[kaffe] verifyMode, obsolete flags, a man page patch, and trusted code

[Rob Gonzalez]

  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.
  Send mail to mime@docserver.cac.washington.edu for more info.

--Boundary_(ID_bvfAOgey2EgtsOQ0EwRHkw)
Content-type: TEXT/PLAIN; charset=US-ASCII

hi everyone,

I'm currently redoing a few sections of my verifier and adding support for
subroutine verification (the one major thing that has been lacking from my
verifier implementation this whole time...so my verifier has never been
able to check any classes with try-finally clauses), but have a couple
questions that'll help me get it be ready for sharing.


In the method verify3() in kaffe/kaffevm/verify.c, a quick check is made
to see whether verifyMode = 0 and, if so, no verification is performed.

In kaffe/kaffe/main.c, flags are processed.  According to the kaffe man
page, -noverify (which sets verifyMode to 0) is the only option that can
change the way verification is done.  However, main.c also accepts -verify
(setting verifyMode to 3) and -verifyremote (setting it to 2).  In
kaffe/kaffevm/jni.c, verifyMode is set to 0 (no verification) by default.

I cannot find documentation anywhere as to what -verifyremote really
means.  If this option is obsolete, it should probably be removed from
main.c's option() method.  Otherwise, I need to know what -verifyremote is
supposed to do.

Also, documentation for -verify should probably be included in kaffe's man
page.  It doesn't make sense to remove this option because, currently, not
verifying anything is the default, so there should be a way to turn it on
:)  I've included a patch that adds documentation for -verify to the man
page.


I also have a question regarding the verification of trusted libraries.  
I know that kaffe now has support for -bootclasspath.  Should the
verifier, to save time, not verify any classes that are found in the
-bootclasspath?  Or should it ignore standard library classes to save time
and, if so, how would it determine which classes are standard library and
which are not?  At the moment my verifier checks that the first few
characters of the class being verified are "kaffe/" or "java/" and that
its loader is the default loader, but I'm not convinced this is 100% safe.  
Any thoughts would be appreciated.


Thanks,
Rob


ps - Just started playing with 1.1.0 the last few days, and I'm pretty
impressed.  Many kudos to all you who have been putting a ton of time into
this project since 1.0.7!

--Boundary_(ID_bvfAOgey2EgtsOQ0EwRHkw)
Content-id: <Pine.LNX.4.21.0306181554440.11899@olga.williams.edu>
Content-type: TEXT/PLAIN; charset=US-ASCII; name="kaffe_man.patch"
Content-transfer-encoding: BASE64
Content-disposition: attachment; filename="kaffe_man.patch"
Content-description:

LS0tIGthZmZlL21hbi9rYWZmZS4xLmluCTIwMDItMDQtMTYgMTY6NTI6NTEu
MDAwMDAwMDAwIC0wNTAwDQorKysgLi4va2FmZmUva2FmZmUvbWFuL2thZmZl
LjEuaW4JMjAwMy0wNi0xOCAxNTowOTozMi4wMDAwMDAwMDAgLTA1MDANCkBA
IC0xMyw3ICsxMyw3IEBADQogLkJJICJbXC1teCIgIiBzaXplIiAiXSINCiAu
QkkgIltcLWNsYXNzcGF0aCIgIiBwYXRoIiAiXSINCiAuQkkgIltcLWFkZGNs
YXNzcGF0aCIgIiBwYXRoIiAiXSINCi0uQkkgIltcLW5vdmVyaWZ5XSINCisu
QkkgIltcLXZlcmlmeSB8IFwtbm92ZXJpZnldIg0KIC5CSSAiW1wtRCIgInBy
b3BlcnR5IiAiPSIgInZhbHVlIiAiXSINCiAuQkkgIltcLXZdIg0KIC5CSSAi
W1wtdmVyYm9zZWdjXSINCkBAIC01Nyw2ICs1Nyw5IEBADQogQXBwZW5kcyB0
aGUgZ2l2ZW4gcGF0aCB0byB0aGUgY3VycmVudCBjbGFzc3BhdGggc2V0dGlu
Zy4gTXVsdGlwbGUNCiBpbnN0YW5jZXMgb2YgdGhpcyBmbGFnIG1heSBiZSBn
aXZlbi4NCiAuVFANCisuQiAiXC12ZXJpZnkiDQorVmVyaWZ5IGFsbCBieXRl
Y29kZSB0aGF0IGlzIG5vdCB0cnVzdGVkLg0KKy5UUA0KIC5CICJcLW5vdmVy
aWZ5Ig0KIERvIG5vdCB2ZXJpZnkgYW55IGJ5dGVjb2RlLg0KIC5UUA0K

--Boundary_(ID_bvfAOgey2EgtsOQ0EwRHkw)--