提交 53b4c6d6 编写于 作者: A alanb

8007097: (profiles) Build needs test to ensure that profile definitions are updated

Reviewed-by: dholmes, erikj
上级 4ef5d169
......@@ -30,14 +30,12 @@ import java.nio.file.Path;
import java.nio.file.Paths;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.IOException;
import java.util.Set;
import java.util.HashSet;
import com.sun.tools.classfile.AccessFlags;
import com.sun.tools.classfile.Attributes;
import com.sun.tools.classfile.ClassFile;
import com.sun.tools.classfile.ClassReader;
import com.sun.tools.classfile.ClassWriter;
import com.sun.tools.classfile.ConstantPool;
import com.sun.tools.classfile.Field;
......
/*
* Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package build.tools.deps;
import java.nio.file.DirectoryStream;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.nio.charset.StandardCharsets;
import java.util.Set;
import java.util.HashSet;
import java.util.Map;
import java.util.HashMap;
import java.util.Enumeration;
import java.util.Properties;
import java.util.jar.JarEntry;
import java.util.jar.JarFile;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.URL;
import com.sun.tools.classfile.ClassFile;
import com.sun.tools.classfile.Dependencies;
import com.sun.tools.classfile.Dependency;
/**
* A simple tool to check the JAR files in a JRE image to ensure that there
* aren't any references to types that do not exist. The tool is intended to
* be used in the JDK "profiles" build to help ensure that the profile
* definitions are kept up to date.
*/
public class CheckDeps {
// classfile API for finding dependencies
static final Dependency.Finder finder = Dependencies.getClassDependencyFinder();
// "known types", found in rt.jar or other JAR files
static final Set<String> knownTypes = new HashSet<>();
// References to unknown types. The map key is the unknown type, the
// map value is the set of classes that reference it.
static final Map<String,Set<String>> unknownRefs = new HashMap<>();
// The property name is the name of an unknown type that is allowed to be
// references. The property value is a comma separated list of the types
// that are allowed to reference it. The list also includes the names of
// the profiles that the reference is allowed.
static final Properties allowedBadRefs = new Properties();
/**
* Returns the class name for the given class file. In the case of inner
* classes then the enclosing class is returned in order to keep the
* rules simple.
*/
static String toClassName(String s) {
int i = s.indexOf('$');
if (i > 0)
s = s.substring(0, i);
return s.replace("/", ".");
}
/**
* Analyze the dependencies of all classes in the given JAR file. The
* method updates knownTypes and unknownRefs as part of the analysis.
*/
static void analyzeDependencies(Path jarpath) throws Exception {
System.out.format("Analyzing %s%n", jarpath);
try (JarFile jf = new JarFile(jarpath.toFile())) {
Enumeration<JarEntry> entries = jf.entries();
while (entries.hasMoreElements()) {
JarEntry e = entries.nextElement();
String name = e.getName();
if (name.endsWith(".class")) {
ClassFile cf = ClassFile.read(jf.getInputStream(e));
for (Dependency d : finder.findDependencies(cf)) {
String origin = toClassName(d.getOrigin().getName());
String target = toClassName(d.getTarget().getName());
// origin is now known
unknownRefs.remove(origin);
knownTypes.add(origin);
// if the target is not known then record the reference
if (!knownTypes.contains(target)) {
Set<String> refs = unknownRefs.get(target);
if (refs == null) {
// first time seeing this unknown type
refs = new HashSet<>();
unknownRefs.put(target, refs);
}
refs.add(origin);
}
}
}
}
}
}
/**
* We have closure (no references to types that do not exist) if
* unknownRefs is empty. When unknownRefs is not empty then it should
* only contain references that are allowed to be present (these are
* loaded from the refs.allowed properties file).
*
* @param the profile that is being tested, this determines the exceptions
* in {@code allowedBadRefs} that apply.
*
* @return {@code true} if there are no missing types or the only references
* to missing types are described by {@code allowedBadRefs}.
*/
static boolean checkClosure(String profile) {
// process the references to types that do not exist.
boolean fail = false;
for (Map.Entry<String,Set<String>> entry: unknownRefs.entrySet()) {
String target = entry.getKey();
for (String origin: entry.getValue()) {
// check if origin -> target allowed
String value = allowedBadRefs.getProperty(target);
if (value == null) {
System.err.format("%s -> %s (unknown type)%n", origin, target);
fail = true;
} else {
// target is known, check if the origin is one that we
// expect and that the exception applies to the profile.
boolean found = false;
boolean applicable = false;
for (String s: value.split(",")) {
s = s.trim();
if (s.equals(origin))
found = true;
if (s.equals(profile))
applicable = true;
}
if (!found || !applicable) {
if (!found) {
System.err.format("%s -> %s (not allowed)%n", origin, target);
} else {
System.err.format("%s -> %s (reference not applicable to %s)%n",
origin, target, profile);
}
fail = true;
}
}
}
}
return !fail;
}
static void fail(URL url) throws Exception {
System.err.println("One or more unexpected references encountered");
if (url != null)
System.err.format("Check %s is up to date%n", Paths.get(url.toURI()));
System.exit(-1);
}
public static void main(String[] args) throws Exception {
// load properties file so that we know what missing types that are
// allowed to be referenced.
