From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 7DBBA158046 for ; Sat, 12 Oct 2024 21:44:23 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id A44B92BC001; Sat, 12 Oct 2024 21:44:22 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 8D5652BC001 for ; Sat, 12 Oct 2024 21:44:22 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 9F61B3431CB for ; Sat, 12 Oct 2024 21:44:21 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id F1C8C11DF for ; Sat, 12 Oct 2024 21:44:19 +0000 (UTC) From: "Matt Jolly" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Matt Jolly" Message-ID: <1728769331.08557bfd61444b1905925b77f60bdb450d020f66.kangie@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: www-client/chromium/ X-VCS-Repository: repo/gentoo X-VCS-Files: www-client/chromium/Manifest www-client/chromium/chromium-131.0.6753.0.ebuild X-VCS-Directories: www-client/chromium/ X-VCS-Committer: kangie X-VCS-Committer-Name: Matt Jolly X-VCS-Revision: 08557bfd61444b1905925b77f60bdb450d020f66 X-VCS-Branch: master Date: Sat, 12 Oct 2024 21:44:19 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: fac1c540-b8fd-4721-a252-be9a74846829 X-Archives-Hash: be16246242844e962df4af59d9dfd6fb commit: 08557bfd61444b1905925b77f60bdb450d020f66 Author: Matt Jolly gentoo org> AuthorDate: Sat Oct 12 21:25:09 2024 +0000 Commit: Matt Jolly gentoo org> CommitDate: Sat Oct 12 21:42:11 2024 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=08557bfd www-client/chromium: Enable Control-flow Integrity (CFI) This relies on Clang's CFI mechanisms, and is dependent on split LTO Units, which require a "nightly" Rust, years after the feature's implementation, with it being in widespread use in the real world for software packaged on stable systems. Because there is no better way to go about this we are forced to YOLO it and set `RUSTC_BOOTSTRAP=1` in the ebuild. Google's default build uses a nightly compiler, so this should not cause any issues. CFI will be enabled on a platform if LTO is enabled, unless this needs to be filtered for non x86_64 systems. According to Google this should result in a slight (<1%) overhead in terms of CPU and a small increase (<10%) to the size of the compiled binary. Memory overhead is minimal. Signed-off-by: Matt Jolly gentoo.org> www-client/chromium/Manifest | 2 +- www-client/chromium/chromium-131.0.6753.0.ebuild | 21 ++++++++++----------- 2 files changed, 11 insertions(+), 12 deletions(-) diff --git a/www-client/chromium/Manifest b/www-client/chromium/Manifest index b0e1a37dccd2..defe8bd45310 100644 --- a/www-client/chromium/Manifest +++ b/www-client/chromium/Manifest @@ -16,7 +16,7 @@ DIST chromium-131.0.6753.0.tar.xz 6639635464 BLAKE2B a87035be45d530e8b84eb19fc90 DIST chromium-patches-128.tar.bz2 5087 BLAKE2B b0321fb45390a282afeeeb8fb4d6014d6e6b708e6851235e0897ac77d524160b4d33476aa70532df45d0ccf233fee3b4028cd4d845667dc6a2a46ecebfeb6752 SHA512 978908d27dc6fc620209486a9ad7f73babde8710728960f44f2680445276516e59a85c08656af2663d9e197df45874f24a1f19f14a21798fbcf7c5a10bb19371 DIST chromium-patches-129.tar.bz2 5071 BLAKE2B 080e1af8b0560a3c5365674e7c8d592310bbd2e273311b775b8112e410d91ccd48f170adbcf77cff566ad32de196217410663ac7b9e7e65544b6730fb1890aca SHA512 0a5bbc07dc9085b07332d5c6dd74940a9d55c4d0677f5603e75763ba54156f43664839d438f350bc86f3efc85aae452476e7f7040e06e60727847b156d1f0ab9 DIST chromium-patches-130.tar.bz2 5658 BLAKE2B a940ee50634beee965bea45f6604b59e8d20a6c99b8e374be3debbd35ae08b34e035649367d171d56ca951a54102648c91d2189ca88a4495b16b1c96534fea46 SHA512 9f77eefdc7a65ce5e20a322cd5b17d6bb5ffc2d66fd83d73d5191f8c932f723cb905df8f3d04ed3d5fbab726b7bca38c7b5645cac37f7454eb9a3a2f4ef9a53b -DIST chromium-patches-131.tar.bz2 5661 BLAKE2B 7217a1c153321775e1c2fd7712b3dbfa670ba1bd72cd66361040e63dcaa154ee0e28b1e3f6d11d152b69a71d965592a6c6e3ee1f843d4356c97317e260e227dc SHA512 b1c96b19fabfd1756343a6f7fbaf0396024c0e330743743b328e3a1d94c47d5f6b1431b60b4f8e870120d9911bc9558074dd9a7d9a6538bdf5e318669cbb85fe +DIST chromium-patches-131-1.tar.bz2 4932 BLAKE2B 72006a6d751ae1207352547cdeef87f8cc9f9639283238da201d879c6fcd0f8bc499669cb030d8b4c2216fcd2730de46b0a071007b3d69a2bbdd22ba38bcd279 