Hi Divya,
On 4/22/23 07:35, Divya Sharma wrote:
Thanks Sebastain.
I found the "cryptoPolicyPath" [1] and the .policy file which grants the
permission to use the algorithm.
But I could not figure out how to add it in the VFS and boot module as you
suggested .
So the runtime scenario of java can have access to that policy file.
Also I tried to add that path [3] in INC_DIR+= of jvm.inc and java.inc but
could not provide the access policy.
Also during the booting of java i got the error [2] indicating the page fault
occurs due to thread='pthread.0.
[1]GENODE_DIR]/contrib/jdk_generated-afb22ed3b35d8700b821722d2df871e6e2c53717/src/app/jdk/bin/conf/security/policy/unlimited/default_local.policy.
[2]no RM attachment (READ pf_addr=0x0 pf_ip=0x2001ad90 from pager_object:
pd='init -> java' thread='pthread.0')
Warning: page fault, pager_object: pd='init -> java' thread='pthread.0'
ip=0x2001ad90 fault-addr=0x0 type=no-page
[3]$(JDK_GENERATED)/bin/conf/security/policy/unlimited \
Under the assumption that Java is looking for the path
"/conf/security/policy/unlimited" and because the policy file is very small you
could as a first step try to inline the contents of the file in the <vfs> node
of the run script:
! <vfs>
! ....
! <dir name="conf">
! <dir name="security">
! <dir name="policy">
! <dir name="unlimited">
! <inline name="default_local.policy">
! grant {
! // There is no restriction to any algorithms.
! permission javax.crypto.CryptoAllPermission;
! };
! </inline>
! </dir>
! </dir>
! </dir>
! </dir>
!
! ...
! </vfs>
Once this is working you can later add it as a ROM module by modifying [1] and
copy the file into the Java packet from which it can be accessed by the run
script via.
! <rom name="default_local.policy"/>
which would replace the <inline> node above.
[1] repos/world/recipes/raw/jdk/content.mk
Good luck,
Sebastian
DIvya.
On Thu, Apr 13, 2023 at 12:38 PM Sebastian Sumpf
<sebastian.su...@genode-labs.com <mailto:sebastian.su...@genode-labs.com>> wrote:
Hello Divya,
On 4/13/23 05:55, Divya Sharma wrote:
> While using the *javax.crypto.** library in a Java application,I got the
> following error [1] ,[2]saying that "Can not initialize the cryptographic
> mechanism".
> While inspecting the default policies got to know that permissions are
already
> granted for all algorithms.
> We also set those to unlimited in java code itself using the [3] and [4].
> Still could not resolve the issue.Is there anything that we are missing
out on?
> kindly give some suggestions on it .
>
>
> [1]java.lang.SecurityException: Can not initialize cryptographic
mechanism
> [2]java.lang.SecurityException: Can't read cryptographic policy
directory: unlimited
> [3] Security.setProperty("crypto.policy", "unlimited");
> [4] System.setProperty("java.security.properties","unlimited");
>
In [1] I see the following code:
! if (!Files.isDirectory(cryptoPolicyPath)
! || !Files.isReadable(cryptoPolicyPath)) {
! throw new SecurityException(
! "Can't read cryptographic policy directory: " +
! cryptoPolicyProperty);
! }
I would try to find out what "cryptoPolicyPath" is, what file is expected,
and
put the expected file at the right place in the run script (in the <vfs>
node +
boot modules).
[1] jdk/src/java.base/share/classes/javax/crypto/JceSecurity.java.template
Regards,
Sebastian
>
> On Mon, Apr 10, 2023 at 6:49 PM Divya Sharma <divyasharma26...@gmail.com
<mailto:divyasharma26...@gmail.com>
> <mailto:divyasharma26...@gmail.com <mailto:divyasharma26...@gmail.com>>>
wrote:
>
> Thanks, Sebastian issue is resolved.
>
> I want to run simple java code using java binary into bash shell. To
achieve
> it I figured out some modification to the separate run script
> user_shell_dev.run from bash.run script .But those did not work load
java
> vm in shell.
> While booting in Qemu i got the error [1] ,[3] also i am able to
spawn a
> shell into the terminal but while running java in it got [2].
> It is not able to initialize the vm to run java.
> Kindly suggest a way to achieve this .
>
>
> [1][init -> java] Error occurred during initialization of VM
> init -> java] java.lang.UnsatisfiedLinkError: no zip in
java.library.path
> [2]Error occurred during the initialization of vm.
> Unable to load zip lib "zip.lib.so <http://zip.lib.so>
<http://zip.lib.so <http://zip.lib.so>>"
>
> [3][init -> /bin/bash -> 1] Error: ROM-session creation failed
> (ram_quota=6144, cap_quota=3, label="zip.lib.so <http://zip.lib.so>
<http://zip.lib.so <http://zip.lib.so>>")
>
>
> Thanks,
> DIvya.
>
>
> On Mon, Apr 10, 2023 at 3:52 PM Sebastian Sumpf
> <sebastian.su...@genode-labs.com
<mailto:sebastian.su...@genode-labs.com>
<mailto:sebastian.su...@genode-labs.com
<mailto:sebastian.su...@genode-labs.com>>>
> wrote:
>
> Hello Divya,
>
> On 4/8/23 07:45, Divya Sharma wrote:
> > While running the java.run script I got the following error
> [1]showing out of
> > memory allocation.
