From 38c34c5446667f0c6e2a7f59247cd3069002b1fb Mon Sep 17 00:00:00 2001 From: Alexey Kuzmin Date: Tue, 20 Mar 2018 21:26:39 +0300 Subject: [PATCH] Store patches meta info in patches configs (#470) * Add PyYAML submodule https://github.com/yaml/pyyaml * Install PyYAML on bootstrap * Ignore dirty state of the pyyaml submodule It creates a "build" directory under its root when built. * Use argparse in the apply-patches script And provide a target arch as a named argument. * Store patches meta info in patches configs Use a patches config to defines order of patches, specify a patch owner, and provide a description for a patch. It should help us to avoid order collisions, make merge conflicts explicit, and help find owners since git blame might not be reliable because of frequent changes during Chromium upgrades. --- .gitmodules | 4 + patches-mas/.patches.yaml | 10 + patches-mips64el/.patches.yaml | 38 ++ .../third_party/ffmpeg/.patches.yaml | 6 + patches-mips64el/v8/.patches.yaml | 6 + patches/.patches.yaml | 329 ++++++++++++++++++ patches/002-dcheck.patch | 35 -- patches/007-blink_local_frame.patch | 11 - patches/034-thread_capabilities.patch | 8 - patches/076_patch_catalog_vuln.patch | 10 - patches/077-fix-touchpad-lagging-issue.patch | 3 - patches/third_party/angle/.patches.yaml | 6 + patches/third_party/ffmpeg/.patches.yaml | 9 + patches/third_party/ffmpeg/001-build_gn.patch | 7 +- patches/third_party/icu/.patches.yaml | 10 + patches/third_party/skia/.patches.yaml | 6 + patches/third_party/webrtc/.patches.yaml | 18 + patches/v8/.patches.yaml | 70 ++++ patches/v8/026-backport_3ecb047.patch | 3 - patches/v8/027-backport_a2b91ed.patch | 3 - script/apply-patches | 24 +- script/bootstrap | 4 + script/lib/patches.py | 64 ++-- script/patch.py | 33 +- script/update | 2 +- vendor/pyyaml | 1 + 26 files changed, 597 insertions(+), 123 deletions(-) create mode 100644 patches-mas/.patches.yaml create mode 100644 patches-mips64el/.patches.yaml create mode 100644 patches-mips64el/third_party/ffmpeg/.patches.yaml create mode 100644 patches-mips64el/v8/.patches.yaml create mode 100644 patches/.patches.yaml create mode 100644 patches/third_party/angle/.patches.yaml create mode 100644 patches/third_party/ffmpeg/.patches.yaml create mode 100644 patches/third_party/icu/.patches.yaml create mode 100644 patches/third_party/skia/.patches.yaml create mode 100644 patches/third_party/webrtc/.patches.yaml create mode 100644 patches/v8/.patches.yaml create mode 160000 vendor/pyyaml diff --git a/.gitmodules b/.gitmodules index 429c7828..29157f2d 100644 --- a/.gitmodules +++ b/.gitmodules @@ -5,3 +5,7 @@ path = vendor/boto url = https://github.com/piotrbulinski/boto.git ignore = untracked +[submodule "vendor/pyyaml"] + path = vendor/pyyaml + url = https://github.com/yaml/pyyaml.git + ignore = dirty diff --git a/patches-mas/.patches.yaml b/patches-mas/.patches.yaml new file mode 100644 index 00000000..f9cf9493 --- /dev/null +++ b/patches-mas/.patches.yaml @@ -0,0 +1,10 @@ +repo: src +patches: +- + owners: zcbenz + file: 001-blink_no_private_api.patch + descripion: null +- + owners: zcbenz + file: 002-no_private_api.patch + descripion: null diff --git a/patches-mips64el/.patches.yaml b/patches-mips64el/.patches.yaml new file mode 100644 index 00000000..7be4417b --- /dev/null +++ b/patches-mips64el/.patches.yaml @@ -0,0 +1,38 @@ +repo: src +patches: +- + owners: null + file: 005-Add-support-for-using-seccomp_bpf-on-mips64el.patch + descripion: null +- + owners: null + file: 006-Set-kernal-page-size-to-16K-on-loongson-MIPS-archtec.patch + descripion: null +- + owners: null + file: 007-Add-mips64el-redhat-linux-to-gcc_toolchain-for-mips6.patch + descripion: null +- + owners: null + file: 009-Fix-mips-cross-toolchain-build-src-crypto-ec-p256-64.patch + descripion: null +- + owners: null + file: 010-Fix-error-about-relocation-truncated-to-fit-R_MIPS_C.patch + descripion: null +- + owners: zcbenz + file: 011-backport-sqlite-8a87f7e.patch + descripion: null +- + owners: zcbenz + file: 012-backport-sqlite-9851f2e.patch + descripion: