archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-08-28 07:14:30 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

8266459: Implement JEP 411: Deprecate the Security Manager for Removal

Browse source 
Co-authored-by: Sean Mullan <mullan@openjdk.org>
Co-authored-by: Lance Andersen <lancea@openjdk.org>
Co-authored-by: Weijun Wang <weijun@openjdk.org>
Reviewed-by: erikj, darcy, chegar, naoto, joehw, alanb, mchung, kcr, prr, lancea
This commit is contained in:
Weijun Wang 2021-06-02 11:57:31 +00:00
parent 19450b9951
commit 6765f90250
826 changed files with 2734 additions and 757 deletions
Download patch file Download diff file Expand all files Collapse all files

4
src/java.base/share/classes/java/lang/CharacterName.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2010, 2019, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2010, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -48,7 +48,7 @@ class CharacterName {
private final int[] hsIndices; // chain heads, hash indices into "cps"
private CharacterName() {
try (DataInputStream dis = new DataInputStream(new InflaterInputStream(
try (@SuppressWarnings("removal") DataInputStream dis = new DataInputStream(new InflaterInputStream(
AccessController.doPrivileged(new PrivilegedAction<>() {
public InputStream run() {
return getClass().getResourceAsStream("uniName.dat");

35
src/java.base/share/classes/java/lang/Class.java
View file

@ -450,6 +450,7 @@ public final class Class<T> implements java.io.Serializable,
throws ClassNotFoundException
{
Class<?> caller = null;
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
// Reflective call to get caller class is only needed if a security manager
@ -519,6 +520,7 @@ public final class Class<T> implements java.io.Serializable,
* @jls 12.3 Linking of Classes and Interfaces
* @since 9
*/
@SuppressWarnings("removal")
@CallerSensitive
public static Class<?> forName(Module module, String name) {
Objects.requireNonNull(module);
@ -599,6 +601,7 @@ public final class Class<T> implements java.io.Serializable,
* s.checkPackageAccess()} denies access to the package
* of this class.
*/
@SuppressWarnings("removal")
@CallerSensitive
@Deprecated(since="9")
public T newInstance()
@ -892,6 +895,7 @@ public final class Class<T> implements java.io.Serializable,
ClassLoader cl = getClassLoader0();
if (cl == null)
return null;
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
ClassLoader.checkClassLoaderPermission(cl, Reflection.getCallerClass());
@ -1357,6 +1361,7 @@ public final class Class<T> implements java.io.Serializable,
// Perform access check
final Class<?> enclosingCandidate = enclosingInfo.getEnclosingClass();
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
enclosingCandidate.checkMemberAccess(sm, Member.DECLARED,
@ -1513,6 +1518,7 @@ public final class Class<T> implements java.io.Serializable,
// Perform access check
final Class<?> enclosingCandidate = enclosingInfo.getEnclosingClass();
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
enclosingCandidate.checkMemberAccess(sm, Member.DECLARED,
@ -1560,6 +1566,7 @@ public final class Class<T> implements java.io.Serializable,
final Class<?> candidate = getDeclaringClass0();
if (candidate != null) {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
candidate.checkPackageAccess(sm,
@ -1614,6 +1621,7 @@ public final class Class<T> implements java.io.Serializable,
}
if (enclosingCandidate != null) {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
enclosingCandidate.checkPackageAccess(sm,
@ -1840,6 +1848,7 @@ public final class Class<T> implements java.io.Serializable,
*
* @since 1.1
*/
@SuppressWarnings("removal")
@CallerSensitive
public Class<?>[] getClasses() {
SecurityManager sm = System.getSecurityManager();
@ -1911,6 +1920,7 @@ public final class Class<T> implements java.io.Serializable,
*/
@CallerSensitive
public Field[] getFields() throws SecurityException {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
checkMemberAccess(sm, Member.PUBLIC, Reflection.getCallerClass(), true);
@ -2001,6 +2011,7 @@ public final class Class<T> implements java.io.Serializable,
*/
@CallerSensitive
public Method[] getMethods() throws SecurityException {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
checkMemberAccess(sm, Member.PUBLIC, Reflection.getCallerClass(), true);
@ -2041,6 +2052,7 @@ public final class Class<T> implements java.io.Serializable,
*/
@CallerSensitive
public Constructor<?>[] getConstructors() throws SecurityException {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
checkMemberAccess(sm, Member.PUBLIC, Reflection.getCallerClass(), true);
@ -2095,6 +2107,7 @@ public final class Class<T> implements java.io.Serializable,
public Field getField(String name)
throws NoSuchFieldException, SecurityException {
Objects.requireNonNull(name);
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
checkMemberAccess(sm, Member.PUBLIC, Reflection.getCallerClass(), true);
@ -2204,6 +2217,7 @@ public final class Class<T> implements java.io.Serializable,
public Method getMethod(String name, Class<?>... parameterTypes)
throws NoSuchMethodException, SecurityException {
Objects.requireNonNull(name);
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
checkMemberAccess(sm, Member.PUBLIC, Reflection.getCallerClass(), true);
@ -2248,6 +2262,7 @@ public final class Class<T> implements java.io.Serializable,
public Constructor<T> getConstructor(Class<?>... parameterTypes)
throws NoSuchMethodException, SecurityException
{
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
checkMemberAccess(sm, Member.PUBLIC, Reflection.getCallerClass(), true);
@ -2295,6 +2310,7 @@ public final class Class<T> implements java.io.Serializable,
*/
@CallerSensitive
public Class<?>[] getDeclaredClasses() throws SecurityException {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
checkMemberAccess(sm, Member.DECLARED, Reflection.getCallerClass(), false);
@ -2347,6 +2363,7 @@ public final class Class<T> implements java.io.Serializable,
*/
@CallerSensitive
public Field[] getDeclaredFields() throws SecurityException {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
checkMemberAccess(sm, Member.DECLARED, Reflection.getCallerClass(), true);
@ -2408,6 +2425,7 @@ public final class Class<T> implements java.io.Serializable,
*/
@CallerSensitive
public RecordComponent[] getRecordComponents() {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
