| diff --git base/BUILD.gn base/BUILD.gn |
| index 55479f4187323..207b9e3a1e281 100644 |
| --- base/BUILD.gn |
| +++ base/BUILD.gn |
| @@ -40,6 +40,7 @@ import("//build/config/ui.gni") |
| import("//build/nocompile.gni") |
| import("//build/timestamp.gni") |
| import("//build_overrides/build.gni") |
| +import("//cef/libcef/features/features.gni") |
| import("//testing/libfuzzer/fuzzer_test.gni") |
| import("//testing/test.gni") |
| |
| @@ -1495,7 +1496,11 @@ component("base") { |
| "hash/md5_constexpr_internal.h", |
| "hash/sha1.h", |
| ] |
| - if (is_nacl) { |
| + deps += [ "//cef/libcef/features" ] |
| + if (enable_cef) { |
| + configs += [ "//cef/libcef/features:config" ] |
| + } |
| + if (is_nacl || is_cef_sandbox_build) { |
| sources += [ |
| "hash/md5_nacl.cc", |
| "hash/md5_nacl.h", |
| @@ -1909,6 +1914,12 @@ component("base") { |
| defines += [ "COM_INIT_CHECK_HOOK_DISABLED" ] |
| } |
| |
| + if (!use_custom_libcxx) { |
| + # Enable the VS 2015 Update 2 fix when building with the MSVC standard |
| + # library. |
| + defines += [ "_ENABLE_ATOMIC_ALIGNMENT_FIX" ] |
| + } |
| + |
| libs += [ |
| "cfgmgr32.lib", |
| "ntdll.lib", |
| diff --git base/allocator/dispatcher/dispatcher.cc base/allocator/dispatcher/dispatcher.cc |
| index 616e2e89af7d3..2a2993e74d53a 100644 |
| --- base/allocator/dispatcher/dispatcher.cc |
| +++ base/allocator/dispatcher/dispatcher.cc |
| @@ -10,6 +10,7 @@ |
| #include "base/check.h" |
| #include "base/dcheck_is_on.h" |
| #include "base/no_destructor.h" |
| +#include "cef/libcef/features/features.h" |
| |
| #if DCHECK_IS_ON() |
| #include <atomic> |
| @@ -33,7 +34,7 @@ struct Dispatcher::Impl { |
| } |
| |
| void Reset() { |
| -#if DCHECK_IS_ON() |
| +#if DCHECK_IS_ON() && !BUILDFLAG(IS_CEF_SANDBOX_BUILD) |
| DCHECK([&]() { |
| auto const was_set = is_initialized_check_flag_.test_and_set(); |
| is_initialized_check_flag_.clear(); |
| diff --git base/hash/md5.h base/hash/md5.h |
| index aa889f350e8f7..50acac8a69225 100644 |
| --- base/hash/md5.h |
| +++ base/hash/md5.h |
| @@ -10,8 +10,9 @@ |
| #include "base/base_export.h" |
| #include "base/strings/string_piece.h" |
| #include "build/build_config.h" |
| +#include "cef/libcef/features/features.h" |
| |
| -#if BUILDFLAG(IS_NACL) |
| +#if BUILDFLAG(IS_NACL) || BUILDFLAG(IS_CEF_SANDBOX_BUILD) |
| #include "base/hash/md5_nacl.h" |
| #else |
| #include "base/hash/md5_boringssl.h" |
| diff --git base/hash/sha1.h base/hash/sha1.h |
| index 29626e5853c6e..2fb1c61504c5d 100644 |
| --- base/hash/sha1.h |
| +++ base/hash/sha1.h |
| @@ -14,7 +14,9 @@ |
| #include "base/containers/span.h" |
| #include "base/strings/string_piece.h" |
| #include "build/build_config.h" |
| -#if BUILDFLAG(IS_NACL) |
| +#include "cef/libcef/features/features.h" |
| + |
| +#if BUILDFLAG(IS_NACL) || BUILDFLAG(IS_CEF_SANDBOX_BUILD) |
| #include "base/hash/sha1_nacl.h" |
| #else |
| #include "base/hash/sha1_boringssl.h" |
| diff --git base/rand_util.h base/rand_util.h |
| index c9dd1249660c1..7d68b0d893e3d 100644 |
| --- base/rand_util.h |
| +++ base/rand_util.h |
| @@ -15,8 +15,9 @@ |
| #include "base/compiler_specific.h" |
| #include "base/gtest_prod_util.h" |
| #include "build/build_config.h" |
| +#include "cef/libcef/features/features.h" |
| |
| -#if !BUILDFLAG(IS_NACL) |
| +#if !BUILDFLAG(IS_NACL) && !BUILDFLAG(IS_CEF_SANDBOX_BUILD) |
| #include "third_party/boringssl/src/include/openssl/rand.h" |
| #endif |
| |
| @@ -97,7 +98,7 @@ class RandomBitGenerator { |
| ~RandomBitGenerator() = default; |
| }; |
| |
| -#if !BUILDFLAG(IS_NACL) |
| +#if !BUILDFLAG(IS_NACL) && !BUILDFLAG(IS_CEF_SANDBOX_BUILD) |
| class NonAllocatingRandomBitGenerator { |
| public: |
| using result_type = uint64_t; |
| diff --git base/rand_util_win.cc base/rand_util_win.cc |
| index 549f4362af8b6..f08b1b2e7f061 100644 |
| --- base/rand_util_win.cc |
| +++ base/rand_util_win.cc |
| @@ -15,8 +15,12 @@ |
| |
| #include "base/check.h" |
| #include "base/feature_list.h" |
| +#include "cef/libcef/features/features.h" |
