mirror of
				https://bitbucket.org/chromiumembedded/cef
				synced 2025-06-05 21:39:12 +02:00 
			
		
		
		
	
		
			
				
	
	
		
			428 lines
		
	
	
		
			13 KiB
		
	
	
	
		
			Diff
		
	
	
	
	
	
			
		
		
	
	
			428 lines
		
	
	
		
			13 KiB
		
	
	
	
		
			Diff
		
	
	
	
	
	
| diff --git base/BUILD.gn base/BUILD.gn
 | |
| index e0c6828f0cd7f..40e3d558dfda3 100644
 | |
| --- base/BUILD.gn
 | |
| +++ base/BUILD.gn
 | |
| @@ -42,6 +42,7 @@ import("//build/rust/rust_static_library.gni")
 | |
|  import("//build/timestamp.gni")
 | |
|  import("//build/util/process_version.gni")
 | |
|  import("//build_overrides/build.gni")
 | |
| +import("//cef/libcef/features/features.gni")
 | |
|  import("//testing/libfuzzer/fuzzer_test.gni")
 | |
|  import("//testing/test.gni")
 | |
|  
 | |
| @@ -1491,7 +1492,13 @@ component("base") {
 | |
|      "hash/md5_constexpr_internal.h",
 | |
|      "hash/sha1.h",
 | |
|    ]
 | |
| -  if (is_nacl) {
 | |
| +
 | |
| +  deps += [ "//cef/libcef/features:buildflags" ]
 | |
| +  if (enable_cef) {
 | |
| +    configs += [ "//cef/libcef/features:config" ]
 | |
| +  }
 | |
| +
 | |
| +  if (is_nacl || is_cef_sandbox_build) {
 | |
|      sources += [
 | |
|        "hash/md5_nacl.cc",
 | |
|        "hash/md5_nacl.h",
 | |
| @@ -1941,6 +1948,12 @@ component("base") {
 | |
|        defines += [ "COM_INIT_CHECK_HOOK_DISABLED" ]
 | |
|      }
 | |
|  
 | |
| +    if (!use_custom_libcxx) {
 | |
| +      # Enable the VS 2015 Update 2 fix when building with the MSVC standard
 | |
| +      # library.
 | |
| +      defines += [ "_ENABLE_ATOMIC_ALIGNMENT_FIX" ]
 | |
| +    }
 | |
| +
 | |
|      libs += [
 | |
|        "cfgmgr32.lib",
 | |
|        "ntdll.lib",
 | |
| diff --git base/allocator/dispatcher/dispatcher.cc base/allocator/dispatcher/dispatcher.cc
 | |
| index f680f63cffc5b..9cb615bbc8a5a 100644
 | |
| --- base/allocator/dispatcher/dispatcher.cc
 | |
| +++ base/allocator/dispatcher/dispatcher.cc
 | |
| @@ -8,6 +8,7 @@
 | |
|  #include "base/check.h"
 | |
|  #include "base/dcheck_is_on.h"
 | |
|  #include "base/no_destructor.h"
 | |
| +#include "cef/libcef/features/features.h"
 | |
|  #include "partition_alloc/buildflags.h"
 | |
|  #include "partition_alloc/shim/allocator_shim.h"
 | |
|  
 | |
| @@ -33,7 +34,7 @@ struct Dispatcher::Impl {
 | |
|    }
 | |
|  
 | |
|    void Reset() {
 | |
| -#if DCHECK_IS_ON()
 | |
| +#if DCHECK_IS_ON() && !BUILDFLAG(IS_CEF_SANDBOX_BUILD)
 | |
|      DCHECK([&] {
 | |
|        auto const was_set = is_initialized_check_flag_.test_and_set();
 | |
|        is_initialized_check_flag_.clear();
 | |
| diff --git base/hash/md5.h base/hash/md5.h
 | |
| index 215d636fec275..922e88f31b999 100644
 | |
| --- base/hash/md5.h
 | |
| +++ base/hash/md5.h
 | |
| @@ -11,8 +11,9 @@
 | |
|  #include "base/base_export.h"
 | |
|  #include "base/containers/span.h"
