From: Peter Michael Green Date: Thu, 9 Dec 2021 16:20:34 +0000 (+0000) Subject: Manual merge of version 1:78.14.0-1+rpi1 and 1:91.3.2-1 to produce 1:91.3.2-1+rpi1 X-Git-Tag: archive/raspbian/1%91.3.2-1+rpi1~9 X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=9ca90f00fbcf1814b8bca85110f096a84e02dddc;p=thunderbird.git Manual merge of version 1:78.14.0-1+rpi1 and 1:91.3.2-1 to produce 1:91.3.2-1+rpi1 --- 9ca90f00fbcf1814b8bca85110f096a84e02dddc diff --cc build/moz.configure/arm.configure index 68b01a684a,3b755e27db..abce09fde6 --- a/build/moz.configure/arm.configure +++ b/build/moz.configure/arm.configure @@@ -226,16 -261,16 +261,16 @@@ set_define("HAVE_ARM_NEON", have_arm_ne # This matches media/webrtc/trunk/webrtc/build/common.gypi. @depends(arm_target.arm_arch, when=have_arm_neon) def build_arm_neon(arm_arch): - return arm_arch >= 7 + return arm_arch >= 700 - #set_config('BUILD_ARM_NEON', build_arm_neon) - #set_define('BUILD_ARM_NEON', build_arm_neon) -set_config("BUILD_ARM_NEON", build_arm_neon) -set_define("BUILD_ARM_NEON", build_arm_neon) ++#set_config("BUILD_ARM_NEON", build_arm_neon) ++#set_define("BUILD_ARM_NEON", build_arm_neon) - set_config('ARM_ARCH', depends(arm_target.arm_arch)(lambda x: str(x))) - add_old_configure_assignment('ARM_ARCH', depends(arm_target.arm_arch)(lambda x: str(x))) - set_config('MOZ_FPU', arm_target.fpu) + set_config("ARM_ARCH", depends(arm_target.arm_arch)(lambda x: str(x))) + add_old_configure_assignment("ARM_ARCH", depends(arm_target.arm_arch)(lambda x: str(x))) + set_config("MOZ_FPU", arm_target.fpu) @depends(arm_target.float_abi) diff --cc build/moz.configure/rust.configure index af586523b4,40f017da67..8dbbace178 --- a/build/moz.configure/rust.configure +++ b/build/moz.configure/rust.configure @@@ -192,14 -236,9 +236,14 @@@ def rust_compiler(rustc_info, cargo_inf @depends(rustc, when=rust_compiler) - @imports('sys') - @imports(_from='__builtin__', _import='repr') - @imports(_from='__builtin__', _import='ValueError') ++@imports("sys") ++@imports(_from="__builtin__", _import='repr') + @imports(_from="__builtin__", _import="ValueError") def rust_supported_targets(rustc): - out = check_cmd_output(rustc, '--print', 'target-list').splitlines() + #HACK: if there are multiple matches the algorithm uses the last one + #put arm-unknown-linux-gnuebihf on the end of the list so it gets preffered - out.append('arm-unknown-linux-gnueabihf') ++ out.append("arm-unknown-linux-gnueabihf") + out = check_cmd_output(rustc, "--print", "target-list").splitlines() data = {} for t in out: try: diff --cc debian/changelog index 93f7c68aff,6832719fea..87a30c397c --- a/debian/changelog +++ b/debian/changelog @@@ -1,35 -1,307 +1,340 @@@ - thunderbird (1:78.14.0-1+rpi1) bookworm-staging; urgency=medium ++thunderbird (1:91.3.2-1+rpi1) bookworm-staging; urgency=medium + + [changes brought over from firefox-esr 60.3.0esr-1+rpi1 by Peter Michael Green at Wed, 05 Dec 2018 06:56:52 +0000] + * Hack broken rust target selection so it produces the right target + on raspbian. + * Fix clean target. + + [changes