# RPM conditionals so as to be able to dynamically produce
# slowdebug/release builds. See:
# http://rpm.org/user_doc/conditional_builds.html
#
# Examples:
#
# Produce release, fastdebug *and* slowdebug builds on x86_64 (default):
# $ rpmbuild -ba java-1.8.0-openjdk.spec
#
# Produce only release builds (no debug builds) on x86_64:
# $ rpmbuild -ba java-1.8.0-openjdk.spec --without slowdebug --without fastdebug
#
# Only produce a release build on x86_64:
# $ rhpkg mockbuild --without slowdebug --without fastdebug
#
# Enable fastdebug builds by default on relevant arches.
%bcond_without fastdebug
# Enable slowdebug builds by default on relevant arches.
%bcond_without slowdebug
# Enable release builds by default on relevant arches.
%bcond_without release
# Remove build artifacts by default
%bcond_with artifacts
# Build a fresh libjvm.so for use in a copy of the bootstrap JDK
%bcond_without fresh_libjvm
# Build with system libraries
%bcond_with system_libs
# Define whether to use the bootstrap JDK directly or with a fresh libjvm.so
%if %{with fresh_libjvm}
%global build_hotspot_first 1
%else
%global build_hotspot_first 0
%endif
%if %{with system_libs}
%global system_libs 1
%global link_type system
%global jpeg_lib |libjavajpeg[.]so.*
%else
%global system_libs 0
%global link_type bundled
%global jpeg_lib |libjpeg[.]so.*
%endif
# Turn off the debug package as we just produce a bunch of tarballs
%define debug_package %{nil}
# note: parametrized macros are order-sensitive (unlike not-parametrized) even with normal macros
# also necessary when passing it as parameter to other macros. If not macro, then it is considered a switch
# see the difference between global and define:
# See https://github.com/rpm-software-management/rpm/issues/127 to comments at "pmatilai commented on Aug 18, 2017"
# (initiated in https://bugzilla.redhat.com/show_bug.cgi?id=1482192)
%global debug_suffix_unquoted -slowdebug
%global fastdebug_suffix_unquoted -fastdebug
# quoted one for shell operations
%global debug_suffix "%{debug_suffix_unquoted}"
%global fastdebug_suffix "%{fastdebug_suffix_unquoted}"
%global normal_suffix ""
%global debug_warning This package is unoptimised with full debugging. Install only as needed and remove ASAP.
%global fastdebug_warning This package is optimised with full debugging. Install only as needed and remove ASAP.
%global debug_on unoptimised with full debugging on
%global fastdebug_on optimised with full debugging on
%global for_fastdebug for packages with debugging on and optimisation
%global for_debug for packages with debugging on and no optimisation
%if %{with release}
%global include_normal_build 1
%else
%global include_normal_build 0
%endif
%if %{include_normal_build}
%global normal_build %{normal_suffix}
%else
%global normal_build %{nil}
%endif
%global aarch64 aarch64 arm64 armv8
# we need to distinguish between big and little endian PPC64
%global ppc64le ppc64le
%global ppc64be ppc64 ppc64p7
# Set of architectures which support multiple ABIs
%global multilib_arches %{power64} sparc64 x86_64
# Set of architectures for which we build slowdebug builds
%global debug_arches %{ix86} x86_64 sparcv9 sparc64 %{aarch64} %{power64}
# Set of architectures for which we build fastdebug builds
%global fastdebug_arches x86_64 ppc64le aarch64
# Set of architectures with a Just-In-Time (JIT) compiler
%global jit_arches %{aarch64} %{ix86} %{power64} sparcv9 sparc64 x86_64
# Set of architectures which use the Zero assembler port (!jit_arches)
%global zero_arches %{arm} ppc s390 s390x
# Set of architectures which run a full bootstrap cycle
%global bootstrap_arches %{jit_arches} %{zero_arches}
# Set of architectures which support SystemTap tapsets
%global systemtap_arches %{jit_arches}
# Set of architectures which support the serviceability agent
%global sa_arches %{ix86} x86_64 sparcv9 sparc64 %{aarch64}
# Set of architectures which support class data sharing
# See https://bugzilla.redhat.com/show_bug.cgi?id=513605
# MetaspaceShared::generate_vtable_methods is not implemented for the PPC JIT
%global share_arches %{ix86} x86_64 sparcv9 sparc64 %{aarch64}
# Set of architectures which support Java Flight Recorder (JFR)
%global jfr_arches %{jit_arches}
# Set of architectures for which alt-java has SSB mitigation
%global ssbd_arches x86_64
# Set of architectures where we verify backtraces with gdb
%global gdb_arches %{jit_arches} %{zero_arches}
# By default, we build a debug build during main build on JIT architectures
%if %{with slowdebug}
%ifarch %{debug_arches}
%global include_debug_build 1
%else
%global include_debug_build 0
%endif
%else
%global include_debug_build 0
%endif
# By default, we build a fastdebug build during main build only on fastdebug architectures
%if %{with fastdebug}
%ifarch %{fastdebug_arches}
%global include_fastdebug_build 1
%else
%global include_fastdebug_build 0
%endif
%else
%global include_fastdebug_build 0
%endif
%if %{include_debug_build}
%global slowdebug_build %{debug_suffix}
%else
%global slowdebug_build %{nil}
%endif
%if %{include_fastdebug_build}
%global fastdebug_build %{fastdebug_suffix}
%else
%global fastdebug_build %{nil}
%endif
# If you disable all builds, then the build fails
# Build and test slowdebug first as it provides the best diagnostics
%global build_loop %{slowdebug_build} %{fastdebug_build} %{normal_build}
%if 0%{?flatpak}
%global bootstrap_build false
%else
%ifarch %{bootstrap_arches}
%global bootstrap_build true
%else
%global bootstrap_build false
%endif
%endif
%global bootstrap_targets images
%global release_targets images docs-zip
# No docs nor bootcycle for debug builds
%global debug_targets images
# Target to use to just build HotSpot
%global hotspot_target hotspot
# JDK to use for bootstrapping
# Use OpenJDK 7 where available (on RHEL) to avoid
# having to use the rhel-7.x-java-unsafe-candidate hack
%if ! 0%{?fedora} && 0%{?rhel} <= 7
%global buildjdkver 1.7.0
%else
%global buildjdkver 1.8.0
%endif
%global bootjdk /usr/lib/jvm/java-%{buildjdkver}-openjdk
# Filter out flags from the optflags macro that cause problems with the OpenJDK build
# We filter out -O flags so that the optimization of HotSpot is not lowered from O3 to O2
# We filter out -Wall which will otherwise cause HotSpot to produce hundreds of thousands of warnings (100+mb logs)
# We replace it with -Wformat (required by -Werror=format-security) and -Wno-cpp to avoid FORTIFY_SOURCE warnings
# We filter out -fexceptions as the HotSpot build explicitly does -fno-exceptions and it's otherwise the default for C++
%global ourflags %(echo %optflags | sed -e 's|-Wall|-Wformat -Wno-cpp|' | sed -r -e 's|-O[0-9]*||')
%global ourcppflags %(echo %ourflags | sed -e 's|-fexceptions||')
%global ourldflags %{__global_ldflags}
# With disabled nss is NSS deactivated, so NSS_LIBDIR can contain the wrong path
# the initialization must be here. Later the pkg-config have buggy behavior
# looks like openjdk RPM specific bug
# Always set this so the nss.cfg file is not broken
%global NSS_LIBDIR %(pkg-config --variable=libdir nss)
%global NSS_LIBS %(pkg-config --libs nss)
%global NSS_CFLAGS %(pkg-config --cflags nss-softokn)
# see https://bugzilla.redhat.com/show_bug.cgi?id=1332456
%global NSSSOFTOKN_BUILDTIME_NUMBER %(pkg-config --modversion nss-softokn || : )
%global NSS_BUILDTIME_NUMBER %(pkg-config --modversion nss || : )
# this is workaround for processing of requires during srpm creation
%global NSSSOFTOKN_BUILDTIME_VERSION %(if [ "x%{NSSSOFTOKN_BUILDTIME_NUMBER}" == "x" ] ; then echo "" ;else echo ">= %{NSSSOFTOKN_BUILDTIME_NUMBER}" ;fi)
%global NSS_BUILDTIME_VERSION %(if [ "x%{NSS_BUILDTIME_NUMBER}" == "x" ] ; then echo "" ;else echo ">= %{NSS_BUILDTIME_NUMBER}" ;fi)
# In some cases, the arch used by the JDK does
# not match _arch.
# Also, in some cases, the machine name used by SystemTap
# does not match that given by _target_cpu
%ifarch x86_64
%global archinstall amd64
%global stapinstall x86_64
%endif
%ifarch ppc
%global archinstall ppc
%global stapinstall powerpc
%endif
%ifarch %{ppc64be}
%global archinstall ppc64
%global stapinstall powerpc
%endif
%ifarch %{ppc64le}
%global archinstall ppc64le
%global stapinstall powerpc
%endif
%ifarch %{ix86}
%global archinstall i386
%global stapinstall i386
%endif
%ifarch ia64
%global archinstall ia64
%global stapinstall ia64
%endif
%ifarch s390
%global archinstall s390
%global stapinstall s390
%endif
%ifarch s390x
%global archinstall s390x
%global stapinstall s390
%endif
%ifarch %{arm}
%global archinstall arm
%global stapinstall arm
%endif
%ifarch %{aarch64}
%global archinstall aarch64
%global stapinstall arm64
%endif
# 32 bit sparc, optimized for v9
%ifarch sparcv9
%global archinstall sparc
%global stapinstall %{_target_cpu}
%endif
# 64 bit sparc
%ifarch sparc64
%global archinstall sparcv9
%global stapinstall %{_target_cpu}
%endif
# Need to support noarch for srpm build
%ifarch noarch
%global archinstall %{nil}
%global stapinstall %{nil}
%endif
# Always off in portables
%ifarch %{systemtap_arches}
%global with_systemtap 0
%else
%global with_systemtap 0
%endif
# New Version-String scheme-style defines
%global majorver 8
# Standard JPackage naming and versioning defines
%global origin openjdk
%global origin_nice OpenJDK
%global top_level_dir_name %{origin}
# Settings for local security configuration
%global security_file %{top_level_dir_name}/jdk/src/share/lib/security/java.security-%{_target_os}
%global cacerts_file /etc/pki/java/cacerts
# Define vendor information used by OpenJDK
%global oj_vendor Red Hat, Inc.
%global oj_vendor_url "https://www.redhat.com/"
# Define what url should JVM offer in case of a crash report
# order may be important, epel may have rhel declared
%if 0%{?epel}
%global oj_vendor_bug_url https://bugzilla.redhat.com/enter_bug.cgi?product=Fedora%20EPEL&component=%{component}&version=epel%{epel}
%else
%if 0%{?fedora}
# Does not work for rawhide, keeps the version field empty
%global oj_vendor_bug_url https://bugzilla.redhat.com/enter_bug.cgi?product=Fedora&component=%{component}&version=%{fedora}
%else
%if 0%{?rhel}
%global oj_vendor_bug_url https://bugzilla.redhat.com/enter_bug.cgi?product=Red%20Hat%20Enterprise%20Linux%20%{rhel}&component=%{component}
%else
%global oj_vendor_bug_url https://bugzilla.redhat.com/enter_bug.cgi
%endif
%endif
%endif
# note, following three variables are sedded from update_sources if used correctly. Hardcode them rather there.
%global shenandoah_project openjdk
%global shenandoah_repo shenandoah-jdk8u
%global openjdk_revision jdk8u372-b07
%global shenandoah_revision shenandoah-%{openjdk_revision}
# Define old aarch64/jdk8u tree variables for compatibility
%global project %{shenandoah_project}
%global repo %{shenandoah_repo}
%global revision %{shenandoah_revision}
# Define IcedTea version used for SystemTap tapsets and desktop file
%global icedteaver 3.15.0
# Define current Git revision for the FIPS support patches
%global fipsver 6d1aade0648
# Define current Git revision for the cacerts patch
%global cacertsver 8139f2361c2
# e.g. aarch64-shenandoah-jdk8u212-b04-shenandoah-merge-2019-04-30 -> aarch64-shenandoah-jdk8u212-b04
%global version_tag %(VERSION=%{revision}; echo ${VERSION%%-shenandoah-merge*})
# eg # jdk8u60-b27 -> jdk8u60 or # aarch64-jdk8u60-b27 -> aarch64-jdk8u60 (dont forget spec escape % by %%)
%global whole_update %(VERSION=%{version_tag}; echo ${VERSION%%-*})
# eg jdk8u60 -> 60 or aarch64-jdk8u60 -> 60
%global updatever %(VERSION=%{whole_update}; echo ${VERSION##*u})
# eg jdk8u60-b27 -> b27
%global buildver %(VERSION=%{version_tag}; echo ${VERSION##*-})
%global rpmrelease 2
# Define milestone (EA for pre-releases, GA ("fcs") for releases)
# Release will be (where N is usually a number starting at 1):
# - 0.N%%{?extraver}%%{?dist} for EA releases,
# - N%%{?extraver}{?dist} for GA releases
%global is_ga 1
%if %{is_ga}
%global milestone fcs
%global milestone_version %{nil}
%global extraver %{nil}
%global eaprefix %{nil}
%else
%global milestone ea
%global milestone_version "-ea"
%global extraver .%{milestone}
%global eaprefix 0.
