summaryrefslogtreecommitdiff
path: root/extra/firefox
diff options
context:
space:
mode:
Diffstat (limited to 'extra/firefox')
-rw-r--r--extra/firefox/allow-custom-rust-vendor.patch564
-rw-r--r--extra/firefox/avoid-redefinition.patch15
-rw-r--r--extra/firefox/disable-moz-stackwalk.patch18
-rw-r--r--extra/firefox/disable-neon-in-aom.patch39
-rw-r--r--extra/firefox/firefox-safe.desktop11
-rw-r--r--extra/firefox/fix-fortify-system-wrappers.patch13
-rw-r--r--extra/firefox/fix-rust-target.patch31
-rw-r--r--extra/firefox/fix-webrtc-glibcisms.patch20
-rw-r--r--extra/firefox/mallinfo.patch20
-rw-r--r--extra/firefox/sandbox-fork.patch15
-rw-r--r--extra/firefox/sandbox-largefile.patch17
-rw-r--r--extra/firefox/sandbox-sched_setscheduler.patch16
-rw-r--r--extra/firefox/stab.h71
13 files changed, 850 insertions, 0 deletions
diff --git a/extra/firefox/allow-custom-rust-vendor.patch b/extra/firefox/allow-custom-rust-vendor.patch
new file mode 100644
index 0000000..218650f
--- /dev/null
+++ b/extra/firefox/allow-custom-rust-vendor.patch
@@ -0,0 +1,564 @@
+From a5a3db2d32ff1d359aef5ec586b91164570c1685 Mon Sep 17 00:00:00 2001
+From: Dan Gohman <sunfish@mozilla.com>
+Date: Tue, 5 Nov 2019 09:56:15 -0800
+Subject: [PATCH 1/7] Support custom vendor strings.
+
+Add support for custom vendors, as in "x86_64-gentoo-linux-musl".
+
+Fixes #33.
+---
+ src/targets.rs | 108 ++++++++++++++++++++++++++++++++++++++++++++++++-
+ src/triple.rs | 4 --
+ 2 files changed, 106 insertions(+), 6 deletions(-)
+
+diff --git a/src/targets.rs b/src/targets.rs
+index 6ae570e..90b2736 100644
+--- a/third_party/rust/target-lexicon-0.9.0/src/targets.rs
++++ b/third_party/rust/target-lexicon-0.9.0/src/targets.rs
+@@ -1,6 +1,8 @@
+ // This file defines all the identifier enums and target-aware logic.
+
+ use crate::triple::{Endianness, PointerWidth, Triple};
++use alloc::boxed::Box;
++use alloc::string::String;
+ use core::fmt;
+ use core::str::FromStr;
+
+@@ -292,7 +294,7 @@ impl Aarch64Architecture {
+
+ /// The "vendor" field, which in practice is little more than an arbitrary
+ /// modifier.
+-#[derive(Copy, Clone, Debug, PartialEq, Eq, Hash)]
++#[derive(Clone, Debug, PartialEq, Eq, Hash)]
+ #[allow(missing_docs)]
+ pub enum Vendor {
+ Unknown,
+@@ -306,6 +308,15 @@ pub enum Vendor {
+ Sun,
+ Uwp,
+ Wrs,
++
++ /// A custom vendor. "Custom" in this context means that the vendor is
++ /// not specifically recognized by upstream Autotools, LLVM, Rust, or other
++ /// relevant authorities on triple naming. It's useful for people building
++ /// and using locally patched toolchains.
++ ///
++ /// Outside of such patched environments, users of `target-lexicon` should
++ /// treat `Custom` the same as `Unknown` and ignore the string.
++ Custom(Box<String>),
+ }
+
+ /// The "operating system" field, which sometimes implies an environment, and
+@@ -717,6 +728,7 @@ impl fmt::Display for Vendor {
+ Vendor::Sun => "sun",
+ Vendor::Uwp => "uwp",
+ Vendor::Wrs => "wrs",
++ Vendor::Custom(ref name) => name,
+ };
+ f.write_str(s)
+ }
+@@ -738,7 +750,46 @@ impl FromStr for Vendor {
+ "sun" => Vendor::Sun,
+ "uwp" => Vendor::Uwp,
+ "wrs" => Vendor::Wrs,
+- _ => return Err(()),
++ custom => {
++ use alloc::borrow::ToOwned;
++
++ // A custom vendor. Since triple syntax is so loosely defined,
++ // be as conservative as we can to avoid potential ambiguities.
++ // We err on the side of being too strict here, as we can
++ // always relax it if needed.
++
++ // Don't allow empty string names.
++ if custom.is_empty() {
++ return Err(());
++ }
++
++ // Don't allow any other recognized name as a custom vendor,
++ // since vendors can be omitted in some contexts.
++ if Architecture::from_str(custom).is_ok()
++ || OperatingSystem::from_str(custom).is_ok()
++ || Environment::from_str(custom).is_ok()
++ || BinaryFormat::from_str(custom).is_ok()
++ {
++ return Err(());
++ }
++
++ // Require the first character to be an ascii lowercase.
++ if !custom.chars().nth(0).unwrap().is_ascii_lowercase() {
++ return Err(());
++ }
++
++ // Restrict the set of characters permitted in a custom vendor.
