8344181: Remove SecurityManager and related calls from jdk.management and jdk.management.agent

Reviewed-by: amenkov, cjplummer

src/jdk.management.agent/share/classes/jdk/internal/agent/Agent.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2023, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2024, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -36,8 +36,6 @@ import java.net.InetAddress;
 import java.net.MalformedURLException;
 import java.net.UnknownHostException;
 import java.nio.BufferUnderflowException;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
 import java.text.MessageFormat;
 import java.util.HashMap;
 import java.util.Map;

src/jdk.management.agent/unix/classes/jdk/internal/agent/FileSystemImpl.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2004, 2023, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2004, 2024, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -53,12 +53,6 @@ public class FileSystemImpl extends FileSystem {
     // Initialization
 
     static {
-        java.security.AccessController.doPrivileged(
+        System.loadLibrary("management_agent");
-            new java.security.PrivilegedAction<Void>() {
-                public Void run() {
-                    System.loadLibrary("management_agent");
-                    return null;
-                }
-            });
     }
 }

src/jdk.management.agent/windows/classes/jdk/internal/agent/FileSystemImpl.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2004, 2023, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2004, 2024, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -64,13 +64,7 @@ public class FileSystemImpl extends FileSystem {
     // Initialization
 
     static {
-        java.security.AccessController.doPrivileged(
+        System.loadLibrary("management_agent");
-            new java.security.PrivilegedAction<Void>() {
-                public Void run() {
-                    System.loadLibrary("management_agent");
-                    return null;
-                }
-            });
         init0();
     }
 }

src/jdk.management/share/classes/com/sun/management/internal/DiagnosticCommandImpl.java

@@ -149,13 +149,6 @@ public class DiagnosticCommandImpl extends NotificationEmitterSupport
         }
 
         public String execute(String[] args) {
-            if (permission != null) {
-                @SuppressWarnings("removal")
-                SecurityManager sm = System.getSecurityManager();
-                if (sm != null) {
-                    sm.checkPermission(permission);
-                }
-            }
             if(args == null) {
                 return executeDiagnosticCommand(cmd);
             } else {

src/jdk.management/share/classes/com/sun/management/internal/Flag.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2021, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2024, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -28,7 +28,6 @@ package com.sun.management.internal;
 import java.util.*;
 import com.sun.management.VMOption;
 import com.sun.management.VMOption.Origin;
-import java.security.AccessController;
 
 /**
  * Flag class is a helper class for constructing a VMOption.
@@ -117,13 +116,7 @@ class Flag {
     static synchronized native void setStringValue(String name, String value);
 
     static {
-        AccessController.doPrivileged(
+        System.loadLibrary("management");
-            new java.security.PrivilegedAction<Void>() {
-                public Void run() {
-                    System.loadLibrary("management");
-                    return null;
-                }
-            });
         initialize();
     }
     private static native void initialize();

src/jdk.management/share/classes/com/sun/management/internal/GarbageCollectionNotifInfoCompositeData.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2011, 2021, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2011, 2024, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -33,8 +33,6 @@ import javax.management.openmbean.CompositeDataSupport;
 import javax.management.openmbean.OpenDataException;
 import javax.management.openmbean.OpenType;
 import javax.management.openmbean.SimpleType;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
 import java.lang.reflect.Field;
 import java.util.HashMap;
 import sun.management.LazyCompositeData;
@@ -65,19 +63,17 @@ public class GarbageCollectionNotifInfoCompositeData extends LazyCompositeData {
     }
 
     private CompositeType getCompositeTypeByBuilder() {
-        @SuppressWarnings("removal")
+
-        final GcInfoBuilder builder = AccessController.doPrivileged (new PrivilegedAction<GcInfoBuilder>() {
+        GcInfoBuilder builder = null;
-                public GcInfoBuilder run() {
+        try {
-                    try {
+            Class<?> cl = Class.forName("com.sun.management.GcInfo");
-                        Class<?> cl = Class.forName("com.sun.management.GcInfo");
+            Field f = cl.getDeclaredField("builder");
-                        Field f = cl.getDeclaredField("builder");
+            f.setAccessible(true);
-                        f.setAccessible(true);
+            builder = (GcInfoBuilder) f.get(gcNotifInfo.getGcInfo());
-                        return (GcInfoBuilder)f.get(gcNotifInfo.getGcInfo());
+        } catch (ClassNotFoundException | NoSuchFieldException | IllegalAccessException e) {
-                    } catch(ClassNotFoundException | NoSuchFieldException | IllegalAccessException e) {
+            // ignore
-                        return null;
+        }
-                    }
+
-                }
-            });
         CompositeType gict = null;
         synchronized(compositeTypeByBuilder) {
             gict = compositeTypeByBuilder.get(builder);

