Ok merging. #11

mhoye · 2014-03-03T19:04:27Z

No description provided.

tools/community folder as a home for future community-assistance. tools. - mhoye

TODO: Detect patches that span modules, warn about them. - mhoye

Override TabChildHelper::DoSendBlockingMessage()

Checkpoing

…r_user Revert "Use worker for build tasks"

…wWindowOverlay Draw window overlay

…. r=adw Add a revision tag to moz-page-thumb URLs. Change it whenever a new thumbnail is captured and stored to disk. This prevents new loads from re-using the old cached value even if the document context matches the stored loadId of the cache entry. Also drop no-longer needed wait in browser_thumbnails_update.js test. Restores behaviour of test/head.js:retrieveImageDataForURL to that of before bug 897880 - i.e. load the thumbnail image in the context of the top level chrome document (rather than a new tab every time). It's likely that bug 1192394 is the reason for the test failures observed in bug 897880 comment #11.

…. r=adw Add a revision tag to moz-page-thumb URLs. Change it whenever a new thumbnail is captured and stored to disk. This prevents new loads from re-using the old cached value even if the document context matches the stored loadId of the cache entry. Also drop no-longer needed wait in browser_thumbnails_update.js test. Restores behaviour of test/head.js:retrieveImageDataForURL to that of before bug 897880 - i.e. load the thumbnail image in the context of the top level chrome document (rather than a new tab every time). It's likely that bug 1192394 is the reason for the test failures observed in bug 897880 comment mozilla#11.

Read operation implementation

Revert "Bug1234128"

…ngs in PKCS #11 IDL files. r=keeler Typically, the interfaces involved don't need to use raw char/char16_t strings, and hence can benefit from the additional safety of using the Mozilla string classes. In some places, this patch also changes some UTF-16 APIs to UTF-8 where the implementations can never actually support UTF-16. This reduces the amount of code and runtime conversion. MozReview-Commit-ID: y8o5wLBohe --HG-- extra : rebase_source : 130c8b77a98d21d5b9a0efeccae8861d89fa8f02

…ngs in PKCS mozilla#11 IDL files. r=keeler Typically, the interfaces involved don't need to use raw char/char16_t strings, and hence can benefit from the additional safety of using the Mozilla string classes. In some places, this patch also changes some UTF-16 APIs to UTF-8 where the implementations can never actually support UTF-16. This reduces the amount of code and runtime conversion. MozReview-Commit-ID: y8o5wLBohe

This changes does several things: 1. Changes some titles to include the word "driver" for better clarity. 2. Moves and cleans up the JS implementation of load_device.xul. Having a cleaner implementation in a separate file makes the code easier to discover and maintain. 3. Removes code that tries to show a special case message if a module was already loaded. 3A. The backend code doesn't provide distinction from this case and failure to add in general. 3B. The backend code would only return the error code being checked for if a blank module name was provided. 4. Adds tests. MozReview-Commit-ID: 8BxKWKw5rvp --HG-- extra : rebase_source : 15a29bf7d46f523a11eac37c9f0c6efb2b5d0114

This changes does several things: 1. Changes some titles to include the word "driver" for better clarity. 2. Moves and cleans up the JS implementation of load_device.xul. Having a cleaner implementation in a separate file makes the code easier to discover and maintain. 3. Removes code that tries to show a special case message if a module was already loaded. 3A. The backend code doesn't provide distinction from this case and failure to add in general. 3B. The backend code would only return the error code being checked for if a blank module name was provided. 4. Adds tests. MozReview-Commit-ID: 8BxKWKw5rvp

Update Cargo.toml Source-Repo: https://github.com/mozilla/webdriver-rust Source-Revision: b9cf2b1f65d4f01f593de29a581518feeb6b5a64 --HG-- extra : subtree_source : http%3A//tristan.corp.lon2.mozilla.com%3A8000 extra : subtree_revision : 079c32fa6ea86df4f8889499e4549ce593c2c02d

Update Cargo.toml Source-Repo: https://github.com/mozilla/webdriver-rust Source-Revision: b9cf2b1f65d4f01f593de29a581518feeb6b5a64

…o clean up Object.prototype, a=testonly Automatic update from web-platform-tests IndexedDB: Fix WPT bindings-inject-key to clean up Object.prototype chromedriver doesn't allow changing Object.prototype to add enumerable properties, but this test requires setting some values on Object.prototype. When Object.prototype.a is set to: {b: {c: 'on proto'}} chromedriver fails with: JavascriptErrorException: javascript error (500): Maximum call stack size exceeded (Session info: chrome=72.0.3626.121) Remote-end stacktrace: #0 0x563ff3a32a59 <unknown> #1 0x563ff39cb7f3 <unknown> #2 0x563ff38fcd7c <unknown> #3 0x563ff38ff78c <unknown> #4 0x563ff38ff5f7 <unknown> #5 0x563ff38ffbe7 <unknown> #6 0x563ff38fff1b <unknown> #7 0x563ff38a3f7a <unknown> #8 0x563ff3899bf2 <unknown> #9 0x563ff38a37b7 <unknown> #10 0x563ff3899ac3 <unknown> #11 0x563ff38782d2 <unknown> #12 0x563ff3879112 <unknown> #13 0x563ff39fe865 <unknown> #14 0x563ff39ff32b <unknown> #15 0x563ff39ff70c <unknown> #16 0x563ff39d940a <unknown> #17 0x563ff39ff997 <unknown> #18 0x563ff39e9947 <unknown> #19 0x563ff3a1a800 <unknown> #20 0x563ff3a3c8be <unknown> #21 0x7f3bf4545494 start_thread #22 0x7f3bf2d58a8f clone Ran 1 tests finished in 2.0 seconds. • 0 ran as expected. 0 tests skipped. • 1 tests had errors unexpectedly Work around this problem by cleaning up the test environment so Object.prototype no longer has the override by the time chromedriver tries to inspect the test result. While here, fix the other tests to use the t.add_cleanup() function so they'll cleanup their test environment in case they exit in some other way besides reaching t.done(). The underlying chromedriver issue is tracked upstream at https://crbug.com/chromedriver/2555. Bug: 934844 Change-Id: Id1b4ab2a908bfbc001e2a2d045eeec3ef01c24d9 -- wpt-commits: 1be74ca2738a05f6e8d98d55ba44c50e3a332554 wpt-pr: 15637

…o clean up Object.prototype, a=testonly Automatic update from web-platform-tests IndexedDB: Fix WPT bindings-inject-key to clean up Object.prototype chromedriver doesn't allow changing Object.prototype to add enumerable properties, but this test requires setting some values on Object.prototype. When Object.prototype.a is set to: {b: {c: 'on proto'}} chromedriver fails with: JavascriptErrorException: javascript error (500): Maximum call stack size exceeded (Session info: chrome=72.0.3626.121) Remote-end stacktrace: #0 0x563ff3a32a59 <unknown> #1 0x563ff39cb7f3 <unknown> mozilla#2 0x563ff38fcd7c <unknown> mozilla#3 0x563ff38ff78c <unknown> mozilla#4 0x563ff38ff5f7 <unknown> mozilla#5 0x563ff38ffbe7 <unknown> mozilla#6 0x563ff38fff1b <unknown> mozilla#7 0x563ff38a3f7a <unknown> mozilla#8 0x563ff3899bf2 <unknown> mozilla#9 0x563ff38a37b7 <unknown> mozilla#10 0x563ff3899ac3 <unknown> mozilla#11 0x563ff38782d2 <unknown> mozilla#12 0x563ff3879112 <unknown> mozilla#13 0x563ff39fe865 <unknown> mozilla#14 0x563ff39ff32b <unknown> mozilla#15 0x563ff39ff70c <unknown> mozilla#16 0x563ff39d940a <unknown> mozilla#17 0x563ff39ff997 <unknown> mozilla#18 0x563ff39e9947 <unknown> mozilla#19 0x563ff3a1a800 <unknown> mozilla#20 0x563ff3a3c8be <unknown> mozilla#21 0x7f3bf4545494 start_thread mozilla#22 0x7f3bf2d58a8f clone Ran 1 tests finished in 2.0 seconds. • 0 ran as expected. 0 tests skipped. • 1 tests had errors unexpectedly Work around this problem by cleaning up the test environment so Object.prototype no longer has the override by the time chromedriver tries to inspect the test result. While here, fix the other tests to use the t.add_cleanup() function so they'll cleanup their test environment in case they exit in some other way besides reaching t.done(). The underlying chromedriver issue is tracked upstream at https://crbug.com/chromedriver/2555. Bug: 934844 Change-Id: Id1b4ab2a908bfbc001e2a2d045eeec3ef01c24d9 -- wpt-commits: 1be74ca2738a05f6e8d98d55ba44c50e3a332554 wpt-pr: 15637

2019-08-30 Alexander Scheel <ascheel@redhat.com> * automation/taskcluster/scripts/build_softoken.sh, cmd/lib/pk11table.c, gtests/pk11_gtest/pk11_aes_cmac_unittest.cc, gtests/pk11_gtest/pk11_gtest.gyp, lib/pk11wrap/debug_module.c, lib/pk11wrap/pk11mech.c, lib/softoken/pkcs11.c, lib/softoken/pkcs11c.c, lib/util/pkcs11t.h: Bug 1570501 - Expose AES-CMAC in PKCS #11 API, r=mt [cf0df88aa807] [tip] * cpputil/freebl_scoped_ptrs.h, gtests/freebl_gtest/cmac_unittests.cc, gtests/freebl_gtest/freebl_gtest.gyp, lib/freebl/blapi.h, lib/freebl/cmac.c, lib/freebl/cmac.h, lib/freebl/exports.gyp, lib/freebl/freebl_base.gypi, lib/freebl/ldvector.c, lib/freebl/loader.c, lib/freebl/loader.h, lib/freebl/manifest.mn: Bug 1570501 - Add AES-CMAC implementation to freebl, r=mt [a42c6882ba1b] 2019-09-05 David Cooper <dcooper16@gmail.com> * lib/smime/cmssiginfo.c: Bug 657379 - NSS uses the wrong OID for signatureAlgorithm field of signerInfo in CMS for DSA and ECDSA. r=rrelyea [7a83b248de30] 2019-09-05 Daiki Ueno <dueno@redhat.com> * lib/freebl/drbg.c: Backed out changeset 934c8d0e7aba It turned out to cause some new errors in LSan; backing out for now. [34a254dd1357] * lib/freebl/drbg.c: Bug 1560329, drbg: perform continuous test on entropy source, r=rrelyea Summary: FIPS 140-2 section 4.9.2 requires a conditional self test to check that consecutive entropy blocks from the system are different. As neither getentropy() nor /dev/urandom provides that check on the output, this adds the self test at caller side. Reviewers: rrelyea Reviewed By: rrelyea Bug #: 1560329 [934c8d0e7aba] 2019-08-30 Kevin Jacobs <kjacobs@mozilla.com> * coreconf/WIN32.mk: Bug 1576664 - Remove -mms-bitfields from win32 makefile r=jcj [bf4de7985f3d] 2019-08-29 Dana Keeler <dkeeler@mozilla.com> * automation/abi-check/expected-report-libnss3.so.txt, gtests/pk11_gtest/pk11_find_certs_unittest.cc, lib/nss/nss.def, lib/pk11wrap/pk11cert.c, lib/pk11wrap/pk11pub.h: bug 1577038 - add PK11_GetCertsFromPrivateKey r=jcj,kjacobs PK11_GetCertFromPrivateKey only returns one certificate with a public key that matches the given private key. This change introduces PK11_GetCertsFromPrivateKey, which returns a list of all certificates with public keys that match the given private key. [9befa8d296c0] 2019-08-30 J.C. Jones <jjones@mozilla.com> * automation/abi-check/previous-nss-release, lib/nss/nss.h, lib/softoken/softkver.h, lib/util/nssutil.h: Set version numbers to 3.47 beta [685cea0a7b48] * lib/nss/nss.h, lib/softoken/softkver.h, lib/util/nssutil.h: Set version numbers to 3.46 final [decbf7bd40fd] [NSS_3_46_RTM] Differential Revision: https://phabricator.services.mozilla.com/D44927 --HG-- extra : moz-landing-system : lando

2019-08-30 Alexander Scheel <ascheel@redhat.com> * automation/taskcluster/scripts/build_softoken.sh, cmd/lib/pk11table.c, gtests/pk11_gtest/pk11_aes_cmac_unittest.cc, gtests/pk11_gtest/pk11_gtest.gyp, lib/pk11wrap/debug_module.c, lib/pk11wrap/pk11mech.c, lib/softoken/pkcs11.c, lib/softoken/pkcs11c.c, lib/util/pkcs11t.h: Bug 1570501 - Expose AES-CMAC in PKCS mozilla#11 API, r=mt [cf0df88aa807] [tip] * cpputil/freebl_scoped_ptrs.h, gtests/freebl_gtest/cmac_unittests.cc, gtests/freebl_gtest/freebl_gtest.gyp, lib/freebl/blapi.h, lib/freebl/cmac.c, lib/freebl/cmac.h, lib/freebl/exports.gyp, lib/freebl/freebl_base.gypi, lib/freebl/ldvector.c, lib/freebl/loader.c, lib/freebl/loader.h, lib/freebl/manifest.mn: Bug 1570501 - Add AES-CMAC implementation to freebl, r=mt [a42c6882ba1b] 2019-09-05 David Cooper <dcooper16@gmail.com> * lib/smime/cmssiginfo.c: Bug 657379 - NSS uses the wrong OID for signatureAlgorithm field of signerInfo in CMS for DSA and ECDSA. r=rrelyea [7a83b248de30] 2019-09-05 Daiki Ueno <dueno@redhat.com> * lib/freebl/drbg.c: Backed out changeset 934c8d0e7aba It turned out to cause some new errors in LSan; backing out for now. [34a254dd1357] * lib/freebl/drbg.c: Bug 1560329, drbg: perform continuous test on entropy source, r=rrelyea Summary: FIPS 140-2 section 4.9.2 requires a conditional self test to check that consecutive entropy blocks from the system are different. As neither getentropy() nor /dev/urandom provides that check on the output, this adds the self test at caller side. Reviewers: rrelyea Reviewed By: rrelyea Bug #: 1560329 [934c8d0e7aba] 2019-08-30 Kevin Jacobs <kjacobs@mozilla.com> * coreconf/WIN32.mk: Bug 1576664 - Remove -mms-bitfields from win32 makefile r=jcj [bf4de7985f3d] 2019-08-29 Dana Keeler <dkeeler@mozilla.com> * automation/abi-check/expected-report-libnss3.so.txt, gtests/pk11_gtest/pk11_find_certs_unittest.cc, lib/nss/nss.def, lib/pk11wrap/pk11cert.c, lib/pk11wrap/pk11pub.h: bug 1577038 - add PK11_GetCertsFromPrivateKey r=jcj,kjacobs PK11_GetCertFromPrivateKey only returns one certificate with a public key that matches the given private key. This change introduces PK11_GetCertsFromPrivateKey, which returns a list of all certificates with public keys that match the given private key. [9befa8d296c0] 2019-08-30 J.C. Jones <jjones@mozilla.com> * automation/abi-check/previous-nss-release, lib/nss/nss.h, lib/softoken/softkver.h, lib/util/nssutil.h: Set version numbers to 3.47 beta [685cea0a7b48] * lib/nss/nss.h, lib/softoken/softkver.h, lib/util/nssutil.h: Set version numbers to 3.46 final [decbf7bd40fd] [NSS_3_46_RTM] Differential Revision: https://phabricator.services.mozilla.com/D44927

2019-11-13 J.C. Jones <jjones@mozilla.com> * lib/softoken/pkcs11c.c: Bug 1591363 - Fixup double-free of params in nsc_SetupPBEKeyGen r=keeler Caused in commit 7ef8d2604494. [87f35ba4c82f] [tip] 2019-11-07 Makoto Kato <m_kato@ga2.so-net.ne.jp> * lib/freebl/ctr.c: Bug 1592869 - Use NEON for ctr_xor. r=kjacobs Using NEON for ctr_xor, aes_ctr can improve 30%-40%i decode/encode time on Cortex-A72. [d244c7287908] 2019-11-12 Marcus Burghardt <mburghardt@mozilla.com> * gtests/pk11_gtest/pk11_pbkdf2_unittest.cc, lib/pk11wrap/pk11pbe.c, lib/pk11wrap/pk11skey.c, lib/softoken/pkcs11c.c: Bug 1591363 - PBKDF2 memory leaks in NSC_GenerateKey. r=jcj A memory leak was reported and confirmed in this bug. However, during the "manual" analysis of the flow, another possible leak was found. I created a patch for both leaks, added gtests for unexpected keySizes and adjusted the general syntax of the gtest file. [7ef8d2604494] 2019-11-11 Tom Prince <mozilla@hocat.ca> * automation/taskcluster/graph/src/extend.js, automation/taskcluster/windows/setup.sh: Bug 1594891 - Use tc-proxy for nss tooltool; r=dustin,jcj [c33b214b2ec8] 2019-11-08 Daiki Ueno <dueno@redhat.com> * gtests/ssl_gtest/ssl_dhe_unittest.cc, gtests/ssl_gtest/ssl_ecdh_unittest.cc, gtests/ssl_gtest/tls_connect.h, lib/ssl/ssl3con.c: Bug 1566131, check policy against hash algorithms used for ServerKeyExchange, r=mt Summary: This adds necessary policy checks in `ssl3_ComputeCommonKeyHash()`, right before calculating hashes. Note that it currently doesn't check MD5 as it still needs to be allowed in TLS 1.1 or earlier and many tests fail if we change that. Reviewers: mt Reviewed By: mt Bug #: 1566131 [c08947c6af57] 2019-11-08 Kai Engert <kaie@kuix.de> * coreconf/coreconf.dep: Dummy change, trigger a build to test latest NSPR commits. [e766899c72a5] * automation/taskcluster/graph/src/extend.js: Bug 1579836 - Execute NSPR tests as part of NSS continuous integration. r=jcj [46bfbabf7e75] 2019-11-08 Dustin J. Mitchell <dustin@mozilla.com> * automation/taskcluster/graph/npm-shrinkwrap.json, automation/taskcluster/graph/package.json, automation/taskcluster/graph/src/image_builder.js, automation/taskcluster/graph/src/queue.js, automation/taskcluster/scripts/tools.sh, automation/taskcluster/windows/gen_certs.sh, automation/taskcluster/windows/run_tests.sh: Bug 1594891 - Updates to run correctly on the new TC deployment r=jcj * Update the Taskcluster client used in the decision task to one that understands Taskcluster rootUrls. * Update scripts that fetch content to use the TASKCLUSTER_ROOT_URL * the absence of this variale signals an "old" worker so we use an "old" URL [67d630e7cb7c] 2019-11-07 Tom Prince <mozilla@hocat.ca> * .taskcluster.yml, automation/taskcluster/graph/src/extend.js, automation/taskcluster/graph/src/queue.js: Bug 1591275: Switch workers to use AWS Provder; r=kjacobs [a2bebaad41dd] 2019-11-06 Daiki Ueno <dueno@redhat.com> * gtests/pk11_gtest/pk11_module_unittest.cc: Bug 1577803, clang-format, a=bustage [c9014b2892d5] * gtests/pk11_gtest/pk11_module_unittest.cc, gtests/pkcs11testmodule/pkcs11testmodule.cpp, lib/pk11wrap/debug_module.c, lib/pk11wrap/pk11obj.c, lib/pk11wrap/pk11slot.c, lib/pk11wrap/secmodti.h, lib/util/pkcs11t.h: Bug 1577803, pk11wrap: set friendly flag if token implements CKP_PUBLIC_CERTIFICATES_TOKEN, r=rrelyea Summary: This makes NSS look for CKO_PROFILE object at token initialization time to check if it implements the [[ https://docs .oasis-open.org/pkcs11/pkcs11-profiles/v3.0/pkcs11-profiles-v3.0.pdf | Public Certificates Token profile ]] as defined in PKCS #11 v3.0. If it is found, the token is automatically marked as friendly so no authentication attempts will be made when accessing certificates. Reviewers: rrelyea Reviewed By: rrelyea Subscribers: reviewbot Bug #: 1577803 [b39c8eeabe6a] 2019-11-06 Martin Thomson <mt@lowentropy.net> * lib/freebl/blinit.c, lib/freebl/gcm-ppc.c: Bug 1566126 - clang-format, a=bustage [6125200fbc88] 2019-11-06 Lauri Kasanen <cand@gmx.com> * lib/freebl/Makefile, lib/freebl/altivec-types.h, lib/freebl/blapii.h, lib/freebl/blinit.c, lib/freebl/freebl.gyp, lib/freebl/gcm-ppc.c, lib/freebl/gcm.c, lib/freebl/gcm.h: Bug 1566126 - freebl: POWER GHASH Vector Acceleration, r=mt Implementation for POWER8 adapted from the ARM paper: https://conradoplg.cryptoland.net/files/2010/12/gcm14.pdf Benchmark of `bltest -E -m aes_gcm -i tests/aes_gcm/plaintext10 \ -v tests/aes_gcm/iv10 -k tests/aes_gcm/key10 -5 10` on POWER8 3.3GHz. NSS_DISABLE_HW_CRYPTO=1 mode in symmkey opreps cxreps context op time(sec) thrgput aes_gcm_e 309Mb 192 5M 0 0.000 10000.000 10.001 30Mb mode in symmkey opreps cxreps context op time(sec) thrgput aes_gcm_e 829Mb 192 14M 0 0.000 10000.000 10.001 82Mb Notable operf results, sw: samples % image name symbol name 226033 59.3991 libfreeblpriv3.so bmul 80606 21.1824 libfreeblpriv3.so rijndael_encryptBlock128 28851 7.5817 libfreeblpriv3.so gcm_HashMult_sftw hw: 213899 56.2037 libfreeblpriv3.so rijndael_encryptBlock128 45233 11.8853 libfreeblpriv3.so gcm_HashMult_hw So the ghash part is ~5.6x faster. Signed-off-by: Lauri Kasanen <cand@gmx.com> [3d7e509d6d20] 2019-11-05 Marcus Burghardt <mburghardt@mozilla.com> * lib/certdb/certdb.c, lib/util/secport.h: Bug 1589073 - Use of new PR_ASSERT_ARG in certdb.c. r=mt Bug 1588015 introduced in NSPR a new way to ASSERT values where the arguments are always used avoiding "unused variable" errors. This was implemented in NSS, at certdb.c. [73c28cad3dbb] 2019-11-05 Daiki Ueno <dueno@redhat.com> * cpputil/nss_scoped_ptrs.h, gtests/manifest.mn, gtests/pk11_gtest/manifest.mn, gtests/pk11_gtest/pk11_gtest.gyp, gtests/pk11_gtest/pk11_module_unittest.cc, gtests/pkcs11testmodule/Makefile, gtests/pkcs11testmodule/config.mk, gtests/pkcs11testmodule/manifest.mn, gtests/pkcs11testmodule/pkcs11testmodule.cpp, gtests/pkcs11testmodule/pkcs11testmodule.def, gtests/pkcs11testmodule/pkcs11testmodule.gyp, gtests/pkcs11testmodule/pkcs11testmodule.rc, nss.gyp: Bug 1577803, gtests: import pkcs11testmodule from Firefox, r=rrelyea Summary: This adds a mock PKCS #11 module from Firefox and add basic tests around it. This is needed for proper testing of PKCS #11 v3.0 profile objects (D45669). Reviewers: rrelyea Reviewed By: rrelyea Subscribers: reviewbot Bug #: 1577803 [0a86945adf74] Differential Revision: https://phabricator.services.mozilla.com/D52779 --HG-- extra : moz-landing-system : lando

…hen there's an override container height, a=testonly Automatic update from web-platform-tests [css-flexbox] Don't cache definiteness when there's an override container height See stack trace below. We set the override container logical height to -1 for the initial layout of a flex item so that we compute the correct size for min-height. However, that messes with our cache for definite heights because we would always set it to indefinite in such a case. Instead, just don't cache these values. That way we will later compute the right thing for resolving flex-basis, etc. (FlexNG can't come soon enough...) #0 blink::LayoutBox::ContainingBlockLogicalHeightForPercentageResolution (this=0x3dda8d434198, out_cb=0x7f6e7d42d8c0, out_skipped_auto_height_containing_block=0x0) at ../../third_party/blink/renderer/core/layout/layout_box.cc:3833 #1 0x00007f6ee84ad0a1 in blink::LayoutFlexibleBox::MainAxisLengthIsDefinite (this=0x3dda8d434010, child=..., flex_basis=Length(0%, Percent), add_to_cb=false) at ../../third_party/blink/renderer/core/layout/layout_flexible_box.cc:762 #2 0x00007f6ee84af930 in blink::LayoutFlexibleBox::MainSizeIsDefiniteForPercentageResolution ( this=0x3dda8d434010, child=...) at ../../third_party/blink/renderer/core/layout/layout_flexible_box.cc:1125 #3 0x00007f6ee84ad7f5 in blink::LayoutFlexibleBox::UseOverrideLogicalHeightForPerentageResolution ( this=0x3dda8d434010, child=...) at ../../third_party/blink/renderer/core/layout/layout_flexible_box.cc:1137 #4 0x00007f6ee83f2b9d in blink::LayoutBlock::AvailableLogicalHeightForPercentageComputation ( this=0x3dda8d434198) at ../../third_party/blink/renderer/core/layout/layout_block.cc:2333 #5 0x00007f6ee845e745 in blink::LayoutBox::ContainingBlockLogicalHeightForPercentageResolution ( this=0x3dda8d4243d0, out_cb=0x0, out_skipped_auto_height_containing_block=0x0) at ../../third_party/blink/renderer/core/layout/layout_box.cc:3830 #6 0x00007f6ee86dcc5c in blink::LayoutBoxUtils::AvailableLogicalHeight (box=..., cb=0x3dda8d434198) at ../../third_party/blink/renderer/core/layout/ng/layout_box_utils.cc:64 #7 0x00007f6ee86eafea in blink::LayoutNGMixin<blink::LayoutBlockFlow>::ComputeIntrinsicLogicalWidths ( this=0x3dda8d4243d0, min_logical_width=0px, max_logical_width=0px) at ../../third_party/blink/renderer/core/layout/ng/layout_ng_mixin.cc:48 #8 0x00007f6ee83ef53a in blink::LayoutBlock::ComputePreferredLogicalWidths (this=0x3dda8d4243d0) at ../../third_party/blink/renderer/core/layout/layout_block.cc:1509 #9 0x00007f6ee8451f01 in blink::LayoutBox::MaxPreferredLogicalWidth (this=0x3dda8d4243d0) at ../../third_party/blink/renderer/core/layout/layout_box.cc:1395 #10 0x00007f6ee84adba2 in blink::LayoutFlexibleBox::ComputeInnerFlexBaseSizeForChild (this=0x3dda8d434198, child=..., main_axis_border_and_padding=0px, child_layout_type=blink::LayoutFlexibleBox::kForceLayout) at ../../third_party/blink/renderer/core/layout/layout_flexible_box.cc:890 #11 0x00007f6ee84ae5d1 in blink::LayoutFlexibleBox::ConstructAndAppendFlexItem (this=0x3dda8d434198, algorithm=0x7f6e7d42ed70, child=..., layout_type=blink::LayoutFlexibleBox::kForceLayout) at ../../third_party/blink/renderer/core/layout/layout_flexible_box.cc:1203 #12 0x00007f6ee84aa27b in blink::LayoutFlexibleBox::LayoutFlexItems (this=0x3dda8d434198, relayout_children=true, layout_scope=...) at ../../third_party/blink/renderer/core/layout/layout_flexible_box.cc:934 #13 0x00007f6ee84a9cff in blink::LayoutFlexibleBox::UpdateBlockLayout (this=0x3dda8d434198, relayout_children=true) at ../../third_party/blink/renderer/core/layout/layout_flexible_box.cc:369 Bug: 1019138 Change-Id: Ie94e69a5f3fe6accc3623d358315b174088d5597 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1902514 Commit-Queue: David Grogan <dgrogan@chromium.org> Auto-Submit: Christian Biesinger <cbiesinger@chromium.org> Reviewed-by: David Grogan <dgrogan@chromium.org> Cr-Commit-Position: refs/heads/master@{#713296} -- wpt-commits: 8642cbbba24a10e8a34b4a2720062261f29be5dd wpt-pr: 20137