%endif
# priority must be 7 digits in total. The expression is workarounding tip
%global priority %(TIP=1800%{updatever}; echo ${TIP/tip/999})
%global javaver 1.%{majorver}.0
# parametrized macros are order-sensitive
%global compatiblename %{name}
%global fullversion %{compatiblename}-%{version}-%{release}
# images stub
%global jdkimage j2sdk-image
%global jreimage j2re-image
# output dir stub
%define buildoutputdir() %{expand:build/jdk8.build%{?1}}
%define installoutputdir() %{expand:install/jdk8.install%{?1}}
%define packageoutputdir() %{expand:packages/jdk8.packages%{?1}}
# we can copy the javadoc to not arched dir, or make it not noarch
%define uniquejavadocdir() %{expand:%{fullversion}%{?1}}
# main id and dir of this jdk
%define uniquesuffix() %{expand:%{fullversion}.%{_arch}%{?1}}
%define jreportablenameimpl() %(echo %{uniquesuffix ""} | sed "s;el%{rhel}\\(_[0-9]\\)*;portable%{1}.jre;g")
%define jdkportablenameimpl() %(echo %{uniquesuffix ""} | sed "s;el%{rhel}\\(_[0-9]\\)*;portable%{1}.jdk;g")
%define jreportablearchive() %{expand:%{jreportablenameimpl -- %%{1}}.tar.xz}
%define jdkportablearchive() %{expand:%{jdkportablenameimpl -- %%{1}}.tar.xz}
%define jreportablename() %{expand:%{jreportablenameimpl -- %%{1}}}
%define jdkportablename() %{expand:%{jdkportablenameimpl -- %%{1}}}
%define docportablename() %(echo %{uniquesuffix ""} | sed "s;el%{rhel}\\(_[0-9]\\)*;portable.docs;g")
%define docportablearchive() %{docportablename}.tar.xz
%define miscportablename() %(echo %{uniquesuffix ""} | sed "s;el%{rhel}\\(_[0-9]\\)*;portable.misc;g")
%define miscportablearchive() %{miscportablename}.tar.xz
# Fix for https://bugzilla.redhat.com/show_bug.cgi?id=1111349.
# See also https://bugzilla.redhat.com/show_bug.cgi?id=1590796
# as to why some libraries *cannot* be excluded. In particular,
# these are:
# libjsig.so, libjava.so, libjawt.so, libjvm.so and libverify.so
%global _privatelibs libatk-wrapper[.]so.*|libattach[.]so.*|libawt_headless[.]so.*|libawt[.]so.*|libawt_xawt[.]so.*|libdt_socket[.]so.*|libfontmanager[.]so.*|libhprof[.]so.*|libinstrument[.]so.*|libj2gss[.]so.*|libj2pcsc[.]so.*|libj2pkcs11[.]so.*|libjaas_unix[.]so.*|libjava_crw_demo[.]so.*%{jpeg_lib}|libjdwp[.]so.*|libjli[.]so.*|libjsdt[.]so.*|libjsoundalsa[.]so.*|libjsound[.]so.*|liblcms[.]so.*|libmanagement[.]so.*|libmlib_image[.]so.*|libnet[.]so.*|libnio[.]so.*|libnpt[.]so.*|libsaproc[.]so.*|libsctp[.]so.*|libsplashscreen[.]so.*|libsunec[.]so.*|libsystemconf[.]so.*|libunpack[.]so.*|libzip[.]so.*|lib[.]so\\(SUNWprivate_.*
%global __provides_exclude ^(%{_privatelibs})$
%global __requires_exclude ^(%{_privatelibs})$
# Standard JPackage directories and symbolic links.
%global sdkdir() %{expand:%{uniquesuffix %%1}}
%global jrelnk() %{expand:jre-%{javaver}-%{origin}-%{version}-%{release}.%{_arch}%1}
%global jredir() %{expand:%{sdkdir %%1}/jre}
%global sdkbindir() %{expand:%{_jvmdir}/%{sdkdir %%1}/bin}
%global jrebindir() %{expand:%{_jvmdir}/%{jredir %%1}/bin}
%global alt_java_name alt-java
%global jvmjardir() %{expand:%{_jvmjardir}/%{uniquesuffix %%1}}
%global rpm_state_dir %{_localstatedir}/lib/rpm-state/
# For flatpack builds hard-code /usr/sbin/alternatives,
# otherwise use %%{_sbindir} relative path.
%if 0%{?flatpak}
%global alternatives_requires /usr/sbin/alternatives
%else
%global alternatives_requires %{_sbindir}/alternatives
%endif
%if %{with_systemtap}
# Where to install systemtap tapset (links)
# We would like these to be in a package specific sub-dir,
# but currently systemtap doesn't support that, so we have to
# use the root tapset dir for now. To distinguish between 64
# and 32 bit architectures we place the tapsets under the arch
# specific dir (note that systemtap will only pickup the tapset
# for the primary arch for now). Systemtap uses the machine name
# aka target_cpu as architecture specific directory name.
%global tapsetroot /usr/share/systemtap
%global tapsetdirttapset %{tapsetroot}/tapset/
%global tapsetdir %{tapsetdirttapset}/%{stapinstall}
%endif
# Prevent brp-java-repack-jars from being run.
%global __jar_repack 0
# portables have grown out of its component, moving back to java-x-vendor
# this expression, when declared as global, filled component with java-x-vendor portable
%define component %(echo %{name} | sed "s;-portable;;g")
Name: java-%{javaver}-%{origin}-portable
Version: %{javaver}.%{updatever}.%{buildver}
Release: %{?eaprefix}%{rpmrelease}%{?extraver}%{?dist}
# java-1.5.0-ibm from jpackage.org set Epoch to 1 for unknown reasons
# and this change was brought into RHEL-4. java-1.5.0-ibm packages
# also included the epoch in their virtual provides. This created a
# situation where in-the-wild java-1.5.0-ibm packages provided "java =
# 1:1.5.0". In RPM terms, "1.6.0 < 1:1.5.0" since 1.6.0 is
# interpreted as 0:1.6.0. So the "java >= 1.6.0" requirement would be
# satisfied by the 1:1.5.0 packages. Thus we need to set the epoch in
# JDK package >= 1.6.0 to 1, and packages referring to JDK virtual
# provides >= 1.6.0 must specify the epoch, "java >= 1:1.6.0".
Epoch: 1
Summary: %{origin_nice} %{majorver} Runtime Environment portable edition
Group: Development/Languages
# HotSpot code is licensed under GPLv2
# JDK library code is licensed under GPLv2 with the Classpath exception
# The Apache license is used in code taken from Apache projects (primarily JAXP & JAXWS)
# DOM levels 2 & 3 and the XML digital signature schemas are licensed under the W3C Software License
# The JSR166 concurrency code is in the public domain
# The BSD and MIT licenses are used for a number of third-party libraries (see THIRD_PARTY_README)
# The OpenJDK source tree includes the JPEG library (IJG), zlib & libpng (zlib), giflib and LCMS (MIT)
# The test code includes copies of NSS under the Mozilla Public License v2.0
# The PCSClite headers are under a BSD with advertising license
# The elliptic curve cryptography (ECC) source code is licensed under the LGPLv2.1 or any later version
License: ASL 1.1 and ASL 2.0 and BSD and BSD with advertising and GPL+ and GPLv2 and GPLv2 with exceptions and IJG and LGPLv2+ and MIT and MPLv2.0 and Public Domain and W3C and zlib
URL: http://openjdk.java.net/
# Shenandoah HotSpot
# aarch64-port/jdk8u-shenandoah contains an integration forest of
# OpenJDK 8u, the aarch64 port and Shenandoah
# To regenerate, use:
# VERSION=%%{shenandoah_revision}
# FILE_NAME_ROOT=%%{shenandoah_project}-%%{shenandoah_repo}-${VERSION}
# REPO_ROOT=<path to checked-out repository> generate_source_tarball.sh
# where the source is obtained from http://hg.openjdk.java.net/%%{project}/%%{repo}
Source0: %{shenandoah_project}-%{shenandoah_repo}-%{shenandoah_revision}-4curve.tar.xz
# Custom README for -src subpackage
Source2: README.md
# Release notes
Source7: NEWS
# Use 'icedtea_sync.sh' to update the following
# They are based on code contained in the IcedTea project (3.x).
# Systemtap tapsets. Zipped up to keep it small.
# Disabled in portables
#Source8: tapsets-icedtea-%%{icedteaver}.tar.xz
# Desktop files. Adapted from IcedTea
# Disabled in portables
#Source9: jconsole.desktop.in
#Source10: policytool.desktop.in
# nss configuration file
Source11: nss.cfg.in
# Removed libraries that we link instead
Source12: remove-intree-libraries.sh
# Ensure we aren't using the limited crypto policy
Source13: TestCryptoLevel.java
# Ensure ECDSA is working
Source14: TestECDSA.java
# Verify system crypto (policy) can be disabled via a property
Source15: TestSecurityProperties.java
# Ensure vendor settings are correct
Source16: CheckVendor.java
# nss fips configuration file
Source17: nss.fips.cfg.in
# Ensure translations are available for new timezones
Source18: TestTranslations.java
# Disabled in portables
#Source20: repackReproduciblePolycies.sh
# New versions of config files with aarch64 support. This is not upstream yet.
Source100: config.guess
Source101: config.sub
############################################
#
# RPM/distribution specific patches
#
# This section includes patches specific to
# Fedora/RHEL which can not be upstreamed
# either in their current form or at all.
############################################
# Accessibility patches
# Ignore AWTError when assistive technologies are loaded
Patch1: rh1648242-accessible_toolkit_crash_do_not_break_jvm.patch
# Turn on AssumeMP by default on RHEL systems
Patch534: rh1648246-always_instruct_vm_to_assume_multiple_processors_are_available.patch
# RH1648249: Add PKCS11 provider to java.security
Patch1000: rh1648249-add_commented_out_nss_cfg_provider_to_java_security.patch
# RH1582504: Use RSA as default for keytool, as DSA is disabled in all crypto policies except LEGACY
Patch1003: rh1582504-rsa_default_for_keytool.patch
# Crypto policy and FIPS support patches
# Patch is generated from the fips tree at https://github.com/rh-openjdk/jdk8u/tree/fips
# as follows: git diff %%{openjdk_revision} common jdk > fips-8u-$(git show -s --format=%h HEAD).patch
# Diff is limited to src and make subdirectories to exclude .github changes
# Fixes currently included:
# PR3183, RH1340845: Support Fedora/RHEL8 system crypto policy
# PR3655: Allow use of system crypto policy to be disabled by the user
# RH1655466: Support RHEL FIPS mode using SunPKCS11 provider
# RH1760838: No ciphersuites available for SSLSocket in FIPS mode
# RH1860986: Disable TLSv1.3 with the NSS-FIPS provider until PKCS#11 v3.0 support is available
# RH1906862: Always initialise JavaSecuritySystemConfiguratorAccess
# RH1929465: Improve system FIPS detection
# RH1996182: Login to the NSS software token in FIPS mode
# RH1991003: Allow plain key import unless com.redhat.fips.plainKeySupport is set to false
# RH2021263: Resolve outstanding FIPS issues
# RH2052819: Fix FIPS reliance on crypto policies
# RH2052829: Detect NSS at Runtime for FIPS detection
# RH2036462: sun.security.pkcs11.wrapper.PKCS11.getInstance breakage
# RH2090378: Revert to disabling system security properties and FIPS mode support together
Patch1001: fips-8u-%{fipsver}.patch
#############################################
#
# Upstreamable patches
#
# This section includes patches which need to
# be reviewed & pushed to the current development
# tree of OpenJDK.
#############################################
# PR2737: Allow multiple initialization of PKCS11 libraries
Patch5: pr2737-allow_multiple_pkcs11_library_initialisation_to_be_a_non_critical_error.patch
# Turn off strict overflow on IndicRearrangementProcessor{,2}.cpp following 8140543: Arrange font actions
Patch512: rh1649664-awt2dlibraries_compiled_with_no_strict_overflow.patch
# RH1337583, PR2974: PKCS#10 certificate requests now use CRLF line endings rather than system line endings
Patch523: pr2974-rh1337583-add_systemlineendings_option_to_keytool_and_use_line_separator_instead_of_crlf_in_pkcs10.patch
# PR3083, RH1346460: Regression in SSL debug output without an ECC provider
Patch528: pr3083-rh1346460-for_ssl_debug_return_null_instead_of_exception_when_theres_no_ecc_provider.patch
# PR2888: OpenJDK should check for system cacerts database (e.g. /etc/pki/java/cacerts)
# PR3575, RH1567204: System cacerts database handling should not affect jssecacerts
# RH2055274: Revert default keystore to JAVA_HOME/jre/lib/security/cacerts in portable builds
# Must be applied after the FIPS patch as it also changes java.security
# Patch is generated from the cacerts tree at https://github.com/rh-openjdk/jdk8u/tree/cacerts
# as follows: git diff fips > pr2888-rh2055274-support_system_cacerts-$(git show -s --format=%h HEAD).patch
Patch539: pr2888-rh2055274-support_system_cacerts-%{cacertsver}.patch
Patch541: rh1684077-openjdk_should_depend_on_pcsc-lite-libs_instead_of_pcsc-lite-devel.patch
