From 7e5109a54188bf84fcd57f2f71b385e5a391c142 Mon Sep 17 00:00:00 2001 From: aszlig Date: Wed, 20 Feb 2013 06:39:52 +0100 Subject: [PATCH] chromium: Update dev channel to v26.0.1410.5. The upgrade currently doesn't involve the -lite package, as we need to use a few more dependencies from nixpkgs first before we can finally fully switch over to the lite package, even though the update script will try to fetch it anyway. In this update, one particular problem that arises in conjuction with the seccomp BPF sandbox is caused by this commit: https://chromiumcodereview.appspot.com/12209029 Which particularily filters flags to the clone() syscall. I've spent (wasted?) a few hours figuring out the troublesome flag, eventually figuring it out and - just by curiousity ("Do other distributions have the same problem?") - searched the web for "chromium CLONE_DETACHED" and BEHOLD... A post from our OWN mailinglist pops up with the same patch I intended to do: http://article.gmane.org/gmane.linux.distributions.nixos/10356 So shame on me for not being subscribed to the mailing list, and big thanks to Ian Farmer for the patch. As a consequence I'm now subscribed. So, back to chromium itself, version 26 builds fine and works so far without much (more to come in later commits) trouble. We also had to introduce three more dependencies: * protobuf: This one is because we don't need to use the bundled one anymore, so we can use the version in nixpkgs. * speechd: Not sure whether this was bundled or not, but let's use nixpkgs version as well to keep down build time. * libXdamage: Needed for screen capturing support. Signed-off-by: aszlig --- .../browsers/chromium/clone_detached.patch | 19 +++++++++++++++++++ .../networking/browsers/chromium/default.nix | 14 ++++++++++++-- .../networking/browsers/chromium/sources.nix | 6 +++--- 3 files changed, 34 insertions(+), 5 deletions(-) create mode 100644 pkgs/applications/networking/browsers/chromium/clone_detached.patch diff --git a/pkgs/applications/networking/browsers/chromium/clone_detached.patch b/pkgs/applications/networking/browsers/chromium/clone_detached.patch new file mode 100644 index 000000000000..682de656459e --- /dev/null +++ b/pkgs/applications/networking/browsers/chromium/clone_detached.patch @@ -0,0 +1,19 @@ +From 222f1e980ab84ffd3a21001feaf06dd537570a1a Mon Sep 17 00:00:00 2001 +From: Ian Farmer +Date: Sat, 16 Feb 2013 09:38:10 -0800 +Subject: [PATCH] Update Chromium dev channel version to 26.0.1410.5. + +This version requires a patch for compatibility with versions +of glibc that support older kernel versions. + +--- a/content/common/sandbox_seccomp_bpf_linux.cc 2013-02-15 23:26:06.000000000 -0800 ++++ b/content/common/sandbox_seccomp_bpf_linux.cc 2013-02-15 23:26:24.000000000 -0800 +@@ -1313,7 +1313,7 @@ + return Sandbox::Cond(0, ErrorCode::TP_32BIT, ErrorCode::OP_EQUAL, + CLONE_VM | CLONE_FS | CLONE_FILES | CLONE_SIGHAND | + CLONE_THREAD | CLONE_SYSVSEM | CLONE_SETTLS | +- CLONE_PARENT_SETTID | CLONE_CHILD_CLEARTID, ++ CLONE_PARENT_SETTID | CLONE_CHILD_CLEARTID | CLONE_DETACHED, + ErrorCode(ErrorCode::ERR_ALLOWED), + Sandbox::Trap(ReportCloneFailure, NULL)); + } else { diff --git a/pkgs/applications/networking/browsers/chromium/default.nix b/pkgs/applications/networking/browsers/chromium/default.nix index 3aeaf41ad571..d2fef932a786 100644 --- a/pkgs/applications/networking/browsers/chromium/default.nix +++ b/pkgs/applications/networking/browsers/chromium/default.nix @@ -14,6 +14,9 @@ , glib, gtk, dbus_glib , libXScrnSaver, libXcursor, mesa +# dependencies for >= v26 +, protobuf, speechd, libXdamage + # optional dependencies , libgcrypt ? null # gnomeSupport || cupsSupport @@ -59,6 +62,7 @@ let use_system_xdg_utils = true; use_system_yasm = true; use_system_zlib = false; # http://crbug.com/143623 + use_system_protobuf = post25; use_system_harfbuzz = false; use_system_icu = false; @@ -78,6 +82,7 @@ let post23 = !versionOlder sourceInfo.version "24.0.0.0"; post24 = !versionOlder sourceInfo.version "25.0.0.0"; + post25 = !versionOlder sourceInfo.version "26.0.0.0"; only24 = post23 && !post24; maybeFixPulseAudioBuild = optional (only24 && pulseSupport) @@ -109,7 +114,8 @@ in stdenv.mkDerivation rec { ++ optional enableSELinux libselinux ++ optional cupsSupport libgcrypt ++ optional pulseSupport pulseaudio - ++ optional post24 pciutils; + ++ optional post24 pciutils + ++ optionals post25 [ protobuf speechd libXdamage ]; opensslPatches = optional useOpenSSL openssl.patches; @@ -117,12 +123,16 @@ in stdenv.mkDerivation rec { patches = optional cupsSupport ./cups_allow_deprecated.patch ++ optional pulseSupport ./pulseaudio_array_bounds.patch - ++ maybeFixPulseAudioBuild; + ++ maybeFixPulseAudioBuild + ++ optional post25 ./clone_detached.patch; postPatch = optionalString useOpenSSL '' cat $opensslPatches | patch -p1 -d third_party/openssl/openssl '' + optionalString post24 '' sed -i -r -e "s/-f(stack-protector)(-all)?/-fno-\1/" build/common.gypi + '' + optionalString post25 '' + sed -i -e 's|/usr/bin/gcc|gcc|' \ + third_party/WebKit/Source/WebCore/WebCore.gyp/WebCore.gyp ''; gypFlags = mkGypFlags (gypFlagsUseSystemLibs // { diff --git a/pkgs/applications/networking/browsers/chromium/sources.nix b/pkgs/applications/networking/browsers/chromium/sources.nix index 416e08c0c97f..da3de4c968d2 100644 --- a/pkgs/applications/networking/browsers/chromium/sources.nix +++ b/pkgs/applications/networking/browsers/chromium/sources.nix @@ -1,9 +1,9 @@ # This file is autogenerated from update.sh in the same directory. { dev = { - version = "25.0.1364.36"; - url = "http://commondatastorage.googleapis.com/chromium-browser-official/chromium-25.0.1364.36.tar.bz2"; - sha256 = "1pn7qv1s6lcx8k26h89x9zdy43rzdq12f92s2l6cfdhr9ls9wv0s"; + version = "26.0.1410.10"; + url = "http://commondatastorage.googleapis.com/chromium-browser-official/chromium-26.0.1410.10.tar.xz"; + sha256 = "1s5c69j0g2nanapvq3fmkc5iv7s53x2q5d8fxgdzd7c5c8pzlbby"; }; beta = { version = "25.0.1364.84";