introduced in 60.4.0-1+rpi1 by Peter Michael Green] + * Further fixes to clean target (still not completely fixed :( ). + + [changes introduced in 1:68.5.0-1~deb10u1+rpi1 by Peter Michael Green] + * Disable neon (patches taken from firefox-esr package) + * Build in a chroot with arm64 binutils-arm-linux-gnueabihf + + [changes brought forward from 1:68.5.0-1~deb10u1+rpi2 by Peter Michael Green at Sun, 15 Mar 2020 16:27:21 +0000] + * Actually build the binary packages on armhf. + * Yet more clean target fixing. + + [changes brought over from firefox-esr 78.3.0esr-2+rpi1 by Peter Michael Green] + * Clean up pycache directories. + * Disable neon in qcms. + + [changes introduced in 1:78.4.0-1~deb10u1+rpi1 by Peter Michael Green] + * Add export NSS_DISABLE_ARM32_NEON=1 to hopefully disable neon in nss. + * Adding the define in debian/rules didn't seem to work, try to patch out neon in nss instead + + [changes brought forward from 1:78.5.1-1+rpi2 by Peter Michael Green at Tue, 15 Dec 2020 00:33:33 +0000] + * Actually build thunderbird binary on armhf + (changelog says this was already done, but it got lost somewhere + along the way). + - -- Raspbian forward porter Sat, 11 Sep 2021 08:36:15 +0000 ++ -- Peter Michael Green Tue, 30 Nov 2021 21:22:16 +0000 ++ + thunderbird (1:91.3.2-1) unstable; urgency=medium + + * [7fd56f0] New upstream version 91.3.2 + * [4fccecb] Rebuild patch queue from patch-queue branch + Added patch: + debian-hacks/Fix-Floating-Point-Normalization-breakage-on-32bit-Linux.patch + + -- Carsten Schoenert Sun, 21 Nov 2021 18:29:42 +0100 + + thunderbird (1:91.3.0-1) unstable; urgency=medium + + * [1d3e0b1] Revert "Rebuild patch queue from patch-queue branch" + The patch for fixing the broken build on i386 breaks other architectures, + so reverting for now. + * [66755b4] New upstream version 91.3.0 + Fixed CVE issues in upstream version 91.3 (MFSA 2021-50): + CVE-2021-38503: iframe sandbox rules did not apply to XSLT stylesheets + CVE-2021-38504: Use-after-free in file picker dialog + CVE-2021-38506: Thunderbird could be coaxed into going into fullscreen + mode without notification or warning + CVE-2021-38507: Opportunistic Encryption in HTTP2 could be used to bypass + the Same-Origin-Policy on services hosted on other ports + MOZ-2021-0008: Use-after-free in HTTP2 Session object (no CVE assigned yet) + CVE-2021-38508: Permission Prompt could be overlaid, resulting in user + confusion and potential spoofing + CVE-2021-38509: Javascript alert box could have been spoofed onto an + arbitrary domain + MOZ-2021-0007: Memory safety bugs fixed in Thunderbird ESR 91.3 (no CVE + assigned yet) + + -- Carsten Schoenert Wed, 03 Nov 2021 18:14:09 +0100 + + thunderbird (1:91.2.1-1) unstable; urgency=medium + + [ Carsten Schoenert ] + * [bcb5677] d/gbp.conf: Adjust to upstream-91.x + * [12a433a] New upstream version 91.2.1 + * [f935b52] Rebuild patch queue from patch-queue branch + Added patch: + debian-hacks/Fix-Floating-Point-Normalization-breakage-on-32bit-Linux.patch + * [3faba71] Disable usage of system icu package + The