1 /*
2 * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 *
23 */
24
25 /**
26 * @test
27 * @bug 8136421
28 * @requires (os.simpleArch == "x64" | os.simpleArch == "sparcv9" | os.simpleArch == "aarch64")
29 * @library /testlibrary /../../test/lib /
30 * @run main/othervm -XX:+UnlockExperimentalVMOptions -XX:+EnableJVMCI
31 * compiler.jvmci.SecurityRestrictionsTest
32 * NO_SEC_MAN
33 * @run main/othervm -XX:+UnlockExperimentalVMOptions -XX:+EnableJVMCI
34 * compiler.jvmci.SecurityRestrictionsTest
35 * NO_PERM
36 * @run main/othervm -XX:+UnlockExperimentalVMOptions -XX:+EnableJVMCI
37 * compiler.jvmci.SecurityRestrictionsTest
38 * ALL_PERM
39 * @run main/othervm -XX:+UnlockExperimentalVMOptions -XX:+EnableJVMCI
40 * compiler.jvmci.SecurityRestrictionsTest
41 * NO_JVMCI_ACCESS_PERM
42 * @run main/othervm -XX:+UnlockExperimentalVMOptions
43 * compiler.jvmci.SecurityRestrictionsTest
44 * NO_JVMCI
45 */
46
47 package compiler.jvmci;
48
49 import jdk.vm.ci.hotspot.CompilerToVM;
50 import jdk.test.lib.Utils;
51 import java.lang.InternalError;
52 import java.security.AccessControlException;
53 import java.security.Permission;
54 import java.util.PropertyPermission;
55 import java.util.function.Consumer;
56
57 public class SecurityRestrictionsTest {
58
59 public static void main(String[] args) {
60 try {
61 // to init Utils before call SecurityManager
62 Class.forName(Utils.class.getName(), true,
63 Utils.class.getClassLoader());
64 } catch (ClassNotFoundException e) {
65 throw new Error("[TEST BUG]: jdk.test.lib.Utils not found", e);
66 }
67 try {
68 TestCase mode = TestCase.valueOf(args[0]);
69 mode.run();
70 } catch (IllegalArgumentException e) {
71 throw new Error("[TEST BUG]: Unknown mode " + args[0], e);
72 }
73 }
74
75 private enum TestCase {
76 NO_SEC_MAN,
77 NO_JVMCI {
78 @Override
79 public Class<? extends Throwable> getExpectedException() {
80 return InternalError.class;
81 }
82 },
83 ALL_PERM {
84 @Override
85 public SecurityManager getSecurityManager() {
86 return new SecurityManager() {
87 @Override
88 public void checkPermission(Permission perm) {
89 }
90 };
91 }
92 },
93 NO_PERM {
94 @Override
95 public SecurityManager getSecurityManager() {
96 return new SecurityManager();
97 }
98
99 @Override
100 public Class<? extends Throwable> getExpectedException() {
101 return AccessControlException.class;
102 }
103 },
104 NO_JVMCI_ACCESS_PERM {
105 @Override
106 public SecurityManager getSecurityManager() {
107 return new SecurityManager() {
108 @Override
109 public void checkPermission(Permission perm) {
110 if (isJvmciPermission(perm)) {
111 super.checkPermission(perm);
112 }
113 }
114
115 @Override
116 public void checkPropertyAccess(String key) {
117 if (key.startsWith(JVMCI_PROP_START)) {
118 super.checkPropertyAccess(key);
119 }
120 }
121 };
122 }
123
124 private boolean isJvmciPermission(Permission perm) {
125 String name = perm.getName();
126 boolean isJvmciRuntime = perm instanceof RuntimePermission
127 && (JVMCI_SERVICES.equals(name)
128 || name.startsWith(JVMCI_RT_PERM_START));
129 boolean isJvmciProperty = perm instanceof PropertyPermission
130 && name.startsWith(JVMCI_PROP_START);
131 return isJvmciRuntime || isJvmciProperty;
132 }
133
134 @Override
135 public Class<? extends Throwable> getExpectedException() {
136 return AccessControlException.class;
137 }
138 };
139
140 public void run() {
141 System.setSecurityManager(getSecurityManager());
142 Consumer<Throwable> exceptionCheck = e -> {
143 if (e == null) {
144 if (getExpectedException() != null) {
145 String message = name() + ": Didn't get expected exception "
146 + getExpectedException();
147 throw new AssertionError(message);
148 }
149 } else {
150 String message = name() + ": Got unexpected exception "
151 + e.getClass().getSimpleName();
152 if (getExpectedException() == null){
153 throw new AssertionError(message, e);
154 }
155
156 Throwable t = e;
157 while (t.getCause() != null) {
158 t = t.getCause();
159 }
160 if (!getExpectedException().isAssignableFrom(t.getClass())) {
161 message += " instead of " + getExpectedException()
162 .getSimpleName();
163 throw new AssertionError(message, e);
164 }
165 }
166 };
167 Utils.runAndCheckException(CompilerToVM::new, exceptionCheck);
168 }
169
170 public SecurityManager getSecurityManager() {
171 return null;
172 }
173
174 public Class<? extends Throwable> getExpectedException() {
175 return null;
176 }
177
178 private static final String JVMCI_RT_PERM_START
179 = "accessClassInPackage.jdk.vm.ci";
180 private static final String JVMCI_SERVICES = "jvmciServices";
181 private static final String JVMCI_PROP_START = "jvmci.";
182
183 }
184 }