diff --git a/0001-Fix-build-when-x11-over-egl-es2.patch b/0001-Fix-build-when-x11-over-egl-es2.patch deleted file mode 100644 index 0c938c9..0000000 --- a/0001-Fix-build-when-x11-over-egl-es2.patch +++ /dev/null @@ -1,48 +0,0 @@ -From 130089f928db6d8ae6a49b27abc774c7e669cee0 Mon Sep 17 00:00:00 2001 -From: Michal Klocek -Date: Mon, 13 Sep 2021 09:23:54 +0200 -Subject: [PATCH] Fix build when x11 over egl/es2 - -Qt's xcb can be compiled without the glx support, -do not use Chromium flag to check that. - -Task-number: QTBUG-96398 -Pick-to: 6.2 -Change-Id: Ie7f1fe74699cd83aee1f9e5aff59760d4d7a70bf ---- - src/core/ozone/gl_context_qt.cpp | 5 +++-- - 1 file changed, 3 insertions(+), 2 deletions(-) - -diff --git a/src/core/ozone/gl_context_qt.cpp b/src/core/ozone/gl_context_qt.cpp -index 55497751..1dd7d8f6 100644 ---- a/src/core/ozone/gl_context_qt.cpp -+++ b/src/core/ozone/gl_context_qt.cpp -@@ -42,6 +42,7 @@ - #include - #include - #include -+#include - #include - #include "ui/gl/gl_context_egl.h" - #include "ui/gl/gl_implementation.h" -@@ -154,7 +155,7 @@ void* GLContextHelper::getNativeDisplay() - QFunctionPointer GLContextHelper::getGlXGetProcAddress() - { - QFunctionPointer get_proc_address = nullptr; --#if QT_CONFIG(opengl) -+#if QT_CONFIG(xcb_glx) - if (QOpenGLContext *context = qt_gl_global_share_context()) { - get_proc_address = context->getProcAddress("glXGetProcAddress"); - } -@@ -175,7 +176,7 @@ QFunctionPointer GLContextHelper::getEglGetProcAddress() - - void *GLContextHelper::getGlxPlatformInterface() - { --#if QT_CONFIG(opengl) && defined(USE_GLX) -+#if QT_CONFIG(xcb_glx) - if (QOpenGLContext *context = qt_gl_global_share_context()) - return context->nativeInterface(); - #endif --- -2.33.0 - diff --git a/0001-Fix-build-with-glibc-2.34.patch b/0001-Fix-build-with-glibc-2.34.patch index a19ee39..8f90f4e 100644 --- a/0001-Fix-build-with-glibc-2.34.patch +++ b/0001-Fix-build-with-glibc-2.34.patch @@ -3,11 +3,6 @@ From: Christophe Giboudeaux Date: Wed, 11 Aug 2021 11:39:59 +0200 Subject: [PATCH] Fix build with glibc 2.34 ---- - .../abseil-cpp/absl/debugging/failure_signal_handler.cc | 3 ++- - .../breakpad/src/client/linux/handler/exception_handler.cc | 2 +- - 2 files changed, 3 insertions(+), 2 deletions(-) - diff --git a/src/3rdparty/chromium/sandbox/linux/services/credentials.cc b/src/3rdparty/chromium/sandbox/linux/services/credentials.cc index d7b5d8c4413..a62cb21bd7a 100644 --- a/src/3rdparty/chromium/sandbox/linux/services/credentials.cc @@ -23,32 +18,5 @@ index d7b5d8c4413..a62cb21bd7a 100644 tls = tls_buf; #endif -diff --git a/src/3rdparty/chromium/third_party/abseil-cpp/absl/debugging/failure_signal_handler.cc b/src/3rdparty/chromium/third_party/abseil-cpp/absl/debugging/failure_signal_handler.cc -index 5d13bdbbbd1..2ed137b58f1 100644 ---- a/src/3rdparty/chromium/third_party/abseil-cpp/absl/debugging/failure_signal_handler.cc -+++ b/src/3rdparty/chromium/third_party/abseil-cpp/absl/debugging/failure_signal_handler.cc -@@ -135,7 +135,8 @@ static bool SetupAlternateStackOnce() { - #else - const size_t page_mask = sysconf(_SC_PAGESIZE) - 1; - #endif -- size_t stack_size = (std::max(SIGSTKSZ, 65536) + page_mask) & ~page_mask; -+ size_t stack_size = -+ (std::max(SIGSTKSZ, 65536) + page_mask) & ~page_mask; - #if defined(ABSL_HAVE_ADDRESS_SANITIZER) || \ - defined(ABSL_HAVE_MEMORY_SANITIZER) || defined(ABSL_HAVE_THREAD_SANITIZER) - // Account for sanitizer instrumentation requiring additional stack space. -diff --git