gecko-dev/build
Jed Davis 3680ce4b19 Bug 1440203 - Support memfd_create in IPC shared memory. r=glandium
This commit also allows `memfd_create` in the seccomp-bpf policy for all
process types.

`memfd_create` is an API added in Linux 3.17 (and adopted by FreeBSD
for the upcoming version 13) for creating anonymous shared memory
not connected to any filesystem.  Supporting it means that sandboxed
child processes on Linux can create shared memory directly instead of
messaging a broker, which is unavoidably slower, and it should avoid
the problems we'd been seeing with overly small `/dev/shm` in container
environments (which were causing serious problems for using Firefox for
automated testing of frontend projects).

`memfd_create` also introduces the related operation of file seals:
irrevocably preventing types of modifications to a file.  Unfortunately,
the most useful one, `F_SEAL_WRITE`, can't be relied on; see the large
comment in `SharedMemory:ReadOnlyCopy` for details.  So we still use
the applicable seals as defense in depth, but read-only copies are
implemented on Linux by using procfs (and see the comments on the
`ReadOnlyCopy` function in `shared_memory_posix.cc` for the subtleties
there).

There's also a FreeBSD implementation, using `cap_rights_limit` for
read-only copies, if the build host is new enough to have the
`memfd_create` function.

Differential Revision: https://phabricator.services.mozilla.com/D90605
2020-10-08 02:25:20 +00:00
..
autoconf Bug 1669633 - Don't recurse into js/src for the python-part of configure. r=firefox-build-system-reviewers,rstewart 2020-10-07 21:13:19 +00:00
build-clang Bug 1667841 - Update revert-r362047-and-r362065.patch for clang-12 r=firefox-build-system-reviewers,rstewart 2020-09-28 19:03:18 +00:00
build-infer
clang-plugin Bug 1664898 - move media/mtransport to media/transport. r=ng 2020-09-22 21:43:49 +00:00
compare-mozconfig Bug 1651824 - Run mozboot and compare-mozconfig unit tests in mozbuild task and not in make check r=froydnj 2020-07-10 18:25:07 +00:00
debian-packages Bug 1647880 - Upgrade cmake to 3.16.3 for toolchain builds. r=firefox-build-system-reviewers,rstewart 2020-06-24 15:17:03 +00:00
docs Bug 1588458 - Replace dxr by searchfox in the rst doc r=ahal DONTBUILD 2020-10-08 08:13:15 +00:00
gyp_includes
liblowercase Bug 1638401 - Make liblowercase also wrap fxstatat. r=froydnj 2020-05-15 17:10:34 +00:00
macosx Bug 1669642 - Rename LLVMCONFIG to LLVM_CONFIG and derive it like we do for LLVM_OBJDUMP. r=firefox-build-system-reviewers,andi,rstewart 2020-10-07 22:36:49 +00:00
mobile Bug 1638974 - Run 'mach mochitest' with Python 3; r=bc 2020-09-28 16:30:33 +00:00
moz.configure Bug 1440203 - Support memfd_create in IPC shared memory. r=glandium 2020-10-08 02:25:20 +00:00
package/mac_osx
pgo Bug 1663424 - fix pgo file writing from non-webcontent child processes in PROFILE_GENERATE runs, r=dmajor 2020-09-08 17:08:41 +00:00
sanitizers Bug 1656526 - Add resolver_64.cc to asan_blacklist_win.txt r=dmajor 2020-09-15 14:50:26 +00:00
sparse-profiles Bug 1661117 - Follow-up to update standalone WR CI for osmesa-src bump. r=kvark 2020-09-16 18:02:45 +00:00
tests/cram
unix Bug 1652374 - Use LLD for non-PGO-profile-use clang builds on automation. r=froydnj 2020-08-04 02:26:42 +00:00
valgrind Bug 1657650 - Require that Mach command providers subclass MachCommandBase. r=remote-protocol-reviewers,marionette-reviewers,maja_zf,mhentges,froydnj 2020-08-07 18:24:59 +00:00
win32 Bug 1669409: Convert the nsIPrintSettings:kEnableSelectionRB flag into a boolean, since it's the only entry in a bitfield. r=jwatt,emilio 2020-10-07 00:36:51 +00:00
win64 Bug 1642727 - Remove the VarCache machinery r=njn 2020-09-08 17:12:01 +00:00
