From b370bdf1e015a18b49fbe8a1e6d48b59cbba2432 Mon Sep 17 00:00:00 2001 From: Tom spot Callaway Date: Thu, 11 Mar 2021 13:41:46 -0500 Subject: [PATCH 1/3] fix epel8 --- ...4389.82-rhel8-force-disable-use_gnome_keyring.patch | 10 ++++++++++ chromium.spec | 2 +- 2 files changed, 11 insertions(+), 1 deletion(-) create mode 100644 chromium-89.0.4389.82-rhel8-force-disable-use_gnome_keyring.patch diff --git a/chromium-89.0.4389.82-rhel8-force-disable-use_gnome_keyring.patch b/chromium-89.0.4389.82-rhel8-force-disable-use_gnome_keyring.patch new file mode 100644 index 00000000..f5f485a7 --- /dev/null +++ b/chromium-89.0.4389.82-rhel8-force-disable-use_gnome_keyring.patch @@ -0,0 +1,10 @@ +diff -up chromium-76.0.3809.132/components/os_crypt/features.gni.rhel8 chromium-76.0.3809.132/components/os_crypt/features.gni +--- chromium-76.0.3809.132/components/os_crypt/features.gni.rhel8 2019-09-06 17:08:01.242314126 -0400 ++++ chromium-76.0.3809.132/components/os_crypt/features.gni 2019-09-06 17:08:10.139134707 -0400 +@@ -7,5 +7,5 @@ import("//build/config/ui.gni") + declare_args() { + # Whether to use libgnome-keyring (deprecated by libsecret). + # See http://crbug.com/466975 and http://crbug.com/355223. +- use_gnome_keyring = (is_linux || is_chromeos_lacros) && use_glib ++ use_gnome_keyring = false + } diff --git a/chromium.spec b/chromium.spec index 215fbe0c..8ba094e5 100644 --- a/chromium.spec +++ b/chromium.spec @@ -330,7 +330,7 @@ Patch203: chromium-86.0.4240.75-vaapi-i686-fpermissive.patch Patch205: chromium-86.0.4240.75-fix-vaapi-on-intel.patch # Apply these patches to work around EPEL8 issues -Patch300: chromium-88.0.4324.96-rhel8-force-disable-use_gnome_keyring.patch +Patch300: chromium-89.0.4389.82-rhel8-force-disable-use_gnome_keyring.patch # And fixes for new compilers Patch400: %{name}-gcc11.patch From 678ad1f08a719b2554ea446dc2384fd54946e412 Mon Sep 17 00:00:00 2001 From: Tom spot Callaway Date: Mon, 15 Mar 2021 15:41:07 -0400 Subject: [PATCH 2/3] add support for futex_time64 --- ...um-89.0.4389.82-support-futex_time64.patch | 29 +++++++++++++++++++ chromium.spec | 10 ++++++- 2 files changed, 38 insertions(+), 1 deletion(-) create mode 100644 chromium-89.0.4389.82-support-futex_time64.patch diff --git a/chromium-89.0.4389.82-support-futex_time64.patch b/chromium-89.0.4389.82-support-futex_time64.patch new file mode 100644 index 00000000..7103cf37 --- /dev/null +++ b/chromium-89.0.4389.82-support-futex_time64.patch @@ -0,0 +1,29 @@ +diff -up chromium-89.0.4389.82/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc.futex-time64 chromium-89.0.4389.82/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc +--- chromium-89.0.4389.82/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc.futex-time64 2021-03-15 15:31:09.440719811 -0400 ++++ chromium-89.0.4389.82/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc 2021-03-15 15:33:27.494393985 -0400 +@@ -191,7 +191,11 @@ ResultExpr EvaluateSyscallImpl(int fs_de + } + #endif + +- if (sysno == __NR_futex) ++ if (sysno == __NR_futex ++#if defined(__NR_futex_time64) ++ || sysno == __NR_futex_time64 ++#endif ++ ) + return RestrictFutex(); + + if (sysno == __NR_set_robust_list) +diff -up chromium-89.0.4389.82/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc.futex-time64 