Hello community,
here is the log from the commit of package chromium for openSUSE:Factory checked in at 2019-07-31 14:28:28
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/chromium (Old)
and /work/SRC/openSUSE:Factory/.chromium.new.4126 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "chromium"
Wed Jul 31 14:28:28 2019 rev:223 rq:719830 version:75.0.3770.142
Changes:
--------
--- /work/SRC/openSUSE:Factory/chromium/chromium.changes 2019-06-20 18:55:29.828853776 +0200
+++ /work/SRC/openSUSE:Factory/.chromium.new.4126/chromium.changes 2019-07-31 14:29:10.702092087 +0200
@@ -1,0 +2,38 @@
+Tue Jul 30 12:47:02 UTC 2019 - Tomáš Chvátal
+
+- Do not use lto flags from prjconf, we need to set them using
+ gn buildsystem
+
+-------------------------------------------------------------------
+Tue Jul 30 10:07:34 UTC 2019 - Tomáš Chvátal
+
+- Drop patch chromium-non-void-return.patch and just pass
+ a cxxflags disabler for the check
+
+-------------------------------------------------------------------
+Wed Jul 17 08:31:56 UTC 2019 - Tomáš Chvátal
+
+- Update gcc-enable-lto.patch to work on systems without the
+ lto
+
+-------------------------------------------------------------------
+Tue Jul 16 14:26:18 UTC 2019 - Tomáš Chvátal
+
+- Update to 75.0.3770.142 bsc#1141649:
+ * CVE-2019-5847: V8 sealed/frozen elements cause crash
+ * CVE-2019-5848: Font sizes may expose sensitive information
+- Add patch chromium-renderprocess-crash.patch to hopefully fix
+ bsc#1141102
+
+-------------------------------------------------------------------
+Tue Jul 2 08:55:22 UTC 2019 - Martin Liška
+
+- Enable LTO for x86_64 - add gcc-enable-lto.patch and
+ gcc-lto-rsp-clobber.patch patches.
+
+-------------------------------------------------------------------
+Tue Jul 2 07:35:44 UTC 2019 - Tomáš Chvátal
+
+- Install manpage
+
+-------------------------------------------------------------------
@@ -208 +246 @@
-- Update to 72.0.3626.109:
+- Update to 72.0.3626.109 bsc#1120892 CVE-2018-20073:
Old:
----
chromium-75.0.3770.100.tar.xz
chromium-non-void-return.patch
New:
----
chromium-75.0.3770.142.tar.xz
chromium-renderprocess-crash.patch
gcc-enable-lto.patch
gcc-lto-rsp-clobber.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ chromium.spec ++++++
