8344181: Remove SecurityManager and related calls from jdk.management and jdk.management.agent

Reviewed-by: amenkov, cjplummer
This commit is contained in:
Kevin Walls 2024-11-25 13:50:58 +00:00
parent cb1c73663e
commit e29b0edc97
10 changed files with 45 additions and 133 deletions

View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2003, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -36,8 +36,6 @@ import java.net.InetAddress;
import java.net.MalformedURLException;
import java.net.UnknownHostException;
import java.nio.BufferUnderflowException;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.text.MessageFormat;
import java.util.HashMap;
import java.util.Map;

View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2004, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2004, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -53,12 +53,6 @@ public class FileSystemImpl extends FileSystem {
// Initialization
static {
java.security.AccessController.doPrivileged(
new java.security.PrivilegedAction<Void>() {
public Void run() {
System.loadLibrary("management_agent");
return null;
}
});
}
}

View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2004, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2004, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -64,13 +64,7 @@ public class FileSystemImpl extends FileSystem {
// Initialization
static {
java.security.AccessController.doPrivileged(
new java.security.PrivilegedAction<Void>() {
public Void run() {
System.loadLibrary("management_agent");
return null;
}
});
init0();
}
}

View File

@ -149,13 +149,6 @@ public class DiagnosticCommandImpl extends NotificationEmitterSupport
}
public String execute(String[] args) {
if (permission != null) {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
sm.checkPermission(permission);
}
}
if(args == null) {
return executeDiagnosticCommand(cmd);
} else {

View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2003, 2021, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -28,7 +28,6 @@ package com.sun.management.internal;
import java.util.*;
import com.sun.management.VMOption;
import com.sun.management.VMOption.Origin;
import java.security.AccessController;
/**
* Flag class is a helper class for constructing a VMOption.
@ -117,13 +116,7 @@ class Flag {
static synchronized native void setStringValue(String name, String value);
static {
AccessController.doPrivileged(
new java.security.PrivilegedAction<Void>() {
public Void run() {
System.loadLibrary("management");
return null;
}
});
initialize();
}
private static native void initialize();

View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2011, 2021, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2011, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -33,8 +33,6 @@ import javax.management.openmbean.CompositeDataSupport;
import javax.management.openmbean.OpenDataException;
import javax.management.openmbean.OpenType;
import javax.management.openmbean.SimpleType;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.lang.reflect.Field;
import java.util.HashMap;
import sun.management.LazyCompositeData;
@ -65,19 +63,17 @@ public class GarbageCollectionNotifInfoCompositeData extends LazyCompositeData {
}
private CompositeType getCompositeTypeByBuilder() {
@SuppressWarnings("removal")
final GcInfoBuilder builder = AccessController.doPrivileged (new PrivilegedAction<GcInfoBuilder>() {
public GcInfoBuilder run() {
GcInfoBuilder builder = null;
try {
Class<?> cl = Class.forName("com.sun.management.GcInfo");
Field f = cl.getDeclaredField("builder");
f.setAccessible(true);
return (GcInfoBuilder)f.get(gcNotifInfo.getGcInfo());
} catch(ClassNotFoundException | NoSuchFieldException | IllegalAccessException e) {
return null;
builder = (GcInfoBuilder) f.get(gcNotifInfo.getGcInfo());
} catch (ClassNotFoundException | NoSuchFieldException | IllegalAccessException e) {
// ignore
}
}
});
CompositeType gict = null;
synchronized(compositeTypeByBuilder) {
gict = compositeTypeByBuilder.get(builder);

View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2004, 2021, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2004, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -38,8 +38,6 @@ import javax.management.openmbean.SimpleType;
import javax.management.openmbean.OpenType;
import javax.management.openmbean.OpenDataException;
import com.sun.management.GcInfo;
import java.security.AccessController;
import java.security.PrivilegedAction;
import sun.management.LazyCompositeData;
import static sun.management.LazyCompositeData.getLong;
import sun.management.MappedMXBeanType;
@ -71,32 +69,24 @@ public class GcInfoCompositeData extends LazyCompositeData {
}
public static CompositeData toCompositeData(final GcInfo info) {
@SuppressWarnings("removal")
final GcInfoBuilder builder = AccessController.doPrivileged (new PrivilegedAction<GcInfoBuilder>() {
public GcInfoBuilder run() {
GcInfoBuilder builder = null;
try {
Class<?> cl = Class.forName("com.sun.management.GcInfo");
Field f = cl.getDeclaredField("builder");
f.setAccessible(true);
return (GcInfoBuilder)f.get(info);
builder = (GcInfoBuilder)f.get(info);
} catch(ClassNotFoundException | NoSuchFieldException | IllegalAccessException e) {
return null;
// ignore
}
}
});
@SuppressWarnings("removal")
final Object[] extAttr = AccessController.doPrivileged (new PrivilegedAction<Object[]>() {
public Object[] run() {
Object[] extAttr = null;
try {
Class<?> cl = Class.forName("com.sun.management.GcInfo");
Field f = cl.getDeclaredField("extAttributes");
f.setAccessible(true);
return (Object[])f.get(info);
extAttr = (Object[])f.get(info);
} catch(ClassNotFoundException | NoSuchFieldException | IllegalAccessException e) {
return null;
// ignore
}
}
});
GcInfoCompositeData gcicd =
new GcInfoCompositeData(info,builder,extAttr);
return gcicd.getCompositeData();