++ if custom
++ .find(|c: char| {
++ !(c.is_ascii_lowercase() || c.is_ascii_digit() || c == '_' || c == '.')
++ })
++ .is_some()
++ {
++ return Err(());
++ }
++
++ Vendor::Custom(Box::new(custom.to_owned()))
++ }
+ })
+ }
+ }
+@@ -1120,4 +1171,57 @@ mod tests {
+ assert_eq!(t.environment, Environment::Eabihf);
+ assert_eq!(t.binary_format, BinaryFormat::Elf);
+ }
++
++ #[test]
++ fn custom_vendors() {
++ assert!(Triple::from_str("x86_64--linux").is_err());
++ assert!(Triple::from_str("x86_64-42-linux").is_err());
++ assert!(Triple::from_str("x86_64-__customvendor__-linux").is_err());
++ assert!(Triple::from_str("x86_64-^-linux").is_err());
++ assert!(Triple::from_str("x86_64- -linux").is_err());
++ assert!(Triple::from_str("x86_64-CustomVendor-linux").is_err());
++ assert!(Triple::from_str("x86_64-linux-linux").is_err());
++ assert!(Triple::from_str("x86_64-x86_64-linux").is_err());
++ assert!(Triple::from_str("x86_64-elf-linux").is_err());
++ assert!(Triple::from_str("x86_64-gnu-linux").is_err());
++ assert!(Triple::from_str("x86_64-linux-customvendor").is_err());
++ assert!(Triple::from_str("customvendor").is_err());
++ assert!(Triple::from_str("customvendor-x86_64").is_err());
++ assert!(Triple::from_str("x86_64-").is_err());
++ assert!(Triple::from_str("x86_64--").is_err());
++
++ let t = Triple::from_str("x86_64-customvendor-linux")
++ .expect("can't parse target with custom vendor");
++ assert_eq!(t.architecture, Architecture::X86_64);
++ assert_eq!(
++ t.vendor,
++ Vendor::Custom(Box::new(String::from_str("customvendor").unwrap()))
++ );
++ assert_eq!(t.operating_system, OperatingSystem::Linux);
++ assert_eq!(t.environment, Environment::Unknown);
++ assert_eq!(t.binary_format, BinaryFormat::Elf);
++ assert_eq!(t.to_string(), "x86_64-customvendor-linux");
++
++ let t = Triple::from_str("x86_64-customvendor")
++ .expect("can't parse target with custom vendor");
++ assert_eq!(t.architecture, Architecture::X86_64);
++ assert_eq!(
++ t.vendor,
++ Vendor::Custom(Box::new(String::from_str("customvendor").unwrap()))
++ );
++ assert_eq!(t.operating_system, OperatingSystem::Unknown);
++ assert_eq!(t.environment, Environment::Unknown);
++ assert_eq!(t.binary_format, BinaryFormat::Unknown);
++
++ assert_eq!(
++ Triple::from_str("unknown-foo"),
++ Ok(Triple {
++ architecture: Architecture::Unknown,
++ vendor: Vendor::Custom(Box::new(String::from_str("foo").unwrap())),
++ operating_system: OperatingSystem::Unknown,
++ environment: Environment::Unknown,
++ binary_format: BinaryFormat::Unknown,
++ })
++ );
++ }
+ }
+diff --git a/src/triple.rs b/src/triple.rs
+index 36dcd9a..1abda26 100644
+--- a/third_party/rust/target-lexicon.0.9.0/src/triple.rs
++++ b/third_party/rust/target-lexicon-0.9.0/src/triple.rs
+@@ -322,10 +322,6 @@ mod tests {
+ Triple::from_str("foo"),
+ Err(ParseError::UnrecognizedArchitecture("foo".to_owned()))
+ );
+- assert_eq!(
+- Triple::from_str("unknown-foo"),
+- Err(ParseError::UnrecognizedVendor("foo".to_owned()))
+- );
+ assert_eq!(
+ Triple::from_str("unknown-unknown-foo"),
+ Err(ParseError::UnrecognizedOperatingSystem("foo".to_owned()))
+
+From 6f90d7274dce4e7f9bb120f6b36cf26881bde9a7 Mon Sep 17 00:00:00 2001
+From: Dan Gohman <sunfish@mozilla.com>
+Date: Tue, 5 Nov 2019 10:33:56 -0800
+Subject: [PATCH 2/7] Add more tests.
+
+---
+ src/targets.rs | 30 ++++++++++++++++++++++++++++--
+ 1 file changed, 28 insertions(+), 2 deletions(-)
+
+diff --git a/src/targets.rs b/src/targets.rs
+index 90b2736..7d1f069 100644
+--- a/third_party/rust/target-lexicon-0.9.0/src/targets.rs
++++ b/third_party/rust/target-lexicon-0.9.0/src/targets.rs
+@@ -1174,6 +1174,7 @@ mod tests {
+
+ #[test]
+ fn custom_vendors() {
++ // Test various invalid cases.
+ assert!(Triple::from_str("x86_64--linux").is_err());
+ assert!(Triple::from_str("x86_64-42-linux").is_err());
+ assert!(Triple::from_str("x86_64-__customvendor__-linux").is_err());
+@@ -1190,6 +1191,31 @@ mod tests {
+ assert!(Triple::from_str("x86_64-").is_err());
+ assert!(Triple::from_str("x86_64--").is_err());
+
++ // Test various Unicode things.
