summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--libre/iceweasel/0001-Use-remoting-name-for-GDK-application-names.patch13
-rw-r--r--libre/iceweasel/0002-Bug-1660901-Support-the-fstat-like-subset-of-fstatat.patch46
-rw-r--r--libre/iceweasel/0003-Bug-1660901-ignore-AT_NO_AUTOMOUNT-in-fstatat-system.patch31
-rw-r--r--libre/iceweasel/PKGBUILD24
-rw-r--r--libre/iceweasel/avoid-libxul-OOM-python-check.patch18
5 files changed, 108 insertions, 24 deletions
diff --git a/libre/iceweasel/0001-Use-remoting-name-for-GDK-application-names.patch b/libre/iceweasel/0001-Use-remoting-name-for-GDK-application-names.patch
index 73ae042cc..b1dcee50f 100644
--- a/libre/iceweasel/0001-Use-remoting-name-for-GDK-application-names.patch
+++ b/libre/iceweasel/0001-Use-remoting-name-for-GDK-application-names.patch
@@ -1,4 +1,4 @@
-From 5025aab61517c8608b555ba929c61eb0706bd6bd Mon Sep 17 00:00:00 2001
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: "Jan Alexander Steffens (heftig)" <jan.steffens@gmail.com>
Date: Mon, 25 Mar 2019 20:30:11 +0100
Subject: [PATCH] Use remoting name for GDK application names
@@ -9,10 +9,10 @@ Subject: [PATCH] Use remoting name for GDK application names
2 files changed, 5 insertions(+), 12 deletions(-)
diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp
-index da8289200e72..452195b146f3 100644
+index 49e2c73986ab..43ebcac381c7 100644
--- a/toolkit/xre/nsAppRunner.cpp
+++ b/toolkit/xre/nsAppRunner.cpp
-@@ -3785,11 +3785,7 @@ int XREMain::XRE_mainStartup(bool* aExitFlag) {
+@@ -3822,11 +3822,7 @@ int XREMain::XRE_mainStartup(bool* aExitFlag) {
// consistently.
// Set program name to the one defined in application.ini.
@@ -26,7 +26,7 @@ index da8289200e72..452195b146f3 100644
// Initialize GTK here for splash.
diff --git a/widget/gtk/nsAppShell.cpp b/widget/gtk/nsAppShell.cpp
-index 163a93e2d1a4..4b6d45217671 100644
+index cfe022e65d82..06325264dbb1 100644
--- a/widget/gtk/nsAppShell.cpp
+++ b/widget/gtk/nsAppShell.cpp
@@ -24,6 +24,7 @@
@@ -37,7 +37,7 @@ index 163a93e2d1a4..4b6d45217671 100644
#include "ScreenHelperGTK.h"
#include "HeadlessScreenHelper.h"
#include "mozilla/widget/ScreenManager.h"
-@@ -175,13 +176,9 @@ nsresult nsAppShell::Init() {
+@@ -159,13 +160,9 @@ nsresult nsAppShell::Init() {
// See https://bugzilla.gnome.org/show_bug.cgi?id=747634
//
// Only bother doing this for the parent process, since it's the one
@@ -54,6 +54,3 @@ index 163a93e2d1a4..4b6d45217671 100644
}
}
}
---
-2.26.1
-
diff --git a/libre/iceweasel/0002-Bug-1660901-Support-the-fstat-like-subset-of-fstatat.patch b/libre/iceweasel/0002-Bug-1660901-Support-the-fstat-like-subset-of-fstatat.patch
new file mode 100644
