8044269: Analysis of archive files.
Summary: Add checksum verification.
Reviewed-by: iklam, dholmes, mschoene
--- a/hotspot/src/share/vm/classfile/classLoader.cpp Mon Jun 16 10:23:46 2014 -0400
+++ b/hotspot/src/share/vm/classfile/classLoader.cpp Tue Oct 14 18:47:46 2014 -0700
@@ -75,6 +75,7 @@
typedef jboolean (JNICALL *ReadEntry_t)(jzfile *zip, jzentry *entry, unsigned char *buf, char *namebuf);
typedef jboolean (JNICALL *ReadMappedEntry_t)(jzfile *zip, jzentry *entry, unsigned char **buf, char *namebuf);
typedef jzentry* (JNICALL *GetNextEntry_t)(jzfile *zip, jint n);
+typedef jint (JNICALL *Crc32_t)(jint crc, const jbyte *buf, jint len);
static ZipOpen_t ZipOpen = NULL;
static ZipClose_t ZipClose = NULL;
@@ -83,6 +84,7 @@
static ReadMappedEntry_t ReadMappedEntry = NULL;
static GetNextEntry_t GetNextEntry = NULL;
static canonicalize_fn_t CanonicalizeEntry = NULL;
+static Crc32_t Crc32 = NULL;
// Globals
@@ -799,9 +801,11 @@
ReadEntry = CAST_TO_FN_PTR(ReadEntry_t, os::dll_lookup(handle, "ZIP_ReadEntry"));
ReadMappedEntry = CAST_TO_FN_PTR(ReadMappedEntry_t, os::dll_lookup(handle, "ZIP_ReadMappedEntry"));
GetNextEntry = CAST_TO_FN_PTR(GetNextEntry_t, os::dll_lookup(handle, "ZIP_GetNextEntry"));
+ Crc32 = CAST_TO_FN_PTR(Crc32_t, os::dll_lookup(handle, "ZIP_CRC32"));
// ZIP_Close is not exported on Windows in JDK5.0 so don't abort if ZIP_Close is NULL
- if (ZipOpen == NULL || FindEntry == NULL || ReadEntry == NULL || GetNextEntry == NULL) {
+ if (ZipOpen == NULL || FindEntry == NULL || ReadEntry == NULL ||
+ GetNextEntry == NULL || Crc32 == NULL) {
vm_exit_during_initialization("Corrupted ZIP library", path);
}
@@ -811,6 +815,11 @@
// This lookup only works on 1.3. Do not check for non-null here
}
+int ClassLoader::crc32(int crc, const char* buf, int len) {
+ assert(Crc32 != NULL, "ZIP_CRC32 is not found");
+ return (*Crc32)(crc, (const jbyte*)buf, len);
+}
+
// PackageInfo data exists in order to support the java.lang.Package
// class. A Package object provides information about a java package
// (version, vendor, etc.) which originates in the manifest of the jar
--- a/hotspot/src/share/vm/classfile/classLoader.hpp Mon Jun 16 10:23:46 2014 -0400
+++ b/hotspot/src/share/vm/classfile/classLoader.hpp Tue Oct 14 18:47:46 2014 -0700
@@ -226,6 +226,7 @@
// to avoid confusing the zip library
static bool get_canonical_path(const char* orig, char* out, int len);
public:
+ static int crc32(int crc, const char* buf, int len);
static bool update_class_path_entry_list(const char *path,
bool check_for_duplicates,
bool throw_exception=true);
--- a/hotspot/src/share/vm/memory/filemap.cpp Mon Jun 16 10:23:46 2014 -0400
+++ b/hotspot/src/share/vm/memory/filemap.cpp Tue Oct 14 18:47:46 2014 -0700
@@ -331,6 +331,14 @@
return false;
}
+ size_t len = lseek(fd, 0, SEEK_END);
+ struct FileMapInfo::FileMapHeader::space_info* si =
+ &_header->_space[MetaspaceShared::mc];
+ if (si->_file_offset >= len || len - si->_file_offset < si->_used) {
+ fail_continue("The shared archive file has been truncated.");
+ return false;
+ }
+
_file_offset += (long)n;
return true;
}
@@ -431,6 +439,7 @@
si->_capacity = capacity;
si->_read_only = read_only;
si->_allow_exec = allow_exec;
+ si->_crc = ClassLoader::crc32(0, base, (jint)size);
write_bytes_aligned(base, (int)size);
}
@@ -455,14 +464,15 @@
// Align file position to an allocation unit boundary.
void FileMapInfo::align_file_position() {
- long new_file_offset = align_size_up(_file_offset, os::vm_allocation_granularity());
+ size_t new_file_offset = align_size_up(_file_offset,
+ os::vm_allocation_granularity());
if (new_file_offset != _file_offset) {
_file_offset = new_file_offset;
if (_file_open) {
// Seek one byte back from the target and write a byte to insure
// that the written file is the correct length.
_file_offset -= 1;
- if (lseek(_fd, _file_offset, SEEK_SET) < 0) {
+ if (lseek(_fd, (long)_file_offset, SEEK_SET) < 0) {
fail_stop("Unable to seek.");
}
char zero = 0;
@@ -569,6 +579,19 @@
return base;
}
+bool FileMapInfo::verify_region_checksum(int i) {
+ if (!VerifySharedSpaces) {
+ return true;
+ }
+ const char* buf = _header->_space[i]._base;
+ size_t sz = _header->_space[i]._used;
+ int crc = ClassLoader::crc32(0, buf, (jint)sz);
+ if (crc != _header->_space[i]._crc) {
+ fail_continue("Checksum verification failed.");
+ return false;
+ }
+ return true;
+}
// Unmap a memory region in the address space.
