8344105: Remove SecurityManager and related calls from jdk.attach and jdk.hotspot.agent
Reviewed-by: amenkov, cjplummer
This commit is contained in:
parent
475feb064b
commit
00ff6a38ce
@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2008, 2013, Oracle and/or its affiliates. All rights reserved.
|
* Copyright (c) 2008, 2024, Oracle and/or its affiliates. All rights reserved.
|
||||||
* Copyright (c) 2013 SAP SE. All rights reserved.
|
* Copyright (c) 2013 SAP SE. All rights reserved.
|
||||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||||
*
|
*
|
||||||
@ -52,8 +52,6 @@ public class AttachProviderImpl extends HotSpotAttachProvider {
|
|||||||
public VirtualMachine attachVirtualMachine(String vmid)
|
public VirtualMachine attachVirtualMachine(String vmid)
|
||||||
throws AttachNotSupportedException, IOException
|
throws AttachNotSupportedException, IOException
|
||||||
{
|
{
|
||||||
checkAttachPermission();
|
|
||||||
|
|
||||||
// AttachNotSupportedException will be thrown if the target VM can be determined
|
// AttachNotSupportedException will be thrown if the target VM can be determined
|
||||||
// to be not attachable.
|
// to be not attachable.
|
||||||
testAttachable(vmid);
|
testAttachable(vmid);
|
||||||
@ -72,7 +70,6 @@ public class AttachProviderImpl extends HotSpotAttachProvider {
|
|||||||
// implementation which only returns a list of attachable VMs.
|
// implementation which only returns a list of attachable VMs.
|
||||||
if (vmd instanceof HotSpotVirtualMachineDescriptor) {
|
if (vmd instanceof HotSpotVirtualMachineDescriptor) {
|
||||||
assert ((HotSpotVirtualMachineDescriptor)vmd).isAttachable();
|
assert ((HotSpotVirtualMachineDescriptor)vmd).isAttachable();
|
||||||
checkAttachPermission();
|
|
||||||
return new VirtualMachineImpl(this, vmd.id());
|
return new VirtualMachineImpl(this, vmd.id());
|
||||||
} else {
|
} else {
|
||||||
return attachVirtualMachine(vmd.id());
|
return attachVirtualMachine(vmd.id());
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved.
|
* Copyright (c) 2005, 2024, Oracle and/or its affiliates. All rights reserved.
|
||||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||||
*
|
*
|
||||||
* This code is free software; you can redistribute it and/or modify it
|
* This code is free software; you can redistribute it and/or modify it
|
||||||
@ -49,8 +49,6 @@ public class AttachProviderImpl extends HotSpotAttachProvider {
|
|||||||
public VirtualMachine attachVirtualMachine(String vmid)
|
public VirtualMachine attachVirtualMachine(String vmid)
|
||||||
throws AttachNotSupportedException, IOException
|
throws AttachNotSupportedException, IOException
|
||||||
{
|
{
|
||||||
checkAttachPermission();
|
|
||||||
|
|
||||||
// AttachNotSupportedException will be thrown if the target VM can be determined
|
// AttachNotSupportedException will be thrown if the target VM can be determined
|
||||||
// to be not attachable.
|
// to be not attachable.
|
||||||
testAttachable(vmid);
|
testAttachable(vmid);
|
||||||
@ -69,7 +67,6 @@ public class AttachProviderImpl extends HotSpotAttachProvider {
|
|||||||
// implementation which only returns a list of attachable VMs.
|
// implementation which only returns a list of attachable VMs.
|
||||||
if (vmd instanceof HotSpotVirtualMachineDescriptor) {
|
if (vmd instanceof HotSpotVirtualMachineDescriptor) {
|
||||||
assert ((HotSpotVirtualMachineDescriptor)vmd).isAttachable();
|
assert ((HotSpotVirtualMachineDescriptor)vmd).isAttachable();
|
||||||
checkAttachPermission();
|
|
||||||
return new VirtualMachineImpl(this, vmd.id());
|
return new VirtualMachineImpl(this, vmd.id());
|
||||||
} else {
|
} else {
|
||||||
return attachVirtualMachine(vmd.id());
|
return attachVirtualMachine(vmd.id());
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
|
* Copyright (c) 2005, 2024, Oracle and/or its affiliates. All rights reserved.