 | |
|  #include "build/build_config.h"
 | |
| +#include "cef/libcef/features/features.h"
 | |
|  
 | |
| -#if BUILDFLAG(IS_NACL)
 | |
| +#if BUILDFLAG(IS_NACL) || BUILDFLAG(IS_CEF_SANDBOX_BUILD)
 | |
|  #include "base/hash/md5_nacl.h"
 | |
|  #else
 | |
|  #include "base/hash/md5_boringssl.h"
 | |
| diff --git base/hash/sha1.h base/hash/sha1.h
 | |
| index 2158b648ca58a..8a8cb13b2fd74 100644
 | |
| --- base/hash/sha1.h
 | |
| +++ base/hash/sha1.h
 | |
| @@ -15,7 +15,9 @@
 | |
|  #include "base/compiler_specific.h"
 | |
|  #include "base/containers/span.h"
 | |
|  #include "build/build_config.h"
 | |
| -#if BUILDFLAG(IS_NACL)
 | |
| +#include "cef/libcef/features/features.h"
 | |
| +
 | |
| +#if BUILDFLAG(IS_NACL) || BUILDFLAG(IS_CEF_SANDBOX_BUILD)
 | |
|  #include "base/hash/sha1_nacl.h"
 | |
|  #else
 | |
|  #include "base/hash/sha1_boringssl.h"
 | |
| diff --git base/json/json_reader.cc base/json/json_reader.cc
 | |
| index af1d4f46d02c9..953585804c177 100644
 | |
| --- base/json/json_reader.cc
 | |
| +++ base/json/json_reader.cc
 | |
| @@ -12,8 +12,9 @@
 | |
|  #include "base/logging.h"
 | |
|  #include "base/metrics/histogram_macros.h"
 | |
|  #include "build/build_config.h"
 | |
| +#include "cef/libcef/features/features.h"
 | |
|  
 | |
| -#if !BUILDFLAG(IS_NACL)
 | |
| +#if !(BUILDFLAG(IS_NACL) || BUILDFLAG(IS_CEF_SANDBOX_BUILD))
 | |
|  #include "base/strings/string_view_rust.h"
 | |
|  #include "third_party/rust/serde_json_lenient/v0_2/wrapper/functions.h"
 | |
|  #include "third_party/rust/serde_json_lenient/v0_2/wrapper/lib.rs.h"
 | |
| @@ -23,7 +24,7 @@ namespace base {
 | |
|  
 | |
|  // TODO(crbug.com/40811643): Move the C++ parser into components/nacl to just
 | |
|  // run in-process there. Don't compile base::JSONReader on NaCL at all.
 | |
| -#if !BUILDFLAG(IS_NACL)
 | |
| +#if !(BUILDFLAG(IS_NACL) || BUILDFLAG(IS_CEF_SANDBOX_BUILD))
 | |
|  
 | |
|  namespace {
 | |
|  using serde_json_lenient::ContextPointer;
 | |
| @@ -129,16 +130,16 @@ JSONReader::Result DecodeJSONInRust(std::string_view json,
 | |
|  
 | |
|  }  // anonymous namespace
 | |
|  
 | |
| -#endif  // !BUILDFLAG(IS_NACL)
 | |
| +#endif  // !(BUILDFLAG(IS_NACL) || BUILDFLAG(IS_CEF_SANDBOX_BUILD))
 | |
|  
 | |
|  // static
 | |
|  std::optional<Value> JSONReader::Read(std::string_view json,
 | |
|                                        int options,
 | |
|                                        size_t max_depth) {
 | |
| -#if BUILDFLAG(IS_NACL)
 | |
| +#if (BUILDFLAG(IS_NACL) || BUILDFLAG(IS_CEF_SANDBOX_BUILD))
 | |
|    internal::JSONParser parser(options, max_depth);
 | |
|    return parser.Parse(json);
 | |
| -#else   // BUILDFLAG(IS_NACL)
 | |
| +#else   // (BUILDFLAG(IS_NACL) || BUILDFLAG(IS_CEF_SANDBOX_BUILD))
 | |
|    SCOPED_UMA_HISTOGRAM_TIMER_MICROS(kSecurityJsonParsingTime);
 | |
