Projects
openEuler:24.03:SP1:Everything
openjdk-1.8.0
_service:tar_scm:add-fix-lock_fd-no-close-and-i...
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:tar_scm:add-fix-lock_fd-no-close-and-improve-KAEProvider.patch of Package openjdk-1.8.0
From eb4284c06d643ec1204a922ccc06970331055bc4 Mon Sep 17 00:00:00 2001 Date: Thu, 21 Sep 2023 15:23:38 +0800 Subject: add fix-lock_fd-no-close-and-improve-KAEProvider --- hotspot/src/share/vm/memory/filemap.cpp | 21 +++++++++++++++++++ hotspot/src/share/vm/memory/filemap.hpp | 2 ++ .../src/share/vm/memory/metaspaceShared.cpp | 4 ++++ hotspot/src/share/vm/prims/unsafe.cpp | 1 + .../security/openssl/KAESM4Cipher.java | 6 ++++-- .../security/openssl/kae_keyagreement_dh.c | 6 ++++-- .../security/openssl/kae_keyagreement_ecdh.c | 7 ++++--- .../security/openssl/kae_symmetric_cipher.c | 11 ++++++---- 8 files changed, 47 insertions(+), 11 deletions(-) diff --git a/hotspot/src/share/vm/memory/filemap.cpp b/hotspot/src/share/vm/memory/filemap.cpp index 0d217078a..166fe2b80 100644 --- a/hotspot/src/share/vm/memory/filemap.cpp +++ b/hotspot/src/share/vm/memory/filemap.cpp @@ -181,6 +181,18 @@ FileMapInfo::~FileMapInfo() { _file_open = false; _fd = -1; } + + if (DumpSharedSpaces && UseAppCDS && AppCDSLockFile != NULL) { + // delete appcds.lock + if (_lock_file_open) { + if (::close(_lock_fd) < 0) { + fail_stop("Unable to close the lock file."); + } + _lock_file_open = false; + _lock_fd = -1; + } + remove(_appcds_file_lock_path); + } } void FileMapInfo::populate_header(size_t alignment) { @@ -606,6 +618,8 @@ void FileMapInfo::open_for_write() { "2. You have the permission.\n 3. Make sure no other process using the same lock file.\n"); fail_stop("Failed to create appcds lock file, the lock path is: %s.", _appcds_file_lock_path); } + _lock_fd = lock_fd; + _lock_file_open = true; tty->print_cr("You are using file lock %s in concurrent mode", AppCDSLockFile); } #endif @@ -772,6 +786,13 @@ void FileMapInfo::write_bytes_aligned(const void* buffer, int nbytes) { void FileMapInfo::close() { if (UseAppCDS && AppCDSLockFile != NULL) { + if (_lock_file_open) { + if (::close(_lock_fd) < 0) { + fail_stop("Unable to close the lock file."); + } + _lock_file_open = false; + _lock_fd = -1; + } // delete appcds.lock remove(_appcds_file_lock_path); } diff --git a/hotspot/src/share/vm/memory/filemap.hpp b/hotspot/src/share/vm/memory/filemap.hpp index debfb5049..f6cf43a64 100644 --- a/hotspot/src/share/vm/memory/filemap.hpp +++ b/hotspot/src/share/vm/memory/filemap.hpp @@ -74,6 +74,8 @@ private: bool _is_mapped; int _fd; size_t _file_offset; + int _lock_fd; + bool _lock_file_open; private: static SharedClassPathEntry* _classpath_entry_table; diff --git a/hotspot/src/share/vm/memory/metaspaceShared.cpp b/hotspot/src/share/vm/memory/metaspaceShared.cpp index e6bd39d85..eea79cc09 100644 --- a/hotspot/src/share/vm/memory/metaspaceShared.cpp +++ b/hotspot/src/share/vm/memory/metaspaceShared.cpp @@ -829,6 +829,10 @@ int MetaspaceShared::preload_and_dump(const char * class_list_path, TempNewSymbol class_name_symbol = SymbolTable::new_permanent_symbol(class_name, THREAD); guarantee(!HAS_PENDING_EXCEPTION, "Exception