Trying to run SDK 5 fat jar. Getting a JNI error - java.lang.UnsatisfiedLinkError

[seanleblancicdtech]

This is on RHEL 7. I've installed cloudhsm JCE 5.6.0:

$ rpm -qa | grep cloud
cloudhsm-jce-5.6.0-1.el7.x86_64

I also ran the configure-jce step:

$ sudo /opt/cloudhsm/bin/configure-jce -a $HSM_IP

Is there something else to install to get the shared libraries for SDK 5?

When I try to run the fat jar built with Maven from the Github repo (on sdk5 branch), I get this:

java -ea -jar login-runner.jar --method explicit --user user --password pass
Exception in thread "main" java.lang.ExceptionInInitializerError
    at com.amazonaws.cloudhsm.examples.LoginRunner.loginWithExplicitCredentials(LoginRunner.java:113)
    at com.amazonaws.cloudhsm.examples.LoginRunner.main(LoginRunner.java:90)
Caused by: com.amazonaws.cloudhsm.jce.jni.exception.InternalException: Failed to load cloudhsm_jce native library. Error: java.lang.UnsatisfiedLinkError: /tmp/CloudHsmNativeLibraryTemporaryDir7438679742437118261/libcloudhsm_jce.so: /tmp/CloudHsmNativeLibraryTemporaryDir7438679742437118261/libcloudhsm_jce.so: failed to map segment from shared object: Operation not permitted
    at com.amazonaws.cloudhsm.jce.provider.CloudHsmProvider.<clinit>(CloudHsmProvider.java:539)
    ... 2 more
Caused by: java.lang.UnsatisfiedLinkError: /tmp/CloudHsmNativeLibraryTemporaryDir7438679742437118261/libcloudhsm_jce.so: /tmp/CloudHsmNativeLibraryTemporaryDir7438679742437118261/libcloudhsm_jce.so: failed to map segment from shared object: Operation not permitted
    at java.lang.ClassLoader$NativeLibrary.load(Native Method)
    at java.lang.ClassLoader.loadLibrary0(ClassLoader.java:1934)
    at java.lang.ClassLoader.loadLibrary(ClassLoader.java:1817)
    at java.lang.Runtime.load0(Runtime.java:810)
    at java.lang.System.load(System.java:1088)
    at com.amazonaws.cloudhsm.jce.provider.NativeLibraryLoader.loadLibrary(NativeLibraryLoader.java:53)
    at com.amazonaws.cloudhsm.jce.provider.CloudHsmProvider.<clinit>(CloudHsmProvider.java:535)
    ... 2 more

[seanleblancicdtech]

Following up. Turns out the jar already has the shared object, and I guess it's a security-related issue for /tmp, so I remounted /tmp with the right options, and it now works.

sudo mount /tmp -o remount,exec

[rday]

Thank you for the update! I'll close this out, please re-open if there are further issues.

[qian-binary]

I have the similar issue about provider initialisation for JCE sdk 5 ? any clue? thanks

Exception in thread "main" java.lang.ExceptionInInitializerError at com.amazonaws.cloudhsm.examples.AESGCMEncryptDecryptRunner.main(AESGCMEncryptDecryptRunner.java:45) Caused by: com.amazonaws.cloudhsm.jce.jni.exception.InternalException: Failed to load cloudhsm_jce native library. Error: java.lang.UnsatisfiedLinkError: /tmp/CloudHsmNativeLibraryTemporaryDir8118521319059094837/libcloudhsm_jce.so: /tmp/CloudHsmNativeLibraryTemporaryDir8118521319059094837/libcloudhsm_jce.so: failed to map segment from shared object at com.amazonaws.cloudhsm.jce.provider.CloudHsmProvider.(CloudHsmProvider.java:719) ... 1 more Caused by: java.lang.UnsatisfiedLinkError: /tmp/CloudHsmNativeLibraryTemporaryDir8118521319059094837/libcloudhsm_jce.so: /tmp/CloudHsmNativeLibraryTemporaryDir8118521319059094837/libcloudhsm_jce.so: failed to map segment from shared object at java.lang.ClassLoader$NativeLibrary.load(Native Method) at java.lang.ClassLoader.loadLibrary0(ClassLoader.java:1934) at java.lang.ClassLoader.loadLibrary(ClassLoader.java:1817) at java.lang.Runtime.load0(Runtime.java:782) at java.lang.System.load(System.java:1100) at com.amazonaws.cloudhsm.jce.provider.NativeLibraryLoader.loadLibrary(NativeLibraryLoader.java:51) at com.amazonaws.cloudhsm.jce.provider.CloudHsmProvider.(CloudHsmProvider.java:715) ... 1 more