M113 stage 2

other/Mac/cdm_registration.cc

@@ -155,9 +155,10 @@ void AddSoftwareSecureWidevine(std::vector<content::CdmInfo>* cdms) {
   // On Android Widevine is done by MediaDrm, and should be supported on all
   // devices. Register Widevine without any capabilities so that it will be
   // checked the first time some page attempts to play protected content.
-  cdms->push_back(content::CdmInfo(kWidevineKeySystem,
-                                   Robustness::kSoftwareSecure, absl::nullopt,
-                                   kWidevineCdmType));
+  cdms->emplace_back(
+      kWidevineKeySystem, Robustness::kSoftwareSecure, absl::nullopt,
+      /*supports_sub_key_systems=*/false, kWidevineCdmDisplayName,
+      kWidevineCdmType, base::Version(), base::FilePath());
 
 #elif BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)
 #if defined(WIDEVINE_CDM_MIN_GLIBC_VERSION)
@@ -216,9 +217,10 @@ void AddHardwareSecureWidevine(std::vector<content::CdmInfo>* cdms) {
   // On Android Widevine is done by MediaDrm, and should be supported on all
   // devices. Register Widevine without any capabilities so that it will be
   // checked the first time some page attempts to play protected content.
-  cdms->push_back(content::CdmInfo(kWidevineKeySystem,
-                                   Robustness::kHardwareSecure, absl::nullopt,
-                                   kWidevineCdmType));
+  cdms->emplace_back(
+      kWidevineKeySystem, Robustness::kHardwareSecure, absl::nullopt,
+      /*supports_sub_key_systems=*/false, kWidevineCdmDisplayName,
+      kWidevineCdmType, base::Version(), base::FilePath());
 
 #elif BUILDFLAG(USE_CHROMEOS_PROTECTED_MEDIA)
 #if BUILDFLAG(IS_CHROMEOS_LACROS)

src/chrome/common/media/cdm_registration.cc

@@ -155,9 +155,10 @@ void AddSoftwareSecureWidevine(std::vector<content::CdmInfo>* cdms) {
   // On Android Widevine is done by MediaDrm, and should be supported on all
   // devices. Register Widevine without any capabilities so that it will be
   // checked the first time some page attempts to play protected content.
-  cdms->push_back(content::CdmInfo(kWidevineKeySystem,
-                                   Robustness::kSoftwareSecure, absl::nullopt,
-                                   kWidevineCdmType));
+  cdms->emplace_back(
+      kWidevineKeySystem, Robustness::kSoftwareSecure, absl::nullopt,
+      /*supports_sub_key_systems=*/false, kWidevineCdmDisplayName,
+      kWidevineCdmType, base::Version(), base::FilePath());
 
 #elif BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)
 #if defined(WIDEVINE_CDM_MIN_GLIBC_VERSION)
@@ -216,9 +217,10 @@ void AddHardwareSecureWidevine(std::vector<content::CdmInfo>* cdms) {
   // On Android Widevine is done by MediaDrm, and should be supported on all
   // devices. Register Widevine without any capabilities so that it will be
   // checked the first time some page attempts to play protected content.
-  cdms->push_back(content::CdmInfo(kWidevineKeySystem,
-                                   Robustness::kHardwareSecure, absl::nullopt,
-                                   kWidevineCdmType));
+  cdms->emplace_back(
+      kWidevineKeySystem, Robustness::kHardwareSecure, absl::nullopt,
+      /*supports_sub_key_systems=*/false, kWidevineCdmDisplayName,
+      kWidevineCdmType, base::Version(), base::FilePath());
 
 #elif BUILDFLAG(USE_CHROMEOS_PROTECTED_MEDIA)
 #if BUILDFLAG(IS_CHROMEOS_LACROS)

src/media/gpu/vaapi/vaapi_wrapper.h

@@ -41,7 +41,7 @@
 #endif                        // BUILDFLAG(USE_VAAPI_X11)
 
 namespace gfx {
-enum class BufferFormat;
+enum class BufferFormat : uint8_t;
 class NativePixmap;
 class NativePixmapDmaBuf;
 class Rect;

src/net/dns/dns_client.cc

@@ -215,17 +215,15 @@ class DnsClientImpl : public DnsClient {
     insecure_fallback_failures_ = 0;
   }
 
