diff --git a/jdk/make/java/management/Exportedfiles.gmk b/jdk/make/java/management/Exportedfiles.gmk
index 0654fb57526..21f46bd923a 100644
--- a/jdk/make/java/management/Exportedfiles.gmk
+++ b/jdk/make/java/management/Exportedfiles.gmk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2003, 2005, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
@@ -29,6 +29,7 @@
FILES_export = \
sun/management/ClassLoadingImpl.java \
+ sun/management/DiagnosticCommandImpl.java \
sun/management/FileSystemImpl.java \
sun/management/Flag.java \
sun/management/GarbageCollectorImpl.java \
diff --git a/jdk/make/java/management/FILES_c.gmk b/jdk/make/java/management/FILES_c.gmk
index 8c5ddce29b5..f0d0c9c6e43 100644
--- a/jdk/make/java/management/FILES_c.gmk
+++ b/jdk/make/java/management/FILES_c.gmk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2003, 2005, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
@@ -25,6 +25,7 @@
FILES_c = \
ClassLoadingImpl.c \
+ DiagnosticCommandImpl.c \
FileSystemImpl.c \
Flag.c \
GarbageCollectorImpl.c \
diff --git a/jdk/make/java/management/mapfile-vers b/jdk/make/java/management/mapfile-vers
index 2e87b707463..63c4fbf03cc 100644
--- a/jdk/make/java/management/mapfile-vers
+++ b/jdk/make/java/management/mapfile-vers
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
@@ -39,6 +39,10 @@ SUNWprivate_1.1 {
Java_com_sun_management_UnixOperatingSystem_getTotalSwapSpaceSize;
Java_com_sun_management_UnixOperatingSystem_initialize;
Java_sun_management_ClassLoadingImpl_setVerboseClass;
+ Java_sun_management_DiagnosticCommandImpl_executeDiagnosticCommand;
+ Java_sun_management_DiagnosticCommandImpl_getDiagnosticCommands;
+ Java_sun_management_DiagnosticCommandImpl_getDiagnosticCommandInfo;
+ Java_sun_management_DiagnosticCommandImpl_setNotificationEnabled;
Java_sun_management_FileSystemImpl_isAccessUserOnly0;
Java_sun_management_Flag_getAllFlagNames;
Java_sun_management_Flag_getFlags;
diff --git a/jdk/make/tools/CharsetMapping/EUC_KR.map b/jdk/make/tools/CharsetMapping/EUC_KR.map
index 0b44e6c91c9..d1fae60e1aa 100644
--- a/jdk/make/tools/CharsetMapping/EUC_KR.map
+++ b/jdk/make/tools/CharsetMapping/EUC_KR.map
@@ -5,6 +5,8 @@
# (2)Added 2 new codepoints (KS X 1001:1998)
# 0xA2E6 0x20AC # EURO Sign
# 0xA2E7 0x00AE # Registered Sign
+# (3) KS X 1001:2002
+# 0xA2E8 0x327E # CIRCLED KOREAN CHARACTER JUEUI (Postal Code Mark)
#
0x00 0x0000
0x01 0x0001
@@ -295,6 +297,7 @@
#
0xA2E6 0x20AC # EURO Sign
0xA2E7 0x00AE # Registered Sign
+0xA2E8 0x327E # CIRCLED KOREAN CHARACTER JUEUI
#
0xA2E0 0x2116 # NUMERO SIGN
0xA2E1 0x33C7 # SQUARE CO
diff --git a/jdk/make/tools/src/build/tools/generatebreakiteratordata/CharSet.java b/jdk/make/tools/src/build/tools/generatebreakiteratordata/CharSet.java
index 2dc948a6641..b8539159a8c 100644
--- a/jdk/make/tools/src/build/tools/generatebreakiteratordata/CharSet.java
+++ b/jdk/make/tools/src/build/tools/generatebreakiteratordata/CharSet.java
@@ -39,6 +39,7 @@
package build.tools.generatebreakiteratordata;
+import java.util.Arrays;
import java.util.Hashtable;
/**
@@ -701,7 +702,14 @@ class CharSet {
* the exact same characters as this one
*/
public boolean equals(Object that) {
- return (that instanceof CharSet) && chars.equals(((CharSet)that).chars);
+ return (that instanceof CharSet) && Arrays.equals(chars, ((CharSet)that).chars);
+ }
+
+ /**
+ * Returns the hash code for this set of characters
+ */
+ public int hashCode() {
+ return Arrays.hashCode(chars);
}
/**
diff --git a/jdk/makefiles/CompileJavaClasses.gmk b/jdk/makefiles/CompileJavaClasses.gmk
index 24ce0d922f0..0b3e70dd914 100644
--- a/jdk/makefiles/CompileJavaClasses.gmk
+++ b/jdk/makefiles/CompileJavaClasses.gmk
@@ -342,7 +342,7 @@ $(eval $(call SetupJavaCompilation,BUILD_JOBJC,\
DISABLE_SJAVAC:=true,\
SRC:=$(JDK_TOPDIR)/src/macosx/native/jobjc/src/core/java \
$(JDK_TOPDIR)/src/macosx/native/jobjc/src/runtime-additions/java \
- $(JDK_OUTPUTDIR)/gensrc, \
+ $(JDK_OUTPUTDIR)/gensrc_jobjc/src, \
INCLUDES := com/apple/jobjc,\
EXCLUDES := tests/java/com/apple/jobjc,\
BIN:=$(JDK_OUTPUTDIR)/jobjc_classes,\
@@ -355,7 +355,7 @@ $(eval $(call SetupJavaCompilation,BUILD_JOBJC_HEADERS,\
SETUP:=GENERATE_JDKBYTECODE,\
SRC:=$(JDK_TOPDIR)/src/macosx/native/jobjc/src/core/java \
$(JDK_TOPDIR)/src/macosx/native/jobjc/src/runtime-additions/java \
- $(JDK_OUTPUTDIR)/gensrc, \
+ $(JDK_OUTPUTDIR)/gensrc_jobjc/src, \
INCLUDES := com/apple/jobjc,\
EXCLUDES := tests/java/com/apple/jobjc,\
BIN:=$(JDK_OUTPUTDIR)/jobjc_classes_headers,\
diff --git a/jdk/makefiles/GensrcBuffer.gmk b/jdk/makefiles/GensrcBuffer.gmk
index 3e55b1c14a4..55b51d050d8 100644
--- a/jdk/makefiles/GensrcBuffer.gmk
+++ b/jdk/makefiles/GensrcBuffer.gmk
@@ -69,6 +69,9 @@ define typesAndBits
$1_fulltype := character
$1_Fulltype := Character
$1_category := integralType
+ $1_streams := streamableType
+ $1_streamtype := int
+ $1_Streamtype := Int
$1_LBPV := 1
endif
@@ -97,7 +100,7 @@ define typesAndBits
$1_Type := Long
$1_fulltype := long
$1_Fulltype := Long
- $1_category := integralType
+ $1_category := integralType
$1_LBPV := 3
endif
@@ -231,10 +234,13 @@ $$($1_DST) : $$($1_DEP) $(GENSRC_BUFFER_DST)/_the.buffer.dir
$(TOOL_SPP) < $$($1_SRC) > $$($1_OUT).tmp \
-K$$($1_type) \
-K$$($1_category) \
+ -K$$($1_streams) \
-Dtype=$$($1_type) \
-DType=$$($1_Type) \
-Dfulltype=$$($1_fulltype) \
-DFulltype=$$($1_Fulltype) \
+ -Dstreamtype=$$($1_streamtype) \
+ -DStreamtype=$$($1_Streamtype) \
-Dx=$$($1_x) \
-Dmemtype=$$($1_memtype) \
-DMemtype=$$($1_Memtype) \
diff --git a/jdk/makefiles/mapfiles/libmanagement/mapfile-vers b/jdk/makefiles/mapfiles/libmanagement/mapfile-vers
index 2e87b707463..b934fe8b748 100644
--- a/jdk/makefiles/mapfiles/libmanagement/mapfile-vers
+++ b/jdk/makefiles/mapfiles/libmanagement/mapfile-vers
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
@@ -39,6 +39,10 @@ SUNWprivate_1.1 {
Java_com_sun_management_UnixOperatingSystem_getTotalSwapSpaceSize;
Java_com_sun_management_UnixOperatingSystem_initialize;
Java_sun_management_ClassLoadingImpl_setVerboseClass;
+ Java_sun_management_DiagnosticCommandImpl_executeDiagnosticCommand;
+ Java_sun_management_DiagnosticCommandImpl_getDiagnosticCommands;
+ Java_sun_management_DiagnosticCommandImpl_getDiagnosticCommandInfo;
+ Java_sun_management_DiagnosticCommandImpl_setNotificationEnabled;
Java_sun_management_FileSystemImpl_isAccessUserOnly0;
Java_sun_management_Flag_getAllFlagNames;
Java_sun_management_Flag_getFlags;
diff --git a/jdk/src/share/classes/com/sun/crypto/provider/DHKeyAgreement.java b/jdk/src/share/classes/com/sun/crypto/provider/DHKeyAgreement.java
index 33fa49297dd..6a2f298fe6e 100644
--- a/jdk/src/share/classes/com/sun/crypto/provider/DHKeyAgreement.java
+++ b/jdk/src/share/classes/com/sun/crypto/provider/DHKeyAgreement.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -403,8 +403,9 @@ extends KeyAgreementSpi {
}
return skey;
} else if (algorithm.equals("TlsPremasterSecret")) {
- // return entire secret
- return new SecretKeySpec(secret, "TlsPremasterSecret");
+ // remove leading zero bytes per RFC 5246 Section 8.1.2
+ return new SecretKeySpec(
+ KeyUtil.trimZeroes(secret), "TlsPremasterSecret");
} else {
throw new NoSuchAlgorithmException("Unsupported secret key "
+ "algorithm: "+ algorithm);
diff --git a/jdk/src/share/classes/com/sun/crypto/provider/HmacPKCS12PBESHA1.java b/jdk/src/share/classes/com/sun/crypto/provider/HmacPKCS12PBESHA1.java
index d41b88c7e38..e85b8816a28 100644
--- a/jdk/src/share/classes/com/sun/crypto/provider/HmacPKCS12PBESHA1.java
+++ b/jdk/src/share/classes/com/sun/crypto/provider/HmacPKCS12PBESHA1.java
@@ -86,12 +86,13 @@ public final class HmacPKCS12PBESHA1 extends HmacCore {
throw new InvalidKeyException("SecretKey of PBE type required");
}
if (params == null) {
- // generate default for salt and iteration count if necessary
- if (salt == null) {
- salt = new byte[20];
- SunJCE.getRandom().nextBytes(salt);
+ // should not auto-generate default values since current
+ // javax.crypto.Mac api does not have any method for caller to
+ // retrieve the generated defaults.
