- Add webkit2gtk3-CVE-2024-44308.patch: don't allocate DFG register

after a slow path (boo#1233631 CVE-2024-44308).
- Add webkit2gtk3-CVE-2024-44309.patch: fix a cookie management
  issue (boo#1233632 CVE-2024-44309).

OBS-URL: https://build.opensuse.org/package/show/GNOME:Factory/webkit2gtk3?expand=0&rev=496
This commit is contained in:
Dominique Leuenberger 2024-11-26 13:02:49 +00:00 committed by Git OBS Bridge
commit 46a569d9c5
36 changed files with 6764 additions and 0 deletions

23
.gitattributes vendored Normal file
View File

@ -0,0 +1,23 @@
## Default LFS
*.7z filter=lfs diff=lfs merge=lfs -text
*.bsp filter=lfs diff=lfs merge=lfs -text
*.bz2 filter=lfs diff=lfs merge=lfs -text
*.gem filter=lfs diff=lfs merge=lfs -text
*.gz filter=lfs diff=lfs merge=lfs -text
*.jar filter=lfs diff=lfs merge=lfs -text
*.lz filter=lfs diff=lfs merge=lfs -text
*.lzma filter=lfs diff=lfs merge=lfs -text
*.obscpio filter=lfs diff=lfs merge=lfs -text
*.oxt filter=lfs diff=lfs merge=lfs -text
*.pdf filter=lfs diff=lfs merge=lfs -text
*.png filter=lfs diff=lfs merge=lfs -text
*.rpm filter=lfs diff=lfs merge=lfs -text
*.tbz filter=lfs diff=lfs merge=lfs -text
*.tbz2 filter=lfs diff=lfs merge=lfs -text
*.tgz filter=lfs diff=lfs merge=lfs -text
*.ttf filter=lfs diff=lfs merge=lfs -text
*.txz filter=lfs diff=lfs merge=lfs -text
*.whl filter=lfs diff=lfs merge=lfs -text
*.xz filter=lfs diff=lfs merge=lfs -text
*.zip filter=lfs diff=lfs merge=lfs -text
*.zst filter=lfs diff=lfs merge=lfs -text

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
.osc

View File

@ -0,0 +1,31 @@
From 63f7badbada070ebaadd318b2801818ecf7e7ea0 Mon Sep 17 00:00:00 2001
From: Don Olmstead <don.olmstead@sony.com>
Date: Sat, 26 Oct 2024 08:27:01 -0700
Subject: [PATCH] Support ICU 76.1 build
https://bugs.webkit.org/show_bug.cgi?id=282120
Reviewed by Yusuke Suzuki.
In ICU 76.1 an additional macro `U_SHOW_CPLUSPLUS_HEADER_API` was added to
control visibility of the C++ API within ICU. Set this value to `0` since WebKit
wants to only use the C API.
* Source/WTF/wtf/Platform.h:
Canonical link: https://commits.webkit.org/285727@main
---
Source/WTF/wtf/Platform.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/Source/WTF/wtf/Platform.h b/Source/WTF/wtf/Platform.h
index 23070df2937ba..51a8dce97755e 100644
--- a/Source/WTF/wtf/Platform.h
+++ b/Source/WTF/wtf/Platform.h
@@ -115,6 +115,7 @@
/* ICU configuration. Some of these match ICU defaults on some platforms, but we would like them consistently set everywhere we build WebKit. */
#define U_HIDE_DEPRECATED_API 1
#define U_SHOW_CPLUSPLUS_API 0
+#define U_SHOW_CPLUSPLUS_HEADER_API 0
#ifdef __cplusplus
#define UCHAR_TYPE char16_t
#endif

View File

@ -0,0 +1,59 @@
From 9d5844679af8f84036f1b800307e799bd7ab73ba Mon Sep 17 00:00:00 2001
From: Philippe Normand <philn@igalia.com>
Date: Thu, 20 Jun 2024 12:39:27 -0700
Subject: [PATCH] [GTK][GStreamer] VA+DMABuf videos flicker
https://bugs.webkit.org/show_bug.cgi?id=253807
Reviewed by Xabier Rodriguez-Calvar.
By requesting a video frame allocation pool containing at least 3 frames, the risks of flickering
when rendering should be reduced.
* Source/WebCore/platform/graphics/gstreamer/GStreamerVideoSinkCommon.cpp:
(WebKitVideoSinkProbe::doProbe):
Canonical link: https://commits.webkit.org/280210@main
---
.../gstreamer/GStreamerVideoSinkCommon.cpp | 29 +++++++++++++++++--
1 file changed, 27 insertions(+), 2 deletions(-)
diff --git a/Source/WebCore/platform/graphics/gstreamer/GStreamerVideoSinkCommon.cpp b/Source/WebCore/platform/graphics/gstreamer/GStreamerVideoSinkCommon.cpp
index dc3f912e11d8..b2ddaad303e8 100644
--- a/Source/WebCore/platform/graphics/gstreamer/GStreamerVideoSinkCommon.cpp
+++ b/Source/WebCore/platform/graphics/gstreamer/GStreamerVideoSinkCommon.cpp
@@ -73,8 +73,33 @@ class WebKitVideoSinkProbe {
player->updateVideoOrientation(tagList);
}
- if (info->type & GST_PAD_PROBE_TYPE_QUERY_DOWNSTREAM && GST_QUERY_TYPE(GST_PAD_PROBE_INFO_QUERY(info)) == GST_QUERY_ALLOCATION)
- gst_query_add_allocation_meta(GST_PAD_PROBE_INFO_QUERY(info), GST_VIDEO_META_API_TYPE, nullptr);
+ if (info->type & GST_PAD_PROBE_TYPE_QUERY_DOWNSTREAM && GST_QUERY_TYPE(GST_PAD_PROBE_INFO_QUERY(info)) == GST_QUERY_ALLOCATION) {
+ auto query = GST_PAD_PROBE_INFO_QUERY(info);
+ gst_query_add_allocation_meta(query, GST_VIDEO_META_API_TYPE, nullptr);
+
+ GstCaps* caps;
+ gboolean needPool;
+ gst_query_parse_allocation(query, &caps, &needPool);
+ if (UNLIKELY(!caps) || !needPool)
+ return GST_PAD_PROBE_OK;
+
+ unsigned size;
+#if GST_CHECK_VERSION(1, 24, 0)
+ if (gst_video_is_dma_drm_caps(caps)) {
+ GstVideoInfoDmaDrm drmInfo;
+ if (!gst_video_info_dma_drm_from_caps(&drmInfo, caps))
+ return GST_PAD_PROBE_OK;
+ size = GST_VIDEO_INFO_SIZE(&drmInfo.vinfo);
+ } else
+#endif
+ {
+ GstVideoInfo info;
+ if (!gst_video_info_from_caps(&info, caps))
+ return GST_PAD_PROBE_OK;
+ size = GST_VIDEO_INFO_SIZE(&info);
+ }
+ gst_query_add_allocation_pool(query, nullptr, size, 3, 0);
+ }
#if USE(GSTREAMER_GL)
// FIXME: Verify the following comment. Investigate what actually should be done here.

View File

@ -0,0 +1,41 @@
From 9e9ea966373d3858668f6a29d8ba91a5807c8dd8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Th=C3=A9o=20Maillart?= <tmaillart@freebox.fr>
Date: Fri, 8 Nov 2024 09:50:53 -0800
Subject: [PATCH] [GStreamer] Video dimensions are wrong since GStreamer 1.24.9
https://bugs.webkit.org/show_bug.cgi?id=282749
Reviewed by Philippe Normand.
With the latest version of GStreamer, if the source is not selectable,
uridecodebin3 will drop the stream collection emitted from this element
As we only consider stream collection from the source element, we will
never set the stream collection internally, this will produce faulty
behaviour such as using wrong video dimensions
To avoid that, we reply true to the selectable query
* Source/WebCore/platform/graphics/gstreamer/mse/WebKitMediaSourceGStreamer.cpp:
(webKitMediaSrcQuery):
Canonical link: https://commits.webkit.org/286347@main
---
.../graphics/gstreamer/mse/WebKitMediaSourceGStreamer.cpp | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/Source/WebCore/platform/graphics/gstreamer/mse/WebKitMediaSourceGStreamer.cpp b/Source/WebCore/platform/graphics/gstreamer/mse/WebKitMediaSourceGStreamer.cpp
index c0a67c5f23f25..45b4f160e5630 100644
--- a/Source/WebCore/platform/graphics/gstreamer/mse/WebKitMediaSourceGStreamer.cpp
+++ b/Source/WebCore/platform/graphics/gstreamer/mse/WebKitMediaSourceGStreamer.cpp
@@ -255,6 +255,13 @@ static const char* streamTypeToString(TrackPrivateBaseGStreamer::TrackType type)
static gboolean webKitMediaSrcQuery(GstElement* element, GstQuery* query)
{
+#if GST_CHECK_VERSION(1, 22, 0)
+ if (GST_QUERY_TYPE(query) == GST_QUERY_SELECTABLE) {
+ gst_query_set_selectable(query, TRUE);
+ return TRUE;
+ }
+#endif
+
gboolean result = GST_ELEMENT_CLASS(parent_class)->query(element, query);
if (GST_QUERY_TYPE(query) != GST_QUERY_SCHEDULING)

45
_constraints Normal file
View File

@ -0,0 +1,45 @@
<?xml version="1.0" encoding="UTF-8"?>
<constraints>
<hardware>
<jobs>4</jobs>
<disk>
<size unit="G">26</size>
</disk>
<physicalmemory>
<size unit="G">15</size>
</physicalmemory>
</hardware>
<hostlabel exclude="true">SLOW_CPU</hostlabel>
<overwrite>
<conditions>
<arch>aarch64</arch>
<package>webkit2gtk3:gtk3-soup2</package>
</conditions>
<hardware>
<cpu>
<flag>asimdrdm</flag>
</cpu>
</hardware>
</overwrite>
<overwrite>
<conditions>
<arch>armv6l</arch>
<arch>armv7l</arch>
</conditions>
<hardware>
<physicalmemory>
<size unit="M">5500</size>
</physicalmemory>
</hardware>
</overwrite>
<overwrite>
<conditions>
<arch>riscv64</arch>
</conditions>
<hardware>
<physicalmemory>
<size unit="M">7250</size>
</physicalmemory>
</hardware>
</overwrite>
</constraints>

6
_multibuild Normal file
View File

@ -0,0 +1,6 @@
<multibuild>
<package>gtk3</package>
<package>gtk3-soup2</package>
<package>gtk4</package>
</multibuild>

2
baselibs.conf Normal file
View File

@ -0,0 +1,2 @@
libjavascriptcoregtk-4_0-18
libwebkit2gtk-4_0-37

94
bug281492.patch Normal file
View File

@ -0,0 +1,94 @@
From 984e2a6b7a92b8c144f2b4463f5904e449cb3cc1 Mon Sep 17 00:00:00 2001
From: Georges Basile Stavracas Neto <feaneron@igalia.com>
Date: Tue, 15 Oct 2024 11:44:23 -0300
Subject: [PATCH] AX: [GTK]: Fix crash in
AccessibilityObjectAtspi::textAttributes
https://bugs.webkit.org/show_bug.cgi?id=281492
Reviewed by NOBODY (OOPS!).
In the AccessibilityObjectAtspi::textAttributes() method, the
accessibilityTextAttributes() function is called for various AXObjects.
These objects are retrived by querying the AXObjectCache of the
document.
However, the cache can legitimately return nullptr when the AXObject is
not cached. The AccessibilityObjectAtspi::textAttributes() method did
not check for nullptr, and the accessibilityTextAttributes() function
is not nullptr safe.
This crashes.
Make AccessibilityObjectAtspi::textAttributes() check if the AXObject
is a nullptr before passing it down to accessibilityTextAttributes().
* Source/WebCore/accessibility/atspi/AccessibilityObjectTextAtspi.cpp:
(WebCore::AccessibilityObjectAtspi::textAttributes const):
---
.../atspi/AccessibilityObjectTextAtspi.cpp | 21 ++++++++++++++++---
1 file changed, 18 insertions(+), 3 deletions(-)
diff --git a/Source/WebCore/accessibility/atspi/AccessibilityObjectTextAtspi.cpp b/Source/WebCore/accessibility/atspi/AccessibilityObjectTextAtspi.cpp
index 50b4f58be2f3..a49bfd939716 100644
--- a/Source/WebCore/accessibility/atspi/AccessibilityObjectTextAtspi.cpp
+++ b/Source/WebCore/accessibility/atspi/AccessibilityObjectTextAtspi.cpp
@@ -38,6 +38,7 @@
#include "TextIterator.h"
#include "VisibleUnits.h"
#include <gio/gio.h>
+#include <wtf/Assertions.h>
#include <wtf/unicode/CharacterNames.h>
namespace WebCore {
@@ -763,6 +764,9 @@ AccessibilityObjectAtspi::TextAttributes AccessibilityObjectAtspi::textAttribute
auto accessibilityTextAttributes = [this](AXCoreObject* axObject, const HashMap<String, String>& defaultAttributes) -> HashMap<String, String> {
HashMap<String, String> attributes;
+
+ RELEASE_ASSERT(axObject);
+
auto& style = axObject->renderer()->style();
auto addAttributeIfNeeded = [&](const String& name, const String& value) {
@@ -838,8 +842,11 @@ AccessibilityObjectAtspi::TextAttributes AccessibilityObjectAtspi::textAttribute
return { WTFMove(defaultAttributes), -1, -1 };
if (!*utf16Offset && m_hasListMarkerAtStart) {
+ auto axObject = m_coreObject->children()[0].get();
+ RELEASE_ASSERT(axObject);
+
// Always consider list marker an independent run.
- auto attributes = accessibilityTextAttributes(m_coreObject->children()[0].get(), defaultAttributes);
+ auto attributes = accessibilityTextAttributes(axObject, defaultAttributes);
if (!includeDefault)
return { WTFMove(attributes), 0, 1 };
@@ -871,7 +878,11 @@ AccessibilityObjectAtspi::TextAttributes AccessibilityObjectAtspi::textAttribute
if (r->firstChildSlow())
continue;
- auto childAttributes = accessibilityTextAttributes(r->document().axObjectCache()->get(r), defaultAttributes);
+ auto axObject = r->document().axObjectCache()->get(r);
+ if (!axObject)
+ continue;
+
+ auto childAttributes = accessibilityTextAttributes(axObject, defaultAttributes);
if (childAttributes != attributes)
break;
@@ -885,7 +896,11 @@ AccessibilityObjectAtspi::TextAttributes AccessibilityObjectAtspi::textAttribute
if (r->firstChildSlow())
continue;
- auto childAttributes = accessibilityTextAttributes(r->document().axObjectCache()->get(r), defaultAttributes);
+ auto axObject = r->document().axObjectCache()->get(r);
+ if (!axObject)
+ continue;
+
+ auto childAttributes = accessibilityTextAttributes(axObject, defaultAttributes);
if (childAttributes != attributes)
break;
--
2.46.1

