1 /* 2 * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 package jdk.vm.ci.hotspot; 24 25 import static java.lang.String.format; 26 27 import java.io.IOException; 28 import java.io.InputStream; 29 import java.lang.reflect.Constructor; 30 import java.lang.reflect.Executable; 31 import java.lang.reflect.Method; 32 import java.lang.reflect.Modifier; 33 import java.util.Arrays; 34 import java.util.Objects; 35 36 import jdk.vm.ci.common.JVMCIError; 37 import jdk.internal.org.objectweb.asm.ClassReader; 38 import jdk.internal.org.objectweb.asm.ClassVisitor; 39 import jdk.internal.org.objectweb.asm.Label; 40 import jdk.internal.org.objectweb.asm.MethodVisitor; 41 import jdk.internal.org.objectweb.asm.Opcodes; 42 import jdk.internal.org.objectweb.asm.Type; 43 import jdk.internal.misc.Unsafe; 44 45 /** 46 * A {@link ClassVisitor} that verifies {@link HotSpotVMConfig} does not access {@link Unsafe} from 47 * any of its non-static, non-constructor methods. This ensures that a deserialized 48 * {@link HotSpotVMConfig} object does not perform any unsafe reads on addresses that are only valid 49 * in the context in which the object was serialized. Note that this does not catch cases where a 50 * client uses an address stored in a {@link HotSpotVMConfig} field. 51 */ 52 final class HotSpotVMConfigVerifier extends ClassVisitor { 53 54 public static boolean check() { 55 Class<?> cls = HotSpotVMConfig.class; 56 String classFilePath = "/" + cls.getName().replace('.', '/') + ".class"; 57 try { 58 InputStream classfile = cls.getResourceAsStream(classFilePath); 59 ClassReader cr = new ClassReader(Objects.requireNonNull(classfile, "Could not find class file for " + cls.getName())); 60 ClassVisitor cv = new HotSpotVMConfigVerifier(); 61 cr.accept(cv, 0); 62 return true; 63 } catch (IOException e) { 64 throw new JVMCIError(e); 65 } 66 } 67 68 /** 69 * Source file context for error reporting. 70 */ 71 String sourceFile = null; 72 73 /** 74 * Line number for error reporting. 75 */ 76 int lineNo = -1; 77 78 private static Class<?> resolve(String name) { 79 try { 80 return Class.forName(name.replace('/', '.')); 81 } catch (ClassNotFoundException e) { 82 throw new JVMCIError(e); 83 } 84 } 85 86 HotSpotVMConfigVerifier() { 87 super(Opcodes.ASM5); 88 } 89 90 @Override 91 public void visitSource(String source, String debug) { 92 this.sourceFile = source; 93 } 94 95 void verify(boolean condition, String message) { 96 if (!condition) { 97 error(message); 98 } 99 } 100 101 void error(String message) { 102 String errorMessage = format("%s:%d: %s is not allowed in the context of compilation replay. The unsafe access should be moved into the %s constructor and the result cached in a field", 103 sourceFile, lineNo, message, HotSpotVMConfig.class.getSimpleName()); 104 throw new JVMCIError(errorMessage); 105 106 } 107 108 @Override 109 public MethodVisitor visitMethod(int access, String name, String d, String signature, String[] exceptions) { 110 if (!Modifier.isStatic(access) && Modifier.isPublic(access) && !name.equals("<init>")) { 111 return new MethodVisitor(Opcodes.ASM5) { 112 113 @Override 114 public void visitLineNumber(int line, Label start) { 115 lineNo = line; 116 } 117 118 private Executable resolveMethod(String owner, String methodName, String methodDesc) { 119 Class<?> declaringClass = resolve(owner); 120 while (declaringClass != null) { 121 if (methodName.equals("<init>")) { 122 for (Constructor<?> c : declaringClass.getDeclaredConstructors()) { 123 if (methodDesc.equals(Type.getConstructorDescriptor(c))) { 124 return c; 125 } 126 } 127 } else { 128 Type[] argumentTypes = Type.getArgumentTypes(methodDesc); 129 for (Method m : declaringClass.getDeclaredMethods()) { 130 if (m.getName().equals(methodName)) { 131 if (Arrays.equals(argumentTypes, Type.getArgumentTypes(m))) { 132 if (Type.getReturnType(methodDesc).equals(Type.getReturnType(m))) { 133 return m; 134 } 135 } 136 } 137 } 138 } 139 declaringClass = declaringClass.getSuperclass(); 140 } 141 throw new NoSuchMethodError(owner + "." + methodName + methodDesc); 142 } 143 144 /** 145 * Checks whether a given method is allowed to be called. 146 */ 147 private boolean checkInvokeTarget(Executable method) { 148 if (method.getDeclaringClass().equals(Unsafe.class)) { 149 return false; 150 } 151 return true; 152 } 153 154 @Override 155 public void visitMethodInsn(int opcode, String owner, String methodName, String methodDesc, boolean itf) { 156 Executable callee = resolveMethod(owner, methodName, methodDesc); 157 verify(checkInvokeTarget(callee), "invocation of " + callee); 158 } 159 }; 160 } else { 161 return null; 162 } 163 } 164 }