234 lines
7.3 KiB
Diff
234 lines
7.3 KiB
Diff
diff --git base/BUILD.gn base/BUILD.gn
|
|
index 82cb596dcbb36..16c057933e1f8 100644
|
|
--- base/BUILD.gn
|
|
+++ base/BUILD.gn
|
|
@@ -40,6 +40,7 @@ import("//build/config/ui.gni")
|
|
import("//build/nocompile.gni")
|
|
import("//build/timestamp.gni")
|
|
import("//build_overrides/build.gni")
|
|
+import("//cef/libcef/features/features.gni")
|
|
import("//testing/libfuzzer/fuzzer_test.gni")
|
|
import("//testing/test.gni")
|
|
|
|
@@ -1502,7 +1503,11 @@ component("base") {
|
|
"hash/md5_constexpr_internal.h",
|
|
"hash/sha1.h",
|
|
]
|
|
- if (is_nacl) {
|
|
+ deps += [ "//cef/libcef/features" ]
|
|
+ if (enable_cef) {
|
|
+ configs += [ "//cef/libcef/features:config" ]
|
|
+ }
|
|
+ if (is_nacl || is_cef_sandbox_build) {
|
|
sources += [
|
|
"hash/md5_nacl.cc",
|
|
"hash/md5_nacl.h",
|
|
@@ -1911,6 +1916,12 @@ component("base") {
|
|
defines += [ "COM_INIT_CHECK_HOOK_DISABLED" ]
|
|
}
|
|
|
|
+ if (!use_custom_libcxx) {
|
|
+ # Enable the VS 2015 Update 2 fix when building with the MSVC standard
|
|
+ # library.
|
|
+ defines += [ "_ENABLE_ATOMIC_ALIGNMENT_FIX" ]
|
|
+ }
|
|
+
|
|
libs += [
|
|
"cfgmgr32.lib",
|
|
"ntdll.lib",
|
|
diff --git base/allocator/dispatcher/dispatcher.cc base/allocator/dispatcher/dispatcher.cc
|
|
index 616e2e89af7d3..2a2993e74d53a 100644
|
|
--- base/allocator/dispatcher/dispatcher.cc
|
|
+++ base/allocator/dispatcher/dispatcher.cc
|
|
@@ -10,6 +10,7 @@
|
|
#include "base/check.h"
|
|
#include "base/dcheck_is_on.h"
|
|
#include "base/no_destructor.h"
|
|
+#include "cef/libcef/features/features.h"
|
|
|
|
#if DCHECK_IS_ON()
|
|
#include <atomic>
|
|
@@ -33,7 +34,7 @@ struct Dispatcher::Impl {
|
|
}
|
|
|
|
void Reset() {
|
|
-#if DCHECK_IS_ON()
|
|
+#if DCHECK_IS_ON() && !BUILDFLAG(IS_CEF_SANDBOX_BUILD)
|
|
DCHECK([&]() {
|
|
auto const was_set = is_initialized_check_flag_.test_and_set();
|
|
is_initialized_check_flag_.clear();
|
|
diff --git base/hash/md5.h base/hash/md5.h
|
|
index aa889f350e8f7..50acac8a69225 100644
|
|
--- base/hash/md5.h
|
|
+++ base/hash/md5.h
|
|
@@ -10,8 +10,9 @@
|
|
#include "base/base_export.h"
|
|
#include "base/strings/string_piece.h"
|
|
#include "build/build_config.h"
|
|
+#include "cef/libcef/features/features.h"
|
|
|
|
-#if BUILDFLAG(IS_NACL)
|
|
+#if BUILDFLAG(IS_NACL) || BUILDFLAG(IS_CEF_SANDBOX_BUILD)
|
|
#include "base/hash/md5_nacl.h"
|
|
#else
|
|
#include "base/hash/md5_boringssl.h"
|
|
diff --git base/hash/sha1.h base/hash/sha1.h
|
|
index 29626e5853c6e..2fb1c61504c5d 100644
|
|
--- base/hash/sha1.h
|
|
+++ base/hash/sha1.h
|
|