checkMemberAccess(sm, Member.DECLARED, Reflection.getCallerClass(), true);
@ -2478,6 +2496,7 @@ public final class Class<T> implements java.io.Serializable,
*/
@CallerSensitive
public Method[] getDeclaredMethods() throws SecurityException {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
checkMemberAccess(sm, Member.DECLARED, Reflection.getCallerClass(), true);
@ -2528,6 +2547,7 @@ public final class Class<T> implements java.io.Serializable,
*/
@CallerSensitive
public Constructor<?>[] getDeclaredConstructors() throws SecurityException {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
checkMemberAccess(sm, Member.DECLARED, Reflection.getCallerClass(), true);
@ -2580,6 +2600,7 @@ public final class Class<T> implements java.io.Serializable,
public Field getDeclaredField(String name)
throws NoSuchFieldException, SecurityException {
Objects.requireNonNull(name);
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
checkMemberAccess(sm, Member.DECLARED, Reflection.getCallerClass(), true);
@ -2644,6 +2665,7 @@ public final class Class<T> implements java.io.Serializable,
public Method getDeclaredMethod(String name, Class<?>... parameterTypes)
throws NoSuchMethodException, SecurityException {
Objects.requireNonNull(name);
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
checkMemberAccess(sm, Member.DECLARED, Reflection.getCallerClass(), true);
@ -2722,6 +2744,7 @@ public final class Class<T> implements java.io.Serializable,
public Constructor<T> getDeclaredConstructor(Class<?>... parameterTypes)
throws NoSuchMethodException, SecurityException
{
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
checkMemberAccess(sm, Member.DECLARED, Reflection.getCallerClass(), true);
@ -2968,6 +2991,7 @@ public final class Class<T> implements java.io.Serializable,
* @since 1.2
*/
public java.security.ProtectionDomain getProtectionDomain() {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
sm.checkPermission(SecurityConstants.GET_PD_PERMISSION);
@ -3013,7 +3037,7 @@ public final class Class<T> implements java.io.Serializable,
*
* <p> NOTE: should only be called if a SecurityManager is installed
*/
private void checkMemberAccess(SecurityManager sm, int which,
private void checkMemberAccess(@SuppressWarnings("removal") SecurityManager sm, int which,
Class<?> caller, boolean checkProxyInterfaces) {
/* Default policy allows access to all {@link Member#PUBLIC} members,
* as well as access to classes that have the same class loader as the caller.
@ -3037,7 +3061,7 @@ public final class Class<T> implements java.io.Serializable,
*
* NOTE: this method should only be called if a SecurityManager is active
*/
private void checkPackageAccess(SecurityManager sm, final ClassLoader ccl,
private void checkPackageAccess(@SuppressWarnings("removal") SecurityManager sm, final ClassLoader ccl,
boolean checkProxyInterfaces) {
final ClassLoader cl = getClassLoader0();
@ -3066,7 +3090,7 @@ public final class Class<T> implements java.io.Serializable,
* all classes provided must be loaded by the same ClassLoader
* NOTE: this method does not support Proxy classes
*/
private static void checkPackageAccessForPermittedSubclasses(SecurityManager sm,
private static void checkPackageAccessForPermittedSubclasses(@SuppressWarnings("removal") SecurityManager sm,
final ClassLoader ccl, Class<?>[] subClasses) {
final ClassLoader cl = subClasses[0].getClassLoader0();
@ -3762,6 +3786,7 @@ public final class Class<T> implements java.io.Serializable,
}
// Fetches the factory for reflective objects
@SuppressWarnings("removal")
private static ReflectionFactory getReflectionFactory() {
if (reflectionFactory == null) {
reflectionFactory =
@ -3794,6 +3819,7 @@ public final class Class<T> implements java.io.Serializable,
* identical to getEnumConstants except that the result is
* uncloned, cached, and shared by all callers.
*/
@SuppressWarnings("removal")
T[] getEnumConstantsShared() {
T[] constants = enumConstants;
if (constants == null) {
@ -4204,6 +4230,7 @@ public final class Class<T> implements java.io.Serializable,
return this;
}
// returning a different class requires a security check
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
checkPackageAccess(sm,
@ -4296,6 +4323,7 @@ public final class Class<T> implements java.io.Serializable,
if (members.length > 1) {
// If we return anything other than the current class we need
// a security check
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
checkPackageAccess(sm,
@ -4492,6 +4520,7 @@ public final class Class<T> implements java.io.Serializable,
}
if (subClasses.length > 0) {
// If we return some classes we need a security check:
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
checkPackageAccessForPermittedSubclasses(sm,

6
src/java.base/share/classes/java/lang/ClassLoader.java
View file

@ -365,6 +365,7 @@ public abstract class ClassLoader {
throw new IllegalArgumentException("name must be non-empty or null");
}
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkCreateClassLoader();
@ -671,6 +672,7 @@ public abstract class ClassLoader {
}
// Invoked by the VM after loading class with this loader.
@SuppressWarnings("removal")
private void checkPackageAccess(Class<?> cls, ProtectionDomain pd) {
final SecurityManager sm = System.getSecurityManager();
if (sm != null) {
@ -1791,6 +1793,7 @@ public abstract class ClassLoader {
public final ClassLoader getParent() {
if (parent == null)
return null;
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
// Check access to the parent class loader
@ -1834,6 +1837,7 @@ public abstract class ClassLoader {
*/
@CallerSensitive
public static ClassLoader getPlatformClassLoader() {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
ClassLoader loader = getBuiltinPlatformClassLoader();
if (sm != null) {
@ -1933,6 +1937,7 @@ public abstract class ClassLoader {
default:
// system fully initialized
assert VM.isBooted() && scl != null;
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
checkClassLoaderPermission(scl, Reflection.getCallerClass());
@ -2041,6 +2046,7 @@ public abstract class ClassLoader {
* is not the same as or an ancestor of the given cl argument.
*/
static void checkClassLoaderPermission(ClassLoader cl, Class<?> caller) {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
// caller can be null if the VM is requesting it

