Skip to content

Commit

Permalink
Replace MIDL files before build
Browse files Browse the repository at this point in the history
Moves the IDL file into chromium_src, patches BUILD.gn to use
chromium_src override. IDL output rebuilt at `./src` directory
using `python3 ./tools/win/update_idl.py`

Using #109 as a guide

Also includes `.gitattributes` fix which prevents differences found
w/ filecmp.cmpfiles in MIDL compilation.
  • Loading branch information
simonhong authored and bsclifton committed Nov 22, 2023
1 parent 1a32fd3 commit a5c5c22
Show file tree
Hide file tree
Showing 6 changed files with 199 additions and 109 deletions.
2 changes: 2 additions & 0 deletions .gitattributes
Original file line number Diff line number Diff line change
Expand Up @@ -53,6 +53,8 @@ VERSION text eol=lf
# These files should have CRLF
win_build_output/midl/brave/**/*.c text eol=crlf
win_build_output/midl/brave/**/*.h text eol=crlf
win_build_output/midl/chrome/**/*.c text eol=crlf
win_build_output/midl/chrome/**/*.h text eol=crlf


win_build_output/midl/google_update/*/*.c text eol=crlf
Expand Down
2 changes: 1 addition & 1 deletion build/commands/lib/util.js
Original file line number Diff line number Diff line change
Expand Up @@ -545,7 +545,7 @@ const util = {
// So, this copying in every build doesn't affect compile performance.
updateMidlFiles: () => {
Log.progressScope('update midl files', () => {
for (const source of ["google_update", "brave"]) {
for (const source of ["google_update", "brave", "chrome"]) {
fs.copySync(
path.join(config.braveCoreDir, 'win_build_output', 'midl', source),
path.join(config.srcDir,
Expand Down
6 changes: 6 additions & 0 deletions build/commands/scripts/updatePatches.js
Original file line number Diff line number Diff line change
@@ -1,3 +1,8 @@
// Copyright (c) 2019 The Brave Authors. All rights reserved.
// This Source Code Form is subject to the terms of the Mozilla Public
// License, v. 2.0. If a copy of the MPL was not distributed with this file,
// you can obtain one at https://mozilla.org/MPL/2.0/.

const path = require('path')
const config = require('../lib/config')
const updatePatches = require('../lib/updatePatches')
Expand All @@ -12,6 +17,7 @@ const chromiumPathFilter = (s) => s.length > 0 &&
!s.endsWith('new_tab_page_view.xml') &&
!s.endsWith('channel_constants.xml') &&
!s.includes('google_update_idl') &&
!s.includes('elevation_service_idl') &&
s !== 'chrome/VERSION' &&
s !== 'ui/webui/resources/css/text_defaults_md.css'

Expand Down
180 changes: 180 additions & 0 deletions chromium_src/chrome/elevation_service/elevation_service_idl.idl
Original file line number Diff line number Diff line change
@@ -0,0 +1,180 @@
// Copyright 2018 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

import "oaidl.idl";
import "ocidl.idl";

typedef enum ProtectionLevel {
// No validation: This never validates anything.
NONE = 0,
// Path validation: This will validate that the data is being decrypted by an
// executable whose NT path matches the executable that originally encrypted
// it. This should only be used for executables in trusted paths e.g.
// C:\Program Files, otherwise anyone could pretend to be your executable.
PATH_VALIDATION = 1,
} ProtectionLevel;

[
object,
oleautomation,
uuid(5A9A9462-2FA1-4FEB-B7F2-DF3D19134463),
helpstring("IElevator Interface"),
pointer_default(unique)
]
interface IElevator : IUnknown
{
// Elevators are exposed as methods on IElevator, and provide High Integrity
// actions. Any changes to add or change a method in IElevator will require a
// security review.
//
// Runs the Chrome Recovery CRX elevated.
//
// @param crx_path Path for the recovery CRX.
// @param browser_appid Omaha AppID for the version of Chrome being recovered.
// @param browser_version Version of Chrome for the recovery CRX.
// @param session_id Omaha Session Id.
// @param caller_proc_id The process id of the calling process.
// @param proc_handle The process handle valid in the calling process context.
HRESULT RunRecoveryCRXElevated([in, string] const WCHAR* crx_path,
[in, string] const WCHAR* browser_appid,
[in, string] const WCHAR* browser_version,
[in, string] const WCHAR* session_id,
[in] DWORD caller_proc_id,
[out] ULONG_PTR* proc_handle);

// Encrypts data with both caller and SYSTEM context DPAPI.
//
// @param protection_level the protection level to encrypt data at.
// @param plaintext The plaintext data to encrypt.
// @param ciphertext The ciphertext of the encrypted data. It is the
// responsibility of the caller to free this memory using
// SysFreeString.
// @param last_error The result of calling GetLastError if the operation
// failed.
// @return S_OK on success. Any other value on failure.
HRESULT EncryptData([in] ProtectionLevel protection_level,
[in] const BSTR plaintext,
[out] BSTR* ciphertext,
[out] DWORD* last_error);

