- 1:10.0.0.46-1
+- initial load
diff --git a/jconsole.desktop.in b/jconsole.desktop.in
new file mode 100644
index 0000000..6065ed9
--- /dev/null
+++ b/jconsole.desktop.in
@@ -0,0 +1,10 @@
+[Desktop Entry]
+Name=OpenJDK #JAVA_MAJOR_VERSION# Monitoring & Management Console #ARCH#
+Comment=Monitor and manage OpenJDK applications for #ARCH#
+Exec=#JAVA_HOME#/jconsole
+Icon=java-#JAVA_MAJOR_VERSION#
+Terminal=false
+Type=Application
+StartupWMClass=sun-tools-jconsole-JConsole
+Categories=Development;Monitor;Java;
+Version=1.0
diff --git a/libjpeg-turbo-1.4-compat.patch b/libjpeg-turbo-1.4-compat.patch
new file mode 100644
index 0000000..1b706a1
--- /dev/null
+++ b/libjpeg-turbo-1.4-compat.patch
@@ -0,0 +1,19 @@
+Remove uses of FAR in jpeg code
+
+Upstream libjpeg-trubo removed the (empty) FAR macro:
+http://sourceforge.net/p/libjpeg-turbo/code/1312/
+
+Adjust our code to not use the undefined FAR macro anymore.
+
+diff --git a/jdk/src/java.desktop/share/native/libjavajpeg/imageioJPEG.c b/jdk/src/java.desktop/share/native/libjavajpeg/imageioJPEG.c
+--- openjdk/src/java.desktop/share/native/libjavajpeg/imageioJPEG.c
++++ openjdk/src/java.desktop/share/native/libjavajpeg/imageioJPEG.c
+@@ -1385,7 +1385,7 @@
+ /* and fill it in */
+ dst_ptr = icc_data;
+ for (seq_no = first; seq_no < last; seq_no++) {
+- JOCTET FAR *src_ptr = icc_markers[seq_no]->data + ICC_OVERHEAD_LEN;
++ JOCTET *src_ptr = icc_markers[seq_no]->data + ICC_OVERHEAD_LEN;
+ unsigned int length =
+ icc_markers[seq_no]->data_length - ICC_OVERHEAD_LEN;
+
diff --git a/multiple-pkcs11-library-init.patch b/multiple-pkcs11-library-init.patch
new file mode 100644
index 0000000..ade94ee
--- /dev/null
+++ b/multiple-pkcs11-library-init.patch
@@ -0,0 +1,74 @@
+# HG changeset patch
+# User andrew
+# Date 1352129932 0
+# Node ID e9c857dcb964dbfa5eef3a3590244cb4d999cf7a
+# Parent 1406789608b76d0906881979335d685855f44190
+Allow multiple PKCS11 library initialisation to be a non-critical error.
+
+diff -r 1406789608b7 -r e9c857dcb964 src/share/classes/sun/security/pkcs11/Config.java
+--- openjdk/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/Config.java Tue Oct 30 13:05:14 2012 +0000
++++ openjdk/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/Config.java Mon Nov 05 15:38:52 2012 +0000
+@@ -52,6 +52,7 @@
+ static final int ERR_HALT = 1;
+ static final int ERR_IGNORE_ALL = 2;
+ static final int ERR_IGNORE_LIB = 3;
++ static final int ERR_IGNORE_MULTI_INIT = 4;
+
+ // same as allowSingleThreadedModules but controlled via a system property
+ // and applied to all providers. if set to false, no SunPKCS11 instances
+@@ -980,6 +981,8 @@
+ handleStartupErrors = ERR_IGNORE_LIB;
+ } else if (val.equals("halt")) {
+ handleStartupErrors = ERR_HALT;
++ } else if (val.equals("ignoreMultipleInitialisation")) {
++ handleStartupErrors = ERR_IGNORE_MULTI_INIT;
+ } else {
+ throw excToken("Invalid value for handleStartupErrors:");
+ }
