Cargo.toml
author Jed Davis <jld@mozilla.com>
Wed, 27 Feb 2019 20:14:54 +0000
changeset 519405 493b443954fe15f7b542ba14671f25e5f8531dff
parent 519310 d819234834aad12e3388ceb0b09dfb6c8cdd3da9
child 521645 c1e2b7779d6a13626b13bbb1916f8819756a19ff
permissions -rw-r--r--
Bug 1506291 - Add Linux sandboxing for the RDD (media decoder) process. r=gcp,mjf,flod The seccomp-bpf policy is currently just the "common" policy with no additions (but with the fixes in bug 1511560 to enable shared memory creation). The file broker policy allows shared memory creation and nothing else. The namespace setup is the same as for GMP (i.e., as restrictive as we currently can be). The sandbox can be turned off for troubleshooting by setting the environment variable MOZ_DISABLE_RDD_SANDBOX, similarly to the other process types. Tested against https://demo.bitmovin.com/public/firefox/av1/ with the necessary prefs set. Depends on D20895 Differential Revision: https://phabricator.services.mozilla.com/D14525

[workspace]

# These are the "root" crates, which we build and test as top-level targets.
# Their transitive dependencies and dev-dependencies are included automatically
# and do not need to be listed here. Their external dependencies are vendored
# into `third_party/rust` by `mach vendor rust`.
members = [
  "js/src",
  "js/src/rust",
  "js/src/wasm/cranelift",
  "js/rust",
  "js/src/frontend/binsource", # Code generator.
  "testing/geckodriver",
  "toolkit/crashreporter/rust",
  "toolkit/library/gtest/rust",
  "toolkit/library/rust/",
]

# Excluded crates may be built as dependencies, but won't be considered members
# of the workspace and their dev-dependencies won't be included.
exclude = [
  # Exclude third-party code vendored into mozilla-central.
  "servo",
  "third_party/rust",

  # Excluded because these crates have their own Cargo workspaces so they can't
  # be included in the top-level one.
  "gfx/wr",
  "media/audioipc",
  "media/cubeb-rs",

  # Excluded because they are used only as dependencies, not top-level targets,
  # so we don't need to vendor their dev-dependencies.
  "dom/webauthn/u2f-hid-rs",
  "gfx/webrender_bindings",
  "media/mp4parse-rust/mp4parse",
  "media/mp4parse-rust/mp4parse_capi",
  "media/mp4parse-rust/mp4parse_fallible",
  "xpcom/rust/gkrust_utils",
]

# Explicitly specify what our profiles use.  The opt-level setting here is
# a total fiction; see the setup of MOZ_RUST_DEFAULT_FLAGS for what the
# opt-level setting will be as a result of various other configure flags.
[profile.dev]
opt-level = 1
rpath = false
lto = false
debug-assertions = true
panic = "abort"

[profile.release]
opt-level = 2
rpath = false
debug-assertions = false
panic = "abort"
codegen-units = 1

[patch.crates-io]
libudev-sys = { path = "dom/webauthn/libudev-sys" }
serde_derive = { git = "https://github.com/servo/serde", branch = "deserialize_from_enums9" }
winapi = { git = "https://github.com/froydnj/winapi-rs", branch = "aarch64" }
cc = { git = "https://github.com/glandium/cc-rs", branch = "1.0.23-clang-cl-aarch64" }