+ if ((salt == null) || (iCount == 0)) {
+ throw new InvalidAlgorithmParameterException
+ ("PBEParameterSpec required for salt and iteration count");
}
- if (iCount == 0) iCount = 100;
} else if (!(params instanceof PBEParameterSpec)) {
throw new InvalidAlgorithmParameterException
("PBEParameterSpec type required");
diff --git a/jdk/src/share/classes/com/sun/crypto/provider/PBMAC1Core.java b/jdk/src/share/classes/com/sun/crypto/provider/PBMAC1Core.java
index 47663943184..2f0ba131a55 100644
--- a/jdk/src/share/classes/com/sun/crypto/provider/PBMAC1Core.java
+++ b/jdk/src/share/classes/com/sun/crypto/provider/PBMAC1Core.java
@@ -42,12 +42,10 @@ import java.security.spec.*;
*/
abstract class PBMAC1Core extends HmacCore {
- private static final int DEFAULT_SALT_LENGTH = 20;
- private static final int DEFAULT_COUNT = 4096;
-
+ // NOTE: this class inherits the Cloneable interface from HmacCore
+ // Need to override clone() if mutable fields are added.
private final String kdfAlgo;
private final String hashAlgo;
- private final PBKDF2Core kdf;
private final int blockLength; // in octets
/**
@@ -56,13 +54,15 @@ abstract class PBMAC1Core extends HmacCore {
*/
PBMAC1Core(String kdfAlgo, String hashAlgo, int blockLength)
throws NoSuchAlgorithmException {
-
super(hashAlgo, blockLength);
this.kdfAlgo = kdfAlgo;
this.hashAlgo = hashAlgo;
this.blockLength = blockLength;
+ }
- switch(kdfAlgo) {
+ private static PBKDF2Core getKDFImpl(String algo) {
+ PBKDF2Core kdf = null;
+ switch(algo) {
case "HmacSHA1":
kdf = new PBKDF2Core.HmacSHA1();
break;
@@ -79,9 +79,10 @@ abstract class PBMAC1Core extends HmacCore {
kdf = new PBKDF2Core.HmacSHA512();
break;
default:
- throw new NoSuchAlgorithmException(
- "No MAC implementation for " + kdfAlgo);
+ throw new ProviderException(
+ "No MAC implementation for " + algo);
}
+ return kdf;
}
/**
@@ -120,12 +121,13 @@ abstract class PBMAC1Core extends HmacCore {
throw new InvalidKeyException("SecretKey of PBE type required");
}
if (params == null) {
- // generate default for salt and iteration count if necessary
- if (salt == null) {
- salt = new byte[DEFAULT_SALT_LENGTH];
- SunJCE.getRandom().nextBytes(salt);
+ // should not auto-generate default values since current
+ // javax.crypto.Mac api does not have any method for caller to
+ // retrieve the generated defaults.
+ if ((salt == null) || (iCount == 0)) {
+ throw new InvalidAlgorithmParameterException
+ ("PBEParameterSpec required for salt and iteration count");
}
- if (iCount == 0) iCount = DEFAULT_COUNT;
} else if (!(params instanceof PBEParameterSpec)) {
throw new InvalidAlgorithmParameterException
("PBEParameterSpec type required");
@@ -168,7 +170,7 @@ abstract class PBMAC1Core extends HmacCore {
java.util.Arrays.fill(passwdChars, ' ');
SecretKey s = null;
-
+ PBKDF2Core kdf = getKDFImpl(kdfAlgo);
try {
s = kdf.engineGenerateSecret(pbeSpec);
diff --git a/jdk/src/share/classes/com/sun/crypto/provider/SunJCE.java b/jdk/src/share/classes/com/sun/crypto/provider/SunJCE.java
index 7be5416d390..a6843ff4f59 100644
--- a/jdk/src/share/classes/com/sun/crypto/provider/SunJCE.java
+++ b/jdk/src/share/classes/com/sun/crypto/provider/SunJCE.java
@@ -731,10 +731,11 @@ public final class SunJCE extends Provider {
put("Mac.HmacSHA384 SupportedKeyFormats", "RAW");
put("Mac.HmacSHA512 SupportedKeyFormats", "RAW");
put("Mac.HmacPBESHA1 SupportedKeyFormats", "RAW");
- put("Mac.HmacPBESHA224 SupportedKeyFormats", "RAW");
- put("Mac.HmacPBESHA256 SupportedKeyFormats", "RAW");
- put("Mac.HmacPBESHA384 SupportedKeyFormats", "RAW");
- put("Mac.HmacPBESHA512 SupportedKeyFormats", "RAW");
+ put("Mac.PBEWithHmacSHA1 SupportedKeyFormatS", "RAW");
+ put("Mac.PBEWithHmacSHA224 SupportedKeyFormats", "RAW");
+ put("Mac.PBEWithHmacSHA256 SupportedKeyFormats", "RAW");
+ put("Mac.PBEWithHmacSHA384 SupportedKeyFormats", "RAW");
+ put("Mac.PBEWithHmacSHA512 SupportedKeyFormats", "RAW");
put("Mac.SslMacMD5 SupportedKeyFormats", "RAW");
put("Mac.SslMacSHA1 SupportedKeyFormats", "RAW");
diff --git a/jdk/src/share/classes/com/sun/management/DiagnosticCommandMBean.java b/jdk/src/share/classes/com/sun/management/DiagnosticCommandMBean.java
new file mode 100644
index 00000000000..da2d510024e
--- /dev/null
+++ b/jdk/src/share/classes/com/sun/management/DiagnosticCommandMBean.java
@@ -0,0 +1,220 @@
+/*
+ * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation. Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package com.sun.management;
+
+import java.lang.management.PlatformManagedObject;
+import javax.management.DynamicMBean;
+
+/**
+ * Management interface for the diagnostic commands for the HotSpot Virtual Machine.
+ *
+ *
The {code DiagnosticCommandMBean} is registered to the
+ * {@linkplain java.lang.management.ManagementFactory#getPlatformMBeanServer
+ * platform MBeanServer} as are other platform MBeans.
+ *
+ *
The {@link javax.management.ObjectName ObjectName} for uniquely identifying
+ * the diagnostic MBean within an MBeanServer is:
+ *
This MBean is a {@link javax.management.DynamicMBean DynamicMBean}
+ * and also a {@link javax.management.NotificationEmitter}.
+ * The {@code DiagnosticCommandMBean} is generated at runtime and is subject to
+ * modifications during the lifetime of the Java virtual machine.
+ *
+ * A diagnostic command is represented as an operation of
+ * the {@code DiagnosticCommandMBean} interface. Each diagnostic command has:
+ *
+ *
the diagnostic command name which is the name being referenced in
+ * the HotSpot Virtual Machine
+ *
the MBean operation name which is the
+ * {@linkplain javax.management.MBeanOperationInfo#getName() name}
+ * generated for the diagnostic command operation invocation.
+ * The MBean operation name is implementation dependent
+ *
+ *
+ * The recommended way to transform a diagnostic command name into a MBean
+ * operation name is as follows:
+ *
+ *
All characters from the first one to the first dot are set to be
+ * lower-case characters
+ *
Every dot or underline character is removed and the following
+ * character is set to be an upper-case character
+ *
All other characters are copied without modification
+ *
+ *
+ *
The diagnostic command name is always provided with the meta-data on the
+ * operation in a field named {@code dcmd.name} (see below).
+ *
+ *
A diagnostic command may or may not support options or arguments.
+ * All the operations return {@code String} and either take
+ * no parameter for operations that do not support any option or argument,
+ * or take a {@code String[]} parameter for operations that support at least
+ * one option or argument.
+ * Each option or argument must be stored in a single String.
+ * Options or arguments split across several String instances are not supported.
+ *
+ *
The distinction between options and arguments: options are identified by
+ * the option name while arguments are identified by their position in the
+ * command line. Options and arguments are processed in the order of the array
+ * passed to the invocation method.
+ *
+ *
Like any operation of a dynamic MBean, each of these operations is
+ * described by {@link javax.management.MBeanOperationInfo MBeanOperationInfo}
+ * instance. Here's the values returned by this object:
+ *
+ *
{@link javax.management.MBeanOperationInfo#getName() getName()}
+ * returns the operation name generated from the diagnostic command name
+ *
{@link javax.management.MBeanOperationInfo#getDescription() getDescription()}
+ * returns the diagnostic command description
+ * (the same as the one return in the 'help' command)
{@link javax.management.MBeanOperationInfo#getDescriptor() getDescriptor()}
+ * returns a Descriptor instance (see below)
+ *
+ *
+ *
The {@link javax.management.Descriptor Descriptor}
+ * is a collection of fields containing additional
+ * meta-data for a JMX element. A field is a name and an associated value.
+ * The additional meta-data provided for an operation associated with a
+ * diagnostic command are described in the table below:
+ *
+ *
+ *
+ *
+ *
Name
Type
Description
+ *
+ *
+ *
dcmd.name
String
+ *
The original diagnostic command name (not the operation name)
+ *
+ *
+ *
dcmd.description
String
+ *
The diagnostic command description
+ *
+ *
+ *
dcmd.help
String
+ *
The full help message for this diagnostic command (same output as
+ * the one produced by the 'help' command)
+ *
+ *
+ *
dcmd.vmImpact
String
+ *
The impact of the diagnostic command,
+ * this value is the same as the one printed in the 'impact'
+ * section of the help message of the diagnostic command, and it
+ * is different from the getImpact() of the MBeanOperationInfo
+ *
+ *
+ *
dcmd.enabled
boolean
+ *
True if the diagnostic command is enabled, false otherwise
+ *
+ *
+ *
dcmd.permissionClass
String
+ *
Some diagnostic command might require a specific permission to be
+ * executed, in addition to the MBeanPermission to invoke their
+ * associated MBean operation. This field returns the fully qualified
+ * name of the permission class or null if no permission is required
+ *
+ *
+ *
+ *
dcmd.permissionName
String
+ *
The fist argument of the permission required to execute this
+ * diagnostic command or null if no permission is required
+ *
+ *
+ *
dcmd.permissionAction
String
+ *
The second argument of the permission required to execute this
+ * diagnostic command or null if the permission constructor has only
+ * one argument (like the ManagementPermission) or if no permission
+ * is required
+ *
+ *
+ *
dcmd.arguments
Descriptor
+ *
A Descriptor instance containing the descriptions of options and
+ * arguments supported by the diagnostic command (see below)
+ *
+ *
+ *
+ *
+ *
The description of parameters (options or arguments) of a diagnostic
+ * command is provided within a Descriptor instance. In this Descriptor,
+ * each field name is a parameter name, and each field value is itself
+ * a Descriptor instance. The fields provided in this second Descriptor
+ * instance are described in the table below:
+ *
+ *
+ *
+ *
Name
Type
Description
+ *
+ *
+ *
dcmd.arg.name
String
+ *
The name of the parameter
+ *
+ *
+ *
dcmd.arg.type
String
+ *
The type of the parameter. The returned String is the name of a type
+ * recognized by the diagnostic command parser. These types are not
+ * Java types and are implementation dependent.
