8344181: Remove SecurityManager and related calls from jdk.management and jdk.management.agent
Reviewed-by: amenkov, cjplummer
This commit is contained in:
parent
cb1c73663e
commit
e29b0edc97
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright (c) 2003, 2023, Oracle and/or its affiliates. All rights reserved.
|
||||
* Copyright (c) 2003, 2024, Oracle and/or its affiliates. All rights reserved.
|
||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||
*
|
||||
* This code is free software; you can redistribute it and/or modify it
|
||||
@ -36,8 +36,6 @@ import java.net.InetAddress;
|
||||
import java.net.MalformedURLException;
|
||||
import java.net.UnknownHostException;
|
||||
import java.nio.BufferUnderflowException;
|
||||
import java.security.AccessController;
|
||||
import java.security.PrivilegedAction;
|
||||
import java.text.MessageFormat;
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright (c) 2004, 2023, Oracle and/or its affiliates. All rights reserved.
|
||||
* Copyright (c) 2004, 2024, Oracle and/or its affiliates. All rights reserved.
|
||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||
*
|
||||
* This code is free software; you can redistribute it and/or modify it
|
||||
@ -53,12 +53,6 @@ public class FileSystemImpl extends FileSystem {
|
||||
// Initialization
|
||||
|
||||
static {
|
||||
java.security.AccessController.doPrivileged(
|
||||
new java.security.PrivilegedAction<Void>() {
|
||||
public Void run() {
|
||||
System.loadLibrary("management_agent");
|
||||
return null;
|
||||
}
|
||||
});
|
||||
}
|
||||
}
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright (c) 2004, 2023, Oracle and/or its affiliates. All rights reserved.
|
||||
* Copyright (c) 2004, 2024, Oracle and/or its affiliates. All rights reserved.
|
||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||
*
|
||||
* This code is free software; you can redistribute it and/or modify it
|
||||
@ -64,13 +64,7 @@ public class FileSystemImpl extends FileSystem {
|
||||
// Initialization
|
||||
|
||||
static {
|
||||
java.security.AccessController.doPrivileged(
|
||||
new java.security.PrivilegedAction<Void>() {
|
||||
public Void run() {
|
||||
System.loadLibrary("management_agent");
|
||||
return null;
|
||||
}
|
||||
});
|
||||
init0();
|
||||
}
|
||||
}
|
||||
|
@ -149,13 +149,6 @@ public class DiagnosticCommandImpl extends NotificationEmitterSupport
|
||||
}
|
||||
|
||||
public String execute(String[] args) {
|
||||
if (permission != null) {
|
||||
@SuppressWarnings("removal")
|
||||
SecurityManager sm = System.getSecurityManager();
|
||||
if (sm != null) {
|
||||
sm.checkPermission(permission);
|
||||
}
|
||||
}
|
||||
if(args == null) {
|
||||
return executeDiagnosticCommand(cmd);
|
||||
} else {
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright (c) 2003, 2021, Oracle and/or its affiliates. All rights reserved.
|
||||
* Copyright (c) 2003, 2024, Oracle and/or its affiliates. All rights reserved.
|
||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||
*
|
||||
* This code is free software; you can redistribute it and/or modify it
|
||||
@ -28,7 +28,6 @@ package com.sun.management.internal;
|
||||
import java.util.*;
|
||||
import com.sun.management.VMOption;
|
||||
import com.sun.management.VMOption.Origin;
|
||||
import java.security.AccessController;
|
||||
|
||||
/**
|
||||
* Flag class is a helper class for constructing a VMOption.
|
||||
@ -117,13 +116,7 @@ class Flag {
|
||||
static synchronized native void setStringValue(String name, String value);
|
||||
|
||||
static {
|
||||
AccessController.doPrivileged(
|
||||
new java.security.PrivilegedAction<Void>() {
|
||||
public Void run() {
|
||||
System.loadLibrary("management");
|
||||
return null;
|
||||
}
|
||||
});
|
||||
initialize();
|
||||
}
|
||||
private static native void initialize();
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright (c) 2011, 2021, Oracle and/or its affiliates. All rights reserved.
|
||||
* Copyright (c) 2011, 2024, Oracle and/or its affiliates. All rights reserved.
