diff --git a/ci.hocon b/ci.hocon
index 2fa167821403e54d45b5d3b0fdfb28ba50b662f8..14a118d4bce34232d3b76025d0022397ec46127b 100644
--- a/ci.hocon
+++ b/ci.hocon
@@ -127,7 +127,7 @@ gateTestLinuxNFI : ${gateTestCommon} {
gateTestManagedLinux: ${common} {
environment : {
- FASTR_MANAGED : "true"
+ FASTR_RFFI : "managed"
}
run : [
${gateCmd} ["Versions,JDKReleaseInfo,BuildJavaWithJavac"]
diff --git a/com.oracle.truffle.r.native.recommended/Makefile b/com.oracle.truffle.r.native.recommended/Makefile
index 9b9eaa96e99c6fac69eb797e7f37c6ef9e51e2a5..b44020033d70fa87dc57b5079d0ef954b2d045e3 100644
--- a/com.oracle.truffle.r.native.recommended/Makefile
+++ b/com.oracle.truffle.r.native.recommended/Makefile
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2016, 2016, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2016, 2017, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
@@ -51,6 +51,7 @@ GNUR_RECOMMENDED_TARS := $(foreach pkg, $(GNUR_RECOMMENDED_PKGNAMES),$(GNUR_HOME
all: install.recommended
ifdef FASTR_RELEASE
+ifneq ($(FASTR_RFFI),managed)
install.recommended: $(GNUR_RECOMMENDED_TARS)
for pkgtar in $(GNUR_RECOMMENDED_TARS); do \
$(FASTR_R_HOME)/bin/R CMD INSTALL --library=$(FASTR_R_HOME)/library $$pkgtar; \
@@ -62,6 +63,9 @@ ifeq ($(OS_NAME),Darwin)
mx rupdatelib $(FASTR_R_HOME)/library/$$pkgname/libs; \
fi \
done
+endif
+else
+install.recommended:
endif
touch install.recommended
else
diff --git a/com.oracle.truffle.r.native/Makefile b/com.oracle.truffle.r.native/Makefile
index 69ba9ce1860aaf7d021ada51424d36dc30cad552..9c35cd4da67430a24da06d00f9d72cc5b3b55131 100644
--- a/com.oracle.truffle.r.native/Makefile
+++ b/com.oracle.truffle.r.native/Makefile
@@ -30,13 +30,10 @@ export FASTR_NATIVE_DIR = $(TOPDIR)
export R_VERSION = $(subst R-,,$(notdir $(basename $(basename $(wildcard $(FASTR_R_HOME)/libdownloads/R-*.gz)))))
export GNUR_HOME = $(TOPDIR)/gnur/R-$(R_VERSION)
+
ifndef FASTR_RFFI
-ifeq ($(FASTR_MANAGED),true)
-export FASTR_RFFI = managed
-else
export FASTR_RFFI = jni
endif
-endif
# Completely accurate dependency analysis is very difficult for this project, so use a version number
# to force a clean build, and elsewhere use sentinels to avoid rebuilding when we can't compute the
diff --git a/com.oracle.truffle.r.runtime/src/com/oracle/truffle/r/runtime/FastRConfig.java b/com.oracle.truffle.r.runtime/src/com/oracle/truffle/r/runtime/FastRConfig.java
index 8d6bbf8f1bf32640ec626bed909b96e80c31e37f..96161a3d6afe2fee3012cd7eca8c4adc15a1d863 100644
--- a/com.oracle.truffle.r.runtime/src/com/oracle/truffle/r/runtime/FastRConfig.java
+++ b/com.oracle.truffle.r.runtime/src/com/oracle/truffle/r/runtime/FastRConfig.java
@@ -31,13 +31,13 @@ public final class FastRConfig {
/**
* Umbrella option, which changes default values of other options in a way that FastR will not
* invoke any native code directly and other potentially security sensitive operations are
- * restricted. Can be configured via environment variable {@code FASTR_MANAGED}.
+ * restricted. Can be configured via environment variable {@code FASTR_RFFI=managed}.
*/
public static final boolean ManagedMode;
static {
- String managedModeVal = System.getenv("FASTR_MANAGED");
- ManagedMode = managedModeVal != null && managedModeVal.equals("true");
+ String rffiVal = System.getenv("FASTR_RFFI");
+ ManagedMode = rffiVal != null && rffiVal.equals("managed");
if (ManagedMode) {
InternalGridAwtSupport = false;
} else {
diff --git a/documentation/dev/managed_ffi.md b/documentation/dev/managed_ffi.md
index 4e07641430cc13487e861d24c288b7e112db7a2a..22f9d046fba35fe8ec4e8f10403d4d496dc1c3e0 100644
--- a/documentation/dev/managed_ffi.md
+++ b/documentation/dev/managed_ffi.md
@@ -1,25 +1,25 @@
# Quick start
-FastR supports a 'managed' mode, in which it does not execute any native code directly, especially code coming from GNU R and packages,
-and tries to avoid other potentially security sensitive code, e.g. instrumentation agents. To enable this mode, clean build and run
-FastR with environment variable `FASTR_MANAGED` set to *true*.
+FastR supports a 'managed' mode, in which it does not execute any native code directly, especially code coming from GNU R and packages,
+and tries to avoid other potentially security sensitive code, e.g. instrumentation agents. To enable this mode, clean build and run
+FastR with environment variable `FASTR_RFFI` set to `managed`.
# Details
-FastR has an 'implementation' of RFFI that does not use any native code directly (e.g. through JNI) and implements only small subset of the API.
