cef/patch/patches/base_sandbox_2743.patch

217 lines
6.9 KiB
Diff

diff --git base/BUILD.gn base/BUILD.gn
index 7662d4fc550b9..6eba00f309953 100644
--- base/BUILD.gn
+++ base/BUILD.gn
@@ -39,6 +39,7 @@ import("//build/nocompile.gni")
import("//build/rust/mixed_component.gni")
import("//build/timestamp.gni")
import("//build_overrides/build.gni")
+import("//cef/libcef/features/features.gni")
import("//testing/libfuzzer/fuzzer_test.gni")
import("//testing/test.gni")
@@ -1993,7 +1994,11 @@ mixed_component("base") {
"hash/md5_constexpr_internal.h",
"hash/sha1.h",
]
- if (is_nacl) {
+ deps += [ "//cef/libcef/features" ]
+ if (enable_cef) {
+ configs += [ "//cef/libcef/features:config" ]
+ }
+ if (is_nacl || is_cef_sandbox_build) {
sources += [
"hash/md5_nacl.cc",
"hash/md5_nacl.h",
@@ -2134,6 +2139,12 @@ mixed_component("base") {
defines += [ "COM_INIT_CHECK_HOOK_DISABLED" ]
}
+ if (!use_custom_libcxx) {
+ # Enable the VS 2015 Update 2 fix when building with the MSVC standard
+ # library.
+ defines += [ "_ENABLE_ATOMIC_ALIGNMENT_FIX" ]
+ }
+
libs += [
"cfgmgr32.lib",
"powrprof.lib",
diff --git base/allocator/dispatcher/dispatcher.cc base/allocator/dispatcher/dispatcher.cc
index 4a1bf8191ba2c..1fed45b2ac0d9 100644
--- base/allocator/dispatcher/dispatcher.cc
+++ base/allocator/dispatcher/dispatcher.cc
@@ -13,6 +13,7 @@
#include "base/dcheck_is_on.h"
#include "base/no_destructor.h"
#include "base/sampling_heap_profiler/poisson_allocation_sampler.h"
+#include "cef/libcef/features/features.h"
#if DCHECK_IS_ON()
#include <atomic>
@@ -260,7 +261,7 @@ struct Dispatcher::Impl {
}
void Reset() {
-#if DCHECK_IS_ON()
+#if DCHECK_IS_ON() && !BUILDFLAG(IS_CEF_SANDBOX_BUILD)
DCHECK([&]() {
auto const was_set = is_initialized_check_flag_.test_and_set();
is_initialized_check_flag_.clear();
diff --git base/hash/md5.h base/hash/md5.h
index aa889f350e8f7..50acac8a69225 100644
--- base/hash/md5.h
+++ base/hash/md5.h
@@ -10,8 +10,9 @@
#include "base/base_export.h"
#include "base/strings/string_piece.h"
#include "build/build_config.h"
+#include "cef/libcef/features/features.h"
-#if BUILDFLAG(IS_NACL)
+#if BUILDFLAG(IS_NACL) || BUILDFLAG(IS_CEF_SANDBOX_BUILD)
#include "base/hash/md5_nacl.h"
#else
#include "base/hash/md5_boringssl.h"
diff --git base/hash/sha1.h base/hash/sha1.h
index 29626e5853c6e..2fb1c61504c5d 100644
--- base/hash/sha1.h
+++ base/hash/sha1.h
@@ -14,7 +14,9 @@
#include "base/containers/span.h"
#include "base/strings/string_piece.h"
#include "build/build_config.h"
-#if BUILDFLAG(IS_NACL)
+#include "cef/libcef/features/features.h"
+
+#if BUILDFLAG(IS_NACL) || BUILDFLAG(IS_CEF_SANDBOX_BUILD)
#include "base/hash/sha1_nacl.h"
#else
#include "base/hash/sha1_boringssl.h"
diff --git base/memory/raw_ptr.h base/memory/raw_ptr.h
index d3e96a9bcf0a2..e7f9003405743 100644
--- base/memory/raw_ptr.h
+++ base/memory/raw_ptr.h
@@ -22,6 +22,7 @@
#include "base/base_export.h"
#include "build/build_config.h"
#include "build/buildflag.h"
+#include "cef/libcef/features/features.h"
// A strange dance is done here to provide `CHECK` for `raw_ptr<T>`
// in the presence of NaCl. The constraints are:
@@ -39,7 +40,7 @@
// macro isn't used _everywhere_ (e.g. not in the implementation of
// BRP) because we assert that NaCl always uses RawPtrNoOpImpl (see
// `static_assert` below).