2020-03-23 Kevin Jacobs <kjacobs@mozilla.com> * lib/softoken/pkcs11.c: Bug 1624402 - Fix compilation error when NO_FORK_CHECK and CHECK_FORK_* are defined r=rrelyea [0225889e5292] [tip] * lib/util/pkcs11.h: Bug 1624130 - Require CK_FUNCTION_LIST structs to be packed. r=rrelyea [7ab62d3d0445] 2020-03-17 Robert Relyea <rrelyea@redhat.com> * automation/abi-check/expected-report-libnss3.so.txt, automation/abi- check/expected-report-libsoftokn3.so.txt, cmd/pk11mode/pk11mode.c, lib/pk11wrap/pk11load.c, lib/pk11wrap/secmodi.h, lib/pk11wrap/secmodt.h, lib/softoken/fipstokn.c, lib/softoken/manifest.mn, lib/softoken/pkcs11.c, lib/softoken/pkcs11c.c, lib/softoken/pkcs11i.h, lib/softoken/sftkmessage.c, lib/softoken/softoken.gyp, lib/softoken/softoken.h, lib/softoken/softokn.def, lib/util/pkcs11.h, lib/util/pkcs11f.h, lib/util/pkcs11n.h, nss/automation/abi-check/new-report-libnss3.so.txt, nss/automation /abi-check/new-report-libsoftokn3.so.txt: Bug 1603628 Update NSS to handle PKCS #11 v3.0 r=ueno r=mt Update to PKCS #11 v3.0 part 2. Create the functions and switch to the C_Interface() function to fetch the PKCS #11 function table. Also PKCS #11 v3.0 uses a new fork safe interface. NSS can already handle the case if the PKCS #11 module happens to be fork safe (when asked by the application to refresh the tokens in the child process, NSS can detect that such a refresh is not necessary and continue. Softoken could also be put in fork_safe mode with an environment variable. With this patch it's the default, and NSS asks for the fork safe API by default. Technically softoken should implement the old non-fork safe interface when PKCS #11 v2.0 is called, but NSS no longer needs it, and doing so would double the number of PKCS #11 interfaces are needed. You can still compile with fork unsafe semantics, and the PKCS #11 V3.0 module will do the right thing and not include the fork safe flag. Firefox does not fork(), so for firefox this is simply code that is no longer compilied. We now use C_GetInterface, which allows us to specify what kind of interface we want (PKCS #11 v3.0, PKCS #11 v2.0, fork safe, etc.). Vendor specific functions can now be accessed through the C_GetInterface. If the C_GetInterface function does not exists, we fall bak to the old C_GetFunctionList. There are 24 new functions in PKCS #11 v3.0: C_GetInterfaceList - return a table of all the supported interfaces C_GetInterface - return a specific interface. You can specify interface name, version and flags separately. You can leave off any of these and you will get what the token thinks is the best match of the interfaces that meet the criteria. We do this in softoken by the order of the interface list. C_SessionCancel - Cancel one or more multipart operation C_LoginUser - Supply a user name to C_Login(). This function has no meaning for softoken, so it just returns CKR_OPERATION_NOT_INITIALIZED under the theory that if we in the future want to support usernames, the NSS db would need special initialization to make that happen. C_Message* and C_*Message* (20 functions in all) are the new AEAD interface (they are written generally so that it can be used for things other than AEAD). In this patch they are unimplemented (see the next patch). This patch adds regular (NSC_) and FIPS (FC_) versions of these functions. Also when creating the PKCS #11 v2.0 interface, we had to create a 2.0 specific version of C_GetInfo so that it can return a 2.40 in the CK_VERSION field rather than 3.00. We do this with #defines since all the function tables are generated automagically with pkcs11f.h. [2364598f8a36] 2020-03-18 Kevin Jacobs <kjacobs@mozilla.com> * lib/freebl/mpi/mpcpucache.c: Bug 1623184 - Clear ECX prior to cpuid, fixing query for Extended Features r=bbeurdouche While trying to benchmark the recent HACL* AVX2 code, I noticed that it was not being called on two machines (that both support AVX2), instead using only the AVX version. In order to query for Extended Features (cpuid with EAX=7), we also need to set ECX to 0: https://www.intel.com/content/www/us/en /architecture-and-technology/64-ia-32-architectures-software- developer-vol-2a-manual.html. The current code fails to do this, resulting in flags that show no support. Initially, I wrote a separate `freebl_cpuid_ex` function that accepted a value for ECX as a separate input argument. However, some definitions of `freebl_cpuid` already zero ECX, so making this consistent is the simplest way to get the desired behavior. With this patch, the two test machines (MacOS and Linux x64) correctly use the AVX2 ChaCha20Poly1305 code. [06d41fe87c58] 2020-02-18 Robert Relyea <rrelyea@redhat.com> * cmd/bltest/blapitest.c, cmd/fipstest/fipstest.c, cmd/lib/pk11table.c, cmd/pk11gcmtest/pk11gcmtest.c, cmd/shlibsign/shlibsign.c, gtests/pk11_gtest/pk11_aes_gcm_unittest.cc, gtests/pk11_gtest/pk11_cbc_unittest.cc, lib/certdb/crl.c, lib/ckfw/dbm/db.c, lib/dev/devslot.c, lib/dev/devtoken.c, lib/dev/devutil.c, lib/freebl/fipsfreebl.c, lib/freebl/gcm.c, lib/freebl/intel-gcm-wrap.c, lib/pk11wrap/debug_module.c, lib/pk11wrap/dev3hack.c, lib/pk11wrap/pk11akey.c, lib/pk11wrap/pk11auth.c, lib/pk11wrap/pk11cert.c, lib/pk11wrap/pk11err.c, lib/pk11wrap/pk11load.c, lib/pk11wrap/pk11mech.c, lib/pk11wrap/pk11merge.c, lib/pk11wrap/pk11nobj.c, lib/pk11wrap/pk11obj.c, lib/pk11wrap/pk11pbe.c, lib/pk11wrap/pk11pk12.c, lib/pk11wrap/pk11pqg.c, lib/pk11wrap/pk11skey.c, lib/pk11wrap/pk11slot.c, lib/pk11wrap/pk11util.c, lib/pkcs12/p12d.c, lib/pkcs12/p12e.c, lib/softoken/fipstokn.c, lib/softoken/legacydb/lgattr.c, lib/softoken/legacydb/lgcreate.c, lib/softoken/legacydb/lgfind.c, lib/softoken/legacydb/lginit.c, lib/softoken/pkcs11.c, lib/softoken/pkcs11c.c, lib/softoken/pkcs11u.c, lib/softoken/sdb.c, lib/softoken/sftkdb.c, lib/softoken/sftkpwd.c, lib/ssl/ssl3con.c, lib/ssl/sslprimitive.c, lib/ssl/tls13con.c, lib/util/pkcs11.h, lib/util/pkcs11f.h, lib/util/pkcs11n.h, lib/util/pkcs11t.h, lib/util/secoid.c, nss- tool/enc/enctool.cc: Bug 1603628 Update NSS to handle PKCS #11 v3.0 r=daiki r=mhoye This patch implements the first phase: updating the headers. lib/util/pkcs11.h lib/util/pkcs11f.h lib/util/pkcs11t.h Were updated using the released OASIS PKCS #11 v3.0 header files. lib/util/pkcs11n.h was updated to finally deprecate all uses of CK?_NETSCAPE_?. A new define as added: NSS_PKCS11_2_0_COMPAT. If it's defined, the small semantic changes (including the removal of deprecated defines) between the NSS PKCS #11 v2 header file and the new PKCS #11 v3 are reverted in favor of the PKCS #11 v2 definitions. This include the removal of CK?_NETSCAPE_? in favor of CK?_NSS_?. One notable change was caused by an inconsistancy between the spec and the released headers in PKCS #11 v2.40. CK_GCM_PARAMS had an extra field in the header that was not in the spec. OASIS considers the header file to be normative, so PKCS #11 v3.0 resolved the issue in favor of the header file definition. NSS had the spec definition, so now there are 2 defines for this structure: CK_NSS_GCM_PARAMS - the old nss define. Still used internally in freebl. CK_GCM_PARAMS_V3 - the new define. CK_GCM_PARAMS - no longer referenced in NSS itself. It's defined as CK_GCM_PARAMS_V3 if NSS_PKCS11_2_0_COMPAT is *not* defined, and it's defined as CKM_NSS_GCM_PARAMS if NSS_PKCS11_2_0_COMPAT is defined. Softoken has been updated to accept either CK_NSS_GCM_PARAMS or CK_GCM_PARAMS_V3. In a future patch NSS will be updated to use CK_GCM_PARAMS_V3 and fall back to CK_NSS_GMC_PARAMS. One other semantic difference between the 3.0 version of pkcs11f.h and the version here: In the oasis version of the header, you must define CK_PKCS11_2_0_ONLY to get just the PKCS #11 v2 defines. In our version you must define CK_PKCS11_3 to get the PCKS #11 v3 defines. Most of this patch is to handle changing the deprecated defines that have been removed in PCKS #11 v3 from NSS. [b5d90a7fe217] 2020-03-16 Kevin Jacobs <kjacobs@mozilla.com> * automation/abi-check/expected-report-libssl3.so.txt, gtests/ssl_gtest/libssl_internals.c, gtests/ssl_gtest/libssl_internals.h, gtests/ssl_gtest/tls_agent.cc, gtests/ssl_gtest/tls_agent.h, gtests/ssl_gtest/tls_subcerts_unittest.cc, lib/ssl/SSLerrs.h, lib/ssl/ssl.h, lib/ssl/ssl3con.c, lib/ssl/ssl3ext.c, lib/ssl/ssl3ext.h, lib/ssl/sslerr.h, lib/ssl/sslimpl.h, lib/ssl/sslt.h, lib/ssl/tls13exthandle.c, lib/ssl/tls13subcerts.c, tests/common/certsetup.sh, tests/ssl_gtests/ssl_gtests.sh: Bug 1617968 - Update Delegated Credentials implementation to draft-07 r=mt Remove support for RSAE in delegated credentials (both in DC signatures and SPKIs), add SignatureScheme list functionality to initial DC extension. [44eb9e27d946] 2020-03-13 Robert Relyea <rrelyea@redhat.com> * cmd/fipstest/fipstest.c: Bug 1608250 KBKDF - broken fipstest handling of KI_len r=rrelyea p=cipherboy When testing Bug 1608245, I realized that I had inadvertently broken fipstest.c's handling of KI and KI_len. This lead to it passing bogus keys (with unusually large lengths exceeding the bounds of sizeof KI) to kbkdf_Dispatch(...). This uses Bob Relyea's suggestion on how to handle this: detect the size of KI when processing the mech selection, storing KI_len there. This simplifies reading of the KI value in later code. [d7b12847a650] * lib/softoken/kbkdf.c: Bug 1608245 KBKDF - Consistently handle NULL slot/session r=kjacobs Patch by cipherboy, review by kjacobs. Per Bug 1607955, the KBKDF code introduced in Bug 1599603 confused Coverity with a elided NULL check on sftk_SlotFromSessionHandle(...). While Coverity is incorrect (and the behavior is fine as-is), it isn't consistent with the KBKDF code's handling of sftk_SessionFromHandle(...) (which is NULL checked). This brings these two call sites into internal consistency. [4c43bc0998f3] Differential Revision: https://phabricator.services.mozilla.com/D67966 --HG-- extra : moz-landing-system : lando

