RFR: 8332786: When dumping static CDS archives, explicitly assert that we don't use a CDS archive
Thomas Stuefe
stuefe at openjdk.org
Sat Jun 1 09:01:25 UTC 2024
Currently, we don't use a CDS archive when dumping the static archive. And that is fine.
It has security implications: if a customer re-generates the dump with `-Xshare:dump`, the content of the dump should depend on only the runtime parts of the JVM, resp. only on those parts that had been built on the build host. It should not depend on an archive that may or may not have been produced after the build and that may be tainted.
This just reduces the attack surface for possible supply chain attacks.
Since we already do this, I'd only like to add explicit asserts to ensure that we continue to do this.
-------------
Commit messages:
- start
Changes: https://git.openjdk.org/jdk/pull/19359/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=19359&range=00
Issue: https://bugs.openjdk.org/browse/JDK-8332786
Stats: 2 lines in 1 file changed: 2 ins; 0 del; 0 mod
Patch: https://git.openjdk.org/jdk/pull/19359.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/19359/head:pull/19359
PR: https://git.openjdk.org/jdk/pull/19359
More information about the hotspot-runtime-dev
mailing list