1 /*
2 * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 *
23 */
24
25 /**
26 * @test
27 * @bug 8136421
28 * @requires (os.simpleArch == "x64" | os.simpleArch == "sparcv9" | os.simpleArch == "aarch64")
29 * @library /testlibrary /test/lib /
30 * @library common/patches
31 * @modules java.base/jdk.internal.misc
32 * @modules jdk.vm.ci/jdk.vm.ci.hotspot
33 * @build jdk.vm.ci/jdk.vm.ci.hotspot.CompilerToVMHelper
34 * @run main/othervm -XX:+UnlockExperimentalVMOptions
35 * -XX:+EnableJVMCI
36 * compiler.jvmci.SecurityRestrictionsTest
37 * NO_SEC_MAN
38 * @run main/othervm -XX:+UnlockExperimentalVMOptions
39 * -XX:+EnableJVMCI
40 * compiler.jvmci.SecurityRestrictionsTest
41 * NO_PERM
42 * @run main/othervm -XX:+UnlockExperimentalVMOptions
43 * -XX:+EnableJVMCI
44 * compiler.jvmci.SecurityRestrictionsTest
45 * ALL_PERM
46 * @run main/othervm -XX:+UnlockExperimentalVMOptions
47 * -XX:+EnableJVMCI
48 * compiler.jvmci.SecurityRestrictionsTest
49 * NO_JVMCI_ACCESS_PERM
50 * @run main/othervm -XX:+UnlockExperimentalVMOptions
51 * -XX:-EnableJVMCI
52 * compiler.jvmci.SecurityRestrictionsTest
53 * NO_JVMCI
54 */
55
56 package compiler.jvmci;
57
58 import jdk.test.lib.Utils;
59 import java.lang.InternalError;
60 import java.lang.reflect.Constructor;
61 import java.security.AccessControlException;
62 import java.security.Permission;
63 import java.util.PropertyPermission;
64 import java.util.function.Consumer;
65 import java.util.logging.Level;
66 import java.util.logging.Logger;
67
68 public class SecurityRestrictionsTest {
69
70 public static void main(String[] args) {
71 try {
72 // to init Utils before call SecurityManager
73 Class.forName(Utils.class.getName(), true,
74 Utils.class.getClassLoader());
75 } catch (ClassNotFoundException e) {
76 throw new Error("[TEST BUG]: jdk.test.lib.Utils not found", e);
77 }
78 try {
79 TestCase mode = TestCase.valueOf(args[0]);
80 mode.run();
81 } catch (IllegalArgumentException e) {
82 throw new Error("[TEST BUG]: Unknown mode " + args[0], e);
83 }
84 }
85
86 private enum TestCase {
87 NO_SEC_MAN,
88 NO_JVMCI {
89 @Override
90 public Class<? extends Throwable> getExpectedException() {
91 return InternalError.class;
92 }
93 },
94 ALL_PERM {
95 @Override
96 public SecurityManager getSecurityManager() {
97 return new SecurityManager() {
98 @Override
99 public void checkPermission(Permission perm) {
100 }
101 };
102 }
103 },
104 NO_PERM {
105 @Override
106 public SecurityManager getSecurityManager() {
107 return new SecurityManager();
108 }
109
110 @Override
111 public Class<? extends Throwable> getExpectedException() {
112 return AccessControlException.class;
113 }
114 },
115 NO_JVMCI_ACCESS_PERM {
116 @Override
117 public SecurityManager getSecurityManager() {
118 return new SecurityManager() {
119 @Override
120 public void checkPermission(Permission perm) {
121 if (isJvmciPermission(perm)) {
122 super.checkPermission(perm);
123 }
124 }
125
126 @Override
127 public void checkPropertyAccess(String key) {
128 if (key.startsWith(JVMCI_PROP_START)) {
129 super.checkPropertyAccess(key);
130 }
131 }
132 };
133 }
134
135 private boolean isJvmciPermission(Permission perm) {
136 String name = perm.getName();
137 boolean isJvmciRuntime = perm instanceof RuntimePermission
138 && (JVMCI_SERVICES.equals(name)
139 || name.startsWith(JVMCI_RT_PERM_START));
140 boolean isJvmciProperty = perm instanceof PropertyPermission
141 && name.startsWith(JVMCI_PROP_START);
142 return isJvmciRuntime || isJvmciProperty;
143 }
144
145 @Override
146 public Class<? extends Throwable> getExpectedException() {
147 return AccessControlException.class;
148 }
149 };
150
151 public void run() {
152 System.setSecurityManager(getSecurityManager());
153 Consumer<Throwable> exceptionCheck = e -> {
154 if (e == null) {
155 if (getExpectedException() != null) {
156 String message = name() + ": Didn't get expected exception "
157 + getExpectedException();
158 throw new AssertionError(message);
159 }
160 } else {
161 String message = name() + ": Got unexpected exception "
162 + e.getClass().getSimpleName();
163 if (getExpectedException() == null){
164 throw new AssertionError(message, e);
165 }
166
167 Throwable t = e;
168 while (t.getCause() != null) {
169 t = t.getCause();
170 }
171 if (!getExpectedException().isAssignableFrom(t.getClass())) {
172 message += " instead of " + getExpectedException()
173 .getSimpleName();
174 throw new AssertionError(message, e);
175 }
176 }
177 };
178 Utils.runAndCheckException(() -> {
179 try {
180 // CompilerToVM::<cinit> provokes CompilerToVM::<init>
181 Class.forName("jdk.vm.ci.hotspot.CompilerToVMHelper");
182 } catch (ClassNotFoundException e) {
183 throw new Error("TESTBUG : " + e, e);
184 }
185 }, exceptionCheck);
186 }
187
188 public SecurityManager getSecurityManager() {
189 return null;
190 }
191
192 public Class<? extends Throwable> getExpectedException() {
193 return null;
194 }
195
196 private static final String JVMCI_RT_PERM_START
197 = "accessClassInPackage.jdk.vm.ci";
198 private static final String JVMCI_SERVICES = "jvmciServices";
199 private static final String JVMCI_PROP_START = "jvmci.";
200
201 }
202 }