chromium-89.0.4389.82/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc +--- chromium-89.0.4389.82/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc.futex-time64 2021-03-15 15:33:45.018479568 -0400 ++++ chromium-89.0.4389.82/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc 2021-03-15 15:34:55.002821350 -0400 +@@ -420,6 +420,9 @@ bool SyscallSets::IsAllowedFutex(int sys + case __NR_get_robust_list: + case __NR_set_robust_list: + case __NR_futex: ++#if defined(__NR_futex_time64) ++ case __NR_futex_time64: ++#endif + default: + return false; + } diff --git a/chromium.spec b/chromium.spec index 8ba094e5..fee8bf7e 100644 --- a/chromium.spec +++ b/chromium.spec @@ -216,7 +216,7 @@ Name: chromium%{chromium_channel}%{nsuffix} Name: chromium%{chromium_channel} %endif Version: %{majorversion}.0.4389.82 -Release: 1%{?dist} +Release: 2%{?dist} %if %{?freeworld} %if %{?shared} # chromium-libs-media-freeworld @@ -301,6 +301,10 @@ Patch75: chromium-88.0.4324.96-fstatfix.patch Patch76: chromium-88.0.4324.182-rawhide-gcc-std-max-fix.patch # Fix symbol visibility with gcc on swiftshader's libEGL Patch77: chromium-88.0.4324.182-gcc-fix-swiftshader-libEGL-visibility.patch +# Include support for futex_time64 (64bit time on 32bit platforms) +# https://chromium.googlesource.com/chromium/src/+/955a586c63c4f99fb734e44221db63f5b2ca25a9%5E%21/#F0 +Patch78: chromium-89.0.4389.82-support-futex_time64.patch + # Use lstdc++ on EPEL7 only Patch101: chromium-75.0.3770.100-epel7-stdc++.patch @@ -923,6 +927,7 @@ udev. %patch76 -p1 -b .sigstkszfix %endif %patch77 -p1 -b .gcc-swiftshader-visibility +%patch78 -p1 -b .futex-time64 # Fedora branded user agent %if 0%{?fedora} @@ -1960,6 +1965,9 @@ getent group chrome-remote-desktop >/dev/null || groupadd -r chrome-remote-deskt %changelog +* Mon Mar 15 2021 Tom Callaway - 89.0.4389.82-2 +- add support for futex_time64 + * Mon Mar 8 2021 Tom Callaway - 89.0.4389.82-1 - update to 89.0.4389.82 From 6ae1b9500acfeff7f7c31b5f769e4a633899182d Mon Sep 17 00:00:00 2001 From: Tom spot Callaway Date: Thu, 18 Mar 2021 14:51:37 -0400 Subject: [PATCH 3/3] update to 89.0.4389.90, disable auto-download of widevine binary only blob --- chromium-89.0.4389.82-widevine-no-download.patch | 14 ++++++++++++++ chromium.spec | 13 ++++++++++--- sources | 2 +- 3 files changed, 25 insertions(+), 4 deletions(-) create mode 100644 chromium-89.0.4389.82-widevine-no-download.patch diff --git a/chromium-89.0.4389.82-widevine-no-download.patch b/chromium-89.0.4389.82-widevine-no-download.patch new file mode 100644 index 00000000..388efa42 --- /dev/null +++ b/chromium-89.0.4389.82-widevine-no-download.patch @@ -0,0 +1,14 @@ +diff -up chromium-89.0.4389.82/chrome/browser/component_updater/registration.cc.widevine-no-download chromium-89.0.4389.82/chrome/browser/component_updater/registration.cc +--- chromium-89.0.4389.82/chrome/browser/component_updater/registration.cc.widevine-no-download 2021-03-18 14:10:27.606759188 -0400 ++++ chromium-89.0.4389.82/chrome/browser/component_updater/registration.cc 2021-03-18 14:10:41.792833905 -0400 +@@ -96,10 +96,6 @@ void RegisterComponentsForUpdate(bool is + // TODO(crbug.com/1069814): Remove after 2021-10-01. + CleanUpPepperFlashComponent(); + +-#if