+diff -r 1406789608b7 -r e9c857dcb964 src/share/classes/sun/security/pkcs11/SunPKCS11.java
+--- openjdk/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java Tue Oct 30 13:05:14 2012 +0000
++++ openjdk/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java Mon Nov 05 15:38:52 2012 +0000
+@@ -168,26 +168,37 @@
+ String nssLibraryDirectory = config.getNssLibraryDirectory();
+ String nssSecmodDirectory = config.getNssSecmodDirectory();
+ boolean nssOptimizeSpace = config.getNssOptimizeSpace();
++ int errorHandling = config.getHandleStartupErrors();
+
+ if (secmod.isInitialized()) {
+ if (nssSecmodDirectory != null) {
+ String s = secmod.getConfigDir();
+ if ((s != null) &&
+ (s.equals(nssSecmodDirectory) == false)) {
+- throw new ProviderException("Secmod directory "
+- + nssSecmodDirectory
+- + " invalid, NSS already initialized with "
+- + s);
++ String msg = "Secmod directory " + nssSecmodDirectory
++ + " invalid, NSS already initialized with " + s;
++ if (errorHandling == Config.ERR_IGNORE_MULTI_INIT ||
++ errorHandling == Config.ERR_IGNORE_ALL) {
++ throw new UnsupportedOperationException(msg);
++ } else {
++ throw new ProviderException(msg);
++ }
+ }
+ }
+ if (nssLibraryDirectory != null) {
+ String s = secmod.getLibDir();
+ if ((s != null) &&
+ (s.equals(nssLibraryDirectory) == false)) {
+- throw new ProviderException("NSS library directory "
++ String msg = "NSS library directory "
+ + nssLibraryDirectory
+ + " invalid, NSS already initialized with "
+- + s);
++ + s;
++ if (errorHandling == Config.ERR_IGNORE_MULTI_INIT ||
++ errorHandling == Config.ERR_IGNORE_ALL) {
++ throw new UnsupportedOperationException(msg);
++ } else {
++ throw new ProviderException(msg);
++ }
+ }
+ }
+ } else {
diff --git a/nss.cfg.in b/nss.cfg.in
new file mode 100644
index 0000000..377a39c
--- /dev/null
+++ b/nss.cfg.in
@@ -0,0 +1,5 @@
+name = NSS
+nssLibraryDirectory = @NSS_LIBDIR@
+nssDbMode = noDb
+attributes = compatibility
+handleStartupErrors = ignoreMultipleInitialisation
diff --git a/ppc_stack_overflow_fix.patch b/ppc_stack_overflow_fix.patch
new file mode 100644
index 0000000..d1b6184
--- /dev/null
+++ b/ppc_stack_overflow_fix.patch
@@ -0,0 +1,48 @@
+diff --git a/src/cpu/zero/vm/stack_zero.hpp b/src/cpu/zero/vm/stack_zero.hpp
+--- openjdk/src/hotspot/cpu/zero/stack_zero.hpp
++++ openjdk/src/hotspot/cpu/zero/stack_zero.hpp
+@@ -99,7 +99,7 @@
+ int shadow_pages_size() const {
+ return _shadow_pages_size;
+ }
+- int abi_stack_available(Thread *thread) const;
++ ssize_t abi_stack_available(Thread *thread) const;
+
+ public:
+ void overflow_check(int required_words, TRAPS);
+diff --git a/src/cpu/zero/vm/stack_zero.inline.hpp b/src/cpu/zero/vm/stack_zero.inline.hpp
+--- openjdk/src/hotspot/cpu/zero/stack_zero.inline.hpp
++++ openjdk/src/hotspot/cpu/zero/stack_zero.inline.hpp
+@@ -47,12 +47,12 @@
+ // This method returns the amount of ABI stack available for us
+ // to use under normal circumstances. Note that the returned
+ // value can be negative.
