From d85dd77edf18c6efd3a7438c0595cd729af2f863 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Eirik=20Bj=C3=B8rsn=C3=B8s?= Date: Tue, 19 Nov 2024 05:43:22 +0000 Subject: [PATCH] 8344365: SecurityManager cleanups in java.sql and java.sql.rowset modules Reviewed-by: rriggs, bchristi --- .../com/sun/rowset/CachedRowSetImpl.java | 20 +-- .../rowset/internal/CachedRowSetWriter.java | 4 +- .../javax/sql/rowset/RowSetProvider.java | 63 ++------ .../javax/sql/rowset/serial/SQLInputImpl.java | 4 +- .../sql/rowset/serial/SerialJavaObject.java | 17 -- .../javax/sql/rowset/spi/SyncFactory.java | 88 ++-------- .../share/classes/java/sql/DriverManager.java | 93 +++-------- test/jdk/java/sql/testng/util/TestPolicy.java | 150 ------------------ .../reflect/CallerSensitive/CheckCSMs.java | 8 +- 9 files changed, 52 insertions(+), 395 deletions(-) delete mode 100644 test/jdk/java/sql/testng/util/TestPolicy.java diff --git a/src/java.sql.rowset/share/classes/com/sun/rowset/CachedRowSetImpl.java b/src/java.sql.rowset/share/classes/com/sun/rowset/CachedRowSetImpl.java index 736431df313..f5bf8df6a4a 100644 --- a/src/java.sql.rowset/share/classes/com/sun/rowset/CachedRowSetImpl.java +++ b/src/java.sql.rowset/share/classes/com/sun/rowset/CachedRowSetImpl.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2022, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2024, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -31,16 +31,12 @@ import java.io.*; import java.math.*; import java.util.*; import java.text.*; -import java.security.AccessController; -import java.security.PrivilegedActionException; -import java.security.PrivilegedExceptionAction; import javax.sql.rowset.*; import javax.sql.rowset.spi.*; import javax.sql.rowset.serial.*; import com.sun.rowset.internal.*; import com.sun.rowset.providers.*; -import sun.reflect.misc.ReflectUtil; import static java.nio.charset.StandardCharsets.US_ASCII; @@ -357,7 +353,6 @@ public class CachedRowSetImpl extends BaseRowSet implements RowSet, RowSetIntern *

* @throws SQLException if an error occurs */ - @SuppressWarnings("removal") public CachedRowSetImpl() throws SQLException { try { @@ -367,16 +362,7 @@ public class CachedRowSetImpl extends BaseRowSet implements RowSet, RowSetIntern } // set the Reader, this maybe overridden latter - try { - provider = AccessController.doPrivileged(new PrivilegedExceptionAction<>() { - @Override - public SyncProvider run() throws SyncFactoryException { - return SyncFactory.getInstance(DEFAULT_SYNC_PROVIDER); - } - }, null, new RuntimePermission("accessClassInPackage.com.sun.rowset.providers")); - } catch (PrivilegedActionException pae) { - throw (SyncFactoryException) pae.getException(); - } + provider = SyncFactory.getInstance(DEFAULT_SYNC_PROVIDER); if (!(provider instanceof RIOptimisticProvider)) { throw new SQLException(resBundle.handleGetObject("cachedrowsetimpl.invalidp").toString()); @@ -2976,7 +2962,6 @@ public class CachedRowSetImpl extends BaseRowSet implements RowSet, RowSetIntern // create new instance of the class SQLData obj = null; try { - ReflectUtil.checkPackageAccess(c); @SuppressWarnings("deprecation") Object tmp = c.newInstance(); obj = (SQLData) tmp; @@ -5726,7 +5711,6 @@ public class CachedRowSetImpl extends BaseRowSet implements RowSet, RowSetIntern // create new instance of the class SQLData obj = null; try { - ReflectUtil.checkPackageAccess(c); @SuppressWarnings("deprecation") Object tmp = c.newInstance(); obj = (SQLData) tmp; diff --git a/src/java.sql.rowset/share/classes/com/sun/rowset/internal/CachedRowSetWriter.java b/src/java.sql.rowset/share/classes/com/sun/rowset/internal/CachedRowSetWriter.java index 6e4d3671651..56f0d30c6df 100644 --- a/src/java.sql.rowset/share/classes/com/sun/rowset/internal/CachedRowSetWriter.java +++ b/src/java.sql.rowset/share/classes/com/sun/rowset/internal/CachedRowSetWriter.