+ *
+ *
+ *
+ *
dcmd.arg.description
String
+ *
The parameter description
+ *
+ *
+ *
dcmd.arg.isMandatory
boolean
+ *
True if the parameter is mandatory, false otherwise
+ *
+ *
+ *
dcmd.arg.isOption
boolean
+ *
True if the parameter is an option, false if it is an argument
+ *
+ *
+ *
dcmd.arg.isMultiple
boolean
+ *
True if the parameter can be specified several times, false
+ * otherwise
+ *
+ *
+ *
+ *
When the set of diagnostic commands currently supported by the Java
+ * Virtual Machine is modified, the {@code DiagnosticCommandMBean} emits
+ * a {@link javax.management.Notification} with a
+ * {@linkplain javax.management.Notification#getType() type} of
+ *
+ * {@code "jmx.mbean.info.changed"} and a
+ * {@linkplain javax.management.Notification#getUserData() userData} that
+ * is the new {@code MBeanInfo}.
+ *
+ * @since 8
+ */
+public interface DiagnosticCommandMBean extends DynamicMBean
+{
+
+}
diff --git a/jdk/src/share/classes/java/lang/Integer.java b/jdk/src/share/classes/java/lang/Integer.java
index a0eeecf2d98..e5de967a069 100644
--- a/jdk/src/share/classes/java/lang/Integer.java
+++ b/jdk/src/share/classes/java/lang/Integer.java
@@ -26,7 +26,6 @@
package java.lang;
import java.lang.annotation.Native;
-import java.util.Properties;
/**
* The {@code Integer} class wraps a value of the primitive type
@@ -185,7 +184,7 @@ public final class Integer extends Number implements Comparable {
* @since 1.8
*/
public static String toUnsignedString(int i, int radix) {
- return Long.toString(toUnsignedLong(i), radix);
+ return Long.toUnsignedString(toUnsignedLong(i), radix);
}
/**
@@ -307,20 +306,39 @@ public final class Integer extends Number implements Comparable {
/**
* Convert the integer to an unsigned number.
*/
- private static String toUnsignedString0(int i, int shift) {
- char[] buf = new char[32];
- int charPos = 32;
+ private static String toUnsignedString0(int val, int shift) {
+ // assert shift > 0 && shift <=5 : "Illegal shift value";
+ int mag = Integer.SIZE - Integer.numberOfLeadingZeros(val);
+ int chars = Math.max(((mag + (shift - 1)) / shift), 1);
+ char[] buf = new char[chars];
+
+ formatUnsignedInt(val, shift, buf, 0, chars);
+
+ // Use special constructor which takes over "buf".
+ return new String(buf, true);
+ }
+
+ /**
+ * Format a long (treated as unsigned) into a character buffer.
+ * @param val the unsigned int to format
+ * @param shift the log2 of the base to format in (4 for hex, 3 for octal, 1 for binary)
+ * @param buf the character buffer to write to
+ * @param offset the offset in the destination buffer to start at
+ * @param len the number of characters to write
+ * @return the lowest character location used
+ */
+ static int formatUnsignedInt(int val, int shift, char[] buf, int offset, int len) {
+ int charPos = len;
int radix = 1 << shift;
int mask = radix - 1;
do {
- buf[--charPos] = digits[i & mask];
- i >>>= shift;
- } while (i != 0);
+ buf[offset + --charPos] = Integer.digits[val & mask];
+ val >>>= shift;
+ } while (val != 0 && charPos > 0);
- return new String(buf, charPos, (32 - charPos));
+ return charPos;
}
-
final static char [] DigitTens = {
'0', '0', '0', '0', '0', '0', '0', '0', '0', '0',
'1', '1', '1', '1', '1', '1', '1', '1', '1', '1',
@@ -875,6 +893,7 @@ public final class Integer extends Number implements Comparable {
* Returns the value of this {@code Integer} as a {@code long}
* after a widening primitive conversion.
* @jls 5.1.2 Widening Primitive Conversions
+ * @see Integer#toUnsignedLong(int)
*/
public long longValue() {
return (long)value;
diff --git a/jdk/src/share/classes/java/lang/Long.java b/jdk/src/share/classes/java/lang/Long.java
index 76dbfc38a7b..80967aca5de 100644
--- a/jdk/src/share/classes/java/lang/Long.java
+++ b/jdk/src/share/classes/java/lang/Long.java
@@ -28,6 +28,7 @@ package java.lang;
import java.lang.annotation.Native;
import java.math.*;
+
/**
* The {@code Long} class wraps a value of the primitive type {@code
* long} in an object. An object of type {@code Long} contains a
@@ -344,18 +345,39 @@ public final class Long extends Number implements Comparable {
}
/**
- * Convert the integer to an unsigned number.
+ * Format a long (treated as unsigned) into a String.
+ * @param val the value to format
+ * @param shift the log2 of the base to format in (4 for hex, 3 for octal, 1 for binary)
*/
- private static String toUnsignedString0(long i, int shift) {
- char[] buf = new char[64];
- int charPos = 64;
+ static String toUnsignedString0(long val, int shift) {
+ // assert shift > 0 && shift <=5 : "Illegal shift value";
+ int mag = Long.SIZE - Long.numberOfLeadingZeros(val);
+ int chars = Math.max(((mag + (shift - 1)) / shift), 1);
+ char[] buf = new char[chars];
+
+ formatUnsignedLong(val, shift, buf, 0, chars);
+ return new String(buf, true);
+ }
+
+ /**
+ * Format a long (treated as unsigned) into a character buffer.
+ * @param val the unsigned long to format
+ * @param shift the log2 of the base to format in (4 for hex, 3 for octal, 1 for binary)
+ * @param buf the character buffer to write to
+ * @param offset the offset in the destination buffer to start at
+ * @param len the number of characters to write
+ * @return the lowest character location used
+ */
+ static int formatUnsignedLong(long val, int shift, char[] buf, int offset, int len) {
+ int charPos = len;
int radix = 1 << shift;
- long mask = radix - 1;
+ int mask = radix - 1;
do {
- buf[--charPos] = Integer.digits[(int)(i & mask)];
- i >>>= shift;
- } while (i != 0);
- return new String(buf, charPos, (64 - charPos));
+ buf[offset + --charPos] = Integer.digits[((int) val) & mask];
+ val >>>= shift;
+ } while (val != 0 && charPos > 0);
+
+ return charPos;
}
/**
diff --git a/jdk/src/share/classes/java/lang/management/ManagementFactory.java b/jdk/src/share/classes/java/lang/management/ManagementFactory.java
index 278ace1d7d1..384cf4cda06 100644
--- a/jdk/src/share/classes/java/lang/management/ManagementFactory.java
+++ b/jdk/src/share/classes/java/lang/management/ManagementFactory.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -42,7 +42,9 @@ import javax.management.StandardMBean;
import java.util.Collections;
import java.util.List;
import java.util.Set;
+import java.util.HashMap;
import java.util.HashSet;
+import java.util.Map;
import java.security.AccessController;
import java.security.Permission;
import java.security.PrivilegedAction;
@@ -482,6 +484,11 @@ public class ManagementFactory {
}
}
}
+ HashMap dynmbeans =
+ ManagementFactoryHelper.getPlatformDynamicMBeans();
+ for (Map.Entry e : dynmbeans.entrySet()) {
+ addDynamicMBean(platformMBeanServer, e.getValue(), e.getKey());
+ }
}
return platformMBeanServer;
}
@@ -825,4 +832,24 @@ public class ManagementFactory {
}
}
+ /**
+ * Registers a DynamicMBean.
+ */
+ private static void addDynamicMBean(final MBeanServer mbs,
+ final DynamicMBean dmbean,
+ final ObjectName on) {
+ try {
+ AccessController.doPrivileged(new PrivilegedExceptionAction() {
+ @Override
+ public Void run() throws InstanceAlreadyExistsException,
+ MBeanRegistrationException,
+ NotCompliantMBeanException {
+ mbs.registerMBean(dmbean, on);
+ return null;
+ }
+ });
+ } catch (PrivilegedActionException e) {
+ throw new RuntimeException(e.getException());
+ }
+ }
}
diff --git a/jdk/src/share/classes/java/net/HttpCookie.java b/jdk/src/share/classes/java/net/HttpCookie.java
index d5a36df507f..d265e284c26 100644
--- a/jdk/src/share/classes/java/net/HttpCookie.java
+++ b/jdk/src/share/classes/java/net/HttpCookie.java
@@ -128,8 +128,7 @@ public final class HttpCookie implements Cloneable {
* a {@code String} specifying the value of the cookie
*
* @throws IllegalArgumentException
- * if the cookie name contains illegal characters or it is one of
- * the tokens reserved for use by the cookie protocol
+ * if the cookie name contains illegal characters
* @throws NullPointerException
* if {@code name} is {@code null}
*
@@ -142,7 +141,7 @@ public final class HttpCookie implements Cloneable {
private HttpCookie(String name, String value, String header) {
name = name.trim();
- if (name.length() == 0 || !isToken(name)) {
+ if (name.length() == 0 || !isToken(name) || name.charAt(0) == '$') {
throw new IllegalArgumentException("Illegal cookie name");
}
@@ -170,9 +169,8 @@ public final class HttpCookie implements Cloneable {
* @return a List of cookie parsed from header line string
*
* @throws IllegalArgumentException
- * if header string violates the cookie specification's syntax, or
- * the cookie name contains illegal characters, or the cookie name
- * is one of the tokens reserved for use by the cookie protocol
+ * if header string violates the cookie specification's syntax or
+ * the cookie name contains illegal characters.
* @throws NullPointerException
* if the header string is {@code null}
*/
diff --git a/jdk/src/share/classes/java/net/HttpURLPermission.java b/jdk/src/share/classes/java/net/HttpURLPermission.java
index 52d6e79344a..55d37fda8ca 100644
--- a/jdk/src/share/classes/java/net/HttpURLPermission.java
+++ b/jdk/src/share/classes/java/net/HttpURLPermission.java
@@ -377,7 +377,7 @@ public final class HttpURLPermission extends Permission {
throw new IllegalArgumentException ("unexpected URL scheme");
}
if (!u.getSchemeSpecificPart().equals("*")) {
- u = URI.create(scheme + "://" + u.getAuthority() + u.getPath());
+ u = URI.create(scheme + "://" + u.getRawAuthority() + u.getRawPath());
}
return u;
}
diff --git a/jdk/src/share/classes/java/nio/Buffer.java b/jdk/src/share/classes/java/nio/Buffer.java
index 1c0591fb28f..24d3cf8c56a 100644
--- a/jdk/src/share/classes/java/nio/Buffer.java
+++ b/jdk/src/share/classes/java/nio/Buffer.java
@@ -25,6 +25,7 @@
package java.nio;
+import java.util.Spliterator;
/**
* A container for data of a specific primitive type.