2020-04-13 Kevin Jacobs <kjacobs@mozilla.com> * lib/pk11wrap/debug_module.c, lib/pk11wrap/pk11load.c: Bug 1629105 - Update PKCS11 module debug logger for v3.0 r=rrelyea Differential Revision: https://phabricator.services.mozilla.com/D70582 [50dcc34d470d] [tip] 2020-04-07 Robert Relyea <rrelyea@redhat.com> * lib/ckfw/builtins/testlib/Makefile: Bug 1465613 Fix gmake issue create by the patch which adds ability to distrust certificates issued after a certain date for a specified root cert r=jcj I've been trying to run down an issue I've been having, and I think this bug is the source. Whenever I build ('gmake' build), I get the following untracted files: ? lib/ckfw/builtins/testlib/anchor.o ? lib/ckfw/builtins/testlib/bfind.o ? lib/ckfw/builtins/testlib/binst.o ? lib/ckfw/builtins/testlib/bobject.o ? lib/ckfw/builtins/testlib/bsession.o ? lib/ckfw/builtins/testlib/bslot.o ? lib/ckfw/builtins/testlib/btoken.o ? lib/ckfw/builtins/testlib/ckbiver.o ? lib/ckfw/builtins/testlib/constants.o This is because of the way lib/ckfw/builtins/testlib works, it uses the sources from the directory below, and explicitly reference them with ../{source_name}.c. The object file then becomes lib/ckfw/builtins/testlib/{OBJDIR}/../{source_name}.o. The simple fix would be to paper over the issue and just add these to .hgignore, but that would break our ability to build multiple platforms on a single source directory. I'll include a patch that fixes this issue. bob Differential Revision: https://phabricator.services.mozilla.com/D70077 [92058f185316] 2020-04-06 Robert Relyea <rrelyea@redhat.com> * automation/abi-check/expected-report-libnss3.so.txt, gtests/ssl_gtest/tls_hkdf_unittest.cc, lib/nss/nss.def, lib/pk11wrap/pk11pub.h, lib/pk11wrap/pk11skey.c, lib/ssl/sslprimitive.c, lib/ssl/tls13con.c, lib/ssl/tls13con.h, lib/ssl/tls13hkdf.c, lib/ssl/tls13replay.c, tests/ssl/ssl.sh: Bug 1561637 TLS 1.3 does not work in FIPS mode r=mt Part 2 of 2 Use the official PKCS #11 HKDF mechanism to implement tls 1.3. 1) The new mechanism is a single derive mechanism, so we no longer need to pick it based on the underlying hmac (Note, we still need to know the underlying hmac, which is passed in as a mechanism parameter). 2) Use the new keygen to generate CKK_HKDF keys rather than doing it by hand with the random number generator (never was really the best way of doing this). 3) modify tls13hkdf.c to use the new mechanisms: 1) Extract: use the new key handle in the mechanism parameters to pass the salt when the salt is a key handle. Extract: use the explicit NULL salt parameter if for the hash len salt of zeros. 2) Expand: Expand is mostly a helper function which takes a mechanism. For regular expand, the mechanism is the normal _Derive, for the Raw version its the _Data function. That creates a data object, which is extractable in FIPS mode. 4) update slot handling in tls13hkdf.c: 1) we need to make sure that the key and the salt key are in the same slot. Provide a PK11wrap function to make that guarrentee (and use that function in PK11_WrapKey, which already has to do the same function). 2) When importing a 'data' key for the zero key case, make sure we import into the salt key's slot. If there is no salt key, use PK11_GetBestSlot() rather than PK11_GetInternal slot. Differential Revision: https://phabricator.services.mozilla.com/D69899 [3d2b1738e064] 2020-04-06 Kevin Jacobs <kjacobs@mozilla.com> * gtests/common/testvectors/curve25519-vectors.h, gtests/common/testvectors/p256ecdh-vectors.h, gtests/common/testvectors/p384ecdh-vectors.h, gtests/common/testvectors/p521ecdh-vectors.h, gtests/common/testvectors/rsa_oaep_2048_sha1_mgf1sha1-vectors.h, gtests/common/testvectors/rsa_oaep_2048_sha256_mgf1sha1-vectors.h, gtests/common/testvectors/rsa_oaep_2048_sha256_mgf1sha256-vectors.h, gtests/common/testvectors/rsa_oaep_2048_sha384_mgf1sha1-vectors.h, gtests/common/testvectors/rsa_oaep_2048_sha384_mgf1sha384-vectors.h, gtests/common/testvectors/rsa_oaep_2048_sha512_mgf1sha1-vectors.h, gtests/common/testvectors/rsa_oaep_2048_sha512_mgf1sha512-vectors.h, gtests/common/testvectors/rsa_pkcs1_2048_test-vectors.h, gtests/common/testvectors/rsa_pkcs1_3072_test-vectors.h, gtests/common/testvectors/rsa_pkcs1_4096_test-vectors.h, gtests/common/testvectors/rsa_pss_2048_sha1_mgf1_20-vectors.h, gtests/common/testvectors/rsa_pss_2048_sha256_mgf1_0-vectors.h, gtests/common/testvectors/rsa_pss_2048_sha256_mgf1_32-vectors.h, gtests/common/testvectors/rsa_pss_3072_sha256_mgf1_32-vectors.h, gtests/common/testvectors/rsa_pss_4096_sha256_mgf1_32-vectors.h, gtests/common/testvectors/rsa_pss_4096_sha512_mgf1_32-vectors.h, gtests/common/testvectors/rsa_pss_misc-vectors.h, gtests/common/testvectors/rsa_signature-vectors.h, gtests/common/testvectors/rsa_signature_2048_sha224-vectors.h, gtests/common/testvectors/rsa_signature_2048_sha256-vectors.h, gtests/common/testvectors/rsa_signature_2048_sha512-vectors.h, gtests/common/testvectors/rsa_signature_3072_sha256-vectors.h, gtests/common/testvectors/rsa_signature_3072_sha384-vectors.h, gtests/common/testvectors/rsa_signature_3072_sha512-vectors.h, gtests/common/testvectors/rsa_signature_4096_sha384-vectors.h, gtests/common/testvectors/rsa_signature_4096_sha512-vectors.h, gtests/common/testvectors_base/rsa_signature-vectors_base.txt, gtests/common/testvectors_base/test-structs.h, gtests/common/wycheproof/genTestVectors.py, gtests/pk11_gtest/manifest.mn, gtests/pk11_gtest/pk11_gtest.gyp, gtests/pk11_gtest/pk11_rsaencrypt_unittest.cc, gtests/pk11_gtest/pk11_rsaoaep_unittest.cc, gtests/pk11_gtest/pk11_rsapkcs1_unittest.cc, gtests/pk11_gtest/pk11_rsapss_unittest.cc: Bug 1612260 - Add Wycheproof vectors for RSA PKCS1 and PSS signing, PKCS1 and OEAP decryption. r=bbeurdouche This patch updates the Wycheproof script to build RSA test vectors (covering PKCS1 decryption/verification, as well as PSS and OAEP) and adds the appropriate test drivers. Differential Revision: https://phabricator.services.mozilla.com/D69847 [469fd8633757] 2020-04-01 Kevin Jacobs <kjacobs@mozilla.com> * automation/taskcluster/docker-fuzz32/Dockerfile: Bug 1626751 - Add apt-transport-https & apt-utils to fuzz32 docker image r=jcj We already install these packages on the image_builder image itself. It seems they're now required on the fuzz32 image as well. Differential Revision: https://phabricator.services.mozilla.com/D69274 [c7a8195e3072] 2020-04-01 Giulio Benetti <giulio.benetti@benettiengineering.com> * lib/freebl/Makefile: Bug 1624864 - Don't force ARMv7 for gcm-arm32-neon r=jcj [858209235972] * coreconf/config.gypi, coreconf/config.mk, lib/freebl/Makefile, lib/freebl/freebl.gyp, lib/freebl/gcm.c: Bug 1620799 - Introduce NSS_DISABLE_ARM32_NEON r=jcj Only some Arm32 supports neon, so let's introduce NSS_DISABLE_ARM32_NEON to allow disabling Neon acceleration when building for Arm32. Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com> [b47b2c35aa64] 2020-04-01 Kevin Jacobs <kjacobs@mozilla.com> * automation/abi-check/expected-report-libnss3.so.txt, automation/abi- check/expected-report-libsoftokn3.so.txt, automation/abi-check /expected-report-libssl3.so.txt: Fixup ABI checks after libabigail update and Delegated Credentials backport. r=me [7f50f6ca7658] 2020-03-31 hajma <tropikhajma@gmail.com> * coreconf/SunOS5.mk: Bug 1625133 - Fix implicit declaration of function 'getopt' on SunOS r=jcj [744788dd18dc] 2020-03-30 Robert Relyea <rrelyea@redhat.com> * automation/abi-check/expected-report-libnss3.so.txt, gtests/pk11_gtest/pk11_hkdf_unittest.cc, lib/nss/nss.def, lib/pk11wrap/pk11mech.c, lib/pk11wrap/pk11obj.c, lib/pk11wrap/pk11pub.h, lib/softoken/pkcs11.c, lib/softoken/pkcs11c.c: Bug 1561637 TLS 1.3 does not work in FIPS mode Patch 1 of 2. This patch updates softoken and helper functions with the new PKCS #11 v3 HKDF, which handles all the correct key management so that we can work in FIPS mode 1) Salts can be passed in as data, as and explicit NULL (which per spec means a zero filled buffer of length of the underlying HMAC), or through a key handle 2) A Data object can be used as a key (explicitly allowed for this mechanism by the spec). 3) A special mechansism produces a data object rather than a key, the latter which can be exported. Softoken does not do the optional validation on the pInfo to verify that the requested values are supposed to be data rather than keys. Some other tokens may. The old hkdf mechanism has been retained for compatibility (well namely until patch 2 is created, tls is still using it). The hkdf function has been broken off into it's own function rather than inline in the derive function. Note: because the base key and/or the export key could really be a data object, our explicit handling of sensitive and extractable are adjusted to take into account that those flags do not exist in data objects. Differential Revision: https://phabricator.services.mozilla.com/D68940 [e0922aac5267] 2020-03-26 Hans Petter Jansson <hpj@cl.no> * cmd/lowhashtest/lowhashtest.c: Bug 1622555 - Fix lowhashtest argument parsing. r=kjacobs [f3c5ab41c972] 2020-03-26 Benjamin Beurdouche <bbeurdouche@mozilla.com> * lib/freebl/Makefile, lib/freebl/freebl.gyp: Bug 1624377 - Replace freebl flag -msse4 by -msse4.1 -msse4.2 which are supported by older compilers r=kjacobs Differential Revision: https://phabricator.services.mozilla.com/D68407 [16ee7cb36fff] 2020-03-26 Robert Relyea <rrelyea@redhat.com> * gtests/ssl_gtest/libssl_internals.c, lib/pk11wrap/exports.gyp, lib/pk11wrap/manifest.mn, lib/ssl/ssl3con.c, lib/ssl/sslprimitive.c, lib/ssl/sslspec.h, lib/ssl/tls13con.c, lib/ssl/tls13con.h, lib/ssl/tls13esni.c, lib/ssl/tls13exthandle.c: Bug 1623374 Need to support the new PKCS #11 Message interface for AES GCM and ChaCha Poly r=mt Update ssl to use the new PK11_AEADOp() interface. 1. We restore the use of PK11Context_Create() for AEAD operations. 2. AES GCM and CHACHA/Poly specific functions are no longer needed as PK11_AEADOp() handles all the mechanism specific processing. 3. TLS semantic differences between the two algorithms is handled by their parameters: 1. Nonce length is the length of the nonce counter. If it's zero, then XOR_Counter is used (and the nonce length is the sizeof(sslSequenceNumber)). 2. IV length is the full IV length - nonce length. 3. TLS 1.3 always uses XOR_Counter. 4. The IV is returned from the token in the encrypt case. Only in the explict nonce case is it examined. (The code depends on the fact that the count in the token will match sslSequenceNumber). I did have assert code to verify this was happening for testing, but it's removed from this patch it can be added back. 5. All the decrypt instances of XOR_Counter IV creation have been colapsed into tls13_WriteNonce(). 6. Even tough PK11_AEADOp returns and accepts the tag separately (for encrypt and decrypt respectively). The SSL code still returns the values as buffer||tag. 7. tls13_AEAD() has been enhanced so all uses of AEAD outside of the TLS stream can use it instead of their own wrapped version. It can handle streams (CreateContext() tls13_AEAD() tls13_AEAD() DestroyContext()) or single shot tls13_AEAD(context=NULL). In the later case, the keys for the single shot operation should not be resued. 8. libssl_internals.c in the gtests directory has been updated to handle advancing the internal iv counter when we artifically advance the seqNum. Since we don't have access to any token iv counter (including softoken), The code switches to simulated message mode, and updates the simulated state as appropriate. (obviously this is for testing only code as it reaches into normally private data structures). Differential Revision: https://phabricator.services.mozilla.com/D68480 [e7c7f305078e] 2020-03-26 Robert Relyea <rrelyea@redhat.com> * gtests/ssl_gtest/libssl_internals.c, lib/pk11wrap/exports.gyp, lib/pk11wrap/manifest.mn, lib/ssl/ssl3con.c, lib/ssl/sslprimitive.c, lib/ssl/sslspec.h, lib/ssl/tls13con.c, lib/ssl/tls13con.h, lib/ssl/tls13esni.c, lib/ssl/tls13exthandle.c: Bug 1623374 Need to support the new PKCS #11 Message interface for AES GCM and ChaCha Poly r=mt Update ssl to use the new PK11_AEADOp() interface. 1. We restore the use of PK11Context_Create() for AEAD operations. 2. AES GCM and CHACHA/Poly specific functions are no longer needed as PK11_AEADOp() handles all the mechanism specific processing. 3. TLS semantic differences between the two algorithms is handled by their parameters: 1. Nonce length is the length of the nonce counter. If it's zero, then XOR_Counter is used (and the nonce length is the sizeof(sslSequenceNumber)). 2. IV length is the full IV length - nonce length. 3. TLS 1.3 always uses XOR_Counter. 4. The IV is returned from the token in the encrypt case. Only in the explict nonce case is it examined. (The code depends on the fact that the count in the token will match sslSequenceNumber). I did have assert code to verify this was happening for testing, but it's removed from this patch it can be added back. 5. All the decrypt instances of XOR_Counter IV creation have been colapsed into tls13_WriteNonce(). 6. Even tough PK11_AEADOp returns and accepts the tag separately (for encrypt and decrypt respectively). The SSL code still returns the values as buffer||tag. 7. tls13_AEAD() has been enhanced so all uses of AEAD outside of the TLS stream can use it instead of their own wrapped version. It can handle streams (CreateContext() tls13_AEAD() tls13_AEAD() DestroyContext()) or single shot tls13_AEAD(context=NULL). In the later case, the keys for the single shot operation should not be resued. 8. libssl_internals.c in the gtests directory has been updated to handle advancing the internal iv counter when we artifically advance the seqNum. Since we don't have access to any token iv counter (including softoken), The code switches to simulated message mode, and updates the simulated state as appropriate. (obviously this is for testing only code as it reaches into normally private data structures). Differential Revision: https://phabricator.services.mozilla.com/D68480 [e7c7f305078e] 2020-03-23 Kevin Jacobs <kjacobs@mozilla.com> * lib/softoken/pkcs11.c: Bug 1624402 - Fix compilation error when NO_FORK_CHECK and CHECK_FORK_* are defined r=rrelyea Differential Revision: https://phabricator.services.mozilla.com/D67911 [0225889e5292] 2020-03-23 Kevin Jacobs <kjacobs@mozilla.com> * lib/util/pkcs11.h: Bug 1624130 - Require CK_FUNCTION_LIST structs to be packed. r=rrelyea Differential Revision: https://phabricator.services.mozilla.com/D67741 [7ab62d3d0445] 2020-03-19 Robert Relyea <rrelyea@redhat.com> * automation/abi-check/expected-report-libnss3.so.txt, gtests/pk11_gtest/pk11_aes_gcm_unittest.cc, gtests/pk11_gtest/pk11_chacha20poly1305_unittest.cc, lib/freebl/blapi.h, lib/freebl/blapii.h, lib/freebl/blapit.h, lib/freebl/chacha20poly1305.c, lib/freebl/gcm.c, lib/freebl/gcm.h, lib/freebl/intel-gcm-wrap.c, lib/freebl/intel-gcm.h, lib/freebl/ldvector.c, lib/freebl/loader.c, lib/freebl/loader.h, lib/freebl/rijndael.c, lib/freebl/rijndael.h, lib/nss/nss.def, lib/pk11wrap/pk11cxt.c, lib/pk11wrap/pk11mech.c, lib/pk11wrap/pk11priv.h, lib/pk11wrap/pk11pub.h, lib/pk11wrap/pk11skey.c, lib/pk11wrap/pk11slot.c, lib/pk11wrap/secmodti.h, lib/softoken/fipstokn.c, lib/softoken/pkcs11.c, lib/softoken/pkcs11c.c, lib/softoken/pkcs11i.h, lib/softoken/pkcs11u.c, lib/softoken/sftkmessage.c, lib/util/pkcs11n.h, lib/util/pkcs11t.h, lib/util/secport.h: Bug 1623374 Need to support the new PKCS #11 Message interface for AES GCM and ChaCha Poly PKCS #11 defines a new interface for handling AEAD type ciphers that allow multiple AEAD operations without repeating the key schedule. It also allows tokens to keep track of the number of operations, and generate IVs (depending on the cipher). This patch: 1. implement those new functions in softoken. With the addition of CKF_MESSAGE_* flags to various mechanism, we need to strip them when using the version 2 API of softoken (since there are no C_Message* function in version 2). For that we need a separate C_GetMechanismInfo function. We use the same trick we used to have a separate version function for the V2 interface. Also now that the new message functions are in their own file, they still need access to the common Session state processing functions. those have gone from static to exported within softoken to accomidate that. Same with sftk_MapDecryptError() (sftk_MapVerifyError() was also made global, though nothing else is yet using it). Only C_MessageEncrptInit(), C_EncryptMessage(), C_MessageEncryptFinal, C_MessageDecryptInit(), C_DecryptMessage(), and C_MessageDecryptFinal are implemented. C_EncryptMessageBegin(), C_EncryptMessageNext(), C_DecryptMessageBegin(), and C_DecryptMessageNext() are all part of the multi-part withing a multi-part operation and are only necessary for things like S/MIME (potentially). If we wanted to implement them, we would need more functions exported from freebl (and initaead, updateaead, finalaead for each mechanism type). 2. make those interfaces call aes_gcm and chacha20_poly1503 (and make adjustments for those ciphers). For AES, I added a new function AES_AEAD, which handles both encrypt and decrypt. Internally, the gcm functions (both the generic gcm and the intel gcm wrapper) had their init functions split into key scheduling and counter mode/tag initialization. The latter is still called from init, but the former is now for each update call. IV generation is handled by a single function in gcm.c, and shared with intel_gcm_wrapper.c Since the AES functions already know about the underlying PKCS #11 mechanism parameters, the new AEAD functions also parse the PKCS #11 GCM parameters. For Chacha/Poly new aead update functions were created called ChaChaPoly1305_Encrypt and ChaChaChaPoly1305_Decrypt. There was no Message specific initialization in the existing chacha_init, so no changes were needed there. The primary difference between _Encrypt/_Decrypt and _Seal/_Open is the fact that the tag is put at the end of the encrypted data buffer in the latter, and in a generic buffer in the former. 3. create new pk11wrap interfaces that also squash the api differences between the various mechanisms for aead (similiar to the way we do it for CBC and ECB crypto today). To accomplish this I added PK11_AEADOp() and PK11_AEADRawOp(). Both functions handle the case where the token only supports the single shot interface, by using the single short interface to simulate the Message interface. The PK11_AEADOp() also smooths out the differences in the parameters and symantics of the various mechanism so the application does not need to worry about the PKCS #11 differences in the mechanism. Both use contexts from the standard PK11_CreateContext(), so key schedules are done once for each key rather than once for each message. MESSAGE/AEAD operations are selected by adding the psuedo attribute flag CKA_NSS_MESSAGE to the requested operation (CKA_ENCRYPT, CKA_DECRYPT, CKA_SIGN, CKA_VERIFY). 4. write tests for the new interfaces Tests were added to make sure the PK11_AEADRawOp interface works, The single shot interface is used to test output of the message interface we also use two test only functions to force the connection to use the simulation interface, which is also compared to the non-simulate inteface. The AES_GCM also tests various IV generators. Differential Revision: https://phabricator.services.mozilla.com/D67552 [293ac3688ced] 2020-03-18 Kevin Jacobs <kjacobs@mozilla.com> * lib/freebl/mpi/mpcpucache.c: Bug 1623184 - Clear ECX prior to cpuid, fixing query for Extended Features r=bbeurdouche While trying to benchmark the recent HACL* AVX2 code, I noticed that it was not being called on two machines (that both support AVX2), instead using only the AVX version. In order to query for Extended Features (cpuid with EAX=7), we also need to set ECX to 0: https://www.intel.com/content/www/us/en /architecture-and-technology/64-ia-32-architectures-software- developer-vol-2a-manual.html. The current code fails to do this, resulting in flags that show no support. Initially, I wrote a separate `freebl_cpuid_ex` function that accepted a value for ECX as a separate input argument. However, some definitions of `freebl_cpuid` already zero ECX, so making this consistent is the simplest way to get the desired behavior. With this patch, the two test machines (MacOS and Linux x64) correctly use the AVX2 ChaCha20Poly1305 code. Differential Revision: https://phabricator.services.mozilla.com/D67235 [06d41fe87c58] 2020-03-17 Robert Relyea <rrelyea@redhat.com> * automation/abi-check/expected-report-libnss3.so.txt, automation/abi- check/expected-report-libsoftokn3.so.txt, cmd/pk11mode/pk11mode.c, lib/pk11wrap/pk11load.c, lib/pk11wrap/secmodi.h, lib/pk11wrap/secmodt.h, lib/softoken/fipstokn.c, lib/softoken/manifest.mn, lib/softoken/pkcs11.c, lib/softoken/pkcs11c.c, lib/softoken/pkcs11i.h, lib/softoken/sftkmessage.c, lib/softoken/softoken.gyp, lib/softoken/softoken.h, lib/softoken/softokn.def, lib/util/pkcs11.h, lib/util/pkcs11f.h, lib/util/pkcs11n.h, nss/automation/abi-check/new-report-libnss3.so.txt, nss/automation /abi-check/new-report-libsoftokn3.so.txt: Bug 1603628 Update NSS to handle PKCS #11 v3.0 r=ueno r=mt Update to PKCS #11 v3.0 part 2. Create the functions and switch to the C_Interface() function to fetch the PKCS #11 function table. Also PKCS #11 v3.0 uses a new fork safe interface. NSS can already handle the case if the PKCS #11 module happens to be fork safe (when asked by the application to refresh the tokens in the child process, NSS can detect that such a refresh is not necessary and continue. Softoken could also be put in fork_safe mode with an environment variable. With this patch it's the default, and NSS asks for the fork safe API by default. Technically softoken should implement the old non-fork safe interface when PKCS #11 v2.0 is called, but NSS no longer needs it, and doing so would double the number of PKCS #11 interfaces are needed. You can still compile with fork unsafe semantics, and the PKCS #11 V3.0 module will do the right thing and not include the fork safe flag. Firefox does not fork(), so for firefox this is simply code that is no longer compilied. We now use C_GetInterface, which allows us to specify what kind of interface we want (PKCS #11 v3.0, PKCS #11 v2.0, fork safe, etc.). Vendor specific functions can now be accessed through the C_GetInterface. If the C_GetInterface function does not exists, we fall bak to the old C_GetFunctionList. There are 24 new functions in PKCS #11 v3.0: C_GetInterfaceList - return a table of all the supported interfaces C_GetInterface - return a specific interface. You can specify interface name, version and flags separately. You can leave off any of these and you will get what the token thinks is the best match of the interfaces that meet the criteria. We do this in softoken by the order of the interface list. C_SessionCancel - Cancel one or more multipart operation C_LoginUser - Supply a user name to C_Login(). This function has no meaning for softoken, so it just returns CKR_OPERATION_NOT_INITIALIZED under the theory that if we in the future want to support usernames, the NSS db would need special initialization to make that happen. C_Message* and C_*Message* (20 functions in all) are the new AEAD interface (they are written generally so that it can be used for things other than AEAD). In this patch they are unimplemented (see the next patch). This patch adds regular (NSC_) and FIPS (FC_) versions of these functions. Also when creating the PKCS #11 v2.0 interface, we had to create a 2.0 specific version of C_GetInfo so that it can return a 2.40 in the CK_VERSION field rather than 3.00. We do this with #defines since all the function tables are generated automagically with pkcs11f.h. Differential Revision: https://phabricator.services.mozilla.com/D67240 [2364598f8a36] 2020-03-09 Benjamin Beurdouche <bbeurdouche@mozilla.com> * automation/taskcluster/scripts/run_hacl.sh, lib/freebl/verified/Hacl_Poly1305_128.c, lib/freebl/verified/Hacl_Poly1305_256.c: Bug 1612493 - Fix Firefox build for Windows 2012 x64. r=kjacobs Differential Revision: https://phabricator.services.mozilla.com/D65945 [7e09cdab32d0] 2020-03-02 Kurt Miller <kurt@intricatesoftware.com> * lib/freebl/blinit.c: Bug 1618400 - Fix unused variable 'getauxval' on OpenBSD/arm64 r=jcj https://bugzilla.mozilla.org/show_bug.cgi?id=1618400 [2c989888dee7] 2020-03-02 Giulio Benetti <giulio.benetti@benettiengineering.com> * lib/freebl/blinit.c: Bug 1614183 - Check if PPC __has_include(<sys/auxv.h>). r=kjacobs Some build environment doesn't provide <sys/auxv.h> and this causes build failure, so let's check if that header exists by using __has_include() helper. Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com> [bb7c46049f26] 2020-02-28 Benjamin Beurdouche <bbeurdouche@mozilla.com> * automation/taskcluster/scripts/run_hacl.sh, lib/freebl/verified/Hacl_Chacha20.c, lib/freebl/verified/Hacl_Chacha20Poly1305_128.c, lib/freebl/verified/Hacl_Chacha20Poly1305_32.c, lib/freebl/verified/Hacl_Chacha20_Vec128.c, lib/freebl/verified/Hacl_Curve25519_51.c, lib/freebl/verified/Hacl_Kremlib.h, lib/freebl/verified/Hacl_Poly1305_128.c, lib/freebl/verified/Hacl_Poly1305_32.c, lib/freebl/verified/kremlin/include/kremlin/internal/types.h, lib/freebl/verified/kremlin/kremlib/dist/minimal/FStar_UInt128.h, li b/freebl/verified/kremlin/kremlib/dist/minimal/FStar_UInt128_Verifie d.h, lib/freebl/verified/kremlin/kremlib/dist/minimal/FStar_UInt_8_1 6_32_64.h, lib/freebl/verified/kremlin/kremlib/dist/minimal/LowStar_ Endianness.h, lib/freebl/verified/kremlin/kremlib/dist/minimal/fstar _uint128_gcc64.h, lib/freebl/verified/libintvector.h: Bug 1617533 - Update of HACL* after libintvector.h and coding style changes. r=kjacobs *** Bug 1617533 - Clang format *** Bug 1617533 - Update HACL* commit for job in Taskcluster *** Bug 1617533 - Update HACL* Kremlin code Differential Revision: https://phabricator.services.mozilla.com/D63829 [b6677ae9067e] * automation/taskcluster/graph/src/extend.js, coreconf/arch.mk, coreconf/config.mk, lib/freebl/Makefile, lib/freebl/blapii.h, lib/freebl/blinit.c, lib/freebl/chacha20poly1305.c, lib/freebl/freebl.gyp, lib/freebl/verified/Hacl_Chacha20Poly1305_256.c, lib/freebl/verified/Hacl_Chacha20Poly1305_256.h, lib/freebl/verified/Hacl_Chacha20_Vec256.c, lib/freebl/verified/Hacl_Chacha20_Vec256.h, lib/freebl/verified/Hacl_Poly1305_256.c, lib/freebl/verified/Hacl_Poly1305_256.h, nss-tool/hw-support.c: Bug 1612493 - Support for HACL* AVX2 code for Chacha20, Poly1305 and Chacha20Poly1305. r=kjacobs *** Bug 1612493 - Import AVX2 code from HACL* *** Bug 1612493 - Add CPU detection for AVX2, BMI1, BMI2, FMA, MOVBE *** Bug 1612493 - New flag NSS_DISABLE_AVX2 for freebl/Makefile and freebl.gyp *** Bug 1612493 - Disable use of AVX2 on GCC 4.4 which doesn’t support -mavx2 *** Bug 1612493 - Disable tests when the platform doesn't have support for AVX2 Differential Revision: https://phabricator.services.mozilla.com/D64718 [d5deac55f543] 2020-02-18 Robert Relyea <rrelyea@redhat.com> * cmd/bltest/blapitest.c, cmd/fipstest/fipstest.c, cmd/lib/pk11table.c, cmd/pk11gcmtest/pk11gcmtest.c, cmd/shlibsign/shlibsign.c, gtests/pk11_gtest/pk11_aes_gcm_unittest.cc, gtests/pk11_gtest/pk11_cbc_unittest.cc, lib/certdb/crl.c, lib/ckfw/dbm/db.c, lib/dev/devslot.c, lib/dev/devtoken.c, lib/dev/devutil.c, lib/freebl/fipsfreebl.c, lib/freebl/gcm.c, lib/freebl/intel-gcm-wrap.c, lib/pk11wrap/debug_module.c, lib/pk11wrap/dev3hack.c, lib/pk11wrap/pk11akey.c, lib/pk11wrap/pk11auth.c, lib/pk11wrap/pk11cert.c, lib/pk11wrap/pk11err.c, lib/pk11wrap/pk11load.c, lib/pk11wrap/pk11mech.c, lib/pk11wrap/pk11merge.c, lib/pk11wrap/pk11nobj.c, lib/pk11wrap/pk11obj.c, lib/pk11wrap/pk11pbe.c, lib/pk11wrap/pk11pk12.c, lib/pk11wrap/pk11pqg.c, lib/pk11wrap/pk11skey.c, lib/pk11wrap/pk11slot.c, lib/pk11wrap/pk11util.c, lib/pkcs12/p12d.c, lib/pkcs12/p12e.c, lib/softoken/fipstokn.c, lib/softoken/legacydb/lgattr.c, lib/softoken/legacydb/lgcreate.c, lib/softoken/legacydb/lgfind.c, lib/softoken/legacydb/lginit.c, lib/softoken/pkcs11.c, lib/softoken/pkcs11c.c, lib/softoken/pkcs11u.c, lib/softoken/sdb.c, lib/softoken/sftkdb.c, lib/softoken/sftkpwd.c, lib/ssl/ssl3con.c, lib/ssl/sslprimitive.c, lib/ssl/tls13con.c, lib/util/pkcs11.h, lib/util/pkcs11f.h, lib/util/pkcs11n.h, lib/util/pkcs11t.h, lib/util/secoid.c, nss- tool/enc/enctool.cc: Bug 1603628 Update NSS to handle PKCS #11 v3.0 r=daiki r=mhoye https://phabricator.services.mozilla.com/D63241 This patch implements the first phase: updating the headers. lib/util/pkcs11.h lib/util/pkcs11f.h lib/util/pkcs11t.h Were updated using the released OASIS PKCS #11 v3.0 header files. lib/util/pkcs11n.h was updated to finally deprecate all uses of CK?_NETSCAPE_?. A new define as added: NSS_PKCS11_2_0_COMPAT. If it's defined, the small semantic changes (including the removal of deprecated defines) between the NSS PKCS #11 v2 header file and the new PKCS #11 v3 are reverted in favor of the PKCS #11 v2 definitions. This include the removal of CK?_NETSCAPE_? in favor of CK?_NSS_?. One notable change was caused by an inconsistancy between the spec and the released headers in PKCS #11 v2.40. CK_GCM_PARAMS had an extra field in the header that was not in the spec. OASIS considers the header file to be normative, so PKCS #11 v3.0 resolved the issue in favor of the header file definition. NSS had the spec definition, so now there are 2 defines for this structure: CK_NSS_GCM_PARAMS - the old nss define. Still used internally in freebl. CK_GCM_PARAMS_V3 - the new define. CK_GCM_PARAMS - no longer referenced in NSS itself. It's defined as CK_GCM_PARAMS_V3 if NSS_PKCS11_2_0_COMPAT is *not* defined, and it's defined as CKM_NSS_GCM_PARAMS if NSS_PKCS11_2_0_COMPAT is defined. Softoken has been updated to accept either CK_NSS_GCM_PARAMS or CK_GCM_PARAMS_V3. In a future patch NSS will be updated to use CK_GCM_PARAMS_V3 and fall back to CK_NSS_GMC_PARAMS. One other semantic difference between the 3.0 version of pkcs11f.h and the version here: In the oasis version of the header, you must define CK_PKCS11_2_0_ONLY to get just the PKCS #11 v2 defines. In our version you must define CK_PKCS11_3 to get the PCKS #11 v3 defines. Most of this patch is to handle changing the deprecated defines that have been removed in PCKS #11 v3 from NSS. Differential Revision: https://phabricator.services.mozilla.com/D63241 [b5d90a7fe217] Differential Revision: https://phabricator.services.mozilla.com/D70773 --HG-- extra : moz-landing-system : lando

2020-04-24 Kevin Jacobs <kjacobs@mozilla.com> * automation/abi-check/expected-report-libnss3.so.txt, gtests/softoken_gtest/softoken_gtest.cc, lib/nss/nss.def, lib/pk11wrap/pk11obj.c, lib/pk11wrap/pk11pub.h, lib/softoken/sdb.c: Bug 1612881 - Maintain PKCS11 C_GetAttributeValue semantics on attributes that lack NSS database columns r=keeler,rrelyea `sdb_GetAttributeValueNoLock` builds a query string from a list of attributes in the input template. Unfortunately, `sqlite3_prepare_v2` will fail the entire query if one of the attributes is missing from the underlying table. The PKCS #11 spec [[ https://www.cryptsoft.com/pkcs11doc/v220/pkcs11__all_8h.html#aC_G etAttributeValue | requires ]] setting the output `ulValueLen` field to -1 for such invalid attributes. This patch reads and stores the columns of nssPublic/nssPrivate when opened, then filters an input template in `sdb_GetAttributeValueNoLock` for unbacked/invalid attributes, removing them from the query and setting their template output lengths to -1. [aae226c20dfd] [tip] 2020-04-23 Kevin Jacobs <kjacobs@mozilla.com> * lib/ssl/sslnonce.c: Bug 1531906 - Relax ssl3_SetSIDSessionTicket assertions to permit valid, evicted or externally-cached sids. r=mt This patch relaxes an overzealous assertion for the case where: 1) Two sockets start connections with a shared SID. 2) One receives an empty session ticket in the SH, and evicts the SID from cache. 3) The second socket receives a new session ticket, and attempts to set it in the SID. We currently assert that the sid is `in_client_cache` at 3), but clearly it cannot be. The outstanding reference remains valid despite the eviction. This also solves a related assertion failure after https://hg.mozilla.org/mozilla-central/rev/c5a8b641d905 where the same scenario occurs, but instead of being `in_client_cache` or evicted, the SID is `in_external_cache`. [a68de0859582] 2020-04-16 Robert Relyea <rrelyea@redhat.com> * gtests/common/testvectors/kwp-vectors.h, gtests/pk11_gtest/manifest.mn, gtests/pk11_gtest/pk11_aeskeywrapkwp_unittest.cc, gtests/pk11_gtest/pk11_gtest.gyp, lib/freebl/aeskeywrap.c, lib/freebl/blapi.h, lib/freebl/blapit.h, lib/freebl/hmacct.c, lib/freebl/ldvector.c, lib/freebl/loader.c, lib/freebl/loader.h, lib/pk11wrap/pk11mech.c, lib/softoken/lowpbe.c, lib/softoken/pkcs11.c, lib/softoken/pkcs11c.c, lib/softoken/pkcs11i.h, lib/softoken/pkcs11u.c, lib/ssl/ssl3con.c, lib/util/secport.h: Bug 1630721 Softoken Functions for FIPS missing r=mt For FIPS we need the following: 1. NIST official Key padding for AES Key Wrap. 2. Combined Hash/Sign mechanisms for DSA and ECDSA. In the first case our AES_KEY_WRAP_PAD function addes pkcs8 padding to the normal AES_KEY_WRAP, which is a different algorithm then the padded key wrap specified by NIST. PKCS #11 recognized this and created a special mechanism to handle NIST padding. That is why we don't have industry test vectors for CKM_NSS_AES_KEY_WRAP_PAD. This patch implements that NIST version (while maintaining our own). Also PKCS #11 v3.0 specified PKCS #11 mechanism for AES_KEY_WRAP which are compatible (semantically) with the NSS vendor specific versions, but with non-vendor specific numbers. Softoken now accepts both numbers. This patch also updates softoken to handle DSA and ECDSA combined hash algorithms other than just SHA1 (which is no longer validated). Finally this patch uses the NIST KWP test vectors in new gtests for the AES_KEY_WRAP_KWP wrapping algorithm. As part of the AES_KEY_WRAP_KWP code, the Constant time macros have been generalized and moved to secport. Old macros scattered throughout the code have been deleted and existing contant time code has been updated to use the new macros. [3682d5ef3db5] 2020-04-21 Lauri Kasanen <cand@gmx.com> * lib/freebl/Makefile, lib/freebl/freebl.gyp, lib/freebl/freebl_base.gypi, lib/freebl/gcm.h, lib/freebl/ppc- crypto.h, lib/freebl/scripts/LICENSE, lib/freebl/scripts/gen.sh, lib/freebl/scripts/ppc-xlate.pl, lib/freebl/scripts/sha512p8-ppc.pl, lib/freebl/sha512-p8.s, lib/freebl/sha512.c: Bug 1613238 - POWER SHA-2 digest vector acceleration. r=jcj,kjacobs [2d66bd9dcad4] 2020-04-18 Robert Relyea <rrelyea@redhat.com> * coreconf/Linux.mk, coreconf/config.gypi, lib/softoken/sdb.c: Bug 1603801 [patch] Avoid dcache pollution from sdb_measureAccess() r=mt As implemented, when sdb_measureAccess() runs it creates up to 10,000 negative dcache entries (cached nonexistent filenames). There is no advantage to leaving these particular filenames in the cache; they will never be searched again. Subsequent runs will run a new test with an intentionally different set of filenames. This can have detrimental effects on some systems; a massive negative dcache can lead to memory or performance problems. Since not all platforms have a problem with negative dcache entries, this patch is limitted to those platforms that request it at compilie time (Linux is current the only patch that does.) [928721f70164] 2020-04-16 Kevin Jacobs <kjacobs@mozilla.com> * coreconf/config.gypi: Bug 1630458 - Produce debug symbols in GYP/MSVC debug builds. r=mt [25006e23a777] 2020-04-13 Robert Relyea <rrelyea@redhat.com> * lib/ckfw/object.c, lib/ckfw/session.c: Bug 1629655 ckfw needs to support temporary session objects. r=kjacobs libckfw needs to create temporary objects whose space will to be freed after use (rather than at token shutdown). Currently only token objects are supported and they are allocated out of a global arena owned by the slot, so the objects only go away when the slot is closed. This patch sets the arena to NULL in nssCKFWObject_Create() if the object is a session object. This tells nssCKFWObject_Create() to create a new arena specifically for this object. That arena is stored in localArena. When the object is destroyed, any localArena's will be freed. [808ec0e6fd77] 2020-04-14 Robert Relyea <rrelyea@redhat.com> * cmd/selfserv/selfserv.c, lib/ssl/sslsnce.c, tests/ssl/ssl.sh: Bug 1629661 MPConfig calls in SSL initializes policy before NSS is initialized. r=mt NSS has several config functions that multiprocess servers must call before NSS is initialized to set up shared memory caches between the processes. These functions call ssl_init(), which initializes the ssl policy. The ssl policy initialization, however needs to happen after NSS itself is initialized. Doing so before hand causes (in the best case) policy to be ignored by these servers, and crashes (in the worst case). Instead, these cache functions should just initialize those things it needs (that is the NSPR ssl error codes). This patch does: 1) fixes the cache init code to only initialize error codes. 2) fixes the selfserv MP code to 1) be compatible with ssl.sh's selfserv management (at least on Unix), and 2) mimic the way real servers handle the MP_Cache init code (calling NSS_Init after the cache set up). 3) update ssl.sh server policy test to test policy usage on an MP server. This is only done for non-windows like OS's because they can't catch the kill signal to force their children to shutdown. I've verified that the test fails if 2 and 3 are included but 1 is not (and succeeds if all three are included). [a252957a3805] Differential Revision: https://phabricator.services.mozilla.com/D72409