View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2005, 2022, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2005, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -29,10 +29,6 @@ import java.io.OutputStream;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.StandardOpenOption;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
import java.util.List;
import javax.management.ObjectName;
@ -53,20 +49,11 @@ public class HotSpotDiagnostic implements HotSpotDiagnosticMXBean {
public void dumpHeap(String outputFile, boolean live) throws IOException {
String propertyName = "jdk.management.heapdump.allowAnyFileSuffix";
PrivilegedAction<Boolean> pa = () -> Boolean.parseBoolean(System.getProperty(propertyName, "false"));
@SuppressWarnings("removal")
boolean allowAnyFileSuffix = AccessController.doPrivileged(pa);
boolean allowAnyFileSuffix = Boolean.getBoolean(propertyName);
if (!allowAnyFileSuffix && !outputFile.endsWith(".hprof")) {
throw new IllegalArgumentException("heapdump file must have .hprof extension");
}
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkWrite(outputFile);
Util.checkControlAccess();
}
dumpHeap0(outputFile, live);
}
@ -107,7 +94,6 @@ public class HotSpotDiagnostic implements HotSpotDiagnosticMXBean {
throw new NullPointerException("value cannot be null");
}
Util.checkControlAccess();
Flag flag = Flag.getFlag(name);
if (flag == null) {
throw new IllegalArgumentException("VM option \"" +
@ -161,33 +147,13 @@ public class HotSpotDiagnostic implements HotSpotDiagnosticMXBean {
}
@Override
@SuppressWarnings("removal")
public void dumpThreads(String outputFile, ThreadDumpFormat format) throws IOException {
Path file = Path.of(outputFile);
if (!file.isAbsolute())
throw new IllegalArgumentException("'outputFile' not absolute path");
// need ManagementPermission("control")
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null)
Util.checkControlAccess();
try (OutputStream out = Files.newOutputStream(file, StandardOpenOption.CREATE_NEW)) {
PrivilegedExceptionAction<Void> pa = () -> {
dumpThreads(out, format);
return null;
};
try {
AccessController.doPrivileged(pa);
} catch (PrivilegedActionException pae) {
Throwable cause = pae.getCause();
if (cause instanceof IOException ioe)
throw ioe;
if (cause instanceof RuntimeException e)
throw e;
throw new RuntimeException(cause);
}
}
}

View File

@ -30,8 +30,6 @@ import com.sun.management.ThreadMXBean;
import java.lang.management.ManagementFactory;
import java.lang.management.MemoryManagerMXBean;
import java.lang.management.OperatingSystemMXBean;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
@ -55,10 +53,7 @@ public final class PlatformMBeanProviderImpl extends PlatformMBeanProvider {
private static OperatingSystemMXBean osMBean = null;
static {
AccessController.doPrivileged((PrivilegedAction<Void>) () -> {
System.loadLibrary("management_ext");
return null;
});
}
public PlatformMBeanProviderImpl() {

View File

@ -55,14 +55,6 @@ public class VirtualThreadSchedulerImpls {
private abstract static class BaseVirtualThreadSchedulerImpl
implements VirtualThreadSchedulerMXBean {
abstract void implSetParallelism(int size);
@Override
public final void setParallelism(int size) {
Util.checkControlAccess();
implSetParallelism(size);
}
@Override
public final ObjectName getObjectName() {
return Util.newObjectName("jdk.management:type=VirtualThreadScheduler");
@ -114,7 +106,7 @@ public class VirtualThreadSchedulerImpls {
}
@Override
void implSetParallelism(int size) {
public void setParallelism(int size) {
if (Scheduler.instance() instanceof ForkJoinPool pool) {
pool.setParallelism(size);
if (pool.getPoolSize() < size) {
@ -163,7 +155,7 @@ public class VirtualThreadSchedulerImpls {
}
@Override
void implSetParallelism(int size) {
public void setParallelism(int size) {
throw new UnsupportedOperationException();
}
@ -183,3 +175,4 @@ public class VirtualThreadSchedulerImpls {
}
}
}