commit 93b74be6ab5f4cd983ae8531ac0b2ca452ee0d31 Author: Rex Dieter <rdieter(a)gmail.com&gt; Date: Wed Jul 14 16:00:29 2021 -0500 5.15.5 qt5-qtwebengine-freeworld.spec | 86 +++++++------ qtwebengine-5.14-1-QT_DEPRECATED_VERSION.patch | 17 --- qtwebengine-5.15.0-QT_DEPRECATED_VERSION.patch | 17 +++ qtwebengine-everywhere-5.13.2-use-python2.patch | 13 -- qtwebengine-everywhere-5.15.5-use-python2.patch | 24 ++++ qtwebengine-everywhere-src-5.10.0-linux-pri.patch | 24 ---- ...verywhere-src-5.12.0-gn-bootstrap-verbose.patch | 13 -- ...ngine-everywhere-src-5.15.0-no-icudtl-dat.patch | 15 +-- qtwebengine-everywhere-src-5.15.2-#1904652.patch | 141 --------------------- ...ywhere-src-5.15.2-sandbox-time64-syscalls.patch | 89 ------------- qtwebengine-everywhere-src-5.15.5-#1904652.patch | 141 +++++++++++++++++++++ qtwebengine-everywhere-src-5.15.5-SIGSTKSZ.patch | 24 ++++ qtwebengine-everywhere-src-5.15.5-TRUE.patch | 12 ++ ...ywhere-src-5.15.5-sandbox-time64-syscalls.patch | 85 +++++++++++++ qtwebengine-gcc11.patch | 52 -------- 15 files changed, 358 insertions(+), 395 deletions(-) --- diff --git a/qt5-qtwebengine-freeworld.spec b/qt5-qtwebengine-freeworld.spec index d414786..695d3e9 100644 --- a/qt5-qtwebengine-freeworld.spec +++ b/qt5-qtwebengine-freeworld.spec @@ -7,20 +7,24 @@ # work around missing macro in the RPM Fusion build system (matches list in macros.qt5-srpm) %{!?qt5_qtwebengine_arches:%global qt5_qtwebengine_arches %{ix86} x86_64 %{arm} aarch64 mips mipsel mips64el} -%if 0%{?fedora} > 29 +%if 0%{?fedora} # need libvpx >= 1.8.0 (need commit 297dfd869609d7c3c5cd5faa3ebc7b43a394434e) %global use_system_libvpx 1 %endif -# need libwebp >= 0.6.0 +%if 0%{?fedora} > 30 || 0%{?epel} > 7 %global use_system_libwebp 1 +%global use_system_jsoncpp 1 +%global use_system_re2 1 +%endif + %if 0%{?use_system_libwebp} # only supported when using also libwebp from the system (see configure.json) # FTBFS: appears to be https://bugreports.qt.io/browse/QTBUG-65086 %global use_system_ffmpeg 1 %endif -%if 0%{?fedora} > 31 -# need libicu >= 64, only currently available on f32+ +%if 0%{?fedora} > 32 +# need libicu >= 65, only currently available on f33+ %global use_system_libicu 1 %endif @@ -46,8 +50,8 @@ Summary: Qt5 - QtWebEngine components (freeworld version) Name: qt5-qtwebengine-freeworld -Version: 5.15.2 -Release: 3%{?dist} +Version: 5.15.5 +Release: 1%{?dist} %global major_minor %(echo %{version} | cut -d. -f-2) %global major %(echo %{version} | cut -d. -f1) @@ -62,13 +66,11 @@ Source0: http://download.qt.io/official_releases/qt/%{major_minor}/%{version}/su # pulseaudio headers Source20: pulseaudio-12.2-headers.tar.gz -# some tweaks to linux.pri (system yasm, link libpci, run unbundling script) -Patch0: qtwebengine-everywhere-src-5.10.0-linux-pri.patch # quick hack to avoid checking for the nonexistent icudtl.dat and silence the # resulting warnings - not upstreamable as is because it removes the fallback # mechanism for the ICU data directory (which is not used in our builds because # we use the system ICU, which embeds the data statically) completely -Patch1: qtwebengine-everywhere-src-5.11.0-no-icudtl-dat.patch +Patch1: qtwebengine-everywhere-src-5.15.0-no-icudtl-dat.patch # fix extractCFlag to also look in QMAKE_CFLAGS_RELEASE, needed to detect the # ARM flags with our %%qmake_qt5 macro, including for the next patch Patch2: qtwebengine-opensource-src-5.12.4-fix-extractcflag.patch @@ -78,21 +80,23 @@ Patch3: qtwebengine-opensource-src-5.9.0-no-neon.patch # workaround FTBFS against kernel-headers-5.2.0+ Patch4: qtwebengine-SIOCGSTAMP.patch # fix build when using qt < 5.14 -Patch5: qtwebengine-5.14-1-QT_DEPRECATED_VERSION.patch +Patch5: qtwebengine-5.15.0-QT_DEPRECATED_VERSION.patch # remove Android dependencies from openmax_dl ARM NEON detection (detect.c) Patch10: qtwebengine-opensource-src-5.9.0-openmax-dl-neon.patch -# Force verbose output from the GN bootstrap process -Patch21: qtwebengine-everywhere-src-5.12.0-gn-bootstrap-verbose.patch # Fix/workaround FTBFS on aarch64 with newer glibc Patch24: qtwebengine-everywhere-src-5.11.3-aarch64-new-stat.patch # Use Python2 -Patch26: qtwebengine-everywhere-5.13.2-use-python2.patch -# Missing #includes for gcc-11 -Patch27: qtwebengine-gcc11.patch +Patch26: qtwebengine-everywhere-5.15.5-use-python2.patch # Fix sandbox issue breaking text rendering with glibc >= 2.33 (#1904652) -Patch28: qtwebengine-everywhere-src-5.15.2-#1904652.patch +# https://bugs.chromium.org/p/chromium/issues/detail?id=1164975 +Patch28: qtwebengine-everywhere-src-5.15.5-#1904652.patch # Fix sandbox issue on 32-bit architectures with glibc >= 2.31 (from Debian) -Patch29: qtwebengine-everywhere-src-5.15.2-sandbox-time64-syscalls.patch +Patch29: qtwebengine-everywhere-src-5.15.5-sandbox-time64-syscalls.patch +# don't assume type-ness of SIGSTKSZ, +# https://bugzilla.redhat.com/show_bug.cgi?id=1945595 +Patch30: qtwebengine-everywhere-src-5.15.5-SIGSTKSZ.patch +# FTBFS TRUE/FALSE undeclared +Patch31: qtwebengine-everywhere-src-5.15.5-TRUE.patch ## Upstream patches: # qtwebengine-chromium @@ -132,7 +136,10 @@ BuildRequires: krb5-devel BuildRequires: libicu-devel >= 64 %endif BuildRequires: libjpeg-devel +BuildRequires: nodejs +%if 0%{?use_system_re2} BuildRequires: re2-devel +%endif BuildRequires: snappy-devel %ifarch %{ix86} x86_64 BuildRequires: yasm @@ -144,7 +151,9 @@ BuildRequires: pkgconfig(fontconfig) BuildRequires: pkgconfig(freetype2) BuildRequires: pkgconfig(gl) BuildRequires: pkgconfig(egl) +%if 0%{?use_system_jsoncpp} BuildRequires: pkgconfig(jsoncpp) +%endif %if 0%{?use_system_ffmpeg} BuildRequires: pkgconfig(libavcodec) BuildRequires: pkgconfig(libavformat) @@ -165,6 +174,7 @@ BuildRequires: pkgconfig(zlib) %if 0%{?fedora} && 0%{?fedora} < 30 BuildRequires: pkgconfig(minizip) %else +BuildConflicts: minizip-devel Provides: bundled(minizip) = 1.2 %endif BuildRequires: pkgconfig(x11) @@ -186,6 +196,7 @@ BuildRequires: pkgconfig(dbus-1) BuildRequires: pkgconfig(nss) BuildRequires: pkgconfig(lcms2) BuildRequires: pkgconfig(xkbcommon) +BuildRequires: pkgconfig(xkbfile) ## https://bugreports.qt.io/browse/QTBUG-59094 #BuildRequires: pkgconfig(libxslt) pkgconfig(libxml-2.0) BuildRequires: perl-interpreter @@ -198,6 +209,8 @@ BuildRequires: %{__python2} BuildRequires: python2 BuildRequires: python2-rpm-macros %endif +## HACK, seems patch26 is not 100% complete +BuildRequires: %{_bindir}/python %if 0%{?use_system_libvpx} BuildRequires: pkgconfig(vpx) >= 1.7.0 %endif @@ -342,7 +355,6 @@ mv pulse src/3rdparty/chromium/ pushd src/3rdparty/chromium popd -%patch0 -p1 -b .linux-pri %if 0%{?use_system_libicu} %patch1 -p1 -b .no-icudtl-dat %endif @@ -354,15 +366,13 @@ popd #patch5 -p1 -b .QT_DEPRECATED_VERSION ## upstream patches - #patch10 -p1 -b .openmax-dl-neon -## NEEDSWORK -#patch21 -p1 -b .gn-bootstrap-verbose %patch24 -p1 -b .aarch64-new-stat %patch26 -p1 -b .use-python2 -%patch27 -p1 -b .gcc11 %patch28 -p1 -b .rh#1904652 %patch29 -p1 -b .sandbox-time64-syscalls +%patch30 -p1 -b .SIGSTKSZ +%patch31 -p1 -b .TRUE # the xkbcommon config/feature was renamed in 