From 180983e6efe180d08f13eab7702d1bc90ff657af Mon Sep 17 00:00:00 2001 From: Michael Weiss Date: Tue, 25 May 2021 11:21:14 +0200 Subject: [PATCH 01/10] chromiumBeta: 91.0.4472.69 -> 91.0.4472.77 (cherry picked from commit b6f54db787c056ead0d4bd46697d0251adb3141c) --- .../networking/browsers/chromium/upstream-info.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/applications/networking/browsers/chromium/upstream-info.json b/pkgs/applications/networking/browsers/chromium/upstream-info.json index ab0afd9b54e..c810674fc9d 100644 --- a/pkgs/applications/networking/browsers/chromium/upstream-info.json +++ b/pkgs/applications/networking/browsers/chromium/upstream-info.json @@ -18,9 +18,9 @@ } }, "beta": { - "version": "91.0.4472.69", - "sha256": "0yqc7py5x48wqg5x90j57vp07qfc20w1j0f30rmyxbgl6v346s0z", - "sha256bin64": "1z82i6pq4wbx44d6ij32dkappywdpaxlfp23kl3p7x4x9hv1c0yq", + "version": "91.0.4472.77", + "sha256": "0c8vj3gq3nmb7ssiwj6875g0a8hcprss1a4gqw9h7llqywza9ma5", + "sha256bin64": "1fmarrvkvfj0hgnz4qqx7b45pwkdpagfj2s2hznnanq5q5p9vay0", "deps": { "gn": { "version": "2021-04-06", From ddde2dd1d20c85159a2ec7adb265a9a28af65939 Mon Sep 17 00:00:00 2001 From: Michael Weiss Date: Thu, 27 May 2021 11:45:06 +0200 Subject: [PATCH 02/10] chromiumDev: 92.0.4512.4 -> 92.0.4515.20 (cherry picked from commit 136addaa6e924e642669a925a323475a2d0c207e) --- .../networking/browsers/chromium/upstream-info.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/applications/networking/browsers/chromium/upstream-info.json b/pkgs/applications/networking/browsers/chromium/upstream-info.json index c810674fc9d..995e4c9be61 100644 --- a/pkgs/applications/networking/browsers/chromium/upstream-info.json +++ b/pkgs/applications/networking/browsers/chromium/upstream-info.json @@ -31,9 +31,9 @@ } }, "dev": { - "version": "92.0.4512.4", - "sha256": "0ycwr11bz2hlzczs6cajxn5k32m44ndhmqh86iykcbi982dj7jq2", - "sha256bin64": "0wv29rghcbin725qbl8cq20j8w5mlcjmjaqdcr73m753dv3jv8rq", + "version": "92.0.4515.20", + "sha256": "0xmpmjpxr4bgy62d71ky9asxwbgnx60mrp9f1dxm9nm92dv6w0ac", + "sha256bin64": "1la5mrh33izl7nf1rr899ljh448ckpqz2bp0vac83vb8952krm05", "deps": { "gn": { "version": "2021-05-07", From c92cc2463d59ce03157e64fc0f8e9ee4bc625fc0 Mon Sep 17 00:00:00 2001 From: Michael Weiss Date: Wed, 2 Jun 2021 12:09:52 +0200 Subject: [PATCH 03/10] chromiumDev: 92.0.4515.20 -> 92.0.4515.40 (cherry picked from commit cf6496e72bb1c698c3a1516ab6b4ed0cde516cbc) --- .../networking/browsers/chromium/upstream-info.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/applications/networking/browsers/chromium/upstream-info.json b/pkgs/applications/networking/browsers/chromium/upstream-info.json index 995e4c9be61..51674fd7941 100644 --- a/pkgs/applications/networking/browsers/chromium/upstream-info.json +++ b/pkgs/applications/networking/browsers/chromium/upstream-info.json @@ -31,9 +31,9 @@ } }, "dev": { - "version": "92.0.4515.20", - "sha256": "0xmpmjpxr4bgy62d71ky9asxwbgnx60mrp9f1dxm9nm92dv6w0ac", - "sha256bin64": "1la5mrh33izl7nf1rr899ljh448ckpqz2bp0vac83vb8952krm05", + "version": "92.0.4515.40", + "sha256": "1v0vmnzdqq7d2rqp1sam8nk7z20xg5l9lnlpqjxj30y8k37gzh8p", + "sha256bin64": "12kfzgg0fhlrvr3ci1gzsn5rzdwr4dc2k3sj45j4dn7wnrjlpmbx", "deps": { "gn": { "version": "2021-05-07", From