@@ -629,7 +652,21 @@
return true;
}
+int FileMapInfo::FileMapHeader::compute_crc() {
+ char* header = data();
+ // start computing from the field after _crc
+ char* buf = (char*)&_crc + sizeof(int);
+ size_t sz = data_size() - (buf - header);
+ int crc = ClassLoader::crc32(0, buf, (jint)sz);
+ return crc;
+}
+
bool FileMapInfo::FileMapHeader::validate() {
+ if (VerifySharedSpaces && compute_crc() != _crc) {
+ fail_continue("Header checksum verification failed.");
+ return false;
+ }
+
if (_version != current_version()) {
FileMapInfo::fail_continue("The shared archive file is the wrong version.");
return false;
--- a/hotspot/src/share/vm/memory/filemap.hpp Mon Jun 16 10:23:46 2014 -0400
+++ b/hotspot/src/share/vm/memory/filemap.hpp Tue Oct 14 18:47:46 2014 -0700
@@ -61,7 +61,7 @@
bool _file_open;
int _fd;
- long _file_offset;
+ size_t _file_offset;
private:
static SharedClassPathEntry* _classpath_entry_table;
@@ -87,12 +87,14 @@
}
int _magic; // identify file type.
+ int _crc; // header crc checksum.
int _version; // (from enum, above.)
size_t _alignment; // how shared archive should be aligned
int _obj_alignment; // value of ObjectAlignmentInBytes
struct space_info {
- int _file_offset; // sizeof(this) rounded to vm page size
+ int _crc; // crc checksum of the current space
+ size_t _file_offset; // sizeof(this) rounded to vm page size
char* _base; // copy-on-write base address
size_t _capacity; // for validity checking
size_t _used; // for setting space top on read
@@ -135,6 +137,7 @@
virtual bool validate();
virtual void populate(FileMapInfo* info, size_t alignment);
+ int compute_crc();
};
FileMapHeader * _header;
@@ -153,6 +156,8 @@
~FileMapInfo();
static int current_version() { return _current_version; }
+ int compute_header_crc() { return _header->compute_crc(); }
+ void set_header_crc(int crc) { _header->_crc = crc; }
void populate_header(size_t alignment);
bool validate_header();
void invalidate();
@@ -181,6 +186,7 @@
void write_bytes_aligned(const void* buffer, int count);
char* map_region(int i);
void unmap_region(int i);
+ bool verify_region_checksum(int i);
void close();
bool is_open() { return _file_open; }
ReservedSpace reserve_shared_memory();
--- a/hotspot/src/share/vm/memory/metaspaceShared.cpp Mon Jun 16 10:23:46 2014 -0400
+++ b/hotspot/src/share/vm/memory/metaspaceShared.cpp Tue Oct 14 18:47:46 2014 -0700
@@ -608,6 +608,7 @@
// Pass 2 - write data.
mapinfo->open_for_write();
+ mapinfo->set_header_crc(mapinfo->compute_header_crc());
mapinfo->write_header();
mapinfo->write_space(MetaspaceShared::ro, _loader_data->ro_metaspace(), true);
mapinfo->write_space(MetaspaceShared::rw, _loader_data->rw_metaspace(), false);
@@ -937,9 +938,13 @@
// Map each shared region
if ((_ro_base = mapinfo->map_region(ro)) != NULL &&
+ mapinfo->verify_region_checksum(ro) &&
(_rw_base = mapinfo->map_region(rw)) != NULL &&
+ mapinfo->verify_region_checksum(rw) &&
(_md_base = mapinfo->map_region(md)) != NULL &&
+ mapinfo->verify_region_checksum(md) &&
(_mc_base = mapinfo->map_region(mc)) != NULL &&
+ mapinfo->verify_region_checksum(mc) &&
(image_alignment == (size_t)max_alignment()) &&
mapinfo->validate_classpath_entry_table()) {
// Success (no need to do anything)
--- a/hotspot/src/share/vm/runtime/arguments.cpp Mon Jun 16 10:23:46 2014 -0400
+++ b/hotspot/src/share/vm/runtime/arguments.cpp Tue Oct 14 18:47:46 2014 -0700
@@ -3836,6 +3836,11 @@
return JNI_ENOMEM;
}
+ // Set up VerifySharedSpaces
+ if (FLAG_IS_DEFAULT(VerifySharedSpaces) && SharedArchiveFile != NULL) {
+ VerifySharedSpaces = true;
+ }
+
// Delay warning until here so that we've had a chance to process
// the -XX:-PrintWarnings flag
if (needs_hotspotrc_warning) {
--- a/hotspot/src/share/vm/runtime/globals.hpp Mon Jun 16 10:23:46 2014 -0400
+++ b/hotspot/src/share/vm/runtime/globals.hpp Tue Oct 14 18:47:46 2014 -0700
@@ -3790,6 +3790,10 @@
product(bool, UseSharedSpaces, true, \
"Use shared spaces for metadata") \
\
+ product(bool, VerifySharedSpaces, false, \
+ "Verify shared spaces (false for default archive, true for " \
+ "archive specified by -XX:SharedArchiveFile)") \
+ \
product(bool, RequireSharedSpaces, false, \
"Require shared spaces for metadata") \
\