From de81c85beacd0e2ae0deea5dc4bdb1029390c85e Mon Sep 17 00:00:00 2001 From: Rootkit404 <175176948+RKNF404@users.noreply.github.com> Date: Wed, 2 Oct 2024 16:00:08 -0400 Subject: [PATCH 01/12] Override global JIT disable toggle --- patches/allow-global-jit-bypass.patch | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 patches/allow-global-jit-bypass.patch diff --git a/patches/allow-global-jit-bypass.patch b/patches/allow-global-jit-bypass.patch new file mode 100644 index 00000000..6deb4783 --- /dev/null +++ b/patches/allow-global-jit-bypass.patch @@ -0,0 +1,17 @@ +diff --git a/content/browser/renderer_host/render_process_host_impl.cc b/content/browser/renderer_host/render_process_host_impl.cc +index ba9f41f010a37..28571feba231e 100644 +--- a/content/browser/renderer_host/render_process_host_impl.cc ++++ b/content/browser/renderer_host/render_process_host_impl.cc +@@ -3192,6 +3192,12 @@ void RenderProcessHostImpl::AppendRendererCommandLine( + } else if (AreV8OptimizationsDisabled()) { + command_line->AppendSwitchASCII(blink::switches::kJavaScriptFlags, + "--disable-optimizing-compilers"); ++ } else { ++ // Allow for per-site exceptions even when JIT is globally disabled, ++ // the "dummy value" here just enables WASM which should already be ++ // enabled so no harm done ++ command_line->AppendSwitchASCII(blink::switches::kJavaScriptFlags, ++ "--expose-wasm"); + } + + if (features::IsTouchTextEditingRedesignEnabled()) { From 1b5073a5a175b41e9562f4b25fbd664cbd4ba011 Mon Sep 17 00:00:00 2001 From: Rootkit404 <175176948+RKNF404@users.noreply.github.com> Date: Thu, 3 Oct 2024 00:23:26 -0400 Subject: [PATCH 02/12] Disable JIT globally by default --- patches/allow-global-jit-bypass.patch | 17 -------- patches/disable-jit-globally.patch | 60 +++++++++++++++++++++++++++ patches/expose-flags.patch | 22 ++++++---- 3 files changed, 75 insertions(+), 24 deletions(-) delete mode 100644 patches/allow-global-jit-bypass.patch create mode 100644 patches/disable-jit-globally.patch diff --git a/patches/allow-global-jit-bypass.patch b/patches/allow-global-jit-bypass.patch deleted file mode 100644 index 6deb4783..00000000 --- a/patches/allow-global-jit-bypass.patch +++ /dev/null @@ -1,17 +0,0 @@ -diff --git a/content/browser/renderer_host/render_process_host_impl.cc b/content/browser/renderer_host/render_process_host_impl.cc -index ba9f41f010a37..28571feba231e 100644 ---- a/content/browser/renderer_host/render_process_host_impl.cc -+++ b/content/browser/renderer_host/render_process_host_impl.cc -@@ -3192,6 +3192,12 @@ void RenderProcessHostImpl::AppendRendererCommandLine( - } else if (AreV8OptimizationsDisabled()) { - command_line->AppendSwitchASCII(blink::switches::kJavaScriptFlags, - "--disable-optimizing-compilers"); -+ } else { -+ // Allow for per-site exceptions even when JIT is globally disabled, -+ // the "dummy value" here just enables WASM which should already be -+ // enabled so no harm done -+ command_line->AppendSwitchASCII(blink::switches::kJavaScriptFlags, -+ "--expose-wasm"); - } - - if (features::IsTouchTextEditingRedesignEnabled()) { diff --git a/patches/disable-jit-globally.patch b/patches/disable-jit-globally.patch new file mode 100644 index 00000000..89b90872 --- /dev/null +++ b/patches/disable-jit-globally.patch @@ -0,0 +1,60 @@ +diff --git a/content/browser/renderer_host/render_process_host_impl.cc b/content/browser/renderer_host/render_process_host_impl.cc +index ba9f41f010a37..28571feba231e 100644 +--- a/content/browser/renderer_host/render_process_host_impl.cc ++++ b/content/browser/renderer_host/render_process_host_impl.cc +@@ -3192,6 +3192,12 @@ void RenderProcessHostImpl::AppendRendererCommandLine( + } else if (AreV8OptimizationsDisabled()) { + command_line->AppendSwitchASCII(blink::switches::kJavaScriptFlags, + "--disable-optimizing-compilers"); ++ } else { ++ // Allow for per-site exceptions even when JIT is globally disabled, ++ // the "dummy value" here just enables WASM which should already be ++ // enabled so no harm done ++ command_line->AppendSwitchASCII(blink::switches::kJavaScriptFlags, ++ "--expose-wasm"); + } + + if (features::IsTouchTextEditingRedesignEnabled()) { +diff --git a/gin/gin_features.cc b/gin/gin_features.cc +index e7f829d0d5ddb..6fb45e0cf6eeb 100644 +--- a/gin/gin_features.cc ++++ b/gin/gin_features.cc +@@ -8,6 +8,10 @@ + + namespace features { + ++// Disable V8's JIT on all pages (doesn't affect