/hg/release/icedtea7-forest-2.5/hotspot: 7 new changesets
andrew at icedtea.classpath.org
andrew at icedtea.classpath.org
Mon Jul 6 11:03:41 UTC 2015
changeset 15f046981254 in /hg/release/icedtea7-forest-2.5/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.5/hotspot?cmd=changeset;node=15f046981254
author: iignatyev
date: Wed Jun 03 03:14:46 2015 +0100
8021120, PR2301: TieredCompilation can be enabled even if TIERED is undefined
Reviewed-by: kvn, dholmes
changeset 15499ffd2d7c in /hg/release/icedtea7-forest-2.5/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.5/hotspot?cmd=changeset;node=15499ffd2d7c
author: goetz
date: Tue Feb 03 11:32:50 2015 +0100
8069590: AIX port of "8050807: Better performing performance data handling"
changeset 5845bd6da245 in /hg/release/icedtea7-forest-2.5/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.5/hotspot?cmd=changeset;node=5845bd6da245
author: goetz
date: Mon Apr 27 10:59:06 2015 +0200
8078482, PR2307: ppc: pass thread to throw_AbstractMethodError
Summary: Also improve check for Safepoints in signal handler.
Reviewed-by: kvn, simonis
changeset 2b6ac88b8802 in /hg/release/icedtea7-forest-2.5/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.5/hotspot?cmd=changeset;node=2b6ac88b8802
author: simonis
date: Tue May 19 11:06:34 2015 +0200
8080190: PPC64: Fix wrong rotate instructions in the .ad file
Reviewed-by: kvn
changeset 935b389613ae in /hg/release/icedtea7-forest-2.5/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.5/hotspot?cmd=changeset;node=935b389613ae
author: sgehwolf
date: Wed Apr 29 12:23:48 2015 -0700
8078666, PR2326: JVM fastdebug build compiled with GCC 5 asserts with "widen increases"
Summary: do the math on the unsigned type where overflows are well defined
Reviewed-by: kvn, aph
changeset 9b1de9bff274 in /hg/release/icedtea7-forest-2.5/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.5/hotspot?cmd=changeset;node=9b1de9bff274
author: mgerdin
date: Thu Jun 26 13:20:18 2014 +0200
8048214, PR2357: Linker error when compiling G1SATBCardTableModRefBS after include order changes
Reviewed-by: stefank, brutisso, tschatzl
changeset dd477b47d006 in /hg/release/icedtea7-forest-2.5/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.5/hotspot?cmd=changeset;node=dd477b47d006
author: andrew
date: Mon Jul 06 11:59:14 2015 +0100
Added tag icedtea-2.5.6pre01 for changeset 9b1de9bff274
diffstat:
.hgtags | 1 +
src/cpu/ppc/vm/interpreter_ppc.cpp | 7 +-
src/cpu/ppc/vm/ppc.ad | 5 +-
src/os/aix/vm/perfMemory_aix.cpp | 470 ++++++++-
src/os_cpu/linux_ppc/vm/os_linux_ppc.cpp | 10 +-
src/share/vm/gc_implementation/g1/g1SATBCardTableModRefBS.cpp | 11 +
src/share/vm/gc_implementation/g1/g1SATBCardTableModRefBS.hpp | 12 +-
src/share/vm/opto/type.cpp | 16 +-
src/share/vm/runtime/arguments.cpp | 40 +-
test/compiler/codegen/IntRotateWithImmediate.java | 64 +
10 files changed, 520 insertions(+), 116 deletions(-)
diffs (truncated from 975 to 500 lines):
diff -r 6054ad858457 -r dd477b47d006 .hgtags
--- a/.hgtags Tue Apr 14 21:40:51 2015 +0100
+++ b/.hgtags Mon Jul 06 11:59:14 2015 +0100
@@ -794,3 +794,4 @@
bbda609c9d24364fd233db29d24285251fd61685 icedtea-2.5.5pre01
4cb6ece5f0736b79ae114d07279da2c39abd29d3 icedtea-2.5.5pre02
cac66550581b9bc94fa36275712dd3c502a1993e icedtea-2.5.5
+9b1de9bff274bdfb82d9052d864ff9173cb7e6be icedtea-2.5.6pre01
diff -r 6054ad858457 -r dd477b47d006 src/cpu/ppc/vm/interpreter_ppc.cpp
--- a/src/cpu/ppc/vm/interpreter_ppc.cpp Tue Apr 14 21:40:51 2015 +0100
+++ b/src/cpu/ppc/vm/interpreter_ppc.cpp Mon Jul 06 11:59:14 2015 +0100
@@ -1,6 +1,6 @@
/*
- * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved.
