diff --git a/docs/reference-manual/native-image/JCASecurityServices.md b/docs/reference-manual/native-image/JCASecurityServices.md index 15e25c1df7b4..ceec16b5d860 100644 --- a/docs/reference-manual/native-image/JCASecurityServices.md +++ b/docs/reference-manual/native-image/JCASecurityServices.md @@ -38,18 +38,17 @@ The report will detail all registered service classes, the API methods that trig ## Provider Initialization -Currently security providers are initialized at build time. -To move their initialization to run time, use the option `--future-defaults=all` or `--future-defaults=run-time-initialized-jdk`. -Provider verification will still occur at build time. +Currently, security providers are initialized at build time. +To move their initialization to run time, use the option `--future-defaults=run-time-initialize-security-providers`, `--future-defaults=all`, or `--future-defaults=run-time-initialize-jdk`. +Provider verification will still occur at build time. Run-time initialization of security providers helps reduce image heap size. -To move their initialization to run time, you can use the flag `--future-defaults=all` or `--future-defaults=run-time-initialized-jdk`. ## Provider Registration The `native-image` builder captures the list of providers and their preference order from the underlying JVM. The provider order is specified in the `java.security` file under `/conf/security/java.security`. New security providers cannot be registered at run time by default (see the section above); all providers must be statically configured at executable build time. -If the user specifies `--future-defaults=all` or `--future-defaults=run-time-initialized-jdk` to move providers initialization to run time, then a specific properties file can be used via the command line option `-Djava.security.properties=`. +If the user specifies `--future-defaults=run-time-initialize-security-providers`, `--future-defaults=all`, or `--future-defaults=run-time-initialize-jdk` to move providers initialization to run time, then a specific properties file can be used via the command line option `-Djava.security.properties=`. ## Providers Reordering at Run Time @@ -61,7 +60,7 @@ Security.removeProvider("BC"); Security.insertProviderAt(bcProvider, 1); ``` -If `--future-defaults=all` or `--future-defaults=run-time-initialized-jdk` is enabled, the list of providers is constructed at run time. +If `--future-defaults=all` or `--future-defaults=run-time-initialize-jdk` is enabled, the list of providers is constructed at run time. The same approach to manipulating providers can then be used. ## SecureRandom diff --git a/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/FutureDefaultsOptions.java b/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/FutureDefaultsOptions.java index 89f9a4a331a4..bb837b90c1b4 100644 --- a/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/FutureDefaultsOptions.java +++ b/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/FutureDefaultsOptions.java @@ -26,6 +26,7 @@ import java.util.Collections; import java.util.LinkedHashSet; +import java.util.List; import java.util.Objects; import java.util.Set; @@ -54,26 +55,36 @@ * rolled back. The changes must be aligning native image with the Java spec and must be thoroughly * reviewed. *

- * Note 2: future defaults can not be simply removed as user code can depend on the system property + * Note 2: future defaults can depend on each other. For example, if some functionality depends on + * run-time-security-providers it can enable it similarly to all that + * enables all future defaults. + *

+ * Note 3: future defaults can not be simply removed as user code can depend on the system property * values that are set by the option. When removing a future-default option, one has to leave the * system property both a build time and at run time set to true. */ public class FutureDefaultsOptions { private static final String OPTION_NAME = "future-defaults"; - private static final String DEFAULT_NAME = ""; private static final String ALL_NAME = "all"; + private static final String RUN_TIME_INITIALIZE_JDK = "run-time-initialize-jdk"; private static final String NONE_NAME = "none"; - private static final String RUN_TIME_INITIALIZE_JDK_NAME = "run-time-initialized-jdk"; - private static final String TREAT_NAME_AS_TYPE_NAME = "treat-name-as-type"; - - public static final String RUN_TIME_INITIALIZE_JDK_REASON = "Initialize JDK classes at run time (--" + OPTION_NAME + " includes " + RUN_TIME_INITIALIZE_JDK_NAME + ")"; - + /** + * Macro commands: They enable or disable other defaults, but they are not future defaults + * themselves. + */ + private static final Set ALL_COMMANDS = Set.of(ALL_NAME, RUN_TIME_INITIALIZE_JDK, NONE_NAME); + + private static final String RUN_TIME_INITIALIZE_SECURITY_PROVIDERS = "run-time-initialize-security-providers"; + private static final String RUN_TIME_INITIALIZE_FILE_SYSTEM_PROVIDERS = "run-time-initialize-file-system-providers"; + private static final String COMPLETE_REFLECTION_TYPES = "complete-reflection-types"; + private static final Set ALL_FUTURE_DEFAULTS = Set.of(RUN_TIME_INITIALIZE_FILE_SYSTEM_PROVIDERS, RUN_TIME_INITIALIZE_SECURITY_PROVIDERS, COMPLETE_REFLECTION_TYPES); + + public static final String RUN_TIME_INITIALIZE_FILE_SYSTEM_PROVIDERS_REASON = "Initialize JDK classes at run time (--" + OPTION_NAME + " includes " + RUN_TIME_INITIALIZE_SECURITY_PROVIDERS + ")"; + public static final String RUN_TIME_INITIALIZE_SECURITY_PROVIDERS_REASON = "Initialize JDK classes at run time (--" + OPTION_NAME + " includes " + RUN_TIME_INITIALIZE_FILE_SYSTEM_PROVIDERS + ")"; + private static final String DEFAULT_NAME = ""; public static final String SYSTEM_PROPERTY_PREFIX = ImageInfo.PROPERTY_NATIVE_IMAGE_PREFIX + OPTION_NAME + "."; - private static final Set ALL_FUTURE_DEFAULTS = Set.of(RUN_TIME_INITIALIZE_JDK_NAME, TREAT_NAME_AS_TYPE_NAME); - private static final Set ALL_COMMANDS = Set.of(ALL_NAME, NONE_NAME); - private static String futureDefaultsAllValues() { return StringUtil.joinSingleQuoted(getAllValues()); } @@ -128,6 +139,8 @@ public