASSERT_LE(0, write_end.get()); -@@ -60,6 +61,20 @@ void TestPipeOrSocketPair(base::ScopedFD read_end, base::ScopedFD write_end) { - BPF_ASSERT_EQ(0, sys_ret); - BPF_ASSERT(S_ISFIFO(stat_buf.st_mode) || S_ISSOCK(stat_buf.st_mode)); - -+ sys_ret = fstatat(read_end.get(), "", &stat_buf, AT_EMPTY_PATH); -+ BPF_ASSERT_EQ(0, sys_ret); -+ BPF_ASSERT(S_ISFIFO(stat_buf.st_mode) || S_ISSOCK(stat_buf.st_mode)); -+ -+ // Make sure fstatat with anything other than an empty string is denied. -+ sys_ret = fstatat(read_end.get(), "/", &stat_buf, AT_EMPTY_PATH); -+ BPF_ASSERT_EQ(sys_ret, -1); -+ BPF_ASSERT_EQ(EPERM, errno); -+ -+ // Make sure fstatat without AT_EMPTY_PATH is denied. -+ sys_ret = fstatat(read_end.get(), "", &stat_buf, 0); -+ BPF_ASSERT_EQ(sys_ret, -1); -+ BPF_ASSERT_EQ(EPERM, errno); -+ - const ssize_t kTestTransferSize = 4; - static const char kTestString[kTestTransferSize] = {'T', 'E', 'S', 'T'}; - ssize_t transfered = 0; -diff --git a/sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.cc b/sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.cc -index 64edbd68bde6b..71068a045277b 100644 ---- a/sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.cc -+++ b/sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.cc -@@ -6,6 +6,7 @@ - - #include "sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h" - -+#include <fcntl.h> - #include <stddef.h> - #include <stdint.h> - #include <string.h> -@@ -22,6 +23,7 @@ - #include "sandbox/linux/seccomp-bpf/syscall.h" - #include "sandbox/linux/services/syscall_wrappers.h" - #include "sandbox/linux/system_headers/linux_seccomp.h" -+#include "sandbox/linux/system_headers/linux_stat.h" - #include "sandbox/linux/system_headers/linux_syscalls.h" - - #if defined(__mips__) -@@ -355,6 +357,24 @@ intptr_t SIGSYSSchedHandler(const struct arch_seccomp_data& args, - return -ENOSYS; - } - -+intptr_t SIGSYSFstatatHandler(const struct arch_seccomp_data& args, -+ void* fs_denied_errno) { -+ if (args.nr == __NR_fstatat_default) { -+ if (*reinterpret_cast<const char*>(args.args[1]) == '\0' && -+ args.args[3] == static_cast<uint64_t>(AT_EMPTY_PATH)) { -+ return syscall(__NR_fstat_default, static_cast<int>(args.args[0]), -+ reinterpret_cast<default_stat_struct*>(args.args[2])); -+ } -+ return -reinterpret_cast<intptr_t>(fs_denied_errno); -+ } -+ -+ CrashSIGSYS_Handler(args, fs_denied_errno); -+ -+ // Should never be reached. -+ RAW_CHECK(false); -+ return -ENOSYS; -+} -+ - bpf_dsl::ResultExpr CrashSIGSYS() { - return bpf_dsl::Trap(CrashSIGSYS_Handler, NULL); - } -@@ -387,6 +407,11 @@ bpf_dsl::ResultExpr RewriteSchedSIGSYS() { - return bpf_dsl::Trap(SIGSYSSchedHandler, NULL); - } - -+bpf_dsl::ResultExpr RewriteFstatatSIGSYS(int fs_denied_errno) { -+ return bpf_dsl::Trap(SIGSYSFstatatHandler, -+ reinterpret_cast<void*>(fs_denied_errno)); -+} -+ - void AllocateCrashKeys() { - #if !defined(OS_NACL_NONSFI) - if (seccomp_crash_key) -diff --git a/sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h