# RH1750419: Enable build of speculative store bypass hardened alt-java (CVE-2018-3639)
Patch600: rh1750419-redhat_alt_java.patch
# JDK-8281098, PR3836: Extra compiler flags not passed to adlc build
Patch112: jdk8281098-pr3836-pass_compiler_flags_to_adlc.patch
#############################################
#
# Arch-specific upstreamable patches
#
# This section includes patches which need to
# be reviewed & pushed upstream and are specific
# to certain architectures. This usually means the
# current OpenJDK development branch, but may also
# include other trees e.g. for the AArch64 port for
# OpenJDK 8u.
#############################################
# s390: PR3593: Use "%z" for size_t on s390 as size_t != intptr_t
Patch103: pr3593-s390_use_z_format_specifier_for_size_t_arguments_as_size_t_not_equals_to_int.patch
# x86: S8199936, PR3533: HotSpot generates code with unaligned stack, crashes on SSE operations (-mstackrealign workaround)
Patch105: jdk8199936-pr3533-enable_mstackrealign_on_x86_linux_as_well_as_x86_mac_os_x.patch
# S390 ambiguous log2_intptr calls
Patch107: s390-8214206_fix.patch
#############################################
#
# Patches which need backporting to 8u
#
# This section includes patches which have
# been pushed upstream to the latest OpenJDK
# development tree, but need to be backported
# to OpenJDK 8u.
#############################################
# S8074839, PR2462: Resolve disabled warnings for libunpack and the unpack200 binary
# This fixes printf warnings that lead to build failure with -Werror=format-security from optflags
Patch502: pr2462-resolve_disabled_warnings_for_libunpack_and_the_unpack200_binary.patch
# PR3591: Fix for bug 3533 doesn't add -mstackrealign to JDK code
Patch571: jdk8199936-pr3591-enable_mstackrealign_on_x86_linux_as_well_as_x86_mac_os_x_jdk.patch
# 8143245, PR3548: Zero build requires disabled warnings
Patch574: jdk8143245-pr3548-zero_build_requires_disabled_warnings.patch
# s390: JDK-8203030, Type fixing for s390
Patch102: jdk8203030-zero_s390_31_bit_size_t_type_conflicts_in_shared_code.patch
# 8035341: Allow using a system installed libpng
Patch202: jdk8035341-allow_using_system_installed_libpng.patch
# 8042159: Allow using a system-installed lcms2
Patch203: jdk8042159-allow_using_system_installed_lcms2-root.patch
Patch204: jdk8042159-allow_using_system_installed_lcms2-jdk.patch
# JDK-8257794: Zero: assert(istate->_stack_limit == istate->_thread->last_Java_sp() + 1) failed: wrong on Linux/x86_32
Patch581: jdk8257794-remove_broken_assert.patch
# JDK-8186464, RH1433262: ZipFile cannot read some InfoZip ZIP64 zip files
Patch12: jdk8186464-rh1433262-zip64_failure.patch
#############################################
#
# Patches appearing in 8u382
#
# This section includes patches which are present
# in the listed OpenJDK 8u release and should be
# able to be removed once that release is out
# and used by this RPM.
#############################################
# JDK-8271199, RH2175317: Mutual TLS handshake fails signing client certificate with custom sensitive PKCS11 key
Patch2001: jdk8271199-rh2175317-custom_pkcs11_provider_support.patch
#############################################
#
# Patches ineligible for 8u
#
# This section includes patches which are present
# upstream, but ineligible for upstream 8u backport.
#############################################
# 8043805: Allow using a system-installed libjpeg
Patch201: jdk8043805-allow_using_system_installed_libjpeg.patch
#############################################
#
# Shenandoah fixes
#
# This section includes patches which are
# specific to the Shenandoah garbage collector
# and should be upstreamed to the appropriate
# trees.
#############################################
#############################################
#
# Non-OpenJDK fixes
#
# This section includes patches to code other
# that from OpenJDK.
#############################################
#############################################
#
# Dependencies
#
#############################################
BuildRequires: autoconf
BuildRequires: automake
BuildRequires: alsa-lib-devel
BuildRequires: binutils
BuildRequires: cups-devel
BuildRequires: desktop-file-utils
# elfutils only are OK for build without AOT
BuildRequires: elfutils-devel
BuildRequires: file
BuildRequires: fontconfig-devel
BuildRequires: freetype-devel
BuildRequires: gcc-c++
BuildRequires: gdb
BuildRequires: libxslt
BuildRequires: libX11-devel
BuildRequires: libXext-devel
BuildRequires: libXi-devel
BuildRequires: libXinerama-devel
BuildRequires: libXrender-devel
BuildRequires: libXt-devel
BuildRequires: libXtst-devel
# Requirement for setting up nss.cfg and nss.fips.cfg
BuildRequires: nss-devel
# Commented out for portable RHEL7 doesn't have this
# Requirement for system security property test
#BuildRequires: crypto-policies
BuildRequires: pkgconfig
BuildRequires: xorg-x11-proto-devel
BuildRequires: zip
BuildRequires: tar
BuildRequires: unzip
# Require a boot JDK which doesn't fail due to RH1482244
BuildRequires: java-%{buildjdkver}-openjdk-devel >= 1.7.0.151-2.6.11.3
# Zero-assembler build requirement
%ifarch %{zero_arches}
BuildRequires: libffi-devel
%endif
# 2023c required as of JDK-8305113
BuildRequires: tzdata-java >= 2023c
# Earlier versions have a bug in tree vectorization on PPC
BuildRequires: gcc >= 4.8.3-8
# cacerts build requirement.
BuildRequires: ca-certificates
%if %{with_systemtap}
BuildRequires: systemtap-sdt-devel
%endif
%if %{system_libs}
BuildRequires: giflib-devel
BuildRequires: lcms2-devel
BuildRequires: libjpeg-devel
BuildRequires: libpng-devel
%else
# Version in jdk/src/share/native/sun/awt/giflib/gif_lib.h
Provides: bundled(giflib) = 5.2.1
# Version in jdk/src/share/native/sun/java2d/cmm/lcms/lcms2.h
Provides: bundled(lcms2) = 2.10.0
# Version in jdk/src/share/native/sun/awt/image/jpeg/jpeglib.h
Provides: bundled(libjpeg) = 6b
# Version in jdk/src/share/native/sun/awt/libpng/png.h
Provides: bundled(libpng) = 1.6.37
# We link statically against libstdc++ to increase portability
BuildRequires: libstdc++-static
%endif
%description
The %{origin_nice} %{majorver} runtime environment - portable edition
%if %{include_normal_build}
%package devel
Summary: %{origin_nice} %{majorver} Development Environment portable edition
Group: Development/Tools
%description devel
The %{origin_nice} %{majorver} development tools - portable edition
%endif
%if %{include_debug_build}
%package slowdebug
Summary: %{origin_nice} %{majorver} Runtime Environment portable edition %{debug_on}
Group: Development/Languages
%description slowdebug
The %{origin_nice} %{majorver} runtime environment - portable edition
%{debug_warning}
%package devel-slowdebug
Summary: %{origin_nice} %{majorver} Development Environment portable edition %{debug_on}
Group: Development/Tools
%description devel-slowdebug
The %{origin_nice} %{majorver} development tools - portable edition
%{debug_warning}
%endif
%if %{include_fastdebug_build}
%package fastdebug
Summary: %{origin_nice} %{majorver} Runtime Environment portable edition %{fastdebug_on}
Group: Development/Languages
%description fastdebug
The %{origin_nice} %{majorver} runtime environment - portable edition
%{fastdebug_warning}
%package devel-fastdebug
Summary: %{origin_nice} %{majorver} Development Environment portable edition %{fastdebug_on}
Group: Development/Tools
%description devel-fastdebug
The %{origin_nice} %{majorver} development tools - portable edition
%{fastdebug_warning}
%endif
%if %{include_normal_build}
%package unstripped
Summary: The %{origin_nice} %{majorver} runtime environment, unstripped.
Group: Development/Languages
%description unstripped
The %{origin_nice} %{majorver} runtime environment, unstripped.
%endif
%package docs
Summary: %{origin_nice} %{majorver} API documentation
Group: Development/Languages
%description docs
The %{origin_nice} %{majorver} API documentation.
%package misc
Summary: %{origin_nice} %{majorver} miscellany
Group: Development/Languages
%description misc
The %{origin_nice} %{majorver} miscellany.
%prep
if [ %{include_normal_build} -eq 0 -o %{include_normal_build} -eq 1 ] ; then
echo "include_normal_build is %{include_normal_build}"
else
echo "include_normal_build is %{include_normal_build}, that is invalid. Use 1 for yes or 0 for no"
exit 11
fi
if [ %{include_debug_build} -eq 0 -o %{include_debug_build} -eq 1 ] ; then
echo "include_debug_build is %{include_debug_build}"
else
echo "include_debug_build is %{include_debug_build}, that is invalid. Use 1 for yes or 0 for no"
exit 12
fi
if [ %{include_fastdebug_build} -eq 0 -o %{include_fastdebug_build} -eq 1 ] ; then
echo "include_fastdebug_build is %{include_fastdebug_build}"
else
echo "include_fastdebug_build is %{include_fastdebug_build}, that is invalid. Use 1 for yes or 0 for no"
exit 13
fi
if [ %{include_debug_build} -eq 0 -a %{include_normal_build} -eq 0 -a %{include_fastdebug_build} -eq 0 ] ; then
echo "You have disabled all builds (normal,fastdebug,slowdebug). That is a no go."
exit 14
fi
echo "Update version: %{updatever}"
echo "Build number: %{buildver}"
echo "Milestone: %{milestone}"
%setup -q -c -n %{uniquesuffix ""} -T -a 0
# https://bugzilla.redhat.com/show_bug.cgi?id=1189084
prioritylength=`expr length %{priority}`
if [ $prioritylength -ne 7 ] ; then
echo "priority must be 7 digits in total, violated"
exit 14
fi
# For old patches
ln -s %{top_level_dir_name} jdk8
cp %{SOURCE2} .
# replace outdated configure guess script
#
# the configure macro will do this too, but it also passes a few flags not
# supported by openjdk configure script
cp %{SOURCE100} %{top_level_dir_name}/common/autoconf/build-aux/
cp %{SOURCE101} %{top_level_dir_name}/common/autoconf/build-aux/
# OpenJDK patches
%if %{system_libs}
# Remove libraries that are linked
sh %{SOURCE12}
%endif
# Do not enable them with system_libs, they do not work properly with bundled option
# System library fixes
%if %{system_libs}
%patch201
%patch202
%patch203
%patch204
%endif
%patch1
%patch5
# s390 build fixes
%patch102
%patch103
%patch107
# AArch64 fixes
# x86 fixes
%patch105
# Upstreamable fixes
%patch502
%patch512
%patch523
%patch528
%patch571
%patch574
%patch112
%patch581
%patch541
%patch12
pushd %{top_level_dir_name}
# Add crypto policy and FIPS support
%patch1001 -p1
# nss.cfg PKCS11 support; must come last as it also alters java.security
%patch1000 -p1
# system cacerts support
%patch539 -p1
# 8u382 fix
%patch2001 -p1
popd
# RPM-only fixes
%patch600
%patch1003
# RHEL-only patches
%if ! 0%{?fedora} && 0%{?rhel} <= 7
%patch534
%endif
# Shenandoah patches
# Extract systemtap tapsets
%if %{with_systemtap}
tar --strip-components=1 -x -I xz -f %{SOURCE8}
%if %{include_debug_build}
cp -r tapset tapset%{debug_suffix}
%endif
%if %{include_fastdebug_build}
cp -r tapset tapset%{fastdebug_suffix}
%endif
for suffix in %{build_loop} ; do
for file in "tapset"$suffix/*.in; do
OUTPUT_FILE=`echo $file | sed -e "s:\.stp\.in$:-%{version}-%{release}.%{_arch}.stp:g"`
sed -e "s:@ABS_SERVER_LIBJVM_SO@:%{_jvmdir}/%{sdkdir -- $suffix}/jre/lib/%{archinstall}/server/libjvm.so:g" $file > $file.1
# TODO find out which architectures other than i686 have a client vm
%ifarch %{ix86}
sed -e "s:@ABS_CLIENT_LIBJVM_SO@:%{_jvmdir}/%{sdkdir -- $suffix}/jre/lib/%{archinstall}/client/libjvm.so:g" $file.1 > $OUTPUT_FILE
%else
sed -e "/@ABS_CLIENT_LIBJVM_SO@/d" $file.1 > $OUTPUT_FILE
%endif
sed -i -e "s:@ABS_JAVA_HOME_DIR@:%{_jvmdir}/%{sdkdir -- $suffix}:g" $OUTPUT_FILE
sed -i -e "s:@INSTALL_ARCH_DIR@:%{archinstall}:g" $OUTPUT_FILE
sed -i -e "s:@prefix@:%{_jvmdir}/%{sdkdir -- $suffix}/:g" $OUTPUT_FILE
done
done
# systemtap tapsets ends
%endif
# Prepare desktop files
# Portables do not have desktop integration
# Setup nss.cfg
sed -e "s:@NSS_LIBDIR@:%{NSS_LIBDIR}:g" %{SOURCE11} > nss.cfg
# Setup nss.fips.cfg
sed -e "s:@NSS_LIBDIR@:%{NSS_LIBDIR}:g" %{SOURCE17} > nss.fips.cfg
# Setup security policy
#Commented because NA to portable
#sed -i -e "s:^security.systemCACerts=.*:security.systemCACerts=%{cacerts_file}:" %{security_file}
%build
# How many CPU's do we have?
export NUM_PROC=%(/usr/bin/getconf _NPROCESSORS_ONLN 2> /dev/null || :)
export NUM_PROC=${NUM_PROC:-1}
%if 0%{?_smp_ncpus_max}
# Honor %%_smp_ncpus_max
[ ${NUM_PROC} -gt %{?_smp_ncpus_max} ] && export NUM_PROC=%{?_smp_ncpus_max}
%endif
%ifarch s390x sparc64 alpha %{power64} %{aarch64}
export ARCH_DATA_MODEL=64
%endif
%ifarch alpha
export CFLAGS="$CFLAGS -mieee"
%endif
# We use ourcppflags because the OpenJDK build seems to
# pass EXTRA_CFLAGS to the HotSpot C++ compiler...
EXTRA_CFLAGS="%ourcppflags -Wno-error"
EXTRA_CPP_FLAGS="%ourcppflags"
%ifarch %{power64} ppc
EXTRA_CFLAGS="$EXTRA_CFLAGS -fno-tree-vectorize"
# fix rpmlint warnings
EXTRA_CFLAGS="$EXTRA_CFLAGS -fno-strict-aliasing"
%endif
EXTRA_ASFLAGS="${EXTRA_CFLAGS} -Wa,--generate-missing-build-notes=yes"
export EXTRA_CFLAGS EXTRA_ASFLAGS
(cd %{top_level_dir_name}/common/autoconf
bash ./autogen.sh
)
function buildjdk() {
local outputdir=${1}
local buildjdk=${2}
local maketargets="${3}"
local debuglevel=${4}
local link_opt=${5}
local debug_symbols=${6}
local top_srcdir_abs_path=$(pwd)/%{top_level_dir_name}
# Variable used in hs_err hook on build failures
local top_builddir_abs_path=$(pwd)/${outputdir}
echo "Using output directory: ${outputdir}";
if [ "x${link_opt}" = "xbundled" ] ; then
libc_link_opt="static";
else
libc_link_opt="dynamic";
fi
echo "Checking build JDK ${buildjdk} is operational..."
