Loading build/cromite_patches/AImageReader-CFI-crash-mitigations.patch +51 −39 Original line number Diff line number Diff line Loading @@ -20,8 +20,8 @@ See discussions at: License: GPL-3.0-only - https://spdx.org/licenses/GPL-3.0-only.html --- base/android/android_image_reader_compat.cc | 8 +++++++- base/android/android_image_reader_compat.h | 4 ++++ base/android/android_image_reader_compat.cc | 16 ++++++++++++++++ base/android/android_image_reader_compat.h | 14 ++++++++++++++ chrome/browser/flag-metadata.json | 6 +++--- .../AImageReader-CFI-crash-mitigations.inc | 4 ++++ .../AImageReader-CFI-crash-mitigations.inc | 1 + Loading @@ -30,63 +30,67 @@ License: GPL-3.0-only - https://spdx.org/licenses/GPL-3.0-only.html gpu/config/gpu_finch_features.h | 1 + gpu/config/gpu_util.cc | 8 ++++++++ gpu/config/gpu_workaround_list.txt | 1 + gpu/ipc/service/gpu_init.cc | 7 +++++++ gpu/ipc/service/gpu_init.cc | 8 ++++++++ gpu/ipc/service/stream_texture_android.cc | 11 ++++++++++- 12 files changed, 67 insertions(+), 5 deletions(-) 12 files changed, 87 insertions(+), 4 deletions(-) create mode 100644 cromite_flags/media/base/media_switches_cc/AImageReader-CFI-crash-mitigations.inc create mode 100644 cromite_flags/media/base/media_switches_h/AImageReader-CFI-crash-mitigations.inc diff --git a/base/android/android_image_reader_compat.cc b/base/android/android_image_reader_compat.cc --- a/base/android/android_image_reader_compat.cc +++ b/base/android/android_image_reader_compat.cc @@ -23,6 +23,8 @@ @@ -7,7 +7,23 @@ namespace base { namespace android { +bool AndroidImageReader::disable_support_ = false; +AndroidImageReader& AndroidImageReader::GetInstance() { + // C++11 static local variable initialization is + // thread-safe. + static AndroidImageReader instance; + return instance; +} + AndroidImageReader& AndroidImageReader::GetInstance() { // C++11 static local variable initialization is // thread-safe. @@ -30,8 +32,12 @@ AndroidImageReader& AndroidImageReader::GetInstance() { return instance; } +void AndroidImageReader::DisableSupport() { + disable_support_ = true; +} + bool AndroidImageReader::IsSupported() { - return is_supported_; + return !disable_support_ && is_supported_; } AndroidImageReader::AndroidImageReader() : is_supported_(LoadFunctions()) {} +bool AndroidImageReader::IsSupported() { + return !disable_support_; +} + bool EnableAndroidImageReader() { + if (!AndroidImageReader::GetInstance().IsSupported()) return false; // Currently we want to enable AImageReader only for android P+ devices. if (__builtin_available(android 28, *)) { return true; diff --git a/base/android/android_image_reader_compat.h b/base/android/android_image_reader_compat.h --- a/base/android/android_image_reader_compat.h +++ b/base/android/android_image_reader_compat.h @@ -24,6 +24,9 @@ class BASE_EXPORT AndroidImageReader { AndroidImageReader(const AndroidImageReader&) = delete; AndroidImageReader& operator=(const AndroidImageReader&) = delete; @@ -10,6 +10,20 @@ namespace base { namespace android { +class BASE_EXPORT AndroidImageReader { + public: + // Thread safe GetInstance. + static AndroidImageReader& GetInstance(); + + bool IsSupported(); + + // Disable image reader support. + static void DisableSupport(); + void DisableSupport(); + // Check if the image reader usage is supported. This function returns TRUE // if android version is >=OREO, image reader support is not disabled and all // the required functions are loaded. @@ -61,6 +64,7 @@ class BASE_EXPORT AndroidImageReader { jobject ANativeWindow_toSurface(JNIEnv* env, ANativeWindow* window); private: + static bool disable_support_; friend class base::NoDestructor<AndroidImageReader>; + private: + bool disable_support_ = false; +}; + // Check if the image reader usage is supported. BASE_EXPORT bool EnableAndroidImageReader(); AndroidImageReader(); diff --git a/chrome/browser/flag-metadata.json b/chrome/browser/flag-metadata.json --- a/chrome/browser/flag-metadata.json +++ b/chrome/browser/flag-metadata.json @@ -2923,9 +2923,9 @@ @@ -3046,9 +3046,9 @@ "expiry_milestone": 125 }, { Loading Loading @@ -143,8 +147,8 @@ diff --git a/gpu/config/gpu_driver_bug_list.json b/gpu/config/gpu_driver_bug_lis diff --git a/gpu/config/gpu_finch_features.cc b/gpu/config/gpu_finch_features.cc --- a/gpu/config/gpu_finch_features.cc +++ b/gpu/config/gpu_finch_features.cc @@ -71,6 +71,11 @@ BASE_FEATURE(kUseGles2ForOopR, ); @@ -65,6 +65,11 @@ BASE_FEATURE(kUseGles2ForOopR, base::FEATURE_DISABLED_BY_DEFAULT); #if BUILDFLAG(IS_ANDROID) +// Use android AImageReader when playing videos with MediaPlayer. Loading Loading @@ -179,7 +183,7 @@ diff --git a/gpu/config/gpu_util.cc b/gpu/config/gpu_util.cc if (!gpu_preferences.enable_android_surface_control) return kGpuFeatureStatusDisabled; @@ -355,6 +358,11 @@ void AdjustGpuFeatureStatusToWorkarounds(GpuFeatureInfo* gpu_feature_info) { @@ -368,6 +371,11 @@ void AdjustGpuFeatureStatusToWorkarounds(GpuFeatureInfo* gpu_feature_info) { gpu_feature_info->status_values[GPU_FEATURE_TYPE_CANVAS_OOP_RASTERIZATION] = kGpuFeatureStatusBlocklisted; } Loading @@ -205,14 +209,22 @@ diff --git a/gpu/config/gpu_workaround_list.txt b/gpu/config/gpu_workaround_list diff --git a/gpu/ipc/service/gpu_init.cc b/gpu/ipc/service/gpu_init.cc --- a/gpu/ipc/service/gpu_init.cc +++ b/gpu/ipc/service/gpu_init.cc @@ -675,6 +675,13 @@ bool GpuInit::InitializeAndStartSandbox(base::CommandLine* command_line, @@ -65,6 +65,7 @@ #if BUILDFLAG(IS_ANDROID) #include "ui/gfx/android/android_surface_control_compat.h" +#include "base/android/android_image_reader_compat.h" #endif #if BUILDFLAG(ENABLE_VULKAN) @@ -662,6 +663,13 @@ bool GpuInit::InitializeAndStartSandbox(base::CommandLine* command_line, } #endif // BUILDFLAG(IS_WIN) +#if BUILDFLAG(IS_ANDROID) + // Disable AImageReader if the workaround is enabled. + if (gpu_feature_info_.IsWorkaroundEnabled(DISABLE_AIMAGEREADER)) { + base::android::AndroidImageReader::DisableSupport(); + base::android::AndroidImageReader::GetInstance().DisableSupport(); + } +#endif + Loading Loading
build/cromite_patches/AImageReader-CFI-crash-mitigations.patch +51 −39 Original line number Diff line number Diff line Loading @@ -20,8 +20,8 @@ See discussions at: License: GPL-3.0-only - https://spdx.org/licenses/GPL-3.0-only.html --- base/android/android_image_reader_compat.cc | 8 +++++++- base/android/android_image_reader_compat.h | 4 ++++ base/android/android_image_reader_compat.cc | 16 ++++++++++++++++ base/android/android_image_reader_compat.h | 14 ++++++++++++++ chrome/browser/flag-metadata.json | 6 +++--- .../AImageReader-CFI-crash-mitigations.inc | 4 ++++ .../AImageReader-CFI-crash-mitigations.inc | 1 + Loading @@ -30,63 +30,67 @@ License: GPL-3.0-only - https://spdx.org/licenses/GPL-3.0-only.html gpu/config/gpu_finch_features.h | 1 + gpu/config/gpu_util.cc | 8 ++++++++ gpu/config/gpu_workaround_list.txt | 1 + gpu/ipc/service/gpu_init.cc | 7 +++++++ gpu/ipc/service/gpu_init.cc | 8 ++++++++ gpu/ipc/service/stream_texture_android.cc | 11 ++++++++++- 12 files changed, 67 insertions(+), 5 deletions(-) 12 files changed, 87 insertions(+), 4 deletions(-) create mode 100644 cromite_flags/media/base/media_switches_cc/AImageReader-CFI-crash-mitigations.inc create mode 100644 cromite_flags/media/base/media_switches_h/AImageReader-CFI-crash-mitigations.inc diff --git a/base/android/android_image_reader_compat.cc b/base/android/android_image_reader_compat.cc --- a/base/android/android_image_reader_compat.cc +++ b/base/android/android_image_reader_compat.cc @@ -23,6 +23,8 @@ @@ -7,7 +7,23 @@ namespace base { namespace android { +bool AndroidImageReader::disable_support_ = false; +AndroidImageReader& AndroidImageReader::GetInstance() { + // C++11 static local variable initialization is + // thread-safe. + static AndroidImageReader instance; + return instance; +} + AndroidImageReader& AndroidImageReader::GetInstance() { // C++11 static local variable initialization is // thread-safe. @@ -30,8 +32,12 @@ AndroidImageReader& AndroidImageReader::GetInstance() { return instance; } +void