infernap12/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2026-03-14 09:53:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

8354053: Remove unused JavaIOFilePermissionAccess

Browse Source 
Reviewed-by: liach, weijun
This commit is contained in:
Roger Riggs 2025-04-28 18:21:46 +00:00
parent a090aa3ff8
commit 2f8448034f
5 changed files with 85 additions and 203 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

114
src/java.base/share/classes/java/io/FilePermission.java
View File

@ -34,11 +34,9 @@ import java.util.StringJoiner;
import java.util.Vector;
import java.util.concurrent.ConcurrentHashMap;
import jdk.internal.access.JavaIOFilePermissionAccess;
import jdk.internal.access.SharedSecrets;
import sun.nio.fs.DefaultFileSystemProvider;
import sun.security.util.FilePermCompat;
import sun.security.util.SecurityConstants;
import sun.security.util.SecurityProperties;
/**
* This class represents access to a file or directory. A FilePermission consists
@ -155,6 +153,26 @@ public final class FilePermission extends Permission implements Serializable {
private static final char RECURSIVE_CHAR = '-';
private static final char WILD_CHAR = '*';
/**
* New behavior? Keep compatibility?
* The new behavior does not use the canonical path normalization
*/
private static final boolean nb = initNb();
// Initialize the nb flag from the System property jdk.io.permissionsUseCanonicalPath.
private static boolean initNb() {
String flag = SecurityProperties.getOverridableProperty(
"jdk.io.permissionsUseCanonicalPath");
return switch (flag) {
case "true" -> false; // compatibility mode to canonicalize paths
case "false" -> true; // do not canonicalize
case null -> true; // default, do not canonicalize
default ->
throw new RuntimeException(
"Invalid jdk.io.permissionsUseCanonicalPath: " + flag);
};
}
// public String toString() {
// StringBuilder sb = new StringBuilder();
// sb.append("*** FilePermission on " + getName() + " ***");
@ -232,51 +250,49 @@ public final class FilePermission extends Permission implements Serializable {
}
}
static {
SharedSecrets.setJavaIOFilePermissionAccess(
/**
* Creates FilePermission objects with special internals.
* See {@link FilePermCompat#newPermPlusAltPath(Permission)} and
* {@link FilePermCompat#newPermUsingAltPath(Permission)}.
*/
new JavaIOFilePermissionAccess() {
public FilePermission newPermPlusAltPath(FilePermission input) {
if (!input.invalid && input.npath2 == null && !input.allFiles) {
Path npath2 = altPath(input.npath);
if (npath2 != null) {
// Please note the name of the new permission is
// different than the original so that when one is
// added to a FilePermissionCollection it will not
// be merged with the original one.
return new FilePermission(input.getName() + "#plus",
input,
input.npath,
npath2,
input.mask,
input.actions);
}
}
return input;
}
public FilePermission newPermUsingAltPath(FilePermission input) {
if (!input.invalid && !input.allFiles) {
Path npath2 = altPath(input.npath);
if (npath2 != null) {
// New name, see above.
return new FilePermission(input.getName() + "#using",
input,
npath2,
null,
input.mask,
input.actions);
}
}
return null;
}
// Construct a new Permission with altPath
// Used by test FilePermissionCollectionMerge
private FilePermission newPermPlusAltPath() {
System.err.println("PlusAlt path: " + this + ", npath: " + npath);
if (nb && !invalid && npath2 == null && !allFiles) {
Path npath2 = altPath(npath);
if (npath2 != null) {
// Please note the name of the new permission is
// different than the original so that when one is
// added to a FilePermissionCollection it will not
// be merged with the original one.
return new FilePermission(getName() + "#plus",
this,
npath,
npath2,
mask,
actions);
}
);
}
return this;
}
// Construct a new Permission adding altPath
// Used by test FilePermissionCollectionMerge
private FilePermission newPermUsingAltPath() {
System.err.println("Alt path: " + this + ", npath: " + npath);
if (!invalid && !allFiles) {
Path npath2 = altPath(npath);
if (npath2 != null) {
// New name, see above.
return new FilePermission(getName() + "#using",
this,
npath2,
null,
mask,
actions);
}
}
return this;
}
/**
* initialize a FilePermission object. Common to all constructors.
* Also called during de-serialization.
@ -291,7 +307,7 @@ public final class FilePermission extends Permission implements Serializable {
if (mask == NONE)
throw new IllegalArgumentException("invalid actions mask");
if (FilePermCompat.nb) {
if (nb) {
String name = getName();
if (name == null)
@ -567,7 +583,7 @@ public final class FilePermission extends Permission implements Serializable {
if (that.allFiles) {
return false;
}
if (FilePermCompat.nb) {
if (nb) {
// Left at least same level of wildness as right
if ((this.recursive && that.recursive) != that.recursive
|| (this.directory && that.directory) != that.directory) {
@ -766,7 +782,7 @@ public final class FilePermission extends Permission implements Serializable {
if (this.invalid || that.invalid) {
return false;
}
if (FilePermCompat.nb) {
if (nb) {
return (this.mask == that.mask) &&
(this.allFiles == that.allFiles) &&
this.npath.equals(that.npath) &&
@ -789,7 +805,7 @@ public final class FilePermission extends Permission implements Serializable {
*/
@Override
public int hashCode() {
if (FilePermCompat.nb) {
if (nb) {
return Objects.hash(
mask, allFiles, directory, recursive, npath, npath2, invalid);
} else {

50
src/java.base/share/classes/jdk/internal/access/JavaIOFilePermissionAccess.java
View File

