3 files changed, 117 insertions, 3 deletions
diff --git a/meta-oe/recipes-extended/polkit/polkit/0002-jsauthority-port-to-mozjs-91.patch b/meta-oe/recipes-extended/polkit/polkit/0002-jsauthority-port-to-mozjs-91.patch
new file mode 100644
index 0000000000..5b3660da2f
--- /dev/null
+++ b/meta-oe/recipes-extended/polkit/polkit/0002-jsauthority-port-to-mozjs-91.patch
@@ -0,0 +1,38 @@
+From 4ce27b66bb07b72cb96d3d43a75108a5a6e7e156 Mon Sep 17 00:00:00 2001
+From: Xi Ruoyao <xry111@mengyan1223.wang>
+Date: Tue, 10 Aug 2021 19:09:42 +0800
+Subject: [PATCH] jsauthority: port to mozjs-91
+Upstream-Status: Submitted [https://gitlab.freedesktop.org/polkit/polkit/-/merge_requests/92]
+Signed-off-by: Alexander Kanavin <alex@linutronix.de>
+---
+ configure.ac | 2 +-
+ meson.build  | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+diff --git a/configure.ac b/configure.ac
+index d807086..5a7fc11 100644
+--- a/configure.ac
+++ b/configure.ac
+@@ -80,7 +80,7 @@ PKG_CHECK_MODULES(GLIB, [gmodule-2.0 gio-unix-2.0 >= 2.30.0])
+ AC_SUBST(GLIB_CFLAGS)
+ AC_SUBST(GLIB_LIBS)
+ 
+-PKG_CHECK_MODULES(LIBJS, [mozjs-78])
+PKG_CHECK_MODULES(LIBJS, [mozjs-91])
+ 
+ AC_SUBST(LIBJS_CFLAGS)
+ AC_SUBST(LIBJS_CXXFLAGS)
+diff --git a/meson.build b/meson.build
+index b3702be..733bbff 100644
+--- a/meson.build
+++ b/meson.build
+@@ -126,7 +126,7 @@ expat_dep = dependency('expat')
+ assert(cc.has_header('expat.h', dependencies: expat_dep), 'Can\'t find expat.h. Please install expat.')
+ assert(cc.has_function('XML_ParserCreate', dependencies: expat_dep), 'Can\'t find expat library. Please install expat.')
+ 
+-mozjs_dep = dependency('mozjs-78')
+mozjs_dep = dependency('mozjs-91')
+ 
+ dbus_dep = dependency('dbus-1')
+ dbus_confdir = dbus_dep.get_pkgconfig_variable('datadir', define_variable: ['datadir', pk_prefix / pk_datadir])   #changed from sysconfdir with respect to commit#8eada3836465838
diff --git a/meta-oe/recipes-extended/polkit/polkit/0003-jsauthority-ensure-to-call-JS_Init-and-JS_ShutDown-e.patch b/meta-oe/recipes-extended/polkit/polkit/0003-jsauthority-ensure-to-call-JS_Init-and-JS_ShutDown-e.patch
new file mode 100644
index 0000000000..9e9755e44f
--- /dev/null
+++ b/meta-oe/recipes-extended/polkit/polkit/0003-jsauthority-ensure-to-call-JS_Init-and-JS_ShutDown-e.patch
@@ -0,0 +1,63 @@
+From 7799441b9aa55324160deefbc65f9d918b8c94c1 Mon Sep 17 00:00:00 2001
+From: Xi Ruoyao <xry111@mengyan1223.wang>
+Date: Tue, 10 Aug 2021 18:52:56 +0800
+Subject: [PATCH] jsauthority: ensure to call JS_Init() and JS_ShutDown()
+ exactly once
+Before this commit, we were calling JS_Init() in
+polkit_backend_js_authority_class_init and never called JS_ShutDown.
+This is actually a misusage of SpiderMonkey API.  Quote from a comment
+in js/Initialization.h (both mozjs-78 and mozjs-91):
+    It is currently not possible to initialize SpiderMonkey multiple
+    times (that is, calling JS_Init/JSAPI methods/JS_ShutDown in that
+    order, then doing so again).
+This misusage does not cause severe issues with mozjs-78.  However, when
+we eventually port jsauthority to use mozjs-91, bad thing will happen:
+see the test failure mentioned in #150.
+This commit is tested with both mozjs-78 and mozjs-91, all tests pass
+with it.
