chromium: Update dev channel to v26.0.1410.5.

The upgrade currently doesn't involve the -lite package, as we need to use a few
more dependencies from nixpkgs first before we can finally fully switch over to
the lite package, even though the update script will try to fetch it anyway.

In this update, one particular problem that arises in conjuction with the
seccomp BPF sandbox is caused by this commit:

https://chromiumcodereview.appspot.com/12209029

Which particularily filters flags to the clone() syscall. I've spent (wasted?) a
few hours figuring out the troublesome flag, eventually figuring it out and -
just by curiousity ("Do other distributions have the same problem?") - searched
the web for "chromium CLONE_DETACHED" and BEHOLD...

A post from our OWN mailinglist pops up with the same patch I intended to do:

http://article.gmane.org/gmane.linux.distributions.nixos/10356

So shame on me for not being subscribed to the mailing list, and big thanks to
Ian Farmer for the patch.

As a consequence I'm now subscribed.

So, back to chromium itself, version 26 builds fine and works so far without
much (more to come in later commits) trouble.

We also had to introduce three more dependencies:

 * protobuf: This one is because we don't need to use the bundled one anymore,
             so we can use the version in nixpkgs.
 * speechd: Not sure whether this was bundled or not, but let's use nixpkgs
            version as well to keep down build time.
 * libXdamage: Needed for screen capturing support.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
This commit is contained in:
aszlig 2013-02-20 06:39:52 +01:00
parent 75c3ab1f55
commit 7e5109a541
No known key found for this signature in database
GPG Key ID: D0EBD0EC8C2DC961
3 changed files with 34 additions and 5 deletions

View File

@ -0,0 +1,19 @@
From 222f1e980ab84ffd3a21001feaf06dd537570a1a Mon Sep 17 00:00:00 2001
From: Ian Farmer <ian@ianfarmer.net>
Date: Sat, 16 Feb 2013 09:38:10 -0800
Subject: [PATCH] Update Chromium dev channel version to 26.0.1410.5.
This version requires a patch for compatibility with versions
of glibc that support older kernel versions.
--- a/content/common/sandbox_seccomp_bpf_linux.cc 2013-02-15 23:26:06.000000000 -0800
+++ b/content/common/sandbox_seccomp_bpf_linux.cc 2013-02-15 23:26:24.000000000 -0800
@@ -1313,7 +1313,7 @@
return Sandbox::Cond(0, ErrorCode::TP_32BIT, ErrorCode::OP_EQUAL,
CLONE_VM | CLONE_FS | CLONE_FILES | CLONE_SIGHAND |
CLONE_THREAD | CLONE_SYSVSEM | CLONE_SETTLS |
- CLONE_PARENT_SETTID | CLONE_CHILD_CLEARTID,
+ CLONE_PARENT_SETTID | CLONE_CHILD_CLEARTID | CLONE_DETACHED,
ErrorCode(ErrorCode::ERR_ALLOWED),
Sandbox::Trap(ReportCloneFailure, NULL));
} else {

View File

@ -14,6 +14,9 @@
, glib, gtk, dbus_glib
, libXScrnSaver, libXcursor, mesa
# dependencies for >= v26
, protobuf, speechd, libXdamage
# optional dependencies
, libgcrypt ? null # gnomeSupport || cupsSupport
@ -59,6 +62,7 @@ let
use_system_xdg_utils = true;
use_system_yasm = true;
use_system_zlib = false; # http://crbug.com/143623
use_system_protobuf = post25;
use_system_harfbuzz = false;
use_system_icu = false;
@ -78,6 +82,7 @@ let
post23 = !versionOlder sourceInfo.version "24.0.0.0";
post24 = !versionOlder sourceInfo.version "25.0.0.0";
post25 = !versionOlder sourceInfo.version "26.0.0.0";
only24 = post23 && !post24;
maybeFixPulseAudioBuild = optional (only24 && pulseSupport)
@ -109,7 +114,8 @@ in stdenv.mkDerivation rec {
++ optional enableSELinux libselinux
++ optional cupsSupport libgcrypt
++ optional pulseSupport pulseaudio
++ optional post24 pciutils;
++ optional post24 pciutils
++ optionals post25 [ protobuf speechd libXdamage ];
opensslPatches = optional useOpenSSL openssl.patches;
@ -117,12 +123,16 @@ in stdenv.mkDerivation rec {
patches = optional cupsSupport ./cups_allow_deprecated.patch
++ optional pulseSupport ./pulseaudio_array_bounds.patch
++ maybeFixPulseAudioBuild;
++ maybeFixPulseAudioBuild
++ optional post25 ./clone_detached.patch;
postPatch = optionalString useOpenSSL ''
cat $opensslPatches | patch -p1 -d third_party/openssl/openssl
'' + optionalString post24 ''
sed -i -r -e "s/-f(stack-protector)(-all)?/-fno-\1/" build/common.gypi
'' + optionalString post25 ''
sed -i -e 's|/usr/bin/gcc|gcc|' \
third_party/WebKit/Source/WebCore/WebCore.gyp/WebCore.gyp
'';
gypFlags = mkGypFlags (gypFlagsUseSystemLibs // {

View File

@ -1,9 +1,9 @@
# This file is autogenerated from update.sh in the same directory.
{
dev = {
version = "25.0.1364.36";
url = "http://commondatastorage.googleapis.com/chromium-browser-official/chromium-25.0.1364.36.tar.bz2";
sha256 = "1pn7qv1s6lcx8k26h89x9zdy43rzdq12f92s2l6cfdhr9ls9wv0s";
version = "26.0.1410.10";
url = "http://commondatastorage.googleapis.com/chromium-browser-official/chromium-26.0.1410.10.tar.xz";
sha256 = "1s5c69j0g2nanapvq3fmkc5iv7s53x2q5d8fxgdzd7c5c8pzlbby";
};
beta = {
version = "25.0.1364.84";