${buildjdk}/bin/java -version
echo "Using make targets: ${maketargets}"
echo "Using debuglevel: ${debuglevel}"
echo "Using link_opt: ${link_opt}"
echo "Using debug_symbols: ${debug_symbols}"
echo "Building 8u%{updatever}-%{buildver}, milestone %{milestone}"
mkdir -p ${outputdir}
pushd ${outputdir}
bash ${top_srcdir_abs_path}/configure \
%ifarch %{jfr_arches}
--enable-jfr \
%else
--disable-jfr \
%endif
%ifarch %{zero_arches}
--with-jvm-variants=zero \
%endif
--with-cacerts-file=`readlink -f %{_sysconfdir}/pki/java/cacerts` \
--with-native-debug-symbols=${debug_symbols} \
--with-milestone=%{milestone} \
--with-update-version=%{updatever} \
--with-build-number=%{buildver} \
--with-vendor-name="%{oj_vendor}" \
--with-vendor-url="%{oj_vendor_url}" \
--with-vendor-bug-url="%{oj_vendor_bug_url}" \
--with-vendor-vm-bug-url="%{oj_vendor_bug_url}" \
--with-boot-jdk=${buildjdk} \
--with-debug-level=${debuglevel} \
--disable-sysconf-nss \
--enable-unlimited-crypto \
--with-zlib=${link_opt} \
--with-giflib=${link_opt} \
%if %{with system_libs}
--with-libjpeg=${link_opt} \
--with-libpng=${link_opt} \
--with-lcms=${link_opt} \
%endif
--with-stdc++lib=${libc_link_opt} \
--with-extra-cxxflags="$EXTRA_CPP_FLAGS" \
--with-extra-cflags="$EXTRA_CFLAGS" \
--with-extra-asflags="$EXTRA_ASFLAGS" \
--with-extra-ldflags="%{ourldflags}" \
--with-num-cores="$NUM_PROC"
cat spec.gmk
cat hotspot-spec.gmk
make \
JAVAC_FLAGS=-g \
LOG=trace \
SCTP_WERROR= \
${maketargets} || ( pwd; find ${top_srcdir_abs_path} ${top_builddir_abs_path} -name "hs_err_pid*.log" | xargs cat && false )
popd
}
function installjdk() {
local outputdir=${1}
local installdir=${2}
local jdkimagepath=${installdir}/images/%{jdkimage}
local jreimagepath=${installdir}/images/%{jreimage}
echo "Installing build from ${outputdir} to ${installdir}..."
mkdir -p ${installdir}
echo "Installing images..."
mv ${outputdir}/images ${installdir}
if [ -d ${outputdir}/bundles ] ; then
echo "Installing bundles...";
mv ${outputdir}/bundles ${installdir} ;
fi
# On 8u, docs ends up at the top-level, not in images
if [ -d ${outputdir}/docs ] ; then
echo "Installing docs...";
mv ${outputdir}/docs ${installdir} ;
fi
%if !%{with artifacts}
echo "Removing output directory...";
rm -rf ${outputdir}
%endif
for imagepath in ${jdkimagepath} ${jreimagepath} ; do
if [ -d ${imagepath} ] ; then
# the build (erroneously) removes read permissions from some jars
# this is a regression in OpenJDK 7 (our compiler):
# http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1437
find ${imagepath} -iname '*.jar' -exec chmod ugo+r {} \;
# Build screws up permissions on binaries
# https://bugs.openjdk.java.net/browse/JDK-8173610
find ${imagepath} -iname '*.so' -exec chmod +x {} \;
find ${imagepath}/bin/ -exec chmod +x {} \;
# Install local files which are distributed with the JDK
install -m 644 %{SOURCE7} ${imagepath}
# Create fake alt-java as a placeholder for future alt-java
pushd ${imagepath}
# add alt-java man page
echo "Hardened java binary recommended for launching untrusted code from the Web e.g. javaws" > man/man1/%{alt_java_name}.1
cat man/man1/java.1 >> man/man1/%{alt_java_name}.1
popd
# Print release information
cat ${imagepath}/release
fi
done
# Handle these outside the loop as install path differs between JDK and JRE image
install -m 644 nss.cfg ${jdkimagepath}/jre/lib/security/
install -m 644 nss.cfg ${jreimagepath}/lib/security/
# Install nss.fips.cfg: NSS configuration for global FIPS mode (crypto-policies)
install -m 644 nss.fips.cfg ${jdkimagepath}/jre/lib/security/
install -m 644 nss.fips.cfg ${jreimagepath}/lib/security/
}
function genchecksum() {
local checkedfile=${1}
checkdir=$(dirname ${1})
checkfile=$(basename ${1})
echo "Generating checksum for ${checkfile} in ${checkdir}..."
pushd ${checkdir}
sha256sum ${checkfile} > ${checkfile}.sha256sum
sha256sum --check ${checkfile}.sha256sum
popd
}
function packagejdk() {
local imagesdir=$(pwd)/${1}/images
local docdir=$(pwd)/${1}/docs
local bundledir=$(pwd)/${1}/bundles
local packagesdir=$(pwd)/${2}
local srcdir=$(pwd)/%{top_level_dir_name}
echo "Packaging build from ${imagesdir} to ${packagesdir}..."
mkdir -p ${packagesdir}
pushd ${imagesdir}
if [ "x$suffix" = "x" ] ; then
nameSuffix=""
else
nameSuffix=`echo "$suffix"| sed s/-/./`
fi
jdkname=%{jdkportablename -- "$nameSuffix"}
jdkarchive=${packagesdir}/%{jdkportablearchive -- "$nameSuffix"}
jrename=%{jreportablename -- "$nameSuffix"}
jrearchive=${packagesdir}/%{jreportablearchive -- "$nameSuffix"}
debugjdkarchive=${packagesdir}/%{jdkportablearchive -- "${nameSuffix}.debuginfo"}
debugjrearchive=${packagesdir}/%{jreportablearchive -- "${nameSuffix}.debuginfo"}
unstrippedarchive=${packagesdir}/%{jdkportablearchive -- "${nameSuffix}.unstripped"}
# We only use docs for the release build
docname=%{docportablename}
docarchive=${packagesdir}/%{docportablearchive}
built_doc_archive=jdk-%{javaver}_%{updatever}%{milestone_version}$suffix-%{buildver}-docs.zip
# These are from the source tree so no debug variants
miscname=%{miscportablename}
miscarchive=${packagesdir}/%{miscportablearchive}
# Rename directories for packaging
mv %{jdkimage} ${jdkname}
mv %{jreimage} ${jrename}
# Release images have external debug symbols
if [ "x$suffix" = "x" ] ; then
# Keep the unstripped version for consumption by RHEL RPMs
tar -cJf ${unstrippedarchive} ${jdkname}
genchecksum ${unstrippedarchive}
# Strip the files
for file in $(find ${jdkname} ${jrename} -type f) ; do
if file ${file} | grep -q 'ELF'; then
noextfile=${file/.so/};
objcopy --only-keep-debug ${file} ${noextfile}.debuginfo;
objcopy --add-gnu-debuglink=${noextfile}.debuginfo ${file};
strip -g ${file};
fi
done
tar -cJf ${debugjdkarchive} $(find ${jdkname} -name \*.debuginfo)
genchecksum ${debugjdkarchive}
tar -cJf ${debugjrearchive} $(find ${jrename} -name \*.debuginfo)
genchecksum ${debugjrearchive}
mkdir ${docname}
mv ${docdir} ${docname}
mv ${bundledir}/${built_doc_archive} ${docname}
tar -cJf ${docarchive} ${docname}
genchecksum ${docarchive}
mkdir ${miscname}
for s in 16 24 32 48 ; do
cp -av ${srcdir}/jdk/src/solaris/classes/sun/awt/X11/java-icon${s}.png ${miscname}
done
tar -cJf ${miscarchive} ${miscname}
genchecksum ${miscarchive}
fi
tar -cJf ${jdkarchive} --exclude='**.debuginfo' ${jdkname}
genchecksum ${jdkarchive}
tar -cJf ${jrearchive} --exclude='**.debuginfo' ${jrename}
genchecksum ${jrearchive}
# Revert directory renaming so testing will run
# TODO: testing should run on the packaged JDK
mv ${jdkname} %{jdkimage}
mv ${jrename} %{jreimage}
popd #images
}
%if %{build_hotspot_first}
# Build a fresh libjvm.so first and use it to bootstrap
cp -LR --preserve=mode,timestamps %{bootjdk} newboot
systemjdk=$(pwd)/newboot
buildjdk build/newboot ${systemjdk} %{hotspot_target} "release" "bundled" "internal"
mv build/newboot/hotspot/dist/jre/lib/%{archinstall}/server/libjvm.so newboot/jre/lib/%{archinstall}/server
%else
systemjdk=%{bootjdk}
%endif
for suffix in %{build_loop} ; do
if [ "x$suffix" = "x" ] ; then
debugbuild=release
else
# change --something to something
debugbuild=`echo $suffix | sed "s/-//g"`
fi
# We build with internal debug symbols and do
# our own stripping for one version of the
# release build
debug_symbols=internal
builddir=%{buildoutputdir -- ${suffix}}
bootbuilddir=boot${builddir}
installdir=%{installoutputdir -- ${suffix}}
bootinstalldir=boot${installdir}
packagesdir=%{packageoutputdir -- ${suffix}}
link_opt="%{link_type}"
%if %{system_libs}
# Copy the source tree so we can remove all in-tree libraries
cp -a %{top_level_dir_name} %{top_level_dir_name_backup}
# Remove all libraries that are linked
sh %{SOURCE12} %{top_level_dir_name} full
%endif
# Debug builds don't need same targets as release for
# build speed-up. We also avoid bootstrapping these
# slower builds.
if echo $debugbuild | grep -q "debug" ; then
maketargets="%{debug_targets}"
run_bootstrap=false
else
maketargets="%{release_targets}"
run_bootstrap=%{bootstrap_build}
fi
if ${run_bootstrap} ; then
buildjdk ${bootbuilddir} ${systemjdk} "%{bootstrap_targets}" ${debugbuild} ${link_opt} ${debug_symbols}
installjdk ${bootbuilddir} ${bootinstalldir}
buildjdk ${builddir} $(pwd)/${bootinstalldir}/images/%{jdkimage} "${maketargets}" ${debugbuild} ${link_opt} ${debug_symbols}
installjdk ${builddir} ${installdir}
%{!?with_artifacts:rm -rf ${bootinstalldir}}
else
buildjdk ${builddir} ${systemjdk} "${maketargets}" ${debugbuild} ${link_opt} ${debug_symbols}
installjdk ${builddir} ${installdir}
fi
packagejdk ${installdir} ${packagesdir}
%if %{system_libs}
# Restore original source tree we modified by removing full in-tree sources
rm -rf %{top_level_dir_name}
mv %{top_level_dir_name_backup} %{top_level_dir_name}
%endif
# build cycles
done
%check
# We test debug first as it will give better diagnostics on a crash
for suffix in %{build_loop} ; do
export JAVA_HOME=$(pwd)/%{installoutputdir -- $suffix}/images/%{jdkimage}
# Check unlimited policy has been used
$JAVA_HOME/bin/javac -d . %{SOURCE13}
$JAVA_HOME/bin/java TestCryptoLevel
# Check ECC is working
$JAVA_HOME/bin/javac -d . %{SOURCE14}
$JAVA_HOME/bin/java $(echo $(basename %{SOURCE14})|sed "s|\.java||")