static void parseAndVerifyOptions() { if (value.equals(ALL_NAME)) { futureDefaults.addAll(ALL_FUTURE_DEFAULTS); + } else if (value.equals(RUN_TIME_INITIALIZE_JDK)) { + futureDefaults.addAll(List.of(RUN_TIME_INITIALIZE_SECURITY_PROVIDERS, RUN_TIME_INITIALIZE_FILE_SYSTEM_PROVIDERS)); } else { futureDefaults.add(value); } @@ -143,15 +156,31 @@ public static Set getFutureDefaults() { return Collections.unmodifiableSet(Objects.requireNonNull(futureDefaults, "must be initialized before usage")); } + /** + * @see FutureDefaultsOptions#FutureDefaults + */ public static boolean allFutureDefaults() { return getFutureDefaults().containsAll(ALL_FUTURE_DEFAULTS); } - public static boolean isJDKInitializedAtRunTime() { - return getFutureDefaults().contains(RUN_TIME_INITIALIZE_JDK_NAME); + /** + * @see FutureDefaultsOptions#FutureDefaults + */ + public static boolean completeReflectionTypes() { + return getFutureDefaults().contains(COMPLETE_REFLECTION_TYPES); + } + + /** + * @see FutureDefaultsOptions#FutureDefaults + */ + public static boolean securityProvidersInitializedAtRunTime() { + return getFutureDefaults().contains(RUN_TIME_INITIALIZE_SECURITY_PROVIDERS); } - public static boolean treatNameAsType() { - return getFutureDefaults().contains(TREAT_NAME_AS_TYPE_NAME); + /** + * @see FutureDefaultsOptions#FutureDefaults + */ + public static boolean fileSystemProvidersInitializedAtRunTime() { + return getFutureDefaults().contains(RUN_TIME_INITIALIZE_FILE_SYSTEM_PROVIDERS); } } diff --git a/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/configure/ConfigurationFiles.java b/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/configure/ConfigurationFiles.java index 3e3b7d22e50e..e6d1d71c5ce2 100644 --- a/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/configure/ConfigurationFiles.java +++ b/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/configure/ConfigurationFiles.java @@ -181,7 +181,7 @@ public static EnumSet getConfigurationParserOptions() if (TreatAllTypeReachableConditionsAsTypeReached.getValue()) { result.add(ConfigurationParserOption.TREAT_ALL_TYPE_REACHABLE_CONDITIONS_AS_TYPE_REACHED); } - if (TreatAllNameEntriesAsType.getValue() || FutureDefaultsOptions.treatNameAsType()) { + if (TreatAllNameEntriesAsType.getValue() || FutureDefaultsOptions.completeReflectionTypes()) { result.add(ConfigurationParserOption.TREAT_ALL_NAME_ENTRIES_AS_TYPE); } return result; diff --git a/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/doc-files/FutureDefaultsHelp.txt b/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/doc-files/FutureDefaultsHelp.txt index 78be53890673..ab58395f0d5c 100644 --- a/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/doc-files/FutureDefaultsHelp.txt +++ b/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/doc-files/FutureDefaultsHelp.txt @@ -1,6 +1,8 @@ -Enable options that are planned to become defaults in future releases. Comma-separated list can contain 'all', 'run-time-initialized-jdk', 'none'. +Enable options that are planned to become defaults in future releases. Comma-separated list can contain 'all', 'treat-name-as-type', 'run-time-initialize-security-providers', 'run-time-initialize-file-system-providers', and 'none'. The preferred way to use this option is '--future-defaults=all'. The meaning of each possible option is as follows: 1. 'all' is the preferred option, and it enables all other behaviors. - 2. 'run-time-initialized-jdk' shifts away from build-time initialization of the JDK, instead initializing most of it at run time. This transition is gradual, with individual components of the JDK becoming run-time initialized in each release. This process should complete with JDK 29 when this option should not be needed anymore. Unless you store classes from the JDK in the image heap, this option should not affect you. In case this option breaks your build, follow the suggestions in the error messages. - 3. 'none' forcefully disables all enabled options. This can be used only on the command line to override choices taken by inaccessible parts of the build process. \ No newline at end of file + 2. 'complete-reflection-types' reflective registration of a type, via metadata files or the Feature API, always includes all type metadata. Now, all registered types behave the same as types defined in 'reachability-metadata.json'. + 3. 'run-time-initialize-security-providers' shifts away from build-time initialization for 'java.security.Provider'. Unless you store 'java.security.Provider'-related classes in the image heap, this option should not affect you. In case this option breaks your build, follow the suggestions in the error messages. + 4. 'run-time-initialize-file-system-providers' shifts away from build-time initialization for 'java.nio.file.spi.FileSystemProvider'. Unless you store 'FileSystemProvider'-related classes in the image heap, this option should not affect you. In case this option breaks your build, follow the suggestions in the error messages. + 5. 'none' forcefully disables all enabled options. This can be used only on the command line to override choices taken by inaccessible parts of the build process. \ No newline at end of file diff --git a/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/FileSystemProviderSupport.java b/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/FileSystemProviderSupport.java index b3b50c9868b3..b8cb0679e815 100644 --- a/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/FileSystemProviderSupport.java +++ b/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/FileSystemProviderSupport.java @@ -44,7 +44,7 @@ public final class FileSystemProviderSupport { @Platforms(Platform.HOSTED_ONLY.class) public static void register(FileSystemProvider provider) { - VMError.guarantee(!FutureDefaultsOptions.isJDKInitializedAtRunTime(), "No need to register FileSystemProvider if the JDK is initialized at run time."); + VMError.guarantee(!FutureDefaultsOptions.fileSystemProvidersInitializedAtRunTime(), "No need to register FileSystemProvider if the JDK is initialized at run time."); FileSystemProviderBuildTimeInitSupport.register(provider); } diff --git a/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/FileSystemProvidersInitializedAtBuildTime.java b/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/FileSystemProvidersInitializedAtBuildTime.java new file mode 100644 index 000000000000..c9ec5e2f4bc4 --- /dev/null +++ b/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/FileSystemProvidersInitializedAtBuildTime.java @@ -0,0 +1,36 @@ +/* + * Copyright (c) 2025, 2025, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. Oracle designates this + * particular file as subject to the "Classpath" exception as provided + * by Oracle in the LICENSE file that accompanied this code. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ +package com.oracle.svm.core.jdk; + +import java.util.function.BooleanSupplier; + +import com.oracle.svm.core.FutureDefaultsOptions; + +public class FileSystemProvidersInitializedAtBuildTime implements BooleanSupplier { + @Override + public boolean getAsBoolean() { + return !FutureDefaultsOptions.fileSystemProvidersInitializedAtRunTime(); + } +} diff --git a/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/FileSystemProvidersInitializedAtRunTime.java b/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/FileSystemProvidersInitializedAtRunTime.java new file mode 100644 index 000000000000..7d670119eeb8 --- /dev/null +++ b/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/FileSystemProvidersInitializedAtRunTime.java @@ -0,0 +1,36 @@ +/* + * Copyright (c) 2025, 2025, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. Oracle designates this + * particular file as subject to the "Classpath" exception as provided + * by Oracle in the LICENSE file that accompanied this code. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ +package com.oracle.svm.core.jdk; + +import java.util.function.BooleanSupplier; + +import com.oracle.svm.core.FutureDefaultsOptions; + +public class FileSystemProvidersInitializedAtRunTime implements BooleanSupplier { + @Override + public boolean getAsBoolean() { + return FutureDefaultsOptions.fileSystemProvidersInitializedAtRunTime(); + } +} diff --git a/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/JDKInitializedAtRunTime.java b/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/SecurityProvidersInitializedAtBuildTime.java similarity index 89% rename from substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/JDKInitializedAtRunTime.java rename to substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/SecurityProvidersInitializedAtBuildTime.java index 58cd8f77d6a9..acbff569d90d 100644 --- a/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/JDKInitializedAtRunTime.java +++ b/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/SecurityProvidersInitializedAtBuildTime.java @@ -28,9 +28,9 @@ import com.oracle.svm.core.FutureDefaultsOptions; -public class JDKInitializedAtRunTime implements BooleanSupplier { +public class SecurityProvidersInitializedAtBuildTime implements BooleanSupplier { @Override public boolean getAsBoolean() { - return FutureDefaultsOptions.isJDKInitializedAtRunTime(); + return !FutureDefaultsOptions.securityProvidersInitializedAtRunTime(); } } diff --git a/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/JDKInitializedAtBuildTime.java b/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/SecurityProvidersInitializedAtRunTime.java similarity index 89% rename from substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/JDKInitializedAtBuildTime.java rename to substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/SecurityProvidersInitializedAtRunTime.java index 5633833cbfcd..750914958cc9 100644 --- a/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/JDKInitializedAtBuildTime.java +++ b/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/SecurityProvidersInitializedAtRunTime.java @@ -28,9 +28,9 @@ import com.oracle.svm.core.FutureDefaultsOptions; -public class JDKInitializedAtBuildTime implements BooleanSupplier { +public class SecurityProvidersInitializedAtRunTime implements BooleanSupplier { @Override public boolean getAsBoolean() { - return !FutureDefaultsOptions.isJDKInitializedAtRunTime(); + return FutureDefaultsOptions.securityProvidersInitializedAtRunTime(); } } diff --git a/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/SecuritySubstitutions.java b/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/SecuritySubstitutions.java index 37ebfebb8eb6..6d651c2a76b3 100644 --- a/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/SecuritySubstitutions.java +++ b/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/SecuritySubstitutions.java @@ -250,7 +250,7 @@ private static void setJavaHome(String newJavaHome) { * properly signed and can be used by JCE. It does that via jar verification which we cannot * support. */ -@TargetClass(className = "javax.crypto.JceSecurity", onlyWith = JDKInitializedAtBuildTime.class) +@TargetClass(className = "javax.crypto.JceSecurity", onlyWith = SecurityProvidersInitializedAtBuildTime.class) @BasedOnJDKFile("https://github.com/openjdk/jdk/blob/jdk-24+27/src/java.base/share/classes/javax/crypto/JceSecurity.java.template") @SuppressWarnings({"unused"}) final class Target_javax_crypto_JceSecurity { @@ -303,7 +303,7 @@ static Exception getVerificationResult(Provider p) { } } -@TargetClass(className = "javax.crypto.JceSecurity", innerClass = "WeakIdentityWrapper", onlyWith = JDKInitializedAtBuildTime.class) +@TargetClass(className = "javax.crypto.JceSecurity", innerClass = "WeakIdentityWrapper", onlyWith = SecurityProvidersInitializedAtBuildTime.class) @SuppressWarnings({"unused"}) final class Target_javax_crypto_JceSecurity_WeakIdentityWrapper { @@ -377,7 +377,7 @@ public boolean implies(ProtectionDomain domain, Permission permission) { } } -@TargetClass(className = "sun.security.jca.ProviderConfig", onlyWith = JDKInitializedAtBuildTime.class) +@TargetClass(className = "sun.security.jca.ProviderConfig", onlyWith = SecurityProvidersInitializedAtBuildTime.class) @SuppressWarnings({"unused", "static-method"}) final class Target_sun_security_jca_ProviderConfig { diff --git