+Upstream-Status: Submitted [https://gitlab.freedesktop.org/polkit/polkit/-/merge_requests/91]
+Signed-off-by: Alexander Kanavin <alex@linutronix.de>
+---
+ src/polkitbackend/polkitbackendjsauthority.cpp | 10 +++++++---
+ 1 file changed, 7 insertions(+), 3 deletions(-)
+diff --git a/src/polkitbackend/polkitbackendjsauthority.cpp b/src/polkitbackend/polkitbackendjsauthority.cpp
+index 41d8d5c..38dc001 100644
+--- a/src/polkitbackend/polkitbackendjsauthority.cpp
+++ b/src/polkitbackend/polkitbackendjsauthority.cpp
+@@ -75,6 +75,13 @@
+ 
+ /* ---------------------------------------------------------------------------------------------------- */
+ 
+static class JsInitHelperType
+{
+public:
+       JsInitHelperType() { JS_Init(); }
+       ~JsInitHelperType() { JS_ShutDown(); }
+} JsInitHelper;
+
+ struct _PolkitBackendJsAuthorityPrivate
+ {
+   gchar **rules_dirs;
+@@ -589,7 +596,6 @@ polkit_backend_js_authority_finalize (GObject *object)
+   delete authority->priv->js_polkit;
+ 
+   JS_DestroyContext (authority->priv->cx);
+-  /* JS_ShutDown (); */
+ 
+   G_OBJECT_CLASS (polkit_backend_js_authority_parent_class)->finalize (object);
+ }
+@@ -665,8 +671,6 @@ polkit_backend_js_authority_class_init (PolkitBackendJsAuthorityClass *klass)
+ 
+ 
+   g_type_class_add_private (klass, sizeof (PolkitBackendJsAuthorityPrivate));
+-
+-  JS_Init ();
+ }
+ 
+ /* ---------------------------------------------------------------------------------------------------- */
diff --git a/meta-oe/recipes-extended/polkit/polkit_0.119.bb b/meta-oe/recipes-extended/polkit/polkit_0.119.bb
index 66bbf735f0..bf160053d9 100644
--- a/meta-oe/recipes-extended/polkit/polkit_0.119.bb
+++ b/meta-oe/recipes-extended/polkit/polkit_0.119.bb
@@ -5,7 +5,7 @@ LICENSE = "LGPL-2.0-or-later"
 LIC_FILES_CHKSUM = "file://COPYING;md5=155db86cdbafa7532b41f390409283eb \
                    file://src/polkit/polkit.h;beginline=1;endline=20;md5=0a8630b0133176d0504c87a0ded39db4"
-DEPENDS = "expat glib-2.0 intltool-native duktape"
+DEPENDS = "expat glib-2.0 intltool-native"
 inherit autotools gtk-doc pkgconfig useradd systemd gobject-introspection features_check
@@ -14,6 +14,7 @@ REQUIRED_DISTRO_FEATURES = "polkit"
 PACKAGECONFIG = "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)} \
                 ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd', \
                    bb.utils.contains('DISTRO_FEATURES', 'x11', 'consolekit', '', d), d)} \
+                 mozjs \
                "
 PACKAGECONFIG[pam] = "--with-authfw=pam,--with-authfw=shadow,libpam,libpam"
@@ -21,20 +22,32 @@ PACKAGECONFIG[systemd] = "--enable-libsystemd-login=yes --with-systemdsystemunit
 # there is no --enable/--disable option for consolekit and it's not picked by shlibs, so add it to RDEPENDS
 PACKAGECONFIG[consolekit] = ",,,consolekit"
+# Default to mozjs javascript library
+PACKAGECONFIG[mozjs] = ",,mozjs-91,,,duktape"
+# duktape javascript engine is much smaller and faster but is not compatible with
+# same javascript standards as mozjs. For example array.includes() function is not
+# supported. Test rule compatibility when switching to duktape.