b/sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h -index 7a958b93b27a7..8cd735ce15793 100644 ---- a/sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h -+++ b/sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h -@@ -62,6 +62,19 @@ SANDBOX_EXPORT intptr_t SIGSYSPtraceFailure(const arch_seccomp_data& args, - // sched_setparam(), sched_setscheduler() - SANDBOX_EXPORT intptr_t SIGSYSSchedHandler(const arch_seccomp_data& args, - void* aux); -+// If the fstatat() syscall is functionally equivalent to an fstat() syscall, -+// then rewrite the syscall to the equivalent fstat() syscall which can be -+// adequately sandboxed. -+// If the fstatat() is not functionally equivalent to an fstat() syscall, we -+// fail with -fs_denied_errno. -+// If the syscall is not an fstatat() at all, crash in the same way as -+// CrashSIGSYS_Handler. -+// This is necessary because glibc and musl have started rewriting fstat(fd, -+// stat_buf) as fstatat(fd, "", stat_buf, AT_EMPTY_PATH). We rewrite the latter -+// back to the former, which is actually sandboxable. -+SANDBOX_EXPORT intptr_t -+SIGSYSFstatatHandler(const struct arch_seccomp_data& args, -+ void* fs_denied_errno); - - // Variants of the above functions for use with bpf_dsl. - SANDBOX_EXPORT bpf_dsl::ResultExpr CrashSIGSYS(); -@@ -72,6 +85,7 @@ SANDBOX_EXPORT bpf_dsl::ResultExpr CrashSIGSYSKill(); - SANDBOX_EXPORT bpf_dsl::ResultExpr CrashSIGSYSFutex(); - SANDBOX_EXPORT bpf_dsl::ResultExpr CrashSIGSYSPtrace(); - SANDBOX_EXPORT bpf_dsl::ResultExpr RewriteSchedSIGSYS(); -+SANDBOX_EXPORT bpf_dsl::ResultExpr RewriteFstatatSIGSYS(int fs_denied_errno); - - // Allocates a crash key so that Seccomp information can be recorded. - void AllocateCrashKeys(); -diff --git a/sandbox/linux/syscall_broker/broker_process.cc b/sandbox/linux/syscall_broker/broker_process.cc -index c2176eb785e78..e9dad37485aef 100644 ---- a/sandbox/linux/syscall_broker/broker_process.cc -+++ b/sandbox/linux/syscall_broker/broker_process.cc -@@ -113,44 +113,49 @@ bool BrokerProcess::IsSyscallAllowed(int sysno) const { - } - - bool BrokerProcess::IsSyscallBrokerable(int sysno, bool fast_check) const { -+ // The syscalls unavailable on aarch64 are all blocked by Android's default -+ // seccomp policy, even on non-aarch64 architectures. I.e., the syscalls XX() -+ // with a corresponding XXat() versions are typically unavailable in aarch64 -+ // and are default disabled in Android. So, we should refuse to broker them -+ // to be consistent with the platform's restrictions. - switch (sysno) { --#if !defined(__aarch64__) -+#if !defined(__aarch64__) && !defined(OS_ANDROID) - case __NR_access: - #endif - case __NR_faccessat: - return !fast_check || allowed_command_set_.test(COMMAND_ACCESS); - --#if !defined(__aarch64__) -+#if !defined(__aarch64__) && !defined(OS_ANDROID) - case __NR_mkdir: - #endif - case __NR_mkdirat: - return !fast_check || allowed_command_set_.test(COMMAND_MKDIR); - --#if !defined(__aarch64__) -+#if !defined(__aarch64__) && !defined(OS_ANDROID) - case __NR_open: - #endif - case __NR_openat: - return !fast_check || allowed_command_set_.test(COMMAND_OPEN); - --#if !defined(__aarch64__) -+#if !defined(__aarch64__) && !defined(OS_ANDROID) - case __NR_readlink: - #endif - case __NR_readlinkat: - return !fast_check || allowed_command_set_.test(COMMAND_READLINK); - --#if !defined(__aarch64__) -+#if !defined(__aarch64__) && !defined(OS_ANDROID) - case __NR_rename: - #endif - case __NR_renameat: - case __NR_renameat2: - return !fast_check || allowed_command_set_.test(COMMAND_RENAME); - --#if !defined(__aarch64__) -+#if !defined(__aarch64__) && !defined(OS_ANDROID) - case __NR_rmdir: - return !fast_check || allowed_command_set_.test(COMMAND_RMDIR); - #endif - --#if !defined(__aarch64__) -+#if !defined(__aarch64__) && !defined(OS_ANDROID) - case __NR_stat: - case __NR_lstat: - #endif -@@ -175,7 +180,7 @@ bool BrokerProcess::IsSyscallBrokerable(int sysno, bool fast_check) const { - return !fast_check || allowed_command_set_.test(COMMAND_STAT); - #endif - --#if !defined(__aarch64__) -+#if !defined(__aarch64__) && !defined(OS_ANDROID) - case __NR_unlink: - return !fast_check || allowed_command_set_.test(COMMAND_UNLINK); - #endif -diff --git a/sandbox/linux/syscall_broker/broker_process_unittest.cc b/sandbox/linux/syscall_broker/broker_process_unittest.cc -index c65f25a78a999..f0db08d84e06c 100644 ---- a/sandbox/linux/syscall_broker/broker_process_unittest.cc -+++ b/sandbox/linux/syscall_broker/broker_process_unittest.cc -@@ -1596,52 +1596,52 @@ TEST(BrokerProcess, IsSyscallAllowed) { - const base::flat_map<BrokerCommand, base::flat_set<int>> kSysnosForCommand = { - {COMMAND_ACCESS, - {__NR_faccessat, --#if defined(__NR_access) -+#if defined(__NR_access) && !defined(OS_ANDROID) - __NR_access - #endif - }}, - {COMMAND_MKDIR, - {__NR_mkdirat, --#if defined(__NR_mkdir) -+#if defined(__NR_mkdir) && !defined(OS_ANDROID) - __NR_mkdir - #endif - }}, - {COMMAND_OPEN, - {__NR_openat, --#if defined(__NR_open) -+#if defined(__NR_open) && !defined(OS_ANDROID) - __NR_open - #endif - }}, - {COMMAND_READLINK, - {__NR_readlinkat, --#if defined(__NR_readlink) -+#if defined(__NR_readlink) && !defined(OS_ANDROID) - __NR_readlink - #endif - }}, - {COMMAND_RENAME, - {__NR_renameat, --#if defined(__NR_rename) -+#if defined(__NR_rename) && !defined(OS_ANDROID) - __NR_rename - #endif - }}, - {COMMAND_UNLINK, - {__NR_unlinkat, --#if defined(__NR_unlink) -+#if defined(__NR_unlink) && !defined(OS_ANDROID) - __NR_unlink - #endif - }}, - {COMMAND_RMDIR, - {__NR_unlinkat, --#if defined(__NR_rmdir) -+#if defined(__NR_rmdir) && !defined(OS_ANDROID) - __NR_rmdir - #endif - }}, - {COMMAND_STAT, - { --#if defined(__NR_stat) -+#if defined(__NR_stat) && !defined(OS_ANDROID) - __NR_stat, - #endif --#if defined(__NR_lstat) -+#if defined(__NR_lstat) && !defined(OS_ANDROID) - __NR_lstat, - #endif - #if defined(__NR_fstatat) -diff --git