@@ -14,7 +14,9 @@
|
|
#include "base/containers/span.h"
|
|
#include "base/strings/string_piece.h"
|
|
#include "build/build_config.h"
|
|
-#if BUILDFLAG(IS_NACL)
|
|
+#include "cef/libcef/features/features.h"
|
|
+
|
|
+#if BUILDFLAG(IS_NACL) || BUILDFLAG(IS_CEF_SANDBOX_BUILD)
|
|
#include "base/hash/sha1_nacl.h"
|
|
#else
|
|
#include "base/hash/sha1_boringssl.h"
|
|
diff --git base/rand_util.h base/rand_util.h
|
|
index c9dd1249660c1..7d68b0d893e3d 100644
|
|
--- base/rand_util.h
|
|
+++ base/rand_util.h
|
|
@@ -15,8 +15,9 @@
|
|
#include "base/compiler_specific.h"
|
|
#include "base/gtest_prod_util.h"
|
|
#include "build/build_config.h"
|
|
+#include "cef/libcef/features/features.h"
|
|
|
|
-#if !BUILDFLAG(IS_NACL)
|
|
+#if !BUILDFLAG(IS_NACL) && !BUILDFLAG(IS_CEF_SANDBOX_BUILD)
|
|
#include "third_party/boringssl/src/include/openssl/rand.h"
|
|
#endif
|
|
|
|
@@ -97,7 +98,7 @@ class RandomBitGenerator {
|
|
~RandomBitGenerator() = default;
|
|
};
|
|
|
|
-#if !BUILDFLAG(IS_NACL)
|
|
+#if !BUILDFLAG(IS_NACL) && !BUILDFLAG(IS_CEF_SANDBOX_BUILD)
|
|
class NonAllocatingRandomBitGenerator {
|
|
public:
|
|
using result_type = uint64_t;
|
|
diff --git base/rand_util_win.cc base/rand_util_win.cc
|
|
index 549f4362af8b6..f08b1b2e7f061 100644
|
|
--- base/rand_util_win.cc
|
|
+++ base/rand_util_win.cc
|
|
@@ -15,8 +15,12 @@
|
|
|
|
#include "base/check.h"
|
|
#include "base/feature_list.h"
|
|
+#include "cef/libcef/features/features.h"
|
|
+
|
|
+#if !BUILDFLAG(IS_CEF_SANDBOX_BUILD)
|
|
#include "third_party/boringssl/src/include/openssl/crypto.h"
|
|
#include "third_party/boringssl/src/include/openssl/rand.h"
|
|
+#endif
|
|
|
|
// Prototype for ProcessPrng.
|
|
// See: https://learn.microsoft.com/en-us/windows/win32/seccng/processprng
|
|
@@ -28,6 +32,7 @@ namespace base {
|
|
|
|
namespace internal {
|
|
|
|
+#if !BUILDFLAG(IS_CEF_SANDBOX_BUILD)
|
|
namespace {
|
|
|
|
// The BoringSSl helpers are duplicated in rand_util_fuchsia.cc and
|
|
@@ -49,6 +54,10 @@ bool UseBoringSSLForRandBytes() {
|
|
return g_use_boringssl.load(std::memory_order_relaxed);
|
|
}
|
|
|
|
+#else // !BUILDFLAG(IS_CEF_SANDBOX_BUILD)
|
|
+void ConfigureBoringSSLBackedRandBytesFieldTrial() {}
|
|
+#endif
|
|
+
|
|
} // namespace internal
|
|
|
|
namespace {
|
|
@@ -66,6 +75,7 @@ decltype(&ProcessPrng) GetProcessPrng() {
|
|
}
|
|
|
|
void RandBytes(void* output, size_t output_length, bool avoid_allocation) {
|
|
+#if !BUILDFLAG(IS_CEF_SANDBOX_BUILD)
|
|
if (!avoid_allocation && internal::UseBoringSSLForRandBytes()) {
|
|
// Ensure BoringSSL is initialized so it can use things like RDRAND.