a/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/Target_sun_security_ssl_TrustStoreManager.java b/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/Target_sun_security_ssl_TrustStoreManager.java index 898c1e2efc38..31bf6d650756 100644 --- a/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/Target_sun_security_ssl_TrustStoreManager.java +++ b/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/Target_sun_security_ssl_TrustStoreManager.java @@ -90,7 +90,7 @@ public void afterRegistration(AfterRegistrationAccess access) { */ RuntimeClassInitializationSupport rci = ImageSingletons.lookup(RuntimeClassInitializationSupport.class); rci.initializeAtBuildTime("sun.security.util.UntrustedCertificates", "Required for TrustStoreManager"); - if (!FutureDefaultsOptions.isJDKInitializedAtRunTime()) { + if (!FutureDefaultsOptions.securityProvidersInitializedAtRunTime()) { /* * All security providers must be registered (and initialized) at buildtime (see * SecuritySubstitutions.java). XMLDSigRI is used for validating XML Signatures from diff --git a/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/buildtimeinit/FileSystemProviderBuildTimeInitSupport.java b/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/buildtimeinit/FileSystemProviderBuildTimeInitSupport.java index 802ed6788534..976ca0f7e5a1 100644 --- a/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/buildtimeinit/FileSystemProviderBuildTimeInitSupport.java +++ b/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/buildtimeinit/FileSystemProviderBuildTimeInitSupport.java @@ -47,7 +47,7 @@ import com.oracle.svm.core.annotate.TargetElement; import com.oracle.svm.core.feature.AutomaticallyRegisteredFeature; import com.oracle.svm.core.feature.InternalFeature; -import com.oracle.svm.core.jdk.JDKInitializedAtBuildTime; +import com.oracle.svm.core.jdk.FileSystemProvidersInitializedAtBuildTime; import com.oracle.svm.core.jdk.JRTSupport; import com.oracle.svm.core.jdk.SystemPropertiesSupport; import com.oracle.svm.core.jdk.UserSystemProperty; @@ -61,8 +61,8 @@ /** * This file contains substitutions that are required for initializing {@link FileSystemProvider} at - * image {@linkplain JDKInitializedAtBuildTime build time}. Run-time initialization related - * functionality can be found in {@link FileSystemProviderRunTimeInitSupport}. + * image {@linkplain FileSystemProvidersInitializedAtBuildTime build time}. Run-time initialization + * related functionality can be found in {@link FileSystemProviderRunTimeInitSupport}. */ public final class FileSystemProviderBuildTimeInitSupport { @@ -131,7 +131,7 @@ final class FileSystemProviderBuildTimeInitFeature implements InternalFeature { @Override public boolean isInConfiguration(IsInConfigurationAccess access) { - return !FutureDefaultsOptions.isJDKInitializedAtRunTime(); + return !FutureDefaultsOptions.fileSystemProvidersInitializedAtRunTime(); } @Override @@ -159,7 +159,7 @@ public void afterRegistration(AfterRegistrationAccess access) { } } -@TargetClass(value = java.nio.file.spi.FileSystemProvider.class, onlyWith = JDKInitializedAtBuildTime.class) +@TargetClass(value = java.nio.file.spi.FileSystemProvider.class, onlyWith = FileSystemProvidersInitializedAtBuildTime.class) final class Target_java_nio_file_spi_FileSystemProvider_BuildTime { @Substitute public static List installedProviders() { @@ -189,7 +189,7 @@ public static List installedProviders() { * c) Allow UnixFileSystem in the image heap and recompute state at run time on first acccess. This * approach is implemented here. */ -@TargetClass(className = "sun.nio.fs.UnixFileSystem", onlyWith = JDKInitializedAtBuildTime.class) +@TargetClass(className = "sun.nio.fs.UnixFileSystem", onlyWith = FileSystemProvidersInitializedAtBuildTime.class) @Platforms({Platform.LINUX.class, Platform.DARWIN.class}) final class Target_sun_nio_fs_UnixFileSystem_BuildTime { @@ -242,12 +242,12 @@ final class Target_sun_nio_fs_UnixFileSystem_BuildTime { native void originalConstructor(Target_sun_nio_fs_UnixFileSystemProvider_BuildTime p, String dir); } -@TargetClass(className = "sun.nio.fs.UnixFileSystemProvider", onlyWith = JDKInitializedAtBuildTime.class) +@TargetClass(className = "sun.nio.fs.UnixFileSystemProvider", onlyWith = FileSystemProvidersInitializedAtBuildTime.class) @Platforms({Platform.LINUX.class, Platform.DARWIN.class}) final class Target_sun_nio_fs_UnixFileSystemProvider_BuildTime { } -@TargetClass(className = "sun.nio.fs.UnixPath", onlyWith = JDKInitializedAtBuildTime.class) +@TargetClass(className = "sun.nio.fs.UnixPath", onlyWith = FileSystemProvidersInitializedAtBuildTime.class) @Platforms({Platform.LINUX.class, Platform.DARWIN.class}) final class Target_sun_nio_fs_UnixPath_BuildTime { } @@ -352,7 +352,7 @@ private static synchronized void reinitialize(Target_sun_nio_fs_UnixFileSystem_B * fields so we cannot re-use the substitutions. */ -@TargetClass(className = "sun.nio.fs.WindowsFileSystem", onlyWith = JDKInitializedAtBuildTime.class) +@TargetClass(className = "sun.nio.fs.WindowsFileSystem", onlyWith = FileSystemProvidersInitializedAtBuildTime.class) @Platforms({Platform.WINDOWS.class}) final class Target_sun_nio_fs_WindowsFileSystem_BuildTime { @@ -382,7 +382,7 @@ final class Target_sun_nio_fs_WindowsFileSystem_BuildTime { native void originalConstructor(Target_sun_nio_fs_WindowsFileSystemProvider_BuildTime p, String dir); } -@TargetClass(className = "sun.nio.fs.WindowsFileSystemProvider", onlyWith = JDKInitializedAtBuildTime.class) +@TargetClass(className = "sun.nio.fs.WindowsFileSystemProvider", onlyWith = FileSystemProvidersInitializedAtBuildTime.class) @Platforms({Platform.WINDOWS.class}) final class Target_sun_nio_fs_WindowsFileSystemProvider_BuildTime { } @@ -421,7 +421,7 @@ private static synchronized void reinitialize(Target_sun_nio_fs_WindowsFileSyste } } -@TargetClass(className = "java.io.UnixFileSystem", onlyWith = JDKInitializedAtBuildTime.class) +@TargetClass(className = "java.io.UnixFileSystem", onlyWith = FileSystemProvidersInitializedAtBuildTime.class) @Platforms({Platform.LINUX.class, Platform.DARWIN.class}) final class