b60b15b4101b3fed5b1acf8995f4c17cd3cdddbc Mon Sep 17 00:00:00 2001 From: Michael Weiss Date: Fri, 4 Jun 2021 11:51:01 +0200 Subject: [PATCH 04/10] chromiumBeta: 91.0.4472.77 -> 92.0.4515.40 (cherry picked from commit c6890330f5bb19cf561bf9e0dfc8119766be5aed) --- .../networking/browsers/chromium/upstream-info.json | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/pkgs/applications/networking/browsers/chromium/upstream-info.json b/pkgs/applications/networking/browsers/chromium/upstream-info.json index 51674fd7941..c66d89d4bb4 100644 --- a/pkgs/applications/networking/browsers/chromium/upstream-info.json +++ b/pkgs/applications/networking/browsers/chromium/upstream-info.json @@ -18,15 +18,15 @@ } }, "beta": { - "version": "91.0.4472.77", - "sha256": "0c8vj3gq3nmb7ssiwj6875g0a8hcprss1a4gqw9h7llqywza9ma5", - "sha256bin64": "1fmarrvkvfj0hgnz4qqx7b45pwkdpagfj2s2hznnanq5q5p9vay0", + "version": "92.0.4515.40", + "sha256": "1v0vmnzdqq7d2rqp1sam8nk7z20xg5l9lnlpqjxj30y8k37gzh8p", + "sha256bin64": "0i3plysx51n2gsm5vbf9666rz73pqbbns7v09wznbbncvw9zngrf", "deps": { "gn": { - "version": "2021-04-06", + "version": "2021-05-07", "url": "https://gn.googlesource.com/gn", - "rev": "dba01723a441c358d843a575cb7720d54ddcdf92", - "sha256": "199xkks67qrn0xa5fhp24waq2vk8qb78a96cb3kdd8v1hgacgb8x" + "rev": "39a87c0b36310bdf06b692c098f199a0d97fc810", + "sha256": "0x63jr5hssm9dl6la4q5ahy669k4gxvbapqxi5w32vv107jrj8v4" } } }, From c15df2350d5e0d0b07339063bf040ab8d837189e Mon Sep 17 00:00:00 2001 From: Michael Weiss Date: Fri, 4 Jun 2021 11:51:10 +0200 Subject: [PATCH 05/10] chromiumDev: 92.0.4515.40 -> 93.0.4530.5 (cherry picked from commit 2c9e2b68753d89764e7ad9a47374ad541130ba84) --- .../networking/browsers/chromium/upstream-info.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/applications/networking/browsers/chromium/upstream-info.json b/pkgs/applications/networking/browsers/chromium/upstream-info.json index c66d89d4bb4..9762bcbbe9d 100644 --- a/pkgs/applications/networking/browsers/chromium/upstream-info.json +++ b/pkgs/applications/networking/browsers/chromium/upstream-info.json @@ -31,9 +31,9 @@ } }, "dev": { - "version": "92.0.4515.40", - "sha256": "1v0vmnzdqq7d2rqp1sam8nk7z20xg5l9lnlpqjxj30y8k37gzh8p", - "sha256bin64": "12kfzgg0fhlrvr3ci1gzsn5rzdwr4dc2k3sj45j4dn7wnrjlpmbx", + "version": "93.0.4530.5", + "sha256": "0xxnn9fbwgmfk0zz5an35na1zprhas487pbg2qpgg76g50zxnsx5", + "sha256bin64": "14fzmfhaiish91byg7knr9nf2cigklfvy145vc7qhg17b6gzba25", "deps": { "gn": { "version": "2021-05-07", From 146ff19f4f9dc3d645bd14f6411760c8a1c9e6ba Mon Sep 17 00:00:00 2001 From: Michael Weiss Date: Tue, 8 Jun 2021 20:32:02 +0200 Subject: [PATCH 06/10] chromiumDev: 93.0.4530.5 -> 93.0.4535.3 (cherry picked from commit 5915f689b452816381e9f4e8d9cbf32ece20f467) --- .../networking/browsers/chromium/upstream-info.