bcarrella/cef
1
0
Fork 0
mirror of https://bitbucket.org/chromiumembedded/cef synced 2025-06-05 21:39:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

patch: Remove Windows-only cef_sandbox patches (see #3824)

Browse Source
This commit is contained in:
Marshall Greenblatt
2025-05-09 16:38:33 -04:00
parent adcac2c37c
commit c302f285c7
5 changed files with 2 additions and 272 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
patch/patch.cfg
View File

@@ -523,19 +523,12 @@ patches = [
# Remove cef_sandbox dependency on boringssl functions.
# https://github.com/chromiumembedded/cef/issues/2743
#
# Enable the VS 2015 Update 2 fix when building with the MSVC standard
# library.
#
# Avoid usage of std::atomic_flag::test() added in C++20.
# https://github.com/llvm/llvm-project/issues/57364
#
# Avoid usage of PartitionAlloc assertions (PA_BASE_CHECK) in raw_ptr.h.
#
# win: Add SHA256 implementation for Sid::FromNamedCapability using the
# Crypto API.
# https://github.com/chromiumembedded/cef/issues/3791
#
# win: Disable use of Rust for JSON parsing with cef_sandbox.
# Disable use of Rust for JSON parsing with cef_sandbox.
# Enables the fallback to C++ that was removed in
# https://crrev.com/9ddc1624637c8cfa8ef50a95abd779e0ba4d67f6
#
@@ -552,12 +545,6 @@ patches = [
# https://github.com/chromiumembedded/cef/issues/3834
'name': 'osr_fling_2745',
},
{
# Windows: Build targets as C++17 to avoid export of std::is_integral
# templates in cef_sandbox that should be inlined.
# https://github.com/chromiumembedded/cef/issues/2819
'name': 'win_cpp17_msvc_sandbox_2819',
},
{
# libxml access is now limited to targets audited by the Security Team.
# https://chromium-review.googlesource.com/c/chromium/src/+/1884750
@@ -588,13 +575,6 @@ patches = [
# https://github.com/chromiumembedded/cef/issues/3210
'name': 'win_sandbox_3210',
},
{
# Windows: Fix MSVC compile error with sandbox target.
# error: static assertion failed due to requirement
# '!is_const_v<const unsigned char>': The C++ Standard forbids
# containers of const elements because allocator<const T> is ill-formed.
'name': 'win_sandbox_policy',
},
{
# Windows: Always use the root window as the owner for shell dialogs.
# https://github.com/chromiumembedded/cef/issues/3294
@@ -748,12 +728,6 @@ patches = [
# https://issues.chromium.org/issues/323753235#comment11
'name': 'content_initiator_policy_323753235'
},
{
# win: Fix undefined std::_Literal_zero_is_expected() when building
# cef_sandbox with VS 17.9.2 version of MSVC STL.
# https://github.com/chromiumembedded/cef/issues/3708
'name': 'win_sandbox_op3way_3708'
},
{
# Fix ThreadPool DCHECK during startup when using multi-threaded message
# loop. Related to the following CL:

