From d47b22240106bb47326506a395570879cc32a6de Mon Sep 17 00:00:00 2001 From: ohfp <1813007-ohfp@users.noreply.gitlab.com> Date: Thu, 17 Jun 2021 13:35:43 +0200 Subject: [PATCH] v89.0.1-1 --- .../sandbox-update-arm-syscall-numbers.patch | 144 ------------------ scripts/1_Install_Dependencies.sh | 14 +- scripts/3_Configure_Source_Code.sh | 23 +-- scripts/4_Build_Binary_Tarball.sh | 2 +- scripts/5_Configure_Binary_Tarball.sh | 2 +- 5 files changed, 17 insertions(+), 168 deletions(-) delete mode 100644 deb_patches/sandbox-update-arm-syscall-numbers.patch diff --git a/deb_patches/sandbox-update-arm-syscall-numbers.patch b/deb_patches/sandbox-update-arm-syscall-numbers.patch deleted file mode 100644 index b6cf3bb..0000000 --- a/deb_patches/sandbox-update-arm-syscall-numbers.patch +++ /dev/null @@ -1,144 +0,0 @@ -From 05971bd227dc6c359657d1501711e6865e9430f9 Mon Sep 17 00:00:00 2001 -From: Matthew Denton -Date: Tue, 28 Jul 2020 00:29:01 +0000 -Subject: [PATCH] Linux sandbox: update arm syscall numbers - -Change-Id: Ia2c39a86fb3516040a74de963115e73b7b1a1e0c -Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2318316 -Reviewed-by: Robert Sesek -Commit-Queue: Matthew Denton -Cr-Commit-Position: refs/heads/master@{#792090} ---- - -diff --git a/security/sandbox/chromium/sandbox/linux/system_headers/arm64_linux_syscalls.h b/security/sandbox/chromium/sandbox/linux/system_headers/arm64_linux_syscalls.h -index 59d0eab8..a242c18c 100644 ---- a/security/sandbox/chromium/sandbox/linux/system_headers/arm64_linux_syscalls.h -+++ b/security/sandbox/chromium/sandbox/linux/system_headers/arm64_linux_syscalls.h -@@ -1063,4 +1063,60 @@ - #define __NR_memfd_create 279 - #endif - -+#if !defined(__NR_bpf) -+#define __NR_bpf 280 -+#endif -+ -+#if !defined(__NR_execveat) -+#define __NR_execveat 281 -+#endif -+ -+#if !defined(__NR_userfaultfd) -+#define __NR_userfaultfd 282 -+#endif -+ -+#if !defined(__NR_membarrier) -+#define __NR_membarrier 283 -+#endif -+ -+#if !defined(__NR_mlock2) -+#define __NR_mlock2 284 -+#endif -+ -+#if !defined(__NR_copy_file_range) -+#define __NR_copy_file_range 285 -+#endif -+ -+#if !defined(__NR_preadv2) -+#define __NR_preadv2 286 -+#endif -+ -+#if !defined(__NR_pwritev2) -+#define __NR_pwritev2 287 -+#endif -+ -+#if !defined(__NR_pkey_mprotect) -+#define __NR_pkey_mprotect 288 -+#endif -+ -+#if !defined(__NR_pkey_alloc) -+#define __NR_pkey_alloc 289 -+#endif -+ -+#if !defined(__NR_pkey_free) -+#define __NR_pkey_free 290 -+#endif -+ -+#if !defined(__NR_statx) -+#define __NR_statx 291 -+#endif -+ -+#if !defined(__NR_io_pgetevents) -+#define __NR_io_pgetevents 292 -+#endif -+ -+#if !defined(__NR_rseq) -+#define __NR_rseq 293 -+#endif -+ - #endif // SANDBOX_LINUX_SYSTEM_HEADERS_ARM64_LINUX_SYSCALLS_H_ -diff --git a/security/sandbox/chromium/sandbox/linux/system_headers/arm_linux_syscalls.h b/security/sandbox/chromium/sandbox/linux/system_headers/arm_linux_syscalls.h -index 1addd53..85e2110b 100644 ---- a/security/sandbox/chromium/sandbox/linux/system_headers/arm_linux_syscalls.h -+++ b/security/sandbox/chromium/sandbox/linux/system_headers/arm_linux_syscalls.h -@@ -1385,6 +1385,62 @@ - #define __NR_memfd_create (__NR_SYSCALL_BASE+385) - #endif - -+#if !defined(__NR_bpf) -+#define __NR_bpf (__NR_SYSCALL_BASE+386) -+#endif -+ -+#if !defined(__NR_execveat) -+#define __NR_execveat (__NR_SYSCALL_BASE+387) -+#endif -+ -+#if !defined(__NR_userfaultfd) -+#define __NR_userfaultfd (__NR_SYSCALL_BASE+388) -+#endif -+ -+#if !defined(__NR_membarrier) -+#define __NR_membarrier (__NR_SYSCALL_BASE+389) -+#endif -+ -+#if !defined(__NR_mlock2) -+#define __NR_mlock2 (__NR_SYSCALL_BASE+390) -+#endif -+ -+#if !defined(__NR_copy_file_range) -+#define __NR_copy_file_range (__NR_SYSCALL_BASE+391) -+#endif -+ -+#if !defined(__NR_preadv2) -+#define __NR_preadv2 (__NR_SYSCALL_BASE+392) -+#endif -+ -+#if !defined(__NR_pwritev2) -+#define __NR_pwritev2 (__NR_SYSCALL_BASE+393) -+#endif -+ -+#if !defined(__NR_pkey_mprotect) -+#define __NR_pkey_mprotect (__NR_SYSCALL_BASE+394) -+#endif -+ -+#if !defined(__NR_pkey_alloc) -+#define __NR_pkey_alloc (__NR_SYSCALL_BASE+395) -+#endif -+ -+#if !defined(__NR_pkey_free) -+#define __NR_pkey_free (__NR_SYSCALL_BASE+396) -+#endif -+ -+#if !defined(__NR_statx) -+#define __NR_statx (__NR_SYSCALL_BASE+397) -+#endif -+ -+#if !defined(__NR_rseq) -+#define __NR_rseq (__NR_SYSCALL_BASE+398) -+#endif -+ -+#if !defined(__NR_io_pgetevents) -+#define __NR_io_pgetevents (__NR_SYSCALL_BASE+399) -+#endif -+ - // ARM private syscalls. - #if !defined(__ARM_NR_BASE) - #define __ARM_NR_BASE (__NR_SYSCALL_BASE + 0xF0000) diff --git a/scripts/1_Install_Dependencies.sh b/scripts/1_Install_Dependencies.sh index 44d75b0..08ef1f5 100755 --- a/scripts/1_Install_Dependencies.sh +++ b/scripts/1_Install_Dependencies.sh @@ -39,6 +39,8 @@ _DEPENDENCIES="wget git xvfb \ python \ libffi-dev \ nodejs-mozilla \ + cargo \ + rustc \ nasm-mozilla" # cargo \ @@ -55,18 +57,18 @@ if [[ $CARCH == 'x86_64' ]];then # Installs (non-ancient) clang apt install -y software-properties-common apt-transport-https ca-certificates wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | apt-key add - apt-add-repository "deb http://apt.llvm.org/bionic/ llvm-toolchain-bionic-11 main" + apt-add-repository "deb http://apt.llvm.org/bionic/ llvm-toolchain-bionic-12 main" apt-get update - apt-get -y install clang-11 libclang-11-dev + apt-get -y install clang-12 libclang-12-dev else apt install -y software-properties-common apt-transport-https ca-certificates wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | apt-key add - apt-add-repository "deb http://apt.llvm.org/bionic/ llvm-toolchain-bionic-11 main" + apt-add-repository "deb http://apt.llvm.org/bionic/ llvm-toolchain-bionic-10 main" apt-get update apt-get -y install clang-10 libclang-10-dev fi # we need a more recent rust -curl https://sh.rustup.rs -o rustup.sh -bash rustup.sh -y -source /root/.cargo/env +# curl https://sh.rustup.rs -o rustup.sh +# bash rustup.sh -y +# source /root/.cargo/env diff --git a/scripts/3_Configure_Source_Code.sh b/scripts/3_Configure_Source_Code.sh index 3d8b2cd..e811ed9 100755 --- a/scripts/3_Configure_Source_Code.sh +++ b/scripts/3_Configure_Source_Code.sh @@ -7,7 +7,7 @@ set -e srcdir=$1; CI_PROJECT_DIR=${CI_PROJECT_DIR:-$(realpath $(dirname $0)/../)} _COMMON_REPO='https://gitlab.com/librewolf-community/browser/common.git'; -_COMMON_TAG='v89.0-1' +_COMMON_TAG='v89.0.1-1' _COMMON_DIR="${CI_PROJECT_DIR}"/common _PATCHES_DIR="${_COMMON_DIR}"/patches _MOZBUILD=$srcdir/../mozbuild @@ -127,7 +127,6 @@ patch -Np1 -i "${CI_PROJECT_DIR}/deb_patches/webrtc-fix-compiler-flags-for-armhf patch -Np1 -i "${CI_PROJECT_DIR}/deb_patches/reduce-rust-debuginfo.patch" patch -Np1 -i "${CI_PROJECT_DIR}/deb_patches/relax-cargo-dep.patch" patch -Np1 -i "${CI_PROJECT_DIR}/deb_patches/use-system-icupkg.patch" -patch -Np1 -i "${CI_PROJECT_DIR}/deb_patches/sandbox-update-arm-syscall-numbers.patch" # Remove some pre-installed addons that might be questionable patch -Np1 -i ${_PATCHES_DIR}/remove_addons.patch @@ -146,9 +145,6 @@ fi # Disabling Pocket printf "\nDisabling Pocket\n"; -# sed -i 's/"pocket"/# "pocket"/g' browser/components/moz.build -# this one only to remove an annoying error message: -# sed -i 's#SaveToPocket.init();#// SaveToPocket.init();#g' browser/components/BrowserGlue.jsm patch -Np1 -i "${_PATCHES_DIR}/sed-patches/disable-pocket.patch" # More patches @@ -158,26 +154,21 @@ patch -Np1 -i "${_PATCHES_DIR}/browser-confvars.patch" patch -Np1 -i "${_PATCHES_DIR}/urlbarprovider-interventions.patch" # Remove Internal Plugin Certificates -# _cert_sed='s#if (aCert.organizationalUnit == "Mozilla [[:alpha:]]\+") {\n' -# _cert_sed+='[[:blank:]]\+return AddonManager\.SIGNEDSTATE_[[:upper:]]\+;\n' -# _cert_sed+='[[:blank:]]\+}#' -# _cert_sed+='// NOTE: removed#g' -# sed -z "$_cert_sed" -i toolkit/mozapps/extensions/internal/XPIInstall.jsm patch -Np1 -i "${_PATCHES_DIR}/sed-patches/remove-internal-plugin-certs.patch" # allow SearchEngines option in non-ESR builds -# sed -i 's#"enterprise_only": true,#"enterprise_only": false,#g' browser/components/enterprisepolicies/schemas/policies-schema.json patch -Np1 -i "${_PATCHES_DIR}/sed-patches/allow-searchengines-non-esr.patch" # remove search extensions (experimental) patch -Np1 -i "${_PATCHES_DIR}/search-config.patch" # stop some undesired requests (https://gitlab.com/librewolf-community/browser/common/-/issues/10) -# _settings_services_sed='s#firefox.settings.services.mozilla.com#f.s.s.m.c.qjz9zk#g' -# sed "$_settings_services_sed" -i browser/components/newtab/data/content/activity-stream.bundle.js -# sed "$_settings_services_sed" -i modules/libpref/init/all.js -# sed "$_settings_services_sed" -i services/settings/Utils.jsm -# sed "$_settings_services_sed" -i toolkit/components/search/SearchUtils.jsm patch -Np1 -i "${_PATCHES_DIR}/sed-patches/stop-undesired-requests.patch" +# allow overriding the color scheme light/dark preference with RFP +patch -Np1 -i ${_PATCHES_DIR}/allow_dark_preference_with_rfp.patch + +# fix an URL in 'about' dialog +patch -Np1 -i ${_PATCHES_DIR}/about-dialog.patch + rm -rf common diff --git a/scripts/4_Build_Binary_Tarball.sh b/scripts/4_Build_Binary_Tarball.sh index d035c49..a29e9d7 100755 --- a/scripts/4_Build_Binary_Tarball.sh +++ b/scripts/4_Build_Binary_Tarball.sh @@ -16,7 +16,7 @@ export DEB_BUILD_HARDENING_FORMAT=1 export DEB_BUILD_HARDENING_PIE=1 # export PATH=/usr/lib/nasm-mozilla/bin:$PATH -source /root/.cargo/env +# source /root/.cargo/env # we do change / unset some of them later, but setting them as set by Arch # might make it easier to maintain changes in build scripts on both sides diff --git a/scripts/5_Configure_Binary_Tarball.sh b/scripts/5_Configure_Binary_Tarball.sh index 64f2b12..b086442 100755 --- a/scripts/5_Configure_Binary_Tarball.sh +++ b/scripts/5_Configure_Binary_Tarball.sh @@ -11,7 +11,7 @@ LAUNCHER_SCRIPT=$3; CI_PROJECT_DIR=${CI_PROJECT_DIR:-$(realpath $(dirname $0)/../)} _SCRIPT_FOLDER=$(realpath $(dirname $0)); _EXTRACTED_TARBALL_FOLDER=$_SCRIPT_FOLDER/librewolf; -_SETTINGS_TAG='1.0' +_SETTINGS_TAG='1.1' _SETTINGS_REPO='https://gitlab.com/librewolf-community/settings.git'; # Extracts the binary tarball