system packages of libicu-dev are to old for Thunderbird, we need to + use the internel pre-shipped ICU sources. + + -- Carsten Schoenert Sat, 23 Oct 2021 08:59:32 +0200 + + thunderbird (1:91.2.0-1) experimental; urgency=medium + + * [3c88844] New upstream version 91.2.0 + Fixed CVE issues in upstream version 91.2 (MFSA 2021-47): + CVE-2021-38502: Downgrade attack on SMTP STARTTLS connections + CVE-2021-38496: Use-after-free in MessageTask + CVE-2021-38497: Validation message could have been overlaid on another + origin + CVE-2021-38498: Use-after-free of nsLanguageAtomService object + CVE-2021-32810: Data race in crossbeam-deque + CVE-2021-38500: Memory safety bugs fixed in Thunderbird 91.2 + CVE-2021-38501: Memory safety bugs fixed in Thunderbird 91.2 + (Closes: #973042) + + -- Carsten Schoenert Sat, 16 Oct 2021 08:27:55 +0200 + + thunderbird (1:91.1.1-1) experimental; urgency=medium + + * [73e3b75] New upstream version 91.1.1 + * [3413d35] Rebuild patch queue from patch-queue branch + Removed patch: + fixes/Bug-1727113-Never-require-that-addons-are-signed-for-Thun.patch + + -- Carsten Schoenert Mon, 20 Sep 2021 20:43:25 +0200 + + thunderbird (1:91.1.0-1) experimental; urgency=medium + + * [0b1d9f9] New upstream version 91.1.0 + Fixed CVE issues in upstream version 91.1 (MFSA 2021-41): + CVE-2021-38495: Memory safety bugs fixed in Thunderbird 91.1 + * [4313e64] Rebuild patch queue from patch-queue branch + Added patch: + fixes/Bug-1727113-Never-require-that-addons-are-signed-for-Thun.patch + (Closes: #993594) + Modified patch: + porting-armhf/Bug-1526653-Include-struct-definitions-for-user_vfp-and-u.patch + * [234c566] d/rules: Don't run dh_autoreconf + (Closes: #993494) + * [bce15d7] thunderbird: Set package x11-utils as fallback + Install x11-utils only if kdialog or zenity aren't present on the system. + + -- Carsten Schoenert Sun, 05 Sep 2021 07:36:10 +0200 + + thunderbird (1:91.0.2-1) experimental; urgency=medium + + * [a5efefd] New upstream version 91.0.2 + Fixed CVE issues in upstream version 91.0.1 (MFSA 2021-37): + CVE-2021-29991: Header Splitting possible with HTTP/3 Responses + * [b21a07b] d/control: increase Standards-Version to 4.6.0 + No further changes needed. + + -- Carsten Schoenert Mon, 23 Aug 2021 20:05:01 +0200 + + thunderbird (1:91.0-1) experimental; urgency=medium + + * [3be73b6] d/source.filter: some updates to filtering list + * [5c87a00] New upstream version 91.0 + Fixed CVE issues in upstream version 91.0 (MFSA 2021-36): + CVE-2021-29986: Race condition when resolving DNS names could have led to + memory corruption + CVE-2021-29981: Live range splitting could have led to conflicting + assignments in the JIT + CVE-2021-29988: Memory corruption as a result of incorrect style treatment + CVE-2021-29984: Incorrect instruction reordering during JIT optimization + CVE-2021-29980: Uninitialized memory in a canvas object could have led to + memory corruption + CVE-2021-29987: Users could have been tricked into accepting unwanted + permissions on Linux + CVE-2021-29985: Use-after-free media channels + CVE-2021-29982: Single bit data leak due to incorrect JIT optimization and + type confusion + CVE-2021-29989: Memory safety bugs fixed in Thunderbird 91 + (Closes: #640927, #944208, #958433, #952853, #971722, #982670) + * [0157fe4] d/control: Add new package thunderbird-l10n-af + Upstream ships localizations for Africaans. + * [f23e9e0] d/control: Add new package thunderbird-l10n-en-ca + Upstream ships localizations for English (Canada). + * [8b3cee9] d/control: Add new package thunderbird-l10n-lv + Upstream ships localizations for Latvian. + * [cad58ea] d/control: Add new package thunderbird-l10n-pa-in + Upstream ships localizations for Punjabi (Gurmukhi). + * [aecc2da] d/control: Add new package thunderbird-l10n-th + Upstream ships localizations for Thai. + * [9707e8a] Moving over to debhelper-compat + Switch over to recent debhelper-compat 13. + * [2934049] d/rules: Customize dh_missing call + Due debhelper-compat dh_missing needs some aditional tweaking as we need + to ignore some files which are built and installed into the tempory + install folder but not installed into the package(s). + * [7df72c6] d/rules: Don't use dwz + Running and using dwz is bringing no gain and produces issues to, can be + ignored for now. + * [1709f28] d/control: Remove non existing packages from Breaks + xul-ext-firetray and xul-ext-quotecolors are gone from the supported + releases. + * [f160918] d/control: Adding Rules-Requires-Root: no + No specific root access required so far while package build. + + -- Carsten Schoenert Sat, 14 Aug 2021 18:27:21 +0200 + + thunderbird (1:91.0~b5-1) experimental; urgency=medium + + * [119a49f] d/control: Adjust VCS links to branch debian/experimental + * [7ae6acc] d/source.filter: some updates to filtering list + * [e28b2f9] New upstream version 91.0~b5 + + -- Carsten Schoenert Sun, 01 Aug 2021 09:21:27 +0200 + + thunderbird (1:91.0~b3-1) experimental; urgency=medium + + * [90a153b] New upstream version 91.0~b3 + * [ada2cf0] d/control: Remove transitional package lightning + * [3e5087f] d/control: Remove obsolete lightning-l10-* packages + * [6eac520] d/control: Remove Suggests on libgtk2.0-0 fur thunderbird + (Closes: #967771) + + -- Carsten Schoenert Sat, 24 Jul 2021 10:37:52 +0200 + + thunderbird (1:91.0~b1-1) experimental; urgency=medium + + * [78f0ddb] d/source.filter: some updates to filtering list + * [3d29fcf] New upstream version 91.0~b1 + (Closes: #990631) + * [daa7fab] d/control: Increase some Build-Depends + * [f4bfd22] d/control: Remove libgtk2.0-dev from Build-Depends + * [ad4e281] d/s/lintian-overrides: Adding one more file to ignore + + -- Carsten Schoenert Mon, 19 Jul 2021 22:04:15 +0200 + + thunderbird (1:90.0~b2-1) experimental; urgency=medium + + [ Carsten Schoenert ] + * [3cc0d66] d/source.filter: some updates to filtering list + * [3c76a94] New upstream version 90.0~b2 + * [46718fe] rebuild patch queue from patch-queue branch + removed patches: + fixes/reduce-the-rust-debuginfo-level-on-selected-architectures.patch + debian-hacks/Work-around-Debian-bug-844357.patch + * [156d3c9] d/thunderbird.1: Correct debugger option + * [ca7daca] /u/l/thunderbird: Correct escape sequencing for gdb calling + (Closes: #976979) + * [f310330] d/thunderbird-wrapper.sh: Use '${}' syntax for variables + * [0ef3788] d/thunderbird.install: Remove gtk2 cruft + * [17b0510] d/copyright: Update due removed content + * [feca305] d/s/lintian-override: Remove two no longer existing entries + + [ Kevin Locke ] + * [dbe3c3e] d/thunderbird-wrapper.sh: Make gdb call more fail safe + (Closes:#942799) + + -- Carsten Schoenert Sun, 20 Jun 2021 14:51:49 +0200 + + thunderbird (1:89.0~b2-1) experimental; urgency=medium + + * [74911c7] New upstream version 89.0~b2 + * [b4fef2a] rebuild patch queue from patch-queue branch + modified patches: + debian-hacks/Don-t-register-plugins-if-the-MOZILLA_DISABLE_PLUGIN.patch + porting-armhf/Don-t-use-LLVM-internal-assembler-on-armhf.patch + porting-kfreebsd-hurd/FTBFS-hurd-fixing-unsupported-platform-Hurd.patch + removed patches: + debian-hacks/Don-t-register-plugins-if-the-MOZILLA_DISABLE_PLUGIN.patch + * [ea6a29e] d/control: Increase B-D for cbindgen and libnss3-dev + + -- Carsten Schoenert Thu, 03 Jun 2021 19:40:08 +0200 + + thunderbird (1:88.0~b2-1) experimental; urgency=medium + + [ Carsten Schoenert ] + * [7af1a0b] New upstream version 88.0~b2 + * [30d1d48] rebuild patch queue from patch-queue branch + modified patch: + debian-hacks/Add-another-preferences-directory-for-applications-p.patch + porting-armhf/Don-t-use-LLVM-internal-assembler-on-armhf.patch + removed patches (included upstream): + porting-arm/Reduce-memory-usage-while-linking-on-arm-el-hf-platforms.patch + porting-s390x/Explicitly-instantiate-TIntermTraverser-traverse-TIntermN.patch + renamed patch: + fixes/Load-dependent-libraries-with-their-real-path-to-avo.patch -> + fixes/Load-dependent-libraries-with-their-real-path.patch + * [f45da92] d/control: Increase B-D for libnss3-dev + + [ Colomban Wendling ] + * [bbf78cb] d/thunderbird.desktop: Switch StartupWMClass (Closes: #985366) + + [ Carsten Schoenert ] + * [a2cc9e0] d/control: Adding nasm to Build-Depends + * [41fad62] d/copyright: update due removed content + + -- Carsten Schoenert Sun, 11 Apr 2021 13:50:27 +0200 + + thunderbird (1:86.0~b3-1) experimental; urgency=medium + + [ Carsten Schoenert ] + * [002f597,fe0515b] d/source.filter: updating the filtering list + * [dfafc89,35d050f] d/copyright: updates due upstream changes + Add Apache2 notice for third_party/python/coverage + * [24c009c] lintian: adding override for false positive in SVG file + * [d316a1c] New upstream version 86.0~b3 + * [20dc687] rebuild patch queue from patch-queue branch + modified patch: + debian/patches/porting-kfreebsd-hurd/adding-missed-HURD-adoptions.patch + * [21b86f0] d/copyright: update due removed content + * [7fc9755] d/s/lintian-override: path for TeXZilla.js has changed + * [33c5d5a] d/s/lintian-override: remove JS file + * [825a440] d/control: Increase B-D for cbindgen + + [ Pino Toscano ] + * [35c3c3b] thunderbird: Stop shipping /u/s/p/thunderbird.png symlink + + -- Carsten