mirrors/electron
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions
electron/patches/chromium/support_mixed_sandbox_with_zygote.patch
electron-roller[bot] 9645f7f6d8
chore: bump chromium to 117.0.5884.1 (main) (#38969) 
* chore: bump chromium in DEPS to 117.0.5866.0

* chore: bump chromium in DEPS to 117.0.5868.0

* chore: update mas_no_private_api.patch

Xref: https://chromium-review.googlesource.com/c/chromium/src/+/4634925

Minor manual patch syncing due to upstream code shear

* chore: update mas_disable_remote_layer.patch

Xref: https://chromium-review.googlesource.com/c/chromium/src/+/4647191

Manually sync patch to minor upstream code shear

* chore: update mas_disable_remote_accessibility.patch

Xref: https://chromium-review.googlesource.com/c/chromium/src/+/4641746

No manual changes; patch applied with fuzz

* chore: update mas_avoid_usage_of_private_macos_apis.patch

Xref: https://chromium-review.googlesource.com/c/chromium/src/+/4634925

Manually sync base/process/launch_mac.cc to minor upstream shear

Manually sync base/mac/foundation_util.mm to upstream changes:
_CFIsObjC use has been removed upstream, so we no longer need
to remove it 🎉

* chore: update printing.patch

Xref: https://chromium-review.googlesource.com/c/chromium/src/+/4658496

Manually sync patch to minor upstream code shear

* chore: update disable_color_correct_rendering.patch

Xref: https://chromium-review.googlesource.com/c/chromium/src/+/4625254

Manually sync patch to minor upstream code shear

* chore: update feat_expose_raw_response_headers_from_urlloader.patch

Xref: services/network/public/cpp/resource_request.cc

No manual changes; patch applied with fuzz

* chore: update add_electron_deps_to_license_credits_file.patch

Xref: https://chromium-review.googlesource.com/c/chromium/src/+/4634961

No manual changes; patch applied with fuzz

* chore: update build_only_use_the_mas_build_config_in_the_required_components.patch

Xref: https://chromium-review.googlesource.com/c/chromium/src/+/4648411

No manual changes; patch applied with fuzz

* chore: update patches

* fixup! chore: update add_electron_deps_to_license_credits_file.patch

chore: license files must be an array

* chore: bump chromium in DEPS to 117.0.5870.0

* chore: update patches

* chore: run ./script/gen-libc++-filenames.js

* chore: update json_parse_errors_made_user-friendly.patch

Xref: https://chromium-review.googlesource.com/c/v8/v8/+/4652014

v8 error message changed upstream; update Node test to match it

* chore: bump chromium in DEPS to 117.0.5872.0

* chore: update patches

* chore: explicitly cast x11::Window to unsigned int

Xref: https://chromium-review.googlesource.com/c/chromium/src/+/4661049

This is an `enum class Window : uint32_t` defined in ui/gfx/x/xproto.h.
Previous versions of clang let this implicit cast happen,
but it generates a warning in the new clang roll.

* chore: remove unused #include

Xref: https://chromium-review.googlesource.com/c/chromium/src/+/4650453

header was removed upstream, so FTBFS unless removed here

* chore: add include guard patch

Xref: https://chromium-review.googlesource.com/c/chromium/src/+/4628373

h/t @jkleinsc

* chore: bump chromium in DEPS to 117.0.5874.0

* chore: update render_widget_host_view_mac.patch

Xref: https://chromium-review.googlesource.com/c/chromium/src/+/4661244

Manually sync patch to minor upstream code

* chore: update mas_disable_remote_accessibility.patch

Xref: https://chromium-review.googlesource.com/c/chromium/src/+/4653209

Manually sync patch to upstream code shear

* chore: update build_only_use_the_mas_build_config_in_the_required_components.patch

Xref: https://chromium-review.googlesource.com/c/chromium/src/+/4653209

Manually sync patch to minor upstream code shear

* chore: update GetInitiatorProcessId()

Xref: https://chromium-review.googlesource.com/c/chromium/src/+/4641991

trivial upstream naming change: s/ProcessID/ProcessId/

* chore: sync to upstream SetInputRegion() changes

Xref: https://chromium-review.googlesource.com/c/chromium/src/+/4665245

Simple upstream chang: SetInputRegion() used to take a gfx::Rect* where
`nullptr` meant "no opaque region". The function signature changed to
absl::optional<gfx::Rect> w/the same meaning.

* chore: sync to upstream SetOpaqueRegion() changes

Xref: https://chromium-review.googlesource.com/c/chromium/src/+/4656738

Simple upstream chang: SetOpaqueRegion() used to take a vector<Rect>* where
`nullptr` meant "no opaque region". The function signature changed to
absl::optional<std::vector<gfx::Rect>> w/the same meaning.