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2022, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2024, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -29,7 +29,6 @@ import java.sql.*; import javax.sql.*; import java.util.*; import java.io.*; -import sun.reflect.misc.ReflectUtil; import com.sun.rowset.*; import java.text.MessageFormat; @@ -575,7 +574,6 @@ public class CachedRowSetWriter implements TransactionalWriter, Serializable { // create new instance of the class SQLData obj = null; try { - ReflectUtil.checkPackageAccess(c); @SuppressWarnings("deprecation") Object tmp = c.newInstance(); obj = (SQLData)tmp; diff --git a/src/java.sql.rowset/share/classes/javax/sql/rowset/RowSetProvider.java b/src/java.sql.rowset/share/classes/javax/sql/rowset/RowSetProvider.java index f69ece6e469..37558222d9c 100644 --- a/src/java.sql.rowset/share/classes/javax/sql/rowset/RowSetProvider.java +++ b/src/java.sql.rowset/share/classes/javax/sql/rowset/RowSetProvider.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010, 2021, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2010, 2024, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,13 +25,9 @@ package javax.sql.rowset; -import java.security.AccessController; -import java.security.PrivilegedAction; import java.sql.SQLException; -import java.util.PropertyPermission; import java.util.ServiceConfigurationError; import java.util.ServiceLoader; -import sun.reflect.misc.ReflectUtil; /** * A factory API that enables applications to obtain a @@ -68,7 +64,7 @@ public class RowSetProvider { static { // Check to see if the debug property is set - String val = getSystemProperty(ROWSET_DEBUG_PROPERTY); + String val = System.getProperty(ROWSET_DEBUG_PROPERTY); // Allow simply setting the prop to turn on debug debug = val != null && !"false".equals(val); } @@ -128,7 +124,8 @@ public class RowSetProvider { String factoryClassName = null; try { trace("Checking for Rowset System Property..."); - factoryClassName = getSystemProperty(ROWSET_FACTORY_NAME); + + factoryClassName = System.getProperty(ROWSET_FACTORY_NAME); if (factoryClassName != null) { trace("Found system property, value=" + factoryClassName); if (factoryClassName.equals(ROWSET_FACTORY_IMPL)) { @@ -193,11 +190,6 @@ public class RowSetProvider { if(factoryClassName == null) { throw new SQLException("Error: factoryClassName cannot be null"); } - try { - ReflectUtil.checkPackageAccess(factoryClassName); - } catch (@SuppressWarnings("removal") java.security.AccessControlException e) { - throw new SQLException("Access Exception",e); - } try { // getFactoryClass takes care of adding the read edge if @@ -225,22 +217,14 @@ public class RowSetProvider { * @return The ClassLoader to use. * */ - @SuppressWarnings("removal") - private static ClassLoader getContextClassLoader() throws SecurityException { - return AccessController.doPrivileged(new PrivilegedAction() { + private static ClassLoader getContextClassLoader() { + ClassLoader cl = Thread.currentThread().getContextClassLoader(); - public ClassLoader run() { - ClassLoader cl = null; + if (cl == null) { + cl = ClassLoader.getSystemClassLoader(); + } - cl = Thread.currentThread().getContextClassLoader(); - - if (cl == null) { - cl = ClassLoader.getSystemClassLoader(); - } - - return cl; - } - }); + return cl; } /** @@ -276,7 +260,6 @@ public class RowSetProvider { } } - ReflectUtil.checkPackageAccess(factoryClass); return factoryClass; } @@ -302,32 +285,6 @@ public class RowSetProvider { } - /** - * Returns the requested System Property. If a {@code SecurityException} - * occurs, just return NULL - * @param propName - System property to retrieve - * @return The System property value or NULL if the property does not exist - * or a {@code SecurityException} occurs. - */ - @SuppressWarnings("removal") - private static String getSystemProperty(final String propName) { - String property = null; - try { - property = AccessController.doPrivileged(new PrivilegedAction() { - - public String run() { - return System.getProperty(propName); - } - }, null, new PropertyPermission(propName, "read")); - } catch (SecurityException se) { - trace("error getting " + propName + ": "+ se); - if (debug) { - se.printStackTrace(); - } - } - return property; - } - /** * Debug routine which will output tracing if the System Property * -Djavax.sql.rowset.RowSetFactory.debug is set diff --git a/src/java.sql.rowset/share/classes/javax/sql/rowset/serial/SQLInputImpl.java b/src/java.sql.rowset/share/classes/javax/sql/rowset/serial/SQLInputImpl.java index 421d4943763..d2daa565baa 100644 --- a/src/java.sql.rowset/share/classes/javax/sql/rowset/serial/SQLInputImpl.java +++ b/src/java.sql.rowset/share/classes/javax/sql/rowset/serial/SQLInputImpl.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2024, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -27,7 +27,6 @@ package javax.sql.rowset.serial; import java.sql.*; import java.util.Arrays; import java.util.Map; -import sun.reflect.misc.ReflectUtil; /** * An input stream used for custom mapping user-defined types (UDTs). @@ -477,7 +476,6 @@ public class SQLInputImpl implements SQLInput { // create new instance of the class SQLData obj = null; try { - ReflectUtil.checkPackageAccess(c); @SuppressWarnings("deprecation") Object tmp = c.newInstance(); obj = (SQLData)tmp; diff --git a/src/java.sql.rowset/share/classes/javax/sql/rowset/serial/SerialJavaObject.java b/src/java.sql.rowset/share/classes/javax/sql/rowset/serial/SerialJavaObject.java index 00284c5ce51..154c95bc1c4 100644 --- a/src/java.sql.rowset/share/classes/javax/sql/rowset/serial/SerialJavaObject.java +++ b/src/java.sql.rowset/share/classes/javax/sql/rowset/serial/SerialJavaObject.java @@ -30,9 +30,6 @@ import java.lang.reflect.*; import java.util.Arrays; import java.util.Vector; import javax.sql.rowset.RowSetWarning; -import jdk.internal.reflect.CallerSensitive; -import jdk.internal.reflect.Reflection; -import sun.reflect.misc.ReflectUtil; /** * A serializable mapping in the Java programming language of an SQL @@ -125,23 +122,9 @@ public class SerialJavaObject implements Serializable, Cloneable { * the serialized object * @see Class#getFields */ - @CallerSensitive public Field[] getFields() throws SerialException { if (fields != null) { Class c = this.obj.getClass(); - @SuppressWarnings("removal") - SecurityManager sm = System.getSecurityManager(); - if (sm != null) { - /* - * Check if the caller is allowed to access the specified class's package. - * If access is denied, throw a SecurityException. - */ - Class caller = Reflection.getCallerClass(); - if (ReflectUtil.needsPackageAccessCheck(caller.getClassLoader(), - c.getClassLoader())) { - ReflectUtil.checkPackageAccess(c); - } - } return c.getFields(); } else { throw new SerialException("SerialJavaObject does not contain" + diff --git a/src/java.sql.rowset/share/classes/javax/sql/rowset/spi/SyncFactory.java b/src/java.sql.rowset/share/classes/javax/sql/rowset/spi/SyncFactory.java index 90dea7760fb..9cc7a5b2da8 100644 --- a/src/java.sql.rowset/share/classes/javax/sql/rowset/spi/SyncFactory.java +++ b/src/java.sql.rowset/share/classes/javax/sql/rowset/spi/SyncFactory.java @@ -35,13 +35,8 @@ import java.io.FileInputStream; import java.io.InputStream; import java.io.IOException; import java.io.FileNotFoundException; -import java.security.AccessController; -import java.security.PrivilegedAction; -import java.security.PrivilegedActionException; -import java.security.PrivilegedExceptionAction; import javax.naming.