commit 9406dd02daf79c6f6dbfe2f164aec245075a46d4 Author: Georg Koppen gk@torproject.org Date: Sat Jun 20 10:56:12 2020 +0000
Bug 33410: Enable RLBox for macOS --- projects/firefox/build | 8 ++++++-- projects/lucetc/build | 14 +++++++++++--- projects/lucetc/config | 10 ++++++---- projects/wasi-sysroot/build | 16 +++++++++------- projects/wasi-sysroot/config | 6 ++++-- rbm.conf | 2 ++ 6 files changed, 38 insertions(+), 18 deletions(-)
diff --git a/projects/firefox/build b/projects/firefox/build index 79278c8..a9f86bf 100644 --- a/projects/firefox/build +++ b/projects/firefox/build @@ -39,8 +39,12 @@ export LLVM_CONFIG="/var/tmp/dist/clang/bin/llvm-config" # Copy it over. # https://searchfox.org/mozilla-central/source/build/build-clang/build-clang.p..., # include it directly in our clang - mkdir /var/tmp/dist/clang/lib/clang/[% pc("clang", "version") %]/lib/wasi - cp /var/tmp/dist/wasi-sysroot/lib/clang/9.0.0/lib/wasi/libclang_rt.builtins-wasm32.a /var/tmp/dist/clang/lib/clang/[% pc("clang", "version") %]/lib/wasi + rtdir=/var/tmp/dist/clang/lib/clang/[% pc("clang", "version") %]/lib/wasi + [% IF c("var/osx") -%] + rtdir=/var/tmp/dist/macosx-toolchain/clang/lib/clang/[% pc("clang", "version") %]/lib/wasi + [% END-%] + mkdir -p $rtdir + cp /var/tmp/dist/wasi-sysroot/lib/clang/9.0.0/lib/wasi/libclang_rt.builtins-wasm32.a $rtdir tar -C /var/tmp/dist -xf [% c('input_files_by_name/lucetc') %] export PATH="/var/tmp/dist/lucetc/bin:$PATH" export WASM_SANDBOXED_LIBRARIES=graphite,ogg diff --git a/projects/lucetc/build b/projects/lucetc/build index 3f835bd..208f4e1 100644 --- a/projects/lucetc/build +++ b/projects/lucetc/build @@ -1,16 +1,24 @@ #!/bin/bash [% c("var/set_default_env") -%] -[% pc(c('var/compiler'), 'var/setup', { compiler_tarfile => c('input_files_by_name/' _ c('var/compiler')) }) %] +# XXX: Do we need the GCC part here if we set CC to clang anyway? +[% IF c("var/linux") %] + # We need a link to our GCC, otherwise the system cc gets used which points to + # /usr/bin/gcc. + [% pc('gcc', 'var/setup', { compiler_tarfile => c('input_files_by_name/gcc'), + hardened_gcc => 0 }) %] + ln -s gcc /var/tmp/dist/gcc/bin/cc + tar -C /var/tmp/dist -xf $rootdir/[% c('input_files_by_name/binutils') %] + export PATH="/var/tmp/dist/binutils/bin:$PATH" +[% END -%] distdir=/var/tmp/dist builddir=/var/tmp/build/[% project %]
mkdir -p $distdir tar -C /var/tmp/dist -xf [% c('input_files_by_name/cmake') %] tar -C /var/tmp/dist -xf [% c('input_files_by_name/clang') %] -tar -C /var/tmp/dist -xf [% c('input_files_by_name/binutils') %] tar -C /var/tmp/dist -xf [% c('input_files_by_name/rust') %] tar -C /var/tmp/dist -xf [% c('input_files_by_name/wasi-sysroot') %] -export PATH="/var/tmp/dist/cmake/bin:/var/tmp/dist/clang/bin:/var/tmp/dist/binutils/bin:/var/tmp/dist/rust/bin:$PATH" +export PATH="/var/tmp/dist/cmake/bin:/var/tmp/dist/clang/bin:/var/tmp/dist/rust/bin:$PATH" export CC=$distdir/clang/bin/clang export CFLAGS="-L$distdir/clang/lib" export CXX=$distdir/clang/bin/clang++ diff --git a/projects/lucetc/config b/projects/lucetc/config index f60629e..72b79fe 100644 --- a/projects/lucetc/config +++ b/projects/lucetc/config @@ -11,16 +11,18 @@ var:
