diff options
Diffstat (limited to 'pkgs/applications/networking/browsers/chromium/common.nix')
-rw-r--r-- | pkgs/applications/networking/browsers/chromium/common.nix | 146 |
1 files changed, 94 insertions, 52 deletions
diff --git a/pkgs/applications/networking/browsers/chromium/common.nix b/pkgs/applications/networking/browsers/chromium/common.nix index df33a2bbe7571..3616189374d30 100644 --- a/pkgs/applications/networking/browsers/chromium/common.nix +++ b/pkgs/applications/networking/browsers/chromium/common.nix @@ -1,8 +1,8 @@ { stdenv, lib, fetchurl, fetchpatch , recompressTarball , buildPackages +, buildPlatform , pkgsBuildBuild -, pkgsBuildTarget # Channel data: , channel, upstream-info # Helper functions: @@ -12,13 +12,13 @@ , ninja, pkg-config , python3, perl , which -, llvmPackages_attrName , libuuid , overrideCC # postPatch: , pkgsBuildHost # configurePhase: , gnChromium +, symlinkJoin # Build inputs: , libpng @@ -114,9 +114,6 @@ let # "opus" ]; - opusWithCustomModes = libopus.override { - withCustomModes = true; - }; # build paths and release info packageName = extraAttrs.packageName or extraAttrs.name; @@ -133,7 +130,7 @@ let # https://github.com/NixOS/nixpkgs/issues/142901 buildPlatformLlvmStdenv = let - llvmPackages = pkgsBuildBuild.${llvmPackages_attrName}; + llvmPackages = pkgsBuildBuild.rustc.llvmPackages; in overrideCC llvmPackages.stdenv (llvmPackages.stdenv.cc.override { @@ -166,7 +163,7 @@ let ninja pkg-config python3WithPackages perl which - buildPackages.${llvmPackages_attrName}.bintools + buildPackages.rustc.llvmPackages.bintools bison gperf ]; @@ -175,7 +172,6 @@ let buildPlatformLlvmStdenv.cc pkg-config libuuid - (libpng.override { apngSupport = false; }) # needed for "host/generate_colors_info" ] # When cross-compiling, chromium builds a huge proportion of its # components for both the `buildPlatform` (which it calls @@ -183,12 +179,39 @@ let # half of the dependencies are needed here. To avoid having to # maintain a separate list of buildPlatform-dependencies, we # simply throw in the kitchen sink. - ++ buildInputs - ; + # ** Because of overrides, we have to copy the list as it otherwise mess with splicing ** + ++ [ + (buildPackages.libpng.override { apngSupport = false; }) # https://bugs.chromium.org/p/chromium/issues/detail?id=752403 + (buildPackages.libopus.override { withCustomModes = true; }) + bzip2 flac speex + libevent expat libjpeg snappy + libcap + minizip libwebp + libusb1 re2 + ffmpeg libxslt libxml2 + nasm + nspr nss + util-linux alsa-lib + libkrb5 + glib gtk3 dbus-glib + libXScrnSaver libXcursor libXtst libxshmfence libGLU libGL + mesa # required for libgbm + pciutils protobuf speechd libXdamage at-spi2-core + pipewire + libva + libdrm wayland mesa.drivers libxkbcommon + curl + libepoxy + libffi + libevdev + ] ++ lib.optional systemdSupport systemd + ++ lib.optionals cupsSupport [ libgcrypt cups ] + ++ lib.optional pulseSupport libpulseaudio; buildInputs = [ - (libpng.override { apngSupport = false; }) # https://bugs.chromium.org/p/chromium/issues/detail?id=752403 - bzip2 flac speex opusWithCustomModes + (libpng.override { apngSupport = false; }) # https://bugs.chromium.org/p/chromium/issues/detail?id=752403 + (libopus.override { withCustomModes = true; }) + bzip2 flac speex libevent expat libjpeg snappy libcap minizip libwebp @@ -217,8 +240,34 @@ let ./patches/cross-compile.patch # Optional patch to use SOURCE_DATE_EPOCH in compute_build_timestamp.py (should be upstreamed): ./patches/no-build-timestamps.patch - # For bundling Widevine (DRM), might be replaceable via bundle_widevine_cdm=true in gnFlags: - ./patches/widevine-79.patch + ] ++ lib.optionals (packageName == "chromium") [ + # This patch is limited to chromium and ungoogled-chromium because electron-source sets + # enable_widevine to false. + # + # The patch disables the automatic Widevine download (component) that happens at runtime + # completely (~/.config/chromium/WidevineCdm/). This would happen if chromium encounters DRM + # protected content or when manually opening chrome://components. + # + # It also prevents previously downloaded Widevine blobs in that location from being loaded and + # used at all, while still allowing the use of our -wv wrapper. This is because those old + # versions are out of out our control and may be vulnerable, given we literally disable their + # auto updater. + # + # bundle_widevine_cdm is available as gn flag, but we cannot use it, as it expects a bunch of + # files Widevine files at configure/compile phase that we don't have. Changing the value of the + # BUNDLE_WIDEVINE_CDM build flag does work in the way we want though. + # We also need enable_widevine_cdm_component to be false. Unfortunately it isn't exposed as gn + # flag (declare_args) so we simply hardcode it to false. + ./patches/widevine-disable-auto-download-allow-bundle.patch + ] ++ lib.optionals (versionRange "125" "126") [ + # Fix building M125 with ninja 1.12. Not needed for M126+. + # https://issues.chromium.org/issues/336911498 + # https://chromium-review.googlesource.com/c/chromium/src/+/5487538 + (githubPatch { + commit = "a976cb05b4024b7a6452d1541378d718cdfe33e6"; + hash = "sha256-K2PSeJAvhGH2/Yp63/4mJ85NyqXqDDkMWY+ptrpgmOI="; + }) + ] ++ [ # Required to fix the build with a more recent wayland-protocols version # (we currently package 1.26 in Nixpkgs while Chromium bundles 1.21): # Source: https://bugs.chromium.org/p/angleproject/issues/detail?id=7582#c1 @@ -226,37 +275,23 @@ let # Chromium reads initial_preferences from its own executable directory # This patch modifies it to read /etc/chromium/initial_preferences ./patches/chromium-initial-prefs.patch - ] ++ lib.optionals (chromiumVersionAtLeast "120") [ - # We need to revert this patch to build M120+ with LLVM 17: + ] ++ lib.optionals (versionRange "120" "126") [ + # Partial revert to build M120+ with LLVM 17: + # https://github.com/chromium/chromium/commit/02b6456643700771597c00741937e22068b0f956 + # https://github.com/chromium/chromium/commit/69736ffe943ff996d4a88d15eb30103a8c854e29 ./patches/chromium-120-llvm-17.patch - ] ++ lib.optionals (!chromiumVersionAtLeast "119.0.6024.0") [ - # Fix build with at-spi2-core ≥ 2.49 - # This version is still needed for electron. - (githubPatch { - commit = "fc09363b2278893790d131c72a4ed96ec9837624"; - hash = "sha256-l60Npgs/+0ozzuKWjwiHUUV6z59ObUjAPTfXN7eXpzw="; - }) - ] ++ lib.optionals (!chromiumVersionAtLeast "121.0.6104.0") [ - # Fix build with at-spi2-core ≥ 2.49 - # https://chromium-review.googlesource.com/c/chromium/src/+/5001687 - (githubPatch { - commit = "b9bef8e9555645fc91fab705bec697214a39dbc1"; - hash = "sha256-CJ1v/qc8+nwaHQR9xsx08EEcuVRbyBfCZCm/G7hRY+4="; - }) - ] ++ lib.optionals (chromiumVersionAtLeast "121") [ + ] ++ lib.optionals (chromiumVersionAtLeast "126") [ + # Rebased variant of patch right above to build M126+ with LLVM 17. + # staging-next will bump LLVM to 18, so we will be able to drop this soon. + ./patches/chromium-126-llvm-17.patch + ] ++ lib.optionals (versionRange "121" "126") [ # M121 is the first version to require the new rust toolchain. # Partial revert of https://github.com/chromium/chromium/commit/3687976b0c6d36cf4157419a24a39f6770098d61 # allowing us to use our rustc and our clang. ./patches/chromium-121-rust.patch - ] ++ lib.optionals (chromiumVersionAtLeast "124" && !chromiumVersionAtLeast "125") [ - # M124 shipped with broken --ozone-platform-hint flag handling, which we rely on - # for our NIXOS_OZONE_WL (wayland) environment variable. - # See <https://issues.chromium.org/issues/329678163>. - # This is the commit for the fix that landed in M125, which applies clean on M124. - (githubPatch { - commit = "c7f4c58f896a651eba80ad805ebdb49d19ebdbd4"; - hash = "sha256-6nYWT2zN+j73xAIXLdGYT2eC71vGnGfiLCB0OwT0CAI="; - }) + ] ++ lib.optionals (chromiumVersionAtLeast "126") [ + # Rebased variant of patch right above to build M126+ with our rust and our clang. + ./patches/chromium-126-rust.patch ]; postPatch = '' @@ -345,6 +380,14 @@ let ${ungoogler}/utils/domain_substitution.py apply -r ${ungoogler}/domain_regex.list -f ${ungoogler}/domain_substitution.list -c ./ungoogled-domsubcache.tar.gz . ''; + llvmCcAndBintools = symlinkJoin { + name = "llvmCcAndBintools"; + paths = [ + buildPackages.rustc.llvmPackages.llvm + buildPackages.rustc.llvmPackages.stdenv.cc + ]; + }; + gnFlags = mkGnFlags ({ # Main build and toolchain settings: # Create an official and optimized release build (only official builds @@ -403,25 +446,22 @@ let # Feature overrides: # Native Client support was deprecated in 2020 and support will end in June 2021: enable_nacl = false; - # Enabling the Widevine component here doesn't affect whether we can - # redistribute the chromium package; the Widevine component is either - # added later in the wrapped -wv build or downloaded from Google: + } // lib.optionalAttrs (packageName == "chromium") { + # Enabling the Widevine here doesn't affect whether we can redistribute the chromium package. + # Widevine in this drv is a bit more complex than just that. See Widevine patch somewhere above. enable_widevine = true; + } // { # Provides the enable-webrtc-pipewire-capturer flag to support Wayland screen capture: rtc_use_pipewire = true; # Disable PGO because the profile data requires a newer compiler version (LLVM 14 isn't sufficient): chrome_pgo_phase = 0; - clang_base_path = "${pkgsBuildTarget.${llvmPackages_attrName}.stdenv.cc}"; + clang_base_path = "${llvmCcAndBintools}"; use_qt = false; # To fix the build as we don't provide libffi_pic.a # (ld.lld: error: unable to find library -l:libffi_pic.a): use_system_libffi = true; # Use nixpkgs Rust compiler instead of the one shipped by Chromium. rust_sysroot_absolute = "${buildPackages.rustc}"; - # Rust is enabled for M121+, see next section: - enable_rust = false; - } // lib.optionalAttrs (chromiumVersionAtLeast "121") { - # M121 the first version to actually require a functioning rust toolchain enable_rust = true; # While we technically don't need the cache-invalidation rustc_version provides, rustc_version # is still used in some scripts (e.g. build/rust/std/find_std_rlibs.py). @@ -440,10 +480,12 @@ let } // lib.optionalAttrs ungoogled (lib.importTOML ./ungoogled-flags.toml) // (extraAttrs.gnFlags or {})); - # We cannot use chromiumVersionAtLeast in mkDerivation's env attrset due - # to infinite recursion when chromium.override is used (e.g. electron). - # To work aroud this, we use export in the preConfigure phase. - preConfigure = lib.optionalString (chromiumVersionAtLeast "121") '' + # TODO: Migrate this to env.RUSTC_BOOTSTRAP next mass-rebuild. + # Chromium expects nightly/bleeding edge rustc features to be available. + # Our rustc in nixpkgs follows stable, but since bootstrapping rustc requires + # nightly features too, we can (ab-)use RUSTC_BOOTSTRAP here as well to + # enable those features in our stable builds. + preConfigure = '' export RUSTC_BOOTSTRAP=1 ''; |