[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cp-patches] Miscellaneous patches: RMI, AccessController, SharedLibHelp
|
From: |
Andrew Haley |
|
Subject: |
[cp-patches] Miscellaneous patches: RMI, AccessController, SharedLibHelper, Permissions |
|
Date: |
Wed, 16 Feb 2005 18:47:53 +0000 |
This is a batch of patches that I made while getting JOnAS to run on
gcj.
The PermissionsHash change has been posted before: it allows wildcards
in permissions.
The security fixes and changes to SharedLibLoader and its friends mean
we're no longer generating unncecessary copies of protection domains.
before this, we were generating two or more for each BC-compiled
shared library we loaded.
The RMI changes bring our implementation closer to the spec. In
particular, RemoteObject.toStub() now works. There's still some work
needed here.
Andrew.
2005-02-08 Andrew Haley <address@hidden>
* javax/security/auth/Subject.java (doAsPrivileged): If acc is
null, create a new AccessControlContext.
* java/security/SecureClassLoader.java (protectionDomainCache):
new field.
(defineClass): Create a new protection domain and add it to our
cache.
* java/rmi/server/UnicastRemoteObject.java (exportObject): Call
addStub() to keep track of the stub we've exported.
(unexportObject): Call deleteStub().
* java/rmi/server/RemoteObject.java (stubs): New field.
(addStub): New method.
(deleteStub): New method.
(toStub): Rewrite.
* java/lang/VMCompiler.java (loadSharedLibrary): Pass
true to findHelper (tryParents).
* gnu/gcj/runtime/SharedLibLoader.java (SharedLibLoader): Pass
true to findHelper (tryParents).
* gnu/gcj/runtime/SharedLibHelper.java (SharedLibHelper): Pass
ProtectionDomain.
If tryParents is false, don't scan parent class loaders.
* java/security/Permissions.java (PermissionsHash.implies):
Iterate over the collection and invoke implies() on each
element.
Index: gnu/gcj/runtime/SharedLibHelper.java
===================================================================
RCS file: /cvs/gcc/gcc/libjava/gnu/gcj/runtime/SharedLibHelper.java,v
retrieving revision 1.2
diff -p -2 -c -r1.2 SharedLibHelper.java
*** gnu/gcj/runtime/SharedLibHelper.java 25 Nov 2004 03:46:59 -0000
1.2
--- gnu/gcj/runtime/SharedLibHelper.java 16 Feb 2005 18:38:33 -0000
*************** public class SharedLibHelper
*** 29,39 ****
*/
SharedLibHelper(String libname, ClassLoader parent, CodeSource source,
! int flags)
{
// FIXME: ask security manager first.
loader = parent;
baseName = libname;
! domain = new ProtectionDomain(source,
! Policy.getPolicy().getPermissions(source));
this.flags = flags;
}
--- 29,41 ----
*/
SharedLibHelper(String libname, ClassLoader parent, CodeSource source,
! ProtectionDomain domain, int flags)
{
// FIXME: ask security manager first.
loader = parent;
baseName = libname;
! if (domain == null)
! domain = new ProtectionDomain(source,
! Policy.getPolicy().getPermissions(source));
! this.domain = domain;
this.flags = flags;
}
*************** public class SharedLibHelper
*** 66,70 ****
public static SharedLibHelper findHelper (ClassLoader loader, String
libname,
! CodeSource source)
{
synchronized (map)
--- 68,79 ----
public static SharedLibHelper findHelper (ClassLoader loader, String
libname,
! CodeSource source, boolean
tryParents)
! {
! return findHelper (loader, libname, source, null, tryParents);
! }
!
