From ef247ab276b6f687a2ac0e0700d0de91bd3df8a8 Mon Sep 17 00:00:00 2001 From: Dan Lutker Date: Mon, 25 Jan 2021 17:16:21 +0000 Subject: [PATCH 1/5] 8260308: Update LogCompilation junit to 4.13.1 Reviewed-by: ecaspole, iignatyev --- src/utils/LogCompilation/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/utils/LogCompilation/pom.xml b/src/utils/LogCompilation/pom.xml index ac2b4400a1d38..1d8e0ffa1bda8 100644 --- a/src/utils/LogCompilation/pom.xml +++ b/src/utils/LogCompilation/pom.xml @@ -42,7 +42,7 @@ junit junit - 4.8.2 + 4.13.1 test From 47c7dc7734677b64511ab1d4b3c30d3197d66ce9 Mon Sep 17 00:00:00 2001 From: Martin Balao Date: Mon, 25 Jan 2021 18:01:59 +0000 Subject: [PATCH 2/5] 8258833: Cancel multi-part cipher operations in SunPKCS11 after failures Reviewed-by: valeriep --- .../sun/security/pkcs11/P11AEADCipher.java | 21 +- .../sun/security/pkcs11/P11Cipher.java | 55 ++++- .../classes/sun/security/pkcs11/P11Mac.java | 15 +- .../sun/security/pkcs11/P11PSSSignature.java | 14 +- .../sun/security/pkcs11/P11Signature.java | 14 +- .../pkcs11/Cipher/CancelMultipart.java | 189 ++++++++++++++++++ 6 files changed, 293 insertions(+), 15 deletions(-) create mode 100644 test/jdk/sun/security/pkcs11/Cipher/CancelMultipart.java diff --git a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11AEADCipher.java b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11AEADCipher.java index 82d0dc164f470..7913d755d4e49 100644 --- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11AEADCipher.java +++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11AEADCipher.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2019, 2020, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2019, 2021, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -350,6 +350,13 @@ private void cancelOperation() { 0, buffer, 0, bufLen); } } catch (PKCS11Exception e) { + if (e.getErrorCode() == CKR_OPERATION_NOT_INITIALIZED) { + // Cancel Operation may be invoked after an error on a PKCS#11 + // call. If the operation inside the token was already cancelled, + // do not fail here. This is part of a defensive mechanism for + // PKCS#11 libraries that do not strictly follow the standard. + return; + } if (encrypt) { throw new ProviderException("Cancel failed", e); } @@ -616,6 +623,12 @@ private int implDoFinal(byte[] in, int inOfs, int inLen, } return k; } catch (PKCS11Exception e) { + // As per the PKCS#11 standard, C_Encrypt and C_Decrypt may only + // keep the operation active on CKR_BUFFER_TOO_SMALL errors or + // successful calls to determine the output length. However, + // these cases are not expected here because the output length + // is checked in the OpenJDK side before making the PKCS#11 call. + // Thus, doCancel can safely be 'false'. doCancel = false; handleException(e); throw new ProviderException("doFinal() failed", e); @@ -702,6 +715,12 @@ private int implDoFinal(ByteBuffer inBuffer, ByteBuffer outBuffer) outBuffer.position(outBuffer.position() + k); return k; } catch (PKCS11Exception e) { + // As per the PKCS#11 standard, C_Encrypt and C_Decrypt may only + // keep the operation active on CKR_BUFFER_TOO_SMALL errors or + // successful calls to determine the output length. However, + // these cases are not expected here because the output length + // is checked in the OpenJDK side before making the PKCS#11 call. + // Thus, doCancel can safely be 'false'. doCancel = false; handleException(e); throw new ProviderException("doFinal() failed", e); diff --git a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Cipher.java b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Cipher.java index 470a888cd84b4..362d46733dc12 100644 --- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Cipher.java +++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Cipher.