*; -import sun.reflect.misc.ReflectUtil; /** * The Service Provider Interface (SPI) mechanism that generates SyncProvider @@ -236,11 +231,6 @@ public class SyncFactory { */ private static String ROWSET_PROPERTIES = "rowset.properties"; - /** - * Permission required to invoke setJNDIContext and setLogger - */ - private static final SQLPermission SET_SYNCFACTORY_PERMISSION = - new SQLPermission("setSyncFactory"); /** * The initial JNDI context where SyncProvider implementations can * be stored and from which they can be invoked. @@ -355,17 +345,7 @@ public class SyncFactory { /* * Dependent on application */ - String strRowsetProperties; - try { - strRowsetProperties = AccessController.doPrivileged(new PrivilegedAction() { - public String run() { - return System.getProperty("rowset.properties"); - } - }, null, new PropertyPermission("rowset.properties", "read")); - } catch (Exception ex) { - System.out.println("errorget rowset.properties: " + ex); - strRowsetProperties = null; - }; + String strRowsetProperties = System.getProperty("rowset.properties"); if (strRowsetProperties != null) { // Load user's implementation of SyncProvider @@ -385,25 +365,17 @@ public class SyncFactory { "rowset.properties"; try { - AccessController.doPrivileged((PrivilegedExceptionAction) () -> { - InputStream in = SyncFactory.class.getModule().getResourceAsStream(ROWSET_PROPERTIES); - if (in == null) { - throw new SyncFactoryException("Resource " + ROWSET_PROPERTIES + " not found"); - } - try (in) { - properties.load(in); - } - return null; - }); - } catch (PrivilegedActionException ex) { - Throwable e = ex.getException(); - if (e instanceof SyncFactoryException) { - throw (SyncFactoryException) e; - } else { - SyncFactoryException sfe = new SyncFactoryException(); - sfe.initCause(ex.getException()); - throw sfe; + InputStream in = SyncFactory.class.getModule().getResourceAsStream(ROWSET_PROPERTIES); + if (in == null) { + throw new SyncFactoryException("Resource " + ROWSET_PROPERTIES + " not found"); } + try (in) { + properties.load(in); + } + } catch (IOException e) { + SyncFactoryException sfe = new SyncFactoryException(); + sfe.initCause(e); + throw sfe; } parseProperties(properties); @@ -421,17 +393,7 @@ public class SyncFactory { * load additional properties from -D command line */ properties.clear(); - String providerImpls; - try { - providerImpls = AccessController.doPrivileged(new PrivilegedAction() { - public String run() { - return System.getProperty(ROWSET_SYNC_PROVIDER); - } - }, null, new PropertyPermission(ROWSET_SYNC_PROVIDER, "read")); - } catch (Exception ex) { - providerImpls = null; - } - + String providerImpls = System.getProperty(ROWSET_SYNC_PROVIDER); if (providerImpls != null) { int i = 0; if (providerImpls.indexOf(colon) > 0) { @@ -563,14 +525,6 @@ public class SyncFactory { return new com.sun.rowset.providers.RIOptimisticProvider(); } - try { - ReflectUtil.checkPackageAccess(providerID); - } catch (@SuppressWarnings("removal") java.security.AccessControlException e) { - SyncFactoryException sfe = new SyncFactoryException(); - sfe.initCause(e); - throw sfe; - } - // Attempt to invoke classname from registered SyncProvider list Class c = null; try { @@ -626,12 +580,6 @@ public class SyncFactory { */ public static void setLogger(Logger logger) { - @SuppressWarnings("removal") - SecurityManager sec = System.getSecurityManager(); - if (sec != null) { - sec.checkPermission(SET_SYNCFACTORY_PERMISSION); - } - if(logger == null){ throw new NullPointerException("You must provide a Logger"); } @@ -652,12 +600,6 @@ public class SyncFactory { */ public static void setLogger(Logger logger, Level