webpages) ++BASE_FEATURE(kDisableV8JIT, "DisableV8JIT", ++ base::FEATURE_ENABLED_BY_DEFAULT); ++ + // Enable code space compaction when finalizing a full GC with stack. + BASE_FEATURE(kV8CompactCodeSpaceWithStack, + ("V8CompactCodeSpaceWithStack"), +diff --git a/gin/gin_features.h b/gin/gin_features.h +index ae743c8c4194f..9143c07ba973e 100644 +--- a/gin/gin_features.h ++++ b/gin/gin_features.h +@@ -20,6 +20,8 @@ namespace features { + inline constexpr base::FeatureState kFeatureDefaultStateControlledByV8 = + base::FEATURE_DISABLED_BY_DEFAULT; + ++GIN_EXPORT BASE_DECLARE_FEATIRE(kDisableV8JIT); ++ + GIN_EXPORT BASE_DECLARE_FEATURE(kV8CompactCodeSpaceWithStack); + GIN_EXPORT BASE_DECLARE_FEATURE(kV8CompactWithStack); + GIN_EXPORT BASE_DECLARE_FEATURE(kV8ConcurrentSparkplug); +diff --git a/gin/v8_initializer.cc b/gin/v8_initializer.cc +index d08f79157897c..bef6a0d9d2f84 100644 +--- a/gin/v8_initializer.cc ++++ b/gin/v8_initializer.cc +@@ -222,6 +222,10 @@ void SetV8FlagsIfOverridden(const base::Feature& feature, + + void SetFlags(IsolateHolder::ScriptMode mode, + const std::string js_command_line_flags) { ++ if (base::FeatureList::IsEnabled(features::kDisableV8JIT)) { ++ SetV8Flags("--jitless"); ++ } ++ + // We assume that all feature flag defaults correspond to the default + // values of the corresponding V8 flags. + SetV8FlagsIfOverridden(features::kV8CompactCodeSpaceWithStack, diff --git a/patches/expose-flags.patch b/patches/expose-flags.patch index 5e444455..b940d135 100644 --- a/patches/expose-flags.patch +++ b/patches/expose-flags.patch @@ -1,8 +1,16 @@ diff --git a/chrome/browser/about_flags.cc b/chrome/browser/about_flags.cc -index 9d0181f447a1a..f362603d31caf 100644 +index 9d0181f447a1a..d5e24d5bdbdee 100644 --- a/chrome/browser/about_flags.cc +++ b/chrome/browser/about_flags.cc -@@ -4220,6 +4220,41 @@ const FeatureEntry kFeatureEntries[] = { +@@ -197,6 +197,7 @@ + #include "device/vr/buildflags/buildflags.h" + #include "extensions/buildflags/buildflags.h" + #include "flag_descriptions.h" ++#include "gin/gin_features.h" + #include "gpu/config/gpu_finch_features.h" + #include "gpu/config/gpu_switches.h" + #include "media/audio/audio_features.h" +@@ -4220,6 +4221,41 @@ const FeatureEntry kFeatureEntries[] = { // //tools/flags/generate_unexpire_flags.py. #include "build/chromeos_buildflags.h" #include "chrome/browser/unexpire_flags_gen.inc" @@ -14,11 +22,11 @@ index 9d0181f447a1a..f362603d31caf 100644 + "Toggle extensions support. This switch is exposed by hardened-chromium.", + kOsAll, SINGLE_DISABLE_VALUE_TYPE(switches::kDisableExtensions)}, + {"disable-v8-jit-globally", "Disable V8 JIT Globally", -+ "Disable V8 JIT for JavaScript and Webassembly on all pages. " -+ "The V8 optimizations toggle in preferences only affects webpages. " -+ "This switch is exposed by hardened-chromium", kOsAll, -+ SINGLE_VALUE_TYPE_AND_VALUE(blink::switches::kJavaScriptFlags, -+ "--jitless")}, ++ "Disable V8 JIT for JavaScript and Webassembly on all pages. This does " ++ "not affect regular webpages, use the V8 optimizer toggle in site " ++ "settings. Defaults to enabled. This feature is provided by " ++ "hardened-chromium.", kOsAll, ++ FEATURE_VALUE_TYPE(features::kDisableV8JIT)}, + {"disable-cross-origin-referrers", "Clear cross-origin referrers", + "Clears referrers when navigating across origins. Defaults to disabled. " + "This feature is provided by hardened-chromium.", kOsAll, From 5f58bb6c6160fc21629cc7be1fa37c6b3259bc6c Mon Sep 17 00:00:00 2001 From: Rootkit404 <175176948+RKNF404@users.noreply.github.com> Date: Thu, 3 Oct 2024 00:33:34 -0400 Subject: [PATCH 03/12] Reword for clarity --- ...able-jit-globally.patch => disable-jit-locally.patch} | 2 +- patches/expose-flags.patch | 9 ++++----- 2 files changed, 5 insertions(+), 6 deletions(-) rename patches/{disable-jit-globally.patch => disable-jit-locally.patch} (97%) diff --git a/patches/disable-jit-globally.patch b/patches/disable-jit-locally.patch similarity index 97% rename from patches/disable-jit-globally.patch rename to patches/disable-jit-locally.patch index 89b90872..aacce633 100644 --- a/patches/disable-jit-globally.patch +++ b/patches/disable-jit-locally.patch @@ -23,7 +23,7 @@ index e7f829d0d5ddb..6fb45e0cf6eeb 100644 namespace features { -+// Disable V8's JIT on all pages (doesn't affect webpages) ++// Disable V8's JIT on local pages (doesn't affect webpages) +BASE_FEATURE(kDisableV8JIT, "DisableV8JIT", + base::FEATURE_ENABLED_BY_DEFAULT); + diff --git a/patches/expose-flags.patch b/patches/expose-flags.patch index b940d135..3c59c2f9 100644 --- a/patches/expose-flags.patch +++ b/patches/expose-flags.patch @@ -10,7 +10,7 @@ index 9d0181f447a1a..d5e24d5bdbdee 100644 #include "gpu/config/gpu_finch_features.h" #include "gpu/config/gpu_switches.h" #include "media/audio/audio_features.h" -@@ -4220,6 +4221,41 @@ const FeatureEntry kFeatureEntries[] = { +@@ -4220,6 +4221,40 @@ const FeatureEntry kFeatureEntries[] = { // //tools/flags/generate_unexpire_flags.py. #include "build/chromeos_buildflags.h" #include "chrome/browser/unexpire_flags_gen.inc" @@ -21,12 +21,11 @@ index 9d0181f447a1a..d5e24d5bdbdee 100644 + {"extensions-support", "Extensions Support", + "Toggle extensions support. This switch is exposed by hardened-chromium.", + kOsAll, SINGLE_DISABLE_VALUE_TYPE(switches::kDisableExtensions)}, -+ {"disable-v8-jit-globally", "Disable V8 JIT Globally", -+ "Disable V8 JIT for JavaScript and Webassembly on all pages. This does " ++ {"disable-v8-jit-locally", "Disable V8 JIT Locally", ++ "Disable V8 JIT for JavaScript and Webassembly on local pages. This does " + "not affect regular webpages, use the V8 optimizer toggle in site " + "settings. Defaults to enabled. This feature is provided by " -+ "hardened-chromium.", kOsAll, -+ FEATURE_VALUE_TYPE(features::kDisableV8JIT)}, ++ "hardened-chromium.", kOsAll, FEATURE_VALUE_TYPE(features::kDisableV8JIT)}, + {"disable-cross-origin-referrers", "Clear cross-origin referrers", + "Clears referrers when navigating across origins. Defaults to disabled. " + "This feature is provided by hardened-chromium.", kOsAll, From 9d2a18c6fe6120a270a3216be0eb02e700e915d0 Mon Sep 17 00:00:00 2001 From: Rootkit404 <175176948+RKNF404@users.noreply.github.com> Date: Thu, 3 Oct 2024 00:37:56 -0400 Subject: [PATCH 04/12] Use blank param --- patches/disable-jit-locally.patch | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/patches/disable-jit-locally.patch b/patches/disable-jit-locally.patch index aacce633..2fb51ca4 100644 --- a/patches/disable-jit-locally.patch +++ b/patches/disable-jit-locally.patch @@ -2,16 +2,14 @@ diff --git a/content/browser/renderer_host/render_process_host_impl.cc b/content index ba9f41f010a37..28571feba231e 100644 --- a/content/browser/renderer_host/render_process_host_impl.cc +++ b/content/browser/renderer_host/render_process_host_impl.cc -@@ -3192,6 +3192,12 @@ void RenderProcessHostImpl::AppendRendererCommandLine( +@@ -3192,6 +3192,10 @@ void RenderProcessHostImpl::AppendRendererCommandLine( } else if (AreV8OptimizationsDisabled()) { command_line->AppendSwitchASCII(blink::switches::kJavaScriptFlags, "--disable-optimizing-compilers"); + } else { + // Allow for per-site exceptions even when JIT is globally disabled, -+ // the "dummy value" here just enables WASM which should already be -+ // enabled so no harm done -+ command_line->AppendSwitchASCII(blink::switches::kJavaScriptFlags, -+ "--expose-wasm"); ++ // the "dummy value" here allows the override ++ command_line->AppendSwitchASCII(blink::switches::kJavaScriptFlags, ""); } if (features::IsTouchTextEditingRedesignEnabled()) { From 0b7235cb2eace8a45759d3be187da0431eea7c6d Mon Sep 17 00:00:00 2001 From: Rootkit404 <175176948+RKNF404@users.noreply.github.com> Date: Thu, 3 Oct 2024 10:08:19 -0400 Subject: [PATCH 05/12] Fix typo --- patches/disable-jit-locally.patch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/patches/disable-jit-locally.patch b/patches/disable-jit-locally.patch index 2fb51ca4..e7ecd15c 100644 --- a/patches/disable-jit-locally.patch +++ b/patches/disable-jit-locally.patch @@ -36,7 +36,7 @@ index ae743c8c4194f..9143c07ba973e 100644 inline constexpr base::FeatureState kFeatureDefaultStateControlledByV8 = base::FEATURE_DISABLED_BY_DEFAULT; -+GIN_EXPORT BASE_DECLARE_FEATIRE(kDisableV8JIT); ++GIN_EXPORT BASE_DECLARE_FEATURE(kDisableV8JIT); + GIN_EXPORT BASE_DECLARE_FEATURE(kV8CompactCodeSpaceWithStack); GIN_EXPORT BASE_DECLARE_FEATURE(kV8CompactWithStack); From 097468f64f78c20ba56e84bbf9d6660a2698d48c Mon Sep 17 00:00:00 2001 From: Rootkit404 <175176948+RKNF404@users.noreply.github.com> Date: Thu, 3 Oct 2024 17:00:34 -0400 Subject: [PATCH 06/12] Rework --- patches/disable-jit-locally.patch | 58 -------------------------- patches/disable-local-jit.patch | 68 +++++++++++++++++++++++++++++++ 2 files changed, 68 insertions(+), 58 deletions(-) delete mode 100644 