// Decrypts data with both caller and SYSTEM context DPAPI.
//
// This will only decrypt data that was encrypted via a paired EncryptData
// call from same application, with identity determined by the protection
// level of the original encrypt call.
//
// @param ciphertext The ciphertext data to decrypt.
// @param plaintext The plaintext of the decrypted data. It is the
// responsibility of the caller to free this memory using
// SysFreeString.
// @param last_error The result of calling GetLastError if the operation
// failed.
// @return S_OK on success. Any other value on failure.
HRESULT DecryptData([in] const BSTR ciphertext,
[out] BSTR* plaintext,
[out] DWORD* last_error);



// Install the services used for Brave VPN
//
// These will only get installed when a customer purchases the product
// from account.brave.com and they have credentials.
//
// There are two services provided:
// - DNS protection: forcing routing through VPN adapter to bypass Smart
// Multi-homed Name Resolution (which can leak the DNS query).
// - WireGuard support: more robust VPN support than the built-in to Windows
// VPN. The built in one with IKEv2 is secure but things like
// reconnect after waking up don't work well with the system VPN.
// @return S_OK on success.
HRESULT InstallVPNServices();
};

// The interfaces below are all IElevator with unique IIDs. IElevator is
// registered with unique IIDs for the various flavors of Chrome and Chromium.
// This allows the different flavors of Chrome/Chromium to co-exist without side
// effects.
[
object,
oleautomation,
uuid(3218DA17-49C2-479A-8290-311DBFB86490),
helpstring("IElevatorChromium Interface"),
pointer_default(unique)
]
interface IElevatorChromium : IElevator
{
};

[
object,
oleautomation,
uuid(F396861E-0C8E-4C71-8256-2FAE6D759CE9),
helpstring("IElevatorChrome Interface"),
pointer_default(unique)
]
interface IElevatorChrome : IElevator
{
};

[
object,
oleautomation,
uuid(9EBAD7AC-6E1E-4A1C-AA85-1A70CADA8D82),
helpstring("IElevatorChromeBeta Interface"),
pointer_default(unique)
]
interface IElevatorChromeBeta : IElevator
{
};

[
object,
oleautomation,
uuid(1E43C77B-48E6-4A4C-9DB2-C2971706C255),
helpstring("IElevatorChromeDev Interface"),
pointer_default(unique)
]
interface IElevatorChromeDev : IElevator
{
};

[
object,
oleautomation,
uuid(1DB2116F-71B7-49F0-8970-33B1DACFB072),
helpstring("IElevatorChromeCanary Interface"),
pointer_default(unique)
]
interface IElevatorChromeCanary : IElevator
{
};

[
object,
oleautomation,
uuid(17239BF1-A1DC-4642-846C-1BAC85F96A10),
helpstring("IElevatorDevelopment Interface"),
pointer_default(unique)
]
interface IElevatorDevelopment : IElevator
{
};

[
uuid(C3B01C4D-FBD4-4E65-88AD-0972D75808C2),
version(1.0),
helpstring("Elevator 1.0 Type Library")
]
library ElevatorLib {
importlib("stdole2.tlb");

interface IElevator;
interface IElevatorChromium;
interface IElevatorChrome;
interface IElevatorChromeBeta;
interface IElevatorChromeDev;
interface IElevatorChromeCanary;
interface IElevatorDevelopment;
};
11 changes: 10 additions & 1 deletion patches/chrome-elevation_service-BUILD.gn.patch
Original file line number Diff line number Diff line change
@@ -1,7 +1,16 @@
diff --git a/chrome/elevation_service/BUILD.gn b/chrome/elevation_service/BUILD.gn
index 6ae8694531550df2835f3afbe5a699403f7495fb..75dc1d59241a98fd1d2cf391269a39434c778661 100644
index 6ae8694531550df2835f3afbe5a699403f7495fb..a4328f979fa61c945cdb48f5728f1fff1a8b311f 100644
--- a/chrome/elevation_service/BUILD.gn
+++ b/chrome/elevation_service/BUILD.gn
@@ -9,7 +9,7 @@ import("//chrome/process_version_rc_template.gni")
import("//testing/test.gni")

midl("elevation_service_idl") {
- sources = [ "elevation_service_idl.idl" ]
+ sources = [ "//brave/chromium_src/chrome/elevation_service/elevation_service_idl.idl" ]

writes_tlb = true
}
@@ -87,6 +87,7 @@ source_set("lib") {
deps = [
"//base",
Expand Down
107 changes: 0 additions & 107 deletions patches/chrome-elevation_service-elevation_service_idl.idl.patch

This file was deleted.

0 comments on commit a5c5c22

Please sign in to comment.