# HG changeset patch # User attila # Date 1376304361 -7200 # Node ID 3c13fba4d727bf8ce211a4cd6e444b6d7fde5350 # Parent 01304b0550fbbbb74b3b469b90955b4e36ae2bf0 8022789: Revisit doPrivileged blocks in Dynalink Reviewed-by: lagergren, sundar diff -r 01304b0550fb -r 3c13fba4d727 src/jdk/internal/dynalink/DynamicLinkerFactory.java --- a/src/jdk/internal/dynalink/DynamicLinkerFactory.java Mon Aug 12 14:43:53 2013 +0530 +++ b/src/jdk/internal/dynalink/DynamicLinkerFactory.java Mon Aug 12 12:46:01 2013 +0200 @@ -99,6 +99,7 @@ import jdk.internal.dynalink.linker.LinkRequest; import jdk.internal.dynalink.support.AutoDiscovery; import jdk.internal.dynalink.support.BottomGuardingDynamicLinker; +import jdk.internal.dynalink.support.ClassLoaderGetterContextProvider; import jdk.internal.dynalink.support.CompositeGuardingDynamicLinker; import jdk.internal.dynalink.support.CompositeTypeBasedGuardingDynamicLinker; import jdk.internal.dynalink.support.LinkerServicesImpl; @@ -315,7 +316,7 @@ public ClassLoader run() { return Thread.currentThread().getContextClassLoader(); } - }); + }, ClassLoaderGetterContextProvider.GET_CLASS_LOADER_CONTEXT); } private static void addClasses(Set> knownLinkerClasses, diff -r 01304b0550fb -r 3c13fba4d727 src/jdk/internal/dynalink/support/ClassLoaderGetterContextProvider.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/jdk/internal/dynalink/support/ClassLoaderGetterContextProvider.java Mon Aug 12 12:46:01 2013 +0200 @@ -0,0 +1,107 @@ +/* + * Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. Oracle designates this + * particular file as subject to the "Classpath" exception as provided + * by Oracle in the LICENSE file that accompanied this code. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* + * This file is available under and governed by the GNU General Public + * License version 2 only, as published by the Free Software Foundation. + * However, the following notice accompanied the original version of this + * file, and Oracle licenses the original version of this file under the BSD + * license: + */ +/* + Copyright 2009-2013 Attila Szegedi + + Licensed under both the Apache License, Version 2.0 (the "Apache License") + and the BSD License (the "BSD License"), with licensee being free to + choose either of the two at their discretion. + + You may not use this file except in compliance with either the Apache + License or the BSD License. + + If you choose to use this file in compliance with the Apache License, the + following notice applies to you: + + You may obtain a copy of the Apache License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied. See the License for the specific language governing + permissions and limitations under the License. + + If you choose to use this file in compliance with the BSD License, the + following notice applies to you: + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are + met: + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + * Neither the name of the copyright holder nor the names of + contributors may be used to endorse or promote products derived from + this software without specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS + IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL COPYRIGHT HOLDER + BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +*/ + +package jdk.internal.dynalink.support; + +import java.security.AccessControlContext; +import java.security.Permissions; +import java.security.ProtectionDomain; + +/** + * This class exposes a canonical {@link AccessControlContext} with a single {@link RuntimePermission} for + * {@code "getClassLoader"} permission that is used by other parts of the code to narrow their set of permissions when + * they're retrieving class loaders in privileged blocks. + */ +public class ClassLoaderGetterContextProvider { + /** + * Canonical instance of {@link AccessControlContext} with a single {@link RuntimePermission} for + * {@code "getClassLoader"} permission. + */ + public static final AccessControlContext GET_CLASS_LOADER_CONTEXT; + static { + final Permissions perms = new Permissions(); + perms.add(new RuntimePermission("getClassLoader")); + GET_CLASS_LOADER_CONTEXT = new AccessControlContext( + new ProtectionDomain[] { new ProtectionDomain(null, perms) }); + } +} diff -r 01304b0550fb -r 3c13fba4d727 src/jdk/internal/dynalink/support/ClassMap.java --- a/src/jdk/internal/dynalink/support/ClassMap.java Mon Aug 12 14:43:53 2013 +0530 +++ b/src/jdk/internal/dynalink/support/ClassMap.java Mon Aug 12 12:46:01 2013 +0200 @@ -155,7 +155,7 @@ public ClassLoader run() { return clazz.getClassLoader(); } - }); + }, ClassLoaderGetterContextProvider.GET_CLASS_LOADER_CONTEXT); // If allowed to strongly reference, put it in the fast map if(Guards.canReferenceDirectly(classLoader, clazzLoader)) { diff -r 01304b0550fb -r 3c13fba4d727 src/jdk/internal/dynalink/support/TypeConverterFactory.java --- a/src/jdk/internal/dynalink/support/TypeConverterFactory.java Mon Aug 12 14:43:53 2013 +0530 +++ b/src/jdk/internal/dynalink/support/TypeConverterFactory.java Mon Aug 12 12:46:01 2013 +0200 @@ -151,7 +151,7 @@ public ClassLoader run() { return clazz.getClassLoader(); } - }); + }, ClassLoaderGetterContextProvider.GET_CLASS_LOADER_CONTEXT); } /**