|
||||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||||
*
|
*
|
||||||
* This code is free software; you can redistribute it and/or modify it
|
* This code is free software; you can redistribute it and/or modify it
|
||||||
@ -49,8 +49,6 @@ public class AttachProviderImpl extends HotSpotAttachProvider {
|
|||||||
public VirtualMachine attachVirtualMachine(String vmid)
|
public VirtualMachine attachVirtualMachine(String vmid)
|
||||||
throws AttachNotSupportedException, IOException
|
throws AttachNotSupportedException, IOException
|
||||||
{
|
{
|
||||||
checkAttachPermission();
|
|
||||||
|
|
||||||
// AttachNotSupportedException will be thrown if the target VM can be determined
|
// AttachNotSupportedException will be thrown if the target VM can be determined
|
||||||
// to be not attachable.
|
// to be not attachable.
|
||||||
testAttachable(vmid);
|
testAttachable(vmid);
|
||||||
@ -69,7 +67,6 @@ public class AttachProviderImpl extends HotSpotAttachProvider {
|
|||||||
// implementation which only returns a list of attachable VMs.
|
// implementation which only returns a list of attachable VMs.
|
||||||
if (vmd instanceof HotSpotVirtualMachineDescriptor) {
|
if (vmd instanceof HotSpotVirtualMachineDescriptor) {
|
||||||
assert ((HotSpotVirtualMachineDescriptor)vmd).isAttachable();
|
assert ((HotSpotVirtualMachineDescriptor)vmd).isAttachable();
|
||||||
checkAttachPermission();
|
|
||||||
return new VirtualMachineImpl(this, vmd.id());
|
return new VirtualMachineImpl(this, vmd.id());
|
||||||
} else {
|
} else {
|
||||||
return attachVirtualMachine(vmd.id());
|
return attachVirtualMachine(vmd.id());
|
||||||
|
@ -32,7 +32,6 @@ import java.util.ArrayList;
|
|||||||
import java.util.List;
|
import java.util.List;
|
||||||
import com.sun.tools.attach.VirtualMachine;
|
import com.sun.tools.attach.VirtualMachine;
|
||||||
import com.sun.tools.attach.VirtualMachineDescriptor;
|
import com.sun.tools.attach.VirtualMachineDescriptor;
|
||||||
import com.sun.tools.attach.AttachPermission;
|
|
||||||
import com.sun.tools.attach.AttachNotSupportedException;
|
import com.sun.tools.attach.AttachNotSupportedException;
|
||||||
import java.util.ServiceLoader;
|
import java.util.ServiceLoader;
|
||||||
|
|
||||||
@ -84,10 +83,6 @@ public abstract class AttachProvider {
|
|||||||
* Initializes a new instance of this class.
|
* Initializes a new instance of this class.
|
||||||
*/
|
*/
|
||||||
protected AttachProvider() {
|
protected AttachProvider() {
|
||||||
@SuppressWarnings("removal")
|
|
||||||
SecurityManager sm = System.getSecurityManager();
|
|
||||||
if (sm != null)
|
|
||||||
sm.checkPermission(new AttachPermission("createAttachProvider"));
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2005, 2022, Oracle and/or its affiliates. All rights reserved.
|
* Copyright (c) 2005, 2024, Oracle and/or its affiliates. All rights reserved.