+PACKAGECONFIG[duktape] = "--with-duktape,,duktape,,,mozjs"
+MOZJS_PATCHES = "\
+    file://0002-jsauthority-port-to-mozjs-91.patch \
+    file://0003-jsauthority-ensure-to-call-JS_Init-and-JS_ShutDown-e.patch \
+"
+DUKTAPE_PATCHES = "file://0003-Added-support-for-duktape-as-JS-engine.patch"
 PAM_SRC_URI = "file://polkit-1_pam.patch"
 SRC_URI = "http://www.freedesktop.org/software/polkit/releases/polkit-${PV}.tar.gz \
           ${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} \
+           ${@bb.utils.contains('PACKAGECONFIG', 'mozjs', '${MOZJS_PATCHES}', '', d)} \
+           ${@bb.utils.contains('PACKAGECONFIG', 'duktape', '${DUKTAPE_PATCHES}', '', d)} \
           file://0003-make-netgroup-support-optional.patch \
           file://0001-pkexec-local-privilege-escalation-CVE-2021-4034.patch \
           file://0002-CVE-2021-4115-GHSL-2021-077-fix.patch \
-           file://0003-Added-support-for-duktape-as-JS-engine.patch \
           "
 SRC_URI[sha256sum] = "c8579fdb86e94295404211285fee0722ad04893f0213e571bd75c00972fd1f5c"
 EXTRA_OECONF = "--with-os-type=moblin \
                --disable-man-pages \
                --disable-libelogind \
-                --with-duktape \
               "
 do_configure:prepend () {

diff --git a/meta-oe/recipes-extended/polkit/polkit/0002-jsauthority-port-to-mozjs-91.patch b/meta-oe/recipes-extended/polkit/polkit/0002-jsauthority-port-to-mozjs-91.patch new file mode 100644 index 0000000000..5b3660da2f --- /dev/null +++ b/meta-oe/recipes-extended/polkit/polkit/0002-jsauthority-port-to-mozjs-91.patch
@@ -0,0 +1,38 @@
		1	From 4ce27b66bb07b72cb96d3d43a75108a5a6e7e156 Mon Sep 17 00:00:00 2001
		2	From: Xi Ruoyao <xry111@mengyan1223.wang>
		3	Date: Tue, 10 Aug 2021 19:09:42 +0800
		4	Subject: [PATCH] jsauthority: port to mozjs-91
		5
		6	Upstream-Status: Submitted [https://gitlab.freedesktop.org/polkit/polkit/-/merge_requests/92]
		7	Signed-off-by: Alexander Kanavin <alex@linutronix.de>
		8	---
		9	configure.ac \| 2 +-
		10	meson.build \| 2 +-
		11	2 files changed, 2 insertions(+), 2 deletions(-)
		12
		13	diff --git a/configure.ac b/configure.ac
		14	index d807086..5a7fc11 100644
		15	--- a/configure.ac
		16	+++ b/configure.ac
		17	@@ -80,7 +80,7 @@ PKG_CHECK_MODULES(GLIB, [gmodule-2.0 gio-unix-2.0 >= 2.30.0])
		18	AC_SUBST(GLIB_CFLAGS)
		19	AC_SUBST(GLIB_LIBS)
		20
		21	-PKG_CHECK_MODULES(LIBJS, [mozjs-78])
		22	+PKG_CHECK_MODULES(LIBJS, [mozjs-91])
		23
		24	AC_SUBST(LIBJS_CFLAGS)
		25	AC_SUBST(LIBJS_CXXFLAGS)
		26	diff --git a/meson.build b/meson.build
		27	index b3702be..733bbff 100644
		28	--- a/meson.build
		29	+++ b/meson.build
		30	@@ -126,7 +126,7 @@ expat_dep = dependency('expat')
		31	assert(cc.has_header('expat.h', dependencies: expat_dep), 'Can\'t find expat.h. Please install expat.')
		32	assert(cc.has_function('XML_ParserCreate', dependencies: expat_dep), 'Can\'t find expat library. Please install expat.')
		33
		34	-mozjs_dep = dependency('mozjs-78')
		35	+mozjs_dep = dependency('mozjs-91')
		36
		37	dbus_dep = dependency('dbus-1')
		38	dbus_confdir = dbus_dep.get_pkgconfig_variable('datadir', define_variable: ['datadir', pk_prefix / pk_datadir]) #changed from sysconfdir with respect to commit#8eada3836465838


diff --git a/meta-oe/recipes-extended/polkit/polkit/0003-jsauthority-ensure-to-call-JS_Init-and-JS_ShutDown-e.patch b/meta-oe/recipes-extended/polkit/polkit/0003-jsauthority-ensure-to-call-JS_Init-and-JS_ShutDown-e.patch new file mode 100644 index 0000000000..9e9755e44f --- /dev/null +++ b/meta-oe/recipes-extended/polkit/polkit/0003-jsauthority-ensure-to-call-JS_Init-and-JS_ShutDown-e.patch
@@ -0,0 +1,63 @@
		1	From 7799441b9aa55324160deefbc65f9d918b8c94c1 Mon Sep 17 00:00:00 2001
		2	From: Xi Ruoyao <xry111@mengyan1223.wang>
		3	Date: Tue, 10 Aug 2021 18:52:56 +0800
		4	Subject: [PATCH] jsauthority: ensure to call JS_Init() and JS_ShutDown()
		5	exactly once
		6
		7	Before this commit, we were calling JS_Init() in
		8	polkit_backend_js_authority_class_init and never called JS_ShutDown.