2020-04-24 Kevin Jacobs <kjacobs@mozilla.com> * automation/abi-check/expected-report-libnss3.so.txt, gtests/softoken_gtest/softoken_gtest.cc, lib/nss/nss.def, lib/pk11wrap/pk11obj.c, lib/pk11wrap/pk11pub.h, lib/softoken/sdb.c: Bug 1612881 - Maintain PKCS11 C_GetAttributeValue semantics on attributes that lack NSS database columns r=keeler,rrelyea `sdb_GetAttributeValueNoLock` builds a query string from a list of attributes in the input template. Unfortunately, `sqlite3_prepare_v2` will fail the entire query if one of the attributes is missing from the underlying table. The PKCS mozilla#11 spec [[ https://www.cryptsoft.com/pkcs11doc/v220/pkcs11__all_8h.html#aC_G etAttributeValue | requires ]] setting the output `ulValueLen` field to -1 for such invalid attributes. This patch reads and stores the columns of nssPublic/nssPrivate when opened, then filters an input template in `sdb_GetAttributeValueNoLock` for unbacked/invalid attributes, removing them from the query and setting their template output lengths to -1. [aae226c20dfd] [tip] 2020-04-23 Kevin Jacobs <kjacobs@mozilla.com> * lib/ssl/sslnonce.c: Bug 1531906 - Relax ssl3_SetSIDSessionTicket assertions to permit valid, evicted or externally-cached sids. r=mt This patch relaxes an overzealous assertion for the case where: 1) Two sockets start connections with a shared SID. 2) One receives an empty session ticket in the SH, and evicts the SID from cache. 3) The second socket receives a new session ticket, and attempts to set it in the SID. We currently assert that the sid is `in_client_cache` at 3), but clearly it cannot be. The outstanding reference remains valid despite the eviction. This also solves a related assertion failure after https://hg.mozilla.org/mozilla-central/rev/c5a8b641d905 where the same scenario occurs, but instead of being `in_client_cache` or evicted, the SID is `in_external_cache`. [a68de0859582] 2020-04-16 Robert Relyea <rrelyea@redhat.com> * gtests/common/testvectors/kwp-vectors.h, gtests/pk11_gtest/manifest.mn, gtests/pk11_gtest/pk11_aeskeywrapkwp_unittest.cc, gtests/pk11_gtest/pk11_gtest.gyp, lib/freebl/aeskeywrap.c, lib/freebl/blapi.h, lib/freebl/blapit.h, lib/freebl/hmacct.c, lib/freebl/ldvector.c, lib/freebl/loader.c, lib/freebl/loader.h, lib/pk11wrap/pk11mech.c, lib/softoken/lowpbe.c, lib/softoken/pkcs11.c, lib/softoken/pkcs11c.c, lib/softoken/pkcs11i.h, lib/softoken/pkcs11u.c, lib/ssl/ssl3con.c, lib/util/secport.h: Bug 1630721 Softoken Functions for FIPS missing r=mt For FIPS we need the following: 1. NIST official Key padding for AES Key Wrap. 2. Combined Hash/Sign mechanisms for DSA and ECDSA. In the first case our AES_KEY_WRAP_PAD function addes pkcs8 padding to the normal AES_KEY_WRAP, which is a different algorithm then the padded key wrap specified by NIST. PKCS mozilla#11 recognized this and created a special mechanism to handle NIST padding. That is why we don't have industry test vectors for CKM_NSS_AES_KEY_WRAP_PAD. This patch implements that NIST version (while maintaining our own). Also PKCS mozilla#11 v3.0 specified PKCS mozilla#11 mechanism for AES_KEY_WRAP which are compatible (semantically) with the NSS vendor specific versions, but with non-vendor specific numbers. Softoken now accepts both numbers. This patch also updates softoken to handle DSA and ECDSA combined hash algorithms other than just SHA1 (which is no longer validated). Finally this patch uses the NIST KWP test vectors in new gtests for the AES_KEY_WRAP_KWP wrapping algorithm. As part of the AES_KEY_WRAP_KWP code, the Constant time macros have been generalized and moved to secport. Old macros scattered throughout the code have been deleted and existing contant time code has been updated to use the new macros. [3682d5ef3db5] 2020-04-21 Lauri Kasanen <cand@gmx.com> * lib/freebl/Makefile, lib/freebl/freebl.gyp, lib/freebl/freebl_base.gypi, lib/freebl/gcm.h, lib/freebl/ppc- crypto.h, lib/freebl/scripts/LICENSE, lib/freebl/scripts/gen.sh, lib/freebl/scripts/ppc-xlate.pl, lib/freebl/scripts/sha512p8-ppc.pl, lib/freebl/sha512-p8.s, lib/freebl/sha512.c: Bug 1613238 - POWER SHA-2 digest vector acceleration. r=jcj,kjacobs [2d66bd9dcad4] 2020-04-18 Robert Relyea <rrelyea@redhat.com> * coreconf/Linux.mk, coreconf/config.gypi, lib/softoken/sdb.c: Bug 1603801 [patch] Avoid dcache pollution from sdb_measureAccess() r=mt As implemented, when sdb_measureAccess() runs it creates up to 10,000 negative dcache entries (cached nonexistent filenames). There is no advantage to leaving these particular filenames in the cache; they will never be searched again. Subsequent runs will run a new test with an intentionally different set of filenames. This can have detrimental effects on some systems; a massive negative dcache can lead to memory or performance problems. Since not all platforms have a problem with negative dcache entries, this patch is limitted to those platforms that request it at compilie time (Linux is current the only patch that does.) [928721f70164] 2020-04-16 Kevin Jacobs <kjacobs@mozilla.com> * coreconf/config.gypi: Bug 1630458 - Produce debug symbols in GYP/MSVC debug builds. r=mt [25006e23a777] 2020-04-13 Robert Relyea <rrelyea@redhat.com> * lib/ckfw/object.c, lib/ckfw/session.c: Bug 1629655 ckfw needs to support temporary session objects. r=kjacobs libckfw needs to create temporary objects whose space will to be freed after use (rather than at token shutdown). Currently only token objects are supported and they are allocated out of a global arena owned by the slot, so the objects only go away when the slot is closed. This patch sets the arena to NULL in nssCKFWObject_Create() if the object is a session object. This tells nssCKFWObject_Create() to create a new arena specifically for this object. That arena is stored in localArena. When the object is destroyed, any localArena's will be freed. [808ec0e6fd77] 2020-04-14 Robert Relyea <rrelyea@redhat.com> * cmd/selfserv/selfserv.c, lib/ssl/sslsnce.c, tests/ssl/ssl.sh: Bug 1629661 MPConfig calls in SSL initializes policy before NSS is initialized. r=mt NSS has several config functions that multiprocess servers must call before NSS is initialized to set up shared memory caches between the processes. These functions call ssl_init(), which initializes the ssl policy. The ssl policy initialization, however needs to happen after NSS itself is initialized. Doing so before hand causes (in the best case) policy to be ignored by these servers, and crashes (in the worst case). Instead, these cache functions should just initialize those things it needs (that is the NSPR ssl error codes). This patch does: 1) fixes the cache init code to only initialize error codes. 2) fixes the selfserv MP code to 1) be compatible with ssl.sh's selfserv management (at least on Unix), and 2) mimic the way real servers handle the MP_Cache init code (calling NSS_Init after the cache set up). 3) update ssl.sh server policy test to test policy usage on an MP server. This is only done for non-windows like OS's because they can't catch the kill signal to force their children to shutdown. I've verified that the test fails if 2 and 3 are included but 1 is not (and succeeds if all three are included). [a252957a3805] Differential Revision: https://phabricator.services.mozilla.com/D72409

StartGamepadMonitoring() can end up in AddGamepad, and acquire the lock again on the same thread, effectively dead-locking. This is a regression from bug 1657404. Relevant stack: (gdb) bt #0 0x00007fd19bace801 in clock_nanosleep@GLIBC_2.2.5 () at /lib64/libc.so.6 #1 0x00007fd19bad4157 in nanosleep () at /lib64/libc.so.6 #2 0x00007fd19bad408e in sleep () at /lib64/libc.so.6 #3 0x00007fd195233e87 in ah_crap_handler(int) (signum=11) at /home/emilio/src/moz/gecko-4/toolkit/xre/nsSigHandlers.cpp:95 #4 0x00007fd1952165c4 in nsProfileLock::FatalSignalHandler(int, siginfo_t*, void*) (signo=11, info=0x7fd14abb9db0, context=0x7fd14abb9c80) at /home/emilio/src/moz/gecko-4/toolkit/profile/nsProfileLock.cpp:177 #5 0x00007fd1964973b2 in WasmTrapHandler(int, siginfo_t*, void*) (signum=11, info=<optimized out>, context=<optimized out>) at /home/emilio/src/moz/gecko-4/js/src/wasm/WasmSignalHandlers.cpp:978 #6 0x00007fd19bf3ca90 in <signal handler called> () at /lib64/libpthread.so.0 #7 mozilla::detail::MutexImpl::mutexLock() (this=<optimized out>) at /home/emilio/src/moz/gecko-4/mozglue/misc/Mutex_posix.cpp:118 #8 mozilla::detail::MutexImpl::lock() (this=<optimized out>) at /home/emilio/src/moz/gecko-4/mozglue/misc/Mutex_posix.cpp:142 #9 0x00007fd190cc795a in mozilla::OffTheBooksMutex::Lock() (this=0x7fd136649398) at /home/emilio/src/moz/gecko-4/xpcom/threads/BlockingResourceBase.cpp:318 #10 0x00007fd19326e65e in mozilla::detail::BaseAutoLock<mozilla::Mutex&>::BaseAutoLock(mozilla::Mutex&) (this=<optimized out>, aLock=...) at /home/emilio/src/moz/gecko-4/obj-debug-no-sccache/dist/include/mozilla/Mutex.h:159 #11 mozilla::dom::GamepadPlatformService::NotifyGamepadChange<mozilla::dom::GamepadAdded>(unsigned int, mozilla::dom::GamepadAdded const&) (this=0x7fd136649380, aIndex=1, aInfo=...) at /home/emilio/src/moz/gecko-4/dom/gamepad/GamepadPlatformService.cpp:65 #12 0x00007fd193269178 in mozilla::dom::GamepadPlatformService::AddGamepad(char const*, mozilla::dom::GamepadMappingType, mozilla::dom::GamepadHand, unsigned int, unsigned int, unsigned int, unsigned int, unsigned int) (this=0x7fd136649380, aID=<optimized out>, aMapping=mozilla::dom::GamepadMappingType::_empty, aHand=mozilla::dom::GamepadHand::_empty, aNumButtons=11, aNumAxes=8, aHaptics=0, aNumLightIndicator=0, aNumTouchEvents=0) at /home/emilio/src/moz/gecko-4/dom/gamepad/GamepadPlatformService.cpp:96 #13 0x00007fd19326de4a in (anonymous namespace)::LinuxGamepadService::AddDevice(mozilla::udev_device*) (this=<optimized out>, dev=<optimized out>) at /home/emilio/src/moz/gecko-4/dom/gamepad/linux/LinuxGamepad.cpp:139 #14 0x00007fd19326a156 in (anonymous namespace)::LinuxGamepadService::ScanForDevices() (this=<optimized out>) at /home/emilio/src/moz/gecko-4/dom/gamepad/linux/LinuxGamepad.cpp:188 #15 (anonymous namespace)::LinuxGamepadService::Startup() (this=<optimized out>) at /home/emilio/src/moz/gecko-4/dom/gamepad/linux/LinuxGamepad.cpp:233 #16 mozilla::dom::StartGamepadMonitoring() () at /home/emilio/src/moz/gecko-4/dom/gamepad/linux/LinuxGamepad.cpp:334 #17 0x00007fd193269c6b in mozilla::dom::GamepadPlatformService::AddChannelParent(mozilla::dom::GamepadEventChannelParent*) (this=<optimized out>, aParent=<optimized out>) at /home/emilio/src/moz/gecko-4/dom/gamepad/GamepadPlatformService.cpp:225 #18 0x00007fd19326d175 in mozilla::dom::GamepadEventChannelParent::Init() (this=0x7fd136e76a00) at /home/emilio/src/moz/gecko-4/dom/gamepad/ipc/GamepadEventChannelParent.cpp:50 #19 0x00007fd1913ba3a6 in mozilla::ipc::BackgroundParentImpl::RecvPGamepadEventChannelConstructor(mozilla::dom::PGamepadEventChannelParent*) (this=0x7fd13f888000, aActor=0x0) at /home/emilio/src/moz/gecko-4/ipc/glue/BackgroundParentImpl.cpp:1109 #20 0x00007fd1917c7da1 in mozilla::ipc::PBackgroundParent::OnMessageReceived(IPC::Message const&) (this=0x7fd13f888000, msg__=...) at PBackgroundParent.cpp:4967 #21 0x00007fd1913ea71d in mozilla::ipc::MessageChannel::DispatchAsyncMessage(mozilla::ipc::ActorLifecycleProxy*, IPC::Message const&) (this=0x7fd13f8880f8, aProxy=0x7fd13ff48140, aMsg=...) Differential Revision: https://phabricator.services.mozilla.com/D87967

… a=RyanVM StartGamepadMonitoring() can end up in AddGamepad, and acquire the lock again on the same thread, effectively dead-locking. This is a regression from bug 1657404. Relevant stack: (gdb) bt #0 0x00007fd19bace801 in clock_nanosleep@GLIBC_2.2.5 () at /lib64/libc.so.6 #1 0x00007fd19bad4157 in nanosleep () at /lib64/libc.so.6 #2 0x00007fd19bad408e in sleep () at /lib64/libc.so.6 #3 0x00007fd195233e87 in ah_crap_handler(int) (signum=11) at /home/emilio/src/moz/gecko-4/toolkit/xre/nsSigHandlers.cpp:95 #4 0x00007fd1952165c4 in nsProfileLock::FatalSignalHandler(int, siginfo_t*, void*) (signo=11, info=0x7fd14abb9db0, context=0x7fd14abb9c80) at /home/emilio/src/moz/gecko-4/toolkit/profile/nsProfileLock.cpp:177 #5 0x00007fd1964973b2 in WasmTrapHandler(int, siginfo_t*, void*) (signum=11, info=<optimized out>, context=<optimized out>) at /home/emilio/src/moz/gecko-4/js/src/wasm/WasmSignalHandlers.cpp:978 #6 0x00007fd19bf3ca90 in <signal handler called> () at /lib64/libpthread.so.0 #7 mozilla::detail::MutexImpl::mutexLock() (this=<optimized out>) at /home/emilio/src/moz/gecko-4/mozglue/misc/Mutex_posix.cpp:118 #8 mozilla::detail::MutexImpl::lock() (this=<optimized out>) at /home/emilio/src/moz/gecko-4/mozglue/misc/Mutex_posix.cpp:142 #9 0x00007fd190cc795a in mozilla::OffTheBooksMutex::Lock() (this=0x7fd136649398) at /home/emilio/src/moz/gecko-4/xpcom/threads/BlockingResourceBase.cpp:318 #10 0x00007fd19326e65e in mozilla::detail::BaseAutoLock<mozilla::Mutex&>::BaseAutoLock(mozilla::Mutex&) (this=<optimized out>, aLock=...) at /home/emilio/src/moz/gecko-4/obj-debug-no-sccache/dist/include/mozilla/Mutex.h:159 #11 mozilla::dom::GamepadPlatformService::NotifyGamepadChange<mozilla::dom::GamepadAdded>(unsigned int, mozilla::dom::GamepadAdded const&) (this=0x7fd136649380, aIndex=1, aInfo=...) at /home/emilio/src/moz/gecko-4/dom/gamepad/GamepadPlatformService.cpp:65 #12 0x00007fd193269178 in mozilla::dom::GamepadPlatformService::AddGamepad(char const*, mozilla::dom::GamepadMappingType, mozilla::dom::GamepadHand, unsigned int, unsigned int, unsigned int, unsigned int, unsigned int) (this=0x7fd136649380, aID=<optimized out>, aMapping=mozilla::dom::GamepadMappingType::_empty, aHand=mozilla::dom::GamepadHand::_empty, aNumButtons=11, aNumAxes=8, aHaptics=0, aNumLightIndicator=0, aNumTouchEvents=0) at /home/emilio/src/moz/gecko-4/dom/gamepad/GamepadPlatformService.cpp:96 #13 0x00007fd19326de4a in (anonymous namespace)::LinuxGamepadService::AddDevice(mozilla::udev_device*) (this=<optimized out>, dev=<optimized out>) at /home/emilio/src/moz/gecko-4/dom/gamepad/linux/LinuxGamepad.cpp:139 #14 0x00007fd19326a156 in (anonymous namespace)::LinuxGamepadService::ScanForDevices() (this=<optimized out>) at /home/emilio/src/moz/gecko-4/dom/gamepad/linux/LinuxGamepad.cpp:188 #15 (anonymous namespace)::LinuxGamepadService::Startup() (this=<optimized out>) at /home/emilio/src/moz/gecko-4/dom/gamepad/linux/LinuxGamepad.cpp:233 #16 mozilla::dom::StartGamepadMonitoring() () at /home/emilio/src/moz/gecko-4/dom/gamepad/linux/LinuxGamepad.cpp:334 #17 0x00007fd193269c6b in mozilla::dom::GamepadPlatformService::AddChannelParent(mozilla::dom::GamepadEventChannelParent*) (this=<optimized out>, aParent=<optimized out>) at /home/emilio/src/moz/gecko-4/dom/gamepad/GamepadPlatformService.cpp:225 #18 0x00007fd19326d175 in mozilla::dom::GamepadEventChannelParent::Init() (this=0x7fd136e76a00) at /home/emilio/src/moz/gecko-4/dom/gamepad/ipc/GamepadEventChannelParent.cpp:50 #19 0x00007fd1913ba3a6 in mozilla::ipc::BackgroundParentImpl::RecvPGamepadEventChannelConstructor(mozilla::dom::PGamepadEventChannelParent*) (this=0x7fd13f888000, aActor=0x0) at /home/emilio/src/moz/gecko-4/ipc/glue/BackgroundParentImpl.cpp:1109 #20 0x00007fd1917c7da1 in mozilla::ipc::PBackgroundParent::OnMessageReceived(IPC::Message const&) (this=0x7fd13f888000, msg__=...) at PBackgroundParent.cpp:4967 #21 0x00007fd1913ea71d in mozilla::ipc::MessageChannel::DispatchAsyncMessage(mozilla::ipc::ActorLifecycleProxy*, IPC::Message const&) (this=0x7fd13f8880f8, aProxy=0x7fd13ff48140, aMsg=...) Differential Revision: https://phabricator.services.mozilla.com/D87967

2020-08-21 Kevin Jacobs <kjacobs@mozilla.com> * automation/abi-check/previous-nss-release, lib/nss/nss.h, lib/softoken/softkver.h, lib/util/nssutil.h: Set version numbers to 3.57 Beta [783f49ae6126] 2020-08-24 Kevin Jacobs <kjacobs@mozilla.com> * gtests/ssl_gtest/ssl_auth_unittest.cc, lib/ssl/dtls13con.c, lib/ssl/dtlscon.c, lib/ssl/ssl3con.c, lib/ssl/sslimpl.h, lib/ssl/sslnonce.c: Bug 1653641 - Cleanup inaccurate DTLS comments, code review fixes. r=mt [0e1b5c711cb9] 2020-08-24 Robert Relyea <rrelyea@redhat.com> * lib/freebl/fipsfreebl.c, lib/softoken/fipstest.c, lib/softoken/kbkdf.c, lib/softoken/lowpbe.c, lib/softoken/lowpbe.h, lib/softoken/pkcs11c.c, lib/softoken/pkcs11i.h, lib/softoken/sftkhmac.c, lib/softoken/sftkike.c: Bug 1660304 New FIPS IG requires self-tests for approved kdfs. r=ueno comments=kjacobs FIPS guidance now requires self-tests for our kdfs. It also requires self-tests for cmac which we didn't have in the cmac patch. Currently only one test per kdf is necessary. Specifially for SP-800-108, only one of the three flavors are needed (counter, feedback, or pipeline). This patch includes more complete testing but it has been turned off the currently extraneous tests under the assumption that NIST guidance may require them in the future. HKDF is currently not included in FIPS, but is on track to be included, so hkdf have been included in this patch. Because the test vectors are const strings, the patch pushes some const definitions that were missing in existing private interfaces. There are three flavors of self-tests: Function implemented in freebl are added to the freebl/fipsfreebl.c Functions implemented in pkcs11c.c have selftests completely implemented in softoken/fipstest.c Functions implemented in their own .c file have their selftest function implemented in that .c file and called by fipstests.c These are consistant with the previous choices for selftests. Some private interfaces that took in keys from pkcs #11 structures or outputted keys to pkcs #11 structures were modified to optionally take keys in by bytes and output keys as bytes so the self-tests can work in just bytes. [5dca54fe61c2] 2020-08-25 Daiki Ueno <dueno@redhat.com> * lib/softoken/manifest.mn: Bug 1659252, disable building libnssdbm3.so if NSS_DISABLE_DBM=1, r=rrelyea Reviewers: rrelyea Reviewed By: rrelyea Bug #: 1659252 [4d55d36ca6ef] 2020-08-24 Kevin Jacobs <kjacobs@mozilla.com> * lib/pk11wrap/pk11cxt.c, lib/softoken/pkcs11c.c, lib/softoken/sdb.c, lib/softoken/sftkpwd.c: Bug 1651834 - Fix various static analyzer warnings. r=rrelyea [ab04fd73fd6d] 2020-08-28 Mike Hommey <mh@glandium.org> * lib/freebl/blapii.h: Bug 1661810 - Define pre_align/post_align based on the compiler. r=jcj Things worked fine before we upgraded to clang 11 presumably because the stack was always 16-bytes aligned in the first place, or something akin to that, and the lack of pre_align/post_align doing anything didn't matter. The runtime misalignment of the stack may well be a clang > 9 bug, but keeping pre_align/post_align tied to the x86/x64 is a footgun anyways. [c100e11991f6] [tip] Differential Revision: https://phabricator.services.mozilla.com/D88876

…efs that could affect font inflation change. r=kats When I start setting the pref ui.useOverlayScrollbars in bug 1663537 we trigger this assert ``` ###!!! ASSERTION: can't mark frame dirty during reflow: '!mIsReflowing', file /builds/worker/checkouts/gecko/layout/base/PresShell.cpp, line 2677 #01: mozilla::PresShell::MaybeReflowForInflationScreenSizeChange() [layout/base/PresShell.cpp:11148] #2: mozilla::PresShell::CompleteChangeToVisualViewportSize() [layout/base/PresShell.cpp:11177] #3: MobileViewportManager::UpdateVisualViewportSize(mozilla::gfx::IntSizeTyped<mozilla::ScreenPixel> const&, mozilla::gfx::ScaleFactor<mozilla::CSSPixel, mozilla::ScreenPixel> const&) [layout/base/MobileViewportManager.cpp:504] #4: MobileViewportManager::RefreshVisualViewportSize() [layout/base/MobileViewportManager.cpp:557] #5: nsHTMLScrollFrame::Reflow(nsPresContext*, mozilla::ReflowOutput&, mozilla::ReflowInput const&, nsReflowStatus&) [layout/generic/nsGfxScrollFrame.cpp:1340] #6: nsContainerFrame::ReflowChild(nsIFrame*, nsPresContext*, mozilla::ReflowOutput&, mozilla::ReflowInput const&, int, int, nsIFrame::ReflowChildFlags, nsReflowStatus&, nsOverflowContinuationTracker*) [layout/generic/nsContainerFrame.cpp:1115] #7: mozilla::ViewportFrame::Reflow(nsPresContext*, mozilla::ReflowOutput&, mozilla::ReflowInput const&, nsReflowStatus&) [layout/generic/ViewportFrame.cpp:297] #8: mozilla::PresShell::DoReflow(nsIFrame*, bool, mozilla::OverflowChangedTracker*) [layout/base/PresShell.cpp:9650] #9: mozilla::PresShell::ProcessReflowCommands(bool) [layout/base/PresShell.cpp:9816] #10: mozilla::PresShell::DoFlushPendingNotifications(mozilla::ChangesToFlush) [layout/base/PresShell.cpp:4239] #11: nsRefreshDriver::Tick(mozilla::layers::BaseTransactionId<mozilla::VsyncIdType>, mozilla::TimeStamp) [layout/base/nsRefreshDriver.cpp:2139] ``` This happens after the test is finish when we unset the ui.useOverlayScrollbars pref which (I'm assuming because it must) causes reflow. When running a font-inflation related reftest we also unset the font inflation related prefs that were specified in the reftest.list file. This causes font-inflation to go from enabled to disabled and we detect that for the first time while reflowing the scroll frame. Instead we should reflow when any pref that could affect font inflation is changed. I scanned the font-inflation code in PresShell and Document::GetViewportInfo for prefs are consulted, but I didn't go a super exhaustive search. Differential Revision: https://phabricator.services.mozilla.com/D89409

