1622 lines
62 KiB
RPMSpec
1622 lines
62 KiB
RPMSpec
%if (0%{?rhel} > 0 && 0%{?rhel} < 8)
|
|
# portable jdk 17 specific bug, _jvmdir being missing
|
|
%define _jvmdir /usr/lib/jvm
|
|
%endif
|
|
|
|
# debug_package %%{nil} is portable-jdks specific
|
|
%define debug_package %{nil}
|
|
|
|
# RPM conditionals so as to be able to dynamically produce
|
|
# slowdebug/release builds. See:
|
|
# http://rpm.org/user_doc/conditional_builds.html
|
|
#
|
|
# Examples:
|
|
#
|
|
# Produce release, fastdebug *and* slowdebug builds on x86_64 (default):
|
|
# $ rpmbuild -ba java-latest-openjdk.spec
|
|
#
|
|
# Produce only release builds (no debug builds) on x86_64:
|
|
# $ rpmbuild -ba java-latest-openjdk.spec --without slowdebug --without fastdebug
|
|
#
|
|
# Only produce a release build on x86_64:
|
|
# $ fedpkg mockbuild --without slowdebug --without fastdebug
|
|
|
|
# Enable fastdebug builds by default on relevant arches.
|
|
%bcond_without fastdebug
|
|
# Enable slowdebug builds by default on relevant arches.
|
|
%bcond_without slowdebug
|
|
# Enable release builds by default on relevant arches.
|
|
%bcond_without release
|
|
# Enable static library builds by default.
|
|
%bcond_without staticlibs
|
|
# Build a fresh libjvm.so for use in a copy of the bootstrap JDK
|
|
%bcond_without fresh_libjvm
|
|
# Build with system libraries
|
|
%bcond_with system_libs
|
|
|
|
|
|
%if (0%{?rhel} > 0 && 0%{?rhel} < 8)
|
|
# This is RHEL 7 specific as it doesn't seem to have the
|
|
# __brp_strip_static_archive macro.
|
|
%define __os_install_post %{nil}
|
|
%endif
|
|
|
|
%global unpacked_licenses %{_datarootdir}/licenses
|
|
|
|
# Workaround for stripping of debug symbols from static libraries
|
|
%if %{with staticlibs}
|
|
%define __brp_strip_static_archive %{nil}
|
|
%global include_staticlibs 1
|
|
%else
|
|
%global include_staticlibs 0
|
|
%endif
|
|
|
|
# Define whether to use the bootstrap JDK directly or with a fresh libjvm.so
|
|
%if %{with fresh_libjvm}
|
|
%global build_hotspot_first 1
|
|
%else
|
|
%global build_hotspot_first 0
|
|
%endif
|
|
|
|
%if %{with system_libs}
|
|
%global system_libs 1
|
|
%global link_type system
|
|
%global freetype_lib %{nil}
|
|
%else
|
|
%global system_libs 0
|
|
%global link_type bundled
|
|
%global freetype_lib |libfreetype[.]so.*
|
|
%endif
|
|
|
|
# The -g flag says to use strip -g instead of full strip on DSOs or EXEs.
|
|
# This fixes detailed NMT and other tools which need minimal debug info.
|
|
# See: https://bugzilla.redhat.com/show_bug.cgi?id=1520879
|
|
%global _find_debuginfo_opts -g
|
|
|
|
# With LTO flags enabled, debuginfo checks fail for some reason. Disable
|
|
# LTO for a passing build. This really needs to be looked at.
|
|
%define _lto_cflags %{nil}
|
|
|
|
# note: parametrized macros are order-sensitive (unlike not-parametrized) even with normal macros
|
|
# also necessary when passing it as parameter to other macros. If not macro, then it is considered a switch
|
|
# see the difference between global and define:
|
|
# See https://github.com/rpm-software-management/rpm/issues/127 to comments at "pmatilai commented on Aug 18, 2017"
|
|
# (initiated in https://bugzilla.redhat.com/show_bug.cgi?id=1482192)
|
|
%global debug_suffix_unquoted -slowdebug
|
|
%global fastdebug_suffix_unquoted -fastdebug
|
|
%global main_suffix_unquoted -main
|
|
%global staticlibs_suffix_unquoted -staticlibs
|
|
# quoted one for shell operations
|
|
%global debug_suffix "%{debug_suffix_unquoted}"
|
|
%global fastdebug_suffix "%{fastdebug_suffix_unquoted}"
|
|
%global normal_suffix ""
|
|
%global main_suffix "%{main_suffix_unquoted}"
|
|
%global staticlibs_suffix "%{staticlibs_suffix_unquoted}"
|
|
|
|
%global debug_warning This package is unoptimised with full debugging. Install only as needed and remove ASAP.
|
|
%global fastdebug_warning This package is optimised with full debugging. Install only as needed and remove ASAP.
|
|
%global debug_on unoptimised with full debugging on
|
|
%global fastdebug_on optimised with full debugging on
|
|
%global for_fastdebug for packages with debugging on and optimisation
|
|
%global for_debug for packages with debugging on and no optimisation
|
|
|
|
%if %{with release}
|
|
%global include_normal_build 1
|
|
%else
|
|
%global include_normal_build 0
|
|
%endif
|
|
|
|
%if %{include_normal_build}
|
|
%global normal_build %{normal_suffix}
|
|
%else
|
|
%global normal_build %{nil}
|
|
%endif
|
|
|
|
# We have hardcoded list of files, which is appearing in alternatives, and in files
|
|
# in alternatives those are slaves and master, very often triplicated by man pages
|
|
# in files all masters and slaves are ghosted
|
|
# the ghosts are here to allow installation via query like `dnf install /usr/bin/java`
|
|
# you can list those files, with appropriate sections: cat *.spec | grep -e --install -e --slave -e post_ -e alternatives
|
|
# TODO - fix those hardcoded lists via single list
|
|
# Those files must *NOT* be ghosted for *slowdebug* packages
|
|
# FIXME - if you are moving jshell or jlink or similar, always modify all three sections
|
|
# you can check via headless and devels:
|
|
# rpm -ql --noghost java-11-openjdk-headless-11.0.1.13-8.fc29.x86_64.rpm | grep bin
|
|
# == rpm -ql java-11-openjdk-headless-slowdebug-11.0.1.13-8.fc29.x86_64.rpm | grep bin
|
|
# != rpm -ql java-11-openjdk-headless-11.0.1.13-8.fc29.x86_64.rpm | grep bin
|
|
# similarly for other %%{_jvmdir}/{jre,java} and %%{_javadocdir}/{java,java-zip}
|
|
%define is_release_build() %( if [ "%{?1}" == "%{debug_suffix_unquoted}" -o "%{?1}" == "%{fastdebug_suffix_unquoted}" ]; then echo "0" ; else echo "1"; fi )
|
|
|
|
# while JDK is a techpreview(is_system_jdk=0), some provides are turned off. Once jdk stops to be an techpreview, move it to 1
|
|
# as sytem JDK, we mean any JDK which can run whole system java stack without issues (like bytecode issues, module issues, dependencies...)
|
|
%global is_system_jdk 0
|
|
|
|
%global aarch64 aarch64 arm64 armv8
|
|
# we need to distinguish between big and little endian PPC64
|
|
%global ppc64le ppc64le
|
|
%global ppc64be ppc64 ppc64p7
|
|
# Set of architectures which support multiple ABIs
|
|
%global multilib_arches %{power64} sparc64 x86_64
|
|
# Set of architectures for which we build slowdebug builds
|
|
%global debug_arches %{ix86} x86_64 sparcv9 sparc64 %{aarch64} %{power64} s390x
|
|
# Set of architectures for which we build fastdebug builds
|
|
%global fastdebug_arches x86_64 ppc64le aarch64
|
|
# Set of architectures with a Just-In-Time (JIT) compiler
|
|
%global jit_arches %{arm} %{aarch64} %{ix86} %{power64} s390x sparcv9 sparc64 x86_64
|
|
# Set of architectures which use the Zero assembler port (!jit_arches)
|
|
%global zero_arches ppc s390
|
|
# Set of architectures which run a full bootstrap cycle
|
|
%global bootstrap_arches %{jit_arches}
|
|
# Set of architectures which support SystemTap tapsets
|
|
%global systemtap_arches %{jit_arches}
|
|
# Set of architectures with a Ahead-Of-Time (AOT) compiler
|
|
%global aot_arches x86_64 %{aarch64}
|
|
# Set of architectures which support the serviceability agent
|
|
%global sa_arches %{ix86} x86_64 sparcv9 sparc64 %{aarch64} %{power64} %{arm}
|
|
# Set of architectures which support class data sharing
|
|
# See https://bugzilla.redhat.com/show_bug.cgi?id=513605
|
|
# MetaspaceShared::generate_vtable_methods is not implemented for the PPC JIT
|
|
%global share_arches %{ix86} x86_64 sparcv9 sparc64 %{aarch64} %{arm} s390x
|
|
# Set of architectures for which we build the Shenandoah garbage collector
|
|
%global shenandoah_arches x86_64 %{aarch64}
|
|
# Set of architectures for which we build the Z garbage collector
|
|
%global zgc_arches x86_64
|
|
# Set of architectures for which alt-java has SSB mitigation
|
|
%global ssbd_arches x86_64
|
|
# Set of architectures for which java has short vector math library (libsvml.so)
|
|
%global svml_arches x86_64
|
|
# Set of architectures where we verify backtraces with gdb
|
|
# s390x fails on RHEL 7 so we exclude it there
|
|
%if (0%{?rhel} > 0 && 0%{?rhel} < 8)
|
|
%global gdb_arches %{arm} %{aarch64} %{ix86} %{power64} sparcv9 sparc64 x86_64 %{zero_arches}
|
|
%else
|
|
%global gdb_arches %{jit_arches} %{zero_arches}
|
|
%endif
|
|
|
|
# By default, we build a debug build during main build on JIT architectures
|
|
%if %{with slowdebug}
|
|
%ifarch %{debug_arches}
|
|
%global include_debug_build 1
|
|
%else
|
|
%global include_debug_build 0
|
|
%endif
|
|
%else
|
|
%global include_debug_build 0
|
|
%endif
|
|
|
|
# On certain architectures, we compile the Shenandoah GC
|
|
%ifarch %{shenandoah_arches}
|
|
%global use_shenandoah_hotspot 1
|
|
%else
|
|
%global use_shenandoah_hotspot 0
|
|
%endif
|
|
|
|
# By default, we build a fastdebug build during main build only on fastdebug architectures
|
|
%if %{with fastdebug}
|
|
%ifarch %{fastdebug_arches}
|
|
%global include_fastdebug_build 1
|
|
%else
|
|
%global include_fastdebug_build 0
|
|
%endif
|
|
%else
|
|
%global include_fastdebug_build 0
|
|
%endif
|
|
|
|
%if %{include_debug_build}
|
|
%global slowdebug_build %{debug_suffix}
|
|
%else
|
|
%global slowdebug_build %{nil}
|
|
%endif
|
|
|
|
%if %{include_fastdebug_build}
|
|
%global fastdebug_build %{fastdebug_suffix}
|
|
%else
|
|
%global fastdebug_build %{nil}
|
|
%endif
|
|
|
|
# If you disable all builds, then the build fails
|
|
# Build and test slowdebug first as it provides the best diagnostics
|
|
%global build_loop %{slowdebug_build} %{fastdebug_build} %{normal_build}
|
|
|
|
%if %{include_staticlibs}
|
|
%global staticlibs_loop %{staticlibs_suffix}
|
|
%else
|
|
%global staticlibs_loop %{nil}
|
|
%endif
|
|
|
|
%if 0%{?flatpak}
|
|
%global bootstrap_build false
|
|
%else
|
|
%ifarch %{bootstrap_arches}
|
|
%global bootstrap_build true
|
|
%else
|
|
%global bootstrap_build false
|
|
%endif
|
|
%endif
|
|
|
|
%if %{include_staticlibs}
|
|
# Extra target for producing the static-libraries. Separate from
|
|
# other targets since this target is configured to use in-tree
|
|
# AWT dependencies: lcms, libjpeg, libpng, libharfbuzz, giflib
|
|
# and possibly others
|
|
%global static_libs_target static-libs-image
|
|
%else
|
|
%global static_libs_target %{nil}
|
|
%endif
|
|
|
|
# RPM JDK builds keep the debug symbols internal, to be later stripped by RPM
|
|
%global debug_symbols internal
|
|
|
|
# unlike portables,the rpms have to use static_libs_target very dynamically
|
|
%global bootstrap_targets images legacy-jre-image
|
|
%global release_targets images docs-zip legacy-jre-image
|
|
# No docs nor bootcycle for debug builds
|
|
%global debug_targets images legacy-jre-image
|
|
# Target to use to just build HotSpot
|
|
%global hotspot_target hotspot
|
|
|
|
# JDK to use for bootstrapping
|
|
%global bootjdk /usr/lib/jvm/java-%{buildjdkver}-openjdk
|
|
|
|
|
|
# Filter out flags from the optflags macro that cause problems with the OpenJDK build
|
|
# We filter out -O flags so that the optimization of HotSpot is not lowered from O3 to O2
|
|
# We filter out -Wall which will otherwise cause HotSpot to produce hundreds of thousands of warnings (100+mb logs)
|
|
# We replace it with -Wformat (required by -Werror=format-security) and -Wno-cpp to avoid FORTIFY_SOURCE warnings
|
|
# We filter out -fexceptions as the HotSpot build explicitly does -fno-exceptions and it's otherwise the default for C++
|
|
%global ourflags %(echo %optflags | sed -e 's|-Wall|-Wformat -Wno-cpp|' | sed -r -e 's|-O[0-9]*||')
|
|
%global ourcppflags %(echo %ourflags | sed -e 's|-fexceptions||')
|
|
%global ourldflags %{__global_ldflags}
|
|
|
|
# With disabled nss is NSS deactivated, so NSS_LIBDIR can contain the wrong path
|
|
# the initialization must be here. Later the pkg-config have buggy behavior
|
|
# looks like openjdk RPM specific bug
|
|
# Always set this so the nss.cfg file is not broken
|
|
%global NSS_LIBDIR %(pkg-config --variable=libdir nss)