84
bug281495.patch Normal file
View File

@ -0,0 +1,84 @@
From 8fd152326050b81559903682e0767d289adef9cb Mon Sep 17 00:00:00 2001
From: Michael Catanzaro <mcatanzaro@redhat.com>
Date: Wed, 16 Oct 2024 13:45:39 -0500
Subject: [PATCH] REGRESSION(283414@main): [WPE][GTK] Crash in ProcessLauncher
socket monitor callback https://bugs.webkit.org/show_bug.cgi?id=281495
Reviewed by NOBODY (OOPS!).
The socket monitor callback that I added in 283414@main accidentally
deletes itself by calling m_socketMonitor.stop(). This causes the lambda
capture to itself be deleted. We can change the socket monitor to wait
until the callback has finished before deleting it.
* Source/WTF/wtf/glib/GSocketMonitor.cpp:
(WTF::GSocketMonitor::~GSocketMonitor):
(WTF::GSocketMonitor::socketSourceCallback):
(WTF::GSocketMonitor::stop):
---
Source/WTF/wtf/glib/GSocketMonitor.cpp | 21 +++++++++++++++++++--
Source/WTF/wtf/glib/GSocketMonitor.h | 2 ++
2 files changed, 21 insertions(+), 2 deletions(-)
diff --git a/Source/WTF/wtf/glib/GSocketMonitor.cpp b/Source/WTF/wtf/glib/GSocketMonitor.cpp
index c88ea9f91ca4..f3e31efb5053 100644
--- a/Source/WTF/wtf/glib/GSocketMonitor.cpp
+++ b/Source/WTF/wtf/glib/GSocketMonitor.cpp
@@ -33,6 +33,7 @@ namespace WTF {
GSocketMonitor::~GSocketMonitor()
{
+ RELEASE_ASSERT(!m_isExecutingCallback);
stop();
}
@@ -40,7 +41,17 @@ gboolean GSocketMonitor::socketSourceCallback(GSocket*, GIOCondition condition,
{
if (g_cancellable_is_cancelled(monitor->m_cancellable.get()))
return G_SOURCE_REMOVE;
- return monitor->m_callback(condition);
+
+ monitor->m_isExecutingCallback = true;
+ gboolean result = monitor->m_callback(condition);
+ monitor->m_isExecutingCallback = false;
+
+ if (monitor->m_shouldDestroyCallback) {
+ monitor->m_callback = nullptr;
+ monitor->m_shouldDestroyCallback = false;
+ }
+
+ return result;
}
void GSocketMonitor::start(GSocket* socket, GIOCondition condition, RunLoop& runLoop, Function<gboolean(GIOCondition)>&& callback)
@@ -65,7 +76,13 @@ void GSocketMonitor::stop()
m_cancellable = nullptr;
g_source_destroy(m_source.get());
m_source = nullptr;
- m_callback = nullptr;
+
+ // It's normal to stop the socket monitor from inside its callback.
+ // Don't destroy the callback while it's still executing.
+ if (m_isExecutingCallback)
+ m_shouldDestroyCallback = true;
+ else
+ m_callback = nullptr;
}
} // namespace WTF
diff --git a/Source/WTF/wtf/glib/GSocketMonitor.h b/Source/WTF/wtf/glib/GSocketMonitor.h
index 7ec383a6e37c..9393c546b593 100644
--- a/Source/WTF/wtf/glib/GSocketMonitor.h
+++ b/Source/WTF/wtf/glib/GSocketMonitor.h
@@ -51,6 +51,8 @@ private:
GRefPtr<GSource> m_source;
GRefPtr<GCancellable> m_cancellable;
Function<gboolean(GIOCondition)> m_callback;
+ bool m_isExecutingCallback { false };
+ bool m_shouldDestroyCallback { false };
};
} // namespace WTF
--
2.46.1

11
reproducibility.patch Normal file
View File

@ -0,0 +1,11 @@
--- webkitgtk-2.40.0-orig/Source/JavaScriptCore/generator/GeneratedFile.rb 2023-02-20 10:22:05.321689800 +0100
+++ webkitgtk-2.40.0/Source/JavaScriptCore/generator/GeneratedFile.rb 2023-03-28 10:29:49.754813443 +0200
@@ -25,7 +25,7 @@
require 'digest'
$LICENSE = <<-EOF
-Copyright (C) #{Date.today.year} Apple Inc. All rights reserved.
+Copyright (C) 2023 Apple Inc. All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions

47
revert-271175.patch Normal file
View File

@ -0,0 +1,47 @@
From 9140ce712aa87091613874d802787ab476be0e39 Mon Sep 17 00:00:00 2001
From: Michael Catanzaro <mcatanzaro@redhat.com>
Date: Wed, 14 Aug 2024 14:58:05 -0500
Subject: [PATCH] Revert "Cherry-pick 272448.770@safari-7618-branch
(6d311cd7fefc). https://bugs.webkit.org/show_bug.cgi?id=271175"
https://bugs.webkit.org/show_bug.cgi?id=278113
This reverts commit 279c9d7963182cc35cf4e0bfebe87df2d83eaef8.
This broke wasm, and I don't know how to fix it.
Canonical link: https://commits.webkit.org/274313.373@webkitglib/2.44
---
.../stress/many-calls-results-on-stack.js | 39 -------------------
Source/JavaScriptCore/wasm/WasmBBQJIT.cpp | 19 ---------
2 files changed, 58 deletions(-)
delete mode 100644 JSTests/wasm/stress/many-calls-results-on-stack.js
index 9049865e8ce7..3f142cf5e90f 100644
--- a/Source/JavaScriptCore/wasm/WasmBBQJIT.cpp
+++ b/Source/JavaScriptCore/wasm/WasmBBQJIT.cpp
@@ -3958,25 +3958,6 @@ void BBQJIT::returnValuesFromCall(Vector<Value, N>& results, const FunctionSigna
ASSERT(m_validFPRs.contains(returnLocation.asFPR(), Width::Width128));
m_fprSet.add(returnLocation.asFPR(), Width::Width128);
}
- } else {
- ASSERT(returnLocation.isStackArgument());
- // FIXME: Ideally, we would leave these values where they are but a subsequent call could clobber them before they are used.
- // That said, stack results are very rare so this isn't too painful.
- // Even if we did leave them where they are, we'd need to flush them to their canonical location at the next branch otherwise
- // we could have something like (assume no result regs for simplicity):
- // call (result i32 i32) $foo
- // if (result i32) // Stack: i32(StackArgument:8) i32(StackArgument:0)
- // // Stack: i32(StackArgument:8)
- // else
- // call (result i32 i32) $bar // Stack: i32(StackArgument:8) we have to flush the stack argument to make room for the result of bar
- // drop // Stack: i32(Stack:X) i32(StackArgument:8) i32(StackArgument:0)
- // drop // Stack: i32(Stack:X) i32(StackArgument:8)
- // end
- // return // Stack i32(*Conflicting locations*)
-
- Location canonicalLocation = canonicalSlot(result);
- emitMoveMemory(result.type(), returnLocation, canonicalLocation);
- returnLocation = canonicalLocation;
}
}
bind(result, returnLocation);

View File

@ -0,0 +1,165 @@
From b951404ea74ae432312a83138f5c8945a0d09e1b Mon Sep 17 00:00:00 2001
From: Jean-Yves Avenard <jya@apple.com>
Date: Wed, 24 Apr 2024 19:01:06 -0700
Subject: [PATCH] Cherry-pick 272448.960@safari-7618-branch (b7ccdb65258e).
https://bugs.webkit.org/show_bug.cgi?id=273176
Always copy all audio channels to the AudioBus to guarantee data lifetime.
https://bugs.webkit.org/show_bug.cgi?id=273176
rdar://125166710
Reviewed by Chris Dumez.
Following 275262@main, a task is dispatched on the audio render thread.
This task dispatch takes a reference to the source and destination AudioBus
however when a MultiChannelResampler is in use, the source AudioBus may
contain a raw pointer to the resampled's AudioArray and the lifetime of
this object may be shorter than the AudioBus.
In 232182@main, a speed and memory optimisation was added by passed-in buffer
as memory for the first channel in the AudioBus.
We revert this change for now and copy all channels' data to the AudioBus.
Added test.
* LayoutTests/webaudio/crashtest/audioworklet-concurrent-resampler-crash-expected.txt: Added.
* LayoutTests/webaudio/crashtest/audioworklet-concurrent-resampler-crash.html: Added.
* Source/WebCore/platform/audio/MultiChannelResampler.cpp:
(WebCore::MultiChannelResampler::MultiChannelResampler):
(WebCore::MultiChannelResampler::provideInputForChannel):
* Source/WebCore/platform/audio/MultiChannelResampler.h:
Canonical link: https://commits.webkit.org/274313.332@webkitglib/2.44
---
...et-concurrent-resampler-crash-expected.txt | 1 +
...dioworklet-concurrent-resampler-crash.html | 44 +++++++++++++++++++
.../platform/audio/MultiChannelResampler.cpp | 23 ++--------
.../platform/audio/MultiChannelResampler.h | 2 -
4 files changed, 48 insertions(+), 22 deletions(-)
create mode 100644 LayoutTests/webaudio/crashtest/audioworklet-concurrent-resampler-crash-expected.txt
create mode 100644 LayoutTests/webaudio/crashtest/audioworklet-concurrent-resampler-crash.html
diff --git a/LayoutTests/webaudio/crashtest/audioworklet-concurrent-resampler-crash-expected.txt b/LayoutTests/webaudio/crashtest/audioworklet-concurrent-resampler-crash-expected.txt
new file mode 100644
index 000000000000..654ddf7f17ef
--- /dev/null
+++ b/LayoutTests/webaudio/crashtest/audioworklet-concurrent-resampler-crash-expected.txt
@@ -0,0 +1 @@
+This test passes if it does not crash.
diff --git a/LayoutTests/webaudio/crashtest/audioworklet-concurrent-resampler-crash.html b/LayoutTests/webaudio/crashtest/audioworklet-concurrent-resampler-crash.html
new file mode 100644
index 000000000000..b3ab181d4787
--- /dev/null
+++ b/LayoutTests/webaudio/crashtest/audioworklet-concurrent-resampler-crash.html
@@ -0,0 +1,44 @@
+<html>
+<head>
+ <script>
+ let worklet_source = `
+ class Processor extends AudioWorkletProcessor {
+ process(inputs, outputs, parameters) {
+ return true;
+ }
+ }
+ registerProcessor('P2', Processor);
+ `;
+
+ let blob = new Blob([worklet_source], { type: 'application/javascript' });
+ let worklet = URL.createObjectURL(blob);
+
+ var ctx = new AudioContext({ sampleRate: 44100});
+ const dest = ctx.destination;
+ dest.channelCountMode = "max";
+
+ async function main() {
+ await ctx.audioWorklet.addModule(worklet);
+ var script_processor = ctx.createScriptProcessor();
+ script_processor.onaudioprocess = function() {
+ dest.channelCount = 1;
+ audio_worklet.disconnect();
+ if (window.testRunner)
+ testRunner.notifyDone();
+ }
+ var audio_worklet = new AudioWorkletNode(ctx, "P2");
+ script_processor.connect(audio_worklet);
+ audio_worklet.connect(dest);
+ }
+ </script>
+</head>
+<body onload="main()">
+ <p>This test passes if it does not crash.</p>
+ <script>
+ if (window.testRunner) {
+ testRunner.waitUntilDone();
+ testRunner.dumpAsText();
+ }
+ </script>
+</body>
+</html>
diff --git a/Source/WebCore/platform/audio/MultiChannelResampler.cpp b/Source/WebCore/platform/audio/MultiChannelResampler.cpp
index e5a0cfc10caa..c44df274cbbc 100644
--- a/Source/WebCore/platform/audio/MultiChannelResampler.cpp
+++ b/Source/WebCore/platform/audio/MultiChannelResampler.cpp
@@ -42,19 +42,8 @@ namespace WebCore {
MultiChannelResampler::MultiChannelResampler(double scaleFactor, unsigned numberOfChannels, unsigned requestFrames, Function<void(AudioBus*, size_t framesToProcess)>&& provideInput)
: m_numberOfChannels(numberOfChannels)
, m_provideInput(WTFMove(provideInput))
- , m_multiChannelBus(AudioBus::create(numberOfChannels, requestFrames, false))
+ , m_multiChannelBus(AudioBus::create(numberOfChannels, requestFrames))
{
- // As an optimization, we will use the buffer passed to provideInputForChannel() as channel memory for the first channel so we
- // only need to allocate memory if there is more than one channel.
- if (numberOfChannels > 1) {
- m_channelsMemory = Vector<std::unique_ptr<AudioFloatArray>>(numberOfChannels - 1, [&](size_t i) {
- size_t channelIndex = i + 1;
- auto floatArray = makeUnique<AudioFloatArray>(requestFrames);
- m_multiChannelBus->setChannelMemory(channelIndex, floatArray->data(), requestFrames);
- return floatArray;
- });
- }
-
// Create each channel's resampler.
m_kernels = Vector<std::unique_ptr<SincResampler>>(numberOfChannels, [&](size_t channelIndex) {
return makeUnique<SincResampler>(scaleFactor, requestFrames, std::bind(&MultiChannelResampler::provideInputForChannel, this, std::placeholders::_1, std::placeholders::_2, channelIndex));
@@ -93,16 +82,10 @@ void MultiChannelResampler::process(AudioBus* destination, size_t framesToProces
void MultiChannelResampler::provideInputForChannel(std::span<float> buffer, size_t framesToProcess, unsigned channelIndex)
{
ASSERT(channelIndex < m_multiChannelBus->numberOfChannels());
- ASSERT(framesToProcess == m_multiChannelBus->length());
+ ASSERT(framesToProcess <= m_multiChannelBus->length());
- if (!channelIndex) {
- // As an optimization, we use the provided buffer as memory for the first channel in the AudioBus. This avoids
- // having to memcpy() for the first channel.
- RELEASE_ASSERT(framesToProcess <= buffer.size());
- m_multiChannelBus->setChannelMemory(0, buffer.data(), framesToProcess);
+ if (!channelIndex)
m_provideInput(m_multiChannelBus.get(), framesToProcess);
- return;
- }
// Copy the channel data from what we received from m_multiChannelProvider.
memcpySpan(buffer.subspan(0, framesToProcess), m_multiChannelBus->channel(channelIndex)->span().subspan(0, framesToProcess));
diff --git a/Source/WebCore/platform/audio/MultiChannelResampler.h b/Source/WebCore/platform/audio/MultiChannelResampler.h
index 25d43100b71f..214ee06567ac 100644
--- a/Source/WebCore/platform/audio/MultiChannelResampler.h
+++ b/Source/WebCore/platform/audio/MultiChannelResampler.h
@@ -29,7 +29,6 @@
#ifndef MultiChannelResampler_h
#define MultiChannelResampler_h
-#include "AudioArray.h"
#include <memory>
#include <wtf/Function.h>
#include <wtf/Vector.h>
@@ -62,7 +61,6 @@ private:
size_t m_outputFramesReady { 0 };
Function<void(AudioBus*, size_t framesToProcess)> m_provideInput;
RefPtr<AudioBus> m_multiChannelBus;
- Vector<std::unique_ptr<AudioFloatArray>> m_channelsMemory;
};
} // namespace WebCore
--
2.45.2