index 000000000..427dfcdc1
--- /dev/null
+++ b/libre/iceweasel/0002-Bug-1660901-Support-the-fstat-like-subset-of-fstatat.patch
@@ -0,0 +1,46 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Jed Davis <jld@mozilla.com>
+Date: Fri, 28 Aug 2020 09:23:58 +0000
+Subject: [PATCH] Bug 1660901 - Support the fstat-like subset of fstatat in the
+ Linux sandbox policies. r=gcp
+
+Differential Revision: https://phabricator.services.mozilla.com/D88499
+---
+ security/sandbox/linux/SandboxFilter.cpp | 6 ++++++
+ security/sandbox/linux/broker/SandboxBrokerUtils.h | 2 ++
+ 2 files changed, 8 insertions(+)
+
+diff --git a/security/sandbox/linux/SandboxFilter.cpp b/security/sandbox/linux/SandboxFilter.cpp
+index e522d61e065c..4087bdc07e01 100644
+--- a/security/sandbox/linux/SandboxFilter.cpp
++++ b/security/sandbox/linux/SandboxFilter.cpp
+@@ -243,6 +243,12 @@ class SandboxPolicyCommon : public SandboxPolicyBase {
+ auto path = reinterpret_cast<const char*>(aArgs.args[1]);
+ auto buf = reinterpret_cast<statstruct*>(aArgs.args[2]);
+ auto flags = static_cast<int>(aArgs.args[3]);
++
++ if (fd != AT_FDCWD && (flags & AT_EMPTY_PATH) != 0 &&
++ strcmp(path, "") == 0) {
++ return ConvertError(fstatsyscall(fd, buf));
++ }
++
+ if (fd != AT_FDCWD && path[0] != '/') {
+ SANDBOX_LOG_ERROR("unsupported fd-relative fstatat(%d, \"%s\", %p, %d)",
+ fd, path, buf, flags);
+diff --git a/security/sandbox/linux/broker/SandboxBrokerUtils.h b/security/sandbox/linux/broker/SandboxBrokerUtils.h
+index 85a006740c2c..db33b5028e77 100644
+--- a/security/sandbox/linux/broker/SandboxBrokerUtils.h
++++ b/security/sandbox/linux/broker/SandboxBrokerUtils.h
+@@ -19,10 +19,12 @@
+ typedef struct stat64 statstruct;
+ # define statsyscall stat64
+ # define lstatsyscall lstat64
++# define fstatsyscall fstat64
+ #elif defined(__NR_stat)
+ typedef struct stat statstruct;
+ # define statsyscall stat
+ # define lstatsyscall lstat
++# define fstatsyscall fstat
+ #else
+ # error Missing stat syscall include.
+ #endif
diff --git a/libre/iceweasel/0003-Bug-1660901-ignore-AT_NO_AUTOMOUNT-in-fstatat-system.patch b/libre/iceweasel/0003-Bug-1660901-ignore-AT_NO_AUTOMOUNT-in-fstatat-system.patch
new file mode 100644
index 000000000..dd5a53535
--- /dev/null
+++ b/libre/iceweasel/0003-Bug-1660901-ignore-AT_NO_AUTOMOUNT-in-fstatat-system.patch
@@ -0,0 +1,31 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Julien Cristau <jcristau@mozilla.com>
+Date: Sun, 6 Sep 2020 20:20:39 +0000
+Subject: [PATCH] Bug 1660901 - ignore AT_NO_AUTOMOUNT in fstatat system call.
+ r=jld
+
+Per the manpage "Both stat() and lstat() act as though AT_NO_AUTOMOUNT
+was set.", so don't bail if it's set in a call to fstatat.
