From 601774ab5f42e20f3a0657c4686dce5932952c8ffdf902d30ae148b0f5dc61d0 Mon Sep 17 00:00:00 2001 From: Fridrich Strba Date: Thu, 18 Apr 2024 04:36:48 +0000 Subject: [PATCH] OBS-URL: https://build.opensuse.org/package/show/Java:Factory/java-22-openjdk?expand=0&rev=7 --- PStack-808293.patch | 4 +- disable-doclint-by-default.patch | 6 +- fips.patch | 302 ++++++++++++++--------------- java-22-openjdk.spec | 5 +- java-atk-wrapper-security.patch | 4 +- jdk-22+36.tar.gz | 3 - jdk-22+8.tar.gz | 3 + loadAssistiveTechnologies.patch | 2 +- memory-limits.patch | 2 +- multiple-pkcs11-library-init.patch | 14 +- reproducible-properties.patch | 2 +- system-pcsclite.patch | 48 ++--- zero-ranges.patch | 2 +- 13 files changed, 198 insertions(+), 199 deletions(-) delete mode 100644 jdk-22+36.tar.gz create mode 100644 jdk-22+8.tar.gz diff --git a/PStack-808293.patch b/PStack-808293.patch index b88fc3e..f4688e3 100644 --- a/PStack-808293.patch +++ b/PStack-808293.patch @@ -1,6 +1,6 @@ --- a/src/jdk.hotspot.agent/share/classes/sun/jvm/hotspot/tools/PStack.java +++ b/src/jdk.hotspot.agent/share/classes/sun/jvm/hotspot/tools/PStack.java -@@ -101,7 +101,8 @@ public class PStack extends Tool { +@@ -101,7 +101,8 @@ public void run(PrintStream out, Debugger dbg) { if (jthread != null) { jthread.printThreadInfoOn(out); } @@ -10,7 +10,7 @@ ClosestSymbol sym = f.closestSymbolToPC(); Address pc = f.pc(); out.print(pc + "\t"); -@@ -183,10 +184,19 @@ public class PStack extends Tool { +@@ -183,10 +184,19 @@ public void run(PrintStream out, Debugger dbg) { } } } diff --git a/disable-doclint-by-default.patch b/disable-doclint-by-default.patch index 72c0d28..2ef2c49 100644 --- a/disable-doclint-by-default.patch +++ b/disable-doclint-by-default.patch @@ -1,6 +1,6 @@ --- a/src/jdk.javadoc/share/classes/jdk/javadoc/internal/doclets/toolkit/BaseConfiguration.java +++ b/src/jdk.javadoc/share/classes/jdk/javadoc/internal/doclets/toolkit/BaseConfiguration.java -@@ -795,7 +795,7 @@ public abstract class BaseConfiguration { +@@ -631,7 +631,7 @@ public void initDocLint(List opts, Set customTagNames) { } } else { // no -Xmsgs options of any kind, use default @@ -11,7 +11,7 @@ if (!customTagNames.isEmpty()) { --- a/test/langtools/jdk/javadoc/tool/doclint/DocLintTest.java +++ b/test/langtools/jdk/javadoc/tool/doclint/DocLintTest.java -@@ -150,12 +150,12 @@ public class DocLintTest { +@@ -150,12 +150,12 @@ void run() throws Exception { files = List.of(new TestJFO("Test.java", code)); test(List.of(htmlVersion), @@ -28,7 +28,7 @@ // test(List.of("-Xdoclint:none"), // Main.Result.OK, -@@ -178,8 +178,8 @@ public class DocLintTest { +@@ -178,8 +178,8 @@ void run() throws Exception { EnumSet.of(Message.DL_WRN14)); test(List.of(htmlVersion, rawDiags, "-private"), diff --git a/fips.patch b/fips.patch index 297680f..eece66e 100644 --- a/fips.patch +++ b/fips.patch @@ -1,6 +1,6 @@ ---- jdk22u-jdk-22-36/make/autoconf/build-aux/pkg.m4 2024-03-15 16:05:55.017767821 +0100 -+++ jdk22u-jdk-22-36/make/autoconf/build-aux/pkg.m4 2024-03-15 16:08:34.387868998 +0100 -@@ -179,3 +179,19 @@ +--- a/make/autoconf/build-aux/pkg.m4 ++++ b/make/autoconf/build-aux/pkg.m4 +@@ -179,3 +179,19 @@ else ifelse([$3], , :, [$3]) fi[]dnl ])# PKG_CHECK_MODULES @@ -20,26 +20,8 @@ + +AS_VAR_IF([$1], [""], [$5], [$4])dnl +])dnl PKG_CHECK_VAR ---- jdk22u-jdk-22-36/make/autoconf/libraries.m4 2024-03-15 16:05:55.017767821 +0100 -+++ jdk22u-jdk-22-36/make/autoconf/libraries.m4 2024-03-15 16:08:34.387868998 +0100 -@@ -35,6 +35,7 @@ - m4_include([lib-x11.m4]) - - m4_include([lib-tests.m4]) -+m4_include([lib-sysconf.m4]) - - ################################################################################ - # Determine which libraries are needed for this configuration -@@ -128,6 +129,7 @@ - LIB_SETUP_X11 - - LIB_TESTS_SETUP_GTEST -+ LIB_SETUP_SYSCONF_LIBS - - BASIC_JDKLIB_LIBS="" - BASIC_JDKLIB_LIBS_TARGET="" ---- jdk22u-jdk-22-36/make/autoconf/lib-sysconf.m4 1970-01-01 01:00:00.000000000 +0100 -+++ jdk22u-jdk-22-36/make/autoconf/lib-sysconf.m4 2024-03-15 16:08:34.387868998 +0100 +--- /dev/null ++++ b/make/autoconf/lib-sysconf.m4 @@ -0,0 +1,87 @@ +# +# Copyright (c) 2021, Red Hat, Inc. @@ -128,9 +110,27 @@ + AC_SUBST(USE_SYSCONF_NSS) + AC_SUBST(NSS_LIBDIR) +]) ---- jdk22u-jdk-22-36/make/autoconf/spec.gmk.in 2024-03-15 16:05:55.017767821 +0100 -+++ jdk22u-jdk-22-36/make/autoconf/spec.gmk.in 2024-03-15 16:11:32.251315250 +0100 -@@ -830,6 +830,11 @@ +--- a/make/autoconf/libraries.m4 ++++ b/make/autoconf/libraries.m4 +@@ -35,6 +35,7 @@ m4_include([lib-std.m4]) + m4_include([lib-x11.m4]) + + m4_include([lib-tests.m4]) ++m4_include([lib-sysconf.m4]) + + ################################################################################ + # Determine which libraries are needed for this configuration +@@ -134,6 +135,7 @@ AC_DEFUN_ONCE([LIB_SETUP_LIBRARIES], + LIB_SETUP_X11 + + LIB_TESTS_SETUP_GTEST ++ LIB_SETUP_SYSCONF_LIBS + + BASIC_JDKLIB_LIBS="" + BASIC_JDKLIB_LIBS_TARGET="" +--- a/make/autoconf/spec.gmk.in ++++ b/make/autoconf/spec.gmk.in +@@ -873,6 +873,11 @@ PANDOC_MARKDOWN_FLAG := @PANDOC_MARKDOWN_FLAG@ # Libraries # @@ -139,12 +139,12 @@ +NSS_CFLAGS:=@NSS_CFLAGS@ +NSS_LIBDIR:=@NSS_LIBDIR@ + - USE_EXTERNAL_LCMS := @USE_EXTERNAL_LCMS@ - LCMS_CFLAGS := @LCMS_CFLAGS@ - LCMS_LIBS := @LCMS_LIBS@ ---- jdk22u-jdk-22-36/make/modules/java.base/Gendata.gmk 2024-03-15 16:05:55.097767871 +0100 -+++ jdk22u-jdk-22-36/make/modules/java.base/Gendata.gmk 2024-03-15 16:08:34.387868998 +0100 -@@ -98,3 +98,17 @@ + USE_EXTERNAL_LCMS:=@USE_EXTERNAL_LCMS@ + LCMS_CFLAGS:=@LCMS_CFLAGS@ + LCMS_LIBS:=@LCMS_LIBS@ +--- a/make/modules/java.base/Gendata.gmk ++++ b/make/modules/java.base/Gendata.gmk +@@ -98,3 +98,17 @@ $(GENDATA_JAVA_SECURITY): $(BUILD_TOOLS_JDK) $(GENDATA_JAVA_SECURITY_SRC) $(REST TARGETS += $(GENDATA_JAVA_SECURITY) ################################################################################ @@ -162,12 +162,13 @@ +TARGETS += $(GENDATA_NSS_FIPS_CFG) + +################################################################################ ---- jdk22u-jdk-22-36/make/modules/java.base/Lib.gmk 2024-03-15 16:05:55.101101207 +0100 -+++ jdk22u-jdk-22-36/make/modules/java.base/Lib.gmk 2024-03-15 16:08:34.387868998 +0100 -@@ -165,6 +165,29 @@ +--- a/make/modules/java.base/Lib.gmk ++++ b/make/modules/java.base/Lib.gmk +@@ -163,6 +163,29 @@ ifeq ($(call isTargetOsType, unix), true) + endif endif - ################################################################################ ++################################################################################ +# Create the systemconf library + +LIBSYSTEMCONF_CFLAGS := @@ -190,12 +191,11 @@ + +TARGETS += $(BUILD_LIBSYSTEMCONF) + -+################################################################################ + ################################################################################ # Create the symbols file for static builds. - ifeq ($(STATIC_BUILD), true) ---- jdk22u-jdk-22-36/src/java.base/share/classes/com/sun/crypto/provider/SunJCE.java 2024-03-15 16:05:55.677768239 +0100 -+++ jdk22u-jdk-22-36/src/java.base/share/classes/com/sun/crypto/provider/SunJCE.java 2024-03-15 16:08:34.387868998 +0100 +--- a/src/java.base/share/classes/com/sun/crypto/provider/SunJCE.java ++++ b/src/java.base/share/classes/com/sun/crypto/provider/SunJCE.java @@ -31,6 +31,7 @@ import java.security.PrivilegedAction; import java.util.HashMap; @@ -215,7 +215,7 @@ @java.io.Serial private static final long serialVersionUID = 6812507587804302833L; -@@ -147,6 +152,7 @@ +@@ -147,6 +152,7 @@ public Void run() { void putEntries() { // reuse attribute map and reset before each reuse HashMap attrs = new HashMap<>(3); @@ -223,7 +223,7 @@ attrs.put("SupportedModes", "ECB"); attrs.put("SupportedPaddings", "NOPADDING|PKCS1PADDING|OAEPPADDING" + "|OAEPWITHMD5ANDMGF1PADDING" -@@ -439,6 +444,7 @@ +@@ -439,6 +445,7 @@ void putEntries() { psA("KeyPairGenerator", "DiffieHellman", "com.sun.crypto.provider.DHKeyPairGenerator", null); @@ -231,7 +231,7 @@ /* * Algorithm parameter generation engines -@@ -447,6 +453,7 @@ +@@ -447,6 +454,7 @@ void putEntries() { "DiffieHellman", "com.sun.crypto.provider.DHParameterGenerator", null); @@ -239,7 +239,7 @@ /* * Key Agreement engines */ -@@ -456,6 +463,7 @@ +@@ -456,6 +464,7 @@ void putEntries() { psA("KeyAgreement", "DiffieHellman", "com.sun.crypto.provider.DHKeyAgreement", attrs); @@ -247,7 +247,7 @@ /* * Algorithm Parameter engines -@@ -651,6 +659,7 @@ +@@ -651,6 +660,7 @@ void putEntries() { ps("SecretKeyFactory", "PBEWithHmacSHA512/256AndAES_256", "com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA512_256AndAES_256"); @@ -255,7 +255,7 @@ // PBKDF2 psA("SecretKeyFactory", "PBKDF2WithHmacSHA1", "com.sun.crypto.provider.PBKDF2Core$HmacSHA1", -@@ -782,6 +790,7 @@ +@@ -782,6 +792,7 @@ void putEntries() { "com.sun.crypto.provider.TlsRsaPremasterSecretGenerator", List.of("SunTls12RsaPremasterSecret"), null); } @@ -263,8 +263,8 @@ // Return the instance of this class or create one if needed. static SunJCE getInstance() { ---- jdk22u-jdk-22-36/src/java.base/share/classes/java/security/Security.java 2024-03-15 16:05:55.704434923 +0100 -+++ jdk22u-jdk-22-36/src/java.base/share/classes/java/security/Security.java 2024-03-15 16:08:34.391202334 +0100 +--- a/src/java.base/share/classes/java/security/Security.java ++++ b/src/java.base/share/classes/java/security/Security.java @@ -34,6 +34,7 @@ import jdk.internal.access.JavaSecurityPropertiesAccess; import jdk.internal.event.EventHelper; @@ -285,7 +285,7 @@ /* Are we debugging? -- for developers */ private static final Debug sdebug = Debug.getInstance("properties"); -@@ -75,6 +81,19 @@ +@@ -75,6 +81,19 @@ private static class ProviderProperty { } static { @@ -305,7 +305,7 @@ // doPrivileged here because there are multiple // things in initialize that might require privs. // (the FileInputStream call and the File.exists call, -@@ -96,6 +115,7 @@ +@@ -96,6 +115,7 @@ public Properties getInitialProperties() { private static void initialize() { props = new Properties(); boolean overrideAll = false; @@ -313,7 +313,7 @@ // first load the system properties file // to determine the value of security.overridePropertiesFile -@@ -116,6 +136,61 @@ +@@ -116,6 +136,61 @@ private static void initialize() { } loadProps(null, extraPropFile, overrideAll); } @@ -375,7 +375,7 @@ initialSecurityProperties = (Properties) props.clone(); if (sdebug != null) { for (String key : props.stringPropertyNames()) { -@@ -126,7 +201,7 @@ +@@ -126,7 +201,7 @@ private static void initialize() { } @@ -384,8 +384,8 @@ InputStream is = null; try { if (masterFile != null && masterFile.exists()) { ---- jdk22u-jdk-22-36/src/java.base/share/classes/java/security/SystemConfigurator.java 1970-01-01 01:00:00.000000000 +0100 -+++ jdk22u-jdk-22-36/src/java.base/share/classes/java/security/SystemConfigurator.java 2024-03-15 16:08:34.391202334 +0100 +--- /dev/null ++++ b/src/java.base/share/classes/java/security/SystemConfigurator.java @@ -0,0 +1,232 @@ +/* + * Copyright (c) 2019, 2021, Red Hat, Inc. @@ -619,8 +619,8 @@ + } + } +} ---- jdk22u-jdk-22-36/src/java.base/share/classes/jdk/internal/access/JavaSecuritySystemConfiguratorAccess.java 1970-01-01 01:00:00.000000000 +0100 -+++ jdk22u-jdk-22-36/src/java.base/share/classes/jdk/internal/access/JavaSecuritySystemConfiguratorAccess.java 2024-03-15 16:08:34.391202334 +0100 +--- /dev/null ++++ b/src/java.base/share/classes/jdk/internal/access/JavaSecuritySystemConfiguratorAccess.java @@ -0,0 +1,31 @@ +/* + * Copyright (c) 2020, Red Hat, Inc. @@ -653,8 +653,8 @@ + boolean isSystemFipsEnabled(); + boolean isPlainKeySupportEnabled(); +} ---- jdk22u-jdk-22-36/src/java.base/share/classes/jdk/internal/access/SharedSecrets.java 2024-03-15 16:05:55.727768271 +0100 -+++ jdk22u-jdk-22-36/src/java.base/share/classes/jdk/internal/access/SharedSecrets.java 2024-03-15 16:08:34.391202334 +0100 +--- a/src/java.base/share/classes/jdk/internal/access/SharedSecrets.java ++++ b/src/java.base/share/classes/jdk/internal/access/SharedSecrets.java @@ -43,6 +43,7 @@ import java.io.PrintWriter; import java.io.RandomAccessFile; @@ -663,7 +663,7 @@ import java.security.Signature; /** A repository of "shared secrets", which are a mechanism for -@@ -90,6 +91,7 @@ +@@ -90,6 +91,7 @@ public class SharedSecrets { private static JavaxCryptoSealedObjectAccess javaxCryptoSealedObjectAccess; private static JavaxCryptoSpecAccess javaxCryptoSpecAccess; private static JavaTemplateAccess javaTemplateAccess; @@ -671,7 +671,7 @@ public static void setJavaUtilCollectionAccess(JavaUtilCollectionAccess juca) { javaUtilCollectionAccess = juca; -@@ -537,4 +539,15 @@ +@@ -537,4 +539,15 @@ private static void ensureClassInitialized(Class c) { MethodHandles.lookup().ensureInitialized(c); } catch (IllegalAccessException e) {} } @@ -687,9 +687,9 @@ + return javaSecuritySystemConfiguratorAccess; + } } ---- jdk22u-jdk-22-36/src/java.base/share/classes/module-info.java 2024-03-15 16:05:55.744434949 +0100 -+++ jdk22u-jdk-22-36/src/java.base/share/classes/module-info.java 2024-03-15 16:08:34.391202334 +0100 -@@ -168,6 +168,7 @@ +--- a/src/java.base/share/classes/module-info.java ++++ b/src/java.base/share/classes/module-info.java +@@ -158,6 +158,7 @@ java.naming, java.rmi, jdk.charsets, @@ -697,8 +697,8 @@ jdk.jartool, jdk.jlink, jdk.jfr, ---- jdk22u-jdk-22-36/src/java.base/share/classes/sun/security/ec/SunEC.java 2024-03-15 16:05:55.754434955 +0100 -+++ jdk22u-jdk-22-36/src/java.base/share/classes/sun/security/ec/SunEC.java 2024-03-15 16:08:34.397869005 +0100 +--- a/src/java.base/share/classes/sun/security/ec/SunEC.java ++++ b/src/java.base/share/classes/sun/security/ec/SunEC.java @@ -34,6 +34,7 @@ import java.util.HashMap; import java.util.List; @@ -707,7 +707,7 @@ import sun.security.ec.ed.EdDSAKeyFactory; import sun.security.ec.ed.EdDSAKeyPairGenerator; import sun.security.ec.ed.EdDSASignature; -@@ -50,6 +51,10 @@ +@@ -50,6 +51,10 @@ public final class SunEC extends Provider { private static final long serialVersionUID = -2279741672933606418L; @@ -718,7 +718,7 @@ private static class ProviderServiceA extends ProviderService { ProviderServiceA(Provider p, String type, String algo, String cn, HashMap attrs) { -@@ -240,6 +245,7 @@ +@@ -240,6 +245,7 @@ void putEntries() { putXDHEntries(); putEdDSAEntries(); @@ -726,7 +726,7 @@ /* * Signature engines */ -@@ -318,6 +324,7 @@ +@@ -318,6 +324,7 @@ void putEntries() { putService(new ProviderService(this, "KeyAgreement", "ECDH", "sun.security.ec.ECDHKeyAgreement", null, ATTRS)); } @@ -734,7 +734,7 @@ private void putXDHEntries() { -@@ -333,6 +340,7 @@ +@@ -333,6 +340,7 @@ private void putXDHEntries() { "X448", "sun.security.ec.XDHKeyFactory.X448", ATTRS)); @@ -742,7 +742,7 @@ putService(new ProviderService(this, "KeyPairGenerator", "XDH", "sun.security.ec.XDHKeyPairGenerator", null, ATTRS)); putService(new ProviderServiceA(this, "KeyPairGenerator", -@@ -351,6 +359,7 @@ +@@ -351,6 +359,7 @@ private void putXDHEntries() { "X448", "sun.security.ec.XDHKeyAgreement.X448", ATTRS)); } @@ -750,7 +750,7 @@ private void putEdDSAEntries() { -@@ -364,6 +373,7 @@ +@@ -364,6 +373,7 @@ private void putEdDSAEntries() { putService(new ProviderServiceA(this, "KeyFactory", "Ed448", "sun.security.ec.ed.EdDSAKeyFactory.Ed448", ATTRS)); @@ -758,7 +758,7 @@ putService(new ProviderService(this, "KeyPairGenerator", "EdDSA", "sun.security.ec.ed.EdDSAKeyPairGenerator", null, ATTRS)); putService(new ProviderServiceA(this, "KeyPairGenerator", -@@ -379,6 +389,7 @@ +@@ -379,6 +389,7 @@ private void putEdDSAEntries() { "Ed25519", "sun.security.ec.ed.EdDSASignature.Ed25519", ATTRS)); putService(new