1 /*
   2  * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.
   8  *
   9  * This code is distributed in the hope that it will be useful, but WITHOUT
  10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  12  * version 2 for more details (a copy is included in the LICENSE file that
  13  * accompanied this code).
  14  *
  15  * You should have received a copy of the GNU General Public License version
  16  * 2 along with this work; if not, write to the Free Software Foundation,
  17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  18  *
  19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  20  * or visit www.oracle.com if you need additional information or have any
  21  * questions.
  22  *
  23  */
  24 
  25 /**
  26  * @test
  27  * @bug 8136421
  28  * @requires (os.simpleArch == "x64" | os.simpleArch == "sparcv9") & os.arch != "aarch64"
  29  * @library /testlibrary /../../test/lib /
  30  * @compile ./common/CompilerToVMHelper.java
  31  * @run main ClassFileInstaller jdk.vm.ci.hotspot.CompilerToVMHelper
  32  * @run main/othervm -XX:+UnlockExperimentalVMOptions -Xbootclasspath/a:.
  33  *      -XX:+EnableJVMCI
  34  *      compiler.jvmci.SecurityRestrictionsTest
  35  *      NO_SEC_MAN
  36  * @run main/othervm -XX:+UnlockExperimentalVMOptions -Xbootclasspath/a:.
  37  *      -XX:+EnableJVMCI
  38  *      compiler.jvmci.SecurityRestrictionsTest
  39  *      NO_PERM
  40  * @run main/othervm -XX:+UnlockExperimentalVMOptions -Xbootclasspath/a:.
  41  *      -XX:+EnableJVMCI
  42  *      compiler.jvmci.SecurityRestrictionsTest
  43  *      ALL_PERM
  44  * @run main/othervm -XX:+UnlockExperimentalVMOptions -Xbootclasspath/a:.
  45  *      -XX:+EnableJVMCI
  46  *      compiler.jvmci.SecurityRestrictionsTest
  47  *      NO_JVMCI_ACCESS_PERM
  48  * @run main/othervm -XX:+UnlockExperimentalVMOptions -Xbootclasspath/a:.
  49  *      -XX:-EnableJVMCI
  50  *      compiler.jvmci.SecurityRestrictionsTest
  51  *      NO_JVMCI
  52  */
  53 
  54 package compiler.jvmci;
  55 
  56 import jdk.test.lib.Utils;
  57 import java.lang.InternalError;
  58 import java.lang.reflect.Constructor;
  59 import java.security.AccessControlException;
  60 import java.security.Permission;
  61 import java.util.PropertyPermission;
  62 import java.util.function.Consumer;
  63 import java.util.logging.Level;
  64 import java.util.logging.Logger;
  65 
  66 public class SecurityRestrictionsTest {
  67 
  68     public static void main(String[] args) {
  69         try {
  70             // to init Utils before call SecurityManager
  71             Class.forName(Utils.class.getName(), true,
  72                     Utils.class.getClassLoader());
  73         } catch (ClassNotFoundException e) {
  74             throw new Error("[TEST BUG]: jdk.test.lib.Utils not found", e);
  75         }
  76         try {
  77             TestCase mode = TestCase.valueOf(args[0]);
  78             mode.run();
  79         } catch (IllegalArgumentException e) {
  80             throw new Error("[TEST BUG]: Unknown mode " + args[0], e);
  81         }
  82     }
  83 
  84     private enum TestCase {
  85         NO_SEC_MAN,
  86         NO_JVMCI {
  87             @Override
  88             public Class<? extends Throwable> getExpectedException() {
  89                 return InternalError.class;
  90             }
  91         },
  92         ALL_PERM {
  93             @Override
  94             public SecurityManager getSecurityManager() {
  95                 return new SecurityManager() {
  96                     @Override
  97                     public void checkPermission(Permission perm) {
  98                     }
  99                 };
 100             }
 101         },
 102         NO_PERM {
 103             @Override
 104             public SecurityManager getSecurityManager() {
 105                 return new SecurityManager();
 106             }
 107 
 108             @Override
 109             public Class<? extends Throwable> getExpectedException() {
 110                 return AccessControlException.class;
 111             }
 112         },
 113         NO_JVMCI_ACCESS_PERM {
 114             @Override
 115             public SecurityManager getSecurityManager() {
 116                 return new SecurityManager() {
 117                     @Override
 118                     public void checkPermission(Permission perm) {
 119                         if (isJvmciPermission(perm)) {
 120                             super.checkPermission(perm);
 121                         }
 122                     }
 123 
 124                     @Override
 125                     public void checkPropertyAccess(String key) {
 126                         if (key.startsWith(JVMCI_PROP_START)) {
 127                             super.checkPropertyAccess(key);
 128                         }
 129                     }
 130                 };
 131             }
 132 
 133             private boolean isJvmciPermission(Permission perm) {
 134                 String name = perm.getName();
 135                 boolean isJvmciRuntime = perm instanceof RuntimePermission
 136                         && (JVMCI_SERVICES.equals(name)
 137                             || name.startsWith(JVMCI_RT_PERM_START));
 138                 boolean isJvmciProperty = perm instanceof PropertyPermission
 139                         && name.startsWith(JVMCI_PROP_START);
 140                 return isJvmciRuntime || isJvmciProperty;
 141             }
 142 
 143             @Override
 144             public Class<? extends Throwable> getExpectedException() {
 145                 return AccessControlException.class;
 146             }
 147         };
 148 
 149         public void run() {
 150             System.setSecurityManager(getSecurityManager());
 151             Consumer<Throwable> exceptionCheck = e -> {
 152                 if (e == null) {
 153                     if (getExpectedException() != null) {
 154                         String message = name() + ": Didn't get expected exception "
 155                                 + getExpectedException();
 156                         throw new AssertionError(message);
 157                     }
 158                 } else {
 159                     String message = name() + ": Got unexpected exception "
 160                             + e.getClass().getSimpleName();
 161                     if (getExpectedException() == null){
 162                         throw new AssertionError(message, e);
 163                     }
 164 
 165                     Throwable t = e;
 166                     while (t.getCause() != null) {
 167                         t = t.getCause();
 168                     }
 169                     if (!getExpectedException().isAssignableFrom(t.getClass())) {
 170                         message += " instead of " + getExpectedException()
 171                                 .getSimpleName();
 172                         throw new AssertionError(message, e);
 173                     }
 174                 }
 175             };
 176             Utils.runAndCheckException(() -> {
 177                 try {
 178                     // CompilerToVM::<cinit> provokes CompilerToVM::<init> 
 179                     Class.forName("jdk.vm.ci.hotspot.CompilerToVMHelper");
 180                 } catch (ClassNotFoundException e) {
 181                     throw new Error("TESTBUG : " + e, e);
 182                 }
 183             }, exceptionCheck);
 184         }
 185 
 186         public SecurityManager getSecurityManager() {
 187             return null;
 188         }
 189 
 190         public Class<? extends Throwable> getExpectedException() {
 191             return null;
 192         }
 193 
 194         private static final String JVMCI_RT_PERM_START
 195                 = "accessClassInPackage.jdk.vm.ci";
 196         private static final String JVMCI_SERVICES = "jvmciServices";
 197         private static final String JVMCI_PROP_START = "jvmci.";
 198 
 199     }
 200 }