-  base::Value GetDnsConfigAsValueForNetLog() const override {
+  base::Value::Dict GetDnsConfigAsValueForNetLog() const override {
     const DnsConfig* config = GetEffectiveConfig();
     if (config == nullptr)
-      return base::Value(base::Value::Dict());
-    base::Value value = config->ToValue();
-    DCHECK(value.is_dict());
-    base::Value::Dict& dict = value.GetDict();
+      return base::Value::Dict();
+    base::Value::Dict dict = config->ToDict();
     dict.Set("can_use_secure_dns_transactions", CanUseSecureDnsTransactions());
     dict.Set("can_use_insecure_dns_transactions",
              CanUseInsecureDnsTransactions());
-    return value;
+    return dict;
   }
 
   absl::optional<DnsConfig> GetSystemConfigForTesting() const override {

src/net/dns/dns_transaction.cc

@@ -125,11 +125,12 @@ bool IsIPLiteral(const std::string& hostname) {
   return ip.AssignFromIPLiteral(hostname);
 }
 
-base::Value NetLogStartParams(const std::string& hostname, uint16_t qtype) {
+base::Value::Dict NetLogStartParams(const std::string& hostname,
+                                    uint16_t qtype) {
   base::Value::Dict dict;
   dict.Set("hostname", hostname);
   dict.Set("query_type", qtype);
-  return base::Value(std::move(dict));
+  return dict;
 }
 
 // ----------------------------------------------------------------------------
@@ -168,7 +169,7 @@ class DnsAttempt {
   // Returns a Value representing the received response, along with a reference
   // to the NetLog source source of the UDP socket used.  The request must have
   // completed before this is called.
-  base::Value NetLogResponseParams(NetLogCaptureMode capture_mode) const {
+  base::Value::Dict NetLogResponseParams(NetLogCaptureMode capture_mode) const {
     base::Value::Dict dict;
 
     if (GetResponse()) {
@@ -185,7 +186,7 @@ class DnsAttempt {
       dict.Set("response_buffer", GetRawResponseBufferForLog());
     }
 
-    return base::Value(std::move(dict));
+    return dict;
   }
 
   // True if current attempt is pending (waiting for server response).
@@ -342,7 +343,6 @@ class DnsUDPAttempt : public DnsAttempt {
       return rv;
     read_size_ = rv;
 
-    DCHECK(rv);
     bool parse_result = response_->InitParse(rv, *query_);
     if (response_->id())
       udp_tracker_->RecordResponseId(query_->id(), response_->id().value());
@@ -391,8 +391,12 @@ class DnsHTTPAttempt : public DnsAttempt, public URLRequest::Delegate {
                  bool use_post,
                  URLRequestContext* url_request_context,
                  const IsolationInfo& isolation_info,
-                 RequestPriority request_priority_)
-      : DnsAttempt(doh_server_index), query_(std::move(query)) {
+                 RequestPriority request_priority_,
+                 bool is_probe)
+      : DnsAttempt(doh_server_index),
+        query_(std::move(query)),
+        net_log_(NetLogWithSource::Make(NetLog::Get(),
+                                        NetLogSourceType::DNS_OVER_HTTPS)) {
     GURL url;
     if (use_post) {
       // Set url for a POST request
@@ -411,6 +415,16 @@ class DnsHTTPAttempt : public DnsAttempt, public URLRequest::Delegate {
       url = GURL(url_string);
     }
 