		9	This is actually a misusage of SpiderMonkey API. Quote from a comment
		10	in js/Initialization.h (both mozjs-78 and mozjs-91):
		11
		12	It is currently not possible to initialize SpiderMonkey multiple
		13	times (that is, calling JS_Init/JSAPI methods/JS_ShutDown in that
		14	order, then doing so again).
		15
		16	This misusage does not cause severe issues with mozjs-78. However, when
		17	we eventually port jsauthority to use mozjs-91, bad thing will happen:
		18	see the test failure mentioned in #150.
		19
		20	This commit is tested with both mozjs-78 and mozjs-91, all tests pass
		21	with it.
		22
		23	Upstream-Status: Submitted [https://gitlab.freedesktop.org/polkit/polkit/-/merge_requests/91]
		24	Signed-off-by: Alexander Kanavin <alex@linutronix.de>
		25	---
		26	src/polkitbackend/polkitbackendjsauthority.cpp \| 10 +++++++---
		27	1 file changed, 7 insertions(+), 3 deletions(-)
		28
		29	diff --git a/src/polkitbackend/polkitbackendjsauthority.cpp b/src/polkitbackend/polkitbackendjsauthority.cpp
		30	index 41d8d5c..38dc001 100644
		31	--- a/src/polkitbackend/polkitbackendjsauthority.cpp
		32	+++ b/src/polkitbackend/polkitbackendjsauthority.cpp
		33	@@ -75,6 +75,13 @@
		34
		35	/* ---------------------------------------------------------------------------------------------------- */
		36
		37	+static class JsInitHelperType
		38	+{
		39	+public:
		40	+ JsInitHelperType() { JS_Init(); }
		41	+ ~JsInitHelperType() { JS_ShutDown(); }
		42	+} JsInitHelper;
		43	+
		44	struct _PolkitBackendJsAuthorityPrivate
		45	{
		46	gchar **rules_dirs;
		47	@@ -589,7 +596,6 @@ polkit_backend_js_authority_finalize (GObject *object)
		48	delete authority->priv->js_polkit;
		49
		50	JS_DestroyContext (authority->priv->cx);
		51	- /* JS_ShutDown (); */
		52
		53	G_OBJECT_CLASS (polkit_backend_js_authority_parent_class)->finalize (object);
		54	}
		55	@@ -665,8 +671,6 @@ polkit_backend_js_authority_class_init (PolkitBackendJsAuthorityClass *klass)
		56
		57
		58	g_type_class_add_private (klass, sizeof (PolkitBackendJsAuthorityPrivate));
		59	-
		60	- JS_Init ();
		61	}
		62
		63	/* ---------------------------------------------------------------------------------------------------- */


diff --git a/meta-oe/recipes-extended/polkit/polkit_0.119.bb b/meta-oe/recipes-extended/polkit/polkit_0.119.bb index 66bbf735f0..bf160053d9 100644 --- a/meta-oe/recipes-extended/polkit/polkit_0.119.bb +++ b/meta-oe/recipes-extended/polkit/polkit_0.119.bb
@@ -5,7 +5,7 @@ LICENSE = "LGPL-2.0-or-later"
5	LIC_FILES_CHKSUM = "file://COPYING;md5=155db86cdbafa7532b41f390409283eb \	5	LIC_FILES_CHKSUM = "file://COPYING;md5=155db86cdbafa7532b41f390409283eb \
6	file://src/polkit/polkit.h;beginline=1;endline=20;md5=0a8630b0133176d0504c87a0ded39db4"	6	file://src/polkit/polkit.h;beginline=1;endline=20;md5=0a8630b0133176d0504c87a0ded39db4"
7		7
8	DEPENDS = "expat glib-2.0 intltool-native duktape"	8	DEPENDS = "expat glib-2.0 intltool-native"
9		9
10	inherit autotools gtk-doc pkgconfig useradd systemd gobject-introspection features_check	10	inherit autotools gtk-doc pkgconfig useradd systemd gobject-introspection features_check
11		11
@@ -14,6 +14,7 @@ REQUIRED_DISTRO_FEATURES = "polkit"
