1 files changed, 18 insertions, 13 deletions

diff --git a/www/chromium/files/patch-content_utility_utility__main.cc b/www/chromium/files/patch-content_utility_utility__main.cc
index cb9c8858f68d..11420bb747c0 100644
--- a/www/chromium/files/patch-content_utility_utility__main.cc
+++ b/www/chromium/files/patch-content_utility_utility__main.cc
@@ -1,6 +1,6 @@
---- content/utility/utility_main.cc.orig	2023-12-10 06:10:27 UTC
+--- content/utility/utility_main.cc.orig	2024-01-30 07:53:34 UTC
 +++ content/utility/utility_main.cc
-@@ -37,7 +37,7 @@
+@@ -36,17 +36,21 @@
  #include "third_party/icu/source/common/unicode/unistr.h"
  #include "third_party/icu/source/i18n/unicode/timezone.h"
  
@@ -9,7 +9,11 @@
  #include "base/file_descriptor_store.h"
  #include "base/files/file_util.h"
  #include "base/pickle.h"
-@@ -46,7 +46,9 @@
+ #include "content/child/sandboxed_process_thread_type_handler.h"
++#if BUILDFLAG(IS_LINUX)
+ #include "content/common/gpu_pre_sandbox_hook_linux.h"
++#endif
+ #include "content/public/common/content_descriptor_keys.h"
  #include "content/utility/speech/speech_recognition_sandbox_hook_linux.h"
  #include "gpu/config/gpu_info_collector.h"
  #include "media/gpu/sandbox/hardware_video_encoding_sandbox_hook_linux.h"
@@ -19,7 +23,7 @@
  #include "services/audio/audio_sandbox_hook_linux.h"
  #include "services/network/network_sandbox_hook_linux.h"
  // gn check is not smart enough to realize that this include only applies to
-@@ -58,10 +60,14 @@
+@@ -58,10 +62,15 @@
  #endif
  #endif
  
@@ -30,12 +34,13 @@
  
 +#if BUILDFLAG(IS_BSD)
 +#include "sandbox/policy/sandbox.h"
++#include "content/common/gpu_pre_sandbox_hook_bsd.h"
 +#endif
 +
  #if BUILDFLAG(IS_CHROMEOS_ASH)
  #include "chromeos/ash/components/assistant/buildflags.h"
  #include "chromeos/ash/services/ime/ime_sandbox_hook.h"
-@@ -73,7 +79,7 @@
+@@ -73,7 +82,7 @@
  #endif  // BUILDFLAG(IS_CHROMEOS_ASH)
  
  #if (BUILDFLAG(ENABLE_SCREEN_AI_SERVICE) && \
@@ -44,7 +49,7 @@
  #include "components/services/screen_ai/sandbox/screen_ai_sandbox_hook_linux.h"  // nogncheck
  #endif
  
-@@ -99,7 +105,7 @@ namespace content {
+@@ -99,7 +108,7 @@ namespace content {
  
  namespace {
  
@@ -53,7 +58,7 @@
  std::vector<std::string> GetNetworkContextsParentDirectories() {
    base::MemoryMappedFile::Region region;
    base::ScopedFD read_pipe_fd = base::FileDescriptorStore::GetInstance().TakeFD(
-@@ -127,7 +133,7 @@ std::vector<std::string> GetNetworkContextsParentDirec
+@@ -127,7 +136,7 @@ std::vector<std::string> GetNetworkContextsParentDirec
  
  bool ShouldUseAmdGpuPolicy(sandbox::mojom::Sandbox sandbox_type) {
    const bool obtain_gpu_info =
@@ -62,7 +67,7 @@
        sandbox_type == sandbox::mojom::Sandbox::kHardwareVideoDecoding ||
  #endif  // BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS_ASH)
        sandbox_type == sandbox::mojom::Sandbox::kHardwareVideoEncoding;
-@@ -248,7 +254,8 @@ int UtilityMain(MainFunctionParams parameters) {
+@@ -250,7 +259,8 @@ int UtilityMain(MainFunctionParams parameters) {
      }
    }
  
@@ -72,7 +77,7 @@
    // Thread type delegate of the process should be registered before
    // first thread type change in ChildProcess constructor.
    // It also needs to be registered before the process has multiple threads,
-@@ -259,7 +266,7 @@ int UtilityMain(MainFunctionParams parameters) {
+@@ -261,7 +271,7 @@ int UtilityMain(MainFunctionParams parameters) {
    }
  #endif  // BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)
  
@@ -81,7 +86,7 @@
    // Initializes the sandbox before any threads are created.
    // TODO(jorgelo): move this after GTK initialization when we enable a strict
    // Seccomp-BPF policy.
-@@ -288,7 +295,7 @@ int UtilityMain(MainFunctionParams parameters) {
+@@ -296,7 +306,7 @@ int UtilityMain(MainFunctionParams parameters) {
        pre_sandbox_hook = base::BindOnce(&screen_ai::ScreenAIPreSandboxHook);
        break;
  #endif
@@ -90,15 +95,15 @@
      case sandbox::mojom::Sandbox::kHardwareVideoDecoding:
        pre_sandbox_hook =
            base::BindOnce(&media::HardwareVideoDecodingPreSandboxHook);
-@@ -315,6 +322,7 @@ int UtilityMain(MainFunctionParams parameters) {
+@@ -323,6 +333,7 @@ int UtilityMain(MainFunctionParams parameters) {
      default:
        break;
    }
 +#if !BUILDFLAG(IS_BSD)
    if (!sandbox::policy::IsUnsandboxedSandboxType(sandbox_type) &&
        (parameters.zygote_child || !pre_sandbox_hook.is_null())) {
-     sandbox::policy::SandboxLinux::Options sandbox_options;
-@@ -323,6 +331,11 @@ int UtilityMain(MainFunctionParams parameters) {
+     sandbox_options.use_amd_specific_policies =
+@@ -330,6 +341,11 @@ int UtilityMain(MainFunctionParams parameters) {
      sandbox::policy::Sandbox::Initialize(
          sandbox_type, std::move(pre_sandbox_hook), sandbox_options);
    }