1.1 --- a/src/share/vm/classfile/javaClasses.cpp Thu Mar 07 11:49:38 2013 -0500 1.2 +++ b/src/share/vm/classfile/javaClasses.cpp Fri Apr 05 10:18:36 2013 -0400 1.3 @@ -2774,6 +2774,7 @@ 1.4 int java_security_AccessControlContext::_context_offset = 0; 1.5 int java_security_AccessControlContext::_privilegedContext_offset = 0; 1.6 int java_security_AccessControlContext::_isPrivileged_offset = 0; 1.7 +int java_security_AccessControlContext::_isAuthorized_offset = -1; 1.8 1.9 void java_security_AccessControlContext::compute_offsets() { 1.10 assert(_isPrivileged_offset == 0, "offsets should be initialized only once"); 1.11 @@ -2794,9 +2795,20 @@ 1.12 fatal("Invalid layout of java.security.AccessControlContext"); 1.13 } 1.14 _isPrivileged_offset = fd.offset(); 1.15 + 1.16 + // The offset may not be present for bootstrapping with older JDK. 1.17 + if (ik->find_local_field(vmSymbols::isAuthorized_name(), vmSymbols::bool_signature(), &fd)) { 1.18 + _isAuthorized_offset = fd.offset(); 1.19 + } 1.20 } 1.21 1.22 1.23 +bool java_security_AccessControlContext::is_authorized(Handle context) { 1.24 + assert(context.not_null() && context->klass() == SystemDictionary::AccessControlContext_klass(), "Invalid type"); 1.25 + assert(_isAuthorized_offset != -1, "should be set"); 1.26 + return context->bool_field(_isAuthorized_offset) != 0; 1.27 +} 1.28 + 1.29 oop java_security_AccessControlContext::create(objArrayHandle context, bool isPrivileged, Handle privileged_context, TRAPS) { 1.30 assert(_isPrivileged_offset != 0, "offsets should have been initialized"); 1.31 // Ensure klass is initialized 1.32 @@ -2807,6 +2819,8 @@ 1.33 result->obj_field_put(_context_offset, context()); 1.34 result->obj_field_put(_privilegedContext_offset, privileged_context()); 1.35 result->bool_field_put(_isPrivileged_offset, isPrivileged); 1.36 + // whitelist AccessControlContexts created by the JVM. 1.37 + result->bool_field_put(_isAuthorized_offset, true); 1.38 return result; 1.39 } 1.40 1.41 @@ -2916,6 +2930,15 @@ 1.42 } 1.43 1.44 1.45 +bool java_lang_System::has_security_manager() { 1.46 + InstanceKlass* ik = InstanceKlass::cast(SystemDictionary::System_klass()); 1.47 + address addr = ik->static_field_addr(static_security_offset); 1.48 + if (UseCompressedOops) { 1.49 + return oopDesc::load_decode_heap_oop((narrowOop *)addr) != NULL; 1.50 + } else { 1.51 + return oopDesc::load_decode_heap_oop((oop*)addr) != NULL; 1.52 + } 1.53 +} 1.54 1.55 int java_lang_Class::_klass_offset; 1.56 int java_lang_Class::_array_klass_offset; 1.57 @@ -2976,6 +2999,7 @@ 1.58 int java_lang_System::static_in_offset; 1.59 int java_lang_System::static_out_offset; 1.60 int java_lang_System::static_err_offset; 1.61 +int java_lang_System::static_security_offset; 1.62 int java_lang_StackTraceElement::declaringClass_offset; 1.63 int java_lang_StackTraceElement::methodName_offset; 1.64 int java_lang_StackTraceElement::fileName_offset; 1.65 @@ -3101,6 +3125,7 @@ 1.66 java_lang_System::static_in_offset = java_lang_System::hc_static_in_offset * x; 1.67 java_lang_System::static_out_offset = java_lang_System::hc_static_out_offset * x; 1.68 java_lang_System::static_err_offset = java_lang_System::hc_static_err_offset * x; 1.69 + java_lang_System::static_security_offset = java_lang_System::hc_static_security_offset * x; 1.70 1.71 // java_lang_StackTraceElement 1.72 java_lang_StackTraceElement::declaringClass_offset = java_lang_StackTraceElement::hc_declaringClass_offset * x + header; 1.73 @@ -3300,6 +3325,7 @@ 1.74 CHECK_STATIC_OFFSET("java/lang/System", java_lang_System, in, "Ljava/io/InputStream;"); 1.75 CHECK_STATIC_OFFSET("java/lang/System", java_lang_System, out, "Ljava/io/PrintStream;"); 1.76 CHECK_STATIC_OFFSET("java/lang/System", java_lang_System, err, "Ljava/io/PrintStream;"); 1.77 + CHECK_STATIC_OFFSET("java/lang/System", java_lang_System, security, "Ljava/lang/SecurityManager;"); 1.78 1.79 // java.lang.StackTraceElement 1.80