3
src/java.base/share/classes/java/lang/LiveStackFrame.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2015, 2019, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2015, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -177,6 +177,7 @@ interface LiveStackFrame extends StackFrame {
* and it denies access to {@code RuntimePermission("getStackWalkerWithClassReference")}.
*/
public static StackWalker getStackWalker(Set<StackWalker.Option> options) {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
sm.checkPermission(new RuntimePermission("liveStackFrames"));

2
src/java.base/share/classes/java/lang/Module.java
View file

@ -204,6 +204,7 @@ public final class Module implements AnnotatedElement {
* If denied by the security manager
*/
public ClassLoader getClassLoader() {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
sm.checkPermission(SecurityConstants.GET_CLASSLOADER_PERMISSION);
@ -1471,6 +1472,7 @@ public final class Module implements AnnotatedElement {
// cached class file with annotations
private volatile Class<?> moduleInfoClass;
@SuppressWarnings("removal")
private Class<?> moduleInfoClass() {
Class<?> clazz = this.moduleInfoClass;
if (clazz != null)

2
src/java.base/share/classes/java/lang/ModuleLayer.java
View file

@ -699,12 +699,14 @@ public final class ModuleLayer {
}
private static void checkCreateClassLoaderPermission() {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null)
sm.checkPermission(SecurityConstants.CREATE_CLASSLOADER_PERMISSION);
}
private static void checkGetClassLoaderPermission() {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null)
sm.checkPermission(SecurityConstants.GET_CLASSLOADER_PERMISSION);

3
src/java.base/share/classes/java/lang/Package.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2020, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -425,6 +425,7 @@ public class Package extends NamedPackage implements java.lang.reflect.Annotated
String cn = packageName() + ".package-info";
Module module = module();
PrivilegedAction<ClassLoader> pa = module::getClassLoader;
@SuppressWarnings("removal")
ClassLoader loader = AccessController.doPrivileged(pa);
Class<?> c;
if (loader != null) {

4
src/java.base/share/classes/java/lang/ProcessBuilder.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2003, 2020, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -348,6 +348,7 @@ public final class ProcessBuilder
* @see System#getenv()
*/
public Map<String,String> environment() {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null)
security.checkPermission(new RuntimePermission("getenv.*"));
@ -1092,6 +1093,7 @@ public final class ProcessBuilder
// Throws IndexOutOfBoundsException if command is empty
String prog = cmdarray[0];
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null)
security.checkExec(prog);

13
src/java.base/share/classes/java/lang/ProcessHandleImpl.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2014, 2020, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2014, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -25,6 +25,7 @@
package java.lang;
import java.lang.annotation.Native;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.time.Duration;
import java.time.Instant;
@ -40,8 +41,6 @@ import java.util.concurrent.ThreadLocalRandom;
import java.util.stream.IntStream;
import java.util.stream.Stream;
import static java.security.AccessController.doPrivileged;
/**
* ProcessHandleImpl is the implementation of ProcessHandle.
*
@ -83,8 +82,9 @@ final class ProcessHandleImpl implements ProcessHandle {
/**
* The thread pool of "process reaper" daemon threads.
*/
@SuppressWarnings("removal")
private static final Executor processReaperExecutor =
doPrivileged((PrivilegedAction<Executor>) () -> {
AccessController.doPrivileged((PrivilegedAction<Executor>) () -> {
// Initialize ThreadLocalRandom now to avoid using the smaller stack
// of the processReaper threads.
ThreadLocalRandom.current();
@ -238,6 +238,7 @@ final class ProcessHandleImpl implements ProcessHandle {
* @throws SecurityException if RuntimePermission("manageProcess") is not granted
*/
static Optional<ProcessHandle> get(long pid) {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
sm.checkPermission(new RuntimePermission("manageProcess"));
@ -278,6 +279,7 @@ final class ProcessHandleImpl implements ProcessHandle {
* @throws SecurityException if RuntimePermission("manageProcess") is not granted
*/
public static ProcessHandleImpl current() {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
sm.checkPermission(new RuntimePermission("manageProcess"));
@ -301,6 +303,7 @@ final class ProcessHandleImpl implements ProcessHandle {
* security policy
*/
public Optional<ProcessHandle> parent() {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
sm.checkPermission(new RuntimePermission("manageProcess"));
@ -419,6 +422,7 @@ final class ProcessHandleImpl implements ProcessHandle {
* @return a stream of ProcessHandles
*/
static Stream<ProcessHandle> children(long pid) {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
sm.checkPermission(new RuntimePermission("manageProcess"));
@ -439,6 +443,7 @@ final class ProcessHandleImpl implements ProcessHandle {
@Override
public Stream<ProcessHandle> descendants() {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
sm.checkPermission(new RuntimePermission("manageProcess"));

3
src/java.base/share/classes/java/lang/PublicMethods.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2016, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -88,6 +88,7 @@ final class PublicMethods {
* Method (name, parameter types) tuple.
*/
private static final class Key {
@SuppressWarnings("removal")
private static final ReflectionFactory reflectionFactory =
AccessController.doPrivileged(
new ReflectionFactory.GetReflectionFactoryAction());

