diff options
| -rw-r--r-- | testing/firefox/APKBUILD | 31 | ||||
| -rw-r--r-- | testing/firefox/disable-moz-stackwalk.patch | 8 | ||||
| -rw-r--r-- | testing/firefox/fix-arm-atomics-grsec.patch | 306 | ||||
| -rw-r--r-- | testing/firefox/fix-arm-version-detect.patch | 13 | ||||
| -rw-r--r-- | testing/firefox/fix-seccomp-bpf.patch | 16 | ||||
| -rw-r--r-- | testing/firefox/fix-toolkit.patch | 10 | ||||
| -rw-r--r-- | testing/firefox/fix-tools.patch | 29 | ||||
| -rw-r--r-- | testing/firefox/fix-webrtc-glibcisms.patch | 8 | ||||
| -rw-r--r-- | testing/firefox/mozilla-build-arm.patch | 4 |
9 files changed, 54 insertions, 371 deletions
diff --git a/testing/firefox/APKBUILD b/testing/firefox/APKBUILD index e24afb08d5..8cfda455be 100644 --- a/testing/firefox/APKBUILD +++ b/testing/firefox/APKBUILD @@ -1,7 +1,7 @@ -# Contributor: +# Contributor: # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=firefox -pkgver=62.0.3 +pkgver=65.0 _pkgver=$pkgver _xulver=$pkgver pkgrel=4 @@ -38,6 +38,7 @@ makedepends=" libxcomposite-dev llvm5-dev mesa-dev + nodejs nspr-dev nss-dev>=3.26 nss-static @@ -62,13 +63,10 @@ source="https://ftp.mozilla.org/pub/firefox/releases/$pkgver/source/firefox-$pkg fix-tools.patch mallinfo.patch - fix-arm-atomics-grsec.patch - fix-arm-version-detect.patch mozilla-build-arm.patch disable-moz-stackwalk.patch fix-rust-target.patch fix-bug-1261392.patch - rust-unitialized-field.patch fix-webrtc-glibcisms.patch firefox.desktop @@ -83,6 +81,8 @@ ldpath="$_mozappdir" prepare() { default_prepare + cargo install cbindgen + cp "$srcdir"/stab.h toolkit/crashreporter/google-breakpad/src/ # https://bugzilla.mozilla.org/show_bug.cgi?id=1341234 mkdir -p "$builddir"/objdir @@ -92,6 +92,8 @@ prepare() { build() { cd "$builddir"/objdir + sed -e 's/checkImpl/checkFFImpl/g' -i ../js/src/vm/JSContext*.h + export SHELL=/bin/sh export BUILD_OFFICIAL=1 export MOZILLA_OFFICIAL=1 @@ -120,11 +122,11 @@ build() { --enable-default-toolkit=cairo-gtk3 \ --enable-official-branding \ --enable-optimize="$CFLAGS" \ - --enable-pie \ --enable-startup-notification \ --enable-system-ffi \ --enable-system-sqlite \ --enable-ffmpeg \ + --enable-hardening \ \ --with-system-bz2 \ --with-system-icu \ @@ -214,21 +216,18 @@ __EOF__ rm -f "$pkgdir"/${_mozappdirdev}/sdk/lib/libxul.so } -sha512sums="487bb7791284367158c79cf7918fecf3d598627a6416e679aeb5d22626089aeffe07762fa2389819ba881c90ece1c5a83cf2d85b2def15b8d5ba0ed1c498b527 firefox-62.0.3.source.tar.xz +sha512sums="10ab04612c55f020fd4fe9ba7184f77e27bb62e7204ebd4e2e8e4af9fbb97b5594dd057b3c9c1fd960a48cedfd09c11939210dba873cc66ee651dc83dc9cbed2 firefox-65.0.source.tar.xz 0b3f1e4b9fdc868e4738b5c81fd6c6128ce8885b260affcb9a65ff9d164d7232626ce1291aaea70132b3e3124f5e13fef4d39326b8e7173e362a823722a85127 stab.h 2f4f15974d52de4bb273b62a332d13620945d284bbc6fe6bd0a1f58ff7388443bc1d3bf9c82cc31a8527aad92b0cd3a1bc41d0af5e1800e0dcbd7033e58ffd71 fix-fortify-system-wrappers.patch 09bc32cf9ee81b9cc6bb58ddbc66e6cc5c344badff8de3435cde5848e5a451e0172153231db85c2385ff05b5d9c20760cb18e4138dfc99060a9e960de2befbd5 