Glean is throwing an error if a string metric is `None`.
Since `get_cpu_brand()` can return `None`, only update telemetry if it's
set.
Depends on D110847
Differential Revision: https://phabricator.services.mozilla.com/D110858
Glean is throwing an error if a string metric is `None`.
Since `get_cpu_brand()` can return `None`, only update telemetry if it's
set.
Depends on D110847
Differential Revision: https://phabricator.services.mozilla.com/D110858
To avoid erroneously importing a package from the system, we remove
system site package.
This is another positive step towards further insulating the Firefox
build from the state of the environment.
This may cause failures if some mach commands have been sneakily
importing system packages instead of properly vendoring them.
Differential Revision: https://phabricator.services.mozilla.com/D110847
This file has been unchanged (other than license changes)
since the 1998 "free the lizard" commit.
It's not referenced from any other file.
It's time to retire, `genrc.sh`.
Differential Revision: https://phabricator.services.mozilla.com/D112374
As an intermediate step to allow mach commands as standalone functions, the MachCommandBase
subclass instance that currently corresponds to self has to be made available as a separate
argument (named command_context).
Differential Revision: https://phabricator.services.mozilla.com/D109650
1. Add task to get and build clang from the main branch.
2. Using clang main toolchain we build on a daily basis linux64 firefox, this tasks also automatically triggers the fetch and build of clang from main branch since we don't cache it.
Differential Revision: https://phabricator.services.mozilla.com/D111063
In bug 1174288 and related bugs we created a framework for generating
test certificates (and later, keys) from specifications at build time. This
turned out to take too long to run on each build, so this system was largely
left disabled (see all of the "# Temporarily disabled. See bug 1256495."
comments removed in this patch). This patch introduces a mach command
("generate-test-certs") that can generate test certificates and keys. The
expectation is that when a developer needs to add new such artifacts, they can
use this new command. Similarly, when the artifacts need to be updated (for
example, because they've expired), this command can regenerate them all at
once.
Differential Revision: https://phabricator.services.mozilla.com/D108869
Allow using the MOZ_KnownLive function to get around it.
Use case is the following: I have an std::function member variable, and I want
that member to be able to capture `this`.
Using a strong reference creates a cycle and thus would leak. I know `this` to
always outlive the member, so it is fine to use a weak capture there.
Differential Revision: https://phabricator.services.mozilla.com/D111850
Glean is throwing an error if a string metric is `None`.
Since `get_cpu_brand()` can return `None`, only update telemetry if it's
set.
Depends on D110847
Differential Revision: https://phabricator.services.mozilla.com/D110858
To avoid erroneously importing a package from the system, we remove
system site package.
This is another positive step towards further insulating the Firefox
build from the state of the environment.
This may cause failures if some mach commands have been sneakily
importing system packages instead of properly vendoring them.
Differential Revision: https://phabricator.services.mozilla.com/D110847
This also makes `MOZ_UPDATE_AGENT` depend on `MOZ_BACKGROUNDTASKS`.
There's no need to lint the `tools/update-programs` project, since
it's not a supported configuration. The next consumer can
rehabilitate it or remove it.
Differential Revision: https://phabricator.services.mozilla.com/D111313
If a custom `topsrcdir` is needed, it can be directly passed in.
I don't see how a separate `mozilla_dir` parameter is necessary - it
appears redundant to me.
Differential Revision: https://phabricator.services.mozilla.com/D110841
The build always uses them anyways, but configure tests don't, and some
of them fail as a consequence in some cases (example: when UBsan is
enabled, all AC_LANG_CPLUSPLUS + AC_CHECK_FUNCS tests fail). We also had
similar problems in the past, such as bug 1513605.
By adding the PIC flags to CFLAGS and CXXFLAGS, we ensure old-configure
tests use the flags as well.
While here, we also remove DSO_CFLAGS, which was always empty, and we
stop passing -fPIC to wasm compiles, because it has no effect there.
Differential Revision: https://phabricator.services.mozilla.com/D108560
The build always uses them anyways, but configure tests don't, and some
of them fail as a consequence in some cases (example: when UBsan is
enabled, all AC_LANG_CPLUSPLUS + AC_CHECK_FUNCS tests fail). We also had
similar problems in the past, such as bug 1513605.
By adding the PIC flags to CFLAGS and CXXFLAGS, we ensure old-configure
tests use the flags as well.
While here, we also remove DSO_CFLAGS, which was always empty, and we
stop passing -fPIC to wasm compiles, because it has no effect there.
Differential Revision: https://phabricator.services.mozilla.com/D108560
At the same time, remove the global define, which isn't necessary and
triggers some rebuilds. Nothing is using MOZ_UPDATE_AGENT right now
so it's safe to enable more broadly, and it will be used to gate new
background update work.