|
|
|
|
# In some cases, the arch used by the JDK does
|
|
# not match _arch.
|
|
# Also, in some cases, the machine name used by SystemTap
|
|
# does not match that given by _target_cpu
|
|
%ifarch x86_64
|
|
%global archinstall amd64
|
|
%global stapinstall x86_64
|
|
%endif
|
|
%ifarch ppc
|
|
%global archinstall ppc
|
|
%global stapinstall powerpc
|
|
%endif
|
|
%ifarch %{ppc64be}
|
|
%global archinstall ppc64
|
|
%global stapinstall powerpc
|
|
%endif
|
|
%ifarch %{ppc64le}
|
|
%global archinstall ppc64le
|
|
%global stapinstall powerpc
|
|
%endif
|
|
%ifarch %{ix86}
|
|
%global archinstall i686
|
|
%global stapinstall i386
|
|
%endif
|
|
%ifarch ia64
|
|
%global archinstall ia64
|
|
%global stapinstall ia64
|
|
%endif
|
|
%ifarch s390
|
|
%global archinstall s390
|
|
%global stapinstall s390
|
|
%endif
|
|
%ifarch s390x
|
|
%global archinstall s390x
|
|
%global stapinstall s390
|
|
%endif
|
|
%ifarch %{arm}
|
|
%global archinstall arm
|
|
%global stapinstall arm
|
|
%endif
|
|
%ifarch %{aarch64}
|
|
%global archinstall aarch64
|
|
%global stapinstall arm64
|
|
%endif
|
|
# 32 bit sparc, optimized for v9
|
|
%ifarch sparcv9
|
|
%global archinstall sparc
|
|
%global stapinstall %{_target_cpu}
|
|
%endif
|
|
# 64 bit sparc
|
|
%ifarch sparc64
|
|
%global archinstall sparcv9
|
|
%global stapinstall %{_target_cpu}
|
|
%endif
|
|
# Need to support noarch for srpm build
|
|
%ifarch noarch
|
|
%global archinstall %{nil}
|
|
%global stapinstall %{nil}
|
|
%endif
|
|
|
|
# always off for portable builds
|
|
%ifarch %{systemtap_arches}
|
|
%global with_systemtap 0
|
|
%else
|
|
%global with_systemtap 0
|
|
%endif
|
|
|
|
# New Version-String scheme-style defines
|
|
%global featurever 19
|
|
%global interimver 0
|
|
%global updatever 1
|
|
%global patchver 0
|
|
# buildjdkver is usually same as %%{featurever},
|
|
# but in time of bootstrap of next jdk, it is featurever-1,
|
|
# and this it is better to change it here, on single place
|
|
%global buildjdkver %{featurever}
|
|
# We don't add any LTS designator for STS packages (Fedora and EPEL).
|
|
# We need to explicitly exclude EPEL as it would have the %%{rhel} macro defined.
|
|
%if 0%{?rhel} && !0%{?epel}
|
|
%global lts_designator "LTS"
|
|
%global lts_designator_zip -%{lts_designator}
|
|
%else
|
|
%global lts_designator ""
|
|
%global lts_designator_zip ""
|
|
%endif
|
|
|
|
# Define vendor information used by OpenJDK
|
|
%global oj_vendor Red Hat, Inc.
|
|
%global oj_vendor_url https://www.redhat.com/
|
|
# Define what url should JVM offer in case of a crash report
|
|
# order may be important, epel may have rhel declared
|
|
%if 0%{?epel}
|
|
%global oj_vendor_bug_url https://bugzilla.redhat.com/enter_bug.cgi?product=Fedora%20EPEL&component=%{name}&version=epel%{epel}
|
|
%else
|
|
%if 0%{?fedora}
|
|
# Does not work for rawhide, keeps the version field empty
|
|
%global oj_vendor_bug_url https://bugzilla.redhat.com/enter_bug.cgi?product=Fedora&component=%{name}&version=%{fedora}
|
|
%else
|
|
%if 0%{?rhel}
|
|
%global oj_vendor_bug_url https://bugzilla.redhat.com/enter_bug.cgi?product=Red%20Hat%20Enterprise%20Linux%20%{rhel}&component=%{name}
|
|
%else
|
|
%global oj_vendor_bug_url https://bugzilla.redhat.com/enter_bug.cgi
|
|
%endif
|
|
%endif
|
|
%endif
|
|
%global oj_vendor_version (Red_Hat-%{version}-%{release})
|
|
|
|
# Define IcedTea version used for SystemTap tapsets and desktop file
|
|
%global icedteaver 6.0.0pre00-c848b93a8598
|
|
# Define current Git revision for the FIPS support patches
|
|
%global fipsver d95bb40c7c8
|
|
|
|
# Standard JPackage naming and versioning defines
|
|
%global origin openjdk
|
|
%global origin_nice OpenJDK
|
|
%global top_level_dir_name %{origin}
|
|
%global top_level_dir_name_backup %{top_level_dir_name}-backup
|
|
%global buildver 10
|
|
%global rpmrelease 3
|
|
# Priority must be 8 digits in total; up to openjdk 1.8, we were using 18..... so when we moved to 11, we had to add another digit
|
|
%if %is_system_jdk
|
|
# Using 10 digits may overflow the int used for priority, so we combine the patch and build versions
|
|
# It is very unlikely we will ever have a patch version > 4 or a build version > 20, so we combine as (patch * 20) + build.
|
|
# This means 11.0.9.0+11 would have had a priority of 11000911 as before
|
|
# A 11.0.9.1+1 would have had a priority of 11000921 (20 * 1 + 1), thus ensuring it is bigger than 11.0.9.0+11
|
|
%global combiver $( expr 20 '*' %{patchver} + %{buildver} )
|
|
%global priority %( printf '%02d%02d%02d%02d' %{featurever} %{interimver} %{updatever} %{combiver} )
|
|
%else
|
|
# for techpreview, using 1, so slowdebugs can have 0
|
|
%global priority %( printf '%08d' 1 )
|
|
%endif
|
|
%global newjavaver %{featurever}.%{interimver}.%{updatever}.%{patchver}
|
|
%global javaver %{featurever}
|
|
|
|
# Strip up to 6 trailing zeros in newjavaver, as the JDK does, to get the correct version used in filenames
|
|
%global filever %(svn=%{newjavaver}; for i in 1 2 3 4 5 6 ; do svn=${svn%%.0} ; done; echo ${svn})
|
|
|
|
# The tag used to create the OpenJDK tarball
|
|
%global vcstag jdk-%{filever}+%{buildver}%{?tagsuffix:-%{tagsuffix}}
|
|
|
|
# Define milestone (EA for pre-releases, GA for releases)
|
|
# Release will be (where N is usually a number starting at 1):
|
|
# - 0.N%%{?extraver}%%{?dist} for EA releases,
|
|
# - N%%{?extraver}{?dist} for GA releases
|
|
%global is_ga 1
|
|
%if %{is_ga}
|
|
%global build_type GA
|
|
%global ea_designator ""
|
|
%global ea_designator_zip ""
|
|
%global extraver %{nil}
|
|
%global eaprefix %{nil}
|
|
%else
|
|
%global build_type EA
|
|
%global ea_designator ea
|
|
%global ea_designator_zip -%{ea_designator}
|
|
%global extraver .%{ea_designator}
|
|
%global eaprefix 0.