level) { // singleton - @SuppressWarnings("removal") - SecurityManager sec = System.getSecurityManager(); - if (sec != null) { - sec.checkPermission(SET_SYNCFACTORY_PERMISSION); - } - if(logger == null){ throw new NullPointerException("You must provide a Logger"); } @@ -692,11 +634,7 @@ public class SyncFactory { */ public static synchronized void setJNDIContext(javax.naming.Context ctx) throws SyncFactoryException { - @SuppressWarnings("removal") - SecurityManager sec = System.getSecurityManager(); - if (sec != null) { - sec.checkPermission(SET_SYNCFACTORY_PERMISSION); - } + if (ctx == null) { throw new SyncFactoryException("Invalid JNDI context supplied"); } diff --git a/src/java.sql/share/classes/java/sql/DriverManager.java b/src/java.sql/share/classes/java/sql/DriverManager.java index 918d0692a1a..7620a11e6fd 100644 --- a/src/java.sql/share/classes/java/sql/DriverManager.java +++ b/src/java.sql/share/classes/java/sql/DriverManager.java @@ -31,8 +31,6 @@ import java.util.Enumeration; import java.util.Iterator; import java.util.List; import java.util.ServiceLoader; -import java.security.AccessController; -import java.security.PrivilegedAction; import java.util.concurrent.CopyOnWriteArrayList; import java.util.stream.Stream; @@ -98,22 +96,6 @@ public class DriverManager { /* Prevent the DriverManager class from being instantiated. */ private DriverManager(){} - /** - * The {@code SQLPermission} constant that allows the - * setting of the logging stream. - * @since 1.3 - */ - static final SQLPermission SET_LOG_PERMISSION = - new SQLPermission("setLog"); - - /** - * The {@code SQLPermission} constant that allows the - * un-register a registered JDBC driver. - * @since 1.8 - */ - static final SQLPermission DEREGISTER_DRIVER_PERMISSION = - new SQLPermission("deregisterDriver"); - //--------------------------JDBC 2.0----------------------------- /** @@ -140,14 +122,8 @@ public class DriverManager { * @since 1.2 */ public static void setLogWriter(java.io.PrintWriter out) { - - @SuppressWarnings("removal") - SecurityManager sec = System.getSecurityManager(); - if (sec != null) { - sec.checkPermission(SET_LOG_PERMISSION); - } - logStream = null; - logWriter = out; + logStream = null; + logWriter = out; } @@ -367,12 +343,6 @@ public class DriverManager { return; } - @SuppressWarnings("removal") - SecurityManager sec = System.getSecurityManager(); - if (sec != null) { - sec.checkPermission(DEREGISTER_DRIVER_PERMISSION); - } - println("DriverManager.deregisterDriver: " + driver); DriverInfo aDriver = new DriverInfo(driver, null); @@ -477,13 +447,6 @@ public class DriverManager { */ @Deprecated(since="1.2") public static void setLogStream(java.io.PrintStream out) { - - @SuppressWarnings("removal") - SecurityManager sec = System.getSecurityManager(); - if (sec != null) { - sec.checkPermission(SET_LOG_PERMISSION); - } - logStream = out; if ( out != null ) logWriter = new java.io.PrintWriter(out); @@ -549,7 +512,6 @@ public class DriverManager { * Load the initial JDBC drivers by checking the System property * jdbc.drivers and then use the {@code ServiceLoader} mechanism */ - @SuppressWarnings("removal") private static void ensureDriversInitialized() { if (driversInitialized) { return; @@ -561,11 +523,7 @@ public class DriverManager { } String drivers; try { - drivers = AccessController.doPrivileged(new PrivilegedAction() { - public String run() { - return System.getProperty(JDBC_DRIVERS_PROPERTY); - } - }); + drivers = System.getProperty(JDBC_DRIVERS_PROPERTY); } catch (Exception ex) { drivers = null; } @@ -574,34 +532,29 @@ public class DriverManager { // exposed as a java.sql.Driver.class service. // ServiceLoader.load() replaces the sun.misc.Providers() - AccessController.doPrivileged(new PrivilegedAction() { - public