Multiple-fingerprinting-mitigations.patch

2021-02-28 21:18:48 +01:00 · 2021-02-28 21:18:48 +01:00 · fc853949fa
commit fc853949fa
parent 5beceee004
1 changed files with 53 additions and 36 deletions
--- a/build/patches/Multiple-fingerprinting-mitigations.patch
+++ b/build/patches/Multiple-fingerprinting-mitigations.patch
@ -37,17 +37,18 @@ Added flag --fingerprinting-canvas-image-data-noise to disable Canvas image data
 third_party/blink/renderer/core/dom/range.cc  |  12 +-
 .../renderer/core/html/canvas/text_metrics.cc |  18 ++
 .../renderer/core/html/canvas/text_metrics.h  |   2 +
+ .../canvas2d/base_rendering_context_2d.cc     |   7 +
 .../canvas2d/canvas_rendering_context_2d.cc   |   8 +-
 third_party/blink/renderer/platform/BUILD.gn  |   5 +-
 .../platform/exported/web_runtime_features.cc |  12 ++
 .../platform/graphics/image_data_buffer.cc    |   7 +
- .../platform/graphics/static_bitmap_image.cc  | 160 ++++++++++++++++++
+ .../platform/graphics/static_bitmap_image.cc  | 155 ++++++++++++++++++
 .../platform/graphics/static_bitmap_image.h   |   2 +
 .../platform/runtime_enabled_features.json5   |   9 +
 third_party/ungoogled/BUILD.gn                |  10 ++
 third_party/ungoogled/ungoogled_switches.cc   |  18 ++
 third_party/ungoogled/ungoogled_switches.h    |  18 ++
- 23 files changed, 343 insertions(+), 3 deletions(-)
+ 24 files changed, 345 insertions(+), 3 deletions(-)
 create mode 100644 third_party/ungoogled/BUILD.gn
 create mode 100644 third_party/ungoogled/ungoogled_switches.cc
 create mode 100644 third_party/ungoogled/ungoogled_switches.h
@ -55,7 +56,7 @@ Added flag --fingerprinting-canvas-image-data-noise to disable Canvas image data
 diff --git a/chrome/browser/BUILD.gn b/chrome/browser/BUILD.gn
 --- a/chrome/browser/BUILD.gn
 +++ b/chrome/browser/BUILD.gn
-@@ -2244,6 +2244,7 @@ static_library("browser") {
+@@ -2299,6 +2299,7 @@ static_library("browser") {
     "//services/device/public/cpp:device_features",
     "//services/device/public/cpp/serial:switches",
     "//services/device/public/cpp/usb",
@ -66,7 +67,7 @@ diff --git a/chrome/browser/BUILD.gn b/chrome/browser/BUILD.gn
 diff --git a/chrome/browser/about_flags.cc b/chrome/browser/about_flags.cc
 --- a/chrome/browser/about_flags.cc
 +++ b/chrome/browser/about_flags.cc
-@@ -168,6 +168,7 @@
+@@ -171,6 +171,7 @@
 #include "services/media_session/public/cpp/features.h"
 #include "services/network/public/cpp/features.h"
 #include "services/network/public/cpp/network_switches.h"
@ -74,7 +75,7 @@ diff --git a/chrome/browser/about_flags.cc b/chrome/browser/about_flags.cc
 #include "storage/browser/quota/quota_features.h"
 #include "third_party/blink/public/common/experiments/memory_ablation_experiment.h"
 #include "third_party/blink/public/common/features.h"
-@@ -2516,6 +2517,18 @@ const FeatureEntry kFeatureEntries[] = {
+@@ -2639,6 +2640,18 @@ const FeatureEntry kFeatureEntries[] = {
     {"enable-webrtc-srtp-aes-gcm", flag_descriptions::kWebrtcSrtpAesGcmName,
      flag_descriptions::kWebrtcSrtpAesGcmDescription, kOsAll,
      SINGLE_VALUE_TYPE(switches::kEnableWebRtcSrtpAesGcm)},
@ -96,7 +97,7 @@ diff --git a/chrome/browser/about_flags.cc b/chrome/browser/about_flags.cc
 diff --git a/content/browser/BUILD.gn b/content/browser/BUILD.gn
 --- a/content/browser/BUILD.gn
 +++ b/content/browser/BUILD.gn
-@@ -217,6 +217,7 @@ source_set("browser") {
+@@ -219,6 +219,7 @@ source_set("browser") {
     "//third_party/libyuv",
     "//third_party/re2",
     "//third_party/sqlite",
@ -107,7 +108,7 @@ diff --git a/content/browser/BUILD.gn b/content/browser/BUILD.gn
 diff --git a/content/browser/renderer_host/render_process_host_impl.cc b/content/browser/renderer_host/render_process_host_impl.cc
 --- a/content/browser/renderer_host/render_process_host_impl.cc
 +++ b/content/browser/renderer_host/render_process_host_impl.cc
-@@ -219,6 +219,7 @@
+@@ -214,6 +214,7 @@
 #include "third_party/blink/public/common/user_agent/user_agent_metadata.h"
 #include "third_party/blink/public/mojom/disk_allocator.mojom.h"
 #include "third_party/blink/public/public_buildflags.h"
@ -115,7 +116,7 @@ diff --git a/content/browser/renderer_host/render_process_host_impl.cc b/content
 #include "third_party/skia/include/core/SkBitmap.h"
 #include "ui/accessibility/accessibility_switches.h"
 #include "ui/base/ui_base_switches.h"
-@@ -3280,6 +3281,9 @@ void RenderProcessHostImpl::PropagateBrowserCommandLineToRenderer(
+@@ -3184,6 +3185,9 @@ void RenderProcessHostImpl::PropagateBrowserCommandLineToRenderer(
     switches::kDisableBreakpad,
     switches::kDisableDatabases,
     switches::kDisableFileSystem,
@ -148,7 +149,7 @@ diff --git a/content/child/runtime_features.cc b/content/child/runtime_features.
 #if defined(OS_ANDROID)
 #include "base/android/build_info.h"
 #endif
-@@ -530,6 +532,13 @@ void SetCustomizedRuntimeFeaturesFromCombinedArgs(
+@@ -540,6 +542,13 @@ void SetCustomizedRuntimeFeaturesFromCombinedArgs(
   // They're moved here to distinguish them from actual base checks
   WebRuntimeFeatures::EnableOverlayScrollbars(ui::IsOverlayScrollbarEnabled());
 