+-inline int ZeroStack::abi_stack_available(Thread *thread) const {
++inline ssize_t ZeroStack::abi_stack_available(Thread *thread) const {
+ guarantee(Thread::current() == thread, "should run in the same thread");
+- int stack_used = thread->stack_base() - (address) &stack_used
++ ssize_t stack_used = thread->stack_base() - (address) &stack_used
+ + (JavaThread::stack_guard_zone_size() + JavaThread::stack_shadow_zone_size());
+- int stack_free = thread->stack_size() - stack_used;
++ ssize_t stack_free = thread->stack_size() - stack_used;
+ return stack_free;
+ }
+
+ #endif // CPU_ZERO_VM_STACK_ZERO_INLINE_HPP
+diff --git a/src/os/linux/vm/os_linux.cpp b/src/os/linux/vm/os_linux.cpp
+--- openjdk/src/hotspot/os/posix/os_posix.cpp
++++ openjdk/src/hotspot/os/posix/os_posix.cpp
+@@ -4791,6 +4791,13 @@
+
+ _java_thread_min_stack_allowed = align_up(_java_thread_min_stack_allowed, vm_page_size());
+ _java_thread_min_stack_allowed = MAX2(_java_thread_min_stack_allowed, os_min_stack_allowed);
++#ifdef ZERO
++ // If this is Zero, allow at the very minimum one page each for the
++ // Zero stack and the native stack. This won't make any difference
++ // for 4k pages, but is significant for large pages.
++ _java_thread_min_stack_allowed = MAX2(_java_thread_min_stack_allowed,
++ align_size_up((size_t)(JavaThread::stack_guard_zone_size()+JavaThread::stack_shadow_zone_size()+2) * vm_page_size(), vm_page_size());
++#endif
+
+ size_t stack_size_in_bytes = ThreadStackSize * K;
+ if (stack_size_in_bytes != 0 &&
diff --git a/remove-intree-libraries.sh b/remove-intree-libraries.sh
new file mode 100644
index 0000000..635da8a
--- /dev/null
+++ b/remove-intree-libraries.sh
@@ -0,0 +1,129 @@
+#!/bin/sh
+
+ZIP_SRC=src/java.base/share/native/libzip/zlib/
+JPEG_SRC=src/java.desktop/share/native/libjavajpeg/
+GIF_SRC=src/java.desktop/share/native/libsplashscreen/giflib/
+PNG_SRC=src/java.desktop/share/native/libsplashscreen/libpng/
+LCMS_SRC=src/java.desktop/share/native/liblcms/
+
+cd openjdk
+
+echo "Removing built-in libs (they will be linked)"
+
+echo "Removing zlib"
+if [ ! -d ${ZIP_SRC} ]; then
+ echo "${ZIP_SRC} does not exist. Refusing to proceed."
+ exit 1
+fi
+rm -rvf ${ZIP_SRC}
+
+echo "Removing libjpeg"
+if [ ! -f ${JPEG_SRC}/jdhuff.c ]; then # some file that sound definitely exist
+ echo "${JPEG_SRC} does not contain jpeg sources. Refusing to proceed."