|
|
%endif
|
|
|
|
# parametrized macros are order-sensitive
|
|
%global compatiblename java-%{featurever}-%{origin}
|
|
%global fullversion %{compatiblename}-%{version}-%{release}
|
|
# images directories from upstream build
|
|
%global jdkimage jdk
|
|
%global static_libs_image static-libs
|
|
# installation directory for static libraries
|
|
%global static_libs_root lib/static
|
|
%global static_libs_arch_dir %{static_libs_root}/linux-%{archinstall}
|
|
%global static_libs_install_dir %{static_libs_arch_dir}/glibc
|
|
# output dir stub
|
|
%define buildoutputdir() %{expand:build/jdk%{featurever}.build%{?1}}
|
|
# we can copy the javadoc to not arched dir, or make it not noarch
|
|
%define uniquejavadocdir() %{expand:%{fullversion}.%{_arch}%{?1}}
|
|
# main id and dir of this jdk
|
|
%define uniquesuffix() %{expand:%{fullversion}.%{_arch}%{?1}}
|
|
# portable only declarations
|
|
%global jreimage jre
|
|
%if (0%{?rhel} > 0 && 0%{?rhel} < 8)
|
|
%define jreportablenameimpl() %(echo %{uniquesuffix ""} | sed "s;el7\\(_[0-9]\\)*;portable%{1}.jre.;g" | sed "s;openjdkportable;el;g")
|
|
%define jdkportablenameimpl() %(echo %{uniquesuffix ""} | sed "s;el7\\(_[0-9]\\)*;portable%{1}.jdk.;g" | sed "s;openjdkportable;el;g")
|
|
%define staticlibsportablenameimpl() %(echo %{uniquesuffix ""} | sed "s;el7\\(_[0-9]\\)*;portable%{1}.static-libs.;g" | sed "s;openjdkportable;el;g")
|
|
%else
|
|
%define jreportablenameimpl() %(echo %{uniquesuffix ""} | sed "s;fc\\([0-9]\\)*;\\0.portable%{1}.jre;g" | sed "s;openjdkportable;el;g")
|
|
%define jdkportablenameimpl() %(echo %{uniquesuffix ""} | sed "s;fc\\([0-9]\\)*;\\0.portable%{1}.jdk;g" | sed "s;openjdkportable;el;g")
|
|
%define staticlibsportablenameimpl() %(echo %{uniquesuffix ""} | sed "s;fc\\([0-9]\\)*;\\0.portable%{1}.static-libs;g" | sed "s;openjdkportable;el;g")
|
|
%endif
|
|
%define jreportablearchive() %{expand:%{jreportablenameimpl -- %%{1}}.tar.xz}
|
|
%define jdkportablearchive() %{expand:%{jdkportablenameimpl -- %%{1}}.tar.xz}
|
|
%define staticlibsportablearchive() %{expand:%{staticlibsportablenameimpl -- %%{1}}.tar.xz}
|
|
%define jreportablename() %{expand:%{jreportablenameimpl -- %%{1}}}
|
|
%define jdkportablename() %{expand:%{jdkportablenameimpl -- %%{1}}}
|
|
# Intentionally use jdkportablenameimpl here since we want to have static-libs files overlayed on
|
|
# top of the JDK archive
|
|
%define staticlibsportablename() %{expand:%{jdkportablenameimpl -- %%{1}}}
|
|
|
|
#################################################################
|
|
# fix for https://bugzilla.redhat.com/show_bug.cgi?id=1111349
|
|
# https://bugzilla.redhat.com/show_bug.cgi?id=1590796#c14
|
|
# https://bugzilla.redhat.com/show_bug.cgi?id=1655938
|
|
%global _privatelibs libsplashscreen[.]so.*|libawt_xawt[.]so.*|libjli[.]so.*|libattach[.]so.*|libawt[.]so.*|libextnet[.]so.*|libawt_headless[.]so.*|libdt_socket[.]so.*|libfontmanager[.]so.*|libinstrument[.]so.*|libj2gss[.]so.*|libj2pcsc[.]so.*|libj2pkcs11[.]so.*|libjaas[.]so.*|libjavajpeg[.]so.*|libjdwp[.]so.*|libjimage[.]so.*|libjsound[.]so.*|liblcms[.]so.*|libmanagement[.]so.*|libmanagement_agent[.]so.*|libmanagement_ext[.]so.*|libmlib_image[.]so.*|libnet[.]so.*|libnio[.]so.*|libprefs[.]so.*|librmi[.]so.*|libsaproc[.]so.*|libsctp[.]so.*|libsystemconf[.]so.*|libzip[.]so.*%{freetype_lib}
|
|
%global _publiclibs libjawt[.]so.*|libjava[.]so.*|libjvm[.]so.*|libverify[.]so.*|libjsig[.]so.*
|
|
%if %is_system_jdk
|
|
%global __provides_exclude ^(%{_privatelibs})$
|
|
%global __requires_exclude ^(%{_privatelibs})$
|
|
# Never generate lib-style provides/requires for any debug packages
|
|
%global __provides_exclude_from ^.*/%{uniquesuffix -- %{debug_suffix_unquoted}}/.*$
|
|
%global __requires_exclude_from ^.*/%{uniquesuffix -- %{debug_suffix_unquoted}}/.*$
|
|
%global __provides_exclude_from ^.*/%{uniquesuffix -- %{fastdebug_suffix_unquoted}}/.*$
|
|
%global __requires_exclude_from ^.*/%{uniquesuffix -- %{fastdebug_suffix_unquoted}}/.*$
|
|
%else
|
|
# Don't generate provides/requires for JDK provided shared libraries at all.
|
|
%global __provides_exclude ^(%{_privatelibs}|%{_publiclibs})$
|
|
%global __requires_exclude ^(%{_privatelibs}|%{_publiclibs})$
|
|
%endif
|
|
|
|
|
|
%global etcjavasubdir %{_sysconfdir}/java/java-%{javaver}-%{origin}
|
|
%define etcjavadir() %{expand:%{etcjavasubdir}/%{uniquesuffix -- %{?1}}}
|
|
# Standard JPackage directories and symbolic links.
|
|
%define sdkdir() %{expand:%{uniquesuffix -- %{?1}}}
|
|
%define jrelnk() %{expand:jre-%{javaver}-%{origin}-%{version}-%{release}.%{_arch}%{?1}}
|
|
|
|
%define sdkbindir() %{expand:%{_jvmdir}/%{sdkdir -- %{?1}}/bin}
|
|
%define jrebindir() %{expand:%{_jvmdir}/%{sdkdir -- %{?1}}/bin}
|
|
|
|
%global alt_java_name alt-java
|
|
|
|
%global rpm_state_dir %{_localstatedir}/lib/rpm-state/
|
|
|
|
# For flatpack builds hard-code /usr/sbin/alternatives,
|
|
# otherwise use %%{_sbindir} relative path.
|
|
%if 0%{?flatpak}
|
|
%global alternatives_requires /usr/sbin/alternatives
|
|
%else
|
|
%global alternatives_requires %{_sbindir}/alternatives
|
|
%endif
|
|
|
|
%if %{with_systemtap}
|
|
# Where to install systemtap tapset (links)
|
|
# We would like these to be in a package specific sub-dir,
|
|
# but currently systemtap doesn't support that, so we have to
|
|
# use the root tapset dir for now. To distinguish between 64
|
|
# and 32 bit architectures we place the tapsets under the arch
|
|
# specific dir (note that systemtap will only pickup the tapset
|
|
# for the primary arch for now). Systemtap uses the machine name
|
|
# aka target_cpu as architecture specific directory name.
|
|
%global tapsetroot /usr/share/systemtap
|
|
%global tapsetdirttapset %{tapsetroot}/tapset/
|
|
%global tapsetdir %{tapsetdirttapset}/%{stapinstall}
|
|
%endif
|
|
|
|
# x86 is no longer supported
|
|
%if 0%{?java_arches:1}
|
|
ExclusiveArch: %{java_arches}
|
|
%else
|
|
ExcludeArch: %{ix86}
|
|
%endif
|
|
|
|
# Portables have no rpo (requires/provides), but thsoe are awesome for orientation in spec
|
|
# also scriptlets are hapily missing and files are handled old fashion
|
|
# not-duplicated requires/provides/obsoletes for normal/debug packages
|
|
%define java_rpo() %{expand:
|
|
}
|
|
|
|
%define java_devel_rpo() %{expand:
|
|
}
|
|
|
|
%define java_static_libs_rpo() %{expand:
|
|
}
|
|
|
|
|
|
# Prevent brp-java-repack-jars from being run
|
|
%global __jar_repack 0
|
|
|
|
# portables have grown out of its component, moving back to java-x-vendor
|
|
# this expression, when declared as global, filled component with java-x-vendor portable
|
|
%define component %(echo %{name} | sed "s;-portable;;g")
|
|
|
|
Name: java-latest-%{origin}-portable
|
|
Version: %{newjavaver}.%{buildver}
|
|
# This package needs `.rolling` as part of Release so as to not conflict on install with
|
|
# java-X-openjdk. I.e. when latest rolling release is also an LTS release packaged as
|
|
# java-X-openjdk. See: https://bugzilla.redhat.com/show_bug.cgi?id=1647298
|
|
Release: %{?eaprefix}%{rpmrelease}%{?extraver}.rolling%{?dist}.1
|
|
# java-1.5.0-ibm from jpackage.org set Epoch to 1 for unknown reasons
|
|
# and this change was brought into RHEL-4. java-1.5.0-ibm packages
|
|
# also included the epoch in their virtual provides. This created a
|
|
# situation where in-the-wild java-1.5.0-ibm packages provided "java =
|
|
# 1:1.5.0". In RPM terms, "1.6.0 < 1:1.5.0" since 1.6.0 is
|
|
# interpreted as 0:1.6.0. So the "java >= 1.6.0" requirement would be
|
|
# satisfied by the 1:1.5.0 packages. Thus we need to set the epoch in
|
|
# JDK package >= 1.6.0 to 1, and packages referring to JDK virtual
|
|
# provides >= 1.6.0 must specify the epoch, "java >= 1:1.6.0".
|
|
|
|
Epoch: 1
|
|
Summary: %{origin_nice} %{featurever} Runtime Environment portable edition
|
|
# Groups are only used up to RHEL 8 and on Fedora versions prior to F30
|
|
%if (0%{?rhel} > 0 && 0%{?rhel} <= 8) || (0%{?fedora} >= 0 && 0%{?fedora} < 30)
|
|
Group: Development/Languages
|
|
%endif
|
|
|
|
# HotSpot code is licensed under GPLv2
|
|
# JDK library code is licensed under GPLv2 with the Classpath exception
|
|
# The Apache license is used in code taken from Apache projects (primarily xalan & xerces)
|
|
# DOM levels 2 & 3 and the XML digital signature schemas are licensed under the W3C Software License
|
|
# The JSR166 concurrency code is in the public domain
|
|
# The BSD and MIT licenses are used for a number of third-party libraries (see ADDITIONAL_LICENSE_INFO)
|
|
# The OpenJDK source tree includes:
|
|
# - JPEG library (IJG), zlib & libpng (zlib), giflib (MIT), harfbuzz (ISC),
|
|
# - freetype (FTL), jline (BSD) and LCMS (MIT)
|
|
# - jquery (MIT), jdk.crypto.cryptoki PKCS 11 wrapper (RSA)
|
|
# - public_suffix_list.dat from publicsuffix.org (MPLv2.0)
|
|
# The test code includes copies of NSS under the Mozilla Public License v2.0
|
|
# The PCSClite headers are under a BSD with advertising license
|
|
# The elliptic curve cryptography (ECC) source code is licensed under the LGPLv2.1 or any later version
|
|
License: ASL 1.1 and ASL 2.0 and BSD and BSD with advertising and GPL+ and GPLv2 and GPLv2 with exceptions and IJG and LGPLv2+ and MIT and MPLv2.0 and Public Domain and W3C and zlib and ISC and FTL and RSA
