From a6f884ebd6dd5783329e9530443892e819431993 Mon Sep 17 00:00:00 2001 From: Owen Rafferty Date: Tue, 7 Jan 2025 00:42:36 -0600 Subject: [PATCH] firefox: 134.0 --- extra/firefox/checksums | 5 +- .../firefox/patches/mach-python-3.13.1.patch | 120 ------------------ extra/firefox/patches/musl-sandbox.patch | 36 ++---- extra/firefox/sources | 3 +- extra/firefox/version | 2 +- 5 files changed, 18 insertions(+), 148 deletions(-) delete mode 100644 extra/firefox/patches/mach-python-3.13.1.patch diff --git a/extra/firefox/checksums b/extra/firefox/checksums index 244dbeaa..69935db5 100644 --- a/extra/firefox/checksums +++ b/extra/firefox/checksums @@ -1,9 +1,8 @@ -109bf9851d2d233f7886d53de2fac64d6c43e41dfa52436b6893d642a94ae83870 +570073da2cbe06d3d438887fcb207ae1e46cfe7fa8153a0c2ce4ed5deac7a151ec 3e4e722acd2ab2e38a16ec23b29296318d77cc54f034d4b21d91bde085e26bc0a3 49e95cf848c09df618587bb8286bed3ed9531e24554b9ef275f070201078dba7f5 0d706838ba8eccf898dbebb70c1bd71b2ef76f83c5c89b5af33831584e912e08b4 -ff77749c0abdce8930fa98be8e62c1fd567bb690af3a4e173d0428620972dc79a9 -9207f7b9aaaeaa7e55b07e8a723f34413f7436404a2c161751e92bf785dffdaa90 +7cdfeaee2a37a5ba75901cce28975882d638c4c2705839d66a875bbed3471da7be 8c0f419eb138061e67dbe2ac73e9c8332649fb90aacb57ac4f00d5de94c0cf23a8 b45fc52ba1ab0e20991b7f8f5841fecc42840979cee263f943c0e017fbc2345538 1cace7c18c7d80b4abe8665d5ec2c66a0f3c1807ff3f7c8311b925f8ed635037f0 diff --git a/extra/firefox/patches/mach-python-3.13.1.patch b/extra/firefox/patches/mach-python-3.13.1.patch deleted file mode 100644 index 55d3919d..00000000 --- a/extra/firefox/patches/mach-python-3.13.1.patch +++ /dev/null @@ -1,120 +0,0 @@ -diff --git a/python/mach/mach/site.py b/python/mach/mach/site.py ---- a/python/mach/mach/site.py -+++ b/python/mach/mach/site.py -@@ -15,10 +15,11 @@ - import site - import subprocess - import sys - import sysconfig - import tempfile -+import warnings - from contextlib import contextmanager - from pathlib import Path - from typing import Callable, Optional - - from mach.requirements import ( -@@ -817,37 +818,79 @@ - - class PythonVirtualenv: - """Calculates paths of interest for general python virtual environments""" - - def __init__(self, prefix): -- if _is_windows: -- self.bin_path = os.path.join(prefix, "Scripts") -- self.python_path = os.path.join(self.bin_path, "python.exe") -- else: -- self.bin_path = os.path.join(prefix, "bin") -- self.python_path = os.path.join(self.bin_path, "python") - self.prefix = os.path.realpath(prefix) -+ self.paths = self._get_sysconfig_paths(self.prefix) - -- @functools.lru_cache(maxsize=None) -- def resolve_sysconfig_packages_path(self, sysconfig_path): -- # macOS uses a different default sysconfig scheme based on whether it's using the -- # system Python or running in a virtualenv. -- # Manually define the scheme (following the implementation in -- # "sysconfig._get_default_scheme()") so that we're always following the -- # code path for a virtualenv directory structure. -- if os.name == "posix": -- scheme = "posix_prefix" -- else: -- scheme = os.name -+ # Name of the Python executable to use in virtual environments. -+ # An executable with the same name as sys.executable might not exist in -+ # virtual environments. An executable with 'python' as the steam — -+ # without version numbers or ABI flags — will always be present in -+ # virtual environments, so we use that. -+ python_exe_name = "python" + sysconfig.get_config_var("EXE") -+ -+ self.bin_path = self.paths["scripts"] -+ self.python_path = os.path.join(self.bin_path, python_exe_name) - -- sysconfig_paths = sysconfig.get_paths(scheme) -- data_path = Path(sysconfig_paths["data"]) -- path = Path(sysconfig_paths[sysconfig_path]) -- relative_path = path.relative_to(data_path) -+ @staticmethod -+ def _get_sysconfig_paths(prefix): -+ """Calculate the sysconfig paths of a virtual environment in the given prefix. - -- # Path to virtualenv's "site-packages" directory for provided sysconfig path -- return os.path.normpath(os.path.normcase(Path(self.prefix) / relative_path)) -+ The virtual environment MUST be using the same Python distribution as us. -+ """ -+ # Determine the sysconfig scheme used in virtual environments -+ if "venv" in sysconfig.get_scheme_names(): -+ # A 'venv' scheme was added in Python 3.11 to allow users to -+ # calculate the paths for a virtual environment, since the default -+ # scheme may not always be the same as used on virtual environments. -+ # Some common examples are the system Python distributed by macOS, -+ # Debian, and Fedora. -+ # For more information, see https://github.com/python/cpython/issues/89576 -+ venv_scheme = "venv" -+ elif os.name == "nt": -+ # We know that before the 'venv' scheme was added, on Windows, -+ # the 'nt' scheme was used in virtual environments. -+ venv_scheme = "nt" -+ elif os.name == "posix": -+ # We know that before the 'venv' scheme