From 5a360a7579c6a46f7a0ed76e861fff704f2f62d8 Mon Sep 17 00:00:00 2001 From: Mandy Chung Date: Tue, 2 Jul 2013 15:58:09 -0700 Subject: [PATCH] 8007035: deprecate public void SecurityManager.checkMemberAccess(Class clazz, int which) Reviewed-by: jrose, alanb, dfuchs --- jdk/src/share/classes/java/lang/Class.java | 598 ++++++++---------- .../classes/java/lang/SecurityManager.java | 8 + .../java/lang/invoke/MethodHandles.java | 76 +-- .../classes/java/lang/reflect/Member.java | 2 - .../lang/invoke/InvokeDynamicPrintArgs.java | 48 +- .../java/lang/invoke/TestPrivateMember.java | 57 ++ 6 files changed, 359 insertions(+), 430 deletions(-) create mode 100644 jdk/test/java/lang/invoke/TestPrivateMember.java diff --git a/jdk/src/share/classes/java/lang/Class.java b/jdk/src/share/classes/java/lang/Class.java index df4d457367d..05cfa88cad1 100644 --- a/jdk/src/share/classes/java/lang/Class.java +++ b/jdk/src/share/classes/java/lang/Class.java @@ -360,36 +360,24 @@ public final class Class implements java.io.Serializable, * any exception thrown by the constructor in a (checked) {@link * java.lang.reflect.InvocationTargetException}. * - * @return a newly allocated instance of the class represented by this - * object. - * @exception IllegalAccessException if the class or its nullary - * constructor is not accessible. - * @exception InstantiationException - * if this {@code Class} represents an abstract class, - * an interface, an array class, a primitive type, or void; - * or if the class has no nullary constructor; - * or if the instantiation fails for some other reason. - * @exception ExceptionInInitializerError if the initialization - * provoked by this method fails. - * @exception SecurityException - * If a security manager, s, is present and any of the - * following conditions is met: - * - * - * + * @return a newly allocated instance of the class represented by this + * object. + * @throws IllegalAccessException if the class or its nullary + * constructor is not accessible. + * @throws InstantiationException + * if this {@code Class} represents an abstract class, + * an interface, an array class, a primitive type, or void; + * or if the class has no nullary constructor; + * or if the instantiation fails for some other reason. + * @throws ExceptionInInitializerError if the initialization + * provoked by this method fails. + * @throws SecurityException + * If a security manager, s, is present and + * the caller's class loader is not the same as or an + * ancestor of the class loader for the current class and + * invocation of {@link SecurityManager#checkPackageAccess + * s.checkPackageAccess()} denies access to the package + * of this class. */ @CallerSensitive public T newInstance() @@ -981,24 +969,27 @@ public final class Class implements java.io.Serializable, * * @return the immediately enclosing method of the underlying class, if * that class is a local or anonymous class; otherwise {@code null}. - * @exception SecurityException - * If a security manager, s, is present and any of the - * following conditions is met: * - *
    + * @throws SecurityException + * If a security manager, s, is present and any of the + * following conditions is met: * - *
  • invocation of - * {@link SecurityManager#checkMemberAccess - * s.checkMemberAccess(enclosingClass, Member.DECLARED)} denies - * access to the methods within the enclosing class + *
      * - *
    • the caller's class loader is not the same as or an - * ancestor of the class loader for the enclosing class and - * invocation of {@link SecurityManager#checkPackageAccess - * s.checkPackageAccess()} denies access to the package - * of the enclosing class + *
    • the caller's class loader is not the same as the + * class loader of the enclosing class and invocation of + * {@link SecurityManager#checkPermission + * s.checkPermission} method with + * {@code RuntimePermission("accessDeclaredMembers")} + * denies access to the methods within the enclosing class * - *
    + *
  • the caller's class loader is not the same as or an + * ancestor of the class loader for the enclosing class and + * invocation of {@link SecurityManager#checkPackageAccess + * s.checkPackageAccess()} denies access to the package + * of the enclosing class + * + *
* @since 1.5 */ @CallerSensitive @@ -1025,11 +1016,6 @@ public final class Class implements java.io.Serializable, // Perform access check Class enclosingCandidate = enclosingInfo.getEnclosingClass(); - // be very careful not to change the stack depth of this - // checkMemberAccess call for security reasons - // see java.lang.SecurityManager.checkMemberAccess - // - // Note that we need to do this on the enclosing class enclosingCandidate.checkMemberAccess(Member.DECLARED, Reflection.getCallerClass(), true); /* @@ -1137,24 +1123,26 @@ public final class Class implements java.io.Serializable, * * @return the immediately enclosing constructor of the underlying class, if * that class is a local or anonymous class; otherwise {@code null}. - * @exception SecurityException - * If a security manager, s, is present and any of the - * following conditions is met: + * @throws SecurityException + * If a security manager, s, is present and any of the + * following conditions is met: * - *