* chore: update patches

* chore: bump chromium in DEPS to 117.0.5876.0

* chore: update mas_disable_remote_accessibility.patch

Xref: https://chromium-review.googlesource.com/c/chromium/src/+/4658375

We no longer need to patch out a field that's now removed upstream.
RenderWidgetHostNSViewBridgeOwner.remote_accessibility_element_

* chore: update feat_filter_out_non-shareable_windows_in_the_current_application_in.patch

Xref: https://chromium-review.googlesource.com/c/chromium/src/+/4658680

Manually sync patch to upstream code shear (ARC adoption).

* chore: update patches

* fix: -Werror,-Wshadow error in Node.js

* chore: bump chromium in DEPS to 117.0.5878.0

* chore: bump chromium in DEPS to 117.0.5880.0

* chore: bump chromium in DEPS to 117.0.5880.4

* chore: update patches

* 4658680: Convert /content/browser to use ARC

https://chromium-review.googlesource.com/c/chromium/src/+/4658680

* 4669995: Remove CFToNSCast and NSToCFCast

https://chromium-review.googlesource.com/c/chromium/src/+/4669995

* WIP: 4658680: Convert /content/browser to use ARC

https://chromium-review.googlesource.com/c/chromium/src/+/4658680

* chore: update printing patch after rebase

* chore: bump chromium in DEPS to 117.0.5882.0

* Revert "WIP: 4658680: Convert /content/browser to use ARC"

This reverts commit c8559ea448ad93123865a6fa8af6fe2767e43396.

* Revert "4669995: Remove CFToNSCast and NSToCFCast"

This reverts commit 38e145f33d844e077b09e1fb119fae9d5d7bbc3e.

* chore: bump chromium in DEPS to 117.0.5874.0

* 4661244: Convert /content/browser/renderer_host to use ARC

https://chromium-review.googlesource.com/c/chromium/src/+/4661244

* 4653209: Convert /ui/views:views to use ARC

https://chromium-review.googlesource.com/c/chromium/src/+/4653209

* chore: fixup mas_disable_remote_accessibility.patch

* chore: fixup render_widget_host_view_mac.patch

* chore: update to newer clang

* chore: bump chromium in DEPS to 117.0.5884.1

(cherry picked from commit a3879acfde8f3d962d58d6ad0632164ccb88ee63)

* 4669995: Remove CFToNSCast and NSToCFCast

https://chromium-review.googlesource.com/c/chromium/src/+/4669995
(cherry picked from commit 38e145f33d844e077b09e1fb119fae9d5d7bbc3e)
(cherry picked from commit b1224ab7e00aedbd0e5dc78ebb3c6162573b28c4)

* 4658680: Convert /content/browser to use ARC

https://chromium-review.googlesource.com/c/chromium/src/+/4658680
(cherry picked from commit 77039a323b9ebb3e8edb3a92a3b94a8d7d026a32)

* Rename and cleanup ExtensionsBrowserClient functions

| https://chromium-review.googlesource.com/c/chromium/src/+/4665670

(cherry picked from commit 677a2e646a8d82da60dc252b08b320c3ddff6be6)

* chore: bump chromium in DEPS to 117.0.5886.0

* chore: update patches

* Revert "chore: update patches"

This reverts commit db9294f9446492d4a3d63f5f3ecc551aeeeb2e26.

* Revert "chore: bump chromium in DEPS to 117.0.5886.0"

This reverts commit a7de0276e6e0eeecfdbb17f9bbc27c01b4bbfc24.

* build: use built toolchains instead of locally installed VSCode

* fixup: build: use built toolchains instead of locally installed VSCode

* chore: add missing mojo dep

---------

Co-authored-by: electron-roller[bot] <84116207+electron-roller[bot]@users.noreply.github.com>
Co-authored-by: Charles Kerr <charles@charleskerr.com>
Co-authored-by: PatchUp <73610968+patchup[bot]@users.noreply.github.com>
Co-authored-by: John Kleinschmidt <jkleinsc@electronjs.org>
Co-authored-by: Shelley Vohr <shelley.vohr@gmail.com>
2023-07-16 16:14:43 +02:00