> > Kindly suggest the way to remove it rather than build all the
required
> > dependencies and packages from scratch.
> >
> >
> >
>
[1]/usr/local/genode/tool/21.05/bin/../lib/gcc/arm-none-eabi/10.3.0/../../../../arm-none-eabi/bin/as: out of memory allocating 9223372036854841471 bytes after a total of 696320 bytes
> >
>
> This looks like as if it happens when linking the boot modules of
the image
> together. Maybe there are too many modules and something got too
big? By
> the
> size of the allocation clearly something did overflow, but it's
hard to
> tell
> without the actual scenario. What did you change in the
"java.run" script?
>
> Regards,
>
> Sebastian
>
> >
> >
> >
> > On Wed, Apr 5, 2023 at 11:02 PM <ttco...@netcourrier.com
<mailto:ttco...@netcourrier.com>
> <mailto:ttco...@netcourrier.com <mailto:ttco...@netcourrier.com>>
> > <mailto:ttco...@netcourrier.com
<mailto:ttco...@netcourrier.com> <mailto:ttco...@netcourrier.com
<mailto:ttco...@netcourrier.com>>>> wrote:
> >
> >
> >>
> >> Hello Genodians,
> >>
> >> I am able to run java.run in virt_qemu-arm_v7a. The
output is
> directed to
> >> log [ stdout="/dev/log" ], is there a way to redirect the
sdtout to
> >> terminal [ stdout="/dev/terminal" ] instead of log?
> >>
> >>
> >
> > My two cents : the way I do it here is to modify the
"config"
> scenario file
> > this way:
> > - keep stdout set to "/dev/log"
> > - modify the routing to : <route> <service name="LOG">
<child
> > name="terminal_log"> ...
> > - add a terminal_log component
> > - add a terminal component.
> >
> > It works for me... But if there is a way to specify
> stdout="/dev/terminal"
> > instead, that might be of interest to me as well.
> >
> > Cedric
> >
> >
> > _______________________________________________
> > Genode users mailing list
> > users@lists.genode.org <mailto:users@lists.genode.org>
<mailto:users@lists.genode.org <mailto:users@lists.genode.org>>
> <mailto:users@lists.genode.org <mailto:users@lists.genode.org>
<mailto:users@lists.genode.org <mailto:users@lists.genode.org>>>
> > https://lists.genode.org/listinfo/users
<https://lists.genode.org/listinfo/users>
> <https://lists.genode.org/listinfo/users
<https://lists.genode.org/listinfo/users>>
> > <https://lists.genode.org/listinfo/users
<https://lists.genode.org/listinfo/users>
> <https://lists.genode.org/listinfo/users
<https://lists.genode.org/listinfo/users>>>
> >
> >
> > _______________________________________________
> > Genode users mailing list
> > users@lists.genode.org <mailto:users@lists.genode.org>
<mailto:users@lists.genode.org <mailto:users@lists.genode.org>>
> > https://lists.genode.org/listinfo/users
<https://lists.genode.org/listinfo/users>
> <https://lists.genode.org/listinfo/users
<https://lists.genode.org/listinfo/users>>
>
> --
> Sebastian Sumpf
> Genode Labs
>
> http://www.genode-labs.com <http://www.genode-labs.com>
<http://www.genode-labs.com <http://www.genode-labs.com>> ·
> http://genode.org <http://genode.org> <http://genode.org
<http://genode.org>>
>
> Genode Labs GmbH · Amtsgericht Dresden · HRB 28424 · Sitz Dresden
> Geschäftsführer: Dr.-Ing. Norman Feske, Christian Helmuth
>
>
>
>
>
> _______________________________________________
> Genode users mailing list
> users@lists.genode.org <mailto:users@lists.genode.org>
<mailto:users@lists.genode.org <mailto:users@lists.genode.org>>
> https://lists.genode.org/listinfo/users
<https://lists.genode.org/listinfo/users>
> <https://lists.genode.org/listinfo/users
<https://lists.genode.org/listinfo/users>>
>
>
> _______________________________________________
> Genode users mailing list
> users@lists.genode.org <mailto:users@lists.genode.org>
> https://lists.genode.org/listinfo/users
<https://lists.genode.org/listinfo/users>
--
Sebastian Sumpf
Genode Labs
http://www.genode-labs.com <http://www.genode-labs.com> · http://genode.org
<http://genode.org>
Genode Labs GmbH · Amtsgericht Dresden · HRB 28424 · Sitz Dresden
Geschäftsführer: Dr.-Ing. Norman Feske, Christian Helmuth
_______________________________________________
Genode users mailing list
users@lists.genode.org <mailto:users@lists.genode.org>
https://lists.genode.org/listinfo/users
<https://lists.genode.org/listinfo/users>
_______________________________________________
Genode users mailing list
users@lists.genode.org
https://lists.genode.org/listinfo/users
--
Sebastian Sumpf
Genode Labs
http://www.genode-labs.com · http://genode.org
Genode Labs GmbH · Amtsgericht Dresden · HRB 28424 · Sitz Dresden
Geschäftsführer: Dr.-Ing. Norman Feske, Christian Helmuth
_______________________________________________
Genode users mailing list
users@lists.genode.org
https://lists.genode.org/listinfo/users