fix-fortify-inline.patch -2f713a270f7d1588ec4a0b9c21e5a0d20823954e6a64293ee1a391f80d38af6c0a80b3d35c3ada59b605f6032fb2af3040cd8ca7f424b0e620cc53fd12674fd9 fix-seccomp-bpf.patch -a2925045154f4fd34e5fc056656f4f9da100341529e5d4104d249154db0c7863384083f421ce6e47e0f20566a8b20787fa35444c7933c03cd03f96f06dcd4532 fix-toolkit.patch -b46cb90d4fdd1a925a61e2c6c545489cd542f5d82980c529361c02042eed31d5c26972b5e237c1a020f87ffcfd12736d1f4f6e33eaa83ae156d523c808c718cb fix-tools.patch +183a4ef62cd79728117797235fe46ecd3e4336c008d615c2b2a64c707477e403aed1ee5e19feb86611b93ebecc00df339aa28a73735e045e38f0d1ce3080341b fix-seccomp-bpf.patch +7f8be807c525b7e176bb65631efe8eb8e0cc829c459949761138c4568e9d7a96311e336f167c6a22fde71ce4ac1a111e2a339bb90bce1306f449f82b111df798 fix-toolkit.patch +48683964624bb58b5a2a2a5c89da56e3b8dcd04f8d42c6910bea5365010a77d6d82bdd48259774ca54341edc05b6768eaa6aa1b453718c02f760361197e78b52 fix-tools.patch bdcd1b402d2ec94957ba5d08cbad7b1a7f59c251c311be9095208491a05abb05a956c79f27908e1f26b54a3679387b2f33a51e945b650671ad85c0a2d59a5a29 mallinfo.patch -ed0d344c66fc8e1cc83a11e9858b32c42e841cbeedd9eb9438811e9fcc3593dc824a8336d00058d55836cedc970aeadd6a82c6dcd7bc0fb746e564d8b478cc6c fix-arm-atomics-grsec.patch -015e1ff6dbf920033982b5df95d869a0b7bf56c6964e45e50649ddf46d1ce09563458e45240c3ecb92808662b1300b67507f7af272ba184835d91068a9e7d5b0 fix-arm-version-detect.patch -e61664bc93eadce5016a06a4d0684b34a05074f1815e88ef2613380d7b369c6fd305fb34f83b5eb18b9e3138273ea8ddcfdcb1084fdcaa922a1e5b30146a3b18 mozilla-build-arm.patch -4797d2d89ac63a57abb826b8ea9f751314ce66946194033deb9d78c2ff377b88106fd2c7bc5034dc13ad03dd5085b1893c3ccae1a9e63fde35655bb0921f7188 disable-moz-stackwalk.patch +3671bf7623c1825c977668efec62b57873bc6052becfd8a68ddcbc2d0ba96e0c3966c61b24716e6c48167d44280d3e690a4ff986907ceba5811a653e87770fff mozilla-build-arm.patch +9a7026283057d899b5d00afb815f768eb48db2f0853fcf8d8aa6a9c6bf18b9bfccfa608ffe038b83cc6aa3119b36cd7461ccfb362fa616a3946f559d507428e8 disable-moz-stackwalk.patch 42cc44fda4b05259b38f055d6f51461746aa89a474cedc5e92fb9d20879da0d12b1b515b273a549e7302cda9c7eddde20d5fdba09853e5c658784ad6d0b20078 fix-rust-target.patch a50b412edf9573a0bd04a43578b1c927967a616b73a5995eefb15bfa78fd2bd14e36ec05315a0703f6370ecd524e6bcb012e7285beb1245e9add9b8553acb79e fix-bug-1261392.patch -01b48a708cc6bc6e3cd7cc7b16f5137ec344566ac891d699b65e322bc992726072fa14a54cef1a7775799fcbbcf90a6c170107c8524caba3bc311b42d93b7581 rust-unitialized-field.patch -75b97d59e81e5f1debe6a459b535da704d5a2ac4a57c446d16058fd18db81e22317fcc3ec11b89f569f4de87e8e80ced027c0e72e7f1dd16f6fd0feb6b263919 fix-webrtc-glibcisms.patch +40768d2458adb87fc15ad17b430cf0bebabde583910e55624bf282d4a69b3f9b9165289a7a9c2b50bfb9de1a16e2546f8d0b5ce33c1920000cffb588410b9e9e fix-webrtc-glibcisms.patch f3b7c3e804ce04731012a46cb9e9a6b0769e3772aef9c0a4a8c7520b030fdf6cd703d5e9ff49275f14b7d738fe82a0a4fde3bc3219dff7225d5db0e274987454 firefox.desktop 5dcb6288d0444a8a471d669bbaf61cdb1433663eff38b72ee5e980843f5fc07d0d60c91627a2c1159215d0ad77ae3f115dcc5fdfe87e64ca704b641aceaa44ed