6
src/java.base/share/classes/java/lang/Runtime.java
View file

@ -107,6 +107,7 @@ public class Runtime {
* @see #halt(int)
*/
public void exit(int status) {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkExit(status);
@ -207,6 +208,7 @@ public class Runtime {
* @since 1.3
*/
public void addShutdownHook(Thread hook) {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
sm.checkPermission(new RuntimePermission("shutdownHooks"));
@ -235,6 +237,7 @@ public class Runtime {
* @since 1.3
*/
public boolean removeShutdownHook(Thread hook) {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
sm.checkPermission(new RuntimePermission("shutdownHooks"));
@ -270,6 +273,7 @@ public class Runtime {
* @since 1.3
*/
public void halt(int status) {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
sm.checkExit(status);
@ -734,6 +738,7 @@ public class Runtime {
}
void load0(Class<?> fromClass, String filename) {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkLink(filename);
@ -797,6 +802,7 @@ public class Runtime {
}
void loadLibrary0(Class<?> fromClass, String libname) {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkLink(libname);

22
src/java.base/share/classes/java/lang/SecurityManager.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1995, 2019, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1995, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -79,9 +79,9 @@ import sun.security.util.SecurityConstants;
* permitted.
* <p>
* Environments using a security manager will typically set the security
* manager at startup. In the JDK implementation, this is done by setting
* the system property {@code java.security.manager} on the command line to
* the class name of the security manager. It can also be set to the empty
* manager at startup. In the JDK implementation, this is done by setting the
* system property {@systemProperty java.security.manager} on the command line
* to the class name of the security manager. It can also be set to the empty
* String ("") or the special token "{@code default}" to use the
* default {@code java.lang.SecurityManager}. If a class name is specified,
* it must be {@code java.lang.SecurityManager} or a public subclass and have
@ -313,7 +313,12 @@ import sun.security.util.SecurityConstants;
* @see java.security.ProtectionDomain
*
* @since 1.0
* @deprecated The Security Manager is deprecated and subject to removal in a
* future release. There is no replacement for the Security Manager.
* See <a href="https://openjdk.java.net/jeps/411">JEP 411</a> for
* discussion and alternatives.
*/
@Deprecated(since="17", forRemoval=true)
public class SecurityManager {
/*
@ -340,6 +345,7 @@ public class SecurityManager {
*/
public SecurityManager() {
synchronized(SecurityManager.class) {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
// ask the currently installed security manager if we
@ -385,6 +391,7 @@ public class SecurityManager {
* java.lang.Object) checkRead
* @see java.security.AccessControlContext AccessControlContext
*/
@SuppressWarnings("removal")
public Object getSecurityContext() {
return AccessController.getContext();
}
@ -404,6 +411,7 @@ public class SecurityManager {
* {@code null}.
* @since 1.2
*/
@SuppressWarnings("removal")
public void checkPermission(Permission perm) {
java.security.AccessController.checkPermission(perm);
}
@ -439,6 +447,7 @@ public class SecurityManager {
* @see java.security.AccessControlContext#checkPermission(java.security.Permission)
* @since 1.2
*/
@SuppressWarnings("removal")
public void checkPermission(Permission perm, Object context) {
if (context instanceof AccessControlContext) {
((AccessControlContext)context).checkPermission(perm);
@ -1081,10 +1090,9 @@ public class SecurityManager {
* @throws NullPointerException if the address argument is
* {@code null}.
* @since 1.1
* @deprecated Use #checkPermission(java.security.Permission) instead
* @see #checkPermission(java.security.Permission) checkPermission
*/
@Deprecated(since="1.4")
@Deprecated(since="1.4", forRemoval=true)
public void checkMulticast(InetAddress maddr, byte ttl) {
String host = maddr.getHostAddress();
if (!host.startsWith("[") && host.indexOf(':') != -1) {
@ -1332,6 +1340,7 @@ public class SecurityManager {
* Do we need to update our property array?
*/
if (!packageAccessValid) {
@SuppressWarnings("removal")
String tmpPropertyStr =
AccessController.doPrivileged(
new PrivilegedAction<>() {
@ -1431,6 +1440,7 @@ public class SecurityManager {
* Do we need to update our property array?
*/
if (!packageDefinitionValid) {
@SuppressWarnings("removal")
String tmpPropertyStr =
AccessController.doPrivileged(
new PrivilegedAction<>() {

3
src/java.base/share/classes/java/lang/StackWalker.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2015, 2017, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2015, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -418,6 +418,7 @@ public final class StackWalker {
private static void checkPermission(Set<Option> options) {
Objects.requireNonNull(options);
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
if (options.contains(Option.RETAIN_CLASS_REFERENCE)) {

3
src/java.base/share/classes/java/lang/String.java
View file

@ -517,6 +517,7 @@ public final class String
*
* @since 1.6
*/
@SuppressWarnings("removal")
public String(byte[] bytes, int offset, int length, Charset charset) {
Objects.requireNonNull(charset);
checkBoundsOffCount(offset, length, bytes.length);
@ -745,6 +746,7 @@ public final class String
}
}
@SuppressWarnings("removal")
private static String newStringNoRepl1(byte[] src, Charset cs) {
int len = src.length;
if (len == 0) {
@ -794,6 +796,7 @@ public final class String
private static final char REPL = '\ufffd';
// Trim the given byte array to the given length
@SuppressWarnings("removal")
private static byte[] safeTrim(byte[] ba, int len, boolean isTrusted) {
if (len == ba.length && (isTrusted || System.getSecurityManager() == null)) {
return ba;