95 lines
4.4 KiB
Diff
Raw Blame History

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Jeremy Apthorp <nornagon@nornagon.net>
Date: Wed, 28 Nov 2018 13:20:27 -0800
Subject: support_mixed_sandbox_with_zygote.patch
On Linux, Chromium launches all new renderer processes via a "zygote"
process which has the sandbox pre-initialized (see
//docs/linux_zygote.md). In order to support mixed-sandbox mode, in
which some renderers are launched with the sandbox engaged and others
without it, we need the option to launch non-sandboxed renderers without
going through the zygote.
Chromium already supports a `--no-zygote` flag, but it turns off the
zygote completely, and thus also disables sandboxing. This patch allows
the `--no-zygote` flag to affect renderer processes on a case-by-case
basis, checking immediately prior to launch whether to go through the
zygote or not based on the command-line of the to-be-launched renderer.
This patch could conceivably be upstreamed, as it does not affect
production Chromium (which does not use the `--no-zygote` flag).
However, the patch would need to be reviewed by the security team, as it
does touch a security-sensitive class.
diff --git a/content/browser/renderer_host/render_process_host_impl.cc b/content/browser/renderer_host/render_process_host_impl.cc
index 69b48c4ae7c169af84922d7bc7e6f63429a238d5..37fdd04d9738c699db8c9140600f90e8523de93e 100644
--- a/content/browser/renderer_host/render_process_host_impl.cc
+++ b/content/browser/renderer_host/render_process_host_impl.cc
@@ -1915,9 +1915,15 @@ bool RenderProcessHostImpl::Init() {
std::unique_ptr<SandboxedProcessLauncherDelegate> sandbox_delegate =
std::make_unique<RendererSandboxedProcessLauncherDelegateWin>(
*cmd_line, IsPdf(), IsJitDisabled());
+#else
+#if BUILDFLAG(USE_ZYGOTE)
+ bool use_zygote = !cmd_line->HasSwitch(switches::kNoZygote);
+ std::unique_ptr<SandboxedProcessLauncherDelegate> sandbox_delegate =
+ std::make_unique<RendererSandboxedProcessLauncherDelegate>(use_zygote);
#else
std::unique_ptr<SandboxedProcessLauncherDelegate> sandbox_delegate =
std::make_unique<RendererSandboxedProcessLauncherDelegate>();
+#endif
#endif
auto file_data = std::make_unique<ChildProcessLauncherFileData>();
diff --git a/content/browser/renderer_host/renderer_sandboxed_process_launcher_delegate.cc b/content/browser/renderer_host/renderer_sandboxed_process_launcher_delegate.cc
index 5d96b358a52b01af0cb853125782af6202ae77b7..32b8ed19e9f265dc8f371c4e9c07f71487eb36f6 100644
--- a/content/browser/renderer_host/renderer_sandboxed_process_launcher_delegate.cc
+++ b/content/browser/renderer_host/renderer_sandboxed_process_launcher_delegate.cc
@@ -33,6 +33,9 @@ namespace content {
#if BUILDFLAG(USE_ZYGOTE)
ZygoteCommunication* RendererSandboxedProcessLauncherDelegate::GetZygote() {
+ if (!use_zygote_) {
+ return nullptr;
+ }
const base::CommandLine& browser_command_line =
*base::CommandLine::ForCurrentProcess();
base::CommandLine::StringType renderer_prefix =
@@ -67,6 +70,9 @@ RendererSandboxedProcessLauncherDelegateWin::
is_pdf_renderer_(is_pdf_renderer) {
// PDF renderers must be jitless.
CHECK(!is_pdf_renderer || is_jit_disabled);
+#if BUILDFLAG(USE_ZYGOTE)
+ use_zygote_ = !cmd_line->HasSwitch(switches::kNoZygote);
+#endif
if (is_jit_disabled) {
dynamic_code_can_be_disabled_ = true;
return;
diff --git a/content/browser/renderer_host/renderer_sandboxed_process_launcher_delegate.h b/content/browser/renderer_host/renderer_sandboxed_process_launcher_delegate.h
index 00038da2c15696b361aea1469ccf73307e44963e..7ccfbf11ecfd56fd165915baa85919eaf2e923b9 100644
--- a/content/browser/renderer_host/renderer_sandboxed_process_launcher_delegate.h
+++ b/content/browser/renderer_host/renderer_sandboxed_process_launcher_delegate.h
@@ -18,6 +18,11 @@ class CONTENT_EXPORT RendererSandboxedProcessLauncherDelegate
public:
RendererSandboxedProcessLauncherDelegate() = default;
+#if BUILDFLAG(USE_ZYGOTE)
+ RendererSandboxedProcessLauncherDelegate(bool use_zygote):
+ use_zygote_(use_zygote) {}
+#endif
+
~RendererSandboxedProcessLauncherDelegate() override = default;
#if BUILDFLAG(USE_ZYGOTE)
@@ -30,6 +35,11 @@ class CONTENT_EXPORT RendererSandboxedProcessLauncherDelegate
// sandbox::policy::SandboxDelegate:
sandbox::mojom::Sandbox GetSandboxType() override;
+
+ private:
+#if BUILDFLAG(USE_ZYGOTE)
+ bool use_zygote_ = true;
+#endif
};
#if BUILDFLAG(IS_WIN)
Reference in a new issue View git blame Copy permalink