Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Unverified Commit 7d5f5150 authored by Carmelo Messina's avatar Carmelo Messina
Browse files

Enable ProcessBoundStringEncryption by default: drop patch, feature enabled by... 

Enable ProcessBoundStringEncryption by default: drop patch, feature enabled by default from upstream
parent 1398295c

build/cromite_patches_list.txt

+0 −1
Original line number Diff line number Diff line
@@ -287,7 +287,6 @@ Disable-Posture-API.patch 
PublicKeyCredential-fingerprinting-mitigations.patch

Disable-Web-Bluetooth-by-default-in-desktop-platforms.patch

Enable-Cert-Management-UI.patch

Enable-ProcessBoundStringEncryption-by-default.patch

Prevent-mouse-wheel-fingerprinting-on-Windows.patch

Enable-component-updater.patch

Android-fonts-fingerprinting-mitigation.patch

build/patches/Enable-ProcessBoundStringEncryption-by-default.patch

deleted100644 → 0
+0 −25
Original line number Diff line number Diff line 
From: uazo <uazo@users.noreply.github.com>

Date: Mon, 20 Jan 2025 16:55:57 +0000

Subject: Enable ProcessBoundStringEncryption by default



Data placed into a crypto::ProcessBoundString no longer appears in crash dumps

or memory dumps so should be used for any sensitive data that should be process-bound.

https://issuetracker.google.com/issues/372873695



License: GPL-2.0-or-later - https://spdx.org/licenses/GPL-2.0-or-later.html

---

 crypto/features.cc | 3 +++

 1 file changed, 3 insertions(+)



diff --git a/crypto/features.cc b/crypto/features.cc

--- a/crypto/features.cc

+++ b/crypto/features.cc

@@ -13,4 +13,7 @@ BASE_FEATURE(kIsHardwareBackedFixEnabled, base::FEATURE_ENABLED_BY_DEFAULT);

 BASE_FEATURE(kMigrateIOSKeychainAccessibility,

              base::FEATURE_DISABLED_BY_DEFAULT);

 

+#if BUILDFLAG(IS_WIN)

+SET_CROMITE_FEATURE_ENABLED(kProcessBoundStringEncryption);

+#endif

 }  // namespace crypto::features

--