@@ -173,6 +174,13 @@ package java.nio;
public abstract class Buffer {
+ /**
+ * The characteristics of Spliterators that traverse and split elements
+ * maintained in Buffers.
+ */
+ static final int SPLITERATOR_CHARACTERISTICS =
+ Spliterator.SIZED | Spliterator.SUBSIZED | Spliterator.ORDERED;
+
// Invariants: mark <= position <= limit <= capacity
private int mark = -1;
private int position = 0;
diff --git a/jdk/src/share/classes/java/nio/ByteBufferAs-X-Buffer.java.template b/jdk/src/share/classes/java/nio/ByteBufferAs-X-Buffer.java.template
index 1673da2bf45..d5be9669fb8 100644
--- a/jdk/src/share/classes/java/nio/ByteBufferAs-X-Buffer.java.template
+++ b/jdk/src/share/classes/java/nio/ByteBufferAs-X-Buffer.java.template
@@ -115,6 +115,12 @@ class ByteBufferAs$Type$Buffer$RW$$BO$ // package-private
return Bits.get$Type$$BO$(bb, ix(checkIndex(i)));
}
+#if[streamableType]
+ $type$ getUnchecked(int i) {
+ return Bits.get$Type$$BO$(bb, ix(i));
+ }
+#end[streamableType]
+
#end[rw]
public $Type$Buffer put($type$ x) {
diff --git a/jdk/src/share/classes/java/nio/CharBufferSpliterator.java b/jdk/src/share/classes/java/nio/CharBufferSpliterator.java
new file mode 100644
index 00000000000..19fd8a8f0ba
--- /dev/null
+++ b/jdk/src/share/classes/java/nio/CharBufferSpliterator.java
@@ -0,0 +1,96 @@
+/*
+ * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation. Oracle designates this
+* particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package java.nio;
+
+import java.util.Comparator;
+import java.util.Spliterator;
+import java.util.function.IntConsumer;
+
+/**
+ * A Spliterator.OfInt for sources that traverse and split elements
+ * maintained in a CharBuffer.
+ *
+ * @implNote
+ * The implementation is based on the code for the Array-based spliterators.
+ */
+class CharBufferSpliterator implements Spliterator.OfInt {
+ private final CharBuffer buffer;
+ private int index; // current index, modified on advance/split
+ private final int limit;
+
+ CharBufferSpliterator(CharBuffer buffer) {
+ this(buffer, buffer.position(), buffer.limit());
+ }
+
+ CharBufferSpliterator(CharBuffer buffer, int origin, int limit) {
+ assert origin <= limit;
+ this.buffer = buffer;
+ this.index = (origin <= limit) ? origin : limit;
+ this.limit = limit;
+ }
+
+ @Override
+ public OfInt trySplit() {
+ int lo = index, mid = (lo + limit) >>> 1;
+ return (lo >= mid)
+ ? null
+ : new CharBufferSpliterator(buffer, lo, index = mid);
+ }
+
+ @Override
+ public void forEachRemaining(IntConsumer action) {
+ if (action == null)
+ throw new NullPointerException();
+ CharBuffer cb = buffer;
+ int i = index;
+ int hi = limit;
+ index = hi;
+ while (i < hi) {
+ action.accept(cb.getUnchecked(i++));
+ }
+ }
+
+ @Override
+ public boolean tryAdvance(IntConsumer action) {
+ if (action == null)
+ throw new NullPointerException();
+ if (index >= 0 && index < limit) {
+ action.accept(buffer.getUnchecked(index++));
+ return true;
+ }
+ return false;
+ }
+
+ @Override
+ public long estimateSize() {
+ return (long)(limit - index);
+ }
+
+ @Override
+ public int characteristics() {
+ return Buffer.SPLITERATOR_CHARACTERISTICS;
+ }
+}
diff --git a/jdk/src/share/classes/java/nio/Direct-X-Buffer.java.template b/jdk/src/share/classes/java/nio/Direct-X-Buffer.java.template
index d01e873697d..0523e2a2cd6 100644
--- a/jdk/src/share/classes/java/nio/Direct-X-Buffer.java.template
+++ b/jdk/src/share/classes/java/nio/Direct-X-Buffer.java.template
@@ -253,6 +253,12 @@ class Direct$Type$Buffer$RW$$BO$
return $fromBits$($swap$(unsafe.get$Swaptype$(ix(checkIndex(i)))));
}
+#if[streamableType]
+ $type$ getUnchecked(int i) {
+ return $fromBits$($swap$(unsafe.get$Swaptype$(ix(i))));
+ }
+#end[streamableType]
+
public $Type$Buffer get($type$[] dst, int offset, int length) {
#if[rw]
if ((length << $LG_BYTES_PER_VALUE$) > Bits.JNI_COPY_TO_ARRAY_THRESHOLD) {
diff --git a/jdk/src/share/classes/java/nio/Heap-X-Buffer.java.template b/jdk/src/share/classes/java/nio/Heap-X-Buffer.java.template
index cecc1bacf9a..54f7164b24c 100644
--- a/jdk/src/share/classes/java/nio/Heap-X-Buffer.java.template
+++ b/jdk/src/share/classes/java/nio/Heap-X-Buffer.java.template
@@ -139,6 +139,12 @@ class Heap$Type$Buffer$RW$
return hb[ix(checkIndex(i))];
}
+#if[streamableType]
+ $type$ getUnchecked(int i) {
+ return hb[ix(i)];
+ }
+#end[streamableType]
+
public $Type$Buffer get($type$[] dst, int offset, int length) {
checkBounds(offset, length, dst.length);
if (length > remaining())
diff --git a/jdk/src/share/classes/java/nio/StringCharBuffer.java b/jdk/src/share/classes/java/nio/StringCharBuffer.java
index 47b6bae3228..a277ef559bd 100644
--- a/jdk/src/share/classes/java/nio/StringCharBuffer.java
+++ b/jdk/src/share/classes/java/nio/StringCharBuffer.java
@@ -77,6 +77,10 @@ class StringCharBuffer // package-private
return str.charAt(checkIndex(index) + offset);
}
+ char getUnchecked(int index) {
+ return str.charAt(index + offset);
+ }
+
// ## Override bulk get methods for better performance
public final CharBuffer put(char c) {
diff --git a/jdk/src/share/classes/java/nio/X-Buffer.java.template b/jdk/src/share/classes/java/nio/X-Buffer.java.template
index a727b000bf1..475818d300d 100644
--- a/jdk/src/share/classes/java/nio/X-Buffer.java.template
+++ b/jdk/src/share/classes/java/nio/X-Buffer.java.template
@@ -30,6 +30,11 @@ package java.nio;
#if[char]
import java.io.IOException;
#end[char]
+#if[streamableType]
+import java.util.Spliterator;
+import java.util.stream.StreamSupport;
+import java.util.stream.$Streamtype$Stream;
+#end[streamableType]
/**
* $A$ $type$ buffer.
@@ -589,6 +594,19 @@ public abstract class $Type$Buffer
*/
public abstract $type$ get(int index);
+#if[streamableType]
+ /**
+ * Absolute get method. Reads the $type$ at the given
+ * index without any validation of the index.
+ *
+ * @param index
+ * The index from which the $type$ will be read
+ *
+ * @return The $type$ at the given index
+ */
+ abstract $type$ getUnchecked(int index); // package-private
+#end[streamableType]
+
/**
* Absolute put method (optional operation).
*
@@ -1458,4 +1476,16 @@ public abstract class $Type$Buffer
#end[byte]
+#if[streamableType]
+
+#if[char]
+ @Override
+#end[char]
+ public $Streamtype$Stream $type$s() {
+ return StreamSupport.$streamtype$Stream(() -> new $Type$BufferSpliterator(this),
+ Buffer.SPLITERATOR_CHARACTERISTICS);
+ }
+
+#end[streamableType]
+
}
diff --git a/jdk/src/share/classes/java/security/AccessControlContext.java b/jdk/src/share/classes/java/security/AccessControlContext.java
index ba088af8716..9ca78fe9495 100644
--- a/jdk/src/share/classes/java/security/AccessControlContext.java
+++ b/jdk/src/share/classes/java/security/AccessControlContext.java
@@ -85,6 +85,15 @@ public final class AccessControlContext {
private DomainCombiner combiner = null;
+ // limited privilege scope
+ private Permission permissions[];
+ private AccessControlContext parent;
+ private boolean isWrapped;
+
+ // is constrained by limited privilege scope?
+ private boolean isLimited;
+ private ProtectionDomain limitedContext[];
+
private static boolean debugInit = false;
private static Debug debug = null;
@@ -178,14 +187,79 @@ public final class AccessControlContext {
/**
* package private for AccessController
+ *
+ * This "argument wrapper" context will be passed as the actual context
+ * parameter on an internal doPrivileged() call used in the implementation.
*/
- AccessControlContext(ProtectionDomain context[], DomainCombiner combiner) {
+ AccessControlContext(ProtectionDomain caller, DomainCombiner combiner,
+ AccessControlContext parent, AccessControlContext context,
+ Permission[] perms)
+ {
+ /*
+ * Combine the domains from the doPrivileged() context into our
+ * wrapper context, if necessary.
+ */
+ ProtectionDomain[] callerPDs = null;
+ if (caller != null) {
+ callerPDs = new ProtectionDomain[] { caller };
+ }
if (context != null) {
- this.context = context.clone();
+ if (combiner != null) {
+ this.context = combiner.combine(callerPDs, context.context);
+ } else {
+ this.context = combine(callerPDs, context.context);
+ }
+ } else {
+ /*
+ * Call combiner even if there is seemingly nothing to combine.
+ */
+ if (combiner != null) {
+ this.context = combiner.combine(callerPDs, null);
+ } else {
+ this.context = combine(callerPDs, null);
+ }
}
this.combiner = combiner;
+
+ Permission[] tmp = null;
+ if (perms != null) {
+ tmp = new Permission[perms.length];
+ for (int i=0; i < perms.length; i++) {
+ if (perms[i] == null) {
+ throw new NullPointerException("permission can't be null");
+ }
+
+ /*
+ * An AllPermission argument is equivalent to calling
+ * doPrivileged() without any limit permissions.
+ */
+ if (perms[i].getClass() == AllPermission.class) {
+ parent = null;
+ }
+ tmp[i] = perms[i];
+ }
+ }
+
+ /*
+ * For a doPrivileged() with limited privilege scope, initialize
+ * the relevant fields.
+ *
+ * The limitedContext field contains the union of all domains which
+ * are enclosed by this limited privilege scope. In other words,
+ * it contains all of the domains which could potentially be checked
+ * if none of the limiting permissions implied a requested permission.