-#if BUILDFLAG(IS_NACL)
+#if BUILDFLAG(IS_NACL) || BUILDFLAG(IS_CEF_SANDBOX_BUILD)
#include "base/check.h"
#define PA_RAW_PTR_CHECK(condition) CHECK(condition)
#else
@@ -993,7 +994,7 @@ class PA_TRIVIAL_ABI PA_GSL_POINTER raw_ptr {
raw_ptr<T, internal::RawPtrCountingImplWrapperForTest<RawPtrMayDangle>>,
raw_ptr<T, RawPtrMayDangle>>;
-#if BUILDFLAG(IS_NACL)
+#if BUILDFLAG(IS_NACL) || BUILDFLAG(IS_CEF_SANDBOX_BUILD)
// See comment at top about `PA_RAW_PTR_CHECK()`.
static_assert(std::is_same_v<Impl, internal::RawPtrNoOpImpl>);
#endif // BUILDFLAG(IS_NACL)
diff --git base/rand_util.h base/rand_util.h
index 04024537ee698..59864cb084559 100644
--- base/rand_util.h
+++ base/rand_util.h
@@ -15,8 +15,9 @@
#include "base/compiler_specific.h"
#include "base/gtest_prod_util.h"
#include "build/build_config.h"
+#include "cef/libcef/features/features.h"
-#if !BUILDFLAG(IS_NACL)
+#if !BUILDFLAG(IS_NACL) && !BUILDFLAG(IS_CEF_SANDBOX_BUILD)
#include "third_party/boringssl/src/include/openssl/rand.h"
#endif
@@ -93,7 +94,7 @@ class RandomBitGenerator {
~RandomBitGenerator() = default;
};
-#if !BUILDFLAG(IS_NACL)
+#if !BUILDFLAG(IS_NACL) && !BUILDFLAG(IS_CEF_SANDBOX_BUILD)
class NonAllocatingRandomBitGenerator {
public:
using result_type = uint64_t;
diff --git base/rand_util_win.cc base/rand_util_win.cc
index 099fe2912be23..758fa0c4296af 100644
--- base/rand_util_win.cc
+++ base/rand_util_win.cc
@@ -20,14 +20,19 @@
#include <limits>
#include "base/check.h"
+#include "cef/libcef/features/features.h"
+
+#if !BUILDFLAG(IS_CEF_SANDBOX_BUILD)
#include "base/feature_list.h"
#include "third_party/boringssl/src/include/openssl/crypto.h"
#include "third_party/boringssl/src/include/openssl/rand.h"
+#endif
namespace base {
namespace internal {
+#if !BUILDFLAG(IS_CEF_SANDBOX_BUILD)
namespace {
// The BoringSSl helpers are duplicated in rand_util_fuchsia.cc and
@@ -49,11 +54,16 @@ bool UseBoringSSLForRandBytes() {
return g_use_boringssl.load(std::memory_order_relaxed);
}
+#else // !BUILDFLAG(IS_CEF_SANDBOX_BUILD)
+void ConfigureBoringSSLBackedRandBytesFieldTrial() {}
+#endif
+
} // namespace internal
namespace {
void RandBytes(void* output, size_t output_length, bool avoid_allocation) {
+#if !BUILDFLAG(IS_CEF_SANDBOX_BUILD)
if (!avoid_allocation && internal::UseBoringSSLForRandBytes()) {
// Ensure BoringSSL is initialized so it can use things like RDRAND.
CRYPTO_library_init();
@@ -61,6 +71,7 @@ void RandBytes(void* output, size_t output_length, bool avoid_allocation) {
(void)RAND_bytes(static_cast<uint8_t*>(output), output_length);
return;
}
+#endif // !BUILDFLAG(IS_CEF_SANDBOX_BUILD)
char* output_ptr = static_cast<char*>(output);
while (output_length > 0) {
diff --git base/unguessable_token.cc base/unguessable_token.cc
index dcef8fbda4493..c8034ebc44b23 100644
--- base/unguessable_token.cc
+++ base/unguessable_token.cc
@@ -9,8 +9,9 @@
#include "base/format_macros.h"
#include "base/rand_util.h"
#include "build/build_config.h"
+#include "cef/libcef/features/features.h"
-#if !BUILDFLAG(IS_NACL)
+#if !BUILDFLAG(IS_NACL) && !BUILDFLAG(IS_CEF_SANDBOX_BUILD)
#include "third_party/boringssl/src/include/openssl/mem.h"
#endif
@@ -41,7 +42,7 @@ UnguessableToken UnguessableToken::Deserialize(uint64_t high, uint64_t low) {
}
bool UnguessableToken::operator==(const UnguessableToken& other) const {
-#if BUILDFLAG(IS_NACL)
+#if BUILDFLAG(IS_NACL) || BUILDFLAG(IS_CEF_SANDBOX_BUILD)
// BoringSSL is unavailable for NaCl builds so it remains timing dependent.
return token_ == other.token_;
#else