++ assert!(
++ Triple::from_str("x86_64-𝓬𝓾𝓼𝓽𝓸𝓶𝓿𝓮𝓷𝓭𝓸𝓻-linux").is_err(),
++ "unicode font hazard"
++ );
++ assert!(
++ Triple::from_str("x86_64-ćúśtőḿvéńdőŕ-linux").is_err(),
++ "diacritical mark stripping hazard"
++ );
++ assert!(
++ Triple::from_str("x86_64-customvendοr-linux").is_err(),
++ "homoglyph hazard"
++ );
++ assert!(Triple::from_str("x86_64-customvendor-linux").is_ok());
++ assert!(
++ Triple::from_str("x86_64-ffi-linux").is_err(),
++ "normalization hazard"
++ );
++ assert!(Triple::from_str("x86_64-ffi-linux").is_ok());
++ assert!(
++ Triple::from_str("x86_64-custom‍vendor-linux").is_err(),
++ "zero-width character hazard"
++ );
++
++ // Test some valid cases.
+ let t = Triple::from_str("x86_64-customvendor-linux")
+ .expect("can't parse target with custom vendor");
+ assert_eq!(t.architecture, Architecture::X86_64);
+@@ -1202,8 +1228,8 @@ mod tests {
+ assert_eq!(t.binary_format, BinaryFormat::Elf);
+ assert_eq!(t.to_string(), "x86_64-customvendor-linux");
+
+- let t = Triple::from_str("x86_64-customvendor")
+- .expect("can't parse target with custom vendor");
++ let t =
++ Triple::from_str("x86_64-customvendor").expect("can't parse target with custom vendor");
+ assert_eq!(t.architecture, Architecture::X86_64);
+ assert_eq!(
+ t.vendor,
+
+From c0e318b3c1be2d1965579f07dd563fb9cc0c4eb1 Mon Sep 17 00:00:00 2001
+From: Dan Gohman <sunfish@mozilla.com>
+Date: Tue, 5 Nov 2019 12:56:31 -0800
+Subject: [PATCH 3/7] Use `.chars().any(...)` instead of
+ `.find(...).is_some()`.
+
+---
+ src/targets.rs | 9 +++------
+ 1 file changed, 3 insertions(+), 6 deletions(-)
+
+diff --git a/src/targets.rs b/src/targets.rs
+index 7d1f069..1078dd3 100644
+--- a/third_party/rust/target-lexicon-0.9.0/src/targets.rs
++++ b/third_party/rust/target-lexicon/src-0.9.0/targets.rs
+@@ -779,12 +779,9 @@ impl FromStr for Vendor {
+ }
+
+ // Restrict the set of characters permitted in a custom vendor.
+- if custom
+- .find(|c: char| {
+- !(c.is_ascii_lowercase() || c.is_ascii_digit() || c == '_' || c == '.')
+- })
+- .is_some()
+- {
++ if custom.chars().any(|c: char| {
++ !(c.is_ascii_lowercase() || c.is_ascii_digit() || c == '_' || c == '.')
++ }) {
+ return Err(());
+ }
+
+
+From f319950528654c772193d9eb3bf40bc8df35fcae Mon Sep 17 00:00:00 2001
+From: Dan Gohman <sunfish@mozilla.com>
+Date: Thu, 7 Nov 2019 15:15:48 -0800
+Subject: [PATCH 4/7] Fix build.rs to generate the correct code to build
+ Vendors.
+
+---
+ build.rs | 14 ++++++++++++--
+ 1 file changed, 12 insertions(+), 2 deletions(-)
+
+diff --git a/build.rs b/build.rs
+index a0ba3b7..446f9e7 100644
+--- a/third_party/rust/target-lexicon-0.9.0/build.rs
++++ b/third_party/rust/target-lexicon-0.9.0/build.rs
+@@ -32,6 +32,7 @@ mod parse_error {
+ }
+ }
+
++use self::targets::Vendor;
+ use self::triple::Triple;
+
+ fn main() {
+@@ -60,7 +61,7 @@ fn write_host_rs(mut out: File, triple: Triple) -> io::Result<()> {
+ " architecture: Architecture::{:?},",
+ triple.architecture
+ )?;
+- writeln!(out, " vendor: Vendor::{:?},", triple.vendor)?;
++ writeln!(out, " vendor: {},", vendor_display(&triple.vendor))?;
+ writeln!(
+ out,
+ " operating_system: OperatingSystem::{:?},",
+@@ -90,7 +91,7 @@ fn write_host_rs(mut out: File, triple: Triple) -> io::Result<()> {
+ writeln!(out, "impl Vendor {{")?;
+ writeln!(out, " /// Return the vendor for the current host.")?;
+ writeln!(out, " pub const fn host() -> Self {{")?;
+- writeln!(out, " Vendor::{:?}", triple.vendor)?;
++ writeln!(out, " {}", vendor_display(&triple.vendor))?;
+ writeln!(out, " }}")?;
+ writeln!(out, "}}")?;
+ writeln!(out)?;
+@@ -160,3 +161,12 @@ fn write_host_rs(mut out: File, triple: Triple) -> io::Result<()> {
+
+ Ok(())
+ }
++
++fn vendor_display(vendor: &Vendor) -> String {
++ match vendor {
++ Vendor::Custom(custom) => {
++ format!("Vendor::Custom(Box::new(String::from_str({:?})))", custom)
++ }
++ known => format!("Vendor::{:?}", known),
++ }
++}
+
+From e558f6934535be3b8ccc9a99a33e861cb7431dfe Mon Sep 17 00:00:00 2001
+From: Dan Gohman <sunfish@mozilla.com>
+Date: Fri, 8 Nov 2019 12:10:34 -0800
+Subject: [PATCH 5/7] Fix custom vendors in `const fn` contexts.