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2020, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2021, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -439,6 +439,13 @@ private void cancelOperation() { token.p11.C_DecryptFinal(session.id(), 0, buffer, 0, bufLen); } } catch (PKCS11Exception e) { + if (e.getErrorCode() == CKR_OPERATION_NOT_INITIALIZED) { + // Cancel Operation may be invoked after an error on a PKCS#11 + // call. If the operation inside the token was already cancelled, + // do not fail here. This is part of a defensive mechanism for + // PKCS#11 libraries that do not strictly follow the standard. + return; + } if (encrypt) { throw new ProviderException("Cancel failed", e); } @@ -628,7 +635,11 @@ private int implUpdate(byte[] in, int inOfs, int inLen, throw (ShortBufferException) (new ShortBufferException().initCause(e)); } - reset(false); + // Some implementations such as the NSS Software Token do not + // cancel the operation upon a C_EncryptUpdate/C_DecryptUpdate + // failure (as required by the PKCS#11 standard). See JDK-8258833 + // for further information. + reset(true); throw new ProviderException("update() failed", e); } } @@ -746,7 +757,11 @@ private int implUpdate(ByteBuffer inBuffer, ByteBuffer outBuffer) throw (ShortBufferException) (new ShortBufferException().initCause(e)); } - reset(false); + // Some implementations such as the NSS Software Token do not + // cancel the operation upon a C_EncryptUpdate/C_DecryptUpdate + // failure (as required by the PKCS#11 standard). See JDK-8258833 + // for further information. + reset(true); throw new ProviderException("update() failed", e); } } @@ -770,9 +785,14 @@ private int implDoFinal(byte[] out, int outOfs, int outLen) 0, padBuffer, 0, actualPadLen, 0, out, outOfs, outLen); } + // Some implementations such as the NSS Software Token do not + // cancel the operation upon a C_EncryptUpdate failure (as + // required by the PKCS#11 standard). Cancel is not needed + // only after this point. See JDK-8258833 for further + // information. + doCancel = false; k += token.p11.C_EncryptFinal(session.id(), 0, out, (outOfs + k), (outLen - k)); - doCancel = false; } else { // Special handling to match SunJCE provider behavior if (bytesBuffered == 0 && padBufferLen == 0) { @@ -784,22 +804,26 @@ private int implDoFinal(byte[] out, int outOfs, int outLen) padBuffer, 0, padBufferLen, 0, padBuffer, 0, padBuffer.length); } + // Some implementations such as the NSS Software Token do not + // cancel the operation upon a C_DecryptUpdate failure (as + // required by the PKCS#11 standard). Cancel is not needed + // only after this point. See JDK-8258833 for further + // information. + doCancel = false; k += token.p11.C_DecryptFinal(session.id(), 0, padBuffer, k, padBuffer.length - k); - doCancel = false; int actualPadLen = paddingObj.unpad(padBuffer, k); k -= actualPadLen; System.arraycopy(padBuffer, 0, out, outOfs, k); } else { + doCancel = false; k = token.p11.C_DecryptFinal(session.id(), 0, out, outOfs, outLen); - doCancel = false; } } return k; } catch (PKCS11Exception e) { - doCancel = false; handleException(e); throw new ProviderException("doFinal() failed", e); } finally { @@ -845,9 +869,14 @@ private int implDoFinal(ByteBuffer outBuffer) 0, padBuffer, 0, actualPadLen, outAddr, outArray, outOfs, outLen); } + // Some implementations such as the NSS Software Token do not + // cancel the operation upon a C_EncryptUpdate failure (as + // required by the PKCS#11 standard). Cancel is not needed + // only after this point. See JDK-8258833 for further + // information. + doCancel = false; k += token.p11.C_EncryptFinal(session.id(), outAddr, outArray, (outOfs + k), (outLen - k)); - doCancel = false; } else { // Special handling to match SunJCE provider behavior if (bytesBuffered == 0 && padBufferLen == 0) { @@ -861,18 +890,23 @@ private int implDoFinal(ByteBuffer outBuffer) 0, padBuffer, 0, padBuffer.length); padBufferLen = 0; } + // Some implementations such as the NSS Software Token do not + // cancel the operation upon a C_DecryptUpdate failure (as + // required by the PKCS#11 standard). Cancel is not needed + // only after this point. See JDK-8258833 for further + // information. + doCancel = false; k += token.p11.C_DecryptFinal(session.id(), 0, padBuffer, k, padBuffer.length - k); - doCancel = false; int actualPadLen = paddingObj.unpad(padBuffer, k); k -= actualPadLen; outArray = padBuffer; outOfs = 0; } else { + doCancel = false; k = token.p11.C_DecryptFinal(session.id(), outAddr, outArray, outOfs, outLen); - doCancel = false; } } if ((!encrypt && paddingObj != null) || @@ -884,7 +918,6 @@ private int implDoFinal(ByteBuffer outBuffer) } return k; } catch (PKCS11Exception e) { - doCancel = false; handleException(e); throw new ProviderException("doFinal() failed", e); } finally { diff --git a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Mac.java b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Mac.java index 0671ce9dc40e8..29b26651c39fa 100644 --- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Mac.java +++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Mac.