76
patch/patches/base_sandbox_2743.patch
View File

@@ -1,5 +1,5 @@
diff --git base/BUILD.gn base/BUILD.gn
index 59721ed3c9e26..c0ee7567a534c 100644
index 59721ed3c9e26..05926d66bb49b 100644
--- base/BUILD.gn
+++ base/BUILD.gn
@@ -41,6 +41,7 @@ import("//build/rust/rust_static_library.gni")
@@ -25,19 +25,6 @@ index 59721ed3c9e26..c0ee7567a534c 100644
sources += [
"hash/md5_nacl.cc",
"hash/md5_nacl.h",
@@ -1982,6 +1989,12 @@ component("base") {
defines += [ "COM_INIT_CHECK_HOOK_DISABLED" ]
}
+ if (!use_custom_libcxx) {
+ # Enable the VS 2015 Update 2 fix when building with the MSVC standard
+ # library.
+ defines += [ "_ENABLE_ATOMIC_ALIGNMENT_FIX" ]
+ }
+
libs += [
"cfgmgr32.lib",
"ntdll.lib",
diff --git base/allocator/dispatcher/dispatcher.cc base/allocator/dispatcher/dispatcher.cc
index f680f63cffc5b..9cb615bbc8a5a 100644
--- base/allocator/dispatcher/dispatcher.cc
@@ -305,67 +292,6 @@ index ea33ca66f384c..33f4cc76f76bd 100644
// BoringSSL is unavailable for NaCl builds so it remains timing dependent.
return lhs.token_ == rhs.token_;
#else
diff --git base/win/sid.cc base/win/sid.cc
index 6a91e984f5161..4433591d96c99 100644
--- base/win/sid.cc
+++ base/win/sid.cc
@@ -29,12 +29,56 @@
#include "base/win/scoped_handle.h"
#include "base/win/scoped_localalloc.h"
#include "base/win/windows_version.h"
+#include "cef/libcef/features/features.h"
+
+#if !BUILDFLAG(IS_CEF_SANDBOX_BUILD)
#include "third_party/boringssl/src/include/openssl/sha.h"
+#else
+#include <wincrypt.h>
+#endif
namespace base::win {
namespace {
+#if BUILDFLAG(IS_CEF_SANDBOX_BUILD)
+
+#define SHA256_DIGEST_LENGTH 32
+
+bool SHA256(const uint8_t* InData, size_t InDataLen, uint8_t* OutHash) {
+ HCRYPTPROV hProv = 0;
+ HCRYPTHASH hHash = 0;
+
+ if (!CryptAcquireContext(&hProv, nullptr, nullptr, PROV_RSA_AES,
+ CRYPT_VERIFYCONTEXT)) {
+ return false;
+ }
+
+ if (!CryptCreateHash(hProv, CALG_SHA_256, 0, 0, &hHash)) {
+ CryptReleaseContext(hProv, 0);
+ return false;
+ }
+
+ if (!CryptHashData(hHash, InData, static_cast<DWORD>(InDataLen), 0)) {
+ CryptDestroyHash(hHash);
+ CryptReleaseContext(hProv, 0);
+ return false;
+ }
+
+ DWORD dwHashLen = SHA256_DIGEST_LENGTH;
+ if (!CryptGetHashParam(hHash, HP_HASHVAL, OutHash, &dwHashLen, 0)) {
+ CryptDestroyHash(hHash);
+ CryptReleaseContext(hProv, 0);
+ return false;
+ }
+
+ CryptDestroyHash(hHash);
+ CryptReleaseContext(hProv, 0);
+ return true;
+}
+
+#endif // BUILDFLAG(IS_CEF_SANDBOX_BUILD)
+
template <typename Iterator>
Sid FromSubAuthorities(const SID_IDENTIFIER_AUTHORITY& identifier_authority,
size_t sub_authority_count,
diff --git build_overrides/dawn.gni build_overrides/dawn.gni
index cec3df3e50b6e..309b4e6a4fe0d 100644
--- build_overrides/dawn.gni

28
patch/patches/win_cpp17_msvc_sandbox_2819.patch
View File

@@ -1,28 +0,0 @@
diff --git base/third_party/double_conversion/BUILD.gn base/third_party/double_conversion/BUILD.gn
index 8380f58d995bc..c0755bf9870b4 100644
--- base/third_party/double_conversion/BUILD.gn
+++ base/third_party/double_conversion/BUILD.gn
@@ -9,6 +9,11 @@ config("config") {
"-Wno-unused-const-variable",
"-Wno-unused-function",
]
+
+ # Build as C++17 to avoid export of templates that should be inlined.
+ if (is_win) {
+ cflags_cc = [ "/std:c++17" ]
+ }
}
static_library("double_conversion") {
diff --git base/win/BUILD.gn base/win/BUILD.gn
index d915a9320750c..5661652c9b2da 100644
--- base/win/BUILD.gn
+++ base/win/BUILD.gn
@@ -33,4 +33,7 @@ static_library("pe_image") {
"pe_image.cc",
"pe_image.h",
]
+
+ # Build as C++17 to avoid export of templates that should be inlined.
+ cflags_cc = [ "/std:c++17" ]
}

54
patch/patches/win_sandbox_op3way_3708.patch
View File

@@ -1,54 +0,0 @@
diff --git base/time/time.h base/time/time.h
index ad554e5e3f904..a31d584b1fc0d 100644
--- base/time/time.h
+++ base/time/time.h
@@ -137,6 +137,13 @@ constexpr bool isnan(double d) {
} // namespace
+// Clang compiler is unable to eliminate a "dead" function call to an undefined
+// `std::_Literal_zero_is_expected()` function that MSVC uses to allow
+// comparisons with literal zero without warning.
+#define MSVC_OPERATOR_3WAY_BROKEN \
+ BUILDFLAG(IS_WIN) && (__cplusplus >= 202002L || _MSVC_LANG >= 202002L) && \
+ _MSVC_STL_VERSION >= 143 && _MSVC_STL_UPDATE >= 202303
+
// TimeDelta ------------------------------------------------------------------
class BASE_EXPORT TimeDelta {
@@ -325,8 +332,17 @@ class BASE_EXPORT TimeDelta {
// Comparison operators.
friend constexpr bool operator==(TimeDelta, TimeDelta) = default;
+#if MSVC_OPERATOR_3WAY_BROKEN
+ friend constexpr std::strong_ordering operator<=>(TimeDelta lhs,
+ TimeDelta rhs) {
+ if(lhs.delta_ == rhs.delta_) return std::strong_ordering::equal;
+ if(lhs.delta_ < rhs.delta_) return std::strong_ordering::less;
+ return std::strong_ordering::greater;
+ }
+#else
friend constexpr std::strong_ordering operator<=>(TimeDelta,
TimeDelta) = default;
+#endif
// Returns this delta, ceiled/floored/rounded-away-from-zero to the nearest
// multiple of |interval|.
@@ -483,8 +499,17 @@ class TimeBase {
// Comparison operators
friend constexpr bool operator==(const TimeBase&, const TimeBase&) = default;
+#if MSVC_OPERATOR_3WAY_BROKEN
+ friend constexpr std::strong_ordering operator<=>(TimeBase lhs,
+ TimeBase rhs) {
+ if(lhs.us_ == rhs.us_) return std::strong_ordering::equal;
+ if(lhs.us_ < rhs.us_) return std::strong_ordering::less;
+ return std::strong_ordering::greater;
+ }
+#else
friend constexpr std::strong_ordering operator<=>(const TimeBase&,
const TimeBase&) = default;
+#endif
protected:
constexpr explicit TimeBase(int64_t us) : us_(us) {}