+
+---
+ build.rs | 15 +++++++++++----
+ src/lib.rs | 4 ++--
+ src/targets.rs | 51 ++++++++++++++++++++++++++++++++++++++++++--------
+ 3 files changed, 56 insertions(+), 14 deletions(-)
+
+diff --git a/build.rs b/build.rs
+index 446f9e7..e88206e 100644
+--- a/third_party/rust/target-lexicon-0.9.0/build.rs
++++ b/third_party/rust/target-lexicon-0.9.0/build.rs
+@@ -53,6 +53,8 @@ fn write_host_rs(mut out: File, triple: Triple) -> io::Result<()> {
+ writeln!(out, "use crate::Aarch64Architecture::*;")?;
+ writeln!(out, "#[allow(unused_imports)]")?;
+ writeln!(out, "use crate::ArmArchitecture::*;")?;
++ writeln!(out, "#[allow(unused_imports)]")?;
++ writeln!(out, "use crate::CustomVendor;")?;
+ writeln!(out)?;
+ writeln!(out, "/// The `Triple` of the current host.")?;
+ writeln!(out, "pub const HOST: Triple = Triple {{")?;
+@@ -139,7 +141,11 @@ fn write_host_rs(mut out: File, triple: Triple) -> io::Result<()> {
+ " architecture: Architecture::{:?},",
+ triple.architecture
+ )?;
+- writeln!(out, " vendor: Vendor::{:?},", triple.vendor)?;
++ writeln!(
++ out,
++ " vendor: {},",
++ vendor_display(&triple.vendor)
++ )?;
+ writeln!(
+ out,
+ " operating_system: OperatingSystem::{:?},",
+@@ -164,9 +170,10 @@ fn write_host_rs(mut out: File, triple: Triple) -> io::Result<()> {
+
+ fn vendor_display(vendor: &Vendor) -> String {
+ match vendor {
+- Vendor::Custom(custom) => {
+- format!("Vendor::Custom(Box::new(String::from_str({:?})))", custom)
+- }
++ Vendor::Custom(custom) => format!(
++ "Vendor::Custom(CustomVendor::Static({:?}))",
++ custom.as_str()
++ ),
+ known => format!("Vendor::{:?}", known),
+ }
+ }
+diff --git a/src/lib.rs b/src/lib.rs
+index 8d6da8d..70f6488 100644
+--- a/third_party/rust/target-lexicon-0.9.0/src/lib.rs
++++ b/third_party/rust/target-lexicon-0.9.0/src/lib.rs
+@@ -28,7 +28,7 @@ mod triple;
+ pub use self::host::HOST;
+ pub use self::parse_error::ParseError;
+ pub use self::targets::{
+- Aarch64Architecture, Architecture, ArmArchitecture, BinaryFormat, Environment, OperatingSystem,
+- Vendor,
++ Aarch64Architecture, Architecture, ArmArchitecture, BinaryFormat, CustomVendor, Environment,
++ OperatingSystem, Vendor,
+ };
+ pub use self::triple::{CallingConvention, Endianness, PointerWidth, Triple};
+diff --git a/src/targets.rs b/src/targets.rs
+index 1078dd3..7152020 100644
+--- a/third_party/rust/target-lexicon-0.9.0/src/targets.rs
++++ b/third_party/rust/target-lexicon-0.9.0/src/targets.rs
+@@ -4,6 +4,7 @@ use crate::triple::{Endianness, PointerWidth, Triple};
+ use alloc::boxed::Box;
+ use alloc::string::String;
+ use core::fmt;
++use core::hash::{Hash, Hasher};
+ use core::str::FromStr;
+
+ /// The "architecture" field, which in some cases also specifies a specific
+@@ -292,6 +293,39 @@ impl Aarch64Architecture {
+ }
+ }
+
++/// A string for a `Vendor::Custom` that can either be used in `const`
++/// contexts or hold dynamic strings.
++#[derive(Clone, Debug, Eq)]
++pub enum CustomVendor {
++ /// An owned `String`. This supports the general case.
++ Owned(Box<String>),
++ /// A static `str`, so that `CustomVendor` can be constructed in `const`
++ /// contexts.
++ Static(&'static str),
++}
++
++impl CustomVendor {
++ /// Extracts a string slice.
++ pub fn as_str(&self) -> &str {
++ match self {
++ CustomVendor::Owned(s) => s,
++ CustomVendor::Static(s) => s,
++ }
++ }
++}
++
++impl PartialEq for CustomVendor {
++ fn eq(&self, other: &Self) -> bool {
++ self.as_str() == other.as_str()
++ }
++}
++
++impl Hash for CustomVendor {
++ fn hash<H: Hasher>(&self, state: &mut H) {
++ self.as_str().hash(state)
++ }
++}
++
+ /// The "vendor" field, which in practice is little more than an arbitrary
+ /// modifier.
