< prev index next >

src/hotspot/share/cds/cdsProtectionDomain.cpp

Print this page

 42 OopHandle CDSProtectionDomain::_shared_protection_domains;
 43 OopHandle CDSProtectionDomain::_shared_jar_urls;
 44 OopHandle CDSProtectionDomain::_shared_jar_manifests;
 45 
 46 // Initializes the java.lang.Package and java.security.ProtectionDomain objects associated with
 47 // the given InstanceKlass.
 48 // Returns the ProtectionDomain for the InstanceKlass.
 49 Handle CDSProtectionDomain::init_security_info(Handle class_loader, InstanceKlass* ik, PackageEntry* pkg_entry, TRAPS) {
 50   int index = ik->shared_classpath_index();
 51   assert(index >= 0, "Sanity");
 52   const AOTClassLocation* cl = AOTClassLocationConfig::runtime()->class_location_at(index);
 53   Symbol* class_name = ik->name();
 54 
 55   if (cl->is_modules_image()) {
 56     // For shared app/platform classes originated from the run-time image:
 57     //   The ProtectionDomains are cached in the corresponding ModuleEntries
 58     //   for fast access by the VM.
 59     // all packages from module image are already created during VM bootstrap in
 60     // Modules::define_module().
 61     assert(pkg_entry != nullptr, "archived class in module image cannot be from unnamed package");




 62     ModuleEntry* mod_entry = pkg_entry->module();
 63     return get_shared_protection_domain(class_loader, mod_entry, THREAD);
 64   } else {
 65     // For shared app/platform classes originated from JAR files on the class path:
 66     //   Each of the 3 CDSProtectionDomain::_shared_xxx arrays has the same length
 67     //   as the shared classpath table in the shared archive.
 68     //
 69     //   If a shared InstanceKlass k is loaded from the class path, let
 70     //
 71     //     index = k->shared_classpath_index();
 72     //
 73     //   AOTClassLocationConfig::_runtime_instance->_array->at(index) identifies the JAR file that contains k.
 74     //
 75     //   k's protection domain is:
 76     //
 77     //     ProtectionDomain pd = _shared_protection_domains[index];
 78     //
 79     //   and k's Package is initialized using
 80     //
 81     //     manifest = _shared_jar_manifests[index];
 82     //     url = _shared_jar_urls[index];
 83     //     define_shared_package(class_name, class_loader, manifest, url, CHECK_NH);
 84     //
 85     //   Note that if an element of these 3 _shared_xxx arrays is null, it will be initialized by
 86     //   the corresponding CDSProtectionDomain::get_shared_xxx() function.
 87     Handle manifest = get_shared_jar_manifest(index, CHECK_NH);
 88     Handle url = get_shared_jar_url(index, CHECK_NH);

 89     int index_offset = index - AOTClassLocationConfig::runtime()->app_cp_start_index();
 90     if (index_offset < PackageEntry::max_index_for_defined_in_class_path()) {
 91       if (pkg_entry == nullptr || !pkg_entry->is_defined_by_cds_in_class_path(index_offset)) {
 92         // define_shared_package only needs to be called once for each package in a jar specified
 93         // in the shared class path.
 94         define_shared_package(class_name, class_loader, manifest, url, CHECK_NH);
 95         if (pkg_entry != nullptr) {
 96           pkg_entry->set_defined_by_cds_in_class_path(index_offset);
 97         }


 98       }
 99     } else {
100       define_shared_package(class_name, class_loader, manifest, url, CHECK_NH);



101     }
102     return get_shared_protection_domain(class_loader, index, url, THREAD);
103   }
104 }
105 
106 Handle CDSProtectionDomain::get_package_name(Symbol* class_name, TRAPS) {
107   ResourceMark rm(THREAD);
108   Handle pkgname_string;
109   TempNewSymbol pkg = ClassLoader::package_from_class_name(class_name);
110   if (pkg != nullptr) { // Package prefix found
111     const char* pkgname = pkg->as_klass_external_name();
112     pkgname_string = java_lang_String::create_from_str(pkgname,
113                                                        CHECK_(pkgname_string));
114   }
115   return pkgname_string;
116 }
117 
118 PackageEntry* CDSProtectionDomain::get_package_entry_from_class(InstanceKlass* ik, Handle class_loader) {
119   PackageEntry* pkg_entry = ik->package();
120   if (CDSConfig::is_using_full_module_graph() && ik->in_aot_cache() && pkg_entry != nullptr) {