89
src/java.base/share/classes/java/lang/System.java
View file

@ -181,6 +181,7 @@ public final class System {
private static @Stable int allowSecurityManager;
// current security manager
@SuppressWarnings("removal")
private static volatile SecurityManager security; // read by VM
// return true if a security manager is allowed
@ -312,6 +313,7 @@ public final class System {
}
private static void checkIO() {
@SuppressWarnings("removal")
SecurityManager sm = getSecurityManager();
if (sm != null) {
sm.checkPermission(new RuntimePermission("setIO"));
@ -352,26 +354,19 @@ public final class System {
* @see #getSecurityManager
* @see SecurityManager#checkPermission
* @see java.lang.RuntimePermission
* @deprecated This method is only useful in conjunction with
* {@linkplain SecurityManager the Security Manager}, which is
* deprecated and subject to removal in a future release.
* Consequently, this method is also deprecated and subject to
* removal. There is no replacement for the Security Manager or this
* method.
*/
public static void setSecurityManager(SecurityManager sm) {
@Deprecated(since="17", forRemoval=true)
public static void setSecurityManager(@SuppressWarnings("removal") SecurityManager sm) {
if (allowSecurityManager()) {
if (security == null) {
// ensure image reader is initialized
Object.class.getResource("java/lang/ANY");
// ensure the default file system is initialized
DefaultFileSystemProvider.theFileSystem();
}
if (sm != null) {
try {
// pre-populates the SecurityManager.packageAccess cache
// to avoid recursive permission checking issues with custom
// SecurityManager implementations
sm.checkPackageAccess("java.lang");
} catch (Exception e) {
// no-op
}
}
setSecurityManager0(sm);
System.err.println("WARNING: java.lang.System::setSecurityManager" +
" is deprecated and will be removed in a future release.");
implSetSecurityManager(sm);
} else {
// security manager not allowed
if (sm != null) {
@ -381,6 +376,27 @@ public final class System {
}
}
private static void implSetSecurityManager(@SuppressWarnings("removal") SecurityManager sm) {
if (security == null) {
// ensure image reader is initialized
Object.class.getResource("java/lang/ANY");
// ensure the default file system is initialized
DefaultFileSystemProvider.theFileSystem();
}
if (sm != null) {
try {
// pre-populates the SecurityManager.packageAccess cache
// to avoid recursive permission checking issues with custom
// SecurityManager implementations
sm.checkPackageAccess("java.lang");
} catch (Exception e) {
// no-op
}
}
setSecurityManager0(sm);
}
@SuppressWarnings("removal")
private static synchronized
void setSecurityManager0(final SecurityManager s) {
SecurityManager sm = getSecurityManager();
@ -418,7 +434,15 @@ public final class System {
* current application, then that security manager is returned;
* otherwise, {@code null} is returned.
* @see #setSecurityManager
* @deprecated This method is only useful in conjunction with
* {@linkplain SecurityManager the Security Manager}, which is
* deprecated and subject to removal in a future release.
* Consequently, this method is also deprecated and subject to
* removal. There is no replacement for the Security Manager or this
* method.
*/
@SuppressWarnings("removal")
@Deprecated(since="17", forRemoval=true)
public static SecurityManager getSecurityManager() {
if (allowSecurityManager()) {
return security;
@ -750,6 +774,7 @@ public final class System {
* @see java.util.Properties
*/
public static Properties getProperties() {
@SuppressWarnings("removal")
SecurityManager sm = getSecurityManager();
if (sm != null) {
sm.checkPropertiesAccess();
@ -802,6 +827,7 @@ public final class System {
* @see java.lang.SecurityManager#checkPropertiesAccess()
*/
public static void setProperties(Properties props) {
@SuppressWarnings("removal")
SecurityManager sm = getSecurityManager();
if (sm != null) {
sm.checkPropertiesAccess();
@ -847,6 +873,7 @@ public final class System {
*/
public static String getProperty(String key) {
checkKey(key);
@SuppressWarnings("removal")
SecurityManager sm = getSecurityManager();
if (sm != null) {
sm.checkPropertyAccess(key);
@ -882,6 +909,7 @@ public final class System {
*/
public static String getProperty(String key, String def) {
checkKey(key);
@SuppressWarnings("removal")
SecurityManager sm = getSecurityManager();
if (sm != null) {
sm.checkPropertyAccess(key);
@ -925,6 +953,7 @@ public final class System {
*/
public static String setProperty(String key, String value) {
checkKey(key);
@SuppressWarnings("removal")
SecurityManager sm = getSecurityManager();
if (sm != null) {
sm.checkPermission(new PropertyPermission(key,
@ -966,6 +995,7 @@ public final class System {
*/
public static String clearProperty(String key) {
checkKey(key);
@SuppressWarnings("removal")
SecurityManager sm = getSecurityManager();
if (sm != null) {
sm.checkPermission(new PropertyPermission(key, "write"));
@ -1030,6 +1060,7 @@ public final class System {
* @see ProcessBuilder#environment()
*/
public static String getenv(String name) {
@SuppressWarnings("removal")
SecurityManager sm = getSecurityManager();
if (sm != null) {
sm.checkPermission(new RuntimePermission("getenv."+name));
@ -1079,6 +1110,7 @@ public final class System {
* @since 1.5
*/
public static java.util.Map<String,String> getenv() {
@SuppressWarnings("removal")
SecurityManager sm = getSecurityManager();
if (sm != null) {
sm.checkPermission(new RuntimePermission("getenv.*"));
@ -1546,6 +1578,7 @@ public final class System {
}
private static Void checkPermission() {
@SuppressWarnings("removal")
final SecurityManager sm = System.getSecurityManager();
if (sm != null) {
sm.checkPermission(LOGGERFINDER_PERMISSION);
@ -1629,6 +1662,7 @@ public final class System {
* {@code RuntimePermission("loggerFinder")}.
*/
public static LoggerFinder getLoggerFinder() {
@SuppressWarnings("removal")
final SecurityManager sm = System.getSecurityManager();
if (sm != null) {
sm.checkPermission(LOGGERFINDER_PERMISSION);
@ -1638,6 +1672,7 @@ public final class System {
private static volatile LoggerFinder service;
@SuppressWarnings("removal")
static LoggerFinder accessProvider() {
// We do not need to synchronize: LoggerFinderLoader will
// always return the same instance, so if we don't have it,
@ -1741,6 +1776,7 @@ public final class System {
*
* @since 9
*/
@SuppressWarnings("removal")
@CallerSensitive
public static Logger getLogger(String name, ResourceBundle bundle) {
final ResourceBundle rb = Objects.requireNonNull(bundle);
@ -2103,6 +2139,7 @@ public final class System {
* The security manager and system class loader may be a custom class from
* the application classpath or modulepath.
*/
@SuppressWarnings("removal")
private static void initPhase3() {
// Initialize the StringConcatFactory eagerly to avoid potential
@ -2111,6 +2148,7 @@ public final class System {
Unsafe.getUnsafe().ensureClassInitialized(StringConcatFactory.class);
String smProp = System.getProperty("java.security.manager");
boolean needWarning = false;
if (smProp != null) {
switch (smProp) {
case "disallow":
@ -2121,8 +2159,9 @@ public final class System {
break;
case "":
case "default":
setSecurityManager(new SecurityManager());
implSetSecurityManager(new SecurityManager());
allowSecurityManager = MAYBE;
needWarning = true;
break;
default:
try {
@ -2140,7 +2179,8 @@ public final class System {
// custom security manager may be in non-exported package
ctor.setAccessible(true);
SecurityManager sm = (SecurityManager) ctor.newInstance();
setSecurityManager(sm);
implSetSecurityManager(sm);
needWarning = true;
} catch (Exception e) {
throw new InternalError("Could not create SecurityManager", e);
}
@ -2150,6 +2190,11 @@ public final class System {
allowSecurityManager = MAYBE;
}
if (needWarning) {
System.err.println("WARNING: The Security Manager is deprecated" +
" and will be removed in a future release.");
}
// initializing the system class loader
VM.initLevel(3);
@ -2200,7 +2245,7 @@ public final class System {
public void registerShutdownHook(int slot, boolean registerShutdownInProgress, Runnable hook) {
Shutdown.add(slot, registerShutdownInProgress, hook);
}
public Thread newThreadWithAcc(Runnable target, AccessControlContext acc) {
public Thread newThreadWithAcc(Runnable target, @SuppressWarnings("removal") AccessControlContext acc) {
return new Thread(target, acc);
}
@SuppressWarnings("deprecation")
@ -2226,9 +2271,11 @@ public final class System {
public String fastUUID(long lsb, long msb) {
return Long.fastUUID(lsb, msb);
}
@SuppressWarnings("removal")
public void addNonExportedPackages(ModuleLayer layer) {
SecurityManager.addNonExportedPackages(layer);
}
@SuppressWarnings("removal")
public void invalidatePackageAccessCache() {
SecurityManager.invalidatePackageAccessCache();
}