88
patch/patches/win_sandbox_policy.patch
View File

@@ -1,88 +0,0 @@
diff --git sandbox/win/src/sandbox_policy.h sandbox/win/src/sandbox_policy.h
index 17699e60e60be..53658b54f4fa7 100644
--- sandbox/win/src/sandbox_policy.h
+++ sandbox/win/src/sandbox_policy.h
@@ -282,7 +282,7 @@ class [[clang::lto_visibility_public]] TargetPolicy {
// Adds a blob of data that will be made available in the child early in
// startup via sandbox::GetDelegateData(). The contents of this data should
// not vary between children with the same TargetConfig().
- virtual void AddDelegateData(base::span<const uint8_t> data) = 0;
+ virtual void AddDelegateData(base::span<uint8_t> data) = 0;
};
} // namespace sandbox
diff --git sandbox/win/src/sandbox_policy_base.cc sandbox/win/src/sandbox_policy_base.cc
index 8ca78708c537e..b8c427ba67d87 100644
--- sandbox/win/src/sandbox_policy_base.cc
+++ sandbox/win/src/sandbox_policy_base.cc
@@ -197,12 +197,12 @@ PolicyGlobal* ConfigBase::policy() {
return policy_;
}
-std::optional<base::span<const uint8_t>> ConfigBase::policy_span() {
+std::optional<base::span<uint8_t>> ConfigBase::policy_span() {
if (policy_) {
// Note: this is not policy().data_size as that relates to internal data,
// not the entire allocated policy area.
- return base::span<const uint8_t>(reinterpret_cast<uint8_t*>(policy_.get()),
- kPolMemSize);
+ return base::span<uint8_t>(reinterpret_cast<uint8_t*>(policy_.get()),
+ kPolMemSize);
}
return std::nullopt;
}
@@ -790,14 +790,14 @@ bool PolicyBase::SetupHandleCloser(TargetProcess& target) {
return (SBOX_ALL_OK == rc);
}
-std::optional<base::span<const uint8_t>> PolicyBase::delegate_data_span() {
+std::optional<base::span<uint8_t>> PolicyBase::delegate_data_span() {
if (delegate_data_) {
return base::span(*delegate_data_);
}
return std::nullopt;
}
-void PolicyBase::AddDelegateData(base::span<const uint8_t> data) {
+void PolicyBase::AddDelegateData(base::span<uint8_t> data) {
CHECK(data.size() > 0u);
// Can only set this once - as there is only one region sent to the child.
CHECK(!delegate_data_);
diff --git sandbox/win/src/sandbox_policy_base.h sandbox/win/src/sandbox_policy_base.h
index af905fba23ac1..cba2426b098a8 100644
--- sandbox/win/src/sandbox_policy_base.h
+++ sandbox/win/src/sandbox_policy_base.h
@@ -117,7 +117,7 @@ class ConfigBase final : public TargetConfig {
// Should only be called once the object is configured.
PolicyGlobal* policy();
- std::optional<base::span<const uint8_t>> policy_span();
+ std::optional<base::span<uint8_t>> policy_span();
std::vector<std::wstring>& blocklisted_dlls();
AppContainerBase* app_container();
IntegrityLevel integrity_level() { return integrity_level_; }
@@ -172,7 +172,7 @@ class PolicyBase final : public TargetPolicy {
ResultCode SetStdoutHandle(HANDLE handle) override;
ResultCode SetStderrHandle(HANDLE handle) override;
void AddHandleToShare(HANDLE handle) override;
- void AddDelegateData(base::span<const uint8_t> data) override;
+ void AddDelegateData(base::span<uint8_t> data) override;
// Creates a Job object with the level specified in a previous call to
// SetJobLevel().
@@ -236,13 +236,13 @@ class PolicyBase final : public TargetPolicy {
// time.
// Returns nullopt if no data has been set, or a view into the data.
- std::optional<base::span<const uint8_t>> delegate_data_span();
+ std::optional<base::span<uint8_t>> delegate_data_span();
// The user-defined global policy settings.
HANDLE stdout_handle_;
HANDLE stderr_handle_;
// An opaque blob of data the delegate uses to prime any pre-sandbox hooks.
- std::unique_ptr<const std::vector<uint8_t>> delegate_data_;
+ std::unique_ptr<std::vector<uint8_t>> delegate_data_;
std::unique_ptr<Dispatcher> dispatcher_;