14	PACKAGECONFIG = "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)} \	14	PACKAGECONFIG = "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)} \
15	${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd', \	15	${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd', \
16	bb.utils.contains('DISTRO_FEATURES', 'x11', 'consolekit', '', d), d)} \	16	bb.utils.contains('DISTRO_FEATURES', 'x11', 'consolekit', '', d), d)} \
		17	mozjs \
17	"	18	"
18		19
19	PACKAGECONFIG[pam] = "--with-authfw=pam,--with-authfw=shadow,libpam,libpam"	20	PACKAGECONFIG[pam] = "--with-authfw=pam,--with-authfw=shadow,libpam,libpam"
@@ -21,20 +22,32 @@ PACKAGECONFIG[systemd] = "--enable-libsystemd-login=yes --with-systemdsystemunit
21	# there is no --enable/--disable option for consolekit and it's not picked by shlibs, so add it to RDEPENDS	22	# there is no --enable/--disable option for consolekit and it's not picked by shlibs, so add it to RDEPENDS
22	PACKAGECONFIG[consolekit] = ",,,consolekit"	23	PACKAGECONFIG[consolekit] = ",,,consolekit"
23		24
		25	# Default to mozjs javascript library
		26	PACKAGECONFIG[mozjs] = ",,mozjs-91,,,duktape"
		27	# duktape javascript engine is much smaller and faster but is not compatible with
		28	# same javascript standards as mozjs. For example array.includes() function is not
		29	# supported. Test rule compatibility when switching to duktape.
		30	PACKAGECONFIG[duktape] = "--with-duktape,,duktape,,,mozjs"
		31
		32	MOZJS_PATCHES = "\
		33	file://0002-jsauthority-port-to-mozjs-91.patch \
		34	file://0003-jsauthority-ensure-to-call-JS_Init-and-JS_ShutDown-e.patch \
		35	"
		36	DUKTAPE_PATCHES = "file://0003-Added-support-for-duktape-as-JS-engine.patch"
24	PAM_SRC_URI = "file://polkit-1_pam.patch"	37	PAM_SRC_URI = "file://polkit-1_pam.patch"
25	SRC_URI = "http://www.freedesktop.org/software/polkit/releases/polkit-${PV}.tar.gz \	38	SRC_URI = "http://www.freedesktop.org/software/polkit/releases/polkit-${PV}.tar.gz \
26	${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} \	39	${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} \
		40	${@bb.utils.contains('PACKAGECONFIG', 'mozjs', '${MOZJS_PATCHES}', '', d)} \
		41	${@bb.utils.contains('PACKAGECONFIG', 'duktape', '${DUKTAPE_PATCHES}', '', d)} \
27	file://0003-make-netgroup-support-optional.patch \	42	file://0003-make-netgroup-support-optional.patch \
28	file://0001-pkexec-local-privilege-escalation-CVE-2021-4034.patch \	43	file://0001-pkexec-local-privilege-escalation-CVE-2021-4034.patch \
29	file://0002-CVE-2021-4115-GHSL-2021-077-fix.patch \	44	file://0002-CVE-2021-4115-GHSL-2021-077-fix.patch \
30	file://0003-Added-support-for-duktape-as-JS-engine.patch \
31	"	45	"
32	SRC_URI[sha256sum] = "c8579fdb86e94295404211285fee0722ad04893f0213e571bd75c00972fd1f5c"	46	SRC_URI[sha256sum] = "c8579fdb86e94295404211285fee0722ad04893f0213e571bd75c00972fd1f5c"
33		47
34	EXTRA_OECONF = "--with-os-type=moblin \	48	EXTRA_OECONF = "--with-os-type=moblin \
35	--disable-man-pages \	49	--disable-man-pages \
36	--disable-libelogind \	50	--disable-libelogind \
37	--with-duktape \
38	"	51	"
39		52
40	do_configure:prepend () {	53	do_configure:prepend () {