patches/disable-jit-locally.patch create mode 100644 patches/disable-local-jit.patch diff --git a/patches/disable-jit-locally.patch b/patches/disable-jit-locally.patch deleted file mode 100644 index e7ecd15c..00000000 --- a/patches/disable-jit-locally.patch +++ /dev/null @@ -1,58 +0,0 @@ -diff --git a/content/browser/renderer_host/render_process_host_impl.cc b/content/browser/renderer_host/render_process_host_impl.cc -index ba9f41f010a37..28571feba231e 100644 ---- a/content/browser/renderer_host/render_process_host_impl.cc -+++ b/content/browser/renderer_host/render_process_host_impl.cc -@@ -3192,6 +3192,10 @@ void RenderProcessHostImpl::AppendRendererCommandLine( - } else if (AreV8OptimizationsDisabled()) { - command_line->AppendSwitchASCII(blink::switches::kJavaScriptFlags, - "--disable-optimizing-compilers"); -+ } else { -+ // Allow for per-site exceptions even when JIT is globally disabled, -+ // the "dummy value" here allows the override -+ command_line->AppendSwitchASCII(blink::switches::kJavaScriptFlags, ""); - } - - if (features::IsTouchTextEditingRedesignEnabled()) { -diff --git a/gin/gin_features.cc b/gin/gin_features.cc -index e7f829d0d5ddb..6fb45e0cf6eeb 100644 ---- a/gin/gin_features.cc -+++ b/gin/gin_features.cc -@@ -8,6 +8,10 @@ - - namespace features { - -+// Disable V8's JIT on local pages (doesn't affect webpages) -+BASE_FEATURE(kDisableV8JIT, "DisableV8JIT", -+ base::FEATURE_ENABLED_BY_DEFAULT); -+ - // Enable code space compaction when finalizing a full GC with stack. - BASE_FEATURE(kV8CompactCodeSpaceWithStack, - ("V8CompactCodeSpaceWithStack"), -diff --git a/gin/gin_features.h b/gin/gin_features.h -index ae743c8c4194f..9143c07ba973e 100644 ---- a/gin/gin_features.h -+++ b/gin/gin_features.h -@@ -20,6 +20,8 @@ namespace features { - inline constexpr base::FeatureState kFeatureDefaultStateControlledByV8 = - base::FEATURE_DISABLED_BY_DEFAULT; - -+GIN_EXPORT BASE_DECLARE_FEATURE(kDisableV8JIT); -+ - GIN_EXPORT BASE_DECLARE_FEATURE(kV8CompactCodeSpaceWithStack); - GIN_EXPORT BASE_DECLARE_FEATURE(kV8CompactWithStack); - GIN_EXPORT BASE_DECLARE_FEATURE(kV8ConcurrentSparkplug); -diff --git a/gin/v8_initializer.cc b/gin/v8_initializer.cc -index d08f79157897c..bef6a0d9d2f84 100644 ---- a/gin/v8_initializer.cc -+++ b/gin/v8_initializer.cc -@@ -222,6 +222,10 @@ void SetV8FlagsIfOverridden(const base::Feature& feature, - - void SetFlags(IsolateHolder::ScriptMode mode, - const std::string js_command_line_flags) { -+ if (base::FeatureList::IsEnabled(features::kDisableV8JIT)) { -+ SetV8Flags("--jitless"); -+ } -+ - // We assume that all feature flag defaults correspond to the default - // values of the corresponding V8 flags. - SetV8FlagsIfOverridden(features::kV8CompactCodeSpaceWithStack, diff --git a/patches/disable-local-jit.patch b/patches/disable-local-jit.patch new file mode 100644 index 00000000..28651455 --- /dev/null +++ b/patches/disable-local-jit.patch @@ -0,0 +1,68 @@ +diff --git a/chrome/browser/browser_features.cc b/chrome/browser/browser_features.cc +index d9f547ea6ef9b..65241fceaba89 100644 +--- a/chrome/browser/browser_features.cc ++++ b/chrome/browser/browser_features.cc +@@ -15,6 +15,10 @@ + + namespace features { + ++// Disable V8's JIT on local pages (doesn't affect webpages) ++BASE_FEATURE(kDisableV8JIT, "DisableV8JIT", ++ base::FEATURE_ENABLED_BY_DEFAULT); ++ + #if BUILDFLAG(IS_ANDROID) + // Kill switch for allowing TWAs to autoplay with sound without requiring a user + // gesture to unlock, for parity with PWAs. +diff --git a/chrome/browser/browser_features.h b/chrome/browser/browser_features.h +index 18c5d790e8413..acd6e8626cb04 100644 +--- a/chrome/browser/browser_features.h ++++ b/chrome/browser/browser_features.h +@@ -16,6 +16,8 @@ + + namespace features { + ++BASE_DECLARE_FEATURE(kDisableV8JIT); ++ + // All features in alphabetical order. The features should be documented + // alongside the definition of their values in the .cc file. + +diff --git a/chrome/browser/chrome_content_browser_client.cc b/chrome/browser/chrome_content_browser_client.cc +index ac83f5229cea0..c03e287ceee20 100644 +--- a/chrome/browser/chrome_content_browser_client.cc ++++ b/chrome/browser/chrome_content_browser_client.cc +@@ -2740,6 +2740,11 @@ void MaybeAppendBlinkSettingsSwitchForFieldTrial( + void ChromeContentBrowserClient::AppendExtraCommandLineSwitches( + base::CommandLine* command_line, + int child_process_id) { ++ if (base::FeatureList::isEnabled(kDisableV8JIT)) { ++ command_line->AppendSwitchASCII(blink::switches::kJavaScriptFlags, ++ "--jitless"); ++ } ++ command_line->AppendSwitchASCII(switches::kDisableBreakpad); + crash_keys::AppendStringAnnotationsCommandLineSwitch(command_line); + #if BUILDFLAG(IS_MAC) + std::unique_ptr client_info = +@@ -2765,7 +2770,7 @@ void ChromeContentBrowserClient::AppendExtraCommandLineSwitches( + } + switch_value.push_back(','); + switch_value.append(chrome::GetChannelName(chrome::WithExtendedStable(true))); +- command_line->AppendSwitchASCII(switches::kEnableCrashReporter, switch_value); ++ //command_line->AppendSwitchASCII(switches::kEnableCrashReporter, switch_value); + #endif + + if (logging::DialogsAreSuppressed()) +diff --git a/content/browser/renderer_host/render_process_host_impl.cc b/content/browser/renderer_host/render_process_host_impl.cc +index ba9f41f010a37..97e0c8fb83ecb 100644 +--- a/content/browser/renderer_host/render_process_host_impl.cc ++++ b/content/browser/renderer_host/render_process_host_impl.cc +@@ -3192,6 +3192,10 @@ void RenderProcessHostImpl::AppendRendererCommandLine( + } else if (AreV8OptimizationsDisabled()) { + command_line->AppendSwitchASCII(blink::switches::kJavaScriptFlags, + "--disable-optimizing-compilers"); ++ } else { ++ // Allow for per-site exceptions even when JIT is globally disabled, ++ // the "dummy value" here allows the override ++ command_line->AppendSwitchASCII(blink::switches::kJavaScriptFlags, ""); + } + + if (features::IsTouchTextEditingRedesignEnabled()) { From 90a7a7948a236b31f18f1db220035a3362feadf5 Mon Sep 17 00:00:00 2001 From: Rootkit404 <175176948+RKNF404@users.noreply.github.com> Date: Thu, 3 Oct 2024 17:07:31 -0400 Subject: [PATCH 07/12] Rewrite testing parameters --- build/chromium.conf | 2 -- patches/disable-breakpad.patch | 16 ++++++++++++++++ patches/disable-local-jit.patch | 12 +----------- 3 files changed, 17 insertions(+), 13 deletions(-) create mode 100644 patches/disable-breakpad.patch diff --git a/build/chromium.conf b/build/chromium.conf index 132de91a..8839343f 100644 --- a/build/chromium.conf +++ b/build/chromium.conf @@ -66,5 +66,3 @@ fi if ! command -v nvidia-smi || [ -z "$DISPLAY" ]; then CHROMIUM_FLAGS+=" --ozone-platform-hint=auto" fi - -CHROMIUM_FLAGS+=" --disable-breakpad" diff --git a/patches/disable-breakpad.patch b/patches/disable-breakpad.patch new file mode 100644 index 00000000..3b5cb9f5 --- /dev/null +++ b/patches/disable-breakpad.patch @@ -0,0 +1,16 @@ +diff --git a/chrome/browser/chrome_content_browser_client.cc b/chrome/browser/chrome_content_browser_client.cc +index ac83f5229cea0..cbf3ab27c08e9 100644 +--- a/chrome/browser/chrome_content_browser_client.cc ++++ b/chrome/browser/chrome_content_browser_client.cc +@@ -2765,9 +2765,10 @@ void ChromeContentBrowserClient::AppendExtraCommandLineSwitches( + } + switch_value.push_back(','); + switch_value.append(chrome::GetChannelName(chrome::WithExtendedStable(true))); +- command_line->AppendSwitchASCII(switches::kEnableCrashReporter, switch_value); + #endif + ++ command_line->AppendSwitchASCII(switches::kDisableBreakpad); ++ + if (logging::DialogsAreSuppressed()) + command_line->AppendSwitch(switches::kNoErrorDialogs); + diff --git a/patches/disable-local-jit.patch b/patches/disable-local-jit.patch index 28651455..4082d503 100644 --- a/patches/disable-local-jit.patch +++ b/patches/disable-local-jit.patch @@ -30,7 +30,7 @@ diff --git a/chrome/browser/chrome_content_browser_client.cc b/chrome/browser/ch index ac83f5229cea0..c03e287ceee20 100644 --- a/chrome/browser/chrome_content_browser_client.cc +++ b/chrome/browser/chrome_content_browser_client.cc -@@ -2740,6 +2740,11 @@ void MaybeAppendBlinkSettingsSwitchForFieldTrial( +@@ -2740,6 +2740,10 @@ void MaybeAppendBlinkSettingsSwitchForFieldTrial( void ChromeContentBrowserClient::AppendExtraCommandLineSwitches( base::CommandLine* command_line, int child_process_id) { @@ -38,19 +38,9 @@ index ac83f5229cea0..c03e287ceee20 100644 + command_line->AppendSwitchASCII(blink::switches::kJavaScriptFlags, + "--jitless"); + } -+ command_line->AppendSwitchASCII(switches::kDisableBreakpad); crash_keys::AppendStringAnnotationsCommandLineSwitch(command_line); #if BUILDFLAG(IS_MAC) std::unique_ptr client_info = -@@ -2765,7 +2770,7 @@ void ChromeContentBrowserClient::AppendExtraCommandLineSwitches( - } - switch_value.push_back(','); - switch_value.append(chrome::GetChannelName(chrome::WithExtendedStable(true))); -- command_line->AppendSwitchASCII(switches::kEnableCrashReporter, switch_value); -+ //command_line->AppendSwitchASCII(switches::kEnableCrashReporter, switch_value); - #endif - - if (logging::DialogsAreSuppressed()) diff --git a/content/browser/renderer_host/render_process_host_impl.cc b/content/browser/renderer_host/render_process_host_impl.cc index ba9f41f010a37..97e0c8fb83ecb 100644 --- a/content/browser/renderer_host/render_process_host_impl.cc From ea2fe3d744ef3db9e7acd73807cded0170cb6b49 Mon Sep 17 00:00:00 2001 From: Rootkit404 <175176948+RKNF404@users.noreply.github.com> Date: Fri, 4 Oct 2024 10:01:17 -0400 Subject: [PATCH 08/12] Fix error --- patches/disable-local-jit.patch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/patches/disable-local-jit.patch b/patches/disable-local-jit.patch index 4082d503..f93847e5 100644 --- a/patches/disable-local-jit.patch +++ b/patches/disable-local-jit.patch @@ -34,7 +34,7 @@ index ac83f5229cea0..c03e287ceee20 100644 void ChromeContentBrowserClient::AppendExtraCommandLineSwitches( base::CommandLine* command_line, int child_process_id) { -+ if (base::FeatureList::isEnabled(kDisableV8JIT)) { ++ if (base::FeatureList::isEnabled(features::kDisableV8JIT)) { + command_line->AppendSwitchASCII(blink::switches::kJavaScriptFlags, + "--jitless"); + } From e7518a426116c52bce48bc421019f4c9118942a4 Mon Sep 17 00:00:00 2001 From: Rootkit404 <175176948+RKNF404@users.noreply.github.com> Date: Sat, 5 Oct 2024 10:26:48 -0400 Subject: [PATCH 09/12] Fix build issues --- patches/disable-breakpad.patch | 2 +- patches/disable-local-jit.patch | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/patches/disable-breakpad.patch b/patches/disable-breakpad.patch index 3b5cb9f5..89404391 100644 --- a/patches/disable-breakpad.patch +++ b/patches/disable-breakpad.patch @@ -9,7 +9,7 @@ index ac83f5229cea0..cbf3ab27c08e9 100644 - command_line->AppendSwitchASCII(switches::kEnableCrashReporter, switch_value); #endif -+ command_line->AppendSwitchASCII(switches::kDisableBreakpad); ++ command_line->AppendSwitch(switches::kDisableBreakpad); + if (logging::DialogsAreSuppressed()) command_line->AppendSwitch(switches::kNoErrorDialogs); diff --git a/patches/disable-local-jit.patch b/patches/disable-local-jit.patch index f93847e5..fa78a221 100644 --- a/patches/disable-local-jit.patch +++ b/patches/disable-local-jit.patch @@ -34,7 +34,7 @@ index ac83f5229cea0..c03e287ceee20 100644 void ChromeContentBrowserClient::AppendExtraCommandLineSwitches( base::CommandLine* command_line, int child_process_id) { -+ if (base::FeatureList::isEnabled(features::kDisableV8JIT)) { ++ if (base::FeatureList::IsEnabled(features::kDisableV8JIT)) { + command_line->AppendSwitchASCII(blink::switches::kJavaScriptFlags, + "--jitless"); + } From ca5339e326689cfa49dc625150b7b4f4e177cc77 Mon Sep 17 00:00:00 2001 From: Rootkit404 <175176948+RKNF404@users.noreply.github.com> Date: Sun, 6 Oct 2024 02:11:35 -0400 Subject: [PATCH 10/12] Drop unneeded patch --- patches/disable-breakpad.patch | 16 ---------------- patches/expose-flags.patch | 2 +- 2 files changed, 1 insertion(+), 17 deletions(-) delete mode 100644 patches/disable-breakpad.patch diff --git a/patches/disable-breakpad.patch b/patches/disable-breakpad.patch deleted file mode 100644 index 89404391..00000000 --- a/patches/disable-breakpad.patch +++ /dev/null @@ -1,16 +0,0 @@ -diff --git a/chrome/browser/chrome_content_browser_client.cc b/chrome/browser/chrome_content_browser_client.cc -index ac83f5229cea0..cbf3ab27c08e9 100644 ---- a/chrome/browser/chrome_content_browser_client.cc -+++ b/chrome/browser/chrome_content_browser_client.cc -@@ -2765,9 +2765,10 @@ void ChromeContentBrowserClient::AppendExtraCommandLineSwitches( - } - switch_value.push_back(','); - switch_value.append(chrome::GetChannelName(chrome::WithExtendedStable(true))); -- command_line->AppendSwitchASCII(switches::kEnableCrashReporter, switch_value); - #endif - -+ command_line->AppendSwitch(switches::kDisableBreakpad); -+ - if (logging::DialogsAreSuppressed()) - command_line->AppendSwitch(switches::kNoErrorDialogs); - diff --git a/patches/expose-flags.patch b/patches/expose-flags.patch index 3c59c2f9..29371ad4 100644 --- a/patches/expose-flags.patch +++ b/patches/expose-flags.patch @@ -21,7 +21,7 @@ index 9d0181f447a1a..d5e24d5bdbdee 100644 + {"extensions-support", "Extensions Support", + "Toggle extensions support. This switch is