Red Hat Summit Red Hat SummitSupportConsoleDevelopersStart a trialContact

Using alt-java with Red Hat build of OpenJDK

Red Hat build of OpenJDK 8

Red Hat Customer Content Services

Abstract

Red Hat build of OpenJDK 8 is a Red Hat offering on the Red Hat Enterprise Linux platform. The Using alt-java with Red Hat build of OpenJDK guide provides an overview of alt-java, defines the differences between java and alt-java binaries, and explains how to use alt-java.

Providing feedback on Red Hat build of OpenJDK documentation

To report an error or to improve our documentation, log in to your Red Hat Jira account and submit an issue. If you do not have a Red Hat Jira account, then you will be prompted to create an account.

Procedure

  1. Click the following link to create a ticket.
  2. Enter a brief description of the issue in the Summary.
  3. Provide a detailed description of the issue or enhancement in the Description. Include a URL to where the issue occurs in the documentation.
  4. Clicking Submit creates and routes the issue to the appropriate documentation team.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. We are beginning with these four terms: master, slave, blacklist, and whitelist. Because of the enormity of this endeavor, these changes will be implemented gradually over several upcoming releases. For more details, see our CTO Chris Wright’s message.

Chapter 1. Overview of alt-java

Red Hat packages contain a mitigation for the SSB vulnerability in the form of a patch for the java binary. This patch disables an optimization present in x86-64 (Intel and AMD) processors. Disabling that optimization reduces the risk of kernel side-channel attacks, but also reduces CPU performance.

Since the patch reduces performance, it has been removed from the java launcher. A new binary alt-java is now available. From the January 2021 Critical Patch Update release (1.8.0 282.b08, 11.0.10.9) onwards, the alt-java binary is included in Red Hat build of OpenJDK 8 and Red Hat build of OpenJDK 11 GA RPM packages.

Additional resources

Chapter 2. Differences between java and alt-java

Similarities exist between alt-java and java binaries, with the exception of the SSB mitigation.

Although the SBB mitigation patch exists only for x86-64 architecture, Intel and AMD, the alt-java exists on all architectures. For non-x86 architectures, the alt-java binary is identical to java binary, except alt-java has no patches.

Additional resources

  • For more information about similarities between alt-java and java, see RH1750419 in the Red Hat Bugzilla documentation.

Chapter 3. alt-java and java uses

Depending on your needs, you can use either the alt-java binary or the java binary to run your application’s code.

3.1. alt-java usage

Use alt-java for any applications that run untrusted code. Be aware that using alt-java is not a solution to all speculative execution vulnerabilities.

3.2. java usage

Use the java binary for performance-critical tasks in a secure environment. Most RPMs in a Red Hat Enterprise Linux system use the java binary, except for IcedTea-Web. IcedTea-Web uses alt-java as its launcher, so you can use IcedTea-Web to run untrusted code.

Additional resources

Chapter 4. Performance impact of alt-java

The alt-java binary contains the SSB mitigation, so the SSB mitigation performance impact no longer exists on java.

Note

Using alt-java might significantly reduce the performance of Java programs.

You can find detailed information of some Java performance issues that might exist with using alt-java by selecting any of the Red Hat Bugzilla links listed in the Additional resources section.

Additional resources

Revised on 2024-05-10 09:08:05 UTC

Legal Notice

Copyright © 2024 Red Hat, Inc.
The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, the Red Hat logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
Node.js® is an official trademark of Joyent. Red Hat is not formally related to or endorsed by the official Joyent Node.js open source or commercial project.
The OpenStack® Word Mark and OpenStack logo are either registered trademarks/service marks or trademarks/service marks of the OpenStack Foundation, in the United States and other countries and are used with the OpenStack Foundation's permission. We are not affiliated with, endorsed or sponsored by the OpenStack Foundation, or the OpenStack community.
All other trademarks are the property of their respective owners.
Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.