+ #[derive(Clone, Debug, PartialEq, Eq, Hash)]
+@@ -316,7 +350,7 @@ pub enum Vendor {
+ ///
+ /// Outside of such patched environments, users of `target-lexicon` should
+ /// treat `Custom` the same as `Unknown` and ignore the string.
+- Custom(Box<String>),
++ Custom(CustomVendor),
+ }
+
+ /// The "operating system" field, which sometimes implies an environment, and
+@@ -728,7 +762,7 @@ impl fmt::Display for Vendor {
+ Vendor::Sun => "sun",
+ Vendor::Uwp => "uwp",
+ Vendor::Wrs => "wrs",
+- Vendor::Custom(ref name) => name,
++ Vendor::Custom(ref name) => name.as_str(),
+ };
+ f.write_str(s)
+ }
+@@ -779,13 +813,14 @@ impl FromStr for Vendor {
+ }
+
+ // Restrict the set of characters permitted in a custom vendor.
+- if custom.chars().any(|c: char| {
++ fn is_prohibited_char(c: char) -> bool {
+ !(c.is_ascii_lowercase() || c.is_ascii_digit() || c == '_' || c == '.')
+- }) {
++ }
++ if custom.chars().any(is_prohibited_char) {
+ return Err(());
+ }
+
+- Vendor::Custom(Box::new(custom.to_owned()))
++ Vendor::Custom(CustomVendor::Owned(Box::new(custom.to_owned())))
+ }
+ })
+ }
+@@ -1218,7 +1253,7 @@ mod tests {
+ assert_eq!(t.architecture, Architecture::X86_64);
+ assert_eq!(
+ t.vendor,
+- Vendor::Custom(Box::new(String::from_str("customvendor").unwrap()))
++ Vendor::Custom(CustomVendor::Static("customvendor"))
+ );
+ assert_eq!(t.operating_system, OperatingSystem::Linux);
+ assert_eq!(t.environment, Environment::Unknown);
+@@ -1230,7 +1265,7 @@ mod tests {
+ assert_eq!(t.architecture, Architecture::X86_64);
+ assert_eq!(
+ t.vendor,
+- Vendor::Custom(Box::new(String::from_str("customvendor").unwrap()))
++ Vendor::Custom(CustomVendor::Static("customvendor"))
+ );
+ assert_eq!(t.operating_system, OperatingSystem::Unknown);
+ assert_eq!(t.environment, Environment::Unknown);
+@@ -1240,7 +1275,7 @@ mod tests {
+ Triple::from_str("unknown-foo"),
+ Ok(Triple {
+ architecture: Architecture::Unknown,
+- vendor: Vendor::Custom(Box::new(String::from_str("foo").unwrap())),
++ vendor: Vendor::Custom(CustomVendor::Static("foo")),
+ operating_system: OperatingSystem::Unknown,
+ environment: Environment::Unknown,
+ binary_format: BinaryFormat::Unknown,
+
+From bc4b444133b8a5e56602f7c77c10ef3f1e7a7c78 Mon Sep 17 00:00:00 2001
+From: Dan Gohman <sunfish@mozilla.com>
+Date: Mon, 18 Nov 2019 13:45:58 -0800
+Subject: [PATCH 6/7] Add a testcase with a BOM too, just in case.
+
+---
+ src/targets.rs | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/src/targets.rs b/src/targets.rs
+index 7152020..9a4d990 100644
+--- a/third_party/rust/target-lexicon-0.9.0/src/targets.rs
++++ b/third_party/rust/target-lexicon-0.9.0/src/targets.rs
+@@ -1246,6 +1246,10 @@ mod tests {
+ Triple::from_str("x86_64-custom‍vendor-linux").is_err(),
+ "zero-width character hazard"
+ );
++ assert!(
++ Triple::from_str("x86_64-customvendor-linux").is_err(),
++ "BOM hazard"
++ );
+
+ // Test some valid cases.
+ let t = Triple::from_str("x86_64-customvendor-linux")
+
+From 721fbbe1c9cfd3adc9aaf011c62d6a36078f4133 Mon Sep 17 00:00:00 2001
+From: Dan Gohman <sunfish@mozilla.com>
+Date: Mon, 18 Nov 2019 20:56:40 -0800
+Subject: [PATCH 7/7] Use an anonymous function instead of just a local
+ function.
+
+---
+ src/targets.rs | 5 ++---
+ 1 file changed, 2 insertions(+), 3 deletions(-)
+
+diff --git a/src/targets.rs b/src/targets.rs
+index 9a4d990..eb5a088 100644
+--- a/third_party/rust/target-lexicon-0.9.0/src/targets.rs
++++ b/third_party/rust/target-lexicon-0.9.0/src/targets.rs
+@@ -813,10 +813,9 @@ impl FromStr for Vendor {
+ }
+
+ // Restrict the set of characters permitted in a custom vendor.
+- fn is_prohibited_char(c: char) -> bool {
++ if custom.chars().any(|c: char| {
+ !(c.is_ascii_lowercase() || c.is_ascii_digit() || c == '_' || c == '.')