BUILDFLAG(ENABLE_WIDEVINE_CDM_COMPONENT) +- RegisterWidevineCdmComponent(cus); +-#endif // BUILDFLAG(ENABLE_WIDEVINE_CDM_COMPONENT) +- + #if BUILDFLAG(ENABLE_NACL) && !defined(OS_ANDROID) + #if BUILDFLAG(IS_CHROMEOS_ASH) + // PNaCl on Chrome OS is on rootfs and there is no need to download it. But diff --git a/chromium.spec b/chromium.spec index fee8bf7e..59b86df3 100644 --- a/chromium.spec +++ b/chromium.spec @@ -215,8 +215,8 @@ Name: chromium%{chromium_channel}%{nsuffix} %else Name: chromium%{chromium_channel} %endif -Version: %{majorversion}.0.4389.82 -Release: 2%{?dist} +Version: %{majorversion}.0.4389.90 +Release: 1%{?dist} %if %{?freeworld} %if %{?shared} # chromium-libs-media-freeworld @@ -226,7 +226,7 @@ Summary: Chromium media libraries built with all possible codecs Summary: A WebKit (Blink) powered web browser built with all possible codecs %endif %else -Summary: A WebKit (Blink) powered web browser +Summary: A WebKit (Blink) powered web browser that Google doesn't want you to use %endif Url: http://www.chromium.org/Home License: BSD and LGPLv2+ and ASL 2.0 and IJG and MIT and GPLv2+ and ISC and OpenSSL and (MPLv1.1 or GPLv2 or LGPLv2) @@ -304,6 +304,8 @@ Patch77: chromium-88.0.4324.182-gcc-fix-swiftshader-libEGL-visibility.patch # Include support for futex_time64 (64bit time on 32bit platforms) # https://chromium.googlesource.com/chromium/src/+/955a586c63c4f99fb734e44221db63f5b2ca25a9%5E%21/#F0 Patch78: chromium-89.0.4389.82-support-futex_time64.patch +# Do not download proprietary widevine module in the background (thanks Debian) +Patch79: chromium-89.0.4389.82-widevine-no-download.patch # Use lstdc++ on EPEL7 only @@ -928,6 +930,7 @@ udev. %endif %patch77 -p1 -b .gcc-swiftshader-visibility %patch78 -p1 -b .futex-time64 +%patch79 -p1 -b .widevine-no-download # Fedora branded user agent %if 0%{?fedora} @@ -1965,6 +1968,10 @@ getent group chrome-remote-desktop >/dev/null || groupadd -r chrome-remote-deskt %changelog +* Thu Mar 18 2021 Tom Callaway - 89.0.4389.90-1 +- update to 89.0.4389.90 +- disable auto-download of widevine binary only blob + * Mon Mar 15 2021 Tom Callaway - 89.0.4389.82-2 - add support for futex_time64 diff --git a/sources b/sources index 268e9e64..6fd2a241 100644 --- a/sources +++ b/sources @@ -20,4 +20,4 @@ SHA512 (xcb-proto-1.14.tar.xz) = de66d568163b6da2be9d6c59984f3afa3acd119a7813786 SHA512 (depot_tools.git-master.tar.gz) = dc323888812b66cc92c53a24a8a58ccf9e2961be67aa21852bd091b8b49569071f06ae9104cb58950e6253ac3a29f0db0663e9f35ef2b1ea28696efb38b42708 SHA512 (NotoSansSymbols2-Regular.ttf) = 2644b42c3fdccfe12395f9b61553aced169a0f1dc09f5a0fd7898e9d0a372ee4422b6b1cdab3c86ecc91db437e9ae8a951e64e85edc3ac9e9fca428852dbb2ad SHA512 (NotoSansTibetan-Regular.ttf) = fb5a48fcaea80eebe7d692f6fcf00d59d47658a358d0ec8e046fc559873f88bd595b2da474d2826abd9e9305f3741c69058d867b1e6048f37fe7d71b5d3af36a -SHA512 (chromium-89.0.4389.82-clean.tar.xz) = fd30622b6b289e87834ef33c75229d71b8e559f0edeee057d7d5c846f6ffea9b0b8064d6094fab1701165de6d2afe22c11d5b2e5a17a07f0ee1d8fc5a75bc80a +SHA512 (chromium-89.0.4389.90-clean.tar.xz) = b7b65d932c078a0fcb4befd49ab49714b2a0fa64764be2782f878bc2ef8214f312e98e1b1f853c577d18d511ef34d8e4d8760c6e85d38efffd67a3cb4cae6005