21
src/java.base/share/classes/java/lang/Thread.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1994, 2020, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1994, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -169,6 +169,7 @@ public class Thread implements Runnable {
private ClassLoader contextClassLoader;
/* The inherited AccessControlContext of this thread */
@SuppressWarnings("removal")
private AccessControlContext inheritedAccessControlContext;
/* For autonumbering anonymous threads. */
@ -388,6 +389,7 @@ public class Thread implements Runnable {
* @param inheritThreadLocals if {@code true}, inherit initial values for
* inheritable thread-locals from the constructing thread
*/
@SuppressWarnings("removal")
private Thread(ThreadGroup g, Runnable target, String name,
long stackSize, AccessControlContext acc,
boolean inheritThreadLocals) {
@ -496,7 +498,7 @@ public class Thread implements Runnable {
* but thread-local variables are not inherited.
* This is not a public constructor.
*/
Thread(Runnable target, AccessControlContext acc) {
Thread(Runnable target, @SuppressWarnings("removal") AccessControlContext acc) {
this(null, target, "Thread-" + nextThreadNum(), 0, acc, false);
}
@ -922,6 +924,7 @@ public class Thread implements Runnable {
*/
@Deprecated(since="1.2")
public final void stop() {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
checkAccess();
@ -1424,8 +1427,16 @@ public class Thread implements Runnable {
* @throws SecurityException if the current thread is not allowed to
* access this thread.
* @see SecurityManager#checkAccess(Thread)
* @deprecated This method is only useful in conjunction with
* {@linkplain SecurityManager the Security Manager}, which is
* deprecated and subject to removal in a future release.
* Consequently, this method is also deprecated and subject to
* removal. There is no replacement for the Security Manager or this
* method.
*/
@Deprecated(since="17", forRemoval=true)
public final void checkAccess() {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkAccess(this);
@ -1476,6 +1487,7 @@ public class Thread implements Runnable {
public ClassLoader getContextClassLoader() {
if (contextClassLoader == null)
return null;
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
ClassLoader.checkClassLoaderPermission(contextClassLoader,
@ -1507,6 +1519,7 @@ public class Thread implements Runnable {
* @since 1.2
*/
public void setContextClassLoader(ClassLoader cl) {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
sm.checkPermission(new RuntimePermission("setContextClassLoader"));
@ -1574,6 +1587,7 @@ public class Thread implements Runnable {
public StackTraceElement[] getStackTrace() {
if (this != Thread.currentThread()) {
// check for getStackTrace permission
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkPermission(
@ -1634,6 +1648,7 @@ public class Thread implements Runnable {
*/
public static Map<Thread, StackTraceElement[]> getAllStackTraces() {
// check for getStackTrace permission
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkPermission(
@ -1696,6 +1711,7 @@ public class Thread implements Runnable {
* subclass overrides any of the methods, false otherwise.
*/
private static boolean auditSubclass(final Class<?> subcl) {
@SuppressWarnings("removal")
Boolean result = AccessController.doPrivileged(
new PrivilegedAction<>() {
public Boolean run() {
@ -1927,6 +1943,7 @@ public class Thread implements Runnable {
* @since 1.5
*/
public static void setDefaultUncaughtExceptionHandler(UncaughtExceptionHandler eh) {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
sm.checkPermission(