5.12, so need to adjust QT_CONFIG references # when building on older Qt releases @@ -370,25 +380,11 @@ popd sed -i -e 's|QT_CONFIG(xkbcommon)|QT_CONFIG(xkbcommon_evdev)|g' src/core/web_event_factory.cpp %endif -# fix // in #include in content/renderer/gpu to avoid debugedit failure -#sed -i -e 's!gpu//!gpu/!g' \ -# src/3rdparty/chromium/content/renderer/gpu/compositor_forwarding_message_filter.cc -# and another one in 2 files in WebRTC -sed -i -e 's!audio_processing//!audio_processing/!g' \ - src/3rdparty/chromium/third_party/webrtc/modules/audio_processing/utility/ooura_fft.cc \ - src/3rdparty/chromium/third_party/webrtc/modules/audio_processing/utility/ooura_fft_sse2.cc -# remove ./ from #line commands in ANGLE to avoid debugedit failure (?) -#sed -i -e 's!\./!!g' \ -# src/3rdparty/chromium/third_party/angle/src/compiler/preprocessor/Tokenizer.cpp \ -# src/3rdparty/chromium/third_party/angle/src/compiler/translator/glslang_lex.cpp -# delete all "toolprefix = " lines from build/toolchain/linux/BUILD.gn, as we -# never cross-compile in native Fedora RPMs, fixes ARM and aarch64 FTBFS -sed -i -e '/toolprefix = /d' -e 's/\${toolprefix}//g' \ - src/3rdparty/chromium/build/toolchain/linux/BUILD.gn - +%if 0%{?use_system_re2} # http://bugzilla.redhat.com/1337585 # can't just delete, but we'll overwrite with system headers to be on the safe side cp -bv /usr/include/re2/*.h src/3rdparty/chromium/third_party/re2/src/re2/ +%endif %if 0 #ifarch x86_64 @@ -414,6 +410,17 @@ popd # copy the Chromium license so it is installed with the appropriate name cp -p src/3rdparty/chromium/LICENSE LICENSE.Chromium +# consider doing this as part of the tarball creation step instead? rdieter +# fix/workaround +# fatal error: QtWebEngineCore/qtwebenginecoreglobal.h: No such file or directory +if [ ! -f "./include/QtWebEngineCore/qtwebenginecoreglobal.h" ]; then +%_qt5_bindir/syncqt.pl -version %{version} +fi + +# abort if this doesn't get created by syncqt.pl +test -f "./include/QtWebEngineCore/qtwebenginecoreglobal.h" + + %build export STRIP=strip export NINJAFLAGS="%{__ninja_common_opts}" @@ -457,6 +464,9 @@ echo "%{_libdir}/%{name}" \ %changelog +* Wed Jul 14 2021 Rex Dieter <rdieter(a)fedoraproject.org&gt; - 5.15.5-1 +- 5.15.5 + * Sun Feb 07 2021 RPM Fusion Release Engineering <leigh123linux(a)gmail.com&gt; - 5.15.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild diff --git a/qtwebengine-5.15.0-QT_DEPRECATED_VERSION.patch b/qtwebengine-5.15.0-QT_DEPRECATED_VERSION.patch new file mode 100644 index 0000000..3771308 --- /dev/null +++ b/qtwebengine-5.15.0-QT_DEPRECATED_VERSION.patch @@ -0,0 +1,17 @@ +diff -up qtwebengine-everywhere-src-5.15.5/src/webenginewidgets/api/qwebenginedownloaditem.h.QT_DEPRECATED_VERSION qtwebengine-everywhere-src-5.15.5/src/webenginewidgets/api/qwebenginedownloaditem.h +--- qtwebengine-everywhere-src-5.15.5/src/webenginewidgets/api/qwebenginedownloaditem.h.QT_DEPRECATED_VERSION 2021-06-24 07:34:27.991417071 -0500 ++++ qtwebengine-everywhere-src-5.15.5/src/webenginewidgets/api/qwebenginedownloaditem.h 2021-06-24 07:36:28.996937357 -0500 +@@ -120,9 +120,13 @@ public: + QString mimeType() const; + #if QT_DEPRECATED_SINCE(5, 14) + #if QT_VERSION >= QT_VERSION_CHECK(5, 14, 0) ++#if QT_VERSION >= QT_VERSION_CHECK(5,14,0) + QT_DEPRECATED_VERSION_X(5, 14, "Use downloadDirectory() and downloadFileName() instead") ++#endif + QString path() const; ++#if QT_VERSION >= QT_VERSION_CHECK(5,14,0) + QT_DEPRECATED_VERSION_X(5, 14, "Use setDownloadDirectory() and setDownloadFileName() instead") ++#endif + void setPath(QString path); + #else + QT_DEPRECATED_X("Use downloadDirectory() and downloadFileName() instead") diff --git a/qtwebengine-everywhere-5.15.5-use-python2.patch b/qtwebengine-everywhere-5.15.5-use-python2.patch new file mode 100644 index 0000000..12c53ea --- /dev/null +++ b/qtwebengine-everywhere-5.15.5-use-python2.patch @@ -0,0 +1,24 @@ +diff -up qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/third_party/catapult/common/py_vulcanize/py_vulcanize/generate.py.use-python2 qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/third_party/catapult/common/py_vulcanize/py_vulcanize/generate.py +--- qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/third_party/catapult/common/py_vulcanize/py_vulcanize/generate.py.use-python2 2021-05-28 07:05:45.000000000 -0500 ++++ qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/third_party/catapult/common/py_vulcanize/py_vulcanize/generate.py 2021-06-23 15:27:45.771765298 -0500 +@@ -83,7 +83,7 @@ def _MinifyJS(input_js): + + with tempfile.NamedTemporaryFile() as _: + args = [ +- 'python', ++ 'python2', + rjsmin_path + ] + p = subprocess.Popen(args, +diff -up qtwebengine-everywhere-src-5.15.5/src/webengine/module.pro.use-python2 qtwebengine-everywhere-src-5.15.5/src/webengine/module.pro +--- qtwebengine-everywhere-src-5.15.5/src/webengine/module.pro.use-python2 2021-06-11 00:31:04.000000000 -0500 ++++ qtwebengine-everywhere-src-5.15.5/src/webengine/module.pro 2021-06-23 15:26:48.897435095 -0500 +@@ -76,7 +76,7 @@ qtConfig(webengine-testsupport) { + python = $$pythonPathForShell() + chromium_attributions.commands = \ + cd $$shell_quote($$shell_path($$PWD/../3rdparty)) && \ +- $$python chromium/tools/licenses.py \ ++ python2 chromium/tools/licenses.py \ + --file-template ../../tools/about_credits.tmpl \ + --entry-template ../../tools/about_credits_entry.tmpl credits \ + $$shell_quote($$shell_path($$OUT_PWD/chromium_attributions.qdoc)) diff --git a/qtwebengine-everywhere-src-5.11.0-no-icudtl-dat.patch b/qtwebengine-everywhere-src-5.15.0-no-icudtl-dat.patch similarity index 71% rename from qtwebengine-everywhere-src-5.11.0-no-icudtl-dat.patch rename to qtwebengine-everywhere-src-5.15.0-no-icudtl-dat.patch index e035dff..a83367e 100644 --- a/qtwebengine-everywhere-src-5.11.0-no-icudtl-dat.patch +++ b/qtwebengine-everywhere-src-5.15.0-no-icudtl-dat.patch @@ -1,15 +1,15 @@ -diff --git a/src/core/web_engine_library_info.cpp b/src/core/web_engine_library_info.cpp -index 1c8316430..a1c27d28f 100644 ---- a/src/core/web_engine_library_info.cpp -+++ b/src/core/web_engine_library_info.cpp -@@ -259,29 +259,12 @@ QString dictionariesPath() +diff -up qtwebengine-everywhere-src-5.15.5/src/core/web_engine_library_info.cpp.no-icudtl-dat qtwebengine-everywhere-src-5.15.5/src/core/web_engine_library_info.cpp +--- qtwebengine-everywhere-src-5.15.5/src/core/web_engine_library_info.cpp.no-icudtl-dat 2021-06-24 07:26:58.976486102 -0500 ++++ qtwebengine-everywhere-src-5.15.5/src/core/web_engine_library_info.cpp 2021-06-24 07:32:19.272863523 -0500 +@@ -273,7 +273,6 @@ QString dictionariesPath() QString resourcesDataPath() { - static bool initialized = false; static QString potentialResourcesPath = - #if defined(OS_MACOSX) && defined(QT_MAC_FRAMEWORK_BUILD) + #if defined(OS_MAC) && defined(QT_MAC_FRAMEWORK_BUILD) getResourcesPath(frameworkBundle()); +@@ -282,21 +281,6 @@ QString resourcesDataPath() #else QLibraryInfo::location(QLibraryInfo::DataPath) % QLatin1String("/resources"); #endif @@ -28,7 +28,6 @@ index 1c8316430..a1c27d28f 100644 - potentialResourcesPath = fallbackDir(); - } - } -- + return potentialResourcesPath; } - } // namespace diff --git a/qtwebengine-everywhere-src-5.15.5-#1904652.patch b/qtwebengine-everywhere-src-5.15.5-#1904652.patch new file mode 100644 index 0000000..7951e6b --- /dev/null +++ b/qtwebengine-everywhere-src-5.15.5-#1904652.patch @@ -0,0 +1,141 @@ +diff -up qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc.rh#1904652 qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc +--- qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc.rh#1904652 2021-05-28 07:05:45.000000000 -0500 ++++ qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc 2021-06-24 08:34:07.566783935 -0500 +@@ -257,6 +257,18 @@ ResultExpr EvaluateSyscallImpl(int fs_de + return RestrictKillTarget(current_pid, sysno); + } + ++#if defined(__NR_newfstatat) ++ if (sysno == __NR_newfstatat) { ++ return RewriteFstatatSIGSYS(); ++ } ++#endif ++ ++#if defined(__NR_fstatat64) ++ if (sysno == __NR_fstatat64) { ++ return RewriteFstatatSIGSYS(); ++ } ++#endif ++ + if (SyscallSets::IsFileSystem(sysno) || + SyscallSets::IsCurrentDirectory(sysno)) { + return Error(fs_denied_errno); +diff -up qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.cc.rh#1904652 qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.cc +--- qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.cc.rh#1904652 2021-05-28 07:05:45.000000000 -0500 ++++ qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.cc 2021-06-24 08:40:08.552334787 -0500 +@@ -6,6 +6,8 @@ + + #include "sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h" + ++#include <errno.h> ++#include <fcntl.h> + #include <stddef.h> + #include <stdint.h> + #include <string.h> +@@ -355,6 +357,35 @@ intptr_t SIGSYSSchedHandler(const struct + return -ENOSYS; + } + ++intptr_t SIGSYSFstatatHandler(const struct arch_seccomp_data& args, ++ void* aux) { ++ switch (args.nr) { ++#if defined(__NR_newfstatat) ++ case __NR_newfstatat: ++#endif ++#if defined(__NR_fstatat64) ++ case __NR_fstatat64: ++#endif ++#if defined(__NR_newfstatat) || defined(__NR_fstatat64) ++ if (*reinterpret_cast<const char *>(args.args[1]) == '\0' ++ && args.args[3] == static_cast<uint64_t>(AT_EMPTY_PATH)) { ++ return sandbox::sys_fstat64(static_cast<int>(args.args[0]), ++ reinterpret_cast<struct stat64 *>(args.args[2])); ++ } else { ++ errno = EACCES; ++ return -1; ++ } ++ break; ++#endif ++ } ++ ++ CrashSIGSYS_Handler(args, aux); ++ ++ // Should never be reached. ++ RAW_CHECK(false); ++ return -ENOSYS; ++} ++ + bpf_dsl::ResultExpr CrashSIGSYS() { + return bpf_dsl::Trap(CrashSIGSYS_Handler, NULL); + } +@@ -387,6 +418,10 @@ bpf_dsl::ResultExpr RewriteSchedSIGSYS() + return bpf_dsl::Trap(SIGSYSSchedHandler, NULL); + } + ++bpf_dsl::ResultExpr RewriteFstatatSIGSYS() { ++ return bpf_dsl::Trap(SIGSYSFstatatHandler, NULL); ++} ++ + void AllocateCrashKeys() { + #if !defined(OS_NACL_NONSFI) + if (seccomp_crash_key) +diff -up qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h.rh#1904652 qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h +--- qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h.rh#1904652 2021-05-28 07:05:45.000000000 -0500 ++++ qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h 2021-06-24 08:39:31.205174337 -0500 +@@ -62,6 +62,10 @@ SANDBOX_EXPORT intptr_t SIGSYSPtraceFail + // sched_setparam(), sched_setscheduler() + SANDBOX_EXPORT intptr_t SIGSYSSchedHandler(const arch_seccomp_data& args, + void* aux); ++// If the fstatat syscall is actually a disguised fstat, calls the regular fstat ++// syscall, otherwise, crashes in the same way as CrashSIGSYS_Handler. ++SANDBOX_EXPORT intptr_t ++ SIGSYSFstatatHandler(const struct arch_seccomp_data& args, void* aux); + + // Variants of the above functions for use with bpf_dsl. + SANDBOX_EXPORT bpf_dsl::ResultExpr CrashSIGSYS(); +@@ -72,6 +76,7 @@ SANDBOX_EXPORT bpf_dsl::ResultExpr Crash + SANDBOX_EXPORT bpf_dsl::ResultExpr CrashSIGSYSFutex(); + SANDBOX_EXPORT bpf_dsl::ResultExpr CrashSIGSYSPtrace(); + SANDBOX_EXPORT bpf_dsl::ResultExpr RewriteSchedSIGSYS(); ++SANDBOX_EXPORT bpf_dsl::ResultExpr RewriteFstatatSIGSYS(); + + // Allocates a crash key so that Seccomp information can be recorded. + void AllocateCrashKeys(); +diff -up qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/sandbox/linux/services/syscall_wrappers.cc.rh#1904652 qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/sandbox/linux/services/syscall_wrappers.cc +--- qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/sandbox/linux/services/syscall_wrappers.cc.rh#1904652 2021-05-28 07:05:45.000000000 -0500 ++++ qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/sandbox/linux/services/syscall_wrappers.cc 2021-06-24 08:34:07.567783940 -0500 +@@ -261,4 +261,13 @@ int sys_sigaction(int signum, + + #endif // defined(MEMORY_SANITIZER) + ++SANDBOX_EXPORT int sys_fstat64(int fd, struct stat64 *buf) ++{ ++#if defined(__NR_fstat64) ++ return syscall(__NR_fstat64, fd, buf); ++#else ++ return syscall(__NR_fstat, fd, buf); ++#endif ++} ++ + } // namespace sandbox +diff -up qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/sandbox/linux/services/syscall_wrappers.h.rh#1904652 qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/sandbox/linux/services/syscall_wrappers.h +--- qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/sandbox/linux/services/syscall_wrappers.h.rh#1904652 2021-05-28 07:05:45.000000000 -0500 ++++ qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/sandbox/linux/services/syscall_wrappers.h 2021-06-24 08:34:07.568783944 -0500 +@@ -17,6 +17,7 @@ struct sock_fprog; + struct rlimit64; + struct cap_hdr; + struct cap_data; ++struct stat64; + + namespace sandbox { + +@@ -84,6 +85,9 @@ SANDBOX_EXPORT int sys_sigaction(int sig + const struct sigaction* act, + struct sigaction* oldact); + ++// Recent glibc rewrites fstat to fstatat. ++SANDBOX_EXPORT int sys_fstat64(int fd, struct stat64 *buf); ++ + } // namespace sandbox + + #endif // SANDBOX_LINUX_SERVICES_SYSCALL_WRAPPERS_H_ diff --git a/qtwebengine-everywhere-src-5.15.5-SIGSTKSZ.patch b/qtwebengine-everywhere-src-5.15.5-SIGSTKSZ.patch new file mode 100644 index 0000000..2f32049 --- /dev/null +++ b/qtwebengine-everywhere-src-5.15.5-SIGSTKSZ.patch @@ -0,0 +1,24 @@ +diff -up qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/third_party/abseil-cpp/absl/debugging/failure_signal_handler.cc.SIGSTKSZ qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/third_party/abseil-cpp/absl/debugging/failure_signal_handler.cc +--- qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/third_party/abseil-cpp/absl/debugging/failure_signal_handler.cc.SIGSTKSZ 2021-05-28 07:05:45.000000000 -0500 ++++ qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/third_party/abseil-cpp/absl/debugging/failure_signal_handler.cc 2021-06-24 09:14:27.365186590 -0500 +@@ -135,7 +135,7 @@ static bool SetupAlternateStackOnce() { + #else + const size_t page_mask = sysconf(_SC_PAGESIZE) - 1; + #endif +- size_t stack_size = (std::max(SIGSTKSZ, 65536) + page_mask) & ~page_mask; ++ size_t stack_size = (std::max<size_t>(SIGSTKSZ, 