The test fixes all fell into the follow categories: A) The test uses requestAnimationFrame to wait one frame and expects scrolling to be complete. With the desktop zooming scrollbars in order for the scrolling to show up on the main thread we need to send the scroll request to the compositor and then hear back from it via an apz repaint request (apz callback helper). Waiting on requestAnimationFrame will complete the first part, but not necessarily the second part. The fix is to wait for a scroll event. B) Switching tests to wait for scroll events exposes another problem: the test can do things that cause a scroll in order to setup the test (and that may not be obvious that it causes a scroll) before actually proceeding to do the test and do something that causes a scroll and then checks for the scroll change of the second thing. Waiting for a requestAnimationFrame would include both those scrolls without desktop zooming scrollbars, but if we wait for a scroll event we will get the scroll event for the first thing which we are not interested in. So we need to make sure scroll events are cleared out before waiting for any scroll events. We do this by waiting two requestAnimationFrame's and waiting for apz to be flushed. We also use this when a test does something and it wants to test that scrolling is not performed. The main thing that causes scrolling that may not be obvious: calling node.focus(). With stacks like: from test_scroll_per_page.html ``` #01: mozilla::ScrollFrameHelper::CompleteAsyncScroll(nsRect const&, mozilla::ScrollOrigin) [/Users/tim/ffopt2/src/obj-x86_64-apple-darwin19.6.0/toolkit/library/build/XUL + 0x47d6cc0] #2: mozilla::ScrollFrameHelper::ScrollToWithOrigin(nsPoint, mozilla::ScrollMode, mozilla::ScrollOrigin, nsRect const*, nsIScrollbarMediator::ScrollSnapMode) [/Users/tim/ffopt2/src/obj-x86_64-apple-darwin19.6.0/toolkit/library/build/XUL + 0x47d7732] #3: mozilla::layout::ScrollAnchorContainer::ApplyAdjustments() [/Users/tim/ffopt2/src/obj-x86_64-apple-darwin19.6.0/toolkit/library/build/XUL + 0x4742913] #4: mozilla::PresShell::FlushPendingScrollAnchorAdjustments() [/Users/tim/ffopt2/src/obj-x86_64-apple-darwin19.6.0/toolkit/library/build/XUL + 0x4650069] #5: mozilla::PresShell::ProcessReflowCommands(bool) [/Users/tim/ffopt2/src/obj-x86_64-apple-darwin19.6.0/toolkit/library/build/XUL + 0x465742b] #6: mozilla::PresShell::DoFlushPendingNotifications(mozilla::ChangesToFlush) [/Users/tim/ffopt2/src/obj-x86_64-apple-darwin19.6.0/toolkit/library/build/XUL + 0x4656af8] #7: mozilla::dom::Document::FlushPendingNotifications(mozilla::ChangesToFlush) [/Users/tim/ffopt2/src/obj-x86_64-apple-darwin19.6.0/toolkit/library/build/XUL + 0x1a87d3c] #8: mozilla::PresShell::ScrollContentIntoView(nsIContent*, mozilla::ScrollAxis, mozilla::ScrollAxis, mozilla::ScrollFlags) [/Users/tim/ffopt2/src/obj-x86_64-apple-darwin19.6.0/toolkit/library/build/XUL + 0x4652b96] #9: nsFocusManager::ScrollIntoView(mozilla::PresShell*, nsIContent*, unsigned int) [/Users/tim/ffopt2/src/obj-x86_64-apple-darwin19.6.0/toolkit/library/build/XUL + 0x1bedd1c] #10: nsFocusManager::Focus(nsPIDOMWindowOuter*, mozilla::dom::Element*, unsigned int, bool, bool, bool, bool, bool, nsIContent*) [/Users/tim/ffopt2/src/obj-x86_64-apple-darwin19.6.0/toolkit/library/build/XUL + 0x1be6be0] #11: nsFocusManager::SetFocusInner(mozilla::dom::Element*, int, bool, bool) [/Users/tim/ffopt2/src/obj-x86_64-apple-darwin19.6.0/toolkit/library/build/XUL + 0x1be212f] #12: nsFocusManager::SetFocus(mozilla::dom::Element*, unsigned int) [/Users/tim/ffopt2/src/obj-x86_64-apple-darwin19.6.0/toolkit/library/build/XUL + 0x1be32ba] #13: mozilla::dom::Element::Focus(mozilla::dom::FocusOptions const&, mozilla::dom::CallerType, mozilla::ErrorResult&) [/Users/tim/ffopt2/src/obj-x86_64-apple-darwin19.6.0/toolkit/library/build/XUL + 0x1aaf283] #14: mozilla::dom::HTMLElement_Binding::focus(JSContext*, JS::Handle<JSObject*>, void*, JSJitMethodCallArgs const&) [/Users/tim/ffopt2/src/obj-x86_64-apple-darwin19.6.0/toolkit/library/build/XUL + 0x2d65f3b] ``` from editor/libeditor/tests/test_bug549262.html ``` #01: mozilla::ScrollFrameHelper::CompleteAsyncScroll(nsRect const&, mozilla::ScrollOrigin) [/Users/tim/ffopt2/src/obj-x86_64-apple-darwin19.6.0/toolkit/library/build/XUL + 0x47d6cc0] #2: mozilla::ScrollFrameHelper::ScrollToWithOrigin(nsPoint, mozilla::ScrollMode, mozilla::ScrollOrigin, nsRect const*, nsIScrollbarMediator::ScrollSnapMode) [/Users/tim/ffopt2/src/obj-x86_64-apple-darwin19.6.0/toolkit/library/build/XUL + 0x47d7732] #3: mozilla::PresShell::ScrollFrameRectIntoView(nsIFrame*, nsRect const&, mozilla::ScrollAxis, mozilla::ScrollAxis, mozilla::ScrollFlags) [/Users/tim/ffopt2/src/obj-x86_64-apple-darwin19.6.0/toolkit/library/build/XUL + 0x46541bc] #4: mozilla::PresShell::DoScrollContentIntoView() [/Users/tim/ffopt2/src/obj-x86_64-apple-darwin19.6.0/toolkit/library/build/XUL + 0x4653776] #5: mozilla::PresShell::DoFlushPendingNotifications(mozilla::ChangesToFlush) [/Users/tim/ffopt2/src/obj-x86_64-apple-darwin19.6.0/toolkit/library/build/XUL + 0x4656b11] #6: mozilla::dom::Document::FlushPendingNotifications(mozilla::ChangesToFlush) [/Users/tim/ffopt2/src/obj-x86_64-apple-darwin19.6.0/toolkit/library/build/XUL + 0x1a87d3c] #7: mozilla::PresShell::ScrollContentIntoView(nsIContent*, mozilla::ScrollAxis, mozilla::ScrollAxis, mozilla::ScrollFlags) [/Users/tim/ffopt2/src/obj-x86_64-apple-darwin19.6.0/toolkit/library/build/XUL + 0x4652b96] #8: nsFocusManager::ScrollIntoView(mozilla::PresShell*, nsIContent*, unsigned int) [/Users/tim/ffopt2/src/obj-x86_64-apple-darwin19.6.0/toolkit/library/build/XUL + 0x1bedd1c] #9: nsFocusManager::Focus(nsPIDOMWindowOuter*, mozilla::dom::Element*, unsigned int, bool, bool, bool, bool, bool, nsIContent*) [/Users/tim/ffopt2/src/obj-x86_64-apple-darwin19.6.0/toolkit/library/build/XUL + 0x1be6be0] #10: nsFocusManager::SetFocusInner(mozilla::dom::Element*, int, bool, bool) [/Users/tim/ffopt2/src/obj-x86_64-apple-darwin19.6.0/toolkit/library/build/XUL + 0x1be212f] #11: nsFocusManager::SetFocus(mozilla::dom::Element*, unsigned int) [/Users/tim/ffopt2/src/obj-x86_64-apple-darwin19.6.0/toolkit/library/build/XUL + 0x1be32ba] #12: mozilla::dom::Element::Focus(mozilla::dom::FocusOptions const&, mozilla::dom::CallerType, mozilla::ErrorResult&) [/Users/tim/ffopt2/src/obj-x86_64-apple-darwin19.6.0/toolkit/library/build/XUL + 0x1aaf283] #13: mozilla::dom::HTMLElement_Binding::focus(JSContext*, JS::Handle<JSObject*>, void*, JSJitMethodCallArgs const&) [/Users/tim/ffopt2/src/obj-x86_64-apple-darwin19.6.0/toolkit/library/build/XUL + 0x2d65f3b] ``` C) Several tests use nsIDOMWindowUtils advanceTimeAndRefresh/restoreNormalRefresh and expect scrolling to be done after a call to advanceTimeAndRefresh. This is basically A), advanceTimeAndRefresh does a refresh driver tick but doesn't allow a repaint request to come back to the main thread. Differential Revision: https://phabricator.services.mozilla.com/D89403

…efs that could affect font inflation change. r=kats When I start setting the pref ui.useOverlayScrollbars in bug 1663537 we trigger this assert ``` ###!!! ASSERTION: can't mark frame dirty during reflow: '!mIsReflowing', file /builds/worker/checkouts/gecko/layout/base/PresShell.cpp, line 2677 #01: mozilla::PresShell::MaybeReflowForInflationScreenSizeChange() [layout/base/PresShell.cpp:11148] #2: mozilla::PresShell::CompleteChangeToVisualViewportSize() [layout/base/PresShell.cpp:11177] #3: MobileViewportManager::UpdateVisualViewportSize(mozilla::gfx::IntSizeTyped<mozilla::ScreenPixel> const&, mozilla::gfx::ScaleFactor<mozilla::CSSPixel, mozilla::ScreenPixel> const&) [layout/base/MobileViewportManager.cpp:504] #4: MobileViewportManager::RefreshVisualViewportSize() [layout/base/MobileViewportManager.cpp:557] #5: nsHTMLScrollFrame::Reflow(nsPresContext*, mozilla::ReflowOutput&, mozilla::ReflowInput const&, nsReflowStatus&) [layout/generic/nsGfxScrollFrame.cpp:1340] #6: nsContainerFrame::ReflowChild(nsIFrame*, nsPresContext*, mozilla::ReflowOutput&, mozilla::ReflowInput const&, int, int, nsIFrame::ReflowChildFlags, nsReflowStatus&, nsOverflowContinuationTracker*) [layout/generic/nsContainerFrame.cpp:1115] #7: mozilla::ViewportFrame::Reflow(nsPresContext*, mozilla::ReflowOutput&, mozilla::ReflowInput const&, nsReflowStatus&) [layout/generic/ViewportFrame.cpp:297] #8: mozilla::PresShell::DoReflow(nsIFrame*, bool, mozilla::OverflowChangedTracker*) [layout/base/PresShell.cpp:9650] #9: mozilla::PresShell::ProcessReflowCommands(bool) [layout/base/PresShell.cpp:9816] #10: mozilla::PresShell::DoFlushPendingNotifications(mozilla::ChangesToFlush) [layout/base/PresShell.cpp:4239] #11: nsRefreshDriver::Tick(mozilla::layers::BaseTransactionId<mozilla::VsyncIdType>, mozilla::TimeStamp) [layout/base/nsRefreshDriver.cpp:2139] ``` This happens after the test is finish when we unset the ui.useOverlayScrollbars pref which (I'm assuming because it must) causes reflow. When running a font-inflation related reftest we also unset the font inflation related prefs that were specified in the reftest.list file. This causes font-inflation to go from enabled to disabled and we detect that for the first time while reflowing the scroll frame. Instead we should reflow when any pref that could affect font inflation is changed. I scanned the font-inflation code in PresShell and Document::GetViewportInfo for prefs are consulted, but I didn't go a super exhaustive search. Differential Revision: https://phabricator.services.mozilla.com/D89409

2020-10-12 Daiki Ueno <dueno@redhat.com> * gtests/ssl_gtest/ssl_tls13compat_unittest.cc, lib/ssl/ssl3con.c, lib/ssl/sslimpl.h: Bug 1641480, TLS 1.3: tighten CCS handling in compatibility mode, r=mt This makes the server reject CCS when the client doesn't indicate the use of the middlebox compatibility mode with a non-empty ClientHello.legacy_session_id, or it sends multiple CCS in a row. [57bbefa79323] [NSS_3_58_BETA1] 2020-10-12 Kevin Jacobs <kjacobs@mozilla.com> * automation/abi-check/expected-report-libnss3.so.txt, automation/taskcluster/scripts/build_gyp.sh, automation/taskcluster/windows/build_gyp.sh, coreconf/config.gypi, coreconf/config.mk, cpputil/nss_scoped_ptrs.h, gtests/common/testvectors/hpke-vectors.h, gtests/pk11_gtest/manifest.mn, gtests/pk11_gtest/pk11_gtest.gyp, gtests/pk11_gtest/pk11_hpke_unittest.cc, lib/nss/nss.def, lib/pk11wrap/exports.gyp, lib/pk11wrap/manifest.mn, lib/pk11wrap/pk11hpke.c, lib/pk11wrap/pk11hpke.h, lib/pk11wrap/pk11pub.h, lib/pk11wrap/pk11wrap.gyp, lib/util/SECerrs.h, lib/util/secerr.h: Bug 1631890 - Add support for Hybrid Public Key Encryption (draft- irtf-cfrg-hpke-05). r=mt This patch adds support for Hybrid Public Key Encryption (draft- irtf-cfrg-hpke-05). Because the draft number (and the eventual RFC number) is an input to the key schedule, future updates will *not* be backwards compatible in terms of key material or encryption/decryption. For this reason, a default compilation will produce stubs that simply return an "Invalid Algorithm" error. To opt into using the HPKE functionality , compile with `NSS_ENABLE_DRAFT_HPKE` defined. Once finalized, this flag will not be required to access the functions. Lastly, the `DeriveKeyPair` API is not implemented as it adds complextiy around PKCS #11 and is unnecessary for ECH. [6e3bc17f0508] 2020-10-12 Makoto Kato <m_kato@ga2.so-net.ne.jp> * automation/taskcluster/graph/src/extend.js, tests/common/cleanup.sh: Bug 1657255 - Update CI for aarch64. r=kjacobs Actually, we have the implementation of ARM Crypto extension, so CI is always run with this extension. It means that we don't run CI without ARM Crypto extension. So I would like to add NoAES and NoSHA for aarch64 CI. Also, we still run NoSSE4_1 on aarch64 CI, so we shouldn't run this on aarch64 hardware. [e8c370a8db13] Differential Revision: https://phabricator.services.mozilla.com/D93268

2021-05-06 Martin Thomson <mt@lowentropy.net> * gtests/pk11_gtest/pk11_hpke_unittest.cc: Bug 1709750 - Disable HPKE test when fuzzing, r=bbeurdouche [1d066793c349] [tip] 2021-05-05 Benjamin Beurdouche <bbeurdouche@mozilla.com> * lib/freebl/ppc-gcm-wrap.c, lib/freebl/ppc-gcm.h: Bug 1566124 - Clang format run. r=beurdouche [cb714d62058c] 2021-05-05 mamonet <maamoun.tk@gmail.com> * lib/freebl/Makefile, lib/freebl/freebl.gyp, lib/freebl/ppc-gcm- wrap.c, lib/freebl/ppc-gcm.h, lib/freebl/ppc-gcm.s, lib/freebl/rijndael.c: [1133fef2f7ce] 2021-03-17 Martin Thomson <mt@lowentropy.net> * gtests/common/testvectors/hpke-convert.py, gtests/common/testvectors/hpke-vectors.h, lib/pk11wrap/pk11hpke.c, lib/pk11wrap/pk11hpke.h: Bug 1699021 - Add AES-256-GCM to HPKE, r=bbeurdouche [9fa53d717386] * automation/abi-check/expected-report-libssl3.so.txt, cmd/selfserv/selfserv.c, gtests/ssl_gtest/libssl_internals.c, gtests/ssl_gtest/libssl_internals.h, gtests/ssl_gtest/tls_connect.cc, gtests/ssl_gtest/tls_connect.h, gtests/ssl_gtest/tls_ech_unittest.cc, lib/ssl/sslexp.h, lib/ssl/sslsock.c, lib/ssl/sslt.h, lib/ssl/tls13ech.c, lib/ssl/tls13ech.h, lib/ssl/tls13exthandle.c, lib/ssl/tls13hashstate.c, lib/ssl/tls13hashstate.h: Bug 1698419 - ECH -10 updates, r=bbeurdouche The main changes here are: * an update to HPKE -08 * a move to the single-byte configuration ID * reordering of ECHConfig The addition of the explicit configuration ID means that the API for constructing ECHConfig(List) needs to change. That means a name change, unfortunately. I took the opportunity to make further changes to the arguments. [fa93bd88b690] 2021-03-16 Martin Thomson <mt@lowentropy.net> * coreconf/config.gypi, coreconf/config.mk, gtests/common/testvectors/hpke-convert.py, gtests/common/testvectors/hpke-vectors.h, gtests/pk11_gtest/pk11_hpke_unittest.cc, gtests/ssl_gtest/ssl_auth_unittest.cc, gtests/ssl_gtest/ssl_tls13compat_unittest.cc, gtests/ssl_gtest/tls_ech_unittest.cc, lib/pk11wrap/pk11hpke.c, lib/pk11wrap/pk11hpke.h, lib/pk11wrap/pk11pub.h, lib/ssl/tls13ech.c: Bug 1692930 - Update HPKE to final version, r=bbeurdouche This adds the final HPKE version string. This removes the draft version markers from the implementation and stops tracking the draft version with the exported syntax. I've added the script that I used to convert the JSON test vectors from the specification; that should allow us to pick up new tests relatively easily, especially if we need to add new algorithms. This change breaks several ECH test cases. As fixing those tests is extraordinarily fiddly, I'm going to defer making those changes until we need to update ECH. As we can't land this code until ECH is updated to depend on the final HPKE and until we have coordinated with servers on when the ECH update can be deployed, it should be OK to defer. In short, don't land this without the matching ECH changes. [e78141a928f4] 2021-05-04 Robert Relyea <rrelyea@redhat.com> * automation/abi-check/expected-report-libnss3.so.txt, cmd/lib/basicutil.h, cmd/lib/secutil.c, cmd/lib/secutil.h, cmd/pk12util/pk12util.c, cmd/pp/pp.c, doc/pk12util.xml, doc/pp.xml, lib/nss/nss.def, lib/pk11wrap/pk11akey.c, lib/pk11wrap/pk11pub.h, lib/pkcs12/p12d.c, lib/pkcs12/p12e.c, lib/pkcs12/p12local.c, lib/pkcs12/p12local.h, lib/pkcs12/p12plcy.c, lib/util/secoidt.h, tests/tools/tools.sh: Bug 1707130 NSS should use modern algorithms in PKCS#12 files by default r=mt Also fixes: Bug 452464 pk12util -o fails when -C option specifies AES or Camellia ciphers Related: Bug 1694689 Firefox should use modern algorithms in PKCS#12 files by default Bug 452471 pk12util -o fails when -c option specifies pkcs12v2 PBE ciphers The base of this fix is was a simple 3 line fix in pkcs12.c, changing the initial setting of cipher and cert cipher. Overview for why this patch is larger than just 3 lines: 1. First issue was found in trying to change the mac hashing value. a. While the decrypt side knew how to handle SHA2 hashes, the equivalent code was not updated on the encrypt side. I refactored that code and placed the common function in p12local.c. Now p12e.c and p12d.c share common code to find the required function to produce the mac key. b. The prf hmac was hard coded to SHA1. I changed the code to pass the hmac matching the hashing algorithm for the mac. This required changes to p12e.c to calculate and pass the new hmac as well and adding new PK11_ExportEncryptedPrivateKey and PK11_ExportEncryptedPrivKey to take the PKCS #5 v2 parameters. I also corrected an error which prevented pkcs12 encoding of ciphers other than AES. 2. Once I've made my changes, I realized we didn't have a way of testing them. While we had code that verified that particular sets of parameters for pkcs12 worked together and could be listed and imported, we didn't have a way to verify what algorithms were actually generated by our tools. a. pk12util -l doesn't list the encryption used for the certs, so I updated pp to take a pkcs12 option. In doing so I had to update pp to handle indefinite encoding when decoding blocks. I also factored that decoding out in it's own function so the change only needed to be placed once. Finally I renabled a function which prints the output of an EncryptedPrivate key. This function was disabled long ago when the Encrypted Private key info was made private for NSS. It has since been exported, so these functions could easily be enabled (archeological note: I verified that this disabling was not a recent think I found I had done it back when I still have a netscape email address;). b. I updated tools.sh to us the new pp -t pkcs12 feature to verify that the key encryption, cert encryption, and hash functions matched what we expected when we exported a new key. I also updated tools.sh to handle the new hash variable option to pk12util. c. I discovered several tests commented out with comments that the don't work. I enabled those tests and discovered that they can now encrypt, but the can't decrypt because of pkcs12 policy. I updated the policy code, but I updated it to use the new NSS system wide policy mechanism. This enabled all the ciphers to work. There is still policy work to do. The pk12 policy currently only prevents ciphers from use in decrypting the certificates, not decrypting the keys and not encrypting. I left that for future work. 3. New options for pp and pk12util were added to the man pages for these tools. -------------------------------------------------------------------- ------- With that in mind, here's a file by file description of the patch: automation/abi-check/expected-report-libnss3.so.txt -Add new exported functions. (see lib/nss/nss.def) cmd/lib/basicutil.h: -Removed the HAVE_EPV_TEMPLATE ifdefs (NSS has exported the Encrypted Private Key data structure for a while now. cmd/lib/secutil.c: global: Updated several functions to take a const char * m (message) rather than a char * m global: Made the various PrintPKCS7 return an error code. global: Added a state variable to be passed around the various PKCS7 Print functions. It gives the proper context to interpret PKCS7 Data Content. PKCS 12 used PKCS7 to package the various PKCS12 Safes and Bags. -Updated SECU_StripTagAndLength to handle indefinite encoding, and to set the Error code. -Added SECU_ExtractDERAndStep to grab the next DER Tag, Length, and Data. -Updated secu_PrintRawStringQuotesOptional to remove the inline DER parsing and use SECU_ExtractDERAndStep(). -Updated SECU_PrintEncodedObjectID to return the SECOidTag just like SECU_PrintObjectID. -Renable SECU_PrintPrivateKey -Added secu_PrintPKCS12Attributes to print out the Attributes tied to a PKCS #12 Bag -Added secu_PrintPKCS12Bag to print out a PKCS #12 Bag -Added secu_PrintPKCS7Data, which uses the state to determine what it was printing out. -Added secu_PrintDERPKCS7ContentInfo which is identical to the global function SECU_PrintPKCS7ContentInfo except it takes a state variable. The latter function now calls the former. -Added secu_PrintPKCS12DigestInfo to print the Hash information of the Mac. DigestInfo is the name in the PKCS 12 spec. -Added secu_PrintPKCS12MacData to print the Mac portion of the PKCS 12 file. -Added SECU_PrintPKCS12 to print otu the pkcs12 file. cmd/lib/secutil.h -Added string for pkc12 for the command line of pp reenabled SECU_PrintPrivateKey -Added SECU_PrintPKCS12 for export. cmd/pk12util/pk12util.c -Added the -M option to specify a hash algorithm for the mac. updated P12U_ExportPKCS12Object: pass the hash algorithm to the PasswordIntegrity handler. -Added PKCS12U_FindTagFromString: generalized string to SECOidTag which only filters based on the oid having a matching PKCS #11 mechanism. updated PKCS12U_MapCipherFromString to call use PKCS12U_FindTagFromString to get the candidate tag before doing it's post processing to decide if the tag is really an encryption algorithm. -Added PKCS12U_MapHashFromString with is like MapCipherFromString except it verifies the resulting tag is a hash object. -Updated main to 1) change the default cipher, change the default certCipher, and process the new hash argument. NOTE: in the old code we did not encrypt the certs in FIPS mode. That's because the certs were encrypted with RC4 in the default pkcs12 file, which wasn't a FIPS algorithm. Since AES is, we can use it independent on whether or not we are in FIPS mode. cmd/pp/pp.c -Added the pkcs12 option which calls SECU_PrintPKCS12 from secutil.c lib/nss/nss.def -Add exports to the new PK11_ExportEncryptedPrivKeyInfoV2 and PK11_ExportEncryptedPrivateKeyInfoV2 (V2 means PKCS 5 v2, not Version 2 of ExportEncrypted*Info). -Add export for the old HASH_GetHMACOidTagByHashOidTag which should have been exported long ago to avoid the proliferation of copies of this function in places like ssl. lib/pk11wrap/pk11akey.c -Add PK11_ExportEncryptedPrivKeyInfoV2 (which the old function now calls), which takes the 3 PKCS 5 v2 parameters. The underlying pkcs5 code can fill in missing tags if necessary, but supplying all three gives the caller full control of the underlying pkcs5 PBE used. -Add PK11_ExportEncryptedPrivateKeyInfoV2, same as the above function except it takes a cert which is used to look up the private key. It's the function that pkcs12 actually uses, but the former was exported for completeness. lib/pk11wrap/pk11pub.h -Added the new PK11_ExportEncryptedPriv*KeyInfoV2 functions. lib/pkcs12/p12d.c -Remove the switch statement and place it in p12local.c so that p12e.c can use the same function. lib/pkc12/p12e.c -Remove the unnecessary privAlg check so we can encode any mechanism we support. This only prevented encoding certificates in the pk12 file, not the keys. -add code to get the hmac used in the pbe prf from the integrity hash, which is under application control. -Do the same for key encryption, then use the new PK11_ExportEncryptedPrivateKeyInfo to pass that hash value. -Use the new sec_pkcs12_algtag_to_keygen_mech so there is only one switch statement to update rather than 2. -Update the hash data to old the length of the largest hash rather than the length of a SHA1 hash. lib/pkcs12/p12local.c - Add new function new sec_pkcs12_algtag_to_keygen_mech to factor out the common switch statement between p12e and p12d. lib/pkcs12/p12local.h -Export the new sec_pkcs12_algtag_to_keygen_mech lib/pkcs12/p12plcy.c -Map the old p12 policy functions to use the new NSS_GetAlgorithmPolicy. We keep the old table so that applications can change the policy with the old PKCS12 specific defines (so the old code keeps working). NOTE: policies now default to true rather than false. lib/util/secoidt.h -Add new NSS_USE_ALG_IN_PKCS12 used by pk11plcy.c NOTE: I have not updated the policy table in pk11wrap/pk11pars.c, so we can't yet control pkcs12 policy with the nss system policy table. That's a patch for another time. test/tools/tool.sh -global: Remove trailing spaces -global: DEFAULT is changed to 'default' -Update the PBE mechanism to exactly match the string in secoid.c. PKCS #12 does case independent compares, so case doesn't matter there, but now I'm comparing to the output of pp, and I didn't want to spend the time to figure out case independent compares in bash. -Add our defauts and shell variables at the top so there are easy to change in the future. export_with_*** have all been colapsed into a single export_p12_file which handles taking 'default' and turning off that argument. -Add for loops for the hash functions. -Restore the camellia ciphers back now that they work. -Restore the pkcs12V2pbe back now that they work. -Collect various pbe types into single variables and use those variables in loops -Reduce the number of tests ran in optimized mode (which takes 60x the time to do a pbe then than debug mode based on a larger iterator). -Add verify_p12 which dumps out the p12 file and makes sure the expected CERT_ENCRYPTION, KEY_ENCRYPTION, and HASH are used. doc/pp.xml -Add pkcs12 option doc/pk12util.xml -Add -M option -Update synopsis with options in the description but not in the synopsis [0a1687e1b39e] Differential Revision: https://phabricator.services.mozilla.com/D114584

