From 14ac3e5db232137923fd597eb15dc61c875bf48c Mon Sep 17 00:00:00 2001 From: Allan Sandfeld Jensen Date: Thu, 18 Aug 2016 10:04:02 +0200 Subject: Fix sandboxing of localtime syscall The check OS(LINUX) does not work here, so use the Qt OS defines, and remove the stat and fopen overrides that Chromium no longer proxies this way. Task-number: QTBUG-55125 Change-Id: Ie03b8e0cabd100f2f72b7ab1cff5dc8697ba69ad Reviewed-by: Alexandru Croitor --- src/process/main.cpp | 64 +--------------------------------------------------- 1 file changed, 1 insertion(+), 63 deletions(-) diff --git a/src/process/main.cpp b/src/process/main.cpp index 38bb5409e..d2f9d2337 100644 --- a/src/process/main.cpp +++ b/src/process/main.cpp @@ -42,10 +42,7 @@ #include #include -#if defined(OS_LINUX) -#if defined(__GLIBC__) && !defined(__UCLIBC__) && !defined(OS_ANDROID) && !defined(HAVE_XSTAT) -#define HAVE_XSTAT 1 -#endif +#if defined(Q_OS_LINUX) struct tm; struct stat; @@ -59,19 +56,6 @@ struct tm* localtime_r_override(const time_t* timep, struct tm* result); struct tm* localtime64_r_override(const time_t* timep, struct tm* result); } -// exported in libc_urandom_proxy.cc -namespace sandbox { -FILE* fopen_override(const char* path, const char* mode); -FILE* fopen64_override(const char* path, const char* mode); -#if HAVE_XSTAT -int xstat_override(int version, const char *path, struct stat *buf); -int xstat64_override(int version, const char *path, struct stat64 *buf); -#else -int stat_override(const char *path, struct stat *buf); -int stat64_override(const char *path, struct stat64 *buf); -#endif -} - // from zygote_main_linux.cc __attribute__ ((__visibility__("default"))) struct tm* localtime_proxy(const time_t* timep) __asm__ ("localtime"); @@ -101,52 +85,6 @@ struct tm* localtime64_r_proxy(const time_t* timep, struct tm* result) return content::localtime64_r_override(timep, result); } -// from libc_urandom_proxy.cc -__attribute__ ((__visibility__("default"))) -FILE* fopen_proxy(const char* path, const char* mode) __asm__ ("fopen"); -FILE* fopen_proxy(const char* path, const char* mode) -{ - return sandbox::fopen_override(path, mode); -} - -__attribute__ ((__visibility__("default"))) -FILE* fopen64_proxy(const char* path, const char* mode) __asm__ ("fopen64"); -FILE* fopen64_proxy(const char* path, const char* mode) -{ - return sandbox::fopen64_override(path, mode); -} - -#if HAVE_XSTAT -__attribute__ ((__visibility__("default"))) -int xstat_proxy(int version, const char *path, struct stat *buf) __asm__ ("__xstat"); -int xstat_proxy(int version, const char *path, struct stat *buf) -{ - return sandbox::xstat_override(version, path, buf); -} - -__attribute__ ((__visibility__("default"))) -int xstat64_proxy(int version, const char *path, struct stat64 *buf) __asm__ ("__xstat64"); -int xstat64_proxy(int version, const char *path, struct stat64 *buf) -{ - return sandbox::xstat64_override(version, path, buf); -} - -#else -__attribute__ ((__visibility__("default"))) -int stat_proxy(const char *path, struct stat *buf) __asm__ ("stat"); -int stat_proxy(const char *path, struct stat *buf) -{ - return sandbox::stat_override(path, buf); -} - -__attribute__ ((__visibility__("default"))) -int stat64_proxy(const char *path, struct stat64 *buf) __asm__ ("stat64"); -int stat64_proxy(const char *path, struct stat64 *buf) -{ - return sandbox::stat64_override(path, buf); -} - -#endif #endif // defined(OS_LINUX) #ifdef Q_OS_WIN -- cgit v1.2.3 From cf7d82a79dff4ea5c53e0908ed5c13ce1f87796d Mon Sep 17 00:00:00 2001 From: Michal Klocek Date: Wed, 17 Aug 2016 19:26:59 +0200 Subject: Pass alsa pulseaudio qt build settings for embedded builds Change-Id: I0996b08d661bc52233396a98acdf9d2e68876711 Reviewed-by: Allan Sandfeld Jensen Reviewed-by: Oswald Buddenhagen --- src/core/config/linux.pri | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/src/core/config/linux.pri b/src/core/config/linux.pri index b579e2a3f..9264932c4 100644 --- a/src/core/config/linux.pri +++ b/src/core/config/linux.pri @@ -35,7 +35,16 @@ contains(QT_CONFIG, system-zlib): use?