|
||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||
*
|
||||
* This code is free software; you can redistribute it and/or modify it
|
||||
@ -33,8 +33,6 @@ import javax.management.openmbean.CompositeDataSupport;
|
||||
import javax.management.openmbean.OpenDataException;
|
||||
import javax.management.openmbean.OpenType;
|
||||
import javax.management.openmbean.SimpleType;
|
||||
import java.security.AccessController;
|
||||
import java.security.PrivilegedAction;
|
||||
import java.lang.reflect.Field;
|
||||
import java.util.HashMap;
|
||||
import sun.management.LazyCompositeData;
|
||||
@ -65,19 +63,17 @@ public class GarbageCollectionNotifInfoCompositeData extends LazyCompositeData {
|
||||
}
|
||||
|
||||
private CompositeType getCompositeTypeByBuilder() {
|
||||
@SuppressWarnings("removal")
|
||||
final GcInfoBuilder builder = AccessController.doPrivileged (new PrivilegedAction<GcInfoBuilder>() {
|
||||
public GcInfoBuilder run() {
|
||||
|
||||
GcInfoBuilder builder = null;
|
||||
try {
|
||||
Class<?> cl = Class.forName("com.sun.management.GcInfo");
|
||||
Field f = cl.getDeclaredField("builder");
|
||||
f.setAccessible(true);
|
||||
return (GcInfoBuilder)f.get(gcNotifInfo.getGcInfo());
|
||||
} catch(ClassNotFoundException | NoSuchFieldException | IllegalAccessException e) {
|
||||
return null;
|
||||
builder = (GcInfoBuilder) f.get(gcNotifInfo.getGcInfo());
|
||||
} catch (ClassNotFoundException | NoSuchFieldException | IllegalAccessException e) {
|
||||
// ignore
|
||||
}
|
||||
}
|
||||
});
|
||||
|
||||
CompositeType gict = null;
|
||||
synchronized(compositeTypeByBuilder) {
|
||||
gict = compositeTypeByBuilder.get(builder);
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright (c) 2004, 2021, Oracle and/or its affiliates. All rights reserved.
|
||||
* Copyright (c) 2004, 2024, Oracle and/or its affiliates. All rights reserved.
|
||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||
*
|
||||
* This code is free software; you can redistribute it and/or modify it
|
||||
@ -38,8 +38,6 @@ import javax.management.openmbean.SimpleType;
|
||||
import javax.management.openmbean.OpenType;
|
||||
import javax.management.openmbean.OpenDataException;
|
||||
import com.sun.management.GcInfo;
|
||||
import java.security.AccessController;
|
||||
import java.security.PrivilegedAction;
|
||||
import sun.management.LazyCompositeData;
|
||||
import static sun.management.LazyCompositeData.getLong;
|
||||
import sun.management.MappedMXBeanType;
|
||||
@ -71,32 +69,24 @@ public class GcInfoCompositeData extends LazyCompositeData {
|
||||
}
|
||||
|
||||
public static CompositeData toCompositeData(final GcInfo info) {
|
||||
@SuppressWarnings("removal")
|
||||
final GcInfoBuilder builder = AccessController.doPrivileged (new PrivilegedAction<GcInfoBuilder>() {
|
||||
public GcInfoBuilder run() {
|
||||
GcInfoBuilder builder = null;
|
||||
try {
|
||||
Class<?> cl = Class.forName("com.sun.management.GcInfo");
|
||||
Field f = cl.getDeclaredField("builder");
|
||||
f.setAccessible(true);
|
||||
return (GcInfoBuilder)f.get(info);
|
||||
builder = (GcInfoBuilder)f.get(info);
|
||||
} catch(ClassNotFoundException | NoSuchFieldException | IllegalAccessException e) {
|
||||
return null;
|
||||
// ignore
|
||||
}
|
||||
}
|
||||
});
|
||||
@SuppressWarnings("removal")
|
||||
final Object[] extAttr = AccessController.doPrivileged (new PrivilegedAction<Object[]>() {
|
||||
public Object[] run() {
|
||||
Object[] extAttr = null;
|
||||
try {
|
||||
Class<?> cl = Class.forName("com.sun.management.GcInfo");
|
||||
Field f = cl.getDeclaredField("extAttributes");
|
||||
f.setAccessible(true);
|
||||
return (Object[])f.get(info);
|
||||
extAttr = (Object[])f.get(info);
|
||||
} catch(ClassNotFoundException | NoSuchFieldException | IllegalAccessException e) {
|
||||
return null;
|
||||
// ignore
|
||||
}
|
||||
}
|
||||
});
|
||||
GcInfoCompositeData gcicd =
|
||||
new GcInfoCompositeData(info,builder,extAttr);
|
||||
return gcicd.getCompositeData();
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright (c) 2005, 2022, Oracle and/or its affiliates. All rights reserved.
|
||||
* Copyright (c) 2005, 2024, Oracle and/or its affiliates. All rights reserved.