|
|
URL: http://openjdk.java.net/
|
|
|
|
|
|
# The source tarball, generated using generate_source_tarball.sh
|
|
Source0: openjdk-jdk%{featurever}u-%{vcstag}.tar.xz
|
|
|
|
# Use 'icedtea_sync.sh' to update the following
|
|
# They are based on code contained in the IcedTea project (6.x).
|
|
# Systemtap tapsets. Zipped up to keep it small.
|
|
# Disabled in portables
|
|
#Source8: tapsets-icedtea-%%{icedteaver}.tar.xz
|
|
|
|
# Desktop files. Adapted from IcedTea
|
|
# Disabled in portables
|
|
#Source9: jconsole.desktop.in
|
|
|
|
# Release notes
|
|
Source10: NEWS
|
|
|
|
# nss configuration file
|
|
Source11: nss.cfg.in
|
|
|
|
# Removed libraries that we link instead
|
|
# Disabled in portables
|
|
#Source12: remove-intree-libraries.sh
|
|
|
|
# Ensure we aren't using the limited crypto policy
|
|
Source13: TestCryptoLevel.java
|
|
|
|
# Ensure ECDSA is working
|
|
Source14: TestECDSA.java
|
|
|
|
# Verify system crypto (policy) can be disabled via a property
|
|
Source15: TestSecurityProperties.java
|
|
|
|
# Ensure vendor settings are correct
|
|
Source16: CheckVendor.java
|
|
|
|
# nss fips configuration file
|
|
Source17: nss.fips.cfg.in
|
|
|
|
# Ensure translations are available for new timezones
|
|
Source18: TestTranslations.java
|
|
|
|
%if (0%{?rhel} > 0 && 0%{?rhel} < 8)
|
|
# boot jdk for portable build root on
|
|
Source1001: ojdk17-aarch64-17.35.tar.gz
|
|
Source1002: ojdk17-ppc64le-17.35.tar.gz
|
|
Source1003: ojdk17-x86_64-17.35.tar.gz
|
|
Source1004: ojdk17-s390x-17.35.tar.gz
|
|
%endif
|
|
|
|
############################################
|
|
#
|
|
# RPM/distribution specific patches
|
|
#
|
|
############################################
|
|
|
|
# NSS via SunPKCS11 Provider (disabled comment
|
|
# due to memory leak).
|
|
Patch1000: rh1648249-add_commented_out_nss_cfg_provider_to_java_security.patch
|
|
# RH1750419: enable build of speculative store bypass hardened alt-java (CVE-2018-3639)
|
|
Patch600: rh1750419-redhat_alt_java.patch
|
|
|
|
# Ignore AWTError when assistive technologies are loaded
|
|
Patch1: rh1648242-accessible_toolkit_crash_do_not_break_jvm.patch
|
|
# Restrict access to java-atk-wrapper classes
|
|
Patch2: rh1648644-java_access_bridge_privileged_security.patch
|
|
Patch3: rh649512-remove_uses_of_far_in_jpeg_libjpeg_turbo_1_4_compat_for_jdk10_and_up.patch
|
|
# Depend on pcsc-lite-libs instead of pcsc-lite-devel as this is only in optional repo
|
|
Patch6: rh1684077-openjdk_should_depend_on_pcsc-lite-libs_instead_of_pcsc-lite-devel.patch
|
|
|
|
# Crypto policy and FIPS support patches
|
|
# Patch is generated from the fips-19u tree at https://github.com/rh-openjdk/jdk/tree/fips-19u
|
|
# as follows: git diff %%{vcstag} src make > fips-19u-$(git show -s --format=%h HEAD).patch
|
|
# Diff is limited to src and make subdirectories to exclude .github changes
|
|
# Fixes currently included:
|
|
# PR3183, RH1340845: Follow system wide crypto policy
|
|
# PR3695: Allow use of system crypto policy to be disabled by the user
|
|
# RH1655466: Support RHEL FIPS mode using SunPKCS11 provider
|
|
# RH1818909: No ciphersuites availale for SSLSocket in FIPS mode
|
|
# RH1860986: Disable TLSv1.3 with the NSS-FIPS provider until PKCS#11 v3.0 support is available
|
|
# RH1915071: Always initialise JavaSecuritySystemConfiguratorAccess
|
|
# RH1929465: Improve system FIPS detection
|
|
# RH1995150: Disable non-FIPS crypto in SUN and SunEC security providers
|
|
# RH1996182: Login to the NSS software token in FIPS mode
|
|
# RH1991003: Allow plain key import unless com.redhat.fips.plainKeySupport is set to false
|
|
# RH2021263: Resolve outstanding FIPS issues
|
|
# RH2052819: Fix FIPS reliance on crypto policies
|
|
# RH2052829: Detect NSS at Runtime for FIPS detection
|
|
# RH2052070: Enable AlgorithmParameters and AlgorithmParameterGenerator services in FIPS mode
|
|
# RH2023467: Enable FIPS keys export
|
|
# RH2094027: SunEC runtime permission for FIPS
|
|
# RH2036462: sun.security.pkcs11.wrapper.PKCS11.getInstance breakage
|
|
# RH2090378: Revert to disabling system security properties and FIPS mode support together
|
|
Patch1001: fips-19u-%{fipsver}.patch
|
|
|
|
#############################################
|
|
#
|
|
# OpenJDK patches in need of upstreaming
|
|
#
|
|
#############################################
|
|
|
|
#############################################
|
|
#
|
|
# OpenJDK patches targetted for 19.0.2
|
|
#
|
|
#############################################
|
|
# JDK-8293834: Update CLDR data following tzdata 2022c update
|
|
Patch2001: jdk8293834-kyiv_cldr_update.patch
|
|
# JDK-8294357: (tz) Update Timezone Data to 2022d
|
|
Patch2002: jdk8294357-tzdata2022d.patch
|
|
# JDK-8295173: (tz) Update Timezone Data to 2022e
|
|
Patch2003: jdk8295173-tzdata2022e.patch
|
|
|
|
BuildRequires: autoconf
|
|
BuildRequires: automake
|
|
BuildRequires: alsa-lib-devel
|
|
BuildRequires: binutils
|
|
BuildRequires: cups-devel
|
|
BuildRequires: desktop-file-utils
|
|
# elfutils only are OK for build without AOT
|
|
BuildRequires: elfutils-devel
|
|
BuildRequires: fontconfig-devel
|
|
BuildRequires: freetype-devel
|
|
%if (0%{?rhel} > 0 && 0%{?rhel} < 8)
|
|
BuildRequires: devtoolset-8-gcc
|
|
BuildRequires: devtoolset-8-gcc-c++
|
|
%else
|
|
BuildRequires: gcc
|
|
# gcc-c++ is already needed
|
|
BuildRequires: java-%{buildjdkver}-openjdk-devel
|
|
%endif
|
|
BuildRequires: gcc-c++
|
|
BuildRequires: gdb
|
|
%if (0%{?rhel} > 0 && 0%{?rhel} < 8)
|
|
# rhel7 only, portables only. Rhel8 have gtk3, rpms have runtime recommends of gtk
|
|
BuildRequires: gtk2-devel
|
|
%endif
|
|
BuildRequires: libxslt
|
|
BuildRequires: libX11-devel
|
|
BuildRequires: libXi-devel
|
|
BuildRequires: libXinerama-devel
|
|
BuildRequires: libXrandr-devel
|
|
BuildRequires: libXrender-devel
|
|
BuildRequires: libXt-devel
|
|
BuildRequires: libXtst-devel
|
|
# Requirement for setting up nss.cfg and nss.fips.cfg
|
|
BuildRequires: nss-devel
|
|
# Requirement for system security property test
|
|
%if (0%{?rhel} > 0 && 0%{?rhel} < 8)
|
|
BuildRequires: crypto-policies
|
|
%endif
|
|
BuildRequires: pkgconfig
|
|
BuildRequires: xorg-x11-proto-devel
|
|
BuildRequires: zip
|
|
# to pack portable tarballs
|
|
BuildRequires: tar
|
|
BuildRequires: unzip
|
|
%if (0%{?rhel} > 0 && 0%{?rhel} < 8)
|
|
# No javapackages-filesystem on el7,nor is needed for portables
|
|
%else
|
|
BuildRequires: javapackages-filesystem
|
|
BuildRequires: java-latest-openjdk-devel
|
|
%endif
|
|
# Zero-assembler build requirement
|
|
%ifarch %{zero_arches}
|
|
BuildRequires: libffi-devel
|
|
%endif
|
|
# 2022e required as of JDK-8295173
|
|
BuildRequires: tzdata-java >= 2022e
|
|
|
|
# cacerts build requirement in portable mode
|
|
BuildRequires: ca-certificates
|
|
# Earlier versions have a bug in tree vectorization on PPC
|
|
BuildRequires: gcc >= 4.8.3-8
|
|
|
|
%if %{with_systemtap}
|
|
BuildRequires: systemtap-sdt-devel
|
|
%endif
|
|
BuildRequires: make
|
|
|
|
%if %{system_libs}
|
|
BuildRequires: freetype-devel
|
|
BuildRequires: giflib-devel
|
|
BuildRequires: harfbuzz-devel
|
|
BuildRequires: lcms2-devel
|
|
BuildRequires: libjpeg-devel
|
|
BuildRequires: libpng-devel
|
|
%else
|
|
# Version in src/java.desktop/share/native/libfreetype/include/freetype/freetype.h
|
|
Provides: bundled(freetype) = 2.12.1
|
|
# Version in src/java.desktop/share/native/libsplashscreen/giflib/gif_lib.h
|
|
Provides: bundled(giflib) = 5.2.1
|
|
# Version in src/java.desktop/share/native/libharfbuzz/hb-version.h
|
|
Provides: bundled(harfbuzz) = 4.4.1
|
|
# Version in src/java.desktop/share/native/liblcms/lcms2.h
|
|
Provides: bundled(lcms2) = 2.12.0
|
|
# Version in src/java.desktop/share/native/libjavajpeg/jpeglib.h
|
|
Provides: bundled(libjpeg) = 6b
|
|
# Version in src/java.desktop/share/native/libsplashscreen/libpng/png.h
|
|
Provides: bundled(libpng) = 1.6.37
|
|
# We link statically against libstdc++ to increase portability
|
|
BuildRequires: libstdc++-static
|
|
%endif
|
|
|
|
# this is always built, also during debug-only build
|
|
# when it is built in debug-only this package is just placeholder
|
|
%{java_rpo %{nil}}
|
|
|
|
%description
|
|
The %{origin_nice} %{featurever} runtime environment - portable edition.
|
|
|
|
%if %{include_debug_build}
|
|
%package slowdebug
|
|
Summary: %{origin_nice} %{featurever} Runtime Environment portable edition %{debug_on}
|
|
%if (0%{?rhel} > 0 && 0%{?rhel} <= 8) || (0%{?fedora} >= 0 && 0%{?fedora} < 30)
|
|
Group: Development/Languages
|
|
%endif
|
|
|
|
%{java_rpo -- %{debug_suffix_unquoted}}
|
|
%description slowdebug
|
|
The %{origin_nice} %{featurever} runtime environment - portable edition.
