My thoughts on Slackware, life and everything

Stable channel for Chromium hits 43

chromium_iconBuilding on my experiences with chromium-dev (the development channel of the Chromium browser which is currently at version 44), I have made similar changes to my latest package for the chromium browser and its widevine and pepperflash plugins.

This means that I have said goodbye to the single configuration file (/etc/default/chromium) and switched to a configuration directory, which is “/etc/chromium/” for the chromium package. Each package (Chromium as well as any plugin or extension) can add its own configuration file to that directory. The new packages for chromium, chromium-pepperflash-plugin and chromium-widevine-plugin are now using this new setup.

I made one other change: I have applied a patch taken from an Ubuntu PPA. That patch is based on a blog post which explains how to enable VAAPI (aka hardware video decoding) on Linux. The chromium sources disable this functionality by default if you are not compiling for ChromeOS. Tell me your experiences with playback of H.264 video!

The new chromium packages have the version number 43.0.2357.65. The first release of the “43” series brings a total of 37 published security fixes, and here are the CVE’s:

  • [$16337][474029] High CVE-2015-1252: Sandbox escape in Chrome. Credit to anonymous.
  • [$7500][464552] High CVE-2015-1253: Cross-origin bypass in DOM. Credit to anonymous.
  • [$3000][444927] High CVE-2015-1254: Cross-origin bypass in Editing. Credit to Armin Razmdjou.
  • [$3000][473253] High CVE-2015-1255: Use-after-free in WebAudio. Credit to Khalil Zhani.
  • [$2000][478549] High CVE-2015-1256: Use-after-free in SVG. Credit to Atte Kettunen of OUSPG.
  • [481015] High CVE-2015-1251: Use-after-free in Speech. Credit to SkyLined working with HP’s Zero Day Initiative
  • [$1500][468519] Medium CVE-2015-1257: Container-overflow in SVG. Credit to miaubiz.
  • [$1000][450939] Medium CVE-2015-1258: Negative-size parameter in Libvpx. Credit to cloudfuzzer
  • [$1000][468167] Medium CVE-2015-1259: Uninitialized value in PDFium. Credit to Atte Kettunen of OUSPG
  • [$1000][474370] Medium CVE-2015-1260: Use-after-free in WebRTC. Credit to Khalil Zhani.
  • [$500][466351] Medium CVE-2015-1261: URL bar spoofing. Credit to Juho Nurminen.
  • [$500][476647] Medium CVE-2015-1262: Uninitialized value in Blink. Credit to miaubiz.
  • [$500][479162] Low CVE-2015-1263: Insecure download of spellcheck dictionary. Credit to Mike Ruddy.
  • [$500][481015] Low CVE-2015-1264: Cross-site scripting in bookmarks. Credit to K0r3Ph1L.

Get my chromium packages in one of the usual locations:

Change the URL a bit to get the widevine-plugin and pepperflash-plugin packages.

Have fun! Eric

16 Comments

  1. Kelvin

    Actually the patch for enabling VAAPI was not taken from Ubuntu’s chromium package.

  2. Kelvin

    Is there a patch with similar function in Ubuntu’s chromium package?

  3. alienbob

    Hi Kelvin

    I should have been more precise. The patch was taken from a Ubuntu PPA: https://code.launchpad.net/~saiarcot895
    My patch which you can find here: http://taper.alienbase.nl/mirrors/people/alien/slackbuilds/chromium/build/patches/chromium_vaapi.patch is the result of applying that PPA patch to the chromium source and diffing against the original so that I had a proper chromium version number in my patch instead of a nondescript Ubuntu release name.
    But as far as I could see, that patch was the result of your original blog post, that is why I linked to your post and not to the patch repository.

    I will update the blog post accordingly.

  4. Kelvin

    This patch is slightly longer than mine, changing more stuff: https://bazaar.launchpad.net/~saiarcot895/chromium-browser/chromium-browser.utopic.beta/view/head:/debian/patches/enable_vaapi_on_linux.diff

    Your patch seems to be much longer than mine and the one mentioned above. Have you made more changes?

  5. alienbob

    Hi Kelvin

    I have taken that PPA patch verbatim, and have not made additional changes. I just re-based the patch to the chromium-43.0.2357.65 sources so that I could do proper version control here.

  6. Kelvin

    OK. But it is really strange that your patch is so long. I am afraid that you have done something wrong by mistake.

