From: Chirag Shilwant <c-shilwant@ti.com>
To: <detheridge@ti.com>, <meta-arago@lists.yoctoproject.org>,
<reatmon@ti.com>, <denys@konsulko.com>
Cc: <rs@ti.com>
Subject: Re: [EXTERNAL] [meta-arago][kirkstone][PATCH 2/4] meta-arago: distro: add a bbapend to patch the chromium browser
Date: Wed, 7 Feb 2024 12:11:33 +0530 [thread overview]
Message-ID: <8f816a8a-63cd-45c1-a6eb-b1157a4129a0@ti.com> (raw)
In-Reply-To: <20240206175841.32717-3-detheridge@ti.com>
Hi Darren
In commit message title,
s/bbapend/bbappend
On 06/02/24 23:28, Etheridge, Darren via lists.yoctoproject.org wrote:
> From: Darren Etheridge <detheridge@ ti. com> This applies a patch for
> meta-browser/chromium-ozone-wayland to make the sandboxing work with
> the Imagination GPU components without the need for the --no-sandbox
> flag. GPU acceleration in Chromium
> ZjQcmQRYFpfptBannerStart
> This message was sent from outside of Texas Instruments.
> Do not click links or open attachments unless you recognize the source
> of this email and know the content is safe.
> ZjQcmQRYFpfptBannerEnd
> From: Darren Etheridge <detheridge@ti.com>
>
> This applies a patch for meta-browser/chromium-ozone-wayland to make the
> sandboxing work with the Imagination GPU components without the need for
> the --no-sandbox flag.
>
> GPU acceleration in Chromium is dependant on IMG DDK 23.3. It works
> across AXE/BXS/8XE GPU's. No acceleration is expected for SGX.
>
> Also add an upstream patch to stop Chromium from segfaulting when it is
> run with no input devices connected to the board.
> Patch was retrieved from:
> https://urldefense.com/v3/__https://chromium.googlesource.com/chromium/src/*/323077958301bc321d840a2c2b983ab469934753__;Kw!!G3vK!Q1ZI2dsaxka-0vu202whhUsEmBDa9DSQPM71DvdmC9MGFHwvBAjQmNdPgEtm1NZeBloRSk1T5iINRfCzyBwGDC_domr6HHSGHXOR$
>
> Signed-off-by: Darren Etheridge <detheridge@ti.com>
> ---
> meta-arago-distro/conf/layer.conf | 2 +
> ...omium-ozone-wayland_111.0.5563.64.bbappend | 8 ++
> ...dbox-allow-access-to-PowerVR-GPU-fro.patch | 74 +++++++++++++++++++
> ...-chromium-32307795-fix-nullprt-deref.patch | 52 +++++++++++++
> 4 files changed, 136 insertions(+)
> create mode 100644 meta-arago-distro/dynamic-layers/chromium-browser-layer/recipes-browser/chromium/chromium-ozone-wayland_111.0.5563.64.bbappend
> create mode 100644 meta-arago-distro/dynamic-layers/chromium-browser-layer/recipes-browser/chromium/chromium-ozone-wayland_111.0.5563.64/0001-chromium-gpu-sandbox-allow-access-to-PowerVR-GPU-fro.patch
> create mode 100644 meta-arago-distro/dynamic-layers/chromium-browser-layer/recipes-browser/chromium/chromium-ozone-wayland_111.0.5563.64/0002-upstream-chromium-32307795-fix-nullprt-deref.patch
>
> diff --git a/meta-arago-distro/conf/layer.conf b/meta-arago-distro/conf/layer.conf
> index 40b0f5bb..b0221860 100644
> --- a/meta-arago-distro/conf/layer.conf
> +++ b/meta-arago-distro/conf/layer.conf
> @@ -24,9 +24,11 @@ LAYERDEPENDS_meta-arago-distro = " \
> # clang-layer
>
> LAYERRECOMMENDS_meta-arago-distro = " \
> + chromium-browser-layer \
> "
>
> BBFILES_DYNAMIC += " \