- * Copyright 2012, 2014 SAP AG. All rights reserved.
+ * Copyright (c) 1997, 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright 2012, 2015 SAP AG. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -475,7 +475,8 @@
// This is not a leaf but we have a JavaFrameAnchor now and we will
// check (create) exceptions afterward so this is ok.
- __ call_VM_leaf(CAST_FROM_FN_PTR(address, InterpreterRuntime::throw_AbstractMethodError));
+ __ call_VM_leaf(CAST_FROM_FN_PTR(address, InterpreterRuntime::throw_AbstractMethodError),
+ R16_thread);
// Pop the C frame and restore LR.
__ pop_frame();
diff -r 6054ad858457 -r dd477b47d006 src/cpu/ppc/vm/ppc.ad
--- a/src/cpu/ppc/vm/ppc.ad Tue Apr 14 21:40:51 2015 +0100
+++ b/src/cpu/ppc/vm/ppc.ad Mon Jul 06 11:59:14 2015 +0100
@@ -2505,9 +2505,8 @@
// Do we need to mask the count passed to shift instructions or does
// the cpu only look at the lower 5/6 bits anyway?
-// Off, as masks are generated in expand rules where required.
-// Constant shift counts are handled in Ideal phase.
-const bool Matcher::need_masked_shift_count = false;
+// PowerPC requires masked shift counts.
+const bool Matcher::need_masked_shift_count = true;
// This affects two different things:
// - how Decode nodes are matched
diff -r 6054ad858457 -r dd477b47d006 src/os/aix/vm/perfMemory_aix.cpp
--- a/src/os/aix/vm/perfMemory_aix.cpp Tue Apr 14 21:40:51 2015 +0100
+++ b/src/os/aix/vm/perfMemory_aix.cpp Mon Jul 06 11:59:14 2015 +0100
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2001, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2001, 2013, Oracle and/or its affiliates. All rights reserved.
* Copyright 2012, 2013 SAP AG. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
@@ -31,6 +31,7 @@
#include "os_aix.inline.hpp"
#include "runtime/handles.inline.hpp"
#include "runtime/perfMemory.hpp"
+#include "services/memTracker.hpp"
#include "utilities/exceptions.hpp"
// put OS-includes here
@@ -196,12 +197,37 @@
return pid;
}
+// Check if the given statbuf is considered a secure directory for
+// the backing store files. Returns true if the directory is considered
+// a secure location. Returns false if the statbuf is a symbolic link or
+// if an error occurred.
+static bool is_statbuf_secure(struct stat *statp) {
+ if (S_ISLNK(statp->st_mode) || !S_ISDIR(statp->st_mode)) {
+ // The path represents a link or some non-directory file type,
+ // which is not what we expected. Declare it insecure.
+ //
+ return false;
+ }
+ // We have an existing directory, check if the permissions are safe.
+ if ((statp->st_mode & (S_IWGRP|S_IWOTH)) != 0) {
+ // The directory is open for writing and could be subjected
+ // to a symlink or a hard link attack. Declare it insecure.
+ return false;
+ }
+ // See if the uid of the directory matches the effective uid of the process.
+ //
+ if (statp->st_uid != geteuid()) {
+ // The directory was not created by this user, declare it insecure.
+ return false;
+ }
+ return true;
+}
-// check if the given path is considered a secure directory for
+
+// Check if the given path is considered a secure directory for
// the backing store files. Returns true if the directory exists
// and is considered a secure location. Returns false if the path
// is a symbolic link or if an error occurred.
-//
static bool is_directory_secure(const char* path) {
struct stat statbuf;
int result = 0;
@@ -211,38 +237,276 @@
return false;
}
- // the path exists, now check it's mode
- if (S_ISLNK(statbuf.st_mode) || !S_ISDIR(statbuf.st_mode)) {
- // the path represents a link or some non-directory file type,
- // which is not what we expected. declare it insecure.
