commit b7d40046c0609e77cd9eb088f5e05775edd1c4a2 Author: Georg Koppen gk@torproject.org Date: Tue Jun 16 19:56:35 2020 +0000
Bug 32389: Enable WASM sandbox for Linux builds --- projects/firefox/build | 14 ++++++++++++++ projects/firefox/config | 6 ++++++ 2 files changed, 20 insertions(+)
diff --git a/projects/firefox/build b/projects/firefox/build index 9461034..294e35a 100644 --- a/projects/firefox/build +++ b/projects/firefox/build @@ -39,6 +39,20 @@ export LLVM_CONFIG="/var/tmp/dist/clang/bin/llvm-config" [% END -%] [% END -%]
+[% IF c("var/rlbox") -%] + tar -C /var/tmp/dist -xf [% c('input_files_by_name/wasi-sysroot') %] + # XXX: We need the libclang_rt.builtins-wasm32.a in our clang lib directory. + # Copy it over. + # https://searchfox.org/mozilla-central/source/build/build-clang/build-clang.p..., + # include it directly in our clang + mkdir /var/tmp/dist/clang/lib/clang/[% pc("clang", "version") %]/lib/wasi + cp /var/tmp/dist/wasi-sysroot/lib/clang/9.0.0/lib/wasi/libclang_rt.builtins-wasm32.a /var/tmp/dist/clang/lib/clang/[% pc("clang", "version") %]/lib/wasi + tar -C /var/tmp/dist -xf [% c('input_files_by_name/lucetc') %] + export PATH="/var/tmp/dist/lucetc/bin:$PATH" + export WASM_SANDBOXED_LIBRARIES=graphite,ogg + export WASI_SYSROOT=/var/tmp/dist/wasi-sysroot/share/wasi-sysroot +[% END -%] + tar -C /var/tmp/build -xf [% project %]-[% c('version') %].tar.gz
[% IF c("var/osx") %] diff --git a/projects/firefox/config b/projects/firefox/config index 7c700a8..0ecce9d 100644 --- a/projects/firefox/config +++ b/projects/firefox/config @@ -135,6 +135,12 @@ input_files: name: rust - project: cbindgen name: cbindgen + - project: wasi-sysroot + name: wasi-sysroot + enable: '[% c("var/rlbox") %]' + - project: lucetc + name: lucetc + enable: '[% c("var/rlbox") %]' - project: node name: node - project: nasm