> + chromium-browser-layer:${LAYERDIR}/dynamic-layers/chromium-browser-layer/recipes*/*/*.bbappend \
> "
>
> BB_DANGLINGAPPENDS_WARNONLY = "true"
> diff --git a/meta-arago-distro/dynamic-layers/chromium-browser-layer/recipes-browser/chromium/chromium-ozone-wayland_111.0.5563.64.bbappend b/meta-arago-distro/dynamic-layers/chromium-browser-layer/recipes-browser/chromium/chromium-ozone-wayland_111.0.5563.64.bbappend
> new file mode 100644
> index 00000000..df93e26b
> --- /dev/null
> +++ b/meta-arago-distro/dynamic-layers/chromium-browser-layer/recipes-browser/chromium/chromium-ozone-wayland_111.0.5563.64.bbappend
> @@ -0,0 +1,8 @@
> +PR:append = ".arago0"
> +
> +FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}_${PV}:"
> +
> +SRC_URI:append = " \
> + file://0001-chromium-gpu-sandbox-allow-access-to-PowerVR-GPU-fro.patch \
> + file://0002-upstream-chromium-32307795-fix-nullprt-deref.patch \
> + "
> diff --git a/meta-arago-distro/dynamic-layers/chromium-browser-layer/recipes-browser/chromium/chromium-ozone-wayland_111.0.5563.64/0001-chromium-gpu-sandbox-allow-access-to-PowerVR-GPU-fro.patch b/meta-arago-distro/dynamic-layers/chromium-browser-layer/recipes-browser/chromium/chromium-ozone-wayland_111.0.5563.64/0001-chromium-gpu-sandbox-allow-access-to-PowerVR-GPU-fro.patch
> new file mode 100644
> index 00000000..1930f976
> --- /dev/null
> +++ b/meta-arago-distro/dynamic-layers/chromium-browser-layer/recipes-browser/chromium/chromium-ozone-wayland_111.0.5563.64/0001-chromium-gpu-sandbox-allow-access-to-PowerVR-GPU-fro.patch
> @@ -0,0 +1,74 @@
> +From 11267fe76f81dce283d565d517b679aa2be44466 Mon Sep 17 00:00:00 2001
> +From: Darren Etheridge <detheridge@ti.com>
> +Date: Fri, 26 Jan 2024 10:54:49 -0600
> +Subject: [PATCH] chromium: gpu: sandbox: allow access to PowerVR GPU from
> + sandbox
> +
> +Chromium runs in a sandbox to limit access to the system, however
> +the PowerVR drivers for the Imagination GPU used on TI hardware need
> +some extra libraries along with the DRM device nodes to be opened up.
> +This patch opens up the necessary pieces.
> +
> +Signed-off-by: Darren Etheridge <detheridge@ti.com>
> +---
> + content/gpu/gpu_sandbox_hook_linux.cc | 16 +++++++++++++++-
> + 1 file changed, 15 insertions(+), 1 deletion(-)
> +
> +diff --git a/content/gpu/gpu_sandbox_hook_linux.cc b/content/gpu/gpu_sandbox_hook_linux.cc
> +index d93285a..1f8aafd 100644
> +--- a/content/gpu/gpu_sandbox_hook_linux.cc
> ++++ b/content/gpu/gpu_sandbox_hook_linux.cc
> +@@ -67,6 +67,11 @@ inline bool UseChromecastSandboxAllowlist() {
> + #endif
> + }
> +
> ++inline bool IsGPUIMGRogue() {
> ++ return true;
> ++}
> ++
> ++
> + inline bool IsArchitectureArm() {
> + #if defined(ARCH_CPU_ARM_FAMILY)
> + return true;
> +@@ -441,6 +446,11 @@ std::vector<BrokerFilePermission> FilePermissionsForGpu(
> +
> + AddVulkanICDPermissions(&permissions);
> +
> ++ if (IsGPUIMGRogue()) {
> ++ // Add standard DRM permissions for snapdragon/PowerVR:
> ++ AddDrmGpuPermissions(&permissions);
> ++ }
> ++
> + if (IsChromeOS()) {
> + // Permissions are additive, there can be multiple GPUs in the system.