SHA512 11d7f861c007e9e28e5192fb354940180aea0e01e6e8ae77547e2dffd7b541b11f1acfe0fd0c8b6b4cbfc6c39ddfa79c8c08db42c1292ad329d49027d1406fc3 DIST chromium-ppc64le-gentoo-patches-1.tar.xz 5636 BLAKE2B 1d898939df023c59285b27bee552470483ea06375d1ee8d6947b89c5927c23cc7bfec6b49f3b376ece931d11a56f8e2a45791e0f92ad61974fc8c34c1082d89c SHA512 8a71cb007e47cda8e5fe5d185729389e65c48bd322c8ee8b3986bee8571427b959628f2666bda646a3f89ae64197c0957d3626845ff03461dbd5dee4c964d07c DIST chromium-profiler-0.2.tar 259952640 BLAKE2B 5e82389fce00b267280d633b26551231c558b80f0c92cd7d60271095a3503365ab673e7a46dc5f74f8a82db1f21262cb24dcc0531d954bab5fb3b175dab3394d SHA512 9fa89a5ab728419683e7495ae676567480987d68a2d589f2aa97bfcbcf123f3c8f97f8bca5f65e5e3f6e41475535add473ded83b9c7a33bb4746a9d05b298a6c DIST chromium_128.0.6613.119-1raptor0~deb12u1.debian.tar.xz 8673272 BLAKE2B 0ae1ead2b8d0ce196d5d16e132194da12d3dde3b43c270f794630c3427d38aaac6c6a289ac64b4748354e9d4d20ae8597076b64a4b7a7e1225c66a9f86e9f7ff SHA512 c896f8f07aa44cd6950375b36fe89fc2780ff9867e01feab71100c8551b22d3c89c5ba9e80cffbad22ff8575d20fc782b70969a51c68384fd8de62a09c4ffdcf diff --git a/www-client/chromium/chromium-131.0.6753.0.ebuild b/www-client/chromium/chromium-131.0.6753.0.ebuild index e369af92eeb8..b9fbbe6b9e34 100644 --- a/www-client/chromium/chromium-131.0.6753.0.ebuild +++ b/www-client/chromium/chromium-131.0.6753.0.ebuild @@ -52,7 +52,7 @@ inherit python-any-r1 qmake-utils readme.gentoo-r1 systemd toolchain-funcs virtu DESCRIPTION="Open-source version of Google Chrome web browser" HOMEPAGE="https://www.chromium.org/" PATCHSET_PPC64="128.0.6613.84-1raptor0~deb12u1" -PATCH_V="${PV%%\.*}" +PATCH_V="${PV%%\.*}-1" SRC_URI="https://commondatastorage.googleapis.com/chromium-browser-official/${P}.tar.xz system-toolchain? ( https://gitlab.com/Matt.Jolly/chromium-patches/-/archive/${PATCH_V}/chromium-patches-${PATCH_V}.tar.bz2 @@ -374,7 +374,7 @@ pkg_setup() { # TODO: check if the user has already selected a specific impl via make.conf and respect that. if ! tc-is-lto && use official; then einfo "USE=official selected and LTO not detected." - einfo "It is _highly_ recommended that LTO be enabled for performance reasons" + einfo "It is _highly_ recommended that LTO be enabled for performance and security reasons," einfo "and to be consistent with the upstream \"official\" build optimisations." fi @@ -435,6 +435,10 @@ pkg_setup() { einfo "Using Rust ${rustc_ver} to build" fi + # I hate doing this but upstream Rust have yet to come up with a better solution for + # us poor packagers. Required for Split LTO units, which are required for CFI. + export RUSTC_BOOTSTRAP=1 + # Chromium requires the Rust profiler library while setting up its build environment. # Since a standard Rust comes with the profiler, instead of patching it out (build/rust/std/BUILD.gn#L103) # we'll just do a sanity check on the selected slot. @@ -1194,11 +1198,6 @@ chromium_configure() { use wayland && myconf_gn+=" use_system_libffi=true" fi - # Results in undefined references in chrome linking, may require CFI to work - if use arm64; then - myconf_gn+=" arm_control_flow_integrity=\"none\"" - fi - myconf_gn+=" use_thin_lto=${use_lto}" myconf_gn+=" thin_lto_enable_optimizations=${use_lto}" @@ -1208,10 +1207,10 @@ chromium_configure() { # Allow building against system libraries in official builds sed -i 's/OFFICIAL_BUILD/GOOGLE_CHROME_BUILD/' \ tools/generate_shim_headers/generate_shim_headers.py || die - # Req's LTO; TODO: not compatible with -fno-split-lto-unit - # split-lto-unit can be enabled with RUSTC_BOOTSTRAP=1 (and an updated compiler patch), - # however I still got weird linking errors with CFI _and_ the split unit LTO OOMed after using 100G. - myconf_gn+=" is_cfi=false" + # This may need to be filtered on non-amd64 arches + # Also these options are listed in upstream docs: use_cfi_icall=true use_cfi_cast=true (This may be for testing only?) + # https://www.chromium.org/developers/testing/control-flow-integrity/ + myconf_gn+=" is_cfi=${use_lto}" # Don't add symbols to build myconf_gn+=" symbol_level=0" fi