@ -165,16 +166,16 @@ diff --git a/content/child/runtime_features.cc b/content/child/runtime_features.
 diff --git a/third_party/blink/public/platform/web_runtime_features.h b/third_party/blink/public/platform/web_runtime_features.h
 --- a/third_party/blink/public/platform/web_runtime_features.h
 +++ b/third_party/blink/public/platform/web_runtime_features.h
-@@ -200,6 +200,9 @@ class WebRuntimeFeatures {
+@@ -199,6 +199,9 @@ class WebRuntimeFeatures {
   BLINK_PLATFORM_EXPORT static void EnableGetDisplayMedia(bool);
   BLINK_PLATFORM_EXPORT static void EnableGetCurrentBrowsingContextMedia(bool);
   BLINK_PLATFORM_EXPORT static void EnableAllowSyncXHRInPageDismissal(bool);
 +  BLINK_PLATFORM_EXPORT static void EnableFingerprintingClientRectsNoise(bool);
 +  BLINK_PLATFORM_EXPORT static void EnableFingerprintingCanvasMeasureTextNoise(bool);
 +  BLINK_PLATFORM_EXPORT static void EnableFingerprintingCanvasImageDataNoise(bool);
-   BLINK_PLATFORM_EXPORT static void EnableShadowDOMV0(bool);
-   BLINK_PLATFORM_EXPORT static void EnableCustomElementsV0(bool);
   BLINK_PLATFORM_EXPORT static void EnableHTMLImports(bool);
+   BLINK_PLATFORM_EXPORT static void
+   EnableSignedExchangePrefetchCacheForNavigations(bool);
 diff --git a/third_party/blink/renderer/core/dom/document.cc b/third_party/blink/renderer/core/dom/document.cc
 --- a/third_party/blink/renderer/core/dom/document.cc
 +++ b/third_party/blink/renderer/core/dom/document.cc
@ -186,7 +187,7 @@ diff --git a/third_party/blink/renderer/core/dom/document.cc b/third_party/blink
 #include "base/time/time.h"
 #include "cc/input/overscroll_behavior.h"
 #include "cc/input/scroll_snap_data.h"
-@@ -2513,6 +2514,23 @@ void Document::UpdateStyleAndLayoutTree() {
+@@ -2432,6 +2433,23 @@ void Document::UpdateStyleAndLayoutTree() {
 #if DCHECK_IS_ON()
   AssertLayoutTreeUpdated(*this);
 #endif
@ -213,7 +214,7 @@ diff --git a/third_party/blink/renderer/core/dom/document.cc b/third_party/blink
 diff --git a/third_party/blink/renderer/core/dom/document.h b/third_party/blink/renderer/core/dom/document.h
 --- a/third_party/blink/renderer/core/dom/document.h
 +++ b/third_party/blink/renderer/core/dom/document.h
-@@ -448,6 +448,10 @@ class CORE_EXPORT Document : public ContainerNode,
+@@ -442,6 +442,10 @@ class CORE_EXPORT Document : public ContainerNode,
     has_xml_declaration_ = has_xml_declaration ? 1 : 0;
   }
 