URL url = CheckDeps.class.getResource("refs.allowed");
if (url != null) {
try (InputStream in = url.openStream()) {
allowedBadRefs.load(new InputStreamReader(in, StandardCharsets.UTF_8));
}
}
if (args.length != 2) {
System.err.println("Usage: java CheckDeps <image> <profile>");
System.exit(-1);
}
String image = args[0];
String profile = args[1];
// process JAR files on boot class path
Path lib = Paths.get(image, "lib");
try (DirectoryStream<Path> stream = Files.newDirectoryStream(lib, "*.jar")) {
for (Path jarpath: stream) {
analyzeDependencies(jarpath);
}
}
// classes on boot class path should not reference other types
boolean okay = checkClosure(profile);
if (!okay)
fail(url);
// process JAR files in the extensions directory
try (DirectoryStream<Path> stream = Files.newDirectoryStream(lib.resolve("ext"), "*.jar")) {
for (Path jarpath: stream) {
analyzeDependencies(jarpath);
}
}
// re-check to ensure that the extensions doesn't reference types that
// do not exist.
okay = checkClosure(profile);
if (!okay)
fail(url);
}
}
#
# This properties-formatted file contains the names of the non-existent types
# that are allowed to be referenced from classes in a profiles image.
#
# The property key is a type that does not exist. The property value is one or
# more types that reference the missing type. The property value also encodes
# the names of the profiles where this reference is allowed.
# jsse.jar is not subsetted by the profiles build. For compact1 and compact2
# then this means that there are references to Kerberos types that do not
# exist. These references are harmless.
#
javax.security.auth.kerberos.KerberosKey=sun.security.ssl.krb5.KerberosClientKeyExchangeImpl,sun.security.ssl.krb5.Krb5ProxyImpl,compact1,compact2
javax.security.auth.kerberos.KerberosPrincipal=sun.security.ssl.krb5.KerberosClientKeyExchangeImpl,sun.security.ssl.krb5.Krb5ProxyImpl,compact1,compact2
javax.security.auth.kerberos.KerberosTicket=sun.security.ssl.krb5.KerberosClientKeyExchangeImpl,sun.security.ssl.krb5.KerberosClientKeyExchangeImpl,compact1,compact2
javax.security.auth.kerberos.ServicePermission=sun.security.ssl.krb5.KerberosClientKeyExchangeImpl,sun.security.ssl.krb5.Krb5ProxyImpl,compact1,compact2
sun.security.jgss.GSSCaller=sun.security.ssl.krb5.KerberosClientKeyExchangeImpl,sun.security.ssl.krb5.Krb5ProxyImpl,compact1,compact2
sun.security.jgss.krb5.Krb5Util=sun.security.ssl.krb5.KerberosClientKeyExchangeImpl,sun.security.ssl.krb5.Krb5ProxyImpl,compact1,compact2
sun.security.jgss.krb5.ServiceCreds=sun.security.ssl.krb5.Krb5ProxyImpl,compact1,compact2
sun.security.krb5.EncryptedData= sun.security.ssl.krb5.KerberosPreMasterSecret,sun.security.ssl.krb5.KerberosClientKeyExchangeImpl,compact1,compact2
sun.security.krb5.EncryptionKey=sun.security.ssl.krb5.KerberosPreMasterSecret,sun.security.ssl.krb5.KerberosClientKeyExchangeImpl,compact1,compact2
sun.security.krb5.internal.crypto.KeyUsage=sun.security.ssl.krb5.KerberosPreMasterSecret,sun.security.ssl.krb5.KerberosClientKeyExchangeImpl,compact1,compact2
sun.security.krb5.internal.EncTicketPart=sun.security.ssl.krb5.KerberosClientKeyExchangeImpl,compact1,compact2
sun.security.krb5.internal.Krb5=sun.security.ssl.krb5.KerberosClientKeyExchangeImpl,compact1,compact2
sun.security.krb5.internal.Ticket=sun.security.ssl.krb5.KerberosClientKeyExchangeImpl,compact1,compact2
sun.security.krb5.KrbException=sun.security.ssl.krb5.KerberosPreMasterSecret,sun.security.ssl.krb5.KerberosClientKeyExchangeImpl,compact1,compact2
sun.security.krb5.PrincipalName=sun.security.ssl.krb5.Krb5ProxyImpl,sun.security.ssl.krb5.KerberosClientKeyExchangeImpl,compact1,compact2
sun.security.krb5.Realm=sun.security.ssl.krb5.KerberosClientKeyExchangeImpl,compact1,compact2