    + *
      * - *
    • invocation of - * {@link SecurityManager#checkMemberAccess - * s.checkMemberAccess(enclosingClass, Member.DECLARED)} denies - * access to the constructors within the enclosing class + *
    • the caller's class loader is not the same as the + * class loader of the enclosing class and invocation of + * {@link SecurityManager#checkPermission + * s.checkPermission} method with + * {@code RuntimePermission("accessDeclaredMembers")} + * denies access to the constructors within the enclosing class * - *
    • the caller's class loader is not the same as or an - * ancestor of the class loader for the enclosing class and - * invocation of {@link SecurityManager#checkPackageAccess - * s.checkPackageAccess()} denies access to the package - * of the enclosing class + *
    • the caller's class loader is not the same as or an + * ancestor of the class loader for the enclosing class and + * invocation of {@link SecurityManager#checkPackageAccess + * s.checkPackageAccess()} denies access to the package + * of the enclosing class * - *
    + *
* @since 1.5 */ @CallerSensitive @@ -1180,11 +1168,6 @@ public final class Class implements java.io.Serializable, // Perform access check Class enclosingCandidate = enclosingInfo.getEnclosingClass(); - // be very careful not to change the stack depth of this - // checkMemberAccess call for security reasons - // see java.lang.SecurityManager.checkMemberAccess - // - // Note that we need to do this on the enclosing class enclosingCandidate.checkMemberAccess(Member.DECLARED, Reflection.getCallerClass(), true); /* @@ -1457,25 +1440,14 @@ public final class Class implements java.io.Serializable, * class, or void. * * @return the array of {@code Class} objects representing the public - * members of this class - * @exception SecurityException - * If a security manager, s, is present and any of the - * following conditions is met: - * - *
    - * - *
  • invocation of - * {@link SecurityManager#checkMemberAccess - * s.checkMemberAccess(this, Member.PUBLIC)} method - * denies access to the classes within this class - * - *
  • the caller's class loader is not the same as or an - * ancestor of the class loader for the current class and - * invocation of {@link SecurityManager#checkPackageAccess - * s.checkPackageAccess()} denies access to the package - * of this class - * - *
+ * members of this class + * @throws SecurityException + * If a security manager, s, is present and + * the caller's class loader is not the same as or an + * ancestor of the class loader for the current class and + * invocation of {@link SecurityManager#checkPackageAccess + * s.checkPackageAccess()} denies access to the package + * of this class. * * @since JDK1.1 */ @@ -1530,25 +1502,14 @@ public final class Class implements java.io.Serializable, *

See The Java Language Specification, sections 8.2 and 8.3. * * @return the array of {@code Field} objects representing the - * public fields - * @exception SecurityException - * If a security manager, s, is present and any of the - * following conditions is met: - * - *

    - * - *
  • invocation of - * {@link SecurityManager#checkMemberAccess - * s.checkMemberAccess(this, Member.PUBLIC)} denies - * access to the fields within this class - * - *
  • the caller's class loader is not the same as or an - * ancestor of the class loader for the current class and - * invocation of {@link SecurityManager#checkPackageAccess - * s.checkPackageAccess()} denies access to the package - * of this class - * - *
+ * public fields + * @throws SecurityException + * If a security manager, s, is present and + * the caller's class loader is not the same as or an + * ancestor of the class loader for the current class and + * invocation of {@link SecurityManager#checkPackageAccess + * s.checkPackageAccess()} denies access to the package + * of this class. * * @since JDK1.1 */ @@ -1579,25 +1540,14 @@ public final class Class implements java.io.Serializable, *

See The Java Language Specification, sections 8.2 and 8.4. * * @return the array of {@code Method} objects representing the - * public methods of this class - * @exception SecurityException - * If a security manager, s, is present and any of the - * following conditions is met: - * - *

    - * - *
  • invocation of - * {@link SecurityManager#checkMemberAccess - * s.checkMemberAccess(this, Member.PUBLIC)} denies - * access to the methods within this class - * - *
  • the caller's class loader is not the same as or an - * ancestor of the class loader for the current class and - * invocation of {@link SecurityManager#checkPackageAccess - * s.checkPackageAccess()} denies access to the package - * of this class - * - *
