From c8fd216d5f4f3e3c8ba5ca6045a81d0e4f8418ae Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Linus=20F=C3=A4rnstrand?= Date: Wed, 3 Jan 2024 14:44:08 +0100 Subject: [PATCH 1/6] Bump the Linux build container to 1b882ccbc --- building/linux-container-image.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/building/linux-container-image.txt b/building/linux-container-image.txt index b94b251735e6..f9109d941470 100644 --- a/building/linux-container-image.txt +++ b/building/linux-container-image.txt @@ -1 +1 @@ -ghcr.io/mullvad/mullvadvpn-app-build:4986f0398 +ghcr.io/mullvad/mullvadvpn-app-build:1b882ccbc From 4ae9696d810b932f5d1c974f350c96bcc6001576 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Linus=20F=C3=A4rnstrand?= Date: Wed, 3 Jan 2024 14:40:43 +0100 Subject: [PATCH 2/6] Update container build instructions to include deploy key command --- building/README.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/building/README.md b/building/README.md index 505c47f78030..856b18a690a9 100644 --- a/building/README.md +++ b/building/README.md @@ -29,8 +29,11 @@ Build and publish the container image. Tag it with the github hash of the curren This also adds the container GPG signatures to the sigstore and commits that to git. The single sigstore addition (signed) commit can be pushed directly to the main branch without PR. ``` +# Builds a new container image, pushes it to the registry, signs it and commits the signatures in git ./build-and-publish-container-image.sh (linux|android) -git push # Pushes the new sigstore entry + +# Pushes the new sigstore entry +GIT_SSH_COMMAND="ssh -i /path/to/deploy-key" git push ``` When satisfied with how the new image works, the `building/{linux,android}-container-image.txt` From 001d7718bd3fcb7d4ba3d36b6203b52145439e5d Mon Sep 17 00:00:00 2001 From: Jonatan Rhodin Date: Wed, 3 Jan 2024 23:17:27 +0100 Subject: [PATCH 3/6] Bump the Android build container to 169361256 --- building/android-container-image.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/building/android-container-image.txt b/building/android-container-image.txt index 70b6fed39fab..87fdd82c32aa 100644 --- a/building/android-container-image.txt +++ b/building/android-container-image.txt @@ -1 +1 @@ -ghcr.io/mullvad/mullvadvpn-app-build-android:9504b914a +ghcr.io/mullvad/mullvadvpn-app-build-android:169361256 From b6d20f05f33ae3a7896ff912c6e921938fe1c9f7 Mon Sep 17 00:00:00 2001 From: Jonatan Rhodin Date: Wed, 3 Jan 2024 23:20:03 +0100 Subject: [PATCH 4/6] Update go version to 1.21.3 in the github workflow --- .github/workflows/daemon.yml | 2 +- .github/workflows/desktop-e2e.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/daemon.yml b/.github/workflows/daemon.yml index 6112f30fe8f3..3293e028791e 100644 --- a/.github/workflows/daemon.yml +++ b/.github/workflows/daemon.yml @@ -100,7 +100,7 @@ jobs: - name: Install Go uses: actions/setup-go@v3 with: - go-version: 1.18.5 + go-version: 1.21.3 - name: Build and test crates run: ./ci/check-rust.sh diff --git a/.github/workflows/desktop-e2e.yml b/.github/workflows/desktop-e2e.yml index 8594ae32bf0d..3a42bb9b3c97 100644 --- a/.github/workflows/desktop-e2e.yml +++ b/.github/workflows/desktop-e2e.yml @@ -234,7 +234,7 @@ jobs: - name: Install Go uses: actions/setup-go@v3 with: - go-version: 1.18.5 + go-version: 1.21.3 - name: Install Protoc uses: arduino/setup-protoc@v2 with: From e1b8bb721328ae8d44ec44f13a29eddc038eaa89 Mon Sep 17 00:00:00 2001 From: Jonatan Rhodin Date: Wed, 3 Jan 2024 23:22:55 +0100 Subject: [PATCH 5/6] Update go version to 1.21.3 in fdroid-build --- android/fdroid-build/init.