|    if (UsingRust()) {
 | |
|      JSONReader::Result result = DecodeJSONInRust(json, options, max_depth);
 | |
| @@ -150,7 +151,7 @@ std::optional<Value> JSONReader::Read(std::string_view json,
 | |
|      internal::JSONParser parser(options, max_depth);
 | |
|      return parser.Parse(json);
 | |
|    }
 | |
| -#endif  // BUILDFLAG(IS_NACL)
 | |
| +#endif  // (BUILDFLAG(IS_NACL) || BUILDFLAG(IS_CEF_SANDBOX_BUILD))
 | |
|  }
 | |
|  
 | |
|  // static
 | |
| @@ -168,7 +169,7 @@ std::optional<Value::Dict> JSONReader::ReadDict(std::string_view json,
 | |
|  JSONReader::Result JSONReader::ReadAndReturnValueWithError(
 | |
|      std::string_view json,
 | |
|      int options) {
 | |
| -#if BUILDFLAG(IS_NACL)
 | |
| +#if (BUILDFLAG(IS_NACL) || BUILDFLAG(IS_CEF_SANDBOX_BUILD))
 | |
|    internal::JSONParser parser(options);
 | |
|    auto value = parser.Parse(json);
 | |
|    if (!value) {
 | |
| @@ -180,7 +181,7 @@ JSONReader::Result JSONReader::ReadAndReturnValueWithError(
 | |
|    }
 | |
|  
 | |
|    return std::move(*value);
 | |
| -#else   // BUILDFLAG(IS_NACL)
 | |
| +#else   // (BUILDFLAG(IS_NACL) || BUILDFLAG(IS_CEF_SANDBOX_BUILD))
 | |
|    SCOPED_UMA_HISTOGRAM_TIMER_MICROS(kSecurityJsonParsingTime);
 | |
|    if (UsingRust()) {
 | |
|      return DecodeJSONInRust(json, options, internal::kAbsoluteMaxDepth);
 | |
| @@ -197,7 +198,7 @@ JSONReader::Result JSONReader::ReadAndReturnValueWithError(
 | |
|  
 | |
|      return std::move(*value);
 | |
|    }
 | |
| -#endif  // BUILDFLAG(IS_NACL)
 | |
| +#endif  // (BUILDFLAG(IS_NACL) || BUILDFLAG(IS_CEF_SANDBOX_BUILD))
 | |
|  }
 | |
|  
 | |
|  // static
 | |
| @@ -208,7 +209,7 @@ bool JSONReader::UsingRust() {
 | |
|    if (!base::FeatureList::GetInstance()) {
 | |
|      return false;
 | |
|    }
 | |
| -#if BUILDFLAG(IS_NACL)
 | |
| +#if (BUILDFLAG(IS_NACL) || BUILDFLAG(IS_CEF_SANDBOX_BUILD))
 | |
|    return false;
 | |
|  #else
 | |
|    return base::FeatureList::IsEnabled(base::features::kUseRustJsonParser);
 | |
| diff --git base/logging.cc base/logging.cc
 | |
| index b67b6fbf7e4e5..fc23ed1b4477d 100644
 | |
| --- base/logging.cc
 | |
| +++ base/logging.cc
 | |
| @@ -60,6 +60,7 @@
 | |
|  #include "base/vlog.h"
 | |
|  #include "build/build_config.h"
 | |
|  #include "build/chromeos_buildflags.h"
 | |
| +#include "cef/libcef/features/features.h"
 | |
|  #include "third_party/abseil-cpp/absl/base/internal/raw_logging.h"
 | |
|  #include "third_party/abseil-cpp/absl/cleanup/cleanup.h"
 | |
|  
 | |
| @@ -538,7 +539,7 @@ bool BaseInitLoggingImpl(const LoggingSettings& settings) {
 | |
|    }
 | |
|  #endif
 | |
|  
 | |
| -#if !BUILDFLAG(IS_NACL)
 | |
| +#if !BUILDFLAG(IS_NACL) && !BUILDFLAG(IS_CEF_SANDBOX_BUILD)
 | |
|    // Connects Rust logging with the //base logging functionality.
 | |
|    internal::init_rust_log_crate();