Void run() { - ServiceLoader loadedDrivers = ServiceLoader.load(Driver.class); - Iterator driversIterator = loadedDrivers.iterator(); + ServiceLoader loadedDrivers = ServiceLoader.load(Driver.class); + Iterator driversIterator = loadedDrivers.iterator(); - /* Load these drivers, so that they can be instantiated. - * It may be the case that the driver class may not be there - * i.e. there may be a packaged driver with the service class - * as implementation of java.sql.Driver but the actual class - * may be missing. In that case a java.util.ServiceConfigurationError - * will be thrown at runtime by the VM trying to locate - * and load the service. - * - * Adding a try catch block to catch those runtime errors - * if driver not available in classpath but it's - * packaged as service and that service is there in classpath. - */ - try { - while (driversIterator.hasNext()) { - driversIterator.next(); - } - } catch (Throwable t) { - // Do nothing - } - return null; + /* Load these drivers, so that they can be instantiated. + * It may be the case that the driver class may not be there + * i.e. there may be a packaged driver with the service class + * as implementation of java.sql.Driver but the actual class + * may be missing. In that case a java.util.ServiceConfigurationError + * will be thrown at runtime by the VM trying to locate + * and load the service. + * + * Adding a try catch block to catch those runtime errors + * if driver not available in classpath but it's + * packaged as service and that service is there in classpath. + */ + try { + while (driversIterator.hasNext()) { + driversIterator.next(); } - }); + } catch (Throwable t) { + // Do nothing + } println("DriverManager.initialize: jdbc.drivers = " + drivers); diff --git a/test/jdk/java/sql/testng/util/TestPolicy.java b/test/jdk/java/sql/testng/util/TestPolicy.java deleted file mode 100644 index 013dfad563c..00000000000 --- a/test/jdk/java/sql/testng/util/TestPolicy.java +++ /dev/null @@ -1,150 +0,0 @@ -/* - * Copyright (c) 2014, 2021, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ -package util; - -import java.io.FilePermission; -import java.lang.reflect.ReflectPermission; -import java.security.AllPermission; -import java.security.CodeSource; -import java.security.Permission; -import java.security.PermissionCollection; -import java.security.Permissions; -import java.security.Policy; -import java.security.ProtectionDomain; -import java.security.SecurityPermission; -import java.sql.SQLPermission; -import java.util.Enumeration; -import java.util.PropertyPermission; -import java.util.StringJoiner; -import java.util.logging.LoggingPermission; - -/* - * Simple Policy class that supports the required Permissions to validate the - * JDBC concrete classes - */ -public class TestPolicy extends Policy { - static final Policy DEFAULT_POLICY = Policy.getPolicy(); - - final PermissionCollection permissions = new Permissions(); - - /** - * Constructor which sets the minimum permissions allowing testNG to work - * with a SecurityManager - */ - public TestPolicy() { - setMinimalPermissions(); - } - - /* - * Constructor which determines which permissions are defined for this - * Policy used by the JDBC tests Possible values are: all (ALLPermissions), - * setLog (SQLPemission("setLog"), deregisterDriver - * (SQLPermission("deregisterDriver") (SQLPermission("deregisterDriver"), - * setSyncFactory(SQLPermission(setSyncFactory), and also - * LoggerPermission("control", null) when setting a Level - * - * @param policy Permissions to set - */ - public TestPolicy(String policy) { - - switch (policy) { - case "all": - permissions.add(new AllPermission()); - break; - case "setLog": - setMinimalPermissions(); - permissions.add(new