null +- + owners: zcbenz + file: 013-backport-sqlite-3d8ec48.patch + descripion: null +- + owners: zcbenz + file: 014-support-old-nss.patch + descripion: null diff --git a/patches-mips64el/third_party/ffmpeg/.patches.yaml b/patches-mips64el/third_party/ffmpeg/.patches.yaml new file mode 100644 index 00000000..6f2d2f96 --- /dev/null +++ b/patches-mips64el/third_party/ffmpeg/.patches.yaml @@ -0,0 +1,6 @@ +repo: src/third_party/ffmpeg +patches: +- + owners: zcbenz + file: 002-Fix-build_ffmpeg-with-cross-prefix-mips64el-redhat-l.patch + descripion: null diff --git a/patches-mips64el/v8/.patches.yaml b/patches-mips64el/v8/.patches.yaml new file mode 100644 index 00000000..404fe0c5 --- /dev/null +++ b/patches-mips64el/v8/.patches.yaml @@ -0,0 +1,6 @@ +repo: src/v8 +patches: +- + owners: zcbenz + file: 002-Fix-v8-loongson-page-size.patch + descripion: null diff --git a/patches/.patches.yaml b/patches/.patches.yaml new file mode 100644 index 00000000..76011dca --- /dev/null +++ b/patches/.patches.yaml @@ -0,0 +1,329 @@ +repo: src +patches: +- + owners: alespergl + file: 001-build_gn.patch + descripion: null +- + owners: alespergl, deepak1556 + file: 002-dcheck.patch + descripion: | + This disables some debug checks which currently fail when running the Electron + test suite. In general there should be sustained effort to have all debug checks + enabled. If you want to help, choose one of the diffs below and remove it. Then + build Electron (debug configuration) and make sure all tests pass on the CI + systems. Unfortunately the tests don't always cover the check failures, so it's + good to also run some non-trivial Electron app to verify. + + Apart from getting rid of a whole diff, you may also be able to replace one diff + with another which enables at least some of the previously disabled checks. For + example, the checks might be disabled for a whole build target, but actually + only one or two specific checks fail. Then it's better to simply comment out the + failing checks and allow the rest of the target to have them enabled. + + Please keep the following lists updated. + + The ELECTRON_NO_DCHECK build flag disables debug checks universally. + This patch applies the flag to the following GN targets: + + third_party/WebKit/Source/core/loader:loader + url:url + + These files have debug checks explicitly commented out: + + base/memory/weak_ptr.cc + base/process/kill_win.cc + components/viz/service/display/program_binding.h + content/browser/frame_host/navigation_controller_impl.cc + content/browser/frame_host/render_frame_host_impl.cc + content/browser/renderer_host/render_widget_host_view_mac.mm + ppapi/host/ppapi_host.cc + third_party/WebKit/Source/core/dom/Node.cpp + third_party/WebKit/Source/platform/wtf/text/StringImpl.h + ui/base/clipboard/clipboard_win.cc +- + owners: zcbenz + file: 003-accelerator.patch + descripion: null +- + owners: alespergl + file: 004-allow_new_privs.patch + descripion: null +- + owners: null + file: 005-app_indicator_icon_menu.patch + descripion: null +- + owners: zcbenz + file: 006-blink_file_path.patch + descripion: null +- + owners: zcbenz + file: 007-blink_local_frame.patch + descripion: | + According to electron/electron#3699, it is unreliable to use |unload| + event for process.exit('exit'), so we have to do that in + willReleaseScriptContext. + + However Chromium then disallowed scripting in willReleaseScriptContext + in https://codereview.chromium.org/1657583002, and crash will happen + when there is code doing that. + + This patch reverts the change to fix the crash in Electron. +- + owners: null + file: 008-blink_world_context.patch + descripion: null +- + owners: zcbenz + file: 009-browser_compositor_mac.patch + descripion: null +- + owners: null + file: 010-browser_plugin_wheel.patch + descripion: null +- + owners: null + file: 011-build_toolchain_win_patch.patch + descripion: | + Patch the Windows build toolchain to generate unique PDB names + + When the PDB files generated by the `static_library` build are + packaged for distribution they are