a/sandbox/linux/system_headers/linux_stat.h b/sandbox/linux/system_headers/linux_stat.h -index 35788eb22a4e5..83b89efc75e5e 100644 ---- a/sandbox/linux/system_headers/linux_stat.h -+++ b/sandbox/linux/system_headers/linux_stat.h -@@ -157,6 +157,10 @@ struct kernel_stat { - }; - #endif - -+#if !defined(AT_EMPTY_PATH) -+#define AT_EMPTY_PATH 0x1000 -+#endif -+ - // On 32-bit systems, we default to the 64-bit stat struct like libc - // implementations do. Otherwise we default to the normal stat struct which is - // already 64-bit. --- -2.31.1 - diff --git a/chromium/chromium/chromium-pdfium-string.patch b/chromium/chromium/chromium-pdfium-string.patch deleted file mode 100644 index 6915a2d..0000000 --- a/chromium/chromium/chromium-pdfium-string.patch +++ /dev/null @@ -1,129 +0,0 @@ -From 7a6289c5ace52cf88f0e19caa5f78b7c15d0e7a6 Mon Sep 17 00:00:00 2001 -From: Miklos Vajna <vmiklos@collabora.co.uk> -Date: Wed, 21 Jul 2021 17:42:30 +0000 -Subject: [PATCH] fxcodec, fxge: fix missing includes with libstdc++ - -These missing includes break the build with gcc/libstdc++, they were not -a problem in practice with clang/libc++. - -Change-Id: I40013f97ba7ab06f32aa59f87b04aec06a19478c -Reviewed-on: https://pdfium-review.googlesource.com/c/pdfium/+/83210 -Commit-Queue: Lei Zhang <thestig@chromium.org> -Reviewed-by: Lei Zhang <thestig@chromium.org> ---- - core/fxcodec/jpeg/jpegmodule.cpp | 1 + - core/fxcodec/jpx/cjpx_decoder.cpp | 2 ++ - core/fxge/cfx_cliprgn.cpp | 2 ++ - core/fxge/dib/cfx_bitmapcomposer.cpp | 2 ++ - core/fxge/dib/cfx_bitmapstorer.cpp | 2 ++ - core/fxge/dib/cfx_dibbase.cpp | 2 ++ - core/fxge/dib/cfx_dibitmap.cpp | 2 ++ - core/fxge/dib/cfx_scanlinecompositor.cpp | 2 ++ - 8 files changed, 15 insertions(+) - -diff --git a/core/fxcodec/jpeg/jpegmodule.cpp b/core/fxcodec/jpeg/jpegmodule.cpp -index cea0679aa..036f25003 100644 ---- a/third_party/pdfium/core/fxcodec/jpeg/jpegmodule.cpp -+++ b/third_party/pdfium/core/fxcodec/jpeg/jpegmodule.cpp -@@ -7,6 +7,7 @@ - #include "core/fxcodec/jpeg/jpegmodule.h" - - #include <setjmp.h> -+#include <string.h> - - #include <memory> - #include <utility> -diff --git a/core/fxcodec/jpx/cjpx_decoder.cpp b/core/fxcodec/jpx/cjpx_decoder.cpp -index c66985a7f..9c1122b75 100644 ---- a/third_party/pdfium/core/fxcodec/jpx/cjpx_decoder.cpp -+++ b/third_party/pdfium/core/fxcodec/jpx/cjpx_decoder.cpp -@@ -6,6 +6,8 @@ - - #include "core/fxcodec/jpx/cjpx_decoder.h" - -+#include <string.h> -+ - #include <algorithm> - #include <limits> - #include <utility> -diff --git a/core/fxge/cfx_cliprgn.cpp b/core/fxge/cfx_cliprgn.cpp -index 5369d522c..d198852e3 100644 ---- a/third_party/pdfium/core/fxge/cfx_cliprgn.cpp -+++ b/third_party/pdfium/core/fxge/cfx_cliprgn.cpp -@@ -6,6 +6,8 @@ - - #include "core/fxge/cfx_cliprgn.h" - -+#include <string.h> -+ - #include <utility> - - #include "core/fxge/dib/cfx_dibitmap.h" -diff --git a/core/fxge/dib/cfx_bitmapcomposer.cpp b/core/fxge/dib/cfx_bitmapcomposer.cpp -index 6f9b42013..0f1ffae2c 