--- /var/tmp/diff_new_pack.890S8z/_old 2019-07-31 14:29:24.858080633 +0200
+++ /var/tmp/diff_new_pack.890S8z/_new 2019-07-31 14:29:24.862080629 +0200
@@ -47,8 +47,17 @@
%bcond_with system_vpx
%bcond_with clang
%bcond_with wayland
+%ifarch x86_64
+%if %{?suse_version} > 1500
+%bcond_without lto
+%else
+%bcond_with lto
+%endif
+%else
+%bcond_with lto
+%endif
Name: chromium
-Version: 75.0.3770.100
+Version: 75.0.3770.142
Release: 0
Summary: Google's open source browser project
License: BSD-3-Clause AND LGPL-2.1-or-later
@@ -74,16 +83,18 @@
Patch3: fix_building_widevinecdm_with_chromium.patch
Patch4: chromium-dma-buf.patch
Patch5: chromium-buildname.patch
-Patch6: chromium-non-void-return.patch
-Patch7: chromium-drm.patch
-Patch8: chromium-sandbox-pie.patch
-Patch9: chromium-system-icu.patch
-Patch10: chromium-system-libusb.patch
-Patch11: chromium-old-glibc.patch
-Patch12: chromium-skia-aarch64-buildfix.patch
-Patch13: chromium-gcc.patch
-Patch14: chromium-75.0.3770.80-SIOCGSTAMP.patch
-Patch15: chromium-75.0.3770.80-pure-virtual-crash-fix.patch
+Patch6: chromium-drm.patch
+Patch7: chromium-sandbox-pie.patch
+Patch8: chromium-system-icu.patch
+Patch9: chromium-system-libusb.patch
+Patch10: chromium-old-glibc.patch
+Patch11: chromium-skia-aarch64-buildfix.patch
+Patch12: chromium-gcc.patch
+Patch13: chromium-75.0.3770.80-SIOCGSTAMP.patch
+Patch14: chromium-75.0.3770.80-pure-virtual-crash-fix.patch
+Patch15: gcc-lto-rsp-clobber.patch
+Patch16: gcc-enable-lto.patch
+Patch17: chromium-renderprocess-crash.patch
# Google seem not too keen on merging this but GPU accel is quite important
# https://chromium-review.googlesource.com/c/chromium/src/+/532294
# https://github.com/saiarcot895/chromium-ubuntu-build/tree/master/debian/patc...
@@ -502,14 +513,20 @@
cp -a %{_includedir}/libusb-1.0/libusb.h third_party/libusb/src/libusb/libusb.h
%build
+# GN sets lto on its own and we need just ldflag options, not cflags
+%if %{with lto}
+export LDFLAGS="%{_lto_cflags}"
+%endif
+%define _lto_cflags %{nil}
%if %{with clang}
export CC=clang
export CXX=clang++
%else
# REDUCE DEBUG as it gets TOO large
+# -Wno-error=return-type :: upstream does not care about this
ARCH_FLAGS="`echo %{optflags} | sed -e 's/^-g / /g' -e 's/ -g / /g' -e 's/ -g$//g'`"
-export CFLAGS="${ARCH_FLAGS} -fpermissive"
-export CXXFLAGS="${ARCH_FLAGS} -fpermissive"
+export CFLAGS="${ARCH_FLAGS} -fpermissive -Wno-error=return-type"
+export CXXFLAGS="${ARCH_FLAGS} -fpermissive -Wno-error=return-type"
export CC=gcc
export CXX=g++
%if 0%{?suse_version} <= 1500
@@ -631,6 +648,9 @@
%else
myconf_gn+=" is_clang=false"
%endif
+%if %{with lto}
+myconf_gn+=" gcc_lto=true"
+%endif
# The proprietary codecs just force the chromium to say they can use it and
# offload the actual computation to the ffmpeg, otherwise the chromium
@@ -743,6 +763,7 @@
mkdir -p %{buildroot}%{_libdir}/browser-plugins
pushd %{buildroot}%{_libdir}/chromium
ln -s ../browser-plugins plugins
+popd
# Install the master_preferences file
mkdir -p %{buildroot}%{_sysconfdir}/chromium
@@ -752,6 +773,12 @@
chmod 755 %{buildroot}%{_libdir}/chromium/xdg-settings
chmod 755 %{buildroot}%{_libdir}/chromium/xdg-mime
+# install manpages
+mkdir -p %{buildroot}%{_mandir}/man1/
+cp -a chrome/app/resources/manpage.1.in %{buildroot}%{_mandir}/man1/chromium.1
+sed -i "s|@@PACKAGE@@|chromium|g" %{buildroot}%{_mandir}/man1/chromium.1
+sed -i "s|@@MENUNAME@@|Chromium|g" %{buildroot}%{_mandir}/man1/chromium.1
+
%fdupes %{buildroot}
%verifyscript
@@ -789,6 +816,7 @@
%{_libexecdir}/chrome_sandbox
%exclude %{_libdir}/chromium/chromedriver
%{_bindir}/chromium
+%{_mandir}/man1/chromium.1%{?ext_man}
%files -n chromedriver
%{_libdir}/chromium/chromedriver
++++++ _constraints ++++++
--- /var/tmp/diff_new_pack.890S8z/_old 2019-07-31 14:29:24.902080597 +0200
+++ /var/tmp/diff_new_pack.890S8z/_new 2019-07-31 14:29:24.902080597 +0200
@@ -8,4 +8,14 @@
<size unit="G">8</size>
</memory>
</hardware>
+ <overwrite>
+ <conditions>
+ <arch>x86_64</arch>
+ </conditions>
+ <hardware>
+ <memory>
+ <size unit="G">16</size>
+ </memory>
+ </hardware>
+ </overwrite>
</constraints>
++++++ chromium-75.0.3770.100.tar.xz -> chromium-75.0.3770.142.tar.xz ++++++
