diff options
Diffstat (limited to 'devel/electron37/files/patch-content_app_content__main__runner__impl.cc')
| -rw-r--r-- | devel/electron37/files/patch-content_app_content__main__runner__impl.cc | 131 |
1 files changed, 131 insertions, 0 deletions
diff --git a/devel/electron37/files/patch-content_app_content__main__runner__impl.cc b/devel/electron37/files/patch-content_app_content__main__runner__impl.cc new file mode 100644 index 000000000000..5ffd29a3298b --- /dev/null +++ b/devel/electron37/files/patch-content_app_content__main__runner__impl.cc @@ -0,0 +1,131 @@ +--- content/app/content_main_runner_impl.cc.orig 2025-07-04 05:17:07 UTC ++++ content/app/content_main_runner_impl.cc +@@ -148,18 +148,20 @@ + #include "content/browser/posix_file_descriptor_info_impl.h" + #include "content/public/common/content_descriptors.h" + +-#if !BUILDFLAG(IS_MAC) ++#if !BUILDFLAG(IS_MAC) && !BUILDFLAG(IS_BSD) + #include "content/public/common/zygote/zygote_fork_delegate_linux.h" + #endif + + #endif // BUILDFLAG(IS_POSIX) || BUILDFLAG(IS_FUCHSIA) + +-#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS) ++#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS) || BUILDFLAG(IS_BSD) + #include "base/files/file_path_watcher_inotify.h" + #include "base/native_library.h" + #include "base/rand_util.h" + #include "content/public/common/zygote/sandbox_support_linux.h" ++#if !BUILDFLAG(IS_BSD) + #include "sandbox/policy/linux/sandbox_linux.h" ++#endif + #include "third_party/boringssl/src/include/openssl/crypto.h" + #include "third_party/webrtc_overrides/init_webrtc.h" // nogncheck + +@@ -188,6 +190,10 @@ + #include "media/base/media_switches.h" + #endif + ++#if BUILDFLAG(IS_BSD) ++#include "base/system/sys_info.h" ++#endif ++ + #if BUILDFLAG(IS_ANDROID) + #include "base/system/sys_info.h" + #include "content/browser/android/battery_metrics.h" +@@ -389,7 +395,7 @@ void InitializeZygoteSandboxForBrowserProcess( + } + #endif // BUILDFLAG(USE_ZYGOTE) + +-#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS) ++#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS) || BUILDFLAG(IS_BSD) + + #if BUILDFLAG(ENABLE_PPAPI) + // Loads the (native) libraries but does not initialize them (i.e., does not +@@ -427,7 +433,10 @@ void PreSandboxInit() { + + void PreSandboxInit() { + // Ensure the /dev/urandom is opened. ++ // we use arc4random ++#if !BUILDFLAG(IS_BSD) + base::GetUrandomFD(); ++#endif + + // May use sysinfo(), sched_getaffinity(), and open various /sys/ and /proc/ + // files. +@@ -439,9 +448,16 @@ void PreSandboxInit() { + // https://boringssl.googlesource.com/boringssl/+/HEAD/SANDBOXING.md + CRYPTO_pre_sandbox_init(); + ++#if BUILDFLAG(IS_BSD) ++ // "cache" the amount of physical memory before pledge(2) ++ base::SysInfo::AmountOfPhysicalMemoryMB(); ++#endif ++ ++#if !BUILDFLAG(IS_BSD) + // Pre-read /proc/sys/fs/inotify/max_user_watches so it doesn't have to be + // allowed by the sandbox. + base::GetMaxNumberOfInotifyWatches(); ++#endif + + #if BUILDFLAG(ENABLE_PPAPI) + // Ensure access to the Pepper plugins before the sandbox is turned on. +@@ -766,7 +782,7 @@ NO_STACK_PROTECTOR int RunOtherNamedProcessTypeMain( + unregister_thread_closure = base::HangWatcher::RegisterThread( + base::HangWatcher::ThreadType::kMainThread); + bool start_hang_watcher_now; +-#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS) ++#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS) || BUILDFLAG(IS_BSD) + // On Linux/ChromeOS, the HangWatcher can't start until after the sandbox is + // initialized, because the sandbox can't be started with multiple threads. + // TODO(mpdenton): start the HangWatcher after the sandbox is initialized. +@@ -879,11 +895,10 @@ int ContentMainRunnerImpl::Initialize(ContentMainParam + base::GlobalDescriptors::kBaseDescriptor); + #endif // !BUILDFLAG(IS_ANDROID) + +-#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS) || BUILDFLAG(IS_OPENBSD) ++#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS) + g_fds->Set(kCrashDumpSignal, + kCrashDumpSignal + base::GlobalDescriptors::kBaseDescriptor); +-#endif // BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS) || +- // BUILDFLAG(IS_OPENBSD) ++#endif // BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS) + + #endif // !BUILDFLAG(IS_WIN) + +@@ -1076,10 +1091,22 @@ int ContentMainRunnerImpl::Initialize(ContentMainParam + process_type == switches::kZygoteProcess) { + PreSandboxInit(); + } ++#elif BUILDFLAG(IS_BSD) ++ PreSandboxInit(); + #elif BUILDFLAG(IS_IOS) && !BUILDFLAG(IS_IOS_TVOS) + ChildProcessEnterSandbox(); + #endif + ++#if BUILDFLAG(IS_BSD) ++ if (process_type.empty()) { ++ sandbox::policy::SandboxLinux::Options sandbox_options; ++ sandbox::policy::SandboxLinux::GetInstance()->InitializeSandbox( ++ sandbox::policy::SandboxTypeFromCommandLine( ++ *base::CommandLine::ForCurrentProcess()), ++ sandbox::policy::SandboxLinux::PreSandboxHook(), sandbox_options); ++ } ++#endif ++ + delegate_->SandboxInitialized(process_type); + + #if BUILDFLAG(USE_ZYGOTE) +@@ -1179,6 +1206,11 @@ NO_STACK_PROTECTOR int ContentMainRunnerImpl::Run() { + content_main_params_.reset(); + + RegisterMainThreadFactories(); ++ ++#if BUILDFLAG(IS_BSD) ++ if (!process_type.empty()) ++ PreSandboxInit(); ++#endif + + if (process_type.empty()) + return RunBrowser(std::move(main_params), start_minimal_browser); |