Schoenert Sat, 13 Feb 2021 13:41:36 +0100 + + thunderbird (1:85.0~b3-1) experimental; urgency=medium + + * [b142ac6] New upstream version 85.0~b3 + * [0d2221a] d/control: Increase various B-D versions + * [e4eb52e] rebuild patch queue from patch-queue branch + added patch: + debian-hacks/Decrease-Cargo-minimal-version-to-1.46.0.patch + updated patches: + debian-hacks/Use-remoting-name-for-call-to-gdk_set_program_class.patch + fixes/reduce-the-rust-debuginfo-level-on-selected-architectures.patch + + -- Carsten Schoenert Thu, 31 Dec 2020 20:39:53 +0100 + + thunderbird (1:84.0~b3-1) experimental; urgency=medium + + * [fad5103] calendar-google-provider*: removing left over cruft + * [b095d8e] thunderbird.NEWS: Add hint about integration of OpenPGP support + * [0f6bdf3] Revert "d/tb.lintian-overrides: ignore warning about none + versioned breaks" + * [f10f80c] d/copyright: update content + * [9c3fb20] d/source.filter: some updates to filtering list + * [c9b8274] New upstream version 84.0~b3 + * [adf3835] rebuild patch queue from patch-queue branch + removed patches: + fixes/Add-missing-bindings-for-mips-in-the-authenticator-crate.patch + fixes/fix-function-nsMsgComposeAndSend-to-respect-Replo.patch + porting-armel/Bug-1463035-Remove-MOZ_SIGNAL_TRAMPOLINE.-r-darchons.patch + porting-mips/Bug-1642265-MIPS64-Add-branchTestSymbol-and-fallibleUnbox.patch + porting-s390x/Use-more-recent-embedded-version-of-sqlite3.patch + porting-m68k/Add-m68k-support-to-Thunderbird.patch + porting-sh4/Add-sh4-support-to-Thunderbird.patch + * [3ff9c9d] thunderbird-l10n-all: add thunderbird-l10n-cy + (Closes: #974127) + * [393490c] d/control: remove l10n package for Sinhala + * [1f4e966] d/control: increase Standards-Version to 4.5.1 + No further changes needed. + * [288afdd] d/rules: use python3 explicitly while calling mach + Using the Python 3 interpreter is needed otherwise the Mozilla magic tries + to use a non existing virtualenv environment. + * [a509bdf] d/watch: update to version 4 + No further changes needed. + * [fc6b358] d/copyright: update some more content + Updating the copyright information due upstream modifications. + * [3bd5713] d/s/lintian-overrides: Adding more file to ignore + + -- Carsten Schoenert Mon, 14 Dec 2020 15:24:59 +0100 thunderbird (1:78.14.0-1) unstable; urgency=medium diff --cc debian/control index 0188cb54ab,b2a1f3db88..a0c26fbdc6 --- a/debian/control +++ b/debian/control @@@ -56,14 -57,15 +57,15 @@@ Build-Depends yasm (>= 1.1), zip, zlib1g-dev, - Vcs-Git: https://salsa.debian.org/mozilla-team/thunderbird.git - Vcs-Browser: https://salsa.debian.org/mozilla-team/thunderbird + Rules-Requires-Root: no + Vcs-Git: https://salsa.debian.org/mozilla-team/thunderbird.git -b debian/sid + Vcs-Browser: https://salsa.debian.org/mozilla-team/thunderbird/commits/debian/sid/ Homepage: https://www.thunderbird.net/ X-Debian-Homepage: http://wiki.debian.org/Thunderbird - Standards-Version: 4.5.1 + Standards-Version: 4.6.0 Package: thunderbird -Architecture: amd64 arm64 i386 mips64el ppc64el s390x ppc64 +Architecture: amd64 