View File

@ -0,0 +1,88 @@
From 2fe5ae29a5f6434ef456afe9673a4f400ec63848 Mon Sep 17 00:00:00 2001
From: Jean-Yves Avenard <jya@apple.com>
Date: Fri, 14 Jun 2024 16:08:19 -0700
Subject: [PATCH] Cherry-pick 272448.1085@safari-7618.3.10-branch
(ff52ff7cb64e). https://bugs.webkit.org/show_bug.cgi?id=275431
HeapBufferOverflow in computeSampleUsingLinearInterpolation
https://bugs.webkit.org/show_bug.cgi?id=275431
rdar://125617812
Reviewed by Youenn Fablet.
Add boundary check.
This is a copy of blink code for that same function.
https://source.chromium.org/chromium/chromium/src/+/main:third_party/blink/renderer/modules/webaudio/audio_buffer_source_handler.cc;l=336-341
* LayoutTests/webaudio/crashtest/audiobuffer-sourcenode-resampler-crash-expected.txt: Added.
* LayoutTests/webaudio/crashtest/audiobuffer-sourcenode-resampler-crash.html: Added.
* Source/WebCore/Modules/webaudio/AudioBufferSourceNode.cpp:
(WebCore::AudioBufferSourceNode::renderFromBuffer):
Canonical link: https://commits.webkit.org/274313.347@webkitglib/2.44
---
...er-sourcenode-resampler-crash-expected.txt | 1 +
...udiobuffer-sourcenode-resampler-crash.html | 25 +++++++++++++++++++
.../webaudio/AudioBufferSourceNode.cpp | 6 +++++
3 files changed, 32 insertions(+)
create mode 100644 LayoutTests/webaudio/crashtest/audiobuffer-sourcenode-resampler-crash-expected.txt
create mode 100644 LayoutTests/webaudio/crashtest/audiobuffer-sourcenode-resampler-crash.html
diff --git a/LayoutTests/webaudio/crashtest/audiobuffer-sourcenode-resampler-crash-expected.txt b/LayoutTests/webaudio/crashtest/audiobuffer-sourcenode-resampler-crash-expected.txt
new file mode 100644
index 000000000000..654ddf7f17ef
--- /dev/null
+++ b/LayoutTests/webaudio/crashtest/audiobuffer-sourcenode-resampler-crash-expected.txt
@@ -0,0 +1 @@
+This test passes if it does not crash.
diff --git a/LayoutTests/webaudio/crashtest/audiobuffer-sourcenode-resampler-crash.html b/LayoutTests/webaudio/crashtest/audiobuffer-sourcenode-resampler-crash.html
new file mode 100644
index 000000000000..5fb2dd8c8a5f
--- /dev/null
+++ b/LayoutTests/webaudio/crashtest/audiobuffer-sourcenode-resampler-crash.html
@@ -0,0 +1,25 @@
+<html>
+<head>
+ <script>
+ async function main() {
+ var ctx = new AudioContext();
+ var src = new AudioBufferSourceNode(ctx);
+ src.buffer = ctx.createBuffer(1, 8192, 44100);
+ src.start(undefined, 0.5);
+ src.playbackRate.value = -1;
+ src.connect(ctx.destination, 0, 0);
+ if (window.testRunner)
+ testRunner.notifyDone();
+ }
+ </script>
+</head>
+<body onload="main()">
+ <p>This test passes if it does not crash.</p>
+ <script>
+ if (window.testRunner) {
+ testRunner.waitUntilDone();
+ testRunner.dumpAsText();
+ }
+ </script>
+</body>
+</html>
diff --git a/Source/WebCore/Modules/webaudio/AudioBufferSourceNode.cpp b/Source/WebCore/Modules/webaudio/AudioBufferSourceNode.cpp
index 298bd48cdff5..740b793e0ec5 100644
--- a/Source/WebCore/Modules/webaudio/AudioBufferSourceNode.cpp
+++ b/Source/WebCore/Modules/webaudio/AudioBufferSourceNode.cpp
@@ -350,6 +350,12 @@ bool AudioBufferSourceNode::renderFromBuffer(AudioBus* bus, unsigned destination
if (readIndex2 >= maxFrame)
readIndex2 = m_isLooping ? minFrame : readIndex;
+ // Final sanity check on buffer access.
+ // FIXME: as an optimization, try to get rid of this inner-loop check and
+ // put assertions and guards before the loop.
+ if (readIndex >= bufferLength || readIndex2 >= bufferLength)
+ break;
+
// Linear interpolation.
for (unsigned i = 0; i < numberOfChannels; ++i) {
float* destination = destinationChannels[i];
--
2.45.2

View File

@ -0,0 +1,102 @@
From e83e4c7460972898dc06a5f5ab36eed7c6b101b5 Mon Sep 17 00:00:00 2001
From: Jer Noble <jer.noble@apple.com>
Date: Tue, 11 Jun 2024 11:54:06 -0700
Subject: [PATCH] Cherry-pick 272448.1080@safari-7618.3.10-branch
(64c9479d6f29). https://bugs.webkit.org/show_bug.cgi?id=275273
Add check in AudioBufferSourceNode::renderFromBuffer() when detune is set to large negative value
https://bugs.webkit.org/show_bug.cgi?id=275273
rdar://125617842
Reviewed by Eric Carlson.
* LayoutTests/webaudio/audiobuffersourcenode-detune-crash-expected.txt: Added.
* LayoutTests/webaudio/audiobuffersourcenode-detune-crash.html: Added.
* Source/WebCore/Modules/webaudio/AudioBufferSourceNode.cpp:
(WebCore::AudioBufferSourceNode::renderFromBuffer):
Canonical link: https://commits.webkit.org/274313.345@webkitglib/2.44
---
...buffersourcenode-detune-crash-expected.txt | 10 +++++++
.../audiobuffersourcenode-detune-crash.html | 30 +++++++++++++++++++
.../webaudio/AudioBufferSourceNode.cpp | 7 +++++
3 files changed, 47 insertions(+)
create mode 100644 LayoutTests/webaudio/audiobuffersourcenode-detune-crash-expected.txt
create mode 100644 LayoutTests/webaudio/audiobuffersourcenode-detune-crash.html
diff --git a/LayoutTests/webaudio/audiobuffersourcenode-detune-crash-expected.txt b/LayoutTests/webaudio/audiobuffersourcenode-detune-crash-expected.txt
new file mode 100644
index 000000000000..914ba0b133c4
--- /dev/null
+++ b/LayoutTests/webaudio/audiobuffersourcenode-detune-crash-expected.txt
@@ -0,0 +1,10 @@
+Attempting to create a AudioBufferSourceNode with a large negative detune value should not crash.
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+PASS Test passed because it did not crash.
+PASS successfullyParsed is true
+
+TEST COMPLETE
+
diff --git a/LayoutTests/webaudio/audiobuffersourcenode-detune-crash.html b/LayoutTests/webaudio/audiobuffersourcenode-detune-crash.html
new file mode 100644
index 000000000000..e8af579db9d2
--- /dev/null
+++ b/LayoutTests/webaudio/audiobuffersourcenode-detune-crash.html
@@ -0,0 +1,30 @@
+<!DOCTYPE html>
+<html>
+ <head>
+ <script src="../resources/js-test-pre.js"></script>
+ <script src="resources/audio-testing.js"></script>
+ </head>
+ <body>
+ <script>
+ description("Attempting to create a AudioBufferSourceNode with a large negative detune value should not crash.");
+
+ jsTestIsAsync = true;
+
+ var context = new AudioContext();
+ var src = context.createBufferSource();
+ var buffer = context.createBuffer(1, 256, 44100);
+ src.buffer = buffer;
+ src.start(undefined, 1);
+ src.connect(context.listener.positionX, 0);
+ var panner = context.createPanner();
+ src.detune.value = -0xffffff;
+ panner.connect(context.destination);
+ setTimeout(() => {
+ testPassed("Test passed because it did not crash.");
+ finishJSTest();
+ }, 100);
+ </script>
+
+ <script src="../resources/js-test-post.js"></script>
+ </body>
+</html>
diff --git a/Source/WebCore/Modules/webaudio/AudioBufferSourceNode.cpp b/Source/WebCore/Modules/webaudio/AudioBufferSourceNode.cpp
index f86bffb9b507..298bd48cdff5 100644
--- a/Source/WebCore/Modules/webaudio/AudioBufferSourceNode.cpp
+++ b/Source/WebCore/Modules/webaudio/AudioBufferSourceNode.cpp
@@ -328,9 +328,16 @@ bool AudioBufferSourceNode::renderFromBuffer(AudioBus* bus, unsigned destination
virtualReadIndex = readIndex;
} else if (!pitchRate) {
unsigned readIndex = static_cast<unsigned>(virtualReadIndex);
+ int deltaFrames = static_cast<int>(virtualDeltaFrames);
+ maxFrame = static_cast<unsigned>(virtualMaxFrame);
+
+ if (readIndex >= maxFrame)
+ readIndex -= deltaFrames;
for (unsigned i = 0; i < numberOfChannels; ++i)
std::fill_n(destinationChannels[i] + writeIndex, framesToProcess, sourceChannels[i][readIndex]);
+
+ virtualReadIndex = readIndex;
} else if (reverse) {
unsigned maxFrame = static_cast<unsigned>(virtualMaxFrame);
unsigned minFrame = static_cast<unsigned>(floorf(virtualMinFrame));
--
2.45.2

View File

@ -0,0 +1,84 @@
From 617f1c4c9c7f1525abc47967d4c7734fed3ff525 Mon Sep 17 00:00:00 2001
From: Antti Koivisto <antti@apple.com>
Date: Mon, 20 May 2024 11:36:34 -0700
Subject: [PATCH] Cherry-pick 279005@main (c2f9092d3a8e).
https://bugs.webkit.org/show_bug.cgi?id=268770
Nullptr crash due to `display:block ruby` and continuations
https://bugs.webkit.org/show_bug.cgi?id=268770
rdar://121960530
Reviewed by Alan Baradlay.
Continuations may end up splitting anonymous 'display:ruby' box inside block ruby.
* LayoutTests/fast/ruby/ruby-block-continuation-crash-expected.txt: Added.
* LayoutTests/fast/ruby/ruby-block-continuation-crash.html: Added.
* Source/WebCore/rendering/updating/RenderTreeBuilderRuby.cpp:
(WebCore::RenderTreeBuilder::Ruby::findOrCreateParentForStyleBasedRubyChild):
Find the correct anonymous box from nested continuation structure.
Canonical link: https://commits.webkit.org/279005@main
Canonical link: https://commits.webkit.org/274313.286@webkitglib/2.44
---
.../ruby/ruby-block-continuation-crash-expected.txt | 3 +++
.../fast/ruby/ruby-block-continuation-crash.html | 9 +++++++++
.../rendering/updating/RenderTreeBuilderRuby.cpp | 13 ++++++++++---
3 files changed, 22 insertions(+), 3 deletions(-)
create mode 100644 LayoutTests/fast/ruby/ruby-block-continuation-crash-expected.txt
create mode 100644 LayoutTests/fast/ruby/ruby-block-continuation-crash.html
diff --git a/LayoutTests/fast/ruby/ruby-block-continuation-crash-expected.txt b/LayoutTests/fast/ruby/ruby-block-continuation-crash-expected.txt
new file mode 100644
index 000000000000..f85a15505104
--- /dev/null
+++ b/LayoutTests/fast/ruby/ruby-block-continuation-crash-expected.txt
@@ -0,0 +1,3 @@
+base with
+forced
+line break annotation This test passes if it doesn't crash.
diff --git a/LayoutTests/fast/ruby/ruby-block-continuation-crash.html b/LayoutTests/fast/ruby/ruby-block-continuation-crash.html
new file mode 100644
index 000000000000..3f762d4236ea
--- /dev/null
+++ b/LayoutTests/fast/ruby/ruby-block-continuation-crash.html
@@ -0,0 +1,9 @@
+<script>
+if (window.testRunner)
+ testRunner.dumpAsText();
+</script>
+<ruby style="position: absolute">
+ <rb><span>base with <div>forced</div> line break</span></rb>
+ <rt>annotation</rt>
+</ruby>
+This test passes if it doesn't crash.
diff --git a/Source/WebCore/rendering/updating/RenderTreeBuilderRuby.cpp b/Source/WebCore/rendering/updating/RenderTreeBuilderRuby.cpp
index 62d8b6803323..9f7634612822 100644
--- a/Source/WebCore/rendering/updating/RenderTreeBuilderRuby.cpp
+++ b/Source/WebCore/rendering/updating/RenderTreeBuilderRuby.cpp
@@ -271,10 +271,17 @@ RenderElement& RenderTreeBuilder::Ruby::findOrCreateParentForStyleBasedRubyChild
if (!child.isRenderText() && child.style().display() == DisplayType::Ruby && parent.style().display() == DisplayType::RubyBlock)
return parent;
- if (parent.style().display() == DisplayType::RubyBlock && parent.firstChild()) {
+ if (parent.style().display() == DisplayType::RubyBlock) {
// See if we have an anonymous ruby box already.
- ASSERT(parent.firstChild()->style().display() == DisplayType::Ruby);
- return downcast<RenderElement>(*parent.firstChild());
+ // FIXME: It should be the immediate child but continuations can break this assumption.
+ for (CheckedPtr first = parent.firstChild(); first; first = first->firstChildSlow()) {
+ if (!first->isAnonymous()) {
+ ASSERT_NOT_REACHED();
+ break;
+ }
+ if (first->style().display() == DisplayType::Ruby)
+ return downcast<RenderElement>(*first);
+ }
}
if (parent.style().display() != DisplayType::Ruby) {
--
2.45.2