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/applications/networking/browsers/chromium/upstream-info.json b/pkgs/applications/networking/browsers/chromium/upstream-info.json index 9762bcbbe9d..be7a84576b3 100644 --- a/pkgs/applications/networking/browsers/chromium/upstream-info.json +++ b/pkgs/applications/networking/browsers/chromium/upstream-info.json @@ -31,9 +31,9 @@ } }, "dev": { - "version": "93.0.4530.5", - "sha256": "0xxnn9fbwgmfk0zz5an35na1zprhas487pbg2qpgg76g50zxnsx5", - "sha256bin64": "14fzmfhaiish91byg7knr9nf2cigklfvy145vc7qhg17b6gzba25", + "version": "93.0.4535.3", + "sha256": "19iy4p59n0pg9s39g614y4yxh5f6h86bcp471qdnm6fvzmzcxd18", + "sha256bin64": "16q9s8l20bmr2n0y3pi505l5hbhbmpi8kh47aylj5gzk1nr30a8r", "deps": { "gn": { "version": "2021-05-07", From b6a71637a94c85a319342830c1002e2f27e48b8a Mon Sep 17 00:00:00 2001 From: Michael Weiss Date: Tue, 8 Jun 2021 21:12:07 +0200 Subject: [PATCH 07/10] chromiumDev: Revert a patch to fix the build with LLVM 12 The build was failing with: clang++: error: unknown argument: '-fsanitize-ignorelist=../../tools/cfi/ignores.txt' (cherry picked from commit 950b321244d541e3c4d05bb163912d53c6c063df) --- .../networking/browsers/chromium/common.nix | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/networking/browsers/chromium/common.nix b/pkgs/applications/networking/browsers/chromium/common.nix index 7e95da747d1..57cac091912 100644 --- a/pkgs/applications/networking/browsers/chromium/common.nix +++ b/pkgs/applications/networking/browsers/chromium/common.nix @@ -54,9 +54,9 @@ let # source tree. extraAttrs = buildFun base; - githubPatch = commit: sha256: fetchpatch { + githubPatch = { commit, sha256, revert ? false }: fetchpatch { url = "https://github.com/chromium/chromium/commit/${commit}.patch"; - inherit sha256; + inherit sha256 revert; }; mkGnFlags = @@ -166,6 +166,14 @@ let # Fix the build by adding a missing dependency (s. https://crbug.com/1197837): ./patches/fix-missing-atspi2-dependency.patch ./patches/closure_compiler-Use-the-Java-binary-from-the-system.patch + ] ++ lib.optionals (chromiumVersionAtLeast "93") [ + # We need to revert this patch to build M93 with LLVM 12. + (githubPatch { + # Reland "Replace 'blacklist' with 'ignorelist' in ./tools/msan/." + commit = "9d080c0934b848ee4a05013c78641e612fcc1e03"; + sha256 = "1bxdhxmiy6h4acq26lq43x2mxx6rawmfmlgsh5j7w8kyhkw5af0c"; + revert = true; + }) ]; postPatch = '' From ede696c79d4b08469c4b8382aaf3cf66f43a9e9e Mon Sep 17 00:00:00 2001 From: Michael Weiss Date: Thu, 10 Jun 2021 08:43:28 +0200 Subject: [PATCH 08/10] chromium: 91.0.4472.77 -> 91.0.4472.101 https://chromereleases.googleblog.com/2021/06/stable-channel-update-for-desktop.html This update includes 14 security fixes. Google is aware that an exploit for CVE-2021-30551 exists in the wild. CVEs: CVE-2021-30544 CVE-2021-30545 CVE-2021-30546 CVE-2021-30547 CVE-2021-30548 CVE-2021-30549 CVE-2021-30550 CVE-2021-30551 CVE-2021-30552 CVE-2021-30553 (cherry picked from commit 053f1dc49028f8f438506b187739d80d83984c16) --- .../networking/browsers/chromium/upstream-info.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/applications/networking/browsers/chromium/upstream-info.json b/pkgs/applications/networking/browsers/chromium/upstream-info.json index be7a84576b3..5d888fc0649 100644 --- a/pkgs/applications/networking/browsers/chromium/upstream-info.json +++ b/pkgs/applications/networking/browsers/chromium/upstream-info.json @@ -1,8 +1,8 @@ { "stable": { - "version": "91.0.4472.77", - "sha256": "0c8vj3gq3nmb7ssiwj6875g0a8hcprss1a4gqw9h7llqywza9ma5", - "sha256bin64": "0caf47xam5igdnbhipal1iyicnxxvadhi61k199rwysrvyv5sdad", + "version": "91.0.4472.101", + "sha256": "1d3y621iclkq6nvxrapk5aihv50x13hjha0c2gcp2xxfma96253q", + "sha256bin64": "12j5q5b9v0jpiznjnh89831w8lv399vd1z4ljhbsnsidbsygrbr1", "deps": { "gn": { "version": "2021-04-06", From 