+
+Differential Revision: https://phabricator.services.mozilla.com/D89121
+---
+ security/sandbox/linux/SandboxFilter.cpp | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/security/sandbox/linux/SandboxFilter.cpp b/security/sandbox/linux/SandboxFilter.cpp
+index 4087bdc07e01..c4f6c318ad1c 100644
+--- a/security/sandbox/linux/SandboxFilter.cpp
++++ b/security/sandbox/linux/SandboxFilter.cpp
+@@ -254,9 +254,10 @@ class SandboxPolicyCommon : public SandboxPolicyBase {
+ fd, path, buf, flags);
+ return BlockedSyscallTrap(aArgs, nullptr);
+ }
+- if ((flags & ~AT_SYMLINK_NOFOLLOW) != 0) {
++ if ((flags & ~(AT_SYMLINK_NOFOLLOW | AT_NO_AUTOMOUNT)) != 0) {
+ SANDBOX_LOG_ERROR("unsupported flags %d in fstatat(%d, \"%s\", %p, %d)",
+- (flags & ~AT_SYMLINK_NOFOLLOW), fd, path, buf, flags);
++ (flags & ~(AT_SYMLINK_NOFOLLOW | AT_NO_AUTOMOUNT)), fd,
++ path, buf, flags);
+ return BlockedSyscallTrap(aArgs, nullptr);
+ }
+ return (flags & AT_SYMLINK_NOFOLLOW) == 0 ? broker->Stat(path, buf)
diff --git a/libre/iceweasel/PKGBUILD b/libre/iceweasel/PKGBUILD
index 9a253d858..c11a28efc 100644
--- a/libre/iceweasel/PKGBUILD
+++ b/libre/iceweasel/PKGBUILD
@@ -44,8 +44,8 @@
pkgname=iceweasel
epoch=1
-pkgver=80.0.1
-pkgrel=1
+pkgver=81.0
+pkgrel=2
pkgrel+=.parabola1
_brandingver=80.0
_brandingrel=1
@@ -57,7 +57,7 @@ url="https://wiki.parabola.nu/Iceweasel"
depends=(gtk3 libxt mime-types dbus-glib ffmpeg nss ttf-font libpulse)
makedepends=(unzip zip diffutils yasm mesa imake inetutils xorg-server-xvfb
autoconf2.13 rust clang llvm jack gtk2 nodejs cbindgen nasm
- python-setuptools python-psutil lld)
+ python-setuptools python-psutil python-zstandard lld)
# FIXME: 'mozilla-serarchplugins' package needs re-working (see note in prepare())
makedepends+=(quilt libxslt imagemagick git jq)
optdepends=('networkmanager: Location detection via available WiFi networks'
@@ -69,6 +69,8 @@ replaces=('firefox')
options=(!emptydirs !makeflags !strip)
source=(https://archive.mozilla.org/pub/firefox/releases/$pkgver/source/firefox-$pkgver.source.tar.xz{,.asc}
0001-Use-remoting-name-for-GDK-application-names.patch
+ 0002-Bug-1660901-Support-the-fstat-like-subset-of-fstatat.patch
+ 0003-Bug-1660901-ignore-AT_NO_AUTOMOUNT-in-fstatat-system.patch
$pkgname.desktop)
source+=(https://repo.parabola.nu/other/iceweasel/${pkgname}_${_brandingver}-${_brandingrel}.branding.tar.xz{,.sig}
libre.patch
@@ -78,16 +80,18 @@ source_armv7h=(arm.patch
build-arm-libopus.patch)
source_i686=('avoid-libxul-OOM-python-check.patch'
'rust-static-disable-network-test-on-static-libraries.patch')