creating a symbol."); + // If preload_and_dump has anonymous class failed ,pls del this class_name in classlist + if (TraceClassLoading) { + tty->print_cr("preload_and_dump start: %s", class_name); + } Handle loader = UseAppCDS ? SystemDictionary::java_system_loader() : Handle(); Klass* klass = SystemDictionary::resolve_or_null(class_name_symbol, loader, diff --git a/hotspot/src/share/vm/prims/unsafe.cpp b/hotspot/src/share/vm/prims/unsafe.cpp index fa3e46782..d6c33dd33 100644 --- a/hotspot/src/share/vm/prims/unsafe.cpp +++ b/hotspot/src/share/vm/prims/unsafe.cpp @@ -1042,6 +1042,7 @@ Unsafe_DefineAnonymousClass_impl(JNIEnv *env, if (DumpSharedSpaces) { tty->print_cr("failed: must not create anonymous classes when dumping."); + tty->print_cr("Please delete the last class_name prefixed with \"preload_and_dump start\" from -XX:SharedClassListFile to avoid anonymous classes."); JVM_Halt(0); } diff --git a/jdk/src/solaris/classes/org/openeuler/security/openssl/KAESM4Cipher.java b/jdk/src/solaris/classes/org/openeuler/security/openssl/KAESM4Cipher.java index cca619e1a..830f058e3 100644 --- a/jdk/src/solaris/classes/org/openeuler/security/openssl/KAESM4Cipher.java +++ b/jdk/src/solaris/classes/org/openeuler/security/openssl/KAESM4Cipher.java @@ -356,8 +356,10 @@ abstract class KAESM4Cipher extends KAESymmetricCipherBase { throw new InvalidAlgorithmParameterException("Wrong IV length: iv is null "); } if (mode == Mode.CTR) { - if (ivBytes.length < 8) { - throw new InvalidAlgorithmParameterException("Wrong IV length: CTR mode requires IV of at least: 8 bytes."); + // For compatibility, SM4 CTR allows 8 < IV < blockSize, the remaining bytes will be filled with 0 in engineInit + if (ivBytes.length < 8 || ivBytes.length > blockSize) { + throw new InvalidAlgorithmParameterException("Wrong IV length: CTR mode requires IV of at least" + + "8 bytes, and no greater than " + blockSize + "bytes"); } return; } diff --git a/jdk/src/solaris/native/org/openeuler/security/openssl/kae_keyagreement_dh.c b/jdk/src/solaris/native/org/openeuler/security/openssl/kae_keyagreement_dh.c index d8d2ee7cb..74af15a51 100644 --- a/jdk/src/solaris/native/org/openeuler/security/openssl/kae_keyagreement_dh.c +++ b/jdk/src/solaris/native/org/openeuler/security/openssl/kae_keyagreement_dh.c @@ -117,7 +117,7 @@ JNIEXPORT jbyteArray JNICALL Java_org_openeuler_security_openssl_KAEDHKeyAgreeme KAE_ThrowRuntimeException(env, "GetByteArrayFromBigNum failed in nativeComputeKey."); goto cleanup; } - KAE_TRACE("Java_org_openeuler_security_openssl_KAEDHKeyAgreement_nativeGenerateSecret finished!"); + KAE_TRACE("Java_org_openeuler_security_openssl_KAEDHKeyAgreement_nativeComputeKey finished!"); cleanup: if (dh != NULL) @@ -130,8 +130,10 @@ cleanup: KAE_ReleaseBigNumFromByteArray(p_bn); if (g_bn != NULL) KAE_ReleaseBigNumFromByteArray(g_bn); - if (secret != NULL) + if (secret != NULL) { + memset(secret, 0, pSizeInByte); free(secret); + } if (computeKeyRetBn != NULL) BN_free(computeKeyRetBn); diff --git a/jdk/src/solaris/native/org/openeuler/security/openssl/kae_keyagreement_ecdh.c b/jdk/src/solaris/native/org/openeuler/security/openssl/kae_keyagreement_ecdh.c index 