was added, on POSIX, -+ # the 'posix_prefix' scheme was used in virtual environments. -+ venv_scheme = "posix_prefix" -+ else: -+ # This should never happen with upstream Python, as the 'venv' -+ # scheme should always be available on >=3.11, and no other -+ # platforms are supported by the upstream on older Python versions. -+ # -+ # Since the 'venv' scheme isn't available, and we have no knowledge -+ # of this platform/distribution, fallback to the default scheme. -+ # -+ # Hitting this will likely be the result of running a custom Python -+ # distribution targetting a platform that is not supported by the -+ # upstream. -+ # In this case, unless the Python vendor patched the Python -+ # distribution in such a way as the default scheme may not always be -+ # the same scheme, using the default scheme should be correct. -+ # If the vendor did patch Python as such, to work around this issue, -+ # I would recommend them to define a 'venv' scheme that matches -+ # the layout used on virtual environments in their Python distribution. -+ # (rec. signed Filipe Laíns — upstream sysconfig maintainer) -+ venv_scheme = sysconfig.get_default_scheme() -+ warnings.warn( -+ f"Unknown platform '{os.name}', using the default install scheme '{venv_scheme}'. " -+ "If this is incorrect, please ask your Python vendor to add a 'venv' sysconfig scheme " -+ "(see https://github.com/python/cpython/issues/89576, or check the code comment).", -+ stacklevel=2, -+ ) -+ # Build the sysconfig config_vars dictionary for the virtual environment. -+ venv_vars = sysconfig.get_config_vars().copy() -+ venv_vars["base"] = venv_vars["platbase"] = prefix -+ # Get sysconfig paths for the virtual environment. -+ return sysconfig.get_paths(venv_scheme, vars=venv_vars) -+ -+ def resolve_sysconfig_packages_path(self, sysconfig_path): -+ return self.paths[sysconfig_path] - - def site_packages_dirs(self): - dirs = [] - if sys.platform.startswith("win"): - dirs.append(os.path.normpath(os.path.normcase(self.prefix))) - - diff --git a/extra/firefox/patches/musl-sandbox.patch b/extra/firefox/patches/musl-sandbox.patch index 89f6d4f5..5cf2b335 100644 --- a/extra/firefox/patches/musl-sandbox.patch +++ b/extra/firefox/patches/musl-sandbox.patch @@ -1,25 +1,10 @@ -make SYS_fork non-fatal, musl uses it for fork(2) - ---- a/security/sandbox/linux/SandboxFilter.cpp -+++ b/security/sandbox/linux/SandboxFilter.cpp -@@ -1253,6 +1253,10 @@ - // usually do something reasonable on error. - case __NR_clone: - return ClonePolicy(Error(EPERM)); -+#ifdef __NR_fork -+ case __NR_fork: -+ return Error(ENOSYS); -+#endif - - # ifdef __NR_fadvise64 - case __NR_fadvise64: - -upstream bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1657849 diff --git a/security/sandbox/linux/SandboxFilter.cpp b/security/sandbox/linux/SandboxFilter.cpp -index ed958bc..9824433 100644 +index 5f14e78..1b968ea 100644 --- a/security/sandbox/linux/SandboxFilter.cpp +++ b/security/sandbox/linux/SandboxFilter.cpp -@@ -1751,6 +1751,6 @@ class GMPSandboxPolicy : public SandboxPolicyCommon { +@@ -1763,10 +1763,10 @@ class GMPSandboxPolicy : public SandboxPolicyCommon { + return Allow(); + case __NR_sched_get_priority_min: case __NR_sched_get_priority_max: + case __NR_sched_setscheduler: return Allow(); @@ -28,14 +13,21 @@ index ed958bc..9824433 100644 - case __NR_sched_setscheduler: { + case __NR_sched_getscheduler: { Arg pid(0); -@@ -1926,3 +1926,2 @@ class RDDSandboxPolicy final : public SandboxPolicyCommon { + return If(pid == 0, Allow()).Else(Trap(SchedTrap, nullptr)); + } +@@ -1956,12 +1956,14 @@ class RDDSandboxPolicy final : public SandboxPolicyCommon { + case __NR_sched_getparam: + case __NR_sched_setparam: case __NR_sched_getscheduler: - case __NR_sched_setscheduler: case __NR_sched_getattr: -@@ -1932,2 +1931,5 @@ class RDDSandboxPolicy final : public SandboxPolicyCommon { + case __NR_sched_setattr: { + Arg pid(0); + return If(pid == 0, Allow()).Else(Trap(SchedTrap, nullptr)); } + // sched_setscheduler gets special treatment here (bug 1657849): + case __NR_sched_setscheduler: + return Allow(); - + // The priority bounds are also used, sometimes (bug 1838675): + case __NR_sched_get_priority_min: diff --git a/extra/firefox/sources b/extra/firefox/sources index 8c0c0484..71f8497c 100644 --- a/extra/firefox/sources +++ b/extra/firefox/sources @@ -1,8 +1,7 @@ -https://ftp.mozilla.org/pub/firefox/releases/133.0.3/source/firefox-133.0.3.source.tar.xz +https://ftp.mozilla.org/pub/firefox/releases/134.0/source/firefox-134.0.source.tar.xz patches/fix-target-detection.patch patches/fix-vaapi.patch patches/gcc-14.patch -patches/mach-python-3.13.1.patch patches/musl-sandbox.patch patches/no-atk.patch patches/no-dbus.patch diff --git a/extra/firefox/version b/extra/firefox/version index e4344fb4..69fa480a 100644 --- a/extra/firefox/version +++ b/extra/firefox/version @@ -1 +1 @@ -133.0.3 1 +134.0 1