1 /* 2 * Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24 /** 25 * @test 26 * @bug 8136421 27 * @requires vm.jvmci 28 * @library /test/lib / 29 * @library common/patches 30 * @modules java.base/jdk.internal.misc 31 * @modules jdk.vm.ci/jdk.vm.ci.hotspot 32 * @build jdk.vm.ci/jdk.vm.ci.hotspot.CompilerToVMHelper 33 * @run main/othervm -XX:+UnlockExperimentalVMOptions 34 * -XX:+EnableJVMCI 35 * compiler.jvmci.SecurityRestrictionsTest 36 * NO_SEC_MAN 37 * @run main/othervm -XX:+UnlockExperimentalVMOptions 38 * -XX:+EnableJVMCI 39 * compiler.jvmci.SecurityRestrictionsTest 40 * NO_PERM 41 * @run main/othervm -XX:+UnlockExperimentalVMOptions 42 * -XX:+EnableJVMCI 43 * compiler.jvmci.SecurityRestrictionsTest 44 * ALL_PERM 45 * @run main/othervm -XX:+UnlockExperimentalVMOptions 46 * -XX:+EnableJVMCI 47 * compiler.jvmci.SecurityRestrictionsTest 48 * NO_JVMCI_ACCESS_PERM 49 * @run main/othervm -XX:+UnlockExperimentalVMOptions 50 * -XX:-EnableJVMCI 51 * compiler.jvmci.SecurityRestrictionsTest 52 * NO_JVMCI 53 */ 54 55 package compiler.jvmci; 56 57 import jdk.test.lib.Utils; 58 59 import java.security.AccessControlException; 60 import java.security.Permission; 61 import java.util.PropertyPermission; 62 import java.util.function.Consumer; 63 64 public class SecurityRestrictionsTest { 65 66 public static void main(String[] args) { 67 try { 68 // to init Utils before call SecurityManager 69 Class.forName(Utils.class.getName(), true, 70 Utils.class.getClassLoader()); 71 } catch (ClassNotFoundException e) { 72 throw new Error("[TEST BUG]: jdk.test.lib.Utils not found", e); 73 } 74 try { 75 TestCase mode = TestCase.valueOf(args[0]); 76 mode.run(); 77 } catch (IllegalArgumentException e) { 78 throw new Error("[TEST BUG]: Unknown mode " + args[0], e); 79 } 80 } 81 82 private enum TestCase { 83 NO_SEC_MAN, 84 NO_JVMCI { 85 @Override 86 public Class<? extends Throwable> getExpectedException() { 87 return InternalError.class; 88 } 89 }, 90 ALL_PERM { 91 @Override 92 public SecurityManager getSecurityManager() { 93 return new SecurityManager() { 94 @Override 95 public void checkPermission(Permission perm) { 96 } 97 }; 98 } 99 }, 100 NO_PERM { 101 @Override 102 public SecurityManager getSecurityManager() { 103 return new SecurityManager(); 104 } 105 106 @Override 107 public Class<? extends Throwable> getExpectedException() { 108 return AccessControlException.class; 109 } 110 }, 111 NO_JVMCI_ACCESS_PERM { 112 @Override 113 public SecurityManager getSecurityManager() { 114 return new SecurityManager() { 115 @Override 116 public void checkPermission(Permission perm) { 117 if (isJvmciPermission(perm)) { 118 super.checkPermission(perm); 119 } 120 } 121 122 @Override 123 public void checkPropertyAccess(String key) { 124 if (key.startsWith(JVMCI_PROP_START)) { 125 super.checkPropertyAccess(key); 126 } 127 } 128 }; 129 } 130 131 private boolean isJvmciPermission(Permission perm) { 132 String name = perm.getName(); 133 boolean isJvmciRuntime = perm instanceof RuntimePermission 134 && (JVMCI_SERVICES.equals(name) 135 || name.startsWith(JVMCI_RT_PERM_START)); 136 boolean isJvmciProperty = perm instanceof PropertyPermission 137 && name.startsWith(JVMCI_PROP_START); 138 return isJvmciRuntime || isJvmciProperty; 139 } 140 141 @Override 142 public Class<? extends Throwable> getExpectedException() { 143 return AccessControlException.class; 144 } 145 }; 146 147 public void run() { 148 System.setSecurityManager(getSecurityManager()); 149 Consumer<Throwable> exceptionCheck = e -> { 150 if (e == null) { 151 if (getExpectedException() != null) { 152 String message = name() + ": Didn't get expected exception " 153 + getExpectedException(); 154 throw new AssertionError(message); 155 } 156 } else { 157 String message = name() + ": Got unexpected exception " 158 + e.getClass().getSimpleName(); 159 if (getExpectedException() == null){ 160 throw new AssertionError(message, e); 161 } 162 163 Throwable t = e; 164 while (t.getCause() != null) { 165 t = t.getCause(); 166 } 167 if (!getExpectedException().isAssignableFrom(t.getClass())) { 168 message += " instead of " + getExpectedException() 169 .getSimpleName(); 170 throw new AssertionError(message, e); 171 } 172 } 173 }; 174 Utils.runAndCheckException(() -> { 175 try { 176 // CompilerToVM::<cinit> provokes CompilerToVM::<init> 177 Class.forName("jdk.vm.ci.hotspot.CompilerToVMHelper"); 178 } catch (ClassNotFoundException e) { 179 throw new Error("TESTBUG : " + e, e); 180 } 181 }, exceptionCheck); 182 } 183 184 public SecurityManager getSecurityManager() { 185 return null; 186 } 187 188 public Class<? extends Throwable> getExpectedException() { 189 return null; 190 } 191 192 private static final String JVMCI_RT_PERM_START 193 = "accessClassInPackage.jdk.vm.ci"; 194 private static final String JVMCI_SERVICES = "jvmciServices"; 195 private static final String JVMCI_PROP_START = "jvmci."; 196 197 } 198 }