2021-05-11 Robert Relyea <rrelyea@redhat.com> * automation/abi-check/expected-report-libnss3.so.txt, automation/abi- check/expected-report-libssl3.so.txt, cmd/selfserv/selfserv.c, cmd/strsclnt/strsclnt.c, cmd/tstclnt/tstclnt.c, lib/nss/nss.def, lib/pk11wrap/pk11cxt.c, lib/pk11wrap/pk11load.c, lib/pk11wrap/pk11obj.c, lib/pk11wrap/pk11priv.h, lib/pk11wrap/pk11pub.h, lib/pk11wrap/pk11slot.c, lib/pk11wrap/secmodt.h, lib/softoken/config.mk, lib/softoken/fips_algorithms.h, lib/softoken/fipstokn.c, lib/softoken/pkcs11.c, lib/softoken/pkcs11c.c, lib/softoken/pkcs11i.h, lib/softoken/pkcs11u.c, lib/softoken/sftkmessage.c, lib/ssl/ssl3con.c, lib/ssl/sslimpl.h, lib/ssl/sslinfo.c, lib/ssl/sslt.h, lib/util/pkcs11n.h, tests/ssl/ssl.sh, tests/ssl/sslcov.txt: Bug 1710773 NSS needs FIPS 180-3 FIPS indicators. r=mt Changes from the review: The while loop was taken out of it's subshell pipe, which prevented the selfserv PID from being passed on to the final selfserv-kill. This eventally lead to a freeze on windows. The last paragraph of ISO 19790:2012 section 7.2.4.2 states: All services shall [02.24] provide an indicator when the service utilises an approved cryptographic algorithm, security function or process in an approved manner and those services or processes specified in 7.4.3 This means our libraries need to grow an API or provide some additional information via contexts or similar in order for an application to be able to query this indicator. This can't be just a Security Policy description because ISO 24759:2017 section 6.2.4.2 states: TE02.24.02: The tester shall execute all services and verify that the indicator provides an unambiguous indication of whether the service utilizes an approved cryptographic algorithm, security function or process in an approved manner or not. The indicator can't be just a marker over an algorithm either, because it needs to show different values based on whether the algorithm parameters causes the algorithm to run in approved or non- approved mode (ie keys outside of valid range for RSA means RSA is being used in non-approved mode ...) For NSS, there is a PKCS #11 design: https://docs.google.com/documen t/d/1Me9YksPE7K1Suvk9Ls5PqJXPpDmpAboLsrq0z54m_tA/edit?usp=sharing This patch implments the above design as well as: 1) NSS proper functions to access these indicators from either the pk11wrap layer or the ssl layer. 2) Updates to the ssl tests which will output the value of the Changes decription by file: cmd/selfserv/selfserv.c Add a FIPS indicator if the connection was excuted in FIPS mode on a FIPS token. cmd/strsclnt/strsclnt.c Add a FIPS indicator if the connection was excuted in FIPS mode on a FIPS token. cmd/tstclnt/tstclnt.c Add a FIPS indicator if the connection was excuted in FIPS mode on a FIPS token. lib/nss/nss.def Add the new pk11 functions to access the fips indicator. lib/pk11wrap/pk11cxt.c Implement a function to get the FIPS indicator for the current PK11Context. lib/pk11wrap/pk11load.c Get the fips indicator function from the PKCS #11 module using the vendor function interface from PKCS #11 v3.0 lib/pk11wrap/pk11obj.c Implement a function to get the FIPS indicator for a specific PKCS #11 object. lib/pk11wrap/pk11priv.h Add a generalized helper function to get the FIPS indicator used by all the other exported functions to get FIPS indicator. lib/pk11wrap/pk11pub.h Add function to get the FIPS indicator for the current PK11Context. lib/pk11wrap/pk11slot.c Implement a generalized helper function to get the FIPS indicator. Implement a function to get the FIPS indicator for the latest single shot operation on the slot. lib/pk11wrap/secmodt.h Add a new field to hold the fipsIndicator function. lib/softoken/fips_algorithms.h New sample header which vendors can replace with their own table. In the default NSS case, the table in this header will be empty. lib/softoken/fipstokn.c Add Vendor specific interface for the FIPS indicator to the FIPS token. lib/softoken/pkcs11.c Add Vendor specific interface for the FIPS indicator to the non-FIPS token. Factor out the code tha maps an attribute value to a mechanism flag to it's own file so it can be used by other parts of softoken. (new function is in pkcs11u.c Implement the function that returns the FIPS indicator. This function fetches the indicator from either the session or the object or both. The session indicator is in the crypto context (except the last operation indicator, which is in the session itself. The object indicator is in the base object. lib/softoken/pkcs11c.c Record the FIPS indicator in the various helper function. - sftk_TerminateOp is called when a crypto operation had been finalized, so we can store that fips indicator in the lastOpWasFIPS field. - sftk_InitGeneric is called when a crypto operation has been initialized, so we can make a preliminary determination if the operation is within the FIPS policy (could later change bases on other operations. For this to work, we need the actual mechanism, so pMechanism is now a parameter to sftk_InitGeneric. - sftk_HKDF - HKDF when used in TLS has the unusual characteristic that the salt could actually be a key. In this case, usually the base key is some known public value which would not be FIPS generated, but the security is based on whether the salt is really a FIPS generated key. In this case we redo the calculation based on the salt key. lib/softoken/pkcs11i.h - add the FIPS indicators to the various structures (crypto contexts, sessions, objects). - add the FIPS indicators function list - add pMechanism the the sftkInitGeneric function. - add the helper function to map Attribute Types to Mechanism Flags. - add the function that will look up the current operation in the FIPS table to determine that it is allowed by policy. lib/softoken/pkcs11u.c - include the new fips_algorithms.h (if NSS_FIPS_DISABLED is not on) - handle the FIPS status for objects and session on creation an copy. - implement the helper function to map Attribute Types to Mechanism Flags. - get the key length of a key. This involves getting the key type and then using the key type to determin the appropriate attribute to fetch. Most keys it's simply the CKA_VALUE. ECC is special, we get the key length from the curve. Since only a subset of curves can be FIPS Curves, we use key length to return false for other curves. - the handle special function handles any unusal semantics for various mechanism types. This function precodes possible mechanism semantics we may need to check. The special handling can be selected by the mechanism table in fips_algorithms.h - sftk_operationIsFIPS - the actual function to determine if the givelib/n operation is in the FIPS table. lib/softoken/sftkmessage.c - just need to update the sftk_InitGeneric function to pass the mechanism. lib/ssl/ssl3con.c - and functions to query the underlying crypto contexts to see if the current ssl session is running in FIPS approved mode based on the security policy. It does so by checking the CipherSpecIsFIPS function to verify that both the mac and the encryption algorithm FIPS conforms to the ciphers in the security profile (using PK11_GetFIPSStatus). We check both the cipher specs for read and write. These underlying specs depends on the keys used in these specs being generated with FIPS approved algorithms as well, so this verifies the kea and kdf functions as well. lib/ssl/sslimpl.h - ass ssl_isFIPS() so it can be used by other files here in the ssl directory. lib/ssl/sslinfo.c - set the new isFIPS field in the existing sslinfo structure. SSL_GetChannelInfo knows how to handle sslinfo structures that are smaller then expected and larger than expected. unknown fields will be set to '0' (so new applications running against old versions will always get zero for new fields). sslinfo that are smaller will only return a the subset the calling application expects (so old applications will not get the new fields). lib/ssl/sslt.h - Add the new isFIPS field (must be at the end of the ChannelInfo structure). lib/util/pkcs11n.h - add the new FIPS indicator defines. tests/ssl/ssl.h - The main changes was to turn on verbose for the coverage tests so we can test the FIPS indicators on various cipher suites. NOTE: this only works with either NSS_TEST_FIPS_ALGORIHTMS set, or a vendor fips_algorthims.h, so vendors will need to do their own test interpretation. While working in ssl.sh I fixed an number of other issues: - many tests that were skipped in FIPS mode were skipped not because they didn't work in FIPS mode, but because tstclnt requires a password when running in FIPS mode. I've now added the password if the function is running in fips mode and removed the fips restrictions. - dtls had a race condition. the server side needed to come up before the client, but couldn't end before the client ran. We already had a sleep to guarrentee the former, I added a sleep before sending the server it's data to handle the latter. - CURVE25519 is the default ECC curve, but it's not a fiPS curve, so I disable it in FIPS mode so we will actually get FIPS indicators when using ECDHE. - I added TLS 1.3 to the coverage tests. [40edc4f4c117] [tip] Differential Revision: https://phabricator.services.mozilla.com/D115625

Here's what's going on (relevant browser is browser 36). [rr 502130 274898]RestoreDocShellState(browser=36, bc=94, ) [rr 502130 274902]RemoteWebNavigation.currentURI browser=36 bc=94 http://mochi.test:8888/#1 [rr 502130 274906]BrowsingContext::LoadURI(browser=36, bc=94, about:blank) From a previous restore we correctly wait for: 0 _restoreTabContent( <Failed to get argument while inspecting stack frame> <Failed to get argument while inspecting stack frame> ) ["resource:///modules/sessionstore/SessionStore.jsm":5984:30] <failed to get 'this' value> 1 _sendRestoreTabContent( <Failed to get argument while inspecting stack frame> <Failed to get argument while inspecting stack frame> ) ["resource:///modules/sessionstore/SessionStore.jsm":6002:11] <failed to get 'this' value> 2 restoreTabContent( <Failed to get argument while inspecting stack frame> <Failed to get argument while inspecting stack frame> ) ["resource:///modules/sessionstore/SessionStore.jsm":4684:9] <failed to get 'this' value> 3 restoreTab( <Failed to get argument while inspecting stack frame> <Failed to get argument while inspecting stack frame> ) ["resource:///modules/sessionstore/SessionStore.jsm":4565:13] <failed to get 'this' value> 4 restoreTabs( <Failed to get argument while inspecting stack frame> <Failed to get argument while inspecting stack frame> <Failed to get argument while inspecting stack frame> aSelectTab = "1") ["resource:///modules/sessionstore/SessionStore.jsm":4413:11] <failed to get 'this' value> 5 ssi_restoreWindow( <Failed to get argument while inspecting stack frame> <Failed to get argument while inspecting stack frame> <Failed to get argument while inspecting stack frame> ) ["resource:///modules/sessionstore/SessionStore.jsm":4189:11] <failed to get 'this' value> 6 _restoreWindowsFeaturesAndTabs( <Failed to get argument while inspecting stack frame> ) ["resource:///modules/sessionstore/SessionStore.jsm":4275:11] <failed to get 'this' value> 7 _restoreWindowsInReversedZOrder( <Failed to get argument while inspecting stack frame> ) ["resource:///modules/sessionstore/SessionStore.jsm":4299:9] <failed to get 'this' value> 8 ssi_restoreWindows/<( <Failed to get argument while inspecting stack frame> ) ["resource:///modules/sessionstore/SessionStore.jsm":4359:11] [rr 502506 275264]BrowsingContext::LoadURI(browser=36, bc=94, about:blank) [rr 502506 275268]DocumentChannelChild::AsyncOpen(browser=36, bc=94, about:blank) [rr 502130 275388]RemoteWebNavigation.currentURI browser=36 bc=94 http://mochi.test:8888/#1 [rr 502506 275629]BrowserChild::OnLocationChange(browser=36, bc=94, about:blank) [rr 502130 276944]updateForLocationChange browser=36 bc=94 - about:blank [rr 502130 277084]RemoteWebNavigation.currentURI browser=36 bc=94 about:blank [rr 502130 277358]RestoreDocShellState(browser=36, bc=94, http://example.com/browser/browser/base/content/test/tabs/file_new_tab_page.html) [rr 502506 277378]BrowserChild::OnLocationChange(browser=36, bc=94, http://example.com/browser/browser/base/content/test/tabs/file_new_tab_page.html) [rr 502130 277390]RemoteWebNavigation.currentURI browser=36 bc=94 about:blank [rr 502130 277554]BrowserParent::LoadURL(browser=36, bc=94, about:blank) From: #18 0x00007ff0bdb1efcc in mozilla::dom::BrowserParent::LoadURL(nsDocShellLoadState*) (this=0x7ff08f2b9800, aLoadState=0x7ff094e1d580) at /home/emilio/src/moz/gecko/dom/ipc/BrowserParent.cpp:861 #19 0x00007ff0bc1117f9 in nsFrameLoader::ReallyStartLoadingInternal() (this=0x7ff08f283400) at /home/emilio/src/moz/gecko/dom/base/nsFrameLoader.cpp:718 #20 0x00007ff0bc11129f in nsFrameLoader::ReallyStartLoading() (this=0x7ff08f283400) at /home/emilio/src/moz/gecko/dom/base/nsFrameLoader.cpp:640 #21 0x00007ff0bc0002f5 in mozilla::dom::Document::MaybeInitializeFinalizeFrameLoaders() (this=0x7ff0a17e2000) at /home/emilio/src/moz/gecko/dom/base/Document.cpp:9008 #22 0x00007ff0bc057891 in mozilla::detail::RunnableMethodArguments<>::applyImpl<mozilla::dom::Document, void (mozilla::dom::Document::*)()>(mozilla::dom::Document*, void (mozilla::dom::Document::*)(), mozilla::Tuple<>&, std::integer_sequence<unsigned long>) (o=<optimized out>, m=<optimized out>, args=<optimized out>) at /home/emilio/src/moz/gecko/obj-debug/dist/include/nsThreadUtils.h:1150 #23 mozilla::detail::RunnableMethodArguments<>::apply<mozilla::dom::Document, void (mozilla::dom::Document::*)()>(mozilla::dom::Document*, void (mozilla::dom::Document::*)()) (this=<optimized out>, o=<optimized out>, m=<optimized out>) at /home/emilio/src/moz/gecko/obj-debug/dist/include/nsThreadUtils.h:1156 #24 mozilla::detail::RunnableMethodImpl<mozilla::dom::Document*, void (mozilla::dom::Document::*)(), true, (mozilla::RunnableKind)0>::Run() (this=<optimized out>) at /home/emilio/src/moz/gecko/obj-debug/dist/include/nsThreadUtils.h:1203 #25 0x00007ff0bbef8209 in nsContentUtils::RemoveScriptBlocker() () at /home/emilio/src/moz/gecko/dom/base/nsContentUtils.cpp:5696 #26 0x00007ff0bc11c427 in nsAutoScriptBlocker::~nsAutoScriptBlocker() (this=<optimized out>) at /home/emilio/src/moz/gecko/obj-debug/dist/include/nsContentUtils.h:3499 #27 nsFrameLoaderOwner::ChangeRemotenessCommon(nsFrameLoaderOwner::ChangeRemotenessContextType const&, mozilla::dom::RemotenessChangeOptions const&, bool, bool, mozilla::dom::BrowsingContextGroup*, std::function<void ()>&, mozilla::ErrorResult&) (this=<optimized out>, this@entry=0x7ff0a041b608, aContextType=@0x7ffe238847fc: nsFrameLoaderOwner::ChangeRemotenessContextType::PRESERVE, aOptions= ..., aSwitchingInProgressLoad=false, aIsRemote=<optimized out>, aGroup=<optimized out>, aGroup@entry=0x0, aFrameLoaderInit=..., aRv=...) at /home/emilio/src/moz/gecko/dom/base/nsFrameLoaderOwner.cpp:191 #28 0x00007ff0bc11c81f in nsFrameLoaderOwner::ChangeRemoteness(mozilla::dom::RemotenessOptions const&, mozilla::ErrorResult&) (this=0x7ff0a041b608, aOptions=..., rv=...) at /home/emilio/src/moz/gecko/dom/base/nsFrameLoaderOwner.cpp:250 #29 0x00007ff0bcb59003 in mozilla::dom::XULFrameElement_Binding::changeRemoteness(JSContext*, JS::Handle<JSObject*>, void*, JSJitMethodCallArgs const&)Traceback (most recent call last): File "/home/emilio/src/moz/gecko/js/src/gdb/mozilla/Root.py", line 55, in to_string ptr = ptr.dereference() gdb.error: value has been optimized out (cx_=<optimized out>, obj= , void_self=<optimized out>, args=...) at XULFrameElementBinding.cpp:513 #30 0x00007ff0bcecc02a in mozilla::dom::binding_detail::GenericMethod<mozilla::dom::binding_detail::NormalThisPolicy, mozilla::dom::binding_detail::ThrowExceptions>(JSContext*, unsigned int, JS::Value*) (cx=0x1, cx@entry=0x7ff0a871b000, argc=<optimized out>, vp=<optimized out>) at /home/emilio/src/moz/gecko/dom/bindings/BindingUtils.cpp:3297 #31 0x00007ff0bf67b1f1 in CallJSNative(JSContext*, bool (*)(JSContext*, unsigned int, JS::Value*), js::CallReason, JS::CallArgs const&) From: 0 updateBrowserRemoteness( <Failed to get argument while inspecting stack frame> <Failed to get argument while inspecting stack frame> ) ["chrome://browser/content/tabbrowser.js":1937:15] <failed to get 'this' value> 1 updateBrowserRemotenessByURL( <Failed to get argument while inspecting stack frame> aURL = ""http://example.com/browser/browser/base/content/test/tabs/file_new_tab_page.html"") ["chrome://browser/content/tabbrowser.js":2052:20] <failed to get 'this' value> 2 restoreTabContent( <Failed to get argument while inspecting stack frame> <Failed to get argument while inspecting stack frame> ) ["resource:///modules/sessionstore/SessionStore.jsm":4662:38] <failed to get 'this' value> 3 restoreTab( <Failed to get argument while inspecting stack frame> <Failed to get argument while inspecting stack frame> ) ["resource:///modules/sessionstore/SessionStore.jsm":4565:13] <failed to get 'this' value> 4 restoreTabs( <Failed to get argument while inspecting stack frame> <Failed to get argument while inspecting stack frame> <Failed to get argument while inspecting stack frame> aSelectTab = "2") ["resource:///modules/sessionstore/SessionStore.jsm":4413:11] <failed to get 'this' value> 5 ssi_restoreWindow( <Failed to get argument while inspecting stack frame> <Failed to get argument while inspecting stack frame> <Failed to get argument while inspecting stack frame> ) ["resource:///modules/sessionstore/SessionStore.jsm":4189:11] <failed to get 'this' value> 6 _restoreWindowsFeaturesAndTabs( <Failed to get argument while inspecting stack frame> ) ["resource:///modules/sessionstore/SessionStore.jsm":4275:11] <failed to get 'this' value> 7 _restoreWindowsInReversedZOrder( <Failed to get argument while inspecting stack frame> ) ["resource:///modules/sessionstore/SessionStore.jsm":4299:9] <failed to get 'this' value> 8 ssi_restoreWindows/<( <Failed to get argument while inspecting stack frame> ) ["resource:///modules/sessionstore/SessionStore.jsm":4359:11] This load triggers a remoteness change. [rr 502130 277558]RemoteWebNavigation.currentURI browser=36 bc=94 undefined [rr 502130 277561]RemoteWebNavigation.currentURI browser=36 bc=94 about:blank [rr 502130 277564]RestoreDocShellState(browser=36, bc=94, http://example.com/browser/browser/base/content/test/tabs/file_new_tab_page.html) [rr 502130 277568]RemoteWebNavigation.currentURI browser=36 bc=94 about:blank [rr 502130 277572]BrowsingContext::LoadURI(browser=36, bc=94, http://example.com/browser/browser/base/content/test/tabs/file_new_tab_page.html) This is the load that should actually end up in the browsing context. [rr 502578 280053]DocumentChannelChild::AsyncOpen(browser=36, bc=94, about:blank) From the previous remoteness update. [rr 502130 280138]RemoteWebNavigation.currentURI browser=36 bc=94 about:blank [rr 502130 280141]RemoteWebNavigation.currentURI browser=36 bc=94 about:blank [rr 502130 280143]RemoteWebNavigation.currentURI browser=36 bc=94 about:blank [rr 502130 280146]RemoteWebNavigation.currentURI browser=36 bc=94 about:blank At this point, we try to use the BFCache, and end up replacing the browsing context: #0 mozilla::dom::CanonicalBrowsingContext::AllowedInBFCache(mozilla::Maybe<unsigned long> const&) (this=0x7ff08f2b5800, aChannelId=...) at /home/emilio/src/moz/gecko/docshell/base/CanonicalBrowsingContext.cpp:2158 #1 0x00007ff0bb3157c1 in mozilla::net::DocumentLoadListener::MaybeTriggerProcessSwitch(bool*) (this=this@entry=0x7ff093b74090, aWillSwitchToRemote=aWillSwitchToRemote@entry=0x7ffe23887838) at /home/emilio/src/moz/gecko/netwerk/ipc/DocumentLoadListener.cpp:1723 #2 0x00007ff0bb317feb in mozilla::net::DocumentLoadListener::OnStartRequest(nsIRequest*) (this=0x7ff093b74090, aRequest=0x7ff0a0b7a3c8) at /home/emilio/src/moz/gecko/netwerk/ipc/DocumentLoadListener.cpp:2263 #3 0x00007ff0bb238a0c in mozilla::net::ParentChannelListener::OnStartRequest(nsIRequest*) (this=0x7ff08d5c4ee0, aRequest=0x7ff0a0b7a3c8) at /home/emilio/src/moz/gecko/netwerk/protocol/http/ParentChannelListener.cpp:91 #4 0x00007ff0bb9abec2 in nsDocumentOpenInfo::OnStartRequest(nsIRequest*) (this=<optimized out>, request=0x7ff0a0b7a3c8) at /home/emilio/src/moz/gecko/uriloader/base/nsURILoader.cpp:166 #5 0x00007ff0bb32baf0 in mozilla::net::ParentProcessDocumentOpenInfo::OnDocumentStartRequest(nsIRequest*) (this=0x7ff093bc5b80, request=0x7ff0a0b7a3c8) at /home/emilio/src/moz/gecko/netwerk/ipc/DocumentLoadListener.cpp:292 #6 0x00007ff0bae6446c in nsBaseChannel::OnStartRequest(nsIRequest*) (this=<optimized out>, request=<optimized out>) at /home/emilio/src/moz/gecko/netwerk/base/nsBaseChannel.cpp:833 #7 0x00007ff0bae82bdd in nsInputStreamPump::OnStateStart() (this=this@entry=0x7ff08f2593c0) at /home/emilio/src/moz/gecko/netwerk/base/nsInputStreamPump.cpp:481 #8 0x00007ff0bae828d9 in nsInputStreamPump::OnInputStreamReady(nsIAsyncInputStream*) (this=0x7ff08f2593c0, stream=<optimized out>) at /home/emilio/src/moz/gecko/netwerk/base/nsInputStreamPump.cpp:390 #9 0x00007ff0bae8339b in non-virtual thunk to nsInputStreamPump::OnInputStreamReady(nsIAsyncInputStream*) () at /home/emilio/src/moz/gecko/netwerk/base/nsInputStreamPump.cpp:632 #10 0x00007ff0bacd29d5 in mozilla::NonBlockingAsyncInputStream::RunAsyncWaitCallback(mozilla::NonBlockingAsyncInputStream::AsyncWaitRunnable*, already_AddRefed<nsIInputStreamCallback>) (this=this@entry=0x7ff094eb5a50, aRunnable=aRunnable@entry=0x7ff08f228560, aCallback=...) at /home/emilio/src/moz/gecko/xpcom/io/NonBlockingAsyncInputStream.cpp:397 #11 0x00007ff0bacdf2ec in mozilla::NonBlockingAsyncInputStream::AsyncWaitRunnable::Run() (this=0x7ff08f228560) at /home/emilio/src/moz/gecko/xpcom/io/NonBlockingAsyncInputStream.cpp:33 #12 0x00007ff0bad48d04 in mozilla::RunnableTask::Run() (this=0x7ff093bc5980) at /home/emilio/src/moz/gecko/xpcom/threads/TaskController.cpp:482 #13 0x00007ff0bad316d4 in mozilla::TaskController::DoExecuteNextTaskOnlyMainThreadInternal(mozilla::detail::BaseAutoLock<mozilla::Mutex&> const&) (this=<optimized out>, this@entry=0x7ff0c54f2400, aProofOfLock=...) at /home/emilio/src/moz/gecko/xpcom/threads/TaskController.cpp:766 #14 0x00007ff0bad3091d in mozilla::TaskController::ExecuteNextTaskOnlyMainThreadInternal(mozilla::detail::BaseAutoLock<mozilla::Mutex&> const&) (this=this@entry=0x7ff0c54f2400, aProofOfLock=...) at /home/emilio/src/moz/gecko/xpcom/threads/TaskController.cpp:621 #15 0x00007ff0bad30a83 in mozilla::TaskController::ProcessPendingMTTask(bool) (this=0x7ff0c54f2400, aMayWait=false) at /home/emilio/src/moz/gecko/xpcom/threads/TaskController.cpp:405 #16 0x00007ff0bad4388f in mozilla::TaskController::InitializeInternal()::$_0::operator()() const (this=<optimized out>) at /home/emilio/src/moz/gecko/xpcom/threads/TaskController.cpp:138 #17 mozilla::detail::RunnableFunction<mozilla::TaskController::InitializeInternal()::$_0>::Run() (this=<optimized out>) at /home/emilio/src/moz/gecko/obj-debug/dist/include/nsThreadUtils.h:534 #18 0x00007ff0bad3b7f6 in nsThread::ProcessNextEvent(bool, bool*) (this=0x7ff0c541d680, aMayWait=false, aResult=0x7ffe23888437) at /home/emilio/src/moz/gecko/xpcom/threads/nsThread.cpp:1159 #19 0x00007ff0bad3f384 in NS_ProcessNextEvent(nsIThread*, bool) (aThread=0x7ff08f2b5800, aThread@entry=0x7ff0c541d680, aMayWait=false) at /home/emilio/src/moz/gecko/xpcom/threads/nsThreadUtils.cpp:548 #20 0x00007ff0bb43dfe0 in mozilla::ipc::MessagePump::Run(base::MessagePump::Delegate*) (this=0x7ff0c54d12c0, aDelegate=0x7ff0c54353e0) at /home/emilio/src/moz/gecko/ipc/glue/MessagePump.cpp:85 #21 0x00007ff0bb3be7b7 in MessageLoop::RunInternal() (this=this@entry=0x7ff0c54353e0) at /home/emilio/src/moz/gecko/ipc/chromium/src/base/message_loop.cc:335 #22 0x00007ff0bb3be707 in MessageLoop::RunHandler() (this=0x7ff0c54353e0) at /home/emilio/src/moz/gecko/ipc/chromium/src/base/message_loop.cc:328 #23 MessageLoop::Run() (this=0x7ff0c54353e0) at /home/emilio/src/moz/gecko/ipc/chromium/src/base/message_loop.cc:310 #24 0x00007ff0bded2bdb in nsBaseAppShell::Run() (this=0x7ff0a880c580) at /home/emilio/src/moz/gecko/widget/nsBaseAppShell.cpp:137 #25 0x00007ff0bf449d85 in nsAppStartup::Run() (this=0x7ff0a883de20) at /home/emilio/src/moz/gecko/toolkit/components/startup/nsAppStartup.cpp:273 #26 0x00007ff0bf5428b6 in XREMain::XRE_mainRun() (this=<optimized out>, this@entry=0x7ffe238887c0) at /home/emilio/src/moz/gecko/toolkit/xre/nsAppRunner.cpp:5239 #27 0x00007ff0bf5433ef in XREMain::XRE_main(int, char**, mozilla::BootstrapConfig const&) (this=this@entry=0x7ffe238887c0, argc=argc@entry=5, argv=argv@entry=0x7ffe23889a68, aConfig=<optimized out>) at /home/emilio/src/moz/gecko/toolkit/xre/nsAppRunner.cpp:5437 #28 0x00007ff0bf54385e in XRE_main(int, char**, mozilla::BootstrapConfig const&) (argc=-1816706824, argv=0x7ff0c56441a0, aConfig=...) at /home/emilio/src/moz/gecko/toolkit/xre/nsAppRunner.cpp:5496 #29 0x0000562d08f8e415 in do_main(int, char**, char**) (argc=-1816706824, argv=0x7ffe23889a68, envp=<optimized out>) at /home/emilio/src/moz/gecko/browser/app/nsBrowserApp.cpp:224 [rr 502130 280199]CanonicalBrowsingContext::ReplacedBy(94 -> 104) [rr 502130 280344]didChangeRemoteness browser=36, bc=104 [rr 502130 280348]RemoteWebNavigation.currentURI browser=36 bc=104 undefined [rr 502130 280625]RedirectToRealChannel(36, about:blank) [rr 502578 280695]BrowserChild::OnLocationChange(browser=36, bc=94, http://example.com/browser/browser/base/content/test/tabs/file_new_tab_page.html) [rr 502578 280699]BrowsingContext::LoadURI(browser=36, bc=94, http://example.com/browser/browser/base/content/test/tabs/file_new_tab_page.html) [rr 502578 280703]DocumentChannelChild::AsyncOpen(browser=36, bc=94, http://example.com/browser/browser/base/content/test/tabs/file_new_tab_page.html) This is the LoadURI call for the "final" load, however it went to the wrong browsing context, as we just replaced this! [rr 502130 280803]updateForLocationChange browser=36 bc=104 - http://example.com/browser/browser/base/content/test/tabs/file_new_tab_page.html [rr 502130 280807]RemoteWebNavigation.currentURI browser=36 bc=104 http://example.com/browser/browser/base/content/test/tabs/file_new_tab_page.html [rr 502578 281334]BrowserChild::OnLocationChange(browser=36, bc=104, about:blank) And this one is from the process switch. [rr 502130 281461]updateForLocationChange browser=36 bc=104 - about:blank [rr 502130 281465]RemoteWebNavigation.currentURI browser=36 bc=104 about:blank [rr 502130 282028] ⰲ겿{"action":"test_status","time":1621467211822,"thread":null,"pid":null,"source":"mochitest","test":"chrome://mochitests/content/browser/browser/base/content/test/tabs/browser_new_tab_insert_position.js","subtest":"tab pos 0 matched http://mochi.test:8888/#0","status":"PASS","message":"","js_source":"TestRunner.js"}ⰲ겿 [rr 502130 282031]RemoteWebNavigation.currentURI browser=36 bc=104 about:blank [rr 502130 282033]RemoteWebNavigation.currentURI browser=36 bc=104 about:blank [rr 502130 282117] So this is certainly the easy fix, but I think we should generally try to deal with this better, somehow? Differential Revision: https://phabricator.services.mozilla.com/D115560