  7. alienbob

    Hi Kelvin

    I found out what was wrong. Applying the original PPA patch left several .orig files in the sources and when I diffed those sources to create a rebased patch, all those .orig files were added to the patch, making it huge. I have fixed that now in http://taper.alienbase.nl/mirrors/people/alien/slackbuilds/chromium/build/patches/chromium_vaapi.patch
    Thanks for noticing!

  8. justin

    Can anyone give a lay person an explanation as to why it takes over 5 hours to compile chromium. I am curious as nothing else I have tried to compile with the exception of xulrunner took anywhere near as long:)

  9. alienbob

    Try compiling LibreOffice…
    Some programs are just complicated. You can always install my package. Why do you think I provide them?

  10. Arthur

    Hello,

    First, thank you for all your packages.

    About Chromium 43, it doesn’t have GPU acceleration:

    https://code.google.com/p/chromium/issues/detail?id=502399

    I did a fresh install of the Slackware here and the chromium doesn’t let me active the GPU acceleration with the same error:

    GPU process was unable to boot: GPU access is disabled in chrome://settings.
    Disabled Features: all

    Can you verify this?

  11. alienbob

    Hi Arthur

    When I look at chrome://gpu on my laptop with Intel GPU, I see:

    Graphics Feature Status
    Canvas: Software only, hardware acceleration unavailable
    Flash: Hardware accelerated
    Flash Stage3D: Software only, hardware acceleration unavailable
    Flash Stage3D Baseline profile: Software only, hardware acceleration unavailable
    Compositing: Hardware accelerated
    Multiple Raster Threads: Disabled
    Rasterization: Hardware accelerated
    Threaded Rasterization: Enabled
    Video Decode: Hardware accelerated
    Video Encode: Hardware accelerated
    WebGL: Hardware accelerated

    What do you see?

  12. alienbob

    Arthur, I got this from superuser.com :

    “If you press Shift + Esc while in the browser it will bring up Google Chrome’s internal Task Manager. If there is a process titled GPU Process, then that means Chrome is using hardware/GPU acceleration in order to display/render a particular page”

    I have a “GPU Process” here.

  13. Arthur

    Hi Eric,

    In chromium, chrome://gpu give me this output:

    Graphics Feature Status
    Canvas: Software only, hardware acceleration unavailable
    Flash: Software only, hardware acceleration unavailable
    Flash Stage3D: Software only, hardware acceleration unavailable
    Flash Stage3D Baseline profile: Software only, hardware acceleration unavailable
    Compositing: Software only, hardware acceleration unavailable
    Multiple Raster Threads: Unavailable
    Rasterization: Software only, hardware acceleration unavailable
    Threaded Rasterization: Unavailable
    Video Decode: Software only, hardware acceleration unavailable
    Video Encode: Software only, hardware acceleration unavailable
    WebGL: Unavailable

    When I Use the google-chrome, installed using the Slackbuild in “extra”, I have all the options with “Hardware accelerated”

    My GPU is a Radeon.

  14. alienbob

    Arthur, there are two things you can try;
    First, disable the GPU blacklist setting in chrome://flags . That might help getting GPU hardware acceleration to work.
    And the GPU acceleration works through VAAPI. Slackware-current has a “libva” and “libva-intel driver” but if you are using Radeon, you might have to install a support package for your GPU. And on Slackware 14.1 which does not even have “libva” yet, you need to install that package as well.

  15. Arthur

    Hy,

    I was using the Slackware and your package of chromium with the catalyst 14.12 and it’s all fine.

    The chromium has already disable the GPU blacklist, so I’ll try install the libva package. Now which Catalyst has native support to VA-API, there aren’t problem.

    But, Do we ever need install libva to use VA-API? I ask this because you compile your VLC package with libva buit-in and I don’t know if it’s necessary install them.

    And only one more question: Is there problem if I install the libva package from Slackbuild.org? Because Your package is compiled with the LIBVA_DRIVERS_PATH set to “/usr/lib64/va/drivers”, but the libva package in the Slackware Current and Slackbuilds.org set this to /usr/lib64/dri, with is the same place where Catalyst put his drivers.

    PS: Sorry for my bad English.

  16. Arthur

    Eric,

    I did what you told me and works! With libva installed the hardware acceleration is working!! I’m using the libva of slackbuilds.

    But I discovery something “funny”: When I’m using the iGPU, the VLC can’t use vaapi. If I use the dGPU, vaapi works. The chromium is using the libva from slackbuilds, and it works, both iGPU and dGPU.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

© 2024 Alien Pastures

Theme by Anders NorenUp ↑