# Check system crypto (policy) is active and can be disabled
# Test takes a single argument - true or false - to state whether system
# security properties are enabled or not.
$JAVA_HOME/bin/javac -d . %{SOURCE15}
export PROG=$(echo $(basename %{SOURCE15})|sed "s|\.java||")
export SEC_DEBUG="-Djava.security.debug=properties"
# Portable specific: set false whereas its true for upstream
$JAVA_HOME/bin/java ${SEC_DEBUG} ${PROG} false
$JAVA_HOME/bin/java ${SEC_DEBUG} -Djava.security.disableSystemPropertiesFile=true ${PROG} false
# Check correct vendor values have been set
$JAVA_HOME/bin/javac -d . %{SOURCE16}
$JAVA_HOME/bin/java $(echo $(basename %{SOURCE16})|sed "s|\.java||") "%{oj_vendor}" %{oj_vendor_url} %{oj_vendor_bug_url}
# Check java launcher has no SSB mitigation
if ! nm $JAVA_HOME/bin/java | grep set_speculation ; then true ; else false; fi
# Check alt-java launcher has SSB mitigation on supported architectures
%ifarch %{ssbd_arches}
nm $JAVA_HOME/bin/%{alt_java_name} | grep set_speculation
%else
if ! nm $JAVA_HOME/bin/%{alt_java_name} | grep set_speculation ; then true ; else false; fi
%endif
# Check translations are available for new timezones
$JAVA_HOME/bin/javac -d . %{SOURCE18}
$JAVA_HOME/bin/java $(echo $(basename %{SOURCE18})|sed "s|\.java||") JRE
# Release builds strip the debug symbols into external .debuginfo files
if [ "x$suffix" = "x" ] ; then
so_suffix="debuginfo"
else
so_suffix="so"
fi
# Check debug symbols are present and can identify code
find "$JAVA_HOME" -iname "*.$so_suffix" -print0 | while read -d $'\0' lib
do
if [ -f "$lib" ] ; then
echo "Testing $lib for debug symbols"
# All these tests rely on RPM failing the build if the exit code of any set
# of piped commands is non-zero.
# Test for .debug_* sections in the shared object. This is the main test
# Stripped objects will not contain these
eu-readelf -S "$lib" | grep "] .debug_"
test $(eu-readelf -S "$lib" | grep -E "\]\ .debug_(info|abbrev)" | wc --lines) == 2
# Test FILE symbols. These will most likely be removed by anything that
# manipulates symbol tables because it's generally useless. So a nice test
# that nothing has messed with symbols
old_IFS="$IFS"
IFS=$'\n'
for line in $(eu-readelf -s "$lib" | grep "00000000 0 FILE LOCAL DEFAULT")
do
# We expect to see .cpp files, except for architectures like aarch64 and
# s390 where we expect .o and .oS files
echo "$line" | grep -E "ABS ((.*/)?[-_a-zA-Z0-9]+\.(c|cc|cpp|cxx|o|oS))?$"
done
IFS="$old_IFS"
# If this is the JVM, look for javaCalls.(cpp|o) in FILEs, for extra sanity checking
if [ "`basename $lib`" = "libjvm.so" ]; then
eu-readelf -s "$lib" | \
grep -E "00000000 0 FILE LOCAL DEFAULT ABS javaCalls.(cpp|o)$"
fi
# Test that there are no .gnu_debuglink sections pointing to another
# debuginfo file. There shouldn't be any debuginfo files, so the link makes
# no sense either
eu-readelf -S "$lib" | grep 'gnu'
if eu-readelf -S "$lib" | grep '] .gnu_debuglink' | grep PROGBITS; then
echo "bad .gnu_debuglink section."
eu-readelf -x .gnu_debuglink "$lib"
false
fi
fi
done
# Make sure gdb can do a backtrace based on line numbers on libjvm.so
# javaCalls.cpp:58 should map to:
# http://hg.openjdk.java.net/jdk8u/jdk8u/hotspot/file/ff3b27e6bcc2/src/share/vm/runtime/javaCalls.cpp#l58
# Using line number 1 might cause build problems. See:
# https://bugzilla.redhat.com/show_bug.cgi?id=1539664
# https://bugzilla.redhat.com/show_bug.cgi?id=1538767
gdb -q "$JAVA_HOME/bin/java" <<EOF | tee gdb.out
handle SIGSEGV pass nostop noprint
handle SIGILL pass nostop noprint
set breakpoint pending on
break javaCalls.cpp:58
commands 1
backtrace
quit
end
run -version
EOF
%ifarch %{gdb_arches}
grep 'JavaCallWrapper::JavaCallWrapper' gdb.out
%endif
# Check src.zip has all sources. See RHBZ#1130490
jar -tf $JAVA_HOME/src.zip | grep 'sun.misc.Unsafe'
# Check class files include useful debugging information
$JAVA_HOME/bin/javap -l java.lang.Object | grep "Compiled from"
$JAVA_HOME/bin/javap -l java.lang.Object | grep LineNumberTable
$JAVA_HOME/bin/javap -l java.lang.Object | grep LocalVariableTable
# Check generated class files include useful debugging information
$JAVA_HOME/bin/javap -l java.nio.ByteBuffer | grep "Compiled from"
$JAVA_HOME/bin/javap -l java.nio.ByteBuffer | grep LineNumberTable
$JAVA_HOME/bin/javap -l java.nio.ByteBuffer | grep LocalVariableTable
# build cycles check
done
%install
for suffix in %{build_loop} ; do
packagesdir=%{packageoutputdir -- ${suffix}}
if [ "x$suffix" = "x" ] ; then
nameSuffix=""
else
nameSuffix=`echo "$suffix"| sed s/-/./`
fi
# These definitions should match those in installjdk
jdkarchive=${packagesdir}/%{jdkportablearchive -- "$nameSuffix"}
jrearchive=${packagesdir}/%{jreportablearchive -- "$nameSuffix"}
debugjdkarchive=${packagesdir}/%{jdkportablearchive -- "${nameSuffix}.debuginfo"}
debugjrearchive=${packagesdir}/%{jreportablearchive -- "${nameSuffix}.debuginfo"}
unstrippedarchive=${packagesdir}/%{jdkportablearchive -- "${nameSuffix}.unstripped"}
mkdir -p $RPM_BUILD_ROOT%{_jvmdir}
mv ${jdkarchive} $RPM_BUILD_ROOT%{_jvmdir}/
mv ${jdkarchive}.sha256sum $RPM_BUILD_ROOT%{_jvmdir}/
mv ${jrearchive} $RPM_BUILD_ROOT%{_jvmdir}/
mv ${jrearchive}.sha256sum $RPM_BUILD_ROOT%{_jvmdir}/
if [ "x$suffix" = "x" ] ; then
mv ${debugjdkarchive} $RPM_BUILD_ROOT%{_jvmdir}/
mv ${debugjdkarchive}.sha256sum $RPM_BUILD_ROOT%{_jvmdir}/
mv ${debugjrearchive} $RPM_BUILD_ROOT%{_jvmdir}/
mv ${debugjrearchive}.sha256sum $RPM_BUILD_ROOT%{_jvmdir}/
mv ${unstrippedarchive} $RPM_BUILD_ROOT%{_jvmdir}/
mv ${unstrippedarchive}.sha256sum $RPM_BUILD_ROOT%{_jvmdir}/
fi
done
# These definitions should match those in installjdk
# Install outside the loop as there are no debug variants
docarchive=${packagesdir}/%{docportablearchive}
miscarchive=${packagesdir}/%{miscportablearchive}
mv ${docarchive} $RPM_BUILD_ROOT%{_jvmdir}/
mv ${docarchive}.sha256sum $RPM_BUILD_ROOT%{_jvmdir}/
mv ${miscarchive} $RPM_BUILD_ROOT%{_jvmdir}/
mv ${miscarchive}.sha256sum $RPM_BUILD_ROOT%{_jvmdir}/
# To show sha in the build log
for file in `ls $RPM_BUILD_ROOT%{_jvmdir}/*.sha256sum` ; do
ls -l $file ;
cat $file ;
done
%if %{include_normal_build}
%files
# main package builds always
%{_jvmdir}/%{jreportablearchive -- %%{nil}}
%{_jvmdir}/%{jreportablearchive -- .debuginfo}
%{_jvmdir}/%{jreportablearchive -- %%{nil}}.sha256sum
%{_jvmdir}/%{jreportablearchive -- .debuginfo}.sha256sum
%else
%files
# placeholder
%endif
%if %{include_normal_build}
%files devel
%{_jvmdir}/%{jdkportablearchive -- %%{nil}}
%{_jvmdir}/%{jdkportablearchive -- .debuginfo}
%{_jvmdir}/%{jdkportablearchive -- %%{nil}}.sha256sum
%{_jvmdir}/%{jdkportablearchive -- .debuginfo}.sha256sum
%endif
%files unstripped
%{_jvmdir}/%{jdkportablearchive -- .unstripped}
%{_jvmdir}/%{jdkportablearchive -- .unstripped}.sha256sum
%if %{include_debug_build}
%files slowdebug
%{_jvmdir}/%{jreportablearchive -- .slowdebug}
%{_jvmdir}/%{jreportablearchive -- .slowdebug}.sha256sum
%files devel-slowdebug
%{_jvmdir}/%{jdkportablearchive -- .slowdebug}
%{_jvmdir}/%{jdkportablearchive -- .slowdebug}.sha256sum
%endif
%if %{include_fastdebug_build}
%files fastdebug
%{_jvmdir}/%{jreportablearchive -- .fastdebug}
%{_jvmdir}/%{jreportablearchive -- .fastdebug}.sha256sum
%files devel-fastdebug
%{_jvmdir}/%{jdkportablearchive -- .fastdebug}
%{_jvmdir}/%{jdkportablearchive -- .fastdebug}.sha256sum
%endif
%files docs
%{_jvmdir}/%{docportablearchive}
%{_jvmdir}/%{docportablearchive}.sha256sum
%files misc
%{_jvmdir}/%{miscportablearchive}
%{_jvmdir}/%{miscportablearchive}.sha256sum
%changelog
* Thu Apr 27 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.372.b07-2
- Sync with existing RHEL 8 build, in order to start building portables on RHEL 8
- Fix debug symbols flag to newboot and package naming
- Disable debug_package as we only produce tarballs
- Drop redundant removal of empty RPM_BUILD_ROOT
* Tue Apr 18 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.372.b07-1
- Update to shenandoah-jdk8u372-b07 (GA)
- Update release notes for shenandoah-8u372-b07.
- Require tzdata 2023c due to inclusion of JDK-8305113 in 8u372-b07
- Reintroduce jconsole-plugin.patch from RHEL 9
- Update generate_tarball.sh to add support for passing a boot JDK to the configure run
- Add POSIX-friendly error codes to generate_tarball.sh and fix whitespace
- Remove .jcheck and GitHub support when generating tarballs, as done in upstream release tarballs
- Drop JDK-8275535/RH2053256 patch which is now upstream
- Include JDK-8271199 backport early ahead of 8u382 (RH2175317)
- ** This tarball is embargoed until 2023-04-18 @ 1pm PT. **
- Resolves: rhbz#2185182
- Resolves: rhbz#2175317
* Tue Apr 18 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.362.b09-2
- Reintroduce generate_source_tarball.sh from RHEL 9
* Tue Feb 28 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.362.b09-1
- Update to shenandoah-jdk8u352-b09 (GA)
- Update release notes for shenandoah-8u352-b09.
- Sync system cacerts support with RHEL 9, disabling using -Dsecurity.systemCACerts=
- Update cacerts patch to fix OPENJDK-1433 SecurityManager issue
* Mon Feb 27 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.362.b08-4
- Build with internal debuginfo as in RHEL and then create a stripped variant ourselves for the portable release build
- Restore compiler flags to those used in RHEL
- Remove 8u portable only debug check using nm -aCl which takes a very long time and seems to be duplicated by other checks
- Add docs & icons to the portable output
- Make sure generated checksums work and don't include full path
- The docs directory is a top-level directory on OpenJDK 8, so needs to be moved to the install directory separately
* Mon Feb 27 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.362.b08-3
- Separate JDK packaging into a separate function
- Use variables to make it clearer what is going on
- Use a package output directory as we do for building and installing
* Mon Feb 27 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.362.b08-2
- Adapt the portable build to use the same system library handling as RHEL builds
* Fri Jan 13 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.362.b08-1
- Update to shenandoah-jdk8u352-b08 (GA)
- Update release notes for shenandoah-8u352-b08.
- Fix broken links and missing release notes in older releases.
- Drop JDK-8195607/PR3776/RH1760437 now this is upstream
- Require tzdata 2022g due to inclusion of JDK-8296108, JDK-8296715 & JDK-8297804
- Drop tzdata patches for 2022d & 2022e (JDK-8294357 & JDK-8295173) which are now upstream
- Update TestTranslations.java to test the new America/Ciudad_Juarez zone
- Drop RH1163501 patch which is not upstream or in 11, 17 & 19 packages and seems obsolete
- Patch was broken by inclusion of "JDK-8293554: Enhanced DH Key Exchanges"
- Patch was added for a specific corner case of a 4096-bit DH key on a Fedora host that no longer exists
- Fedora now appears to be using RSA and the JDK now supports ECC in preference to large DH keys
- Resolves: rhbz#2160111
* Fri Oct 14 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.352.b08-1
- Update to shenandoah-jdk8u352-b08 (GA)
- Update release notes for shenandoah-8u352-b08.