+ * public methods of this class + * @throws SecurityException + * If a security manager, s, is present and + * the caller's class loader is not the same as or an + * ancestor of the class loader for the current class and + * invocation of {@link SecurityManager#checkPackageAccess + * s.checkPackageAccess()} denies access to the package + * of this class. * * @since JDK1.1 */ @@ -1626,25 +1576,14 @@ public final class Class implements java.io.Serializable, * {@code Constructor[]}. * * @return the array of {@code Constructor} objects representing the - * public constructors of this class - * @exception SecurityException - * If a security manager, s, is present and any of the - * following conditions is met: - * - *
    - * - *
  • invocation of - * {@link SecurityManager#checkMemberAccess - * s.checkMemberAccess(this, Member.PUBLIC)} denies - * access to the constructors within this class - * - *
  • the caller's class loader is not the same as or an - * ancestor of the class loader for the current class and - * invocation of {@link SecurityManager#checkPackageAccess - * s.checkPackageAccess()} denies access to the package - * of this class - * - *
+ * public constructors of this class + * @throws SecurityException + * If a security manager, s, is present and + * the caller's class loader is not the same as or an + * ancestor of the class loader for the current class and + * invocation of {@link SecurityManager#checkPackageAccess + * s.checkPackageAccess()} denies access to the package + * of this class. * * @since JDK1.1 */ @@ -1678,29 +1617,18 @@ public final class Class implements java.io.Serializable, *

See The Java Language Specification, sections 8.2 and 8.3. * * @param name the field name - * @return the {@code Field} object of this class specified by - * {@code name} - * @exception NoSuchFieldException if a field with the specified name is - * not found. - * @exception NullPointerException if {@code name} is {@code null} - * @exception SecurityException - * If a security manager, s, is present and any of the - * following conditions is met: - * - *

    - * - *
  • invocation of - * {@link SecurityManager#checkMemberAccess - * s.checkMemberAccess(this, Member.PUBLIC)} denies - * access to the field - * - *
  • the caller's class loader is not the same as or an - * ancestor of the class loader for the current class and - * invocation of {@link SecurityManager#checkPackageAccess - * s.checkPackageAccess()} denies access to the package - * of this class - * - *
+ * @return the {@code Field} object of this class specified by + * {@code name} + * @throws NoSuchFieldException if a field with the specified name is + * not found. + * @throws NullPointerException if {@code name} is {@code null} + * @throws SecurityException + * If a security manager, s, is present and + * the caller's class loader is not the same as or an + * ancestor of the class loader for the current class and + * invocation of {@link SecurityManager#checkPackageAccess + * s.checkPackageAccess()} denies access to the package + * of this class. * * @since JDK1.1 */ @@ -1762,28 +1690,17 @@ public final class Class implements java.io.Serializable, * @param name the name of the method * @param parameterTypes the list of parameters * @return the {@code Method} object that matches the specified - * {@code name} and {@code parameterTypes} - * @exception NoSuchMethodException if a matching method is not found - * or if the name is "<init>"or "<clinit>". - * @exception NullPointerException if {@code name} is {@code null} - * @exception SecurityException - * If a security manager, s, is present and any of the - * following conditions is met: - * - *
    - * - *
  • invocation of - * {@link SecurityManager#checkMemberAccess - * s.checkMemberAccess(this, Member.PUBLIC)} denies - * access to the method - * - *
  • the caller's class loader is not the same as or an - * ancestor of the class loader for the current class and - * invocation of {@link SecurityManager#checkPackageAccess - * s.checkPackageAccess()} denies access to the package - * of this class - * - *
+ * {@code name} and {@code parameterTypes} + * @throws NoSuchMethodException if a matching method is not found + * or if the name is "<init>"or "<clinit>". + * @throws NullPointerException if {@code name} is {@code null} + * @throws SecurityException + * If a security manager, s, is present and + * the caller's class loader is not the same as or an + * ancestor of the class loader for the current class and + * invocation of {@link SecurityManager#checkPackageAccess + * s.checkPackageAccess()} denies access to the package + * of this class. * * @since JDK1.1 */ @@ -1816,26 +1733,15 @@ public final class Class implements java.io.Serializable, * * @param parameterTypes the parameter array * @return the {@code Constructor} object of the public constructor that - * matches the specified {@code parameterTypes} - * @exception NoSuchMethodException if a matching method is not found. - * @exception SecurityException - * If a security manager, s, is present and any of the - * following conditions is met: - * - *
    - * - *
  • invocation of - * {@link SecurityManager#checkMemberAccess - * s.checkMemberAccess(this, Member.PUBLIC)} denies - * access to the constructor - * - *
  • the caller's class loader is not the same as or an - * ancestor of the class loader for the current class and - * invocation of {@link SecurityManager#checkPackageAccess - * s.checkPackageAccess()} denies access to the package - * of this class - * - *
