Bug 40353: Re-enable rlbox (!603) · Merge requests · The Tor Project / Applications / tor-browser-build

Pier Angelo Vendrame requested to merge pierov/tor-browser-build:bug_40353 into main Dec 07, 2022

This MR updates the build script to compile the WASI SDK needed to enable the rlbox sandboxing in Firefox.

Marking as draft because I'd need some help with the cross-compilation of the wasm libraries.

Mozilla uses a hack to re-use the same Clang they use for Firefox. I've tried to do the same, but it doesn't work.

The upstream project builds its own Clang, and it adds a few cross-compiling options that help them (e.g., they set WASM as the default target). So, I think we could patch the upstream Makefile to add the needed flags also to the projects it compiles (libc, libcxx, etc...). Actually, I've already tried but without success.

Otherwise, we could remove Mozilla's "optimization": if we allow the WASI-SDK to compile its own Clang everything works and we get the libraries we need. Since wasm is cross-platform, we would need to do this once, and then re-use it for all our 10 builds of Firefox/GV (6 desktop + 4 Android).

Also, I've tried only Linux at the moment. If we sort out the problems/decide to compile Clang, I will test all the platforms before merging.

Closes #40353 (closed).

Bug 40353: Re-enable rlbox

Merge request reports