 | |
|  #endif
 | |
| diff --git base/metrics/crc32.cc base/metrics/crc32.cc
 | |
| index 83e3cee2579ab..8238767ab9126 100644
 | |
| --- base/metrics/crc32.cc
 | |
| +++ base/metrics/crc32.cc
 | |
| @@ -3,14 +3,15 @@
 | |
|  // found in the LICENSE file.
 | |
|  
 | |
|  #include "base/metrics/crc32.h"
 | |
| +#include "cef/libcef/features/features.h"
 | |
|  
 | |
| -#if !BUILDFLAG(IS_NACL)
 | |
| +#if !BUILDFLAG(IS_NACL) && !BUILDFLAG(IS_CEF_SANDBOX_BUILD)
 | |
|  #include "third_party/zlib/zlib.h"
 | |
|  #endif  // !BUILDFLAG(IS_NACL)
 | |
|  
 | |
|  namespace base {
 | |
|  
 | |
| -#if !BUILDFLAG(IS_NACL)
 | |
| +#if !BUILDFLAG(IS_NACL) && !BUILDFLAG(IS_CEF_SANDBOX_BUILD)
 | |
|  uint32_t Crc32(uint32_t sum, span<const uint8_t> data) {
 | |
|    if (data.empty()) {
 | |
|      return sum;
 | |
| diff --git base/process/memory.h base/process/memory.h
 | |
| index 5d11d4a1560b1..242a93bcca8ed 100644
 | |
| --- base/process/memory.h
 | |
| +++ base/process/memory.h
 | |
| @@ -29,7 +29,7 @@ BASE_EXPORT void EnableTerminationOnOutOfMemory();
 | |
|  #if PA_BUILDFLAG(USE_PARTITION_ALLOC)
 | |
|  using partition_alloc::TerminateBecauseOutOfMemory;
 | |
|  #else
 | |
| -inline void TerminateBecauseOutOfMemory(size_t) {
 | |
| +[[noreturn]] inline void TerminateBecauseOutOfMemory(size_t) {
 | |
|    logging::RawCheckFailure("Out of memory");
 | |
|  }
 | |
|  #endif
 | |
| @@ -58,7 +58,11 @@ bool ReleaseAddressSpaceReservation();
 | |
|  #if BUILDFLAG(IS_WIN)
 | |
|  namespace win {
 | |
|  
 | |
| +#if PA_BUILDFLAG(USE_PARTITION_ALLOC)
 | |
|  using partition_alloc::win::kOomExceptionCode;
 | |
| +#else
 | |
| +const DWORD kOomExceptionCode = 0xe0000008;
 | |
| +#endif
 | |
|  
 | |
|  }  // namespace win
 | |
|  #endif
 | |
| diff --git base/rand_util.h base/rand_util.h
 | |
| index b198a7198aab9..01bc8e9b6ad1f 100644
 | |
| --- base/rand_util.h
 | |
| +++ base/rand_util.h
 | |
| @@ -17,8 +17,9 @@
 | |
|  #include "base/containers/span.h"
 | |
|  #include "base/gtest_prod_util.h"
 | |
|  #include "build/build_config.h"
 | |
| +#include "cef/libcef/features/features.h"
 | |
|  
 | |
| -#if !BUILDFLAG(IS_NACL)
 | |
| +#if !BUILDFLAG(IS_NACL) && !BUILDFLAG(IS_CEF_SANDBOX_BUILD)
 | |
|  #include "third_party/boringssl/src/include/openssl/rand.h"
 | |
|  #endif
 | |
|  
 | |
| @@ -117,7 +118,7 @@ class RandomBitGenerator {
 | |
|    ~RandomBitGenerator() = default;
 | |
|  };
 | |
|  
 | |
| -#if !BUILDFLAG(IS_NACL)
 | |
| +#if !BUILDFLAG(IS_NACL) && !BUILDFLAG(IS_CEF_SANDBOX_BUILD)
 | |
|  class NonAllocatingRandomBitGenerator {
 | |
|   public:
 | |
|    using result_type = uint64_t;
 | |
| diff --git base/rand_util_win.cc base/rand_util_win.cc
 | |
| index 0b772cbae8916..b19183b34d176 100644
 | |
| --- base/rand_util_win.cc
 | |
| +++ base/rand_util_win.cc
 | |
| @@ -15,7 +15,11 @@
 | |