|
|
%{debug_warning}
|
|
%endif
|
|
|
|
%if %{include_fastdebug_build}
|
|
%package fastdebug
|
|
Summary: %{origin_nice} %{featurever} Runtime Environment portable edition %{fastdebug_on}
|
|
%if (0%{?rhel} > 0 && 0%{?rhel} <= 8) || (0%{?fedora} >= 0 && 0%{?fedora} < 30)
|
|
Group: Development/Languages
|
|
%endif
|
|
|
|
%{java_rpo -- %{fastdebug_suffix_unquoted}}
|
|
%description fastdebug
|
|
The %{origin_nice} %{featurever} runtime environment - portable edition.
|
|
%{fastdebug_warning}
|
|
%endif
|
|
|
|
%if %{include_normal_build}
|
|
%package devel
|
|
Summary: %{origin_nice} %{featurever} Development Environment portable edition
|
|
%if (0%{?rhel} > 0 && 0%{?rhel} <= 8) || (0%{?fedora} >= 0 && 0%{?fedora} < 30)
|
|
Group: Development/Languages
|
|
%endif
|
|
|
|
%{java_devel_rpo %{nil}}
|
|
|
|
%description devel
|
|
The %{origin_nice} %{featurever} development tools - portable edition.
|
|
%endif
|
|
|
|
%if %{include_debug_build}
|
|
%package devel-slowdebug
|
|
Summary: %{origin_nice} %{featurever} Runtime and Development Environment portable edition %{debug_on}
|
|
%if (0%{?rhel} > 0 && 0%{?rhel} <= 8) || (0%{?fedora} >= 0 && 0%{?fedora} < 30)
|
|
Group: Development/Languages
|
|
%endif
|
|
|
|
%{java_devel_rpo -- %{debug_suffix_unquoted}}
|
|
|
|
%description devel-slowdebug
|
|
The %{origin_nice} %{featurever} development tools - portable edition.
|
|
%{debug_warning}
|
|
%endif
|
|
|
|
%if %{include_fastdebug_build}
|
|
%package devel-fastdebug
|
|
Summary: %{origin_nice} %{featurever} Runtime and Development Environment portable edition %{fastdebug_on}
|
|
%if (0%{?rhel} > 0 && 0%{?rhel} <= 8) || (0%{?fedora} >= 0 && 0%{?fedora} < 30)
|
|
Group: Development/Tools
|
|
%endif
|
|
|
|
%{java_devel_rpo -- %{fastdebug_suffix_unquoted}}
|
|
|
|
%description devel-fastdebug
|
|
The %{origin_nice} %{featurever} development tools - portable edition.
|
|
%{fastdebug_warning}
|
|
%endif
|
|
|
|
%if %{include_staticlibs}
|
|
|
|
%if %{include_normal_build}
|
|
%package static-libs
|
|
Summary: %{origin_nice} %{featurever} libraries for static linking - portable edition.
|
|
|
|
%{java_static_libs_rpo %{nil}}
|
|
|
|
%description static-libs
|
|
The %{origin_nice} %{featurever} libraries for static linking - portable edition.
|
|
%endif
|
|
|
|
%if %{include_debug_build}
|
|
%package static-libs-slowdebug
|
|
Summary: %{origin_nice} %{featurever} libraries for static linking - portable edition %{debug_on}
|
|
|
|
%{java_static_libs_rpo -- %{debug_suffix_unquoted}}
|
|
|
|
%description static-libs-slowdebug
|
|
The %{origin_nice} %{featurever} libraries for static linking - portable edition.
|
|
%{debug_warning}
|
|
%endif
|
|
|
|
%if %{include_fastdebug_build}
|
|
%package static-libs-fastdebug
|
|
Summary: %{origin_nice} %{featurever} libraries for static linking - portable edition %{fastdebug_on}
|
|
|
|
%{java_static_libs_rpo -- %{fastdebug_suffix_unquoted}}
|
|
|
|
%description static-libs-fastdebug
|
|
The %{origin_nice} %{featurever} libraries for static linking - portable edition.
|
|
%{fastdebug_warning}
|
|
%endif
|
|
|
|
# staticlibs
|
|
%endif
|
|
|
|
%prep
|
|
|
|
echo "Preparing %{oj_vendor_version}"
|
|
|
|
# Using the echo macro breaks rpmdev-bumpspec, as it parses the first line of stdout :-(
|
|
%if 0%{?stapinstall:1}
|
|
echo "CPU: %{_target_cpu}, arch install directory: %{archinstall}, SystemTap install directory: %{stapinstall}"
|
|
%else
|
|
%{error:Unrecognised architecture %{_target_cpu}}
|
|
%endif
|
|
|
|
if [ %{include_normal_build} -eq 0 -o %{include_normal_build} -eq 1 ] ; then
|
|
echo "include_normal_build is %{include_normal_build}"
|
|
else
|
|
echo "include_normal_build is %{include_normal_build}, that is invalid. Use 1 for yes or 0 for no"
|
|
exit 11
|
|
fi
|
|
if [ %{include_debug_build} -eq 0 -o %{include_debug_build} -eq 1 ] ; then
|
|
echo "include_debug_build is %{include_debug_build}"
|
|
else
|
|
echo "include_debug_build is %{include_debug_build}, that is invalid. Use 1 for yes or 0 for no"
|
|
exit 12
|
|
fi
|
|
if [ %{include_fastdebug_build} -eq 0 -o %{include_fastdebug_build} -eq 1 ] ; then
|
|
echo "include_fastdebug_build is %{include_fastdebug_build}"
|
|
else
|
|
echo "include_fastdebug_build is %{include_fastdebug_build}, that is invalid. Use 1 for yes or 0 for no"
|
|
exit 13
|
|
fi
|
|
if [ %{include_debug_build} -eq 0 -a %{include_normal_build} -eq 0 -a %{include_fastdebug_build} -eq 0 ] ; then
|
|
echo "You have disabled all builds (normal,fastdebug,slowdebug). That is a no go."
|
|
exit 14
|
|
fi
|
|
%setup -q -c -n %{uniquesuffix ""} -T -a 0
|
|
# https://bugzilla.redhat.com/show_bug.cgi?id=1189084
|
|
prioritylength=`expr length %{priority}`
|
|
if [ $prioritylength -ne 8 ] ; then
|
|
echo "priority must be 8 digits in total, violated"
|
|
exit 14
|
|
fi
|
|
|
|
# OpenJDK patches
|
|
|
|
%if %{system_libs}
|
|
# Remove libraries that are linked by both static and dynamic builds
|
|
sh %{SOURCE12} %{top_level_dir_name}
|
|
%endif
|
|
|
|
# Patch the JDK
|
|
pushd %{top_level_dir_name}
|
|
%patch1 -p1
|
|
%patch2 -p1
|
|
%patch3 -p1
|
|
%patch6 -p1
|
|
# Add crypto policy and FIPS support
|
|
%patch1001 -p1
|
|
# nss.cfg PKCS11 support; must come last as it also alters java.security
|
|
%patch1000 -p1
|
|
# tzdata updates targetted for 19.0.2
|
|
%patch2001 -p1
|
|
%patch2002 -p1
|
|
%patch2003 -p1
|
|
popd # openjdk
|
|
|
|
%patch600
|
|
|
|
# The OpenJDK version file includes the current
|
|
# upstream version information. For some reason,
|
|
# configure does not automatically use the
|
|
# default pre-version supplied there (despite
|
|
# what the file claims), so we pass it manually
|
|
# to configure
|
|
VERSION_FILE=$(pwd)/%{top_level_dir_name}/make/conf/version-numbers.conf
|
|
if [ -f ${VERSION_FILE} ] ; then
|
|
UPSTREAM_EA_DESIGNATOR=$(grep '^DEFAULT_PROMOTED_VERSION_PRE' ${VERSION_FILE} | cut -d '=' -f 2)
|
|
else
|
|
echo "Could not find OpenJDK version file.";
|
|
exit 16
|
|
fi
|
|
if [ "x${UPSTREAM_EA_DESIGNATOR}" != "x%{ea_designator}" ] ; then
|
|
echo "WARNING: Designator mismatch";
|
|
echo "Spec file is configured for a %{build_type} build with designator '%{ea_designator}'"
|
|
echo "Upstream version-pre setting is '${UPSTREAM_EA_DESIGNATOR}'";
|
|
exit 17
|
|
fi
|
|
|
|
# Extract systemtap tapsets
|
|
%if %{with_systemtap}
|
|
tar --strip-components=1 -x -I xz -f %{SOURCE8}
|
|
%if %{include_debug_build}
|
|
cp -r tapset tapset%{debug_suffix}
|
|
%endif
|
|
%if %{include_fastdebug_build}
|
|
cp -r tapset tapset%{fastdebug_suffix}
|
|
%endif
|
|
|
|
for suffix in %{build_loop} ; do
|
|
for file in "tapset"$suffix/*.in; do
|
|
OUTPUT_FILE=`echo $file | sed -e "s:\.stp\.in$:-%{version}-%{release}.%{_arch}.stp:g"`
|
|
sed -e "s:@ABS_SERVER_LIBJVM_SO@:%{_jvmdir}/%{sdkdir -- $suffix}/lib/server/libjvm.so:g" $file > $file.1
|
|
sed -e "s:@JAVA_SPEC_VER@:%{javaver}:g" $file.1 > $file.2
|
|
# TODO find out which architectures other than i686 have a client vm
|
|
%ifarch %{ix86}
|
|
sed -e "s:@ABS_CLIENT_LIBJVM_SO@:%{_jvmdir}/%{sdkdir -- $suffix}/lib/client/libjvm.so:g" $file.2 > $OUTPUT_FILE
|
|
%else
|
|
sed -e "/@ABS_CLIENT_LIBJVM_SO@/d" $file.2 > $OUTPUT_FILE
|
|
%endif
|
|
sed -i -e "s:@ABS_JAVA_HOME_DIR@:%{_jvmdir}/%{sdkdir -- $suffix}:g" $OUTPUT_FILE
|
|
sed -i -e "s:@INSTALL_ARCH_DIR@:%{archinstall}:g" $OUTPUT_FILE
|
|
sed -i -e "s:@prefix@:%{_jvmdir}/%{sdkdir -- $suffix}/:g" $OUTPUT_FILE
|
|
done
|
|
done
|
|
# systemtap tapsets ends
|
|
%endif
|
|
|
|
# Prepare desktop files
|
|
# Portables do not have desktop integration
|
|
|
|
# Setup nss.cfg
|
|
sed -e "s:@NSS_LIBDIR@:%{NSS_LIBDIR}:g" %{SOURCE11} > nss.cfg
|
|
|
|
# Setup nss.fips.cfg
|
|
sed -e "s:@NSS_LIBDIR@:%{NSS_LIBDIR}:g" %{SOURCE17} > nss.fips.cfg
|
|
|
|
%build
|
|
%if (0%{?rhel} > 0 && 0%{?rhel} < 8)
