--- old/make/autoconf/buildjdk-spec.gmk.in 2018-06-11 13:06:29.071003493 -0700 +++ new/make/autoconf/buildjdk-spec.gmk.in 2018-06-11 13:06:28.851003501 -0700 @@ -75,6 +75,8 @@ JVM_ASFLAGS := @OPENJDK_BUILD_JVM_ASFLAGS@ JVM_LIBS := @OPENJDK_BUILD_JVM_LIBS@ +NO_SPECULATIVE_CTI_CFLAGS := @OPENJDK_BUILD_NO_SPECULATIVE_CTI_CFLAGS@ + # The compiler for the build platform is likely not warning compatible with the official # compiler. WARNINGS_AS_ERRORS := false --- old/make/autoconf/flags-cflags.m4 2018-06-11 13:06:29.743003470 -0700 +++ new/make/autoconf/flags-cflags.m4 2018-06-11 13:06:29.519003478 -0700 @@ -764,6 +764,33 @@ $1_WARNING_CFLAGS_JVM="-Wno-format-zero-length -Wtype-limits -Wuninitialized" fi + case $TOOLCHAIN_TYPE in + gcc) + $2NO_SPECULATIVE_CTI_CFLAGS="-mindirect-branch=thunk \ + -mfunction-return=thunk -mindirect-branch-register" + ;; + microsoft) + $2NO_SPECULATIVE_CTI_CFLAGS="-Qspectre" + ;; + *) + $2NO_SPECULATIVE_CTI_CFLAGS="" + ;; + esac + if test -n "${$2NO_SPECULATIVE_CTI_CFLAGS}"; then + FLAGS_COMPILER_CHECK_ARGUMENTS(ARGUMENT: [${$2NO_SPECULATIVE_CTI_CFLAGS}], + IF_FALSE: [ + AC_MSG_WARN([Speculative call mitigations not available with compiler version]) + $2NO_SPECULATIVE_CTI_CFLAGS="" + ] + ) + fi + AC_MSG_CHECKING([for speculative calls mitigation flags for $1]) + if test -n "${$2NO_SPECULATIVE_CTI_CFLAGS}"; then + AC_MSG_RESULT(${$2NO_SPECULATIVE_CTI_CFLAGS}) + else + AC_MSG_RESULT(no) + fi + # EXPORT to API CFLAGS_JVM_COMMON="$ALWAYS_CFLAGS_JVM $ALWAYS_DEFINES_JVM $TOOLCHAIN_CFLAGS_JVM \ $OS_CFLAGS $OS_CFLAGS_JVM $CFLAGS_OS_DEF_JVM $DEBUG_CFLAGS_JVM \ @@ -782,8 +809,12 @@ CFLAGS_JDK_COMMON_CXXONLY="$ALWAYS_DEFINES_JDK_CXXONLY $TOOLCHAIN_CFLAGS_JDK_CXXONLY \ $WARNING_CFLAGS_JDK_CXXONLY ${$2EXTRA_CXXFLAGS}" - $1_CFLAGS_JVM="${$1_DEFINES_CPU_JVM} ${$1_CFLAGS_CPU} ${$1_CFLAGS_CPU_JVM} ${$1_TOOLCHAIN_CFLAGS} ${$1_WARNING_CFLAGS_JVM}" - $1_CFLAGS_JDK="${$1_DEFINES_CPU_JDK} ${$1_CFLAGS_CPU} ${$1_CFLAGS_CPU_JDK} ${$1_TOOLCHAIN_CFLAGS}" + # The jdk libraries always use the speculative calls mitigations, while it's + # optional for the JVM. + $1_CFLAGS_JVM="${$1_DEFINES_CPU_JVM} ${$1_CFLAGS_CPU} ${$1_CFLAGS_CPU_JVM} \ + ${$1_TOOLCHAIN_CFLAGS} ${$1_WARNING_CFLAGS_JVM}" + $1_CFLAGS_JDK="${$1_DEFINES_CPU_JDK} ${$1_CFLAGS_CPU} ${$1_CFLAGS_CPU_JDK} \ + ${$1_TOOLCHAIN_CFLAGS} ${$2NO_SPECULATIVE_CTI_CFLAGS}" $2JVM_CFLAGS="$CFLAGS_JVM_COMMON ${$1_CFLAGS_JVM} ${$2EXTRA_CXXFLAGS}" @@ -797,6 +828,7 @@ AC_SUBST($2CFLAGS_JDKEXE) AC_SUBST($2CXXFLAGS_JDKLIB) AC_SUBST($2CXXFLAGS_JDKEXE) + AC_SUBST($2NO_SPECULATIVE_CTI_CFLAGS) ]) # FLAGS_SETUP_GCC6_COMPILER_FLAGS([PREFIX]) --- old/make/autoconf/hotspot.m4 2018-06-11 13:06:30.415003446 -0700 +++ new/make/autoconf/hotspot.m4 2018-06-11 13:06:30.199003454 -0700 @@ -26,13 +26,13 @@ # All valid JVM features, regardless of platform VALID_JVM_FEATURES="compiler1 compiler2 zero minimal dtrace jvmti jvmci \ graal vm-structs jni-check services management cmsgc g1gc parallelgc serialgc