|  
 | |
|  #include "base/check.h"
 | |
|  #include "base/feature_list.h"
 | |
| +#include "cef/libcef/features/features.h"
 | |
| +
 | |
| +#if !BUILDFLAG(IS_CEF_SANDBOX_BUILD)
 | |
|  #include "third_party/boringssl/src/include/openssl/rand.h"
 | |
| +#endif
 | |
|  
 | |
|  // Prototype for ProcessPrng.
 | |
|  // See: https://learn.microsoft.com/en-us/windows/win32/seccng/processprng
 | |
| @@ -27,6 +31,7 @@ namespace base {
 | |
|  
 | |
|  namespace internal {
 | |
|  
 | |
| +#if !BUILDFLAG(IS_CEF_SANDBOX_BUILD)
 | |
|  namespace {
 | |
|  
 | |
|  // The BoringSSl helpers are duplicated in rand_util_fuchsia.cc and
 | |
| @@ -48,6 +53,10 @@ bool UseBoringSSLForRandBytes() {
 | |
|    return g_use_boringssl.load(std::memory_order_relaxed);
 | |
|  }
 | |
|  
 | |
| +#else  // !BUILDFLAG(IS_CEF_SANDBOX_BUILD)
 | |
| +void ConfigureBoringSSLBackedRandBytesFieldTrial() {}
 | |
| +#endif
 | |
| +
 | |
|  }  // namespace internal
 | |
|  
 | |
|  namespace {
 | |
| @@ -65,11 +74,13 @@ decltype(&ProcessPrng) GetProcessPrng() {
 | |
|  }
 | |
|  
 | |
|  void RandBytesInternal(span<uint8_t> output, bool avoid_allocation) {
 | |
| +#if !BUILDFLAG(IS_CEF_SANDBOX_BUILD)
 | |
|    if (!avoid_allocation && internal::UseBoringSSLForRandBytes()) {
 | |
|      // BoringSSL's RAND_bytes always returns 1. Any error aborts the program.
 | |
|      (void)RAND_bytes(output.data(), output.size());
 | |
|      return;
 | |
|    }
 | |
| +#endif  // !BUILDFLAG(IS_CEF_SANDBOX_BUILD)
 | |
|  
 | |
|    static decltype(&ProcessPrng) process_prng_fn = GetProcessPrng();
 | |
|    BOOL success =
 | |
| diff --git base/unguessable_token.cc base/unguessable_token.cc
 | |
| index ea33ca66f384c..33f4cc76f76bd 100644
 | |
| --- base/unguessable_token.cc
 | |
| +++ base/unguessable_token.cc
 | |
| @@ -11,8 +11,9 @@
 | |
|  #include "base/format_macros.h"
 | |
|  #include "base/rand_util.h"
 | |
|  #include "build/build_config.h"
 | |
| +#include "cef/libcef/features/features.h"
 | |
|  
 | |
| -#if !BUILDFLAG(IS_NACL)
 | |
| +#if !BUILDFLAG(IS_NACL) && !BUILDFLAG(IS_CEF_SANDBOX_BUILD)
 | |
|  #include "third_party/boringssl/src/include/openssl/mem.h"
 | |
|  #endif
 | |
|  
 | |
| @@ -58,7 +59,7 @@ std::optional<UnguessableToken> UnguessableToken::DeserializeFromString(
 | |
|  }
 | |
|  
 | |
|  bool operator==(const UnguessableToken& lhs, const UnguessableToken& rhs) {
 | |
| -#if BUILDFLAG(IS_NACL)
 | |
| +#if BUILDFLAG(IS_NACL) || BUILDFLAG(IS_CEF_SANDBOX_BUILD)
 | |
|    // BoringSSL is unavailable for NaCl builds so it remains timing dependent.
 | |
|    return lhs.token_ == rhs.token_;
 | |
|  #else
 | |
| diff --git base/win/sid.cc base/win/sid.cc
 | |
| index 6b5d9b1e494b7..538c98d6676ad 100644
 | |
| --- base/win/sid.cc
 | |
| +++ base/win/sid.cc
 | |
| @@ -29,12 +29,56 @@
 | |
|  #include "base/win/scoped_handle.h"