win64-aarch64
workspace-hack
__init__.py
.gdbinit Bug 1642121 - Remove directory dependence of GDB init files. r=nalexander 2020-06-16 15:45:43 +00:00
.gdbinit.loader Bug 1642121 - Remove directory dependence of GDB init files. r=nalexander 2020-06-16 15:45:43 +00:00
.gdbinit.py.in Bug 1642121 - Remove directory dependence of GDB init files. r=nalexander 2020-06-16 15:45:43 +00:00
.lldbinit.in Bug 1654994 - Switch full symbols archive to tar.zst. r=firefox-build-system-reviewers,rstewart,tomprince 2020-07-31 20:27:54 +00:00
appini_header.py
application.ini.in
binary-location.mk
build_virtualenv_packages.txt Bug 1663755 - Remove inherit-from-parent-environment implementation r=ahal 2020-09-11 22:14:41 +00:00
buildconfig.py
cargo-host-linker
cargo-host-linker.bat
cargo-linker
cargo-linker.bat
checksums.py
common_virtualenv_packages.txt Bug 1656993: Create and require by default global virtualenvs in ~/.mozbuild for mach r=mhentges,ahal 2020-08-17 17:21:02 +00:00
defines.sh
dumbmake-dependencies
gecko_templates.mozbuild
gen_symverscript.py
gen_test_packages_manifest.py Bug 1644778 - add a mozperftest to measure browser.xhtml DOM size, r=tarek,dhouse,sparky 2020-07-13 15:44:38 +00:00
genrc.sh
gn.mozbuild
gyp_base.mozbuild
gyp.mozbuild Bug 1638830 - Remove MOZ_WEBRTC_HARDWARE_AEC_NS and its related code r=padenot 2020-05-20 13:22:40 +00:00
mach_bootstrap.py Bug 1668718 - Don't import mach_bootstrap for virtualenvs that don't have populate_local_paths set, or in Python 3 r=mhentges,firefox-build-system-reviewers 2020-10-05 17:05:05 +00:00
mach_virtualenv_packages.txt Bug 1656993: Create and require by default global virtualenvs in ~/.mozbuild for mach r=mhentges,ahal 2020-08-17 17:21:02 +00:00
midl.py Bug 1661739 - Adjust merge_dlldata to widl output. r=nalexander 2020-09-01 20:25:49 +00:00
moz-automation.mk Bug 1648651 - Fix building with --disable-compile-environment. r=firefox-build-system-reviewers,rstewart 2020-06-28 23:43:18 +00:00
moz.build Bug 1646936 - Generate a single metadata file in the objdir, and feed it to cbindgen. r=glandium 2020-06-26 10:41:26 +00:00
mozconfig.artifact Bug 1654994 - Make full symbols archive opt-in rather than opt-out. r=froydnj 2020-07-31 10:01:54 +00:00
mozconfig.artifact.automation
mozconfig.automation
mozconfig.cache
mozconfig.clang-cl Bug 1648519 - Add back clang lib directory to LIB on Windows r=glandium 2020-06-26 19:36:30 +00:00
mozconfig.comm-support
mozconfig.common
mozconfig.common.override
mozconfig.lld-link
mozconfig.nasm
mozconfig.no-compile Bug 1669642 - Rename LLVMCONFIG to LLVM_CONFIG and derive it like we do for LLVM_OBJDUMP. r=firefox-build-system-reviewers,andi,rstewart 2020-10-07 22:36:49 +00:00
mozconfig.node
mozconfig.rust
mozconfig.wasm-sandboxing
mozconfig.win-common Bug 1654994 - Stop setting up makecab for the build. r=firefox-build-system-reviewers,rstewart 2020-07-31 10:01:53 +00:00
non-unified-compat Bug 1666993 - new bakend for static-analysis that prevents regressing issues with files that can be built outside of the unified environment. r=botond 2020-09-30 04:29:25 +00:00
qemu-wrap
RunCbindgen.py Bug 1646936 - Generate a single metadata file in the objdir, and feed it to cbindgen. r=glandium 2020-06-26 10:41:26 +00:00
submit_telemetry_data.py
templates.mozbuild Bug 1646936 - Generate a single metadata file in the objdir, and feed it to cbindgen. r=glandium 2020-06-26 10:41:26 +00:00
test_templates.mozbuild
update-settings.ini
upload_generated_sources.py Bug 985141 - [mozbuild] Remove leading underscore from MozbuildObject._activate_virtualenv, r=firefox-build-system-reviewers,perftest-reviewers,andi,AlexandruIonescu,rstewart 2020-07-28 16:06:10 +00:00
upload.py
variables.py
windows_toolchain.py