|
|
mkdir bootjdk
|
|
pushd bootjdk
|
|
%ifarch %{aarch64}
|
|
tar --strip-components=1 -xf %{SOURCE1001}
|
|
%endif
|
|
%ifarch %{ppc64le}
|
|
tar --strip-components=1 -xf %{SOURCE1002}
|
|
%endif
|
|
%ifarch x86_64
|
|
tar --strip-components=1 -xf %{SOURCE1003}
|
|
%endif
|
|
%ifarch s390x
|
|
tar --strip-components=1 -xf %{SOURCE1004}
|
|
%endif
|
|
BOOT_JDK=$PWD
|
|
popd
|
|
%else
|
|
BOOT_JDK=%{bootjdk}
|
|
%endif
|
|
|
|
# How many CPU's do we have?
|
|
export NUM_PROC=%(/usr/bin/getconf _NPROCESSORS_ONLN 2> /dev/null || :)
|
|
export NUM_PROC=${NUM_PROC:-1}
|
|
%if 0%{?_smp_ncpus_max}
|
|
# Honor %%_smp_ncpus_max
|
|
[ ${NUM_PROC} -gt %{?_smp_ncpus_max} ] && export NUM_PROC=%{?_smp_ncpus_max}
|
|
%endif
|
|
|
|
%ifarch s390x sparc64 alpha %{power64} %{aarch64}
|
|
export ARCH_DATA_MODEL=64
|
|
%endif
|
|
%ifarch alpha
|
|
export CFLAGS="$CFLAGS -mieee"
|
|
%endif
|
|
|
|
# We use ourcppflags because the OpenJDK build seems to
|
|
# pass EXTRA_CFLAGS to the HotSpot C++ compiler...
|
|
# Explicitly set the C++ standard as the default has changed on GCC >= 6
|
|
EXTRA_CFLAGS="%ourcppflags"
|
|
EXTRA_CPP_FLAGS="%ourcppflags"
|
|
|
|
%ifarch %{power64} ppc
|
|
# fix rpmlint warnings
|
|
EXTRA_CFLAGS="$EXTRA_CFLAGS -fno-strict-aliasing"
|
|
%endif
|
|
%ifarch %{ix86}
|
|
# Align stack boundary on x86_32
|
|
EXTRA_CFLAGS="$(echo ${EXTRA_CFLAGS} | sed -e 's|-mstackrealign|-mincoming-stack-boundary=2 -mpreferred-stack-boundary=4|')"
|
|
EXTRA_CPP_FLAGS="$(echo ${EXTRA_CPP_FLAGS} | sed -e 's|-mstackrealign|-mincoming-stack-boundary=2 -mpreferred-stack-boundary=4|')"
|
|
%endif
|
|
export EXTRA_CFLAGS EXTRA_CPP_FLAGS
|
|
|
|
function buildjdk() {
|
|
local outputdir=${1}
|
|
local buildjdk=${2}
|
|
local maketargets="${3}"
|
|
local debuglevel=${4}
|
|
local link_opt=${5}
|
|
|
|
local top_dir_abs_src_path=$(pwd)/%{top_level_dir_name}
|
|
local top_dir_abs_build_path=$(pwd)/${outputdir}
|
|
|
|
# This must be set using the global, so that the
|
|
# static libraries still use a dynamic stdc++lib
|
|
if [ "x%{link_type}" = "xbundled" ] ; then
|
|
libc_link_opt="static";
|
|
else
|
|
libc_link_opt="dynamic";
|
|
fi
|
|
|
|
echo "Using output directory: ${outputdir}";
|
|
echo "Checking build JDK ${buildjdk} is operational..."
|
|
${buildjdk}/bin/java -version
|
|
echo "Using make targets: ${maketargets}"
|
|
echo "Using debuglevel: ${debuglevel}"
|
|
echo "Using link_opt: ${link_opt}"
|
|
echo "Building %{newjavaver}-%{buildver}, pre=%{ea_designator}, opt=%{lts_designator}"
|
|
|
|
mkdir -p ${outputdir}
|
|
pushd ${outputdir}
|
|
|
|
# Note: zlib and freetype use %{link_type}
|
|
# rather than ${link_opt} as the system versions
|
|
# are always used in a system_libs build, even
|
|
# for the static library build
|
|
%if (0%{?rhel} > 0 && 0%{?rhel} < 8)
|
|
scl enable devtoolset-8 -- bash ${top_dir_abs_src_path}/configure \
|
|
%else
|
|
bash ${top_dir_abs_src_path}/configure \
|
|
%endif
|
|
%ifarch %{zero_arches}
|
|
--with-jvm-variants=zero \
|
|
%endif
|
|
%ifarch %{ppc64le}
|
|
--with-jobs=1 \
|
|
%endif
|
|
--with-cacerts-file=`readlink -f %{_sysconfdir}/pki/java/cacerts` \
|
|
--with-version-build=%{buildver} \
|
|
--with-version-pre="%{ea_designator}" \
|
|
--with-version-opt=%{lts_designator} \
|
|
--with-vendor-version-string="%{oj_vendor_version}" \
|
|
--with-vendor-name="%{oj_vendor}" \
|
|
--with-vendor-url="%{oj_vendor_url}" \
|
|
--with-vendor-bug-url="%{oj_vendor_bug_url}" \
|
|
--with-vendor-vm-bug-url="%{oj_vendor_bug_url}" \
|
|
--with-boot-jdk=${buildjdk} \
|
|
--with-debug-level=${debuglevel} \
|
|
--with-native-debug-symbols="%{debug_symbols}" \
|
|
--disable-sysconf-nss \
|
|
--enable-unlimited-crypto \
|
|
--with-zlib=%{link_type} \
|
|
--with-freetype=%{link_type} \
|
|
--with-libjpeg=${link_opt} \
|
|
--with-giflib=${link_opt} \
|
|
--with-libpng=${link_opt} \
|
|
--with-lcms=${link_opt} \
|
|
--with-harfbuzz=${link_opt} \
|
|
--with-stdc++lib=${libc_link_opt} \
|
|
--with-extra-cxxflags="$EXTRA_CPP_FLAGS" \
|
|
--with-extra-cflags="$EXTRA_CFLAGS" \
|
|
--with-extra-ldflags="%{ourldflags}" \
|
|
--with-num-cores="$NUM_PROC" \
|
|
--with-source-date="${SOURCE_DATE_EPOCH}" \
|
|
--disable-javac-server \
|
|
%ifarch %{zgc_arches}
|
|
--with-jvm-features=zgc \
|
|
%endif
|
|
--disable-warnings-as-errors
|
|
|
|
cat spec.gmk
|
|
%if (0%{?rhel} > 0 && 0%{?rhel} < 8)
|
|
scl enable devtoolset-8 -- make \
|
|
%else
|
|
make \
|
|
%endif
|
|
LOG=trace \
|
|
WARNINGS_ARE_ERRORS="-Wno-error" \
|
|
CFLAGS_WARNINGS_ARE_ERRORS="-Wno-error" \
|
|
$maketargets || ( pwd; find ${top_dir_abs_src_path} ${top_dir_abs_build_path} -name "hs_err_pid*.log" | xargs cat && false )
|
|
|
|
popd
|
|
}
|
|
|
|
function installjdk() {
|
|
local imagepath=${1}
|
|
|
|
if [ -d ${imagepath} ] ; then
|
|
# the build (erroneously) removes read permissions from some jars
|
|
# this is a regression in OpenJDK 7 (our compiler):
|
|
# http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1437
|
|
find ${imagepath} -iname '*.jar' -exec chmod ugo+r {} \;
|
|
|
|
# Build screws up permissions on binaries
|
|
# https://bugs.openjdk.java.net/browse/JDK-8173610
|
|
find ${imagepath} -iname '*.so' -exec chmod +x {} \;
|
|
find ${imagepath}/bin/ -exec chmod +x {} \;
|
|
|
|
# Install nss.cfg right away as we will be using the JRE above
|
|
install -m 644 nss.cfg ${imagepath}/conf/security/
|
|
|
|
# Install nss.fips.cfg: NSS configuration for global FIPS mode (crypto-policies)
|
|
install -m 644 nss.fips.cfg ${imagepath}/conf/security/
|
|
|
|
# Create fake alt-java as a placeholder for future alt-java
|
|
if [ -d man/man1 ] ; then
|
|
pushd ${imagepath}
|
|
# add alt-java man page
|
|
echo "Hardened java binary recommended for launching untrusted code from the Web e.g. javaws" > man/man1/%{alt_java_name}.1
|
|
cat man/man1/java.1 >> man/man1/%{alt_java_name}.1
|
|
popd
|
|
fi
|
|
fi
|
|
}
|
|
|
|
# Checks on debuginfo must be performed before the files are stripped
|
|
# by the RPM installation stage
|
|
function debugcheckjdk() {
|
|
local imagepath=${1}
|
|
|
|
if [ -d ${imagepath} ] ; then
|
|
|
|
so_suffix="so"
|
|
# Check debug symbols are present and can identify code
|
|
find "${imagepath}" -iname "*.$so_suffix" -print0 | while read -d $'\0' lib
|
|
do
|
|
if [ -f "$lib" ] ; then
|
|
echo "Testing $lib for debug symbols"
|
|
# All these tests rely on RPM failing the build if the exit code of any set
|
|
# of piped commands is non-zero.
|
|
|
|
# Test for .debug_* sections in the shared object. This is the main test
|
|
# Stripped objects will not contain these
|
|
eu-readelf -S "$lib" | grep "] .debug_"
|
|
test $(eu-readelf -S "$lib" | grep -E "\]\ .debug_(info|abbrev)" | wc --lines) == 2
|
|
|
|
# Test FILE symbols. These will most likely be removed by anything that
|
|
# manipulates symbol tables because it's generally useless. So a nice test
|
|
# that nothing has messed with symbols
|
|
old_IFS="$IFS"
|
|
IFS=$'\n'
|
|
for line in $(eu-readelf -s "$lib" | grep "00000000 0 FILE LOCAL DEFAULT")
|
|
do
|
|
# We expect to see .cpp and .S files, except for architectures like aarch64 and
|
|
# s390 where we expect .o and .oS files
|
|
echo "$line" | grep -E "ABS ((.*/)?[-_a-zA-Z0-9]+\.(c|cc|cpp|cxx|o|S|oS))?$"
|
|
done
|
|
IFS="$old_IFS"
|
|
|
|
# If this is the JVM, look for javaCalls.(cpp|o) in FILEs, for extra sanity checking
|
|
if [ "`basename $lib`" = "libjvm.so" ]; then
|
|
eu-readelf -s "$lib" | \
|
|
grep -E "00000000 0 FILE LOCAL DEFAULT ABS javaCalls.(cpp|o)$"
|
|
fi
|
|
|
|
# Test that there are no .gnu_debuglink sections pointing to another
|
|
# debuginfo file. There shouldn't be any debuginfo files, so the link makes
|
|
# no sense either
|
|
eu-readelf -S "$lib" | grep 'gnu'
|
|
if eu-readelf -S "$lib" | grep "\] .gnu_debuglink" | grep PROGBITS; then
|
|
echo "bad .gnu_debuglink section."