all copied to a single folder, + some of the PDB files have identical names so they end up + overwriting each other. The missing PDB files cause linker warnings + when building Electron in Release mode, and make it more difficult + to debug release builds. + + This patch modifies the PDB naming convention for the + `static_library` build configuration to ensure PDB names are unique. + For example, instead of generating `obj/ui/base/base_cc.pdb` the + build will now generate `obj/ui/base/obj_ui_base_base_cc.pdb`. +- + owners: zcbenz + file: 012-can_create_window.patch + descripion: null +- + owners: null + file: 013-compositor_delegate.patch + descripion: null +- + owners: null + file: 016-desktop_screen_win.patch + descripion: null +- + owners: zcbenz + file: 017-disable_hidden.patch + descripion: null +- + owners: zcbenz + file: 018-dom_storage_map.patch + descripion: null +- + owners: zcbenz + file: 019-frame_host_manager.patch + descripion: null +- + owners: null + file: 020-guest_view.patch + descripion: null +- + owners: tonyganch + file: 021-latency_info.patch + descripion: null +- + owners: zcbenz + file: 023-net_url_request_job.patch + descripion: null +- + owners: MarshallOfSound + file: 024-new_site_instance.patch + descripion: null +- + owners: alexeykuzmin + file: 025-no_stack_dumping.patch + descripion: null +- + owners: deepak1556 + file: 026-out_of_process_instance.patch + descripion: null +- + owners: alexeykuzmin + file: 027-protobuf_build_gn.patch + descripion: null +- + owners: null + file: 028-render_widget_host_view_base.patch + descripion: null +- + owners: zcbenz + file: 029-render_widget_host_view_mac.patch + descripion: null +- + owners: deepak1556 + file: 030-resource_request_details.patch + descripion: null +- + owners: null + file: 031-scoped_clipboard_writer.patch + descripion: null +- + owners: deepak1556 + file: 032-stream_resource_handler.patch + descripion: null +- + owners: null + file: 034-thread_capabilities.patch + descripion: | + Chromium automatically drops all capabilities of renderer threads in + Linux, which may cause issues in a context like Electron, where the main + and renderer threads are supposed to keep inherited permissions over the + system. + + See https://github.com/atom/electron/issues/3666 +- + owners: zcbenz + file: 035-use_transparent_window.patch + descripion: null +- + owners: null + file: 036-web_contents.patch + descripion: null +- + owners: miniak + file: 037-webgl_context_attributes.patch + descripion: null +- + owners: null + file: 038-webview_cross_drag.patch + descripion: null +- + owners: zcbenz + file: 040-worker_context_will_destroy.patch + descripion: null +- + owners: null + file: 042-webui_in_subframes.patch + descripion: null +- + owners: alexeykuzmin + file: 045-export_blink_webdisplayitemlist.patch + descripion: null +- + owners: alexeykuzmin + file: 046-statically_build_power_save_blocker.patch + descripion: null +- + owners: gavignus + file: 047-browser_plugin_guest.patch + descripion: null +- + owners: alexeykuzmin + file: 048-disable_user_gesture_requirement_for_beforeunload_dialogs.patch + descripion: See https://github.com/electron/electron/issues/10754 +- + owners: alexeykuzmin + file: 049-restore_adding_custom_cors_enabled_schemes.patch + descripion: null +- + owners: alexeykuzmin + file: 052-fix_blink_property_tree_state_to_tree_string_usage.patch + descripion: Should probably be removed since we already have DCHECKs enabled. +- + owners: deepak1556 + file: 052-latency_histogram_macros.patch + descripion: null +- + owners: alexeykuzmin + file: 063-backport_140d82d6f8e2.patch + descripion: null +- + owners: alexeykuzmin + file: 064-backport_4dfcf263240a.patch + descripion: null +- + owners: alexeykuzmin + file: 065-backport_81e7f1791035.patch + descripion: null +- + owners: alexeykuzmin + file: 066-backport_99b48b47f11f.patch + descripion: null +- + owners: alexeykuzmin + file: 067-backport_1ed08ea9dbb0.patch + descripion: null +- + owners: alexeykuzmin + file: 068-backport_97f5f9df6988.patch + descripion: null +- + owners: alexeykuzmin + file: 071-add_atomic_lib_to_dependencies_even_for_sysroot_builds.patch + descripion: null +- + owners: zcbenz + file: 073-gin_enable_disable_v8_platform.patch + descripion: null +- + owners: alexeykuzmin + file: 074-backport_015a8b82b8e1.patch + descripion: null +- + owners: deepak1556 + file: 074-disable-recursive-surface-sync.patch + descripion: null +- + owners: alexeykuzmin + file: 075-backport_a6977980088b.patch + descripion: null +- + owners: null + file: 075-can_disable_desktop_capture_throttling.patch + descripion: null +- + owners: alexeykuzmin + file: 076-backport_72f0a9302524.patch + descripion: null +- + owners: codebytere + file: 076_patch_catalog_vuln.patch + descripion: | + Several services require "app" capability from all other services + (wildcard), which is in itself probably a Bad Thing; but it's + especially bad now because the catalog service exposes module + directory access through its app capability. + + This changes the catalog manifest to move the capability to a + different more specific capability, and updates two of its + consumers. +- + owners: alexeykuzmin + file: 077-backport_22c1deb1bcd1.patch + descripion: null +- + owners: null + file: 077-fix-touchpad-lagging-issue.patch + descripion: | + Fixes the touchpad lagging issue: https://crbug.com/713907, https://crbug.com/793036. + Backported from https://crrev.com/c/867070. +- + owners: alexeykuzmin + file: 078-backport_ea2ad20b708c.patch + descripion: null +- + owners: alexeykuzmin + file: 079-backport_d3131378a4ef.patch + descripion: null +- + owners: alexeykuzmin + file: 080-backport_1d39d46571bb.patch + descripion: null +- + owners: deepak1556 + file: 081-blink-worker-enable-csp-in-file-scheme.patch + descripion: null +- + owners: zcbenz + file: 082-fix-arm64-linking-error.patch + descripion: Do not use system freetype for arm64 diff --git a/patches/002-dcheck.patch b/patches/002-dcheck.patch index 740bc921..f98ba212 100644 --- a/patches/002-dcheck.patch +++ b/patches/002-dcheck.patch @@ -1,38 +1,3 @@ -This disables some debug checks which currently fail when running the Electron -test suite. In general there should be sustained effort to have all debug checks -enabled. If you want to help, choose one of the diffs below and remove it. Then -build Electron (debug configuration) and make sure all tests pass on the CI -systems. Unfortunately the tests don't always cover the check failures, so it's -good to also run some non-trivial Electron app to verify. - -Apart from getting rid of a whole diff, you may also be able to replace one diff -with another which enables at least some of the previously disabled checks. For -example, the checks might be disabled for a whole build target, but actually -only one or two specific checks fail. Then it's better to simply comment out the -failing checks and allow the rest of the target to have them enabled. - -Please keep the following lists updated. - -The ELECTRON_NO_DCHECK build flag disables debug checks universally. -This patch applies the flag to the following GN targets: - - third_party/WebKit/Source/core/loader:loader - url:url - -These files have debug checks explicitly commented out: - - base/memory/weak_ptr.cc - base/process/kill_win.cc - components/viz/service/display/program_binding.h - content/browser/frame_host/navigation_controller_impl.cc - content/browser/frame_host/render_frame_host_impl.cc - content/browser/renderer_host/render_widget_host_view_mac.mm - ppapi/host/ppapi_host.cc - third_party/WebKit/Source/core/dom/Node.cpp - third_party/WebKit/Source/platform/wtf/text/StringImpl.h - ui/base/clipboard/clipboard_win.cc - - diff --git a/base/logging.h b/base/logging.h index 582fb89868cd..24d3e82232b6 100644 --- a/base/logging.h diff --git a/patches/007-blink_local_frame.patch b/patches/007-blink_local_frame.patch index 6d219a46..fd13d021 100644 --- a/patches/007-blink_local_frame.patch +++ b/patches/007-blink_local_frame.patch @@ -1,14 +1,3 @@ -According to electron/electron#3699, it is unreliable to use |unload| -event