Differential Revision: https://phabricator.services.mozilla.com/D102786
Our bot was expecting to have tasks that were succeeding, right now we no longer need that
and in a case of a build failure, or in a case of the presence of a checker that asserts itself
as error and not warning we should mark the task red by failing the job.
Differential Revision: https://phabricator.services.mozilla.com/D107656
At the same time, remove the global define, which isn't necessary and
triggers some rebuilds. Nothing is using MOZ_UPDATE_AGENT right now
so it's safe to enable more broadly, and it will be used to gate new
background update work.
Differential Revision: https://phabricator.services.mozilla.com/D102786
We already know the project name, we should unbundle it
from the project path.
This change is possible due to the work in 1664083,
and puts us back to the state before 1255185.
Differential Revision: https://phabricator.services.mozilla.com/D106293
Just adding the toolchain tasks for now. They are not yet used by anything, but bug 1693288 might be interested eventually.
As with earlier releases, clang-tidy and mingw builds are not included here, they'll be separate patches.
Differential Revision: https://phabricator.services.mozilla.com/D106554
Upstream wptserve just switched to Python 3 only. That's fine for
web-platform-tests, but it turns out that some marionette harness
tests are also using wptserve and are still on Python 2.
Since fixing marionette harness turns out to be non-trivial and this
blocks other wpt work, this patch does the following:
* Temporarily vendors the last wptserve revision that works with
Python 2 in to testing/web-platform/mozilla/tests/tools/wptserve_py2
* Configures the mach virtualenv to use that copy for Python 2 modules
only.
* Configures the test packaging system to also put that copy in the
common tests zip. Requirements files are updated to use either the
Python 2 version or the Pyhton 3 version as required.
Differential Revision: https://phabricator.services.mozilla.com/D106764
Spidermonkey package builds don't have MOZ_AUTOMATION set (for good
reasons), which means they don't automatically get the sysroot through
MOZ_FETCHES_DIR. We need a way for that particular build to set its
sysroot.
Because the setup for sysroot is more elaborated than adding --sysroot
to C{,XX}FLAGS, it's more convenient to have an option for this.
And while at it, we might as well make that a full-fledged option,
although, we only make it available when targetting Linux (although it
could be useful for other OSes, but there's overlap with other options
on Android, and Mac, so for now, Linux-only will do).
This also allows to pass --without-sysroot along with
--enable-bootstrap, where the bootstrapped sysroot is not used.
Differential Revision: https://phabricator.services.mozilla.com/D106352
This means --enable-bootstrap now is the same as what
--enable-bootstrap=install currently does. --enable-bootstrap=install is at the
same time desupported.
We also remove --enable-bootstrap=update, which is not worth supporting.
Differential Revision: https://phabricator.services.mozilla.com/D105719
This changes things such that setting e.g. NASM=/usr/bin/nasm will avoid
bootstrapping nasm even when bootstrapping is enabled.
This is not applied to CC/CXX/HOST_CC/HOST_CXX because things are more
complicated.
This also simplifies how check_prog is called for a bootstrapped tool,
and avoids the repetition of when.
CBINDGEN handling needs the pattern being applied manually because it
currently doesn't use check_prog. Once --enable-bootstrap=install
becomes the default on developer builds, it will be possible to simplify
this.
Differential Revision: https://phabricator.services.mozilla.com/D105718
Because --with-ccache without a value fulfills a @depends_if, we need to
check for the length. And because we check the length, we can just use a
@depends.
Differential Revision: https://phabricator.services.mozilla.com/D106084
Add a reference to MOZ_NO_ADDREF_RELEASE_ON_RETURN in the message.
Use the qualified name of the function returning the object.
Differential Revision: https://phabricator.services.mozilla.com/D106143
- Only bootstrap sccache when building with --with-ccache=sccache or
CCACHE=sccache
- Don't bootstrap dump_syms or nasm on builds that don't compile
Differential Revision: https://phabricator.services.mozilla.com/D105704
Instead of preemptively check for it, and then check if it's good enough to
build AV1, only check for (and bootstrap) nasm when building AV1 requires
it.
At the same time, we future-proof the code to be able to handle multiple
things requiring nasm, which we're going to add shortly.
Differential Revision: https://phabricator.services.mozilla.com/D105425
We've been building clang with SDK 10.12 since bug 1680152, but the
build-clang script is still assuming we're building with an older one.
Differential Revision: https://phabricator.services.mozilla.com/D105266
We want to find the full path to the correct `lldb-server` in the NDK.
We reference this variable in a later patch when preparing the device for
debugging.
Differential Revision: https://phabricator.services.mozilla.com/D94380
As far as I can tell, we don't use zstandard from python2. As the last
version supporting python2 is 0.14.1, drop installing the python2
version.
