summaryrefslogtreecommitdiffstats
path: root/security/rlbox
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-19 00:47:55 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-19 00:47:55 +0000
commit26a029d407be480d791972afb5975cf62c9360a6 (patch)
treef435a8308119effd964b339f76abb83a57c29483 /security/rlbox
parentInitial commit. (diff)
downloadfirefox-26a029d407be480d791972afb5975cf62c9360a6.tar.xz
firefox-26a029d407be480d791972afb5975cf62c9360a6.zip
Adding upstream version 124.0.1.upstream/124.0.1
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'security/rlbox')
-rw-r--r--security/rlbox/moz.build66
-rw-r--r--security/rlbox/rlbox.mozbuild57
2 files changed, 123 insertions, 0 deletions
diff --git a/security/rlbox/moz.build b/security/rlbox/moz.build
new file mode 100644
index 0000000000..7ad8d076f0
--- /dev/null
+++ b/security/rlbox/moz.build
@@ -0,0 +1,66 @@
+# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*-
+# vim: set filetype=python:
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+include("rlbox.mozbuild")
+
+RLBoxLibrary("rlbox")
+
+LOCAL_INCLUDES += [
+ "/third_party/simde/",
+ "/third_party/wasm2c/wasm2c/",
+]
+
+EXPORTS += [
+ "/third_party/wasm2c/wasm2c/wasm-rt.h",
+]
+
+FINAL_LIBRARY = "xul"
+
+# Allow compiler warnings both in wasm compiles (because they're third-party
+# libraries), and C compiles (because they're code generated by wasm2c).
+AllowCompilerWarnings()
+
+WASM_DEFINES["MOZILLA_CLIENT"] = True
+
+if CONFIG["MOZ_WASM_SANDBOXING_HUNSPELL"]:
+ include("/extensions/spellcheck/hunspell/src/sources.mozbuild")
+ WASM_SOURCES += [
+ "/extensions/spellcheck/hunspell/src/" + s for s in hunspell_sources
+ ]
+ if CONFIG["MOZ_WASI_EMULATED_CLOCK"]:
+ WASM_DEFINES["_WASI_EMULATED_PROCESS_CLOCKS"] = True
+ WASM_LIBS += ["wasi-emulated-process-clocks"]
+ LOCAL_INCLUDES += [
+ "/extensions/spellcheck/hunspell/glue",
+ "/extensions/spellcheck/hunspell/src",
+ ]
+
+if CONFIG["MOZ_WASM_SANDBOXING_GRAPHITE"]:
+ include("/gfx/graphite2/src/sources.mozbuild")
+ WASM_SOURCES += ["/gfx/graphite2/src/" + s for s in graphite_sources]
+ WASM_SOURCES += [
+ "/gfx/graphite2/src/call_machine.cpp",
+ ]
+ for k, v in graphite_defines:
+ WASM_DEFINES[k] = v
+ LOCAL_INCLUDES += ["/gfx/graphite2/src"]
+
+if CONFIG["MOZ_WASM_SANDBOXING_OGG"]:
+ include("/media/libogg/sources.mozbuild")
+ WASM_SOURCES += ["/media/libogg/" + s for s in ogg_sources]
+ LOCAL_INCLUDES += ["/media/libogg"]
+
+if CONFIG["MOZ_WASM_SANDBOXING_EXPAT"]:
+ include("/parser/expat/lib/sources.mozbuild")
+ WASM_SOURCES += ["/parser/expat/lib/" + s for s in expat_sources]
+ for k, v in expat_defines:
+ WASM_DEFINES[k] = v
+ LOCAL_INCLUDES += ["/parser/expat/lib/"]
+
+if CONFIG["MOZ_WASM_SANDBOXING_WOFF2"]:
+ include("/modules/woff2/sources.mozbuild")
+ WASM_SOURCES += ["/modules/woff2/" + s for s in woff2_sources]
+ LOCAL_INCLUDES += ["/modules/woff2/include"]
diff --git a/security/rlbox/rlbox.mozbuild b/security/rlbox/rlbox.mozbuild
new file mode 100644
index 0000000000..8e91eff8ae
--- /dev/null
+++ b/security/rlbox/rlbox.mozbuild
@@ -0,0 +1,57 @@
+# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*-
+# vim: set filetype=python:
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+
+@template
+def RLBoxLibrary(name):
+ WASM_SOURCES += [
+ "/memory/mozalloc/mozalloc.cpp",
+ "/third_party/rlbox_wasm2c_sandbox/c_src/wasm2c_sandbox_wrapper.c",
+ ]
+
+ SOURCES += [f"!{name}.wasm.c"]
+ SOURCES += ["/third_party/wasm2c/wasm2c/wasm-rt-impl.c"]
+
+ # Configuration for the wasm2c runtime used by RLBox
+
+ # Enable SIMD autovectorization
+ if CONFIG["WASM_CC_VERSION"] and int(CONFIG["WASM_CC_VERSION"].split(".")[0]) >= 11:
+ WASM_CXXFLAGS += ["-msimd128"]
+
+ # Use a mmap style allocation
+ DEFINES["WASM_RT_USE_MMAP"] = 1
+
+ # Don't use internal signal handler as Firefox already provides one
+ DEFINES["WASM_RT_SKIP_SIGNAL_RECOVERY"] = 1
+
+ # We provide a custom trap handler that calls MOZ_CRASH
+ DEFINES["WASM_RT_TRAP_HANDLER"] = "moz_wasm2c_trap_handler"
+
+ # Don't limit the nested call depth
+ DEFINES["WASM_RT_USE_STACK_DEPTH_COUNT"] = 0
+
+ # Configure the wasm runtime to invoke a callback when a Wasm memory growth
+ # fails inside the sandbox. This information is used to annotate crash reports.
+ DEFINES["WASM_RT_GROW_FAILED_HANDLER"] = "moz_wasm2c_memgrow_failed"
+
+ SOURCES[f"!{name}.wasm.c"].flags += [
+ "-Wno-unused",
+ ]
+
+ WASM_DEFINES["MOZ_IN_WASM_SANDBOX"] = True
+ if CONFIG["ENABLE_CLANG_PLUGIN"]:
+ WASM_DEFINES["MOZ_CLANG_PLUGIN"] = True
+
+ SANDBOXED_WASM_LIBRARY_NAME = f"{name}.wasm"
+
+ # Ideally we'd also list {name}.wasm.h as an output, but that would put the
+ # generation in export rather than pre-compile, and we prefer the latter.
+ GeneratedFile(
+ f"{name}.wasm.c",
+ script="/config/wasm2c.py",
+ entry_point="wasm2c",
+ inputs=["!/dist/host/bin/wasm2c" + CONFIG["HOST_BIN_SUFFIX"], f"!{name}.wasm"],
+ )