for process.exit('exit'), so we have to do that in -willReleaseScriptContext. - -However Chromium then disallowed scripting in willReleaseScriptContext -in https://codereview.chromium.org/1657583002, and crash will happen -when there is code doing that. - -This patch reverts the change to fix the crash in Electron. - - diff --git a/third_party/WebKit/Source/core/frame/LocalFrame.cpp b/third_party/WebKit/Source/core/frame/LocalFrame.cpp index 97a5393d40b4..04f88dd2ea15 100644 --- a/third_party/WebKit/Source/core/frame/LocalFrame.cpp diff --git a/patches/034-thread_capabilities.patch b/patches/034-thread_capabilities.patch index 15e94475..97feca57 100644 --- a/patches/034-thread_capabilities.patch +++ b/patches/034-thread_capabilities.patch @@ -1,11 +1,3 @@ -Chromium automatically drops all capabilities of renderer threads in -Linux, which may cause issues in a context like Electron, where the main -and renderer threads are supposed to keep inherited permissions over the -system. - -See https://github.com/atom/electron/issues/3666 - - diff --git a/sandbox/linux/services/credentials.cc b/sandbox/linux/services/credentials.cc index 50a109e..3ee9159 100644 --- a/sandbox/linux/services/credentials.cc diff --git a/patches/076_patch_catalog_vuln.patch b/patches/076_patch_catalog_vuln.patch index e81b953c..7df2a337 100755 --- a/patches/076_patch_catalog_vuln.patch +++ b/patches/076_patch_catalog_vuln.patch @@ -1,13 +1,3 @@ -Several services require "app" capability from all other services -(wildcard), which is in itself probably a Bad Thing; but it's -especially bad now because the catalog service exposes module -directory access through its app capability. - -This changes the catalog manifest to move the capability to a -different more specific capability, and updates two of its -consumers. ---- - diff --git a/services/catalog/manifest.json b/services/catalog/manifest.json index 4fd82fd..4b31651 100644 --- a/services/catalog/manifest.json diff --git a/patches/077-fix-touchpad-lagging-issue.patch b/patches/077-fix-touchpad-lagging-issue.patch index 9a98b675..06f19605 100644 --- a/patches/077-fix-touchpad-lagging-issue.patch +++ b/patches/077-fix-touchpad-lagging-issue.patch @@ -1,6 +1,3 @@ -Fix touchpad lagging issue. port from crrev.com/c/867070 ---- - diff --git a/gpu/ipc/in_process_command_buffer.cc b/gpu/ipc/in_process_command_buffer.cc index f5ac52f17443..414a7f647028 100644 --- a/gpu/ipc/in_process_command_buffer.cc diff --git a/patches/third_party/angle/.patches.yaml b/patches/third_party/angle/.patches.yaml new file mode 100644 index 00000000..2a27cb2e --- /dev/null +++ b/patches/third_party/angle/.patches.yaml @@ -0,0 +1,6 @@ +repo: src/third_party/angle +patches: +- + owners: alespergl + file: 001-dcheck.patch + descripion: null diff --git a/patches/third_party/ffmpeg/.patches.yaml b/patches/third_party/ffmpeg/.patches.yaml new file mode 100644 index 00000000..1be75816 --- /dev/null +++ b/patches/third_party/ffmpeg/.patches.yaml @@ -0,0 +1,9 @@ +repo: src/third_party/ffmpeg +patches: +- + owners: alespergl + file: 001-build_gn.patch + descripion: | + Chromium's Mac toolchain sets the "install_name" linker parameter only + when "is_component_build" is true, but we want to set even if it's false, + because we are making a dylib which will be distributed inside a bundle. diff --git a/patches/third_party/ffmpeg/001-build_gn.patch b/patches/third_party/ffmpeg/001-build_gn.patch index ebb80226..9e8fb4b9 100644 --- a/patches/third_party/ffmpeg/001-build_gn.patch +++ b/patches/third_party/ffmpeg/001-build_gn.patch @@ -1,14 +1,11 @@ diff --git a/BUILD.gn b/BUILD.gn -index fb2b163..6891861 100755 +index 6ebb34b68d..9d17fc30c5 100755 --- a/BUILD.gn +++ b/BUILD.gn -@@ -407,6 +407,13 @@ if (is_component_ffmpeg) { +@@ -420,6 +420,10 @@ if (is_component_ffmpeg) { # So we can append below and assume they're defined. ldflags = [] -+ # Chromium's Mac toolchain sets the "install_name" linker parameter only -+ # when "is_component_build" is true, but we want to set even if it's false, -+ # because we are