nmt cds \ - static-build link-time-opt aot jfr" + static-build link-time-opt aot jfr no-speculative-cti" # Deprecated JVM features (these are ignored, but with a warning) DEPRECATED_JVM_FEATURES="trace" # All valid JVM variants -VALID_JVM_VARIANTS="server client minimal core zero custom" +VALID_JVM_VARIANTS="server client minimal hardened core zero custom" ############################################################################### # Check if the specified JVM variant should be built. To be used in shell if @@ -61,6 +61,7 @@ ############################################################################### # Check which variants of the JVM that we want to build. Available variants are: # server: normal interpreter, and a tiered C1/C2 compiler +# hardened: same as server but compiled with speculative calls disabled # client: normal interpreter, and C1 (no C2 compiler) # minimal: reduced form of client with optional features stripped out # core: normal interpreter only, no compiler @@ -70,7 +71,7 @@ AC_DEFUN_ONCE([HOTSPOT_SETUP_JVM_VARIANTS], [ AC_ARG_WITH([jvm-variants], [AS_HELP_STRING([--with-jvm-variants], - [JVM variants (separated by commas) to build (server,client,minimal,core,zero,custom) @<:@server@:>@])]) + [JVM variants (separated by commas) to build (server,hardened,client,minimal,core,zero,custom) @<:@server@:>@])]) SETUP_HOTSPOT_TARGET_CPU_PORT @@ -104,7 +105,7 @@ fi # All "special" variants share the same output directory ("server") - VALID_MULTIPLE_JVM_VARIANTS="server client minimal" + VALID_MULTIPLE_JVM_VARIANTS="server client minimal hardened" BASIC_GET_NON_MATCHING_VALUES(INVALID_MULTIPLE_VARIANTS, $JVM_VARIANTS, $VALID_MULTIPLE_JVM_VARIANTS) if test "x$INVALID_MULTIPLE_VARIANTS" != x && test "x$BUILDING_MULTIPLE_JVM_VARIANTS" = xtrue; then AC_MSG_ERROR([You cannot build multiple variants with anything else than $VALID_MULTIPLE_JVM_VARIANTS.]) @@ -113,7 +114,7 @@ # The "main" variant is the one used by other libs to link against during the # build. if test "x$BUILDING_MULTIPLE_JVM_VARIANTS" = "xtrue"; then - MAIN_VARIANT_PRIO_ORDER="server client minimal" + MAIN_VARIANT_PRIO_ORDER="server client minimal hardened" for variant in $MAIN_VARIANT_PRIO_ORDER; do if HOTSPOT_CHECK_JVM_VARIANT($variant); then JVM_VARIANT_MAIN="$variant" @@ -127,6 +128,7 @@ AC_SUBST(JVM_VARIANTS) AC_SUBST(VALID_JVM_VARIANTS) AC_SUBST(JVM_VARIANT_MAIN) + AC_SUBST(VALID_MULTIPLE_JVM_VARIANTS) if HOTSPOT_CHECK_JVM_VARIANT(zero); then # zero behaves as a platform and rewrites these values. This is really weird. :( @@ -409,6 +411,8 @@ JVM_FEATURES_link_time_opt="" fi + JVM_FEATURES_HARDENED="no-speculative-cti" + # All variants but minimal (and custom) get these features NON_MINIMAL_FEATURES="$NON_MINIMAL_FEATURES cmsgc g1gc parallelgc serialgc jni-check jvmti management nmt services vm-structs" if test "x$ENABLE_CDS" = "xtrue"; then @@ -416,7 +420,9 @@ fi # Enable features depending on variant. - JVM_FEATURES_server="compiler1 compiler2 $NON_MINIMAL_FEATURES $JVM_FEATURES $JVM_FEATURES_jvmci $JVM_FEATURES_aot $JVM_FEATURES_graal" + JVM_FEATURES_server="compiler1 compiler2 $NON_MINIMAL_FEATURES $JVM_FEATURES \ + $JVM_FEATURES_jvmci $JVM_FEATURES_aot $JVM_FEATURES_graal" + JVM_FEATURES_hardened="$JVM_FEATURES_HARDENED" JVM_FEATURES_client="compiler1 $NON_MINIMAL_FEATURES $JVM_FEATURES $JVM_FEATURES_jvmci" JVM_FEATURES_core="$NON_MINIMAL_FEATURES $JVM_FEATURES" JVM_FEATURES_minimal="compiler1 minimal serialgc $JVM_FEATURES $JVM_FEATURES_link_time_opt" @@ -424,12 +430,15 @@ JVM_FEATURES_custom="$JVM_FEATURES" AC_SUBST(JVM_FEATURES_server) + AC_SUBST(JVM_FEATURES_hardened) AC_SUBST(JVM_FEATURES_client) AC_SUBST(JVM_FEATURES_core) AC_SUBST(JVM_FEATURES_minimal) AC_SUBST(JVM_FEATURES_zero) AC_SUBST(JVM_FEATURES_custom) + AC_SUBST(JVM_FEATURES_HARDENED) + # Used for verification of Makefiles by check-jvm-feature AC_SUBST(VALID_JVM_FEATURES) @@ -442,6 +451,18 @@ # AC_DEFUN_ONCE([HOTSPOT_FINALIZE_JVM_FEATURES], [ + # The hardened variant should have all the features of server. Add them here + # to catch any custom additions automatically. + JVM_FEATURES_hardened="$JVM_FEATURES_hardened $JVM_FEATURES_server" + + # Fail fast if either of JVM variant hardened or JVM_FEATURES_HARDENED are + # requested but the required flags are not available + if HOTSPOT_CHECK_JVM_VARIANT([hardened]) || HOTSPOT_CHECK_JVM_FEATURE([no-speculative-cti]); then + if test -z "$NO_SPECULATIVE_CTI_CFLAGS"; then + AC_MSG_ERROR([Speculative calls mitigation flags not availble]) + fi + fi + for variant in $JVM_VARIANTS; do AC_MSG_CHECKING([JVM features for JVM variant '$variant']) features_var_name=JVM_FEATURES_$variant --- old/make/autoconf/spec.gmk.in 2018-06-11 13:06:31.087003423 -0700 +++ new/make/autoconf/spec.gmk.in 2018-06-11 13:06:30.863003431 -0700 @@ -259,6 +259,7 @@ # Lists of features per variant. Only relevant for the variants listed in # JVM_VARIANTS. JVM_FEATURES_server := @JVM_FEATURES_server@ +JVM_FEATURES_hardened := @JVM_FEATURES_hardened@ JVM_FEATURES_client := @JVM_FEATURES_client@ JVM_FEATURES_core := @JVM_FEATURES_core@ JVM_FEATURES_minimal := @JVM_FEATURES_minimal@ @@ -268,6 +269,7 @@ # Used for make-time verifications VALID_JVM_FEATURES := @VALID_JVM_FEATURES@ VALID_JVM_VARIANTS := @VALID_JVM_VARIANTS@ +VALID_MULTIPLE_JVM_VARIANTS := @VALID_MULTIPLE_JVM_VARIANTS@ # Control wether Hotspot builds gtest tests BUILD_GTEST := @BUILD_GTEST@ @@ -428,6 +430,8 @@ # Tools that potentially need to be cross compilation aware. CC:=@FIXPATH@ @CCACHE@ @ICECC@ @CC@ +NO_SPECULATIVE_CTI_CFLAGS := @NO_SPECULATIVE_CTI_CFLAGS@ + # CFLAGS used to compile the jdk native libraries (C-code) CFLAGS_JDKLIB:=@CFLAGS_JDKLIB@ CXXFLAGS_JDKLIB:=@CXXFLAGS_JDKLIB@ --- old/make/conf/jib-profiles.js 2018-06-11 13:06:31.771003399 -0700 +++ new/make/conf/jib-profiles.js 2018-06-11 13:06:31.547003407 -0700 @@ -415,7 +415,8 @@ target_cpu: "x64", dependencies: ["devkit", "autoconf", "graphviz", "pandoc"], configure_args: concat(common.configure_args_64bit, - "--enable-full-docs", "--with-zlib=system"), + "--enable-full-docs", "--with-zlib=system", + "--with-jvm-variants=server,hardened"), default_make_targets: ["docs-bundles"], }, @@ -456,7 +457,8 @@ target_os: "windows", target_cpu: "x64", dependencies: ["devkit", "autoconf"], - configure_args: concat(common.configure_args_64bit), + configure_args: concat(common.configure_args_64bit, + "--with-jvm-variants=server,hardened"), }, "windows-x86": { --- old/make/copy/Copy-java.base.gmk 2018-06-11 13:06:32.451003375 -0700 +++ new/make/copy/Copy-java.base.gmk 2018-06-11 13:06:32.227003383 -0700 @@ -86,11 +86,10 @@ endif DEFAULT_CFG_VARIANT ?= server -# Any variant other than server, client or minimal is represented as server in -# the cfg file. -VALID_CFG_VARIANTS := server client minimal -CFG_VARIANTS := $(filter $(VALID_CFG_VARIANTS), $(JVM_VARIANTS)) \ - $(if $(filter-out $(VALID_CFG_VARIANTS), $(JVM_VARIANTS)), server) +# Any variant other than the valid multiple jvm variants is represented as +# server in the cfg file. +CFG_VARIANTS := $(filter $(VALID_MULTIPLE_JVM_VARIANTS), $(JVM_VARIANTS)) \ + $(if $(filter-out $(VALID_MULTIPLE_JVM_VARIANTS), $(JVM_VARIANTS)), server) # Change the order to put the default variant first if present. ORDERED_CFG_VARIANTS := \ --- old/make/hotspot/HotspotCommon.gmk 2018-06-11 13:06:33.119003352 -0700 +++ new/make/hotspot/HotspotCommon.gmk 2018-06-11 13:06:32.903003360 -0700 @@ -34,7 +34,7 @@ DTRACE_SUPPORT_DIR := $(JVM_SUPPORT_DIR)/dtrace LIB_OUTPUTDIR := $(call FindLibDirForModule, java.base) -ifneq ($(filter client minimal, $(JVM_VARIANT)), ) +ifneq ($(filter $(VALID_MULTIPLE_JVM_VARIANTS), $(JVM_VARIANT)), ) JVM_VARIANT_SUBDIR := $(JVM_VARIANT) else # Use 'server' as default target directory name for all other variants. --- old/make/hotspot/gensrc/GensrcJfr.gmk 2018-06-11 13:06:33.787003329 -0700 +++ new/make/hotspot/gensrc/GensrcJfr.gmk 2018-06-11 13:06:33.567003337 -0700 @@ -27,7 +27,7 @@ # Build tools needed for the JFR source code generation JFR_TOOLS_SRCDIR := $(TOPDIR)/make/src/classes -JFR_TOOLS_OUTPUTDIR := $(OUTPUTDIR)/buildtools/tools_classes +JFR_TOOLS_OUTPUTDIR := $(JVM_VARIANT_OUTPUTDIR)/tools/jfr $(eval $(call SetupJavaCompiler, GENERATE_JFRBYTECODE, \ JAVAC := $(JAVAC), \ @@ -41,6 +41,7 @@ SETUP := GENERATE_JFRBYTECODE, \ SRC := $(JFR_TOOLS_SRCDIR), \ BIN := $(JFR_TOOLS_OUTPUTDIR), \ + INCLUDES := build/tools/jfr, \ )) TARGETS += $(BUILD_JFR_TOOLS) --- old/make/hotspot/lib/JvmFeatures.gmk 2018-06-11 13:06:34.455003306 -0700 +++ new/make/hotspot/lib/JvmFeatures.gmk 2018-06-11 13:06:34.239003313 -0700 @@ -160,6 +160,10 @@ JVM_EXCLUDE_PATTERNS += jfr endif +ifeq ($(call check-jvm-feature, no-speculative-cti), true) + JVM_CFLAGS_FEATURES += $(NO_SPECULATIVE_CTI_CFLAGS) -DNO_SPECULATIVE_CTI=0 +endif + ################################################################################ ifeq ($(call check-jvm-feature, link-time-opt), true)