View File

@ -0,0 +1,60 @@
From 53e7f27d262249310bd6b7ad452e7df334c92b7d Mon Sep 17 00:00:00 2001
From: Daniel Liu <danlliu@umich.edu>
Date: Wed, 13 Nov 2024 12:27:15 -0800
Subject: [PATCH] Cherry-pick ded4d02c0a93.
https://bugs.webkit.org/show_bug.cgi?id=283063
Don't allocate DFG register after a slow path
https://bugs.webkit.org/show_bug.cgi?id=283063
rdar://139747120
Reviewed by Yusuke Suzuki.
Allocating a DFG register after a slow path means that if the slow path
is taken, we end up with an incorrect global state.
* Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compilePutByValForIntTypedArray):
Canonical link: https://commits.webkit.org/282416.295@webkitglib/2.46
---
Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp | 16 ++++++++--------
1 file changed, 8 insertions(+), 8 deletions(-)
diff --git a/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp b/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp
index 356d52b21a12..d041b63e8ba9 100644
--- a/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp
+++ b/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp
@@ -3528,6 +3528,14 @@ void SpeculativeJIT::compilePutByValForIntTypedArray(Node* node, TypedArrayType
}
}
+ GPRReg scratch2GPR = InvalidGPRReg;
+#if USE(JSVALUE64)
+ if (node->arrayMode().mayBeResizableOrGrowableSharedTypedArray()) {
+ scratch2.emplace(this);
+ scratch2GPR = scratch2->gpr();
+ }
+#endif
+
bool result = getIntTypedArrayStoreOperand(
value, propertyReg,
#if USE(JSVALUE32_64)
@@ -3539,14 +3547,6 @@ void SpeculativeJIT::compilePutByValForIntTypedArray(Node* node, TypedArrayType
return;
}
- GPRReg scratch2GPR = InvalidGPRReg;
-#if USE(JSVALUE64)
- if (node->arrayMode().mayBeResizableOrGrowableSharedTypedArray()) {
- scratch2.emplace(this);
- scratch2GPR = scratch2->gpr();
- }
-#endif
-
GPRReg valueGPR = value.gpr();
GPRReg scratchGPR = scratch.gpr();
#if USE(JSVALUE32_64)
--
2.47.0