65536) + page_mask) & ~page_mask; + #if defined(ABSL_HAVE_ADDRESS_SANITIZER) || \ + defined(ABSL_HAVE_MEMORY_SANITIZER) || defined(ABSL_HAVE_THREAD_SANITIZER) + // Account for sanitizer instrumentation requiring additional stack space. +diff -up qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/third_party/breakpad/breakpad/src/client/linux/handler/exception_handler.cc.SIGSTKSZ qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/third_party/breakpad/breakpad/src/client/linux/handler/exception_handler.cc +--- qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/third_party/breakpad/breakpad/src/client/linux/handler/exception_handler.cc.SIGSTKSZ 2021-05-28 07:05:45.000000000 -0500 ++++ qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/third_party/breakpad/breakpad/src/client/linux/handler/exception_handler.cc 2021-06-24 09:15:54.012558815 -0500 +@@ -138,7 +138,7 @@ void InstallAlternateStackLocked() { + // SIGSTKSZ may be too small to prevent the signal handlers from overrunning + // the alternative stack. Ensure that the size of the alternative stack is + // large enough. +- static const unsigned kSigStackSize = std::max(16384, SIGSTKSZ); ++ static const unsigned kSigStackSize = std::max<unsigned>(16384, SIGSTKSZ); + + // Only set an alternative stack if there isn't already one, or if the current + // one is too small. diff --git a/qtwebengine-everywhere-src-5.15.5-TRUE.patch b/qtwebengine-everywhere-src-5.15.5-TRUE.patch new file mode 100644 index 0000000..b61c923 --- /dev/null +++ b/qtwebengine-everywhere-src-5.15.5-TRUE.patch @@ -0,0 +1,12 @@ +diff -up qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/third_party/libxml/src/encoding.c.TRUE qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/third_party/libxml/src/encoding.c +--- qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/third_party/libxml/src/encoding.c.TRUE 2021-05-28 07:05:45.000000000 -0500 ++++ qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/third_party/libxml/src/encoding.c 2021-06-24 09:44:41.592468805 -0500 +@@ -2004,7 +2004,7 @@ xmlEncOutputChunk(xmlCharEncodingHandler + #ifdef LIBXML_ICU_ENABLED + else if (handler->uconv_out != NULL) { + ret = xmlUconvWrapper(handler->uconv_out, 0, out, outlen, in, inlen, +- TRUE); ++ 1); + } + #endif /* LIBXML_ICU_ENABLED */ + else { diff --git a/qtwebengine-everywhere-src-5.15.5-sandbox-time64-syscalls.patch b/qtwebengine-everywhere-src-5.15.5-sandbox-time64-syscalls.patch new file mode 100644 index 0000000..1a14bc9 --- /dev/null +++ b/qtwebengine-everywhere-src-5.15.5-sandbox-time64-syscalls.patch @@ -0,0 +1,85 @@ +diff -up qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc.sandbox-time64-syscalls qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc +--- qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc.sandbox-time64-syscalls 2021-06-24 10:36:45.687826522 -0500 ++++ qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc 2021-06-24 10:36:45.692826524 -0500 +@@ -157,7 +157,14 @@ ResultExpr EvaluateSyscallImpl(int fs_de + return Allow(); + #endif + +- if (sysno == __NR_clock_gettime || sysno == __NR_clock_nanosleep) { ++ if (sysno == __NR_clock_gettime || sysno == __NR_clock_nanosleep ++#if defined(__NR_clock_gettime64) ++ || sysno == __NR_clock_gettime64 ++#endif ++#if defined(__NR_clock_nanosleep_time64) ++ || sysno == __NR_clock_nanosleep_time64 ++#endif ++ ) { + return RestrictClockID(); + } + +diff -up qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions_unittests.cc.sandbox-time64-syscalls qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions_unittests.cc +--- qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions_unittests.cc.sandbox-time64-syscalls 2021-05-28 07:05:45.000000000 -0500 ++++ qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions_unittests.cc 2021-06-24 10:36:45.692826524 -0500 +@@ -60,6 +60,12 @@ class RestrictClockIdPolicy : public bpf + case __NR_clock_gettime: + case __NR_clock_getres: + case __NR_clock_nanosleep: ++#if defined(__NR_clock_nanosleep_time64) ++ case __NR_clock_nanosleep_time64: ++#endif ++#if defined(__NR_clock_gettime64) ++ case __NR_clock_gettime64: ++#endif + return RestrictClockID(); + default: + return Allow(); +diff -up qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc.sandbox-time64-syscalls qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc +--- qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc.sandbox-time64-syscalls 2021-05-28 07:05:45.000000000 -0500 ++++ qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc 2021-06-24 10:36:45.693826524 -0500 +@@ -39,6 +39,12 @@ bool SyscallSets::IsAllowedGettime(int s + // filtered by RestrictClokID(). + case __NR_clock_gettime: // Parameters filtered by RestrictClockID(). + case __NR_clock_nanosleep: // Parameters filtered by RestrictClockID(). ++#if defined(__NR_clock_gettime64) ++ case __NR_clock_gettime64: // Parameters filtered by RestrictClockID(). ++#endif ++#if defined(__NR_clock_nanosleep_time64) ++ case __NR_clock_nanosleep_time64: // Parameters filtered by RestrictClockID(). ++#endif + case __NR_clock_settime: // Privileged. + #if defined(__i386__) || \ + (defined(ARCH_CPU_MIPS_FAMILY) && defined(ARCH_CPU_32_BITS)) +diff -up qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/sandbox/linux/system_headers/arm_linux_syscalls.h.sandbox-time64-syscalls qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/sandbox/linux/system_headers/arm_linux_syscalls.h +--- qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/sandbox/linux/system_headers/arm_linux_syscalls.h.sandbox-time64-syscalls 2021-06-24 10:36:45.694826524 -0500 ++++ qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/sandbox/linux/system_headers/arm_linux_syscalls.h 2021-06-24 10:37:50.383852263 -0500 +@@ -1441,6 +1441,14 @@ + #define __NR_io_pgetevents (__NR_SYSCALL_BASE+399) + #endif + ++#if !defined(__NR_clock_gettime64) ++#define __NR_clock_gettime64 (__NR_SYSCALL_BASE+403) ++#endif ++ ++#if !defined(__NR_clock_nanosleep_time64) ++#define __NR_clock_nanosleep_time64 (__NR_SYSCALL_BASE+407) ++#endif ++ + // ARM private syscalls. + #if !defined(__ARM_NR_BASE) + #define __ARM_NR_BASE (__NR_SYSCALL_BASE + 0xF0000) +diff -up qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/sandbox/linux/system_headers/mips_linux_syscalls.h.sandbox-time64-syscalls qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/sandbox/linux/system_headers/mips_linux_syscalls.h +--- qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/sandbox/linux/system_headers/mips_linux_syscalls.h.sandbox-time64-syscalls 2021-05-28 07:05:45.000000000 -0500 ++++ qtwebengine-everywhere-src-5.15.5/src/3rdparty/chromium/sandbox/linux/system_headers/mips_linux_syscalls.h 2021-06-24 10:36:45.695826525 -0500 +@@ -1433,4 +1433,12 @@ + #define __NR_memfd_create (__NR_Linux + 354) + #endif + ++#if !defined(__NR_clock_gettime64) ++#define __NR_clock_gettime64 (__NR_Linux + 403) ++#endif ++ ++#if !defined(__NR_clock_nanosleep_time64) ++#define __NR_clock_nanosleep_time64 (__NR_Linux + 407) ++#endif ++ + #endif // SANDBOX_LINUX_SYSTEM_HEADERS_MIPS_LINUX_SYSCALLS_H_