1 /* 2 * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 * 23 */ 24 25 /** 26 * @test 27 * @bug 8136421 28 * @requires (os.simpleArch == "x64" | os.simpleArch == "sparcv9" | os.simpleArch == "aarch64") 29 * @library /testlibrary /test/lib / 30 * @library common/patches 31 * @modules jdk.vm.ci.hotspot/jdk.vm.ci.hotspot 32 * @build jdk.vm.ci.hotspot/jdk.vm.ci.hotspot.CompilerToVMHelper 33 * @run main/othervm -XX:+UnlockExperimentalVMOptions 34 * -XX:+EnableJVMCI 35 * compiler.jvmci.SecurityRestrictionsTest 36 * NO_SEC_MAN 37 * @run main/othervm -XX:+UnlockExperimentalVMOptions 38 * -XX:+EnableJVMCI 39 * compiler.jvmci.SecurityRestrictionsTest 40 * NO_PERM 41 * @run main/othervm -XX:+UnlockExperimentalVMOptions 42 * -XX:+EnableJVMCI 43 * compiler.jvmci.SecurityRestrictionsTest 44 * ALL_PERM 45 * @run main/othervm -XX:+UnlockExperimentalVMOptions 46 * -XX:+EnableJVMCI 47 * compiler.jvmci.SecurityRestrictionsTest 48 * NO_JVMCI_ACCESS_PERM 49 * @run main/othervm -XX:+UnlockExperimentalVMOptions 50 * -XX:-EnableJVMCI 51 * compiler.jvmci.SecurityRestrictionsTest 52 * NO_JVMCI 53 */ 54 55 package compiler.jvmci; 56 57 import jdk.test.lib.Utils; 58 import java.lang.InternalError; 59 import java.lang.reflect.Constructor; 60 import java.security.AccessControlException; 61 import java.security.Permission; 62 import java.util.PropertyPermission; 63 import java.util.function.Consumer; 64 import java.util.logging.Level; 65 import java.util.logging.Logger; 66 67 public class SecurityRestrictionsTest { 68 69 public static void main(String[] args) { 70 try { 71 // to init Utils before call SecurityManager 72 Class.forName(Utils.class.getName(), true, 73 Utils.class.getClassLoader()); 74 } catch (ClassNotFoundException e) { 75 throw new Error("[TEST BUG]: jdk.test.lib.Utils not found", e); 76 } 77 try { 78 TestCase mode = TestCase.valueOf(args[0]); 79 mode.run(); 80 } catch (IllegalArgumentException e) { 81 throw new Error("[TEST BUG]: Unknown mode " + args[0], e); 82 } 83 } 84 85 private enum TestCase { 86 NO_SEC_MAN, 87 NO_JVMCI { 88 @Override 89 public Class<? extends Throwable> getExpectedException() { 90 return InternalError.class; 91 } 92 }, 93 ALL_PERM { 94 @Override 95 public SecurityManager getSecurityManager() { 96 return new SecurityManager() { 97 @Override 98 public void checkPermission(Permission perm) { 99 } 100 }; 101 } 102 }, 103 NO_PERM { 104 @Override 105 public SecurityManager getSecurityManager() { 106 return new SecurityManager(); 107 } 108 109 @Override 110 public Class<? extends Throwable> getExpectedException() { 111 return AccessControlException.class; 112 } 113 }, 114 NO_JVMCI_ACCESS_PERM { 115 @Override 116 public SecurityManager getSecurityManager() { 117 return new SecurityManager() { 118 @Override 119 public void checkPermission(Permission perm) { 120 if (isJvmciPermission(perm)) { 121 super.checkPermission(perm); 122 } 123 } 124 125 @Override 126 public void checkPropertyAccess(String key) { 127 if (key.startsWith(JVMCI_PROP_START)) { 128 super.checkPropertyAccess(key); 129 } 130 } 131 }; 132 } 133 134 private boolean isJvmciPermission(Permission perm) { 135 String name = perm.getName(); 136 boolean isJvmciRuntime = perm instanceof RuntimePermission 137 && (JVMCI_SERVICES.equals(name) 138 || name.startsWith(JVMCI_RT_PERM_START)); 139 boolean isJvmciProperty = perm instanceof PropertyPermission 140 && name.startsWith(JVMCI_PROP_START); 141 return isJvmciRuntime || isJvmciProperty; 142 } 143 144 @Override 145 public Class<? extends Throwable> getExpectedException() { 146 return AccessControlException.class; 147 } 148 }; 149 150 public void run() { 151 System.setSecurityManager(getSecurityManager()); 152 Consumer<Throwable> exceptionCheck = e -> { 153 if (e == null) { 154 if (getExpectedException() != null) { 155 String message = name() + ": Didn't get expected exception " 156 + getExpectedException(); 157 throw new AssertionError(message); 158 } 159 } else { 160 String message = name() + ": Got unexpected exception " 161 + e.getClass().getSimpleName(); 162 if (getExpectedException() == null){ 163 throw new AssertionError(message, e); 164 } 165 166 Throwable t = e; 167 while (t.getCause() != null) { 168 t = t.getCause(); 169 } 170 if (!getExpectedException().isAssignableFrom(t.getClass())) { 171 message += " instead of " + getExpectedException() 172 .getSimpleName(); 173 throw new AssertionError(message, e); 174 } 175 } 176 }; 177 Utils.runAndCheckException(() -> { 178 try { 179 // CompilerToVM::<cinit> provokes CompilerToVM::<init> 180 Class.forName("jdk.vm.ci.hotspot.CompilerToVMHelper"); 181 } catch (ClassNotFoundException e) { 182 throw new Error("TESTBUG : " + e, e); 183 } 184 }, exceptionCheck); 185 } 186 187 public SecurityManager getSecurityManager() { 188 return null; 189 } 190 191 public Class<? extends Throwable> getExpectedException() { 192 return null; 193 } 194 195 private static final String JVMCI_RT_PERM_START 196 = "accessClassInPackage.jdk.vm.ci"; 197 private static final String JVMCI_SERVICES = "jvmciServices"; 198 private static final String JVMCI_PROP_START = "jvmci."; 199 200 } 201 }