> + AddStandardChromeOsPermissions(&permissions);
> +@@ -508,6 +518,8 @@ void LoadArmGpuLibraries() {
> + DRI_DRIVER_DIR "/mediatek_dri.so",
> + DRI_DRIVER_DIR "/rockchip_dri.so",
> + DRI_DRIVER_DIR "/asahi_dri.so",
> ++ DRI_DRIVER_DIR "/pvr_dri.so",
> ++ DRI_DRIVER_DIR "/tidss_dri.so",
> + #else
> + "/usr/lib64/dri/msm_dri.so",
> + "/usr/lib64/dri/panfrost_dri.so",
> +@@ -515,6 +527,8 @@ void LoadArmGpuLibraries() {
> + "/usr/lib64/dri/rockchip_dri.so",
> + "/usr/lib64/dri/asahi_dri.so",
> + "/usr/lib/dri/msm_dri.so",
> ++ "/usr/lib/dri/tidss_dri.so",
> ++ "/usr/lib/dri/pvr_dri.so",
> + "/usr/lib/dri/panfrost_dri.so",
> + "/usr/lib/dri/mediatek_dri.so",
> + "/usr/lib/dri/rockchip_dri.so",
> +@@ -632,7 +646,7 @@ sandbox::syscall_broker::BrokerCommandSet CommandSetForGPU(
> + command_set.set(sandbox::syscall_broker::COMMAND_ACCESS);
> + command_set.set(sandbox::syscall_broker::COMMAND_OPEN);
> + command_set.set(sandbox::syscall_broker::COMMAND_STAT);
> +- if (IsChromeOS() &&
> ++ if ((IsGPUIMGRogue() || IsChromeOS()) &&
> + (options.use_amd_specific_policies ||
> + options.use_intel_specific_policies ||
> + options.use_virtio_specific_policies || IsArchitectureArm())) {
> +--
> +2.36.1
> +
> diff --git a/meta-arago-distro/dynamic-layers/chromium-browser-layer/recipes-browser/chromium/chromium-ozone-wayland_111.0.5563.64/0002-upstream-chromium-32307795-fix-nullprt-deref.patch b/meta-arago-distro/dynamic-layers/chromium-browser-layer/recipes-browser/chromium/chromium-ozone-wayland_111.0.5563.64/0002-upstream-chromium-32307795-fix-nullprt-deref.patch
> new file mode 100644
> index 00000000..5624de96
> --- /dev/null
> +++ b/meta-arago-distro/dynamic-layers/chromium-browser-layer/recipes-browser/chromium/chromium-ozone-wayland_111.0.5563.64/0002-upstream-chromium-32307795-fix-nullprt-deref.patch
> @@ -0,0 +1,52 @@
> +From 323077958301bc321d840a2c2b983ab469934753 Mon Sep 17 00:00:00 2001
> +From: Max Ihlenfeldt <max@igalia.com>
> +Date: Wed, 02 Aug 2023 15:46:56 +0000
> +Subject: [PATCH] ozone/wayland: Fix nullptr deref in WaylandWindowManager
> +
> +When no input devices are available (e.g. embedded devices),
> +`connection_->window_drag_controller()` returns nullptr. Add a check to
> +ensure we don't accidentally dereference that.
> +
> +See alsohttps://urldefense.com/v3/__https://github.com/OSSystems/meta-browser/issues/736__;!!G3vK!Q1ZI2dsaxka-0vu202whhUsEmBDa9DSQPM71DvdmC9MGFHwvBAjQmNdPgEtm1NZeBloRSk1T5iINRfCzyBwGDC_domr6HPEd77cm$.
> +
> +Bug: 578890
> +Change-Id: I472d0dfabfea6b4d072ede98c8593370524f54f0
> +Reviewed-on:https://urldefense.com/v3/__https://chromium-review.googlesource.com/c/chromium/src/*/4724882__;Kw!!G3vK!Q1ZI2dsaxka-0vu202whhUsEmBDa9DSQPM71DvdmC9MGFHwvBAjQmNdPgEtm1NZeBloRSk1T5iINRfCzyBwGDC_domr6HIEZ9BQ2$
> +Reviewed-by: Antonio Gomes <tonikitoo@igalia.com>
> +Commit-Queue: Max Ihlenfeldt <max@igalia.com>
> +Cr-Commit-Position: refs/heads/main@{#1178426}
> +---
> +
> +diff --git a/ui/ozone/platform/wayland/host/wayland_window_manager.cc b/ui/ozone/platform/wayland/host/wayland_window_manager.cc
> +index e4a8e4541..24999725 100644
> +--- a/ui/ozone/platform/wayland/host/wayland_window_manager.cc
> ++++ b/ui/ozone/platform/wayland/host/wayland_window_manager.cc
> +@@ -96,15 +96,19 @@
> +
> + WaylandWindow* WaylandWindowManager::GetCurrentPointerOrTouchFocusedWindow()
> + const {
> +- // In case there is an ongoing window dragging session, favor the window
> +- // according to the active drag source.