+ */
+ if (parent != null) {
+ this.limitedContext = combine(parent.context, parent.limitedContext);
+ this.isLimited = true;
+ this.isWrapped = true;
+ this.permissions = tmp;
+ this.parent = parent;
+ this.privilegedContext = context; // used in checkPermission2()
+ }
}
+
/**
* package private constructor for AccessController.getContext()
*/
@@ -260,6 +334,13 @@ public final class AccessControlContext {
if (sm != null) {
sm.checkPermission(SecurityConstants.GET_COMBINER_PERMISSION);
}
+ return getCombiner();
+ }
+
+ /**
+ * package private for AccessController
+ */
+ DomainCombiner getCombiner() {
return combiner;
}
@@ -335,8 +416,10 @@ public final class AccessControlContext {
or the first domain was a Privileged system domain. This
is to make the common case for system code very fast */
- if (context == null)
+ if (context == null) {
+ checkPermission2(perm);
return;
+ }
for (int i=0; i< context.length; i++) {
if (context[i] != null && !context[i].implies(perm)) {
@@ -370,20 +453,108 @@ public final class AccessControlContext {
debug.println("access allowed "+perm);
}
- return;
+ checkPermission2(perm);
+ }
+
+ /*
+ * Check the domains associated with the limited privilege scope.
+ */
+ private void checkPermission2(Permission perm) {
+ if (!isLimited) {
+ return;
+ }
+
+ /*
+ * Check the doPrivileged() context parameter, if present.
+ */
+ if (privilegedContext != null) {
+ privilegedContext.checkPermission2(perm);
+ }
+
+ /*
+ * Ignore the limited permissions and parent fields of a wrapper
+ * context since they were already carried down into the unwrapped
+ * context.
+ */
+ if (isWrapped) {
+ return;
+ }
+
+ /*
+ * Try to match any limited privilege scope.
+ */
+ if (permissions != null) {
+ Class permClass = perm.getClass();
+ for (int i=0; i < permissions.length; i++) {
+ Permission limit = permissions[i];
+ if (limit.getClass().equals(permClass) && limit.implies(perm)) {
+ return;
+ }
+ }
+ }
+
+ /*
+ * Check the limited privilege scope up the call stack or the inherited
+ * parent thread call stack of this ACC.
+ */
+ if (parent != null) {
+ /*
+ * As an optimization, if the parent context is the inherited call
+ * stack context from a parent thread then checking the protection
+ * domains of the parent context is redundant since they have
+ * already been merged into the child thread's context by
+ * optimize(). When parent is set to an inherited context this
+ * context was not directly created by a limited scope
+ * doPrivileged() and it does not have its own limited permissions.
+ */
+ if (permissions == null) {
+ parent.checkPermission2(perm);
+ } else {
+ parent.checkPermission(perm);
+ }
+ }
}
/**
* Take the stack-based context (this) and combine it with the
- * privileged or inherited context, if need be.
+ * privileged or inherited context, if need be. Any limited
+ * privilege scope is flagged regardless of whether the assigned
+ * context comes from an immediately enclosing limited doPrivileged().
+ * The limited privilege scope can indirectly flow from the inherited
+ * parent thread or an assigned context previously captured by getContext().
*/
AccessControlContext optimize() {
// the assigned (privileged or inherited) context
AccessControlContext acc;
+ DomainCombiner combiner = null;
+ AccessControlContext parent = null;
+ Permission[] permissions = null;
+
if (isPrivileged) {
acc = privilegedContext;
+ if (acc != null) {
+ /*
+ * If the context is from a limited scope doPrivileged() then
+ * copy the permissions and parent fields out of the wrapper
+ * context that was created to hold them.
+ */
+ if (acc.isWrapped) {
+ permissions = acc.permissions;
+ parent = acc.parent;
+ }
+ }
} else {
acc = AccessController.getInheritedAccessControlContext();
+ if (acc != null) {
+ /*
+ * If the inherited context is constrained by a limited scope
+ * doPrivileged() then set it as our parent so we will process
+ * the non-domain-related state.
+ */
+ if (acc.isLimited) {
+ parent = acc;
+ }
+ }
}
// this.context could be null if only system code is on the stack;
@@ -393,53 +564,98 @@ public final class AccessControlContext {
// acc.context could be null if only system code was involved;
// in that case, ignore the assigned context
boolean skipAssigned = (acc == null || acc.context == null);
+ ProtectionDomain[] assigned = (skipAssigned) ? null : acc.context;
+ ProtectionDomain[] pd;
+
+ // if there is no enclosing limited privilege scope on the stack or
+ // inherited from a parent thread
+ boolean skipLimited = ((acc == null || !acc.isWrapped) && parent == null);
if (acc != null && acc.combiner != null) {
// let the assigned acc's combiner do its thing
- return goCombiner(context, acc);
+ if (getDebug() != null) {
+ debug.println("AccessControlContext invoking the Combiner");
+ }
+
+ // No need to clone current and assigned.context
+ // combine() will not update them
+ combiner = acc.combiner;
+ pd = combiner.combine(context, assigned);
+ } else {
+ if (skipStack) {
+ if (skipAssigned) {
+ calculateFields(acc, parent, permissions);
+ return this;
+ } else if (skipLimited) {
+ return acc;
+ }
+ } else if (assigned != null) {
+ if (skipLimited) {
+ // optimization: if there is a single stack domain and
+ // that domain is already in the assigned context; no
+ // need to combine
+ if (context.length == 1 && context[0] == assigned[0]) {
+ return acc;
+ }
+ }
+ }
+
+ pd = combine(context, assigned);
+ if (skipLimited && !skipAssigned && pd == assigned) {
+ return acc;
+ } else if (skipAssigned && pd == context) {
+ calculateFields(acc, parent, permissions);
+ return this;
+ }
}
- // optimization: if neither have contexts; return acc if possible
- // rather than this, because acc might have a combiner
- if (skipAssigned && skipStack) {
- return this;
- }
+ // Reuse existing ACC
+ this.context = pd;
+ this.combiner = combiner;
+ this.isPrivileged = false;
- // optimization: if there is no stack context; there is no reason
- // to compress the assigned context, it already is compressed
- if (skipStack) {
- return acc;
- }
+ calculateFields(acc, parent, permissions);
+ return this;
+ }
- int slen = context.length;
+
+ /*
+ * Combine the current (stack) and assigned domains.
+ */
+ private static ProtectionDomain[] combine(ProtectionDomain[]current,
+ ProtectionDomain[] assigned) {
+
+ // current could be null if only system code is on the stack;
+ // in that case, ignore the stack context
+ boolean skipStack = (current == null);
+
+ // assigned could be null if only system code was involved;
+ // in that case, ignore the assigned context
+ boolean skipAssigned = (assigned == null);
+
+ int slen = (skipStack) ? 0 : current.length;
// optimization: if there is no assigned context and the stack length
// is less then or equal to two; there is no reason to compress the
// stack context, it already is
if (skipAssigned && slen <= 2) {
- return this;
+ return current;
}
- // optimization: if there is a single stack domain and that domain
- // is already in the assigned context; no need to combine
- if ((slen == 1) && (context[0] == acc.context[0])) {
- return acc;
- }
-
- int n = (skipAssigned) ? 0 : acc.context.length;
+ int n = (skipAssigned) ? 0 : assigned.length;
// now we combine both of them, and create a new context
ProtectionDomain pd[] = new ProtectionDomain[slen + n];
// first copy in the assigned context domains, no need to compress
if (!skipAssigned) {
- System.arraycopy(acc.context, 0, pd, 0, n);
+ System.arraycopy(assigned, 0, pd, 0, n);
}
// now add the stack context domains, discarding nulls and duplicates
outer:
- for (int i = 0; i < context.length; i++) {
- ProtectionDomain sd = context[i];
+ for (int i = 0; i < slen; i++) {
+ ProtectionDomain sd = current[i];
if (sd != null) {
for (int j = 0; j < n; j++) {
if (sd == pd[j]) {
@@ -453,54 +669,48 @@ public final class AccessControlContext {
// if length isn't equal, we need to shorten the array
if (n != pd.length) {
// optimization: if we didn't really combine anything
- if (!skipAssigned && n == acc.context.length) {
- return acc;
+ if (!skipAssigned && n == assigned.length) {
+ return assigned;
} else if (skipAssigned && n == slen) {
- return this;
+ return current;
}
ProtectionDomain tmp[] = new ProtectionDomain[n];
System.arraycopy(pd, 0, tmp, 0, n);
pd = tmp;
}
- // return new AccessControlContext(pd, false);
-
- // Reuse existing ACC
-
- this.context = pd;
- this.combiner = null;
- this.isPrivileged = false;
-
- return this;
+ return pd;
}
- private AccessControlContext goCombiner(ProtectionDomain[] current,
- AccessControlContext assigned) {
- // the assigned ACC's combiner is not null --
- // let the combiner do its thing
+ /*
+ * Calculate the additional domains that could potentially be reached via
+ * limited privilege scope. Mark the context as being subject to limited
+ * privilege scope unless the reachable domains (if any) are already
+ * contained in this domain context (in which case any limited
+ * privilege scope checking would be redundant).
+ */
+ private void calculateFields(AccessControlContext assigned,
+ AccessControlContext parent, Permission[] permissions)
+ {
+ ProtectionDomain[] parentLimit = null;
+ ProtectionDomain[] assignedLimit = null;
+ ProtectionDomain[] newLimit;
- // XXX we could add optimizations to 'current' here ...
-
- if (getDebug() != null) {
- debug.println("AccessControlContext invoking the Combiner");
+ parentLimit = (parent != null)? parent.limitedContext: null;
+ assignedLimit = (assigned != null)? assigned.limitedContext: null;
+ newLimit = combine(parentLimit, assignedLimit);
+ if (newLimit != null) {
+ if (context == null || !containsAllPDs(newLimit, context)) {
+ this.limitedContext = newLimit;
+ this.permissions = permissions;
+ this.parent = parent;
+ this.isLimited = true;
+ }
}
-
- // No need to clone current and assigned.context
- // combine() will not update them
- ProtectionDomain[] combinedPds = assigned.combiner.combine(
- current, assigned.context);
-
- // return new AccessControlContext(combinedPds, assigned.combiner);
-
- // Reuse existing ACC
- this.context = combinedPds;
- this.combiner = assigned.combiner;
- this.isPrivileged = false;
-
- return this;
}
+
/**
* Checks two AccessControlContext objects for equality.