|
||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||
*
|
||||
* This code is free software; you can redistribute it and/or modify it
|
||||
@ -29,10 +29,6 @@ import java.io.OutputStream;
|
||||
import java.nio.file.Files;
|
||||
import java.nio.file.Path;
|
||||
import java.nio.file.StandardOpenOption;
|
||||
import java.security.AccessController;
|
||||
import java.security.PrivilegedAction;
|
||||
import java.security.PrivilegedActionException;
|
||||
import java.security.PrivilegedExceptionAction;
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
import javax.management.ObjectName;
|
||||
@ -53,20 +49,11 @@ public class HotSpotDiagnostic implements HotSpotDiagnosticMXBean {
|
||||
public void dumpHeap(String outputFile, boolean live) throws IOException {
|
||||
|
||||
String propertyName = "jdk.management.heapdump.allowAnyFileSuffix";
|
||||
PrivilegedAction<Boolean> pa = () -> Boolean.parseBoolean(System.getProperty(propertyName, "false"));
|
||||
@SuppressWarnings("removal")
|
||||
boolean allowAnyFileSuffix = AccessController.doPrivileged(pa);
|
||||
boolean allowAnyFileSuffix = Boolean.getBoolean(propertyName);
|
||||
if (!allowAnyFileSuffix && !outputFile.endsWith(".hprof")) {
|
||||
throw new IllegalArgumentException("heapdump file must have .hprof extension");
|
||||
}
|
||||
|
||||
@SuppressWarnings("removal")
|
||||
SecurityManager security = System.getSecurityManager();
|
||||
if (security != null) {
|
||||
security.checkWrite(outputFile);
|
||||
Util.checkControlAccess();
|
||||
}
|
||||
|
||||
dumpHeap0(outputFile, live);
|
||||
}
|
||||
|
||||
@ -107,7 +94,6 @@ public class HotSpotDiagnostic implements HotSpotDiagnosticMXBean {
|
||||
throw new NullPointerException("value cannot be null");
|
||||
}
|
||||
|
||||
Util.checkControlAccess();
|
||||
Flag flag = Flag.getFlag(name);
|
||||
if (flag == null) {
|
||||
throw new IllegalArgumentException("VM option \"" +
|
||||
@ -161,33 +147,13 @@ public class HotSpotDiagnostic implements HotSpotDiagnosticMXBean {
|
||||
}
|
||||
|
||||
@Override
|
||||
@SuppressWarnings("removal")
|
||||
public void dumpThreads(String outputFile, ThreadDumpFormat format) throws IOException {
|
||||
Path file = Path.of(outputFile);
|
||||
if (!file.isAbsolute())
|
||||
throw new IllegalArgumentException("'outputFile' not absolute path");
|
||||
|
||||
// need ManagementPermission("control")
|
||||
@SuppressWarnings("removal")
|
||||
SecurityManager sm = System.getSecurityManager();
|
||||
if (sm != null)
|
||||
Util.checkControlAccess();
|
||||
|
||||
try (OutputStream out = Files.newOutputStream(file, StandardOpenOption.CREATE_NEW)) {
|
||||
PrivilegedExceptionAction<Void> pa = () -> {
|
||||
dumpThreads(out, format);
|
||||
return null;
|
||||
};
|
||||
try {
|
||||
AccessController.doPrivileged(pa);
|
||||
} catch (PrivilegedActionException pae) {
|
||||
Throwable cause = pae.getCause();
|
||||
if (cause instanceof IOException ioe)
|
||||
throw ioe;
|
||||
if (cause instanceof RuntimeException e)
|
||||
throw e;
|
||||
throw new RuntimeException(cause);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -30,8 +30,6 @@ import com.sun.management.ThreadMXBean;
|
||||
import java.lang.management.ManagementFactory;
|
||||
import java.lang.management.MemoryManagerMXBean;
|
||||
import java.lang.management.OperatingSystemMXBean;
|
||||
import java.security.AccessController;
|
||||
import java.security.PrivilegedAction;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collections;
|
||||
import java.util.HashMap;
|
||||
@ -55,10 +53,7 @@ public final class PlatformMBeanProviderImpl extends PlatformMBeanProvider {
|
||||
private static OperatingSystemMXBean osMBean = null;
|
||||
|
||||
static {
|
||||
AccessController.doPrivileged((PrivilegedAction<Void>) () -> {
|
||||
System.loadLibrary("management_ext");
|
||||
return null;
|
||||
});
|
||||
}
|
||||
|
||||
public PlatformMBeanProviderImpl() {
|
||||
|
@ -55,14 +55,6 @@ public class VirtualThreadSchedulerImpls {
|
||||
private abstract static class BaseVirtualThreadSchedulerImpl
|
||||
implements VirtualThreadSchedulerMXBean {
|
||||
|
||||
abstract void implSetParallelism(int size);
|
||||
|
||||
@Override
|
||||
public final void setParallelism(int size) {
|
||||
Util.checkControlAccess();
|
||||
implSetParallelism(size);
|
||||
}
|
||||
|
||||
@Override
|
||||
public final ObjectName getObjectName() {
|
||||
return Util.newObjectName("jdk.management:type=VirtualThreadScheduler");
|
||||
@ -114,7 +106,7 @@ public class VirtualThreadSchedulerImpls {
|
||||
}
|
||||
|
||||
@Override
|
||||
void implSetParallelism(int size) {
|
||||
public void setParallelism(int size) {
|
||||
if (Scheduler.instance() instanceof ForkJoinPool pool) {
|
||||
pool.setParallelism(size);
|
||||
if (pool.getPoolSize() < size) {
|
||||
@ -163,7 +155,7 @@ public class VirtualThreadSchedulerImpls {
|
||||
}
|
||||
|
||||
@Override
|
||||
void implSetParallelism(int size) {
|
||||
public void setParallelism(int size) {
|
||||
throw new UnsupportedOperationException();
|
||||
}
|
||||
|
||||
@ -183,3 +175,4 @@ public class VirtualThreadSchedulerImpls {
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user