14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package jdk.jfr.internal; 27 28 import java.io.File; 29 import java.io.FileNotFoundException; 30 import java.io.IOException; 31 import java.io.InputStream; 32 import java.io.RandomAccessFile; 33 import java.io.Reader; 34 import java.lang.reflect.Constructor; 35 import java.lang.reflect.Field; 36 import java.lang.reflect.Method; 37 import java.lang.reflect.ReflectPermission; 38 import java.nio.channels.FileChannel; 39 import java.nio.channels.ReadableByteChannel; 40 import java.nio.file.FileVisitResult; 41 import java.nio.file.Files; 42 import java.nio.file.Path; 43 import java.nio.file.Paths; 44 import java.nio.file.SimpleFileVisitor; 45 import java.nio.file.StandardOpenOption; 46 import java.nio.file.attribute.BasicFileAttributes; 47 import java.security.AccessControlContext; 48 import java.security.AccessController; 49 import java.security.Permission; 50 import java.security.PrivilegedAction; 51 import java.security.PrivilegedActionException; 52 import java.security.PrivilegedExceptionAction; 53 import java.util.ArrayList; 54 import java.util.Iterator; 55 import java.util.List; 56 import java.util.Objects; 57 import java.util.PropertyPermission; 58 import java.util.concurrent.Callable; 59 60 import jdk.internal.misc.Unsafe; 61 import jdk.internal.module.Modules; 62 import jdk.jfr.Event; 63 import jdk.jfr.FlightRecorder; 64 import jdk.jfr.FlightRecorderListener; 65 import jdk.jfr.FlightRecorderPermission; 66 import jdk.jfr.Recording; 67 68 /** 69 * Contains JFR code that does 70 * {@link AccessController#doPrivileged(PrivilegedAction)} 71 */ 72 public final class SecuritySupport { 73 private final static Unsafe unsafe = Unsafe.getUnsafe(); 74 private final static Module JFR_MODULE = Event.class.getModule(); 75 public final static SafePath JFC_DIRECTORY = getPathInProperty("java.home", "lib/jfr"); 76 77 static final SafePath USER_HOME = getPathInProperty("user.home", null); 78 static final SafePath JAVA_IO_TMPDIR = getPathInProperty("java.io.tmpdir", null); 79 80 final static class SecureRecorderListener implements FlightRecorderListener { 81 82 private final AccessControlContext context; 83 private final FlightRecorderListener changeListener; 84 85 SecureRecorderListener(AccessControlContext context, FlightRecorderListener changeListener) { 86 this.context = Objects.requireNonNull(context); 87 this.changeListener = Objects.requireNonNull(changeListener); 88 } 89 90 @Override 91 public void recordingStateChanged(Recording recording) { 92 AccessController.doPrivileged((PrivilegedAction<Void>) () -> { 93 try { 364 static void touch(SafePath path) throws IOException { 365 doPriviligedIO(() -> new RandomAccessFile(path.toPath().toFile(), "rw").close()); 366 } 367 368 static void setAccessible(Method method) { 369 doPrivileged(() -> method.setAccessible(true), new ReflectPermission("suppressAccessChecks")); 370 } 371 372 static void setAccessible(Field field) { 373 doPrivileged(() -> field.setAccessible(true), new ReflectPermission("suppressAccessChecks")); 374 } 375 376 static void setAccessible(Constructor<?> constructor) { 377 doPrivileged(() -> constructor.setAccessible(true), new ReflectPermission("suppressAccessChecks")); 378 } 379 380 static void ensureClassIsInitialized(Class<?> clazz) { 381 unsafe.ensureClassInitialized(clazz); 382 } 383 384 static Class<?> defineClass(String name, byte[] bytes, ClassLoader classLoader) { 385 return unsafe.defineClass(name, bytes, 0, bytes.length, classLoader, null); 386 } 387 388 static Thread createThreadWitNoPermissions(String threadName, Runnable runnable) { 389 return doPrivilegedWithReturn(() -> new Thread(runnable, threadName), new Permission[0]); 390 } 391 392 static void setDaemonThread(Thread t, boolean daeomn) { 393 doPrivileged(()-> t.setDaemon(daeomn), new RuntimePermission("modifyThread")); 394 } 395 396 public static SafePath getAbsolutePath(SafePath path) throws IOException { 397 return new SafePath(doPrivilegedIOWithReturn((()-> path.toPath().toAbsolutePath()))); 398 } 399 } | 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package jdk.jfr.internal; 27 28 import java.io.File; 29 import java.io.FileNotFoundException; 30 import