1 From 91bb79836ee274855393bdf6ab10e24899b1b349 Mon Sep 17 00:00:00 2001

     2 From: Martin Liska <mliska@suse.cz>

     3 Date: Fri, 17 May 2019 14:41:35 +0200

     4 Subject: [PATCH] Fix top-level asm issue.

     5 

     6 ---

     7  security/sandbox/linux/moz.build | 5 ++++-

     8  1 file changed, 4 insertions(+), 1 deletion(-)

     9 

    10 diff --git a/security/sandbox/linux/moz.build b/security/sandbox/linux/moz.build

    11 --- a/security/sandbox/linux/moz.build

    12 +++ b/security/sandbox/linux/moz.build

    13 @@ -64,17 +64,16 @@ UNIFIED_SOURCES += [

    14      "../chromium/base/time/time.cc",

    15      "../chromium/base/time/time_exploded_posix.cc",

    16      "../chromium/base/time/time_now_posix.cc",

    17      "../chromium/sandbox/linux/bpf_dsl/bpf_dsl.cc",

    18      "../chromium/sandbox/linux/bpf_dsl/codegen.cc",

    19      "../chromium/sandbox/linux/bpf_dsl/dump_bpf.cc",

    20      "../chromium/sandbox/linux/bpf_dsl/policy.cc",

    21      "../chromium/sandbox/linux/bpf_dsl/policy_compiler.cc",

    22 -    "../chromium/sandbox/linux/bpf_dsl/syscall_set.cc",

    23      "../chromium/sandbox/linux/seccomp-bpf/die.cc",

    24      "../chromium/sandbox/linux/seccomp-bpf/syscall.cc",

    25      "/ipc/glue/UtilityProcessSandboxing.cpp",

    26      "broker/SandboxBrokerCommon.cpp",

    27      "Sandbox.cpp",

    28      "SandboxBrokerClient.cpp",

    29      "SandboxFilter.cpp",

    30      "SandboxFilterUtil.cpp",

    31 @@ -83,16 +82,17 @@ UNIFIED_SOURCES += [

    32      "SandboxLogging.cpp",

    33      "SandboxOpenedFiles.cpp",

    34      "SandboxReporterClient.cpp",

    35  ]

    36  

    37  SOURCES += [

    38      "../chromium/base/strings/safe_sprintf.cc",

    39      "../chromium/base/third_party/icu/icu_utf.cc",

    40 +    "../chromium/sandbox/linux/bpf_dsl/syscall_set.cc",

    41      "../chromium/sandbox/linux/seccomp-bpf/trap.cc",

    42      "../chromium/sandbox/linux/services/syscall_wrappers.cc",

    43  ]

    44  

    45  # This copy of SafeSPrintf doesn't need to avoid the Chromium logging

    46  # dependency like the one in libxul does, but this way the behavior is

    47  # consistent.  See also the comment in SandboxLogging.h.

    48  SOURCES["../chromium/base/strings/safe_sprintf.cc"].flags += ["-DNDEBUG"]

    49 @@ -106,16 +106,19 @@ if CONFIG["CC_TYPE"] in ("clang", "gcc")

    50          "-Wno-unreachable-code-return"

    51      ]

    52  

    53  if CONFIG["CC_TYPE"] in ("clang", "gcc"):

    54      CXXFLAGS += ["-Wno-error=stack-protector"]

    55      SOURCES["../chromium/sandbox/linux/services/syscall_wrappers.cc"].flags += [

    56          "-Wno-empty-body",

    57      ]

    58 +    SOURCES['../chromium/sandbox/linux/seccomp-bpf/syscall.cc'].flags += [

    59 +        '-fno-lto'

    60 +    ]

    61  

    62  # gcc lto likes to put the top level asm in syscall.cc in a different partition

    63  # from the function using it which breaks the build.  Work around that by

    64  # forcing there to be only one partition.

    65  for f in CONFIG["OS_CXXFLAGS"]:

    66      if f.startswith("-flto") and CONFIG["CC_TYPE"] != "clang":

    67          LDFLAGS += ["--param lto-partitions=1"]

    68