 | |
|  #include "base/win/scoped_localalloc.h"
 | |
|  #include "base/win/windows_version.h"
 | |
| +#include "cef/libcef/features/features.h"
 | |
| +
 | |
| +#if !BUILDFLAG(IS_CEF_SANDBOX_BUILD)
 | |
|  #include "third_party/boringssl/src/include/openssl/sha.h"
 | |
| +#else
 | |
| +#include <wincrypt.h>
 | |
| +#endif
 | |
|  
 | |
|  namespace base::win {
 | |
|  
 | |
|  namespace {
 | |
|  
 | |
| +#if BUILDFLAG(IS_CEF_SANDBOX_BUILD)
 | |
| +
 | |
| +#define SHA256_DIGEST_LENGTH 32
 | |
| +
 | |
| +bool SHA256(const uint8_t* InData, size_t InDataLen, uint8_t* OutHash) {
 | |
| +  HCRYPTPROV hProv = 0;
 | |
| +  HCRYPTHASH hHash = 0;
 | |
| +
 | |
| +  if (!CryptAcquireContext(&hProv, nullptr, nullptr, PROV_RSA_AES,
 | |
| +                           CRYPT_VERIFYCONTEXT)) {
 | |
| +    return false;
 | |
| +  }
 | |
| +
 | |
| +  if (!CryptCreateHash(hProv, CALG_SHA_256, 0, 0, &hHash)) {
 | |
| +    CryptReleaseContext(hProv, 0);
 | |
| +    return false;
 | |
| +  }
 | |
| +
 | |
| +  if (!CryptHashData(hHash, InData, static_cast<DWORD>(InDataLen), 0)) {
 | |
| +    CryptDestroyHash(hHash);
 | |
| +    CryptReleaseContext(hProv, 0);
 | |
| +    return false;
 | |
| +  }
 | |
| +
 | |
| +  DWORD dwHashLen = SHA256_DIGEST_LENGTH;
 | |
| +  if (!CryptGetHashParam(hHash, HP_HASHVAL, OutHash, &dwHashLen, 0)) {
 | |
| +    CryptDestroyHash(hHash);
 | |
| +    CryptReleaseContext(hProv, 0);
 | |
| +    return false;
 | |
| +  }
 | |
| +
 | |
| +  CryptDestroyHash(hHash);
 | |
| +  CryptReleaseContext(hProv, 0);
 | |
| +  return true;
 | |
| +}
 | |
| +
 | |
| +#endif  // BUILDFLAG(IS_CEF_SANDBOX_BUILD)
 | |
| +
 | |
|  template <typename Iterator>
 | |
|  Sid FromSubAuthorities(const SID_IDENTIFIER_AUTHORITY& identifier_authority,
 | |
|                         size_t sub_authority_count,
 | |
| diff --git build_overrides/dawn.gni build_overrides/dawn.gni
 | |
| index cec3df3e50b6e..309b4e6a4fe0d 100644
 | |
| --- build_overrides/dawn.gni
 | |
| +++ build_overrides/dawn.gni
 | |
| @@ -2,11 +2,15 @@
 | |
|  # Use of this source code is governed by a BSD-style license that can be
 | |
|  # found in the LICENSE file.
 | |
|  
 | |
| +import("//base/allocator/partition_allocator/partition_alloc.gni")
 | |
| +
 | |
|  # The paths to Dawn's dependencies
 | |
|  dawn_angle_dir = "//third_party/angle"
 | |
|  dawn_glfw_dir = "//third_party/dawn/third_party/glfw"
 | |
|  dawn_googletest_dir = "//third_party/googletest/src"
 | |
| -dawn_partition_alloc_dir = "//base/allocator/partition_allocator"
 | |
| +if (use_partition_alloc) {
 | |
| +  dawn_partition_alloc_dir = "//base/allocator/partition_allocator"
 | |
| +}
 | |
|  dawn_jinja2_dir = "//third_party/jinja2"
 | |
|  dawn_jsoncpp_dir = "//third_party/jsoncpp"
 | |
|  dawn_spirv_tools_dir = "//third_party/spirv-tools/src"
 |