Target_java_io_UnixFileSystem_BuildTime { @@ -430,7 +430,7 @@ final class Target_java_io_UnixFileSystem_BuildTime { private String userDir; } -@TargetClass(className = "java.io.FileSystem", onlyWith = JDKInitializedAtBuildTime.class) +@TargetClass(className = "java.io.FileSystem", onlyWith = FileSystemProvidersInitializedAtBuildTime.class) final class Target_java_io_FileSystem_BuildTime { @Alias @@ -456,7 +456,7 @@ static void setUserDir(Target_java_io_FileSystem_BuildTime that, String value) { } } -@TargetClass(className = "java.io.WinNTFileSystem", onlyWith = JDKInitializedAtBuildTime.class) +@TargetClass(className = "java.io.WinNTFileSystem", onlyWith = FileSystemProvidersInitializedAtBuildTime.class) @Platforms(Platform.WINDOWS.class) final class Target_java_io_WinNTFileSystem_BuildTime { diff --git a/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/buildtimeinit/package-info.java b/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/buildtimeinit/package-info.java index ad39a4773e8d..22a3b094d1d9 100644 --- a/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/buildtimeinit/package-info.java +++ b/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/buildtimeinit/package-info.java @@ -25,10 +25,8 @@ /** * This package contains "legacy" substitutions and features that are required to support - * initializing certain parts of the JDK at image - * {@linkplain com.oracle.svm.core.jdk.JDKInitializedAtBuildTime build time}. Those parts of the JDK - * are planned to be initialized at {@linkplain com.oracle.svm.core.jdk.JDKInitializedAtRunTime run - * time} in the {@linkplain com.oracle.svm.core.FutureDefaultsOptions future}. Once run time - * initialization is the default, this package will be removed. + * initializing certain parts of the JDK at image build time. Those parts of the JDK are planned to + * be initialized at run time in the {@linkplain com.oracle.svm.core.FutureDefaultsOptions future}. + * Once run time initialization is the default, this package will be removed. */ package com.oracle.svm.core.jdk.buildtimeinit; diff --git a/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/runtimeinit/FileSystemProviderRunTimeInitSupport.java b/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/runtimeinit/FileSystemProviderRunTimeInitSupport.java index 8d93b4814792..af3c0acc4426 100644 --- a/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/runtimeinit/FileSystemProviderRunTimeInitSupport.java +++ b/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/runtimeinit/FileSystemProviderRunTimeInitSupport.java @@ -39,7 +39,7 @@ import com.oracle.svm.core.annotate.TargetClass; import com.oracle.svm.core.feature.AutomaticallyRegisteredFeature; import com.oracle.svm.core.feature.InternalFeature; -import com.oracle.svm.core.jdk.JDKInitializedAtRunTime; +import com.oracle.svm.core.jdk.FileSystemProvidersInitializedAtRunTime; import com.oracle.svm.core.jdk.buildtimeinit.FileSystemProviderBuildTimeInitSupport; import com.oracle.svm.core.jdk.resources.NativeImageResourceFileSystemProvider; import com.oracle.svm.core.util.BasedOnJDKFile; @@ -48,8 +48,8 @@ /** * This file contains substitutions that are required for initializing {@link FileSystemProvider} at - * image {@linkplain JDKInitializedAtRunTime run time}. Build-time initialization related - * functionality can be found in {@link FileSystemProviderBuildTimeInitSupport}. + * image {@linkplain FileSystemProvidersInitializedAtRunTime run time}. Build-time initialization + * related functionality can be found in {@link FileSystemProviderBuildTimeInitSupport}. */ public final class FileSystemProviderRunTimeInitSupport { } @@ -59,12 +59,12 @@ final class FileSystemProviderRunTimeInitFeature implements InternalFeature { @Override public boolean isInConfiguration(IsInConfigurationAccess access) { - return FutureDefaultsOptions.isJDKInitializedAtRunTime(); + return FutureDefaultsOptions.fileSystemProvidersInitializedAtRunTime(); } @Override public void beforeAnalysis(BeforeAnalysisAccess access) { - if (FutureDefaultsOptions.isJDKInitializedAtRunTime()) { + if (FutureDefaultsOptions.fileSystemProvidersInitializedAtRunTime()) { /* * Explicitly register NativeImageResourceFileSystemProvider for reflective * instantiation. Normally, the ServiceLoaderFeature does this as well, but in case it @@ -79,11 +79,11 @@ public void beforeAnalysis(BeforeAnalysisAccess access) { // java.io -@TargetClass(className = "java.io.FileSystem", onlyWith = JDKInitializedAtRunTime.class) +@TargetClass(className = "java.io.FileSystem", onlyWith = FileSystemProvidersInitializedAtRunTime.class) final class Target_java_io_FileSystem_RunTime { } -@TargetClass(className = "java.io.File", onlyWith = JDKInitializedAtRunTime.class) +@TargetClass(className = "java.io.File", onlyWith = FileSystemProvidersInitializedAtRunTime.class) @SuppressWarnings("unused") final class Target_java_io_File_RunTime { @Alias // @@ -91,7 +91,7 @@ final class Target_java_io_File_RunTime { private static Target_java_io_FileSystem_RunTime FS; } -@TargetClass(className = "java.io.DefaultFileSystem", onlyWith = JDKInitializedAtRunTime.class) +@TargetClass(className = "java.io.DefaultFileSystem", onlyWith = FileSystemProvidersInitializedAtRunTime.class) final class Target_java_io_DefaultFileSystem_RunTime { @Alias static native Target_java_io_FileSystem_RunTime getFileSystem(); @@ -135,18 +135,18 @@ static Target_java_io_FileSystem_RunTime get() { // sun.nio.fs -@TargetClass(className = "sun.nio.fs.DefaultFileSystemProvider", onlyWith = JDKInitializedAtRunTime.class) +@TargetClass(className = "sun.nio.fs.DefaultFileSystemProvider", onlyWith = FileSystemProvidersInitializedAtRunTime.class) final class Target_sun_nio_fs_DefaultFileSystemProvider_RunTime { @Alias static native FileSystem theFileSystem(); } -@TargetClass(className = "sun.nio.fs.UnixFileSystem", onlyWith = JDKInitializedAtRunTime.class) +@TargetClass(className = "sun.nio.fs.UnixFileSystem", onlyWith = FileSystemProvidersInitializedAtRunTime.class) @Platforms({Platform.LINUX.class, Platform.DARWIN.class}) final class Target_sun_nio_fs_UnixFileSystem_RunTime { } -@TargetClass(className = "sun.nio.fs.UnixPath", onlyWith = JDKInitializedAtRunTime.class) +@TargetClass(className = "sun.nio.fs.UnixPath", onlyWith = FileSystemProvidersInitializedAtRunTime.class) @Platforms({Platform.LINUX.class, Platform.DARWIN.class}) final class Target_sun_nio_fs_UnixPath_RunTime { @Alias // @@ -170,12 +170,12 @@ static void set(Target_sun_nio_fs_UnixPath_RunTime that, Target_sun_nio_fs_UnixF } } -@TargetClass(className = "sun.nio.fs.WindowsFileSystem", onlyWith = JDKInitializedAtRunTime.class) +@TargetClass(className = "sun.nio.fs.WindowsFileSystem", onlyWith = FileSystemProvidersInitializedAtRunTime.class) @Platforms(Platform.WINDOWS.class) final class Target_sun_nio_fs_WindowsFileSystem_RunTime { } -@TargetClass(className = "sun.nio.fs.WindowsPath", onlyWith = JDKInitializedAtRunTime.class) +@TargetClass(className = "sun.nio.fs.WindowsPath", onlyWith = FileSystemProvidersInitializedAtRunTime.class) @Platforms(Platform.WINDOWS.class) final class Target_sun_nio_fs_WindowsPath_RunTime { @Alias // diff --git a/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/runtimeinit/SecuritySubstitutionRuntimeInit.java b/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/runtimeinit/SecuritySubstitutionRuntimeInit.java index 5565d80d5716..e978b7f307c2 100644 --- a/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/runtimeinit/SecuritySubstitutionRuntimeInit.java +++ b/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/jdk/runtimeinit/SecuritySubstitutionRuntimeInit.java @@ -35,20 +35,20 @@ import com.oracle.svm.core.annotate.RecomputeFieldValue; import com.oracle.svm.core.annotate.Substitute; import com.oracle.svm.core.annotate.TargetClass; -import com.oracle.svm.core.jdk.JDKInitializedAtRunTime; +import com.oracle.svm.core.jdk.SecurityProvidersInitializedAtRunTime; import com.oracle.svm.core.jdk.SecurityProvidersSupport; import com.oracle.svm.core.util.BasedOnJDKFile; import jdk.graal.compiler.core.common.SuppressFBWarnings; -@TargetClass(value = java.security.Security.class, onlyWith = JDKInitializedAtRunTime.class) +@TargetClass(value = java.security.Security.class, onlyWith = SecurityProvidersInitializedAtRunTime.class) final class Target_java_security_Security { @Alias // @RecomputeFieldValue(kind = RecomputeFieldValue.Kind.FromAlias) // static Properties props; } -@TargetClass(value = java.security.Security.class, innerClass = "SecPropLoader", onlyWith = JDKInitializedAtRunTime.class) +@TargetClass(value = java.security.Security.class, innerClass = "SecPropLoader", onlyWith = SecurityProvidersInitializedAtRunTime.class) final class Target_java_security_Security_SecPropLoader { /** @@ -69,7 +69,7 @@ private static void loadMaster() { * properly signed and can be used by JCE. It does that via jar verification which we cannot * support. */ -@TargetClass(className = "javax.crypto.JceSecurity", onlyWith = JDKInitializedAtRunTime.class) +@TargetClass(className = "javax.crypto.JceSecurity", onlyWith = SecurityProvidersInitializedAtRunTime.class) @BasedOnJDKFile("https://github.com/openjdk/jdk/blob/jdk-24+27/src/java.base/share/classes/javax/crypto/JceSecurity.java.template") @SuppressWarnings({"unused"}) final class Target_javax_crypto_JceSecurity { @@ -113,7 +113,7 @@ static Exception getVerificationResult(Provider p) { } } -@TargetClass(className = "sun.security.jca.ProviderConfig", onlyWith = JDKInitializedAtRunTime.class) +@TargetClass(className = "sun.security.jca.ProviderConfig", onlyWith = SecurityProvidersInitializedAtRunTime.class) @SuppressWarnings({"unused", "static-method"}) final class Target_sun_security_jca_ProviderConfig { @@ -183,5 +183,6 @@ Provider getProvider() { } } +@SuppressWarnings("unused") public class SecuritySubstitutionRuntimeInit { } diff --git a/substratevm/src/com.oracle.svm.hosted/src/com/oracle/svm/hosted/SecurityServicesFeature.java b/substratevm/src/com.oracle.svm.hosted/src/com/oracle/svm/hosted/SecurityServicesFeature.java index a4f3035b0f1d..4795070b4872 100644 --- a/substratevm/src/com.oracle.svm.hosted/src/com/oracle/svm/hosted/SecurityServicesFeature.java +++ b/substratevm/src/com.oracle.svm.hosted/src/com/oracle/svm/hosted/SecurityServicesFeature.java @@ -130,7 +130,7 @@ * The feature distinguishes between providers that are initialized at build time and those that are * initialized at run time. This distinction is essential because certain providers may perform * sensitive operations. Right now, all providers are initialized build-time by default, but that - * can be changed using --future-defaults=all or --future-defaults=run-time-initialized-jdk + * can be changed using --future-defaults=run-time-initialize-security-providers * *

* The initialization strategy is: @@ -251,7 +251,7 @@ public static class Options { @Override public void afterRegistration(AfterRegistrationAccess a) { - if (FutureDefaultsOptions.isJDKInitializedAtRunTime()) { + if (FutureDefaultsOptions.securityProvidersInitializedAtRunTime()) { ImageSingletons.add(SecurityProvidersSupport.class, new SecurityProvidersSupport(Options.AdditionalSecurityProviders.getValue().values())); } @@ -267,7 +267,7 @@ public void duringSetup(DuringSetupAccess a) { RuntimeClassInitializationSupport rci = ImageSingletons.lookup(RuntimeClassInitializationSupport.class); oidTableField = access.findField("sun.security.util.ObjectIdentifier", "oidTable"); oidMapField = access.findField(OIDMap.class, "oidMap"); - if (!FutureDefaultsOptions.isJDKInitializedAtRunTime()) { + if (!FutureDefaultsOptions.securityProvidersInitializedAtRunTime()) { addManuallyConfiguredUsedProviders(a); verificationResultsField = access.findField("javax.crypto.JceSecurity", "verificationResults"); providerListField = access.findField("sun.security.jca.Providers", "providerList"); @@ -288,9 +288,9 @@ public void duringSetup(DuringSetupAccess a) { * in the build-time initialization, so we need to mark them explicitly for run-time * initialization instead. */ - rci.initializeAtRunTime("java.security.Security", FutureDefaultsOptions.RUN_TIME_INITIALIZE_JDK_REASON); - rci.initializeAtRunTime("sun.security.jca.Providers", FutureDefaultsOptions.RUN_TIME_INITIALIZE_JDK_REASON); - rci.initializeAtRunTime("sun.security.provider.certpath.ldap.JdkLDAP", FutureDefaultsOptions.RUN_TIME_INITIALIZE_JDK_REASON); + rci.initializeAtRunTime("java.security.Security", FutureDefaultsOptions.RUN_TIME_INITIALIZE_SECURITY_PROVIDERS_REASON); + rci.initializeAtRunTime("sun.security.jca.Providers", FutureDefaultsOptions.RUN_TIME_INITIALIZE_SECURITY_PROVIDERS_REASON); + rci.initializeAtRunTime("sun.security.provider.certpath.ldap.JdkLDAP", FutureDefaultsOptions.RUN_TIME_INITIALIZE_SECURITY_PROVIDERS_REASON); } /* @@ -398,7 +398,7 @@ public void beforeAnalysis(BeforeAnalysisAccess a) { PlatformNativeLibrarySupport.singleton().addBuiltinPkgNativePrefix("sun_security_mscapi"); } - if (!FutureDefaultsOptions.isJDKInitializedAtRunTime()) { + if (!FutureDefaultsOptions.securityProvidersInitializedAtRunTime()) { substitutionProcessor = ((Inflation) access.getBigBang()).getAnnotationSubstitutionProcessor(); access.registerFieldValueTransformer(providerListField, new FieldValueTransformerWithAvailability() { @@ -826,7 +826,7 @@ private void registerProvider(DuringAnalysisAccess access, Provider provider) { * support. See also Target_javax_crypto_JceSecurity. */ Object result = getVerificationResult.invoke(null, provider); - if (FutureDefaultsOptions.isJDKInitializedAtRunTime()) { + if (FutureDefaultsOptions.securityProvidersInitializedAtRunTime()) { /* * Note that after verification, we move the result to a separate structure * since we don't want to keep the provider object in the image heap. @@ -928,7 +928,7 @@ private void registerX509Extensions(DuringAnalysisAccess a) { public void duringAnalysis(DuringAnalysisAccess a) { DuringAnalysisAccessImpl access = (DuringAnalysisAccessImpl) a; access.rescanRoot(oidTableField); - if (!FutureDefaultsOptions.isJDKInitializedAtRunTime()) { + if (!FutureDefaultsOptions.securityProvidersInitializedAtRunTime()) { maybeScanVerificationResultsField(access); maybeScanProvidersField(access); if (cachedProviders != null) { diff --git a/substratevm/src/com.oracle.svm.hosted/src/com/oracle/svm/hosted/ServiceLoaderFeature.java b/substratevm/src/com.oracle.svm.hosted/src/com/oracle/svm/hosted/ServiceLoaderFeature.java index dc54ab3d24af..83d2ce24bd4f 100644 --- a/substratevm/src/com.oracle.svm.hosted/src/com/oracle/svm/hosted/ServiceLoaderFeature.java +++ b/substratevm/src/com.oracle.svm.hosted/src/com/oracle/svm/hosted/ServiceLoaderFeature.java @@ -149,7 +149,7 @@ public boolean isInConfiguration(IsInConfigurationAccess access) { @Override public void afterRegistration(AfterRegistrationAccess access) { - if (!FutureDefaultsOptions.isJDKInitializedAtRunTime()) { + if (!FutureDefaultsOptions.securityProvidersInitializedAtRunTime()) { servicesToSkip.add(java.security.Provider.class.getName()); } servicesToSkip.addAll(Options.ServiceLoaderFeatureExcludeServices.getValue().values()); diff --git a/substratevm/src/com.oracle.svm.hosted/src/com/oracle/svm/hosted/jdk/JDKInitializationFeature.java b/substratevm/src/com.oracle.svm.hosted/src/com/oracle/svm/hosted/jdk/JDKInitializationFeature.java index 74c4cc2946dc..1ec2736fd407 100644 --- a/substratevm/src/com.oracle.svm.hosted/src/com/oracle/svm/hosted/jdk/JDKInitializationFeature.java +++ b/substratevm/src/com.oracle.svm.hosted/src/com/oracle/svm/hosted/jdk/JDKInitializationFeature.java @@ -147,23 +147,23 @@ public void afterRegistration(AfterRegistrationAccess access) { rci.initializeAtBuildTime("java.awt.font.JavaAWTFontAccessImpl", "Required for sun.text.bidi.BidiBase.NumericShapings"); /* FileSystemProviders related */ - if (FutureDefaultsOptions.isJDKInitializedAtRunTime()) { - rci.initializeAtRunTime("java.nio.file.spi", FutureDefaultsOptions.RUN_TIME_INITIALIZE_JDK_REASON); - rci.initializeAtRunTime("sun.nio.fs", FutureDefaultsOptions.RUN_TIME_INITIALIZE_JDK_REASON); + if (FutureDefaultsOptions.fileSystemProvidersInitializedAtRunTime()) { + rci.initializeAtRunTime("java.nio.file.spi", FutureDefaultsOptions.RUN_TIME_INITIALIZE_FILE_SYSTEM_PROVIDERS_REASON); + rci.initializeAtRunTime("sun.nio.fs", FutureDefaultsOptions.RUN_TIME_INITIALIZE_FILE_SYSTEM_PROVIDERS_REASON); - rci.initializeAtRunTime("java.nio.file.FileSystems", FutureDefaultsOptions.RUN_TIME_INITIALIZE_JDK_REASON); - rci.initializeAtRunTime("java.nio.file.FileSystems$DefaultFileSystemHolder", FutureDefaultsOptions.RUN_TIME_INITIALIZE_JDK_REASON); + rci.initializeAtRunTime("java.nio.file.FileSystems", FutureDefaultsOptions.RUN_TIME_INITIALIZE_FILE_SYSTEM_PROVIDERS_REASON); + rci.initializeAtRunTime("java.nio.file.FileSystems$DefaultFileSystemHolder", FutureDefaultsOptions.RUN_TIME_INITIALIZE_FILE_SYSTEM_PROVIDERS_REASON); - rci.initializeAtRunTime("java.util.zip.ZipFile$Source", FutureDefaultsOptions.RUN_TIME_INITIALIZE_JDK_REASON); - rci.initializeAtRunTime("java.util.zip.ZipFile$Source", FutureDefaultsOptions.RUN_TIME_INITIALIZE_JDK_REASON); + rci.initializeAtRunTime("java.util.zip.ZipFile$Source", FutureDefaultsOptions.RUN_TIME_INITIALIZE_FILE_SYSTEM_PROVIDERS_REASON); + rci.initializeAtRunTime("java.util.zip.ZipFile$Source", FutureDefaultsOptions.RUN_TIME_INITIALIZE_FILE_SYSTEM_PROVIDERS_REASON); - rci.initializeAtRunTime("java.io.FileSystem", FutureDefaultsOptions.RUN_TIME_INITIALIZE_JDK_REASON); - rci.initializeAtRunTime("java.io.FileSystem$CurrentWorkingDirectoryHolder", FutureDefaultsOptions.RUN_TIME_INITIALIZE_JDK_REASON); - rci.initializeAtRunTime("java.io.UnixFileSystem", FutureDefaultsOptions.RUN_TIME_INITIALIZE_JDK_REASON); - rci.initializeAtRunTime("java.io.WindowsFileSystem", FutureDefaultsOptions.RUN_TIME_INITIALIZE_JDK_REASON); + rci.initializeAtRunTime("java.io.FileSystem", FutureDefaultsOptions.RUN_TIME_INITIALIZE_FILE_SYSTEM_PROVIDERS_REASON); + rci.initializeAtRunTime("java.io.FileSystem$CurrentWorkingDirectoryHolder", FutureDefaultsOptions.RUN_TIME_INITIALIZE_FILE_SYSTEM_PROVIDERS_REASON); + rci.initializeAtRunTime("java.io.UnixFileSystem", FutureDefaultsOptions.RUN_TIME_INITIALIZE_FILE_SYSTEM_PROVIDERS_REASON); + rci.initializeAtRunTime("java.io.WindowsFileSystem", FutureDefaultsOptions.RUN_TIME_INITIALIZE_FILE_SYSTEM_PROVIDERS_REASON); /* Holder