Differential Revision: https://phabricator.services.mozilla.com/D105075
None of HAVE_NASM, HAVE_YASM, NASM_MAJOR_VERSION and NASM_MINOR_VERSION are
used. Also, the YASM variable is not necessary for old-configure anymore.
Differential Revision: https://phabricator.services.mozilla.com/D105269
* Puts the docs in order, so that contributors aren't jumping to the
middle of the page to install system tools, then back to the top to
clone Firefox.
* Removes docs on MacPorts since it's being removed in bug 1688263.
* Removes step to manually install brew packages since that happens
automatically in bootstrap now.
* Simplifies mercurial installation docs
* Removes unnecessary mozconfig-tweaking instructions
* Removes almost-always-unnecessary DEFINE and troubleshooting
information.
Differential Revision: https://phabricator.services.mozilla.com/D102973
Because of conflicts between gcov_flush from gcc and the one from llvm, we renamed llvm one into ___custom_llvm_gcov_flush.
Since we switched to clang for linux ccov builds, this workaround is now useless.
Differential Revision: https://phabricator.services.mozilla.com/D104990
Bug 1690930 added sysroots that can be bootstrapped. With this change,
we allow --enable-bootstrap=install to pull the right sysroot for the
configured target, and --enable-bootstrap to update it if it was already
there.
Differential Revision: https://phabricator.services.mozilla.com/D104797
Because of conflicts between gcov_flush from gcc and the one from llvm, we renamed llvm one into ___custom_llvm_gcov_flush.
Since we switched to clang for linux ccov builds, this workaround is now useless.
Differential Revision: https://phabricator.services.mozilla.com/D104990
In the case of toolchain tasks, the tooltool download script already
extracted the SDK in $MOZ_FETCHES_DIR, so no adjustment was required.
Only a Firefox mozconfig needs adaptation.
Differential Revision: https://phabricator.services.mozilla.com/D104646
Bug 1634204 bumped the maximum version of symbols allowed in our
dependency upon libstdc++, which effectively makes some of the
stdc++compat code dead. We can now remove it.
Differential Revision: https://phabricator.services.mozilla.com/D104617
When using the --sysroot argument to clang, clang changes where it
searches for libraries in its own directory, and excludes the lib and
lib32 subdirectories. So we need to move the gcc files to a place where
it does look (and that it also looks without --sysroot).
We however still keep a copy of libstdc++ in the lib directory for
runtime purposes.
Differential Revision: https://phabricator.services.mozilla.com/D104123
We used to only push to opt-level=2 on --enable-release builds, to make
local builds faster with opt-level=1. Years later, it seems opt-level=2 makes no noticeable
difference in build times vs. opt-level=1, neither on my Threadripper
workstation at -j64 or my M1 Macbook Air at -j4.
That's one less difference to carry.
Differential Revision: https://phabricator.services.mozilla.com/D103266
2021-01-22 Kevin Jacobs <kjacobs@mozilla.com>
* automation/abi-check/previous-nss-release, lib/nss/nss.h,
lib/softoken/softkver.h, lib/util/nssutil.h:
Set version numbers to 3.62 Beta
[680ec01577b9]
2021-01-23 Kevin Jacobs <kjacobs@mozilla.com>
* tests/chains/scenarios/nameconstraints.cfg,
tests/libpkix/certs/NameConstraints.ipaca.cert,
tests/libpkix/certs/NameConstraints.ocsp1.cert:
Bug 1686134 - Renew two chains libpkix test certificates. r=rrelyea
[3ddcd845704c]
2021-01-25 Kevin Jacobs <kjacobs@mozilla.com>
* gtests/common/testvectors/hpke-vectors.h,
gtests/pk11_gtest/pk11_hpke_unittest.cc, lib/pk11wrap/pk11hpke.c,
lib/pk11wrap/pk11hpke.h, lib/pk11wrap/pk11pub.h:
Bug 1678398 - Update HPKE to draft-07. r=mt
This patch updates HPKE to draft-07. A few other minor changes are
included:
- Refactor HPKE gtests for increased parameterized testing.
- Replace memcpy calls with PORT_Memcpy
- Serialization tweaks to make way for context Export/Import (D99277).
This should not be landed without an ECH update, as fixed ECH test
vectors will otherwise fail to decrypt.
[e0bf8cadadc7]
* automation/abi-check/expected-report-libnss3.so.txt,
gtests/pk11_gtest/pk11_hpke_unittest.cc, lib/nss/nss.def,
lib/pk11wrap/pk11hpke.c, lib/pk11wrap/pk11pub.h:
Bug 1678398 - Add Export/Import functions for HPKE context. r=mt
This patch adds and exports two new HPKE functions:
`PK11_HPKE_ExportContext` and `PK11_HPKE_ImportContext`, which are
used to export a serialized HPKE context, then later reimport that
context and resume Open and Export operations. Only receiver
contexts are currently supported for export (see the rationale in
pk11pub.h).
