1 /*
2 * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 *
23 */
24
25 /**
26 * @test
27 * @bug 8136421
28 * @requires (os.simpleArch == "x64" | os.simpleArch == "sparcv9" | os.simpleArch == "aarch64")
29 * @library /testlibrary /test/lib /
30 * @library common/patches
31 * @modules jdk.vm.ci.hotspot/jdk.vm.ci.hotspot
32 * @build jdk.vm.ci.hotspot/jdk.vm.ci.hotspot.CompilerToVMHelper
33 * @run main/othervm -XX:+UnlockExperimentalVMOptions
34 * -XX:+EnableJVMCI
35 * compiler.jvmci.SecurityRestrictionsTest
36 * NO_SEC_MAN
37 * @run main/othervm -XX:+UnlockExperimentalVMOptions
38 * -XX:+EnableJVMCI
39 * compiler.jvmci.SecurityRestrictionsTest
40 * NO_PERM
41 * @run main/othervm -XX:+UnlockExperimentalVMOptions
42 * -XX:+EnableJVMCI
43 * compiler.jvmci.SecurityRestrictionsTest
44 * ALL_PERM
45 * @run main/othervm -XX:+UnlockExperimentalVMOptions
46 * -XX:+EnableJVMCI
47 * compiler.jvmci.SecurityRestrictionsTest
48 * NO_JVMCI_ACCESS_PERM
49 * @run main/othervm -XX:+UnlockExperimentalVMOptions
50 * -XX:-EnableJVMCI
51 * compiler.jvmci.SecurityRestrictionsTest
52 * NO_JVMCI
53 */
54
55 package compiler.jvmci;
56
57 import jdk.test.lib.Utils;
58 import java.lang.InternalError;
59 import java.lang.reflect.Constructor;
60 import java.security.AccessControlException;
61 import java.security.Permission;
62 import java.util.PropertyPermission;
63 import java.util.function.Consumer;
64 import java.util.logging.Level;
65 import java.util.logging.Logger;
66
67 public class SecurityRestrictionsTest {
68
69 public static void main(String[] args) {
70 try {
71 // to init Utils before call SecurityManager
72 Class.forName(Utils.class.getName(), true,
73 Utils.class.getClassLoader());
74 } catch (ClassNotFoundException e) {
75 throw new Error("[TEST BUG]: jdk.test.lib.Utils not found", e);
76 }
77 try {
78 TestCase mode = TestCase.valueOf(args[0]);
79 mode.run();
80 } catch (IllegalArgumentException e) {
81 throw new Error("[TEST BUG]: Unknown mode " + args[0], e);
82 }
83 }
84
85 private enum TestCase {
86 NO_SEC_MAN,
87 NO_JVMCI {
88 @Override
89 public Class<? extends Throwable> getExpectedException() {
90 return InternalError.class;
91 }
92 },
93 ALL_PERM {
94 @Override
95 public SecurityManager getSecurityManager() {
96 return new SecurityManager() {
97 @Override
98 public void checkPermission(Permission perm) {
99 }
100 };
101 }
102 },
103 NO_PERM {
104 @Override
105 public SecurityManager getSecurityManager() {
106 return new SecurityManager();
107 }
108
109 @Override
110 public Class<? extends Throwable> getExpectedException() {
111 return AccessControlException.class;
112 }
113 },
114 NO_JVMCI_ACCESS_PERM {
115 @Override
116 public SecurityManager getSecurityManager() {
117 return new SecurityManager() {
118 @Override
119 public void checkPermission(Permission perm) {
120 if (isJvmciPermission(perm)) {
121 super.checkPermission(perm);
122 }
123 }
124
125 @Override
126 public void checkPropertyAccess(String key) {
127 if (key.startsWith(JVMCI_PROP_START)) {
128 super.checkPropertyAccess(key);
129 }
130 }
131 };
132 }
133
134 private boolean isJvmciPermission(Permission perm) {
135 String name = perm.getName();
136 boolean isJvmciRuntime = perm instanceof RuntimePermission
137 && (JVMCI_SERVICES.equals(name)
138 || name.startsWith(JVMCI_RT_PERM_START));
139 boolean isJvmciProperty = perm instanceof PropertyPermission
140 && name.startsWith(JVMCI_PROP_START);
141 return isJvmciRuntime || isJvmciProperty;
142 }
143
144 @Override
145 public Class<? extends Throwable> getExpectedException() {
146 return AccessControlException.class;
147 }
148 };
149
150 public void run() {
151 System.setSecurityManager(getSecurityManager());
152 Consumer<Throwable> exceptionCheck = e -> {
153 if (e == null) {
154 if (getExpectedException() != null) {
155 String message = name() + ": Didn't get expected exception "
156 + getExpectedException();
157 throw new AssertionError(message);
158 }
159 } else {
160 String message = name() + ": Got unexpected exception "
161 + e.getClass().getSimpleName();
162 if (getExpectedException() == null){
163 throw new AssertionError(message, e);
164 }
165
166 Throwable t = e;
167 while (t.getCause() != null) {
168 t = t.getCause();
169 }
170 if (!getExpectedException().isAssignableFrom(t.getClass())) {
171 message += " instead of " + getExpectedException()
172 .getSimpleName();
173 throw new AssertionError(message, e);
174 }
175 }
176 };
177 Utils.runAndCheckException(() -> {
178 try {
179 // CompilerToVM::<cinit> provokes CompilerToVM::<init>
180 Class.forName("jdk.vm.ci.hotspot.CompilerToVMHelper");
181 } catch (ClassNotFoundException e) {
182 throw new Error("TESTBUG : " + e, e);
183 }
184 }, exceptionCheck);
185 }
186
187 public SecurityManager getSecurityManager() {
188 return null;
189 }
190
191 public Class<? extends Throwable> getExpectedException() {
192 return null;
193 }
194
195 private static final String JVMCI_RT_PERM_START
196 = "accessClassInPackage.jdk.vm.ci";
197 private static final String JVMCI_SERVICES = "jvmciServices";
198 private static final String JVMCI_PROP_START = "jvmci.";
199
200 }
201 }