for the default file system. */ - rci.initializeAtRunTime("com.oracle.svm.core.jdk.runtimeinit.DefaultFileSystemHolder", FutureDefaultsOptions.RUN_TIME_INITIALIZE_JDK_REASON); + rci.initializeAtRunTime("com.oracle.svm.core.jdk.runtimeinit.DefaultFileSystemHolder", FutureDefaultsOptions.RUN_TIME_INITIALIZE_FILE_SYSTEM_PROVIDERS_REASON); /* * The following need to be build-time initialized because they can end up in the image @@ -175,24 +175,16 @@ public void afterRegistration(AfterRegistrationAccess access) { * Require explicit initializeAtBuildTime because the sun.nio.fs is registered for * run-time initialization. */ - rci.initializeAtBuildTime("sun.nio.fs.UnixPath", "Allow UnixPath objects in the image heap (" + FutureDefaultsOptions.RUN_TIME_INITIALIZE_JDK_REASON + ")"); - rci.initializeAtBuildTime("sun.nio.fs.WindowsPath", "Allow WindowsPath objects in the image heap (" + FutureDefaultsOptions.RUN_TIME_INITIALIZE_JDK_REASON + ")"); + rci.initializeAtBuildTime("sun.nio.fs.UnixPath", "Allow UnixPath objects in the image heap (" + FutureDefaultsOptions.RUN_TIME_INITIALIZE_FILE_SYSTEM_PROVIDERS_REASON + ")"); + rci.initializeAtBuildTime("sun.nio.fs.WindowsPath", "Allow WindowsPath objects in the image heap (" + FutureDefaultsOptions.RUN_TIME_INITIALIZE_FILE_SYSTEM_PROVIDERS_REASON + ")"); /* JrtFS support. */ - rci.initializeAtBuildTime("jdk.internal.jrtfs.SystemImage", FutureDefaultsOptions.RUN_TIME_INITIALIZE_JDK_REASON); + rci.initializeAtBuildTime("jdk.internal.jrtfs.SystemImage", FutureDefaultsOptions.RUN_TIME_INITIALIZE_FILE_SYSTEM_PROVIDERS_REASON); } - /* XML-related */ - if (FutureDefaultsOptions.isJDKInitializedAtRunTime()) { - // GR-50683 should remove this part - rci.initializeAtBuildTime("com.sun.xml", JDK_CLASS_REASON); - rci.initializeAtBuildTime("com.sun.org.apache", JDK_CLASS_REASON); - rci.initializeAtBuildTime("com.sun.org.slf4j.internal", JDK_CLASS_REASON); - } else { - rci.initializeAtBuildTime("com.sun.xml", JDK_CLASS_REASON); - rci.initializeAtBuildTime("com.sun.org.apache", JDK_CLASS_REASON); - rci.initializeAtBuildTime("com.sun.org.slf4j.internal", JDK_CLASS_REASON); - } + rci.initializeAtBuildTime("com.sun.xml", JDK_CLASS_REASON); + rci.initializeAtBuildTime("com.sun.org.apache", JDK_CLASS_REASON); + rci.initializeAtBuildTime("com.sun.org.slf4j.internal", JDK_CLASS_REASON); /* Security services */ rci.initializeAtBuildTime("com.sun.crypto.provider", JDK_CLASS_REASON); @@ -232,7 +224,7 @@ public void afterRegistration(AfterRegistrationAccess access) { rci.initializeAtBuildTime("sun.security.validator", JDK_CLASS_REASON); rci.initializeAtBuildTime("sun.security.x509", JDK_CLASS_REASON); rci.initializeAtBuildTime("com.sun.jndi", JDK_CLASS_REASON); - if (!FutureDefaultsOptions.isJDKInitializedAtRunTime()) { + if (!FutureDefaultsOptions.securityProvidersInitializedAtRunTime()) { rci.initializeAtBuildTime("sun.security.pkcs11", JDK_CLASS_REASON); rci.initializeAtBuildTime("sun.security.smartcardio", JDK_CLASS_REASON); rci.initializeAtBuildTime("com.sun.security.sasl", JDK_CLASS_REASON); diff --git a/substratevm/src/com.oracle.svm.hosted/src/com/oracle/svm/hosted/reflect/ReflectionDataBuilder.java b/substratevm/src/com.oracle.svm.hosted/src/com/oracle/svm/hosted/reflect/ReflectionDataBuilder.java index 21d1078344f3..04c1377af708 100644 --- a/substratevm/src/com.oracle.svm.hosted/src/com/oracle/svm/hosted/reflect/ReflectionDataBuilder.java +++ b/substratevm/src/com.oracle.svm.hosted/src/com/oracle/svm/hosted/reflect/ReflectionDataBuilder.java @@ -205,7 +205,7 @@ public void register(ConfigurationCondition condition, boolean unsafeInstantiate Objects.requireNonNull(clazz, () -> nullErrorMessage("class")); runConditionalInAnalysisTask(condition, (cnd) -> { registerClass(cnd, clazz, unsafeInstantiated, true); - if (FutureDefaultsOptions.treatNameAsType()) { + if (FutureDefaultsOptions.completeReflectionTypes()) { registerClassMetadata(cnd, clazz); } }); diff --git a/substratevm/src/com.oracle.svm.test/src/com/oracle/svm/test/services/SecurityServiceTest.java b/substratevm/src/com.oracle.svm.test/src/com/oracle/svm/test/services/SecurityServiceTest.java index 904aebf36333..4bfd37f38c16 100644 --- a/substratevm/src/com.oracle.svm.test/src/com/oracle/svm/test/services/SecurityServiceTest.java +++ b/substratevm/src/com.oracle.svm.test/src/com/oracle/svm/test/services/SecurityServiceTest.java @@ -61,7 +61,7 @@ public void afterRegistration(AfterRegistrationAccess access) { @Override public void duringSetup(final DuringSetupAccess access) { - if (!FutureDefaultsOptions.isJDKInitializedAtRunTime()) { + if (!FutureDefaultsOptions.securityProvidersInitializedAtRunTime()) { // we use these (application) classes during Native image build RuntimeClassInitialization.initializeAtBuildTime(NoOpService.class); RuntimeClassInitialization.initializeAtBuildTime(NoOpProvider.class); @@ -80,7 +80,7 @@ public void duringSetup(final DuringSetupAccess access) { */ @Test public void testSecurityProviderRuntimeRegistration() { - Assume.assumeTrue("needs runtime initialization", FutureDefaultsOptions.isJDKInitializedAtRunTime()); + Assume.assumeTrue("needs runtime initialization", FutureDefaultsOptions.securityProvidersInitializedAtRunTime()); Provider notRegistered = Security.getProvider("no-op-provider"); Assert.assertNull("Provider is registered.", notRegistered); @@ -99,7 +99,7 @@ public void testSecurityProviderRuntimeRegistration() { */ @Test public void testUnknownSecurityServices() throws Exception { - if (FutureDefaultsOptions.isJDKInitializedAtRunTime()) { + if (FutureDefaultsOptions.securityProvidersInitializedAtRunTime()) { /* Register the provider at run time. */ Security.addProvider(new NoOpProvider()); } @@ -113,7 +113,7 @@ public void testUnknownSecurityServices() throws Exception { @Test public void testAutomaticSecurityServiceRegistration() { try { - if (FutureDefaultsOptions.isJDKInitializedAtRunTime()) { + if (FutureDefaultsOptions.securityProvidersInitializedAtRunTime()) { /* Register the provider at run time. */ Security.addProvider(new NoOpProviderTwo()); }