- Update in-tree tzdata to 2022e with JDK-8294357 & JDK-8295173
- Add test to ensure timezones can be translated
- Rebase FIPS patch against 8u352-b07
- * This tarball is embargoed until 2022-10-18 @ 1pm PT. *
- Resolves: rhbz#2133695
* Mon Aug 29 2022 Jayashree Huttanagoudar <jhuttana@redhat.com> - 1:1.8.0.345.b01-2
- Added some previously missing piece related to flatpack builds in portable spec
- The change went into upstream branch in 8u292-b10(GA) itself
* Mon Aug 29 2022 Stephan Bergmann <sbergman@redhat.com> - 1:1.8.0.345.b01-2
- Disable copy-jdk-configs for Flatpak builds
- Fix flatpak builds by exempting them from bootstrap
- Resolves: rhbz#2102727
* Wed Aug 03 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.345.b01-1
- Update to shenandoah-jdk8u345-b01 (GA)
- Update release notes for 8u345-b01.
- Resolves: rhbz#2112405
* Sun Jul 17 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.342.b07-1
- Update to shenandoah-jdk8u342-b07 (GA)
- Update release notes for shenandoah-8u342-b07.
- Print release file during build, which should now include a correct SOURCE value from .src-rev
- Include script to generate bug list for release notes
- Update tzdata requirement to 2022a to match JDK-8283350
- Rebase JDK-8186464 patch so it applies after JDK-8190753
- Switch to GA mode for final release.
- This tarball is embargoed until 2022-07-19 @ 1pm PT.
- Resolves: rhbz#2106502
* Sun Jul 17 2022 Jayashree Huttanagoudar <jhuttana@redhat.com> - 1:1.8.0.332.b09-5
- System security properties are disabled by default on portable.
- Commented out lines which are not applicable for portable.
- Commented out BR for crypto-policies for portable
* Sun Jul 17 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.332.b09-5
- Rebase FIPS patches from fips branch and simplify by using a single patch from that repository
- * RH2036462: sun.security.pkcs11.wrapper.PKCS11.getInstance breakage
- * RH2090378: Revert to disabling system security properties and FIPS mode support together
- Rebase RH1648249 nss.cfg patch so it applies after the FIPS patch
- Rebase PR2888/RH2055274 cacerts patch so it applies after the current FIPS patch
- Perform configuration changes (e.g. nss.cfg, nss.fips.cfg, tzdb.dat) in installjdk
- Enable system security properties in the RPM (now disabled by default in the FIPS repo)
- Improve security properties test to check both enabled and disabled behaviour
- Run security properties test with property debugging on
- Explicitly require crypto-policies during build and runtime for system security properties
- Resolves: rhbz#2097152
- Resolves: rhbz#2100675
* Thu Jun 30 2022 Francisco Ferrari Bihurriet <fferrari@redhat.com> - 1:1.8.0.332.b09-4
- RH2007331: SecretKey generate/import operations don't add the CKA_SIGN attribute in FIPS mode
- Resolves: rhbz#2102435
* Thu May 19 2022 Jiri Vanek <jvanek@redhat.com> - 1:1.8.0.332.b09-3
- to pass aqa:
- removed copy system tzdb in favour of in-tree
- removed Patch3: rh1648644-java_access_bridge_privileged_security.patch
- This is not intended to release untill we decide proper steps
* Wed May 11 2022 Jayashree Huttanagoudar <jhuttana@redhat.com> - 1:1.8.0.332.b09-2
- Add some missing chunk in %check from upstream spec.
* Mon Apr 18 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.332.b09-1
- Update to shenandoah-jdk8u332-b09 (GA)
- Update release notes for 8u332-b09.
- Switch to GA mode for final release.
- This tarball is embargoed until 2022-04-19 @ 1pm PT.
- Resolves: rhbz#2073422
* Mon Apr 18 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.332.b06-0.2.ea
- Allow the default keystore to be configured using security.systemCACerts
- Use of the property can now be disabled using -Djava.security.disableSystemCACerts=true
- Commented out the configuration line for RHEL which is NA for portable.
- Resolves: rhbz#2055274
* Mon Apr 18 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.332.b06-0.1.ea
- Update to shenandoah-jdk8u332-b06 (EA)
- Update release notes for shenandoah-8u332-b06.
- Minor corrections to previous changelog entry.
- Resolves: rhbz#2047536
* Sun Apr 17 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.332.b01-0.1.ea
- Update to shenandoah-jdk8u332-b01 (EA)
- Update release notes for shenandoah-8u332-b01.
- Switch to EA mode.
- Remove JDK-8279077 patch now upstream.
- Related: rhbz#2047536
* Mon Feb 28 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.322.b06-10
- Add JDK-8275535 patch to fix LDAP authentication issue.
- Resolves: rhbz#2053285
* Mon Feb 28 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.322.b06-9
- Detect NSS at runtime for FIPS detection
- Resolves: rhbz#2052828
* Mon Feb 21 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.322.b06-8
- Refactor build functions so we can build just HotSpot without any attempt at installation.
- Introduce architecture restriction logic for the gdb test. (RH2041970)
- Pass compiler flags to the ADLC build (JDK-8281098)
- Adjust JDK8199936/PR3533 -mstackrealign patch to instead pass -mincoming-stack-boundary=2 -mpreferred-stack-boundary=4
- Explicitly list JIT architectures rather than relying on those with slowdebug builds
- Disable the serviceability agent on Zero architectures even when the architecture itself is supported
- Add backport of JDK-8257794 to fix bogus assert on slowdebug x86-32 Zero builds
- Sync minor placement differences with Fedora & RHEL 9
- Resolves: rhbz#2022815
* Mon Jan 31 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.322.b06-7
- Turn off bootstrapping for slow debug builds, which are particularly slow on ppc64le.
- Related: rhbz#2022815
* Fri Jan 28 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.322.b06-6
- Reduce disk footprint by removing build artifacts by default.
- Related: rhbz#1999937
* Thu Jan 27 2022 Jayashree Huttanagoudar <gnu.andrew@redhat.com> - 1:1.8.0.322.b06-5
- Add some diagnostic messages to buildjdk()
- Add missing chmod instructions to buildjdk()
* Thu Jan 27 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.322.b06-5
- Use the "reverse" build loop (debug first) as the main and only build loop to get more diagnostics.
- Resolves: rhbz#1966233
* Tue Jan 25 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.322.b06-4
- Install nss.cfg and nss.fips.cfg into portable images.
- Consistently make use of jdkimage and jreimage variables.
* Mon Jan 24 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.322.b06-3
- Separate crypto policy initialisation from FIPS initialisation, now they are no longer interdependent
* Mon Jan 24 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.322.b06-2
- Fix FIPS issues in native code and with initialisation of java.security.Security
- Related: rhbz#2039366
* Fri Jan 21 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.322.b06-1
- Update to aarch64-shenandoah-jdk8u322-b06 (EA)
- Update release notes for 8u322-b06.
- Switch to GA mode for final release.
- Resolves: rhbz#2039366
* Thu Jan 20 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.322.b05-0.1.ea
- Update to aarch64-shenandoah-jdk8u322-b05 (EA)
- Update release notes for 8u322-b05.
- Require tzdata 2021e as of JDK-8275766.
- Update tarball generation script to use git following shenandoah-jdk8u's move to github
- Resolves: rhbz#2022815
* Tue Jan 18 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.322.b04-0.2.ea
- Add backport of JDK-8279077 to fix crash on ppc64
- Resolves: rhbz#2030399
* Mon Jan 10 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.322.b04-0.1.ea
- Update to aarch64-shenandoah-jdk8u322-b04 (EA)
- Update release notes for 8u322-b04.
- Require tzdata 2021c as of JDK-8274407.
- Related: rhbz#2022815
* Fri Jan 07 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.322.b03-0.1.ea
- Update to aarch64-shenandoah-jdk8u322-b03 (EA)
- Update release notes for 8u322-b03.
- Related: rhbz#2022815
* Fri Dec 17 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.322.b02-0.1.ea
- Update to aarch64-shenandoah-jdk8u322-b02 (EA)
- Update release notes for 8u322-b02.
- Related: rhbz#2022815
* Tue Dec 14 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.322.b01-0.1.ea
- Update to aarch64-shenandoah-jdk8u322-b01 (EA)
- Update release notes for 8u322-b01.
- Switch to EA mode.
- Related: rhbz#2022815
* Tue Dec 14 2021 Jayashree Huttanagoudar <jhuttana@redhat.com> - 1:1.8.0.322.b01-0.1.ea
- Typo correction to the previous commit for restructuring the build.
* Mon Dec 06 2021 Severin Gehwolf <sgehwolf@redhat.com> - 1:1.8.0.312.b07-5
- Use 'sql:' prefix in nss.fips.cfg as F35+ no longer ship the legacy
secmod.db file as part of nss
- Resolves: rhbz#2023532
* Mon Nov 22 2021 Jayashree Huttanagoudar <jhuttana@redhat.com> - 1:1.8.0.312.b07-4
- Fixed warnings for bogus date and macro expansion in comment line.
* Mon Oct 25 2021 Jiri Vanek <jvanek@redhat.com> - 1:1.8.0.312.b07-3
- added and enabled nss.cfg (source11: nss.cfg.in + patch1000: rh1648249-add_commented_out_nss_cfg_provider_to_java_security.patch)
- added and enabled fips patches and nss.fips.cfg
- added and enabled source15: TestSecurityProperties.java test
- enabled patch534: rh1648246-always_instruct_vm_to_assume_multiple_processors_are_available.patch
- enabled patch539: pr2888-openjdk_should_check_for_system_cacerts_database_eg_etc_pki_java_cacerts.patch
- source17: nss.fips.cfg.in,patch1001: rh1655466-global_crypto_and_fips.patch
patch1001: rh1655466-global_crypto_and_fips.patch
patch1002: rh1818909-fips_default_keystore_type.patch patch1004: rh1860986-disable_tlsv1.3_in_fips_mode.patch
patch1005: rh1915071-always_initialise_configurator_access.patch patch1006: rh1929465-improve_system_FIPS_detection-root.patch
patch1007: rh1929465-improve_system_FIPS_detection-jdk.patch
patch1008: rh1996182-login_to_nss_software_token.patch patch1011: rh1991003-enable_fips_keys_import.patch
patch580: jdk8195607-pr3776-rh1760437-nss_sqlite_db_config.patch
- Disable FIPS mode detection using NSS in favour of using /proc/sys/crypto/fips_enabled for now, so we don't link against NSS
-- effectively disabled Patch1008: rh1929465-improve_system_FIPS_detection.patch by settng --enable-sysconf-nss to --disable-sysconf-nss
-- the enable-sysconf-nss was bringing in hard depndence on nss. Without nss, even in non fips, jvm had not even started
- introduced ssbd_arches to have properly tested alt-java
-- added forgotten test for alt-java
- removed bad redeclaration of fastdebug_arches
- made TestECDSA non fatal, started to fail. Locally passed. TODO, fix
* Mon Oct 25 2021 Jiri Vanek <jvanek@redhat.com> - 1:1.8.0.312.b07-2
- cacerts symlink is resolved before passed to configure
- https://issues.redhat.com/browse/OPENJDK-487
* Fri Oct 15 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.312.b07-1
- Update to aarch64-shenandoah-jdk8u312-b07 (EA)
- Update release notes for 8u312-b07.
- Switch to GA mode for final release.
- This tarball is embargoed until 2021-10-19 @ 1pm PT.
- Resolves: rhbz#2011826
* Mon Oct 04 2021 Jiri Vanek <jvanek@redhat.com> - 1:1.8.0.302.b08-2
- fixed bugzilla component. It was pointing to java-x-vendor-portable due to recent rename
* Mon Aug 16 2021 Jiri Vanek <jvanek@redhat.com> - 1:1.8.0.302.b08-1
- renamed to java-1.8.0-openjdk-portable
- adapted pacakges to not contain double portbale in name
* Fri Jul 16 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.302.b08-0
- Update to aarch64-shenandoah-jdk8u302-b08 (EA)
- Update release notes for 8u302-b08.
- Switch to GA mode for final release.
- This tarball is embargoed until 2021-07-20 @ 1pm PT.
- added forgotten patch107 s390-8214206_fix.patch
* Thu Jul 01 2021 Jiri Vanek <jvanek@redhat.com> - 1:1.8.0.302.b03-0.1.ea
- returned two wrongly removed patches
- returned and applied patch541 rh1684077-openjdk_should_depend_on_pcsc-lite-libs_instead_of_pcsc-lite-devel.patch
- returned and applied patch12 jdk8186464-rh1433262-zip64_failure.patch
* Sun Jun 27 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.302.b03-0.0.ea
- Update to aarch64-shenandoah-jdk8u302-b03 (EA)
- Update release notes for 8u302-b03.
- Resolves: rhbz#1967812
* Fri Apr 09 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.292.b10-1
- Add CVE numbers.
- Require tzdata 2021a due to JDK-8260356
- Resolves: rhbz#1938201
* Thu Apr 08 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.292.b10-0
- Update to aarch64-shenandoah-jdk8u292-b10 (GA)
- Update release notes for 8u292-b10.
- This tarball is embargoed until 2021-04-20 @ 1pm PT.