10
src/java.base/share/classes/java/lang/ThreadGroup.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1995, 2020, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1995, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -320,8 +320,16 @@ public class ThreadGroup implements Thread.UncaughtExceptionHandler {
* access this thread group.
* @see java.lang.SecurityManager#checkAccess(java.lang.ThreadGroup)
* @since 1.0
* @deprecated This method is only useful in conjunction with
* {@linkplain SecurityManager the Security Manager}, which is
* deprecated and subject to removal in a future release.
* Consequently, this method is also deprecated and subject to
* removal. There is no replacement for the Security Manager or this
* method.
*/
@Deprecated(since="17", forRemoval=true)
public final void checkAccess() {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkAccess(this);

3
src/java.base/share/classes/java/lang/constant/MethodTypeDescImpl.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2018, 2020, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2018, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -134,6 +134,7 @@ final class MethodTypeDescImpl implements MethodTypeDesc {
@Override
public MethodType resolveConstantDesc(MethodHandles.Lookup lookup) throws ReflectiveOperationException {
@SuppressWarnings("removal")
MethodType mtype = AccessController.doPrivileged(new PrivilegedAction<>() {
@Override
public MethodType run() {

1
src/java.base/share/classes/java/lang/invoke/ClassSpecializer.java
View file

@ -566,6 +566,7 @@ abstract class ClassSpecializer<T,K,S extends ClassSpecializer<T,K,S>.SpeciesDat
* @param speciesData what species we are generating
* @return the generated concrete TopClass class
*/
@SuppressWarnings("removal")
Class<? extends T> generateConcreteSpeciesCode(String className, ClassSpecializer<T,K,S>.SpeciesData speciesData) {
byte[] classFile = generateConcreteSpeciesCodeFile(className, speciesData);

3
src/java.base/share/classes/java/lang/invoke/InfoFromMemberName.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2012, 2013, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2012, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -87,6 +87,7 @@ final class InfoFromMemberName implements MethodHandleInfo {
// For more information see comments on {@link MethodHandleNatives#linkMethod}.
throw new IllegalArgumentException("cannot reflect signature polymorphic method");
}
@SuppressWarnings("removal")
Member mem = AccessController.doPrivileged(new PrivilegedAction<>() {
public Member run() {
try {

4
src/java.base/share/classes/java/lang/invoke/InnerClassLambdaMetafactory.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2012, 2020, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2012, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -228,6 +228,7 @@ import static jdk.internal.org.objectweb.asm.Opcodes.*;
"Exception finding " + LAMBDA_INSTANCE_FIELD + " static field", e);
}
} else {
@SuppressWarnings("removal")
final Constructor<?>[] ctrs = AccessController.doPrivileged(
new PrivilegedAction<>() {
@Override
@ -319,6 +320,7 @@ import static jdk.internal.org.objectweb.asm.Opcodes.*;
* @throws LambdaConversionException If properly formed functional interface
* is not found
*/
@SuppressWarnings("removal")
private Class<?> generateInnerClass() throws LambdaConversionException {
String[] interfaces;
String samIntf = samBase.getName().replace('.', '/');

1
src/java.base/share/classes/java/lang/invoke/InvokerBytecodeGenerator.java
View file

@ -202,6 +202,7 @@ class InvokerBytecodeGenerator {
}
// Also used from BoundMethodHandle
@SuppressWarnings("removal")
static void maybeDump(final String className, final byte[] classFile) {
if (DUMP_CLASS_FILES) {
java.security.AccessController.doPrivileged(

3
src/java.base/share/classes/java/lang/invoke/MethodHandleProxies.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2008, 2018, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2008, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -151,6 +151,7 @@ public class MethodHandleProxies {
// entry points, must be covered by hand-written or automatically
// generated adapter classes.
//
@SuppressWarnings("removal")
@CallerSensitive
public static <T> T asInterfaceInstance(final Class<T> intfc, final MethodHandle target) {
if (!intfc.isInterface() || !Modifier.isPublic(intfc.getModifiers()))

5
src/java.base/share/classes/java/lang/invoke/MethodHandles.java
View file

@ -228,6 +228,7 @@ public class MethodHandles {
return new Lookup(targetClass);
}
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) sm.checkPermission(ACCESS_PERMISSION);
if (targetClass.isPrimitive())
@ -440,6 +441,7 @@ public class MethodHandles {
* @since 1.8
*/
public static <T extends Member> T reflectAs(Class<T> expected, MethodHandle target) {
@SuppressWarnings("removal")
SecurityManager smgr = System.getSecurityManager();
if (smgr != null) smgr.checkPermission(ACCESS_PERMISSION);
Lookup lookup = Lookup.IMPL_LOOKUP; // use maximally privileged lookup
@ -1845,6 +1847,7 @@ public class MethodHandles {
if (allowedModes == TRUSTED) return;
if (!hasFullPrivilegeAccess()) {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null)
sm.checkPermission(new RuntimePermission("defineClass"));
@ -3740,6 +3743,7 @@ return mh1;
void checkSecurityManager(Class<?> refc) {
if (allowedModes == TRUSTED) return;
@SuppressWarnings("removal")
SecurityManager smgr = System.getSecurityManager();
if (smgr == null) return;
@ -3771,6 +3775,7 @@ return mh1;
if (allowedModes == TRUSTED) return;
@SuppressWarnings("removal")
SecurityManager smgr = System.getSecurityManager();
if (smgr == null) return;

3
src/java.base/share/classes/java/lang/invoke/MethodType.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2008, 2020, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2008, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -1134,6 +1134,7 @@ class MethodType
throws IllegalArgumentException, TypeNotPresentException
{
if (loader == null) {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
sm.checkPermission(SecurityConstants.GET_CLASSLOADER_PERMISSION);

3
src/java.base/share/classes/java/lang/invoke/ProxyClassesDumper.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2013, 2018, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2013, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -56,6 +56,7 @@ final class ProxyClassesDumper {
private final Path dumpDir;
@SuppressWarnings("removal")
public static ProxyClassesDumper getInstance(String path) {
if (null == path) {
return null;