+ * matches the specified {@code parameterTypes} + * @throws NoSuchMethodException if a matching method is not found. + * @throws SecurityException + * If a security manager, s, is present and + * the caller's class loader is not the same as or an + * ancestor of the class loader for the current class and + * invocation of {@link SecurityManager#checkPackageAccess + * s.checkPackageAccess()} denies access to the package + * of this class. * * @since JDK1.1 */ @@ -1858,25 +1764,27 @@ public final class Class implements java.io.Serializable, * primitive type, an array class, or void. * * @return the array of {@code Class} objects representing all the - * declared members of this class - * @exception SecurityException - * If a security manager, s, is present and any of the - * following conditions is met: + * declared members of this class + * @throws SecurityException + * If a security manager, s, is present and any of the + * following conditions is met: * - *
    + *
      * - *
    • invocation of - * {@link SecurityManager#checkMemberAccess - * s.checkMemberAccess(this, Member.DECLARED)} denies - * access to the declared classes within this class + *
    • the caller's class loader is not the same as the + * class loader of this class and invocation of + * {@link SecurityManager#checkPermission + * s.checkPermission} method with + * {@code RuntimePermission("accessDeclaredMembers")} + * denies access to the declared classes within this class * - *
    • the caller's class loader is not the same as or an - * ancestor of the class loader for the current class and - * invocation of {@link SecurityManager#checkPackageAccess - * s.checkPackageAccess()} denies access to the package - * of this class + *
    • the caller's class loader is not the same as or an + * ancestor of the class loader for the current class and + * invocation of {@link SecurityManager#checkPackageAccess + * s.checkPackageAccess()} denies access to the package + * of this class * - *
    + *
* * @since JDK1.1 */ @@ -1899,26 +1807,28 @@ public final class Class implements java.io.Serializable, * *

See The Java Language Specification, sections 8.2 and 8.3. * - * @return the array of {@code Field} objects representing all the - * declared fields of this class - * @exception SecurityException - * If a security manager, s, is present and any of the - * following conditions is met: + * @return the array of {@code Field} objects representing all the + * declared fields of this class + * @throws SecurityException + * If a security manager, s, is present and any of the + * following conditions is met: * - *

    + *
      * - *
    • invocation of - * {@link SecurityManager#checkMemberAccess - * s.checkMemberAccess(this, Member.DECLARED)} denies - * access to the declared fields within this class + *
    • the caller's class loader is not the same as the + * class loader of this class and invocation of + * {@link SecurityManager#checkPermission + * s.checkPermission} method with + * {@code RuntimePermission("accessDeclaredMembers")} + * denies access to the declared fields within this class * - *
    • the caller's class loader is not the same as or an - * ancestor of the class loader for the current class and - * invocation of {@link SecurityManager#checkPackageAccess - * s.checkPackageAccess()} denies access to the package - * of this class + *
    • the caller's class loader is not the same as or an + * ancestor of the class loader for the current class and + * invocation of {@link SecurityManager#checkPackageAccess + * s.checkPackageAccess()} denies access to the package + * of this class * - *
    + *
* * @since JDK1.1 */ @@ -1945,26 +1855,28 @@ public final class Class implements java.io.Serializable, * *

See The Java Language Specification, section 8.2. * - * @return the array of {@code Method} objects representing all the - * declared methods of this class - * @exception SecurityException - * If a security manager, s, is present and any of the - * following conditions is met: + * @return the array of {@code Method} objects representing all the + * declared methods of this class + * @throws SecurityException + * If a security manager, s, is present and any of the + * following conditions is met: * - *

    + *
      * - *
    • invocation of - * {@link SecurityManager#checkMemberAccess - * s.checkMemberAccess(this, Member.DECLARED)} denies - * access to the declared methods within this class + *
    • the caller's class loader is not the same as the + * class loader of this class and invocation of + * {@link SecurityManager#checkPermission + * s.checkPermission} method with + * {@code RuntimePermission("accessDeclaredMembers")} + * denies access to the declared methods within this class * - *
    • the caller's class loader is not the same as or an - * ancestor of the class loader for the current class and - * invocation of {@link SecurityManager#checkPackageAccess - * s.checkPackageAccess()} denies access to the package - * of this class + *