-Any usage of the unimplemented parts will cause error at runtime. To enable this RFFI implementation clean build FastR with environment variable
-`FASTR_RFFI` set to *managed* and when running FastR set java property named *fastr.rffi.factory.class* to
+FastR has an 'implementation' of RFFI that does not use any native code directly (e.g. through JNI) and implements only small subset of the API.
+Any usage of the unimplemented parts will cause error at runtime. To enable this RFFI implementation clean build FastR with environment variable
+`FASTR_RFFI` set to *managed* and when running FastR set java property named *fastr.rffi.factory.class* to
`com.oracle.truffle.r.runtime.ffi.managed.Managed_RFFIFactory`.
There are additional options that can restrict other usages of native code in FastR:
-* When FastR option `LoadPackagesNativeCode=false`, then FastR does not load builtin packages (graphics and base) native code.
+* When FastR option `LoadPackagesNativeCode=false`, then FastR does not load builtin packages (graphics and base) native code.
Note that loading of their native code is going to fail with *managed* RFFI implementation.
-* When FastR option `LoadProfiles=false`, then FastR does not load user profile, machine profile etc. Those scripts typically use
+* When FastR option `LoadProfiles=false`, then FastR does not load user profile, machine profile etc. Those scripts typically use
some R code that ends up trying to call native code, which is again going to fail with *managed* RFFI implementation.
-* Set `FastRConfig#InternalGridAwtSupport` to `false` before building FastR. This should remove usages of AWT from FastR's
+* Set `FastRConfig#InternalGridAwtSupport` to `false` before building FastR. This should remove usages of AWT from FastR's
bytecode and thus reduce the amount of native code that can be invoked by running arbitrary R code in FastR.
Following option can be useful for improving security when running FastR:
-* Set java property *fastr.objectsize.factory.class* to `com.oracle.truffle.r.runtime.data.SimpleObjectSizeFactory` to avoid
+* Set java property *fastr.objectsize.factory.class* to `com.oracle.truffle.r.runtime.data.SimpleObjectSizeFactory` to avoid
usage of otherwise more precise `AgentObjectSizeFactory`, which uses instrumentation agent.
diff --git a/mx.fastr/mx_fastr_dists.py b/mx.fastr/mx_fastr_dists.py
index 37b9b4a7bde157c146efb7e9d39dfa395d5d35ef..c90cf2fc383375734d80835b764f4a0f949481eb 100644
--- a/mx.fastr/mx_fastr_dists.py
+++ b/mx.fastr/mx_fastr_dists.py
@@ -193,7 +193,7 @@ class FastRArchiveParticipant:
# will include all their class files at the top-level of the jar by default.
# Since we have already encapsulated the class files in 'fastr_jars/fastr.jar' we
# suppress their inclusion here by resetting the deps field. A bit of a hack.
- if self.dist.name == "FASTR_RELEASE":
+ if "FASTR_RELEASE" in self.dist.name:
assert isinstance(self.dist.deps[0], FastRReleaseProject)
self.release_project = self.dist.deps[0]
self.dist.deps[0].deps = []
@@ -205,7 +205,7 @@ class FastRArchiveParticipant:
return False
def __closing__(self):
- if self.dist.name == "FASTR_RELEASE" and os.environ.has_key('FASTR_RELEASE'):
+ if "FASTR_RELEASE" in self.dist.name and os.environ.has_key('FASTR_RELEASE'):
# the files copied in can be confused as source files by
# e.g., mx copyright, so delete them, specifically thne
# include dir
@@ -213,6 +213,13 @@ class FastRArchiveParticipant:
shutil.rmtree(include_dir)
def mx_post_parse_cmd_line(opts):
+ if os.environ.has_key('FASTR_RFFI'):
+ val = os.environ['FASTR_RFFI']
+ else:
+ val = ""
+
+ mx.instantiateDistribution('FASTR_RELEASE<rffi>', dict(rffi=val))
for dist in mx_fastr._fastr_suite.dists:
if isinstance(dist, mx.JARDistribution):
dist.set_archiveparticipant(FastRArchiveParticipant(dist))
+
diff --git a/mx.fastr/suite.py b/mx.fastr/suite.py
index b827db109703e4f0d3f90b9a7b777538a231e719..03a6208f072b5b7688dc96673ece4b6fa4a4f66b 100644
--- a/mx.fastr/suite.py
+++ b/mx.fastr/suite.py
@@ -365,26 +365,26 @@ suite = {
],
},
- "FASTR_RELEASE": {
+ "FASTR_RELEASE<rffi>": {
"description" : "a binary release of FastR",
"dependencies" : ["com.oracle.truffle.r.release"],
"os_arch" : {
"linux" : {
"amd64" : {
- "path" : "mxbuild/dists/linux/amd64/fastr-release.jar",
+ "path" : "mxbuild/dists/linux/amd64/<rffi>/fastr-release.jar",
},
"sparcv9" : {
- "path" : "mxbuild/dists/linux/sparcv9/fastr-release.jar",
+ "path" : "mxbuild/dists/linux/sparcv9/<rffi>/fastr-release.jar",
},
},
"darwin" : {
"amd64" : {
- "path" : "mxbuild/dists/darwin/amd64/fastr-release.jar",
+ "path" : "mxbuild/dists/darwin/amd64/<rffi>/fastr-release.jar",
},
},
"solaris" : {
"sparcv9" : {
- "path" : "mxbuild/dists/solaris/sparcv9/fastr-release.jar",
+ "path" : "mxbuild/dists/solaris/sparcv9/<rffi>/fastr-release.jar",
},
},
},