One other change introduced here is that `PK11_HPKE_GetEncapPubKey`
now works as expected on the receiver side.
If the `wrapKey` argument is provided to the Export/Import
functions, then the symmetric keys are wrapped with AES Key Wrap
with Padding (SP800-38F, 6.3) prior to serialization.
[8bcd12ab3b34]
* automation/abi-check/expected-report-libssl3.so.txt,
gtests/ssl_gtest/libssl_internals.c,
gtests/ssl_gtest/libssl_internals.h,
gtests/ssl_gtest/ssl_extension_unittest.cc,
gtests/ssl_gtest/tls_ech_unittest.cc, lib/ssl/ssl3con.c,
lib/ssl/ssl3ext.c, lib/ssl/ssl3ext.h, lib/ssl/sslexp.h,
lib/ssl/sslimpl.h, lib/ssl/sslsecur.c, lib/ssl/sslsock.c,
lib/ssl/sslt.h, lib/ssl/tls13con.c, lib/ssl/tls13con.h,
lib/ssl/tls13ech.c, lib/ssl/tls13ech.h, lib/ssl/tls13exthandle.c,
lib/ssl/tls13exthandle.h, lib/ssl/tls13hashstate.c,
lib/ssl/tls13hashstate.h:
Bug 1681585 - Update ECH to Draft-09. r=mt
This patch updates ECH implementation to draft-09. Changes of note
are:
- Acceptance signal derivation is now based on the handshake secret.
- `config_id` hint changes from 32B to 8B, trial decryption added on
the server.
- Duplicate code in HRR cookie handling has been consolidated into
`tls13_HandleHrrCookie`.
- `ech_is_inner` extension is added, which causes a server to indicate
ECH acceptance.
- Per the above, support signaling ECH acceptance when acting as a
backend server in split-mode (i.e. when there is no other local
Encrypted Client Hello state).
[ed07a2e2a124]
2021-01-24 Kevin Jacobs <kjacobs@mozilla.com>
* cmd/selfserv/selfserv.c:
Bug 1681585 - Add ECH support to selfserv. r=mt
Usage example: mkdir dbdir && cd dbdir certutil -N -d . certutil -S
-s "CN=ech-public.com" -n ech-public.com -x -t "C,C,C" -m 1234 -d .
certutil -S -s "CN=ech-private-backend.com" -n ech-private-
backend.com -x -t "C,C,C" -m 2345 -d . ../dist/Debug/bin/selfserv -a
ech-public.com -a ech-private-backend.com -n ech-public.com -n ech-
private-backend.com -p 8443 -d dbdir/ -X publicname:ech-public.com
(Copy echconfig from selfserv output and paste into the below
command) ../dist/Debug/bin/tstclnt -D -p 8443 -v -A
tests/ssl/sslreq.dat -h ech-private-backend.com -o -N <echconfig> -v
[92dcda94c1d4]
Differential Revision: https://phabricator.services.mozilla.com/D102982
For simplicity, this implements just on in `NO_TASKS` (the default) or
on in `ALL_TASKS` (opt-in). This disables all category registrations
when in background task mode; we'll selectively re-enable things as
appropriate.
The flag constants were chosen to smoothly extend to a (16-)bit set in
the future, should we want to add a `JUST_TASKS("task", "other-task")`
option in the future.
This also adds ython tests for gen_static_components.py exercising
categories, simply 'cuz it's easiest to see what this adds in such
tests. Functional tests will follow in patches that actually
implement the new background tasks functionality.
Differential Revision: https://phabricator.services.mozilla.com/D96654
remoteautomation.py is an old collection of code used by android mochitest and android reftest;
it survived the removal of automation.py. This patch removes remoteautomation.py, moving the
majority of the functionality to a new class in mozdevice. Some features are simplified or
removed, and the remainder moved into the remote mochitest/reftest harnesses.
Differential Revision: https://phabricator.services.mozilla.com/D102239
This adds a --enable-bootstrap build flag that will automatically update
cbindgen, node, clang, sccache, nasm, wine, lucetc, dump_syms, pdbstr,
and winchecksec if they are already installed in ~/.mozbuild.
Eventually, we'll want to allow to install toolchains that weren't
already install, but one step at a time.
This explicitly doesn't cover rustc, which is its own can of worms, or
android-{ndk,sdk}, which are not installed via toolchain artifacts
currently.
Differential Revision: https://phabricator.services.mozilla.com/D101723
Instead of adding all possible tool paths from ~/.mozbuild, we only
add the relevant paths for each of the tools we search for.
Differential Revision: https://phabricator.services.mozilla.com/D101718
The only thing that varies between toolchain_search_path and
host_toolchain_search_path is the path to the MSVC C/C++ compiler and
tools, because MSVC has a different compiler for each platform, and host
and target platforms may differ (when e.g. compiling for arm64 on
x86_64).