a/src/3rdparty/chromium/third_party/breakpad/breakpad/src/client/linux/handler/exception_handler.cc b/src/3rdparty/chromium/third_party/breakpad/breakpad/src/client/linux/handler/exception_handler.cc -index ca353c40997..2e43ba6fc04 100644 ---- a/src/3rdparty/chromium/third_party/breakpad/breakpad/src/client/linux/handler/exception_handler.cc -+++ b/src/3rdparty/chromium/third_party/breakpad/breakpad/src/client/linux/handler/exception_handler.cc -@@ -138,7 +138,7 @@ void InstallAlternateStackLocked() { - // SIGSTKSZ may be too small to prevent the signal handlers from overrunning - // the alternative stack. Ensure that the size of the alternative stack is - // large enough. -- static const unsigned kSigStackSize = std::max(16384, SIGSTKSZ); -+ static const unsigned kSigStackSize = std::max(16384, SIGSTKSZ); - - // Only set an alternative stack if there isn't already one, or if the current - // one is too small. -- 2.32.0 diff --git a/0001-return-ENOSYS-for-clone3.patch b/0001-return-ENOSYS-for-clone3.patch deleted file mode 100644 index e96b38e..0000000 --- a/0001-return-ENOSYS-for-clone3.patch +++ /dev/null @@ -1,42 +0,0 @@ -From 218438259dd795456f0a48f67cbe5b4e520db88b Mon Sep 17 00:00:00 2001 -From: Matthew Denton -Date: Thu, 3 Jun 2021 20:06:13 +0000 -Subject: [PATCH] Linux sandbox: return ENOSYS for clone3 - -Because clone3 uses a pointer argument rather than a flags argument, we -cannot examine the contents with seccomp, which is essential to -preventing sandboxed processes from starting other processes. So, we -won't be able to support clone3 in Chromium. This CL modifies the -BPF policy to return ENOSYS for clone3 so glibc always uses the fallback -to clone. - -Bug: 1213452 -Change-Id: I7c7c585a319e0264eac5b1ebee1a45be2d782303 -Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2936184 -Reviewed-by: Robert Sesek -Commit-Queue: Matthew Denton -Cr-Commit-Position: refs/heads/master@{#888980} ---- - .../sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc | 8 ++++++++ - -diff --git a/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc b/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc -index 3c67b124786..81cb25e139e 100644 ---- a/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc -+++ b/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc -@@ -165,6 +165,14 @@ ResultExpr EvaluateSyscallImpl(int fs_denied_errno, - return RestrictCloneToThreadsAndEPERMFork(); - } - -+ // clone3 takes a pointer argument which we cannot examine, so return ENOSYS -+ // to force the libc to use clone. See https://crbug.com/1213452. -+ #if defined(__NR_clone3) -+ if (sysno == __NR_clone3) { -+ return Error(ENOSYS); -+ } -+ #endif -+ - if (sysno == __NR_fcntl) - return RestrictFcntlCommands(); - --- -2.32.0 diff --git a/qt6-webengine.changes b/qt6-webengine.changes index e5cc20d..a1e9319 100644 --- a/qt6-webengine.changes +++ b/qt6-webengine.changes @@ -1,3 +1,21 @@ +------------------------------------------------------------------- +Tue Oct 26 11:23:04 UTC 2021 - Christophe Giboudeaux + +- Update to 6.2.1 + * https://www.qt.io/blog/qt-6.2.1-released + +- Drop openSUSE patch qtwebengine-boo1163766.patch. + should be addressed with: + https://github.com/qt/qtwebengine-chromium/commit/652f834de + https://github.com/qt/qtwebengine-chromium/commit/faae106ed + https://github.com/qt/qtwebengine-chromium/commit/6b7b3f1bf +- Drop upstream changes: + * 0001-Fix-build-when-x11-over-egl-es2.patch + * 0001-return-ENOSYS-for-clone3.patch +- Rebase patches: + * 0001-Fix-build-with-glibc-2.34.patch + * sandbox-statx-futex_time64.patch + ------------------------------------------------------------------- Thu Sep 30 12:31:00 UTC 2021 - Christophe Giboudeaux diff --git a/qt6-webengine.spec b/qt6-webengine.spec index 7cc296b..94aa10c 100644 --- a/qt6-webengine.spec +++ b/qt6-webengine.spec @@ -16,7 +16,7 @@ # -%define real_version 6.2.0 +%define real_version 6.2.1 %define short_version 6.2 %define tar_name qtwebengine-everywhere-src %define tar_suffix %{nil} @@ -42,7 +42,7 @@ %bcond_without system_minizip # Name: qt6-webengine%{?pkg_suffix} -Version: 6.2.0 +Version: 6.2.1 Release: 0 Summary: Web browser engine for Qt applications License: LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only @@ -50,22 +50,17 @@ URL: https://www.qt.io Source: https://download.qt.io/official_releases/qt/%{short_version}/%{real_version}%{tar_suffix}/submodules/%{tar_name}-%{real_version}%{tar_suffix}.tar.xz Source99: qt6-webengine-rpmlintrc # Patches 0-100 are upstream patches # -# PATCH-FIX-UPSTREAM -Patch0: 0001-Fix-build-when-x11-over-egl-es2.patch # Patches 100-200 are openSUSE and/or non-upstream(able) patches # -Patch100: qtwebengine-boo1163766.patch -Patch101: rtc-dont-use-h264.patch -Patch102: sandbox-statx-futex_time64.patch +Patch100: rtc-dont-use-h264.patch +Patch101: sandbox-statx-futex_time64.patch # PATCH-FIX-UPSTREAM -Patch103: 0001-Fix-build-with-glibc-2.34.patch -# PATCH-FIX-UPSTREAM -Patch104: 0001-return-ENOSYS-for-clone3.patch +Patch102: 0001-Fix-build-with-glibc-2.34.patch # PATCH-FIX-OPENSUSE -- Needed for leap 15.2 -Patch105: chromium-90-fseal.patch +Patch103: chromium-90-fseal.patch # PATCH-FIX-OPENSUSE -- disable-gpu-when-using-nouveau-boo-1005323.diff # PATCH-NEEDS-REBASE %if 0 -Patch106: disable-gpu-when-using-nouveau-boo-1005323.diff +Patch104: disable-gpu-when-using-nouveau-boo-1005323.diff %endif # # Chromium/blink don't support all archs @@ -329,9 +324,11 @@ ABI or API guarantees. %autosetup -p1 -n %{tar_name}-%{real_version}%{tar_suffix} %build +%if %{no_flavor} # Determine the right number of parallel processes based on the available memory # Copied from the Qt 5 webengine package %limit_build -m 2750 +%endif # Ensure that also the internal chromium build follows the right number of # parallel processes instead of its defaults. diff --git a/qtwebengine-boo1163766.patch b/qtwebengine-boo1163766.patch deleted file mode 100644 index 31db231..0000000 --- a/qtwebengine-boo1163766.patch +++ /dev/null @@ -1,62 +0,0 @@ -From eaae274cb1975be558d8a535ba2310bc67c073a6 Mon Sep 17 00:00:00 2001 -From: "Bernhard M. Wiedemann" -Date: Wed, 24 Mar 2021 16:00:08 +0100 -Subject: [PATCH] https://bugzilla.opensuse.org/show_bug.cgi?id=1163766 - -seccomp filters disallow a new kernel syscall to get time -used on i586 ---- - src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc | 6 ++++++ - src/3rdparty/chromium/sandbox/linux/system_headers/x86_32_linux_syscalls.h | 8 ++++++++ - src/3rdparty/chromium/sandbox/policy/linux/bpf_ime_policy_linux.cc | 3 +++ - 3 files changed, 17 insertions(+) - -Index: qtwebengine-everywhere-src-5.15.3/src/3rdparty/chromium/sandbox/linux/system_headers/x86_32_linux_syscalls.h -=================================================================== ---- qtwebengine-everywhere-src-5.15.3.orig/src/3rdparty/chromium/sandbox/linux/system_headers/x86_32_linux_syscalls.h -+++ qtwebengine-everywhere-src-5.15.3/src/3rdparty/chromium/sandbox/linux/system_headers/x86_32_linux_syscalls.h -@@ -1710,5 +1710,13 @@ - #define __NR_clone3 435 - #endif - -+#if !defined(__NR_clock_gettime64) -+#define __NR_clock_gettime64 403 -+#endif -+ -+#if !defined(__NR_clock_nanosleep_time64) -+#define __NR_clock_nanosleep_time64 407 -+#endif -+ - #endif // SANDBOX_LINUX_SYSTEM_HEADERS_X86_32_LINUX_SYSCALLS_H_ - -Index: qtwebengine-everywhere-src-5.15.3/src/3rdparty/chromium/sandbox/policy/linux/bpf_ime_policy_linux.cc -=================================================================== ---- qtwebengine-everywhere-src-5.15.3.orig/src/3rdparty/chromium/sandbox/policy/linux/bpf_ime_policy_linux.cc -+++ qtwebengine-everywhere-src-5.15.3/src/3rdparty/chromium/sandbox/policy/linux/bpf_ime_policy_linux.cc -@@ -32,6 +32,9 @@ ResultExpr ImeProcessPolicy::EvaluateSys - #if defined(__NR_clock_gettime) - case __NR_clock_gettime: - #endif -+#if defined(__NR_clock_gettime64) -+ case __NR_clock_gettime64: -+#endif - return Allow(); - // https://crbug.com/991435 - #if defined(__NR_getrusage) -Index: qtwebengine-everywhere-src-5.15.3/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc -=================================================================== ---- qtwebengine-everywhere-src-5.15.3.orig/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc -+++ qtwebengine-everywhere-src-5.15.3/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc -@@ -161,6 +161,12 @@ ResultExpr EvaluateSyscallImpl(int fs_de - return RestrictClockID(); - } - -+#if defined(__NR_clock_gettime64) -+ if (sysno == __NR_clock_gettime64 || sysno == __NR_clock_nanosleep_time64) { -+ return RestrictClockID(); -+ } -+#endif -+ - if (sysno == __NR_clone) { - return RestrictCloneToThreadsAndEPERMFork(); - } diff --git a/qtwebengine-everywhere-src-6.2.0.tar.xz b/qtwebengine-everywhere-src-6.2.0.tar.xz deleted file mode 100644 index cbf215f..0000000 --- a/qtwebengine-everywhere-src-6.2.0.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:c6e530a61bea2e7fbb50308a2b4e7fdb4f7c7b61a28797973270acffc020809d -size 369733760 diff --git a/qtwebengine-everywhere-src-6.2.1.tar.xz b/qtwebengine-everywhere-src-6.2.1.tar.xz new file mode 100644 index 0000000..67def95 --- /dev/null +++ b/qtwebengine-everywhere-src-6.2.1.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:1f933cffb8671c1e71b6b2a4924cb6b3f9878388ae6298ac8d31a76c1ecffbb7 +size 369758400 diff --git a/sandbox-statx-futex_time64.patch b/sandbox-statx-futex_time64.patch index 651649b..006c684 100644 --- a/sandbox-statx-futex_time64.patch +++ b/sandbox-statx-futex_time64.patch @@ -9,10 +9,10 @@ futex_time64 is also used internally in glibc, so handle that as well. The signature is identical where it matters. diff --git a/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc b/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc -index 5e997009667..1cfe1f382cf 100644 +index 6f7768f7d..b3335e2bf 100644 --- a/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc +++ b/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc -@@ -196,6 +196,11 @@ ResultExpr EvaluateSyscallImpl(int fs_denied_errno, +@@ -203,6 +203,11 @@ ResultExpr EvaluateSyscallImpl(int fs_denied_errno, if (sysno == __NR_futex) return RestrictFutex(); @@ -24,9 +24,9 @@ index 5e997009667..1cfe1f382cf 100644 if (sysno == __NR_set_robust_list) return Error(EPERM); -@@ -281,6 +286,12 @@ ResultExpr EvaluateSyscallImpl(int fs_denied_errno, +@@ -283,6 +288,12 @@ ResultExpr EvaluateSyscallImpl(int fs_denied_errno, + return RewriteFstatatSIGSYS(fs_denied_errno); } - #endif +#if defined(__NR_statx) + if (sysno == __NR_statx) {