> +- //
> +- // TODO(https://urldefense.com/v3/__https://crbug.com/1317063__;!!G3vK!Q1ZI2dsaxka-0vu202whhUsEmBDa9DSQPM71DvdmC9MGFHwvBAjQmNdPgEtm1NZeBloRSk1T5iINRfCzyBwGDC_domr6HB0E-tho$): Apply the same logic to data drag sessions
> +- // too?
> +- if (auto drag_source = connection_->window_drag_controller()->drag_source()) {
> +- return *drag_source == mojom::DragEventSource::kMouse
> +- ? GetCurrentPointerFocusedWindow()
> +- : GetCurrentTouchFocusedWindow();
> ++ // Might be nullptr if no input devices are available.
> ++ if (connection_->window_drag_controller()) {
> ++ // In case there is an ongoing window dragging session, favor the window
> ++ // according to the active drag source.
> ++ //
> ++ // TODO(https://urldefense.com/v3/__https://crbug.com/1317063__;!!G3vK!Q1ZI2dsaxka-0vu202whhUsEmBDa9DSQPM71DvdmC9MGFHwvBAjQmNdPgEtm1NZeBloRSk1T5iINRfCzyBwGDC_domr6HB0E-tho$): Apply the same logic to data drag
> ++ // sessions too?
> ++ if (auto drag_source =
> ++ connection_->window_drag_controller()->drag_source()) {
> ++ return *drag_source == mojom::DragEventSource::kMouse
> ++ ? GetCurrentPointerFocusedWindow()
> ++ : GetCurrentTouchFocusedWindow();
> ++ }
> + }
> +
> + for (const auto& entry : window_map_) {
> --
> 2.36.1
>
>
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#15119):https://urldefense.com/v3/__https://lists.yoctoproject.org/g/meta-arago/message/15119__;!!G3vK!Q1ZI2dsaxka-0vu202whhUsEmBDa9DSQPM71DvdmC9MGFHwvBAjQmNdPgEtm1NZeBloRSk1T5iINRfCzyBwGDC_domr6HB62lNke$
> Mute This Topic:https://urldefense.com/v3/__https://lists.yoctoproject.org/mt/104202896/7030289__;!!G3vK!Q1ZI2dsaxka-0vu202whhUsEmBDa9DSQPM71DvdmC9MGFHwvBAjQmNdPgEtm1NZeBloRSk1T5iINRfCzyBwGDC_domr6HFMYHaK3$
> Group Owner: meta-arago+owner@lists.yoctoproject.org
> Unsubscribe:https://urldefense.com/v3/__https://lists.yoctoproject.org/g/meta-arago/unsub__;!!G3vK!Q1ZI2dsaxka-0vu202whhUsEmBDa9DSQPM71DvdmC9MGFHwvBAjQmNdPgEtm1NZeBloRSk1T5iINRfCzyBwGDC_domr6HOegsw2j$ [c-shilwant@ti.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>
>
next prev parent reply other threads:[~2024-02-07 6:41 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-02-06 17:58 [meta-arago][kirkstone][PATCH 0/4] cleanup old/add new chromium detheridge
2024-02-06 17:58 ` [meta-arago][kirkstone][PATCH 1/4] meta-arago: distro: chromium: remove old dynamic layer detheridge
2024-02-06 17:58 ` [meta-arago][kirkstone][PATCH 2/4] meta-arago: distro: add a bbapend to patch the chromium browser detheridge
2024-02-07 6:41 ` Chirag Shilwant [this message]
2024-02-06 17:58 ` [meta-arago][kirkstone][PATCH 3/4] meta-arago: images: update tisdk-default-image to include chromium detheridge
2024-02-06 17:58 ` [meta-arago][kirkstone][PATCH 4/4] meta-arago: tisdk-default-image: remove old chromium logic detheridge
2024-02-06 18:01 ` [meta-arago][kirkstone][PATCH 0/4] cleanup old/add new chromium Randolph Sapp
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=8f816a8a-63cd-45c1-a6eb-b1157a4129a0@ti.com \
--to=c-shilwant@ti.com \
--cc=denys@konsulko.com \
--cc=detheridge@ti.com \
--cc=meta-arago@lists.yoctoproject.org \
--cc=reatmon@ti.com \
--cc=rs@ti.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).