-sha256sums=('596b085e32a2d683ba960e161ea65c6271f90f576d4bf956e0d48e83af992c21'
+sha256sums=('9328745012178aee5a4f47c833539f7872cc6e0f20a853568a313e60cabd1ec8'
'SKIP'
- '3bb7463471fb43b2163a705a79a13a3003d70fff4bbe44f467807ca056de9a75'
+ 'e0eaec8ddd24bbebf4956563ebc6d7a56f8dada5835975ee4d320dd3d0c9c442'
+ 'c2489a4ad3bfb65c064e07180a1de9a2fbc3b1b72d6bc4cd3985484d1b6b7b29'
+ '52cc26cda4117f79fae1a0ad59e1404b299191a1c53d38027ceb178dab91f3dc'
'44be8e819b8334ed36e9410d62dbc6c16dd8f8329a191403bfdce3cf2e9181fc'
'228b7d316ab6836a6e69aa7070033b1ae073f3579474a49d8c306702b1c1413e'
'SKIP'
'5cfcadbd168c52b1b1e3f2f2c45911a4ae1a9d8a05918be68475a31985607bd8'
'0ed6b8efa00f73a96bceaba2d6a31fb11d416106729ab9b8289b191eb9acccfa'
'0ace0929a7487bd3d464a432e9be643a8f62d135cdfc1b4b2c55846aee8c04dc')
-sha256sums_i686=('bf2829f280ef05a608584ce7ec95875e147f315bac9609f5e18052bc03e3c4f9'
+sha256sums_i686=('80b6461579398398c28f9b72b0c55220f261d9bf6c5a253e3bc66dc8a65131f6'
'e661665ee00ecec66c33e115b0af3474452022f0d8ceda634a6315dc8cb99014')
sha256sums_armv7h=('bc00516032330760444939c516a60c78f868631e1b37f075f0fe71a53737b966'
'2d4d91f7e35d0860225084e37ec320ca6cae669f6c9c8fe7735cdbd542e3a7c9')
@@ -107,9 +111,13 @@ prepare() {
cd firefox-$pkgver
# https://bugzilla.mozilla.org/show_bug.cgi?id=1530052
- echo "applying 0001-Use-remoting-name-for-GDK-application-names.patch"
patch -Np1 -i ../0001-Use-remoting-name-for-GDK-application-names.patch
+ # https://bugs.archlinux.org/task/67978
+ # https://bugzilla.mozilla.org/show_bug.cgi?id=1660901
+ patch -Np1 -i ../0002-Bug-1660901-Support-the-fstat-like-subset-of-fstatat.patch
+ patch -Np1 -i ../0003-Bug-1660901-ignore-AT_NO_AUTOMOUNT-in-fstatat-system.patch
+
cat >../mozconfig <<END
ac_add_options --enable-application=browser
mk_add_options MOZ_OBJDIR=${PWD@Q}/obj
@@ -134,6 +142,7 @@ ac_add_options --enable-update-channel=release
ac_add_options --with-distribution-id=nu.parabola
ac_add_options --with-unsigned-addon-scopes=app,system
ac_add_options --allow-addon-sideload
+export MOZ_APP_NAME=$pkgname
export MOZ_APP_REMOTINGNAME=${pkgname//-/}
export MOZ_TELEMETRY_REPORTING=
export MOZ_REQUIRE_SIGNING=
@@ -343,6 +352,7 @@ build() {
export MOZ_NOSPAM=1
export MOZBUILD_STATE_PATH="$srcdir/mozbuild"
+ export MACH_USE_SYSTEM_PYTHON=1
# LTO needs more open files
ulimit -n 4096
diff --git a/libre/iceweasel/avoid-libxul-OOM-python-check.patch b/libre/iceweasel/avoid-libxul-OOM-python-check.patch
index 04ce4958e..caefbe08f 100644
--- a/libre/iceweasel/avoid-libxul-OOM-python-check.patch
