From cba05eac94a81fc021685da4e58cf76ef49ac953 Mon Sep 17 00:00:00 2001 From: Than Ngo Date: Tue, 6 Aug 2024 17:59:18 +0200 Subject: [PATCH 1/2] - fix rhbz#2294773 - Allow enabling vulkan on ozone wayland for AMD vaapi - add ppc64le patch to fix runtime assertion trap on ppc64el systems - refresh ppc64le patch to work around broken 64k allocator code on arm64 --- add-ppc64-architecture-to-extensions.diff | 42 +++++++++++++++++++ ...low-enabling-vulkan-on-ozone-wayland.patch | 11 +++++ chromium.spec | 20 ++++++--- use-sysconf-page-size-on-ppc64.patch | 15 +++++-- 4 files changed, 80 insertions(+), 8 deletions(-) create mode 100644 add-ppc64-architecture-to-extensions.diff create mode 100644 chromium-127-allow-enabling-vulkan-on-ozone-wayland.patch diff --git a/add-ppc64-architecture-to-extensions.diff b/add-ppc64-architecture-to-extensions.diff new file mode 100644 index 00000000..32dac5e5 --- /dev/null +++ b/add-ppc64-architecture-to-extensions.diff @@ -0,0 +1,42 @@ +--- a/chrome/browser/extensions/api/runtime/chrome_runtime_api_delegate.cc ++++ b/chrome/browser/extensions/api/runtime/chrome_runtime_api_delegate.cc +@@ -303,6 +303,8 @@ + info->arch = extensions::api::runtime::PlatformArch::kMips; + } else if (strcmp(arch, "mips64el") == 0) { + info->arch = extensions::api::runtime::PlatformArch::kMips64; ++ } else if (strcmp(arch, "ppc64") == 0) { ++ info->arch = extensions::api::runtime::PlatformArch::kPpc64; + } else { + NOTREACHED_IN_MIGRATION(); + return false; +@@ -319,6 +321,8 @@ + info->nacl_arch = extensions::api::runtime::PlatformNaclArch::kMips; + } else if (strcmp(nacl_arch, "mips64") == 0) { + info->nacl_arch = extensions::api::runtime::PlatformNaclArch::kMips64; ++ } else if (strcmp(nacl_arch, "ppc64") == 0) { ++ info->nacl_arch = extensions::api::runtime::PlatformNaclArch::kPpc64; + } else { + NOTREACHED_IN_MIGRATION(); + return false; +--- a/extensions/common/api/runtime.json ++++ b/extensions/common/api/runtime.json +@@ -98,7 +98,8 @@ + {"name": "x86-32", "description": "Specifies the processer architecture as x86-32."}, + {"name": "x86-64", "description": "Specifies the processer architecture as x86-64."}, + {"name": "mips", "description": "Specifies the processer architecture as mips."}, +- {"name": "mips64", "description": "Specifies the processer architecture as mips64."} ++ {"name": "mips64", "description": "Specifies the processer architecture as mips64."}, ++ {"name": "ppc64", "description": "Specifies the processer architecture as ppc64."} + ], + "description": "The machine's processor architecture." + }, +@@ -111,7 +112,8 @@ + {"name": "x86-32", "description": "Specifies the native client architecture as x86-32."}, + {"name": "x86-64", "description": "Specifies the native client architecture as x86-64."}, + {"name": "mips", "description": "Specifies the native client architecture as mips."}, +- {"name": "mips64", "description": "Specifies the native client architecture as mips64."} ++ {"name": "mips64", "description": "Specifies the native client architecture as mips64."}, ++ {"name": "ppc64", "description": "Specifies the native client architecture as ppc64."} + ] + }, + { diff --git a/chromium-127-allow-enabling-vulkan-on-ozone-wayland.patch b/chromium-127-allow-enabling-vulkan-on-ozone-wayland.patch new file mode 100644 index 00000000..9c35a401 --- /dev/null +++ b/chromium-127-allow-enabling-vulkan-on-ozone-wayland.patch @@ -0,0 +1,11 @@ +diff -up chromium-127.0.6533.88/ui/ozone/platform/wayland/gpu/wayland_surface_factory.cc.me chromium-127.0.6533.88/ui/ozone/platform/wayland/gpu/wayland_surface_factory.cc +--- chromium-127.0.6533.88/ui/ozone/platform/wayland/gpu/wayland_surface_factory.cc.me 2024-08-06 17:38:26.560468274 +0200 ++++ chromium-127.0.6533.88/ui/ozone/platform/wayland/gpu/wayland_surface_factory.cc 2024-08-06 17:39:00.137139610 +0200 +@@ -214,6 +214,7 @@ WaylandSurfaceFactory::GetAllowedGLImple + impls.emplace_back(gl::ANGLEImplementation::kOpenGL); + impls.emplace_back(gl::ANGLEImplementation::kOpenGLES); + impls.emplace_back(gl::ANGLEImplementation::kSwiftShader); ++ impls.emplace_back(gl::ANGLEImplementation::kVulkan); + impls.emplace_back(gl::kGLImplementationEGLGLES2); + } + return impls; diff --git a/chromium.spec b/chromium.spec index f25e3d4f..68e74f8d 100644 --- a/chromium.spec +++ b/chromium.spec @@ -297,7 +297,7 @@ Name: chromium%{chromium_channel} Version: 127.0.6533.88 -Release: 2%{?dist} +Release: 3%{?dist} Summary: A WebKit (Blink) powered web browser that Google doesn't want you to use Url: http://www.chromium.org/Home License: BSD-3-Clause AND LGPL-2.1-or-later AND Apache-2.0 AND IJG AND MIT AND GPL-2.0-or-later AND ISC AND OpenSSL AND (MPL-1.1 OR GPL-2.0-only OR LGPL-2.0-only) @@ -462,12 +462,13 @@ Patch409: partition-alloc-4k-detect.patch Patch410: dawn-fix-typos.patch Patch411: dawn-fix-ppc64le-detection.patch +Patch412: add-ppc64-architecture-to-extensions.diff # Suppress harmless compiler warning messages that appear on ppc64 due to arch-specific warning flags being passed -Patch412: fix-unknown-warning-option-messages.diff +Patch413: fix-unknown-warning-option-messages.diff # error: undefined symbol: llvm::MCAsmInfoXCOFF::MCAsmInfoXCOFF() -Patch413: fix-swiftshader-compile.patch +Patch414: fix-swiftshader-compile.patch # upstream patches Patch501: chromium-127-ninja-1.21.1-deps-part0.patch @@ -475,6 +476,7 @@ Patch502: chromium-127-ninja-1.21.1-deps-part1.patch Patch503: chromium-127-ninja-1.21.1-deps-part2.patch Patch504: chromium-127-ninja-1.21.1-deps-part3.patch Patch505: chromium-127-crabbyavif.patch +Patch506: chromium-127-allow-enabling-vulkan-on-ozone-wayland.patch # Use chromium-latest.py to generate clean tarball from released build tarballs, found here: # http://build.chromium.org/buildbot/official/ @@ -1197,8 +1199,10 @@ Qt6 UI for chromium. %patch -P410 -p1 -b .dawn-fix-typos %patch -P411 -p1 -b .dawn-fix-ppc64le-detection -%patch -P412 -p1 -b .fix-unknown-warning-option-messages -%patch -P413 -p1 -b .fix-swiftshader-compile +%patch -P412 -p1 -b .add-ppc64-architecture-to-extensions + +%patch -P413 -p1 -b .fix-unknown-warning-option-messages +%patch -P414 -p1 -b .fix-swiftshader-compile %endif %if 0%{?fedora} > 39 @@ -1208,6 +1212,7 @@ Qt6 UI for chromium. %patch -P504 -p1 -b .ninja-1.21.1-deps %endif %patch -P505 -p1 -b .crabbyavif +%patch -P506 -p1 -b .allow-enabling-vulkan-on-ozone-wayland # Change shebang in all relevant files in this directory and all subdirectories # See `man find` for how the `-exec command {} +` syntax works @@ -2028,6 +2033,11 @@ getent group chrome-remote-desktop >/dev/null || groupadd -r chrome-remote-deskt %endif %changelog +* Tue Aug 06 2024 Than Ngo - 127.0.6533.88-3 +- fix rhbz#2294773 - Allow enabling vulkan on ozone wayland for AMD vaapi +- add ppc64le patch to fix runtime assertion trap on ppc64el systems +- refresh ppc64le patch to work around broken 64k allocator code on arm64 + * Thu Aug 01 2024 Than Ngo - 127.0.6533.88-2 - remove old patch that seems to be the cause of a crash when the user set user.max_user_namespaces to 0 diff --git a/use-sysconf-page-size-on-ppc64.patch b/use-sysconf-page-size-on-ppc64.patch index a5ce81a0..9ef94500 100644 --- a/use-sysconf-page-size-on-ppc64.patch +++ b/use-sysconf-page-size-on-ppc64.patch @@ -46,12 +46,21 @@ Index: chromium-127.0.6533.72/base/allocator/partition_allocator/src/partition_a =================================================================== --- chromium-127.0.6533.72.orig/base/allocator/partition_allocator/src/partition_alloc/partition_page_constants.h +++ chromium-127.0.6533.72/base/allocator/partition_allocator/src/partition_alloc/partition_page_constants.h -@@ -20,7 +20,7 @@ static constexpr size_t kMaxSlotsPerSlot + // PartitionPageSize() is 4 times the OS page size. + static constexpr size_t kMaxSlotsPerSlotSpan = 4 * (1 << 14) / kSmallestBucket; + #elif defined(PARTITION_ALLOCATOR_CONSTANTS_POSIX_NONCONST_PAGE_SIZE) ++#if PA_BUILDFLAG(PA_ARCH_CPU_ARM64) // System page size can be 4, 16, or 64 kiB on Linux on arm64. 