    • the caller's class loader is not the same as or an + * ancestor of the class loader for the current class and + * invocation of {@link SecurityManager#checkPackageAccess + * s.checkPackageAccess()} denies access to the package + * of this class * - *
    + *
* * @since JDK1.1 */ @@ -1988,26 +1900,28 @@ public final class Class implements java.io.Serializable, * *

See The Java Language Specification, section 8.2. * - * @return the array of {@code Constructor} objects representing all the - * declared constructors of this class - * @exception SecurityException - * If a security manager, s, is present and any of the - * following conditions is met: + * @return the array of {@code Constructor} objects representing all the + * declared constructors of this class + * @throws SecurityException + * If a security manager, s, is present and any of the + * following conditions is met: * - *

    + *
      * - *
    • invocation of - * {@link SecurityManager#checkMemberAccess - * s.checkMemberAccess(this, Member.DECLARED)} denies - * access to the declared constructors within this class + *
    • the caller's class loader is not the same as the + * class loader of this class and invocation of + * {@link SecurityManager#checkPermission + * s.checkPermission} method with + * {@code RuntimePermission("accessDeclaredMembers")} + * denies access to the declared constructors within this class * - *
    • the caller's class loader is not the same as or an - * ancestor of the class loader for the current class and - * invocation of {@link SecurityManager#checkPackageAccess - * s.checkPackageAccess()} denies access to the package - * of this class + *
    • the caller's class loader is not the same as or an + * ancestor of the class loader for the current class and + * invocation of {@link SecurityManager#checkPackageAccess + * s.checkPackageAccess()} denies access to the package + * of this class * - *
    + *
* * @since JDK1.1 */ @@ -2026,29 +1940,31 @@ public final class Class implements java.io.Serializable, * will not reflect the {@code length} field of an array class. * * @param name the name of the field - * @return the {@code Field} object for the specified field in this - * class - * @exception NoSuchFieldException if a field with the specified name is - * not found. - * @exception NullPointerException if {@code name} is {@code null} - * @exception SecurityException - * If a security manager, s, is present and any of the - * following conditions is met: + * @return the {@code Field} object for the specified field in this + * class + * @throws NoSuchFieldException if a field with the specified name is + * not found. + * @throws NullPointerException if {@code name} is {@code null} + * @throws SecurityException + * If a security manager, s, is present and any of the + * following conditions is met: * - *
    + *
      * - *
    • invocation of - * {@link SecurityManager#checkMemberAccess - * s.checkMemberAccess(this, Member.DECLARED)} denies - * access to the declared field + *
    • the caller's class loader is not the same as the + * class loader of this class and invocation of + * {@link SecurityManager#checkPermission + * s.checkPermission} method with + * {@code RuntimePermission("accessDeclaredMembers")} + * denies access to the declared field * - *
    • the caller's class loader is not the same as or an - * ancestor of the class loader for the current class and - * invocation of {@link SecurityManager#checkPackageAccess - * s.checkPackageAccess()} denies access to the package - * of this class + *
    • the caller's class loader is not the same as or an + * ancestor of the class loader for the current class and + * invocation of {@link SecurityManager#checkPackageAccess + * s.checkPackageAccess()} denies access to the package + * of this class * - *
    + *
* * @since JDK1.1 */ @@ -2080,28 +1996,30 @@ public final class Class implements java.io.Serializable, * * @param name the name of the method * @param parameterTypes the parameter array - * @return the {@code Method} object for the method of this class - * matching the specified name and parameters - * @exception NoSuchMethodException if a matching method is not found. - * @exception NullPointerException if {@code name} is {@code null} - * @exception SecurityException - * If a security manager, s, is present and any of the - * following conditions is met: + * @return the {@code Method} object for the method of this class + * matching the specified name and parameters + * @throws NoSuchMethodException if a matching method is not found. + * @throws NullPointerException if {@code name} is {@code null} + * @throws SecurityException + * If a security manager, s, is present and any of the + * following conditions is met: * - *
    + *
      * - *
    • invocation of - * {@link SecurityManager#checkMemberAccess - * s.checkMemberAccess(this, Member.DECLARED)} denies - * access to the declared method + *
    • the caller's class loader is not the same as the + * class loader of this class and invocation of + * {@link SecurityManager#checkPermission + * s.checkPermission} method with + * {@code RuntimePermission("accessDeclaredMembers")} + * denies access to the declared method * - *