firefox-safe.desktop" diff --git a/testing/firefox/disable-moz-stackwalk.patch b/testing/firefox/disable-moz-stackwalk.patch index c83ae7eae9..e72b0d3248 100644 --- a/testing/firefox/disable-moz-stackwalk.patch +++ b/testing/firefox/disable-moz-stackwalk.patch @@ -2,17 +2,17 @@ diff --git a/mozglue/misc/StackWalk.cpp b/mozglue/misc/StackWalk.cpp index a208bad..14e1f0d 100644 --- a/mozglue/misc/StackWalk.cpp +++ b/mozglue/misc/StackWalk.cpp -@@ -41,13 +41,7 @@ static CriticalAddress gCriticalAddress; +@@ -32,13 +32,7 @@ using namespace mozilla; #define MOZ_STACKWALK_SUPPORTS_MACOSX 0 #endif - --#if (defined(linux) && \ + +-#if (defined(linux) && \ - ((defined(__GNUC__) && (defined(__i386) || defined(PPC))) || \ - defined(HAVE__UNWIND_BACKTRACE))) -#define MOZ_STACKWALK_SUPPORTS_LINUX 1 -#else #define MOZ_STACKWALK_SUPPORTS_LINUX 0 -#endif - + #if __GLIBC__ > 2 || (__GLIBC__ == 2 && __GLIBC_MINOR__ >= 1) #define HAVE___LIBC_STACK_END 1 diff --git a/testing/firefox/fix-arm-atomics-grsec.patch b/testing/firefox/fix-arm-atomics-grsec.patch deleted file mode 100644 index 0eb58f093f..0000000000 --- a/testing/firefox/fix-arm-atomics-grsec.patch +++ /dev/null @@ -1,306 +0,0 @@ ---- mozilla-release/ipc/chromium/src/base/atomicops_internals_arm_gcc.h.orig -+++ mozilla-release/ipc/chromium/src/base/atomicops_internals_arm_gcc.h -@@ -12,43 +35,194 @@ - namespace base { - namespace subtle { - --// 0xffff0fc0 is the hard coded address of a function provided by --// the kernel which implements an atomic compare-exchange. On older --// ARM architecture revisions (pre-v6) this may be implemented using --// a syscall. This address is stable, and in active use (hard coded) --// by at least glibc-2.7 and the Android C library. --typedef Atomic32 (*LinuxKernelCmpxchgFunc)(Atomic32 old_value, -- Atomic32 new_value, -- volatile Atomic32* ptr); --LinuxKernelCmpxchgFunc pLinuxKernelCmpxchg __attribute__((weak)) = -- (LinuxKernelCmpxchgFunc) 0xffff0fc0; -+// Memory barriers on ARM are funky, but the kernel is here to help: -+// -+// * ARMv5 didn't support SMP, there is no memory barrier instruction at -+// all on this architecture, or when targeting its machine code. -+// -+// * Some ARMv6 CPUs support SMP. A full memory barrier can be produced by -+// writing a random value to a very specific coprocessor register. -+// -+// * On ARMv7, the "dmb" instruction is used to perform a full memory -+// barrier (though writing to the co-processor will still work). -+// However, on single core devices (e.g. Nexus One, or Nexus S), -+// this instruction will take up to 200 ns, which is huge, even though -+// it's completely un-needed on these devices. -+// -+// * There is no easy way to determine at runtime if the device is -+// single or multi-core. However, the kernel provides a useful helper -+// function at a fixed memory address (0xffff0fa0), which will always -+// perform a memory barrier in the most efficient way. I.e. on single -+// core devices, this is an empty