- Resolves: rhbz#1938201
* Thu Apr 08 2021 Stephan Bergmann <sbergman@redhat.com> - 1:1.8.0.292.b10-0
- Hardcode /usr/sbin/alternatives for Flatpak builds
- Resolves: rhbz#1967813
* Tue Mar 30 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.292.b09-0.0.ea
- Update to aarch64-shenandoah-jdk8u292-b09 (EA)
- Update release notes for 8u292-b09.
- Resolves: rhbz#1938081
* Sat Mar 27 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.292.b08-0.0.ea
- Update to aarch64-shenandoah-jdk8u292-b08 (EA)
- Update release notes for 8u292-b08.
- Resolves: rhbz#1938081
* Thu Mar 25 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.292.b07-0.0.ea
- Update to aarch64-shenandoah-jdk8u292-b07 (EA)
- Update release notes for 8u292-b07.
- Resolves: rhbz#1938081
* Mon Mar 22 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.292.b06-0.0.ea
- Update to aarch64-shenandoah-jdk8u292-b06 (EA)
- Update release notes for 8u292-b06.
- Require tzdata 2020f due to JDK-8259048
- Resolves: rhbz#1938081
* Mon Mar 15 2021 Jayashree Huttanagoudar <jhuttana@redhat.com> - 1:1.8.0.292.b05-0.1.ea
- Remove patch s390-8214206_fix.patch as portable is not built for s390.
* Mon Mar 15 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.292.b05-0.1.ea
- Update to aarch64-shenandoah-jdk8u292-b05-shenandoah-merge-2021-03-11 (EA).
- Update release notes for 8u292-b05-shenandoah-merge-2021-03-11.
* Mon Mar 08 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.292.b05-0.0.ea
- Update to aarch64-shenandoah-jdk8u292-b05 (EA)
- Update release notes for 8u292-b05.
* Fri Mar 05 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.292.b04-0.0.ea
- Update to aarch64-shenandoah-jdk8u292-b04 (EA)
- Update release notes for 8u292-b04.
* Thu Mar 04 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.292.b03-0.0.ea
- Update to aarch64-shenandoah-jdk8u292-b03 (EA)
- Update release notes for 8u292-b03.
* Tue Mar 02 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.292.b02-0.0.ea
- Update to aarch64-shenandoah-jdk8u292-b02 (EA)
- Update release notes for 8u292-b02.
* Fri Feb 12 2021 Jayashree Huttanagoudar <jhuttana@redhat.com> - 1:1.8.0.292.b01-0.0.ea
- Update tzdata-java from 2020b to 2021a
* Fri Feb 12 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.292.b01-0.0.ea
- Update to aarch64-shenandoah-jdk8u292-b01 (EA)
- Update release notes for 8u292-b01.
- Switch to EA mode.
* Thu Feb 4 2021 Jayashree Huttanagoudar <jhuttana@redhat.com> - 1:1.8.0.282.b08-4
- Changes to generate sha256sum for each linux-portable build artifacts inside RPM
* Mon Jan 25 2021 Jayashree Huttanagoudar <jhuttana@redhat.com> - 1:1.8.0.282.b08-3
- Cleanup package summary for fastdebug and slowdebug.
- Resolves: rhbz#1908963
* Mon Jan 25 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.282.b08-2
- Cleanup package descriptions and version number placement.
- Resolves: rhbz#1908963
* Mon Jan 18 2021 Jayashree Huttanagoudar <jhuttana@redhat.com> - 1:1.8.0.282.b08-1
- Fix to address the extra src.zip bundled inside jdk tarball.
* Sat Jan 16 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.282.b08-0
- Update to aarch64-shenandoah-jdk8u282-b08 (GA)
- Update release notes for 8u282-b08.
- This tarball is embargoed until 2021-01-19 @ 1pm PT.
- Resolves: rhbz#1908963
* Fri Jan 15 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.282.b07-0.0.ea
- Update to aarch64-shenandoah-jdk8u282-b07 (EA)
- Update release notes for 8u282-b07.
- Fix placement issue in release notes, caught by comparing with vanilla version.
- Resolves: rhbz#1903904
* Wed Jan 13 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.282.b06-0.0.ea
- Update to aarch64-shenandoah-jdk8u282-b06 (EA)
- Update release notes for 8u282-b06.
- Resolves: rhbz#1903903
* Mon Jan 11 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.282.b05-0.0.ea
- Update to aarch64-shenandoah-jdk8u282-b05 (EA)
- Update release notes for 8u282-b05 and make some minor corrections.
- Resolves: rhbz#1903903
* Fri Jan 08 2021 Jiri Vanek <jvanek@redhat.com> - 1:1.8.0.282.b04-0.1.ea
- added patch600, rh1750419-redhat_alt_java.patch
- Replaced alt-java palceholder by real pathced alt-java
- remove patch529 rh1566890-CVE_2018_3639-speculative_store_bypass.patch
- remove patch531 rh1566890-CVE_2018_3639-speculative_store_bypass_toggle.patch
- both suprassed by new patch
- Resolves: rhbz#1750419
* Wed Jan 06 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.282.b04-0.0.ea
- Update to aarch64-shenandoah-jdk8u282-b04 (EA)
- Update release notes for 8u282-b04.
- Remove upstreamed patch PR3519
- Resolves: rhbz#1903903
* Sat Jan 02 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.282.b03-0.0.ea
- Update to aarch64-shenandoah-jdk8u282-b03 (EA)
- Update release notes for 8u282-b03.
- Resolves: rhbz#1903903
* Wed Dec 23 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.282.b02-0.0.ea
- Update to aarch64-shenandoah-jdk8u282-b02 (EA)
- Resolves: rhbz#1903903
* Tue Dec 22 2020 Jayashree Huttanagoudar <jhuttana@redhat.com> - 1:1.8.0.282.b01-0.0.ea
- Remove upstreamed JDK-8252395 & JDK-8252975.
* Tue Dec 22 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.282.b01-0.0.ea
- Update to aarch64-shenandoah-jdk8u282-b01 (EA)
- Update release notes for 8u282-b01.
- Switch to EA mode.
- Require tzdata 2020b due to resource changes in JDK-8254177
- Remove PR3601, covered upstream by JDK-8062808.
- Remove upstreamed JDK-8197981/PR3548, JDK-8062808/PR3548, JDK-8254177 & JDK-8215727.
- Resolves: rhbz#1903903
* Wed Dec 09 2020 Jayashree Huttanagoudar <jhuttana@redhat.com> - 1:1.8.0.275.b01-3
- Included patch to handle '--without fastdebug' option to mockbuild
* Wed Dec 09 2020 Jayashree Huttanagoudar <jhuttana@redhat.com> - 1:1.8.0.275.b01-2
- Align fastdebug/slowdebug changes with upstream rhel-8.4.0 spec
* Tue Dec 01 2020 Jiri Vanek <jvanekf@redhat.com> - 1:1.8.0.275.b01-1
- added br of listdc++-static
- removed patch998 rh1649731-allow_to_build_on_rhel6_with_stdcpplib_autotools_2_63.patch
- removed patch999 gcc-4.4.7-x86-32-siphash64.patch
- initial on-el7 build (more tuning expected)
* Fri Nov 06 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.275.b01-0
- Update to aarch64-shenandoah-jdk8u275-b01 (GA)
- Update release notes for 8u275.
- Resolves: rhbz#1895062
* Wed Oct 21 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.272.b10-3
- Add backport of JDK-8215727: "Restore JFR thread sampler loop to old / previous behaviour"
- Resolves: rhbz#1876665
* Wed Oct 21 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.272.b10-2
- Remove the 64-bit siphash test which fails to compile on x86-32 debug builds with gcc 4.4.7 in RHEL 6
- Resolves: rhbz#1876665
* Tue Oct 20 2020 Jayashree Huttanagoudar <jhuttana@redhat.com> - 1:1.8.0.272.b10-1
- Added patch to apply tzdata 2020b
* Sat Oct 17 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.272.b10-0
- Update to aarch64-shenandoah-jdk8u272-b10.
- Switch to GA mode for final release.
- Update release notes for 8u272 release.
- Add backport of JDK-8254177 to update to tzdata 2020b
- Require tzdata 2020b due to resource changes in JDK-8254177
- Delay tzdata 2020b dependency until tzdata update has shipped.
- Adjust JDK-8062808/PR3548 following constantPool.hpp context change in JDK-8243302
- Adjust PR3593 following g1StringDedupTable.cpp context change in JDK-8240124 & JDK-8244955
- This tarball is embargoed until 2020-10-20 @ 1pm PT.
- Resolves: rhbz#1876665
* Thu Oct 15 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.272.b09-0.1.ea
- Include a test in the RPM to check the build has the correct vendor information.
- Use 'oj_' prefix on new vendor globals to avoid a conflict with RPM's vendor value.
- Improve quoting of vendor name
- Resolves: rhbz#1876665
* Thu Oct 15 2020 Jiri Vanek <jvanek@redhat.com> - 1:1.8.0.272.b09-0.1.ea
- Set vendor property and vendor URLs
- Made URLs to be preconfigured by OS
- Resolves: rhbz#1876665
* Wed Oct 14 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.272.b09-0.0.ea
- Update to aarch64-shenandoah-jdk8u272-b09 (EA).
- Resolves: rhbz#1876665
* Tue Oct 13 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.272.b08-0.0.ea
- Update to aarch64-shenandoah-jdk8u272-b08 (EA).
- Resolves: rhbz#1876665
* Mon Oct 12 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.272.b07-0.5.ea
- Enable JFR on x86, now we have JDK-8252096: Shenandoah: adjust SerialPageShiftCount for x86_32 and JFR
- Resolves: rhbz#1876665
* Wed Sep 23 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.272.b07-0.4.ea
- Re-organise S/390 patches for upstream submission, separating 8u upstream from Shenandoah fixes.
- Add new formatting case found in memprofiler.cpp on debug builds to PR3593 patch.
* Wed Sep 23 2020 Jayashree Huttanagoudar <jhuttana@redhat.com> - 1:1.8.0.272.b07-0.3.ea
- Placed upstream patches JDK-8252395 and JDK-8252975 under separate section
- So that these patches can be dropped easily once they are available in 8u282 GA release
* Thu Sep 17 2020 Jayashree Huttanagoudar <jhuttana@redhat.com> - 1:1.8.0.272.b07-0.2.ea
- Added upstream patches for JDK-8252395 and JDK-8252975
- JDK-8252395: To ensure debuginfo files get properly copied to the images directory
- JDK-8252975: Is to fix the build failure due to JDK-8252395
* Tue Sep 08 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.272.b07-0.0.ea
- Update to aarch64-shenandoah-jdk8u272-b07.
* Thu Sep 03 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.272.b06-0.0.ea
- Update to aarch64-shenandoah-jdk8u272-b06.
* Wed Sep 02 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.272.b05-0.1.ea
- Add additional s390 log2_intptr case in shenandoahUtils.cpp introduced by JDK-8245464
* Wed Sep 02 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.272.b05-0.1.ea
- Update to aarch64-shenandoah-jdk8u272-b05-shenandoah-merge-2020-08-28.
* Thu Aug 27 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.272.b05-0.0.ea
- Add additional s390 size_t case in g1ConcurrentMarkObjArrayProcessor.cpp introduced by JDK-8057003
* Thu Aug 27 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.272.b05-0.0.ea
- Update to aarch64-shenandoah-jdk8u272-b05.
- Fix context in JDK-8186464/RH1433262 patch, following JDK-8078334 @randomness tag addition.
* Wed Aug 19 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.272.b04-0.0.ea
- Update to aarch64-shenandoah-jdk8u272-b04.
* Mon Aug 17 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.272.b03-0.0.ea
- Update to aarch64-shenandoah-jdk8u272-b03.
* Sun Aug 09 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.272.b02-0.0.ea
- Change target from 'zip-docs' to 'docs-zip', which is the naming used upstream.
* Sun Aug 09 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.272.b02-0.0.ea
- Update to aarch64-shenandoah-jdk8u272-b02.
- Remove JDK-8154313 backport now applied upstream.
* Sat Aug 01 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.272.b01-0.0.ea
- JFR must now be explicitly disabled when unwanted (e.g. x86), following switch of upstream default.
* Sat Aug 01 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.272.b01-0.0.ea
- Update to aarch64-shenandoah-jdk8u272-b01.
- Switch to EA mode.
- Remove ZipConstants change from JDK-8186464 backport, now provided upstream by JDK-8075774
* Mon Jul 27 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.265.b01-0
- Update to aarch64-shenandoah-jdk8u265-b01.
- Update release notes for 8u265 release.
- Resolves: rhbz#1860453
* Sun Jul 12 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.262.b10-0
- Introduce jfr_arches for architectures which support JFR.
- Resolves: rhbz#1838811
* Sun Jul 12 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.262.b10-0
- Update to aarch64-shenandoah-jdk8u262-b10.
- Switch to GA mode for final release.
- Update release notes for 8u262 release.
- Fix typo in jfr_arches which leads to ppc64 being wrongly excluded.
- Split JDK-8042159 patch into per-repo patches as upstream.
- Update JDK-8042159 JDK patch to apply after JDK-8238002 changes to Awt2dLibraries.gmk
- Resolves: rhbz#1838811
* Sat Jul 11 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.262.b09-0.3.ea
- Restructure the build so a minimal initial build is then used for the final build (with docs)
- This reduces pressure on the system JDK and ensures the JDK being built can do a full build
- Resolves: rhbz#1838811
* Fri Jul 10 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.262.b09-0.2.ea
- Update to aarch64-shenandoah-jdk8u262-b09-shenandoah-merge-2020-07-03
- Resolves: rhbz#1838811
* Wed Jul 08 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.262.b09-0.2.ea
- Sync alt-java support with java-11-openjdk version.