/work/SRC/openSUSE:Factory/chromium/chromium-75.0.3770.100.tar.xz /work/SRC/openSUSE:Factory/.chromium.new.4126/chromium-75.0.3770.142.tar.xz differ: char 25, line 1
++++++ chromium-renderprocess-crash.patch ++++++
diff -up chromium-75.0.3770.100/chrome/browser/performance_manager/chrome_content_browser_client_performance_manager_part.cc.git00281713 chromium-75.0.3770.100/chrome/browser/performance_manager/chrome_content_browser_client_performance_manager_part.cc
--- chromium-75.0.3770.100/chrome/browser/performance_manager/chrome_content_browser_client_performance_manager_part.cc.git00281713 2019-07-02 09:10:38.951369854 -0400
+++ chromium-75.0.3770.100/chrome/browser/performance_manager/chrome_content_browser_client_performance_manager_part.cc 2019-07-02 09:11:59.864642942 -0400
@@ -12,13 +12,19 @@
#include "chrome/browser/performance_manager/graph/process_node_impl.h"
#include "chrome/browser/performance_manager/performance_manager.h"
#include "chrome/browser/performance_manager/render_process_user_data.h"
+#include "content/public/browser/render_process_host.h"
#include "services/resource_coordinator/public/mojom/coordination_unit.mojom.h"
namespace {
void BindProcessNode(
- content::RenderProcessHost* render_process_host,
+ int render_process_host_id,
resource_coordinator::mojom::ProcessCoordinationUnitRequest request) {
+ content::RenderProcessHost* render_process_host =
+ content::RenderProcessHost::FromID(render_process_host_id);
+ if (!render_process_host)
+ return;
+
performance_manager::RenderProcessUserData* user_data =
performance_manager::RenderProcessUserData::GetForRenderProcessHost(
render_process_host);
@@ -47,8 +53,7 @@ void ChromeContentBrowserClientPerforman
blink::AssociatedInterfaceRegistry* associated_registry,
content::RenderProcessHost* render_process_host) {
registry->AddInterface(
- base::BindRepeating(&BindProcessNode,
- base::Unretained(render_process_host)),
+ base::BindRepeating(&BindProcessNode, render_process_host->GetID()),
base::SequencedTaskRunnerHandle::Get());
// Ideally this would strictly be a "CreateForRenderProcess", but when a
++++++ gcc-enable-lto.patch ++++++
Index: chromium-75.0.3770.142/build/config/BUILDCONFIG.gn
===================================================================
--- chromium-75.0.3770.142.orig/build/config/BUILDCONFIG.gn
+++ chromium-75.0.3770.142/build/config/BUILDCONFIG.gn
@@ -130,6 +130,8 @@ declare_args() {
# separate flags.
is_official_build = false
+ gcc_lto = false
+
# Whether we're a traditional desktop unix.
is_desktop_linux = current_os == "linux"
@@ -440,6 +442,12 @@ default_compiler_configs = [
"//build/config/sanitizers:default_sanitizer_flags",
]
+if (gcc_lto) {
+ default_compiler_configs += [
+ "//build/config/compiler:gcc_lto",
+ ]
+}
+
if (is_win) {
default_compiler_configs += [
"//build/config/win:default_crt",
Index: chromium-75.0.3770.142/build/config/compiler/BUILD.gn
===================================================================
--- chromium-75.0.3770.142.orig/build/config/compiler/BUILD.gn
+++ chromium-75.0.3770.142/build/config/compiler/BUILD.gn
@@ -1921,6 +1921,10 @@ if (is_win) {
}
}
+config("gcc_lto") {
+ cflags = [ "-flto" ]
+}
+
config("default_stack_frames") {
if (is_posix || is_fuchsia) {
if (enable_frame_pointers) {
Index: chromium-75.0.3770.142/sandbox/linux/BUILD.gn
===================================================================
--- chromium-75.0.3770.142.orig/sandbox/linux/BUILD.gn
+++ chromium-75.0.3770.142/sandbox/linux/BUILD.gn
@@ -256,6 +256,9 @@ component("seccomp_bpf") {
"//base",
"//base/third_party/dynamic_annotations",
]
+ if (gcc_lto) {
+ configs -= [ "//build/config/compiler:gcc_lto" ]
+ }
if (is_nacl_nonsfi) {
cflags = [ "-fgnu-inline-asm" ]
++++++ gcc-lto-rsp-clobber.patch ++++++
diff --git a/third_party/lss/linux_syscall_support.h b/third_party/lss/linux_syscall_support.h
index 5d9c2e858..e64703ba0 100644
--- a/third_party/lss/linux_syscall_support.h
+++ b/third_party/lss/linux_syscall_support.h
@@ -2405,7 +2405,7 @@ struct kernel_statfs {
"d"(LSS_SYSCALL_ARG(parent_tidptr)),
"r"(LSS_SYSCALL_ARG(newtls)),
"r"(LSS_SYSCALL_ARG(child_tidptr))
- : "rsp", "memory", "r8", "r10", "r11", "rcx");
+ : "memory", "r8", "r10", "r11", "rcx");
}
LSS_RETURN(int, __res);
}