making a dylib which will be distributed inside a bundle. + if (!is_component_build && is_mac) { + ldflags += [ "-Wl,-install_name,@rpath/libffmpeg.dylib" ] + } diff --git a/patches/third_party/icu/.patches.yaml b/patches/third_party/icu/.patches.yaml new file mode 100644 index 00000000..7f1346b1 --- /dev/null +++ b/patches/third_party/icu/.patches.yaml @@ -0,0 +1,10 @@ +repo: src/third_party/icu +patches: +- + owners: alespergl + file: 001-build_gn.patch + descripion: null +- + owners: zcbenz + file: 002-no_inline_default_constructor.patch + descripion: null diff --git a/patches/third_party/skia/.patches.yaml b/patches/third_party/skia/.patches.yaml new file mode 100644 index 00000000..1165d05a --- /dev/null +++ b/patches/third_party/skia/.patches.yaml @@ -0,0 +1,6 @@ +repo: src/third_party/skia +patches: +- + owners: alespergl + file: 001-dcheck.patch + descripion: null diff --git a/patches/third_party/webrtc/.patches.yaml b/patches/third_party/webrtc/.patches.yaml new file mode 100644 index 00000000..7aebef80 --- /dev/null +++ b/patches/third_party/webrtc/.patches.yaml @@ -0,0 +1,18 @@ +repo: src/third_party/webrtc +patches: +- + owners: alexeykuzmin + file: 001-backport_7f90e2cceda.patch + descripion: "https://webrtc-review.googlesource.com/9384" +- + owners: alexeykuzmin + file: 001-fix_laggy_mouse_during_desktop_capture.patch + descripion: null +- + owners: null + file: 002-webrtc-desktop_capturer_mac.patch + descripion: null +- + owners: null + file: 003-webrtc-rwlock_null.patch + descripion: null diff --git a/patches/v8/.patches.yaml b/patches/v8/.patches.yaml new file mode 100644 index 00000000..402801b2 --- /dev/null +++ b/patches/v8/.patches.yaml @@ -0,0 +1,70 @@ +repo: src/v8 +patches: +- + owners: alespergl + file: 001-build_gn.patch + descripion: null +- + owners: zcbenz + file: 003-array_buffer.patch + descripion: null +- + owners: zcbenz + file: 004-mksnapshot.patch + descripion: null +- + owners: zcbenz + file: 006-ostreams.patch + descripion: null +- + owners: alexeykuzmin + file: 007-export_platform.patch + descripion: null +- + owners: codebytere + file: 024-cherry_pick_37a3a15c3.patch + descripion: null +- + owners: alespergl + file: 026-backport_3ecb047.patch + descripion: | + Fixes security bug + https://bugs.chromium.org/p/project-zero/issues/detail?id=1445 +- + owners: alespergl + file: 027-backport_a2b91ed.patch + descripion: | + Fixes security bug + https://bugs.chromium.org/p/project-zero/issues/detail?id=1446 +- + owners: codebytere + file: 032-cherry_pick_c690f54d95802.patch + descripion: null +- + owners: codebytere + file: 033-cherry_pick_98c40a4bae915.patch + descripion: null +- + owners: codebytere + file: 035-backport_14ac02c.patch + descripion: null +- + owners: codebytere + file: 037-backport_76c3ac5.patch + descripion: null +- + owners: codebytere + file: 039-cherry_pick_c3458a8.patch + descripion: null +- + owners: codebytere + file: 040-cherry_pick_50f7455.patch + descripion: null +- + owners: codebytere + file: 041-cherry_pick_ac0fe8ec.patch + descripion: null +- + owners: alespergl + file: 099-dcheck.patch + descripion: null diff --git a/patches/v8/026-backport_3ecb047.patch b/patches/v8/026-backport_3ecb047.patch index 347b521c..5872e41c 100644 --- a/patches/v8/026-backport_3ecb047.patch +++ b/patches/v8/026-backport_3ecb047.patch @@ -1,6 +1,3 @@ -Fixes security bug -https://bugs.chromium.org/p/project-zero/issues/detail?id=1445 - diff --git a/src/objects.h b/src/objects.h index 895d92ba31..700cb84a51 100644 --- a/src/objects.h diff --git a/patches/v8/027-backport_a2b91ed.patch b/patches/v8/027-backport_a2b91ed.patch index 0adc7260..731895d9 100644 --- a/patches/v8/027-backport_a2b91ed.patch +++ b/patches/v8/027-backport_a2b91ed.patch @@ -1,6 +1,3 @@ -Fixes security bug -https://bugs.chromium.org/p/project-zero/issues/detail?id=1446 - diff --git a/src/deoptimizer.cc b/src/deoptimizer.cc index 125ca932f7..dd8e4a1745 100644 --- a/src/deoptimizer.cc diff --git a/script/apply-patches b/script/apply-patches index e62c6f97..b8227d05 100755 --- a/script/apply-patches +++ b/script/apply-patches @@ -1,10 +1,11 @@ #!