However, we don't use the MSVC compiler anymore, and the only thing we
use its path for is the assembler, which we don't use for host things
(and we don't have a HOST_AS), and to derive the path to some system
headers/SDK.
Differential Revision: https://phabricator.services.mozilla.com/D101714
There is only one place where it's used:
config/check_vanilla_allocations.py, which is only executed from
js/src/build/Makefile.in on the condition that the build is targeting
Linux and not LTO. But the LTO test is actually outdated, because we
don't build with `-flto`, but `-flto=thin`, so the exclusion doesn't
work anymore.
There is however no AC_CHECK_PROG, and we currently rely on NM to be
given, or fall back to "nm", which works in most cases, except LTO with
clang. It works on CI because in LTO builds we explicitly set NM to
llvm-nm (which can output symbols from LLVM bitcode objects), but we
could also do that automatically.
So we add a full detection of nm/llvm-nm to python configure, and limit
it to Linux, since we only ever use it there.
Differential Revision: https://phabricator.services.mozilla.com/D101681
js/src/aclocal.m4 contains includes starting with `../../`.
As explained in https://bugzilla.mozilla.org/show_bug.cgi?id=1680862#c8,
m4 will first try to resolve this path relative to the working directory
and only if that path doesn't exists, fall back to the location set by
`localdir` (from `-I`).
The working directory is usually MOZ_OBJDIR, an immediate subdirectory
of topsrcdir, so `../../` resolves to a location outside of topsrcdir.
Usually, that path does not exist, and m4 falls back to `localdir` that
was passed via `-I`.
But if that path existed and is incompatible with the current Gecko
checkout, then the build will fail (see bug report). To prevent this
from happening, this patch fixes the working directory to `localdir`,
so that m4 will immediately find the expected file.
Differential Revision: https://phabricator.services.mozilla.com/D101500
I missed these in bug 1682405.
Additionally, after this removal, llvmorg-10-init-5191-ga84b200e604-windows-pgo.patch also becomes unused, so it is deleted too.
Differential Revision: https://phabricator.services.mozilla.com/D101633
glean_parser depends on `iso8601`, but only on Python <= 3.6.
Add the `iso8601` hash to our frozen dependency hash list accordingly.
Differential Revision: https://phabricator.services.mozilla.com/D101494
In addition to warning on regular methods overloading virtual functions,
GCC also watches for static functions doing such overloads.
:andi confirmed that this is not valuable, so the warning is being
disabled for GCC.
Differential Revision: https://phabricator.services.mozilla.com/D101367
Only sanitizer builds require a native llvm-symbolizer executable.
Ideally, we'd build llvm-symbolizer from scratch, which would be faster,
but for now, let's go the easy route and just extract it from the
corresponding native clang builds.
We don't actually do anything with the llvm-symbolizer executable on
android builds, so we don't install it in $FINAL_TARGET, avoilding
the dependency on android builds (plus, we actually don't have an
android-native llvm-symbolizer, so even if it were already shipped, it
would be the wrong file).
Differential Revision: https://phabricator.services.mozilla.com/D101076
Passing `-flto=thin` worked previously but the value passed was just ignored
and full lto was performed. On newer versions of gcc passing an unknown value
causes failure. So this commit checks if `-flto=thin` is passed and fails with
an error message if so, else full lto is enabled if any other value is passed.
Differential Revision: https://phabricator.services.mozilla.com/D100953
Only sanitizer builds require a native llvm-symbolizer executable.
Ideally, we'd build llvm-symbolizer from scratch, which would be faster,
but for now, let's go the easy route and just extract it from the
corresponding native clang builds.
We don't actually do anything with the llvm-symbolizer executable on
android builds, so we don't install it in $FINAL_TARGET, avoilding
the dependency on android builds (plus, we actually don't have an
android-native llvm-symbolizer, so even if it were already shipped, it
would be the wrong file).
Differential Revision: https://phabricator.services.mozilla.com/D101076
In addition to the usual dot-release type of fixes, this also lets us drop a good amount of code that we had patched into our clang 11.
Differential Revision: https://phabricator.services.mozilla.com/D100959
Some distros include flags when they specify the location of a binary,
such as: `XARGS=xargs -r`.
This was confusing in `configure`, since:
* We require that environment variables contain only path
overrides (without flags).
* The error message thrown when configure chokes was unclear: "why
would `$ xargs -r` fail?"
This patch should make our "path-only" requirement more clear.
Differential Revision: https://phabricator.services.mozilla.com/D100044
Old clang shakes its fist when `auto&& item : range` is used with a
range
that returns values instead of references.
Modern `clang` doesn't warn for this scenario, so we disable the
warning.
