1 /* 2 * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 * 23 */ 24 25 /** 26 * @test 27 * @bug 8136421 28 * @requires (os.simpleArch == "x64" | os.simpleArch == "sparcv9" | os.simpleArch == "aarch64") 29 * @library /testlibrary /test/lib / 30 * @library common/patches 31 * @modules java.base/jdk.internal.misc 32 * @modules jdk.vm.ci/jdk.vm.ci.hotspot 33 * @build jdk.vm.ci/jdk.vm.ci.hotspot.CompilerToVMHelper 34 * @run main/othervm -XX:+UnlockExperimentalVMOptions 35 * -XX:+EnableJVMCI 36 * compiler.jvmci.SecurityRestrictionsTest 37 * NO_SEC_MAN 38 * @run main/othervm -XX:+UnlockExperimentalVMOptions 39 * -XX:+EnableJVMCI 40 * compiler.jvmci.SecurityRestrictionsTest 41 * NO_PERM 42 * @run main/othervm -XX:+UnlockExperimentalVMOptions 43 * -XX:+EnableJVMCI 44 * compiler.jvmci.SecurityRestrictionsTest 45 * ALL_PERM 46 * @run main/othervm -XX:+UnlockExperimentalVMOptions 47 * -XX:+EnableJVMCI 48 * compiler.jvmci.SecurityRestrictionsTest 49 * NO_JVMCI_ACCESS_PERM 50 * @run main/othervm -XX:+UnlockExperimentalVMOptions 51 * -XX:-EnableJVMCI 52 * compiler.jvmci.SecurityRestrictionsTest 53 * NO_JVMCI 54 */ 55 56 package compiler.jvmci; 57 58 import jdk.test.lib.Utils; 59 import java.lang.InternalError; 60 import java.lang.reflect.Constructor; 61 import java.security.AccessControlException; 62 import java.security.Permission; 63 import java.util.PropertyPermission; 64 import java.util.function.Consumer; 65 import java.util.logging.Level; 66 import java.util.logging.Logger; 67 68 public class SecurityRestrictionsTest { 69 70 public static void main(String[] args) { 71 try { 72 // to init Utils before call SecurityManager 73 Class.forName(Utils.class.getName(), true, 74 Utils.class.getClassLoader()); 75 } catch (ClassNotFoundException e) { 76 throw new Error("[TEST BUG]: jdk.test.lib.Utils not found", e); 77 } 78 try { 79 TestCase mode = TestCase.valueOf(args[0]); 80 mode.run(); 81 } catch (IllegalArgumentException e) { 82 throw new Error("[TEST BUG]: Unknown mode " + args[0], e); 83 } 84 } 85 86 private enum TestCase { 87 NO_SEC_MAN, 88 NO_JVMCI { 89 @Override 90 public Class<? extends Throwable> getExpectedException() { 91 return InternalError.class; 92 } 93 }, 94 ALL_PERM { 95 @Override 96 public SecurityManager getSecurityManager() { 97 return new SecurityManager() { 98 @Override 99 public void checkPermission(Permission perm) { 100 } 101 }; 102 } 103 }, 104 NO_PERM { 105 @Override 106 public SecurityManager getSecurityManager() { 107 return new SecurityManager(); 108 } 109 110 @Override 111 public Class<? extends Throwable> getExpectedException() { 112 return AccessControlException.class; 113 } 114 }, 115 NO_JVMCI_ACCESS_PERM { 116 @Override 117 public SecurityManager getSecurityManager() { 118 return new SecurityManager() { 119 @Override 120 public void checkPermission(Permission perm) { 121 if (isJvmciPermission(perm)) { 122 super.checkPermission(perm); 123 } 124 } 125 126 @Override 127 public void checkPropertyAccess(String key) { 128 if (key.startsWith(JVMCI_PROP_START)) { 129 super.checkPropertyAccess(key); 130 } 131 } 132 }; 133 } 134 135 private boolean isJvmciPermission(Permission perm) { 136 String name = perm.getName(); 137 boolean isJvmciRuntime = perm instanceof RuntimePermission 138 && (JVMCI_SERVICES.equals(name) 139 || name.startsWith(JVMCI_RT_PERM_START)); 140 boolean isJvmciProperty = perm instanceof PropertyPermission 141 && name.startsWith(JVMCI_PROP_START); 142 return isJvmciRuntime || isJvmciProperty; 143 } 144 145 @Override 146 public Class<? extends Throwable> getExpectedException() { 147 return AccessControlException.class; 148 } 149 }; 150 151 public void run() { 152 System.setSecurityManager(getSecurityManager()); 153 Consumer<Throwable> exceptionCheck = e -> { 154 if (e == null) { 155 if (getExpectedException() != null) { 156 String message = name() + ": Didn't get expected exception " 157 + getExpectedException(); 158 throw new AssertionError(message); 159 } 160 } else { 161 String message = name() + ": Got unexpected exception " 162 + e.getClass().getSimpleName(); 163 if (getExpectedException() == null){ 164 throw new AssertionError(message, e); 165 } 166 167 Throwable t = e; 168 while (t.getCause() != null) { 169 t = t.getCause(); 170 } 171 if (!getExpectedException().isAssignableFrom(t.getClass())) { 172 message += " instead of " + getExpectedException() 173 .getSimpleName(); 174 throw new AssertionError(message, e); 175 } 176 } 177 }; 178 Utils.runAndCheckException(() -> { 179 try { 180 // CompilerToVM::<cinit> provokes CompilerToVM::<init> 181 Class.forName("jdk.vm.ci.hotspot.CompilerToVMHelper"); 182 } catch (ClassNotFoundException e) { 183 throw new Error("TESTBUG : " + e, e); 184 } 185 }, exceptionCheck); 186 } 187 188 public SecurityManager getSecurityManager() { 189 return null; 190 } 191 192 public Class<? extends Throwable> getExpectedException() { 193 return null; 194 } 195 196 private static final String JVMCI_RT_PERM_START 197 = "accessClassInPackage.jdk.vm.ci"; 198 private static final String JVMCI_SERVICES = "jvmciServices"; 199 private static final String JVMCI_PROP_START = "jvmci."; 200 201 } 202 }