* Checks that obj is
@@ -520,31 +730,131 @@ public final class AccessControlContext {
AccessControlContext that = (AccessControlContext) obj;
-
- if (context == null) {
- return (that.context == null);
- }
-
- if (that.context == null)
+ if (!equalContext(that))
return false;
- if (!(this.containsAllPDs(that) && that.containsAllPDs(this)))
- return false;
-
- if (this.combiner == null)
- return (that.combiner == null);
-
- if (that.combiner == null)
- return false;
-
- if (!this.combiner.equals(that.combiner))
+ if (!equalLimitedContext(that))
return false;
return true;
}
- private boolean containsAllPDs(AccessControlContext that) {
+ /*
+ * Compare for equality based on state that is free of limited
+ * privilege complications.
+ */
+ private boolean equalContext(AccessControlContext that) {
+ if (!equalPDs(this.context, that.context))
+ return false;
+
+ if (this.combiner == null && that.combiner != null)
+ return false;
+
+ if (this.combiner != null && !this.combiner.equals(that.combiner))
+ return false;
+
+ return true;
+ }
+
+ private boolean equalPDs(ProtectionDomain[] a, ProtectionDomain[] b) {
+ if (a == null) {
+ return (b == null);
+ }
+
+ if (b == null)
+ return false;
+
+ if (!(containsAllPDs(a, b) && containsAllPDs(b, a)))
+ return false;
+
+ return true;
+ }
+
+ /*
+ * Compare for equality based on state that is captured during a
+ * call to AccessController.getContext() when a limited privilege
+ * scope is in effect.
+ */
+ private boolean equalLimitedContext(AccessControlContext that) {
+ if (that == null)
+ return false;
+
+ /*
+ * If neither instance has limited privilege scope then we're done.
+ */
+ if (!this.isLimited && !that.isLimited)
+ return true;
+
+ /*
+ * If only one instance has limited privilege scope then we're done.
+ */
+ if (!(this.isLimited && that.isLimited))
+ return false;
+
+ /*
+ * Wrapped instances should never escape outside the implementation
+ * this class and AccessController so this will probably never happen
+ * but it only makes any sense to compare if they both have the same
+ * isWrapped state.
+ */
+ if ((this.isWrapped && !that.isWrapped) ||
+ (!this.isWrapped && that.isWrapped)) {
+ return false;
+ }
+
+ if (this.permissions == null && that.permissions != null)
+ return false;
+
+ if (this.permissions != null && that.permissions == null)
+ return false;
+
+ if (!(this.containsAllLimits(that) && that.containsAllLimits(this)))
+ return false;
+
+ /*
+ * Skip through any wrapped contexts.
+ */
+ AccessControlContext thisNextPC = getNextPC(this);
+ AccessControlContext thatNextPC = getNextPC(that);
+
+ /*
+ * The protection domains and combiner of a privilegedContext are
+ * not relevant because they have already been included in the context
+ * of this instance by optimize() so we only care about any limited
+ * privilege state they may have.
+ */
+ if (thisNextPC == null && thatNextPC != null && thatNextPC.isLimited)
+ return false;
+
+ if (thisNextPC != null && !thisNextPC.equalLimitedContext(thatNextPC))
+ return false;
+
+ if (this.parent == null && that.parent != null)
+ return false;
+
+ if (this.parent != null && !this.parent.equals(that.parent))
+ return false;
+
+ return true;
+ }
+
+ /*
+ * Follow the privilegedContext link making our best effort to skip
+ * through any wrapper contexts.
+ */
+ private static AccessControlContext getNextPC(AccessControlContext acc) {
+ while (acc != null && acc.privilegedContext != null) {
+ acc = acc.privilegedContext;
+ if (!acc.isWrapped)
+ return acc;
+ }
+ return null;
+ }
+
+ private static boolean containsAllPDs(ProtectionDomain[] thisContext,
+ ProtectionDomain[] thatContext) {
boolean match = false;
+
//
// ProtectionDomains within an ACC currently cannot be null
// and this is enforced by the constructor and the various
@@ -552,17 +862,17 @@ public final class AccessControlContext {
// to support the notion of a null PD and therefore this logic continues
// to support that notion.
ProtectionDomain thisPd;
- for (int i = 0; i < context.length; i++) {
+ for (int i = 0; i < thisContext.length; i++) {
match = false;
- if ((thisPd = context[i]) == null) {
- for (int j = 0; (j < that.context.length) && !match; j++) {
- match = (that.context[j] == null);
+ if ((thisPd = thisContext[i]) == null) {
+ for (int j = 0; (j < thatContext.length) && !match; j++) {
+ match = (thatContext[j] == null);
}
} else {
Class thisPdClass = thisPd.getClass();
ProtectionDomain thatPd;
- for (int j = 0; (j < that.context.length) && !match; j++) {
- thatPd = that.context[j];
+ for (int j = 0; (j < thatContext.length) && !match; j++) {
+ thatPd = thatContext[j];
// Class check required to avoid PD exposure (4285406)
match = (thatPd != null &&
@@ -573,6 +883,29 @@ public final class AccessControlContext {
}
return match;
}
+
+ private boolean containsAllLimits(AccessControlContext that) {
+ boolean match = false;
+ Permission thisPerm;
+
+ if (this.permissions == null && that.permissions == null)
+ return true;
+
+ for (int i = 0; i < this.permissions.length; i++) {
+ Permission limit = this.permissions[i];
+ Class limitClass = limit.getClass();
+ match = false;
+ for (int j = 0; (j < that.permissions.length) && !match; j++) {
+ Permission perm = that.permissions[j];
+ match = (limitClass.equals(perm.getClass()) &&
+ limit.equals(perm));
+ }
+ if (!match) return false;
+ }
+ return match;
+ }
+
+
/**
* Returns the hash code value for this context. The hash code
* is computed by exclusive or-ing the hash code of all the protection
@@ -591,6 +924,7 @@ public final class AccessControlContext {
if (context[i] != null)
hashCode ^= context[i].hashCode();
}
+
return hashCode;
}
}
diff --git a/jdk/src/share/classes/java/security/AccessController.java b/jdk/src/share/classes/java/security/AccessController.java
index e7fbe737a8e..6eac9a619b2 100644
--- a/jdk/src/share/classes/java/security/AccessController.java
+++ b/jdk/src/share/classes/java/security/AccessController.java
@@ -82,9 +82,15 @@ import sun.reflect.Reflection;
* else if (caller i is marked as privileged) {
* if (a context was specified in the call to doPrivileged)
* context.checkPermission(permission)
- * return;
+ * if (limited permissions were specified in the call to doPrivileged) {
+ * for (each limited permission) {
+ * if (the limited permission implies the requested permission)
+ * return;
+ * }
+ * } else
+ * return;
* }
- * };
+ * }
*
* // Next, check the context inherited when the thread was created.
* // Whenever a new thread is created, the AccessControlContext at
@@ -101,11 +107,16 @@ import sun.reflect.Reflection;
* was marked as "privileged" via a doPrivileged
* call without a context argument (see below for information about a
* context argument). If that caller's domain has the
- * specified permission, no further checking is done and
+ * specified permission and at least one limiting permission argument (if any)
+ * implies the requested permission, no further checking is done and
* checkPermission
* returns quietly, indicating that the requested access is allowed.
* If that domain does not have the specified permission, an exception
- * is thrown, as usual.
+ * is thrown, as usual. If the caller's domain had the specified permission
+ * but it was not implied by any limiting permission arguments given in the call
+ * to doPrivileged then the permission checking continues
+ * until there are no more callers or another doPrivileged
+ * call matches the requested permission and returns normally.
*
*
The normal use of the "privileged" feature is as follows. If you
* don't need to return a value from within the "privileged" block, do
@@ -180,6 +191,9 @@ import sun.reflect.Reflection;
*
*
Be *very* careful in your use of the "privileged" construct, and
* always remember to make the privileged code section as small as possible.
+ * You can pass Permission arguments to further limit the
+ * scope of the "privilege" (see below).
+ *
*
*
Note that checkPermission always performs security checks
* within the context of the currently executing thread.
@@ -215,7 +229,9 @@ import sun.reflect.Reflection;
*
*
There are also times where you don't know a priori which permissions
* to check the context against. In these cases you can use the
- * doPrivileged method that takes a context:
+ * doPrivileged method that takes a context. You can also limit the scope
+ * of the privileged code by passing additional Permission
+ * parameters.
*
*
{@code
* somemethod() {
@@ -223,12 +239,21 @@ import sun.reflect.Reflection;
* public Object run() {
* // Code goes here. Any permission checks within this
* // run method will require that the intersection of the
- * // callers protection domain and the snapshot's
- * // context have the desired permission.
+ * // caller's protection domain and the snapshot's
+ * // context have the desired permission. If a requested
+ * // permission is not implied by the limiting FilePermission
+ * // argument then checking of the thread continues beyond the
+ * // caller of doPrivileged.
* }
- * }, acc);
+ * }, acc, new FilePermission("/temp/*", read));
* ...normal code here...
* }}
+ *
Passing a limiting Permission argument of an instance of
+ * AllPermission is equivalent to calling the equivalent
+ * doPrivileged method without limiting Permission
+ * arguments. Passing a zero length array of Permission disables
+ * the code privileges so that checking always continues beyond the caller of
+ * that doPrivileged method.
*
* @see AccessControlContext
*
@@ -334,6 +359,112 @@ public final class AccessController {
public static native T doPrivileged(PrivilegedAction action,
AccessControlContext context);
+
+ /**
+ * Performs the specified PrivilegedAction with privileges
+ * enabled and restricted by the specified
+ * AccessControlContext and with a privilege scope limited
+ * by specified Permission arguments.
+ *
+ * The action is performed with the intersection of the permissions
+ * possessed by the caller's protection domain, and those possessed
+ * by the domains represented by the specified
+ * AccessControlContext.
+ *
+ * If the action's run method throws an (unchecked) exception,
+ * it will propagate through this method.
+ *
+ * @param action the action to be performed.
+ * @param context an access control context
+ * representing the restriction to be applied to the
+ * caller's domain's privileges before performing
+ * the specified action. If the context is
+ * null,
+ * then no additional restriction is applied.
+ * @param perms the Permission arguments which limit the
+ * scope of the caller's privileges. The number of arguments
+ * is variable.
+ *
+ * @return the value returned by the action's run method.
+ *
+ * @throws NullPointerException if action or perms or any element of
+ * perms is null
+ *
+ * @see #doPrivileged(PrivilegedAction)
+ * @see #doPrivileged(PrivilegedExceptionAction,AccessControlContext)
+ *
+ * @since 1.8
+ */
+ @CallerSensitive
+ public static T doPrivileged(PrivilegedAction action,
+ AccessControlContext context, Permission... perms) {
+
+ AccessControlContext parent = getContext();
+ if (perms == null) {
+ throw new NullPointerException("null permissions parameter");
+ }
+ Class caller = Reflection.getCallerClass();
+ return AccessController.doPrivileged(action, createWrapper(null,
+ caller, parent, context, perms));
+ }
+
+
+ /**
+ * Performs the specified PrivilegedAction with privileges
+ * enabled and restricted by the specified
+ * AccessControlContext and with a privilege scope limited
+ * by specified Permission arguments.