@ -224,7 +225,7 @@ diff --git a/third_party/blink/renderer/core/dom/document.h b/third_party/blink/
   AtomicString visibilityState() const;
   bool IsPageVisible() const;
   bool hidden() const;
-@@ -1984,6 +1988,9 @@ class CORE_EXPORT Document : public ContainerNode,
+@@ -1970,6 +1974,9 @@ class CORE_EXPORT Document : public ContainerNode,
 
   base::ElapsedTimer start_time_;
 
@ -237,7 +238,7 @@ diff --git a/third_party/blink/renderer/core/dom/document.h b/third_party/blink/
 diff --git a/third_party/blink/renderer/core/dom/element.cc b/third_party/blink/renderer/core/dom/element.cc
 --- a/third_party/blink/renderer/core/dom/element.cc
 +++ b/third_party/blink/renderer/core/dom/element.cc
-@@ -2062,6 +2062,11 @@ DOMRectList* Element::getClientRects() {
+@@ -2057,6 +2057,11 @@ DOMRectList* Element::getClientRects() {
   DCHECK(element_layout_object);
   GetDocument().AdjustFloatQuadsForScrollAndAbsoluteZoom(
       quads, *element_layout_object);
@ -249,7 +250,7 @@ diff --git a/third_party/blink/renderer/core/dom/element.cc b/third_party/blink/
   return MakeGarbageCollected<DOMRectList>(quads);
 }
 
-@@ -2079,6 +2084,9 @@ DOMRect* Element::getBoundingClientRect() {
+@@ -2074,6 +2079,9 @@ DOMRect* Element::getBoundingClientRect() {
   DCHECK(element_layout_object);
   GetDocument().AdjustFloatRectForScrollAndAbsoluteZoom(result,
                                                         *element_layout_object);
@ -328,10 +329,34 @@ diff --git a/third_party/blink/renderer/core/html/canvas/text_metrics.h b/third_
  private:
   void Update(const Font&,
               const TextDirection&,
+diff --git a/third_party/blink/renderer/modules/canvas/canvas2d/base_rendering_context_2d.cc b/third_party/blink/renderer/modules/canvas/canvas2d/base_rendering_context_2d.cc
+--- a/third_party/blink/renderer/modules/canvas/canvas2d/base_rendering_context_2d.cc
+++ b/third_party/blink/renderer/modules/canvas/canvas2d/base_rendering_context_2d.cc
+@@ -26,6 +26,7 @@
+ #include "third_party/blink/renderer/platform/graphics/skia/skia_utils.h"
+ #include "third_party/blink/renderer/platform/graphics/stroke_data.h"
+ #include "third_party/blink/renderer/platform/heap/heap.h"
+#include "third_party/blink/renderer/platform/graphics/static_bitmap_image.h"
+ 
+ namespace blink {
+ 
+@@ -1772,6 +1773,12 @@ ImageData* BaseRenderingContext2D::getImageDataInternal(
+           snapshot->PaintImageForCurrentFrame().GetSkImageInfo().bounds();
+       DCHECK(!bounds.intersect(SkIRect::MakeXYWH(sx, sy, sw, sh)));
+     }
+
+    if (read_pixels_successful && RuntimeEnabledFeatures::FingerprintingCanvasImageDataNoiseEnabled()) {
+      base::span<uint8_t> dst = base::span<uint8_t>(reinterpret_cast<uint8_t*>(contents.Data()),
+        contents.DataLength());
+      StaticBitmapImage::ShuffleSubchannelColorData(dst.data(), image_info, sx, sy);
+    }
+   }
+ 
+   // Wrap |contents| in an ImageData.
 diff --git a/third_party/blink/renderer/modules/canvas/canvas2d/canvas_rendering_context_2d.cc b/third_party/blink/renderer/modules/canvas/canvas2d/canvas_rendering_context_2d.cc
 --- a/third_party/blink/renderer/modules/canvas/canvas2d/canvas_rendering_context_2d.cc
 +++ b/third_party/blink/renderer/modules/canvas/canvas2d/canvas_rendering_context_2d.cc
-@@ -947,9 +947,15 @@ TextMetrics* CanvasRenderingContext2D::measureText(const String& text) {
+@@ -974,9 +974,15 @@ TextMetrics* CanvasRenderingContext2D::measureText(const String& text) {
   else
     direction = ToTextDirection(GetState().GetDirection(), canvas());
 