+    net_log_.BeginEvent(NetLogEventType::DOH_URL_REQUEST, [&] {
+      if (is_probe) {
+        return NetLogStartParams("(probe)", query_->qtype());
+      }
+      absl::optional<std::string> hostname =
+          dns_names_util::NetworkToDottedName(query_->qname());
+      DCHECK(hostname.has_value());
+      return NetLogStartParams(*hostname, query_->qtype());
+    });
+
     HttpRequestHeaders extra_request_headers;
     extra_request_headers.SetHeader(HttpRequestHeaders::kAccept,
                                     kDnsOverHttpResponseContentType);
@@ -443,8 +457,8 @@ class DnsHTTPAttempt : public DnsAttempt, public URLRequest::Delegate {
           policy_exception_justification: "Experimental feature that"
                                           "is disabled by default"
         }
-      )"));
-    net_log_ = request_->net_log();
+      )"),
+        /*is_for_websockets=*/false, net_log_.source());
 
     if (use_post) {
       request_->set_method("POST");
@@ -598,6 +612,8 @@ class DnsHTTPAttempt : public DnsAttempt, public URLRequest::Delegate {
   }
 
   int CompleteResponse(int net_error) {
+    net_log_.EndEventWithNetErrorCode(NetLogEventType::DOH_URL_REQUEST,
+                                      net_error);
     DCHECK_NE(net::ERR_IO_PENDING, net_error);
     if (net_error != OK) {
       return net_error;
@@ -637,7 +653,8 @@ void ConstructDnsHTTPAttempt(DnsSession* session,
                              std::vector<std::unique_ptr<DnsAttempt>>* attempts,
                              URLRequestContext* url_request_context,
                              const IsolationInfo& isolation_info,
-                             RequestPriority request_priority) {
+                             RequestPriority request_priority,
+                             bool is_probe) {
   DCHECK(url_request_context);
 
   std::unique_ptr<DnsQuery> query;
@@ -657,7 +674,7 @@ void ConstructDnsHTTPAttempt(DnsSession* session,
   attempts->push_back(std::make_unique<DnsHTTPAttempt>(
       doh_server_index, std::move(query), doh_server.server_template(),
       gurl_without_parameters, doh_server.use_post(), url_request_context,
-      isolation_info, request_priority));
+      isolation_info, request_priority, is_probe));
 }
 
 class DnsTCPAttempt : public DnsAttempt {
@@ -1034,7 +1051,8 @@ class DnsOverHttpsProbeRunner : public DnsProbeRunner {
         session_.get(), doh_server_index, formatted_probe_qname_,
         dns_protocol::kTypeA, /*opt_rdata=*/nullptr,
         &probe_stats->probe_attempts, context_->url_request_context(),
-        context_->isolation_info(), RequestPriority::DEFAULT_PRIORITY);
+        context_->isolation_info(), RequestPriority::DEFAULT_PRIORITY,
+        /*is_probe=*/true);
 
     DnsAttempt* probe_attempt = probe_stats->probe_attempts.back().get();
     probe_attempt->Start(base::BindOnce(
@@ -1378,12 +1396,20 @@ class DnsTransactionImpl : public DnsTransaction,
     size_t doh_server_index = dns_server_iterator_->GetNextAttemptIndex();
 
     unsigned attempt_number = attempts_.size();
-    ConstructDnsHTTPAttempt(
-        session_.get(), doh_server_index, qnames_.front(), qtype_, opt_rdata_,
-        &attempts_, resolve_context_->url_request_context(),
-        resolve_context_->isolation_info(), request_priority_);
+    ConstructDnsHTTPAttempt(session_.get(), doh_server_index, qnames_.front(),
+                            qtype_, opt_rdata_, &attempts_,
+                            resolve_context_->url_request_context(),
+                            resolve_context_->isolation_info(),
+                            request_priority_, /*is_probe=*/false);
     ++attempts_count_;
-    int rv = attempts_.back()->Start(base::BindOnce(
+    DnsAttempt* attempt = attempts_.back().get();
+    // Associate this attempt with the DoH request in NetLog.
+    net_log_.AddEventReferencingSource(
+        NetLogEventType::DNS_TRANSACTION_HTTPS_ATTEMPT,
+        attempt->GetSocketNetLog().source());
+    attempt->GetSocketNetLog().AddEventReferencingSource(
+        NetLogEventType::DNS_TRANSACTION_HTTPS_ATTEMPT, net_log_.source());
+    int rv = attempt->Start(base::BindOnce(
         &DnsTransactionImpl::OnAttemptComplete, base::Unretained(this),
         attempt_number, true /* record_rtt */, base::TimeTicks::Now()));
     if (rv == ERR_IO_PENDING) {