    • the caller's class loader is not the same as or an - * ancestor of the class loader for the current class and - * invocation of {@link SecurityManager#checkPackageAccess - * s.checkPackageAccess()} denies access to the package - * of this class + *
    • the caller's class loader is not the same as or an + * ancestor of the class loader for the current class and + * invocation of {@link SecurityManager#checkPackageAccess + * s.checkPackageAccess()} denies access to the package + * of this class * - *
    + *
* * @since JDK1.1 */ @@ -2129,27 +2047,29 @@ public final class Class implements java.io.Serializable, * include the explicit enclosing instance as the first parameter. * * @param parameterTypes the parameter array - * @return The {@code Constructor} object for the constructor with the - * specified parameter list - * @exception NoSuchMethodException if a matching method is not found. - * @exception SecurityException - * If a security manager, s, is present and any of the - * following conditions is met: + * @return The {@code Constructor} object for the constructor with the + * specified parameter list + * @throws NoSuchMethodException if a matching method is not found. + * @throws SecurityException + * If a security manager, s, is present and any of the + * following conditions is met: * - *
    + *
      * - *
    • invocation of - * {@link SecurityManager#checkMemberAccess - * s.checkMemberAccess(this, Member.DECLARED)} denies - * access to the declared constructor + *
    • the caller's class loader is not the same as the + * class loader of this class and invocation of + * {@link SecurityManager#checkPermission + * s.checkPermission} method with + * {@code RuntimePermission("accessDeclaredMembers")} + * denies access to the declared constructor * - *
    • the caller's class loader is not the same as or an - * ancestor of the class loader for the current class and - * invocation of {@link SecurityManager#checkPackageAccess - * s.checkPackageAccess()} denies access to the package - * of this class + *
    • the caller's class loader is not the same as or an + * ancestor of the class loader for the current class and + * invocation of {@link SecurityManager#checkPackageAccess + * s.checkPackageAccess()} denies access to the package + * of this class * - *
    + *
* * @since JDK1.1 */ @@ -2306,14 +2226,6 @@ public final class Class implements java.io.Serializable, */ static native Class getPrimitiveClass(String name); - private static boolean isCheckMemberAccessOverridden(SecurityManager smgr) { - if (smgr.getClass() == SecurityManager.class) return false; - - Class[] paramTypes = new Class[] {Class.class, int.class}; - return smgr.getClass().getMethod0("checkMemberAccess", paramTypes). - getDeclaringClass() != SecurityManager.class; - } - /* * Check if client is allowed to access members. If access is denied, * throw a SecurityException. @@ -2326,19 +2238,17 @@ public final class Class implements java.io.Serializable, private void checkMemberAccess(int which, Class caller, boolean checkProxyInterfaces) { final SecurityManager s = System.getSecurityManager(); if (s != null) { + /* Default policy allows access to all {@link Member#PUBLIC} members, + * as well as access to classes that have the same class loader as the caller. + * In all other cases, it requires RuntimePermission("accessDeclaredMembers") + * permission. + */ final ClassLoader ccl = ClassLoader.getClassLoader(caller); final ClassLoader cl = getClassLoader0(); - if (!isCheckMemberAccessOverridden(s)) { - // Inlined SecurityManager.checkMemberAccess - if (which != Member.PUBLIC) { - if (ccl != cl) { - s.checkPermission(SecurityConstants.CHECK_MEMBER_ACCESS_PERMISSION); - } + if (which != Member.PUBLIC) { + if (ccl != cl) { + s.checkPermission(SecurityConstants.CHECK_MEMBER_ACCESS_PERMISSION); } - } else { - // Don't refactor; otherwise break the stack depth for - // checkMemberAccess of subclasses of SecurityManager as specified. - s.checkMemberAccess(this, which); } this.checkPackageAccess(ccl, checkProxyInterfaces); } diff --git a/jdk/src/share/classes/java/lang/SecurityManager.java b/jdk/src/share/classes/java/lang/SecurityManager.java index ca187630528..34be905bd02 100644 --- a/jdk/src/share/classes/java/lang/SecurityManager.java +++ b/jdk/src/share/classes/java/lang/SecurityManager.java @@ -1675,10 +1675,18 @@ class SecurityManager { * permission to access members. * @exception NullPointerException if the clazz argument is * null. + * + * @deprecated This method relies on the caller being at a stack depth + * of 4 which is error-prone and cannot be enforced by the runtime. + * Users of this method should instead invoke {@link #checkPermission} + * directly. This method will be changed in a future release + * to check the permission {@code java.security.AllPermission}. + * * @see java.lang.reflect.Member * @since JDK1.1 * @see #checkPermission(java.security.Permission) checkPermission */ + @Deprecated @CallerSensitive public void checkMemberAccess(Class clazz, int which) { if (clazz == null) { diff --git a/jdk/src/share/classes/java/lang/invoke/MethodHandles.java b/jdk/src/share/classes/java/lang/invoke/MethodHandles.java index 3bf24bc8503..78b01215636 100644 --- a/jdk/src/share/classes/java/lang/invoke/MethodHandles.java +++ b/jdk/src/share/classes/java/lang/invoke/MethodHandles.java @@ -41,6 +41,7 @@ import sun.reflect.misc.ReflectUtil; import sun.security.util.SecurityConstants; import static java.lang.invoke.MethodHandleStatics.