06924553df21db17af0dfcf92e4d3f48fccd2802 Mon Sep 17 00:00:00 2001 From: Michael Weiss Date: Thu, 10 Jun 2021 12:00:34 +0200 Subject: [PATCH 09/10] chromium: get-commit-message.py: Support a new 0-day sentence The current stable release announcement [0] uses a slightly different message/structure. [0]: https://chromereleases.googleblog.com/2021/06/stable-channel-update-for-desktop.html (cherry picked from commit c02ac479ba55d802d6232cdb743f5228984e2ff9) --- .../networking/browsers/chromium/get-commit-message.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/applications/networking/browsers/chromium/get-commit-message.py b/pkgs/applications/networking/browsers/chromium/get-commit-message.py index e14e3642643..2768e31bd03 100755 --- a/pkgs/applications/networking/browsers/chromium/get-commit-message.py +++ b/pkgs/applications/networking/browsers/chromium/get-commit-message.py @@ -27,7 +27,7 @@ for entry in feed.entries: print('\n' + url) if fixes := re.search(r'This update includes .+ security fixes\.', content): fixes = html_tags.sub('', fixes.group(0)) - zero_days = re.search(r'Google is aware of reports that .+ in the wild\.', content) + zero_days = re.search(r'Google is aware( of reports)? that .+ in the wild\.', content) if zero_days: fixes += " " + zero_days.group(0) print('\n' + '\n'.join(textwrap.wrap(fixes, width=72))) From 0312d6fcf77da218db48b202a0de6f7390f7eb31 Mon Sep 17 00:00:00 2001 From: Michael Weiss Date: Wed, 9 Jun 2021 11:53:22 +0200 Subject: [PATCH 10/10] chromiumDev: Install crashpad_handler This executable is required to fix a startup error: [990:990:0609/092114.482805:FATAL:double_fork_and_exec.cc(131)] execv /nix/store/k02xhxzn6sn2cihaal68wwsyk8cg9pkg-chromium-unwrapped-93.0.4535.3/libexec/chromium/crashpad_handler: No such file or directory (2) Unfortunately Chromium M93 still segfaults in the VM test: machine # [0610/100626.225850:ERROR:process_memory_range.cc(75)] read out of range machine # [0610/100626.227312:ERROR:file_io_posix.cc(144)] open /sys/devices/system/cpu/cpu0/cpufreq/scaling_cur_freq: No such file or directory (2) machine # [0610/100626.240410:ERROR:file_io_posix.cc(144)] open /sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq: No such file or directory (2) machine # [ 19.810981] systemd-coredump[1015]: Process 987 (chromium) of user 1000 dumped core. (cherry picked from commit 1d6a0d3cf24f2edcf6755fd4db1901f9e1db1ac6) --- pkgs/applications/networking/browsers/chromium/browser.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/pkgs/applications/networking/browsers/chromium/browser.nix b/pkgs/applications/networking/browsers/chromium/browser.nix index dcac873b849..cc443764447 100644 --- a/pkgs/applications/networking/browsers/chromium/browser.nix +++ b/pkgs/applications/networking/browsers/chromium/browser.nix @@ -62,6 +62,8 @@ mkChromiumDerivation (base: rec { -e '/\[Desktop Entry\]/a\' \ -e 'StartupWMClass=chromium-browser' \ $out/share/applications/chromium-browser.desktop + '' + lib.optionalString (channel == "dev") '' + cp -v "$buildPath/crashpad_handler" "$libExecPath/" ''; passthru = { inherit sandboxExecutableName; };