Mercurial > hg > graal-jvmci-8

comparison src/share/vm/prims/jvm.cpp @ 11010:b295e132102d

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
8001330: Improve on checking order Reviewed-by: acorn, hawtin
author mullan
date Fri, 05 Apr 2013 10:18:36 -0400
parents cd9ad42dfde0
children ce9ecec70f99
comparison
equal deleted inserted replaced
11009:f75faf51e8c4 11010:b295e132102d
1142 InstanceKlass::cast(k)->set_protection_domain(pd); 1142 InstanceKlass::cast(k)->set_protection_domain(pd);
1143 } 1143 }
1144 } 1144 }
1145 JVM_END 1145 JVM_END
1146 1146
1147 static bool is_authorized(Handle context, instanceKlassHandle klass, TRAPS) {
1148 // If there is a security manager and protection domain, check the access
1149 // in the protection domain, otherwise it is authorized.
1150 if (java_lang_System::has_security_manager()) {
1151
1152 // For bootstrapping, if pd implies method isn't in the JDK, allow
1153 // this context to revert to older behavior.
1154 // In this case the isAuthorized field in AccessControlContext is also not
1155 // present.
1156 if (Universe::protection_domain_implies_method() == NULL) {
1157 return true;
1158 }
1159
1160 // Whitelist certain access control contexts
1161 if (java_security_AccessControlContext::is_authorized(context)) {
1162 return true;
1163 }
1164
1165 oop prot = klass->protection_domain();
1166 if (prot != NULL) {
1167 // Call pd.implies(new SecurityPermission("createAccessControlContext"))
1168 // in the new wrapper.
1169 methodHandle m(THREAD, Universe::protection_domain_implies_method());
1170 Handle h_prot(THREAD, prot);
1171 JavaValue result(T_BOOLEAN);
1172 JavaCallArguments args(h_prot);
1173 JavaCalls::call(&result, m, &args, CHECK_false);
1174 return (result.get_jboolean() != 0);
1175 }
1176 }
1177 return true;
1178 }
1179
1180 // Create an AccessControlContext with a protection domain with null codesource
1181 // and null permissions - which gives no permissions.
1182 oop create_dummy_access_control_context(TRAPS) {
1183 InstanceKlass* pd_klass = InstanceKlass::cast(SystemDictionary::ProtectionDomain_klass());
1184 // new ProtectionDomain(null,null);
1185 oop null_protection_domain = pd_klass->allocate_instance(CHECK_NULL);
1186 Handle null_pd(THREAD, null_protection_domain);
1187
1188 // new ProtectionDomain[] {pd};
1189 objArrayOop context = oopFactory::new_objArray(pd_klass, 1, CHECK_NULL);
1190 context->obj_at_put(0, null_pd());
1191
1192 // new AccessControlContext(new ProtectionDomain[] {pd})
1193 objArrayHandle h_context(THREAD, context);
1194 oop result = java_security_AccessControlContext::create(h_context, false, Handle(), CHECK_NULL);
1195 return result;
1196 }
1147 1197
1148 JVM_ENTRY(jobject, JVM_DoPrivileged(JNIEnv *env, jclass cls, jobject action, jobject context, jboolean wrapException)) 1198 JVM_ENTRY(jobject, JVM_DoPrivileged(JNIEnv *env, jclass cls, jobject action, jobject context, jboolean wrapException))
1149 JVMWrapper("JVM_DoPrivileged"); 1199 JVMWrapper("JVM_DoPrivileged");
1150 1200
1151 if (action == NULL) { 1201 if (action == NULL) {
1152 THROW_MSG_0(vmSymbols::java_lang_NullPointerException(), "Null action"); 1202 THROW_MSG_0(vmSymbols::java_lang_NullPointerException(), "Null action");
1153 } 1203 }
1154 1204
1155 // Stack allocated list of privileged stack elements 1205 // Compute the frame initiating the do privileged operation and setup the privileged stack
1156 PrivilegedElement pi; 1206 vframeStream vfst(thread);
1207 vfst.security_get_caller_frame(1);
1208
1209 if (vfst.at_end()) {
1210 THROW_MSG_0(vmSymbols::java_lang_InternalError(), "no caller?");
1211 }
1212
1213 Method* method = vfst.method();
1214 instanceKlassHandle klass (THREAD, method->method_holder());
1215
1216 // Check that action object understands "Object run()"
1217 Handle h_context;
1218 if (context != NULL) {
1219 h_context = Handle(THREAD, JNIHandles::resolve(context));
1220 bool authorized = is_authorized(h_context, klass, CHECK_NULL);
1221 if (!authorized) {
1222 // Create an unprivileged access control object and call it's run function
1223 // instead.
1224 oop noprivs = create_dummy_access_control_context(CHECK_NULL);
1225 h_context = Handle(THREAD, noprivs);
1226 }
1227 }
1157 1228
1158 // Check that action object understands "Object run()" 1229 // Check that action object understands "Object run()"
1159 Handle object (THREAD, JNIHandles::resolve(action)); 1230 Handle object (THREAD, JNIHandles::resolve(action));
1160 1231
1161 // get run() method 1232 // get run() method
1165 methodHandle m (THREAD, m_oop); 1236 methodHandle m (THREAD, m_oop);
1166 if (m.is_null() || !m->is_method() || !m()->is_public() || m()->is_static()) { 1237 if (m.is_null() || !m->is_method() || !m()->is_public() || m()->is_static()) {
1167 THROW_MSG_0(vmSymbols::java_lang_InternalError(), "No run method"); 1238 THROW_MSG_0(vmSymbols::java_lang_InternalError(), "No run method");
1168 } 1239 }
1169 1240
1170 // Compute the frame initiating the do privileged operation and setup the privileged stack 1241 // Stack allocated list of privileged stack elements
1171 vframeStream vfst(thread); 1242 PrivilegedElement pi;
1172 vfst.security_get_caller_frame(1);
1173
1174 if (!vfst.at_end()) { 1243 if (!vfst.at_end()) {
1175 pi.initialize(&vfst, JNIHandles::resolve(context), thread->privileged_stack_top(), CHECK_NULL); 1244 pi.initialize(&vfst, h_context(), thread->privileged_stack_top(), CHECK_NULL);
1176 thread->set_privileged_stack_top(&pi); 1245 thread->set_privileged_stack_top(&pi);
1177 } 1246 }
1178 1247
1179 1248
1180 // invoke the Object run() in the action object. We cannot use call_interface here, since the static type 1249 // invoke the Object run() in the action object. We cannot use call_interface here, since the static type