From c675db4ac0623d2d97344be0b3b2d9f1ac931446 Mon Sep 17 00:00:00 2001 From: Than Ngo Date: Thu, 17 Oct 2024 19:36:48 +0200 Subject: [PATCH 1/5] fix build error on ppc64le --- chromium-130-size-assertions.patch | 90 ++++++++++++++++++++++++++++++ chromium.spec | 10 +++- 2 files changed, 99 insertions(+), 1 deletion(-) create mode 100644 chromium-130-size-assertions.patch diff --git a/chromium-130-size-assertions.patch b/chromium-130-size-assertions.patch new file mode 100644 index 00000000..cc75fb36 --- /dev/null +++ b/chromium-130-size-assertions.patch @@ -0,0 +1,90 @@ +commit f457e3c32b8170a39ead84ceaf9f0fdbe0696649 +Author: Michael Lippautz +Date: Tue Oct 15 19:27:32 2024 +0000 + + Fix size assertions across Blink + + The ASSERT_SIZE() macro is used to check that certain object sizes do + not grow unexpectedly. Fix a few occurrences that assumed that Member + is always the same size as debug builds may blow up the pointer size + to allow verifying some conditions. + + Bug: 373485798 + Change-Id: I243dd7d75810e2cfda0141817986a6c4a03c6392 + Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5934877 + Commit-Queue: Michael Lippautz + Reviewed-by: Steinar H Gunderson + Cr-Commit-Position: refs/heads/main@{#1368939} + +diff --git a/third_party/blink/renderer/core/css/css_selector.cc b/third_party/blink/renderer/core/css/css_selector.cc +index e9cd483e0ce13..3d99eab57489e 100644 +--- a/third_party/blink/renderer/core/css/css_selector.cc ++++ b/third_party/blink/renderer/core/css/css_selector.cc +@@ -88,7 +88,11 @@ unsigned MaximumSpecificity( + + struct SameSizeAsCSSSelector { + unsigned bitfields; +- void* pointers[1]; ++ union { ++ AtomicString value_; ++ QualifiedName tag_q_name_or_attribute_; ++ Member rare_data_; ++ } pointers; + }; + + ASSERT_SIZE(CSSSelector, SameSizeAsCSSSelector); +diff --git a/third_party/blink/renderer/core/css/resolver/match_result.h b/third_party/blink/renderer/core/css/resolver/match_result.h +index c99bae9777094..210ef8610b808 100644 +--- a/third_party/blink/renderer/core/css/resolver/match_result.h ++++ b/third_party/blink/renderer/core/css/resolver/match_result.h +@@ -34,6 +34,7 @@ + #include "third_party/blink/renderer/core/dom/tree_scope.h" + #include "third_party/blink/renderer/platform/heap/collection_support/heap_vector.h" + #include "third_party/blink/renderer/platform/heap/garbage_collected.h" ++#include "third_party/blink/renderer/platform/wtf/size_assertions.h" + #include "third_party/blink/renderer/platform/wtf/vector.h" + + namespace blink { +@@ -88,8 +89,13 @@ struct CORE_EXPORT MatchedProperties { + Member properties; + Data data_; + }; +-static_assert(sizeof(MatchedProperties) <= 12, +- "MatchedProperties should not grow without thinking"); ++ ++struct SameSizeAsMatchedProperties { ++ Member properties; ++ uint8_t data_[8]; ++}; ++ ++ASSERT_SIZE(MatchedProperties, SameSizeAsMatchedProperties); + + } // namespace blink + +diff --git a/third_party/blink/renderer/core/dom/element_data.cc