git: openjdk/leyden: hermetic-java-runtime: Add experimental native linking (for ld or lld on Linux) part. I added two experimental options to the --link-hermetic-image flag:

[duke]

Changeset: ad613c30
Branch: hermetic-java-runtime
Author:    Jiangli Zhou <jianglizhou at google.com>
Date:      2025-04-08 18:13:59 +0000
URL:       https://git.openjdk.org/leyden/commit/ad613c3044454e7b479ade017ef919ee8d13dfb6

Add experimental native linking (for ld or lld on Linux) part. I added two experimental options to the --link-hermetic-image flag:

- `link-command=<link_cmd>`: Specify the complete native linking command

- `pre-linked-exe=<pre_linked_launcher_executable>`: Specify the prelinked launcher executable, no native linking is performed in this case

If the native linking command is specified via the `link-command=<link_cmd>` option (see below example), jlink invokes the native linker and performs the linking step. It finds the output file name/path from the native linking command and the output file is used to create the final hermetic Java image.
```
jlink --hermetic --link-hermetic-image link-command="/usr/bin/g++ ..." ...
```
The current change explicitly looks for the `-o` linker option, which only works with `ld` and `lld`. We need a better solution to support various linkers on different platforms.

Following is an jlink command example to create hermetic Java image by including native linking part, with the current change:
```
In JDK build/linux-x86_64-server-fastdebug dir:
$ /<snip>/jianglizhou/github/hermetic-linking/build/linux-x86_64-server-fastdebug/jdk/bin/jlink --hermetic --link-hermetic-image link-command="/usr/bin/g++ -Wl,-z,defs -Wl,-z,relro -Wl,-z,now -Wl,--no-as-needed -Wl,-z,noexecstack -m64 -pie -Wl,-z,defs -Wl,-z,relro -Wl,-z,now -Wl,--no-as-needed -Wl,-z,noexecstack -m64 -Wl,-rpath,\$ORIGIN -Wl,--disable-new-dtags -Wl,-rpath,\$ORIGIN/../lib -Wl,--disable-new-dtags -o /tmp/java support/static-native/launcher/main.o -Wl,--export-dynamic -Wl,--whole-archive support/native/java.base/libverify/static/libverify.a support/native/java.base/libjava/static/libjava.a support/native/java.base/libzip/static/libzip.a support/native/java.base/libjimage/static/libjimage.a support/native/java.base/libjli/static/libjli.a support/native/java.base/libnet/static/libnet.a support/native/java.base/libnio/static/libnio.a support/native/java.base/libsyslookup/static/libsyslookup.a support/native/java.base/libsimdsort/static/libsimdsort.a support/native/java.desk
 top/libawt/static/libawt.a support/native/java.desktop/libawt_xawt/static/libawt_xawt.a support/native/java.desktop/libjawt/static/libjawt.a support/native/java.desktop/libmlib_image/static/libmlib_image.a support/native/java.desktop/liblcms/static/liblcms.a support/native/java.desktop/libjavajpeg/static/libjavajpeg.a support/native/java.desktop/libfontmanager/static/libfontmanager.a support/native/java.desktop/libjsound/static/libjsound.a support/native/java.instrument/libinstrument/static/libinstrument.a support/native/java.management/libmanagement/static/libmanagement.a support/native/java.prefs/libprefs/static/libprefs.a support/native/java.rmi/librmi/static/librmi.a support/native/java.security.jgss/libj2gss/static/libj2gss.a support/native/java.smartcardio/libj2pcsc/static/libj2pcsc.a support/native/jdk.attach/libattach/static/libattach.a support/native/jdk.crypto.cryptoki/libj2pkcs11/static/libj2pkcs11.a support/native/jdk.hotspot.agent/libsaproc/static/libsaproc.a support/na
 tive/jdk.incubator.vector/libjsvml/static/libjsvml.a support/native/jdk.jdwp.agent/libdt_socket/static/libdt_socket.a support/native/jdk.jdwp.agent/libjdwp/static/libjdwp.a support/native/jdk.management/libmanagement_ext/static/libmanagement_ext.a support/native/jdk.management.agent/libmanagement_agent/static/libmanagement_agent.a support/native/jdk.net/libextnet/static/libextnet.a support/native/jdk.sctp/libsctp/static/libsctp.a support/native/jdk.security.auth/libjaas/static/libjaas.a hotspot/variant-server/libjvm/objs/static/libjvm.a -Wl,--no-whole-archive -lX11 -lXext -lXi -lXrender -lXtst -lasound -ldl -lfreetype -lm -lpthread -lrt -lz -static-libgcc -static-libstdc++ -static-libstdc++ -static-libgcc" --module-path "/<snip/jianglizhou/github/hermetic-linking/build/linux-x86_64-server-fastdebug/images/jmods" --endian little --hermetic-resources /java.base/conf/security/java.security=/java.base/java/security/java.security,/java.logging/conf/logging.properties=/java.logging/java/u
 til/logging/logging.properties,/java.base/conf/net.properties=/java.base/sun/net/net.properties,/java.desktop/lib/psfont.properties.ja=/java.desktop/sun/print/psfont.properties.ja,/java.desktop/lib/psfontj2d.properties=/java.desktop/sun/print/psfontj2d.properties,/java.base/lib/security/blocked.certs=/java.base/sun/security/util/blocked.certs,/java.base/lib/security/cacerts=/java.base/sun/security/util/cacerts,/java.base/lib/security/public_suffix_list.dat=/java.base/sun/security/util/public_suffix_list.dat,/java.base/lib/security/default.policy=/java.base/sun/security/provider/default.policy,/java.base/conf/security/java.policy=/java.base/sun/security/provider/java.policy,/java.base/conf/security/policy/limited/default_US_export.policy=/java.base/javax/crypto/limited_default_US_export.policy,/java.base/conf/security/policy/limited/default_local.policy=/java.base/javax/crypto/limited_default_local.policy,/java.base/conf/security/policy/limited/exempt_local.policy=/java.base/javax/cr
 ypto/limited_exempt_local.policy,/java.base/conf/security/policy/unlimited/default_US_export.policy=/java.base/javax/crypto/unlimited_default_US_export.policy,/java.base/conf/security/policy/unlimited/default_local.policy=/java.base/javax/crypto/unlimited_default_local.policy --generate-jli-classes=@/<snip>/jianglizhou/github/hermetic-linking/build/linux-x86_64-server-fastdebug/support/link_opt/default_jli_trace.txt --add-modules demo --keep-packaged-modules /<snip>/jianglizhou/github/hermetic-linking/build/linux-x86_64-server-fastdebug/images/jdk/jmods1 --output demo-image
```

! src/jdk.jlink/share/classes/jdk/tools/jlink/internal/plugins/LinkHermeticImagePlugin.java