function that exits immediately. -+// On multi-core devices, it implements a full memory barrier. -+// -+// * This source could be compiled to ARMv5 machine code that runs on a -+// multi-core ARMv6 or ARMv7 device. In this case, memory barriers -+// are needed for correct execution. Always call the kernel helper, even -+// when targeting ARMv5TE. -+// - --typedef void (*LinuxKernelMemoryBarrierFunc)(void); --LinuxKernelMemoryBarrierFunc pLinuxKernelMemoryBarrier __attribute__((weak)) = -- (LinuxKernelMemoryBarrierFunc) 0xffff0fa0; -+inline void MemoryBarrier() { -+#if defined(__ARM_ARCH_7__) || defined(__ARM_ARCH_7A__) || \ -+ defined(__ARM_ARCH_7R__) || defined(__ARM_ARCH_7M__) -+ __asm__ __volatile__("dmb ish" ::: "memory"); -+#elif defined(__ARM_ARCH_6__) || defined(__ARM_ARCH_6J__) || \ -+ defined(__ARM_ARCH_6K__) || defined(__ARM_ARCH_6Z__) || \ -+ defined(__ARM_ARCH_6ZK__) || defined(__ARM_ARCH_6T2__) -+ __asm__ __volatile__("mcr p15,0,r0,c7,c10,5" ::: "memory"); -+#elif defined(__linux__) || defined(__ANDROID__) -+ // Note: This is a function call, which is also an implicit compiler barrier. -+ typedef void (*KernelMemoryBarrierFunc)(); -+ ((KernelMemoryBarrierFunc)0xffff0fa0)(); -+#error MemoryBarrier() is not implemented on this platform. -+#endif -+} - -+// An ARM toolchain would only define one of these depending on which -+// variant of the target architecture is being used. This tests against -+// any known ARMv6 or ARMv7 variant, where it is possible to directly -+// use ldrex/strex instructions to implement fast atomic operations. -+#if defined(__ARM_ARCH_7__) || defined(__ARM_ARCH_7A__) || \ -+ defined(__ARM_ARCH_7R__) || defined(__ARM_ARCH_7M__) || \ -+ defined(__ARM_ARCH_6__) || defined(__ARM_ARCH_6J__) || \ -+ defined(__ARM_ARCH_6K__) || defined(__ARM_ARCH_6Z__) || \ -+ defined(__ARM_ARCH_6ZK__) || defined(__ARM_ARCH_6T2__) - - inline Atomic32 NoBarrier_CompareAndSwap(volatile Atomic32* ptr, - Atomic32 old_value, - Atomic32 new_value) { -- Atomic32 prev_value = *ptr; -+ Atomic32 prev_value; -+ int reloop; - do { -- if (!pLinuxKernelCmpxchg(old_value, new_value, -- const_cast<Atomic32*>(ptr))) { -- return old_value; -- } -- prev_value = *ptr; -- } while (prev_value == old_value); -+ // The following is equivalent to: -+ // -+ // prev_value = LDREX(ptr) -+ // reloop = 0 -+ // if (prev_value != old_value) -+ // reloop = STREX(ptr, new_value) -+ __asm__ __volatile__(" ldrex %0, [%3]\n" -+ " mov %1, #0\n" -+ " cmp %0, %4\n" -+#ifdef __thumb2__ -+ " it eq\n" -+#endif -+ " strexeq %1, %5, [%3]\n" -+ : "=&r"(prev_value), "=&r"(reloop), "+m"(*ptr) -+ : "r"(ptr), "r"(old_value), "r"(new_value) -+ : "cc", "memory"); -+ } while (reloop != 0); - return prev_value; - } - -+inline Atomic32 Acquire_CompareAndSwap(volatile Atomic32* ptr, -+ Atomic32 old_value, -+ Atomic32 new_value) { -+ Atomic32 result = NoBarrier_CompareAndSwap(ptr, old_value, new_value); -+ MemoryBarrier(); -+ return result; -+} -+ -+inline Atomic32 Release_CompareAndSwap(volatile Atomic32* ptr, -+ Atomic32 old_value, -+ Atomic32 new_value) { -+ MemoryBarrier(); -+ return NoBarrier_CompareAndSwap(ptr, old_value, new_value); -+} -+ -+inline Atomic32 NoBarrier_AtomicIncrement(volatile Atomic32* ptr, -+ Atomic32 increment) { -+ Atomic32 value; -+ int reloop; -+ do { -+ // Equivalent to: -+ // -+ // value = LDREX(ptr) -+ // value += increment -+ // reloop = STREX(ptr, value) -+ // -+ __asm__ __volatile__(" ldrex %0, [%3]\n" -+ " add %0, %0, %4\n" -+ " strex %1, %0, [%3]\n" -+ : "=&r"(value), "=&r"(reloop), "+m"(*ptr) -+ : "r"(ptr), "r"(increment) -+ : "cc", "memory"); -+ } while (reloop); -+ return value; -+} -+ -+inline Atomic32 Barrier_AtomicIncrement(volatile Atomic32* ptr, -+ Atomic32 increment) { -+ // TODO(digit): Investigate if it's possible to implement this with -+ // a single MemoryBarrier() operation between the LDREX and STREX. -+ // See http://crbug.com/246514 -+ MemoryBarrier(); -+ Atomic32 result = NoBarrier_AtomicIncrement(ptr, increment); -+ MemoryBarrier(); -+ return result; -+} -+ - inline Atomic32 NoBarrier_AtomicExchange(volatile Atomic32* ptr, - Atomic32 new_value) { - Atomic32 old_value; -+ int reloop; - do { -+ // old_value = LDREX(ptr) -+ // reloop = STREX(ptr, new_value) -+ __asm__ __volatile__(" ldrex %0, [%3]\n" -+ " strex %1, %4, [%3]\n" -+ : "=&r"(old_value), "=&r"(reloop), "+m"(*ptr) -+ : "r"(ptr), "r"(new_value) -+ : "cc", "memory"); -+ } while (reloop != 0); -+ return old_value; -+} -+ -+// This tests against any known ARMv5 variant. -+#elif defined(__ARM_ARCH_5__) || defined(__ARM_ARCH_5T__) || \ -+ defined(__ARM_ARCH_5TE__) || defined(__ARM_ARCH_5TEJ__) -+ -+// The kernel also provides a helper function to perform an atomic -+// compare-and-swap operation at the hard-wired address 0xffff0fc0. -+// On ARMv5, this is implemented by a special code path that the kernel -+// detects and treats specially when thread pre-emption happens. -+// On ARMv6 and higher, it uses LDREX/STREX instructions instead. -+// -+// Note that this always perform a full memory barrier, there is no -+// need to add calls MemoryBarrier() before or after it. It also -+// returns 0 on success, and 1 on exit. -+// -+// Available and reliable since Linux 2.6.24. Both Android and ChromeOS -+// use newer kernel revisions, so this should not be a concern. -+namespace { -+ -+inline int LinuxKernelCmpxchg(Atomic32 old_value, -+ Atomic32 new_value, -+ volatile Atomic32* ptr) { -+ typedef int (*KernelCmpxchgFunc)(Atomic32, Atomic32, volatile Atomic32*); -+ return ((KernelCmpxchgFunc)0xffff0fc0)(old_value, new_value, ptr); -+} -+ -+} // namespace -+ -+inline Atomic32 NoBarrier_CompareAndSwap(volatile Atomic32* ptr, -+ Atomic32 old_value, -+ Atomic32 new_value) { -+ Atomic32 prev_value; -+ for (;;) { -+ prev_value = *ptr; -+ if (prev_value != old_value) -+ return prev_value; -+ if (!LinuxKernelCmpxchg(old_value, new_value, ptr)) -+ return old_value; -+ } -+} -+ -+inline Atomic32 NoBarrier_AtomicExchange(volatile Atomic32* ptr, -+ Atomic32 new_value) { -+ Atomic32 old_value; -+ do { - old_value = *ptr; -- } while (pLinuxKernelCmpxchg(old_value, new_value, -- const_cast<Atomic32*>(ptr))); -+ } while (LinuxKernelCmpxchg(old_value, new_value, ptr)); - return old_value; - } - -@@ -63,36 +237,57 @@ - // Atomic exchange the old value with an incremented one. - Atomic32 old_value = *ptr; - Atomic32 new_value = old_value + increment; -- if (pLinuxKernelCmpxchg(old_value, new_value, -- const_cast<Atomic32*>(ptr)) == 0) { -+ if (!LinuxKernelCmpxchg(old_value, new_value, ptr)) { - // The exchange took place as expected. - return new_value; - } - // Otherwise, *ptr changed mid-loop and we need to retry. - } -- - } - - inline Atomic32 Acquire_CompareAndSwap(volatile Atomic32* ptr, - Atomic32 old_value, - Atomic32 new_value) { -- return NoBarrier_CompareAndSwap(ptr, old_value, new_value); -+ Atomic32 prev_value; -+ for (;;) { -+ prev_value = *ptr; -+ if (prev_value != old_value) { -+ // Always ensure acquire semantics. -+ MemoryBarrier(); -+ return prev_value; -+ } -+ if (!LinuxKernelCmpxchg(old_value, new_value, ptr)) -+ return old_value; -+ } - } - - inline Atomic32 Release_CompareAndSwap(volatile Atomic32* ptr, - Atomic32 old_value, - Atomic32 new_value) { -- return NoBarrier_CompareAndSwap(ptr, old_value, new_value); -+ // This could be implemented as: -+ // MemoryBarrier(); -+ // return NoBarrier_CompareAndSwap(); -+ // -+ // But would use 3 barriers per succesful CAS. To save performance, -+ // use Acquire_CompareAndSwap(). Its implementation guarantees that: -+ // - A succesful swap uses only 2 barriers (in the kernel helper). -+ // - An early return due to (prev_value != old_value) performs -+ // a memory barrier with no store, which is equivalent to the -+ // generic implementation above. -+ return Acquire_CompareAndSwap(ptr, old_value, new_value); - } - -+#else -+# error "Your CPU's ARM architecture is not supported yet" -+#endif -+ -+// NOTE: Atomicity of the following load and store operations is only -+// guaranteed in case of 32-bit alignement of |ptr| values. -+ - inline void NoBarrier_Store(volatile Atomic32* ptr, Atomic32 value) { - *ptr = value; - } - --inline void MemoryBarrier() { -- pLinuxKernelMemoryBarrier(); --} -- - inline void Acquire_Store(volatile Atomic32* ptr, Atomic32 value) { - *ptr = value; - MemoryBarrier(); -@@ -103,9 +298,7 @@ - *ptr = value; - } - --inline Atomic32 NoBarrier_Load(volatile const Atomic32* ptr) { -- return *ptr; --} -+inline Atomic32 NoBarrier_Load(volatile const Atomic32* ptr) { return *ptr; } - - inline Atomic32 Acquire_Load(volatile const Atomic32* ptr) { - Atomic32 value = *ptr; -@@ -118,7 +311,6 @@ - return *ptr; - } - --} // namespace base::subtle --} // namespace base -+} } // namespace base::subtle - - #endif // BASE_ATOMICOPS_INTERNALS_ARM_GCC_H_ diff --git a/testing/firefox/fix-arm-version-detect.patch b/testing/firefox/fix-arm-version-detect.patch deleted file mode 100644 index c0c2a2e830..0000000000 --- a/testing/firefox/fix-arm-version-detect.patch +++ /dev/null @@ -1,13 +0,0 @@ -diff --git a/build/autoconf/arch.m4 b/build/autoconf/arch.m4 -index b62ea71..53179a7 100644 ---- a/build/autoconf/arch.m4 -+++ b/build/autoconf/arch.m4 -@@ -215,7 +215,7 @@ if test "$CPU_ARCH" = "arm"; then - - AC_MSG_CHECKING(ARM version support in compiler) - dnl Determine the target ARM architecture (5 for ARMv5, v5T, v5E, etc.; 6 for ARMv6, v6K, etc.) -- ARM_ARCH=`${CC-cc} ${CFLAGS} -dM -E - < /dev/null | sed -n 's/.