Hi Divya,
On 4/22/23 07:35, Divya Sharma wrote:
Thanks Sebastain. I found the "cryptoPolicyPath" [1] and the .policy file which grants the permission to use the algorithm. But I could not figure out how to add it in the VFS and boot module as you suggested . So the runtime scenario of java can have access to that policy file.
Also I tried to add that path [3] in INC_DIR+= of jvm.inc and java.inc but could not provide the access policy. Also during the booting of java i got the error [2] indicating the page fault occurs due to thread='pthread.0.
[1]GENODE_DIR]/contrib/jdk_generated-afb22ed3b35d8700b821722d2df871e6e2c53717/src/app/jdk/bin/conf/security/policy/unlimited/default_local.policy. [2]no RM attachment (READ pf_addr=0x0 pf_ip=0x2001ad90 from pager_object: pd='init -> java' thread='pthread.0') Warning: page fault, pager_object: pd='init -> java' thread='pthread.0' ip=0x2001ad90 fault-addr=0x0 type=no-page [3]$(JDK_GENERATED)/bin/conf/security/policy/unlimited \
Under the assumption that Java is looking for the path "/conf/security/policy/unlimited" and because the policy file is very small you could as a first step try to inline the contents of the file in the <vfs> node of the run script:
! <vfs> ! .... ! <dir name="conf"> ! <dir name="security"> ! <dir name="policy"> ! <dir name="unlimited"> ! <inline name="default_local.policy"> ! grant { ! // There is no restriction to any algorithms. ! permission javax.crypto.CryptoAllPermission; ! }; ! </inline> ! </dir> ! </dir> ! </dir> ! </dir> ! ! ... ! </vfs>
Once this is working you can later add it as a ROM module by modifying [1] and copy the file into the Java packet from which it can be accessed by the run script via.
! <rom name="default_local.policy"/>
which would replace the <inline> node above.
[1] repos/world/recipes/raw/jdk/content.mk
Good luck,
Sebastian
DIvya.
On Thu, Apr 13, 2023 at 12:38 PM Sebastian Sumpf <Sebastian.Sumpf@genode-labs.com mailto:Sebastian.Sumpf@genode-labs.com> wrote:
Hello Divya, On 4/13/23 05:55, Divya Sharma wrote: > While using the *javax.crypto.** library in a Java application,I got the > following error [1] ,[2]saying that "Can not initialize the cryptographic > mechanism". > While inspecting the default policies got to know that permissions are already > granted for all algorithms. > We also set those to unlimited in java code itself using the [3] and [4]. > Still could not resolve the issue.Is there anything that we are missing out on? > kindly give some suggestions on it . > > > [1]java.lang.SecurityException: Can not initialize cryptographic mechanism > [2]java.lang.SecurityException: Can't read cryptographic policy directory: unlimited > [3] Security.setProperty("crypto.policy", "unlimited"); > [4] System.setProperty("java.security.properties","unlimited"); > In [1] I see the following code: ! if (!Files.isDirectory(cryptoPolicyPath) ! || !Files.isReadable(cryptoPolicyPath)) { ! throw new SecurityException( ! "Can't read cryptographic policy directory: " + ! cryptoPolicyProperty); ! } I would try to find out what "cryptoPolicyPath" is, what file is expected, and put the expected file at the right place in the run script (in the <vfs> node + boot modules). [1] jdk/src/java.base/share/classes/javax/crypto/JceSecurity.java.template Regards, Sebastian > > On Mon, Apr 10, 2023 at 6:49 PM Divya Sharma <divyasharma26546@gmail.com <mailto:divyasharma26546@gmail.com> > <mailto:divyasharma26546@gmail.com <mailto:divyasharma26546@gmail.com>>> wrote: > > Thanks, Sebastian issue is resolved. > > I want to run simple java code using java binary into bash shell. To achieve > it I figured out some modification to the separate run script > user_shell_dev.run from bash.run script .But those did not work load java > vm in shell. > While booting in Qemu i got the error [1] ,[3] also i am able to spawn a > shell into the terminal but while running java in it got [2]. > It is not able to initialize the vm to run java. > Kindly suggest a way to achieve this . > > > [1][init -> java] Error occurred during initialization of VM > init -> java] java.lang.UnsatisfiedLinkError: no zip in java.library.path > [2]Error occurred during the initialization of vm. > Unable to load zip lib "zip.lib.so <http://zip.lib.so> <http://zip.lib.so <http://zip.lib.so>>" > > [3][init -> /bin/bash -> 1] Error: ROM-session creation failed > (ram_quota=6144, cap_quota=3, label="zip.lib.so <http://zip.lib.so> <http://zip.lib.so <http://zip.lib.so>>") > > > Thanks, > DIvya. > > > On Mon, Apr 10, 2023 at 3:52 PM Sebastian Sumpf > <Sebastian.Sumpf@genode-labs.com <mailto:Sebastian.Sumpf@genode-labs.com> <mailto:Sebastian.Sumpf@genode-labs.com <mailto:Sebastian.Sumpf@genode-labs.com>>> > wrote: > > Hello Divya, > > On 4/8/23 07:45, Divya Sharma wrote: > > While running the java.run script I got the following error > [1]showing out of > > memory allocation. > > Kindly suggest the way to remove it rather than build all the required > > dependencies and packages from scratch. > > > > > > > [1]/usr/local/genode/tool/21.05/bin/../lib/gcc/arm-none-eabi/10.3.0/../../../../arm-none-eabi/bin/as: out of memory allocating 9223372036854841471 bytes after a total of 696320 bytes > > > > This looks like as if it happens when linking the boot modules of the image > together. Maybe there are too many modules and something got too big? By > the > size of the allocation clearly something did overflow, but it's hard to > tell > without the actual scenario. What did you change in the "java.run" script? > > Regards, > > Sebastian > > > > > > > > > On Wed, Apr 5, 2023 at 11:02 PM <ttcoder@netcourrier.com <mailto:ttcoder@netcourrier.com> > <mailto:ttcoder@netcourrier.com <mailto:ttcoder@netcourrier.com>> > > <mailto:ttcoder@netcourrier.com <mailto:ttcoder@netcourrier.com> <mailto:ttcoder@netcourrier.com <mailto:ttcoder@netcourrier.com>>>> wrote: > > > > > >> > >> Hello Genodians, > >> > >> I am able to run java.run in virt_qemu-arm_v7a. The output is > directed to > >> log [ stdout="/dev/log" ], is there a way to redirect the sdtout to > >> terminal [ stdout="/dev/terminal" ] instead of log? > >> > >> > > > > My two cents : the way I do it here is to modify the "config" > scenario file > > this way: > > - keep stdout set to "/dev/log" > > - modify the routing to : <route> <service name="LOG"> <child > > name="terminal_log"> ... > > - add a terminal_log component > > - add a terminal component. > > > > It works for me... But if there is a way to specify > stdout="/dev/terminal" > > instead, that might be of interest to me as well. > > > > Cedric > > > > > > _______________________________________________ > > Genode users mailing list > > users@lists.genode.org <mailto:users@lists.genode.org> <mailto:users@lists.genode.org <mailto:users@lists.genode.org>> > <mailto:users@lists.genode.org <mailto:users@lists.genode.org> <mailto:users@lists.genode.org <mailto:users@lists.genode.org>>> > > https://lists.genode.org/listinfo/users <https://lists.genode.org/listinfo/users> > <https://lists.genode.org/listinfo/users <https://lists.genode.org/listinfo/users>> > > <https://lists.genode.org/listinfo/users <https://lists.genode.org/listinfo/users> > <https://lists.genode.org/listinfo/users <https://lists.genode.org/listinfo/users>>> > > > > > > _______________________________________________ > > Genode users mailing list > > users@lists.genode.org <mailto:users@lists.genode.org> <mailto:users@lists.genode.org <mailto:users@lists.genode.org>> > > https://lists.genode.org/listinfo/users <https://lists.genode.org/listinfo/users> > <https://lists.genode.org/listinfo/users <https://lists.genode.org/listinfo/users>> > > -- > Sebastian Sumpf > Genode Labs > > http://www.genode-labs.com <http://www.genode-labs.com> <http://www.genode-labs.com <http://www.genode-labs.com>> · > http://genode.org <http://genode.org> <http://genode.org <http://genode.org>> > > Genode Labs GmbH · Amtsgericht Dresden · HRB 28424 · Sitz Dresden > Geschäftsführer: Dr.-Ing. Norman Feske, Christian Helmuth > > > > > > _______________________________________________ > Genode users mailing list > users@lists.genode.org <mailto:users@lists.genode.org> <mailto:users@lists.genode.org <mailto:users@lists.genode.org>> > https://lists.genode.org/listinfo/users <https://lists.genode.org/listinfo/users> > <https://lists.genode.org/listinfo/users <https://lists.genode.org/listinfo/users>> > > > _______________________________________________ > Genode users mailing list > users@lists.genode.org <mailto:users@lists.genode.org> > https://lists.genode.org/listinfo/users <https://lists.genode.org/listinfo/users> -- Sebastian Sumpf Genode Labs http://www.genode-labs.com <http://www.genode-labs.com> · http://genode.org <http://genode.org> Genode Labs GmbH · Amtsgericht Dresden · HRB 28424 · Sitz Dresden Geschäftsführer: Dr.-Ing. Norman Feske, Christian Helmuth _______________________________________________ Genode users mailing list users@lists.genode.org <mailto:users@lists.genode.org> https://lists.genode.org/listinfo/users <https://lists.genode.org/listinfo/users>
Genode users mailing list users@lists.genode.org https://lists.genode.org/listinfo/users