Mercurial > hg > truffle
changeset 16779:e52ad0d3b7d6
put some security sensitive actions into a privileged action
| author | Doug Simon <doug.simon@oracle.com> |
|---|---|
| date | Tue, 12 Aug 2014 00:08:19 +0200 |
| parents | 8a05a498ab76 |
| children | 534439756990 |
| files | graal/com.oracle.truffle.api/src/com/oracle/truffle/api/Truffle.java graal/com.oracle.truffle.api/src/com/oracle/truffle/api/TruffleOptions.java graal/com.oracle.truffle.api/src/com/oracle/truffle/api/nodes/NodeUtil.java |
| diffstat | 3 files changed, 42 insertions(+), 14 deletions(-) [+] |
line wrap: on
line diff
--- a/graal/com.oracle.truffle.api/src/com/oracle/truffle/api/Truffle.java Tue Aug 12 00:01:54 2014 +0200 +++ b/graal/com.oracle.truffle.api/src/com/oracle/truffle/api/Truffle.java Tue Aug 12 00:08:19 2014 +0200 @@ -24,6 +24,8 @@ */ package com.oracle.truffle.api; +import java.security.*; + import com.oracle.truffle.api.impl.*; /** @@ -31,7 +33,7 @@ */ public class Truffle { - private static final TruffleRuntime RUNTIME; + private static final TruffleRuntime RUNTIME = initRuntime(); /** * Creates a new {@link TruffleRuntime} instance if the runtime has a specialized @@ -46,13 +48,15 @@ return RUNTIME; } - static { - TruffleRuntime runtime; + private static TruffleRuntime initRuntime() { try { - runtime = createRuntime(); + return AccessController.doPrivileged(new PrivilegedAction<TruffleRuntime>() { + public TruffleRuntime run() { + return createRuntime(); + } + }); } catch (UnsatisfiedLinkError e) { - runtime = new DefaultTruffleRuntime(); + return new DefaultTruffleRuntime(); } - RUNTIME = runtime; } }
--- a/graal/com.oracle.truffle.api/src/com/oracle/truffle/api/TruffleOptions.java Tue Aug 12 00:01:54 2014 +0200 +++ b/graal/com.oracle.truffle.api/src/com/oracle/truffle/api/TruffleOptions.java Tue Aug 12 00:08:19 2014 +0200 @@ -24,6 +24,8 @@ */ package com.oracle.truffle.api; +import java.security.*; + import com.oracle.truffle.api.nodes.*; /** @@ -36,7 +38,7 @@ * <p> * Can be set with {@code -Dtruffle.TraceRewrites=true}. */ - public static boolean TraceRewrites = Boolean.getBoolean("truffle.TraceRewrites"); + public static boolean TraceRewrites; /** * Enables the generation of detailed rewrite reasons. Enabling this may introduce some overhead @@ -44,7 +46,7 @@ * <p> * Can be set with {@code -Dtruffle.DetailedRewriteReasons=true}. */ - public static final boolean DetailedRewriteReasons = Boolean.getBoolean("truffle.DetailedRewriteReasons"); + public static final boolean DetailedRewriteReasons; /** * Filters rewrites that do not contain the given string in the qualified name of the source or @@ -52,7 +54,7 @@ * <p> * Can be set with {@code -Dtruffle.TraceRewritesFilterClass=name}. */ - public static String TraceRewritesFilterClass = System.getProperty("truffle.TraceRewritesFilterClass"); + public static String TraceRewritesFilterClass; /** * Filters rewrites which does not contain the {@link NodeCost} in its source {@link NodeInfo}. @@ -61,7 +63,7 @@ * Can be set with * {@code -Dtruffle.TraceRewritesFilterFromCost=NONE|MONOMORPHIC|POLYMORPHIC|MEGAMORPHIC}. */ - public static NodeCost TraceRewritesFilterFromCost = parseNodeInfoKind(System.getProperty("truffle.TraceRewritesFilterFromCost")); + public static NodeCost TraceRewritesFilterFromCost; /** * Filters rewrites which does not contain the {@link NodeCost} in its target {@link NodeInfo}. @@ -70,14 +72,14 @@ * Can be set with * {@code -Dtruffle.TraceRewritesFilterToKind=UNINITIALIZED|SPECIALIZED|POLYMORPHIC|GENERIC}. */ - public static NodeCost TraceRewritesFilterToCost = parseNodeInfoKind(System.getProperty("truffle.TraceRewritesFilterToCost")); + public static NodeCost TraceRewritesFilterToCost; /** * Enables the dumping of Node creations and AST rewrites in JSON format. * <p> * Can be set with {@code -Dtruffle.TraceASTJSON=true}. */ - public static final boolean TraceASTJSON = Boolean.getBoolean("truffle.TraceASTJSON"); + public static final boolean TraceASTJSON; private static NodeCost parseNodeInfoKind(String kind) { if (kind == null) { @@ -87,4 +89,21 @@ return NodeCost.valueOf(kind); } + static { + final boolean[] values = {false, false}; + AccessController.doPrivileged(new PrivilegedAction<Void>() { + public Void run() { + TraceRewrites = Boolean.getBoolean("truffle.TraceRewrites"); + TraceRewritesFilterClass = System.getProperty("truffle.TraceRewritesFilterClass"); + TraceRewritesFilterFromCost = parseNodeInfoKind(System.getProperty("truffle.TraceRewritesFilterFromCost")); + TraceRewritesFilterToCost = parseNodeInfoKind(System.getProperty("truffle.TraceRewritesFilterToCost")); + values[0] = Boolean.getBoolean("truffle.DetailedRewriteReasons"); + values[1] = Boolean.getBoolean("truffle.TraceASTJSON"); + return null; + } + }); + + DetailedRewriteReasons = values[0]; + TraceASTJSON = values[1]; + } }
--- a/graal/com.oracle.truffle.api/src/com/oracle/truffle/api/nodes/NodeUtil.java Tue Aug 12 00:01:54 2014 +0200 +++ b/graal/com.oracle.truffle.api/src/com/oracle/truffle/api/nodes/NodeUtil.java Tue Aug 12 00:08:19 2014 +0200 @@ -27,6 +27,7 @@ import java.io.*; import java.lang.annotation.*; import java.lang.reflect.*; +import java.security.*; import java.util.*; import sun.misc.*; @@ -160,9 +161,13 @@ private static final ClassValue<NodeClass> nodeClasses = new ClassValue<NodeClass>() { @SuppressWarnings("unchecked") @Override - protected NodeClass computeValue(Class<?> clazz) { + protected NodeClass computeValue(final Class<?> clazz) { assert Node.class.isAssignableFrom(clazz); - return new NodeClass((Class<? extends Node>) clazz, unsafeFieldOffsetProvider); + return AccessController.doPrivileged(new PrivilegedAction<NodeClass>() { + public NodeClass run() { + return new NodeClass((Class<? extends Node>) clazz, unsafeFieldOffsetProvider); + } + }); } };