src/net/url_request/url_request_http_job.cc

@@ -101,7 +101,7 @@
 
 namespace {
 
-base::Value CookieInclusionStatusNetLogParams(
+base::Value::Dict CookieInclusionStatusNetLogParams(
     const std::string& operation,
     const std::string& cookie_name,
     const std::string& cookie_domain,
@@ -119,7 +119,7 @@ base::Value CookieInclusionStatusNetLogParams(
     if (!cookie_path.empty())
       dict.Set("path", cookie_path);
   }
-  return base::Value(std::move(dict));
+  return dict;
 }
 
 // Records details about the most-specific trust anchor in |spki_hashes|,
@@ -1659,14 +1659,9 @@ void URLRequestHttpJob::RecordCompletionHistograms(CompletionCause reason) {
         UMA_HISTOGRAM_COUNTS_1M("Net.Prefetch.PrefilterBytesReadFromNetwork",
                                 prefilter_bytes_read());
       }
-      if (is_https_google) {
-        if (used_quic) {
-          UMA_HISTOGRAM_MEDIUM_TIMES(
-              "Net.HttpJob.TotalTimeNotCached.Secure.Quic", total_time);
-        } else {
-          UMA_HISTOGRAM_MEDIUM_TIMES(
-              "Net.HttpJob.TotalTimeNotCached.Secure.NotQuic", total_time);
-        }
+      if (is_https_google && used_quic) {
+        UMA_HISTOGRAM_MEDIUM_TIMES("Net.HttpJob.TotalTimeNotCached.Secure.Quic",
+                                   total_time);
       }
     }
   }

src/third_party/zlib/BUILD.gn

@@ -1,9 +1,15 @@
-# Copyright (c) 2022 The Chromium Authors and Alex313031. All rights reserved.
+# Copyright 2023 The Chromium Authors and Alex313031. All rights reserved.
 # Use of this source code is governed by a BSD-style license that can be
 # found in the LICENSE file.
 
 import("//build/config/compiler/compiler.gni")
 
+declare_args() {
+  # Expose zlib's symbols, used by Node.js to provide zlib APIs for its native
+  # modules.
+  zlib_symbols_visible = false
+}
+
 if (build_with_chromium) {
   import("//testing/test.gni")
 }
@@ -14,6 +20,10 @@ if (current_cpu == "arm" || current_cpu == "arm64") {
 
 config("zlib_config") {
   include_dirs = [ "." ]
+
+  if (zlib_symbols_visible) {
+    defines = [ "ZLIB_DLL" ]
+  }
 }
 
 config("zlib_internal_config") {
@@ -23,7 +33,7 @@ config("zlib_internal_config") {
     # Build code using -O3, see: crbug.com/1084371.
     configs = [ "//build/config/compiler:optimize_speed" ]
   }
-  if (is_debug || use_libfuzzer) {
+  if (is_debug || use_fuzzing_engine) {
     # Enable zlib's asserts in debug and fuzzer builds.
     defines += [ "ZLIB_DEBUG" ]
   }
@@ -358,6 +368,11 @@ component("zlib") {
   configs -= [ "//build/config/compiler:chromium_code" ]
   configs += [ "//build/config/compiler:no_chromium_code" ]
 
+  if (zlib_symbols_visible) {
+    configs -= [ "//build/config/gcc:symbol_visibility_hidden" ]
+    configs += [ "//build/config/gcc:symbol_visibility_default" ]
+  }
+
   public_configs = [ ":zlib_config" ]
 
   configs += [