SecurityRestrictionsTest.java revision 12651:6ef01bd40ce2 
1160814Ssimon/*
2160814Ssimon * Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved.
3160814Ssimon * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4160814Ssimon *
5160814Ssimon * This code is free software; you can redistribute it and/or modify it
6160814Ssimon * under the terms of the GNU General Public License version 2 only, as
7160814Ssimon * published by the Free Software Foundation.
8160814Ssimon *
9160814Ssimon * This code is distributed in the hope that it will be useful, but WITHOUT
10160814Ssimon * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11160814Ssimon * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
12160814Ssimon * version 2 for more details (a copy is included in the LICENSE file that
13160814Ssimon * accompanied this code).
14160814Ssimon *
15160814Ssimon * You should have received a copy of the GNU General Public License version
16160814Ssimon * 2 along with this work; if not, write to the Free Software Foundation,
17160814Ssimon * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18160814Ssimon *
19160814Ssimon * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20160814Ssimon * or visit www.oracle.com if you need additional information or have any
21160814Ssimon * questions.
22160814Ssimon */
23160814Ssimon
24280297Sjkim/**
25160814Ssimon * @test
26160814Ssimon * @bug 8136421
27160814Ssimon * @requires vm.jvmci
28160814Ssimon * @library /test/lib /
29160814Ssimon * @library common/patches
30160814Ssimon * @modules java.base/jdk.internal.misc
31160814Ssimon * @modules jdk.internal.vm.ci/jdk.vm.ci.hotspot
32160814Ssimon * @build jdk.internal.vm.ci/jdk.vm.ci.hotspot.CompilerToVMHelper
33160814Ssimon * @run main/othervm -XX:+UnlockExperimentalVMOptions
34160814Ssimon *      -XX:+EnableJVMCI
35160814Ssimon *      compiler.jvmci.SecurityRestrictionsTest
36160814Ssimon *      NO_SEC_MAN
37160814Ssimon * @run main/othervm -XX:+UnlockExperimentalVMOptions
38160814Ssimon *      -XX:+EnableJVMCI
39160814Ssimon *      compiler.jvmci.SecurityRestrictionsTest
40160814Ssimon *      NO_PERM
41160814Ssimon * @run main/othervm -XX:+UnlockExperimentalVMOptions
42160814Ssimon *      -XX:+EnableJVMCI
43160814Ssimon *      compiler.jvmci.SecurityRestrictionsTest
44160814Ssimon *      ALL_PERM
45160814Ssimon * @run main/othervm -XX:+UnlockExperimentalVMOptions
46160814Ssimon *      -XX:+EnableJVMCI
47160814Ssimon *      compiler.jvmci.SecurityRestrictionsTest
48160814Ssimon *      NO_JVMCI_ACCESS_PERM
49160814Ssimon * @run main/othervm -XX:+UnlockExperimentalVMOptions
50160814Ssimon *      -XX:-EnableJVMCI
51160814Ssimon *      compiler.jvmci.SecurityRestrictionsTest
52160814Ssimon *      NO_JVMCI
53160814Ssimon */
54160814Ssimon
55160814Ssimonpackage compiler.jvmci;
56160814Ssimon
57160814Ssimonimport jdk.test.lib.Utils;
58160814Ssimon
59160814Ssimonimport java.security.AccessControlException;
60160814Ssimonimport java.security.Permission;
61160814Ssimonimport java.util.PropertyPermission;
62160814Ssimonimport java.util.function.Consumer;
63160814Ssimon
64160814Ssimonpublic class SecurityRestrictionsTest {
65160814Ssimon
66160814Ssimon    public static void main(String[] args) {
67160814Ssimon        try {
68160814Ssimon            // to init Utils before call SecurityManager
69160814Ssimon            Class.forName(Utils.class.getName(), true,
70160814Ssimon                    Utils.class.getClassLoader());
71160814Ssimon        } catch (ClassNotFoundException e) {
72160814Ssimon            throw new Error("[TEST BUG]: jdk.test.lib.Utils not found", e);
73280297Sjkim        }
74160814Ssimon        try {
75160814Ssimon            TestCase mode = TestCase.valueOf(args[0]);
76238405Sjkim            mode.run();
77280297Sjkim        } catch (IllegalArgumentException e) {
78238405Sjkim            throw new Error("[TEST BUG]: Unknown mode " + args[0], e);
79160814Ssimon        }
80280297Sjkim    }
81160814Ssimon
82160814Ssimon    private enum TestCase {
83160814Ssimon        NO_SEC_MAN,
84160814Ssimon        NO_JVMCI {
85160814Ssimon            @Override
86280297Sjkim            public Class<? extends Throwable> getExpectedException() {
87160814Ssimon                return InternalError.class;
88160814Ssimon            }
89280297Sjkim        },
90280297Sjkim        ALL_PERM {
91280297Sjkim            @Override
92160814Ssimon            public SecurityManager getSecurityManager() {
93160814Ssimon                return new SecurityManager() {
94280297Sjkim                    @Override
95280297Sjkim                    public void checkPermission(Permission perm) {
96238405Sjkim                    }
97280297Sjkim                };
98280297Sjkim            }
99280297Sjkim        },
100280297Sjkim        NO_PERM {
101238405Sjkim            @Override
102280297Sjkim            public SecurityManager getSecurityManager() {
103238405Sjkim                return new SecurityManager();
104280297Sjkim            }
105280297Sjkim