View File

@ -0,0 +1,321 @@
From c52da7c313795d61665253f23c9f298005549c73 Mon Sep 17 00:00:00 2001
From: Charlie Wolfe <charliew@apple.com>
Date: Thu, 14 Nov 2024 13:56:35 -0800
Subject: [PATCH] Cherry-pick 60c387845715.
https://bugs.webkit.org/show_bug.cgi?id=282197
Cherry-pick 2815b4e29829. rdar://139893250
Data Isolation bypass via attacker controlled firstPartyForCookies
https://bugs.webkit.org/show_bug.cgi?id=283095
rdar://139818629
Reviewed by Matthew Finkel and Alex Christensen.
`NetworkProcess::allowsFirstPartyForCookies` unconditionally allows cookie access for about:blank or
empty firstPartyForCookies URLs. We tried to remove this in rdar://105733798 and rdar://107270673, but
we needed to revert both because there were rare and subtle bugs where certain requests would incorrectly
have about:blank set as their firstPartyForCookies, causing us to kill the WCP.
This patch is a lower risk change that removes the unconditional cookie access for requests that have an
empty firstPartyForCookies, but will not kill the WCP that is incorrectly sending an empty
firstPartyForCookies.
* Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.cpp:
(WebKit::NetworkConnectionToWebProcess::createSocketChannel):
(WebKit::NetworkConnectionToWebProcess::scheduleResourceLoad):
(WebKit::NetworkConnectionToWebProcess::cookiesForDOM):
(WebKit::NetworkConnectionToWebProcess::setCookiesFromDOM):
(WebKit::NetworkConnectionToWebProcess::cookiesEnabled):
(WebKit::NetworkConnectionToWebProcess::cookieRequestHeaderFieldValue):
(WebKit::NetworkConnectionToWebProcess::getRawCookies):
(WebKit::NetworkConnectionToWebProcess::cookiesForDOMAsync):
(WebKit::NetworkConnectionToWebProcess::setCookieFromDOMAsync):
(WebKit::NetworkConnectionToWebProcess::domCookiesForHost):
(WebKit::NetworkConnectionToWebProcess::establishSWContextConnection):
* Source/WebKit/NetworkProcess/NetworkProcess.cpp:
(WebKit::NetworkProcess::allowsFirstPartyForCookies):
* Source/WebKit/NetworkProcess/NetworkProcess.h:
* Source/WebKit/NetworkProcess/NetworkSession.cpp:
(WebKit::NetworkSession::addAllowedFirstPartyForCookies):
* Source/WebKit/NetworkProcess/ServiceWorker/WebSWServerConnection.cpp:
(WebKit::WebSWServerConnection::scheduleJobInServer):
* Source/WebKit/NetworkProcess/SharedWorker/WebSharedWorkerServerConnection.cpp:
(WebKit::WebSharedWorkerServerConnection::requestSharedWorker):
* Tools/TestWebKitAPI/Tests/WebKitCocoa/IPCTestingAPI.mm:
(EmptyFirstPartyForCookiesCookieRequestHeaderFieldValue)):
Canonical link: https://commits.webkit.org/283286.477@safari-7620-branch
Canonical link: https://commits.webkit.org/282416.294@webkitglib/2.46
---
.../NetworkConnectionToWebProcess.cpp | 51 ++++++++++++++-----
.../WebKit/NetworkProcess/NetworkProcess.cpp | 37 +++++++-------
Source/WebKit/NetworkProcess/NetworkProcess.h | 5 +-
.../WebKit/NetworkProcess/NetworkSession.cpp | 2 +-
.../ServiceWorker/WebSWServerConnection.cpp | 2 +-
.../WebSharedWorkerServerConnection.cpp | 2 +-
.../Tests/WebKitCocoa/IPCTestingAPI.mm | 33 ++++++++++++
7 files changed, 96 insertions(+), 36 deletions(-)
diff --git a/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.cpp b/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.cpp
index a0ad3c628ec3..c13a96f0e796 100644
--- a/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.cpp
+++ b/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.cpp
@@ -502,7 +502,7 @@ void NetworkConnectionToWebProcess::didReceiveInvalidMessage(IPC::Connection&, I
void NetworkConnectionToWebProcess::createSocketChannel(const ResourceRequest& request, const String& protocol, WebSocketIdentifier identifier, WebPageProxyIdentifier webPageProxyID, std::optional<FrameIdentifier> frameID, std::optional<PageIdentifier> pageID, const ClientOrigin& clientOrigin, bool hadMainFrameMainResourcePrivateRelayed, bool allowPrivacyProxy, OptionSet<AdvancedPrivacyProtections> advancedPrivacyProtections, ShouldRelaxThirdPartyCookieBlocking shouldRelaxThirdPartyCookieBlocking, WebCore::StoredCredentialsPolicy storedCredentialsPolicy)
{
- MESSAGE_CHECK(m_networkProcess->allowsFirstPartyForCookies(m_webProcessIdentifier, request.firstPartyForCookies()));
+ MESSAGE_CHECK(m_networkProcess->allowsFirstPartyForCookies(m_webProcessIdentifier, request.firstPartyForCookies()) != NetworkProcess::AllowCookieAccess::Terminate);
ASSERT(!m_networkSocketChannels.contains(identifier));
if (auto channel = NetworkSocketChannel::create(*this, m_sessionID, request, protocol, identifier, webPageProxyID, frameID, pageID, clientOrigin, hadMainFrameMainResourcePrivateRelayed, allowPrivacyProxy, advancedPrivacyProtections, shouldRelaxThirdPartyCookieBlocking, storedCredentialsPolicy))
@@ -552,11 +552,11 @@ RefPtr<ServiceWorkerFetchTask> NetworkConnectionToWebProcess::createFetchTask(Ne
void NetworkConnectionToWebProcess::scheduleResourceLoad(NetworkResourceLoadParameters&& loadParameters, std::optional<NetworkResourceLoadIdentifier> existingLoaderToResume)
{
- bool hasCookieAccess = m_networkProcess->allowsFirstPartyForCookies(m_webProcessIdentifier, loadParameters.request.firstPartyForCookies());
- if (UNLIKELY(!hasCookieAccess))
+ auto allowCookieAccess = m_networkProcess->allowsFirstPartyForCookies(m_webProcessIdentifier, loadParameters.request.firstPartyForCookies());
+ if (UNLIKELY(allowCookieAccess != NetworkProcess::AllowCookieAccess::Allow))
RELEASE_LOG_ERROR(Loading, "scheduleResourceLoad: Web process does not have cookie access to url %" SENSITIVE_LOG_STRING " for request %" SENSITIVE_LOG_STRING, loadParameters.request.firstPartyForCookies().string().utf8().data(), loadParameters.request.url().string().utf8().data());
- MESSAGE_CHECK(hasCookieAccess);
+ MESSAGE_CHECK(allowCookieAccess != NetworkProcess::AllowCookieAccess::Terminate);
CONNECTION_RELEASE_LOG(Loading, "scheduleResourceLoad: (parentPID=%d, pageProxyID=%" PRIu64 ", webPageID=%" PRIu64 ", frameID=%" PRIu64 ", resourceID=%" PRIu64 ", existingLoaderToResume=%" PRIu64 ")", loadParameters.parentPID, loadParameters.webPageProxyID.toUInt64(), loadParameters.webPageID.toUInt64(), loadParameters.webFrameID.object().toUInt64(), loadParameters.identifier.toUInt64(), valueOrDefault(existingLoaderToResume).toUInt64());
@@ -785,7 +785,10 @@ void NetworkConnectionToWebProcess::registerURLSchemesAsCORSEnabled(Vector<Strin
void NetworkConnectionToWebProcess::cookiesForDOM(const URL& firstParty, const SameSiteInfo& sameSiteInfo, const URL& url, FrameIdentifier frameID, PageIdentifier pageID, IncludeSecureCookies includeSecureCookies, ApplyTrackingPrevention applyTrackingPrevention, ShouldRelaxThirdPartyCookieBlocking shouldRelaxThirdPartyCookieBlocking, CompletionHandler<void(String cookieString, bool secureCookiesAccessed)>&& completionHandler)
{
- MESSAGE_CHECK_COMPLETION(m_networkProcess->allowsFirstPartyForCookies(m_webProcessIdentifier, firstParty), completionHandler({ }, false));
+ auto allowCookieAccess = m_networkProcess->allowsFirstPartyForCookies(m_webProcessIdentifier, firstParty);
+ MESSAGE_CHECK_COMPLETION(allowCookieAccess != NetworkProcess::AllowCookieAccess::Terminate, completionHandler({ }, false));
+ if (allowCookieAccess != NetworkProcess::AllowCookieAccess::Allow)
+ return completionHandler({ }, false);
auto* networkStorageSession = storageSession();
if (!networkStorageSession)
@@ -802,7 +805,10 @@ void NetworkConnectionToWebProcess::cookiesForDOM(const URL& firstParty, const S
void NetworkConnectionToWebProcess::setCookiesFromDOM(const URL& firstParty, const SameSiteInfo& sameSiteInfo, const URL& url, WebCore::FrameIdentifier frameID, PageIdentifier pageID, ApplyTrackingPrevention applyTrackingPrevention, const String& cookieString, ShouldRelaxThirdPartyCookieBlocking shouldRelaxThirdPartyCookieBlocking)
{
- MESSAGE_CHECK(m_networkProcess->allowsFirstPartyForCookies(m_webProcessIdentifier, firstParty));
+ auto allowCookieAccess = m_networkProcess->allowsFirstPartyForCookies(m_webProcessIdentifier, firstParty);
+ MESSAGE_CHECK(allowCookieAccess != NetworkProcess::AllowCookieAccess::Terminate);
+ if (allowCookieAccess != NetworkProcess::AllowCookieAccess::Allow)
+ return;
auto* networkStorageSession = storageSession();
if (!networkStorageSession)
@@ -823,7 +829,10 @@ void NetworkConnectionToWebProcess::cookiesEnabledSync(const URL& firstParty, co
void NetworkConnectionToWebProcess::cookiesEnabled(const URL& firstParty, const URL& url, std::optional<FrameIdentifier> frameID, std::optional<PageIdentifier> pageID, ShouldRelaxThirdPartyCookieBlocking shouldRelaxThirdPartyCookieBlocking, CompletionHandler<void(bool)>&& completionHandler)
{
- MESSAGE_CHECK_COMPLETION(m_networkProcess->allowsFirstPartyForCookies(m_webProcessIdentifier, firstParty), completionHandler(false));
+ auto allowCookieAccess = m_networkProcess->allowsFirstPartyForCookies(m_webProcessIdentifier, firstParty);
+ MESSAGE_CHECK_COMPLETION(allowCookieAccess != NetworkProcess::AllowCookieAccess::Terminate, completionHandler(false));
+ if (allowCookieAccess != NetworkProcess::AllowCookieAccess::Allow)
+ return completionHandler(false);
auto* networkStorageSession = storageSession();
if (!networkStorageSession) {
@@ -837,7 +846,10 @@ void NetworkConnectionToWebProcess::cookiesEnabled(const URL& firstParty, const
void NetworkConnectionToWebProcess::cookieRequestHeaderFieldValue(const URL& firstParty, const SameSiteInfo& sameSiteInfo, const URL& url, std::optional<FrameIdentifier> frameID, std::optional<PageIdentifier> pageID, IncludeSecureCookies includeSecureCookies, ApplyTrackingPrevention applyTrackingPrevention, ShouldRelaxThirdPartyCookieBlocking shouldRelaxThirdPartyCookieBlocking, CompletionHandler<void(String, bool)>&& completionHandler)
{
- MESSAGE_CHECK_COMPLETION(m_networkProcess->allowsFirstPartyForCookies(m_webProcessIdentifier, firstParty), completionHandler({ }, false));
+ auto allowCookieAccess = m_networkProcess->allowsFirstPartyForCookies(m_webProcessIdentifier, firstParty);
+ MESSAGE_CHECK_COMPLETION(allowCookieAccess != NetworkProcess::AllowCookieAccess::Terminate, completionHandler({ }, false));
+ if (allowCookieAccess != NetworkProcess::AllowCookieAccess::Allow)
+ return completionHandler({ }, false);
auto* networkStorageSession = storageSession();
if (!networkStorageSession)
@@ -848,7 +860,10 @@ void NetworkConnectionToWebProcess::cookieRequestHeaderFieldValue(const URL& fir
void NetworkConnectionToWebProcess::getRawCookies(const URL& firstParty, const SameSiteInfo& sameSiteInfo, const URL& url, std::optional<FrameIdentifier> frameID, std::optional<PageIdentifier> pageID, ApplyTrackingPrevention applyTrackingPrevention, ShouldRelaxThirdPartyCookieBlocking shouldRelaxThirdPartyCookieBlocking, CompletionHandler<void(Vector<WebCore::Cookie>&&)>&& completionHandler)
{
- MESSAGE_CHECK_COMPLETION(m_networkProcess->allowsFirstPartyForCookies(m_webProcessIdentifier, firstParty), completionHandler({ }));
+ auto allowCookieAccess = m_networkProcess->allowsFirstPartyForCookies(m_webProcessIdentifier, firstParty);
+ MESSAGE_CHECK_COMPLETION(allowCookieAccess != NetworkProcess::AllowCookieAccess::Terminate, completionHandler({ }));
+ if (allowCookieAccess != NetworkProcess::AllowCookieAccess::Allow)
+ return completionHandler({ });
auto* networkStorageSession = storageSession();
if (!networkStorageSession)
@@ -877,7 +892,10 @@ void NetworkConnectionToWebProcess::deleteCookie(const URL& url, const String& c
void NetworkConnectionToWebProcess::cookiesForDOMAsync(const URL& firstParty, const SameSiteInfo& sameSiteInfo, const URL& url, std::optional<WebCore::FrameIdentifier> frameID, std::optional<WebCore::PageIdentifier> pageID, IncludeSecureCookies includeSecureCookies, ApplyTrackingPrevention applyTrackingPrevention, ShouldRelaxThirdPartyCookieBlocking shouldRelaxThirdPartyCookieBlocking, WebCore::CookieStoreGetOptions&& options, CompletionHandler<void(std::optional<Vector<WebCore::Cookie>>&&)>&& completionHandler)
{
- MESSAGE_CHECK_COMPLETION(m_networkProcess->allowsFirstPartyForCookies(m_webProcessIdentifier, firstParty), completionHandler(std::nullopt));
+ auto allowCookieAccess = m_networkProcess->allowsFirstPartyForCookies(m_webProcessIdentifier, firstParty);
+ MESSAGE_CHECK_COMPLETION(allowCookieAccess != NetworkProcess::AllowCookieAccess::Terminate, completionHandler(std::nullopt));
+ if (allowCookieAccess != NetworkProcess::AllowCookieAccess::Allow)
+ return completionHandler(std::nullopt);
auto* networkStorageSession = storageSession();
if (!networkStorageSession)
@@ -894,7 +912,10 @@ void NetworkConnectionToWebProcess::cookiesForDOMAsync(const URL& firstParty, co
void NetworkConnectionToWebProcess::setCookieFromDOMAsync(const URL& firstParty, const SameSiteInfo& sameSiteInfo, const URL& url, std::optional<WebCore::FrameIdentifier> frameID, std::optional<WebCore::PageIdentifier> pageID, ApplyTrackingPrevention applyTrackingPrevention, WebCore::Cookie&& cookie, ShouldRelaxThirdPartyCookieBlocking shouldRelaxThirdPartyCookieBlocking, CompletionHandler<void(bool)>&& completionHandler)
{
- MESSAGE_CHECK(m_networkProcess->allowsFirstPartyForCookies(m_webProcessIdentifier, firstParty));
+ auto allowCookieAccess = m_networkProcess->allowsFirstPartyForCookies(m_webProcessIdentifier, firstParty);
+ MESSAGE_CHECK_COMPLETION(allowCookieAccess != NetworkProcess::AllowCookieAccess::Terminate, completionHandler(false));
+ if (allowCookieAccess != NetworkProcess::AllowCookieAccess::Allow)
+ return completionHandler(false);
auto* networkStorageSession = storageSession();
if (!networkStorageSession)
@@ -914,7 +935,10 @@ void NetworkConnectionToWebProcess::domCookiesForHost(const URL& url, Completion
{
auto host = url.host().toString();
MESSAGE_CHECK_COMPLETION(HashSet<String>::isValidValue(host), completionHandler({ }));
- MESSAGE_CHECK_COMPLETION(m_networkProcess->allowsFirstPartyForCookies(m_webProcessIdentifier, url), completionHandler({ }));
+ auto allowCookieAccess = m_networkProcess->allowsFirstPartyForCookies(m_webProcessIdentifier, url);
+ MESSAGE_CHECK_COMPLETION(allowCookieAccess != NetworkProcess::AllowCookieAccess::Terminate, completionHandler({ }));
+ if (allowCookieAccess != NetworkProcess::AllowCookieAccess::Allow)
+ return completionHandler({ });
auto* networkStorageSession = storageSession();
if (!networkStorageSession)
@@ -1423,7 +1447,8 @@ void NetworkConnectionToWebProcess::establishSWContextConnection(WebPageProxyIde
{
auto* session = networkSession();
if (auto* swServer = session ? session->swServer() : nullptr) {
- MESSAGE_CHECK(session->networkProcess().allowsFirstPartyForCookies(webProcessIdentifier(), registrableDomain));
+ auto allowCookieAccess = session->networkProcess().allowsFirstPartyForCookies(webProcessIdentifier(), registrableDomain);
+ MESSAGE_CHECK(allowCookieAccess != NetworkProcess::AllowCookieAccess::Terminate);
m_swContextConnection = makeUnique<WebSWServerToContextConnection>(*this, webPageProxyID, WTFMove(registrableDomain), serviceWorkerPageIdentifier, *swServer);
}
completionHandler();
diff --git a/Source/WebKit/NetworkProcess/NetworkProcess.cpp b/Source/WebKit/NetworkProcess/NetworkProcess.cpp
index db0437d3b70a..8f637e6c85fd 100644
--- a/Source/WebKit/NetworkProcess/NetworkProcess.cpp
+++ b/Source/WebKit/NetworkProcess/NetworkProcess.cpp
@@ -458,48 +458,49 @@ void NetworkProcess::webProcessWillLoadWebArchive(WebCore::ProcessIdentifier pro
}).iterator->value.first = LoadedWebArchive::Yes;
}
-bool NetworkProcess::allowsFirstPartyForCookies(WebCore::ProcessIdentifier processIdentifier, const URL& firstParty)
+auto NetworkProcess::allowsFirstPartyForCookies(WebCore::ProcessIdentifier processIdentifier, const URL& firstParty) -> AllowCookieAccess
{
- // FIXME: This should probably not be necessary. If about:blank is the first party for cookies,
- // we should set it to be the inherited origin then remove this exception.
- if (firstParty.isAboutBlank())
- return true;
+ auto allowCookieAccess = allowsFirstPartyForCookies(processIdentifier, RegistrableDomain { firstParty });
+ if (allowCookieAccess == NetworkProcess::AllowCookieAccess::Terminate) {
+ // FIXME: This should probably not be necessary. If about:blank is the first party for cookies,
+ // we should set it to be the inherited origin then remove this exception.
+ if (firstParty.isAboutBlank())
+ return AllowCookieAccess::Disallow;
- if (firstParty.isNull())
- return true; // FIXME: This shouldn't be allowed.
+ if (firstParty.isNull())
+ return AllowCookieAccess::Disallow; // FIXME: This shouldn't be allowed.
+ }
- return allowsFirstPartyForCookies(processIdentifier, RegistrableDomain { firstParty });
+ return allowCookieAccess;
}
-bool NetworkProcess::allowsFirstPartyForCookies(WebCore::ProcessIdentifier processIdentifier, const RegistrableDomain& firstPartyDomain)
+auto NetworkProcess::allowsFirstPartyForCookies(WebCore::ProcessIdentifier processIdentifier, const RegistrableDomain& firstPartyDomain) -> AllowCookieAccess
{
// FIXME: This shouldn't be needed but it is hit sometimes at least with PDFs.
- if (firstPartyDomain.isEmpty())
- return true;
-
+ auto terminateOrDisallow = firstPartyDomain.isEmpty() ? AllowCookieAccess::Disallow : AllowCookieAccess::Terminate;
if (!decltype(m_allowedFirstPartiesForCookies)::isValidKey(processIdentifier)) {
ASSERT_NOT_REACHED();
- return false;
+ return terminateOrDisallow;
}
auto iterator = m_allowedFirstPartiesForCookies.find(processIdentifier);
if (iterator == m_allowedFirstPartiesForCookies.end()) {
ASSERT_NOT_REACHED();
- return false;
+ return terminateOrDisallow;
}
if (iterator->value.first == LoadedWebArchive::Yes)
- return true;
+ return AllowCookieAccess::Allow;
auto& set = iterator->value.second;
if (!std::remove_reference_t<decltype(set)>::isValidValue(firstPartyDomain)) {
ASSERT_NOT_REACHED();
- return false;
+ return terminateOrDisallow;
}
auto result = set.contains(firstPartyDomain);
- ASSERT(result);
- return result;
+ ASSERT(result || terminateOrDisallow == AllowCookieAccess::Disallow);
+ return result ? AllowCookieAccess::Allow : terminateOrDisallow;
}
void NetworkProcess::addStorageSession(PAL::SessionID sessionID, const WebsiteDataStoreParameters& parameters)
diff --git a/Source/WebKit/NetworkProcess/NetworkProcess.h b/Source/WebKit/NetworkProcess/NetworkProcess.h
index 0897537e5847..54f19ab96ce4 100644
--- a/Source/WebKit/NetworkProcess/NetworkProcess.h
+++ b/Source/WebKit/NetworkProcess/NetworkProcess.h
@@ -417,8 +417,9 @@ public:
void deleteWebsiteDataForOrigin(PAL::SessionID, OptionSet<WebsiteDataType>, const WebCore::ClientOrigin&, CompletionHandler<void()>&&);
void deleteWebsiteDataForOrigins(PAL::SessionID, OptionSet<WebsiteDataType>, const Vector<WebCore::SecurityOriginData>& origins, const Vector<String>& cookieHostNames, const Vector<String>& HSTSCacheHostnames, const Vector<RegistrableDomain>&, CompletionHandler<void()>&&);
- bool allowsFirstPartyForCookies(WebCore::ProcessIdentifier, const URL&);
- bool allowsFirstPartyForCookies(WebCore::ProcessIdentifier, const RegistrableDomain&);
+ enum class AllowCookieAccess : uint8_t { Disallow, Allow, Terminate };
+ AllowCookieAccess allowsFirstPartyForCookies(WebCore::ProcessIdentifier, const URL&);
+ AllowCookieAccess allowsFirstPartyForCookies(WebCore::ProcessIdentifier, const RegistrableDomain&);
void addAllowedFirstPartyForCookies(WebCore::ProcessIdentifier, WebCore::RegistrableDomain&&, LoadedWebArchive, CompletionHandler<void()>&&);
void webProcessWillLoadWebArchive(WebCore::ProcessIdentifier);
diff --git a/Source/WebKit/NetworkProcess/NetworkSession.cpp b/Source/WebKit/NetworkProcess/NetworkSession.cpp
index d3e9e8b4b64b..2c5fb9ad6765 100644
--- a/Source/WebKit/NetworkProcess/NetworkSession.cpp
+++ b/Source/WebKit/NetworkProcess/NetworkSession.cpp
@@ -728,7 +728,7 @@ void NetworkSession::appBoundDomains(CompletionHandler<void(HashSet<WebCore::Reg
void NetworkSession::addAllowedFirstPartyForCookies(WebCore::ProcessIdentifier webProcessIdentifier, std::optional<WebCore::ProcessIdentifier> requestingProcessIdentifier, WebCore::RegistrableDomain&& firstPartyForCookies)
{
- if (requestingProcessIdentifier && (requestingProcessIdentifier != webProcessIdentifier) && !m_networkProcess->allowsFirstPartyForCookies(requestingProcessIdentifier.value(), firstPartyForCookies)) {
+ if (requestingProcessIdentifier && (requestingProcessIdentifier != webProcessIdentifier) && m_networkProcess->allowsFirstPartyForCookies(requestingProcessIdentifier.value(), firstPartyForCookies) != NetworkProcess::AllowCookieAccess::Allow) {
ASSERT_NOT_REACHED();
return;
}
diff --git a/Source/WebKit/NetworkProcess/ServiceWorker/WebSWServerConnection.cpp b/Source/WebKit/NetworkProcess/ServiceWorker/WebSWServerConnection.cpp
index 72d67d9f98a2..515f4597cf33 100644
--- a/Source/WebKit/NetworkProcess/ServiceWorker/WebSWServerConnection.cpp
+++ b/Source/WebKit/NetworkProcess/ServiceWorker/WebSWServerConnection.cpp
@@ -344,7 +344,7 @@ void WebSWServerConnection::postMessageToServiceWorker(ServiceWorkerIdentifier d
void WebSWServerConnection::scheduleJobInServer(ServiceWorkerJobData&& jobData)
{
- MESSAGE_CHECK(networkProcess().allowsFirstPartyForCookies(identifier(), WebCore::RegistrableDomain::uncheckedCreateFromHost(jobData.topOrigin.host())));
+ MESSAGE_CHECK(networkProcess().allowsFirstPartyForCookies(identifier(), WebCore::RegistrableDomain::uncheckedCreateFromHost(jobData.topOrigin.host())) != NetworkProcess::AllowCookieAccess::Terminate);
ASSERT(!jobData.scopeURL.isNull());
if (jobData.scopeURL.isNull()) {
diff --git a/Source/WebKit/NetworkProcess/SharedWorker/WebSharedWorkerServerConnection.cpp b/Source/WebKit/NetworkProcess/SharedWorker/WebSharedWorkerServerConnection.cpp
index 83affaaded38..084bbdf8f8c5 100644
--- a/Source/WebKit/NetworkProcess/SharedWorker/WebSharedWorkerServerConnection.cpp
+++ b/Source/WebKit/NetworkProcess/SharedWorker/WebSharedWorkerServerConnection.cpp
@@ -79,7 +79,7 @@ NetworkSession* WebSharedWorkerServerConnection::session()
void WebSharedWorkerServerConnection::requestSharedWorker(WebCore::SharedWorkerKey&& sharedWorkerKey, WebCore::SharedWorkerObjectIdentifier sharedWorkerObjectIdentifier, WebCore::TransferredMessagePort&& port, WebCore::WorkerOptions&& workerOptions)
{
- MESSAGE_CHECK(m_networkProcess->allowsFirstPartyForCookies(m_webProcessIdentifier, WebCore::RegistrableDomain::uncheckedCreateFromHost(sharedWorkerKey.origin.topOrigin.host())));
+ MESSAGE_CHECK(m_networkProcess->allowsFirstPartyForCookies(m_webProcessIdentifier, WebCore::RegistrableDomain::uncheckedCreateFromHost(sharedWorkerKey.origin.topOrigin.host())) != NetworkProcess::AllowCookieAccess::Terminate);
MESSAGE_CHECK(sharedWorkerObjectIdentifier.processIdentifier() == m_webProcessIdentifier);
MESSAGE_CHECK(sharedWorkerKey.name == workerOptions.name);
CONNECTION_RELEASE_LOG("requestSharedWorker: sharedWorkerObjectIdentifier=%" PUBLIC_LOG_STRING, sharedWorkerObjectIdentifier.toString().utf8().data());