(system_minizip): GYP_CONFIG += use_system contains(QT_CONFIG, system-png): GYP_CONFIG += use_system_libpng=1 contains(QT_CONFIG, system-jpeg): GYP_CONFIG += use_system_libjpeg=1 contains(QT_CONFIG, system-harfbuzz): GYP_CONFIG += use_system_harfbuzz=1 -!contains(QT_CONFIG, pulseaudio): GYP_CONFIG += use_pulseaudio=0 +contains(QT_CONFIG, pulseaudio) { + GYP_CONFIG += use_pulseaudio=1 +} else { + GYP_CONFIG += use_pulseaudio=0 +} +contains(QT_CONFIG, alsa) { + GYP_CONFIG += use_alsa=1 +} else { + GYP_CONFIG += use_alsa=0 +} !contains(QT_CONFIG, glib): GYP_CONFIG += use_glib=0 use?(system_libevent): GYP_CONFIG += use_system_libevent=1 use?(system_libwebp): GYP_CONFIG += use_system_libwebp=1 -- cgit v1.2.3 From 7bc32104660dd9b5dfa9920a288797a7c2790559 Mon Sep 17 00:00:00 2001 From: Allan Sandfeld Jensen Date: Wed, 17 Aug 2016 16:18:43 +0200 Subject: Ensure WebEngineContext::destroy() is called before the destructor MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Add a false reference only removed after destroy() is called, so the tearing down of static objects won't dereference it before the QApplication is destroyed and the post routines including destroy() are called. Also adds a little safety by asserting destroy() has been called before ~WebEngineContext() and make sure we don't create a new WebEngineContext() during shut down. Task-number: QTBUG-54769 Change-Id: I2b1d189f9ebd8da2dc9f322f9bb307a5aa0c6a2f Reviewed-by: Florian Bruhin Reviewed-by: Michael BrĂ¼ning --- src/core/web_engine_context.cpp | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/src/core/web_engine_context.cpp b/src/core/web_engine_context.cpp index 98fba0897..7d1e5d609 100644 --- a/src/core/web_engine_context.cpp +++ b/src/core/web_engine_context.cpp @@ -102,6 +102,7 @@ QT_END_NAMESPACE namespace { scoped_refptr sContext; +static bool s_destroyed = false; void destroyContext() { @@ -110,6 +111,7 @@ void destroyContext() // WebEngineContext's pointer is used. sContext->destroy(); sContext = 0; + s_destroyed = true; } bool usingANGLE() @@ -184,18 +186,29 @@ void WebEngineContext::destroy() // RenderProcessHostImpl should be destroyed before WebEngineContext since // default BrowserContext might be used by the RenderprocessHostImpl's destructor. m_browserRunner.reset(0); + + // Drop the false reference. + sContext->Release(); } WebEngineContext::~WebEngineContext() { + // WebEngineContext::destroy() must be called before we are deleted + Q_ASSERT(!m_globalQObject); + Q_ASSERT(!m_devtools); + Q_ASSERT(!m_browserRunner); } scoped_refptr WebEngineContext::current() { + if (s_destroyed) + return nullptr; if (!sContext.get()) { sContext = new WebEngineContext(); // Make sure that we ramp down Chromium before QApplication destroys its X connection, etc. qAddPostRoutine(destroyContext); + // Add a false reference so there is no race between unreferencing sContext and a global QApplication. + sContext->AddRef(); } return sContext; } -- cgit v1.2.3 From 2672642af493339b3420d5e5235b77d9f560feb6 Mon Sep 17 00:00:00 2001 From: Allan Sandfeld Jensen Date: Fri, 26 Aug 2016 14:14:26 +0200 Subject: Support the command-line argument --allow-running-insecure-content MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Reads