106280297Sjkim            @Override
107160814Ssimon            public Class<? extends Throwable> getExpectedException() {
108160814Ssimon                return AccessControlException.class;
109280297Sjkim            }
110280297Sjkim        },
111160814Ssimon        NO_JVMCI_ACCESS_PERM {
112280297Sjkim            @Override
113160814Ssimon            public SecurityManager getSecurityManager() {
114280297Sjkim                return new SecurityManager() {
115280297Sjkim                    @Override
116160814Ssimon                    public void checkPermission(Permission perm) {
117238405Sjkim                        if (isJvmciPermission(perm)) {
118280297Sjkim                            super.checkPermission(perm);
119280297Sjkim                        }
120280297Sjkim                    }
121238405Sjkim
122160814Ssimon                    @Override
123280297Sjkim                    public void checkPropertyAccess(String key) {
124280297Sjkim                        if (key.startsWith(JVMCI_PROP_START)) {
125280297Sjkim                            super.checkPropertyAccess(key);
126280297Sjkim                        }
127160814Ssimon                    }
128280297Sjkim                };
129160814Ssimon            }
130280297Sjkim
131280297Sjkim            private boolean isJvmciPermission(Permission perm) {
132160814Ssimon                String name = perm.getName();
133280297Sjkim                boolean isJvmciRuntime = perm instanceof RuntimePermission
134280297Sjkim                        && (JVMCI_SERVICES.equals(name)
135160814Ssimon                            || name.startsWith(JVMCI_RT_PERM_START));
136160814Ssimon                boolean isJvmciProperty = perm instanceof PropertyPermission
137280297Sjkim                        && name.startsWith(JVMCI_PROP_START);
138280297Sjkim                return isJvmciRuntime || isJvmciProperty;
139160814Ssimon            }
140280297Sjkim
141280297Sjkim            @Override
142280297Sjkim            public Class<? extends Throwable> getExpectedException() {
143280297Sjkim                return AccessControlException.class;
144280297Sjkim            }
145160814Ssimon        };
146280297Sjkim
147160814Ssimon        public void run() {
148280297Sjkim            System.setSecurityManager(getSecurityManager());
149280297Sjkim            Consumer<Throwable> exceptionCheck = e -> {
150160814Ssimon                if (e == null) {
151280297Sjkim                    if (getExpectedException() != null) {
152280297Sjkim                        String message = name() + ": Didn't get expected exception "
153280297Sjkim                                + getExpectedException();
154280297Sjkim                        throw new AssertionError(message);
155280297Sjkim                    }
156280297Sjkim                } else {
157280297Sjkim                    String message = name() + ": Got unexpected exception "
158280297Sjkim                            + e.getClass().getSimpleName();
159280297Sjkim                    if (getExpectedException() == null){
160280297Sjkim                        throw new AssertionError(message, e);
161280297Sjkim                    }
162160814Ssimon
163160814Ssimon                    Throwable t = e;
164280297Sjkim                    while (t.getCause() != null) {
165280297Sjkim                        t = t.getCause();
166160814Ssimon                    }
167280297Sjkim                    if (!getExpectedException().isAssignableFrom(t.getClass())) {
168280297Sjkim                        message += " instead of " + getExpectedException()
169280297Sjkim                                .getSimpleName();
170280297Sjkim                        throw new AssertionError(message, e);
171280297Sjkim                    }
172280297Sjkim                }
173280297Sjkim            };
174280297Sjkim            Utils.runAndCheckException(() -> {
175160814Ssimon                try {
176160814Ssimon                    // CompilerToVM::<cinit> provokes CompilerToVM::<init>
177280297Sjkim                    Class.forName("jdk.vm.ci.hotspot.CompilerToVMHelper");
178280297Sjkim                } catch (ClassNotFoundException e) {
179280297Sjkim                    throw new Error("TESTBUG : " + e, e);
180160814Ssimon                }
181160814Ssimon            }, exceptionCheck);
182160814Ssimon        }
183280297Sjkim
184160814Ssimon        public SecurityManager getSecurityManager() {
185280297Sjkim            return null;
186280297Sjkim        }
187280297Sjkim
188160814Ssimon        public Class<? extends Throwable> getExpectedException() {
189280297Sjkim            return null;
190160814Ssimon        }
191160814Ssimon
192160814Ssimon        private static final String JVMCI_RT_PERM_START
193280297Sjkim                = "accessClassInPackage.jdk.vm.ci";
194280297Sjkim        private static final String JVMCI_SERVICES = "jvmciServices";
195160814Ssimon        private static final String JVMCI_PROP_START = "jvmci.";
196160814Ssimon
197280297Sjkim    }
198280297Sjkim}
199160814Ssimon