1 /* 2 * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 * 23 */ 24 25 /** 26 * @test 27 * @bug 8136421 28 * @requires (os.simpleArch == "x64" | os.simpleArch == "sparcv9" | os.simpleArch == "aarch64") 29 * @library /testlibrary /../../test/lib / 30 * @run main/othervm -XX:+UnlockExperimentalVMOptions -XX:+EnableJVMCI 31 * compiler.jvmci.SecurityRestrictionsTest 32 * NO_SEC_MAN 33 * @run main/othervm -XX:+UnlockExperimentalVMOptions -XX:+EnableJVMCI 34 * compiler.jvmci.SecurityRestrictionsTest 35 * NO_PERM 36 * @run main/othervm -XX:+UnlockExperimentalVMOptions -XX:+EnableJVMCI 37 * compiler.jvmci.SecurityRestrictionsTest 38 * ALL_PERM 39 * @run main/othervm -XX:+UnlockExperimentalVMOptions -XX:+EnableJVMCI 40 * compiler.jvmci.SecurityRestrictionsTest 41 * NO_JVMCI_ACCESS_PERM 42 * @run main/othervm -XX:+UnlockExperimentalVMOptions 43 * compiler.jvmci.SecurityRestrictionsTest 44 * NO_JVMCI 45 */ 46 47 package compiler.jvmci; 48 49 import jdk.vm.ci.hotspot.CompilerToVM; 50 import jdk.test.lib.Utils; 51 import java.lang.InternalError; 52 import java.security.AccessControlException; 53 import java.security.Permission; 54 import java.util.PropertyPermission; 55 import java.util.function.Consumer; 56 57 public class SecurityRestrictionsTest { 58 59 public static void main(String[] args) { 60 try { 61 // to init Utils before call SecurityManager 62 Class.forName(Utils.class.getName(), true, 63 Utils.class.getClassLoader()); 64 } catch (ClassNotFoundException e) { 65 throw new Error("[TEST BUG]: jdk.test.lib.Utils not found", e); 66 } 67 try { 68 TestCase mode = TestCase.valueOf(args[0]); 69 mode.run(); 70 } catch (IllegalArgumentException e) { 71 throw new Error("[TEST BUG]: Unknown mode " + args[0], e); 72 } 73 } 74 75 private enum TestCase { 76 NO_SEC_MAN, 77 NO_JVMCI { 78 @Override 79 public Class<? extends Throwable> getExpectedException() { 80 return InternalError.class; 81 } 82 }, 83 ALL_PERM { 84 @Override 85 public SecurityManager getSecurityManager() { 86 return new SecurityManager() { 87 @Override 88 public void checkPermission(Permission perm) { 89 } 90 }; 91 } 92 }, 93 NO_PERM { 94 @Override 95 public SecurityManager getSecurityManager() { 96 return new SecurityManager(); 97 } 98 99 @Override 100 public Class<? extends Throwable> getExpectedException() { 101 return AccessControlException.class; 102 } 103 }, 104 NO_JVMCI_ACCESS_PERM { 105 @Override 106 public SecurityManager getSecurityManager() { 107 return new SecurityManager() { 108 @Override 109 public void checkPermission(Permission perm) { 110 if (isJvmciPermission(perm)) { 111 super.checkPermission(perm); 112 } 113 } 114 115 @Override 116 public void checkPropertyAccess(String key) { 117 if (key.startsWith(JVMCI_PROP_START)) { 118 super.checkPropertyAccess(key); 119 } 120 } 121 }; 122 } 123 124 private boolean isJvmciPermission(Permission perm) { 125 String name = perm.getName(); 126 boolean isJvmciRuntime = perm instanceof RuntimePermission 127 && (JVMCI_SERVICES.equals(name) 128 || name.startsWith(JVMCI_RT_PERM_START)); 129 boolean isJvmciProperty = perm instanceof PropertyPermission 130 && name.startsWith(JVMCI_PROP_START); 131 return isJvmciRuntime || isJvmciProperty; 132 } 133 134 @Override 135 public Class<? extends Throwable> getExpectedException() { 136 return AccessControlException.class; 137 } 138 }; 139 140 public void run() { 141 System.setSecurityManager(getSecurityManager()); 142 Consumer<Throwable> exceptionCheck = e -> { 143 if (e == null) { 144 if (getExpectedException() != null) { 145 String message = name() + ": Didn't get expected exception " 146 + getExpectedException(); 147 throw new AssertionError(message); 148 } 149 } else { 150 String message = name() + ": Got unexpected exception " 151 + e.getClass().getSimpleName(); 152 if (getExpectedException() == null){ 153 throw new AssertionError(message, e); 154 } 155 156 Throwable t = e; 157 while (t.getCause() != null) { 158 t = t.getCause(); 159 } 160 if (!getExpectedException().isAssignableFrom(t.getClass())) { 161 message += " instead of " + getExpectedException() 162 .getSimpleName(); 163 throw new AssertionError(message, e); 164 } 165 } 166 }; 167 Utils.runAndCheckException(CompilerToVM::new, exceptionCheck); 168 } 169 170 public SecurityManager getSecurityManager() { 171 return null; 172 } 173 174 public Class<? extends Throwable> getExpectedException() { 175 return null; 176 } 177 178 private static final String JVMCI_RT_PERM_START 179 = "accessClassInPackage.jdk.vm.ci"; 180 private static final String JVMCI_SERVICES = "jvmciServices"; 181 private static final String JVMCI_PROP_START = "jvmci."; 182 183 } 184 }