diff --git base/BUILD.gn base/BUILD.gn index 4925a756be531..dbd2464d4cf9b 100644 --- base/BUILD.gn +++ base/BUILD.gn @@ -40,6 +40,7 @@ import("//build/config/ui.gni") import("//build/nocompile.gni") import("//build/timestamp.gni") import("//build_overrides/build.gni") +import("//cef/libcef/features/features.gni") import("//testing/libfuzzer/fuzzer_test.gni") import("//testing/test.gni") @@ -1529,7 +1530,11 @@ component("base") { "hash/md5_constexpr_internal.h", "hash/sha1.h", ] - if (is_nacl) { + deps += [ "//cef/libcef/features" ] + if (enable_cef) { + configs += [ "//cef/libcef/features:config" ] + } + if (is_nacl || is_cef_sandbox_build) { sources += [ "hash/md5_nacl.cc", "hash/md5_nacl.h", @@ -1928,6 +1933,12 @@ component("base") { defines += [ "COM_INIT_CHECK_HOOK_DISABLED" ] } + if (!use_custom_libcxx) { + # Enable the VS 2015 Update 2 fix when building with the MSVC standard + # library. + defines += [ "_ENABLE_ATOMIC_ALIGNMENT_FIX" ] + } + libs += [ "cfgmgr32.lib", "ntdll.lib", diff --git base/allocator/dispatcher/dispatcher.cc base/allocator/dispatcher/dispatcher.cc index 2d4f17ea2a301..ff2ccafd53056 100644 --- base/allocator/dispatcher/dispatcher.cc +++ base/allocator/dispatcher/dispatcher.cc @@ -12,6 +12,7 @@ #include "base/check.h" #include "base/dcheck_is_on.h" #include "base/no_destructor.h" +#include "cef/libcef/features/features.h" #if DCHECK_IS_ON() #include @@ -31,7 +32,7 @@ struct Dispatcher::Impl { } void Reset() { -#if DCHECK_IS_ON() +#if DCHECK_IS_ON() && !BUILDFLAG(IS_CEF_SANDBOX_BUILD) DCHECK([&]() { auto const was_set = is_initialized_check_flag_.test_and_set(); is_initialized_check_flag_.clear(); diff --git base/hash/md5.h base/hash/md5.h index aa889f350e8f7..50acac8a69225 100644 --- base/hash/md5.h +++ base/hash/md5.h @@ -10,8 +10,9 @@ #include "base/base_export.h" #include "base/strings/string_piece.h" #include "build/build_config.h" +#include "cef/libcef/features/features.h" -#if BUILDFLAG(IS_NACL) +#if BUILDFLAG(IS_NACL) || BUILDFLAG(IS_CEF_SANDBOX_BUILD) #include "base/hash/md5_nacl.h" #else #include "base/hash/md5_boringssl.h" diff --git base/hash/sha1.h base/hash/sha1.h index 29626e5853c6e..2fb1c61504c5d 100644 --- base/hash/sha1.h +++ base/hash/sha1.h @@ -14,7 +14,9 @@ #include "base/containers/span.h" #include "base/strings/string_piece.h" #include "build/build_config.h" -#if BUILDFLAG(IS_NACL) +#include "cef/libcef/features/features.h" + +#if BUILDFLAG(IS_NACL) || BUILDFLAG(IS_CEF_SANDBOX_BUILD) #include "base/hash/sha1_nacl.h" #else #include "base/hash/sha1_boringssl.h" diff --git base/rand_util.h base/rand_util.h index c9dd1249660c1..7d68b0d893e3d 100644 --- base/rand_util.h +++ base/rand_util.h @@ -15,8 +15,9 @@ #include "base/compiler_specific.h" #include "base/gtest_prod_util.h" #include "build/build_config.h" +#include "cef/libcef/features/features.h" -#if !BUILDFLAG(IS_NACL) +#if !BUILDFLAG(IS_NACL) && !BUILDFLAG(IS_CEF_SANDBOX_BUILD) #include "third_party/boringssl/src/include/openssl/rand.h" #endif @@ -97,7 +98,7 @@ class RandomBitGenerator { ~RandomBitGenerator() = default; }; -#if !BUILDFLAG(IS_NACL) +#if !BUILDFLAG(IS_NACL) && !BUILDFLAG(IS_CEF_SANDBOX_BUILD) class NonAllocatingRandomBitGenerator { public: using result_type = uint64_t; diff --git base/rand_util_win.cc base/rand_util_win.cc index 2d9a1633b564f..d304c204c43ff 100644 --- base/rand_util_win.cc +++ base/rand_util_win.cc @@ -21,14 +21,19 @@ #include #include "base/check.h" +#include "cef/libcef/features/features.h" + +#if !BUILDFLAG(IS_CEF_SANDBOX_BUILD) #include "base/feature_list.h" #include "third_party/boringssl/src/include/openssl/crypto.h" #include "third_party/boringssl/src/include/openssl/rand.h" +#endif namespace base { namespace internal { +#if !BUILDFLAG(IS_CEF_SANDBOX_BUILD) namespace { // The BoringSSl helpers are duplicated in rand_util_fuchsia.cc and @@ -50,11 +55,16 @@ bool UseBoringSSLForRandBytes() { return g_use_boringssl.load(std::memory_order_relaxed); } +#else // !BUILDFLAG(IS_CEF_SANDBOX_BUILD) +void ConfigureBoringSSLBackedRandBytesFieldTrial() {} +#endif + } // namespace internal namespace { void RandBytes(void* output, size_t output_length, bool avoid_allocation) { +#if !BUILDFLAG(IS_CEF_SANDBOX_BUILD) if (!avoid_allocation && internal::UseBoringSSLForRandBytes()) { // Ensure BoringSSL is initialized so it can use things like RDRAND. CRYPTO_library_init(); @@ -62,6 +72,7 @@ void RandBytes(void* output, size_t output_length, bool avoid_allocation) { (void)RAND_bytes(static_cast(output), output_length); return; } +#endif // !BUILDFLAG(IS_CEF_SANDBOX_BUILD) char* output_ptr = static_cast(output); while (output_length > 0) { diff --git base/unguessable_token.cc base/unguessable_token.cc index aa7423f88d278..1b2c7d3e3c4a0 100644 --- base/unguessable_token.cc +++ base/unguessable_token.cc @@ -10,8 +10,9 @@ #include "base/format_macros.h" #include "base/rand_util.h" #include "build/build_config.h" +#include "cef/libcef/features/features.h" -#if !BUILDFLAG(IS_NACL) +#if !BUILDFLAG(IS_NACL) && !BUILDFLAG(IS_CEF_SANDBOX_BUILD) #include "third_party/boringssl/src/include/openssl/mem.h" #endif @@ -46,7 +47,7 @@ absl::optional UnguessableToken::Deserialize(uint64_t high, } bool UnguessableToken::operator==(const UnguessableToken& other) const { -#if BUILDFLAG(IS_NACL) +#if BUILDFLAG(IS_NACL) || BUILDFLAG(IS_CEF_SANDBOX_BUILD) // BoringSSL is unavailable for NaCl builds so it remains timing dependent. return token_ == other.token_; #else diff --git base/win/sid.cc base/win/sid.cc index 0f1a2ec79aa4b..7f92778a4a776 100644 --- base/win/sid.cc +++ base/win/sid.cc @@ -15,6 +15,7 @@ #include #include "base/check.h" +#include "base/notreached.h" #include "base/no_destructor.h" #include "base/rand_util.h" #include "base/ranges/algorithm.h" @@ -22,8 +23,12 @@ #include "base/win/scoped_handle.h" #include "base/win/scoped_localalloc.h" #include "base/win/windows_version.h" +#include "cef/libcef/features/features.h" + +#if !BUILDFLAG(IS_CEF_SANDBOX_BUILD) #include "third_party/boringssl/src/include/openssl/crypto.h" #include "third_party/boringssl/src/include/openssl/sha.h" +#endif namespace base::win { @@ -124,6 +129,7 @@ Sid Sid::FromNamedCapability(const std::wstring& capability_name) { if (known_cap != known_capabilities->end()) { return FromKnownCapability(known_cap->second); } +#if !BUILDFLAG(IS_CEF_SANDBOX_BUILD) CRYPTO_library_init(); static_assert((SHA256_DIGEST_LENGTH / sizeof(DWORD)) == SECURITY_APP_PACKAGE_RID_COUNT); @@ -136,6 +142,10 @@ Sid Sid::FromNamedCapability(const std::wstring& capability_name) { reinterpret_cast(&rids[2])); return FromSubAuthorities(SECURITY_APP_PACKAGE_AUTHORITY, std::size(rids), rids); +#else + NOTREACHED(); + return Sid(WellKnownSid::kNull); +#endif } Sid Sid::FromKnownSid(WellKnownSid type) {