java.io.IOException; 31 import java.io.InputStream; 32 import java.io.RandomAccessFile; 33 import java.io.Reader; 34 import java.lang.invoke.MethodHandles; 35 import java.lang.reflect.Constructor; 36 import java.lang.reflect.Field; 37 import java.lang.reflect.Method; 38 import java.lang.reflect.ReflectPermission; 39 import java.nio.channels.FileChannel; 40 import java.nio.channels.ReadableByteChannel; 41 import java.nio.file.FileVisitResult; 42 import java.nio.file.Files; 43 import java.nio.file.Path; 44 import java.nio.file.Paths; 45 import java.nio.file.SimpleFileVisitor; 46 import java.nio.file.StandardOpenOption; 47 import java.nio.file.attribute.BasicFileAttributes; 48 import java.security.AccessControlContext; 49 import java.security.AccessController; 50 import java.security.Permission; 51 import java.security.PrivilegedAction; 52 import java.security.PrivilegedActionException; 53 import java.security.PrivilegedExceptionAction; 54 import java.util.ArrayList; 55 import java.util.Iterator; 56 import java.util.List; 57 import java.util.Objects; 58 import java.util.PropertyPermission; 59 import java.util.concurrent.Callable; 60 61 import jdk.internal.misc.Unsafe; 62 import jdk.internal.module.Modules; 63 import jdk.jfr.Event; 64 import jdk.jfr.FlightRecorder; 65 import jdk.jfr.FlightRecorderListener; 66 import jdk.jfr.FlightRecorderPermission; 67 import jdk.jfr.Recording; 68 69 /** 70 * Contains JFR code that does 71 * {@link AccessController#doPrivileged(PrivilegedAction)} 72 */ 73 public final class SecuritySupport { 74 private final static Unsafe unsafe = Unsafe.getUnsafe(); 75 private final static MethodHandles.Lookup LOOKUP = MethodHandles.lookup(); 76 private final static Module JFR_MODULE = Event.class.getModule(); 77 public final static SafePath JFC_DIRECTORY = getPathInProperty("java.home", "lib/jfr"); 78 79 static final SafePath USER_HOME = getPathInProperty("user.home", null); 80 static final SafePath JAVA_IO_TMPDIR = getPathInProperty("java.io.tmpdir", null); 81 82 final static class SecureRecorderListener implements FlightRecorderListener { 83 84 private final AccessControlContext context; 85 private final FlightRecorderListener changeListener; 86 87 SecureRecorderListener(AccessControlContext context, FlightRecorderListener changeListener) { 88 this.context = Objects.requireNonNull(context); 89 this.changeListener = Objects.requireNonNull(changeListener); 90 } 91 92 @Override 93 public void recordingStateChanged(Recording recording) { 94 AccessController.doPrivileged((PrivilegedAction<Void>) () -> { 95 try { 366 static void touch(SafePath path) throws IOException { 367 doPriviligedIO(() -> new RandomAccessFile(path.toPath().toFile(), "rw").close()); 368 } 369 370 static void setAccessible(Method method) { 371 doPrivileged(() -> method.setAccessible(true), new ReflectPermission("suppressAccessChecks")); 372 } 373 374 static void setAccessible(Field field) { 375 doPrivileged(() -> field.setAccessible(true), new ReflectPermission("suppressAccessChecks")); 376 } 377 378 static void setAccessible(Constructor<?> constructor) { 379 doPrivileged(() -> constructor.setAccessible(true), new ReflectPermission("suppressAccessChecks")); 380 } 381 382 static void ensureClassIsInitialized(Class<?> clazz) { 383 unsafe.ensureClassInitialized(clazz); 384 } 385 386 static Class<?> defineClass(Class<?> lookupClass, byte[] bytes) { 387 return AccessController.doPrivileged(new PrivilegedAction<>() { 388 @Override 389 public Class<?> run() { 390 try { 391 return MethodHandles.privateLookupIn(lookupClass, LOOKUP).defineClass(bytes); 392 } catch (IllegalAccessException e) { 393 throw new InternalError(e); 394 } 395 } 396 }); 397 } 398 399 static Thread createThreadWitNoPermissions(String threadName, Runnable runnable) { 400 return doPrivilegedWithReturn(() -> new Thread(runnable, threadName), new Permission[0]); 401 } 402 403 static void setDaemonThread(Thread t, boolean daeomn) { 404 doPrivileged(()-> t.setDaemon(daeomn), new RuntimePermission("modifyThread")); 405 } 406 407 public static SafePath getAbsolutePath(SafePath path) throws IOException { 408 return new SafePath(doPrivilegedIOWithReturn((()-> path.toPath().toAbsolutePath()))); 409 } 410 } |