*__ARM_ARCH_\([[0-9]][[0-9]]*\).*/\1/p'` -+ ARM_ARCH=`${CC-cc} ${CFLAGS} -dM -E - < /dev/null | sed -n 's/.*__ARM_ARCH_\([[0-9]][[0-9]]*\).*/\1/p' | head -n 1` - AC_MSG_RESULT("$ARM_ARCH") - - AC_MSG_CHECKING(for ARM NEON support in compiler) diff --git a/testing/firefox/fix-seccomp-bpf.patch b/testing/firefox/fix-seccomp-bpf.patch index ee6d666400..ae3ba5d44b 100644 --- a/testing/firefox/fix-seccomp-bpf.patch +++ b/testing/firefox/fix-seccomp-bpf.patch @@ -16,11 +16,11 @@ diff -ru firefox-62.0.3.orig/security/sandbox/chromium/sandbox/linux/seccomp-bpf diff -ru firefox-62.0.3.orig/security/sandbox/linux/SandboxFilter.cpp firefox-62.0.3/security/sandbox/linux/SandboxFilter.cpp --- firefox-62.0.3.orig/security/sandbox/linux/SandboxFilter.cpp 2018-10-01 18:35:28.000000000 +0000 +++ firefox-62.0.3/security/sandbox/linux/SandboxFilter.cpp 2018-12-14 08:57:50.645264590 +0000 -@@ -1005,6 +1005,7 @@ - // ffmpeg, and anything else that calls isatty(), will be told - // that nothing is a typewriter: - .ElseIf(request == TCGETS, Error(ENOTTY)) -+ .ElseIf(request == TIOCGWINSZ, Error(ENOTTY)) - // Allow anything that isn't a tty ioctl, for now; bug 1302711 - // will cover changing this to a default-deny policy. - .ElseIf(shifted_type != kTtyIoctls, Allow()) +@@ -997,6 +997,7 @@ class ContentSandboxPolicy : public SandboxPolicyCommon { + // ffmpeg, and anything else that calls isatty(), will be told + // that nothing is a typewriter: + .ElseIf(request == TCGETS, Error(ENOTTY)) ++ .ElseIf(request == TIOCGWINSZ, Error(ENOTTY)) + // Allow anything that isn't a tty ioctl, for now; bug 1302711 + // will cover changing this to a default-deny policy. + .ElseIf(shifted_type != kTtyIoctls, Allow()) diff --git a/testing/firefox/fix-toolkit.patch b/testing/firefox/fix-toolkit.patch index 58fe5a3a9a..35a606711e 100644 --- a/testing/firefox/fix-toolkit.patch +++ b/testing/firefox/fix-toolkit.patch @@ -59,15 +59,15 @@ diff --git a/toolkit/mozapps/update/common/updatedefines.h b/toolkit/mozapps/upd index 026e7ed..0801f14 100644 --- a/toolkit/mozapps/update/common/updatedefines.h +++ b/toolkit/mozapps/update/common/updatedefines.h -@@ -117,7 +117,7 @@ static inline int mywcsprintf(WCHAR* dest, size_t count, const WCHAR* fmt, ...) - +@@ -102,7 +102,7 @@ static inline int mywcsprintf(WCHAR* dest, size_t count, const WCHAR* fmt, + #ifdef SOLARIS - # include <sys/stat.h> + #include <sys/stat.h> -#else +#elif !defined(__linux__) || defined(__GLIBC__) - # include <fts.h> + #include <fts.h> #endif - # include <dirent.h> + #include <dirent.h> diff --git a/toolkit/mozapps/update/updater/updater.cpp b/toolkit/mozapps/update/updater/updater.cpp