| 1 |
sera 11/11/21 10:15:46 |
| 2 |
|
| 3 |
Modified: ChangeLog java-vm-2.eclass |
| 4 |
Log: |
| 5 |
Move handling of PaX marking JVM executables to eclass. |
| 6 |
|
| 7 |
Revision Changes Path |
| 8 |
1.22 eclass/ChangeLog |
| 9 |
|
| 10 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/eclass/ChangeLog?rev=1.22&view=markup |
| 11 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/eclass/ChangeLog?rev=1.22&content-type=text/plain |
| 12 |
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/eclass/ChangeLog?r1=1.21&r2=1.22 |
| 13 |
|
| 14 |
Index: ChangeLog |
| 15 |
=================================================================== |
| 16 |
RCS file: /var/cvsroot/gentoo-x86/eclass/ChangeLog,v |
| 17 |
retrieving revision 1.21 |
| 18 |
retrieving revision 1.22 |
| 19 |
diff -u -r1.21 -r1.22 |
| 20 |
--- ChangeLog 21 Nov 2011 01:43:44 -0000 1.21 |
| 21 |
+++ ChangeLog 21 Nov 2011 10:15:46 -0000 1.22 |
| 22 |
@@ -1,6 +1,9 @@ |
| 23 |
# ChangeLog for eclass directory |
| 24 |
# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 |
| 25 |
-# $Header: /var/cvsroot/gentoo-x86/eclass/ChangeLog,v 1.21 2011/11/21 01:43:44 dirtyepic Exp $ |
| 26 |
+# $Header: /var/cvsroot/gentoo-x86/eclass/ChangeLog,v 1.22 2011/11/21 10:15:46 sera Exp $ |
| 27 |
+ |
| 28 |
+ 21 Nov 2011; Ralph Sennhauser <sera@g.o> java-vm-2.eclass: |
| 29 |
+ Move handling of PaX marking JVM executables to eclass. |
| 30 |
|
| 31 |
21 Nov 2011; Ryan Hill <dirtyepic@g.o> toolchain.eclass: |
| 32 |
Fix live ebuilds. |
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
1.39 eclass/java-vm-2.eclass |
| 37 |
|
| 38 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/eclass/java-vm-2.eclass?rev=1.39&view=markup |
| 39 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/eclass/java-vm-2.eclass?rev=1.39&content-type=text/plain |
| 40 |
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/eclass/java-vm-2.eclass?r1=1.38&r2=1.39 |
| 41 |
|
| 42 |
Index: java-vm-2.eclass |
| 43 |
=================================================================== |
| 44 |
RCS file: /var/cvsroot/gentoo-x86/eclass/java-vm-2.eclass,v |
| 45 |
retrieving revision 1.38 |
| 46 |
retrieving revision 1.39 |
| 47 |
diff -u -r1.38 -r1.39 |
| 48 |
--- java-vm-2.eclass 15 Nov 2011 09:02:15 -0000 1.38 |
| 49 |
+++ java-vm-2.eclass 21 Nov 2011 10:15:46 -0000 1.39 |
| 50 |
@@ -1,6 +1,6 @@ |
| 51 |
# Copyright 1999-2011 Gentoo Foundation |
| 52 |
# Distributed under the terms of the GNU General Public License v2 |
| 53 |
-# $Header: /var/cvsroot/gentoo-x86/eclass/java-vm-2.eclass,v 1.38 2011/11/15 09:02:15 caster Exp $ |
| 54 |
+# $Header: /var/cvsroot/gentoo-x86/eclass/java-vm-2.eclass,v 1.39 2011/11/21 10:15:46 sera Exp $ |
| 55 |
|
| 56 |
# ----------------------------------------------------------------------------- |
| 57 |
# @eclass-begin |
| 58 |
@@ -12,7 +12,7 @@ |
| 59 |
# |
| 60 |
# ----------------------------------------------------------------------------- |
| 61 |
|
| 62 |
-inherit eutils fdo-mime multilib prefix |
| 63 |
+inherit eutils fdo-mime multilib pax-utils prefix |
| 64 |
|
| 65 |
DEPEND="=dev-java/java-config-2*" |
| 66 |
has "${EAPI}" 0 1 && DEPEND="${DEPEND} >=sys-apps/portage-2.1" |
| 67 |
@@ -175,6 +175,40 @@ |
| 68 |
} |
| 69 |
|
| 70 |
# ----------------------------------------------------------------------------- |
| 71 |
+# @ebuild-function java-vm_set-pax-markings |
| 72 |
+# |
| 73 |
+# Set PaX markings on all JDK/JRE executables to allow code-generation on |
| 74 |
+# the heap by the JIT compiler. |
| 75 |
+# |
| 76 |
+# The markings need to be set prior to the first invocation of the the freshly |
| 77 |
+# built / installed VM. Be it before creating the Class Data Sharing archive or |
| 78 |
+# generating cacerts. Otherwise a PaX enabled kernel will kill the VM. |
| 79 |
+# Bug #215225 #389751 |
| 80 |
+# |
| 81 |
+# @example |
| 82 |
+# java-vm_set-pax-markings "${S}" |
| 83 |
+# java-vm_set-pax-markings "${ED}"/opt/${P} |
| 84 |
+# |
| 85 |
+# @param $1 - JDK/JRE base directory. |
| 86 |
+# ----------------------------------------------------------------------------- |
| 87 |
+java-vm_set-pax-markings() { |
| 88 |
+ debug-print-function ${FUNCNAME} "$*" |
| 89 |
+ [[ $# -ne 1 ]] && die "${FUNCNAME}: takes exactly one argument" |
| 90 |
+ [[ ! -f "${1}"/bin/java ]] \ |
| 91 |
+ && die "${FUNCNAME}: argument needs to be JDK/JRE base directory" |
| 92 |
+ |
| 93 |
+ local executables=( "${1}"/bin/* ) |
| 94 |
+ [[ -d "${1}"/jre ]] && executables+=( "${1}"/jre/bin/* ) |
| 95 |
+ |
| 96 |
+ # Usally disabeling MPROTECT is sufficent |
| 97 |
+ local pax_markings="m" |
| 98 |
+ # On x86 for heap sizes over 700MB disable SEGMEXEC and PAGEEXEC as well. |
| 99 |
+ use x86 && pax_markings="msp" |
| 100 |
+ |
| 101 |
+ pax-mark ${pax_markings} $(list-paxables "${executables[@]}") |
| 102 |
+} |
| 103 |
+ |
| 104 |
+# ----------------------------------------------------------------------------- |
| 105 |
# @ebuild-function java-vm_revdep-mask |
| 106 |
# |
| 107 |
# Installs a revdep-rebuild control file which SEARCH_DIR_MASK set to the path |
Archives