# Residual references to java.beans.
# The RemoveMethods tool does not yet purge the constant pool.
# Rhino is due to be replaced so not worth addressing this dependency now.
#
java.beans.PropertyChangeListener=java.util.logging.LogManager,sun.org.mozilla.javascript.internal.Context,compact1,compact2,compact3
java.beans.PropertyChangeEvent=sun.org.mozilla.javascript.internal.Context,compact3
......@@ -743,9 +743,18 @@ ifneq ($(PROFILE),)
$(foreach f,$(CUSTOM_PROFILE_JARS),\
$(eval $(call AddFileToCopy,$(IMAGES_OUTPUTDIR)/lib$(PROFILE),$(JRE_IMAGE_DIR)/lib,$f,JRE_LIB_TARGETS)))
PROFILE_IMAGE_JARS := $(filter %.jar, $(JRE_LIB_TARGETS))
PROFILE_IMAGE_JARS_CHECKED := $(IMAGES_OUTPUTDIR)/lib$(PROFILE)/_jars_checked
$(PROFILE_IMAGE_JARS_CHECKED) : $(PROFILE_IMAGE_JARS)
$(TOOL_CHECKDEPS) $(JRE_IMAGE_DIR) \
$(call profile_name, $(call profile_number, $(PROFILE)))
$(TOUCH) $@
profile-image: $(JRE_BIN_TARGETS) $(JRE_LIB_TARGETS) \
$(JRE_IMAGE_DIR)/lib/meta-index $(JRE_IMAGE_DIR)/lib/ext/meta-index \
$(JRE_INFO_FILE) $(JRE_STRIP_LIST)
$(JRE_INFO_FILE) $(JRE_STRIP_LIST) $(PROFILE_IMAGE_JARS_CHECKED)
.PHONY: profile-image
......
......@@ -53,6 +53,14 @@ $(JDK_OUTPUTDIR)/btclasses/build/tools/generatenimbus/resources/%.template : \
BUILD_TOOLS += $(foreach i,$(wildcard $(JDK_TOPDIR)/src/share/classes/javax/swing/plaf/nimbus/*.template),$(JDK_OUTPUTDIR)/btclasses/build/tools/generatenimbus/resources/$(notdir $i))
# Resources used by CheckDeps tool
$(JDK_OUTPUTDIR)/btclasses/build/tools/deps/% : \
$(JDK_TOPDIR)/make/tools/src/build/tools/deps/%
$(MKDIR) -p $(@D)
$(CP) $< $@
BUILD_TOOLS += $(JDK_OUTPUTDIR)/btclasses/build/tools/deps/refs.allowed
# Add a checksum ("jsum") to the end of a text file. Prevents trivial tampering with class lists.
TOOL_ADDJSUM=$(JAVA) -cp $(JDK_OUTPUTDIR)/btclasses \
build.tools.addjsum.AddJsum
......@@ -141,6 +149,10 @@ TOOL_REMOVEMETHODS=$(JAVA) -Xbootclasspath/p:$(LANGTOOLS_OUTPUTDIR)/dist/bootstr
-cp $(JDK_OUTPUTDIR)/btclasses:$(JDK_OUTPUTDIR) \
build.tools.classfile.RemoveMethods
TOOL_CHECKDEPS=$(JAVA) -Xbootclasspath/p:$(LANGTOOLS_OUTPUTDIR)/dist/bootstrap/lib/javac.jar \
-cp $(JDK_OUTPUTDIR)/btclasses:$(JDK_OUTPUTDIR) \
build.tools.deps.CheckDeps
##########################################################################################
# Tools needed on solaris because OBJCOPY is broken.
......
......@@ -134,8 +134,7 @@ PROFILE_1_RTJAR_INCLUDE_PACKAGES := \
sun/util/logging/resources \
sun/util/resources
PROFILE_1_RTJAR_INCLUDE_TYPES := \
com/sun/security/auth/PrincipalComparator.class
PROFILE_1_RTJAR_INCLUDE_TYPES :=
PROFILE_1_RTJAR_EXCLUDE_TYPES :=
......@@ -456,7 +455,12 @@ PROFILE_3_RTJAR_EXCLUDE_TYPES := \
javax/management/remote/rmi/_RMIConnectionImpl_Tie.class \
javax/management/remote/rmi/_RMIConnection_Stub.class \
javax/management/remote/rmi/_RMIServerImpl_Tie.class \
javax/management/remote/rmi/_RMIServer_Stub.class
javax/management/remote/rmi/_RMIServer_Stub.class \
com/sun/security/auth/callback/DialogCallbackHandler.class \
com/sun/security/auth/callback/DialogCallbackHandler\$$$$1.class \
com/sun/security/auth/callback/DialogCallbackHandler\$$$$2.class \
com/sun/security/auth/callback/DialogCallbackHandler\$$$$Action.class \
com/sun/security/auth/callback/DialogCallbackHandler\$$$$ConfirmationInfo.class
PROFILE_3_INCLUDE_METAINF_SERVICES := \
META-INF/services/javax.script.ScriptEngineFactory
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册