! public static SharedLibHelper findHelper (ClassLoader loader, String
libname,
! CodeSource source, ProtectionDomain
domain,
! boolean tryParents)
{
synchronized (map)
*************** public class SharedLibHelper
*** 96,100 ****
l = l.getParent();
}
! while (l != null);
}
}
--- 105,109 ----
l = l.getParent();
}
! while (tryParents && l != null);
}
}
*************** public class SharedLibHelper
*** 117,121 ****
}
}
! result = new SharedLibHelper(libname, loader, source, 0);
s.add(new WeakReference(result));
return result;
--- 126,130 ----
}
}
! result = new SharedLibHelper(libname, loader, source, domain, 0);
s.add(new WeakReference(result));
return result;
Index: gnu/gcj/runtime/SharedLibLoader.java
===================================================================
RCS file: /cvs/gcc/gcc/libjava/gnu/gcj/runtime/SharedLibLoader.java,v
retrieving revision 1.4
diff -p -2 -c -r1.4 SharedLibLoader.java
*** gnu/gcj/runtime/SharedLibLoader.java 28 Aug 2003 22:17:36 -0000
1.4
--- gnu/gcj/runtime/SharedLibLoader.java 16 Feb 2005 18:38:33 -0000
*************** public class SharedLibLoader extends Cla
*** 40,44 ****
}
helper = SharedLibHelper.findHelper(this, libname,
! new CodeSource(url, null));
}
--- 40,44 ----
}
helper = SharedLibHelper.findHelper(this, libname,
! new CodeSource(url, null), true);
}
Index: java/lang/VMCompiler.java
===================================================================
RCS file: /cvs/gcc/gcc/libjava/java/lang/VMCompiler.java,v
retrieving revision 1.3
diff -p -2 -c -r1.3 VMCompiler.java
*** java/lang/VMCompiler.java 19 Jan 2005 23:56:26 -0000 1.3
--- java/lang/VMCompiler.java 16 Feb 2005 18:38:33 -0000
*************** final class VMCompiler
*** 143,147 ****
Class c = null;
SharedLibHelper helper
! = SharedLibHelper.findHelper (loader, fileName, domain.getCodeSource());
c = helper.findClass (className);
if (c != null)
--- 143,148 ----
Class c = null;
SharedLibHelper helper
! = SharedLibHelper.findHelper (loader, fileName, domain.getCodeSource(),
! domain, false);
c = helper.findClass (className);
if (c != null)
Index: java/net/URLClassLoader.java
===================================================================
RCS file: /cvs/gcc/gcc/libjava/java/net/URLClassLoader.java,v
retrieving revision 1.25
diff -p -2 -c -r1.25 URLClassLoader.java
*** java/net/URLClassLoader.java 15 Feb 2005 22:17:33 -0000 1.25
--- java/net/URLClassLoader.java 16 Feb 2005 18:38:33 -0000
*************** public class URLClassLoader extends Secu
*** 544,548 ****
super(classloader, url, overrideURL);
helper = SharedLibHelper.findHelper(classloader, url.getFile(),
! noCertCodeSource);
}
--- 544,548 ----
super(classloader, url, overrideURL);
helper = SharedLibHelper.findHelper(classloader, url.getFile(),
! noCertCodeSource, true);
}
Index: java/rmi/server/RemoteObject.java
===================================================================
RCS file: /cvs/gcc/gcc/libjava/java/rmi/server/RemoteObject.java,v
retrieving revision 1.5
diff -p -2 -c -r1.5 RemoteObject.java
*** java/rmi/server/RemoteObject.java 16 Oct 2004 18:27:51 -0000 1.5
--- java/rmi/server/RemoteObject.java 16 Feb 2005 18:38:33 -0000
*************** import java.rmi.NoSuchObjectException;
*** 46,49 ****
--- 46,50 ----
import java.rmi.Remote;
import java.rmi.UnmarshalException;
+ import java.util.WeakHashMap;
public abstract class RemoteObject
*************** public static final long serialVersionUI
*** 54,57 ****
--- 55,60 ----
protected transient RemoteRef ref;
+ private static final WeakHashMap stubs = new WeakHashMap();
+
protected RemoteObject() {
this(null);
*************** public RemoteRef getRef() {
*** 66,84 ****
}
public static Remote toStub(Remote obj) throws NoSuchObjectException
{
! Class cls = obj.getClass();
! String classname = cls.getName();
! ClassLoader cl = cls.getClassLoader();
! try
! {
! Class scls = cl.loadClass(classname + "_Stub");
! // JDK 1.2 stubs
! Class[] stubprototype = new Class[] { RemoteRef.class };
! Constructor con = scls.getConstructor(stubprototype);
! return (Remote)(con.newInstance(new Object[]{obj}));
! }
! catch (Exception e) {}
! throw new NoSuchObjectException(obj.getClass().getName());
}
--- 69,90 ----
}
+ synchronized static void addStub(Remote obj, Remote stub)
+ {
+ stubs.put(obj, stub);
+ }
+
+ synchronized static void deleteStub(Remote obj)
+ {
+ stubs.remove(obj);
+ }
+
public static Remote toStub(Remote obj) throws NoSuchObjectException
{
! Remote stub = (Remote)stubs.get(obj);
!
! if (stub == null)
! throw new NoSuchObjectException(obj.getClass().getName());
!