@ -351,7 +376,7 @@ diff --git a/third_party/blink/renderer/modules/canvas/canvas2d/canvas_rendering
 diff --git a/third_party/blink/renderer/platform/BUILD.gn b/third_party/blink/renderer/platform/BUILD.gn
 --- a/third_party/blink/renderer/platform/BUILD.gn
 +++ b/third_party/blink/renderer/platform/BUILD.gn
-@@ -1584,7 +1584,9 @@ component("platform") {
+@@ -1602,7 +1602,9 @@ component("platform") {
     "//third_party/blink/renderer:non_test_config",
   ]
 
@ -362,9 +387,9 @@ diff --git a/third_party/blink/renderer/platform/BUILD.gn b/third_party/blink/re
 
   allow_circular_includes_from = [
     "//third_party/blink/renderer/platform/blob",
-@@ -1647,6 +1649,7 @@ component("platform") {
-     "//third_party/blink/public/strings",
+@@ -1666,6 +1668,7 @@ component("platform") {
     "//third_party/blink/renderer/platform/wtf",
+     "//third_party/blink/renderer/platform/wtf:buildflags",
     "//third_party/ced",
 +    "//third_party/ungoogled:switches",
     "//third_party/emoji-segmenter",
@ -373,8 +398,8 @@ diff --git a/third_party/blink/renderer/platform/BUILD.gn b/third_party/blink/re
 diff --git a/third_party/blink/renderer/platform/exported/web_runtime_features.cc b/third_party/blink/renderer/platform/exported/web_runtime_features.cc
 --- a/third_party/blink/renderer/platform/exported/web_runtime_features.cc
 +++ b/third_party/blink/renderer/platform/exported/web_runtime_features.cc
-@@ -647,4 +647,16 @@ void WebRuntimeFeatures::EnableTargetBlankImpliesNoOpener(bool enable) {
-   RuntimeEnabledFeatures::SetTargetBlankImpliesNoOpenerEnabled(enable);
+@@ -643,4 +643,16 @@ void WebRuntimeFeatures::EnableCSSColorSchemeUARendering(bool enable) {
+   RuntimeEnabledFeatures::SetCSSColorSchemeUARenderingEnabled(enable);
 }
 
 +void WebRuntimeFeatures::EnableFingerprintingClientRectsNoise(bool enable) {
@ -421,8 +446,8 @@ diff --git a/third_party/blink/renderer/platform/graphics/static_bitmap_image.cc
 
 #include "third_party/blink/renderer/platform/graphics/static_bitmap_image.h"
 
-+#include "base/rand_util.h"
 +#include "base/logging.h"
+#include "base/rand_util.h"
 #include "base/numerics/checked_math.h"
 #include "gpu/command_buffer/client/gles2_interface.h"
 #include "third_party/blink/renderer/platform/graphics/accelerated_static_bitmap_image.h"
@ -436,16 +461,8 @@ diff --git a/third_party/blink/renderer/platform/graphics/static_bitmap_image.cc
 namespace blink {
 
 scoped_refptr<StaticBitmapImage> StaticBitmapImage::Create(
-@@ -128,7 +133,162 @@ bool StaticBitmapImage::CopyToByteArray(
-               .bounds()
-               .intersect(SkIRect::MakeXYWH(rect.X(), rect.Y(), info.width(),
-                                            info.height())));
-+
-+  if (read_pixels_successful && RuntimeEnabledFeatures::FingerprintingCanvasImageDataNoiseEnabled()) {
-+    ShuffleSubchannelColorData(dst.data(), info, rect.X(), rect.Y());
-+  }
-+
-   return true;
+@@ -79,4 +84,154 @@ void StaticBitmapImage::DrawHelper(
+                         WebCoreClampingModeToSkiaRectConstraint(clamp_mode));
 }
 
 +// set the component to maximum-delta if it is >= maximum, or add to existing color component (color + delta)
@ -614,8 +631,8 @@ diff --git a/third_party/blink/renderer/platform/graphics/static_bitmap_image.h
 diff --git a/third_party/blink/renderer/platform/runtime_enabled_features.json5 b/third_party/blink/renderer/platform/runtime_enabled_features.json5
 --- a/third_party/blink/renderer/platform/runtime_enabled_features.json5
 +++ b/third_party/blink/renderer/platform/runtime_enabled_features.json5
-@@ -850,6 +850,15 @@
-       origin_trial_feature_name: "FeaturePolicyReporting",
+@@ -863,6 +863,15 @@
+       name: "FeaturePolicyReporting",
       status: "experimental"
     },
 +    {