Also removes pragmas that manually disable this warning.
Differential Revision: https://phabricator.services.mozilla.com/D100155
I was waiting for a better reason to do this, because the cbindgen
changes from 0.15.0 to 0.16.0 don't break trunk builds. But since
downstream has updated (see bug 1684180) and there's no reason not to,
let's do this to avoid future churn.
Differential Revision: https://phabricator.services.mozilla.com/D100499
2020-12-11 Kevin Jacobs <kjacobs@mozilla.com>
* automation/abi-check/expected-report-libssl3.so.txt, automation/abi-
check/previous-nss-release, lib/nss/nss.h, lib/softoken/softkver.h,
lib/util/nssutil.h:
Set version numbers to 3.61 Beta
[f277d2674c80]
* gtests/<...>
Bug 1677207 - Update Google Test to release-1.10.0 r=bbeurdouche
./gtests/google_test/update.sh release-1.10.0 && hg remove -A && hg
add gtests/google_test/*
[89141382df45]
* gtests/<...>
Bug 1677207 - Replace references to TestCase, which is deprecated,
with TestSuite r=bbeurdouche
grep -rl --exclude-dir=google_test INSTANTIATE_TEST_CASE_P gtests |
xargs sed -i '' s/INSTANTIATE_TEST_CASE_P/INSTANTIATE_TEST_SUITE_P/g
grep -rl --exclude-dir=google_test SetUpTestCase gtests | xargs sed
-i '' s/SetUpTestCase/SetUpTestSuite/g
[e15b78be87fa]
* gtests/ssl_gtest/ssl_ciphersuite_unittest.cc,
gtests/ssl_gtest/ssl_debug_env_unittest.cc,
gtests/ssl_gtest/ssl_extension_unittest.cc,
gtests/ssl_gtest/ssl_loopback_unittest.cc,
gtests/ssl_gtest/ssl_renegotiation_unittest.cc,
gtests/ssl_gtest/ssl_resumption_unittest.cc,
gtests/ssl_gtest/ssl_version_unittest.cc,
gtests/ssl_gtest/tls_ech_unittest.cc:
Bug 1677207 - Use GTEST_SKIP in ssl_gtests. r=bbeurdouche
[0772f1bf5fd6]
2020-12-17 Robert Relyea <rrelyea@redhat.com>
* gtests/common/testvectors/ike-aesxcbc-vectors.h,
gtests/common/testvectors/ike-sha1-vectors.h,
gtests/common/testvectors/ike-sha256-vectors.h,
gtests/common/testvectors/ike-sha384-vectors.h,
gtests/common/testvectors/ike-sha512-vectors.h,
gtests/common/testvectors_base/test-structs.h,
gtests/pk11_gtest/manifest.mn, gtests/pk11_gtest/pk11_gtest.gyp,
gtests/pk11_gtest/pk11_ike_unittest.cc, lib/softoken/sftkike.c:
Bug 1682071 IKE Quick mode IPSEC give you incorrect keys if you are
asking for keys smaller than the hash size.
IKE Appendix B fixes.
This patch fixes 2 problems.
If you run either ike v1 App B or quick mode asking for a key with
length
mod macsize = 0, you will generate an extra block that's not used
and overwrites the end of the buffer.
If you use quick mode, the function incorrectly subsets the
existing key
rather than generating a new key. This is correct behavior for
Appendix B, where appendix B is trying to take a generated key and
create a new longer key (with no diversification, just transform the
key into something that's longer), so if you ask for a key less than
or equal to, then you want to just subset the original key. In quick
mode you are taking a base key and creating a set of new keys based
on additional data, so you want to subset the generated data. This
patch only subsets the original key if you aren't doing quickmode.
Full test vectors have now been added for all ike modes in this
patch as well (previously we depended on the FIPS CAVS tests to test
ike, which covers basic IKEv1, IKEv1_psk, and IKEv2 but not IKEv1
App B and IKE v1 Quick mode).
[f4995c9fa185]
2020-12-18 Robert Relyea <rrelyea@redhat.com>
* gtests/common/testvectors/rsa_pkcs1_2048_test-vectors.h,
gtests/common/testvectors/rsa_pkcs1_3072_test-vectors.h,
gtests/common/testvectors/rsa_pkcs1_4096_test-vectors.h,
gtests/freebl_gtest/Makefile, gtests/freebl_gtest/manifest.mn,
gtests/freebl_gtest/rsa_unittest.cc, gtests/manifest.mn,
gtests/pk11_gtest/pk11_rsaencrypt_unittest.cc,
gtests/pk11_gtest/pk11_rsaoaep_unittest.cc, lib/freebl/alghmac.c,
lib/freebl/alghmac.h, lib/freebl/rsapkcs.c:
Bug 1651411 New tlsfuzzer code can still detect timing issues in RSA
operations.