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2020, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2021, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -151,6 +151,13 @@ private void cancelOperation() { try { token.p11.C_SignFinal(session.id(), 0); } catch (PKCS11Exception e) { + if (e.getErrorCode() == CKR_OPERATION_NOT_INITIALIZED) { + // Cancel Operation may be invoked after an error on a PKCS#11 + // call. If the operation inside the token was already cancelled, + // do not fail here. This is part of a defensive mechanism for + // PKCS#11 libraries that do not strictly follow the standard. + return; + } throw new ProviderException("Cancel failed", e); } } @@ -213,6 +220,12 @@ protected byte[] engineDoFinal() { ensureInitialized(); return token.p11.C_SignFinal(session.id(), 0); } catch (PKCS11Exception e) { + // As per the PKCS#11 standard, C_SignFinal may only + // keep the operation active on CKR_BUFFER_TOO_SMALL errors or + // successful calls to determine the output length. However, + // these cases are handled at OpenJDK's libj2pkcs11 native + // library. Thus, P11Mac::reset can be called with a 'false' + // doCancel argument from here. throw new ProviderException("doFinal() failed", e); } finally { reset(false); diff --git a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11PSSSignature.java b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11PSSSignature.java index 14b6110dfb3cf..8221435266834 100644 --- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11PSSSignature.java +++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11PSSSignature.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2019, 2020, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2019, 2021, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -298,6 +298,13 @@ private void cancelOperation() { } } } catch (PKCS11Exception e) { + if (e.getErrorCode() == CKR_OPERATION_NOT_INITIALIZED) { + // Cancel Operation may be invoked after an error on a PKCS#11 + // call. If the operation inside the token was already cancelled, + // do not fail here. This is part of a defensive mechanism for + // PKCS#11 libraries that do not strictly follow the standard. + return; + } if (mode == M_SIGN) { throw new ProviderException("cancel failed", e); } @@ -662,6 +669,11 @@ protected byte[] engineSign() throws SignatureException { doCancel = false; return signature; } catch (PKCS11Exception pe) { + // As per the PKCS#11 standard, C_Sign and C_SignFinal may only + // keep the operation active on CKR_BUFFER_TOO_SMALL errors or + // successful calls to determine the output length. However, + // these cases are handled at OpenJDK's libj2pkcs11 native + // library. Thus, doCancel can safely be 'false' here. doCancel = false; throw new ProviderException(pe); } catch (ProviderException e) { diff --git a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Signature.java b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Signature.java index c8616e26e499e..f1366b46a8195 100644 --- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Signature.java +++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Signature.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2020, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2021, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -314,6 +314,13 @@ private void cancelOperation() { } } } catch (PKCS11Exception e) { + if (e.getErrorCode() == CKR_OPERATION_NOT_INITIALIZED) { + // Cancel Operation may be invoked after an error on a PKCS#11 + // call. If the operation inside the token was already cancelled, + // do not fail here. This is part of a defensive mechanism for + // PKCS#11 libraries that do not strictly follow the standard. + return; + } if (mode == M_VERIFY) { long errorCode = e.getErrorCode(); if ((errorCode == CKR_SIGNATURE_INVALID) || @@ -654,6 +661,11 @@ protected byte[] engineSign() throws SignatureException { } } } catch (PKCS11Exception pe) { + // As per the PKCS#11 standard, C_Sign and C_SignFinal may only + // keep the operation active on CKR_BUFFER_TOO_SMALL errors or + // successful calls to determine the output length. However, + // these cases are handled at OpenJDK's libj2pkcs11 native + // library. Thus, doCancel can safely be 'false' here. doCancel = false; throw new ProviderException(pe); } catch (SignatureException | ProviderException e) { diff --git a/test/jdk/sun/security/pkcs11/Cipher/CancelMultipart.java b/test/jdk/sun/security/pkcs11/Cipher/CancelMultipart.java new file mode 100644 index 0000000000000..28f3699050cbb --- /dev/null +++ b/test/jdk/sun/security/pkcs11/Cipher/CancelMultipart.java @@ -0,0 +1,189 @@ +/* + * Copyright (c) 2021, Red Hat, Inc. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* + * @test + * @bug 8258833 + * @library /test/lib .. + * @modules jdk.crypto.cryptoki/sun.security.pkcs11:open + * @run main/othervm CancelMultipart + */ + +import java.lang.reflect.Field; +import java.nio.ByteBuffer; +import java.security.Key; +import java.security.Provider; +import java.security.ProviderException; +import javax.crypto.Cipher; +import javax.crypto.IllegalBlockSizeException; +import javax.crypto.spec.SecretKeySpec; + +public class CancelMultipart extends PKCS11Test { + + private static Provider provider; + private static Key key; + + static { + key = new SecretKeySpec(new byte[16], "AES"); + } + + private static class SessionLeaker { + private LeakOperation op; + private LeakInputType type; + + SessionLeaker(LeakOperation op, LeakInputType type) { + this.op = op; + this.type = type; + } + + private void leakAndTry() throws Exception { + Cipher cipher = op.getCipher(); + try { + type.doOperation(cipher, + (op instanceof LeakDecrypt ? + LeakInputType.DECRYPT_MODE : + null)); + throw new Exception("PKCS11Exception expected, invalid block" + + "size"); + } catch (ProviderException | IllegalBlockSizeException e) { + // Exception expected - session returned to the SessionManager + // should be cancelled. That's what will be tested now. + } + + tryCipherInit(); + } + } + + private static interface LeakOperation { + Cipher getCipher() throws Exception; + } + + private static interface LeakInputType { + static int DECRYPT_MODE = 1; + void doOperation(Cipher cipher, int mode) throws Exception; + } + + private static class LeakDecrypt implements LeakOperation { + public Cipher getCipher() throws Exception { + Cipher cipher = Cipher.getInstance( + "AES/ECB/PKCS5Padding", provider); + cipher.init(Cipher.DECRYPT_MODE, key); + return cipher; + } + } + + private static class LeakByteBuffer implements LeakInputType { + public void doOperation(Cipher cipher, int mode) throws Exception { + if (mode == DECRYPT_MODE) { + cipher.update(ByteBuffer.allocate(1), ByteBuffer.allocate(1)); + cipher.doFinal(ByteBuffer.allocate(0), ByteBuffer.allocate(1)); + } + } + } + + private static class LeakByteArray implements LeakInputType { + public void doOperation(Cipher cipher, int mode) throws Exception { + if (mode == DECRYPT_MODE) { + cipher.update(new byte[1]); + cipher.doFinal(new byte[1], 0, 0); + } + } + } + + public static void main(String[] args) throws Exception { + main(new CancelMultipart(), args); + } + + @Override + public void main(Provider p) throws Exception { + init(p); + + // Try multiple paths: + + executeTest(new SessionLeaker(new LeakDecrypt(), new LeakByteArray()), + "P11Cipher::implDoFinal(byte[], int, int)"); + + executeTest(new SessionLeaker(new LeakDecrypt(), new LeakByteBuffer()), + "P11Cipher::implDoFinal(ByteBuffer)"); + + System.out.println("TEST PASS - OK"); + } + + private static void executeTest(SessionLeaker sl, String testName) + throws Exception { + try { + sl.leakAndTry(); + System.out.println(testName + ": OK"); + } catch (Exception e) { + System.out.println(testName + ": FAILED"); + throw e; + } + } + + private static void init(Provider p) throws Exception { + provider = p; + + // The max number of sessions is 2 because, in addition to the + // operation (i.e. PKCS11::getNativeKeyInfo), a session to hold + // the P11Key object is needed. + setMaxSessions(2); + } + + /* + * This