100644 ---- a/third_party/pdfium/core/fxge/dib/cfx_bitmapcomposer.cpp -+++ b/third_party/pdfium/core/fxge/dib/cfx_bitmapcomposer.cpp -@@ -6,6 +6,8 @@ - - #include "core/fxge/dib/cfx_bitmapcomposer.h" - -+#include <string.h> -+ - #include "core/fxge/cfx_cliprgn.h" - #include "core/fxge/dib/cfx_dibitmap.h" - -diff --git a/core/fxge/dib/cfx_bitmapstorer.cpp b/core/fxge/dib/cfx_bitmapstorer.cpp -index f57c00eaa..45a0a180c 100644 ---- a/third_party/pdfium/core/fxge/dib/cfx_bitmapstorer.cpp -+++ b/third_party/pdfium/core/fxge/dib/cfx_bitmapstorer.cpp -@@ -6,6 +6,8 @@ - - #include "core/fxge/dib/cfx_bitmapstorer.h" - -+#include <string.h> -+ - #include <utility> - - #include "core/fxge/dib/cfx_dibitmap.h" -diff --git a/core/fxge/dib/cfx_dibbase.cpp b/core/fxge/dib/cfx_dibbase.cpp -index 4ec0ddbf9..a1de2fbec 100644 ---- a/third_party/pdfium/core/fxge/dib/cfx_dibbase.cpp -+++ b/third_party/pdfium/core/fxge/dib/cfx_dibbase.cpp -@@ -6,6 +6,8 @@ - - #include "core/fxge/dib/cfx_dibbase.h" - -+#include <string.h> -+ - #include <algorithm> - #include <memory> - #include <utility> -diff --git a/core/fxge/dib/cfx_dibitmap.cpp b/core/fxge/dib/cfx_dibitmap.cpp -index d7ccf6cfa..94e8accdd 100644 ---- a/third_party/pdfium/core/fxge/dib/cfx_dibitmap.cpp -+++ b/third_party/pdfium/core/fxge/dib/cfx_dibitmap.cpp -@@ -6,6 +6,8 @@ - - #include "core/fxge/dib/cfx_dibitmap.h" - -+#include <string.h> -+ - #include <limits> - #include <memory> - #include <utility> -diff --git a/core/fxge/dib/cfx_scanlinecompositor.cpp b/core/fxge/dib/cfx_scanlinecompositor.cpp -index e8362d708..c04c6dcab 100644 ---- a/third_party/pdfium/core/fxge/dib/cfx_scanlinecompositor.cpp -+++ b/third_party/pdfium/core/fxge/dib/cfx_scanlinecompositor.cpp -@@ -6,6 +6,8 @@ - - #include "core/fxge/dib/cfx_scanlinecompositor.h" - -+#include <string.h> -+ - #include <algorithm> - - #include "core/fxge/dib/fx_dib.h" --- -2.31.1 - diff --git a/chromium/chromium/chromium.spec b/chromium/chromium/chromium.spec index ad57b67..4a8f69a 100644 --- a/chromium/chromium/chromium.spec +++ b/chromium/chromium/chromium.spec @@ -8,8 +8,8 @@ # Get the version number of latest stable version # $ curl -s 'https://omahaproxy.appspot.com/all?os=linux&channel=stable' | sed 1d | cut -d , -f 3 -# Require harfbuzz >= 2.4.0 for hb_subset_input_set_retain_gids -%if 0%{?fedora} >= 31 +# Require harfbuzz >= 3.0.0 for hb_subset_input_set_flags +%if 0%{?fedora} >= 36 %bcond_without system_harfbuzz %else %bcond_with system_harfbuzz @@ -40,7 +40,7 @@ %bcond_with fedora_compilation_flags Name: chromium -Version: 93.0.4577.82 +Version: 94.0.4606.54 Release: 100%{?dist} Summary: A WebKit (Blink) powered web browser @@ -92,17 +92,8 @@ Patch2: chromium-gn-no-static-libstdc++.patch Patch20: chromium-python3.patch # Pull upstream patches -Patch30: chromium-angle-typedef.patch -Patch31: chromium-pdfium-string.patch -Patch32: chromium-ruy-limits.patch -Patch33: chromium-gcc-11-r903595.patch -Patch34: chromium-gcc-11-r903819.patch -Patch35: chromium-gcc-11-r903820.patch -Patch36: chromium-gcc-11-r904696.patch -Patch37: chromium-gcc-11-r905300.patch -Patch38: chromium-gcc-11-r905634.patch -Patch39: chromium-glibc-2.33-r902981.patch -Patch40: chromium-glibc-2.33-r903873.patch +Patch30: chromium-ruy-limits.patch +Patch31: chromium-gcc-11-r911787.patch # I don't have time to test whether it work on other architectures ExclusiveArch: x86_64 @@ -280,6 +271,7 @@ find -type f -exec \ third_party/devtools-frontend/src/front_end/third_party/marked \ third_party/devtools-frontend/src/front_end/third_party/puppeteer \ third_party/devtools-frontend/src/front_end/third_party/wasmparser \ + third_party/devtools-frontend/src/test/unittests/front_end/third_party/i18n \ third_party/devtools-frontend/src/third_party \ third_party/dom_distiller_js \ third_party/eigen3 \ @@ -511,6 +503,8 @@ export CC=gcc CXX=g++ gn_args=( is_debug=false is_component_build=false + dcheck_always_on=false + dcheck_is_configurable=false use_gold=false use_sysroot=false use_custom_libcxx=false @@ -542,7 +536,7 @@ gn_args=( enable_nacl=false fatal_linker_warnings=false treat_warnings_as_errors=false - fieldtrial_testing_like_official_build=true + disable_fieldtrial_testing_config=true 'system_libdir="%{_lib}"' 'custom_toolchain="//build/toolchain/linux/unbundle:default"' 'host_toolchain="//build/toolchain/linux/unbundle:default"' @@ -614,8 +608,8 @@ sed -e "s|@@MENUNAME@@|Chromium|g" -e "s|@@PACKAGE@@|chromium|g" \ install -m 644 chrome.1 %{buildroot}%{_mandir}/man1/chromium-browser.1 install -m 755 out/Release/chrome %{buildroot}%{chromiumdir}/chromium-browser install -m 4755 out/Release/chrome_sandbox %{buildroot}%{chromiumdir}/chrome-sandbox +install -m 755 out/Release/chrome_crashpad_handler %{buildroot}%{chromiumdir}/ install -m 755 out/Release/chromedriver %{buildroot}%{chromiumdir}/ -install -m 755 out/Release/crashpad_handler %{buildroot}%{chromiumdir}/ %if !%{with system_libicu} install -m 644 out/Release/icudtl.dat %{buildroot}%{chromiumdir}/ %endif @@ -674,14 +668,15 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || : %dir %{chromiumdir} %{chromiumdir}/chromium-browser %{chromiumdir}/chrome-sandbox +%{chromiumdir}/chrome_crashpad_handler %{chromiumdir}/chromedriver -%{chromiumdir}/crashpad_handler %if !%{with system_libicu} %{chromiumdir}/icudtl.dat %endif %{chromiumdir}/libEGL.so %{chromiumdir}/libGLESv2.so %{chromiumdir}/libVkICD_mock_icd.so +%{chromiumdir}/libVkLayer_khronos_validation.so %{chromiumdir}/libvk_swiftshader.so %{chromiumdir}/v8_context_snapshot.bin %{chromiumdir}/vk_swiftshader_icd.json @@ -697,6 +692,10 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || : %changelog +* Thu Sep 23 2021 - Ting-Wei Lan <lantw44@gmail.com> - 94.0.4606.54-100 +- Update to 94.0.4606.54 +- Explicitly disable DCHECK because it is now enabled by default + * Tue Sep 14 2021 - Ting-Wei Lan <lantw44@gmail.com> - 93.0.4577.82-100 - Update to 93.0.4577.82 |