*; import static java.lang.invoke.MethodHandleNatives.Constants.*; +import sun.security.util.SecurityConstants; /** * This class consists exclusively of static methods that operate on or return @@ -305,36 +306,30 @@ public class MethodHandles { * * If a security manager is present, member lookups are subject to * additional checks. - * From one to four calls are made to the security manager. + * From one to three calls are made to the security manager. * Any of these calls can refuse access by throwing a * {@link java.lang.SecurityException SecurityException}. * Define {@code smgr} as the security manager, + * {@code lookc} as the lookup class of the current lookup object, * {@code refc} as the containing class in which the member * is being sought, and {@code defc} as the class in which the * member is actually defined. + * The value {@code lookc} is defined as not present + * if the current lookup object does not have + * {@linkplain java.lang.invoke.MethodHandles.Lookup#PRIVATE private access}. * The calls are made according to the following rules: *
    - *
  • In all cases, {@link SecurityManager#checkMemberAccess - * smgr.checkMemberAccess(refc, Member.PUBLIC)} is called. - *
  • If the class loader of the lookup class is not + *
  • If {@code lookc} is not present, or if its class loader is not * the same as or an ancestor of the class loader of {@code refc}, * then {@link SecurityManager#checkPackageAccess * smgr.checkPackageAccess(refcPkg)} is called, * where {@code refcPkg} is the package of {@code refc}. + *
  • If the retrieved member is not public and + * {@code lookc} is not present, then + * {@link SecurityManager#checkPermission smgr.checkPermission} + * with {@code RuntimePermission("accessDeclaredMembers")} is called. *
  • If the retrieved member is not public, - * {@link SecurityManager#checkMemberAccess - * smgr.checkMemberAccess(defc, Member.DECLARED)} is called. - * (Note that {@code defc} might be the same as {@code refc}.) - * The default implementation of this security manager method - * inspects the stack to determine the original caller of - * the reflective request (such as {@code findStatic}), - * and performs additional permission checks if the - * class loader of {@code defc} differs from the class - * loader of the class from which the reflective request came. - *
  • If the retrieved member is not public, - * and if {@code defc} and {@code refc} are in different class loaders, - * and if the class loader of the lookup class is not - * the same as or an ancestor of the class loader of {@code defc}, + * and if {@code defc} and {@code refc} are different, * then {@link SecurityManager#checkPackageAccess * smgr.checkPackageAccess(defcPkg)} is called, * where {@code defcPkg} is the package of {@code defc}. @@ -1053,22 +1048,6 @@ return mh1; return (allowedModes & PRIVATE) != 0; } - /** - * Determine whether a security manager has an overridden - * SecurityManager.checkMemberAccess method. - */ - private boolean isCheckMemberAccessOverridden(SecurityManager sm) { - final Class cls = sm.getClass(); - if (cls == SecurityManager.class) return false; - - try { - return cls.getMethod("checkMemberAccess", Class.class, int.class). - getDeclaringClass() != SecurityManager.class; - } catch (NoSuchMethodException e) { - throw new InternalError("should not reach here"); - } - } - /** * Perform necessary access checks. * Determines a trustable caller class to compare with refc, the symbolic reference class. @@ -1079,45 +1058,22 @@ return mh1; if (smgr == null) return; if (allowedModes == TRUSTED) return; - final boolean overridden = isCheckMemberAccessOverridden(smgr); // Step 1: - { - // Default policy is to allow Member.PUBLIC; no need to check - // permission if SecurityManager is the default implementation - final int which = Member.PUBLIC; - final Class clazz = refc; - if (overridden) { - // Don't refactor; otherwise break the stack depth for - // checkMemberAccess of subclasses of SecurityManager as specified. - smgr.checkMemberAccess(clazz, which); - } - } - - // Step 2: if (!isFullPowerLookup() || !VerifyAccess.classLoaderIsAncestor(lookupClass, refc)) { ReflectUtil.checkPackageAccess(refc); } - // Step 3: + // Step 2: if (m.isPublic()) return; Class defc = m.getDeclaringClass(); { - // Inline SecurityManager.checkMemberAccess - final int which = Member.DECLARED; - final Class clazz = defc; - if (!overridden) { - if (!isFullPowerLookup()) { - smgr.checkPermission(SecurityConstants.CHECK_MEMBER_ACCESS_PERMISSION); - } - } else { - // Don't refactor; otherwise break the stack depth for - // checkMemberAccess of subclasses of SecurityManager