diff --git a/testing/firefox/README b/testing/firefox/README new file mode 100644 index 00000000..70214c4d --- /dev/null +++ b/testing/firefox/README @@ -0,0 +1,123 @@ +firefox +________________________________________________________________________________ + +Mozilla Firefox or simply Firefox, is a free and open-source web browser +developed by the Mozilla Foundation and its subsidiary, the Mozilla Corporation. +Firefox uses the Gecko rendering engine to display web pages. [0] + +Upstream: https://www.mozilla.org/firefox + + +[000] Index +________________________________________________________________________________ + +* Installation ........................................................... [001] + * Runtime Dependencies ................................................. [002] + * Privacy Package ...................................................... [003] +* Setup .................................................................. [004] + * Enable VAAPI Acceleration ............................................ [005] +* Usage .................................................................. [006] +* References ............................................................. [007] + + +[001] Installation +________________________________________________________________________________ + ++------------------------------------------------------------------------------+ +| | +| $ kiss b firefox | +| | ++------------------------------------------------------------------------------+ + + +--[002] Runtime Dependencies --------------------------------------------------- + + Firefox needs a few additional things to be fully functional. One is an icon + theme and the other is a font. If you have already installed the fonts and + icon theme of your choosing, this step can be skipped. + + +----------------------------------------------------------------------------+ + | | + | $ kiss b [hicolor-icon-theme|adwaita-icon-theme] | + | $ kiss b ttf-croscore | + | | + +----------------------------------------------------------------------------+ + + +--[003] Privacy Package -------------------------------------------------------- + + Provided is also an optional privacy package which makes Firefox perform zero + unsolicited network requests. More information can be found in the + documentation (@/firefox-privacy) Expect some website breakage when using this + privacy package YMMV. + + +----------------------------------------------------------------------------+ + | | + | $ kiss b firefox-privacy | + | | + +----------------------------------------------------------------------------+ + + +[004] Setup +________________________________________________________________________________ + +As of Firefox 91. There is no need to set special environment variables to +enable Wayland support (in a Wayland only environment like ours). The browser +should start with no further configuration. + + +--[005] Enable VAAPI Acceleration ---------------------------------------------- + +As of Firefox 102, only the following modification to about:config should be +required, with no need to disable any sandbox features. + ++------------------------------------------------------------------------------+ +| | +| about:config | +| | +| media.ffmpeg.vaapi.enabled=true | +| | ++------------------------------------------------------------------------------+ + +If using AMDGPU, the following kernel option must be enabled. [1] + ++------------------------------------------------------------------------------+ +| | +| .config | +| | +| CONFIG_CHECKPOINT_RESTORE=y | +| | ++------------------------------------------------------------------------------+ + +You may also need to set the following environment variable. + ++------------------------------------------------------------------------------+ +| | +| .profile | +| | +| export MOZ_WAYLAND_DRM_DEVICE=/dev/dri/renderD128 | +| | ++------------------------------------------------------------------------------+ + +To verify that VAAPI is working, launch Firefox with the following argument and +attempt to watch a video. Pay attention