|
|
eu-readelf -x .gnu_debuglink "$lib"
|
|
false
|
|
fi
|
|
fi
|
|
done
|
|
|
|
# Make sure gdb can do a backtrace based on line numbers on libjvm.so
|
|
# javaCalls.cpp:58 should map to:
|
|
# http://hg.openjdk.java.net/jdk8u/jdk8u/hotspot/file/ff3b27e6bcc2/src/share/vm/runtime/javaCalls.cpp#l58
|
|
# Using line number 1 might cause build problems. See:
|
|
# https://bugzilla.redhat.com/show_bug.cgi?id=1539664
|
|
# https://bugzilla.redhat.com/show_bug.cgi?id=1538767
|
|
gdb -q "${imagepath}/bin/java" <<EOF | tee gdb.out
|
|
handle SIGSEGV pass nostop noprint
|
|
handle SIGILL pass nostop noprint
|
|
set breakpoint pending on
|
|
break javaCalls.cpp:58
|
|
commands 1
|
|
backtrace
|
|
quit
|
|
end
|
|
run -version
|
|
EOF
|
|
%ifarch %{gdb_arches}
|
|
grep 'JavaCallWrapper::JavaCallWrapper' gdb.out
|
|
%endif
|
|
|
|
fi
|
|
}
|
|
|
|
%if %{build_hotspot_first}
|
|
# Build a fresh libjvm.so first and use it to bootstrap
|
|
cp -LR --preserve=mode,timestamps %{bootjdk} newboot
|
|
systemjdk=$(pwd)/newboot
|
|
buildjdk build/newboot ${systemjdk} %{hotspot_target} "release" "bundled"
|
|
mv build/newboot/jdk/lib/server/libjvm.so newboot/lib/server
|
|
%else
|
|
systemjdk=%{bootjdk}
|
|
%endif
|
|
|
|
for suffix in %{build_loop} ; do
|
|
if [ "x$suffix" = "x" ] ; then
|
|
debugbuild=release
|
|
else
|
|
# change --something to something
|
|
debugbuild=`echo $suffix | sed "s/-//g"`
|
|
fi
|
|
for loop in %{main_suffix} %{staticlibs_loop} ; do
|
|
builddir=%{buildoutputdir -- ${suffix}${loop}}
|
|
bootbuilddir=boot${builddir}
|
|
if test "x${loop}" = "x%{main_suffix}" ; then
|
|
link_opt="%{link_type}"
|
|
%if %{system_libs}
|
|
# Copy the source tree so we can remove all in-tree libraries
|
|
cp -a %{top_level_dir_name} %{top_level_dir_name_backup}
|
|
# Remove all libraries that are linked
|
|
sh %{SOURCE12} %{top_level_dir_name} full
|
|
%endif
|
|
# Debug builds don't need same targets as release for
|
|
# build speed-up. We also avoid bootstrapping these
|
|
# slower builds.
|
|
if echo $debugbuild | grep -q "debug" ; then
|
|
maketargets="%{debug_targets}"
|
|
run_bootstrap=false
|
|
else
|
|
maketargets="%{release_targets}"
|
|
run_bootstrap=%{bootstrap_build}
|
|
fi
|
|
if ${run_bootstrap} ; then
|
|
buildjdk ${bootbuilddir} ${systemjdk} "%{bootstrap_targets}" ${debugbuild} ${link_opt}
|
|
buildjdk ${builddir} $(pwd)/${bootbuilddir}/images/%{jdkimage} "${maketargets}" ${debugbuild} ${link_opt}
|
|
rm -rf ${bootbuilddir}
|
|
else
|
|
buildjdk ${builddir} ${systemjdk} "${maketargets}" ${debugbuild} ${link_opt}
|
|
fi
|
|
%if %{system_libs}
|
|
# Restore original source tree we modified by removing full in-tree sources
|
|
rm -rf %{top_level_dir_name}
|
|
mv %{top_level_dir_name_backup} %{top_level_dir_name}
|
|
%endif
|
|
else
|
|
# Use bundled libraries for building statically
|
|
link_opt="bundled"
|
|
# Static library cycle only builds the static libraries
|
|
maketargets="%{static_libs_target}"
|
|
# Always just do the one build for the static libraries
|
|
buildjdk ${builddir} ${systemjdk} "${maketargets}" ${debugbuild} ${link_opt}
|
|
fi
|
|
|
|
done # end of main / staticlibs loop
|
|
|
|
# Final setup on the main image
|
|
top_dir_abs_main_build_path=$(pwd)/%{buildoutputdir -- ${suffix}%{main_suffix}}
|
|
installjdk ${top_dir_abs_main_build_path}/images/%{jdkimage}
|
|
installjdk ${top_dir_abs_main_build_path}/images/%{jreimage}
|
|
# Check debug symbols were built into the dynamic libraries
|
|
debugcheckjdk ${top_dir_abs_main_build_path}/images/%{jdkimage}
|
|
|
|
# Print release information
|
|
cat ${top_dir_abs_main_build_path}/images/%{jdkimage}/release
|
|
|
|
################################################################################
|
|
pushd ${top_dir_abs_main_build_path}/images
|
|
if [ "x$suffix" == "x" ] ; then
|
|
nameSuffix=""
|
|
else
|
|
nameSuffix=`echo "$suffix"| sed s/-/./`
|
|
fi
|
|
# additional steps needed for fluent repack; most of them done twice, as images are already populated
|
|
# maybe most of them should be done in upstream build?
|
|
for imagedir in %{jdkimage} %{jreimage} ; do
|
|
pushd $imagedir
|
|
# Convert man pages to UTF8 encoding
|
|
if [ -d man/man1 ] ; then # jre do not have man pages...
|
|
for manpage in man/man1/* ; do
|
|
iconv -f ISO_8859-1 -t UTF8 $manpage -o $manpage.tmp
|
|
mv -f $manpage.tmp $manpage
|
|
done
|
|
fi
|
|
# Install release notes
|
|
cp -a %{SOURCE10} `pwd`
|
|
cp -a %{SOURCE10} `pwd`/legal
|
|
# stabilize permissions; aprtially duplicated in instalojdk
|
|
find `pwd` -name "*.so" -exec chmod 755 {} \; -exec echo "set 755 to so {}" \; ;
|
|
find `pwd` -type d -exec chmod 755 {} \; -exec echo "set 755 to dir {}" \; ;
|
|
find `pwd`/legal -type f -exec chmod 644 {} \; -exec echo "set 644 to licences {}" \; ;
|
|
popd # jdkimage/jreimage
|
|
done # jre/sdk work in loop
|
|
# javadoc is done only for release sdkimage
|
|
if ! echo $suffix | grep -q "debug" ; then
|
|
# Install Javadoc documentation
|
|
#cp -a docs %{jdkimage} # not sure if the plaintext javadoc is for some use
|
|
built_doc_archive=jdk-%{filever}%{ea_designator_zip}+%{buildver}%{lts_designator_zip}-docs.zip
|
|
cp -a `pwd`/../bundles/${built_doc_archive} `pwd`/%{jdkimage}/javadocs.zip || ls -l `pwd`/../bundles
|
|
fi
|
|
# end of additional steps
|
|
|
|
mv %{jdkimage} %{jdkportablename -- "$nameSuffix"}
|
|
mv %{jreimage} %{jreportablename -- "$nameSuffix"}
|
|
tar -cJf ../../../../%{jdkportablearchive -- "$nameSuffix"} --exclude='**.debuginfo' %{jdkportablename -- "$nameSuffix"}
|
|
sha256sum ../../../../%{jdkportablearchive -- "$nameSuffix"} > ../../../../%{jdkportablearchive -- "$nameSuffix"}.sha256sum
|
|
tar -cJf ../../../../%{jreportablearchive -- "$nameSuffix"} --exclude='**.debuginfo' %{jreportablename -- "$nameSuffix"}
|
|
sha256sum ../../../../%{jreportablearchive -- "$nameSuffix"} > ../../../../%{jreportablearchive -- "$nameSuffix"}.sha256sum
|
|
# copy licenses so they are avialable out of tarball
|
|
cp -rf %{jdkportablename -- "$nameSuffix"}/legal ../../../../%{jdkportablearchive -- "%{normal_suffix}"}-legal
|
|
mv %{jdkportablename -- "$nameSuffix"} %{jdkimage}
|
|
mv %{jreportablename -- "$nameSuffix"} %{jreimage}
|
|
popd #images
|
|
%if %{include_staticlibs}
|
|
top_dir_abs_staticlibs_build_path=$(pwd)/%{buildoutputdir -- ${suffix}%{staticlibs_suffix}}
|
|
pushd ${top_dir_abs_staticlibs_build_path}/images
|
|
# Static libraries (needed for building graal vm with native image)
|
|
# Tar as overlay. Transform to the JDK name, since we just want to "add"
|
|
# static libraries to that folder
|
|
portableJDKname=%{staticlibsportablename -- "$nameSuffix"}
|
|
tar -cJf ../../../../%{staticlibsportablearchive -- "$nameSuffix"} --transform "s|^%{static_libs_image}/lib/*|$portableJDKname/lib/static/linux-%{archinstall}/glibc/|" "%{static_libs_image}/lib"
|
|
sha256sum ../../../../%{staticlibsportablearchive -- "$nameSuffix"} > ../../../../%{staticlibsportablearchive -- "$nameSuffix"}.sha256sum
|
|
popd #staticlibs-images
|
|
%endif
|
|
################################################################################
|
|
# note, currently no debuginfo, consult portbale spec for external (zipped) debuginfo, being tarred alone
|
|
################################################################################
|
|
|
|
# build cycles
|
|
done # end of release / debug cycle loop
|
|
|
|
%install
|
|
for suffix in %{build_loop} ; do
|
|
top_dir_abs_main_build_path=$(pwd)/%{buildoutputdir -- ${suffix}%{main_suffix}}
|
|
|
|
################################################################################
|
|
if [ "x$suffix" == "x" ] ; then
|
|
nameSuffix=""
|
|
else
|
|
nameSuffix=`echo "$suffix"| sed s/-/./`
|
|
fi
|
|
mkdir -p $RPM_BUILD_ROOT%{_jvmdir}
|
|
mv ../%{jdkportablearchive -- "$nameSuffix"} $RPM_BUILD_ROOT%{_jvmdir}/
|
|
mv ../%{jdkportablearchive -- "$nameSuffix"}.sha256sum $RPM_BUILD_ROOT%{_jvmdir}/
|
|
mv ../%{jreportablearchive -- "$nameSuffix"} $RPM_BUILD_ROOT%{_jvmdir}/
|
|
mv ../%{jreportablearchive -- "$nameSuffix"}.sha256sum $RPM_BUILD_ROOT%{_jvmdir}/
|
|
%if %{include_staticlibs}
|
|
mv ../%{staticlibsportablearchive -- "$nameSuffix"} $RPM_BUILD_ROOT%{_jvmdir}/
|
|
mv ../%{staticlibsportablearchive -- "$nameSuffix"}.sha256sum $RPM_BUILD_ROOT%{_jvmdir}/
|
|
%endif
|
|
if [ "x$suffix" == "x" ] ; then
|
|
dnameSuffix="$nameSuffix".debuginfo
|
|
# todo handle debuginfo, see note at build (we will need to pack one stripped and one unstripped release build)
|
|
# mv ../%{jdkportablearchive -- "$dnameSuffix"} $RPM_BUILD_ROOT%{_jvmdir}/
|
|
# mv ../%{jdkportablearchive -- "$dnameSuffix"}.sha256sum $RPM_BUILD_ROOT%{_jvmdir}/
|
|
fi
|
|
################################################################################
|
|
# end, dual install
|
|
done
|
|
################################################################################
|
|
# the licenses are packed onloy once and shared
|
|
mkdir -p $RPM_BUILD_ROOT%{unpacked_licenses}
|
|
mv ../%{jdkportablearchive -- "%{normal_suffix}"}-legal $RPM_BUILD_ROOT%{unpacked_licenses}/%{jdkportablearchive -- "%{normal_suffix}"}
|
|
# To show sha in the build log
|
|
for file in `ls $RPM_BUILD_ROOT%{_jvmdir}/*.sha256sum` ; do ls -l $file ; cat $file ; done
|
|
################################################################################
|
|
|
|
%check
|
|
|
|
# We test debug first as it will give better diagnostics on a crash
|
|
for suffix in %{build_loop} ; do
|
|
|
|
# Tests in the check stage are performed on the installed image
|
|
# rpmbuild operates as follows: build -> install -> test
|
|
# however in portbales, we test built image instead of installed one
|
|
top_dir_abs_main_build_path=$(pwd)/%{buildoutputdir -- ${suffix}%{main_suffix}}
|
|
export JAVA_HOME=${top_dir_abs_main_build_path}/images/%{jdkimage}
|
|
|
|
#check Shenandoah is enabled
|
|
%if %{use_shenandoah_hotspot}
|
|
$JAVA_HOME/bin/java -XX:+UnlockExperimentalVMOptions -XX:+UseShenandoahGC -version
|
|
%endif
|
|
|
|
# Check unlimited policy has been used
|
|
$JAVA_HOME/bin/javac -d . %{SOURCE13}
|
|
$JAVA_HOME/bin/java --add-opens java.base/javax.crypto=ALL-UNNAMED TestCryptoLevel
|
|
|
|
# Check ECC is working
|
|
$JAVA_HOME/bin/javac -d . %{SOURCE14}
|
|
$JAVA_HOME/bin/java $(echo $(basename %{SOURCE14})|sed "s|\.java||")