+- }
+- if custom.chars().any(is_prohibited_char) {
++ }) {
+ return Err(());
+ }
+
diff --git a/extra/firefox/avoid-redefinition.patch b/extra/firefox/avoid-redefinition.patch
new file mode 100644
index 0000000..af11c50
--- /dev/null
+++ b/extra/firefox/avoid-redefinition.patch
@@ -0,0 +1,15 @@
+Author: Rasmus Thomsen <oss@cogitri.dev>
+Reason: FF is mixing userspace net headers (net/if.h) and kernelspace ones
+(linux/if.h), leading to redefinitions. We need to include net/if.h before
+linux/if.h because linux/if.h has redifinition guards whereas net/if.h doesnt
+Upstream: No
+--- a/dom/media/webrtc/transport/third_party/nICEr/src/stun/addrs-netlink.c.orig 2020-07-28 19:24:32.359751046 +0200
++++ b/dom/media/webrtc/transport/third_party/nICEr/src/stun/addrs-netlink.c 2020-07-28 19:24:37.856343751 +0200
+@@ -31,6 +31,7 @@
+ */
+
+ #if defined(LINUX)
++#include <net/if.h>
+ #include "addrs-netlink.h"
+ #include <csi_platform.h>
+ #include <assert.h>
diff --git a/extra/firefox/disable-moz-stackwalk.patch b/extra/firefox/disable-moz-stackwalk.patch
new file mode 100644
index 0000000..b6bc756
--- /dev/null
+++ b/extra/firefox/disable-moz-stackwalk.patch
@@ -0,0 +1,18 @@
+diff --git a/mozglue/misc/StackWalk.cpp b/mozglue/misc/StackWalk.cpp
+index 7d62921..adcfa44 100644
+--- a/mozglue/misc/StackWalk.cpp
++++ b/mozglue/misc/StackWalk.cpp
+@@ -33,13 +33,7 @@ using namespace mozilla;
+ # define MOZ_STACKWALK_SUPPORTS_MACOSX 0
+ #endif
+
+-#if (defined(linux) && \
+- ((defined(__GNUC__) && (defined(__i386) || defined(PPC))) || \
+- defined(HAVE__UNWIND_BACKTRACE)))
+-# define MOZ_STACKWALK_SUPPORTS_LINUX 1
+-#else
+ # define MOZ_STACKWALK_SUPPORTS_LINUX 0
+-#endif
+
+ #if __GLIBC__ > 2 || (__GLIBC__ == 2 && __GLIBC_MINOR__ >= 1)
+ # define HAVE___LIBC_STACK_END 1
diff --git a/extra/firefox/disable-neon-in-aom.patch b/extra/firefox/disable-neon-in-aom.patch
new file mode 100644
index 0000000..6df05a1
--- /dev/null
+++ b/extra/firefox/disable-neon-in-aom.patch
@@ -0,0 +1,39 @@
+Firefox (75) and AOM itself fail to build with NEON enabled. As such
+we should disable it for now.
+
+In file included from /home/buildozer/aports/community/firefox/src/firefox-75.0/third_party/aom/aom_dsp/arm/blend_a64_mask_neon.c:12:
+/home/buildozer/aports/community/firefox/src/firefox-75.0/third_party/aom/av1/common/arm/mem_neon.h: In function 'load_u8_8x8':
+/usr/lib/gcc/armv7-alpine-linux-musleabihf/9.3.0/include/arm_neon.h:10303:1: error: inlining failed in call to always_inline 'vld1_u8': target specific option mismatch
+10303 | vld1_u8 (const uint8_t * __a)
+ | ^~~~~~~
+--- a/media/libaom/moz.build 2020-04-09 08:20:14.608439591 +0200
++++ b/media/libaom/moz.build 2020-04-09 08:20:21.801745246 +0200
+@@ -42,26 +42,6 @@
+ ASFLAGS += [ '-I%s/media/libaom/config/linux/ia32/' % TOPSRCDIR ]
+ LOCAL_INCLUDES += [ '/media/libaom/config/linux/ia32/' ]
+ EXPORTS.aom += [ 'config/linux/ia32/config/aom_config.h' ]
+-elif CONFIG['CPU_ARCH'] == 'arm':
+- EXPORTS.aom += files['ARM_EXPORTS']
+- ASFLAGS += [
+- '-I%s/media/libaom/config/linux/arm/' % TOPSRCDIR,
+- '-I%s/libaom' % OBJDIR,
+- ]
+- LOCAL_INCLUDES += [ '/media/libaom/config/linux/arm/' ]
+- EXPORTS.aom += [ 'config/linux/arm/config/aom_config.h' ]
+-
+- SOURCES += files['ARM_SOURCES']
+-
+- for f in SOURCES:
+- if f.endswith('neon.c'):
+- SOURCES[f].flags += CONFIG['VPX_ASFLAGS']
+-
+- if CONFIG['OS_TARGET'] == 'Android':
+- # For cpu-features.h
+- LOCAL_INCLUDES += [
+- '%%%s/sources/android/cpufeatures' % CONFIG['ANDROID_NDK'],
+- ]
+ else:
+ # Generic C-only configuration
+ EXPORTS.aom += files['GENERIC_EXPORTS']
+
+
diff --git a/extra/firefox/firefox-safe.desktop b/extra/firefox/firefox-safe.desktop
new file mode 100644
index 0000000..1538fc6
--- /dev/null
+++ b/extra/firefox/firefox-safe.desktop
@@ -0,0 +1,11 @@
+[Desktop Entry]
+Encoding=UTF-8
+Exec=firefox -safe-mode %u
+Icon=firefox
+Type=Application
+Terminal=false
+MultipleArgs=false
+Name=Firefox - Safe Mode
+GenericName=Web Browser - Safe Mode
+StartupNotify=false
+Categories=Network;WebBrowser;
diff --git a/extra/firefox/fix-fortify-system-wrappers.patch b/extra/firefox/fix-fortify-system-wrappers.patch
new file mode 100644
index 0000000..17cf7e3
--- /dev/null
+++ b/extra/firefox/fix-fortify-system-wrappers.patch
@@ -0,0 +1,13 @@
+The wrapper features.h gets pulled in by system headers causing thigns to
+break. We work around it by simply not wrap features.h
+
+--- ./config/system-headers.mozbuild.orig
++++ ./config/system-headers.mozbuild
+@@ -229,7 +229,6 @@
+ 'execinfo.h',
+ 'extras.h',
+ 'fcntl.h',
+- 'features.h',
+ 'fenv.h',
+ 'ffi.h',
+ 'fibdef.h',
diff --git a/extra/firefox/fix-rust-target.patch b/extra/firefox/fix-rust-target.patch
new file mode 100644
index 0000000..9342063
--- /dev/null
+++ b/extra/firefox/fix-rust-target.patch
@@ -0,0 +1,31 @@
+Allow us to just set RUST_TARGEt ourselves instead of hacking around in mozilla's
+weird custom build system...