b/third_party/blink/renderer/core/dom/element_data.cc +index 0e616444cbf92..6f3592bfa907b 100644 +--- a/third_party/blink/renderer/core/dom/element_data.cc ++++ b/third_party/blink/renderer/core/dom/element_data.cc +@@ -46,7 +46,8 @@ struct SameSizeAsElementData final + : public GarbageCollected { + unsigned bitfield; + Member willbe_member; +- void* pointers[2]; ++ SpaceSplitString class_names_; ++ void* pointers[1]; + }; + + ASSERT_SIZE(ElementData, SameSizeAsElementData); +diff --git a/third_party/blink/renderer/platform/fonts/shaping/shape_result.cc b/third_party/blink/renderer/platform/fonts/shaping/shape_result.cc +index 98a9f6988ae3d..68b3c922cb362 100644 +--- a/third_party/blink/renderer/platform/fonts/shaping/shape_result.cc ++++ b/third_party/blink/renderer/platform/fonts/shaping/shape_result.cc +@@ -75,7 +75,7 @@ struct SameSizeAsRunInfo { + void* pointers[2]; + unsigned integer; + } glyph_data; +- void* pointer; ++ Member pointer; + Vector vector; + int integers[6]; + }; diff --git a/chromium.spec b/chromium.spec index a087c694..85afbcf3 100644 --- a/chromium.spec +++ b/chromium.spec @@ -354,6 +354,10 @@ Patch354: chromium-126-split-threshold-for-reg-with-hint.patch # fix build error: no member named 'hardware_destructive_interference_size' in namespace 'std' Patch355: chromium-130-hardware_destructive_interference_size.patch +# fix build error on ppc64le +# error: static assertion failed due to requirement 'sizeof(blink::MatchedProperties) <= 12': MatchedProperties should not grow without thinking +Patch356: chromium-130-size-assertions.patch + # set clang_lib path Patch358: chromium-127-rust-clanglib.patch @@ -1058,6 +1062,7 @@ Qt6 UI for chromium. %endif %patch -P355 -p1 -b .hardware_destructive_interference_size +%patch -P356 -p1 -b .size-assertions %patch -P358 -p1 -b .rust-clang_lib %ifarch ppc64le @@ -2200,10 +2205,13 @@ getent group chrome-remote-desktop >/dev/null || groupadd -r chrome-remote-deskt * Wed Mar 06 2024 Than Ngo - 122.0.6261.111-1 - upstream security release 122.0.6261.111 - * High CVE-2024-2173: Out of bounds memory access in V8 + * High CVE-2024-2173: Out of bounds memory access in V8 * High CVE-2024-2174: Inappropriate implementation in V8 * High CVE-2024-2176: Use after free in FedCM +* Sat Mar 02 2024 Jiri Vanek - 122.0.6261.94-2 +- Rebuilt for java-21-openjdk as system jdk + * Wed Feb 28 2024 Than Ngo - 122.0.6261.94-1 - upstream security release 122.0.6261.94 * High : Type Confusion in V8 From eec6ad9bad9653517ef5d3517bfe1f90d6df92a3 Mon Sep 17 00:00:00 2001 From: Than Ngo Date: Mon, 21 Oct 2024 11:37:03 +0200 Subject: [PATCH 2/5] Add missing pthread stack size for ppc64 (openpower-patches) --- add-ppc64-pthread-stack-size.patch | 12 ++++++++++++ chromium.spec | 7 ++++++- 2 files changed, 18 insertions(+), 1 deletion(-) create mode 100644 add-ppc64-pthread-stack-size.patch diff --git a/add-ppc64-pthread-stack-size.patch b/add-ppc64-pthread-stack-size.patch new file mode 100644 index 00000000..7252ca2f --- /dev/null +++ b/add-ppc64-pthread-stack-size.patch @@ -0,0 +1,12 @@ +--- a/base/process/launch.h ++++ b/base/process/launch.h +@@ -54,6 +54,9 @@ + #if defined(ARCH_CPU_ARM64) + #define PTHREAD_STACK_MIN_CONST \ + (__builtin_constant_p(PTHREAD_STACK_MIN) ? PTHREAD_STACK_MIN : 131072) ++#elif defined(ARCH_CPU_PPC64) ++#define PTHREAD_STACK_MIN_CONST \ ++ (__builtin_constant_p(PTHREAD_STACK_MIN) ? PTHREAD_STACK_MIN : 131072) + #else + #define PTHREAD_STACK_MIN_CONST \ + (__builtin_constant_p(PTHREAD_STACK_MIN) ? PTHREAD_STACK_MIN : 16384) diff --git a/chromium.spec b/chromium.spec index 85afbcf3..dab7bea6 100644 --- a/chromium.spec +++ b/chromium.spec @@ -274,7 +274,7 @@ Name: chromium%{chromium_channel} Version: 130.0.6723.58 -Release: 1%{?dist} +Release: 2%{?dist} Summary: A WebKit (Blink) powered web browser that Google doesn't want you to use Url: http://www.chromium.org/Home License: BSD-3-Clause AND LGPL-2.1-or-later AND Apache-2.0 AND IJG AND MIT AND GPL-2.0-or-later AND ISC AND OpenSSL AND (MPL-1.1 OR GPL-2.0-only OR LGPL-2.0-only) @@ -435,6 +435,7 @@ Patch412: add-ppc64-architecture-to-extensions.diff # Suppress harmless compiler warning messages that appear on ppc64 due to arch-specific warning flags being passed Patch413: fix-unknown-warning-option-messages.diff Patch414: cargo-add-ppc64.diff +Patch415: add-ppc64-pthread-stack-size.patch # upstream patches @@ -1121,6 +1122,7 @@ Qt6 UI for chromium. %patch -P412 -p1 -b .add-ppc64-architecture-to-extensions %patch -P413 -p1 -b .fix-unknown-warning-option-messages %patch -P414 -p1 -b .rust-add-ppc64-case +%patch -P415 -p1 -b .add-ppc64-pthread-stack-size %endif # Change shebang in all relevant files in this directory and all subdirectories @@ -1915,6 +1917,9 @@ getent group chrome-remote-desktop >/dev/null || groupadd -r chrome-remote-deskt %endif %changelog +* Mon Oct 21 2024 Than Ngo - 130.0.6723.58-2 +- Add missing pthread stack size for ppc64 (openpower-patches) + * Wed Oct 16 2024 Than Ngo - 130.0.6723.58-1 - update to 130.0.6723.58 * High CVE-2024-9954: Use after free in AI From 79dea59fdf4e7ab259271d3134116e3c7cdeed1c Mon Sep 17 00:00:00 2001 From: Than Ngo Date: Wed, 23 Oct 2024 17:05:20 +0200 Subject: [PATCH 3/5] fixed a condition for epel10 --- chromium.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chromium.spec b/chromium.spec index dab7bea6..e44d2d3b 100644 --- a/chromium.spec +++ b/chromium.spec @@ -551,7 +551,7 @@ BuildRequires: libgcrypt-devel BuildRequires: libudev-devel BuildRequires: libuuid-devel -%if 0%{?fedora} >= 37 +%if 0%{?fedora} >= 37 || %if 0%{?rhel} > 9 BuildRequires: libusb-compat-0.1-devel %else BuildRequires: libusb-devel From 611aa08482fde559b3c7e4e5dbb09904bb5ff98d Mon Sep 17 00:00:00 2001 From: Than Ngo Date: Wed, 23 Oct 2024 17:07:10 +0200 Subject: [PATCH 4/5] fix typo --- chromium.