+ exit 1
+fi
+
+rm -vf ${JPEG_SRC}/jcomapi.c
+rm -vf ${JPEG_SRC}/jdapimin.c
+rm -vf ${JPEG_SRC}/jdapistd.c
+rm -vf ${JPEG_SRC}/jdcoefct.c
+rm -vf ${JPEG_SRC}/jdcolor.c
+rm -vf ${JPEG_SRC}/jdct.h
+rm -vf ${JPEG_SRC}/jddctmgr.c
+rm -vf ${JPEG_SRC}/jdhuff.c
+rm -vf ${JPEG_SRC}/jdhuff.h
+rm -vf ${JPEG_SRC}/jdinput.c
+rm -vf ${JPEG_SRC}/jdmainct.c
+rm -vf ${JPEG_SRC}/jdmarker.c
+rm -vf ${JPEG_SRC}/jdmaster.c
+rm -vf ${JPEG_SRC}/jdmerge.c
+rm -vf ${JPEG_SRC}/jdphuff.c
+rm -vf ${JPEG_SRC}/jdpostct.c
+rm -vf ${JPEG_SRC}/jdsample.c
+rm -vf ${JPEG_SRC}/jerror.c
+rm -vf ${JPEG_SRC}/jerror.h
+rm -vf ${JPEG_SRC}/jidctflt.c
+rm -vf ${JPEG_SRC}/jidctfst.c
+rm -vf ${JPEG_SRC}/jidctint.c
+rm -vf ${JPEG_SRC}/jidctred.c
+rm -vf ${JPEG_SRC}/jinclude.h
+rm -vf ${JPEG_SRC}/jmemmgr.c
+rm -vf ${JPEG_SRC}/jmemsys.h
+rm -vf ${JPEG_SRC}/jmemnobs.c
+rm -vf ${JPEG_SRC}/jmorecfg.h
+rm -vf ${JPEG_SRC}/jpegint.h
+rm -vf ${JPEG_SRC}/jpeglib.h
+rm -vf ${JPEG_SRC}/jquant1.c
+rm -vf ${JPEG_SRC}/jquant2.c
+rm -vf ${JPEG_SRC}/jutils.c
+rm -vf ${JPEG_SRC}/jcapimin.c
+rm -vf ${JPEG_SRC}/jcapistd.c
+rm -vf ${JPEG_SRC}/jccoefct.c
+rm -vf ${JPEG_SRC}/jccolor.c
+rm -vf ${JPEG_SRC}/jcdctmgr.c
+rm -vf ${JPEG_SRC}/jchuff.c
+rm -vf ${JPEG_SRC}/jchuff.h
+rm -vf ${JPEG_SRC}/jcinit.c
+rm -vf ${JPEG_SRC}/jconfig.h
+rm -vf ${JPEG_SRC}/jcmainct.c
+rm -vf ${JPEG_SRC}/jcmarker.c
+rm -vf ${JPEG_SRC}/jcmaster.c
+rm -vf ${JPEG_SRC}/jcparam.c
+rm -vf ${JPEG_SRC}/jcphuff.c
+rm -vf ${JPEG_SRC}/jcprepct.c
+rm -vf ${JPEG_SRC}/jcsample.c
+rm -vf ${JPEG_SRC}/jctrans.c
+rm -vf ${JPEG_SRC}/jdtrans.c
+rm -vf ${JPEG_SRC}/jfdctflt.c
+rm -vf ${JPEG_SRC}/jfdctfst.c
+rm -vf ${JPEG_SRC}/jfdctint.c
+rm -vf ${JPEG_SRC}/jversion.h
+rm -vf ${JPEG_SRC}/README
+
+echo "Removing giflib"
+if [ ! -d ${GIF_SRC} ]; then
+ echo "${GIF_SRC} does not exist. Refusing to proceed."
+ exit 1
+fi
+rm -rvf ${GIF_SRC}
+
+echo "Removing libpng"
+if [ ! -d ${PNG_SRC} ]; then
+ echo "${PNG_SRC} does not exist. Refusing to proceed."
+ exit 1
+fi
+rm -rvf ${PNG_SRC}
+
+echo "Removing lcms"
+if [ ! -d ${LCMS_SRC} ]; then
+ echo "${LCMS_SRC} does not exist. Refusing to proceed."