|
|
|
|
# Check system crypto (policy) is deactive and can not be enabled
|
|
# Test takes a single argument - true or false - to state whether system
|
|
# security properties are enabled or not.
|
|
$JAVA_HOME/bin/javac -d . %{SOURCE15}
|
|
export PROG=$(echo $(basename %{SOURCE15})|sed "s|\.java||")
|
|
export SEC_DEBUG="-Djava.security.debug=properties"
|
|
$JAVA_HOME/bin/java ${SEC_DEBUG} ${PROG} false
|
|
$JAVA_HOME/bin/java ${SEC_DEBUG} -Djava.security.disableSystemPropertiesFile=false ${PROG} false
|
|
|
|
# Check java launcher has no SSB mitigation
|
|
if ! nm $JAVA_HOME/bin/java | grep set_speculation ; then true ; else false; fi
|
|
|
|
# Check alt-java launcher has SSB mitigation on supported architectures
|
|
%ifarch %{ssbd_arches}
|
|
nm $JAVA_HOME/bin/%{alt_java_name} | grep set_speculation
|
|
%else
|
|
if ! nm $JAVA_HOME/bin/%{alt_java_name} | grep set_speculation ; then true ; else false; fi
|
|
%endif
|
|
|
|
# Check correct vendor values have been set
|
|
$JAVA_HOME/bin/javac -d . %{SOURCE16}
|
|
$JAVA_HOME/bin/java $(echo $(basename %{SOURCE16})|sed "s|\.java||") "%{oj_vendor}" "%{oj_vendor_url}" "%{oj_vendor_bug_url}" "%{oj_vendor_version}"
|
|
|
|
%if ! 0%{?flatpak}
|
|
# Check translations are available for new timezones (during flatpak builds, the
|
|
# tzdb.dat used by this test is not where the test expects it, so this is
|
|
# disabled for flatpak builds)
|
|
$JAVA_HOME/bin/javac -d . %{SOURCE18}
|
|
$JAVA_HOME/bin/java $(echo $(basename %{SOURCE18})|sed "s|\.java||") JRE
|
|
$JAVA_HOME/bin/java -Djava.locale.providers=CLDR $(echo $(basename %{SOURCE18})|sed "s|\.java||") CLDR
|
|
%endif
|
|
|
|
%if %{include_staticlibs}
|
|
# Check debug symbols in static libraries (smoke test)
|
|
export STATIC_LIBS_HOME=${top_dir_abs_main_build_path}/../../%{buildoutputdir -- ${suffix}%{staticlibs_suffix}}/images/static-libs/lib/
|
|
readelf --debug-dump $STATIC_LIBS_HOME/libfdlibm.a | grep w_remainder.c
|
|
readelf --debug-dump $STATIC_LIBS_HOME/libfdlibm.a | grep e_remainder.c
|
|
%endif
|
|
|
|
# Check src.zip has all sources. See RHBZ#1130490
|
|
$JAVA_HOME/bin/jar -tf $JAVA_HOME/lib/src.zip | grep 'sun.misc.Unsafe'
|
|
|
|
# Check class files include useful debugging information
|
|
$JAVA_HOME/bin/javap -l java.lang.Object | grep "Compiled from"
|
|
$JAVA_HOME/bin/javap -l java.lang.Object | grep LineNumberTable
|
|
$JAVA_HOME/bin/javap -l java.lang.Object | grep LocalVariableTable
|
|
|
|
# Check generated class files include useful debugging information
|
|
$JAVA_HOME/bin/javap -l java.nio.ByteBuffer | grep "Compiled from"
|
|
$JAVA_HOME/bin/javap -l java.nio.ByteBuffer | grep LineNumberTable
|
|
$JAVA_HOME/bin/javap -l java.nio.ByteBuffer | grep LocalVariableTable
|
|
|
|
# build cycles check
|
|
done
|
|
|
|
%if %{include_normal_build}
|
|
%files
|
|
# main package builds always
|
|
%{_jvmdir}/%{jreportablearchive -- %%{nil}}
|
|
%{_jvmdir}/%{jreportablearchive -- %%{nil}}.sha256sum
|
|
%license %{unpacked_licenses}/%{jdkportablearchive -- %%{nil}}
|
|
%else
|
|
%files
|
|
# placeholder
|
|
%endif
|
|
|
|
%files devel
|
|
%{_jvmdir}/%{jdkportablearchive -- %%{nil}}
|
|
#%{_jvmdir}/%{jdkportablearchive -- .debuginfo}
|
|
%{_jvmdir}/%{jdkportablearchive -- %%{nil}}.sha256sum
|
|
#%{_jvmdir}/%{jdkportablearchive -- .debuginfo}.sha256sum
|
|
%license %{unpacked_licenses}/%{jdkportablearchive -- %%{nil}}
|
|
|
|
%if %{include_staticlibs}
|
|
%files static-libs
|
|
%{_jvmdir}/%{staticlibsportablearchive -- %%{nil}}
|
|
%{_jvmdir}/%{staticlibsportablearchive -- %%{nil}}.sha256sum
|
|
%license %{unpacked_licenses}/%{jdkportablearchive -- %%{nil}}
|
|
%endif
|
|
|
|
%if %{include_debug_build}
|
|
%files slowdebug
|
|
%{_jvmdir}/%{jreportablearchive -- .slowdebug}
|
|
%{_jvmdir}/%{jreportablearchive -- .slowdebug}.sha256sum
|
|
%license %{unpacked_licenses}/%{jdkportablearchive -- %%{nil}}
|
|
|
|
%files devel-slowdebug
|
|
%{_jvmdir}/%{jdkportablearchive -- .slowdebug}
|
|
%{_jvmdir}/%{jdkportablearchive -- .slowdebug}.sha256sum
|
|
%license %{unpacked_licenses}/%{jdkportablearchive -- %%{nil}}
|
|
|
|
%if %{include_staticlibs}
|
|
%files static-libs-slowdebug
|
|
%{_jvmdir}/%{staticlibsportablearchive -- .slowdebug}
|
|
%{_jvmdir}/%{staticlibsportablearchive -- .slowdebug}.sha256sum
|
|
%license %{unpacked_licenses}/%{jdkportablearchive -- %%{nil}}
|
|
%endif
|
|
%endif
|
|
|
|
%if %{include_fastdebug_build}
|
|
%files fastdebug
|
|
%{_jvmdir}/%{jreportablearchive -- .fastdebug}
|
|
%{_jvmdir}/%{jreportablearchive -- .fastdebug}.sha256sum
|
|
%license %{unpacked_licenses}/%{jdkportablearchive -- %%{nil}}
|
|
|
|
%files devel-fastdebug
|
|
%{_jvmdir}/%{jdkportablearchive -- .fastdebug}
|
|
%{_jvmdir}/%{jdkportablearchive -- .fastdebug}.sha256sum
|
|
%license %{unpacked_licenses}/%{jdkportablearchive -- %%{nil}}
|
|
|
|
%if %{include_staticlibs}
|
|
%files static-libs-fastdebug
|
|
%{_jvmdir}/%{staticlibsportablearchive -- .fastdebug}
|
|
%{_jvmdir}/%{staticlibsportablearchive -- .fastdebug}.sha256sum
|
|
%license %{unpacked_licenses}/%{jdkportablearchive -- %%{nil}}
|
|
%endif
|
|
%endif
|
|
|
|
%changelog
|
|
* Thu Jan 19 2023 Stephan Bergmann <sbergman@redhat.com> - 1:19.0.1.0.10-3.rolling
|
|
- Fix flatpak builds by disabling TestTranslations test due to missing tzdb.dat
|
|
|
|
* Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1:19.0.1.0.10-3.rolling.1
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
|
|
|
|
* Thu Jan 12 2023 Jiri Vanel <jvanek@redhat.com> - 1:19.0.1.0.10-3.rolling
|
|
- keep system crypto policy honoring disabled (test adapted)
|
|
- keep upstream cacerts
|
|
- call installjdk also for jreimage.
|
|
- add alt-java man page conditionaly (se install openjdk for jre above)
|
|
- convert man pages to utf8 (conditionally, man pages are not in jre)
|
|
- stabilised permissions as was in rpms
|
|
- use NEWS both in tarball and outside
|
|
- for release sdk use javadoc archive.
|
|
- remove STRIP_KEEP_SYMTAB=libjvm* and all todo as it is going to continue in rpms only
|
|
(hopefully)
|
|
|
|
* Thu Dec 01 2022 Petra Alice Mikova <pmikova@redhat.com> - 1:19.0.1.0.10-2.rolling
|
|
- initial import
|
|
|