ProviderServiceA(this, "Signature", "Ed448", "sun.security.ec.ed.EdDSASignature.Ed448", ATTRS)); @@ -766,8 +766,8 @@ } } ---- jdk22u-jdk-22-36/src/java.base/share/classes/sun/security/provider/SunEntries.java 2024-03-15 16:05:55.754434955 +0100 -+++ jdk22u-jdk-22-36/src/java.base/share/classes/sun/security/provider/SunEntries.java 2024-03-15 16:08:34.391202334 +0100 +--- a/src/java.base/share/classes/sun/security/provider/SunEntries.java ++++ b/src/java.base/share/classes/sun/security/provider/SunEntries.java @@ -38,6 +38,7 @@ import java.util.Iterator; import java.util.LinkedHashSet; @@ -787,7 +787,7 @@ // the default algo used by SecureRandom class for new SecureRandom() calls public static final String DEF_SECURE_RANDOM_ALGO; -@@ -102,6 +107,7 @@ +@@ -102,6 +107,7 @@ public final class SunEntries { // common attribute map HashMap attrs = new HashMap<>(3); @@ -795,7 +795,7 @@ /* * SecureRandom engines */ -@@ -186,6 +192,8 @@ +@@ -186,6 +192,8 @@ public final class SunEntries { add(p, "Signature", "SHA3-512withDSAinP1363Format", "sun.security.provider.DSA$SHA3_512withDSAinP1363Format"); @@ -804,7 +804,7 @@ attrs.clear(); attrs.put("ImplementedIn", "Software"); addWithAlias(p, "Signature", "HSS/LMS", "sun.security.provider.HSS", attrs); -@@ -196,9 +204,11 @@ +@@ -196,9 +204,11 @@ public final class SunEntries { attrs.put("ImplementedIn", "Software"); attrs.put("KeySize", "2048"); // for DSA KPG and APG only @@ -816,7 +816,7 @@ /* * Algorithm Parameter Generator engines -@@ -213,6 +223,7 @@ +@@ -213,6 +223,7 @@ public final class SunEntries { addWithAlias(p, "AlgorithmParameters", "DSA", "sun.security.provider.DSAParameters", attrs); @@ -824,7 +824,7 @@ /* * Key factories */ -@@ -251,6 +262,7 @@ +@@ -251,6 +262,7 @@ public final class SunEntries { "sun.security.provider.SHA3$SHA384", attrs); addWithAlias(p, "MessageDigest", "SHA3-512", "sun.security.provider.SHA3$SHA512", attrs); @@ -832,8 +832,8 @@ /* * Certificates ---- jdk22u-jdk-22-36/src/java.base/share/classes/sun/security/rsa/SunRsaSignEntries.java 2024-03-15 16:05:55.757768290 +0100 -+++ jdk22u-jdk-22-36/src/java.base/share/classes/sun/security/rsa/SunRsaSignEntries.java 2024-03-15 16:08:34.391202334 +0100 +--- a/src/java.base/share/classes/sun/security/rsa/SunRsaSignEntries.java ++++ b/src/java.base/share/classes/sun/security/rsa/SunRsaSignEntries.java @@ -27,6 +27,7 @@ import java.util.*; @@ -853,7 +853,7 @@ private void add(Provider p, String type, String algo, String cn, List aliases, HashMap attrs) { services.add(new Provider.Service(p, type, algo, cn, -@@ -63,6 +68,8 @@ +@@ -63,6 +68,8 @@ public SunRsaSignEntries(Provider p) { add(p, "KeyFactory", "RSA", "sun.security.rsa.RSAKeyFactory$Legacy", getAliases("PKCS1"), null); @@ -862,7 +862,7 @@ add(p, "KeyPairGenerator", "RSA", "sun.security.rsa.RSAKeyPairGenerator$Legacy", getAliases("PKCS1"), null); -@@ -92,13 +99,18 @@ +@@ -92,13 +99,18 @@ public SunRsaSignEntries(Provider p) { "sun.security.rsa.RSASignature$SHA3_384withRSA", attrs); addA(p, "Signature", "SHA3-512withRSA", "sun.security.rsa.RSASignature$SHA3_512withRSA", attrs); @@ -881,12 +881,13 @@ addA(p, "AlgorithmParameters", "RSASSA-PSS", "sun.security.rsa.PSSParameters", null); } ---- jdk22u-jdk-22-36/src/java.base/share/conf/security/java.security 2024-03-15 16:05:55.771101632 +0100 -+++ jdk22u-jdk-22-36/src/java.base/share/conf/security/java.security 2024-03-15 16:08:34.391202334 +0100 -@@ -86,6 +86,17 @@ +--- a/src/java.base/share/conf/security/java.security ++++ b/src/java.base/share/conf/security/java.security +@@ -85,6 +85,17 @@ security.provider.tbd=Apple + #endif security.provider.tbd=SunPKCS11 - # ++# +# Security providers used when FIPS mode support is active +# +fips.provider.1=SunPKCS11 ${java.home}/conf/security/nss.fips.cfg @@ -897,14 +898,14 @@ +fips.provider.6=SunRsaSign +fips.provider.7=XMLDSig + -+# + # # A list of preferred providers for specific algorithms. These providers will # be searched for matching algorithms before the list of registered providers. - # Entries containing errors (parsing, etc) will be ignored. Use the -@@ -296,6 +307,47 @@ +@@ -295,6 +306,47 @@ policy.ignoreIdentityScope=false + # keystore.type=pkcs12 - # ++# +# Default keystore type used when global crypto-policies are set to FIPS. +# +fips.keystore.type=pkcs12 @@ -945,26 +946,25 @@ +# +fips.nssdb.pin=pin: + -+# + # # Controls compatibility mode for JKS and PKCS12 keystore types. # - # When set to 'true', both JKS and PKCS12 keystore types support loading -@@ -333,6 +385,13 @@ +@@ -336,6 +388,13 @@ package.definition=sun.misc.,\ + # security.overridePropertiesFile=true - # ++# +# Determines whether this properties file will be appended to +# using the system properties file stored at +# /etc/crypto-policies/back-ends/java.config +# +security.useSystemPropertiesFile=true + -+# + # # Determines the default key and trust manager factory algorithms for # the javax.net.ssl package. - # ---- jdk22u-jdk-22-36/src/java.base/share/conf/security/nss.fips.cfg.in 1970-01-01 01:00:00.000000000 +0100 -+++ jdk22u-jdk-22-36/src/java.base/share/conf/security/nss.fips.cfg.in 2024-03-15 16:08:34.391202334 +0100 +--- /dev/null ++++ b/src/java.base/share/conf/security/nss.fips.cfg.in @@ -0,0 +1,8 @@ +name = NSS-FIPS +nssLibraryDirectory = @NSS_LIBDIR@ @@ -974,9 +974,9 @@ + +attributes(*,CKO_SECRET_KEY,CKK_GENERIC_SECRET)={ CKA_SIGN=true } + ---- jdk22u-jdk-22-36/src/java.base/share/lib/security/default.policy 2024-03-15 16:05:55.777768303 +0100 -+++ jdk22u-jdk-22-36/src/java.base/share/lib/security/default.policy 2024-03-15 16:10:36.574613233 +0100 -@@ -134,6 +134,7 @@ +--- a/src/java.base/share/lib/security/default.policy ++++ b/src/java.base/share/lib/security/default.policy +@@ -134,6 +134,7 @@ grant codeBase "jrt:/jdk.crypto.cryptoki" { permission java.lang.RuntimePermission "accessClassInPackage.jdk.internal.access"; permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*"; @@ -984,7 +984,7 @@ permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch"; permission java.lang.RuntimePermission "loadLibrary.j2pkcs11"; permission java.util.PropertyPermission "sun.security.pkcs11.allowSingleThreadedModules", "read"; -@@ -141,6 +142,8 @@ +@@ -141,6 +142,8 @@ grant codeBase "jrt:/jdk.crypto.cryptoki" { permission java.util.PropertyPermission "os.name", "read"; permission java.util.PropertyPermission "os.arch", "read"; permission java.util.PropertyPermission "jdk.crypto.KeyAgreement.legacyKDF", "read"; @@ -993,8 +993,8 @@ permission java.security.SecurityPermission "putProviderProperty.*"; permission java.security.SecurityPermission "clearProviderProperties.*"; permission java.security.SecurityPermission "removeProviderProperty.*"; ---- jdk22u-jdk-22-36/src/java.base/share/native/libsystemconf/systemconf.c 1970-01-01 01:00:00.000000000 +0100 -+++ jdk22u-jdk-22-36/src/java.base/share/native/libsystemconf/systemconf.c 2024-03-15 16:08:34.391202334 +0100 +--- /dev/null ++++ b/src/java.base/share/native/libsystemconf/systemconf.c @@ -0,0 +1,236 @@ +/* + * Copyright (c) 2021, Red Hat, Inc. @@ -1232,8 +1232,8 @@ +} + +#endif ---- jdk22u-jdk-22-36/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/FIPSKeyImporter.java 1970-01-01 01:00:00.000000000 +0100 -+++ jdk22u-jdk-22-36/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/FIPSKeyImporter.java 2024-03-15 16:08:34.391202334 +0100 +--- /dev/null ++++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/FIPSKeyImporter.java @@ -0,0 +1,457 @@ +/* + * Copyright (c) 2021, Red Hat, Inc. @@ -1692,8 +1692,8 @@ + } + } +} ---- jdk22u-jdk-22-36/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/FIPSTokenLoginHandler.java 1970-01-01 01:00:00.000000000 +0100 -+++ jdk22u-jdk-22-36/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/FIPSTokenLoginHandler.java 2024-03-15 16:08:34.391202334 +0100 +--- /dev/null ++++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/FIPSTokenLoginHandler.java @@ -0,0 +1,149 @@ +/* + * Copyright (c) 2022, Red Hat, Inc. @@ -1845,8 +1845,8 @@ + } +} \ No newline at end of file ---- jdk22u-jdk-22-36/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Key.java 2024-03-15 16:05:55.394434726 +0100 -+++ jdk22u-jdk-22-36/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Key.java 2024-03-15 16:08:34.391202334 +0100 +--- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Key.java ++++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Key.java @@ -37,6 +37,8 @@ import javax.crypto.interfaces.*; import javax.crypto.spec.*; @@ -1856,7 +1856,7 @@ import sun.security.rsa.RSAUtil.KeyType; import sun.security.rsa.RSAPublicKeyImpl; import sun.security.rsa.RSAPrivateCrtKeyImpl; -@@ -72,6 +74,9 @@ +@@ -72,6 +74,9 @@ abstract class P11Key implements Key, Length { @Serial private static final long serialVersionUID = -2575874101938349339L; @@ -1866,7 +1866,7 @@ private static final String PUBLIC = "public"; private static final String PRIVATE = "private"; private static final String SECRET = "secret"; -@@ -395,8 +400,10 @@ +@@ -401,8 +406,10 @@ static PrivateKey privateKey(Session session, long keyID, String algorithm, new CK_ATTRIBUTE(CKA_EXTRACTABLE), }); @@ -1879,7 +1879,7 @@ return switch (algorithm) { case "RSA" -> P11RSAPrivateKeyInternal.of(session, keyID, algorithm, -@@ -448,7 +455,8 @@ +@@ -454,7 +461,8 @@ private static class P11SecretKey extends P11Key implements SecretKey { public String getFormat() { token.ensureValid(); @@ -1889,8 +1889,8 @@ return null; } else { return "RAW"; ---- jdk22u-jdk-22-36/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java 2024-03-15 16:05:55.394434726 +0100 -+++ jdk22u-jdk-22-36/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java 2024-03-15 16:08:34.391202334 +0100 +--- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java ++++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java @@ -26,6 +26,9 @@ package sun.security.pkcs11; @@ -1914,7 +1914,7 @@ import static sun.security.util.SecurityProviderConstants.getAliases; import sun.security.pkcs11.Secmod.