--- a/hotspot/src/share/vm/classfile/javaClasses.cpp Thu Mar 07 11:49:38 2013 -0500
+++ b/hotspot/src/share/vm/classfile/javaClasses.cpp Fri Apr 05 10:18:36 2013 -0400
@@ -2774,6 +2774,7 @@
int java_security_AccessControlContext::_context_offset = 0;
int java_security_AccessControlContext::_privilegedContext_offset = 0;
int java_security_AccessControlContext::_isPrivileged_offset = 0;
+int java_security_AccessControlContext::_isAuthorized_offset = -1;
void java_security_AccessControlContext::compute_offsets() {
assert(_isPrivileged_offset == 0, "offsets should be initialized only once");
@@ -2794,9 +2795,20 @@
fatal("Invalid layout of java.security.AccessControlContext");
}
_isPrivileged_offset = fd.offset();
+
+ // The offset may not be present for bootstrapping with older JDK.
+ if (ik->find_local_field(vmSymbols::isAuthorized_name(), vmSymbols::bool_signature(), &fd)) {
+ _isAuthorized_offset = fd.offset();
+ }
}
+bool java_security_AccessControlContext::is_authorized(Handle context) {
+ assert(context.not_null() && context->klass() == SystemDictionary::AccessControlContext_klass(), "Invalid type");
+ assert(_isAuthorized_offset != -1, "should be set");
+ return context->bool_field(_isAuthorized_offset) != 0;
+}
+
oop java_security_AccessControlContext::create(objArrayHandle context, bool isPrivileged, Handle privileged_context, TRAPS) {
assert(_isPrivileged_offset != 0, "offsets should have been initialized");
// Ensure klass is initialized
@@ -2807,6 +2819,8 @@
result->obj_field_put(_context_offset, context());
result->obj_field_put(_privilegedContext_offset, privileged_context());
result->bool_field_put(_isPrivileged_offset, isPrivileged);
+ // whitelist AccessControlContexts created by the JVM.
+ result->bool_field_put(_isAuthorized_offset, true);
return result;
}
@@ -2916,6 +2930,15 @@
}
+bool java_lang_System::has_security_manager() {
+ InstanceKlass* ik = InstanceKlass::cast(SystemDictionary::System_klass());
+ address addr = ik->static_field_addr(static_security_offset);
+ if (UseCompressedOops) {
+ return oopDesc::load_decode_heap_oop((narrowOop *)addr) != NULL;
+ } else {
+ return oopDesc::load_decode_heap_oop((oop*)addr) != NULL;
+ }
+}
int java_lang_Class::_klass_offset;
int java_lang_Class::_array_klass_offset;
@@ -2976,6 +2999,7 @@
int java_lang_System::static_in_offset;
int java_lang_System::static_out_offset;
int java_lang_System::static_err_offset;
+int java_lang_System::static_security_offset;
int java_lang_StackTraceElement::declaringClass_offset;
int java_lang_StackTraceElement::methodName_offset;
int java_lang_StackTraceElement::fileName_offset;
@@ -3101,6 +3125,7 @@
java_lang_System::static_in_offset = java_lang_System::hc_static_in_offset * x;
java_lang_System::static_out_offset = java_lang_System::hc_static_out_offset * x;
java_lang_System::static_err_offset = java_lang_System::hc_static_err_offset * x;
+ java_lang_System::static_security_offset = java_lang_System::hc_static_security_offset * x;
// java_lang_StackTraceElement
java_lang_StackTraceElement::declaringClass_offset = java_lang_StackTraceElement::hc_declaringClass_offset * x + header;
@@ -3300,6 +3325,7 @@
CHECK_STATIC_OFFSET("java/lang/System", java_lang_System, in, "Ljava/io/InputStream;");
CHECK_STATIC_OFFSET("java/lang/System", java_lang_System, out, "Ljava/io/PrintStream;");
CHECK_STATIC_OFFSET("java/lang/System", java_lang_System, err, "Ljava/io/PrintStream;");
+ CHECK_STATIC_OFFSET("java/lang/System", java_lang_System, security, "Ljava/lang/SecurityManager;");
// java.lang.StackTraceElement