exposed by hardened-chromium.", + kOsAll, SINGLE_DISABLE_VALUE_TYPE(switches::kDisableExtensions)}, -+ {"disable-v8-jit-locally", "Disable V8 JIT Locally", ++ {"disable-local-v8-jit", "Disable Local V8 JIT", + "Disable V8 JIT for JavaScript and Webassembly on local pages. This does " + "not affect regular webpages, use the V8 optimizer toggle in site " + "settings. Defaults to enabled. This feature is provided by " From 46b46b3bfa95b91e9f04de7fc8bbe1f40c5e5d38 Mon Sep 17 00:00:00 2001 From: Rootkit404 <175176948+RKNF404@users.noreply.github.com> Date: Sun, 6 Oct 2024 10:51:45 -0400 Subject: [PATCH 11/12] Fix runtime issue --- patches/disable-local-jit.patch | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/patches/disable-local-jit.patch b/patches/disable-local-jit.patch index fa78a221..c21fc0eb 100644 --- a/patches/disable-local-jit.patch +++ b/patches/disable-local-jit.patch @@ -27,20 +27,22 @@ index 18c5d790e8413..acd6e8626cb04 100644 // alongside the definition of their values in the .cc file. diff --git a/chrome/browser/chrome_content_browser_client.cc b/chrome/browser/chrome_content_browser_client.cc -index ac83f5229cea0..c03e287ceee20 100644 +index ac83f5229cea0..3e8d121b12325 100644 --- a/chrome/browser/chrome_content_browser_client.cc +++ b/chrome/browser/chrome_content_browser_client.cc -@@ -2740,6 +2740,10 @@ void MaybeAppendBlinkSettingsSwitchForFieldTrial( - void ChromeContentBrowserClient::AppendExtraCommandLineSwitches( - base::CommandLine* command_line, - int child_process_id) { +@@ -3108,6 +3108,12 @@ void ChromeContentBrowserClient::AppendExtraCommandLineSwitches( + command_line->AppendSwitchASCII(switches::kChangeStackGuardOnFork, + switches::kChangeStackGuardOnForkEnabled); + } ++ ++ // We want to disable all JIT instances by default + if (base::FeatureList::IsEnabled(features::kDisableV8JIT)) { + command_line->AppendSwitchASCII(blink::switches::kJavaScriptFlags, + "--jitless"); + } - crash_keys::AppendStringAnnotationsCommandLineSwitch(command_line); - #if BUILDFLAG(IS_MAC) - std::unique_ptr client_info = + #endif // BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS) + + #if BUILDFLAG(IS_ANDROID) diff --git a/content/browser/renderer_host/render_process_host_impl.cc b/content/browser/renderer_host/render_process_host_impl.cc index ba9f41f010a37..97e0c8fb83ecb 100644 --- a/content/browser/renderer_host/render_process_host_impl.cc From 540b40635a65ed940a1fc5206838a97748e9ef87 Mon Sep 17 00:00:00 2001 From: Rootkit404 <175176948+RKNF404@users.noreply.github.com> Date: Mon, 7 Oct 2024 20:49:03 -0400 Subject: [PATCH 12/12] Finalize --- build/chromium.conf | 2 + patches/allow-global-jit-bypass.patch | 15 +++++++ patches/disable-local-jit.patch | 60 --------------------------- patches/expose-flags.patch | 17 +------- 4 files changed, 19 insertions(+), 75 deletions(-) create mode 100644 patches/allow-global-jit-bypass.patch delete mode 100644 patches/disable-local-jit.patch diff --git a/build/chromium.conf b/build/chromium.conf index 8839343f..f392be54 100644 --- a/build/chromium.conf +++ b/build/chromium.conf @@ -66,3 +66,5 @@ fi if ! command -v nvidia-smi || [ -z "$DISPLAY" ]; then CHROMIUM_FLAGS+=" --ozone-platform-hint=auto" fi + +CHROMIUM_FLAGS+=" --disable-breakpad --js-flags=--jitless" diff --git a/patches/allow-global-jit-bypass.patch b/patches/allow-global-jit-bypass.patch new file mode 100644 index 00000000..f0a69545 --- /dev/null +++ b/patches/allow-global-jit-bypass.patch @@ -0,0 +1,15 @@ +diff --git a/content/browser/renderer_host/render_process_host_impl.cc b/content/browser/renderer_host/render_process_host_impl.cc +index ba9f41f010a37..97e0c8fb83ecb 100644 +--- a/content/browser/renderer_host/render_process_host_impl.cc ++++ b/content/browser/renderer_host/render_process_host_impl.cc +@@ -3192,6 +3192,10 @@ void RenderProcessHostImpl::AppendRendererCommandLine( + } else if (AreV8OptimizationsDisabled()) { + command_line->AppendSwitchASCII(blink::switches::kJavaScriptFlags, + "--disable-optimizing-compilers"); ++ } else { ++ // Allow for per-site exceptions even when JIT is globally disabled, ++ // the "dummy value" here allows the override ++ command_line->AppendSwitchASCII(blink::switches::kJavaScriptFlags, ""); + } + + if (features::IsTouchTextEditingRedesignEnabled()) { diff --git a/patches/disable-local-jit.patch b/patches/disable-local-jit.patch deleted file mode 100644 index c21fc0eb..00000000 --- a/patches/disable-local-jit.patch +++ /dev/null @@ -1,60 +0,0 @@ -diff --git a/chrome/browser/browser_features.cc b/chrome/browser/browser_features.cc -index d9f547ea6ef9b..65241fceaba89 100644 ---- a/chrome/browser/browser_features.cc -+++ b/chrome/browser/browser_features.cc -@@ -15,6 +15,10 @@ - - namespace features { - -+// Disable V8's JIT on local pages (doesn't affect webpages) -+BASE_FEATURE(kDisableV8JIT, "DisableV8JIT", -+ base::FEATURE_ENABLED_BY_DEFAULT); -+ - #if BUILDFLAG(IS_ANDROID) - // Kill switch for allowing TWAs to autoplay with sound without requiring a user - // gesture to unlock, for parity with PWAs. -diff --git a/chrome/browser/browser_features.h b/chrome/browser/browser_features.h -index 18c5d790e8413..acd6e8626cb04 100644 ---- a/chrome/browser/browser_features.h -+++ b/chrome/browser/browser_features.h -@@ -16,6 +16,8 @@ - - namespace features { - -+BASE_DECLARE_FEATURE(kDisableV8JIT); -+ - // All features in alphabetical order. The features should be documented - // alongside the definition of their values in the .cc file. - -diff --git a/chrome/browser/chrome_content_browser_client.cc b/chrome/browser/chrome_content_browser_client.cc -index ac83f5229cea0..3e8d121b12325 100644 ---- a/chrome/browser/chrome_content_browser_client.cc -+++ b/chrome/browser/chrome_content_browser_client.cc -@@ -3108,6 +3108,12 @@ void ChromeContentBrowserClient::AppendExtraCommandLineSwitches( - command_line->AppendSwitchASCII(switches::kChangeStackGuardOnFork, - switches::kChangeStackGuardOnForkEnabled); - } -+ -+ // We want to disable all JIT instances by default -+ if (base::FeatureList::IsEnabled(features::kDisableV8JIT)) { -+ command_line->AppendSwitchASCII(blink::switches::kJavaScriptFlags, -+ "--jitless"); -+ } - #endif // BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS) - - #if BUILDFLAG(IS_ANDROID) -diff --git a/content/browser/renderer_host/render_process_host_impl.cc b/content/browser/renderer_host/render_process_host_impl.cc -index ba9f41f010a37..97e0c8fb83ecb 100644 ---- a/content/browser/renderer_host/render_process_host_impl.cc -+++ b/content/browser/renderer_host/render_process_host_impl.cc -@@ -3192,6 +3192,10 @@ void RenderProcessHostImpl::AppendRendererCommandLine( - } else if (AreV8OptimizationsDisabled()) { - command_line->AppendSwitchASCII(blink::switches::kJavaScriptFlags, - "--disable-optimizing-compilers"); -+ } else { -+ // Allow for per-site exceptions even when JIT is globally disabled, -+ // the "dummy value" here allows the override -+ command_line->AppendSwitchASCII(blink::switches::kJavaScriptFlags, ""); - } - - if (features::IsTouchTextEditingRedesignEnabled()) { diff --git a/patches/expose-flags.patch b/patches/expose-flags.patch index 29371ad4..a8848db8 100644 --- a/patches/expose-flags.patch +++ b/patches/expose-flags.patch @@ -1,16 +1,8 @@ diff --git a/chrome/browser/about_flags.cc b/chrome/browser/about_flags.cc -index 9d0181f447a1a..d5e24d5bdbdee 100644 +index 9d0181f447a1a..f362603d31caf 100644 --- a/chrome/browser/about_flags.cc +++ b/chrome/browser/about_flags.cc -@@ -197,6 +197,7 @@ - #include "device/vr/buildflags/buildflags.h" - #include "extensions/buildflags/buildflags.h" - #include "flag_descriptions.h" -+#include "gin/gin_features.h" - #include "gpu/config/gpu_finch_features.h" - #include "gpu/config/gpu_switches.h" - #include "media/audio/audio_features.h" -@@ -4220,6 +4221,40 @@ const FeatureEntry kFeatureEntries[] = { +@@ -4220,6 +4220,35 @@ const FeatureEntry kFeatureEntries[] = { // //tools/flags/generate_unexpire_flags.py. #include "build/chromeos_buildflags.h" #include "chrome/browser/unexpire_flags_gen.inc" @@ -21,11 +13,6 @@ index 9d0181f447a1a..d5e24d5bdbdee 100644 + {"extensions-support", "Extensions Support", + "Toggle extensions support. This switch is exposed by hardened-chromium.", + kOsAll, SINGLE_DISABLE_VALUE_TYPE(switches::kDisableExtensions)}, -+ {"disable-local-v8-jit", "Disable Local V8 JIT", -+ "Disable V8 JIT for JavaScript and Webassembly on local pages. This does " -+ "not affect regular webpages, use the V8 optimizer toggle in site " -+ "settings. Defaults to enabled. This feature is provided by " -+ "hardened-chromium.", kOsAll, FEATURE_VALUE_TYPE(features::kDisableV8JIT)}, + {"disable-cross-origin-referrers", "Clear cross-origin referrers", + "Clears referrers when navigating across origins. Defaults to disabled. " + "This feature is provided by hardened-chromium.", kOsAll,