method is intended to generate pression on the number of sessions + * to be used from the NSS Software Token, so sessions with (potentially) + * active operations are reused. + */ + private static void setMaxSessions(int maxSessions) throws Exception { + Field tokenField = Class.forName("sun.security.pkcs11.SunPKCS11") + .getDeclaredField("token"); + tokenField.setAccessible(true); + Field sessionManagerField = Class.forName("sun.security.pkcs11.Token") + .getDeclaredField("sessionManager"); + sessionManagerField.setAccessible(true); + Field maxSessionsField = Class.forName("sun.security.pkcs11.SessionManager") + .getDeclaredField("maxSessions"); + maxSessionsField.setAccessible(true); + Object sessionManagerObj = sessionManagerField.get( + tokenField.get(provider)); + maxSessionsField.setInt(sessionManagerObj, maxSessions); + } + + private static void tryCipherInit() throws Exception { + Cipher cipher = Cipher.getInstance("AES/ECB/NoPadding", provider); + + // A CKR_OPERATION_ACTIVE error may be thrown if a session was + // returned to the Session Manager with an active operation, and + // we try to initialize the Cipher using it. + // + // Given that the maximum number of sessions was forced to 2, we know + // that the session to be used here was already used in a previous + // (failed) operation. Thus, the test asserts that the operation was + // properly cancelled. + cipher.init(Cipher.ENCRYPT_MODE, key); + + // If initialization passes, finish gracefully so other paths can + // be tested under the current maximum number of sessions. + cipher.doFinal(new byte[16], 0, 0); + } +} From 5b0b24b58d5fc3dbcba2905deb87129cb296dc47 Mon Sep 17 00:00:00 2001 From: "Daniel D. Daugherty" Date: Mon, 25 Jan 2021 18:20:21 +0000 Subject: [PATCH 3/5] 8260381: ProblemList com/sun/management/DiagnosticCommandMBean/DcmdMBeanTestCheckJni.java on Win with ZGC Reviewed-by: sspitsyn, sgehwolf --- test/jdk/ProblemList-zgc.txt | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/test/jdk/ProblemList-zgc.txt b/test/jdk/ProblemList-zgc.txt index 8fd7a85d1c468..d6db2da1b8d9b 100644 --- a/test/jdk/ProblemList-zgc.txt +++ b/test/jdk/ProblemList-zgc.txt @@ -1,5 +1,5 @@ # -# Copyright (c) 2020, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2020, 2021, Oracle and/or its affiliates. All rights reserved. # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. # # This code is free software; you can redistribute it and/or modify it @@ -26,3 +26,5 @@ # List of quarantined tests for testing with ZGC. # ############################################################################# + +com/sun/management/DiagnosticCommandMBean/DcmdMBeanTestCheckJni.java 8260378 windows-all From 73c78c8aa093a150f7277391abe2418a0c8a1f7a Mon Sep 17 00:00:00 2001 From: Joe Darcy Date: Mon, 25 Jan 2021 19:06:56 +0000 Subject: [PATCH 4/5] 8260329: Update references to TAOCP to latest edition Reviewed-by: alanb, bpb --- .../classes/java/math/MutableBigInteger.java | 6 +++--- .../share/classes/java/util/Random.java | 17 +++++++++-------- 2 files changed, 12 insertions(+), 11 deletions(-) diff --git a/src/java.base/share/classes/java/math/MutableBigInteger.java b/src/java.base/share/classes/java/math/MutableBigInteger.java index 8eb0d0d5d9b43..ace9a035e3110 100644 --- a/src/java.base/share/classes/java/math/MutableBigInteger.java +++ b/src/java.base/share/classes/java/math/MutableBigInteger.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2020, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2021, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -1166,7 +1166,7 @@ MutableBigInteger divideKnuth(MutableBigInteger b, MutableBigInteger quotient) { * Calculates the quotient of this div b and places the quotient in the * provided MutableBigInteger objects and the remainder object is returned. * - * Uses Algorithm D in Knuth section 4.3.1. + * Uses Algorithm D from Knuth TAOCP Vol. 2, 3rd edition, section 4.3.1. * Many optimizations to that algorithm have been adapted from the Colin * Plumb C library. * It special cases one word divisors for speed. The content of b is not @@ -1980,7 +1980,7 @@ MutableBigInteger hybridGCD(MutableBigInteger b) { * Assumes that this and v are not zero. */ private MutableBigInteger binaryGCD(MutableBigInteger v) { - // Algorithm B from Knuth section 4.5.2 + // Algorithm B from Knuth TAOCP Vol. 2, 3rd edition, section 4.5.2 MutableBigInteger u = this; MutableBigInteger r = new MutableBigInteger(); diff --git a/src/java.base/share/classes/java/util/Random.java b/src/java.base/share/classes/java/util/Random.java index c4f07d33a0c30..2dc5e3d5b3774 100644 --- a/src/java.base/share/classes/java/util/Random.java +++ b/src/java.base/share/classes/java/util/Random.