View File

@ -0,0 +1,65 @@
From: Carlos Garcia Campos <cgarcia@igalia.com>
Subject: Disable DMABuf renderer for NVIDIA proprietary drivers
Bug: https://bugs.webkit.org/show_bug.cgi?id=262607
Bug-Debian: https://bugs.debian.org/1039720
Origin: https://github.com/WebKit/WebKit/pull/18614
Index: webkitgtk-2.44.0/Source/WebKit/UIProcess/gtk/AcceleratedBackingStoreDMABuf.cpp
===================================================================
--- webkitgtk-2.44.0.orig/Source/WebKit/UIProcess/gtk/AcceleratedBackingStoreDMABuf.cpp
+++ webkitgtk-2.44.0/Source/WebKit/UIProcess/gtk/AcceleratedBackingStoreDMABuf.cpp
@@ -37,6 +37,7 @@
#include <WebCore/GLContext.h>
#include <WebCore/IntRect.h>
#include <WebCore/PlatformDisplay.h>
+#include <WebCore/PlatformDisplaySurfaceless.h>
#include <WebCore/ShareableBitmap.h>
#include <WebCore/SharedMemory.h>
#include <epoxy/egl.h>
@@ -45,6 +46,7 @@
#if USE(GBM)
#include <drm_fourcc.h>
+#include <WebCore/PlatformDisplayGBM.h>
#include <gbm.h>
static constexpr uint64_t s_dmabufInvalidModifier = DRM_FORMAT_MOD_INVALID;
@@ -58,6 +60,29 @@ static constexpr uint64_t s_dmabufInvali
namespace WebKit {
+static bool isNVIDIA()
+{
+ const char* forceDMABuf = getenv("WEBKIT_FORCE_DMABUF_RENDERER");
+ if (forceDMABuf && strcmp(forceDMABuf, "0"))
+ return false;
+
+ std::unique_ptr<WebCore::PlatformDisplay> platformDisplay;
+#if USE(GBM)
+ const char* disableGBM = getenv("WEBKIT_DMABUF_RENDERER_DISABLE_GBM");
+ if (!disableGBM || !strcmp(disableGBM, "0")) {
+ if (auto* device = WebCore::PlatformDisplay::sharedDisplay().gbmDevice())
+ platformDisplay = WebCore::PlatformDisplayGBM::create(device);
+ }
+#endif
+ if (!platformDisplay)
+ platformDisplay = WebCore::PlatformDisplaySurfaceless::create();
+
+ WebCore::GLContext::ScopedGLContext glContext(WebCore::GLContext::createOffscreen(platformDisplay ? *platformDisplay : WebCore::PlatformDisplay::sharedDisplay()));
+ if (strstr(reinterpret_cast<const char*>(glGetString(GL_VENDOR)), "NVIDIA"))
+ return true;
+ return false;
+}
+
OptionSet<DMABufRendererBufferMode> AcceleratedBackingStoreDMABuf::rendererBufferMode()
{
static OptionSet<DMABufRendererBufferMode> mode;
@@ -73,6 +98,9 @@ OptionSet<DMABufRendererBufferMode> Acce
return;
}
+ if (isNVIDIA())
+ return;
+
mode.add(DMABufRendererBufferMode::SharedMemory);
const char* forceSHM = getenv("WEBKIT_DMABUF_RENDERER_FORCE_SHM");

4678
webkit2gtk3.changes Normal file

File diff suppressed because it is too large Load Diff

BIN
webkit2gtk3.keyring Normal file

Binary file not shown.