| + |
| +#if !BUILDFLAG(IS_CEF_SANDBOX_BUILD) |
| #include "third_party/boringssl/src/include/openssl/crypto.h" |
| #include "third_party/boringssl/src/include/openssl/rand.h" |
| +#endif |
| |
| // Prototype for ProcessPrng. |
| // See: https://learn.microsoft.com/en-us/windows/win32/seccng/processprng |
| @@ -28,6 +32,7 @@ namespace base { |
| |
| namespace internal { |
| |
| +#if !BUILDFLAG(IS_CEF_SANDBOX_BUILD) |
| namespace { |
| |
| // The BoringSSl helpers are duplicated in rand_util_fuchsia.cc and |
| @@ -49,6 +54,10 @@ bool UseBoringSSLForRandBytes() { |
| return g_use_boringssl.load(std::memory_order_relaxed); |
| } |
| |
| +#else // !BUILDFLAG(IS_CEF_SANDBOX_BUILD) |
| +void ConfigureBoringSSLBackedRandBytesFieldTrial() {} |
| +#endif |
| + |
| } // namespace internal |
| |
| namespace { |
| @@ -66,6 +75,7 @@ decltype(&ProcessPrng) GetProcessPrng() { |
| } |
| |
| void RandBytes(void* output, size_t output_length, bool avoid_allocation) { |
| +#if !BUILDFLAG(IS_CEF_SANDBOX_BUILD) |
| if (!avoid_allocation && internal::UseBoringSSLForRandBytes()) { |
| // Ensure BoringSSL is initialized so it can use things like RDRAND. |
| CRYPTO_library_init(); |
| @@ -73,6 +83,7 @@ void RandBytes(void* output, size_t output_length, bool avoid_allocation) { |
| (void)RAND_bytes(static_cast<uint8_t*>(output), output_length); |
| return; |
| } |
| +#endif // !BUILDFLAG(IS_CEF_SANDBOX_BUILD) |
| |
| static decltype(&ProcessPrng) process_prng_fn = GetProcessPrng(); |
| BOOL success = process_prng_fn(static_cast<BYTE*>(output), output_length); |
| diff --git base/unguessable_token.cc base/unguessable_token.cc |
| index aa7423f88d278..1b2c7d3e3c4a0 100644 |
| --- base/unguessable_token.cc |
| +++ base/unguessable_token.cc |
| @@ -10,8 +10,9 @@ |
| #include "base/format_macros.h" |
| #include "base/rand_util.h" |
| #include "build/build_config.h" |
| +#include "cef/libcef/features/features.h" |
| |
| -#if !BUILDFLAG(IS_NACL) |
| +#if !BUILDFLAG(IS_NACL) && !BUILDFLAG(IS_CEF_SANDBOX_BUILD) |
| #include "third_party/boringssl/src/include/openssl/mem.h" |
| #endif |
| |
| @@ -46,7 +47,7 @@ absl::optional<UnguessableToken> UnguessableToken::Deserialize(uint64_t high, |
| } |
| |
| bool UnguessableToken::operator==(const UnguessableToken& other) const { |
| -#if BUILDFLAG(IS_NACL) |
| +#if BUILDFLAG(IS_NACL) || BUILDFLAG(IS_CEF_SANDBOX_BUILD) |
| // BoringSSL is unavailable for NaCl builds so it remains timing dependent. |
| return token_ == other.token_; |
| #else |
| diff --git base/win/sid.cc base/win/sid.cc |
| index 0f1a2ec79aa4b..7f92778a4a776 100644 |
| --- base/win/sid.cc |
| +++ base/win/sid.cc |
| @@ -15,6 +15,7 @@ |
| #include <utility> |
| |
| #include "base/check.h" |
| +#include "base/notreached.h" |
| #include "base/no_destructor.h" |
| #include "base/rand_util.h" |
| #include "base/ranges/algorithm.h" |
| @@ -22,8 +23,12 @@ |
| #include "base/win/scoped_handle.h" |
| #include "base/win/scoped_localalloc.h" |
| #include "base/win/windows_version.h" |
| +#include "cef/libcef/features/features.h" |
| + |
| +#if !BUILDFLAG(IS_CEF_SANDBOX_BUILD) |
| #include "third_party/boringssl/src/include/openssl/crypto.h" |
| #include "third_party/boringssl/src/include/openssl/sha.h" |
| +#endif |
| |
| namespace base::win { |
| |
| @@ -124,6 +129,7 @@ Sid Sid::FromNamedCapability(const std::wstring& capability_name) { |
| if (known_cap != known_capabilities->end()) { |
| return FromKnownCapability(known_cap->second); |
| } |
| +#if !BUILDFLAG(IS_CEF_SANDBOX_BUILD) |
| CRYPTO_library_init(); |
| static_assert((SHA256_DIGEST_LENGTH / sizeof(DWORD)) == |
| SECURITY_APP_PACKAGE_RID_COUNT); |
| @@ -136,6 +142,10 @@ Sid Sid::FromNamedCapability(const std::wstring& capability_name) { |
| reinterpret_cast<uint8_t*>(&rids[2])); |
| return FromSubAuthorities(SECURITY_APP_PACKAGE_AUTHORITY, std::size(rids), |
| rids); |
| +#else |
| + NOTREACHED(); |
| + return Sid(WellKnownSid::kNull); |
| +#endif |
| } |
| |
| Sid Sid::FromKnownSid(WellKnownSid type) { |