|
||||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||||
*
|
*
|
||||||
* This code is free software; you can redistribute it and/or modify it
|
* This code is free software; you can redistribute it and/or modify it
|
||||||
@ -25,7 +25,6 @@
|
|||||||
package sun.tools.attach;
|
package sun.tools.attach;
|
||||||
|
|
||||||
import com.sun.tools.attach.VirtualMachineDescriptor;
|
import com.sun.tools.attach.VirtualMachineDescriptor;
|
||||||
import com.sun.tools.attach.AttachPermission;
|
|
||||||
import com.sun.tools.attach.AttachNotSupportedException;
|
import com.sun.tools.attach.AttachNotSupportedException;
|
||||||
import com.sun.tools.attach.spi.AttachProvider;
|
import com.sun.tools.attach.spi.AttachProvider;
|
||||||
|
|
||||||
@ -47,16 +46,6 @@ public abstract class HotSpotAttachProvider extends AttachProvider {
|
|||||||
public HotSpotAttachProvider() {
|
public HotSpotAttachProvider() {
|
||||||
}
|
}
|
||||||
|
|
||||||
public void checkAttachPermission() {
|
|
||||||
@SuppressWarnings("removal")
|
|
||||||
SecurityManager sm = System.getSecurityManager();
|
|
||||||
if (sm != null) {
|
|
||||||
sm.checkPermission(
|
|
||||||
new AttachPermission("attachVirtualMachine")
|
|
||||||
);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* This listVirtualMachines implementation is based on jvmstat. Can override
|
* This listVirtualMachines implementation is based on jvmstat. Can override
|
||||||
* this in platform implementations when there is a more efficient mechanism
|
* this in platform implementations when there is a more efficient mechanism
|
||||||
|
@ -37,7 +37,6 @@ import java.io.BufferedReader;
|
|||||||
import java.io.InputStream;
|
import java.io.InputStream;
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.io.InputStreamReader;
|
import java.io.InputStreamReader;
|
||||||
import java.security.AccessController;
|
|
||||||
import java.security.PrivilegedAction;
|
import java.security.PrivilegedAction;
|
||||||
import java.util.Properties;
|
import java.util.Properties;
|
||||||
import java.util.stream.Collectors;
|
import java.util.stream.Collectors;
|
||||||
@ -54,8 +53,7 @@ public abstract class HotSpotVirtualMachine extends VirtualMachine {
|
|||||||
|
|
||||||
@SuppressWarnings("removal")
|
@SuppressWarnings("removal")
|
||||||
private static long pid() {
|
private static long pid() {
|
||||||
PrivilegedAction<ProcessHandle> pa = () -> ProcessHandle.current();
|
return ProcessHandle.current().pid();
|
||||||
return AccessController.doPrivileged(pa).pid();
|
|
||||||
}
|
}
|
||||||
|
|
||||||
private static final boolean ALLOW_ATTACH_SELF;
|
private static final boolean ALLOW_ATTACH_SELF;
|
||||||
@ -361,12 +359,7 @@ public abstract class HotSpotVirtualMachine extends VirtualMachine {
|
|||||||
*/
|
*/
|
||||||
protected boolean isAPIv2Enabled() {
|
protected boolean isAPIv2Enabled() {
|
||||||
// if "jdk.attach.compat" property is set, only v1 is enabled.
|
// if "jdk.attach.compat" property is set, only v1 is enabled.
|
||||||
try {
|
return !Boolean.getBoolean("jdk.attach.compat");
|
||||||
String value = System.getProperty("jdk.attach.compat");
|
|
||||||
return !("true".equalsIgnoreCase(value));
|
|
||||||
} catch (SecurityException se) {
|
|
||||||
}
|
|
||||||
return true;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -563,7 +556,6 @@ public abstract class HotSpotVirtualMachine extends VirtualMachine {
|
|||||||
String s =
|
String s =
|
||||||
System.getProperty("sun.tools.attach.attachTimeout");
|
System.getProperty("sun.tools.attach.attachTimeout");
|
||||||
attachTimeout = Long.parseLong(s);
|
attachTimeout = Long.parseLong(s);
|
||||||
} catch (SecurityException se) {
|
|
||||||
} catch (NumberFormatException ne) {
|
} catch (NumberFormatException ne) {
|
||||||
}
|
}
|
||||||
if (attachTimeout <= 0) {
|
if (attachTimeout <= 0) {
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2005, 2023, Oracle and/or its affiliates. All rights reserved.
|
* Copyright (c) 2005, 2024, Oracle and/or its affiliates. All rights reserved.
|
||||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||||
*
|
*
|
||||||
* This code is free software; you can redistribute it and/or modify it
|
* This code is free software; you can redistribute it and/or modify it
|
||||||
@ -51,8 +51,6 @@ public class AttachProviderImpl extends HotSpotAttachProvider {
|
|||||||
public VirtualMachine attachVirtualMachine(String vmid)
|
public VirtualMachine attachVirtualMachine(String vmid)
|
||||||
throws AttachNotSupportedException, IOException
|
throws AttachNotSupportedException, IOException
|
||||||
{
|
{
|
||||||
checkAttachPermission();
|
|
||||||
|
|
||||||
// AttachNotSupportedException will be thrown if the target VM can be determined
|
// AttachNotSupportedException will be thrown if the target VM can be determined
|
||||||
// to be not attachable.