- //
+ // The path exists, see if it is secure.
+ return is_statbuf_secure(&statbuf);
+}
+
+// (Taken over from Solaris to support the O_NOFOLLOW case on AIX.)
+// Check if the given directory file descriptor is considered a secure
+// directory for the backing store files. Returns true if the directory
+// exists and is considered a secure location. Returns false if the path
+// is a symbolic link or if an error occurred.
+static bool is_dirfd_secure(int dir_fd) {
+ struct stat statbuf;
+ int result = 0;
+
+ RESTARTABLE(::fstat(dir_fd, &statbuf), result);
+ if (result == OS_ERR) {
return false;
}
- else {
- // we have an existing directory, check if the permissions are safe.
- //
- if ((statbuf.st_mode & (S_IWGRP|S_IWOTH)) != 0) {
- // the directory is open for writing and could be subjected
- // to a symlnk attack. declare it insecure.
- //
- return false;
+
+ // The path exists, now check its mode.
+ return is_statbuf_secure(&statbuf);
+}
+
+
+// Check to make sure fd1 and fd2 are referencing the same file system object.
+static bool is_same_fsobject(int fd1, int fd2) {
+ struct stat statbuf1;
+ struct stat statbuf2;
+ int result = 0;
+
+ RESTARTABLE(::fstat(fd1, &statbuf1), result);
+ if (result == OS_ERR) {
+ return false;
+ }
+ RESTARTABLE(::fstat(fd2, &statbuf2), result);
+ if (result == OS_ERR) {
+ return false;
+ }
+
+ if ((statbuf1.st_ino == statbuf2.st_ino) &&
+ (statbuf1.st_dev == statbuf2.st_dev)) {
+ return true;
+ } else {
+ return false;
+ }
+}
+
+// Helper functions for open without O_NOFOLLOW which is not present on AIX 5.3/6.1.
+// We use the jdk6 implementation here.
+#ifndef O_NOFOLLOW
+// The O_NOFOLLOW oflag doesn't exist before solaris 5.10, this is to simulate that behaviour
+// was done in jdk 5/6 hotspot by Oracle this way
+static int open_o_nofollow_impl(const char* path, int oflag, mode_t mode, bool use_mode) {
+ struct stat orig_st;
+ struct stat new_st;
+ bool create;
+ int error;
+ int fd;
+
+ create = false;
+
+ if (lstat(path, &orig_st) != 0) {
+ if (errno == ENOENT && (oflag & O_CREAT) != 0) {
+ // File doesn't exist, but_we want to create it, add O_EXCL flag
+ // to make sure no-one creates it (or a symlink) before us
+ // This works as we expect with symlinks, from posix man page:
+ // 'If O_EXCL and O_CREAT are set, and path names a symbolic
+ // link, open() shall fail and set errno to [EEXIST]'.
+ oflag |= O_EXCL;
+ create = true;
+ } else {
+ // File doesn't exist, and we are not creating it.
+ return OS_ERR;
}
+ } else {
+ // Lstat success, check if existing file is a link.
+ if ((orig_st.st_mode & S_IFMT) == S_IFLNK) {
+ // File is a symlink.
+ errno = ELOOP;
+ return OS_ERR;
+ }
+ }
+
+ if (use_mode == true) {
+ fd = open(path, oflag, mode);
+ } else {
+ fd = open(path, oflag);
+ }
+
+ if (fd == OS_ERR) {
+ return fd;
+ }
+
+ // Can't do inode checks on before/after if we created the file.
+ if (create == false) {
+ if (fstat(fd, &new_st) != 0) {
+ // Keep errno from fstat, in case close also fails.
+ error = errno;
+ ::close(fd);
+ errno = error;
+ return OS_ERR;
+ }
+
+ if (orig_st.st_dev != new_st.st_dev || orig_st.st_ino != new_st.st_ino) {
+ // File was tampered with during race window.
+ ::close(fd);
+ errno = EEXIST;
+ if (PrintMiscellaneous && Verbose) {
+ warning("possible file tampering attempt detected when opening %s", path);
+ }
+ return OS_ERR;
+ }
+ }
+
+ return fd;
+}
+
+static int open_o_nofollow(const char* path, int oflag, mode_t mode) {
+ return open_o_nofollow_impl(path, oflag, mode, true);
+}
+
+static int open_o_nofollow(const char* path, int oflag) {
+ return open_o_nofollow_impl(path, oflag, 0, false);
+}
+#endif
+
+// Open the directory of the given path and validate it.