634
webkit2gtk3.spec Normal file
View File

@ -0,0 +1,634 @@
#
# spec file for package webkit2gtk3
#
# Copyright (c) 2024 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
%define flavor @BUILD_FLAVOR@%nil
%define _name webkitgtk
%if "%{flavor}" == ""
# gtknamesuffix is just so we do not have to rename the source package - no package is generated here
%define _gtknamesuffix gtk3
ExclusiveArch: do-not-build
%endif
%define usegcc11 0%{?sle_version} && 0%{?sle_version} < 160000
%define use_jxl !(0%{?sle_version} && 0%{?sle_version} < 160000)
%if "%{flavor}" == "gtk3"
%define _gtknamesuffix gtk3
%define _pkgname_no_slpp libwebkit2gtk3
%define _apiver 4.1
%define _sover -4_1-0
%define _wk2sover -4_1-0
%define _sonamever 4.1
%define _sonameverpkg 4_1
%define _gtkver 3.0
%define _jscver 4.1
%define _pkgconfig_suffix gtk-3.0
%define _usesoup2 0
%endif
%if "%{flavor}" == "gtk3-soup2"
%define _gtknamesuffix gtk3-soup2
%define _pkgname_no_slpp libwebkit2gtk3
%define _apiver 4.0
%define _sover -4_0-18
%define _wk2sover -4_0-37
%define _sonamever 4.0
%define _sonameverpkg 4_0
%define _gtkver 3.0
%define _jscver 4
%define _pkgconfig_suffix gtk-3.0
%define _usesoup2 1
%endif
%if "%{flavor}" == "gtk4"
%define _gtknamesuffix gtk4
%define _pkgname_no_slpp libwebkit2gtk4
%define _apiver 6.0
%define _sover -6_0-0
%define _wk2sover -6_0-0
%define _sonamever 6.0
%define _sonameverpkg 6_0
%define _gtkver 4.0
%define _jscver 6.0
%define _pkgconfig_suffix gtk-4.0
%define _usesoup2 0
%define _wk2sover6api -6_0-4
%define _soverlj6api -6_0-1
%define _with_backtrace 1
%endif
# Disable LTO on select targets
%ifarch %{ix86} ppc64le
%global _lto_cflags %{nil}
%endif
Name: webkit2%{_gtknamesuffix}
Version: 2.46.3
Release: 0
Summary: Library for rendering web content, GTK+ Port
License: BSD-3-Clause AND LGPL-2.0-or-later
Group: Development/Libraries/C and C++
URL: https://webkitgtk.org
Source0: %{url}/releases/%{_name}-%{version}.tar.xz
Source1: %{url}/releases/%{_name}-%{version}.tar.xz.asc
Source98: baselibs.conf
Source99: webkit2gtk3.keyring
# PATCH-FEATURE-OPENSUSE reproducibility.patch -- Make build reproducible
Patch0: reproducibility.patch
# PATCH-FIX-UPSTREAM 9e9ea966373d3858668f6a29d8ba91a5807c8dd8.patch -- Fix aspect ratio with gst-1.24.9
Patch1: https://github.com/WebKit/WebKit/commit/9e9ea966373d3858668f6a29d8ba91a5807c8dd8.patch
# PATCH-FIX-UPSTREAM 63f7badbada070ebaadd318b2801818ecf7e7ea0.patch -- Support ICU 76.1 build
Patch2: https://github.com/WebKit/WebKit/commit/63f7badbada070ebaadd318b2801818ecf7e7ea0.patch
# PATCH-FIX-UPSTREAM webkit2gtk3-CVE-2024-44308.patch boo#1233631 mgorse@suse.com -- don't allocate DFG register after a slow path.
Patch3: webkit2gtk3-CVE-2024-44308.patch
# PATCH-FIX-UPSTREAM webkit2gtk3-CVE-2024-44309.patch boo#1233632 mgorse@suse.com -- fix a cookie management issue.
Patch4: webkit2gtk3-CVE-2024-44309.patch
BuildRequires: Mesa-libEGL-devel
BuildRequires: Mesa-libGL-devel
BuildRequires: Mesa-libGLESv1_CM-devel
BuildRequires: Mesa-libGLESv2-devel
BuildRequires: Mesa-libGLESv3-devel
BuildRequires: bison >= 2.3
BuildRequires: bubblewrap
BuildRequires: cmake
BuildRequires: enchant-devel
BuildRequires: flex
%if 0%{?_with_backtrace}
BuildRequires: libbacktrace-devel
%endif
%if %usegcc11
BuildRequires: gcc11-c++
%else
BuildRequires: gcc-c++ >= 11.2
%endif
BuildRequires: gobject-introspection-devel
BuildRequires: gperf >= 3.0.1
BuildRequires: hyphen-devel
BuildRequires: libjpeg-devel
BuildRequires: ninja
BuildRequires: openjpeg2
BuildRequires: openjpeg2-devel
BuildRequires: perl >= 5.10.0
BuildRequires: pkgconfig
BuildRequires: python3
BuildRequires: ruby >= 2.5
BuildRequires: unifdef
BuildRequires: xdg-dbus-proxy
BuildRequires: pkgconfig(atk)
BuildRequires: pkgconfig(atspi-2) >= 2.5.3
BuildRequires: pkgconfig(cairo) >= 1.16.0
BuildRequires: pkgconfig(epoxy)
BuildRequires: pkgconfig(fontconfig) >= 2.13.0
BuildRequires: pkgconfig(freetype2) >= 2.9.0
%if "%{flavor}" == "gtk4"
BuildRequires: pkgconfig(glib-2.0) >= 2.70.0
%else
BuildRequires: pkgconfig(glib-2.0) >= 2.56.4
%endif
BuildRequires: pkgconfig(icu-i18n)
%if %usegcc11
BuildRequires: pkgconfig(glproto)
%endif
BuildRequires: pkgconfig(gnutls) >= 3.0.0
BuildRequires: pkgconfig(gstreamer-1.0) >= 1.18.4
BuildRequires: pkgconfig(gstreamer-app-1.0)
BuildRequires: pkgconfig(gstreamer-audio-1.0)
BuildRequires: pkgconfig(gstreamer-codecparsers-1.0)
BuildRequires: pkgconfig(gstreamer-fft-1.0)
BuildRequires: pkgconfig(gstreamer-gl-1.0)
BuildRequires: pkgconfig(gstreamer-mpegts-1.0)
BuildRequires: pkgconfig(gstreamer-pbutils-1.0)
BuildRequires: pkgconfig(gstreamer-plugins-base-1.0)
BuildRequires: pkgconfig(gstreamer-tag-1.0)
BuildRequires: pkgconfig(gstreamer-transcoder-1.0)
BuildRequires: pkgconfig(gstreamer-video-1.0)
%if "%{flavor}" == "gtk3" || "%{flavor}" == "gtk3-soup2"
BuildRequires: pkgconfig(gtk+-3.0) >= 3.22.0
%endif
%if "%{flavor}" == "gtk4"
BuildRequires: pkgconfig(gtk4) >= 4.6.0
BuildRequires: pkgconfig(xcomposite)
%endif
BuildRequires: pkgconfig(gudev-1.0)
BuildRequires: pkgconfig(harfbuzz) >= 1.4.2
BuildRequires: pkgconfig(lcms2)
BuildRequires: pkgconfig(libavif) >= 0.9.0
%if %{use_jxl}
BuildRequires: pkgconfig(libjxl)
%endif
BuildRequires: pkgconfig(libpng)
BuildRequires: pkgconfig(libseccomp)
BuildRequires: pkgconfig(libsecret-1)
%if %{_usesoup2}
BuildRequires: pkgconfig(libsoup-2.4) >= 2.54.0
%else
BuildRequires: pkgconfig(libsoup-3.0) >= 3.0.0
%endif
BuildRequires: pkgconfig(libsystemd)
BuildRequires: pkgconfig(libwebp)
BuildRequires: pkgconfig(libwoff2dec)
BuildRequires: pkgconfig(libxml-2.0) >= 2.8.0
BuildRequires: pkgconfig(libxslt) >= 1.1.7
BuildRequires: pkgconfig(manette-0.2)
BuildRequires: pkgconfig(openssl)
BuildRequires: pkgconfig(sqlite3)
BuildRequires: pkgconfig(upower-glib)
BuildRequires: pkgconfig(wayland-protocols)
BuildRequires: pkgconfig(xdamage)
BuildRequires: pkgconfig(xt)
BuildRequires: pkgconfig(zlib)
%description
WebKit is a web content engine, derived from KHTML and KJS from KDE,
and used primarily in Apple's Safari browser. It is made to be
embedded in other applications, such as mail readers, or web browsers.
It is able to display content such as HTML, SVG, XML, and others. It
also supports DOM, XMLHttpRequest, XSLT, CSS, Javascript/ECMAscript and
more.
%package -n libwebkit2gtk%{_wk2sover}
Summary: Library for rendering web content, GTK+ Port
# Require the injected bundles. The bundles are dlopen()ed
Group: System/Libraries
Requires: bubblewrap
%if "%{flavor}" == "gtk4"
Requires: libjavascriptcoregtk%{_soverlj6api} = %{version}
%else
Requires: libjavascriptcoregtk%{_sover} = %{version}
%endif
Requires: libwayland-client0 >= 1.20.0
Requires: webkit2gtk-%{_sonameverpkg}-injected-bundles
Requires: xdg-dbus-proxy
Provides: %{_pkgname_no_slpp} = %{version}
Provides: WebKitGTK-%{_apiver}
Obsoletes: webkit2gtk3-plugin-process-gtk2 < %{version}
Recommends: geoclue2
Recommends: gstreamer-plugins-bad
Recommends: gstreamer-plugins-good
Recommends: xdg-desktop-portal-gtk
%description -n libwebkit2gtk%{_wk2sover}
WebKit is a web content engine, derived from KHTML and KJS from KDE,
and used primarily in Apple's Safari browser. It is made to be
embedded in other applications, such as mail readers, or web browsers.
It is able to display content such as HTML, SVG, XML, and others. It
also supports DOM, XMLHttpRequest, XSLT, CSS, Javascript/ECMAscript and
more.
%package -n libwebkitgtk%{_wk2sover6api}
Summary: Library for rendering web content, GTK+ Port
# Require the injected bundles. The bundles are dlopen()ed
Group: System/Libraries
Requires: bubblewrap
%if "%{flavor}" == "gtk4"
Requires: libjavascriptcoregtk%{_soverlj6api} = %{version}
Requires: webkitgtk-%{_sonameverpkg}-injected-bundles
# Package was wrongly named
Obsoletes: libwebkitgtk6_0-4 < 2.42.6
%else
Requires: libjavascriptcoregtk%{_sover} = %{version}
Requires: webkit2gtk-%{_sonameverpkg}-injected-bundles
%endif
Requires: xdg-dbus-proxy
Provides: %{_pkgname_no_slpp} = %{version}
Provides: WebKitGTK-%{_apiver}
Obsoletes: webkit2gtk3-plugin-process-gtk2 < %{version}
Recommends: geoclue2
Recommends: gstreamer-plugins-bad
Recommends: gstreamer-plugins-good
Recommends: xdg-desktop-portal-gtk
%description -n libwebkitgtk%{_wk2sover6api}
WebKit is a web content engine, derived from KHTML and KJS from KDE,
and used primarily in Apple's Safari browser. It is made to be
embedded in other applications, such as mail readers, or web browsers.
It is able to display content such as HTML, SVG, XML, and others. It
also supports DOM, XMLHttpRequest, XSLT, CSS, Javascript/ECMAscript and
more.
%package -n webkitgtk-%{_sonameverpkg}-injected-bundles
Summary: Injected bundles for %{name}
Group: System/Libraries
%description -n webkitgtk-%{_sonameverpkg}-injected-bundles
WebKit is a web content engine, derived from KHTML and KJS from KDE,
and used primarily in Apple's Safari browser. It is made to be
embedded in other applications, such as mail readers, or web browsers.
It is able to display content such as HTML, SVG, XML, and others. It
also supports DOM, XMLHttpRequest, XSLT, CSS, Javascript/ECMAscript and
more.
%package -n webkit2gtk-%{_sonameverpkg}-injected-bundles
Summary: Injected bundles for %{name}
Group: System/Libraries
%description -n webkit2gtk-%{_sonameverpkg}-injected-bundles
WebKit is a web content engine, derived from KHTML and KJS from KDE,
and used primarily in Apple's Safari browser. It is made to be
embedded in other applications, such as mail readers, or web browsers.
It is able to display content such as HTML, SVG, XML, and others. It
also supports DOM, XMLHttpRequest, XSLT, CSS, Javascript/ECMAscript and
more.
%package -n libjavascriptcoregtk%{_sover}
Summary: JavaScript Core Engine, GTK+ Port
Group: System/Libraries
%description -n libjavascriptcoregtk%{_sover}
WebKit is a web content engine, derived from KHTML and KJS from KDE,
and used primarily in Apple's Safari browser. It is made to be
embedded in other applications, such as mail readers, or web browsers.
It is able to display content such as HTML, SVG, XML, and others. It
also supports DOM, XMLHttpRequest, XSLT, CSS, Javascript/ECMAscript and
more.
%package -n libjavascriptcoregtk%{_soverlj6api}
Summary: JavaScript Core Engine, GTK+ Port
Group: System/Libraries
# Package was wrongly named
Obsoletes: libjavascriptcoregtk6_0-1 < 2.42.6
%description -n libjavascriptcoregtk%{_soverlj6api}
WebKit is a web content engine, derived from KHTML and KJS from KDE,
and used primarily in Apple's Safari browser. It is made to be
embedded in other applications, such as mail readers, or web browsers.
It is able to display content such as HTML, SVG, XML, and others. It
also supports DOM, XMLHttpRequest, XSLT, CSS, Javascript/ECMAscript and
more.
%package -n typelib-1_0-WebKit-%{_sonameverpkg}
Summary: Introspection bindings for %{name}
Group: System/Libraries
%description -n typelib-1_0-WebKit-%{_sonameverpkg}
WebKit is a web content engine, derived from KHTML and KJS from KDE,
and used primarily in Apple's Safari browser. It is made to be
embedded in other applications, such as mail readers, or web browsers.
It is able to display content such as HTML, SVG, XML, and others. It
also supports DOM, XMLHttpRequest, XSLT, CSS, Javascript/ECMAscript and
more.
This package provides the GObject Introspection bindings for the GTK+
port of WebKit2.
%package -n typelib-1_0-WebKitWebProcessExtension-%{_sonameverpkg}
Summary: Introspection bindings for %{name}
Group: System/Libraries
%description -n typelib-1_0-WebKitWebProcessExtension-%{_sonameverpkg}
WebKit is a web content engine, derived from KHTML and KJS from KDE,
and used primarily in Apple's Safari browser. It is made to be
embedded in other applications, such as mail readers, or web browsers.
It is able to display content such as HTML, SVG, XML, and others. It
also supports DOM, XMLHttpRequest, XSLT, CSS, Javascript/ECMAscript and
more.
This package provides the GObject Introspection bindings for the GTK+
port of WebKit2.
%package -n typelib-1_0-WebKit2-%{_sonameverpkg}
Summary: Introspection bindings for %{name}
Group: System/Libraries
%description -n typelib-1_0-WebKit2-%{_sonameverpkg}
WebKit is a web content engine, derived from KHTML and KJS from KDE,
and used primarily in Apple's Safari browser. It is made to be
embedded in other applications, such as mail readers, or web browsers.
It is able to display content such as HTML, SVG, XML, and others. It
also supports DOM, XMLHttpRequest, XSLT, CSS, Javascript/ECMAscript and
more.
This package provides the GObject Introspection bindings for the GTK+
port of WebKit2.
%package -n typelib-1_0-WebKit2WebExtension-%{_sonameverpkg}
Summary: Introspection bindings for %{name}
Group: System/Libraries
%description -n typelib-1_0-WebKit2WebExtension-%{_sonameverpkg}
WebKit is a web content engine, derived from KHTML and KJS from KDE,
and used primarily in Apple's Safari browser. It is made to be
embedded in other applications, such as mail readers, or web browsers.
It is able to display content such as HTML, SVG, XML, and others. It
also supports DOM, XMLHttpRequest, XSLT, CSS, Javascript/ECMAscript and
more.
This package provides the GObject Introspection bindings for the GTK+
port of WebKit2.
%package -n typelib-1_0-JavaScriptCore-%{_sonameverpkg}
Summary: Introspection bindings for the GTK+ port of the JavaScript Core Engine
Group: System/Libraries
%description -n typelib-1_0-JavaScriptCore-%{_sonameverpkg}
WebKit is a web content engine, derived from KHTML and KJS from KDE,
and used primarily in Apple's Safari browser. It is made to be
embedded in other applications, such as mail readers, or web browsers.
It is able to display content such as HTML, SVG, XML, and others. It
also supports DOM, XMLHttpRequest, XSLT, CSS, Javascript/ECMAscript and
more.
This package provides the GObject Introspection bindings for the GTK+
port of the JavaScript Core engine.
%package devel
Summary: Development files for %{name}
Group: Development/Libraries/C and C++
%if "%{flavor}" == "gtk4"
Requires: libjavascriptcoregtk%{_soverlj6api} = %{version}
Requires: libwebkitgtk%{_wk2sover6api} = %{version}
Requires: typelib-1_0-JavaScriptCore-%{_sonameverpkg}
Requires: typelib-1_0-WebKit-%{_sonameverpkg}
Requires: typelib-1_0-WebKitWebProcessExtension-%{_sonameverpkg}
%else
Requires: libjavascriptcoregtk%{_sover} = %{version}
Requires: libwebkit2gtk%{_wk2sover} = %{version}
Requires: typelib-1_0-JavaScriptCore-%{_sonameverpkg}
Requires: typelib-1_0-WebKit2-%{_sonameverpkg}
Requires: typelib-1_0-WebKit2WebExtension-%{_sonameverpkg}
%endif
%description devel
WebKit is a web content engine, derived from KHTML and KJS from KDE,
and used primarily in Apple's Safari browser. It is made to be
embedded in other applications, such as mail readers, or web browsers.
It is able to display content such as HTML, SVG, XML, and others. It
also supports DOM, XMLHttpRequest, XSLT, CSS, Javascript/ECMAscript and
more.
%package -n webkit-jsc-%{_jscver}
Summary: JavaScript command line from WebKit
Group: Development/Tools/Other
%description -n webkit-jsc-%{_jscver}
jsc is a command-line utility that allows you to run JavaScript
programs outside of the context of a web browser. It is primarily
used as part of the test harness for validating the JavaScript
portions of WebKit, but can also be used as a scripting tool.
jsc can be run in an interactive mode to test out JavaScript
expressions, or it can be passed one or more files to run similar to
invoking a Perl or Python script.
%package minibrowser
Summary: MiniBrowser from WebKit
Group: Development/Tools/Other
%description minibrowser
A small test browswer from webkit, useful for testing features.
%dnl Expand %%lang_package to Obsoletes its older-name counterpart
%package -n WebKitGTK-%{_apiver}-lang
Summary: Translations for package %{name}
Group: System/Localization
Requires: WebKitGTK-%{_apiver} = %{version}
Provides: WebKitGTK-%{_apiver}-lang-all = %{version}
Obsoletes: WebKit2GTK-lang < 2.40.0
Obsoletes: libwebkit2gtk3-lang < %{version}
BuildArch: noarch
%description -n WebKitGTK-%{_apiver}-lang
Provides translations for the "%{name}" package.
%prep
%autosetup -p1 -n webkitgtk-%{version}
# Adjust path to GStreamer's gst-plugin-scanner (we rename it to - gst-plugin-scanner-%%{_target_cpu}
sed -i 's|/gst-plugin-scanner|/gst-plugin-scanner-%{_target_cpu}|' ./Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp
%build
# Here we must muzzle our dog so it doesn't eat all the memory
max_link_jobs="%{?jobs}%{!?jobs:1}"
max_compile_jobs="%{?jobs}%{!?jobs:4}"
echo "Available memory:"
cat /proc/meminfo
echo "System limits:"
ulimit -a
if test -n "$max_link_jobs" -a "$max_link_jobs" -gt 1 ; then
mem_per_process=2000000
max_mem=$(awk '/MemTotal/ { print $2 }' /proc/meminfo)
max_jobs="$(($max_mem / $mem_per_process))"
test "$max_link_jobs" -gt "$max_jobs" && max_link_jobs="$max_jobs" && echo "Warning: Reducing number of link jobs to $max_jobs because of memory limits"
test "$max_link_jobs" -le 0 && max_link_jobs=1 && echo "Warning: Not linking in parallel at all becuse of memory limits"
fi
export PYTHON=%{_bindir}/python3
# Use linker flags to reduce memory consumption
%global optflags %(echo %{optflags} -Wl,--no-keep-memory -Wl,--reduce-memory-overheads | sed 's/-g /-g1 /')
%cmake \
-GNinja \
-DCMAKE_BUILD_TYPE=Release \
-DENABLE_DOCUMENTATION=OFF \
-DUSE_LIBBACKTRACE=%[ %{defined _with_backtrace} ? "ON" : "OFF" ] \
%if %usegcc11
-DCMAKE_C_COMPILER=gcc-11 \
-DCMAKE_CXX_COMPILER=g++-11 \
%endif
-DPORT=GTK \
%if "%{flavor}" == "gtk4"
-DLIBEXEC_INSTALL_DIR=%{_libexecdir}/libwebkitgtk%{_wk2sover} \
-DUSE_GTK4=ON \
-DENABLE_WEBDRIVER=ON \
%else
-DLIBEXEC_INSTALL_DIR=%{_libexecdir}/libwebkit2gtk%{_wk2sover} \
-DUSE_GTK4=OFF \
-DENABLE_WEBDRIVER=OFF \
%endif
-DUSE_AVIF=ON \
-DENABLE_MINIBROWSER=ON \
-DCMAKE_EXE_LINKER_FLAGS="-Wl,--as-needed -Wl,-z,now -pthread" \
-DCMAKE_MODULE_LINKER_FLAGS="-Wl,--as-needed -Wl,-z,now -pthread" \
-DCMAKE_SHARED_LINKER_FLAGS="-Wl,--as-needed -Wl,-z,now -pthread" \
-DPYTHON_EXECUTABLE=%{_bindir}/python3 \
%if %{_usesoup2}
-DUSE_SOUP2=ON \
%endif
%ifarch aarch64
-DENABLE_JIT=OFF \
-DUSE_SYSTEM_MALLOC=ON \
%else
%if 0%{?sle_version} && 0%{?sle_version} < 160000
-DUSE_SYSTEM_MALLOC=ON \
%endif
%endif
%if !%{use_jxl}
-DUSE_JPEGXL=OFF \
%endif
-DUSE_SYSTEM_SYSPROF_CAPTURE=NO
%ninja_build -j $max_link_jobs
%install
%ninja_install -C build
%find_lang WebKitGTK-%{_apiver}
%if "%{flavor}" == "gtk4"
%ldconfig_scriptlets -n libwebkitgtk%{_wk2sover6api}
%ldconfig_scriptlets -n libjavascriptcoregtk%{_soverlj6api}
%else
%ldconfig_scriptlets -n libwebkit2gtk%{_wk2sover}
%ldconfig_scriptlets -n libjavascriptcoregtk%{_sover}
%endif
%if "%{flavor}" == "gtk4"
%files -n libwebkitgtk%{_wk2sover6api}
# Exclude jsc and MiniBrowser - we package them on their own
%exclude %{_libexecdir}/libwebkitgtk%{_wk2sover}/jsc
%exclude %{_libexecdir}/libwebkitgtk%{_wk2sover}/MiniBrowser
%{_libexecdir}/libwebkitgtk%{_wk2sover}/
%{_libdir}/libwebkitgtk-%{_apiver}.so.*
%files -n webkitgtk-%{_sonameverpkg}-injected-bundles
%dir %{_libdir}/webkitgtk-%{_apiver}
%dir %{_libdir}/webkitgtk-%{_apiver}/injected-bundle
%{_libdir}/webkitgtk-%{_apiver}/injected-bundle/libwebkitgtkinjectedbundle.so
%else
%files -n libwebkit2gtk%{_wk2sover}
# Exclude jsc and MiniBrowser - we package them on their own
%exclude %{_libexecdir}/libwebkit2gtk%{_wk2sover}/jsc
%exclude %{_libexecdir}/libwebkit2gtk%{_wk2sover}/MiniBrowser
%{_libexecdir}/libwebkit2gtk%{_wk2sover}/
%{_libdir}/libwebkit2gtk-%{_apiver}.so.*
%files -n webkit2gtk-%{_sonameverpkg}-injected-bundles
%dir %{_libdir}/webkit2gtk-%{_apiver}
%dir %{_libdir}/webkit2gtk-%{_apiver}/injected-bundle
%{_libdir}/webkit2gtk-%{_apiver}/injected-bundle/libwebkit2gtkinjectedbundle.so
%endif
%if "%{flavor}" == "gtk4"
%files -n libjavascriptcoregtk%{_soverlj6api}
%license Source/JavaScriptCore/COPYING.LIB
%{_libdir}/libjavascriptcoregtk-%{_apiver}.so.*
%files -n typelib-1_0-WebKit-%{_sonameverpkg}
%{_libdir}/girepository-1.0/WebKit-%{_sonamever}.typelib
%files -n typelib-1_0-WebKitWebProcessExtension-%{_sonameverpkg}
%{_libdir}/girepository-1.0/WebKitWebProcessExtension-%{_sonamever}.typelib
%else
%files -n libjavascriptcoregtk%{_sover}
%license Source/JavaScriptCore/COPYING.LIB
%{_libdir}/libjavascriptcoregtk-%{_apiver}.so.*
%files -n typelib-1_0-WebKit2-%{_sonameverpkg}
%{_libdir}/girepository-1.0/WebKit2-%{_sonamever}.typelib
%files -n typelib-1_0-WebKit2WebExtension-%{_sonameverpkg}
%{_libdir}/girepository-1.0/WebKit2WebExtension-%{_sonamever}.typelib
%endif
%files -n typelib-1_0-JavaScriptCore-%{_sonameverpkg}
%{_libdir}/girepository-1.0/JavaScriptCore-%{_sonamever}.typelib
%files devel
%{_datadir}/gir-1.0/*.gir
%{_includedir}/webkitgtk-%{_apiver}/
%if "%{flavor}" == "gtk4"
%{_libdir}/libwebkitgtk-%{_sonamever}.so
%{_libdir}/pkgconfig/webkitgtk-%{_apiver}.pc
%{_libdir}/pkgconfig/webkitgtk-web-process-extension-%{_apiver}.pc
%else
%{_libdir}/libwebkit2gtk-%{_sonamever}.so
%{_libdir}/pkgconfig/webkit2gtk-%{_apiver}.pc
%{_libdir}/pkgconfig/webkit2gtk-web-extension-%{_apiver}.pc
%endif
%{_libdir}/libjavascriptcoregtk-%{_sonamever}.so
%{_libdir}/pkgconfig/javascriptcoregtk-%{_apiver}.pc
%files -n webkit-jsc-%{_jscver}
%if "%{flavor}" == "gtk4"
%{_libexecdir}/libwebkitgtk%{_wk2sover}/jsc
%else
%{_libexecdir}/libwebkit2gtk%{_wk2sover}/jsc
%endif
%files minibrowser
%if "%{flavor}" == "gtk4"
%{_libexecdir}/libwebkitgtk%{_wk2sover}/MiniBrowser
%{_bindir}/WebKitWebDriver
%else
%{_libexecdir}/libwebkit2gtk%{_wk2sover}/MiniBrowser
%endif
%files -n WebKitGTK-%{_apiver}-lang -f WebKitGTK-%{_apiver}.lang
%changelog