for errors in the output. + ++------------------------------------------------------------------------------+ +| | +| $ firefox --MOZ_LOG=PlatformDecoderModule:4 | +| | ++------------------------------------------------------------------------------+ + + +[006] Usage +________________________________________________________________________________ + +Refer to the browser's help output and online documentation for further +information. + + +[007] References +________________________________________________________________________________ + +[0] https://en.wikipedia.org/wiki/Firefox + diff --git a/testing/firefox/build b/testing/firefox/build new file mode 100755 index 00000000..fef79673 --- /dev/null +++ b/testing/firefox/build @@ -0,0 +1,76 @@ +#!/bin/sh -e + +for p in *.patch; do + patch -p1 < "$p" +done + +sed '/UNZIP/d' toolkit/moz.configure > _ +mv -f _ toolkit/moz.configure + +# If using libc++, CXXSTDLIB needs to be set manually. +case $("$CC" -print-file-name=libc++.so) in */*) + export CXXSTDLIB=c++ +esac + +export CFLAGS="$CFLAGS -w" +export CXXFLAGS="$CXXFLAGS -w" + +# Instruct the compiler to trim absolute paths in resulting binaries and instead +# change them to relative paths ($PWD/... ./...). +export RUSTFLAGS="$RUSTFLAGS --remap-path-prefix=$PWD=." + +export LDFLAGS="$LDFLAGS -Wl,-rpath=/usr/lib/firefox,--enable-new-dtags" +export RUSTFLAGS="$RUSTFLAGS -Cdebuginfo=0" +export MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE=system +export MOZ_DEBUG_FLAGS=-g0 +export MOZBUILD_STATE_PATH="$PWD/state" +export MOZ_NOSPAM=1 + +cat > .mozconfig << EOF +ac_add_options --prefix=/usr +ac_add_options --libdir=/usr/lib +ac_add_options --enable-default-toolkit=cairo-gtk3-wayland-only +ac_add_options --enable-strip +ac_add_options --enable-release +ac_add_options --enable-rust-simd +ac_add_options --enable-audio-backends=alsa +ac_add_options --enable-install-strip +ac_add_options --enable-official-branding +ac_add_options --enable-application=browser +ac_add_options --enable-optimize +ac_add_options --with-system-ffi +ac_add_options --with-system-jpeg +ac_add_options --with-system-libvpx +ac_add_options --with-system-nspr +ac_add_options --with-system-nss +ac_add_options --with-system-pixman +ac_add_options --with-system-png +ac_add_options --with-system-webp +ac_add_options --with-system-zlib +ac_add_options --without-wasm-sandboxed-libraries +ac_add_options --disable-eme +ac_add_options --disable-dbus +ac_add_options --disable-tests +ac_add_options --disable-vtune +ac_add_options --disable-updater +ac_add_options --disable-jemalloc +ac_add_options --disable-elf-hack +ac_add_options --disable-callgrind +ac_add_options --disable-profiling +ac_add_options --disable-necko-wifi +ac_add_options --disable-crashreporter +ac_add_options --disable-accessibility +ac_add_options --disable-debug +ac_add_options --disable-debug-symbols +ac_add_options --disable-parental-controls +ac_add_options --disable-system-extension-dirs +EOF + +./mach build +DESTDIR="$1" ./mach install + +# Remove a lot of uneeded "stuff". +rm -rf \ + "$1/usr/include" \ + "$1/usr/lib/firefox-devel" \ + "$1/usr/share/idl" diff --git a/testing/firefox/checksums b/testing/firefox/checksums new file mode 100644 index 00000000..4e8083a0 --- /dev/null +++ b/testing/firefox/checksums @@ -0,0 +1,8 @@ +af813ae7690220ce26215598426a18c7e83c3cbd89619329d244d1a1774f67e4ad +3e4e722acd2ab2e38a16ec23b29296318d77cc54f034d4b21d91bde085e26bc0a3 +49e95cf848c09df618587bb8286bed3ed9531e24554b9ef275f070201078dba7f5 +0d706838ba8eccf898dbebb70c1bd71b2ef76f83c5c89b5af33831584e912e08b4 +9207f7b9aaaeaa7e55b07e8a723f34413f7436404a2c161751e92bf785dffdaa90 +8c0f419eb138061e67dbe2ac73e9c8332649fb90aacb57ac4f00d5de94c0cf23a8 +b45fc52ba1ab0e20991b7f8f5841fecc42840979cee263f943c0e017fbc2345538 +1cace7c18c7d80b4abe8665d5ec2c66a0f3c1807ff3f7c8311b925f8ed635037f0 diff --git a/testing/firefox/depends b/testing/firefox/depends new file mode 100644 index 00000000..fbbaacd4 --- /dev/null +++ b/testing/firefox/depends @@ -0,0 +1,33 @@ +alsa-lib +bzip2 +cairo +cbindgen make +clang make +expat +ffmpeg +fontconfig +freetype-harfbuzz +gdk-pixbuf +glib +gtk+3 +libdrm +libffi +libjpeg-turbo +libpng +libvpx +libwebp +llvm make +m4 make +mesa +nasm make +nodejs make +nspr +nss +pango +pixman +pkgconf make +python make +rust make +wayland +wayland-protocols make +zlib diff --git a/testing/firefox/patches/fix-target-detection.patch b/testing/firefox/patches/fix-target-detection.patch new file mode 100644 index 00000000..8e115a3d --- /dev/null +++ b/testing/firefox/patches/fix-target-detection.patch @@ -0,0 +1,19 @@ +diff --git a/build/moz.configure/rust.configure b/build/moz.configure/rust.configure +index 7a2fd1a..ba5ba62 100644 +--- a/build/moz.configure/rust.configure ++++ b/build/moz.configure/rust.configure +@@ -403,9 +403,13 @@ def detect_rustc_target( + ] + if len(narrowed) == 1: + return narrowed[0].rust_target ++ elif narrowed: ++ candidates = narrowed ++ ++ aliased_vendor = "unknown" if host_or_target.vendor == "pc" else host_or_target.vendor + + # Finally, see if the vendor can be used to disambiguate. +- narrowed = [c for c in candidates if c.target.vendor == host_or_target.vendor] ++ narrowed = [c for c in candidates if c.target.vendor == aliased_vendor] + if len(narrowed) == 1: + return narrowed[0].rust_target + diff --git a/testing/firefox/patches/fix-vaapi.patch b/testing/firefox/patches/fix-vaapi.patch new file mode 100644 index 00000000..5daaeb75 --- /dev/null +++ b/testing/firefox/patches/fix-vaapi.patch @@ -0,0 +1,19 @@ +diff --git a/widget/gtk/GfxInfo.cpp b/widget/gtk/GfxInfo.cpp +index 24885ca..3815eb4 100644 +--- a/widget/gtk/GfxInfo.cpp ++++ b/widget/gtk/GfxInfo.cpp +@@ -1095,14 +1095,6 @@ const nsTArray& GfxInfo::GetGfxDriverInfo() { + nsIGfxInfo::FEATURE_BLOCKED_DEVICE, DRIVER_LESS_THAN, V(23, 1, 1, 0), + "FEATURE_HARDWARE_VIDEO_DECODING_AMD_DISABLE", "Mesa 23.1.1.0"); + +- // Disable on Release/late Beta on AMD +-#if !defined(EARLY_BETA_OR_EARLIER) +- APPEND_TO_DRIVER_BLOCKLIST(OperatingSystem::Linux, DeviceFamily::AtiAll, +- nsIGfxInfo::FEATURE_HARDWARE_VIDEO_DECODING, +- nsIGfxInfo::FEATURE_BLOCKED_DEVICE, +- DRIVER_COMPARISON_IGNORED, V(0, 0, 0, 0), +- "FEATURE_HARDWARE_VIDEO_DECODING_DISABLE", ""); +-#endif + //////////////////////////////////// + // FEATURE_HW_DECODED_VIDEO_ZERO_COPY - ALLOWLIST + APPEND_TO_DRIVER_BLOCKLIST2(OperatingSystem::Linux, DeviceFamily::All, diff --git a/testing/firefox/patches/gcc-14.patch b/testing/firefox/patches/gcc-14.patch new file mode 100644 index 00000000..1fca8992 --- /dev/null +++ b/testing/firefox/patches/gcc-14.patch @@ -0,0 +1,14 @@ +diff -Naur a/media/ffvpx/libavcodec/moz.build b/media/ffvpx/libavcodec/moz.build +--- a/media/ffvpx/libavcodec/moz.build 2024-06-07 00:33:58.000000000 +0300 ++++ b/media/ffvpx/libavcodec/moz.build 2024-06-10 21:13:44.142620997 +0300 +@@ -143,6 +143,10 @@ + c11_flags = ["-std=gnu11"] + if CONFIG["CC_TYPE"] == "clang-cl": + c11_flags.insert(0, "-Xclang") ++ ++if CONFIG["CC_TYPE"] == "gcc" and int(CONFIG["CC_VERSION"].split(".")[0]) >= 14: ++ c11_flags.insert(0, "-Wno-error=incompatible-pointer-types") ++ + CFLAGS += c11_flags + + if not CONFIG["MOZ_SYSTEM_LIBVPX"]: diff --git a/testing/firefox/patches/musl-sandbox.patch b/testing/firefox/patches/musl-sandbox.patch new file mode 100644 index 00000000..89f6d4f5 --- /dev/null +++ b/testing/firefox/patches/musl-sandbox.patch @@ -0,0 +1,41 @@ +make SYS_fork non-fatal, musl uses it for fork(2) + +--- a/security/sandbox/linux/SandboxFilter.cpp ++++ b/security/sandbox/linux/SandboxFilter.cpp +@@ -1253,6 +1253,10 @@ + // usually do something reasonable on error. + case __NR_clone: + return ClonePolicy(Error(EPERM)); ++#ifdef __NR_fork ++ case __NR_fork: ++ return Error(ENOSYS); ++#endif + + # ifdef __NR_fadvise64 + case __NR_fadvise64: + +upstream bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1657849 +diff --git a/security/sandbox/linux/SandboxFilter.cpp b/security/sandbox/linux/SandboxFilter.cpp +index ed958bc..9824433 100644 +--- a/security/sandbox/linux/SandboxFilter.cpp ++++ b/security/sandbox/linux/SandboxFilter.cpp +@@ -1751,6 +1751,6 @@ class GMPSandboxPolicy : public SandboxPolicyCommon { + case __NR_sched_get_priority_max: ++ case __NR_sched_setscheduler: + return Allow(); + case __NR_sched_getparam: +- case __NR_sched_getscheduler: +- case __NR_sched_setscheduler: { ++ case __NR_sched_getscheduler: { + Arg pid(0); +@@ -1926,3 +1926,2 @@ class RDDSandboxPolicy final : public SandboxPolicyCommon { + case __NR_sched_getscheduler: +- case __NR_sched_setscheduler: + case __NR_sched_getattr: +@@ -1932,2 +1931,5 @@ class RDDSandboxPolicy final : public SandboxPolicyCommon { + } ++ // sched_setscheduler gets special treatment here (bug 1657849): ++ case __NR_sched_setscheduler: ++ return Allow(); + + diff --git a/testing/firefox/patches/no-atk.patch b/testing/firefox/patches/no-atk.patch new file mode 100644 index 00000000..807b7de6 --- /dev/null +++ b/testing/firefox/patches/no-atk.patch @@ -0,0 +1,16 @@ +diff --git a/widget/gtk/nsWindow.cpp b/widget/gtk/nsWindow.cpp +index b77fadc..520305a 100644 +--- a/widget/gtk/nsWindow.cpp ++++ b/widget/gtk/nsWindow.cpp +@@ -659,9 +659,11 @@ void nsWindow::Destroy() { + // We need to detach accessible object here because mContainer is a custom + // widget and doesn't call gtk_widget_real_destroy() from destroy handler + // as regular widgets. ++#ifdef ACCESSIBILITY + if (AtkObject* ac = gtk_widget_get_accessible(GTK_WIDGET(mContainer))) { + gtk_accessible_set_widget(GTK_ACCESSIBLE(ac), nullptr); + } ++#endif + + gtk_widget_destroy(mShell); + mShell = nullptr; diff --git a/testing/firefox/patches/no-dbus.patch b/testing/firefox/patches/no-dbus.patch new file mode 100644 index 00000000..0af7aa62 --- /dev/null +++ b/testing/firefox/patches/no-dbus.patch @@ -0,0 +1,54 @@ +diff --git a/toolkit/components/remote/moz.build b/toolkit/components/remote/moz.build +index 4ac1408..0e84246 100644 +--- a/toolkit/components/remote/moz.build ++++ b/toolkit/components/remote/moz.build +@@ -26,7 +26,7 @@ if CONFIG["MOZ_WIDGET_TOOLKIT"] == "gtk": + "RemoteUtils.h", + ] + CXXFLAGS += CONFIG["MOZ_DBUS_CFLAGS"] +- else: ++ elif CONFIG["MOZ_X11"]: + SOURCES += [ + "nsGTKRemoteServer.cpp", + "nsXRemoteClient.cpp", +diff --git a/toolkit/components/remote/nsRemoteService.cpp b/toolkit/components/remote/nsRemoteService.cpp +index 46860f6..66ba453 100644 +--- a/toolkit/components/remote/nsRemoteService.cpp ++++ b/toolkit/components/remote/nsRemoteService.cpp +@@ -7,10 +7,10 @@ + + #include "nsRemoteClient.h" + #ifdef MOZ_WIDGET_GTK +-# ifdef MOZ_ENABLE_DBUS ++# if defined(MOZ_ENABLE_DBUS) + # include "nsDBusRemoteServer.h" + # include "nsDBusRemoteClient.h" +-# else ++# elif defined(MOZ_X11) + # include "nsGTKRemoteServer.h" + # include "nsXRemoteClient.h" + # endif +@@ -198,8 +198,10 @@ nsresult nsRemoteService::SendCommandLine(const nsACString& aProfile, + #ifdef MOZ_WIDGET_GTK + # if defined(MOZ_ENABLE_DBUS) + client = MakeUnique(mStartupToken); +-# else ++# elif defined(MOZ_X11) + client = MakeUnique(mStartupToken); ++# else ++ return NS_ERROR_NOT_AVAILABLE; + # endif + #elif defined(XP_WIN) + client = MakeUnique(); +@@ -260,8 +262,10 @@ void nsRemoteService::StartupServer() { + #ifdef MOZ_WIDGET_GTK + # if defined(MOZ_ENABLE_DBUS) + mRemoteServer = MakeUnique(); +-# else ++# elif defined(MOZ_X11) + mRemoteServer = MakeUnique(); ++# else ++ return; + # endif + #elif defined(XP_WIN) + mRemoteServer = MakeUnique(); diff --git a/testing/firefox/patches/no-fribidi.patch b/testing/firefox/patches/no-fribidi.patch new file mode 100644 index 00000000..ccaf242d --- /dev/null +++ b/testing/firefox/patches/no-fribidi.patch @@ -0,0 +1,12 @@ +diff --git a/config/system-headers.mozbuild b/config/system-headers.mozbuild +index 07d48e7..b4d4c27 100644 +--- a/config/system-headers.mozbuild ++++ b/config/system-headers.mozbuild +@@ -263,7 +263,6 @@ system_headers = [ + "freetype/t1tables.h", + "freetype/ttnameid.h", + "freetype/tttables.h", +- "fribidi/fribidi.h", + "FSp_fopen.h", + "fstream", + "fstream.h", diff --git a/testing/firefox/post-install b/testing/firefox/post-install new file mode 100755 index 00000000..0983d8f0 --- /dev/null +++ b/testing/firefox/post-install @@ -0,0 +1,12 @@ +#!/bin/sh + +cat <