/usr/bin/env python +import argparse import os import subprocess import sys -from patch import apply_patches_from_directory +from lib.patches import PatchesConfig SOURCE_ROOT = os.path.abspath(os.path.dirname(os.path.dirname(__file__))) @@ -16,10 +17,12 @@ SRC_DIR = os.path.join(SOURCE_ROOT, SRC) def main(): + args = parse_args() + folders = [PATCHES_DIR] if os.environ.has_key('MAS_BUILD'): folders.append(PATCHES_MAS_DIR) - if sys.argv[1] == 'mips64el': + if args.target_arch == 'mips64el': folders.append(PATCHES_MIPS64EL_DIR) for folder in folders: @@ -34,14 +37,25 @@ def main(): def apply_patches_for_dir(directory): for root, dirs, files in os.walk(directory): - prefix = os.path.relpath(root, directory) - repo = SRC if prefix == '.' else os.path.join(SRC, prefix) + config = PatchesConfig.from_directory(root) + patches_list = config.get_patches_list() + if patches_list is None: + continue - (success, failed_patches) = apply_patches_from_directory(repo, root) + (success, failed_patches) = patches_list.apply() if not success: patch_path = failed_patches[0].get_file_path() return '{0} failed to apply'.format(os.path.basename(patch_path)) +def parse_args(): + parser = argparse.ArgumentParser(description='Apply all required patches.') + + parser.add_argument('-t', '--target-arch', + help='Target architecture') + + return parser.parse_args() + + if __name__ == '__main__': sys.exit(main()) diff --git a/script/bootstrap b/script/bootstrap index 468cb41e..ae11f353 100755 --- a/script/bootstrap +++ b/script/bootstrap @@ -26,6 +26,10 @@ def main(): # do so some modules like multiprocessing would break. shutil.copy(os.path.join('bin', 's3put'), os.path.join('bin', 's3put.py')) + # Install PyYAML. + with util.scoped_cwd(os.path.join('vendor', 'pyyaml')): + subprocess.call([sys.executable, 'setup.py', 'install', '--user']) + if __name__ == '__main__': sys.exit(main()) diff --git a/script/lib/patches.py b/script/lib/patches.py index b39fa66a..cec80793 100644 --- a/script/lib/patches.py +++ b/script/lib/patches.py @@ -1,4 +1,9 @@ -# import yaml # TODO: Use for PatchesConfig. +import os +import sys + +PROJECT_ROOT = os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__)))) +sys.path.append(os.path.join(PROJECT_ROOT, 'vendor', 'pyyaml', 'lib')) +import yaml from git import apply as git_apply @@ -22,6 +27,9 @@ class PatchesList: def __init__(self, patches): self.patches = patches + def __len__(self): + return len(self.patches) + def apply(self, reverse=False, stop_on_error=True): all_patches_applied = True failed_patches = [] @@ -44,37 +52,45 @@ class PatchesList: class PatchesConfig: - def __init__(self, path): - raise + @staticmethod + def from_directory(dir_path, config_name='.patches.yaml'): + config_path = os.path.join(dir_path, config_name) + return PatchesConfig(config_path) - self.path = path - self.contents = None - self.is_parsed = False + def __init__(self, config_path): + self.path = config_path def __parse(self): - with open(self.path, 'r') as stream: - try: - self.contents = yaml.load(stream) - except yaml.YAMLError as exc: - print(exc) + contents = None - self.is_parsed = True + if os.path.isfile(self.path): + with open(self.path, 'r') as stream: + try: + contents = yaml.load(stream) + except yaml.YAMLError as e: + print(e) - def __parse_if_needed(self): - if not self.is_parsed: - self.__parse() + return contents - def __create_patch(self, repo_path, raw_data): - file_path = raw_data['file'] - return Patch(file_path, repo_path) + def __create_patch(self, raw_data, base_directory, repo_path): + relative_file_path = raw_data['file'] + absolute_file_path = os.path.join(base_directory, relative_file_path) + + return Patch(absolute_file_path, repo_path) def get_patches_list(self): - self.__parse_if_needed() - if self.contents is None: + config_contents = self.__parse() + if config_contents is None: return None - repo_path = self.contents['repo'] # TODO: Make it absolute. - raw_patches_data = self.contents['patches'] - patches = [self.