* Adding RiscV64 for JIT * fix some compile's problem Co-authored-by: gaojije <gaojije@nfschina.com> Co-authored-by: gaojie <gaojie123>

…=keeler,fluent-reviewers,flod Differential Revision: https://phabricator.services.mozilla.com/D176078

…=keeler,fluent-reviewers,flod a=RyanVM

…operty invalidation", a=testonly Automatic update from web-platform-tests Revert "[A11y] Reland targeted cached property invalidation" This reverts commit 3438f2a59daa31ad1d86777d73e1cff836cef570. Reason for revert: Suspect causing blink_wpt_tests and blink_web_tests failure on Linux Tests (dbg)(1) bot. Failed tests: blink_wpt_tests failed because of: external/wpt/css/css-contain/content-visibility/detach-locked-slot-children-crash.html external/wpt/css/css-contain/content-visibility/element-reassigned-to-skipped-slot.html external/wpt/css/css-contain/content-visibility/element-reassigned-to-slot-in-skipped-subtree.html external/wpt/html/semantics/forms/the-input-element/focus-dynamic-type-change-on-blur.html ...7 more failure(s) (11 total)... blink_web_tests failed because of: accessibility/details-summary-crash.html fast/events/drag-on-removed-slider-does-not-crash.html fast/forms/range/range-type-change-onchange-2.html html/details_summary/details-add-summary.html ...5 more failure(s) (9 total)... First build failure: https://ci.chromium.org/ui/p/chromium/builders/ci/Linux%20Tests%20(dbg)(1)/114032/overview Sample log: --- STDERR: #6 0x7fc01bd0361d logging::CheckError::~CheckError() STDERR: #7 0x7fbffd21d08a blink::FlatTreeTraversal::AssertPrecondition() STDERR: #8 0x7fbffd21cfd5 blink::FlatTreeTraversal::Parent() STDERR: #9 0x7fbffd3c2a45 blink::FlatTreeTraversal::AncestorsOf() STDERR: #10 0x7fbffd3d410e blink::(anonymous namespace)::NearestLockedExclusiveAncestor() STDERR: #11 0x7fbffd3d3d17 blink::DisplayLockUtilities::IsInUnlockedOrActivatableSubtree() STDERR: #12 0x7fbfedfabc4b blink::DisplayLockUtilities::ShouldIgnoreNodeDueToDisplayLock() STDERR: #13 0x7fbfedf8b61c blink::AXObject::ToString() STDERR: #14 0x7fbfedf8eccc blink::AXObject::Detach() STDERR: #15 0x7fbfedf512df blink::AXNodeObject::Detach() STDERR: #16 0x7fbfedf2d6a5 blink::AXLayoutObject::Detach() STDERR: #17 0x7fbfedfce51a blink::AXObjectCacheImpl::Remove() STDERR: #18 0x7fbfedfcd998 blink::AXObjectCacheImpl::Remove() STDERR: #19 0x7fbfedfcdd74 blink::AXObjectCacheImpl::Remove() STDERR: #20 0x7fbfedfce992 blink::AXObjectCacheImpl::Remove() STDERR: #21 0x7fbffe6d16be blink::LayoutObject::WillBeDestroyed() --- Original change's description: > [A11y] Reland targeted cached property invalidation > > Relands the following CLS: > * Enhance performance by targeting value updates to specific nodes, commit 704633e6846e44b20c488a3eb98fa43c2c8e4591. > * Don't queue anything for irrelevant attribute changes, commit 2c66a62ed62e601b7a81271e4be4f9e173ce9afc. > * Add comment explaining call to UpdateStyleAndLayoutTreeForNode(), commit 73b9eed3b48bc8ce70de657672755f44a89e7358. > * Ensure cached values not invalidated during the computation of them, commit 4d167a62cd13d5209ecefb664e3690ac955bc559. > * Run a test with --force-renderer-accessibility that used to fail, commit cab7ecd829b24acf677e02f8f118085eaad7f799. > * Simplify code to update cached focusable state, commit 79cb184e5dab5f6084ec78d485bd9496eaa0aaf8. > * Simplify code that invalidates cached values on an AXObject, commit 6df79a50a55fe5cf99d2c50f7308e1236361b771. > > Fixed: 1446864, 1446550, 1434555, 1362758 > Change-Id: I16855bdcb746cb41387b69e1e97ab72ffc47e342 > Cq-Do-Not-Cancel-Tryjobs: true > Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4545510 > Commit-Queue: Aaron Leventhal <aleventhal@chromium.org> > Reviewed-by: Jacques Newman <janewman@microsoft.com> > Reviewed-by: Chris Harrelson <chrishtr@chromium.org> > Reviewed-by: Philip Rogers <pdr@chromium.org> > Cr-Commit-Position: refs/heads/main@{#1157878} Change-Id: Iefe59fe1933747346eda8827fd683f310d6cddb3 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4615927 Reviewed-by: Takuto Ikuta <tikuta@chromium.org> Owners-Override: Takuto Ikuta <tikuta@chromium.org> Commit-Queue: Takuto Ikuta <tikuta@chromium.org> Auto-Submit: Takashi Sakamoto <tasak@google.com> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#1157993} -- wpt-commits: b2f88bfbff5f2806344bb479e7382a3618197e05 wpt-pr: 40564

…ers,jschanck 2023-10-02 Natalia Kulatova <nkulatova@mozilla.com> * doc/rst/releases/nss_3_94.rst: Documentation: Release notes for NSS 3.94 [8c67d6c2d718] [NSS_3_94_RTM] <NSS_3_94_BRANCH> * .hgtags: Added tag NSS_3_94_RTM for changeset a4d8f6ff9c3b [18307440cfb0] <NSS_3_94_BRANCH> * doc/rst/releases/index.rst: Release notes for NSS 3.94 [a4d8f6ff9c3b] <NSS_3_94_BRANCH> * lib/nss/nss.h, lib/softoken/softkver.h, lib/util/nssutil.h: Set version numbers to 3.94 final [0af23c222caf] <NSS_3_94_BRANCH> 2023-09-21 Benjamin Beurdouche <beurdouche@mozilla.com> * .hgtags: Removed tag NSS_3_94_BETA1 [1a3ea35e31a2] 2023-09-20 Karthikeyan Bhargavan <karthik.bhargavan@gmail.com> * automation/taskcluster/scripts/run_hacl.sh, lib/freebl/verified/Hacl_Hash_SHA3.c, lib/freebl/verified/Hacl_IntTypes_Intrinsics.h, lib/freebl/verified/Hacl_IntTypes_Intrinsics_128.h, lib/freebl/verified/Hacl_Krmllib.h, lib/freebl/verified/Hacl_P256.c, lib/freebl/verified/internal/Hacl_Bignum_Base.h, lib/freebl/verified/internal/Hacl_Hash_SHA1.h, lib/freebl/verified/internal/Hacl_Hash_SHA2.h, lib/freebl/verified/internal/Hacl_IntTypes_Intrinsics.h, lib/freebl/verified/internal/Hacl_IntTypes_Intrinsics_128.h, lib/freebl/verified/internal/Hacl_Krmllib.h, lib/freebl/verified/internal/Hacl_P256.h, lib/freebl/verified/internal/lib_intrinsics.h, lib/freebl/verified/karamel/include/krml/internal/target.h, lib/free bl/verified/karamel/krmllib/dist/minimal/FStar_UInt_8_16_32_64.h, lib/freebl/verified/karamel/krmllib/dist/minimal/Makefile.basic, lib/freebl/verified/lib_intrinsics.h: Bug 1853737 - Updated code and commit ID for HACL*. r=jschanck [3501ba1860c3] 2023-09-20 Iaroslav Gridin <iaroslav.gridin@tuni.fi> * tests/acvp/fuzzed/ecdsa.json: Bug 1840510: update ACVP fuzzed test vector: refuzzed with current NSS r=jschanck [da1cde22e844] 2023-09-15 Robert Relyea <rrelyea@redhat.com> * automation/abi-check/expected-report-libnssutil3.so.txt, lib/freebl/nsslowhash.c, lib/freebl/stubs.c, lib/freebl/stubs.h, lib/pk11wrap/pk11util.c, lib/softoken/pkcs11.c, lib/util/nssutil.def, lib/util/secport.c, lib/util/secport.h: Bug 1827303 Softoken C_ calls should use system FIPS setting to select NSC_ or FC_ variants. NSS softoken presents a PKCS #11 API to the NSS low level crypto. This allows NSS to have native support for replacement PKCS #11 libraries, and is also the FIPS boundary, allowing the rest of NSS to change without affecting any FIPS validations. Some applications that need crypto, but have their own higher level implementations of SSL or S/MIME use NSS softoken. Softoken has 2 general APIs: NSC_xxxx calls which implement the normal NSS interface, but does not include any FIPS restrictions, The FC_xxx interfaces which implements FIPS restrictions on the semantics of the calls and additional FIPS requirements (like self-tests and software integrity checks). The official PKCS #11 APIs are C_xxx interfaces, and NSS exports those as aliases for NSC_xxxx calls. Right now applications that use softoken have to know the NSS names if they want to access the FIPS api. This bugs removes this restriction and causes calls to C_xxxx to alias to FC_xxxxx if the system is in FIPS mode. If the system has no system FIPS indicator, or the that indicator is off, the C_xxxx will continue to call NSC_xxxxx. NSS itself will continue to use NSC_xxxx or FC_xxxx according to the NSS internal FIPS settings. ---------------- Currently there are 3 layers in NSS with code that identifies the whether the system is in NSS: nss proper (which is also exported to applications), and freebl for the Freebl hash direct case. This code would add a 3rd (in softoken). Rather than adding a third, this patch relocates the main function to nssutil where softoken, nss, and freebl can all access it. The exception is when building freebl with 'NODEPEND' (freebl can provide hashing without dependencies on NSPR or NSSUTIL), there needs to be a stub implementation. In most platforms and cases this stub is never compiled. [762cb673ca8c] * .hgignore, automation/taskcluster/scripts/split.sh, cmd/Makefile, cmd/dbtool/Makefile, cmd/dbtool/dbtool.c, cmd/dbtool/dbtool.gyp, cmd/dbtool/manifest.mn, cmd/manifest.mn, lib/softoken/sdb.h, nss.gyp: Bug 1774659 NSS needs a database tool that can dump the low level representation of the database. r=jschanck When debugging the database, it would be helpful to know what is in the database is a nicely formated way. certutil dumps a high level view of the certs and keys, sqlite3 can dump the low level tables and raw entries. It would be useful to dump the database as softoken sees the database. This code grabs a copy of the latest sdb.c from softoken and uses it to fetch the database entries, then parses them as necessary. It uses the pkcs11 table in libsec to format the result data into human readable strings. [e52240a4bc62] 2023-09-08 John Schanck <jschanck@mozilla.com> * gtests/mozpkix_gtest/pkixnames_tests.cpp: Bug 1852179 - declare string literals using char in pkixnames_tests.cpp. r=nss-reviewers,nkulatova [dbed9fc0522a] Differential Revision: https://phabricator.services.mozilla.com/D189815

…ers,jschanck, a=dmeehan 2023-10-02 Natalia Kulatova <nkulatova@mozilla.com> * doc/rst/releases/nss_3_94.rst: Documentation: Release notes for NSS 3.94 [8c67d6c2d718] [NSS_3_94_RTM] <NSS_3_94_BRANCH> * .hgtags: Added tag NSS_3_94_RTM for changeset a4d8f6ff9c3b [18307440cfb0] <NSS_3_94_BRANCH> * doc/rst/releases/index.rst: Release notes for NSS 3.94 [a4d8f6ff9c3b] <NSS_3_94_BRANCH> * lib/nss/nss.h, lib/softoken/softkver.h, lib/util/nssutil.h: Set version numbers to 3.94 final [0af23c222caf] <NSS_3_94_BRANCH> 2023-09-21 Benjamin Beurdouche <beurdouche@mozilla.com> * .hgtags: Removed tag NSS_3_94_BETA1 [1a3ea35e31a2] 2023-09-20 Karthikeyan Bhargavan <karthik.bhargavan@gmail.com> * automation/taskcluster/scripts/run_hacl.sh, lib/freebl/verified/Hacl_Hash_SHA3.c, lib/freebl/verified/Hacl_IntTypes_Intrinsics.h, lib/freebl/verified/Hacl_IntTypes_Intrinsics_128.h, lib/freebl/verified/Hacl_Krmllib.h, lib/freebl/verified/Hacl_P256.c, lib/freebl/verified/internal/Hacl_Bignum_Base.h, lib/freebl/verified/internal/Hacl_Hash_SHA1.h, lib/freebl/verified/internal/Hacl_Hash_SHA2.h, lib/freebl/verified/internal/Hacl_IntTypes_Intrinsics.h, lib/freebl/verified/internal/Hacl_IntTypes_Intrinsics_128.h, lib/freebl/verified/internal/Hacl_Krmllib.h, lib/freebl/verified/internal/Hacl_P256.h, lib/freebl/verified/internal/lib_intrinsics.h, lib/freebl/verified/karamel/include/krml/internal/target.h, lib/free bl/verified/karamel/krmllib/dist/minimal/FStar_UInt_8_16_32_64.h, lib/freebl/verified/karamel/krmllib/dist/minimal/Makefile.basic, lib/freebl/verified/lib_intrinsics.h: Bug 1853737 - Updated code and commit ID for HACL*. r=jschanck [3501ba1860c3] 2023-09-20 Iaroslav Gridin <iaroslav.gridin@tuni.fi> * tests/acvp/fuzzed/ecdsa.json: Bug 1840510: update ACVP fuzzed test vector: refuzzed with current NSS r=jschanck [da1cde22e844] 2023-09-15 Robert Relyea <rrelyea@redhat.com> * automation/abi-check/expected-report-libnssutil3.so.txt, lib/freebl/nsslowhash.c, lib/freebl/stubs.c, lib/freebl/stubs.h, lib/pk11wrap/pk11util.c, lib/softoken/pkcs11.c, lib/util/nssutil.def, lib/util/secport.c, lib/util/secport.h: Bug 1827303 Softoken C_ calls should use system FIPS setting to select NSC_ or FC_ variants. NSS softoken presents a PKCS #11 API to the NSS low level crypto. This allows NSS to have native support for replacement PKCS #11 libraries, and is also the FIPS boundary, allowing the rest of NSS to change without affecting any FIPS validations. Some applications that need crypto, but have their own higher level implementations of SSL or S/MIME use NSS softoken. Softoken has 2 general APIs: NSC_xxxx calls which implement the normal NSS interface, but does not include any FIPS restrictions, The FC_xxx interfaces which implements FIPS restrictions on the semantics of the calls and additional FIPS requirements (like self-tests and software integrity checks). The official PKCS #11 APIs are C_xxx interfaces, and NSS exports those as aliases for NSC_xxxx calls. Right now applications that use softoken have to know the NSS names if they want to access the FIPS api. This bugs removes this restriction and causes calls to C_xxxx to alias to FC_xxxxx if the system is in FIPS mode. If the system has no system FIPS indicator, or the that indicator is off, the C_xxxx will continue to call NSC_xxxxx. NSS itself will continue to use NSC_xxxx or FC_xxxx according to the NSS internal FIPS settings. ---------------- Currently there are 3 layers in NSS with code that identifies the whether the system is in NSS: nss proper (which is also exported to applications), and freebl for the Freebl hash direct case. This code would add a 3rd (in softoken). Rather than adding a third, this patch relocates the main function to nssutil where softoken, nss, and freebl can all access it. The exception is when building freebl with 'NODEPEND' (freebl can provide hashing without dependencies on NSPR or NSSUTIL), there needs to be a stub implementation. In most platforms and cases this stub is never compiled. [762cb673ca8c] * .hgignore, automation/taskcluster/scripts/split.sh, cmd/Makefile, cmd/dbtool/Makefile, cmd/dbtool/dbtool.c, cmd/dbtool/dbtool.gyp, cmd/dbtool/manifest.mn, cmd/manifest.mn, lib/softoken/sdb.h, nss.gyp: Bug 1774659 NSS needs a database tool that can dump the low level representation of the database. r=jschanck When debugging the database, it would be helpful to know what is in the database is a nicely formated way. certutil dumps a high level view of the certs and keys, sqlite3 can dump the low level tables and raw entries. It would be useful to dump the database as softoken sees the database. This code grabs a copy of the latest sdb.c from softoken and uses it to fetch the database entries, then parses them as necessary. It uses the pkcs11 table in libsec to format the result data into human readable strings. [e52240a4bc62] 2023-09-08 John Schanck <jschanck@mozilla.com> * gtests/mozpkix_gtest/pkixnames_tests.cpp: Bug 1852179 - declare string literals using char in pkixnames_tests.cpp. r=nss-reviewers,nkulatova [dbed9fc0522a] Differential Revision: https://phabricator.services.mozilla.com/D189815

Upstream commit: https://webrtc.googlesource.com/src/+/a93f581705787105ac28bccdc179778fd4400298 dcsctp: Don't generate FORWARD-TSN across stream resets This was a fun bug which proved to be challenging to find a good solution for. The issue comes from the combination of partial reliability and stream resetting, which are covered in different RFCs, and where they don't refer to each other... Stream resetting (RFC 6525) is used in WebRTC for closing a Data Channel, and is done by signaling to the receiver that the stream sequence number (SSN) should be set to zero (0) at some time. Partial reliability (RFC 3758) - and expiring messages that will not be retransmitted - is done by signaling that the SSN should be set to a certain value at a certain TSN, as the messages up until the provided SSN are not to be expected to be sent again. As these two functionalities both work by signaling to the receiver what the next expected SSN should be, they need to do it correctly not to overwrite each others' intent. And here was the bug. An example scenario where this caused issues, where we are Z (the receiver), getting packets from the sender (A): 5 A->Z DATA (TSN=30, B, SID=2, SSN=0) 6 Z->A SACK (Ack=30) 7 A->Z DATA (TSN=31, E, SID=2, SSN=0) 8 A->Z RE_CONFIG (REQ=30, TSN=31, SID=2) 9 Z->A RE_CONFIG (RESP=30, Performed) 10 Z->A SACK (Ack=31) 11 A->Z DATA (TSN=32, SID=1) 12 A->Z FORWARD_TSN (TSN=32, SID=2, SSN=0) Let's assume that the path Z->A had packet loss and A never really received our responses (#6, #9, #10) in time. At #5, Z receives a DATA fragment, which it acks, and at #7 the end of that message. The stream is then reset (#8) which it signals that it was performed (#9) and acked (#10), and data on another stream (2) was received (#11). Since A hasn't received any ACKS yet, and those chunks on SID=2 all expired, A sends a FORWARD-TSN saying that "Skip to TSN=32, and don't expect SID=2, SSN=0". That makes the receiver expect the SSN on SID=2 to be SSN=1 next time at TSN=32. But that's not good at all - A reset the stream at #8 and will want to send the next message on SID=2 using SSN=0 - not 1. The FORWARD-TSN clearly can't have a TSN that is beyond the stream reset TSN for that stream. This is just one example - combining stream resetting and partial reliability, together with a lossy network, and different variants of this can occur, which results in the receiver possibly not delivering packets because it expects a different SSN than the one the sender is later using. So this CL adds "breakpoints" to how far a FORWARD-TSN can stretch. It will simply not cross any Stream Reset last assigned TSNs, and only when a receiver has acked that all TSNs up till the Stream Reset last assigned TSN has been received, it will proceed expiring chunks after that. Bug: webrtc:14600 Change-Id: Ibae8c9308f5dfe8d734377d42cce653e69e95731 Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/321600 Commit-Queue: Victor Boivie <boivie@webrtc.org> Reviewed-by: Harald Alvestrand <hta@webrtc.org> Cr-Commit-Position: refs/heads/main@{#40829}

