New src/jdk.scripting.nashorn/share/classes/jdk/nashorn/internal/runtime/linker/JavaAdapterClassLoader.java

   1 /*
   2  * Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.  Oracle designates this
   8  * particular file as subject to the "Classpath" exception as provided
   9  * by Oracle in the LICENSE file that accompanied this code.
  10  *
  11  * This code is distributed in the hope that it will be useful, but WITHOUT
  12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * version 2 for more details (a copy is included in the LICENSE file that
  15  * accompanied this code).
  16  *
  17  * You should have received a copy of the GNU General Public License version
  18  * 2 along with this work; if not, write to the Free Software Foundation,
  19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any
  23  * questions.
  24  */
  25 
  26 package jdk.nashorn.internal.runtime.linker;
  27 
  28 import java.security.AccessControlContext;
  29 import java.security.AccessController;
  30 import java.security.PrivilegedAction;
  31 import java.security.ProtectionDomain;
  32 import java.security.SecureClassLoader;
  33 import java.util.Arrays;
  34 import java.util.Collection;
  35 import java.util.Collections;
  36 import java.util.HashSet;
  37 import jdk.internal.dynalink.beans.StaticClass;
  38 import jdk.nashorn.internal.codegen.DumpBytecode;
  39 import jdk.nashorn.internal.runtime.Context;
  40 import jdk.nashorn.internal.runtime.JSType;
  41 import jdk.nashorn.internal.runtime.ScriptFunction;
  42 import jdk.nashorn.internal.runtime.ScriptObject;
  43 
  44 /**
  45  * This class encapsulates the bytecode of the adapter class and can be used to load it into the JVM as an actual Class.
  46  * It can be invoked repeatedly to create multiple adapter classes from the same bytecode; adapter classes that have
  47  * class-level overrides must be re-created for every set of such overrides. Note that while this class is named
  48  * "class loader", it does not, in fact, extend {@code ClassLoader}, but rather uses them internally. Instances of this
  49  * class are normally created by {@code JavaAdapterBytecodeGenerator}.
  50  */
  51 final class JavaAdapterClassLoader {
  52     private static final AccessControlContext CREATE_LOADER_ACC_CTXT = ClassAndLoader.createPermAccCtxt("createClassLoader");
  53     private static final AccessControlContext GET_CONTEXT_ACC_CTXT = ClassAndLoader.createPermAccCtxt(Context.NASHORN_GET_CONTEXT);
  54     private static final Collection<String> VISIBLE_INTERNAL_CLASS_NAMES = Collections.unmodifiableCollection(new HashSet<>(
  55             Arrays.asList(JavaAdapterServices.class.getName(), ScriptObject.class.getName(), ScriptFunction.class.getName(), JSType.class.getName())));
  56 
  57     private final String className;
  58     private final byte[] classBytes;
  59 
  60     JavaAdapterClassLoader(final String className, final byte[] classBytes) {
  61         this.className = className.replace('/', '.');
  62         this.classBytes = classBytes;
  63     }
  64 
  65     /**
  66      * Loads the generated adapter class into the JVM.
  67      * @param parentLoader the parent class loader for the generated class loader
  68      * @param protectionDomain the protection domain for the generated class
  69      * @return the generated adapter class
  70      */
  71     StaticClass generateClass(final ClassLoader parentLoader, final ProtectionDomain protectionDomain) {
  72         assert protectionDomain != null;
  73         return AccessController.doPrivileged(new PrivilegedAction<StaticClass>() {
  74             @Override
  75             public StaticClass run() {
  76                 try {
  77                     return StaticClass.forClass(Class.forName(className, true, createClassLoader(parentLoader, protectionDomain)));
  78                 } catch (final ClassNotFoundException e) {
  79                     throw new AssertionError(e); // cannot happen
  80                 }
  81             }
  82         }, CREATE_LOADER_ACC_CTXT);
  83     }
  84 
  85     // Note that the adapter class is created in the protection domain of the class/interface being
  86     // extended/implemented, and only the privileged global setter action class is generated in the protection domain
  87     // of Nashorn itself. Also note that the creation and loading of the global setter is deferred until it is
  88     // required by JVM linker, which will only happen on first invocation of any of the adapted method. We could defer
  89     // it even more by separating its invocation into a separate static method on the adapter class, but then someone
  90     // with ability to introspect on the class and use setAccessible(true) on it could invoke the method. It's a
  91     // security tradeoff...
  92     private ClassLoader createClassLoader(final ClassLoader parentLoader, final ProtectionDomain protectionDomain) {
  93         return new SecureClassLoader(parentLoader) {
  94             private final ClassLoader myLoader = getClass().getClassLoader();
  95 
  96             @Override
  97             public Class<?> loadClass(final String name, final boolean resolve) throws ClassNotFoundException {
  98                 try {
  99                     Context.checkPackageAccess(name);
 100                     return super.loadClass(name, resolve);
 101                 } catch (final SecurityException se) {
 102                     // we may be implementing an interface or extending a class that was
 103                     // loaded by a loader that prevents package.access. If so, it'd throw
 104                     // SecurityException for nashorn's classes!. For adapter's to work, we
 105                     // should be able to refer to the few classes it needs in its implementation.
 106                     if(VISIBLE_INTERNAL_CLASS_NAMES.contains(name)) {
 107                         return myLoader != null? myLoader.loadClass(name) : Class.forName(name, false, myLoader);
 108                     }
 109                     throw se;
 110                 }
 111             }
 112 
 113             @Override
 114             protected Class<?> findClass(final String name) throws ClassNotFoundException {
 115                 if(name.equals(className)) {
 116                     assert classBytes != null : "what? already cleared .class bytes!!";
 117 
 118                     final Context ctx = AccessController.doPrivileged(new PrivilegedAction<Context>() {
 119                         @Override
 120                         public Context run() {
 121                             return Context.getContext();
 122                         }
 123                     }, GET_CONTEXT_ACC_CTXT);
 124                     DumpBytecode.dumpBytecode(ctx.getEnv(), ctx.getLogger(jdk.nashorn.internal.codegen.Compiler.class), classBytes, name);
 125                     return defineClass(name, classBytes, 0, classBytes.length, protectionDomain);
 126                 }
 127                 throw new ClassNotFoundException(name);
 128             }
 129         };
 130     }
 131 }