gcj-security and some issues

Tom Tromey tromey@redhat.com
Wed Apr 28 16:37:00 GMT 2004


>>>>> "Anthony" == Anthony Green <green@redhat.com> writes:

Anthony> If we're primarily interested in identifying protection
Anthony> domains, are there some short cuts we can make?  For
Anthony> instance, can we just map .so's to protection domains, and
Anthony> then simply identify which .so a PC is associated with
Anthony> (rather than go all they way down to the class level).

Eventually we'll be able to load multiple .so's via different class
loaders.  So the mapping would have to be by the particular mapping,
not by, say, the .so's inode.

It should be pretty easy to set the protection domain on classes
loaded from shared libraries.  I had started a patch to do this
(according to my notes, late 2002) but never quite finished.  I've
appended it in case it is useful to someone.  ISTR it was really
inefficient, there's probably a better way.

Tom

Index: ChangeLog
<<<<<<< ChangeLog
from  Tom Tromey  <tromey@redhat.com>

	* include/jvm.h (_Jv_SetDefaultProtectionDomain): Declare.
	* prims.cc (_Jv_RunMain): Call _Jv_SetDefaultProtectionDomain.
	* java/lang/natClass.cc: Include URL.h, ProtectionDomain.h,
	CodeSource.h, File.h.
	(default_protection_domain): New global.
	(_Jv_SetDefaultProtectionDomain): New function.
	(getProtectionDomain0): Use default_protection_domain.
	* java/lang/natClassLoader.cc (struct _Jv_LoaderInfo):
	Reindented.

2002-09-09  Tom Tromey  <tromey@redhat.com>

	* Makefile.in: Rebuilt.
	* Makefile.am (ordinary_java_source_files): Removed org.w3c.* and
	org.xml.*.

=======
>>>>>>> 1.1432
Index: prims.cc
===================================================================
RCS file: /cvs/gcc/gcc/libjava/prims.cc,v
retrieving revision 1.73
diff -u -r1.73 prims.cc
--- prims.cc 24 Aug 2002 22:46:18 -0000 1.73
+++ prims.cc 10 Sep 2002 18:39:11 -0000
@@ -974,6 +974,8 @@
 #endif /* HAVE_PROC_SELF_EXE */
 #endif /* DISABLE_MAIN_ARGS */
 
+  _Jv_SetDefaultProtectionDomain ();
+
   try
     {
       // Set this very early so that it is seen when java.lang.System
Index: include/jvm.h
===================================================================
RCS file: /cvs/gcc/gcc/libjava/include/jvm.h,v
retrieving revision 1.52
diff -u -r1.52 jvm.h
--- include/jvm.h 29 Aug 2002 17:53:28 -0000 1.52
+++ include/jvm.h 10 Sep 2002 18:39:12 -0000
@@ -244,6 +244,8 @@
 void _Jv_RunMain (jclass klass, const char *name, int argc, const char **argv, 
 		  bool is_jar);
 
+void _Jv_SetDefaultProtectionDomain (void);
+
 // Delayed until after _Jv_AllocBytes is declared.
 //
 // Note that we allocate this as unscanned memory -- the vtables
Index: java/lang/natClass.cc
===================================================================
RCS file: /cvs/gcc/gcc/libjava/java/lang/natClass.cc,v
retrieving revision 1.53
diff -u -r1.53 natClass.cc
--- java/lang/natClass.cc 3 Sep 2002 21:33:46 -0000 1.53
+++ java/lang/natClass.cc 10 Sep 2002 18:39:13 -0000
@@ -49,6 +49,11 @@
 #include <java/lang/StringBuffer.h>
 #include <gcj/method.h>
 
+#include <java/net/URL.h>
+#include <java/security/ProtectionDomain.h>
+#include <java/security/CodeSource.h>
+#include <java/io/File.h>
+
 #include <java-cpool.h>
 
 
@@ -1453,11 +1458,38 @@
   throw new java::lang::NoSuchMethodException;
 }
 
+// Default protection domain.
+static java::security::ProtectionDomain *default_protection_domain;
+
+// This must be called from a single-threaded context at startup.
+void
+_Jv_SetDefaultProtectionDomain (void)
+{
+  try
+    {
+      char *exe = _Jv_ThisExecutable ();
+      java::io::File *file = new java::io::File (JvNewStringUTF (exe));
+      java::io::File *dir = file->getParentFile ();
+      java::net::URL *loc = dir->toURL ();
+
+      java::security::CodeSource *code
+	= new java::security::CodeSource (loc, NULL);
+      java::security::ProtectionDomain *domain
+	= new java::security::ProtectionDomain (code, NULL);
+
+      default_protection_domain = domain;
+    }
+  catch (java::lang::Throwable *ignore)
+    {
+      // We just ignore any failure.
+    }
+}
+
 // Private accessor method for Java code to retrieve the protection domain.
 java::security::ProtectionDomain *
 java::lang::Class::getProtectionDomain0 ()
 {
-  return protectionDomain;
+  return protectionDomain ? protectionDomain : default_protection_domain;
 }
 
 // Functions for indirect dispatch (symbolic virtual method binding) support.
Index: java/lang/natClassLoader.cc
===================================================================
RCS file: /cvs/gcc/gcc/libjava/java/lang/natClassLoader.cc,v
retrieving revision 1.49
diff -u -r1.49 natClassLoader.cc
--- java/lang/natClassLoader.cc 25 Jun 2002 05:29:20 -0000 1.49
+++ java/lang/natClassLoader.cc 10 Sep 2002 18:39:13 -0000
@@ -330,10 +330,11 @@
 // Hash function for Utf8Consts.
 #define HASH_UTF(Utf) (((Utf)->hash) % HASH_LEN)
 
-struct _Jv_LoaderInfo {
-    _Jv_LoaderInfo          *next;
-    java::lang::Class       *klass;
-    java::lang::ClassLoader *loader;
+struct _Jv_LoaderInfo
+{
+  _Jv_LoaderInfo          *next;
+  java::lang::Class       *klass;
+  java::lang::ClassLoader *loader;
 };
 
 static _Jv_LoaderInfo *initiated_classes[HASH_LEN];



More information about the Java mailing list