This patch defeats Bleichenbacher by not trying to hide the size of
the decrypted text, but to hide if the text succeeded for failed.
This is done by generating a fake returned text that's based on the
key and the cipher text, so the fake data is always the same for the
same key and cipher text. Both the length and the plain text are
generated with a prf.
Here's the proposed spec the patch codes to:
1. Use SHA-256 to hash the private exponent encoded as a big-
endian integer to a string the same length as the public modulus.
Keep this value secret. (this is just an optimisation so that the
implementation doesn't have to serialise the key over and over
again) 2. Check the length of input according to step one of
https://tools.ietf.org/html/rfc8017#section-7.2.2 3. When provided
with a ciphertext, use SHA-256 HMAC(key=hash_from_step1,
text=ciphertext) to generate the key derivation key 4. Use SHA-256
HMAC with key derivation key as the key and a two-byte big- endian
iterator concatenated with byte string "length" with the big- endian
representation of 2048 (0x0800) as the bit length of the generated
string.
- Iterate this PRF 8 times to generate a 256 byte string 5. initialise
the length of synthetic message to 0 6. split the PRF output into 2
byte strings, convert into big-endian integers, zero- out high-order
bits so that they have the same bit length as the octet length of
the maximum acceptable message size (k-11), select the last integer
that is no larger than (k-11) or remain at 0 if no integer is
smaller than (k-11); this selection needs to be performed using a
side-channel free operators 7. Use SHA-256 HMAC with key derivation
key as the key and a two-byte big-endian iterator concatenated with
byte string "message" with the big-endian representation of k*8
- use this PRF to generate k bytes of output (right-truncate last HMAC
call if the number of generated bytes is not a multiple of SHA-256
output size) 8. perform the RSA decryption as described in step 2 of
section 7.2.2 of rfc8017 9. Verify the EM message padding as
described in step 3 of section 7.2.2 of rfc8017, but instead of
outputting "decryption error", return the last l bytes of the
"message" PRF, when l is the selected synthetic message length using
the "length" PRF, make this decision and copy using side-channel
free operation
[fc05574c7399]
2020-12-22 Robert Relyea <rrelyea@redhat.com>
* gtests/freebl_gtest/rsa_unittest.cc,
gtests/pk11_gtest/pk11_rsaoaep_unittest.cc, lib/freebl/alghmac.c,
lib/freebl/rsapkcs.c:
Restore lost portion of the bleichenbacher timing batch that
addressed review comments. All the review comments pertained to
actual code comments, so this patch only affects the comments.
[fcebe146314e]
2020-12-22 Kevin Jacobs <kjacobs@mozilla.com>
* lib/dev/devslot.c:
Bug 1682863 - Revert nssSlot_IsTokenPresent to 3.58 after ongoing Fx
hangs with slow PKCS11 devices. r=bbeurdouche
This patch reverts the `nssSlot_IsTokenPresent` changes made in bug
1663661 and bug 1679290, restoring the version used in NSS 3.58 and
earlier. It's not an actual `hg backout` because the comment in
lib/dev/devt.h is worth keeping. While removing the nested locking
did resolve the hang for some (most?) third-party modules, problems
remain with some slower tokens after an even further relaxation of
the locking, which defeats the purpose of addressing the races in
the first place.
The crash addressed by these patches was caused by the Intermediate
Preloading Healer in Firefox, which has been disabled. We clearly
have insufficient test coverage for third-party modules, and now
that osclientcerts is enabled in Fx Nightly, any problems caused by
these and similar changes is unlikely to be reported until Fx Beta,
well after NSS RTM. I think the best option at this point is to
simply revert NSS.
[97ef009f7a78] [tip]
Differential Revision: https://phabricator.services.mozilla.com/D100401
Since bug 1632542 we have a new major clang version, several new versions worth of rustc, new pass manager during LTO, and of course eight months worth of code change. Time for a refresh. Same process as the earlier bug.
Differential Revision: https://phabricator.services.mozilla.com/D99243
At the moment installing Python packages with native code is done by calling
`pip install <package>` and does not enforce any SHA hash for installed
dependencies, nor does it enforce a specific version to be installed.
This commit adds `requirements.in` and `requirements.txt` files for native
packages and changes these packages to be installed by running `pip install`
and passing the requirements file for the package. This allows us to pin the
SHA of the various dependencies. The `.txt` files are generated using
`pip-compile`.
We also add the new requirements files to the sparse profile for `mach`.
Differential Revision: https://phabricator.services.mozilla.com/D99912
In clang 11, the contents of `ast_type_traits` were moved to the `clang` namespace, but forwarders were kept to give a grace period for downstreams.
In this week's clang 12, the forwarders have been removed, and our builds will break.