*; -@@ -65,6 +70,39 @@ +@@ -65,6 +70,39 @@ public final class SunPKCS11 extends AuthProvider { @Serial private static final long serialVersionUID = -1354835039035306505L; @@ -1954,7 +1954,7 @@ static final Debug debug = Debug.getInstance("sunpkcs11"); // the PKCS11 object through which we make the native calls @SuppressWarnings("serial") // Type of field is not Serializable; -@@ -123,6 +161,29 @@ +@@ -123,6 +161,29 @@ public Provider configure(String configArg) throws InvalidParameterException { return AccessController.doPrivileged(new PrivilegedExceptionAction<>() { @Override public SunPKCS11 run() throws Exception { @@ -1984,7 +1984,7 @@ return new SunPKCS11(new Config(newConfigName)); } }); -@@ -325,9 +386,19 @@ +@@ -336,9 +397,19 @@ private static T checkNull(T obj) { // request multithreaded access first initArgs.flags = CKF_OS_LOCKING_OK; PKCS11 tmpPKCS11; @@ -2006,7 +2006,7 @@ } catch (PKCS11Exception e) { if (debug != null) { debug.println("Multi-threaded initialization failed: " + e); -@@ -342,8 +413,9 @@ +@@ -353,8 +424,9 @@ private static T checkNull(T obj) { } else { initArgs.flags = 0; } @@ -2018,7 +2018,7 @@ } p11 = tmpPKCS11; -@@ -1389,11 +1461,52 @@ +@@ -1400,11 +1472,52 @@ private static final class P11Service extends Service { } @Override @@ -2071,7 +2071,7 @@ try { return newInstance0(param); } catch (PKCS11Exception e) { -@@ -1750,6 +1863,9 @@ +@@ -1761,6 +1874,9 @@ public void logout() throws LoginException { try { session = token.getOpSession(); p11.C_Logout(session.id()); @@ -2081,8 +2081,8 @@ if (debug != null) { debug.println("logout succeeded"); } ---- jdk22u-jdk-22-36/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/Token.java 2024-03-15 16:05:55.394434726 +0100 -+++ jdk22u-jdk-22-36/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/Token.java 2024-03-15 16:08:34.391202334 +0100 +--- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/Token.java ++++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/Token.java @@ -33,6 +33,7 @@ import java.security.*; import javax.security.auth.login.LoginException; @@ -2101,7 +2101,7 @@ // need to be serializable to allow SecureRandom to be serialized @Serial private static final long serialVersionUID = 2541527649100571747L; -@@ -125,6 +129,10 @@ +@@ -125,6 +129,10 @@ final class Token implements Serializable { // flag indicating whether we are logged in private volatile boolean loggedIn; @@ -2112,7 +2112,7 @@ // time we last checked login status private long lastLoginCheck; -@@ -242,9 +250,14 @@ +@@ -242,9 +250,14 @@ boolean isLoggedInNow(Session session) throws PKCS11Exception { // call provider.login() if not void ensureLoggedIn(Session session) throws PKCS11Exception, LoginException { if (!isLoggedIn(session)) { @@ -2127,25 +2127,8 @@ // return whether this token object is valid (i.e. token not removed) // returns value from last check, does not perform new check ---- jdk22u-jdk-22-36/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11Exception.java 2024-03-15 16:05:55.397768062 +0100 -+++ jdk22u-jdk-22-36/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11Exception.java 2024-03-15 16:08:34.391202334 +0100 -@@ -216,6 +216,14 @@ - } - - /** -+ * Constructor taking the error code from the RV enum and -+ * extra info for error message. -+ */ -+ public PKCS11Exception(RV errorEnum, String extraInfo) { -+ this(errorEnum.value, extraInfo); -+ } -+ -+ /** - * Constructor taking the error code (the CKR_* constants in PKCS#11) and - * extra info for error message. - */ ---- jdk22u-jdk-22-36/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11.java 2024-03-15 16:05:55.397768062 +0100 -+++ jdk22u-jdk-22-36/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11.java 2024-03-15 16:08:34.391202334 +0100 +--- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11.java ++++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11.java @@ -49,6 +49,9 @@ import java.io.File; @@ -2156,7 +2139,7 @@ import java.util.*; import java.security.AccessController; -@@ -174,19 +177,44 @@ +@@ -174,19 +177,44 @@ public CK_VERSION getVersion() { return version; } @@ -2201,7 +2184,7 @@ if (omitInitialize == false) { try { pkcs11.C_Initialize(pInitArgs); -@@ -1976,4 +2004,194 @@ +@@ -1976,4 +2004,194 @@ public synchronized void C_GenerateRandom(long hSession, byte[] randomData) super.C_GenerateRandom(hSession, randomData); } } @@ -2396,8 +2379,25 @@ + } +} } ---- jdk22u-jdk-22-36/test/jdk/sun/security/pkcs11/fips/NssdbPin.java 1970-01-01 01:00:00.000000000 +0100 -+++ jdk22u-jdk-22-36/test/jdk/sun/security/pkcs11/fips/NssdbPin.java 2024-03-15 16:08:34.397869005 +0100 +--- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11Exception.java ++++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11Exception.java +@@ -215,6 +215,14 @@ private static String lookup(long errorCode) { + return res; + } + ++ /** ++ * Constructor taking the error code from the RV enum and ++ * extra info for error message. ++ */ ++ public PKCS11Exception(RV errorEnum, String extraInfo) { ++ this(errorEnum.value, extraInfo); ++ } ++ + /** + * Constructor taking the error code (the CKR_* constants in PKCS#11) and + * extra info for error message. +--- /dev/null ++++ b/test/jdk/sun/security/pkcs11/fips/NssdbPin.java @@ -0,0 +1,349 @@ +/* + * Copyright (c) 2022, Red Hat, Inc. @@ -2748,8 +2748,8 @@ + "2nd line with garbage"); + } +} ---- jdk22u-jdk-22-36/test/jdk/sun/security/pkcs11/fips/VerifyMissingAttributes.java 1970-01-01 01:00:00.000000000 +0100 -+++ jdk22u-jdk-22-36/test/jdk/sun/security/pkcs11/fips/VerifyMissingAttributes.java 2024-03-15 16:08:34.397869005 +0100 +--- /dev/null ++++ b/test/jdk/sun/security/pkcs11/fips/VerifyMissingAttributes.java @@ -0,0 +1,77 @@ +/* + * Copyright (c) 2022, Red Hat, Inc. diff --git a/java-22-openjdk.spec b/java-22-openjdk.spec index 9591fd5..a17ebfa 100644 --- a/java-22-openjdk.spec +++ b/java-22-openjdk.spec @@ -33,8 +33,8 @@ # Standard JPackage naming and versioning defines. %global featurever 22 %global interimver 0 -#global updatever 0 -%global buildver 36 +#global updatever 1 +%global buildver 8 %global openjdk_repo jdk22u %global openjdk_tag jdk-%{featurever}%{?updatever:.