+
+--- a/build/moz.configure/rust.configure
++++ b/build/moz.configure/rust.configure
+@@ -225,7 +225,9 @@
+ data.setdefault(key, []).append(namespace(rust_target=t, target=info))
+ return data
+
+-
++@imports('os')
++@imports(_from='mozbuild.util', _import='ensure_unicode')
++@imports(_from='mozbuild.util', _import='system_encoding')
+ def detect_rustc_target(
+ host_or_target, compiler_info, arm_target, rust_supported_targets
+ ):
+@@ -340,13 +342,13 @@
+
+ return None
+
+- rustc_target = find_candidate(candidates)
++ rustc_target = os.environ['RUST_TARGET']
+
+ if rustc_target is None:
+ die("Don't know how to translate {} for rustc".format(host_or_target.alias))
+
+- return rustc_target
++ return ensure_unicode(rustc_target, system_encoding)
+
+
+ @imports('os')
diff --git a/extra/firefox/fix-webrtc-glibcisms.patch b/extra/firefox/fix-webrtc-glibcisms.patch
new file mode 100644
index 0000000..4f9043b
--- /dev/null
+++ b/extra/firefox/fix-webrtc-glibcisms.patch
@@ -0,0 +1,20 @@
+--- a/third_party/libwebrtc/system_wrappers/source/cpu_features_linux.cc
++++ b/third_party/libwebrtc/system_wrappers/source/cpu_features_linux.cc
+@@ -18,7 +18,7 @@
+ #define WEBRTC_GLIBC_PREREQ(a, b) 0
+ #endif
+
+-#if WEBRTC_GLIBC_PREREQ(2, 16)
++#if !__GLIBC__ || WEBRTC_GLIBC_PREREQ(2, 16)
+ #include <sys/auxv.h>
+ #else
+ #include <errno.h>
+@@ -40,7 +40,7 @@
+ int architecture = 0;
+ uint64_t hwcap = 0;
+ const char* platform = NULL;
+-#if WEBRTC_GLIBC_PREREQ(2, 16)
++#if !__GLIBC__ || WEBRTC_GLIBC_PREREQ(2, 16)
+ hwcap = getauxval(AT_HWCAP);
+ platform = (const char*)getauxval(AT_PLATFORM);
+ #else
diff --git a/extra/firefox/mallinfo.patch b/extra/firefox/mallinfo.patch
new file mode 100644
index 0000000..7916a20
--- /dev/null
+++ b/extra/firefox/mallinfo.patch
@@ -0,0 +1,20 @@
+diff --git a/xpcom/base/nsMemoryReporterManager.cpp b/xpcom/base/nsMemoryReporterManager.cpp
+index 865e1b5430..9a00dafecb 100644
+--- a/xpcom/base/nsMemoryReporterManager.cpp
++++ b/xpcom/base/nsMemoryReporterManager.cpp
+@@ -124,6 +124,7 @@ static MOZ_MUST_USE nsresult ResidentUniqueDistinguishedAmount(int64_t* aN) {
+ return GetProcSelfSmapsPrivate(aN);
+ }
+
++#ifdef __GLIBC__
+ # ifdef HAVE_MALLINFO
+ # define HAVE_SYSTEM_HEAP_REPORTER 1
+ static MOZ_MUST_USE nsresult SystemHeapSize(int64_t* aSizeOut) {
+@@ -143,6 +144,7 @@ static MOZ_MUST_USE nsresult SystemHeapSize(int64_t* aSizeOut) {
+ return NS_OK;
+ }
+ # endif
++#endif
+
+ #elif defined(__DragonFly__) || defined(__FreeBSD__) || defined(__NetBSD__) || \
+ defined(__OpenBSD__) || defined(__FreeBSD_kernel__)
diff --git a/extra/firefox/sandbox-fork.patch b/extra/firefox/sandbox-fork.patch
new file mode 100644
index 0000000..c7222ab
--- /dev/null
+++ b/extra/firefox/sandbox-fork.patch
@@ -0,0 +1,15 @@
+make SYS_fork non-fatal, musl uses it for fork(2)
+
+--- a/security/sandbox/linux/SandboxFilter.cpp
++++ b/security/sandbox/linux/SandboxFilter.cpp
+@@ -1253,6 +1253,10 @@
+ // usually do something reasonable on error.