+ exit 1
+fi
+rm -vf ${LCMS_SRC}/cmscam02.c
+rm -vf ${LCMS_SRC}/cmscgats.c
+rm -vf ${LCMS_SRC}/cmscnvrt.c
+rm -vf ${LCMS_SRC}/cmserr.c
+rm -vf ${LCMS_SRC}/cmsgamma.c
+rm -vf ${LCMS_SRC}/cmsgmt.c
+rm -vf ${LCMS_SRC}/cmshalf.c
+rm -vf ${LCMS_SRC}/cmsintrp.c
+rm -vf ${LCMS_SRC}/cmsio0.c
+rm -vf ${LCMS_SRC}/cmsio1.c
+rm -vf ${LCMS_SRC}/cmslut.c
+rm -vf ${LCMS_SRC}/cmsmd5.c
+rm -vf ${LCMS_SRC}/cmsmtrx.c
+rm -vf ${LCMS_SRC}/cmsnamed.c
+rm -vf ${LCMS_SRC}/cmsopt.c
+rm -vf ${LCMS_SRC}/cmspack.c
+rm -vf ${LCMS_SRC}/cmspcs.c
+rm -vf ${LCMS_SRC}/cmsplugin.c
+rm -vf ${LCMS_SRC}/cmsps2.c
+rm -vf ${LCMS_SRC}/cmssamp.c
+rm -vf ${LCMS_SRC}/cmssm.c
+rm -vf ${LCMS_SRC}/cmstypes.c
+rm -vf ${LCMS_SRC}/cmsvirt.c
+rm -vf ${LCMS_SRC}/cmswtpnt.c
+rm -vf ${LCMS_SRC}/cmsxform.c
+rm -vf ${LCMS_SRC}/lcms2.h
+rm -vf ${LCMS_SRC}/lcms2_internal.h
+rm -vf ${LCMS_SRC}/lcms2_plugin.h
diff --git a/removeSunEcProvider-RH1154143.patch b/removeSunEcProvider-RH1154143.patch
new file mode 100644
index 0000000..e128232
--- /dev/null
+++ b/removeSunEcProvider-RH1154143.patch
@@ -0,0 +1,19 @@
+--- openjdk/src/java.base/share/conf/security/java.security.orig 2018-01-18 12:22:46.148339081 +0100
++++ openjdk/src/java.base/share/conf/security/java.security 2018-01-18 12:25:12.225469321 +0100
+@@ -66,7 +66,6 @@
+ #endif
+ security.provider.tbd=SUN
+ security.provider.tbd=SunRsaSign
+-security.provider.tbd=SunEC
+ security.provider.tbd=SunJSSE
+ security.provider.tbd=SunJCE
+ security.provider.tbd=SunJGSS
+@@ -681,7 +680,7 @@
+ # Example:
+ # jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048
+ jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 1024, \
+- EC keySize < 224, DES40_CBC, RC4_40
++ EC, ECDHE, ECDH, DES40_CBC, RC4_40
+
+ #
+ # Legacy algorithms for Secure Socket Layer/Transport Layer Security (SSL/TLS)
diff --git a/sorted-diff.patch b/sorted-diff.patch
new file mode 100644
index 0000000..7ba596e
--- /dev/null
+++ b/sorted-diff.patch
@@ -0,0 +1,12 @@
+--- openjdk/make/gensrc/GensrcX11Wrappers.gmk
++++ openjdk/make/gensrc/GensrcX11Wrappers.gmk
+@@ -117,7 +117,8 @@
+ $(call LogInfo, Verifying X11 wrapper sizes)
+ $(call MakeDir, $(@D))
+ $(GENSRC_X11WRAPPERS_TMP)/sizer.$*.exe | $(SORT) > $@.tmp
+- $(DIFF) $(GENSRC_X11WRAPPERS_TMP)/sizes.$*.verification.tmp $(GENSRC_X11WRAPPERS_TMP)/sizes.$*
++ $(SORT) $(GENSRC_X11WRAPPERS_TMP)/sizes.$* > $@-orig.tmp
++ $(DIFF) $(GENSRC_X11WRAPPERS_TMP)/sizes.$*.verification.tmp $(GENSRC_X11WRAPPERS_TMP)/sizes.$*.verification-orig.tmp
+ mv $@.tmp $@
+
+ GENSRC_X11WRAPPERS += $(GENSRC_X11WRAPPERS_TMP)/sizes.$(OPENJDK_TARGET_CPU_BITS).verification
diff --git a/sources b/sources
new file mode 100644
index 0000000..14b93bd
--- /dev/null
+++ b/sources
@@ -0,0 +1,2 @@
+SHA512 (jdk-jdk10-jdk-10+46.tar.xz) = 6412a0cf2cfcce0a6df35f9250964d2b1f9edc110534e905a9add4a036ba6884506f5f5990d1e1d1e2db406180dae8e20097c5cf44a15c7b7b60558b95049359
+SHA512 (systemtap-tapset-3.6.0pre02.tar.xz) = 848f42ef7ca751e723fd50e3a6da14c0965ad4da37ea3331568658e27497b7a7e4b9aad3dedd264ad0bb5566c37a92302b905f10258a4e2c89dc4ba609e55481