189     atomic_set_shared_jar_manifest(shared_path_index, manifest());
190   }
191   manifest = Handle(THREAD, shared_jar_manifest(shared_path_index));
192   assert(manifest.not_null(), "sanity");
193   return manifest;
194 }
195 
196 Handle CDSProtectionDomain::get_shared_jar_url(int shared_path_index, TRAPS) {
197   Handle url_h;
198   if (shared_jar_url(shared_path_index) == nullptr) {
199     const char* path = AOTClassLocationConfig::runtime()->class_location_at(shared_path_index)->path();
200     oop result_oop = to_file_URL(path, url_h, CHECK_(url_h));
201     atomic_set_shared_jar_url(shared_path_index, result_oop);
202   }
203 
204   url_h = Handle(THREAD, shared_jar_url(shared_path_index));
205   assert(url_h.not_null(), "sanity");
206   return url_h;
207 }
208 






























209 oop CDSProtectionDomain::to_file_URL(const char* path, Handle url_h, TRAPS) {
210   JavaValue result(T_OBJECT);
211   Handle path_string = java_lang_String::create_from_str(path, CHECK_NULL);
212   JavaCalls::call_static(&result,
213                          vmClasses::jdk_internal_loader_ClassLoaders_klass(),
214                          vmSymbols::toFileURL_name(),
215                          vmSymbols::toFileURL_signature(),
216                          path_string, CHECK_NULL);
217   return result.get_oop();
218 }
219 
220 // Get the ProtectionDomain associated with the CodeSource from the classloader.
221 Handle CDSProtectionDomain::get_protection_domain_from_classloader(Handle class_loader,
222                                                                       Handle url, TRAPS) {
223   // CodeSource cs = new CodeSource(url, null);
224   Handle cs = JavaCalls::construct_new_instance(vmClasses::CodeSource_klass(),
225                   vmSymbols::url_code_signer_array_void_signature(),
226                   url, Handle(), CHECK_NH);
227 
228   // protection_domain = SecureClassLoader.getProtectionDomain(cs);

 42 OopHandle CDSProtectionDomain::_shared_protection_domains;
 43 OopHandle CDSProtectionDomain::_shared_jar_urls;
 44 OopHandle CDSProtectionDomain::_shared_jar_manifests;
 45 
 46 // Initializes the java.lang.Package and java.security.ProtectionDomain objects associated with
 47 // the given InstanceKlass.
 48 // Returns the ProtectionDomain for the InstanceKlass.
 49 Handle CDSProtectionDomain::init_security_info(Handle class_loader, InstanceKlass* ik, PackageEntry* pkg_entry, TRAPS) {
 50   int index = ik->shared_classpath_index();
 51   assert(index >= 0, "Sanity");
 52   const AOTClassLocation* cl = AOTClassLocationConfig::runtime()->class_location_at(index);
 53   Symbol* class_name = ik->name();
 54 
 55   if (cl->is_modules_image()) {
 56     // For shared app/platform classes originated from the run-time image:
 57     //   The ProtectionDomains are cached in the corresponding ModuleEntries
 58     //   for fast access by the VM.
 59     // all packages from module image are already created during VM bootstrap in
 60     // Modules::define_module().
 61     assert(pkg_entry != nullptr, "archived class in module image cannot be from unnamed package");
 62     Handle archived_pd = get_archived_protection_domain(THREAD, ik);
 63     if (archived_pd.not_null()) {
 64       return archived_pd;
 65     }
 66     ModuleEntry* mod_entry = pkg_entry->module();
 67     return get_shared_protection_domain(class_loader, mod_entry, THREAD);
 68   } else {
 69     // For shared app/platform classes originated from JAR files on the class path:
 70     //   Each of the 3 CDSProtectionDomain::_shared_xxx arrays has the same length
 71     //   as the shared classpath table in the shared archive.
 72     //
 73     //   If a shared InstanceKlass k is loaded from the class path, let
 74     //
 75     //     index = k->shared_classpath_index();
 76     //
 77     //   AOTClassLocationConfig::_runtime_instance->_array->at(index) identifies the JAR file that contains k.
 78     //
 79     //   k's protection domain is:
 80     //
 81     //     ProtectionDomain pd = _shared_protection_domains[index];
 82     //
 83     //   and k's Package is initialized using
 84     //
 85     //     manifest = _shared_jar_manifests[index];
 86     //     url = _shared_jar_urls[index];
 87     //     define_shared_package(class_name, class_loader, manifest, url, CHECK_NH);
 88     //
 89     //   Note that if an element of these 3 _shared_xxx arrays is null, it will be initialized by
 90     //   the corresponding CDSProtectionDomain::get_shared_xxx() function.
 91     Handle manifest = get_shared_jar_manifest(index, CHECK_NH);
 92     Handle url = get_shared_jar_url(index, CHECK_NH);
 93    if (!CDSConfig::is_loading_packages()) { // leyden
 94     int index_offset = index - AOTClassLocationConfig::runtime()->app_cp_start_index();
 95     if (index_offset < PackageEntry::max_index_for_defined_in_class_path()) {
 96       if (pkg_entry == nullptr || !pkg_entry->is_defined_by_cds_in_class_path(index_offset)) {
 97         // define_shared_package only needs to be called once for each package in a jar specified
 98         // in the shared class path.
 99         define_shared_package(class_name, class_loader, manifest, url, CHECK_NH);
100         if (pkg_entry != nullptr) {
101           pkg_entry->set_defined_by_cds_in_class_path(index_offset);
102         }
103       } else {
104         define_shared_package(class_name, class_loader, manifest, url, CHECK_NH);
105       }
106     }
107    } // leyden-end
108     Handle archived_pd = get_archived_protection_domain(THREAD, ik);
109     if (archived_pd.not_null()) {
110       return archived_pd;
111     }
112     return get_shared_protection_domain(class_loader, index, url, THREAD);
113   }
114 }
115 
116 Handle CDSProtectionDomain::get_package_name(Symbol* class_name, TRAPS) {
117   ResourceMark rm(THREAD);
118   Handle pkgname_string;
119   TempNewSymbol pkg = ClassLoader::package_from_class_name(class_name);
120   if (pkg != nullptr) { // Package prefix found
121     const char* pkgname = pkg->as_klass_external_name();
122     pkgname_string = java_lang_String::create_from_str(pkgname,
123                                                        CHECK_(pkgname_string));
124   }
125   return pkgname_string;
126 }
127 
128 PackageEntry* CDSProtectionDomain::get_package_entry_from_class(InstanceKlass* ik, Handle class_loader) {
129   PackageEntry* pkg_entry = ik->package();
130   if (CDSConfig::is_using_full_module_graph() && ik->in_aot_cache() && pkg_entry != nullptr) {