3
src/java.base/share/classes/java/lang/invoke/SerializedLambda.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2012, 2020, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2012, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -265,6 +265,7 @@ public final class SerializedLambda implements Serializable {
@java.io.Serial
private Object readResolve() throws ObjectStreamException {
try {
@SuppressWarnings("removal")
Method deserialize = AccessController.doPrivileged(new PrivilegedExceptionAction<>() {
@Override
public Method run() throws Exception {

3
src/java.base/share/classes/java/lang/module/ModuleFinder.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2014, 2017, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2014, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -148,6 +148,7 @@ public interface ModuleFinder {
* @throws SecurityException
* If denied by the security manager
*/
@SuppressWarnings("removal")
static ModuleFinder ofSystem() {
SecurityManager sm = System.getSecurityManager();
if (sm != null) {

3
src/java.base/share/classes/java/lang/ref/Finalizer.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2020, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -105,6 +105,7 @@ final class Finalizer extends FinalReference<Object> { /* Package-private; must
* The advantage of creating a fresh thread, however, is that it insulates
* invokers of that method from a stalled or deadlocked finalizer thread.
*/
@SuppressWarnings("removal")
private static void forkSecondaryFinalizer(final Runnable proc) {
AccessController.doPrivileged(
new PrivilegedAction<>() {

2
src/java.base/share/classes/java/lang/reflect/AccessibleObject.java
View file

@ -82,6 +82,7 @@ public class AccessibleObject implements AnnotatedElement {
}
static void checkPermission() {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
// SecurityConstants.ACCESS_PERMISSION is used to check
@ -483,6 +484,7 @@ public class AccessibleObject implements AnnotatedElement {
// Reflection factory used by subclasses for creating field,
// method, and constructor accessors. Note that this is called
// very early in the bootstrapping process.
@SuppressWarnings("removal")
static final ReflectionFactory reflectionFactory =
AccessController.doPrivileged(
new ReflectionFactory.GetReflectionFactoryAction());

10
src/java.base/share/classes/java/lang/reflect/Proxy.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1999, 2020, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1999, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -390,6 +390,7 @@ public class Proxy implements java.io.Serializable {
Class<?>... interfaces)
throws IllegalArgumentException
{
@SuppressWarnings("removal")
Class<?> caller = System.getSecurityManager() == null
? null
: Reflection.getCallerClass();
@ -463,6 +464,7 @@ public class Proxy implements java.io.Serializable {
ClassLoader loader,
Class<?> ... interfaces)
{
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
ClassLoader ccl = caller.getClassLoader();
@ -663,6 +665,7 @@ public class Proxy implements java.io.Serializable {
* Must call the checkProxyAccess method to perform permission checks
* before calling this.
*/
@SuppressWarnings("removal")
Constructor<?> build() {
Class<?> proxyClass = defineProxyClass(module, interfaces);
assert !module.isNamed() || module.isOpen(proxyClass.getPackageName(), Proxy.class.getModule());
@ -1018,6 +1021,7 @@ public class Proxy implements java.io.Serializable {
InvocationHandler h) {
Objects.requireNonNull(h);
@SuppressWarnings("removal")
final Class<?> caller = System.getSecurityManager() == null
? null
: Reflection.getCallerClass();
@ -1055,6 +1059,7 @@ public class Proxy implements java.io.Serializable {
}
private static void checkNewProxyPermission(Class<?> caller, Class<?> proxyClass) {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
if (ReflectUtil.isNonPublicProxyClass(proxyClass)) {
@ -1076,6 +1081,7 @@ public class Proxy implements java.io.Serializable {
/**
* Returns the class loader for the given module.
*/
@SuppressWarnings("removal")
private static ClassLoader getLoader(Module m) {
PrivilegedAction<ClassLoader> pa = m::getClassLoader;
return AccessController.doPrivileged(pa);
@ -1113,6 +1119,7 @@ public class Proxy implements java.io.Serializable {
* s.checkPackageAccess()} denies access to the invocation
* handler's class.
*/
@SuppressWarnings("removal")
@CallerSensitive
public static InvocationHandler getInvocationHandler(Object proxy)
throws IllegalArgumentException
@ -1286,6 +1293,7 @@ public class Proxy implements java.io.Serializable {
*
* @return a lookup for proxy class of this proxy instance
*/
@SuppressWarnings("removal")
private static MethodHandles.Lookup proxyClassLookup(MethodHandles.Lookup caller, Class<?> proxyClass) {
return AccessController.doPrivileged(new PrivilegedAction<>() {
@Override

4
src/java.base/share/classes/java/lang/reflect/ProxyGenerator.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1999, 2020, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1999, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -92,6 +92,7 @@ final class ProxyGenerator extends ClassWriter {
/**
* debugging flag for saving generated class files
*/
@SuppressWarnings("removal")
private static final boolean saveGeneratedFiles =
java.security.AccessController.doPrivileged(
new GetBooleanAction(
@ -168,6 +169,7 @@ final class ProxyGenerator extends ClassWriter {
* @param interfaces proxy interfaces
* @param accessFlags access flags of the proxy class
*/
@SuppressWarnings("removal")
static byte[] generateProxyClass(ClassLoader loader,
final String name,
List<Class<?>> interfaces,

3
src/java.base/share/classes/java/lang/runtime/ObjectMethods.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2017, 2020, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2017, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -76,6 +76,7 @@ public class ObjectMethods {
MethodHandles.Lookup publicLookup = MethodHandles.publicLookup();
MethodHandles.Lookup lookup = MethodHandles.lookup();
@SuppressWarnings("removal")
ClassLoader loader = AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() {
@Override public ClassLoader run() { return ClassLoader.getPlatformClassLoader(); }
});