- Resolves: rhbz#1838811
* Wed Jul 08 2020 Jiri Vanek <jvanek@redhat.com> - 1:1.8.0.262.b09-0.2.ea
- Created copy of java as alt-java and adapted alternatives and man pages
- Resolves: rhbz#1838811
* Wed Jul 08 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.262.b09-0.1.ea
- Update to aarch64-shenandoah-jdk8u262-b09.
- Resolves: rhbz#1838811
* Wed Jul 08 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.262.b08-0.3.ea
- Update to aarch64-shenandoah-jdk8u262-b08.
- Resolves: rhbz#1838811
* Tue Jul 07 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.262.b07-0.2.ea
- Update to aarch64-shenandoah-jdk8u262-b07-shenandoah-merge-2020-06-18.
- Resolves: rhbz#1838811
* Fri Jul 03 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.262.b07-0.1.ea
- Update to aarch64-shenandoah-jdk8u262-b07.
- Require tzdata 2020a so system tzdata matches resource updates in b07
- Resolves: rhbz#1838811
* Mon Jun 08 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.262.b06-0.1.ea
- Update to aarch64-shenandoah-jdk8u262-b06.
- Resolves: rhbz#1838811
* Mon Jun 08 2020 Jayashree Huttanagoudar <jhuttana@redhat.com> - 1:1.8.0.262.b05-0.4.ea
- Removed patch jdk8243541-rh1838229-tzdata2020a.patch
- Portabel builds use upstream tzddb.dat, and we expect it to be synced with jdk code
* Mon Jun 08 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.262.b05-0.4.ea
- Backport JDK-8186464 so ZIP64 archives < 4GB can be read.
- Resolves: rhbz#1433262
* Mon Jun 08 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.262.b05-0.3.ea
- Update to aarch64-shenandoah-jdk8u262-b05-shenandoah-merge-2020-06-04.
- Resolves: rhbz#1838811
* Mon Jun 08 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.262.b05-0.2.ea
- Backport JDK-8243541 & require tzdata 2020a as latest tzdata package needs resource updates
- Resolves: rhbz#1838229
* Sun Jun 07 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.262.b05-0.1.ea
- Update to aarch64-shenandoah-jdk8u262-b05.
- Remove backports of JDK-8227269 & JDK-8241750 included upstream in 8u262-b05.
- Resolves: rhbz#1838811
* Sun Jun 07 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.262.b04-0.1.ea
- Update to aarch64-shenandoah-jdk8u262-b04.
- Resolves: rhbz#1838811
* Sun Jun 07 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.262.b03-0.2.ea
- Update to aarch64-shenandoah-jdk8u262-b03-shenandoah-merge-2020-05-20.
- Resolves: rhbz#1838811
* Sat Jun 06 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.262.b03-0.1.ea
- Update to aarch64-shenandoah-jdk8u262-b03.
- Resolves: rhbz#1838811
* Sat Jun 06 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.262.b02-0.2.ea
- Enable JFR in our builds, ahead of upstream default.
- Only enable JFR for JIT builds, as it is not supported with Zero.
- Turn off JFR on x86 for now due to assert(SerializePageShiftCount == count) crash.
- Resolves: rhbz#1838811
* Wed Jun 03 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.262.b02-0.1.ea
- Update to aarch64-shenandoah-jdk8u262-b02.
- Resolves: rhbz#1838811
* Sun May 24 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.262.b01-0.1.ea
- Update to aarch64-shenandoah-jdk8u262-b01.
- Switch to EA mode.
- Adjust JDK-8143245/PR3548 patch following context changes due to JDK-8203287 for JFR
* Sat May 23 2020 Andrew John Hughes <gnu.andrew@redhat.com> - 1:1.8.0.252.b09-4
- Add backports of JDK-8227269 & JDK-8241750 to resolve slow class loading with JDWP enabled.
- Resolves: rhbz#1751985
* Tue Apr 14 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.252.b09-2
- Add release notes.
- Resolves: rhbz#1810557
* Sun Apr 12 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.252.b09-1
- Make use of --with-extra-asflags introduced in jdk8u252-b01.
- Resolves: rhbz#1810557
* Mon Apr 06 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.252.b09-0
- Update to aarch64-shenandoah-jdk8u252-b09.
- Switch to GA mode for final release.
- Resolves: rhbz#1810557
* Fri Mar 27 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.252.b08-0.0.ea
- Update to aarch64-shenandoah-jdk8u252-b08.
- Resolves: rhbz#1810557
* Tue Mar 24 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.252.b07-0.0.ea
- Update to aarch64-shenandoah-jdk8u252-b07.
- Resolves: rhbz#1810557
* Mon Mar 16 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.252.b06-0.0.ea
- Update to aarch64-shenandoah-jdk8u252-b06.
- Resolves: rhbz#1810557
* Fri Feb 28 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.252.b05-0.0.ea
- Update to aarch64-shenandoah-jdk8u252-b05.
- Resolves: rhbz#1810557
* Mon Feb 24 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.252.b04-0.0.ea
- Update to aarch64-shenandoah-jdk8u252-b04.
- Resolves: rhbz#1810557
* Wed Feb 19 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.252.b03-0.0.ea
- Update to aarch64-shenandoah-jdk8u252-b03.
- Adjust PR2974/RH1337583 & PR3083/RH1346460 following context changes in JDK-8230978
- Resolves: rhbz#1810557
* Tue Feb 04 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.252.b02-0.0.ea
- Update to aarch64-shenandoah-jdk8u252-b02.
- Resolves: rhbz#1810557
* Mon Jan 27 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.252.b01-0.0.ea
- Update to aarch64-shenandoah-jdk8u252-b01.
- Switch to EA mode.
- Adjust JDK-8199936/PR3533 patch following JDK-8227397 configure change
- Resolves: rhbz#1810557
* Tue Jan 21 2020 Jiri Vanek <jvanek@redhat.com> - 1:1.8.0.242.b08-3
- get rid of openjdkportable in favour of el
* Tue Jan 21 2020 Jiri Vanek <jvanek@redhat.com> - 1:1.8.0.242.b08-2
- renamed static to more accurate portable
* Wed Jan 15 2020 Jiri Vanek <jvanek@redhat.com> - 1:1.8.0.242.b08-1
- sync with rhel 8.1
* Tue Oct 15 2019 Jiri Vanek <jvanek@redhat.com> - 1:1.8.0.232.b09-0
- Update to aarch64-shenandoah-jdk8u232-b09.
- Switch to GA mode for final release.
- Remove PR1834/RH1022017 which is now handled by JDK-8228825 upstream.
* Mon Oct 07 2019 Jiri Vanek <jvanek@redhat.com> - 1:1.8.0.232.b01-0.0.ea
- Update to aarch64-shenandoah-jdk8u232-b01.
- Switch to EA mode.
- Drop JDK-8210761/RH1632174 as now upstream.
- Drop JDK-8223219 as now upstream.
* Tue Jul 23 2019 Jiri Vanek <jvanek@redhat.com> - 1:1.8.0.222.b10-4
- for release, build debugsymbols to special archive
* Tue Jul 23 2019 Jiri Vanek <jvanek@redhat.com> - 1:1.8.0.222.b10-3
- filtered out -g from extra flags
* Thu Jul 11 2019 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.222.b10-1
- Update to aarch64-shenandoah-jdk8u222-b10.
- Resolves: rhbz#1724452
* Mon Jul 08 2019 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.222.b09-2
- Use normal_suffix for Javadoc zip filename to copy, as there is is no debug version.
- Resolves: rhbz#1724452
* Mon Jul 08 2019 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.222.b09-2
- Provide Javadoc debug subpackages for now, but populate them from the normal build.
- Resolves: rhbz#1724452
* Mon Jul 08 2019 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.222.b09-1
- Update to aarch64-shenandoah-jdk8u222-b09.
- Switch to GA mode for final release.
- Resolves: rhbz#1724452
* Tue Jul 02 2019 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.222.b08-0.1.ea
- Update to aarch64-shenandoah-jdk8u222-b08.
- Adjust PR3083/RH134640 to apply after JDK-8182999
- Resolves: rhbz#1724452
* Tue Jul 02 2019 Severin Gehwolf <sgehwolf@redhat.com> - 1:1.8.0.222.b07-0.3.ea
- Include 'ea' designator in Release when appropriate.
- Resolves: rhbz#1724452
* Wed Jun 26 2019 Severin Gehwolf <sgehwolf@redhat.com> - 1:1.8.0.222.b07-2
- Don't produce javadoc/javadoc-zip sub packages for the debug variant build.
- Don't perform a bootcycle build for the debug variant build.
- Resolves: rhbz#1724452
* Tue Jun 25 2019 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.222.b07-1
- Update to aarch64-shenandoah-jdk8u222-b07 and Shenandoah merge 2019-06-13.
- Resolves: rhbz#1724452
* Fri Jun 14 2019 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.222.b06-1
- Update to aarch64-shenandoah-jdk8u222-b06.
- Resolves: rhbz#1724452
* Thu Jun 06 2019 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.222.b05-1
- Update to aarch64-shenandoah-jdk8u222-b05.
- Resolves: rhbz#1724452
* Sat May 25 2019 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.222.b04-1
- Update to aarch64-shenandoah-jdk8u222-b04.
- Drop remaining JDK-8210425/RH1632174 patch now AArch64 part is upstream.
- Resolves: rhbz#1705328
* Wed May 22 2019 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.222.b03-1
- Handle milestone as variables so we can alter it easily and set the docs zip filename appropriately.
- Drop unused use_shenandoah_hotspot variable.
- Resolves: rhbz#1705328
* Wed May 22 2019 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.222.b03-1
- Update to aarch64-shenandoah-jdk8u222-b03.
- Set milestone to "ea" as this is not the final release.
- Drop 8210425 patches applied upstream. Still need to add AArch64 version in aarch64/shenandoah-jdk8u.
- Re-generate JDK-8141570 & JDK-8143245 patches due to 8210425 zeroshark.make changes.
- Resolves: rhbz#1705328
* Mon May 13 2019 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.222.b02-1
- Update to aarch64-shenandoah-jdk8u222-b02.
- Drop 8064786/PR3599 & 8210416/RH1632174 as applied upstream (8064786 silently in 8176100).
- Resolves: rhbz#1705328
* Thu May 02 2019 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.222.b01-1
- Update to aarch64-shenandoah-jdk8u222-b01.
- Refactor PR2888 after inclusion of 8129988 upstream. Now includes PR3575.
- Drop 8171000, 8197546 & PR3634 as applied upstream.
- Adjust 8214206 fix for S390 as BinaryMagnitudeSeq moved to shenandoahNumberSeq.cpp
- Resolves: rhbz#1705328
* Thu Apr 11 2019 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.212.b04-1
- Update to aarch64-shenandoah-jdk8u212-b04.
- Resolves: rhbz#1693468
* Thu Apr 11 2019 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.212.b03-0
- Update to aarch64-shenandoah-jdk8u212-b03.
- Resolves: rhbz#1693468
* Tue Apr 09 2019 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.212.b02-0
- Update to aarch64-shenandoah-jdk8u212-b02.
- Remove patches included upstream
- JDK-8197429/PR3546/RH153662{2,3}
- JDK-8184309/PR3596
- Re-generate patches
- JDK-8203030
- Add casts to resolve s390 ambiguity in calls to log2_intptr
- Resolves: rhbz#1693468
* Sun Apr 07 2019 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.202.b08-0
- Update to aarch64-shenandoah-jdk8u202-b08.
- Remove patches included upstream
- JDK-8211387/PR3559
- JDK-8073139/PR1758/RH1191652
- JDK-8044235
- JDK-8131048/PR3574/RH1498936
- JDK-8164920/PR3574/RH1498936
- Resolves: rhbz#1693468
* Thu Apr 04 2019 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.201.b13-0
- Update to aarch64-shenandoah-jdk8u201-b13.
- Drop JDK-8160748 & JDK-8189170 AArch64 patches now applied upstream.
- Resolves: rhbz#1693468
* Tue Apr 02 2019 Severin Gehwolf <sgehwolf@redhat.com> - 1:1.8.0.201.b09-3
- Update patch for RH1566890.
- Renamed rh1566890_speculative_store_bypass_so_added_more_per_task_speculation_control_CVE_2018_3639 to
rh1566890-CVE_2018_3639-speculative_store_bypass.patch
- Added dependent patch,
rh1566890-CVE_2018_3639-speculative_store_bypass_toggle.patch
- Resolves: rhbz#1693468
* Tue Mar 12 2019 Jiri Vanek <jvanek@redhat.com> - 1:1.8.0.201.b09-2
- name adapted to current tag
* Thu Feb 28 2019 Jiri Vanek jvanek@redhat.com - 1:1.8.0.201.b09-2
- Replaced pcsc-lite-devel (which is in optional channel) with pcsc-lite-libs.
- added rh1684077-openjdk_should_depend_on_pcsc-lite-libs_instead_of_pcsc-lite-devel.patch to make jdk work with pcsc
* Tue Feb 26 2019 Jiri Vanek <jvanek@redhat.com> - 1:1.8.0.201.b09-0
- cripled rpms original specto roduce only portable build
- Resolves: rhbz#1661577