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/android/fdroid-build/init.sh b/android/fdroid-build/init.sh index f8d498e10c81..4d5cf8ce35cc 100755 --- a/android/fdroid-build/init.sh +++ b/android/fdroid-build/init.sh @@ -20,9 +20,9 @@ rustup target add \ armv7-linux-androideabi # Install golang -GOLANG_VERSION="1.18.5" +GOLANG_VERSION="1.21.3" # Checksum from: https://golang.org/dl/ -GOLANG_HASH="9e5de37f9c49942c601b191ac5fba404b868bfc21d446d6960acc12283d6e5f2" +GOLANG_HASH="1241381b2843fae5a9707eec1f8fb2ef94d827990582c7c7c32f5bdfbfd420c8" cd "$HOME" curl -sf -L -o go.tgz https://go.dev/dl/go${GOLANG_VERSION}.linux-amd64.tar.gz echo "$GOLANG_HASH go.tgz" | sha256sum -c From bcd26bc22cef5ad004848563f1ff06f904e331b0 Mon Sep 17 00:00:00 2001 From: Jonatan Rhodin Date: Wed, 3 Jan 2024 23:24:56 +0100 Subject: [PATCH 6/6] Update wireguard go version to 20230223181233 --- wireguard/libwg/Android.mk | 2 +- wireguard/libwg/go.mod | 6 +- wireguard/libwg/go.sum | 8 +- .../goruntime-boottime-over-monotonic.diff | 80 +++++++++++-------- 4 files changed, 53 insertions(+), 43 deletions(-) diff --git a/wireguard/libwg/Android.mk b/wireguard/libwg/Android.mk index 54fd160db876..acf2f6fe88c1 100644 --- a/wireguard/libwg/Android.mk +++ b/wireguard/libwg/Android.mk @@ -22,7 +22,7 @@ default: $(DESTDIR)/libwg.so GOBUILDARCH := $(NDK_GO_ARCH_MAP_$(shell uname -m)) GOBUILDOS := $(shell uname -s | tr '[:upper:]' '[:lower:]') -GOBUILDVERSION := 1.18.5 +GOBUILDVERSION := 1.21.3 # TODO: Add checksum? GOBUILDTARBALL := https://go.dev/dl/go$(GOBUILDVERSION).$(GOBUILDOS)-$(GOBUILDARCH).tar.gz GOBUILDVERSION_NEEDED := go version go$(GOBUILDVERSION) $(GOBUILDOS)/$(GOBUILDARCH) diff --git a/wireguard/libwg/go.mod b/wireguard/libwg/go.mod index 63ca03adbfe6..a19c17af3a88 100644 --- a/wireguard/libwg/go.mod +++ b/wireguard/libwg/go.mod @@ -1,10 +1,10 @@ module github.com/mullvad/mullvadvpn-app/wireguard/libwg -go 1.18 +go 1.20 require ( - golang.org/x/sys v0.0.0-20220808155132-1c4a2a72c664 - golang.zx2c4.com/wireguard v0.0.0-20220703234212-c31a7b1ab478 + golang.org/x/sys v0.6.0 + golang.zx2c4.com/wireguard v0.0.0-20230223181233-21636207a675 ) require ( diff --git a/wireguard/libwg/go.sum b/wireguard/libwg/go.sum index b9afc6c3fca4..d129c587a59a 100644 --- a/wireguard/libwg/go.sum +++ b/wireguard/libwg/go.sum @@ -2,9 +2,9 @@ golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa h1:zuSxTR4o9y82ebqCUJYNGJ golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/net v0.0.0-20220809184613-07c6da5e1ced h1:3dYNDff0VT5xj+mbj2XucFst9WKk6PdGOrb9n+SbIvw= golang.org/x/net v0.0.0-20220809184613-07c6da5e1ced/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk= -golang.org/x/sys v0.0.0-20220808155132-1c4a2a72c664 h1:v1W7bwXHsnLLloWYTVEdvGvA7BHMeBYsPcF0GLDxIRs= -golang.org/x/sys v0.0.0-20220808155132-1c4a2a72c664/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.6.0 h1:MVltZSvRTcU2ljQOhs94SXPftV6DCNnZViHeQps87pQ= +golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.zx2c4.com/wintun