as specified. - smgr.checkMemberAccess(clazz, which); + if (!isFullPowerLookup()) { + smgr.checkPermission(SecurityConstants.CHECK_MEMBER_ACCESS_PERMISSION); } } - // Step 4: + // Step 3: if (defc != refc) { ReflectUtil.checkPackageAccess(defc); } diff --git a/jdk/src/share/classes/java/lang/reflect/Member.java b/jdk/src/share/classes/java/lang/reflect/Member.java index 5d3ab3dd8b3..a539cb54614 100644 --- a/jdk/src/share/classes/java/lang/reflect/Member.java +++ b/jdk/src/share/classes/java/lang/reflect/Member.java @@ -42,14 +42,12 @@ interface Member { /** * Identifies the set of all public members of a class or interface, * including inherited members. - * @see java.lang.SecurityManager#checkMemberAccess */ public static final int PUBLIC = 0; /** * Identifies the set of declared members of a class or interface. * Inherited members are not included. - * @see java.lang.SecurityManager#checkMemberAccess */ public static final int DECLARED = 1; diff --git a/jdk/test/java/lang/invoke/InvokeDynamicPrintArgs.java b/jdk/test/java/lang/invoke/InvokeDynamicPrintArgs.java index a318676ac29..a3f3cd2b69a 100644 --- a/jdk/test/java/lang/invoke/InvokeDynamicPrintArgs.java +++ b/jdk/test/java/lang/invoke/InvokeDynamicPrintArgs.java @@ -22,6 +22,7 @@ */ /* @test + * @bug 7050328 8007035 * @summary smoke test for invokedynamic instructions * @build indify.Indify * @compile InvokeDynamicPrintArgs.java @@ -42,6 +43,7 @@ import java.util.*; import java.io.*; import java.lang.invoke.*; +import java.security.*; import static java.lang.invoke.MethodHandles.*; import static java.lang.invoke.MethodType.*; @@ -62,17 +64,10 @@ public class InvokeDynamicPrintArgs { } private static void checkConstantRefs() throws Throwable { - // check some constant references: + // check some constant references to its self class assertEquals(MT_bsm(), MH_bsm().type()); assertEquals(MT_bsm2(), MH_bsm2().type()); - try { - assertEquals(MT_bsm(), non_MH_bsm().type()); - // if SM is installed, must throw before this point - assertEquals(false, System.getSecurityManager() != null); - } catch (SecurityException ex) { - // if SM is installed, must throw to this point - assertEquals(true, System.getSecurityManager() != null); - } + assertEquals(MT_bsm(), non_MH_bsm().type()); } private static void assertEquals(Object exp, Object act) { if (exp == act || (exp != null && exp.equals(act))) return; @@ -80,21 +75,8 @@ public class InvokeDynamicPrintArgs { } private static void setSM() { - // Test for severe security manager interactions (7050328). - class SM extends SecurityManager { - public void checkPackageAccess(String pkg) { - if (pkg.startsWith("test.")) - throw new SecurityException("checkPackageAccess "+pkg); - } - public void checkMemberAccess(Class clazz, int which) { - if (clazz == InvokeDynamicPrintArgs.class) - throw new SecurityException("checkMemberAccess "+clazz.getName()+" #"+which); - } - // allow these others: - public void checkPermission(java.security.Permission perm) { - } - } - System.setSecurityManager(new SM()); + Policy.setPolicy(new TestPolicy()); + System.setSecurityManager(new SecurityManager()); } private static PrintStream oldOut; @@ -250,4 +232,22 @@ public class InvokeDynamicPrintArgs { if (System.getProperty("InvokeDynamicPrintArgs.allow-untransformed") != null) return; throw new AssertionError("this code should be statically transformed away by Indify"); } + + static class TestPolicy extends Policy { + final PermissionCollection permissions = new Permissions(); + TestPolicy() { + permissions.add(new java.io.FilePermission("<>", "read")); + } + public PermissionCollection getPermissions(ProtectionDomain domain) { + return permissions; + } + + public PermissionCollection getPermissions(CodeSource codesource) { + return permissions; + } + + public boolean implies(ProtectionDomain domain, Permission perm) { + return permissions.implies(perm); + } + } } diff --git a/jdk/test/java/lang/invoke/TestPrivateMember.java b/jdk/test/java/lang/invoke/TestPrivateMember.java new file mode 100644 index 00000000000..f2c0bc160d7 --- /dev/null +++ b/jdk/test/java/lang/invoke/TestPrivateMember.java @@ -0,0 +1,57 @@ +/* + * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +import java.lang.invoke.MethodHandle; +import java.lang.invoke.MethodHandles; +import java.lang.invoke.MethodType; + +/** + * @test + * @bug 8007035 + * @summary Test MethodHandle of a private member + * + * @run main TestPrivateMember + */ + +public class TestPrivateMember { + public static void main(String... args) throws Throwable { + System.setSecurityManager(new SecurityManager()); + TestPrivateMember t = new TestPrivateMember(); + t.test(); + } + + public TestPrivateMember() { + } + + public void test() throws Throwable { + MethodHandles.Lookup lookup = MethodHandles.lookup(); + MethodType mt = MethodType.methodType(void.class); + try { + MethodHandle mh = lookup.findStatic(Class.class, "checkInitted", mt); + throw new RuntimeException("IllegalAccessException not thrown"); + } catch (IllegalAccessException e) { + // okay + System.out.println("Expected exception: " + e.getMessage()); + } + } +}