hi everyone, I'm currently redoing a few sections of my verifier and adding support for subroutine verification (the one major thing that has been lacking from my verifier implementation this whole time...so my verifier has never been able to check any classes with try-finally clauses), but have a couple questions that'll help me get it be ready for sharing.
In the method verify3() in kaffe/kaffevm/verify.c, a quick check is made to see whether verifyMode = 0 and, if so, no verification is performed. In kaffe/kaffe/main.c, flags are processed. According to the kaffe man page, -noverify (which sets verifyMode to 0) is the only option that can change the way verification is done. However, main.c also accepts -verify (setting verifyMode to 3) and -verifyremote (setting it to 2). In kaffe/kaffevm/jni.c, verifyMode is set to 0 (no verification) by default. I cannot find documentation anywhere as to what -verifyremote really means. If this option is obsolete, it should probably be removed from main.c's option() method. Otherwise, I need to know what -verifyremote is supposed to do. Also, documentation for -verify should probably be included in kaffe's man page. It doesn't make sense to remove this option because, currently, not verifying anything is the default, so there should be a way to turn it on :) I've included a patch that adds documentation for -verify to the man page. I also have a question regarding the verification of trusted libraries. I know that kaffe now has support for -bootclasspath. Should the verifier, to save time, not verify any classes that are found in the -bootclasspath? Or should it ignore standard library classes to save time and, if so, how would it determine which classes are standard library and which are not? At the moment my verifier checks that the first few characters of the class being verified are "kaffe/" or "java/" and that its loader is the default loader, but I'm not convinced this is 100% safe. Any thoughts would be appreciated. Thanks, Rob ps - Just started playing with 1.1.0 the last few days, and I'm pretty impressed. Many kudos to all you who have been putting a ton of time into this project since 1.0.7!
--- kaffe/man/kaffe.1.in 2002-04-16 16:52:51.000000000 -0500 +++ ../kaffe/kaffe/man/kaffe.1.in 2003-06-18 15:09:32.000000000 -0500 @@ -13,7 +13,7 @@ .BI "[\-mx" " size" "]" .BI "[\-classpath" " path" "]" .BI "[\-addclasspath" " path" "]" -.BI "[\-noverify]" +.BI "[\-verify | \-noverify]" .BI "[\-D" "property" "=" "value" "]" .BI "[\-v]" .BI "[\-verbosegc]" @@ -57,6 +57,9 @@ Appends the given path to the current classpath setting. Multiple instances of this flag may be given. .TP +.B "\-verify" +Verify all bytecode that is not trusted. +.TP .B "\-noverify" Do not verify any bytecode. .TP