+// Return a DIR * of the open directory.
+static DIR *open_directory_secure(const char* dirname) {
+ // Open the directory using open() so that it can be verified
+ // to be secure by calling is_dirfd_secure(), opendir() and then check
+ // to see if they are the same file system object. This method does not
+ // introduce a window of opportunity for the directory to be attacked that
+ // calling opendir() and is_directory_secure() does.
+ int result;
+ DIR *dirp = NULL;
+
+ // No O_NOFOLLOW defined at buildtime, and it is not documented for open;
+ // so provide a workaround in this case.
+#ifdef O_NOFOLLOW
+ RESTARTABLE(::open(dirname, O_RDONLY|O_NOFOLLOW), result);
+#else
+ // workaround (jdk6 coding)
+ RESTARTABLE(::open_o_nofollow(dirname, O_RDONLY), result);
+#endif
+
+ if (result == OS_ERR) {
+ // Directory doesn't exist or is a symlink, so there is nothing to cleanup.
+ if (PrintMiscellaneous && Verbose) {
+ if (errno == ELOOP) {
+ warning("directory %s is a symlink and is not secure\n", dirname);
+ } else {
+ warning("could not open directory %s: %s\n", dirname, strerror(errno));
+ }
+ }
+ return dirp;
+ }
+ int fd = result;
+
+ // Determine if the open directory is secure.
+ if (!is_dirfd_secure(fd)) {
+ // The directory is not a secure directory.
+ os::close(fd);
+ return dirp;
+ }
+
+ // Open the directory.
+ dirp = ::opendir(dirname);
+ if (dirp == NULL) {
+ // The directory doesn't exist, close fd and return.
+ os::close(fd);
+ return dirp;
+ }
+
+ // Check to make sure fd and dirp are referencing the same file system object.
+ if (!is_same_fsobject(fd, dirp->dd_fd)) {
+ // The directory is not secure.
+ os::close(fd);
+ os::closedir(dirp);
+ dirp = NULL;
+ return dirp;
+ }
+
+ // Close initial open now that we know directory is secure
+ os::close(fd);
+
+ return dirp;
+}
+
+// NOTE: The code below uses fchdir(), open() and unlink() because
+// fdopendir(), openat() and unlinkat() are not supported on all
+// versions. Once the support for fdopendir(), openat() and unlinkat()
+// is available on all supported versions the code can be changed
+// to use these functions.
+
+// Open the directory of the given path, validate it and set the
+// current working directory to it.
+// Return a DIR * of the open directory and the saved cwd fd.
+//
+static DIR *open_directory_secure_cwd(const char* dirname, int *saved_cwd_fd) {
+
+ // Open the directory.
+ DIR* dirp = open_directory_secure(dirname);
+ if (dirp == NULL) {
+ // Directory doesn't exist or is insecure, so there is nothing to cleanup.
+ return dirp;
+ }
+ int fd = dirp->dd_fd;
+
+ // Open a fd to the cwd and save it off.
+ int result;
+ RESTARTABLE(::open(".", O_RDONLY), result);
+ if (result == OS_ERR) {
+ *saved_cwd_fd = -1;
+ } else {
+ *saved_cwd_fd = result;
+ }
+
+ // Set the current directory to dirname by using the fd of the directory.
+ result = fchdir(fd);
+
+ return dirp;
+}
+
+// Close the directory and restore the current working directory.
+static void close_directory_secure_cwd(DIR* dirp, int saved_cwd_fd) {
+
+ int result;
+ // If we have a saved cwd change back to it and close the fd.
+ if (saved_cwd_fd != -1) {
+ result = fchdir(saved_cwd_fd);
+ ::close(saved_cwd_fd);
+ }
+
+ // Close the directory.
+ os::closedir(dirp);
+}
+
+// Check if the given file descriptor is considered a secure.
+static bool is_file_secure(int fd, const char *filename) {
+
+ int result;
+ struct stat statbuf;
+
+ // Determine if the file is secure.