SQLPermission("setLog")); - break; - case "deregisterDriver": - setMinimalPermissions(); - permissions.add(new SQLPermission("deregisterDriver")); - break; - case "setSyncFactory": - setMinimalPermissions(); - permissions.add(new SQLPermission("setSyncFactory")); - break; - case "setSyncFactoryLogger": - setMinimalPermissions(); - permissions.add(new SQLPermission("setSyncFactory")); - permissions.add(new LoggingPermission("control", null)); - break; - default: - setMinimalPermissions(); - } - } - - /* - * Defines the minimal permissions required by testNG when running these - * tests - */ - private void setMinimalPermissions() { - permissions.add(new SecurityPermission("getPolicy")); - permissions.add(new SecurityPermission("setPolicy")); - permissions.add(new RuntimePermission("getClassLoader")); - permissions.add(new RuntimePermission("setSecurityManager")); - permissions.add(new RuntimePermission("createSecurityManager")); - permissions.add(new PropertyPermission("line.separator", "read")); - permissions.add(new PropertyPermission("fileStringBuffer", "read")); - permissions.add(new PropertyPermission("dataproviderthreadcount", "read")); - permissions.add(new PropertyPermission("java.io.tmpdir", "read")); - permissions.add(new PropertyPermission("testng.show.stack.frames", - "read")); - permissions.add(new PropertyPermission("testng.thread.affinity", "read")); - permissions.add(new PropertyPermission("testng.memory.friendly", "read")); - permissions.add(new PropertyPermission("testng.mode.dryrun", "read")); - permissions.add(new PropertyPermission("testng.report.xml.name", "read")); - permissions.add(new PropertyPermission("testng.timezone", "read")); - permissions.add(new ReflectPermission("suppressAccessChecks")); - permissions.add(new FilePermission("<>", - "read, write, delete")); - } - - /* - * Overloaded methods from the Policy class - */ - @Override - public String toString() { - StringJoiner sj = new StringJoiner("\n", "policy: ", ""); - Enumeration perms = permissions.elements(); - while (perms.hasMoreElements()) { - sj.add(perms.nextElement().toString()); - } - return sj.toString(); - - } - - @Override - public PermissionCollection getPermissions(ProtectionDomain domain) { - return permissions; - } - - @Override - public PermissionCollection getPermissions(CodeSource codesource) { - return permissions; - } - - @Override - public boolean implies(ProtectionDomain domain, Permission perm) { - return permissions.implies(perm) || DEFAULT_POLICY.implies(domain, perm); - } -} diff --git a/test/jdk/jdk/internal/reflect/CallerSensitive/CheckCSMs.java b/test/jdk/jdk/internal/reflect/CallerSensitive/CheckCSMs.java index 6b63ce122a3..83841fe104b 100644 --- a/test/jdk/jdk/internal/reflect/CallerSensitive/CheckCSMs.java +++ b/test/jdk/jdk/internal/reflect/CallerSensitive/CheckCSMs.java @@ -71,16 +71,12 @@ public class CheckCSMs { // over time. Do not add any new one to this list. private static final Set KNOWN_NON_FINAL_CSMS = Set.of("java/lang/Runtime#load (Ljava/lang/String;)V", - "java/lang/Runtime#loadLibrary (Ljava/lang/String;)V", - "javax/sql/rowset/serial/SerialJavaObject#getFields ()[Ljava/lang/reflect/Field;" + "java/lang/Runtime#loadLibrary (Ljava/lang/String;)V" ); // These non-static non-final methods must not have @CallerSensitiveAdapter // methods that takes an additional caller class parameter. - private static Set UNSUPPORTED_VIRTUAL_METHODS = - Set.of("java/io/ObjectStreamField#getType (Ljava/lang/Class;)Ljava/lang/Class;", - "javax/sql/rowset/serial/SerialJavaObject#getFields (Ljava/lang/Class;)[Ljava/lang/reflect/Field;" - ); + private static Set UNSUPPORTED_VIRTUAL_METHODS = Set.of(); public static void main(String[] args) throws Exception { if (args.length > 0 && args[0].equals("--list")) {