Thanks to upstream kindly allowed this transition period, we can simply do the rename now to prepare for clang 12, and existing clang 11 builds still work.
Differential Revision: https://phabricator.services.mozilla.com/D99817
At this point it's pretty clear that we won't be reverting to clang-9.
This doesn't remove everything with clang-9 in the name. I did a mark-and-sweep GC by hand so this only removes unused entries. Some are still active, e.g. linux64-clang-9 is used to build a number of misc helper tools.
Differential Revision: https://phabricator.services.mozilla.com/D99721
Covers adding the new JS global `GleanPings` for JS, the new structs for C++ at
mozilla::glean_pings, ping-id and string-table-index codegen, the usual
boilerplate for JS and C++ stuff, and tests.
Unresolved:
* What happens if we call this on a non-parent process?
(This isn't a supported mode of operation)
Differential Revision: https://phabricator.services.mozilla.com/D98671
The gyp flag logic in nICEr is supposed to ensure that the code is instrumented
for libFuzzer because we have a related fuzzing target. However, libFuzzer
instrumentation must be completely disabled for TSan due to incompatibility.
The current logic fails in doing so and incorrectly falls back to legacy
trace-pc instrumentation causing the TSan fuzzing build to fail on startup.
Differential Revision: https://phabricator.services.mozilla.com/D99351
This is bug 1639318 all over again except from Rust rather than C++. It's the same symptom, nsXPTCStub vtables aren't marked as valid targets.
In the earlier bug we disabled CFG for C++ on ARM64. Let's do the same for Rust. According to that bug, "It's not clear why this doesn't happen on x86 builds. Given priorities, I can't really justify investigating this, although I suspect that fixing the underlying issue would be pretty much bug 1483885."
Differential Revision: https://phabricator.services.mozilla.com/D99278
Bug 1680152 updated automation to use the 10.12 SDK, and shortly after,
bug 1678174 introduced a change that broke the build with the 10.11 SDK.
Considering we haven't actually supported running on macos 10.11 and
earlier since Firefox 79, and that still supporting building with the
10.11 SDK would mean adding and maintaining code that, in practice,
would never be used by users, I think it is fair at this point that we
just drop support for the 10.11 SDK entirely.
Differential Revision: https://phabricator.services.mozilla.com/D99181
This is step 1 to make the docs here better, as discussed. Another followup
will come in a day or two to update the text/links of the docs to refer to
this and the latest version of repack-rust.
Differential Revision: https://phabricator.services.mozilla.com/D99128
In Bug 1671424 we changed the way we configure firefox and it broke the codeql database
generation job. This job wraps the entire build process in a way similar to
codeql --command="./mach build"
Specifically, the previous way we executed the configure shell script made codeql
disable itself because it was named configure (codeql disables itself during
configuration.)
codeql injects via LD_PRELOAD, and it opens a configuration file and a logging file
(getting fd 3 and 4 respectively.)
autoconf grabs file descriptor 4 and uses it a temporary redirection point either
to a file or stdout. When it does so, it closes the original file descriptor 4 and
points it at the new location, which also affects the codeql code, resulting in
undesired logging output going into the configure script.
Because this file descriptor trick is only used to avoid duplicating a few lines of
code, I removed the trick and duplicated the code.
Differential Revision: https://phabricator.services.mozilla.com/D98642
This matches the other paths further down in the same document.
I'm also adding some quotes because I was getting an "unknown target" error without them, but I'm not sure if the missing quotes were the reason or whether it just happened to succeed on the next try.
Depends on D98673
Differential Revision: https://phabricator.services.mozilla.com/D98674
Mitchell Hentges
Dorel Luca
Mike Hommey
Cosmin Sabou
Alex Lopez
Steve Fink
Andi-Bogdan Postelnicu
Ryan VanderMeulen
Gabriele Svelto
Dana Keeler
Emilio Cobos Álvarez
Mark Banner
Christoph Kerschbaumer
Sebastian Hengst
Nick Alexander
Chris Fallin
Alexandru Michis
Deian Stefan
Agi Sferro
Jesse Schwartzentruber
Mike Conley
Csoregi Natalia
Simon Giesecke
leli
Christian Holler
Tom Ritter
Andi-Bogdan Postelnicu
Benjamin Beurdouche
Kagami Sascha Rosylight
Rob Lemley
Butkovits Atila
David Major
James Graham
Calixte Denizet
Florian Quèze
Noemi Erli
championshuttler
Edmund Wong
Aaron Klotz
Kevin Jacobs
Daniel Le
Geoff Brown
Rob Wu
Aki Sasaki
Connor Sheehan
Razvan Maries
Sylvestre Ledru
Kartik Gautam
Markus Stange
Bogdan Tara
Tarek Ziadé
Dave Townsend
Chris H-C
Dragana Damjanovic
Dimi Lee
Alexis Beingessner