src/jdk.management/share/classes/com/sun/management/internal/GcInfoCompositeData.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2004, 2021, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2004, 2024, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -38,8 +38,6 @@ import javax.management.openmbean.SimpleType;
 import javax.management.openmbean.OpenType;
 import javax.management.openmbean.OpenDataException;
 import com.sun.management.GcInfo;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
 import sun.management.LazyCompositeData;
 import static sun.management.LazyCompositeData.getLong;
 import sun.management.MappedMXBeanType;
@@ -71,32 +69,24 @@ public class GcInfoCompositeData extends LazyCompositeData {
     }
 
     public static CompositeData toCompositeData(final GcInfo info) {
-        @SuppressWarnings("removal")
+        GcInfoBuilder builder = null;
-        final GcInfoBuilder builder = AccessController.doPrivileged (new PrivilegedAction<GcInfoBuilder>() {
+        try {
-                        public GcInfoBuilder run() {
+            Class<?> cl = Class.forName("com.sun.management.GcInfo");
-                            try {
+            Field f = cl.getDeclaredField("builder");
-                                Class<?> cl = Class.forName("com.sun.management.GcInfo");
+            f.setAccessible(true);
-                                Field f = cl.getDeclaredField("builder");
+            builder = (GcInfoBuilder)f.get(info);
-                                f.setAccessible(true);
+        } catch(ClassNotFoundException | NoSuchFieldException | IllegalAccessException e) {
-                                return (GcInfoBuilder)f.get(info);
+            // ignore
-                            } catch(ClassNotFoundException | NoSuchFieldException | IllegalAccessException e) {
+        }
-                                return null;
+        Object[] extAttr = null;
-                            }
+        try {
-                        }
+            Class<?> cl = Class.forName("com.sun.management.GcInfo");
-                    });
+            Field f = cl.getDeclaredField("extAttributes");
-        @SuppressWarnings("removal")
+            f.setAccessible(true);
-        final Object[] extAttr = AccessController.doPrivileged (new PrivilegedAction<Object[]>() {
+            extAttr = (Object[])f.get(info);
-                        public Object[] run() {
+        } catch(ClassNotFoundException | NoSuchFieldException | IllegalAccessException e) {
-                            try {
+            // ignore
-                                Class<?> cl = Class.forName("com.sun.management.GcInfo");
+        }
-                                Field f = cl.getDeclaredField("extAttributes");
-                                f.setAccessible(true);
-                                return (Object[])f.get(info);
-                            } catch(ClassNotFoundException | NoSuchFieldException | IllegalAccessException e) {
-                                return null;
-                            }
-                        }
-                    });
         GcInfoCompositeData gcicd =
             new GcInfoCompositeData(info,builder,extAttr);
         return gcicd.getCompositeData();

src/jdk.management/share/classes/com/sun/management/internal/HotSpotDiagnostic.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2022, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2024, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -29,10 +29,6 @@ import java.io.OutputStream;
 import java.nio.file.Files;
 import java.nio.file.Path;
 import java.nio.file.StandardOpenOption;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
-import java.security.PrivilegedActionException;
-import java.security.PrivilegedExceptionAction;
 import java.util.ArrayList;
 import java.util.List;
 import javax.management.ObjectName;
@@ -53,20 +49,11 @@ public class HotSpotDiagnostic implements HotSpotDiagnosticMXBean {
     public void dumpHeap(String outputFile, boolean live) throws IOException {
 
         String propertyName = "jdk.management.heapdump.allowAnyFileSuffix";
-        PrivilegedAction<Boolean> pa = () -> Boolean.parseBoolean(System.getProperty(propertyName, "false"));
+        boolean allowAnyFileSuffix = Boolean.getBoolean(propertyName);
-        @SuppressWarnings("removal")
-        boolean allowAnyFileSuffix = AccessController.doPrivileged(pa);
         if (!allowAnyFileSuffix && !outputFile.endsWith(".hprof")) {
             throw new IllegalArgumentException("heapdump file must have .hprof extension");
         }
 
