diff options
| author |   Ralph Sennhauser <sera@gentoo.org> | 2011-11-21 10:15:46 +0000 |
|---|---|---|
| committer | Ralph Sennhauser <sera@gentoo.org> | 2011-11-21 10:15:46 +0000 |
| commit | 024945d620b020af4800e6304719c0c613399e31 (patch) | |
| tree | 503d103b2dd45b8565819f772109273ac2993c9f /eclass/java-vm-2.eclass | |
| parent | Fix man file location (diff) | |
| download | gentoo-2-024945d620b020af4800e6304719c0c613399e31.tar.gz gentoo-2-024945d620b020af4800e6304719c0c613399e31.tar.bz2 gentoo-2-024945d620b020af4800e6304719c0c613399e31.zip | |
Move handling of PaX marking JVM executables to eclass.
Diffstat (limited to 'eclass/java-vm-2.eclass')
| -rw-r--r-- | eclass/java-vm-2.eclass | 38 |
1 files changed, 36 insertions, 2 deletions
diff --git a/eclass/java-vm-2.eclass b/eclass/java-vm-2.eclass index c66ef8431d47..0f993874b23a 100644 --- a/eclass/java-vm-2.eclass +++ b/eclass/java-vm-2.eclass @@ -1,6 +1,6 @@ # Copyright 1999-2011 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/eclass/java-vm-2.eclass,v 1.38 2011/11/15 09:02:15 caster Exp $ +# $Header: /var/cvsroot/gentoo-x86/eclass/java-vm-2.eclass,v 1.39 2011/11/21 10:15:46 sera Exp $ # ----------------------------------------------------------------------------- # @eclass-begin @@ -12,7 +12,7 @@ # # ----------------------------------------------------------------------------- -inherit eutils fdo-mime multilib prefix +inherit eutils fdo-mime multilib pax-utils prefix DEPEND="=dev-java/java-config-2*" has "${EAPI}" 0 1 && DEPEND="${DEPEND} >=sys-apps/portage-2.1" @@ -175,6 +175,40 @@ set_java_env() { } # ----------------------------------------------------------------------------- +# @ebuild-function java-vm_set-pax-markings +# +# Set PaX markings on all JDK/JRE executables to allow code-generation on +# the heap by the JIT compiler. +# +# The markings need to be set prior to the first invocation of the the freshly +# built / installed VM. Be it before creating the Class Data Sharing archive or +# generating cacerts. Otherwise a PaX enabled kernel will kill the VM. +# Bug #215225 #389751 +# +# @example +# java-vm_set-pax-markings "${S}" +# java-vm_set-pax-markings "${ED}"/opt/${P} +# +# @param $1 - JDK/JRE base directory. +# ----------------------------------------------------------------------------- +java-vm_set-pax-markings() { + debug-print-function ${FUNCNAME} "$*" + [[ $# -ne 1 ]] && die "${FUNCNAME}: takes exactly one argument" + [[ ! -f "${1}"/bin/java ]] \ + && die "${FUNCNAME}: argument needs to be JDK/JRE base directory" + + local executables=( "${1}"/bin/* ) + [[ -d "${1}"/jre ]] && executables+=( "${1}"/jre/bin/* ) + + # Usally disabeling MPROTECT is sufficent + local pax_markings="m" + # On x86 for heap sizes over 700MB disable SEGMEXEC and PAGEEXEC as well. + use x86 && pax_markings="msp" + + pax-mark ${pax_markings} $(list-paxables "${executables[@]}") +} + +# ----------------------------------------------------------------------------- # @ebuild-function java-vm_revdep-mask # # Installs a revdep-rebuild control file which SEARCH_DIR_MASK set to the path |