diff --git a/systemCryptoPolicyPR3183.patch b/systemCryptoPolicyPR3183.patch
new file mode 100644
index 0000000..4efbe9a
--- /dev/null
+++ b/systemCryptoPolicyPR3183.patch
@@ -0,0 +1,88 @@
+
+# HG changeset patch
+# User andrew
+# Date 1478057514 0
+# Node ID 1c4d5cb2096ae55106111da200b0bcad304f650c
+# Parent 3d53f19b48384e5252f4ec8891f7a3a82d77af2a
+PR3183: Support Fedora/RHEL system crypto policy
+diff -r 3d53f19b4838 -r 1c4d5cb2096a src/java.base/share/classes/java/security/Security.java
+--- a/src/java.base/share/classes/java/security/Security.java Wed Oct 26 03:51:39 2016 +0100
++++ b/src/java.base/share/classes/java/security/Security.java Wed Nov 02 03:31:54 2016 +0000
+@@ -43,6 +43,9 @@
+ * implementation-specific location, which is typically the properties file
+ * {@code conf/security/java.security} in the Java installation directory.
+ *
++ * Additional default values of security properties are read from a
++ * system-specific location, if available.
++ *
+ * @author Benjamin Renaud
+ * @since 1.1
+ */
+@@ -52,6 +55,10 @@
+ private static final Debug sdebug =
+ Debug.getInstance("properties");
+
++ /* System property file*/
++ private static final String SYSTEM_PROPERTIES =
++ "/etc/crypto-policies/back-ends/java.config";
++
+ /* The java.security properties */
+ private static Properties props;
+
+@@ -93,6 +100,7 @@
+ if (sdebug != null) {
+ sdebug.println("reading security properties file: " +
+ propFile);
++ sdebug.println(props.toString());
+ }
+ } catch (IOException e) {
+ if (sdebug != null) {
+@@ -114,6 +122,31 @@
+ }
+
+ if ("true".equalsIgnoreCase(props.getProperty
++ ("security.useSystemPropertiesFile"))) {
++
++ // now load the system file, if it exists, so its values
++ // will win if they conflict with the earlier values
++ try (BufferedInputStream bis =
++ new BufferedInputStream(new FileInputStream(SYSTEM_PROPERTIES))) {
++ props.load(bis);
++ loadedProps = true;
++
++ if (sdebug != null) {
++ sdebug.println("reading system security properties file " +
++ SYSTEM_PROPERTIES);
++ sdebug.println(props.toString());
++ }
++ } catch (IOException e) {
++ if (sdebug != null) {
++ sdebug.println
++ ("unable to load security properties from " +
++ SYSTEM_PROPERTIES);
++ e.printStackTrace();
++ }
++ }
++ }
++
++ if ("true".equalsIgnoreCase(props.getProperty
+ ("security.overridePropertiesFile"))) {
+
+ String extraPropFile = System.getProperty
+diff -r 3d53f19b4838 -r 1c4d5cb2096a src/java.base/share/conf/security/java.security
+--- a/src/java.base/share/conf/security/java.security Wed Oct 26 03:51:39 2016 +0100
++++ b/src/java.base/share/conf/security/java.security Wed Nov 02 03:31:54 2016 +0000
+@@ -276,6 +276,13 @@
+ security.overridePropertiesFile=true
+
+ #
++# Determines whether this properties file will be appended to
++# using the system properties file stored at
++# /etc/crypto-policies/back-ends/java.config
++#
++security.useSystemPropertiesFile=true
++
++#
+ # Determines the default key and trust manager factory algorithms for
+ # the javax.net.ssl package.
+ #