< prev index next >

./test/lib/jdk/test/lib/Platform.java

Print this page
rev 2681 : [mq]: 8182154


   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.
   8  *
   9  * This code is distributed in the hope that it will be useful, but WITHOUT
  10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  12  * version 2 for more details (a copy is included in the LICENSE file that
  13  * accompanied this code).
  14  *
  15  * You should have received a copy of the GNU General Public License version
  16  * 2 along with this work; if not, write to the Free Software Foundation,
  17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  18  *
  19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  20  * or visit www.oracle.com if you need additional information or have any
  21  * questions.
  22  */
  23 
  24 package jdk.test.lib;
  25 

  26 import java.io.IOException;
  27 import java.nio.file.Files;
  28 import java.nio.file.Path;
  29 import java.nio.file.Paths;
  30 import java.util.regex.Pattern;
  31 
  32 public class Platform {
  33     public  static final String vmName      = System.getProperty("java.vm.name");
  34     public  static final String vmInfo      = System.getProperty("java.vm.info");
  35     private static final String osVersion   = System.getProperty("os.version");
  36     private static       int osVersionMajor = -1;
  37     private static       int osVersionMinor = -1;
  38     private static final String osName      = System.getProperty("os.name");
  39     private static final String dataModel   = System.getProperty("sun.arch.data.model");
  40     private static final String vmVersion   = System.getProperty("java.vm.version");
  41     private static final String jdkDebug    = System.getProperty("jdk.debug");
  42     private static final String osArch      = System.getProperty("os.arch");
  43     private static final String userName    = System.getProperty("user.name");
  44     private static final String compiler    = System.getProperty("sun.management.compiler");
  45 
  46     public static boolean isClient() {
  47         return vmName.endsWith(" Client VM");
  48     }
  49 


 191     }
 192 
 193     public static boolean isX64() {
 194         // On OSX it's 'x86_64' and on other (Linux, Windows and Solaris) platforms it's 'amd64'
 195         return isArch("(amd64)|(x86_64)");
 196     }
 197 
 198     public static boolean isX86() {
 199         // On Linux it's 'i386', Windows 'x86' without '_64' suffix.
 200         return isArch("(i386)|(x86(?!_64))");
 201     }
 202 
 203     public static String getOsArch() {
 204         return osArch;
 205     }
 206 
 207     /**
 208      * Return a boolean for whether we expect to be able to attach
 209      * the SA to our own processes on this system.
 210      */
 211     public static boolean shouldSAAttach() throws Exception {
 212 
 213         if (isAix()) {
 214             return false;   // SA not implemented.
 215         } else if (isLinux()) {
 216             if (isS390x()) { return false; }   // SA not implemented.


 217             return canPtraceAttachLinux();
 218         } else if (isOSX()) {
 219             return canAttachOSX();
 220         } else {
 221             // Other platforms expected to work:
 222             return true;
 223         }
 224     }
 225 
 226     /**
 227      * On Linux, first check the SELinux boolean "deny_ptrace" and return false
 228      * as we expect to be denied if that is "1".  Then expect permission to attach
 229      * if we are root, so return true.  Then return false for an expected denial
 230      * if "ptrace_scope" is 1, and true otherwise.
 231      */
 232     public static boolean canPtraceAttachLinux() throws Exception {
 233 
 234         // SELinux deny_ptrace:
 235         String deny_ptrace = fileAsString("/sys/fs/selinux/booleans/deny_ptrace");
 236         if (deny_ptrace != null && deny_ptrace.contains("1")) {
 237             // ptrace will be denied:

 238             return false;
 239         }


 240 
 241         // YAMA enhanced security ptrace_scope:
 242         // 0 - a process can PTRACE_ATTACH to any other process running under the same uid
 243         // 1 - restricted ptrace: a process must be a children of the inferior or user is root
 244         // 2 - only processes with CAP_SYS_PTRACE may use ptrace or user is root
 245         // 3 - no attach: no processes may use ptrace with PTRACE_ATTACH
 246         String ptrace_scope = fileAsString("/proc/sys/kernel/yama/ptrace_scope");
 247         if (ptrace_scope != null) {
 248             if (ptrace_scope.startsWith("3")) {


 249                 return false;
 250             }
 251             if (!userName.equals("root") && !ptrace_scope.startsWith("0")) {
 252                 // ptrace will be denied:
 253                 return false;
 254             }
 255         }

 256         // Otherwise expect to be permitted:
 257         return true;
 258     }
 259 
 260     /**
 261      * On OSX, expect permission to attach only if we are root.
 262      */
 263     public static boolean canAttachOSX() throws Exception {
 264         return userName.equals("root");
 265     }
 266 
 267     private static boolean isArch(String archnameRE) {
 268         return Pattern.compile(archnameRE, Pattern.CASE_INSENSITIVE)
 269                       .matcher(osArch)
 270                       .matches();
 271     }
 272 
 273     private static String fileAsString(String filename) throws IOException {
 274         Path filePath = Paths.get(filename);
 275         if (!Files.exists(filePath)) return null;
 276         return new String(Files.readAllBytes(filePath));
 277     }
 278 }