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1995, 2019, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1995, 2021, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -39,8 +39,9 @@ /** * An instance of this class is used to generate a stream of * pseudorandom numbers. The class uses a 48-bit seed, which is - * modified using a linear congruential formula. (See Donald Knuth, - * The Art of Computer Programming, Volume 2, Section 3.2.1.) + * modified using a linear congruential formula. (See Donald E. Knuth, + * The Art of Computer Programming, Volume 2, Third + * edition: Seminumerical Algorithms, Section 3.2.1.) *

* If two instances of {@code Random} are created with the same * seed, and the same sequence of method calls is made for each, they @@ -187,8 +188,8 @@ public synchronized void setSeed(long seed) { * * This is a linear congruential pseudorandom number generator, as * defined by D. H. Lehmer and described by Donald E. Knuth in - * The Art of Computer Programming, Volume 2: - * Seminumerical Algorithms, section 3.2.1. + * The Art of Computer Programming, Volume 2, Third edition: + * Seminumerical Algorithms, section 3.2.1. * * @param bits random bits * @return the next pseudorandom value from this random number @@ -569,8 +570,8 @@ public double nextDouble() { * } * }} * This uses the polar method of G. E. P. Box, M. E. Muller, and - * G. Marsaglia, as described by Donald E. Knuth in The Art of - * Computer Programming, Volume 2: Seminumerical Algorithms, + * G. Marsaglia, as described by Donald E. Knuth in The Art of + * Computer Programming, Volume 2, third edition: Seminumerical Algorithms, * section 3.4.1, subsection C, algorithm P. Note that it generates two * independent values at the cost of only one call to {@code StrictMath.log} * and one call to {@code StrictMath.sqrt}. @@ -581,7 +582,7 @@ public double nextDouble() { * generator's sequence */ public synchronized double nextGaussian() { - // See Knuth, ACP, Section 3.4.1 Algorithm C. + // See Knuth, TAOCP, Vol. 2, 3rd edition, Section 3.4.1 Algorithm C. if (haveNextNextGaussian) { haveNextNextGaussian = false; return nextNextGaussian; From 12ccd211f2944e8c2d03dfdafef3bac9f9ce774b Mon Sep 17 00:00:00 2001 From: Andrew Leonard Date: Mon, 25 Jan 2021 19:26:36 +0000 Subject: [PATCH 5/5] 8260289: Unable to customize module lists after change JDK-8258411 Reviewed-by: ihse, alanb --- make/common/Modules.gmk | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/make/common/Modules.gmk b/make/common/Modules.gmk index c8cd4e90fad4f..1bc71c316ef08 100644 --- a/make/common/Modules.gmk +++ b/make/common/Modules.gmk @@ -1,5 +1,5 @@ # -# Copyright (c) 2014, 2020, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2014, 2021, Oracle and/or its affiliates. All rights reserved. # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. # # This code is free software; you can redistribute it and/or modify it @@ -26,9 +26,6 @@ ifndef _MODULES_GMK _MODULES_GMK := 1 -# Hook to include the corresponding custom file, if present. -$(eval $(call IncludeCustomExtension, common/Modules.gmk)) - ################################################################################ # Setup module sets for classloaders @@ -48,6 +45,11 @@ include $(TOPDIR)/make/conf/docs-modules.conf include $(TOPDIR)/make/conf/build-module-sets.conf +################################################################################ +# Hook to include the corresponding custom file, if present. +# Allowing MODULE list extensions setup above. +$(eval $(call IncludeCustomExtension, common/Modules.gmk)) + ################################################################################ # Depending on the configuration, we might need to filter out some modules that # normally should have been included