BIN
webkitgtk-2.44.2.tar.xz (Stored with Git LFS) Normal file

Binary file not shown.

View File

@ -0,0 +1,16 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEAToBJ6ycZbNP+mJSbBAJtpOXU5MFAmZF9iQACgkQbBAJtpOX
U5ORGQ//ZZJ0eviTeoGMmxzwbnGHPuusinRUsR7Tc6U1nN+Q9AFspcTQyCrj9IEB
fsyV9Kcu7v8FB7HQvguY1mkyUSNTiteKw9YwvUtqqrrFoYAnVKTReUEnt38SUWWT
LiwcQ3D13OiVqywRRrNalo7BqzfqoOylhDwdIg1D7w6HCHNxlhAaw71b9TRinZx4
a3WyfPz3E1lnEIzU2djsZv3lhQJa6tHR39pCXacXQGU35v88VbZ3mHeUyche6sQ0
BC+6IB1nphyO2/pLcYPv7Dp9IFEnTTl3A44v/7Zaj3eLX0+6GdZuuUc9x22+Sl+6
IwZ5AjQOXw8+tGNTkGbWnD3kgRc14s+uCNJ8qEjSmv/oN3hUEh3vf4+pL4gDgGYi
jVQe9uIjQO5AfgEFTumMfTaeN5MgvWGTPjtPhjfN3MyKgkU+I3qrdt+fHH57HUeJ
TiWkHFxgI32ucjRjdQ1YqZ5sUna/5uKKyxufa7hwOzwYumhFcouMzAqBxJ+96X7n
tL0/j+JZHmeJwCHUdIaTnTh2pYFZ4HFfJqcXda+xq43wNAM7qKMjps6h+szNKSo/
9xBEFpuWyV7xyCzGQ3Ul/S/DZ1dr/UQrK8SA9EBjVhsVQTmoxf8A+QK/LJqmtHwA
dfkKRYwQ6qedeESVJ2+HCzvZnxhKyU8cSgvI2Yz1pe7C3zFJv3o=
=unwr
-----END PGP SIGNATURE-----

BIN
webkitgtk-2.44.3.tar.xz (Stored with Git LFS) Normal file

Binary file not shown.

View File

@ -0,0 +1,16 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEAToBJ6ycZbNP+mJSbBAJtpOXU5MFAma7BpQACgkQbBAJtpOX
U5PeIxAAhv6cl4WsiFyPuNQdzik1GdxtSuFxpBW9SokOxFPn4zW/sMIkke20q1et
RhGwKskkuOEgavV/2grC07d8peFbsse6zTeerZECRaB+Saj7ZOWoZQoDbCTxWjzi
yoxsziwIJA4LDdhqxV8TRSCl3bLy+uFQkUfNX1JJot9bMze+9lUjxJ/hAglCUjP8
WIJdQ1mE+cJguBHJMfdZbDINLywRjesaLXAvTCmpnn3mn0GXMbCQM+W+GCybwhMB
1dl8eFEfcvAhUe85mHJNW3WmYRzvquTMuFuLzU8b1U1/6+LQc+IOXAZEpkP9ztSn
VItLwPnHJ/4g5KY+gUonMxZ1LMhTwiu/ga41Yez0sZftkC6tgIPIldaTY/tjeNLh
C5GnMSyRTJ7d2ywLJSdzCIGkwhOJ7oHArGxbpzCWft3rrU8SbvQd3dGOMip1iniN
ewdMyoqZQgzN51BRUklhjoBCaUkcVbgYr6qfLZiU42kR4RWgrTx/s//naCM4peQe
8vGeRlF9zpsGw3ivCJBNjqk9SrqcPQ2i52lgKs28DkVy13duuQwKEMa+/Tv7eH60
wNdKSRjeA81DLZkuyX5yJOEJ1pru1HiS4sdP112dPb1HajVhOehZJc7a8b9ohOH5
go2lIxnJjZOXRHM/JwtTcLKsnfna1m6yzNGdOHNcLKPJodHcpXY=
=jHOh
-----END PGP SIGNATURE-----

3
webkitgtk-2.44.4.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:2ce4ec1b78413035037aba8326b31ed72696626b7bea7bace5e46ac0d8cbe796
size 35858056

View File

@ -0,0 +1,6 @@
-----BEGIN PGP SIGNATURE-----
iF0EABEDAB0WIQRao7wzT9fjNp58d7KRxVnb5MkSOwUCZt6j0AAKCRCRxVnb5MkS
O8uuAJ4hLC/UXFDJsanfXyaQ6/y3hf684ACdEdyKE/nxBYL9dQEzL/50xEBsl5o=
=aQH7
-----END PGP SIGNATURE-----

3
webkitgtk-2.45.92.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:753f6c638c72633f22305a606dbd6c825b8fde3a7d01184a8f18f740493ca79f
size 42757216

View File

@ -0,0 +1,16 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEAToBJ6ycZbNP+mJSbBAJtpOXU5MFAmbVem0ACgkQbBAJtpOX
U5Mhow/7BbBjIf5ZUZrhRxYB0mxiezZU5fBBd/Dn9jugCI+NiZ+U403/MQfdFmey
ZmntQSEwBhRH0tVEUfizCKkP6IOzZCOYt/eBmF+ecFJedoMsNT2P6YHWSRyoi2wo
5ntCQQHlbGlbr1qLw9jXg83m8mV5/BDWG0QhpOrylfh3O+Dhj/z9h9PGFJ/FNxrQ
bgAEmzvfS/sQk/mvwvKKbUG4O2hIJbW8QEzwhwXAJz6dHaXMHpnCi2QOzxBqGsif
hTKvi1n225c6lvzX+mj788zCB4H7/sRKHzKN4iHBBZS42uddm1zE9NXPQjdfT0Ex
YmSABnEjkg/fmKSgpnI2clmxvLXJsK5g5d53FF/b3CXop80u+BqSfs3Upa6g+/+Z
9wlbeeJc/++XbaAOCB98fmeCTWohE8nDFPGOG1FNLsQZjTKb6SKK/lSD0u+Jo0wV
I0jnBqwpsuH9tFVQlIBom7pAWZ3cq2mVESLzZXnCa33TAuh+AhAhURxNeYTLukWb
VT4gLerC8GtKHx3mONVDI2JYXs8WqYlmbY3GjhKYZqsEBCKgq+YP8tWM9/U1ZHp+
sg0SRCjQm4M3RObE7LBX9XwnSUpMs33KCHZa3Gy4AEz2IsFOlRN9DwaMrmI4nrDf
eSB7x0QOYswlPNnzX7yl2wfTQzezo/pbcxtXolUFOPWY2NaHZHw=
=WcF7
-----END PGP SIGNATURE-----

3
webkitgtk-2.46.1.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:2a14faac359aff941d0bc4443eb5537e3702bcaf316b0a129e0e65f3ff8eaac0
size 42776840

View File

@ -0,0 +1,16 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEAToBJ6ycZbNP+mJSbBAJtpOXU5MFAmb6Z+AACgkQbBAJtpOX
U5NlAw/8CHhuDyRYXXA40eq/bBGdeqKprVXAMPReGMulG7ZPd4qu1eokED7XZCdO
HUe/3Mdzppo/B9gqpPuCnb57/e0b6ma1E66bsHCE33+uUxy1n22kT43gsdEO7etZ
toVMK/QUMhMEgwfJkXGIW8odIcvoqYKP9C0sMdpdhGbNr+OBRMJmk6eWAAhNP/mj
csx3xUpBzCJ5vlDCfinYlOhPm2Bl40QgED6yocaMa6rlt/gOj5ctwr97v9BaU3qG
OZKP6o9nOAh5aUbHdyFADg7CMP7opqBMpH+yBg7pqQQ73NnKNw9jPp6shWanOmKk
FFSU8QgZu5lSvp/I3cBaSY0+QuQmUBeq1wFSlrKw8YmVZgFspj7i1WVfu4aDFdMQ
1VeEG4atsKatS+oeW0h6NGhWjlIYlaKqB6Vylb/fv3/RvaRocSkWEsMikipf6dWX
0KuBvf9Jr/6wSA62XuGqIPUxLjbRirGdADVQGqb4Yvk7spok8JnQGdxqixgfbuWc
xURun7A3B6S5y4/UHARSmLyXqmO55o6bT1iuIlbzK06rd9AWfA8CgLNUySVsdWzO
HHGvLweSeMDS5dlVr4vE0eczUICBtl6TB6A9ydsxTj1TvmgrmDlBVls5XWFK0vcs
ErTeBoMPCjYcjD8lqo5O7nr0uDMNHLYlEvaq5t5EYVZergylVPo=
=WrNA
-----END PGP SIGNATURE-----

3
webkitgtk-2.46.2.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:5aae1c5c0a30d5e9c5831652b6f1bdefc31d75e0ad81cb40185b0aed92ce79b6
size 42803728

View File

@ -0,0 +1,16 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEAToBJ6ycZbNP+mJSbBAJtpOXU5MFAmcWILAACgkQbBAJtpOX
U5PrLhAAj7+VKmBfCV9pHsnla1zxC5O6pkgKhT1N0p/MMY7aKCLRpmGMrc2XEhny
i/M5+O9ZIQkzImJ0vgLF3nSFsESPj2t3wljnapEwQtZKw/9KxM3O+A3RA19tKRfj
t+16ot/QijHT2k9EcGkdfFeq5SWfTAtwH13Q9LxRH0hmohC7d3s8OVpiVUptVXii
R15GsuOj7EmR+QGzVRfbdpBEXGqglEJHJ5qzMFIoCqFbIAilXr6C0NbzED2pbNd2
CO8e4Q4FpxPbN2Y9W4P77uoyonc3tJbAUVPKJOcIicAH4ex/e0J8OwLpvRLY7xRp
UJczw/PfZ0KWO6rf55h4q0Q7wLCt+wsxdtkP+hinxELKc4eyo/xxsvFMDXA0VBzE
c353GC3pg8C0LRXXHXuVxGlRDyjq0RXT3IWMrDyv9SCS9GO0t2FfChc9MCtKrvQE
mfS2tzFjfhVamSphl8oj6Nge3W6qHnq9nC3+HbjQBMgHhusIiYEdKPmbNz/beweX
xmJReJdX+xmCC3FsWMx2aAjy8NbWZ638ee2Xv0h0Uq9Z7w96WRIqUNb4fvtGk+xe
OInQTFp8/d9N54C09AdEQuK3LMnObpuS/VFdIJgMA6ombdmgWYHomLW9AGjpHUpw
8vI5KTGf5uaMVmPmu+LTeoF3NGP7hPldMLS50A9zj+C2DijjT1s=
=jVoY
-----END PGP SIGNATURE-----

BIN
webkitgtk-2.46.3.tar.xz (Stored with Git LFS) Normal file

Binary file not shown.

View File

@ -0,0 +1,16 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEAToBJ6ycZbNP+mJSbBAJtpOXU5MFAmciLBQACgkQbBAJtpOX
U5MFsBAAqwUuPEkirbQXxESAu8nJKUG3RVa4y3c1NaTRETW19cy/32KeiBlxbWW5
UKF2gKlu5B+mJn9f0hebYBUkqr6HdWO1JnBz3XNXZ7dNObTWlN9g4T6tlqsxAdsk
B04ddWFQKYQJ4pMLjlxVFkFXQ0vh9UywBwUyGXrqg9yo2OcSGpsqdujyZfdlWrHc
0kDLow9SYM5XhkzFoQxKlYsVg1vhzpTxDuv39JqVTGHlX8pEplpCsrMwpVQ+89aP
zv64u/xnPAEsN4wGeB0QyH6H0llukTmrgWUfoRqeDLHMGAeuHe1yONGyK5fWA1u+
ABTsjVnh5nOQxUZaNc3dpMdUcrp+kVhjKDwMOhKNbfVoLWxchmU5VvrCoytRAX8i
4js2xOgnMk26cNB4dZsMg9cYH4Zr+nkfkjGljGXRSvexF8iBUc2Dv0scrtDh3ArI
aWk4eMyO5nRPIFWE6j5d+sAm1TF1hGMW33beYOTy5Iqm2l2inRoaxGdAz2ZFjF5S
xcjG7tT3+pG8WXPhJ0Tl41mPJKg79tY3F0uzSedtJ+J3q4uRKORFOdChtDbqHHT7
mI0jT6rrGckXlncufvg19RiCnmP8vmZEyeuTZja6vBsV3pA7Uc/IWcWEXi9ip/om
grjX+68/ypghS571sFxrjQaNdqrO0fwMrJBZxhgelJKnykvoj2Y=
=wug0
-----END PGP SIGNATURE-----