|
|
CRYPTO_library_init();
|
|
@@ -73,6 +83,7 @@ void RandBytes(void* output, size_t output_length, bool avoid_allocation) {
|
|
(void)RAND_bytes(static_cast<uint8_t*>(output), output_length);
|
|
return;
|
|
}
|
|
+#endif // !BUILDFLAG(IS_CEF_SANDBOX_BUILD)
|
|
|
|
static decltype(&ProcessPrng) process_prng_fn = GetProcessPrng();
|
|
BOOL success = process_prng_fn(static_cast<BYTE*>(output), output_length);
|
|
diff --git base/unguessable_token.cc base/unguessable_token.cc
|
|
index aa7423f88d278..1b2c7d3e3c4a0 100644
|
|
--- base/unguessable_token.cc
|
|
+++ base/unguessable_token.cc
|
|
@@ -10,8 +10,9 @@
|
|
#include "base/format_macros.h"
|
|
#include "base/rand_util.h"
|
|
#include "build/build_config.h"
|
|
+#include "cef/libcef/features/features.h"
|
|
|
|
-#if !BUILDFLAG(IS_NACL)
|
|
+#if !BUILDFLAG(IS_NACL) && !BUILDFLAG(IS_CEF_SANDBOX_BUILD)
|
|
#include "third_party/boringssl/src/include/openssl/mem.h"
|
|
#endif
|
|
|
|
@@ -46,7 +47,7 @@ absl::optional<UnguessableToken> UnguessableToken::Deserialize(uint64_t high,
|
|
}
|
|
|
|
bool UnguessableToken::operator==(const UnguessableToken& other) const {
|
|
-#if BUILDFLAG(IS_NACL)
|
|
+#if BUILDFLAG(IS_NACL) || BUILDFLAG(IS_CEF_SANDBOX_BUILD)
|
|
// BoringSSL is unavailable for NaCl builds so it remains timing dependent.
|
|
return token_ == other.token_;
|
|
#else
|
|
diff --git base/win/sid.cc base/win/sid.cc
|
|
index 0f1a2ec79aa4b..7f92778a4a776 100644
|
|
--- base/win/sid.cc
|
|
+++ base/win/sid.cc
|
|
@@ -15,6 +15,7 @@
|
|
#include <utility>
|
|
|
|
#include "base/check.h"
|
|
+#include "base/notreached.h"
|
|
#include "base/no_destructor.h"
|
|
#include "base/rand_util.h"
|
|
#include "base/ranges/algorithm.h"
|
|
@@ -22,8 +23,12 @@
|
|
#include "base/win/scoped_handle.h"
|
|
#include "base/win/scoped_localalloc.h"
|
|
#include "base/win/windows_version.h"
|
|
+#include "cef/libcef/features/features.h"
|
|
+
|
|
+#if !BUILDFLAG(IS_CEF_SANDBOX_BUILD)
|
|
#include "third_party/boringssl/src/include/openssl/crypto.h"
|
|
#include "third_party/boringssl/src/include/openssl/sha.h"
|
|
+#endif
|
|
|
|
namespace base::win {
|
|
|
|
@@ -124,6 +129,7 @@ Sid Sid::FromNamedCapability(const std::wstring& capability_name) {
|
|
if (known_cap != known_capabilities->end()) {
|
|
return FromKnownCapability(known_cap->second);
|
|
}
|
|
+#if !BUILDFLAG(IS_CEF_SANDBOX_BUILD)
|
|
CRYPTO_library_init();
|
|
static_assert((SHA256_DIGEST_LENGTH / sizeof(DWORD)) ==
|
|
SECURITY_APP_PACKAGE_RID_COUNT);
|
|
@@ -136,6 +142,10 @@ Sid Sid::FromNamedCapability(const std::wstring& capability_name) {
|
|
reinterpret_cast<uint8_t*>(&rids[2]));
|
|
return FromSubAuthorities(SECURITY_APP_PACKAGE_AUTHORITY, std::size(rids),
|
|
rids);
|
|
+#else
|
|
+ NOTREACHED();
|
|
+ return Sid(WellKnownSid::kNull);
|
|
+#endif
|
|
}
|
|
|
|
Sid Sid::FromKnownSid(WellKnownSid type) {
|