+ *
+ * The action is performed with the intersection of the permissions
+ * possessed by the caller's protection domain, and those possessed
+ * by the domains represented by the specified
+ * AccessControlContext.
+ *
+ * If the action's run method throws an (unchecked) exception,
+ * it will propagate through this method.
+ *
+ *
This method preserves the current AccessControlContext's
+ * DomainCombiner (which may be null) while the action is performed.
+ *
+ * @param action the action to be performed.
+ * @param context an access control context
+ * representing the restriction to be applied to the
+ * caller's domain's privileges before performing
+ * the specified action. If the context is
+ * null,
+ * then no additional restriction is applied.
+ * @param perms the Permission arguments which limit the
+ * scope of the caller's privileges. The number of arguments
+ * is variable.
+ *
+ * @return the value returned by the action's run method.
+ *
+ * @throws NullPointerException if action or perms or any element of
+ * perms is null
+ *
+ * @see #doPrivileged(PrivilegedAction)
+ * @see #doPrivileged(PrivilegedExceptionAction,AccessControlContext)
+ * @see java.security.DomainCombiner
+ *
+ * @since 1.8
+ */
+ @CallerSensitive
+ public static T doPrivilegedWithCombiner(PrivilegedAction action,
+ AccessControlContext context, Permission... perms) {
+
+ AccessControlContext parent = getContext();
+ DomainCombiner dc = parent.getCombiner();
+ if (dc == null && context != null) {
+ dc = context.getCombiner();
+ }
+ if (perms == null) {
+ throw new NullPointerException("null permissions parameter");
+ }
+ Class caller = Reflection.getCallerClass();
+ return AccessController.doPrivileged(action, createWrapper(dc, caller,
+ parent, context, perms));
+ }
+
/**
* Performs the specified PrivilegedExceptionAction with
* privileges enabled. The action is performed with all of the
@@ -408,6 +539,22 @@ public final class AccessController {
private static AccessControlContext preserveCombiner(DomainCombiner combiner,
Class caller)
{
+ return createWrapper(combiner, caller, null, null, null);
+ }
+
+ /**
+ * Create a wrapper to contain the limited privilege scope data.
+ */
+ private static AccessControlContext
+ createWrapper(DomainCombiner combiner, Class caller,
+ AccessControlContext parent, AccessControlContext context,
+ Permission[] perms)
+ {
+ return new AccessControlContext(getCallerPD(caller), combiner, parent,
+ context, perms);
+ }
+
+ private static ProtectionDomain getCallerPD(final Class caller) {
ProtectionDomain callerPd = doPrivileged
(new PrivilegedAction() {
public ProtectionDomain run() {
@@ -415,18 +562,9 @@ public final class AccessController {
}
});
- // perform 'combine' on the caller of doPrivileged,
- // even if the caller is from the bootclasspath
- ProtectionDomain[] pds = new ProtectionDomain[] {callerPd};
- if (combiner == null) {
- return new AccessControlContext(pds);
- } else {
- return new AccessControlContext(combiner.combine(pds, null),
- combiner);
- }
+ return callerPd;
}
-
/**
* Performs the specified PrivilegedExceptionAction with
* privileges enabled and restricted by the specified
@@ -454,7 +592,7 @@ public final class AccessController {
* @exception NullPointerException if the action is null
*
* @see #doPrivileged(PrivilegedAction)
- * @see #doPrivileged(PrivilegedExceptionAction,AccessControlContext)
+ * @see #doPrivileged(PrivilegedAction,AccessControlContext)
*/
@CallerSensitive
public static native T
@@ -462,6 +600,118 @@ public final class AccessController {
AccessControlContext context)
throws PrivilegedActionException;
+
+ /**
+ * Performs the specified PrivilegedExceptionAction with
+ * privileges enabled and restricted by the specified
+ * AccessControlContext and with a privilege scope limited by
+ * specified Permission arguments.
+ *
+ * The action is performed with the intersection of the permissions
+ * possessed by the caller's protection domain, and those possessed
+ * by the domains represented by the specified
+ * AccessControlContext.
+ *
+ * If the action's run method throws an (unchecked) exception,
+ * it will propagate through this method.
+ *
+ * @param action the action to be performed.
+ * @param context an access control context
+ * representing the restriction to be applied to the
+ * caller's domain's privileges before performing
+ * the specified action. If the context is
+ * null,
+ * then no additional restriction is applied.
+ * @param perms the Permission arguments which limit the
+ * scope of the caller's privileges. The number of arguments
+ * is variable.
+ *
+ * @return the value returned by the action's run method.
+ *
+ * @throws PrivilegedActionException if the specified action's
+ * run method threw a checked exception
+ * @throws NullPointerException if action or perms or any element of
+ * perms is null
+ *
+ * @see #doPrivileged(PrivilegedAction)
+ * @see #doPrivileged(PrivilegedAction,AccessControlContext)
+ *
+ * @since 1.8
+ */
+ @CallerSensitive
+ public static T doPrivileged(PrivilegedExceptionAction action,
+ AccessControlContext context, Permission... perms)
+ throws PrivilegedActionException
+ {
+ AccessControlContext parent = getContext();
+ if (perms == null) {
+ throw new NullPointerException("null permissions parameter");
+ }
+ Class caller = Reflection.getCallerClass();
+ return AccessController.doPrivileged(action, createWrapper(null, caller, parent, context, perms));
+ }
+
+
+ /**
+ * Performs the specified PrivilegedExceptionAction with
+ * privileges enabled and restricted by the specified
+ * AccessControlContext and with a privilege scope limited by
+ * specified Permission arguments.
+ *
+ * The action is performed with the intersection of the permissions
+ * possessed by the caller's protection domain, and those possessed
+ * by the domains represented by the specified
+ * AccessControlContext.
+ *
+ * If the action's run method throws an (unchecked) exception,
+ * it will propagate through this method.
+ *
+ *
This method preserves the current AccessControlContext's
+ * DomainCombiner (which may be null) while the action is performed.
+ *
+ * @param action the action to be performed.
+ * @param context an access control context
+ * representing the restriction to be applied to the
+ * caller's domain's privileges before performing
+ * the specified action. If the context is
+ * null,
+ * then no additional restriction is applied.
+ * @param perms the Permission arguments which limit the
+ * scope of the caller's privileges. The number of arguments
+ * is variable.
+ *
+ * @return the value returned by the action's run method.
+ *
+ * @throws PrivilegedActionException if the specified action's
+ * run method threw a checked exception
+ * @throws NullPointerException if action or perms or any element of
+ * perms is null
+ *
+ * @see #doPrivileged(PrivilegedAction)
+ * @see #doPrivileged(PrivilegedAction,AccessControlContext)
+ * @see java.security.DomainCombiner
+ *
+ * @since 1.8
+ */
+ @CallerSensitive
+ public static T doPrivilegedWithCombiner(PrivilegedExceptionAction action,
+ AccessControlContext context,
+ Permission... perms)
+ throws PrivilegedActionException
+ {
+ AccessControlContext parent = getContext();
+ DomainCombiner dc = parent.getCombiner();
+ if (dc == null && context != null) {
+ dc = context.getCombiner();
+ }
+ if (perms == null) {
+ throw new NullPointerException("null permissions parameter");
+ }
+ Class caller = Reflection.getCallerClass();
+ return AccessController.doPrivileged(action, createWrapper(dc, caller,
+ parent, context, perms));
+ }
+
/**
* Returns the AccessControl context. i.e., it gets
* the protection domains of all the callers on the stack,
@@ -474,6 +724,7 @@ public final class AccessController {
private static native AccessControlContext getStackAccessControlContext();
+
/**
* Returns the "inherited" AccessControl context. This is the context
* that existed when the thread was created. Package private so
@@ -484,9 +735,9 @@ public final class AccessController {
/**
* This method takes a "snapshot" of the current calling context, which
- * includes the current Thread's inherited AccessControlContext,
- * and places it in an AccessControlContext object. This context may then
- * be checked at a later point, possibly in another thread.
+ * includes the current Thread's inherited AccessControlContext and any
+ * limited privilege scope, and places it in an AccessControlContext object.
+ * This context may then be checked at a later point, possibly in another thread.
*
* @see AccessControlContext
*
@@ -524,7 +775,7 @@ public final class AccessController {
*/
public static void checkPermission(Permission perm)
- throws AccessControlException
+ throws AccessControlException
{
//System.err.println("checkPermission "+perm);
//Thread.currentThread().dumpStack();
diff --git a/jdk/src/share/classes/java/security/DigestOutputStream.java b/jdk/src/share/classes/java/security/DigestOutputStream.java
index 1307bdff344..31b77259ea6 100644
--- a/jdk/src/share/classes/java/security/DigestOutputStream.java
+++ b/jdk/src/share/classes/java/security/DigestOutputStream.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1996, 1999, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -112,10 +112,10 @@ public class DigestOutputStream extends FilterOutputStream {
* @see MessageDigest#update(byte)
*/
public void write(int b) throws IOException {
+ out.write(b);
if (on) {
digest.update((byte)b);
}
- out.write(b);
}
/**
@@ -142,10 +142,10 @@ public class DigestOutputStream extends FilterOutputStream {
* @see MessageDigest#update(byte[], int, int)
*/
public void write(byte[] b, int off, int len) throws IOException {
+ out.write(b, off, len);
if (on) {
digest.update(b, off, len);
}
- out.write(b, off, len);
}
/**
diff --git a/jdk/src/share/classes/java/util/HashMap.java b/jdk/src/share/classes/java/util/HashMap.java
index 5e79498da9f..c9b106ff759 100644
--- a/jdk/src/share/classes/java/util/HashMap.java
+++ b/jdk/src/share/classes/java/util/HashMap.java
@@ -26,6 +26,8 @@
package java.util;
import java.io.*;
+import java.lang.reflect.ParameterizedType;
+import java.lang.reflect.Type;
import java.util.function.Consumer;
import java.util.function.BiFunction;
import java.util.function.Function;
@@ -126,7 +128,7 @@ import java.util.function.Function;
*/
public class HashMap
- extends AbstractMap
+ extends AbstractMap
implements Map, Cloneable, Serializable
{
@@ -150,12 +152,12 @@ public class HashMap
/**
* An empty table instance to share when the table is not inflated.
*/
- static final Entry[] EMPTY_TABLE = {};
+ static final Object[] EMPTY_TABLE = {};
/**
* The table, resized as necessary. Length MUST Always be a power of two.
*/
- transient Entry[] table = EMPTY_TABLE;
+ transient Object[] table = EMPTY_TABLE;
/**
* The number of key-value mappings contained in this map.
@@ -186,10 +188,10 @@ public class HashMap
*/
transient int modCount;
+ /**
+ * Holds values which can't be initialized until after VM is booted.