the chromium command-line argument and pass it on to WebKit. This also prepares for adding it as proper API later. Task-number: QTBUG-54902 Change-Id: I391940ef43a88332f45cc3c97fe22514d7f6a76c Reviewed-by: Michael BrĂ¼ning --- src/core/web_engine_settings.cpp | 4 ++++ src/core/web_engine_settings.h | 3 ++- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/src/core/web_engine_settings.cpp b/src/core/web_engine_settings.cpp index 6c17c3ce9..550fd2814 100644 --- a/src/core/web_engine_settings.cpp +++ b/src/core/web_engine_settings.cpp @@ -44,6 +44,7 @@ #include "type_conversion.h" #include "base/command_line.h" +#include "chrome/common/chrome_switches.h" #include "content/browser/gpu/gpu_process_host.h" #include "content/public/common/content_switches.h" #include "content/public/common/web_preferences.h" @@ -232,11 +233,13 @@ void WebEngineSettings::initDefaults(bool offTheRecord) !commandLine->HasSwitch(switches::kDisableExperimentalWebGL); bool accelerated2dCanvas = content::GpuProcessHost::gpu_enabled() && !commandLine->HasSwitch(switches::kDisableAccelerated2dCanvas); + bool allowRunningInsecureContent = commandLine->HasSwitch(switches::kAllowRunningInsecureContent); s_defaultAttributes.insert(ScrollAnimatorEnabled, smoothScrolling); s_defaultAttributes.insert(WebGLEnabled, webGL); s_defaultAttributes.insert(Accelerated2dCanvasEnabled, accelerated2dCanvas); s_defaultAttributes.insert(AutoLoadIconsForPage, true); s_defaultAttributes.insert(TouchIconsEnabled, false); + s_defaultAttributes.insert(AllowRunningInsecureContent, allowRunningInsecureContent); } if (offTheRecord) m_attributes.insert(LocalStorageEnabled, false); @@ -312,6 +315,7 @@ void WebEngineSettings::applySettingsToWebPreferences(content::WebPreferences *p prefs->fullscreen_supported = testAttribute(FullScreenSupportEnabled); prefs->accelerated_2d_canvas_enabled = testAttribute(Accelerated2dCanvasEnabled); prefs->experimental_webgl_enabled = testAttribute(WebGLEnabled); + prefs->allow_running_insecure_content = testAttribute(AllowRunningInsecureContent); // Fonts settings. prefs->standard_font_family_map[content::kCommonScript] = toString16(fontFamily(StandardFont)); diff --git a/src/core/web_engine_settings.h b/src/core/web_engine_settings.h index e21eee8a9..e131af50c 100644 --- a/src/core/web_engine_settings.h +++ b/src/core/web_engine_settings.h @@ -79,7 +79,8 @@ public: WebGLEnabled, Accelerated2dCanvasEnabled, AutoLoadIconsForPage, - TouchIconsEnabled + TouchIconsEnabled, + AllowRunningInsecureContent }; // Must match the values from the public API in qwebenginesettings.h. -- cgit v1.2.3 From 327c9b9e0c68550e474d9ffdc21ece6324b5e7a1 Mon Sep 17 00:00:00 2001 From: Michal Klocek Date: Tue, 16 Aug 2016 19:07:11 +0200 Subject: Use pkg-config wrapper provided by qmake Switch to pkg-config wrapper provided by qmake to avoid exporting extra PKG_CONFIG_LIBDIR paths. Change-Id: I6c916d8d20965808af7b206c4fecf6c8791e93b4 Reviewed-by: Allan Sandfeld Jensen --- src/core/gyp_run.pro | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/core/gyp_run.pro b/src/core/gyp_run.pro index 2264d9b70..71c1e063c 100644 --- a/src/core/gyp_run.pro +++ b/src/core/gyp_run.pro @@ -19,6 +19,8 @@ cross_compile { GYP_CONFIG += qtwe_process_name_debug=$$QTWEBENGINEPROCESS_NAME_DEBUG GYP_CONFIG += qtwe_process_name_release=$$QTWEBENGINEPROCESS_NAME_RELEASE GYP_CONFIG += disable_glibcxx_debug=1 +!contains(QT_CONFIG, no-pkg-config): GYP_CONFIG += pkg-config=$$pkgConfigExecutable() + !webcore_debug: GYP_CONFIG += remove_webcore_debug_symbols=1 !v8base_debug: GYP_CONFIG += remove_v8base_debug_symbols=1 -- cgit v1.2.3