1 /* 2 * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 * 23 */ 24 25 /** 26 * @test 27 * @bug 8136421 28 * @requires (vm.simpleArch == "x64" | vm.simpleArch == "sparcv9" | vm.simpleArch == "aarch64") 29 * @library /testlibrary /test/lib / 30 * @library common/patches 31 * @modules java.base/jdk.internal.misc 32 * @modules jdk.vm.ci/jdk.vm.ci.hotspot 33 * @build jdk.vm.ci/jdk.vm.ci.hotspot.CompilerToVMHelper 34 * @run main/othervm -XX:+UnlockExperimentalVMOptions 35 * -XX:+EnableJVMCI 36 * compiler.jvmci.SecurityRestrictionsTest 37 * NO_SEC_MAN 38 * @run main/othervm -XX:+UnlockExperimentalVMOptions 39 * -XX:+EnableJVMCI 40 * compiler.jvmci.SecurityRestrictionsTest 41 * NO_PERM 42 * @run main/othervm -XX:+UnlockExperimentalVMOptions 43 * -XX:+EnableJVMCI 44 * compiler.jvmci.SecurityRestrictionsTest 45 * ALL_PERM 46 * @run main/othervm -XX:+UnlockExperimentalVMOptions 47 * -XX:+EnableJVMCI 48 * compiler.jvmci.SecurityRestrictionsTest 49 * NO_JVMCI_ACCESS_PERM 50 * @run main/othervm -XX:+UnlockExperimentalVMOptions 51 * -XX:-EnableJVMCI 52 * compiler.jvmci.SecurityRestrictionsTest 53 * NO_JVMCI 54 */ 55 56 package compiler.jvmci; 57 58 import jdk.test.lib.Utils; 59 60 import java.security.AccessControlException; 61 import java.security.Permission; 62 import java.util.PropertyPermission; 63 import java.util.function.Consumer; 64 65 public class SecurityRestrictionsTest { 66 67 public static void main(String[] args) { 68 try { 69 // to init Utils before call SecurityManager 70 Class.forName(Utils.class.getName(), true, 71 Utils.class.getClassLoader()); 72 } catch (ClassNotFoundException e) { 73 throw new Error("[TEST BUG]: jdk.test.lib.Utils not found", e); 74 } 75 try { 76 TestCase mode = TestCase.valueOf(args[0]); 77 mode.run(); 78 } catch (IllegalArgumentException e) { 79 throw new Error("[TEST BUG]: Unknown mode " + args[0], e); 80 } 81 } 82 83 private enum TestCase { 84 NO_SEC_MAN, 85 NO_JVMCI { 86 @Override 87 public Class<? extends Throwable> getExpectedException() { 88 return InternalError.class; 89 } 90 }, 91 ALL_PERM { 92 @Override 93 public SecurityManager getSecurityManager() { 94 return new SecurityManager() { 95 @Override 96 public void checkPermission(Permission perm) { 97 } 98 }; 99 } 100 }, 101 NO_PERM { 102 @Override 103 public SecurityManager getSecurityManager() { 104 return new SecurityManager(); 105 } 106 107 @Override 108 public Class<? extends Throwable> getExpectedException() { 109 return AccessControlException.class; 110 } 111 }, 112 NO_JVMCI_ACCESS_PERM { 113 @Override 114 public SecurityManager getSecurityManager() { 115 return new SecurityManager() { 116 @Override 117 public void checkPermission(Permission perm) { 118 if (isJvmciPermission(perm)) { 119 super.checkPermission(perm); 120 } 121 } 122 123 @Override 124 public void checkPropertyAccess(String key) { 125 if (key.startsWith(JVMCI_PROP_START)) { 126 super.checkPropertyAccess(key); 127 } 128 } 129 }; 130 } 131 132 private boolean isJvmciPermission(Permission perm) { 133 String name = perm.getName(); 134 boolean isJvmciRuntime = perm instanceof RuntimePermission 135 && (JVMCI_SERVICES.equals(name) 136 || name.startsWith(JVMCI_RT_PERM_START)); 137 boolean isJvmciProperty = perm instanceof PropertyPermission 138 && name.startsWith(JVMCI_PROP_START); 139 return isJvmciRuntime || isJvmciProperty; 140 } 141 142 @Override 143 public Class<? extends Throwable> getExpectedException() { 144 return AccessControlException.class; 145 } 146 }; 147 148 public void run() { 149 System.setSecurityManager(getSecurityManager()); 150 Consumer<Throwable> exceptionCheck = e -> { 151 if (e == null) { 152 if (getExpectedException() != null) { 153 String message = name() + ": Didn't get expected exception " 154 + getExpectedException(); 155 throw new AssertionError(message); 156 } 157 } else { 158 String message = name() + ": Got unexpected exception " 159 + e.getClass().getSimpleName(); 160 if (getExpectedException() == null){ 161 throw new AssertionError(message, e); 162 } 163 164 Throwable t = e; 165 while (t.getCause() != null) { 166 t = t.getCause(); 167 } 168 if (!getExpectedException().isAssignableFrom(t.getClass())) { 169 message += " instead of " + getExpectedException() 170 .getSimpleName(); 171 throw new AssertionError(message, e); 172 } 173 } 174 }; 175 Utils.runAndCheckException(() -> { 176 try { 177 // CompilerToVM::<cinit> provokes CompilerToVM::<init> 178 Class.forName("jdk.vm.ci.hotspot.CompilerToVMHelper"); 179 } catch (ClassNotFoundException e) { 180 throw new Error("TESTBUG : " + e, e); 181 } 182 }, exceptionCheck); 183 } 184 185 public SecurityManager getSecurityManager() { 186 return null; 187 } 188 189 public Class<? extends Throwable> getExpectedException() { 190 return null; 191 } 192 193 private static final String JVMCI_RT_PERM_START 194 = "accessClassInPackage.jdk.vm.ci"; 195 private static final String JVMCI_SERVICES = "jvmciServices"; 196 private static final String JVMCI_PROP_START = "jvmci."; 197 198 } 199 }