JDK24: Permanently Disable the Security Manager #20625
Conversation
| <disables> | ||
| <disable> | ||
| <comment>https://github.com/eclipse-openj9/openj9/issues/20563</comment> | ||
| <version>24+</version> |
There was a problem hiding this comment.
@llxia is this the preferred way to disable tests from running in future versions? The security tests should run for JDK 11-23 only. I've mostly seen the block used in temporarily disabled tests so I wanted to check since this would be a permanent change.
There was a problem hiding this comment.
disable is for temporary excludes. In this case, we should set <version>[11, 23]</version> . Example code: https://github.com/adoptium/TKG/blob/master/examples/jdkVersion/playlist.xml#L39
theresa-m
force-pushed
the
fix_20563
branch
3 times, most recently
from
888855d
to
7ab4eda
Compare
|
@JasonFengJ9 Please review these changes |
There was a problem hiding this comment.
The natives related to checkPermission() can be ifdef out for JDK24+ such as
openj9/runtime/jcl/common/java_lang_Class.cpp
Line 1406 in 48709bf
| @@ -1265,6 +1265,10 @@ static void checkTmpDir() { | |||
|
|
|||
| /*[IF JAVA_SPEC_VERSION >= 9]*/ | |||
| static void initSecurityManager(ClassLoader applicationClassLoader) { | |||
There was a problem hiding this comment.
initSecurityManager() can be removed at
There was a problem hiding this comment.
This is still needed since initSecurityManager is used to detect settings of the java.security.manager property.
There was a problem hiding this comment.
initSecurityManager() reads the system property java.security.manager, and sets throwUOEFromSetSM which can be skipped within setSecurityManager().
System.initSecurityManager(applicationClassLoader) seems not needed for JDK24+.
There was a problem hiding this comment.
It will still be needed to throw an exception on startup for illegal java.security.manager manager settings triggered by throwErrorOnInit .
| @@ -727,10 +727,15 @@ private boolean debugHelper(Permission perm) { | |||
| * | |||
| * @param perm java.security.Permission | |||
| * the permission to check | |||
| /*[IF JAVA_SPEC_VERSION >= 24] | |||
There was a problem hiding this comment.
The API description should be changed for JDK24 such as Throws AccessControlException.
jcl/src/java.base/share/classes/java/security/AccessController.java
Outdated
Show resolved
Hide resolved
.../functional/cmdLineTests/shareClassTests/DataHelperTests/DataHelperTests_SecurityManager.xml
Outdated
Show resolved
Hide resolved
test/functional/cmdLineTests/shareClassTests/DataHelperTests/playlist.xml
Outdated
Show resolved
Hide resolved
test/functional/Java8andUp/src/org/openj9/test/attachAPI/TestAttachAPI.java
Outdated
Show resolved
Hide resolved
|
FYI #20655 |
Signed-off-by: Theresa Mammarella <[email protected]>
Signed-off-by: Theresa Mammarella <[email protected]>
Signed-off-by: Theresa Mammarella <[email protected]>
to a different job and exclude from 24+. Signed-off-by: Theresa Mammarella <[email protected]>
Signed-off-by: Theresa Mammarella <[email protected]>
Signed-off-by: Theresa Mammarella <[email protected]>
theresa-m
force-pushed
the
fix_20563
branch
2 times, most recently
from
fce9383
to
fc9e6eb
Compare
| } else if ("disallow".equals(javaSecurityManager)) { //$NON-NLS-1$ | ||
| /*[IF JAVA_SPEC_VERSION > 11]*/ | ||
| throwUOEFromSetSM = true; | ||
| /*[ELSE] JAVA_SPEC_VERSION > 11 */ | ||
| /* Do nothing. */ | ||
| /*[ENDIF] JAVA_SPEC_VERSION > 11 */ | ||
| } else { | ||
| /*[IF JAVA_SPEC_VERSION >= 24]*/ | ||
| throwErrorOnInit = true; | ||
| /*[ELSE] JAVA_SPEC_VERSION >= 24 */ | ||
| /*[IF JAVA_SPEC_VERSION >= 17]*/ | ||
| initialErr.println("WARNING: A command line option has enabled the Security Manager"); //$NON-NLS-1$ | ||
| initialErr.println("WARNING: The Security Manager is deprecated and will be removed in a future release"); //$NON-NLS-1$ |
There was a problem hiding this comment.
These WARNING messages shouldn't be printed for JDK24+.
There was a problem hiding this comment.
They are excluded already (in the /*[ELSE] JAVA_SPEC_VERSION >= 24 */) block.
| /*[MSG "K0637", "A command line option has attempted to allow or enable the Security Manager. Enabling a Security Manager is not supported."]*/ | ||
| throw new Error(Msg.getString("K0637")); //$NON-NLS-1$ | ||
| } | ||
| /*[ENDIF] JAVA_SPEC_VERSION >= 24 */ |
There was a problem hiding this comment.
I think throwErrorOnInit isn't needed, the Error can be moved around Line 1278 whenever java.security.manager is detected.
There was a problem hiding this comment.
I liked the variable since the -Djava.security.manager=disallow case should not throw an exception.
| @@ -355,6 +355,7 @@ K0633="{0} is not a valid AccessMode." | |||
| K0634="{0}.{1}({2}) is static. Expected instance field." | |||
| K0635="{0}.{1}({2}) is non-static. Expected static field." | |||
| K0636="No such field: {0}.{1}({2})" | |||
| K0637="A command line option has attempted to allow or enable the Security Manager. Enabling a Security Manager is not supported." | |||
There was a problem hiding this comment.
Thanks for catching this.
| @@ -49,25 +51,25 @@ public final class AccessController { | |||
| initializeInternal(); | |||
| } | |||
|
|
|||
| private static native void initializeInternal(); | |||
There was a problem hiding this comment.
This native can be removed for JDK24+, I expect J9JavaVM->doPrivilegedMethodID_XXX are not needed along with
openj9/runtime/jcl/common/acccont.c
Line 28 in 3da9d2f
There was a problem hiding this comment.
I have excluded these and am running a personal build to see if there are any impacted tests.
theresa-m
force-pushed
the
fix_20563
branch
2 times, most recently
from
725ab4c
to
72168cc
Compare
Signed-off-by: Theresa Mammarella <[email protected]>
- Throw an error on initialization if java.security.manager attempts to add a security manager - configure setSecurityManager to always throw an UnsupportedOperationException - getSecurityManager will always return null since a security manager can't be set Signed-off-by: Theresa Mammarella <[email protected]>
Do you mind if I do this in a second pull request? This change set is already getting large. |
Sounds good. |
Related: #20563