8227587: Add internal privileged System.loadLibrary

Reviewed-by: rriggs, mchung, chegar

src/java.base/share/classes/java/lang/System.java

@@ -2274,6 +2274,11 @@ public final class System {
             public void setCause(Throwable t, Throwable cause) {
                 t.setCause(cause);
             }
+
+            public void loadLibrary(Class<?> caller, String library) {
+                assert library.indexOf(java.io.File.separatorChar) < 0;
+                ClassLoader.loadLibrary(caller, library, false);
+            }
         });
     }
 }

src/java.base/share/classes/java/net/AbstractPlainDatagramSocketImpl.java

@@ -67,13 +67,7 @@ abstract class AbstractPlainDatagramSocketImpl extends DatagramSocketImpl
      * Load net library into runtime.
      */
     static {
-        java.security.AccessController.doPrivileged(
-            new java.security.PrivilegedAction<>() {
-                public Void run() {
-                    System.loadLibrary("net");
-                    return null;
-                }
-            });
+        jdk.internal.loader.BootLoader.loadLibrary("net");
     }
 
     private static volatile boolean checkedReusePort;

src/java.base/share/classes/java/net/AbstractPlainSocketImpl.java

@@ -94,13 +94,7 @@ abstract class AbstractPlainSocketImpl extends SocketImpl implements PlatformSoc
      * Load net library into runtime.
      */
     static {
-        java.security.AccessController.doPrivileged(
-            new java.security.PrivilegedAction<>() {
-                public Void run() {
-                    System.loadLibrary("net");
-                    return null;
-                }
-            });
+        jdk.internal.loader.BootLoader.loadLibrary("net");
     }
 
     private static volatile boolean checkedReusePort;

src/java.base/share/classes/java/net/DatagramPacket.java

@@ -46,13 +46,7 @@ class DatagramPacket {
      * Perform class initialization
      */
     static {
-        java.security.AccessController.doPrivileged(
-            new java.security.PrivilegedAction<>() {
-                public Void run() {
-                    System.loadLibrary("net");
-                    return null;
-                }
-            });
+        jdk.internal.loader.BootLoader.loadLibrary("net");
         init();
     }
 

src/java.base/share/classes/java/net/InetAddress.java

@@ -317,13 +317,7 @@ class InetAddress implements java.io.Serializable {
         } else {
             preferIPv6Address = PREFER_IPV4_VALUE;
         }
-        AccessController.doPrivileged(
-            new java.security.PrivilegedAction<>() {
-                public Void run() {
-                    System.loadLibrary("net");
-                    return null;
-                }
-            });
+        jdk.internal.loader.BootLoader.loadLibrary("net");
         SharedSecrets.setJavaNetInetAddressAccess(
                 new JavaNetInetAddressAccess() {
                     public String getOriginalHostName(InetAddress ia) {

src/java.base/share/classes/java/net/NetworkInterface.java

@@ -28,7 +28,6 @@ package java.net;
 import java.util.Arrays;
 import java.util.Enumeration;
 import java.util.NoSuchElementException;
-import java.security.AccessController;
 import java.util.Spliterator;
 import java.util.Spliterators;
 import java.util.stream.Stream;
@@ -57,13 +56,7 @@ public final class NetworkInterface {
     private static final int defaultIndex; /* index of defaultInterface */
 
     static {
-        AccessController.doPrivileged(
-            new java.security.PrivilegedAction<>() {
-                public Void run() {
-                    System.loadLibrary("net");
-                    return null;
-                }
-            });
+        jdk.internal.loader.BootLoader.loadLibrary("net");
 
         init();
         defaultInterface = DefaultInterface.getDefault();

src/java.base/share/classes/java/util/zip/ZipUtils.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2013, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2013, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -27,8 +27,6 @@ package java.util.zip;
 