   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.
   8  *
   9  * This code is distributed in the hope that it will be useful, but WITHOUT
  10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  12  * version 2 for more details (a copy is included in the LICENSE file that
  13  * accompanied this code).
  14  *
  15  * You should have received a copy of the GNU General Public License version
  16  * 2 along with this work; if not, write to the Free Software Foundation,
  17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  18  *
  19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  20  * or visit www.oracle.com if you need additional information or have any
  21  * questions.
  22  */
  23 
  24 package jdk.test.lib;
  25 
  26 import java.io.File;
  27 import java.io.IOException;
  28 import java.io.RandomAccessFile;


  29 import java.util.regex.Pattern;
  30 
  31 public class Platform {
  32     public  static final String vmName      = System.getProperty("java.vm.name");
  33     public  static final String vmInfo      = System.getProperty("java.vm.info");
  34     private static final String osVersion   = System.getProperty("os.version");
  35     private static       int osVersionMajor = -1;
  36     private static       int osVersionMinor = -1;
  37     private static final String osName      = System.getProperty("os.name");
  38     private static final String dataModel   = System.getProperty("sun.arch.data.model");
  39     private static final String vmVersion   = System.getProperty("java.vm.version");
  40     private static final String jdkDebug    = System.getProperty("jdk.debug");
  41     private static final String osArch      = System.getProperty("os.arch");
  42     private static final String userName    = System.getProperty("user.name");
  43     private static final String compiler    = System.getProperty("sun.management.compiler");
  44 
  45     public static boolean isClient() {
  46         return vmName.endsWith(" Client VM");
  47     }
  48 


 190     }
 191 
 192     public static boolean isX64() {
 193         // On OSX it's 'x86_64' and on other (Linux, Windows and Solaris) platforms it's 'amd64'
 194         return isArch("(amd64)|(x86_64)");
 195     }
 196 
 197     public static boolean isX86() {
 198         // On Linux it's 'i386', Windows 'x86' without '_64' suffix.
 199         return isArch("(i386)|(x86(?!_64))");
 200     }
 201 
 202     public static String getOsArch() {
 203         return osArch;
 204     }
 205 
 206     /**
 207      * Return a boolean for whether we expect to be able to attach
 208      * the SA to our own processes on this system.
 209      */
 210     public static boolean shouldSAAttach() throws IOException {

 211         if (isAix()) {
 212             return false; // SA not implemented.
 213         } else if (isLinux()) {
 214             if (isS390x()) {
 215                 return false; // SA not implemented.
 216             }
 217             return canPtraceAttachLinux();
 218         } else if (isOSX()) {
 219             return canAttachOSX();
 220         } else {
 221             // Other platforms expected to work:
 222             return true;
 223         }
 224     }
 225 
 226     /**
 227      * On Linux, first check the SELinux boolean "deny_ptrace" and return false
 228      * as we expect to be denied if that is "1".  Then expect permission to attach
 229      * if we are root, so return true.  Then return false for an expected denial
 230      * if "ptrace_scope" is 1, and true otherwise.
 231      */
 232     private static boolean canPtraceAttachLinux() throws IOException {

 233         // SELinux deny_ptrace:
 234         File deny_ptrace = new File("/sys/fs/selinux/booleans/deny_ptrace");
 235         if (deny_ptrace.exists()) {
 236             try (RandomAccessFile file = new RandomAccessFile(deny_ptrace, "r")) {
 237                 if (file.readByte() != '0') {
 238                     return false;
 239                 }
 240             }
 241         }
 242 
 243         // YAMA enhanced security ptrace_scope:
 244         // 0 - a process can PTRACE_ATTACH to any other process running under the same uid
 245         // 1 - restricted ptrace: a process must be a children of the inferior or user is root
 246         // 2 - only processes with CAP_SYS_PTRACE may use ptrace or user is root
 247         // 3 - no attach: no processes may use ptrace with PTRACE_ATTACH
 248         File ptrace_scope = new File("/proc/sys/kernel/yama/ptrace_scope");
 249         if (ptrace_scope.exists()) {
 250             try (RandomAccessFile file = new RandomAccessFile(ptrace_scope, "r")) {
 251                 byte yama_scope = file.readByte();
 252                 if (yama_scope == '3') {
 253                     return false;
 254                 }
 255 
 256                 if (!userName.equals("root") && yama_scope != '0') {
 257                     return false;
 258                 }
 259             }
 260         }
 261         // Otherwise expect to be permitted:
 262         return true;
 263     }
 264 
 265     /**
 266      * On OSX, expect permission to attach only if we are root.
 267      */
 268     private static boolean canAttachOSX() {
 269         return userName.equals("root");
 270     }
 271 
 272     private static boolean isArch(String archnameRE) {
 273         return Pattern.compile(archnameRE, Pattern.CASE_INSENSITIVE)
 274                       .matcher(osArch)
 275                       .matches();
 276     }






 277 }
< prev index next >