index 257ccb4..01314e4 100644 --- a/toolkit/mozapps/update/updater/updater.cpp diff --git a/testing/firefox/fix-tools.patch b/testing/firefox/fix-tools.patch index 84f7fa9cb8..edecb7f678 100644 --- a/testing/firefox/fix-tools.patch +++ b/testing/firefox/fix-tools.patch @@ -11,12 +11,12 @@ #include "MainThreadUtils.h" --- a/tools/profiler/lul/LulElf.cpp +++ b/tools/profiler/lul/LulElf.cpp -@@ -579,10 +579,10 @@ +@@ -469,10 +469,10 @@ string FormatIdentifier(unsigned char identifier[16]) { // Return the non-directory portion of FILENAME: the portion after the // last slash, or the whole filename if there are no slashes. - string BaseFileName(const string &filename) { + string BaseFileName(const string& filename) { - // Lots of copies! basename's behavior is less than ideal. -- char *c_filename = strdup(filename.c_str()); +- char* c_filename = strdup(filename.c_str()); - string base = basename(c_filename); - free(c_filename); + // basename's behavior is less than ideal so avoid it @@ -26,17 +26,20 @@ return base; } ---- a/tools/profiler/core/platform-linux-android.cpp.orig +--- a/tools/profiler/core/platform-linux-android.cpp +++ b/tools/profiler/core/platform-linux-android.cpp -@@ -534,9 +534,11 @@ - void - Registers::SyncPopulate() - { -+#if defined(__GLIBC__) - if (!getcontext(&sSyncUContext)) { - PopulateRegsFromContext(*this, &sSyncUContext); - } -+#endif +@@ -497,8 +497,10 @@ static void PlatformInit(PSLockRef aLock) {} + ucontext_t sSyncUContext; + + void Registers::SyncPopulate() { +- if (!getcontext(&sSyncUContext)) { +- PopulateRegsFromContext(*this, &sSyncUContext); +- } ++ #if defined(__GLIBC__) ++ if (!getcontext(&sSyncUContext)) { ++ PopulateRegsFromContext(*this, &sSyncUContext); ++ } ++ #endif } #endif diff --git a/testing/firefox/fix-webrtc-glibcisms.patch b/testing/firefox/fix-webrtc-glibcisms.patch index dc9206b50e..46fe958e73 100644 --- a/testing/firefox/fix-webrtc-glibcisms.patch +++ b/testing/firefox/fix-webrtc-glibcisms.patch @@ -1,9 +1,9 @@ --- ./media/webrtc/trunk/webrtc/system_wrappers/source/cpu_features_linux.c.orig 2018-05-09 23:48:44.677389171 +0200 +++ ./media/webrtc/trunk/webrtc/system_wrappers/source/cpu_features_linux.c 2018-05-09 23:48:56.254373557 +0200 -@@ -11,7 +11,9 @@ - #include <stdlib.h> - #include <string.h> - #include <features.h> +@@ -14,7 +14,9 @@ + #ifndef __GLIBC_PREREQ + #define __GLIBC_PREREQ(a, b) 0 + #endif -#if __GLIBC_PREREQ(2, 16) +#if !defined(__GLIBC__) +#include <sys/auxv.h> diff --git a/testing/firefox/mozilla-build-arm.patch b/testing/firefox/mozilla-build-arm.patch index dcf2f6d8a4..8b9022ca3c 100644 --- a/testing/firefox/mozilla-build-arm.patch +++ b/testing/firefox/mozilla-build-arm.patch @@ -1,9 +1,9 @@ --- ./gfx/ycbcr/moz.build.orig 2014-04-03 13:50:38.990296661 +0000 +++ ./gfx/ycbcr/moz.build 2014-04-03 13:52:26.878268547 +0000 -@@ -59,7 +59,7 @@ +@@ -53,7 +53,7 @@ else: 'yuv_row_other.cpp', ] - + -if CONFIG['CPU_ARCH'] == 'arm' and CONFIG['HAVE_ARM_NEON']: +if CONFIG['HAVE_ARM_NEON']: SOURCES += [ |