%{interimver}.%{updatever}}%{?patchver:.%{patchver}}+%{buildver} %global openjdk_dir %{openjdk_repo}-jdk-%{featurever}%{?updatever:.%{interimver}.%{updatever}}%{?patchver:.%{patchver}}-%{buildver} @@ -923,7 +923,6 @@ fi %{_jvmdir}/%{sdkdir}/lib/libsystemconf.so %ifarch x86_64 %{_jvmdir}/%{sdkdir}/lib/libjsvml.so -%{_jvmdir}/%{sdkdir}/lib/libsimdsort.so %endif %{_jvmdir}/%{sdkdir}/lib/libsyslookup.so %{_jvmdir}/%{sdkdir}/lib/libverify.so diff --git a/java-atk-wrapper-security.patch b/java-atk-wrapper-security.patch index 38309e4..ec95039 100644 --- a/java-atk-wrapper-security.patch +++ b/java-atk-wrapper-security.patch @@ -1,6 +1,6 @@ --- a/src/java.base/share/conf/security/java.security +++ b/src/java.base/share/conf/security/java.security -@@ -307,6 +307,8 @@ keystore.type.compat=true +@@ -313,6 +313,8 @@ keystore.type.compat=true # package.access=sun.misc.,\ sun.reflect.,\ @@ -9,7 +9,7 @@ # # List of comma-separated packages that start with or equal this string -@@ -319,6 +321,8 @@ package.access=sun.misc.,\ +@@ -325,6 +327,8 @@ package.access=sun.misc.,\ # package.definition=sun.misc.,\ sun.reflect.,\ diff --git a/jdk-22+36.tar.gz b/jdk-22+36.tar.gz deleted file mode 100644 index 44d84b2..0000000 --- a/jdk-22+36.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:19cbda061fa41860fa2251f0994e7792c06aec63c8d0ae650353c850be5a8a4c -size 111988154 diff --git a/jdk-22+8.tar.gz b/jdk-22+8.tar.gz new file mode 100644 index 0000000..7a59358 --- /dev/null +++ b/jdk-22+8.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:3abc5e4cb673dd241e2471481cd2724e83242124ebe3ef36f132d05803dda876 +size 112306180 diff --git a/loadAssistiveTechnologies.patch b/loadAssistiveTechnologies.patch index 9634872..4eebc8e 100644 --- a/loadAssistiveTechnologies.patch +++ b/loadAssistiveTechnologies.patch @@ -1,6 +1,6 @@ --- a/src/java.desktop/share/classes/java/awt/Toolkit.java +++ b/src/java.desktop/share/classes/java/awt/Toolkit.java -@@ -602,7 +602,11 @@ public abstract class Toolkit { +@@ -598,7 +598,11 @@ public static synchronized Toolkit getDefaultToolkit() { toolkit = new HeadlessToolkit(toolkit); } if (!GraphicsEnvironment.isHeadless()) { diff --git a/memory-limits.patch b/memory-limits.patch index e48da58..25208be 100644 --- a/memory-limits.patch +++ b/memory-limits.patch @@ -1,6 +1,6 @@ --- a/src/hotspot/share/gc/shared/gc_globals.hpp +++ b/src/hotspot/share/gc/shared/gc_globals.hpp -@@ -596,7 +596,7 @@ +@@ -589,7 +589,7 @@ "Initial heap size (in bytes); zero means use ergonomics") \ constraint(InitialHeapSizeConstraintFunc,AfterErgo) \ \ diff --git a/multiple-pkcs11-library-init.patch b/multiple-pkcs11-library-init.patch index 970098b..772b2bf 100644 --- a/multiple-pkcs11-library-init.patch +++ b/multiple-pkcs11-library-init.patch @@ -1,6 +1,6 @@ ---- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/Config.java 2023-04-01 12:03:26.147543172 +0200 -+++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/Config.java 2023-04-01 12:03:45.455660866 +0200 -@@ -52,6 +52,7 @@ +--- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/Config.java ++++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/Config.java +@@ -52,6 +52,7 @@ final class Config { static final int ERR_HALT = 1; static final int ERR_IGNORE_ALL = 2; static final int ERR_IGNORE_LIB = 3; @@ -8,7 +8,7 @@ // same as allowSingleThreadedModules but controlled via a system property // and applied to all providers. if set to false, no SunPKCS11 instances -@@ -1037,6 +1038,7 @@ +@@ -1037,6 +1038,7 @@ private void parseHandleStartupErrors(String keyword) throws IOException { handleStartupErrors = switch (val) { case "ignoreAll" -> ERR_IGNORE_ALL; case "ignoreMissingLibrary" -> ERR_IGNORE_LIB; @@ -16,9 +16,9 @@ case "halt" -> ERR_HALT; default -> throw excToken("Invalid value for handleStartupErrors:"); }; ---- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java 2023-04-01 12:03:26.147543172 +0200 -+++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java 2023-04-01 12:07:19.664979695 +0200 -@@ -184,26 +184,37 @@ +--- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java ++++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java +@@ -184,26 +184,37 @@ private static T checkNull(T obj) { String nssLibraryDirectory = config.getNssLibraryDirectory(); String nssSecmodDirectory = config.getNssSecmodDirectory(); boolean nssOptimizeSpace = config.getNssOptimizeSpace(); diff --git a/reproducible-properties.patch b/reproducible-properties.patch index e5eb718..db542da 100644 --- a/reproducible-properties.patch +++ b/reproducible-properties.patch @@ -1,6 +1,6 @@ --- a/src/java.base/share/classes/java/util/Properties.java +++ b/src/java.base/share/classes/java/util/Properties.java -@@ -955,7 +955,7 @@ public class Properties extends Hashtable { +@@ -955,7 +955,7 @@ private static void writeDateComment(BufferedWriter bw) throws IOException { if (sysPropVal != null && !sysPropVal.isEmpty()) { writeComments(bw, sysPropVal); } else { diff --git a/system-pcsclite.patch b/system-pcsclite.patch index 052f181..84780af 100644 --- a/system-pcsclite.patch +++ b/system-pcsclite.patch @@ -1,6 +1,6 @@ ---- jdk22u-jdk-22-36/make/autoconf/lib-bundled.m4 2024-03-15 16:01:46.767610222 +0100 -+++ jdk22u-jdk-22-36/make/autoconf/lib-bundled.m4 2024-03-15 16:01:55.957616058 +0100 -@@ -41,6 +41,7 @@ +--- a/make/autoconf/lib-bundled.m4 ++++ b/make/autoconf/lib-bundled.m4 +@@ -41,6 +41,7 @@ AC_DEFUN_ONCE([LIB_SETUP_BUNDLED_LIBS], LIB_SETUP_ZLIB LIB_SETUP_LCMS LIB_SETUP_HARFBUZZ @@ -8,7 +8,7 @@ ]) ################################################################################ -@@ -309,3 +310,41 @@ +@@ -309,3 +310,41 @@ AC_DEFUN_ONCE([LIB_SETUP_HARFBUZZ], AC_SUBST(HARFBUZZ_CFLAGS) AC_SUBST(HARFBUZZ_LIBS) ]) @@ -50,19 +50,19 @@ + + AC_SUBST(USE_EXTERNAL_PCSCLITE) +]) ---- jdk22u-jdk-22-36/make/autoconf/spec.gmk.in 2024-03-15 16:01:46.767610222 +0100 -+++ jdk22u-jdk-22-36/make/autoconf/spec.gmk.in 2024-03-15 16:03:08.207661924 +0100 -@@ -813,6 +813,7 @@ +--- a/make/autoconf/spec.gmk.in ++++ b/make/autoconf/spec.gmk.in +@@ -805,6 +805,7 @@ TAR_SUPPORTS_TRANSFORM := @TAR_SUPPORTS_TRANSFORM@ # Build setup - USE_EXTERNAL_LIBJPEG := @USE_EXTERNAL_LIBJPEG@ - USE_EXTERNAL_LIBGIF := @USE_EXTERNAL_LIBGIF@ + USE_EXTERNAL_LIBJPEG:=@USE_EXTERNAL_LIBJPEG@ + USE_EXTERNAL_LIBGIF:=@USE_EXTERNAL_LIBGIF@ +USE_EXTERNAL_LIBPCSCLITE:=@USE_EXTERNAL_LIBPCSCLITE@ - USE_EXTERNAL_LIBZ := @USE_EXTERNAL_LIBZ@ - LIBZ_CFLAGS := @LIBZ_CFLAGS@ - LIBZ_LIBS := @LIBZ_LIBS@ ---- jdk22u-jdk-22-36/make/modules/java.smartcardio/Lib.gmk 2024-03-15 16:01:46.850943608 +0100 -+++ jdk22u-jdk-22-36/make/modules/java.smartcardio/Lib.gmk 2024-03-15 16:01:55.957616058 +0100 -@@ -30,12 +30,12 @@ + USE_EXTERNAL_LIBZ:=@USE_EXTERNAL_LIBZ@ + LIBZ_CFLAGS:=@LIBZ_CFLAGS@ + LIBZ_LIBS:=@LIBZ_LIBS@ +--- a/make/modules/java.smartcardio/Lib.gmk ++++ b/make/modules/java.smartcardio/Lib.gmk +@@ -30,12 +30,12 @@ include LibCommon.gmk $(eval $(call SetupJdkLibrary, BUILD_LIBJ2PCSC, \ NAME := j2pcsc, \ CFLAGS := $(CFLAGS_JDKLIB), \ @@ -78,8 +78,8 @@ LIBS_windows := winscard.lib, \ )) ---- jdk22u-jdk-22-36/src/java.smartcardio/unix/native/libj2pcsc/pcsc_md.c 2024-03-15 16:01:47.044277064 +0100 -+++ jdk22u-jdk-22-36/src/java.smartcardio/unix/native/libj2pcsc/pcsc_md.c 2024-03-15 16:01:55.957616058 +0100 +--- a/src/java.smartcardio/unix/native/libj2pcsc/pcsc_md.c ++++ b/src/java.smartcardio/unix/native/libj2pcsc/pcsc_md.c @@ -36,6 +36,7 @@ #include "pcsc_md.h" @@ -88,7 +88,7 @@ void *hModule; FPTR_SCardEstablishContext scardEstablishContext; FPTR_SCardConnect scardConnect; -@@ -47,6 +48,7 @@ +@@ -47,6 +48,7 @@ FPTR_SCardListReaders scardListReaders; FPTR_SCardBeginTransaction scardBeginTransaction; FPTR_SCardEndTransaction scardEndTransaction; FPTR_SCardControl scardControl; @@ -96,7 +96,7 @@ /* * Throws a Java Exception by name -@@ -75,6 +77,7 @@ +@@ -75,6 +77,7 @@ static void throwIOException(JNIEnv *env, const char *msg) throwByName(env, "java/io/IOException", msg); } @@ -104,7 +104,7 @@ static void *findFunction(JNIEnv *env, void *hModule, char *functionName) { void *fAddress = dlsym(hModule, functionName); if (fAddress == NULL) { -@@ -85,9 +88,11 @@ +@@ -85,9 +88,11 @@ static void *findFunction(JNIEnv *env, void *hModule, char *functionName) { } return fAddress; } @@ -116,14 +116,14 @@ const char *libName = (*env)->GetStringUTFChars(env, jLibName, NULL); if (libName == NULL) { throwNullPointerException(env, "PCSC library name is null"); -@@ -141,4 +146,5 @@ +@@ -141,4 +146,5 @@ JNIEXPORT void JNICALL Java_sun_security_smartcardio_PlatformPCSC_initialize #else scardControl = (FPTR_SCardControl) findFunction(env, hModule, "SCardControl132"); #endif // __APPLE__ +#endif } ---- jdk22u-jdk-22-36/src/java.smartcardio/unix/native/libj2pcsc/pcsc_md.h 2024-03-15 16:01:47.044277064 +0100 -+++ jdk22u-jdk-22-36/src/java.smartcardio/unix/native/libj2pcsc/pcsc_md.h 2024-03-15 16:01:55.960949394 +0100 +--- a/src/java.smartcardio/unix/native/libj2pcsc/pcsc_md.h ++++ b/src/java.smartcardio/unix/native/libj2pcsc/pcsc_md.h @@ -23,6 +23,8 @@ * questions. */ @@ -133,7 +133,7 @@ typedef LONG (*FPTR_SCardEstablishContext)(DWORD dwScope, LPCVOID pvReserved1, LPCVOID pvReserved2, -@@ -111,3 +113,41 @@ +@@ -111,3 +113,41 @@ extern FPTR_SCardListReaders scardListReaders; extern FPTR_SCardBeginTransaction scardBeginTransaction; extern FPTR_SCardEndTransaction scardEndTransaction; extern FPTR_SCardControl scardControl; diff --git a/zero-ranges.patch b/zero-ranges.patch index 406aae8..b0c8ca0 100644 --- a/zero-ranges.patch +++ b/zero-ranges.patch @@ -1,6 +1,6 @@ --- a/src/hotspot/cpu/zero/globals_zero.hpp +++ b/src/hotspot/cpu/zero/globals_zero.hpp -@@ -52,9 +52,9 @@ define_pd_global(intx, InitArrayShortSize, 0); +@@ -54,9 +54,9 @@ define_pd_global(intx, InitArrayShortSize, 0); #define DEFAULT_STACK_SHADOW_PAGES (5 LP64_ONLY(+1) DEBUG_ONLY(+3)) #define DEFAULT_STACK_RESERVED_PAGES (0)