v0.0.0-20211104114900-415007cec224 h1:Ug9qvr1myri/zFN6xL17LSCBGFDnphBBhzmILHsM5TY= golang.zx2c4.com/wintun v0.0.0-20211104114900-415007cec224/go.mod h1:deeaetjYA+DHMHg+sMSMI58GrEteJUUzzw7en6TJQcI= -golang.zx2c4.com/wireguard v0.0.0-20220703234212-c31a7b1ab478 h1:vDy//hdR+GnROE3OdYbQKt9rdtNdHkDtONvpRwmls/0= -golang.zx2c4.com/wireguard v0.0.0-20220703234212-c31a7b1ab478/go.mod h1:bVQfyl2sCM/QIIGHpWbFGfHPuDvqnCNkT6MQLTCjO/U= +golang.zx2c4.com/wireguard v0.0.0-20230223181233-21636207a675 h1:/J/RVnr7ng4fWPRH3xa4WtBJ1Jp+Auu4YNLmGiPv5QU= +golang.zx2c4.com/wireguard v0.0.0-20230223181233-21636207a675/go.mod h1:whfbyDBt09xhCYQWtO2+3UVjlaq6/9hDZrjg2ZE6SyA= diff --git a/wireguard/libwg/goruntime-boottime-over-monotonic.diff b/wireguard/libwg/goruntime-boottime-over-monotonic.diff index 5cbc2256749e..5d78242b139e 100644 --- a/wireguard/libwg/goruntime-boottime-over-monotonic.diff +++ b/wireguard/libwg/goruntime-boottime-over-monotonic.diff @@ -1,7 +1,8 @@ -From b83553d9f260ba20c6faaa52e6fe6f74309eb41a Mon Sep 17 00:00:00 2001 +From 61f3ae8298d1c503cbc31539e0f3a73446c7db9d Mon Sep 17 00:00:00 2001 From: "Jason A. Donenfeld" -Date: Mon, 22 Feb 2021 02:36:03 +0100 -Subject: [PATCH] runtime: use CLOCK_BOOTTIME in nanotime on Linux +Date: Tue, 21 Mar 2023 15:33:56 +0100 +Subject: [PATCH] [release-branch.go1.20] runtime: use CLOCK_BOOTTIME in + nanotime on Linux This makes timers account for having expired while a computer was asleep, which is quite common on mobile devices. Note that BOOTTIME is @@ -21,17 +22,17 @@ Change-Id: I7b2a6ca0c5bc5fce57ec0eeafe7b68270b429321 src/runtime/sys_linux_amd64.s | 2 +- src/runtime/sys_linux_arm.s | 4 ++-- src/runtime/sys_linux_arm64.s | 4 ++-- - src/runtime/sys_linux_mips64x.s | 2 +- + src/runtime/sys_linux_mips64x.s | 4 ++-- src/runtime/sys_linux_mipsx.s | 2 +- src/runtime/sys_linux_ppc64x.s | 2 +- src/runtime/sys_linux_s390x.s | 2 +- - 8 files changed, 11 insertions(+), 11 deletions(-) + 8 files changed, 12 insertions(+), 12 deletions(-) diff --git a/src/runtime/sys_linux_386.s b/src/runtime/sys_linux_386.s -index 1e3a834812..78b6021fc7 100644 +index 12a294153d..17e3524b40 100644 --- a/src/runtime/sys_linux_386.s +++ b/src/runtime/sys_linux_386.s -@@ -337,13 +337,13 @@ noswitch: +@@ -352,13 +352,13 @@ noswitch: LEAL 8(SP), BX // &ts (struct timespec) MOVL BX, 4(SP) @@ -48,10 +49,10 @@ index 1e3a834812..78b6021fc7 100644 INVOKE_SYSCALL diff --git a/src/runtime/sys_linux_amd64.s b/src/runtime/sys_linux_amd64.s -index 37cb8dad03..e8b730bcaa 100644 +index c7a89ba536..01f0a6a26e 100644 --- a/src/runtime/sys_linux_amd64.s +++ b/src/runtime/sys_linux_amd64.s -@@ -302,7 +302,7 @@ noswitch: +@@ -255,7 +255,7 @@ noswitch: SUBQ $16, SP // Space for results ANDQ $~15, SP // Align for C code @@ -61,7 +62,7 @@ index 37cb8dad03..e8b730bcaa 100644 MOVQ runtime·vdsoClockgettimeSym(SB), AX CMPQ AX, $0 diff --git a/src/runtime/sys_linux_arm.s b/src/runtime/sys_linux_arm.s -index 475f52344c..bb567abcf4 100644 +index 7b8c4f0e04..9798a1334e 100644 --- a/src/runtime/sys_linux_arm.s +++ b/src/runtime/sys_linux_arm.s @@ -11,7 +11,7 @@ @@ -73,20 +74,20 @@ index 475f52344c..bb567abcf4 100644 // for EABI, as we don't support OABI #define SYS_BASE 0x0 -@@ -366,7 +366,7 @@ noswitch: - SUB $24, R13 // Space for results - BIC $0x7, R13 // Align for C code +@@ -374,7 +374,7 @@ finish: + // func nanotime1() int64 + TEXT runtime·nanotime1(SB),NOSPLIT,$12-8 - MOVW $CLOCK_MONOTONIC, R0 + MOVW $CLOCK_BOOTTIME, R0 - MOVW $8(R13), R1 // timespec - MOVW runtime·vdsoClockgettimeSym(SB), R2 - CMP $0, R2 + MOVW $spec-12(SP), R1 // timespec + + MOVW runtime·vdsoClockgettimeSym(SB), R4 diff --git a/src/runtime/sys_linux_arm64.s b/src/runtime/sys_linux_arm64.s -index 198a5bacef..9715387f36 100644 +index 38ff6ac330..6b819c5441 100644 --- a/src/runtime/sys_linux_arm64.s +++ b/src/runtime/sys_linux_arm64.s -@@ -13,7 +13,7 @@ +@@ -14,7 +14,7 @@ #define AT_FDCWD -100 #define CLOCK_REALTIME 0 @@ -95,7 +96,7 @@ index 198a5bacef..9715387f36 100644 #define SYS_exit 93 #define SYS_read 63 -@@ -319,7 +319,7 @@ noswitch: +@@ -338,7 +338,7 @@ noswitch: BIC $15, R1 MOVD R1, RSP @@ -105,10 +106,10 @@ index 198a5bacef..9715387f36 100644 CBZ R2, fallback diff --git a/src/runtime/sys_linux_mips64x.s b/src/runtime/sys_linux_mips64x.s -index c3e9f37694..e3879acd38 100644 +index 47f2da524d..a8b387f193 100644 --- a/src/runtime/sys_linux_mips64x.s +++ b/src/runtime/sys_linux_mips64x.s -@@ -312,7 +312,7 @@ noswitch: +@@ -326,7 +326,7 @@ noswitch: AND $~15, R1 // Align for C code MOVV R1, R29 @@ -117,11 +118,20 @@ index c3e9f37694..e3879acd38 100644 MOVV $0(R29), R5 MOVV runtime·vdsoClockgettimeSym(SB), R25 +@@ -336,7 +336,7 @@ noswitch: + // see walltime for detail + BEQ R2, R0, finish + MOVV R0, runtime·vdsoClockgettimeSym(SB) +- MOVW $1, R4 // CLOCK_MONOTONIC ++ MOVW $7, R4 // CLOCK_BOOTTIME + MOVV $0(R29), R5 + JMP fallback + diff --git a/src/runtime/sys_linux_mipsx.s b/src/runtime/sys_linux_mipsx.s -index fab2ab3892..f9af103594 100644 +index 5e6b6c1504..7f5fd2a80e 100644 --- a/src/runtime/sys_linux_mipsx.s +++ b/src/runtime/sys_linux_mipsx.s -@@ -238,7 +238,7 @@ TEXT runtime·walltime1(SB),NOSPLIT,$8-12 +@@ -243,7 +243,7 @@ TEXT runtime·walltime(SB),NOSPLIT,$8-12 RET TEXT runtime·nanotime1(SB),NOSPLIT,$8-8 @@ -131,11 +141,11 @@ index fab2ab3892..f9af103594 100644 MOVW $SYS_clock_gettime, R2 SYSCALL diff --git a/src/runtime/sys_linux_ppc64x.s b/src/runtime/sys_linux_ppc64x.s -index fd69ee70a5..ff6bc8355b 100644 +index d0427a4807..05ee9fede9 100644 --- a/src/runtime/sys_linux_ppc64x.s +++ b/src/runtime/sys_linux_ppc64x.s -@@ -249,7 +249,7 @@ fallback: - JMP finish +@@ -298,7 +298,7 @@ fallback: + JMP return TEXT runtime·nanotime1(SB),NOSPLIT,$16-8 - MOVD $1, R3 // CLOCK_MONOTONIC @@ -144,18 +154,18 @@ index fd69ee70a5..ff6bc8355b 100644 MOVD R1, R15 // R15 is unchanged by C code MOVD g_m(g), R21 // R21 = m diff --git a/src/runtime/sys_linux_s390x.s b/src/runtime/sys_linux_s390x.s -index c15a1d5364..f52c4d5098 100644 +index 1448670b91..7d2ee3231c 100644 --- a/src/runtime/sys_linux_s390x.s +++ b/src/runtime/sys_linux_s390x.s -@@ -207,7 +207,7 @@ TEXT runtime·walltime1(SB),NOSPLIT,$16 +@@ -296,7 +296,7 @@ fallback: RET - TEXT runtime·nanotime1(SB),NOSPLIT,$16 -- MOVW $1, R2 // CLOCK_MONOTONIC -+ MOVW $7, R2 // CLOCK_BOOTTIME - MOVD $tp-16(SP), R3 - MOVW $SYS_clock_gettime, R1 - SYSCALL + TEXT runtime·nanotime1(SB),NOSPLIT,$32-8 +- MOVW $1, R2 // CLOCK_MONOTONIC ++ MOVW $7, R2 // CLOCK_BOOTTIME + + MOVD R15, R7 // Backup stack pointer + -- -2.30.1 +2.17.1