64 kiB is // currently (kMaxSlotsPerSlotSpanBits == 13) not supported by the code, // so we use the 16 kiB maximum (64 kiB will crash). --static constexpr size_t kMaxSlotsPerSlotSpan = 4 * (1 << 14) / kSmallestBucket; -+static constexpr size_t kMaxSlotsPerSlotSpan = 4 * (1 << 16) / kSmallestBucket; + static constexpr size_t kMaxSlotsPerSlotSpan = 4 * (1 << 14) / kSmallestBucket; #else ++// System page size can range from 4 to 64 kiB on Linux on other architectures. ++// 64kiB kiB is currently used by most ppc64 distributions, so use that as the ++// maximum. ++static constexpr size_t kMaxSlotsPerSlotSpan = 4 * (1 << 16) / kSmallestBucket; ++#endif ++#else // A slot span can "span" multiple PartitionPages, but then its slot size is // larger, so it doesn't have as many slots. + static constexpr size_t kMaxSlotsPerSlotSpan = From ba85b2fdfffd123e34e6a28cadffbc291a84c655 Mon Sep 17 00:00:00 2001 From: Than Ngo Date: Wed, 7 Aug 2024 10:21:18 +0200 Subject: [PATCH 2/2] - update to 127.0.6533.99 * Critical CVE-2024-7532: Out of bounds memory access in ANGLE * High CVE-2024-7533: Use after free in Sharing * High CVE-2024-7550: Type Confusion in V8 * High CVE-2024-7534: Heap buffer overflow in Layout * High CVE-2024-7535: Inappropriate implementation in V8 * High CVE-2024-7536: Use after free in WebAudio --- chromium.spec | 13 +++++++++++-- sources | 2 +- 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/chromium.spec b/chromium.spec index 68e74f8d..5c1c8483 100644 --- a/chromium.spec +++ b/chromium.spec @@ -296,8 +296,8 @@ %endif Name: chromium%{chromium_channel} -Version: 127.0.6533.88 -Release: 3%{?dist} +Version: 127.0.6533.99 +Release: 1%{?dist} Summary: A WebKit (Blink) powered web browser that Google doesn't want you to use Url: http://www.chromium.org/Home License: BSD-3-Clause AND LGPL-2.1-or-later AND Apache-2.0 AND IJG AND MIT AND GPL-2.0-or-later AND ISC AND OpenSSL AND (MPL-1.1 OR GPL-2.0-only OR LGPL-2.0-only) @@ -2033,6 +2033,15 @@ getent group chrome-remote-desktop >/dev/null || groupadd -r chrome-remote-deskt %endif %changelog +* Wed Aug 07 2024 Than Ngo - 127.0.6533.99-1 +- update to 127.0.6533.99 + * Critical CVE-2024-7532: Out of bounds memory access in ANGLE + * High CVE-2024-7533: Use after free in Sharing + * High CVE-2024-7550: Type Confusion in V8 + * High CVE-2024-7534: Heap buffer overflow in Layout + * High CVE-2024-7535: Inappropriate implementation in V8 + * High CVE-2024-7536: Use after free in WebAudio + * Tue Aug 06 2024 Than Ngo - 127.0.6533.88-3 - fix rhbz#2294773 - Allow enabling vulkan on ozone wayland for AMD vaapi - add ppc64le patch to fix runtime assertion trap on ppc64el systems diff --git a/sources b/sources index 7e696d91..c24224c4 100644 --- a/sources +++ b/sources @@ -4,4 +4,4 @@ SHA512 (linux-arm64-0.19.2.tgz) = 8a0d8fec6786fffcd6954d00820037a55d61e60762c743 SHA512 (linux-x64-0.19.2.tgz) = a31cc74c4bfa54f9b75d735a1cfc944d3b5efb7c06bfba9542da9a642ae0b2d235ea00ae84d3ad0572c406405110fe7b61377af0fd15803806ef78d20fc6f05d SHA512 (bindgen-cli-aarch64.tar.xz) = 1a5ae4e8fdd31d80e8111c4d5f2115336684763ecd3a442ffecdbc2a37bab146f88bdee0bb1ea7a98e1049f81b12e64bd0ce5510529b30a74ce3306488ac129b SHA512 (bindgen-cli-x86_64.tar.xz) = 7ccc9b43b32d3a064a75cfc150e060711356da8fe98e83d855bae017108ef8e9e172fbdd6e2579433c19cfb56ababa5b77a8db6fa57a5e657a3878778ca10a37 -SHA512 (chromium-127.0.6533.88-clean.tar.xz) = 212160a15e14348d416d2c3df0dd24f7b05da3c0f6fff3bccac1314f697be753bf831ea06039adec7d02f4e34d3a84787d12233bf927fa76727397ac0fde300f +SHA512 (chromium-127.0.6533.99-clean.tar.xz) = 353658ea97df8f1428e6b8b7b4eb2a18d9f2b21196af0e5bfe37928859ba494a43c2e1a93fdc3fd35a884d92cf75864b6acfa0d7c90c62c6d5fe25c1daeffa10