 import java.nio.ByteBuffer;
 import java.nio.file.attribute.FileTime;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
 import java.time.DateTimeException;
 import java.time.Instant;
 import java.time.LocalDateTime;
@@ -278,13 +276,7 @@ class ZipUtils {
      * Loads zip native library, if not already laoded
      */
     static void loadLibrary() {
-        SecurityManager sm = System.getSecurityManager();
-        if (sm == null) {
-            System.loadLibrary("zip");
-        } else {
-            PrivilegedAction<Void> pa = () -> { System.loadLibrary("zip"); return null; };
-            AccessController.doPrivileged(pa);
-        }
+        jdk.internal.loader.BootLoader.loadLibrary("zip");
     }
 
     private static final Unsafe unsafe = Unsafe.getUnsafe();

src/java.base/share/classes/jdk/internal/access/JavaLangAccess.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -311,4 +311,12 @@ public interface JavaLangAccess {
      * @param cause set t's cause to new value
      */
     void setCause(Throwable t, Throwable cause);
+
+    /**
+     * Privileged System.loadLibrary
+     *
+     * @param caller on behalf of which the library is being loaded
+     * @param library name of the library to load
+     */
+    void loadLibrary(Class<?> caller, String library);
 }

src/java.base/share/classes/jdk/internal/loader/BootLoader.java

@@ -128,6 +128,23 @@ public class BootLoader {
         }
     }
 
+    /**
+     * Loads a library from the system path.
+     */
+    public static void loadLibrary(String library) {
+        if (System.getSecurityManager() == null) {
+            SharedSecrets.getJavaLangAccess().loadLibrary(BootLoader.class, library);
+        } else {
+            AccessController.doPrivileged(
+                new java.security.PrivilegedAction<>() {
+                    public Void run() {
+                        SharedSecrets.getJavaLangAccess().loadLibrary(BootLoader.class, library);
+                        return null;
+                    }
+                });
+        }
+    }
+
     /**
      * Returns a URL to a resource in a module defined to the boot loader.
      */

src/java.base/share/classes/sun/net/sdp/SdpSupport.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2010, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2010, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -27,7 +27,6 @@ package sun.net.sdp;
 
 import java.io.IOException;
 import java.io.FileDescriptor;
-import java.security.AccessController;
 
 import jdk.internal.access.SharedSecrets;
 import jdk.internal.access.JavaIOFileDescriptorAccess;
@@ -75,12 +74,6 @@ public final class SdpSupport {
     private static native void convert0(int fd) throws IOException;
 
     static {
-        AccessController.doPrivileged(
-            new java.security.PrivilegedAction<Void>() {
-                public Void run() {
-                    System.loadLibrary("net");
-                    return null;
-                }
-            });
+        jdk.internal.loader.BootLoader.loadLibrary("net");
     }
 }

src/java.base/share/classes/sun/net/spi/DefaultProxySelector.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -98,13 +98,7 @@ public class DefaultProxySelector extends ProxySelector {
                     return NetProperties.getBoolean(key);
                 }});
         if (b != null && b.booleanValue()) {
-            java.security.AccessController.doPrivileged(
-                new java.security.PrivilegedAction<Void>() {
-                    public Void run() {
-                        System.loadLibrary("net");
-                        return null;
-                    }
-                });
+            jdk.internal.loader.BootLoader.loadLibrary("net");
             hasSystemProxies = init();
         }
     }

src/java.base/share/classes/sun/nio/ch/IOUtil.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -432,15 +432,8 @@ public class IOUtil {
     public static void load() { }
 
     static {
-        java.security.AccessController.doPrivileged(
-                new java.security.PrivilegedAction<Void>() {
-                    public Void run() {
-                        System.loadLibrary("net");
-                        System.loadLibrary("nio");
-                        return null;
-                    }
-                });
-
+        jdk.internal.loader.BootLoader.loadLibrary("net");
+        jdk.internal.loader.BootLoader.loadLibrary("nio");
         initIDs();
 
         IOV_MAX = iovMax();