+++ b/libre/iceweasel/avoid-libxul-OOM-python-check.patch
@@ -1,30 +1,30 @@
diff -rauN firefox-79.0/config/rules.mk firefox-79.0-avoid-libxul-OOM-python-check-patch/config/rules.mk
--- firefox-79.0/config/rules.mk 2020-07-21 00:49:36.000000000 +0200
+++ firefox-79.0-avoid-libxul-OOM-python-check-patch/config/rules.mk 2020-08-02 14:04:30.846204786 +0200
-@@ -470,7 +470,7 @@
- endif # MSVC with manifest tool
+@@ -470,7 +470,7 @@ ifeq (_WINNT,$(GNU_CC)_$(OS_ARCH))
+ $(LINKER) -OUT:$@ -PDB:$(LINK_PDBFILE) -IMPLIB:$(basename $(@F)).lib $(WIN32_EXE_LDFLAGS) $(LDFLAGS) $(MOZ_PROGRAM_LDFLAGS) $($(notdir $@)_OBJS) $(filter %.res,$^) $(STATIC_LIBS) $(SHARED_LIBS) $(OS_LIBS)
else # !WINNT || GNU_CC
- $(call EXPAND_CC_OR_CXX,$@) -o $@ $(COMPUTED_CXX_LDFLAGS) $(PGO_CFLAGS) $($(notdir $@)_OBJS) $(RESFILE) $(WIN32_EXE_LDFLAGS) $(LDFLAGS) $(STATIC_LIBS) $(MOZ_PROGRAM_LDFLAGS) $(SHARED_LIBS) $(OS_LIBS)
+ $(call EXPAND_CC_OR_CXX,$@) -o $@ $(COMPUTED_CXX_LDFLAGS) $(PGO_CFLAGS) $($(notdir $@)_OBJS) $(filter %.res,$^) $(WIN32_EXE_LDFLAGS) $(LDFLAGS) $(STATIC_LIBS) $(MOZ_PROGRAM_LDFLAGS) $(SHARED_LIBS) $(OS_LIBS)
- $(call py_action,check_binary,--target $@)
+# $(call py_action,check_binary,--target $@)
endif # WINNT && !GNU_CC
ifdef ENABLE_STRIP
-@@ -526,7 +526,7 @@
- endif # MSVC with manifest tool
+@@ -514,7 +514,7 @@ ifeq (_WINNT,$(GNU_CC)_$(OS_ARCH))
+ $(LINKER) -out:$@ -pdb:$(LINK_PDBFILE) $($@_OBJS) $(filter %.res,$^) $(WIN32_EXE_LDFLAGS) $(LDFLAGS) $(MOZ_PROGRAM_LDFLAGS) $(STATIC_LIBS) $(SHARED_LIBS) $(OS_LIBS)
else
- $(call EXPAND_CC_OR_CXX,$@) $(COMPUTED_CXX_LDFLAGS) $(PGO_CFLAGS) -o $@ $($@_OBJS) $(WIN32_EXE_LDFLAGS) $(LDFLAGS) $(STATIC_LIBS) $(MOZ_PROGRAM_LDFLAGS) $(SHARED_LIBS) $(OS_LIBS)
+ $(call EXPAND_CC_OR_CXX,$@) $(COMPUTED_CXX_LDFLAGS) $(PGO_CFLAGS) -o $@ $($@_OBJS) $(filter %.res,$^) $(WIN32_EXE_LDFLAGS) $(LDFLAGS) $(STATIC_LIBS) $(MOZ_PROGRAM_LDFLAGS) $(SHARED_LIBS) $(OS_LIBS)
- $(call py_action,check_binary,--target $@)
+# $(call py_action,check_binary,--target $@)
endif # WINNT && !GNU_CC
ifdef ENABLE_STRIP
-@@ -606,7 +606,7 @@
+@@ -594,7 +594,7 @@ ifndef INCREMENTAL_LINKER
$(RM) $@
endif
- $(MKSHLIB) $($@_OBJS) $(RESFILE) $(LDFLAGS) $(STATIC_LIBS) $(SHARED_LIBS) $(EXTRA_DSO_LDOPTS) $(MOZ_GLUE_LDFLAGS) $(OS_LIBS)
+ $(MKSHLIB) $($@_OBJS) $(filter %.res,$^) $(LDFLAGS) $(STATIC_LIBS) $(SHARED_LIBS) $(EXTRA_DSO_LDOPTS) $(MOZ_GLUE_LDFLAGS) $(OS_LIBS)
- $(call py_action,check_binary,--target $@)
+# $(call py_action,check_binary,--target $@)
ifeq (_WINNT,$(GNU_CC)_$(OS_ARCH))
- ifdef MSMANIFEST_TOOL
+ endif # WINNT && !GCC