…ect> / <embed> as subdocuments. r=longsonr These look like two really old bugs. Part of the issue is that <object> / <embed> manage their frame loader quite differently from <iframe>. This means that we may have a PresShell / ViewManager / etc for a frame loader that doesn't yet have a frame associated. For example, this is the viewport creation for the SVG document that reproduces the problem: #0 0x00005cc60e8302e7 in mozilla::ViewportFrame::SetViewInternal(nsView*) (this=0x68599020, aView=0x683d8f00) at /home/emilio/src/moz/gecko/obj-debug/dist/include/mozilla/ViewportFrame.h:106 #1 0x00005cc60e842858 in nsIFrame::SetView(nsView*) (this=0x68599020, aView=0x683d8f00) at /home/emilio/src/moz/gecko/layout/generic/nsFrame.cpp:7057 #2 0x00005cc60e77258a in nsCSSFrameConstructor::ConstructRootFrame() (this=0xc72c715e00) at /home/emilio/src/moz/gecko/layout/base/nsCSSFrameConstructor.cpp:2424 #3 0x00005cc60e7342f5 in mozilla::PresShell::Initialize() (this=0x6830e000) at /home/emilio/src/moz/gecko/layout/base/PresShell.cpp:1758 #4 0x00005cc60c9fb02a in nsContentSink::StartLayout(bool) (this=<optimized out>, aIgnorePendingSheets=<optimized out>) at /home/emilio/src/moz/gecko/dom/base/nsContentSink.cpp:1160 #5 0x00005cc60e2c1581 in nsXMLContentSink::HandleStartElement(char16_t const*, char16_t const**, unsigned int, unsigned int, unsigned int, bool) (this=<optimized out>, aName=<optimized out>, aAtts=0x6fde8200, aAttsCount=<optimized out>, aLineNumber=3, aColumnNumber=<optimized out>, aInterruptable=true) at /home/emilio/src/moz/gecko/dom/xml/nsXMLContentSink.cpp:982 #6 0x00005cc60e2c17d7 in non-virtual thunk to nsXMLContentSink::HandleStartElement(char16_t const*, char16_t const**, unsigned int, unsigned int, unsigned int) () at /home/emilio/src/moz/gecko/dom/xml/nsXMLContentSink.cpp:889 #7 0x00005cc60c360307 in nsExpatDriver::HandleStartElement(void*, char16_t const*, char16_t const**) (aUserData=0x224f650d0cc0, aName=0x685aef20 u"http://www.w3.org/2000/svg\xffffdesc", aAtts=0x6fde8200) at /home/emilio/src/moz/gecko/parser/htmlparser/nsExpatDriver.cpp:293 #8 0x00005cc60ee91cea in doContent (parser=0xc72c70f800, startTagLevel=0, enc=<optimized out>, s=<optimized out>, end=0x5bbd31af5020 "\344\344\344", <incomplete sequence \344>, nextPtr=0x7ffca2653288, haveMore=1 '\001') at /home/emilio/src/moz/gecko/parser/expat/lib/xmlparse.c:2872 #9 0x00005cc60ee90059 in contentProcessor (parser=0xc72c70f800, start=0xffffffe6 <error: Cannot access memory at address 0xffffffe6>, end=0xc72c511360 "", endPtr=0x1) at /home/emilio/src/moz/gecko/parser/expat/lib/xmlparse.c:2528 #10 0x00005cc60ee8f8d5 in doProlog (parser=<optimized out>, enc=0x5cc612ce0930 <little2_encoding_ns>, s=0x5bbd31ab508e "<", end=0x5bbd31af5020 "\344\344\344", <incomplete sequence \344>, tok=<optimized out>, next=<optimized out>, nextPtr=0x7ffca2653288, haveMore=1 '\001', allowClosingDoctype=1 '\001') at /home/emilio/src/moz/gecko/parser/expat/lib/xmlparse.c:4591 #11 0x00005cc60ee8d86e in prologProcessor (parser=0xc72c70f800, s=0x5bbd31ab5020 "<", end=0x5bbd31af5020 "\344\344\344", <incomplete sequence \344>, nextPtr=0x7ffca2653288) at /home/emilio/src/moz/gecko/parser/expat/lib/xmlparse.c:4311 #12 0x00005cc60ee8cf45 in MOZ_XML_Parse (parser=0xc72c70f800, s=0x5bbd31ab5020 "<", len=262144, isFinal=0) at /home/emilio/src/moz/gecko/parser/expat/lib/xmlparse.c:1894 #13 0x00005cc60c3627bc in nsExpatDriver::ParseBuffer(char16_t const*, unsigned int, bool, unsigned int*) (this=0x224f650d0cc0, aBuffer=0x5bbd31ab5020 u"<?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"no\"?>\n<svg height=\"2970\" width=\"2100\" viewBox=\"0 0 2100 2970\" version=\"1.1\" xmlns=\"http://www.w3.org/2000/svg\" xmlns:xlink=\"http://www.w3.org/1999/xlin"..., aLength=131072, aIsFinal=false, aConsumed=<optimized out>) at /home/emilio/src/moz/gecko/parser/htmlparser/nsExpatDriver.cpp:875 #14 0x00005cc60c362c91 in nsExpatDriver::ConsumeToken(nsScanner&, bool&) (this=<optimized out>, aScanner=..., aFlushTokens=<optimized out>) at /home/emilio/src/moz/gecko/parser/htmlparser/nsExpatDriver.cpp:970 #15 0x00005cc60c3666a8 in nsParser::Tokenize(bool) (this=0x224f65038e80, aIsFinalChunk=false) at /home/emilio/src/moz/gecko/parser/htmlparser/nsParser.cpp:1410 #16 0x00005cc60c36595e in nsParser::ResumeParse(bool, bool, bool) (this=0x224f65038e80, allowIteration=true, aIsFinalChunk=false, aCanInterrupt=<optimized out>) at /home/emilio/src/moz/gecko/parser/htmlparser/nsParser.cpp:961 #17 0x00005cc60c366c86 in nsParser::OnDataAvailable(nsIRequest*, nsIInputStream*, unsigned long, unsigned int) (this=0x224f65038e80, request=<optimized out>, pIStream=0x6fdfc430, sourceOffset=<optimized out>, aLength=131072) at /home/emilio/src/moz/gecko/parser/htmlparser/nsParser.cpp:1317 #18 0x00005cc60c897cc2 in nsObjectLoadingContent::OnDataAvailable(nsIRequest*, nsIInputStream*, unsigned long, unsigned int) (this=<optimized out>, aRequest=0x68483080, aInputStream=0x6fdfc430, aOffset=0, aCount=131072) at /home/emilio/src/moz/gecko/dom/base/nsObjectLoadingContent.cpp:1055 #19 0x00005cc60b9d18f8 in mozilla::net::HttpChannelChild::DoOnDataAvailable(nsIRequest*, nsISupports*, nsIInputStream*, unsigned long, unsigned int) (this=0x68483000, aRequest=0x68483080, aContext=<optimized out>, aStream=0x6fdfc430, aOffset=0, aCount=743510880) at /home/emilio/src/moz/gecko/netwerk/protocol/http/HttpChannelChild.cpp:968 #20 0x00005cc60b9d5cbf in mozilla::net::HttpChannelChild::OnTransportAndData(nsresult const&, nsresult const&, unsigned long const&, unsigned int const&, nsTString<char> const&) (this=0x68483000, aChannelStatus=<optimized out>, aTransportStatus=@0x683be5bc: -2142568440, aOffset=<optimized out>, aCount=<optimized out>, aData=...) at /home/emilio/src/moz/gecko/netwerk/protocol/http/HttpChannelChild.cpp:867 #21 0x00005cc60badb535 in mozilla::net::ChannelEventQueue::FlushQueue() (this=0xc72ce2cae0) at /home/emilio/src/moz/gecko/netwerk/ipc/ChannelEventQueue.cpp:90 #22 0x00005cc60b976fda in mozilla::net::ChannelEventQueue::MaybeFlushQueue() (this=0xc72ce2cae0) at /home/emilio/src/moz/gecko/obj-debug/dist/include/mozilla/net/ChannelEventQueue.h:350 #23 0x00005cc60baec442 in mozilla::net::ChannelEventQueue::CompleteResume() (this=0xc72ce2cae0) at /home/emilio/src/moz/gecko/obj-debug/dist/include/mozilla/net/ChannelEventQueue.h:329 #24 mozilla::net::ChannelEventQueue::ResumeInternal()::CompleteResumeRunnable::Run() (this=<optimized out>) at /home/emilio/src/moz/gecko/netwerk/ipc/ChannelEventQueue.cpp:148 #25 0x00005cc60b53d4f1 in mozilla::SchedulerGroup::Runnable::Run() (this=0x685b0200) at /home/emilio/src/moz/gecko/xpcom/threads/SchedulerGroup.cpp:282 #26 0x00005cc60b54ff80 in nsThread::ProcessNextEvent(bool, bool*) (this=0x3dd7f4f3020, aMayWait=<optimized out>, aResult=0x7ffca2653ea7) at /home/emilio/src/moz/gecko/xpcom/threads/nsThread.cpp:1220 #27 0x00005cc60b552f0d in NS_ProcessNextEvent(nsIThread*, bool) (aThread=0x68599020, aMayWait=true) at /home/emilio/src/moz/gecko/xpcom/threads/nsThreadUtils.cpp:481 The parent view may not be set properly if the frame is not current by the time it is created. For example in this case the parent for the root view is non-null and comes from the following MakeWindow call: #0 nsDocumentViewer::MakeWindow(nsSize const&, nsView*) (this=0xc72ca72cd0, aSize=..., aContainerView=0x683ba500) at /home/emilio/src/moz/gecko/layout/base/nsDocumentViewer.cpp:2368 #1 0x00005cc60e789b50 in nsDocumentViewer::InitInternal(nsIWidget*, nsISupports*, mozilla::dom::WindowGlobalChild*, mozilla::gfx::IntRectTyped<mozilla::gfx::UnknownUnits> const&, bool, bool, bool) (this=0xc72ca72cd0, aParentWidget=<optimized out>, aState=0x0, aActor=0x0, aBounds=..., aDoCreation=true, aNeedMakeCX=<optimized out>, aForceSetNewDocument=<optimized out>) at /home/emilio/src/moz/gecko/layout/base/nsDocumentViewer.cpp:933 #2 0x00005cc60e789959 in nsDocumentViewer::Init(nsIWidget*, mozilla::gfx::IntRectTyped<mozilla::gfx::UnknownUnits> const&, mozilla::dom::WindowGlobalChild*) (this=0xc72ca72cd0, aParentWidget=0x7ffca2651020, aBounds=..., aActor=0x7f6216725c00) at /home/emilio/src/moz/gecko/layout/base/nsDocumentViewer.cpp:762 #3 0x00005cc60f4f584f in nsDocShell::SetupNewViewer(nsIContentViewer*, mozilla::dom::WindowGlobalChild*) (this=0x684db000, aNewViewer=<optimized out>, aWindowActor=<optimized out>) at /home/emilio/src/moz/gecko/docshell/base/nsDocShell.cpp:8017 #4 0x00005cc60f4f5204 in nsDocShell::Embed(nsIContentViewer*, mozilla::dom::WindowGlobalChild*) (this=0x684db000, aContentViewer=0x7ffca2651020, aWindowActor=0x683ba500) at /home/emilio/src/moz/gecko/docshell/base/nsDocShell.cpp:5745 #5 0x00005cc60f4dbc7b in nsDocShell::CreateContentViewer(nsTSubstring<char> const&, nsIRequest*, nsIStreamListener**) (this=0x684db000, aContentType=..., aRequest=0x68483080, aContentHandler=<optimized out>) at /home/emilio/src/moz/gecko/docshell/base/nsDocShell.cpp:7819 #6 0x00005cc60f4dab99 in nsDSURIContentListener::DoContent(nsTSubstring<char> const&, bool, nsIRequest*, nsIStreamListener**, bool*) (this=0x683056a0, aContentType=..., aIsContentPreferred=<optimized out>, aRequest=0x68483080, aContentHandler=0xc72c5e8608, aAbortProcess=0x7ffca265139f) at /home/emilio/src/moz/gecko/docshell/base/nsDSURIContentListener.cpp:181 #7 0x00005cc60c2fd8f5 in nsDocumentOpenInfo::TryContentListener(nsIURIContentListener*, nsIChannel*) (this=0xc72c5e85e0, aListener=0x683056a0, aChannel=<optimized out>) at /home/emilio/src/moz/gecko/uriloader/base/nsURILoader.cpp:632 #8 0x00005cc60c2fccd1 in nsDocumentOpenInfo::DispatchContent(nsIRequest*, nsISupports*) (this=0xc72c5e85e0, request=0x68483080, aCtxt=<optimized out>) at /home/emilio/src/moz/gecko/uriloader/base/nsURILoader.cpp:313 #9 0x00005cc60c2fc5aa in nsDocumentOpenInfo::OnStartRequest(nsIRequest*) (this=<optimized out>, request=0x68483080) at /home/emilio/src/moz/gecko/uriloader/base/nsURILoader.cpp:191 #10 0x00005cc60c8975c4 in nsObjectLoadingContent::LoadObject(bool, bool, nsIRequest*) (this=0x4b1b3938b6a8, aNotify=<optimized out>, aForceLoad=<optimized out>, aLoadingChannel=0x68483080) at /home/emilio/src/moz/gecko/dom/base/nsObjectLoadingContent.cpp:2218 #11 0x00005cc60c89681f in nsObjectLoadingContent::OnStartRequest(nsIRequest*) (this=0x4b1b3938b6a8, aRequest=0x68483080) at /home/emilio/src/moz/gecko/dom/base/nsObjectLoadingContent.cpp:1006 #12 0x00005cc60b9d1020 in mozilla::net::HttpChannelChild::DoOnStartRequest(nsIRequest*, nsISupports*) (this=0x68483000, aRequest=0x68483080, aContext=<optimized out>) at /home/emilio/src/moz/gecko/netwerk/protocol/http/HttpChannelChild.cpp:708 #13 0x00005cc60b9d481b in mozilla::net::HttpChannelChild::OnStartRequest(nsresult const&, mozilla::net::nsHttpResponseHead const&, bool const&, mozilla::net::nsHttpHeaderArray const&, mozilla::net::ParentLoadInfoForwarderArgs const&, bool const&, bool const&, bool const&, unsigned long const&, int const&, unsigned int const&, nsTString<char> const&, nsTString<char> const&, mozilla::net::NetAddr const&, mozilla::net::NetAddr const&, unsigned int const&, nsTString<char> const&, long const&, bool const&, bool const&, bool const&, mozilla::net::ResourceTimingStructArgs const&, bool const&, mozilla::Maybe<unsigned int> const&, bool const&, nsILoadInfo::CrossOriginOpenerPolicy const&) However, even though aContainerView is non-null, the view is incorrect, it's the view for the _old_ frame. The view parent/child relationship gets cleared properly in: #1 0x00005cc60e8e82bf in BeginSwapDocShellsForViews (aSibling=0x0) at /home/emilio/src/moz/gecko/layout/generic/nsSubDocumentFrame.cpp:1027 warning: Source file is more recent than executable. #2 0x00005cc60e8e810b in nsSubDocumentFrame::DestroyFrom (this=0x6cd04eaa45a8, aDestructRoot=0x6cd04eaa45a8, aPostDestroyData=...) at /home/emilio/src/moz/gecko/layout/generic/nsSubDocumentFrame.cpp:943 #3 0x00005cc60e7b71a3 in nsIFrame::Destroy (this=0x6cd04eaa45a8) at /home/emilio/src/moz/gecko/layout/generic/nsIFrame.h:657 #4 0x00005cc60e80baac in nsBlockFrame::RemoveFrame (this=0x4b1b39362d88, aListID=<optimized out>, aOldFrame=0x6cd04eaa45a8) at /home/emilio/src/moz/gecko/layout/generic/nsBlockFrame.cpp:5597 #5 0x00005cc60e8df29f in nsPlaceholderFrame::DestroyFrom (this=0x4b1b39363240, aDestructRoot=0x4b1b39363240, aPostDestroyData=...) at /home/emilio/src/moz/gecko/layout/generic/nsPlaceholderFrame.cpp:181 #6 0x00005cc60e80cf19 in nsBlockFrame::DoRemoveFrameInternal (this=<optimized out>, aDeletedFrame=0x0, aFlags=<optimized out>, aPostDestroyData=...) at /home/emilio/src/moz/gecko/layout/generic/nsBlockFrame.cpp:6265 #7 0x00005cc60e82d947 in nsBlockFrame::DoRemoveFrame (this=0x4b1b39362d88, aDeletedFrame=0x683d8f00, aFlags=244338087) at /home/emilio/src/moz/gecko/layout/generic/nsBlockFrame.h:528 #8 0x00005cc60e80ba3a in nsBlockFrame::RemoveFrame (this=0x4b1b39362d88, aListID=<optimized out>, aOldFrame=0x4b1b39363240) at /home/emilio/src/moz/gecko/layout/generic/nsBlockFrame.cpp:5581 #9 0x00005cc60e77fd5c in nsCSSFrameConstructor::ContentRemoved (this=<optimized out>, aChild=0x4b1b3938b600, aOldNextSibling=<optimized out>, aFlags=<optimized out>) at /home/emilio/src/moz/gecko/layout/base/nsCSSFrameConstructor.cpp:7583 #10 0x00005cc60e779a35 in nsCSSFrameConstructor::RecreateFramesForContent (this=0x6fdf9800, aContent=0x4b1b3938b600, aInsertionKind=nsCSSFrameConstructor::InsertionKind::Sync) at /home/emilio/src/moz/gecko/layout/base/nsCSSFrameConstructor.cpp:8593 #11 0x00005cc60e751745 in mozilla::RestyleManager::ProcessRestyledFrames (this=<optimized out>, aChangeList=...) at /home/emilio/src/moz/gecko/layout/base/RestyleManager.cpp:1484 But the temporary state is stored in the _old_ frame-loader, so when we create the new frame, we get to nsSubDocumentFrame::Init, and find nothing, and thus go through nsFrameLoader::Show. But we do have a pres-shell, and nsFrameLoader::Show just early-returns then, and thus we end up with a detached pres shell which is not hooked to the view tree and thus not painted... So there are multiple potential fixes. First (this is the approach this patch takes): * Make nsHideViewer not fail to hide a presentation when the frame loader has changed. This is not an issue per se, but leaves stale views / etc living for too long which is not nice. * Fix up the Show() code path to handle this case properly by parenting the pres-shell and initializing the docshell properly. Second potential fix would be to store the temporary state somewhere else than the frame loader (like the element). This may be a less invasive change somehow, but it looks pretty fishy to me, and not particularly better... Terribly sorry about the lack of test-case, but this is racy as crazy and I had a lot of trouble to even reproduce it in a debug build. This needs the PresShell creation for the subdocument to happen right after setting .data on the <object>, but before processing its reframe. Differential Revision: https://phabricator.services.mozilla.com/D69487

…illa#11) * add the :host(.anonymous-content-host) selector to the built CSS * simplify string, add comma * rebase + fix tests

…lone. r=rhunt. The #9 patch removed all wasm-specific fields from wasm::Metadata, but did not remove wasm::Metadata itself, because it is inherited from by AsmJSMetadata, and used to provide different behaviour for wasm vs asm.js in a few obscure cases related to the profiler. This patch restricts wasm::Metadata to be an abstract class that provides access to (is the pure virtual base class of) AsmJSMetadata. wasm::Metadata is removed from WasmCode.h and instead reappears in AsmJS.h in pure virtual form. Any place that previously took a Metadata& now takes takes a Metadata*, and that is non-null only in the case when we are compiling asm.js. The effect is to restrict wasm::Metadata and js::AsmJSMetadata to providing support for asm.js compilation only. The next patch in the series (#11) completes the transformation by renaming those two types appropriately. Differential Revision: https://phabricator.services.mozilla.com/D211165

Upstream commit: https://webrtc.googlesource.com/src/+/876d0c9881eab8e7f8389812eb3738bdd374aa22 Fix use-of-uninitialized-value in NetEq tests. The new version of MSan (rolled by [1]) detects the following: ``` ==39908==WARNING: MemorySanitizer: use-of-uninitialized-value #0 0x5591400a52ef in GetPlayoutDelayMs ./../../modules/audio_coding/neteq/decision_logic.cc:466:35 #1 0x5591400a52ef in webrtc::DecisionLogic::ExpectedPacketAvailable(webrtc::NetEqController::NetEqStatus) ./../../modules/audio_coding/neteq/decision_logic.cc:311:36 #2 0x5591400a39e9 in webrtc::DecisionLogic::GetDecision(webrtc::NetEqController::NetEqStatus const&, bool*) ./../../modules/audio_coding/neteq/decision_logic.cc:0:0 #3 0x55913cf590c9 in webrtc::DecisionLogicTest_PreemptiveExpand_Test::TestBody() ./../../modules/audio_coding/neteq/decision_logic_unittest.cc:139:3 #4 0x55913ef28283 in HandleExceptionsInMethodIfSupported<testing::Test, void> ./../../third_party/googletest/src/googletest/src/gtest.cc:0:3 #5 0x55913ef28283 in testing::Test::Run() ./../../third_party/googletest/src/googletest/src/gtest.cc:2710:5 #6 0x55913ef2ab46 in testing::TestInfo::Run() ./../../third_party/googletest/src/googletest/src/gtest.cc:2856:11 #7 0x55913ef2da34 in testing::TestSuite::Run() ./../../third_party/googletest/src/googletest/src/gtest.cc:3034:30 #8 0x55913ef621e8 in testing::internal::UnitTestImpl::RunAllTests() ./../../third_party/googletest/src/googletest/src/gtest.cc:5964:44 #9 0x55913ef60f54 in HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool> ./../../third_party/googletest/src/googletest/src/gtest.cc:0:0 #10 0x55913ef60f54 in testing::UnitTest::Run() ./../../third_party/googletest/src/googletest/src/gtest.cc:5543:10 #11 0x55913ee1a944 in RUN_ALL_TESTS ./../../third_party/googletest/src/googletest/include/gtest/gtest.h:2334:73 #12 0x55913ee1a944 in webrtc::(anonymous namespace)::TestMainImpl::Run(int, char**) ./../../test/test_main_lib.cc:203:21 #13 0x55913cbd36b8 in main ./../../test/test_main.cc:72:16 #14 0x7fdb18c73082 in __libc_start_main /build/glibc-LcI20x/glibc-2.31/csu/../csu/libc-start.c:308:16 #15 0x55913cb3e1a9 in _start ??:0:0 ``` [1] - https://webrtc-review.googlesource.com/c/src/+/353620 Bug: b/344970813 Change-Id: I9b5d7791e68b4c494168ba9f007a3099ae21fed4 Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/353581 Auto-Submit: Mirko Bonadei <mbonadei@webrtc.org> Reviewed-by: Jakob Ivarsson‎ <jakobi@webrtc.org> Commit-Queue: Jakob Ivarsson‎ <jakobi@webrtc.org> Cr-Commit-Position: refs/heads/main@{#42433}

Mike Hoye added 2 commits February 24, 2014 12:18

Adding a very basic find-a-reviewer tool to Mach, as well as a

f67e975

tools/community folder as a home for future community-assistance. tools. - mhoye

This looks like a minimum working product to me.

5dc031a

TODO: Detect patches that span modules, warn about them. - mhoye

mhoye closed this Mar 3, 2014

rainemak pushed a commit to rainemak/gecko-dev-mirror that referenced this pull request Apr 9, 2014

Merge pull request mozilla#11 from tmeshkova/fix-sync-msg

93c640e

Override TabChildHelper::DoSendBlockingMessage()

martinthomson added a commit to martinthomson/gecko-dev that referenced this pull request Sep 17, 2014

Merge pull request mozilla#11 from adamroach/multistream

0d46ad5

Checkpoing

walac pushed a commit to walac/gecko-dev that referenced this pull request Nov 3, 2014

Merge pull request mozilla#11 from lightsofapollo/revert-10-use_worke…

8141891

…r_user Revert "Use worker for build tasks"

rainemak pushed a commit to rainemak/gecko-dev-mirror that referenced this pull request May 20, 2015

[xulrunner] JB#27561. Merge pull request mozilla#11 from rainemak/dra…

195201c

…wWindowOverlay Draw window overlay

weilonge pushed a commit to weilonge/gecko-dev that referenced this pull request Nov 10, 2015

Merge pull request mozilla#11 from MozCloudStorage/cloudstorage

723d0fb

Read operation implementation

JuniorHsu pushed a commit to JuniorHsu/gecko-dev that referenced this pull request Jun 1, 2016

Merge pull request mozilla#11 from mozilla-b2g/revert-10-bug1234128

a13bc21

Revert "Bug1234128"

dpino mentioned this pull request Nov 3, 2017

A Window object cannot pass a SharedArrayBuffer to a ServiceWorker #133

Closed

bvaughn pushed a commit to bvaughn/gecko-dev that referenced this pull request Apr 5, 2022

Don't perform external calls in middleman, fixes mozilla#11

cd5cf44

luyahan pushed a commit to luyahan/gecko-dev that referenced this pull request Aug 25, 2022

Adding RiscV64 for JIT (mozilla#11)

8a2ef86

* Adding RiscV64 for JIT * fix some compile's problem Co-authored-by: gaojije <gaojije@nfschina.com> Co-authored-by: gaojie <gaojie123>

moz-v2v-gh pushed a commit that referenced this pull request Apr 25, 2023

Bug 1829197 - Add support for deleting PKCS #11 modules via policy. r…

d8e47b1

…=keeler,fluent-reviewers,flod Differential Revision: https://phabricator.services.mozilla.com/D176078

moz-v2v-gh pushed a commit that referenced this pull request May 15, 2023

Bug 1829197 - Add support for deleting PKCS #11 modules via policy. r…

6164cad

…=keeler,fluent-reviewers,flod a=RyanVM

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Ok merging. #11

Ok merging. #11

mhoye commented Mar 3, 2014

Ok merging. #11

Ok merging. #11

Conversation

mhoye commented Mar 3, 2014