8272317: jstatd has dependency on Security Manager which needs to be removed

Reviewed-by: cjplummer, rriggs

make/modules/jdk.jstatd/Launcher.gmk

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2011, 2021, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2011, 2022, Oracle and/or its affiliates. All rights reserved.
 # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 #
 # This code is free software; you can redistribute it and/or modify it
@@ -27,5 +27,4 @@ include LauncherCommon.gmk
 
 $(eval $(call SetupBuildLauncher, jstatd, \
     MAIN_CLASS := sun.tools.jstatd.Jstatd, \
-    JAVA_ARGS := -Djava.security.manager=allow, \
 ))

src/jdk.jstatd/share/classes/sun/tools/jstatd/Jstatd.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2004, 2021, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2004, 2022, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -25,6 +25,7 @@
 
 package sun.tools.jstatd;
 
+import java.io.ObjectInputFilter;
 import java.rmi.*;
 import java.rmi.server.*;
 import java.rmi.registry.Registry;
@@ -47,6 +48,8 @@ public class Jstatd {
     private static boolean startRegistry = true;
     private static RemoteHost remoteHost;
 
+    private static final String rmiFilterPattern = "sun.jvmstat.monitor.remote.RemoteVm;com.sun.proxy.jdk.proxy*;java.lang.reflect.Proxy;java.rmi.server.RemoteObjectInvocationHandler;java.rmi.server.RemoteObject;!*";
+
     private static void printUsage() {
         System.err.println("usage: jstatd [-nr] [-p port] [-r rmiport] [-n rminame]\n" +
                            "       jstatd -?|-h|--help");
@@ -72,7 +75,6 @@ public class Jstatd {
         }
     }
 
-    @SuppressWarnings({"removal","deprecation"}) // Use of RMISecurityManager
     public static void main(String[] args) {
         String rminame = null;
         int rmiPort = 0;
@@ -132,10 +134,6 @@ public class Jstatd {
             System.exit(1);
         }
 
-        if (System.getSecurityManager() == null) {
-            System.setSecurityManager(new RMISecurityManager());
-        }
-
         StringBuilder name = new StringBuilder();
 
         if (port >= 0) {
@@ -149,11 +147,10 @@ public class Jstatd {
         name.append("/").append(rminame);
 
         try {
-            // use 1.5.0 dynamically generated subs.
-            System.setProperty("java.rmi.server.ignoreSubClasses", "true");
             remoteHost = new RemoteHostImpl(rmiPort);
+            ObjectInputFilter filter = ObjectInputFilter.Config.createFilter(rmiFilterPattern);
             RemoteHost stub = (RemoteHost) UnicastRemoteObject.exportObject(
-                    remoteHost, rmiPort);
+                    remoteHost, rmiPort, filter);
             bind(name.toString(), stub);
             System.out.println("jstatd started (bound to " + name.toString() + ")");
             System.out.flush();

test/jdk/sun/tools/jstatd/JstatdTest.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2013, 2020, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2013, 2022, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -43,7 +43,7 @@ import jdk.test.lib.thread.ProcessThread;
  * <pre>
  * {@code
  * // start jstatd process
- * jstatd -J-XX:+UsePerfData -J-Djava.security.policy=all.policy
+ * jstatd -J-XX:+UsePerfData
  *
  * // run jps and verify its output
  * jps -J-XX:+UsePerfData hostname
@@ -244,20 +244,16 @@ public final class JstatdTest {
     /**
      * Depending on test settings command line can look like:
      *
-     * jstatd -J-XX:+UsePerfData -J-Djava.security.policy=all.policy
-     * jstatd -J-XX:+UsePerfData -J-Djava.security.policy=all.policy -p port
-     * jstatd -J-XX:+UsePerfData -J-Djava.security.policy=all.policy -p port -r rmiport
-     * jstatd -J-XX:+UsePerfData -J-Djava.security.policy=all.policy -n serverName
-     * jstatd -J-XX:+UsePerfData -J-Djava.security.policy=all.policy -p port -n serverName
+     * jstatd -J-XX:+UsePerfData
+     * jstatd -J-XX:+UsePerfData -p port
+     * jstatd -J-XX:+UsePerfData -p port -r rmiport
+     * jstatd -J-XX:+UsePerfData -n serverName
+     * jstatd -J-XX:+UsePerfData -p port -n serverName
      */
     private String[] getJstatdCmd() throws Exception {
         JDKToolLauncher launcher = JDKToolLauncher.createUsingTestJDK("jstatd");
         launcher.addVMArg("-XX:+UsePerfData");
         String testSrc = System.getProperty("test.src");
-        File policy = new File(testSrc, "all.policy");
-        assertTrue(policy.exists() && policy.isFile(),
-                "Security policy " + policy.getAbsolutePath() + " does not exist or not a file");
-        launcher.addVMArg("-Djava.security.policy=" + policy.getAbsolutePath());
         if (port != null) {
             addToolArg(launcher,"-p", port);
         }

test/jdk/sun/tools/jstatd/all.policy

@@ -1,3 +0,0 @@
-grant {
-   permission java.security.AllPermission;
-};