input_files: - project: container-image + - name: binutils + project: binutils + enable: '[% c("var/linux") %]' # Our clang still needs GCC parts (libstdc++ for instance) so we include that # one here even though compilation gets done solely by clang. - - name: '[% c("var/compiler") %]' - project: '[% c("var/compiler") %]' + - project: '[% c("var/compiler") %]' + name: '[% c("var/compiler") %]' + enable: '[% c("var/linux") %]' - name: cmake project: cmake - name: clang project: clang - - name: binutils - project: binutils - name: rust project: rust - name: wasi-sysroot diff --git a/projects/wasi-sysroot/build b/projects/wasi-sysroot/build index 6cdcf2f..e66d1e0 100644 --- a/projects/wasi-sysroot/build +++ b/projects/wasi-sysroot/build @@ -1,15 +1,17 @@ #!/bin/bash [% c("var/set_default_env") -%] -# We need a link to our GCC, otherwise the system cc gets used which points to -# /usr/bin/gcc. -[% pc('gcc', 'var/setup', { compiler_tarfile => c('input_files_by_name/gcc'), - hardened_gcc => 0 }) %] -ln -s gcc /var/tmp/dist/gcc/bin/cc - +[% IF c("var/linux") %] + # We need a link to our GCC, otherwise the system cc gets used which points to + # /usr/bin/gcc. + [% pc('gcc', 'var/setup', { compiler_tarfile => c('input_files_by_name/gcc'), + hardened_gcc => 0 }) %] + ln -s gcc /var/tmp/dist/gcc/bin/cc + tar -C /var/tmp/dist -xf $rootdir/[% c('input_files_by_name/binutils') %] + export PATH="/var/tmp/dist/binutils/bin:$PATH" +[% END -%] distdir=/var/tmp/dist builddir=/var/tmp/build/[% project %] mkdir -p $distdir -tar -C /var/tmp/dist -xf [% c('input_files_by_name/binutils') %] tar -C /var/tmp/dist -xf [% c('input_files_by_name/cmake') %] tar -C /var/tmp/dist -xf [% c('input_files_by_name/ninja') %] export PATH=/var/tmp/dist/binutils/bin:/var/tmp/dist/cmake/bin:/var/tmp/dist/ninja:$PATH diff --git a/projects/wasi-sysroot/config b/projects/wasi-sysroot/config index 8b3ae15..c4ded87 100644 --- a/projects/wasi-sysroot/config +++ b/projects/wasi-sysroot/config @@ -17,10 +17,12 @@ targets:
input_files: - project: container-image - - name: gcc - project: gcc - name: binutils project: binutils + enable: '[% c("var/linux") %]' + - project: '[% c("var/compiler") %]' + name: '[% c("var/compiler") %]' + enable: '[% c("var/linux") %]' - name: cmake project: cmake - name: ninja diff --git a/rbm.conf b/rbm.conf index c3f778b..e2323db 100644 --- a/rbm.conf +++ b/rbm.conf @@ -444,6 +444,8 @@ targets: LDFLAGS: "-Wl,-syslibroot,$sysrootdir -Wl,-dead_strip -Wl,-pie" macosx_deployment_target: '10.9' locale_ja: ja-JP-mac + # We only support RLBox on the nightly channel for now + rlbox: '[% c("var/nightly") %]' # We only build snowflake on the alpha and nightly # channels for now. snowflake: '[% c("var/alpha") || c("var/nightly") %]'