5fc4d68fd..877a915f0 100644 --- a/jdk/src/solaris/native/org/openeuler/security/openssl/kae_keyagreement_ecdh.c +++ b/jdk/src/solaris/native/org/openeuler/security/openssl/kae_keyagreement_ecdh.c @@ -30,7 +30,7 @@ #include "org_openeuler_security_openssl_KAEECDHKeyAgreement.h" static void FreeGenerateSecretParam(BIGNUM* s, BIGNUM* wX, BIGNUM* wY, - EC_POINT* pub, EC_KEY* eckey, EC_GROUP* group, unsigned char* shareKey) + EC_POINT* pub, EC_KEY* eckey, EC_GROUP* group, unsigned char* shareKey, int shareKeyLen) { KAE_ReleaseBigNumFromByteArray(s); KAE_ReleaseBigNumFromByteArray(wX); @@ -45,6 +45,7 @@ static void FreeGenerateSecretParam(BIGNUM* s, BIGNUM* wX, BIGNUM* wY, EC_GROUP_free(group); } if (shareKey != NULL) { + memset(shareKey, 0, shareKeyLen); free(shareKey); } } @@ -106,10 +107,10 @@ JNIEXPORT jbyteArray JNICALL Java_org_openeuler_security_openssl_KAEECDHKeyAgree goto cleanup; } (*env)->SetByteArrayRegion(env, javaBytes, 0, expectSecretLen, (jbyte*)shareKey); - FreeGenerateSecretParam(s, wX, wY, pub, eckey, group, shareKey); + FreeGenerateSecretParam(s, wX, wY, pub, eckey, group, shareKey, expectSecretLen); return javaBytes; cleanup: - FreeGenerateSecretParam(s, wX, wY, pub, eckey, group, shareKey); + FreeGenerateSecretParam(s, wX, wY, pub, eckey, group, shareKey, expectSecretLen); return NULL; } diff --git a/jdk/src/solaris/native/org/openeuler/security/openssl/kae_symmetric_cipher.c b/jdk/src/solaris/native/org/openeuler/security/openssl/kae_symmetric_cipher.c index 43f6326b2..ec8894f1a 100644 --- a/jdk/src/solaris/native/org/openeuler/security/openssl/kae_symmetric_cipher.c +++ b/jdk/src/solaris/native/org/openeuler/security/openssl/kae_symmetric_cipher.c @@ -119,13 +119,15 @@ static const EVP_CIPHER* EVPGetAesCipherByName(JNIEnv* env, const char* algo) } } -void FreeMemoryFromInit(JNIEnv* env, jbyteArray iv, jbyte* ivBytes, jbyteArray key, jbyte* keyBytes) +void FreeMemoryFromInit(JNIEnv* env, jbyteArray iv, jbyte* ivBytes, jbyteArray key, jbyte* keyBytes, + int keyLength) { if (ivBytes != NULL) { (*env)->ReleaseByteArrayElements(env, iv, ivBytes, 0); } if (keyBytes != NULL) { - (*env)->ReleaseByteArrayElements(env, key, keyBytes, 0); + memset(keyBytes, 0, keyLength); + (*env)->ReleaseByteArrayElements(env, key, keyBytes, JNI_ABORT); } } @@ -143,6 +145,7 @@ Java_org_openeuler_security_openssl_KAESymmetricCipherBase_nativeInit(JNIEnv* en jbyte* ivBytes = NULL; const EVP_CIPHER* cipher = NULL; ENGINE* kaeEngine = NULL; + int keyLength = (*env)->GetArrayLength(env, key); const char* algo = (*env)->GetStringUTFChars(env, cipherType, 0); if (StartsWith("aes", algo)) { @@ -180,14 +183,14 @@ Java_org_openeuler_security_openssl_KAESymmetricCipherBase_nativeInit(JNIEnv* en EVP_CIPHER_CTX_set_padding(ctx, padding ? 1 : 0); - FreeMemoryFromInit(env, iv, ivBytes, key, keyBytes); + FreeMemoryFromInit(env, iv, ivBytes, key, keyBytes, keyLength); return (jlong)ctx; cleanup: if (ctx != NULL) { EVP_CIPHER_CTX_free(ctx); } - FreeMemoryFromInit(env, iv, ivBytes, key, keyBytes); + FreeMemoryFromInit(env, iv, ivBytes, key, keyBytes, keyLength); return 0; } -- 2.22.0
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.
浙ICP备2022010568号-2