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chromium.spec b/chromium.spec index e44d2d3b..a1c75c4b 100644 --- a/chromium.spec +++ b/chromium.spec @@ -551,7 +551,7 @@ BuildRequires: libgcrypt-devel BuildRequires: libudev-devel BuildRequires: libuuid-devel -%if 0%{?fedora} >= 37 || %if 0%{?rhel} > 9 +%if 0%{?fedora} >= 37 || 0%{?rhel} > 9 BuildRequires: libusb-compat-0.1-devel %else BuildRequires: libusb-devel From f73c0983b42004dc790b1b1b4a40b1c8d67dd347 Mon Sep 17 00:00:00 2001 From: Than Ngo Date: Sat, 26 Oct 2024 13:14:22 +0200 Subject: [PATCH 5/5] =?UTF-8?q?-=20update=20to=20130.0.6723.69=20=20=20*?= =?UTF-8?q?=20High=20CVE-2024-10229:=20Inappropriate=20implementation=20in?= =?UTF-8?q?=20Extensions=20=20=20*=20High=20CVE-2024-10230:=20Type=20Confu?= =?UTF-8?q?sion=20in=20V8=20=20=20*=20High=20CVE-2024-10231:=20Type=20Conf?= =?UTF-8?q?usion=20in=20V8#=20Bitte=20geben=20Sie=20eine=20Commit-Beschrei?= =?UTF-8?q?bung=20f=C3=BCr=20Ihre=20=C3=84nderungen=20ein.=20Zeilen,?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- chromium.spec | 10 ++++++++-- sources | 2 +- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/chromium.spec b/chromium.spec index a1c75c4b..94e49f5f 100644 --- a/chromium.spec +++ b/chromium.spec @@ -273,8 +273,8 @@ %endif Name: chromium%{chromium_channel} -Version: 130.0.6723.58 -Release: 2%{?dist} +Version: 130.0.6723.69 +Release: 1%{?dist} Summary: A WebKit (Blink) powered web browser that Google doesn't want you to use Url: http://www.chromium.org/Home License: BSD-3-Clause AND LGPL-2.1-or-later AND Apache-2.0 AND IJG AND MIT AND GPL-2.0-or-later AND ISC AND OpenSSL AND (MPL-1.1 OR GPL-2.0-only OR LGPL-2.0-only) @@ -1917,6 +1917,12 @@ getent group chrome-remote-desktop >/dev/null || groupadd -r chrome-remote-deskt %endif %changelog +* Sat Oct 26 2024 Than Ngo - 130.0.6723.69-1 +- update to 130.0.6723.69 + * High CVE-2024-10229: Inappropriate implementation in Extensions + * High CVE-2024-10230: Type Confusion in V8 + * High CVE-2024-10231: Type Confusion in V8 + * Mon Oct 21 2024 Than Ngo - 130.0.6723.58-2 - Add missing pthread stack size for ppc64 (openpower-patches) diff --git a/sources b/sources index 2d850c6e..3801e9bf 100644 --- a/sources +++ b/sources @@ -2,4 +2,4 @@ SHA512 (node-v20.6.1-linux-arm64.tar.xz) = adfcaf2c22614797fd69fb46d94c1cbf64dea SHA512 (node-v20.6.1-linux-x64.tar.xz) = 7e15c05041a9a50f0046266aadb2e092a5aefbec19be1c7c809471add520cb57c7df3c47d88b1888b29bf2979dca3c92adddfd965370fa2a9da4ea02186464fd SHA512 (linux-arm64-0.19.2.tgz) = 8a0d8fec6786fffcd6954d00820037a55d61e60762c74300df0801f8db27057562c221a063bedfb8df56af9ba80abb366336987e881782c5996e6f871abd3dc6 SHA512 (linux-x64-0.19.2.tgz) = a31cc74c4bfa54f9b75d735a1cfc944d3b5efb7c06bfba9542da9a642ae0b2d235ea00ae84d3ad0572c406405110fe7b61377af0fd15803806ef78d20fc6f05d -SHA512 (chromium-130.0.6723.58-clean.tar.xz) = 1db9db62de458d0d6e45eb5017c5051fa35c06328e429b7f3331b4cc73c79ba5cbe6b394d3c0235f7860b3bede5c7ebaee1237a4db3fb934474614a32489de92 +SHA512 (chromium-130.0.6723.69-clean.tar.xz) = 68fd9e740e95d1cdd77ca2a6ef58500b7263be6f6a44170adff585a2de788abdff4dac0fc85b8c8bcf78b612062529ff65c0ae1c375acce30e4ec8b2aa4c6d48