+ RESTARTABLE(::fstat(fd, &statbuf), result);
+ if (result == OS_ERR) {
+ if (PrintMiscellaneous && Verbose) {
+ warning("fstat failed on %s: %s\n", filename, strerror(errno));
+ }
+ return false;
+ }
+ if (statbuf.st_nlink > 1) {
+ // A file with multiple links is not expected.
+ if (PrintMiscellaneous && Verbose) {
+ warning("file %s has multiple links\n", filename);
+ }
+ return false;
}
return true;
}
-
-// return the user name for the given user id
+// Return the user name for the given user id.
//
-// the caller is expected to free the allocated memory.
-//
+// The caller is expected to free the allocated memory.
static char* get_user_name(uid_t uid) {
struct passwd pwent;
- // determine the max pwbuf size from sysconf, and hardcode
+ // Determine the max pwbuf size from sysconf, and hardcode
// a default if this not available through sysconf.
- //
long bufsize = sysconf(_SC_GETPW_R_SIZE_MAX);
if (bufsize == -1)
bufsize = 1024;
@@ -344,7 +608,8 @@
strcat(usrdir_name, "/");
strcat(usrdir_name, dentry->d_name);
- DIR* subdirp = os::opendir(usrdir_name);
+ // Open the user directory.
+ DIR* subdirp = open_directory_secure(usrdir_name);
if (subdirp == NULL) {
FREE_C_HEAP_ARRAY(char, usrdir_name, mtInternal);
@@ -464,28 +729,7 @@
}
}
-
-// remove file
-//
-// this method removes the file with the given file name in the
-// named directory.
-//
-static void remove_file(const char* dirname, const char* filename) {
-
- size_t nbytes = strlen(dirname) + strlen(filename) + 2;
- char* path = NEW_C_HEAP_ARRAY(char, nbytes, mtInternal);
-
- strcpy(path, dirname);
- strcat(path, "/");
- strcat(path, filename);
-
- remove_file(path);
-
- FREE_C_HEAP_ARRAY(char, path, mtInternal);
-}
-
-
-// cleanup stale shared memory resources
+// Cleanup stale shared memory resources
//
// This method attempts to remove all stale shared memory files in
// the named user temporary directory. It scans the named directory
@@ -493,32 +737,26 @@
// process id is extracted from the file name and a test is run to
// determine if the process is alive. If the process is not alive,
// any stale file resources are removed.
-//
static void cleanup_sharedmem_resources(const char* dirname) {
- // open the user temp directory
- DIR* dirp = os::opendir(dirname);
-
+ int saved_cwd_fd;
+ // Open the directory.
+ DIR* dirp = open_directory_secure_cwd(dirname, &saved_cwd_fd);
if (dirp == NULL) {
- // directory doesn't exist, so there is nothing to cleanup
+ // Directory doesn't exist or is insecure, so there is nothing to cleanup.
return;
}
- if (!is_directory_secure(dirname)) {
- // the directory is not a secure directory
- return;
- }
-
- // for each entry in the directory that matches the expected file
+ // For each entry in the directory that matches the expected file
// name pattern, determine if the file resources are stale and if
// so, remove the file resources. Note, instrumented HotSpot processes
// for this user may start and/or terminate during this search and
// remove or create new files in this directory. The behavior of this
// loop under these conditions is dependent upon the implementation of
// opendir/readdir.
- //
struct dirent* entry;
char* dbuf = NEW_C_HEAP_ARRAY(char, os::readdir_buf_size(dirname), mtInternal);
+
errno = 0;
while ((entry = os::readdir(dirp, (struct dirent *)dbuf)) != NULL) {
@@ -528,56 +766,55 @@
if (strcmp(entry->d_name, ".") != 0 && strcmp(entry->d_name, "..") != 0) {
- // attempt to remove all unexpected files, except "." and ".."
- remove_file(dirname, entry->d_name);
+ // Attempt to remove all unexpected files, except "." and "..".
+ unlink(entry->d_name);
}
errno = 0;
continue;
}
- // we now have a file name that converts to a valid integer
+ // We now have a file name that converts to a valid integer
// that could represent a process id . if this process id
// matches the current process id or the process is not running,
// then remove the stale file resources.
//
- // process liveness is detected by sending signal number 0 to
+ // Process liveness is detected by sending signal number 0 to
More information about the distro-pkg-dev
mailing list