+ case __NR_clone:
+ return ClonePolicy(Error(EPERM));
++#ifdef __NR_fork
++ case __NR_fork:
++ return Error(ENOSYS);
++#endif
+
+ # ifdef __NR_fadvise64
+ case __NR_fadvise64:
diff --git a/extra/firefox/sandbox-largefile.patch b/extra/firefox/sandbox-largefile.patch
new file mode 100644
index 0000000..f1cf28b
--- /dev/null
+++ b/extra/firefox/sandbox-largefile.patch
@@ -0,0 +1,17 @@
+--- a/security/sandbox/linux/SandboxFilter.cpp 2020-11-23 22:41:14.556378950 +0100
++++ b/security/sandbox/linux/SandboxFilter.cpp 2020-11-23 22:40:23.595806444 +0100
+@@ -68,7 +68,13 @@
+
+ // The headers define O_LARGEFILE as 0 on x86_64, but we need the
+ // actual value because it shows up in file flags.
+-#define O_LARGEFILE_REAL 00100000
++#if defined(__x86_64__) || defined(__i386__) || defined(__mips__)
++#define O_LARGEFILE_REAL 0100000
++#elif defined(__powerpc__)
++#define O_LARGEFILE_REAL 0200000
++#else
++#define O_LARGEFILE_REAL O_LARGEFILE
++#endif
+
+ // Not part of UAPI, but userspace sees it in F_GETFL; see bug 1650751.
+ #define FMODE_NONOTIFY 0x4000000
diff --git a/extra/firefox/sandbox-sched_setscheduler.patch b/extra/firefox/sandbox-sched_setscheduler.patch
new file mode 100644
index 0000000..3163c9e
--- /dev/null
+++ b/extra/firefox/sandbox-sched_setscheduler.patch
@@ -0,0 +1,16 @@
+upstream bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1657849
+--- a/security/sandbox/linux/SandboxFilter.cpp
++++ b/security/sandbox/linux/SandboxFilter.cpp
+@@ -1694,10 +1694,10 @@
+ return Allow();
+ case __NR_sched_get_priority_min:
+ case __NR_sched_get_priority_max:
++ case __NR_sched_setscheduler:
+ return Allow();
+ case __NR_sched_getparam:
+- case __NR_sched_getscheduler:
+- case __NR_sched_setscheduler: {
++ case __NR_sched_getscheduler: {
+ Arg<pid_t> pid(0);
+ return If(pid == 0, Allow()).Else(Trap(SchedTrap, nullptr));
+ }
diff --git a/extra/firefox/stab.h b/extra/firefox/stab.h
new file mode 100644
index 0000000..6f70af3
--- /dev/null
+++ b/extra/firefox/stab.h
@@ -0,0 +1,71 @@
+/* $OpenBSD: stab.h,v 1.3 2003/06/02 19:34:12 millert Exp $ */
+/* $NetBSD: stab.h,v 1.4 1994/10/26 00:56:25 cgd Exp $ */
+
+/*-
+ * Copyright (c) 1991 The Regents of the University of California.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of the University nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * @(#)stab.h 5.2 (Berkeley) 4/4/91
+ */
+
+#ifndef _STAB_H_
+#define _STAB_H_
+
+/*
+ * The following are symbols used by various debuggers and by the Pascal
+ * compiler. Each of them must have one (or more) of the bits defined by
+ * the N_STAB mask set.
+ */
+
+#define N_GSYM 0x20 /* global symbol */
+#define N_FNAME 0x22 /* F77 function name */
+#define N_FUN 0x24 /* procedure name */
+#define N_STSYM 0x26 /* data segment variable */
+#define N_LCSYM 0x28 /* bss segment variable */
+#define N_MAIN 0x2a /* main function name */
+#define N_PC 0x30 /* global Pascal symbol */
+#define N_RSYM 0x40 /* register variable */
+#define N_SLINE 0x44 /* text segment line number */
+#define N_DSLINE 0x46 /* data segment line number */
+#define N_BSLINE 0x48 /* bss segment line number */
+#define N_SSYM 0x60 /* structure/union element */
+#define N_SO 0x64 /* main source file name */
+#define N_LSYM 0x80 /* stack variable */
+#define N_BINCL 0x82 /* include file beginning */
+#define N_SOL 0x84 /* included source file name */
+#define N_PSYM 0xa0 /* parameter variable */
+#define N_EINCL 0xa2 /* include file end */
+#define N_ENTRY 0xa4 /* alternate entry point */
+#define N_LBRAC 0xc0 /* left bracket */
+#define N_EXCL 0xc2 /* deleted include file */
+#define N_RBRAC 0xe0 /* right bracket */
+#define N_BCOMM 0xe2 /* begin common */
+#define N_ECOMM 0xe4 /* end common */
+#define N_ECOML 0xe8 /* end common (local name) */
+#define N_LENG 0xfe /* length of preceding entry */
+
+#endif /* !_STAB_H_ */