__create_patch(repo_path, data) for data in raw_patches_data] + repo_path = config_contents['repo'] + if sys.platform == 'win32': + repo_path = repo_path.replace('/', '\\') - return patches + patches_data = config_contents['patches'] + base_directory = os.path.dirname(self.path) + + patches = [self.__create_patch(data, base_directory, repo_path) for data in patches_data] + patches_list = PatchesList(patches) + + return patches_list diff --git a/script/patch.py b/script/patch.py index ee6133ef..448af745 100755 --- a/script/patch.py +++ b/script/patch.py @@ -11,7 +11,7 @@ import os import subprocess import sys -from lib.patches import Patch, PatchesList +from lib.patches import Patch, PatchesList, PatchesConfig def main(): @@ -24,7 +24,7 @@ def main(): reverse = args.reverse if directory: - (success, failed_patches) = apply_patches_from_directory(repo, directory, force, reverse) + (success, failed_patches) = apply_patches_from_directory(directory, force, reverse) else: (success, failed_patches) = apply_patches(repo, patches, force, reverse) @@ -44,21 +44,18 @@ def apply_patches(repo_path, patches_paths, force=False, reverse=False): return patches_list.apply(reverse=reverse, stop_on_error=stop_on_error) -def apply_patches_from_directory(repo, directory, force=False, reverse=False): - # TODO(alexeykuzmin): Use PatchesConfig instead. - - # First, get list of ".patch" files. - directory_children = [os.path.join(directory, child) for child in os.listdir(directory)] - patch_files = [path for path in directory_children if os.path.isfile(path) and path.endswith('.patch')] +def apply_patches_from_directory(directory, force=False, reverse=False): + config = PatchesConfig.from_directory(directory) + patches_list = config.get_patches_list() # Notify user if we didn't find any patch files. - if len(patch_files) == 0: - print 'Warning: No "*.patch" files found in the "{0}" folder.'.format(directory) + if patches_list is None or len(patches_list) == 0: + print 'Warning: No patches found in the "{0}" folder.'.format(directory) return (True, []) # Then try to apply patches. - sorted_patch_files = sorted(patch_files, reverse=reverse) - return apply_patches(repo, sorted_patch_files, force=force, reverse=reverse) + stop_on_error = not force + return patches_list.apply(reverse=reverse, stop_on_error=stop_on_error) def parse_args(): @@ -66,14 +63,20 @@ def parse_args(): parser.add_argument('-f', '--force', default=False, action='store_true', help='Do not stop on the first failed patch.') parser.add_argument('-R', '--reverse', default=False, action='store_true', help='Apply patches in reverse.') - parser.add_argument('-r', '--repo', required=True, help='Path to a repository root folder.') + parser.add_argument('-r', '--repo', help='Path to a repository root folder.') paths_group = parser.add_mutually_exclusive_group(required=True) paths_group.add_argument('-d', '--directory', - help='Path to a directory with "*.patch" files. If present, -p/--patch is ignored.') + help='Path to a directory with patches. If present, -p/--patch is ignored.') paths_group.add_argument('-p', '--patch', nargs='*', help='Path(s) to a patch file(s).') - return parser.parse_args() + args = parser.parse_args() + + # Additional rules. + if args.patch is not None and args.repo is None: + parser.error("Repository path (-r/--repo) is required when you supply patches list.") + + return args if __name__ == '__main__': diff --git a/script/update b/script/update index cb605f63..3820eefa 100755 --- a/script/update +++ b/script/update @@ -217,7 +217,7 @@ def gclient_sync(version, force, git_cache): def apply_patches(target_arch): script_path = os.path.join(SOURCE_ROOT, 'script', 'apply-patches') - script_arguments = [target_arch] + script_arguments = ['--target-arch', target_arch] return subprocess.call([sys.executable, script_path] + script_arguments) diff --git a/vendor/pyyaml b/vendor/pyyaml new file mode 160000 index 00000000..7e026bfe --- /dev/null +++ b/vendor/pyyaml @@ -0,0 +1 @@ +Subproject commit 7e026bfee9cc0bddeb1bbca0c4a0bcd826c2bfdf