36 import java.lang.reflect.Field; |
36 import java.lang.reflect.Field; |
37 import java.lang.reflect.Method; |
37 import java.lang.reflect.Method; |
38 import java.lang.reflect.ReflectPermission; |
38 import java.lang.reflect.ReflectPermission; |
39 import java.nio.channels.FileChannel; |
39 import java.nio.channels.FileChannel; |
40 import java.nio.channels.ReadableByteChannel; |
40 import java.nio.channels.ReadableByteChannel; |
|
41 import java.nio.file.DirectoryStream; |
41 import java.nio.file.FileVisitResult; |
42 import java.nio.file.FileVisitResult; |
42 import java.nio.file.Files; |
43 import java.nio.file.Files; |
43 import java.nio.file.Path; |
44 import java.nio.file.Path; |
44 import java.nio.file.Paths; |
45 import java.nio.file.Paths; |
45 import java.nio.file.SimpleFileVisitor; |
46 import java.nio.file.SimpleFileVisitor; |
63 import jdk.jfr.Event; |
64 import jdk.jfr.Event; |
64 import jdk.jfr.FlightRecorder; |
65 import jdk.jfr.FlightRecorder; |
65 import jdk.jfr.FlightRecorderListener; |
66 import jdk.jfr.FlightRecorderListener; |
66 import jdk.jfr.FlightRecorderPermission; |
67 import jdk.jfr.FlightRecorderPermission; |
67 import jdk.jfr.Recording; |
68 import jdk.jfr.Recording; |
|
69 import jdk.jfr.internal.consumer.FileAccess; |
68 |
70 |
69 /** |
71 /** |
70 * Contains JFR code that does |
72 * Contains JFR code that does |
71 * {@link AccessController#doPrivileged(PrivilegedAction)} |
73 * {@link AccessController#doPrivileged(PrivilegedAction)} |
72 */ |
74 */ |
73 public final class SecuritySupport { |
75 public final class SecuritySupport { |
74 private final static Unsafe unsafe = Unsafe.getUnsafe(); |
76 private final static Unsafe unsafe = Unsafe.getUnsafe(); |
75 private final static MethodHandles.Lookup LOOKUP = MethodHandles.lookup(); |
77 private final static MethodHandles.Lookup LOOKUP = MethodHandles.lookup(); |
76 private final static Module JFR_MODULE = Event.class.getModule(); |
78 private final static Module JFR_MODULE = Event.class.getModule(); |
77 public final static SafePath JFC_DIRECTORY = getPathInProperty("java.home", "lib/jfr"); |
79 public final static SafePath JFC_DIRECTORY = getPathInProperty("java.home", "lib/jfr"); |
78 |
80 public final static FileAccess PRIVILIGED = new Privileged(); |
79 static final SafePath USER_HOME = getPathInProperty("user.home", null); |
81 static final SafePath USER_HOME = getPathInProperty("user.home", null); |
80 static final SafePath JAVA_IO_TMPDIR = getPathInProperty("java.io.tmpdir", null); |
82 static final SafePath JAVA_IO_TMPDIR = getPathInProperty("java.io.tmpdir", null); |
81 |
83 |
82 static { |
84 static { |
83 // ensure module java.base can read module jdk.jfr as early as possible |
85 // ensure module java.base can read module jdk.jfr as early as possible |
148 /** |
150 /** |
149 * Path created by the default file provider,and not |
151 * Path created by the default file provider,and not |
150 * a malicious provider. |
152 * a malicious provider. |
151 * |
153 * |
152 */ |
154 */ |
153 public static final class SafePath { |
155 public static final class SafePath implements Comparable<SafePath> { |
154 private final Path path; |
156 private final Path path; |
155 private final String text; |
157 private final String text; |
156 |
158 |
157 public SafePath(Path p) { |
159 public SafePath(Path p) { |
158 // sanitize |
160 // sanitize |
166 |
168 |
167 public Path toPath() { |
169 public Path toPath() { |
168 return path; |
170 return path; |
169 } |
171 } |
170 |
172 |
|
173 public File toFile() { |
|
174 return path.toFile(); |
|
175 } |
|
176 |
171 public String toString() { |
177 public String toString() { |
172 return text; |
178 return text; |
|
179 } |
|
180 |
|
181 @Override |
|
182 public int compareTo(SafePath that) { |
|
183 return that.text.compareTo(this.text); |
173 } |
184 } |
174 } |
185 } |
175 |
186 |
176 private interface RunnableWithCheckedException { |
187 private interface RunnableWithCheckedException { |
177 public void run() throws Exception; |
188 public void run() throws Exception; |
434 } |
445 } |
435 |
446 |
436 public static SafePath getAbsolutePath(SafePath path) throws IOException { |
447 public static SafePath getAbsolutePath(SafePath path) throws IOException { |
437 return new SafePath(doPrivilegedIOWithReturn((()-> path.toPath().toAbsolutePath()))); |
448 return new SafePath(doPrivilegedIOWithReturn((()-> path.toPath().toAbsolutePath()))); |
438 } |
449 } |
|
450 |
|
451 private final static class Privileged extends FileAccess { |
|
452 @Override |
|
453 public RandomAccessFile openRAF(File f, String mode) throws IOException { |
|
454 return doPrivilegedIOWithReturn( () -> new RandomAccessFile(f, mode)); |
|
455 } |
|
456 |
|
457 @Override |
|
458 public DirectoryStream<Path> newDirectoryStream(Path directory) throws IOException { |
|
459 return doPrivilegedIOWithReturn( () -> Files.newDirectoryStream(directory)); |
|
460 } |
|
461 |
|
462 @Override |
|
463 public String getAbsolutePath(File f) throws IOException { |
|
464 return doPrivilegedIOWithReturn( () ->f.getAbsolutePath()); |
|
465 } |
|
466 @Override |
|
467 public long length(File f) throws IOException { |
|
468 return doPrivilegedIOWithReturn( () ->f.length()); |
|
469 } |
|
470 |
|
471 @Override |
|
472 public long fileSize(Path p) throws IOException { |
|
473 return doPrivilegedIOWithReturn( () ->Files.size(p)); |
|
474 } |
|
475 } |
|
476 |
|
477 |
439 } |
478 } |