@ -1,50 +0,0 @@
/*
* Copyright (c) 2016, 2025, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package jdk.internal.access;
import java.io.FilePermission;
public interface JavaIOFilePermissionAccess {
/**
* Returns a new FilePermission plus an alternative path.
*
* @param input the input
* @return the new FilePermission plus the alt path (as npath2)
* or the input itself if no alt path is available.
*/
@SuppressWarnings("removal")
FilePermission newPermPlusAltPath(FilePermission input);
/**
* Returns a new FilePermission using an alternative path.
*
* @param input the input
* @return the new FilePermission using the alt path (as npath)
* or null if no alt path is available
*/
@SuppressWarnings("removal")
FilePermission newPermUsingAltPath(FilePermission input);
}

15
src/java.base/share/classes/jdk/internal/access/SharedSecrets.java
View File

@ -69,7 +69,6 @@ public class SharedSecrets {
private static JavaLangReflectAccess javaLangReflectAccess;
private static JavaIOAccess javaIOAccess;
private static JavaIOFileDescriptorAccess javaIOFileDescriptorAccess;
private static JavaIOFilePermissionAccess javaIOFilePermissionAccess;
private static JavaIORandomAccessFileAccess javaIORandomAccessFileAccess;
private static JavaObjectInputStreamReadString javaObjectInputStreamReadString;
private static JavaObjectInputStreamAccess javaObjectInputStreamAccess;
@ -287,20 +286,6 @@ public class SharedSecrets {
javaIOFileDescriptorAccess = jiofda;
}
@SuppressWarnings("removal")
public static JavaIOFilePermissionAccess getJavaIOFilePermissionAccess() {
var access = javaIOFilePermissionAccess;
if (access == null) {
ensureClassInitialized(FilePermission.class);
access = javaIOFilePermissionAccess;
}
return access;
}
public static void setJavaIOFilePermissionAccess(JavaIOFilePermissionAccess jiofpa) {
javaIOFilePermissionAccess = jiofpa;
}
public static JavaIOFileDescriptorAccess getJavaIOFileDescriptorAccess() {
var access = javaIOFileDescriptorAccess;
if (access == null) {

80
src/java.base/share/classes/sun/security/util/FilePermCompat.java
View File

@ -1,80 +0,0 @@
/*
* Copyright (c) 2016, 2025, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package sun.security.util;
import java.io.FilePermission;
import java.security.Permission;
import jdk.internal.access.SharedSecrets;
/**
* Take care of FilePermission compatibility after JDK-8164705.
*/
public class FilePermCompat {
/**
* New behavior? Keep compatibility? Both default true.
*/
public static final boolean nb;
public static final boolean compat;
static {
String flag = SecurityProperties.getOverridableProperty(
"jdk.io.permissionsUseCanonicalPath");
if (flag == null) {
flag = "false";
}
switch (flag) {
case "true":
nb = false;
compat = false;
break;
case "false":
nb = true;
compat = true;
break;
default:
throw new RuntimeException(
"Invalid jdk.io.permissionsUseCanonicalPath: " + flag);
}
}
@SuppressWarnings("removal")
public static Permission newPermPlusAltPath(Permission input) {
if (compat && input instanceof FilePermission) {
return SharedSecrets.getJavaIOFilePermissionAccess()
.newPermPlusAltPath((FilePermission) input);
}
return input;
}
@SuppressWarnings("removal")
public static Permission newPermUsingAltPath(Permission input) {
if (input instanceof FilePermission) {
return SharedSecrets.getJavaIOFilePermissionAccess()
.newPermUsingAltPath((FilePermission) input);
}
return null;
}
}

29
test/jdk/java/io/FilePermission/FilePermissionCollectionMerge.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2016, 2025, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -24,19 +24,21 @@
/**
*
* @test
* @bug 8168127
* @bug 8168127 8354053
* @summary FilePermissionCollection merges incorrectly
* @modules java.base/sun.security.util
* @modules java.base/java.io:open
* @library /test/lib
* @build jdk.test.lib.Asserts
* @run main FilePermissionCollectionMerge
*/
import sun.security.util.FilePermCompat;
import java.io.FilePermission;
import java.lang.reflect.Method;
import java.security.Permissions;
import jdk.test.lib.Asserts;
@SuppressWarnings("removal")
public class FilePermissionCollectionMerge {
public static void main(String[] args) throws Exception {
@ -50,13 +52,22 @@ public class FilePermissionCollectionMerge {
test("/x/-");
}
static void test(String arg) {
static void test(String arg) throws Exception {
Method altPathMethod;
Method plusAltPathMethod;
try {
altPathMethod = FilePermission.class.getDeclaredMethod("newPermUsingAltPath");
altPathMethod.setAccessible(true);
plusAltPathMethod = FilePermission.class.getDeclaredMethod("newPermPlusAltPath");
plusAltPathMethod.setAccessible(true);
} catch (Exception ex) {
System.err.println("File permission compatibility initialization failed");
throw ex;
}
FilePermission fp1 = new FilePermission(arg, "read");
FilePermission fp2 = (FilePermission)
FilePermCompat.newPermUsingAltPath(fp1);
FilePermission fp3 = (FilePermission)
FilePermCompat.newPermPlusAltPath(fp1);
FilePermission fp2 = (FilePermission) altPathMethod.invoke(fp1);
FilePermission fp3 = (FilePermission) plusAltPathMethod.invoke(fp1);
// All 3 are different
Asserts.assertNE(fp1, fp2);