armhf arm64 i386 mips64el ppc64el s390x ppc64 Depends: debianutils (>= 1.16), fontconfig, diff --cc debian/patches/series index 86fc8d3792,a513b1b1a9..15540eb7fd --- a/debian/patches/series +++ b/debian/patches/series @@@ -30,15 -25,6 +25,11 @@@ debian-hacks/Use-remoting-name-for-call porting/Work-around-GCC-ICE-on-mips-i386-and-s390x.patch porting-ppc64el/work-around-a-build-failure-with-clang-on-ppc64el.patch porting-armhf/Don-t-use-LLVM-internal-assembler-on-armhf.patch - porting-arm/Reduce-memory-usage-while-linking-on-arm-el-hf-platforms.patch debian-hacks/Make-Thunderbird-build-reproducible.patch - porting-s390x/Use-more-recent-embedded-version-of-sqlite3.patch - fixes/Add-missing-bindings-for-mips-in-the-authenticator-crate.patch - fixes/reduce-the-rust-debuginfo-level-on-selected-architectures.patch - fixes/Bug-1650299-Unify-the-inclusion-of-the-ICU-data-file.-r-f.patch - fixes/Don-t-build-ICU-in-parallel.patch + debian-hacks/Decrease-Cargo-minimal-version-to-1.46.0.patch + debian-hacks/Fix-Floating-Point-Normalization-breakage-on-32bit-Linux.patch +raspbian-rust-triplet-hack.patch +try-to-disable-neon.patch +try-harder-to-disable-neon.patch +disable-neon-in-qcms.patch +patch-out-neon-in-freebl.patch diff --cc security/nss/lib/freebl/Makefile index 202409d5b4,0b8c6f42fa..cc2d8ca694 --- a/security/nss/lib/freebl/Makefile +++ b/security/nss/lib/freebl/Makefile @@@ -118,27 -118,59 +118,59 @@@ ifneq (,$(USE_64)$(USE_X32) else DEFINES += -DNSS_X86 endif + ifdef CC_IS_CLANG + EXTRA_SRCS += sha256-x86.c + DEFINES += -DUSE_HW_SHA2 + else ifeq (1,$(CC_IS_GCC)) + # Old compiler doesn't support Intel SHA extension + ifneq (,$(filter 4.9,$(word 1,$(GCC_VERSION)).$(word 2,$(GCC_VERSION)))) + EXTRA_SRCS += sha256-x86.c + DEFINES += -DUSE_HW_SHA2 + endif + ifeq (,$(filter 0 1 2 3 4,$(word 1,$(GCC_VERSION)))) + EXTRA_SRCS += sha256-x86.c + DEFINES += -DUSE_HW_SHA2 + endif + endif endif ifeq ($(CPU_ARCH),aarch64) - DEFINES += -DUSE_HW_AES - EXTRA_SRCS += aes-armv8.c gcm-aarch64.c + ifdef CC_IS_CLANG + DEFINES += -DUSE_HW_AES -DUSE_HW_SHA1 -DUSE_HW_SHA2 + EXTRA_SRCS += aes-armv8.c gcm-aarch64.c sha1-armv8.c sha256-armv8.c + else ifeq (1,$(CC_IS_GCC)) + # GCC versions older than 4.9 don't support ARM AES. The check + # is done in two parts, first allows "major.minor" == "4.9", + # and then rejects any major versions prior to 5. Note that + # there has been no GCC 4.10, as it was renamed to GCC 5. + ifneq (,$(filter 4.9,$(word 1,$(GCC_VERSION)).$(word 2,$(GCC_VERSION)))) + DEFINES += -DUSE_HW_AES -DUSE_HW_SHA1 -DUSE_HW_SHA2 + EXTRA_SRCS += aes-armv8.c gcm-aarch64.c sha1-armv8.c sha256-armv8.c + endif + ifeq (,$(filter 0 1 2 3 4,$(word 1,$(GCC_VERSION)))) + DEFINES += -DUSE_HW_AES -DUSE_HW_SHA1 -DUSE_HW_SHA2 + EXTRA_SRCS += aes-armv8.c gcm-aarch64.c sha1-armv8.c sha256-armv8.c + endif + endif endif ifeq ($(CPU_ARCH),arm) -ifndef NSS_DISABLE_ARM32_NEON - EXTRA_SRCS += gcm-arm32-neon.c -endif +#ifndef NSS_DISABLE_ARM32_NEON +# EXTRA_SRCS += gcm-arm32-neon.c +#endif ifdef CC_IS_CLANG - DEFINES += -DUSE_HW_AES - EXTRA_SRCS += aes-armv8.c + DEFINES += -DUSE_HW_AES -DUSE_HW_SHA1 -DUSE_HW_SHA2 + EXTRA_SRCS += aes-armv8.c sha1-armv8.c sha256-armv8.c else ifeq (1,$(CC_IS_GCC)) - # Old compiler doesn't support ARM AES. + # GCC versions older than 4.9 don't support ARM AES. The check + # is done in two parts, first allows "major.minor" == "4.9", + # and then rejects any major versions prior to 5. Note that + # there has been no GCC 4.10, as it was renamed to GCC 5. ifneq (,$(filter 4.9,$(word 1,$(GCC_VERSION)).$(word 2,$(GCC_VERSION)))) - DEFINES += -DUSE_HW_AES - EXTRA_SRCS += aes-armv8.c + DEFINES += -DUSE_HW_AES -DUSE_HW_SHA1 -DUSE_HW_SHA2 + EXTRA_SRCS += aes-armv8.c sha1-armv8.c sha256-armv8.c endif ifeq (,$(filter 0 1 2 3 4,$(word 1,$(GCC_VERSION)))) - DEFINES += -DUSE_HW_AES - EXTRA_SRCS += aes-armv8.c + DEFINES += -DUSE_HW_AES -DUSE_HW_SHA1 -DUSE_HW_SHA2 + EXTRA_SRCS += aes-armv8.c sha1-armv8.c sha256-armv8.c endif endif endif diff --cc security/nss/lib/freebl/freebl.gyp index 7fa2339e2c,e7703baf8d..bf30643dbf --- a/security/nss/lib/freebl/freebl.gyp +++ b/security/nss/lib/freebl/freebl.gyp @@@ -219,25 -219,57 +219,57 @@@ }] ] }, - #{ - # 'target_name': 'gcm-aes-arm32-neon_c_lib', - # 'type': 'static_library', - # 'sources': [ - # 'gcm-arm32-neon.c' - # ], - # 'dependencies': [ - # '<(DEPTH)/exports.gyp:nss_exports' - # ], - # 'cflags': [ - # '-march=armv7', - # '-mfpu=neon', - # '<@(softfp_cflags)', - # ], - # 'cflags_mozilla': [ - # '-mfpu=neon', - # '<@(softfp_cflags)', - # ] - #}, + { + 'target_name': 'sha-x86_c_lib', + 'type': 'static_library', + 'sources': [ + 'sha256-x86.c' + ], + 'dependencies': [ + '<(DEPTH)/exports.gyp:nss_exports' + ], + 'cflags': [ + '-msha', + '-mssse3', + '-msse4.1' + ], + 'cflags_mozilla': [ + '-msha', + '-mssse3', + '-msse4.1' + ], + 'conditions': [ + # macOS build doesn't use cflags. + [ 'OS=="mac" or OS=="ios"', { + 'xcode_settings': { + 'OTHER_CFLAGS': [ + '-msha', + '-mssse3', + '-msse4.1' + ], + }, + }] + ] + }, + { + 'target_name': 'gcm-aes-arm32-neon_c_lib', + 'type': 'static_library', + 'sources': [ + 'gcm-arm32-neon.c' + ], + 'dependencies': [ + '<(DEPTH)/exports.gyp:nss_exports' + ], - 'cflags': [ - '-march=armv7', - '-mfpu=neon', - '<@(softfp_cflags)', - ], - 'cflags_mozilla': [ - '-mfpu=neon', - '<@(softfp_cflags)', - ] ++ #'cflags': [ ++ # '-march=armv7', ++ # '-mfpu=neon', ++ # '<@(softfp_cflags)', ++ #], ++ #'cflags_mozilla': [ ++ # '-mfpu=neon', ++ # '<@(softfp_cflags)', ++ #] + }, { 'target_name': 'gcm-aes-aarch64_c_lib', 'type': 'static_library', diff --cc security/nss/lib/freebl/rijndael.c index bc989c7739,82b1f419d9..e255787646 --- a/security/nss/lib/freebl/rijndael.c +++ b/security/nss/lib/freebl/rijndael.c @@@ -20,11 -20,15 +20,15 @@@ #include "gcm.h" #include "mpi.h" -#if !defined(IS_LITTLE_ENDIAN) && !defined(NSS_X86_OR_X64) +//#if !defined(IS_LITTLE_ENDIAN) && !defined(NSS_X86_OR_X64) // not test yet on big endian platform of arm #undef USE_HW_AES -#endif +//#endif + #ifdef __powerpc64__ + #include "ppc-crypto.h" + #endif + #ifdef USE_HW_AES #ifdef NSS_X86_OR_X64 #include "intel-aes.h"