199     atomic_set_shared_jar_manifest(shared_path_index, manifest());
200   }
201   manifest = Handle(THREAD, shared_jar_manifest(shared_path_index));
202   assert(manifest.not_null(), "sanity");
203   return manifest;
204 }
205 
206 Handle CDSProtectionDomain::get_shared_jar_url(int shared_path_index, TRAPS) {
207   Handle url_h;
208   if (shared_jar_url(shared_path_index) == nullptr) {
209     const char* path = AOTClassLocationConfig::runtime()->class_location_at(shared_path_index)->path();
210     oop result_oop = to_file_URL(path, url_h, CHECK_(url_h));
211     atomic_set_shared_jar_url(shared_path_index, result_oop);
212   }
213 
214   url_h = Handle(THREAD, shared_jar_url(shared_path_index));
215   assert(url_h.not_null(), "sanity");
216   return url_h;
217 }
218 
219 
220 Handle CDSProtectionDomain::get_archived_protection_domain(JavaThread* current, InstanceKlass* klass) {
221   oop pd = nullptr;
222 
223   if (CDSConfig::is_loading_protection_domains()) {
224     oop mirror;
225     if (klass->has_archived_mirror_index()) {
226       mirror = klass->archived_java_mirror();
227     } else {
228       mirror = klass->java_mirror();
229     }
230 
231     if (mirror != nullptr) {
232       pd = java_lang_Class::protection_domain(mirror);
233     }
234   }
235 
236   if (log_is_enabled(Info, cds, protectiondomain)) {
237     ResourceMark rm;
238     log_info(cds, protectiondomain)("Archived protection domain for %s = %s", klass->external_name(),
239                                     (pd == nullptr) ? "none" : "found");
240   }
241 
242   if (pd == nullptr) {
243     return Handle();
244   } else {
245     return Handle(current, pd);
246   }
247 }
248 
249 oop CDSProtectionDomain::to_file_URL(const char* path, Handle url_h, TRAPS) {
250   JavaValue result(T_OBJECT);
251   Handle path_string = java_lang_String::create_from_str(path, CHECK_NULL);
252   JavaCalls::call_static(&result,
253                          vmClasses::jdk_internal_loader_ClassLoaders_klass(),
254                          vmSymbols::toFileURL_name(),
255                          vmSymbols::toFileURL_signature(),
256                          path_string, CHECK_NULL);
257   return result.get_oop();
258 }
259 
260 // Get the ProtectionDomain associated with the CodeSource from the classloader.
261 Handle CDSProtectionDomain::get_protection_domain_from_classloader(Handle class_loader,
262                                                                       Handle url, TRAPS) {
263   // CodeSource cs = new CodeSource(url, null);
264   Handle cs = JavaCalls::construct_new_instance(vmClasses::CodeSource_klass(),
265                   vmSymbols::url_code_signer_array_void_signature(),
266                   url, Handle(), CHECK_NH);
267 
268   // protection_domain = SecureClassLoader.getProtectionDomain(cs);
< prev index next >