|
// to be not attachable.
|
||||||
testAttachable(vmid);
|
testAttachable(vmid);
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2005, 2021, Oracle and/or its affiliates. All rights reserved.
|
* Copyright (c) 2005, 2024, Oracle and/or its affiliates. All rights reserved.
|
||||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||||
*
|
*
|
||||||
* This code is free software; you can redistribute it and/or modify it
|
* This code is free software; you can redistribute it and/or modify it
|
||||||
@ -76,14 +76,6 @@ public class SALauncherLoader extends URLClassLoader {
|
|||||||
*/
|
*/
|
||||||
public synchronized Class loadClass(String name, boolean resolve)
|
public synchronized Class loadClass(String name, boolean resolve)
|
||||||
throws ClassNotFoundException {
|
throws ClassNotFoundException {
|
||||||
int i = name.lastIndexOf('.');
|
|
||||||
if (i != -1) {
|
|
||||||
@SuppressWarnings("removal")
|
|
||||||
SecurityManager sm = System.getSecurityManager();
|
|
||||||
if (sm != null) {
|
|
||||||
sm.checkPackageAccess(name.substring(0, i));
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
Class clazz = findLoadedClass(name);
|
Class clazz = findLoadedClass(name);
|
||||||
if (clazz != null) return clazz;
|
if (clazz != null) return clazz;
|
||||||
@ -104,15 +96,6 @@ public class SALauncherLoader extends URLClassLoader {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* allow any classes loaded from classpath to exit the VM.
|
|
||||||
*/
|
|
||||||
protected PermissionCollection getPermissions(CodeSource codesource) {
|
|
||||||
PermissionCollection perms = super.getPermissions(codesource);
|
|
||||||
perms.add(new RuntimePermission("exitVM"));
|
|
||||||
return perms;
|
|
||||||
}
|
|
||||||
|
|
||||||
//-- Internals only below this point
|
//-- Internals only below this point
|
||||||
|
|
||||||
private String[] libpaths;
|
private String[] libpaths;
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2002, 2023, Oracle and/or its affiliates. All rights reserved.
|
* Copyright (c) 2002, 2024, Oracle and/or its affiliates. All rights reserved.
|
||||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||||
*
|
*
|
||||||
* This code is free software; you can redistribute it and/or modify it
|
* This code is free software; you can redistribute it and/or modify it
|
||||||
@ -24,9 +24,6 @@
|
|||||||
|
|
||||||
package sun.jvm.hotspot.tools.jcore;
|
package sun.jvm.hotspot.tools.jcore;
|
||||||
|
|
||||||
import java.security.AccessController;
|
|
||||||
import java.security.PrivilegedAction;
|
|
||||||
|
|
||||||
import sun.jvm.hotspot.interpreter.Bytecodes;
|
import sun.jvm.hotspot.interpreter.Bytecodes;
|
||||||
import sun.jvm.hotspot.oops.ConstantPool;
|
import sun.jvm.hotspot.oops.ConstantPool;
|
||||||
import sun.jvm.hotspot.oops.ConstantPoolCache;
|
import sun.jvm.hotspot.oops.ConstantPoolCache;
|
||||||
@ -44,19 +41,7 @@ public class ByteCodeRewriter
|
|||||||
private Bytes bytes;
|
private Bytes bytes;
|
||||||
|
|
||||||
private static final int jintSize = 4;
|
private static final int jintSize = 4;
|
||||||
public static final boolean DEBUG;
|
public static final boolean DEBUG = Boolean.getBoolean("sun.jvm.hotspot.tools.jcore.ByteCodeRewriter.DEBUG");
|
||||||
|
|
||||||
static {
|
|
||||||
@SuppressWarnings("removal")
|
|
||||||
String debug = AccessController.doPrivileged(
|
|
||||||
new PrivilegedAction<>() {
|
|
||||||
public String run() {
|
|
||||||
return System.getProperty("sun.jvm.hotspot.tools.jcore.ByteCodeRewriter.DEBUG");
|
|
||||||
}
|
|
||||||
}
|
|
||||||
);
|
|
||||||
DEBUG = (debug != null ? debug.equalsIgnoreCase("true") : false);
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
protected void debugMessage(String message) {
|
protected void debugMessage(String message) {
|
||||||
|
Loading…
x
Reference in New Issue
Block a user