AndroidImageReader::DisableSupport() { + disable_support_ = true; +} + bool AndroidImageReader::IsSupported() { - return is_supported_; + return !disable_support_ && is_supported_; } AndroidImageReader::AndroidImageReader() : is_supported_(LoadFunctions()) {} +bool AndroidImageReader::IsSupported() { + return !disable_support_; +} + bool EnableAndroidImageReader() { + if (!AndroidImageReader::GetInstance().IsSupported()) return false; // Currently we want to enable AImageReader only for android P+ devices. if (__builtin_available(android 28, *)) { return true; diff --git a/base/android/android_image_reader_compat.h b/base/android/android_image_reader_compat.h --- a/base/android/android_image_reader_compat.h +++ b/base/android/android_image_reader_compat.h @@ -24,6 +24,9 @@ class BASE_EXPORT AndroidImageReader { AndroidImageReader(const AndroidImageReader&) = delete; AndroidImageReader& operator=(const AndroidImageReader&) = delete; @@ -10,6 +10,20 @@ namespace base { namespace android { +class BASE_EXPORT AndroidImageReader { + public: + // Thread safe GetInstance. + static AndroidImageReader& GetInstance(); + + bool IsSupported(); + + // Disable image reader support. + static void DisableSupport(); + void DisableSupport(); + // Check if the image reader usage is supported. This function returns TRUE // if android version is >=OREO, image reader support is not disabled and all // the required functions are loaded. @@ -61,6 +64,7 @@ class BASE_EXPORT AndroidImageReader { jobject ANativeWindow_toSurface(JNIEnv* env, ANativeWindow* window); private: + static bool disable_support_; friend class base::NoDestructor<AndroidImageReader>; + private: + bool disable_support_ = false; +}; + // Check if the image reader usage is supported. BASE_EXPORT bool EnableAndroidImageReader(); AndroidImageReader(); diff --git a/chrome/browser/flag-metadata.json b/chrome/browser/flag-metadata.json --- a/chrome/browser/flag-metadata.json +++ b/chrome/browser/flag-metadata.json @@ -2923,9 +2923,9 @@ @@ -3046,9 +3046,9 @@ "expiry_milestone": 125 }, { Loading Loading @@ -143,8 +147,8 @@ diff --git a/gpu/config/gpu_driver_bug_list.json b/gpu/config/gpu_driver_bug_lis diff --git a/gpu/config/gpu_finch_features.cc b/gpu/config/gpu_finch_features.cc --- a/gpu/config/gpu_finch_features.cc +++ b/gpu/config/gpu_finch_features.cc @@ -71,6 +71,11 @@ BASE_FEATURE(kUseGles2ForOopR, ); @@ -65,6 +65,11 @@ BASE_FEATURE(kUseGles2ForOopR, base::FEATURE_DISABLED_BY_DEFAULT); #if BUILDFLAG(IS_ANDROID) +// Use android AImageReader when playing videos with MediaPlayer. Loading Loading @@ -179,7 +183,7 @@ diff --git a/gpu/config/gpu_util.cc b/gpu/config/gpu_util.cc if (!gpu_preferences.enable_android_surface_control) return kGpuFeatureStatusDisabled; @@ -355,6 +358,11 @@ void AdjustGpuFeatureStatusToWorkarounds(GpuFeatureInfo* gpu_feature_info) { @@ -368,6 +371,11 @@ void AdjustGpuFeatureStatusToWorkarounds(GpuFeatureInfo* gpu_feature_info) { gpu_feature_info->status_values[GPU_FEATURE_TYPE_CANVAS_OOP_RASTERIZATION] = kGpuFeatureStatusBlocklisted; } Loading @@ -205,14 +209,22 @@ diff --git a/gpu/config/gpu_workaround_list.txt b/gpu/config/gpu_workaround_list diff --git a/gpu/ipc/service/gpu_init.cc b/gpu/ipc/service/gpu_init.cc --- a/gpu/ipc/service/gpu_init.cc +++ b/gpu/ipc/service/gpu_init.cc @@ -675,6 +675,13 @@ bool GpuInit::InitializeAndStartSandbox(base::CommandLine* command_line, @@ -65,6 +65,7 @@ #if BUILDFLAG(IS_ANDROID) #include "ui/gfx/android/android_surface_control_compat.h" +#include "base/android/android_image_reader_compat.h" #endif #if BUILDFLAG(ENABLE_VULKAN) @@ -662,6 +663,13 @@ bool GpuInit::InitializeAndStartSandbox(base::CommandLine* command_line, } #endif // BUILDFLAG(IS_WIN) +#if BUILDFLAG(IS_ANDROID) + // Disable AImageReader if the workaround is enabled. + if (gpu_feature_info_.IsWorkaroundEnabled(DISABLE_AIMAGEREADER)) { + base::android::AndroidImageReader::DisableSupport(); + base::android::AndroidImageReader::GetInstance().DisableSupport(); + } +#endif + Loading