! return stub;
}
Index: java/rmi/server/UnicastRemoteObject.java
===================================================================
RCS file: /cvs/gcc/gcc/libjava/java/rmi/server/UnicastRemoteObject.java,v
retrieving revision 1.8
diff -p -2 -c -r1.8 UnicastRemoteObject.java
*** java/rmi/server/UnicastRemoteObject.java 21 Oct 2004 20:14:03 -0000
1.8
--- java/rmi/server/UnicastRemoteObject.java 16 Feb 2005 18:38:33 -0000
*************** public static RemoteStub exportObject(Re
*** 99,103 ****
sref = new UnicastServerRef(new ObjID (), port, ssf);
}
! return (sref.exportObject (obj));
}
--- 99,105 ----
sref = new UnicastServerRef(new ObjID (), port, ssf);
}
! Remote stub = sref.exportObject (obj);
! addStub(obj, stub);
! return stub;
}
*************** public static RemoteStub exportObject(Re
*** 117,126 ****
if (obj instanceof RemoteObject)
{
UnicastServerRef sref = (UnicastServerRef)((RemoteObject)obj).getRef();
return sref.unexportObject(obj, force);
}
else
! //FIX ME
! ;
return true;
}
--- 119,131 ----
if (obj instanceof RemoteObject)
{
+ deleteStub(obj);
UnicastServerRef sref = (UnicastServerRef)((RemoteObject)obj).getRef();
return sref.unexportObject(obj, force);
}
else
! {
! //FIX ME
! ;
! }
return true;
}
Index: java/security/Permissions.java
===================================================================
RCS file: /cvs/gcc/gcc/libjava/java/security/Permissions.java,v
retrieving revision 1.6
diff -p -2 -c -r1.6 Permissions.java
*** java/security/Permissions.java 6 Nov 2004 23:11:47 -0000 1.6
--- java/security/Permissions.java 16 Feb 2005 18:38:33 -0000
*************** class PermissionsHash extends Permission
*** 229,235 ****
* @return true if it is implied
*/
public boolean implies(Permission perm)
{
! return perms.get(perm) != null;
}
--- 229,244 ----
* @return true if it is implied
*/
+ // FIXME: Should this method be synchronized?
public boolean implies(Permission perm)
{
! Enumeration elements = elements();
!
! while (elements.hasMoreElements())
! {
! Permission p = (Permission)elements.nextElement();
! if (p.implies(perm))
! return true;
! }
! return false;
}
Index: java/security/SecureClassLoader.java
===================================================================
RCS file: /cvs/gcc/gcc/libjava/java/security/SecureClassLoader.java,v
retrieving revision 1.11
diff -p -2 -c -r1.11 SecureClassLoader.java
*** java/security/SecureClassLoader.java 26 Sep 2004 14:47:41 -0000
1.11
--- java/security/SecureClassLoader.java 16 Feb 2005 18:38:33 -0000
*************** package java.security;
*** 49,52 ****
--- 49,54 ----
public class SecureClassLoader extends ClassLoader
{
+ java.util.WeakHashMap protectionDomainCache = new java.util.WeakHashMap();
+
protected SecureClassLoader(ClassLoader parent)
{
*************** public class SecureClassLoader extends C
*** 81,89 ****
CodeSource cs)
{
- // FIXME: Need to cache ProtectionDomains according to 1.3 docs.
if (cs != null)
{
! ProtectionDomain protectionDomain
! = new ProtectionDomain(cs, getPermissions(cs), this, null);
return super.defineClass(name, b, off, len, protectionDomain);
}
--- 83,109 ----
CodeSource cs)
{
if (cs != null)
{
! ProtectionDomain protectionDomain;
!
! synchronized (protectionDomainCache)
! {
! protectionDomain = (ProtectionDomain)protectionDomainCache.get(cs);
! }
!
! if (protectionDomain == null)
! {
! protectionDomain
! = new ProtectionDomain(cs, getPermissions(cs), this, null);
! synchronized (protectionDomainCache)
! {
! ProtectionDomain domain
! = (ProtectionDomain)protectionDomainCache.get(cs);
! if (domain == null)
! protectionDomainCache.put(cs, protectionDomain);
! else
! protectionDomain = domain;
! }
! }
return super.defineClass(name, b, off, len, protectionDomain);
}
Index: javax/security/auth/Subject.java
===================================================================
RCS file: /cvs/gcc/gcc/libjava/javax/security/auth/Subject.java,v
retrieving revision 1.2
diff -p -2 -c -r1.2 Subject.java
*** javax/security/auth/Subject.java 22 Oct 2004 17:14:29 -0000 1.2
--- javax/security/auth/Subject.java 16 Feb 2005 18:38:33 -0000
*************** public final class Subject implements Se
*** 236,240 ****
public static Object doAsPrivileged (final Subject subject,
final PrivilegedExceptionAction action,
! final AccessControlContext acc)
throws PrivilegedActionException
{
--- 236,240 ----
public static Object doAsPrivileged (final Subject subject,
final PrivilegedExceptionAction action,
! AccessControlContext acc)
throws PrivilegedActionException
{
*************** public final class Subject implements Se
*** 244,247 ****
--- 244,249 ----
sm.checkPermission (new AuthPermission ("doAsPrivileged"));
}
+ if (acc == null)
+ acc = new AccessControlContext (new java.security.ProtectionDomain[0]);
AccessControlContext context =
new AccessControlContext (acc, new SubjectDomainCombiner (subject));
- [cp-patches] Miscellaneous patches: RMI, AccessController, SharedLibHelper, Permissions,
Andrew Haley <=