+ */
private static class Holder {
- /**
- *
- */
static final sun.misc.Unsafe UNSAFE;
/**
@@ -198,22 +200,616 @@ public class HashMap
*/
static final long HASHSEED_OFFSET;
+ static final boolean USE_HASHSEED;
+
static {
- try {
- UNSAFE = sun.misc.Unsafe.getUnsafe();
- HASHSEED_OFFSET = UNSAFE.objectFieldOffset(
- HashMap.class.getDeclaredField("hashSeed"));
- } catch (NoSuchFieldException | SecurityException e) {
- throw new InternalError("Failed to record hashSeed offset", e);
+ String hashSeedProp = java.security.AccessController.doPrivileged(
+ new sun.security.action.GetPropertyAction(
+ "jdk.map.useRandomSeed"));
+ boolean localBool = (null != hashSeedProp)
+ ? Boolean.parseBoolean(hashSeedProp) : false;
+ USE_HASHSEED = localBool;
+
+ if (USE_HASHSEED) {
+ try {
+ UNSAFE = sun.misc.Unsafe.getUnsafe();
+ HASHSEED_OFFSET = UNSAFE.objectFieldOffset(
+ HashMap.class.getDeclaredField("hashSeed"));
+ } catch (NoSuchFieldException | SecurityException e) {
+ throw new InternalError("Failed to record hashSeed offset", e);
+ }
+ } else {
+ UNSAFE = null;
+ HASHSEED_OFFSET = 0;
}
}
}
- /**
+ /*
* A randomizing value associated with this instance that is applied to
* hash code of keys to make hash collisions harder to find.
+ *
+ * Non-final so it can be set lazily, but be sure not to set more than once.
*/
- transient final int hashSeed = sun.misc.Hashing.randomHashSeed(this);
+ transient final int hashSeed;
+
+ /*
+ * TreeBin/TreeNode code from CHM doesn't handle the null key. Store the
+ * null key entry here.
+ */
+ transient Entry nullKeyEntry = null;
+
+ /*
+ * In order to improve performance under high hash-collision conditions,
+ * HashMap will switch to storing a bin's entries in a balanced tree
+ * (TreeBin) instead of a linked-list once the number of entries in the bin
+ * passes a certain threshold (TreeBin.TREE_THRESHOLD), if at least one of
+ * the keys in the bin implements Comparable. This technique is borrowed
+ * from ConcurrentHashMap.
+ */
+
+ /*
+ * Code based on CHMv8
+ *
+ * Node type for TreeBin
+ */
+ final static class TreeNode {
+ TreeNode parent; // red-black tree links
+ TreeNode left;
+ TreeNode right;
+ TreeNode prev; // needed to unlink next upon deletion
+ boolean red;
+ final HashMap.Entry entry;
+
+ TreeNode(HashMap.Entry entry, Object next, TreeNode parent) {
+ this.entry = entry;
+ this.entry.next = next;
+ this.parent = parent;
+ }
+ }
+
+ /**
+ * Returns a Class for the given object of the form "class C
+ * implements Comparable", if one exists, else null. See the TreeBin
+ * docs, below, for explanation.
+ */
+ static Class comparableClassFor(Object x) {
+ Class c, s, cmpc; Type[] ts, as; Type t; ParameterizedType p;
+ if ((c = x.getClass()) == String.class) // bypass checks
+ return c;
+ if ((cmpc = Comparable.class).isAssignableFrom(c)) {
+ while (cmpc.isAssignableFrom(s = c.getSuperclass()))
+ c = s; // find topmost comparable class
+ if ((ts = c.getGenericInterfaces()) != null) {
+ for (int i = 0; i < ts.length; ++i) {
+ if (((t = ts[i]) instanceof ParameterizedType) &&
+ ((p = (ParameterizedType)t).getRawType() == cmpc) &&
+ (as = p.getActualTypeArguments()) != null &&
+ as.length == 1 && as[0] == c) // type arg is c
+ return c;
+ }
+ }
+ }
+ return null;
+ }
+
+ /*
+ * Code based on CHMv8
+ *
+ * A specialized form of red-black tree for use in bins
+ * whose size exceeds a threshold.
+ *
+ * TreeBins use a special form of comparison for search and
+ * related operations (which is the main reason we cannot use
+ * existing collections such as TreeMaps). TreeBins contain
+ * Comparable elements, but may contain others, as well as
+ * elements that are Comparable but not necessarily Comparable
+ * for the same T, so we cannot invoke compareTo among them. To
+ * handle this, the tree is ordered primarily by hash value, then
+ * by Comparable.compareTo order if applicable. On lookup at a
+ * node, if elements are not comparable or compare as 0 then both
+ * left and right children may need to be searched in the case of
+ * tied hash values. (This corresponds to the full list search
+ * that would be necessary if all elements were non-Comparable and
+ * had tied hashes.) The red-black balancing code is updated from
+ * pre-jdk-collections
+ * (http://gee.cs.oswego.edu/dl/classes/collections/RBCell.java)
+ * based in turn on Cormen, Leiserson, and Rivest "Introduction to
+ * Algorithms" (CLR).
+ */
+ final class TreeBin {
+ /*
+ * The bin count threshold for using a tree rather than list for a bin. The
+ * value reflects the approximate break-even point for using tree-based
+ * operations.
+ */
+ static final int TREE_THRESHOLD = 16;
+
+ TreeNode root; // root of tree
+ TreeNode first; // head of next-pointer list
+
+ /*
+ * Split a TreeBin into lo and hi parts and install in given table.
+ *
+ * Existing Entrys are re-used, which maintains the before/after links for
+ * LinkedHashMap.Entry.
+ *
+ * No check for Comparable, though this is the same as CHM.
+ */
+ final void splitTreeBin(Object[] newTable, int i, TreeBin loTree, TreeBin hiTree) {
+ TreeBin oldTree = this;
+ int bit = newTable.length >>> 1;
+ int loCount = 0, hiCount = 0;
+ TreeNode e = oldTree.first;
+ TreeNode next;
+
+ // This method is called when the table has just increased capacity,
+ // so indexFor() is now taking one additional bit of hash into
+ // account ("bit"). Entries in this TreeBin now belong in one of
+ // two bins, "i" or "i+bit", depending on if the new top bit of the
+ // hash is set. The trees for the two bins are loTree and hiTree.
+ // If either tree ends up containing fewer than TREE_THRESHOLD
+ // entries, it is converted back to a linked list.
+ while (e != null) {
+ // Save entry.next - it will get overwritten in putTreeNode()
+ next = (TreeNode)e.entry.next;
+
+ int h = e.entry.hash;
+ K k = (K) e.entry.key;
+ V v = e.entry.value;
+ if ((h & bit) == 0) {
+ ++loCount;
+ // Re-using e.entry
+ loTree.putTreeNode(h, k, v, e.entry);
+ } else {
+ ++hiCount;
+ hiTree.putTreeNode(h, k, v, e.entry);
+ }
+ // Iterate using the saved 'next'
+ e = next;
+ }
+ if (loCount < TREE_THRESHOLD) { // too small, convert back to list
+ HashMap.Entry loEntry = null;
+ TreeNode p = loTree.first;
+ while (p != null) {
+ @SuppressWarnings("unchecked")
+ TreeNode savedNext = (TreeNode) p.entry.next;
+ p.entry.next = loEntry;
+ loEntry = p.entry;
+ p = savedNext;
+ }
+ // assert newTable[i] == null;
+ newTable[i] = loEntry;
+ } else {
+ // assert newTable[i] == null;
+ newTable[i] = loTree;
+ }
+ if (hiCount < TREE_THRESHOLD) { // too small, convert back to list
+ HashMap.Entry hiEntry = null;
+ TreeNode p = hiTree.first;
+ while (p != null) {
+ @SuppressWarnings("unchecked")
+ TreeNode savedNext = (TreeNode) p.entry.next;
+ p.entry.next = hiEntry;
+ hiEntry = p.entry;
+ p = savedNext;
+ }
+ // assert newTable[i + bit] == null;
+ newTable[i + bit] = hiEntry;
+ } else {
+ // assert newTable[i + bit] == null;
+ newTable[i + bit] = hiTree;
+ }
+ }
+
+ /*
+ * Popuplate the TreeBin with entries from the linked list e
+ *
+ * Assumes 'this' is a new/empty TreeBin
+ *
+ * Note: no check for Comparable
+ * Note: I believe this changes iteration order
+ */
+ @SuppressWarnings("unchecked")
+ void populate(HashMap.Entry e) {
+ // assert root == null;
+ // assert first == null;
+ HashMap.Entry next;
+ while (e != null) {
+ // Save entry.next - it will get overwritten in putTreeNode()
+ next = (HashMap.Entry)e.next;
+ // Re-using Entry e will maintain before/after in LinkedHM
+ putTreeNode(e.hash, (K)e.key, (V)e.value, e);
+ // Iterate using the saved 'next'
+ e = next;
+ }
+ }
+
+ /**
+ * Copied from CHMv8
+ * From CLR
+ */
+ private void rotateLeft(TreeNode p) {
+ if (p != null) {
+ TreeNode r = p.right, pp, rl;
+ if ((rl = p.right = r.left) != null) {
+ rl.parent = p;
+ }
+ if ((pp = r.parent = p.parent) == null) {
+ root = r;
+ } else if (pp.left == p) {
+ pp.left = r;
+ } else {
+ pp.right = r;
+ }
+ r.left = p;
+ p.parent = r;
+ }
+ }
+
+ /**
+ * Copied from CHMv8
+ * From CLR
+ */
+ private void rotateRight(TreeNode p) {
+ if (p != null) {
+ TreeNode l = p.left, pp, lr;
+ if ((lr = p.left = l.right) != null) {
+ lr.parent = p;
+ }
+ if ((pp = l.parent = p.parent) == null) {
+ root = l;
+ } else if (pp.right == p) {
+ pp.right = l;
+ } else {
+ pp.left = l;
+ }
+ l.right = p;
+ p.parent = l;
+ }
+ }
+
+ /**
+ * Returns the TreeNode (or null if not found) for the given
+ * key. A front-end for recursive version.
+ */
+ final TreeNode getTreeNode(int h, K k) {
+ return getTreeNode(h, k, root, comparableClassFor(k));
+ }
+
+ /**
+ * Returns the TreeNode (or null if not found) for the given key
+ * starting at given root.
+ */
+ @SuppressWarnings("unchecked")
+ final TreeNode getTreeNode (int h, K k, TreeNode p, Class cc) {
+ // assert k != null;
+ while (p != null) {
+ int dir, ph; Object pk;
+ if ((ph = p.entry.hash) != h)
+ dir = (h < ph) ? -1 : 1;
+ else if ((pk = p.entry.key) == k || k.equals(pk))
+ return p;
+ else if (cc == null || comparableClassFor(pk) != cc ||
+ (dir = ((Comparable