-        @SuppressWarnings("removal")
-        SecurityManager security = System.getSecurityManager();
-        if (security != null) {
-            security.checkWrite(outputFile);
-            Util.checkControlAccess();
-        }
-
         dumpHeap0(outputFile, live);
     }
 
@@ -107,7 +94,6 @@ public class HotSpotDiagnostic implements HotSpotDiagnosticMXBean {
             throw new NullPointerException("value cannot be null");
         }
 
-        Util.checkControlAccess();
         Flag flag = Flag.getFlag(name);
         if (flag == null) {
             throw new IllegalArgumentException("VM option \"" +
@@ -161,33 +147,13 @@ public class HotSpotDiagnostic implements HotSpotDiagnosticMXBean {
     }
 
     @Override
-    @SuppressWarnings("removal")
     public void dumpThreads(String outputFile, ThreadDumpFormat format) throws IOException {
         Path file = Path.of(outputFile);
         if (!file.isAbsolute())
             throw new IllegalArgumentException("'outputFile' not absolute path");
 
-        // need ManagementPermission("control")
-        @SuppressWarnings("removal")
-        SecurityManager sm = System.getSecurityManager();
-        if (sm != null)
-            Util.checkControlAccess();
-
         try (OutputStream out = Files.newOutputStream(file, StandardOpenOption.CREATE_NEW)) {
-            PrivilegedExceptionAction<Void> pa = () -> {
                 dumpThreads(out, format);
-                return null;
-            };
-            try {
-                AccessController.doPrivileged(pa);
-            } catch (PrivilegedActionException pae) {
-                Throwable cause = pae.getCause();
-                if (cause instanceof IOException ioe)
-                    throw ioe;
-                if (cause instanceof RuntimeException e)
-                    throw e;
-                throw new RuntimeException(cause);
-            }
         }
     }
 

src/jdk.management/share/classes/com/sun/management/internal/PlatformMBeanProviderImpl.java

@@ -30,8 +30,6 @@ import com.sun.management.ThreadMXBean;
 import java.lang.management.ManagementFactory;
 import java.lang.management.MemoryManagerMXBean;
 import java.lang.management.OperatingSystemMXBean;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.HashMap;
@@ -55,10 +53,7 @@ public final class PlatformMBeanProviderImpl extends PlatformMBeanProvider {
     private static OperatingSystemMXBean osMBean = null;
 
     static {
-       AccessController.doPrivileged((PrivilegedAction<Void>) () -> {
+       System.loadLibrary("management_ext");
-           System.loadLibrary("management_ext");
-           return null;
-       });
     }
 
     public PlatformMBeanProviderImpl() {

src/jdk.management/share/classes/com/sun/management/internal/VirtualThreadSchedulerImpls.java

@@ -55,14 +55,6 @@ public class VirtualThreadSchedulerImpls {
     private abstract static class BaseVirtualThreadSchedulerImpl
             implements VirtualThreadSchedulerMXBean {
 
-        abstract void implSetParallelism(int size);
-
-        @Override
-        public final void setParallelism(int size) {
-            Util.checkControlAccess();
-            implSetParallelism(size);
-        }
-
         @Override
         public final ObjectName getObjectName() {
             return Util.newObjectName("jdk.management:type=VirtualThreadScheduler");
@@ -114,7 +106,7 @@ public class VirtualThreadSchedulerImpls {
         }
 
         @Override
-        void implSetParallelism(int size) {
+        public void setParallelism(int size) {
             if (Scheduler.instance() instanceof ForkJoinPool pool) {
                 pool.setParallelism(size);
                 if (pool.getPoolSize() < size) {
@@ -163,7 +155,7 @@ public class VirtualThreadSchedulerImpls {
         }
 
         @Override
-        void implSetParallelism(int size) {
+        public void setParallelism(int size) {
             throw new UnsupportedOperationException();
         }
 
@@ -182,4 +174,5 @@ public class VirtualThreadSchedulerImpls {
             return -1L;
         }
     }
-}
+}
+