Skip to content

8354053: Remove unused JavaIOFilePermissionAccess #24603

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 2 commits into from
Closed

8354053: Remove unused JavaIOFilePermissionAccess #24603

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
721fba8
8354053: Remove unused JavaIOFilePermissionAccess
RogerRiggs Apr 9, 2025
56680c4
Simplify as suggested in review comments
RogerRiggs Apr 14, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
114 changes: 65 additions & 49 deletions src/java.base/share/classes/java/io/FilePermission.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,11 +34,9 @@
import java.util.Vector;
import java.util.concurrent.ConcurrentHashMap;

import jdk.internal.access.JavaIOFilePermissionAccess;
import jdk.internal.access.SharedSecrets;
import sun.nio.fs.DefaultFileSystemProvider;
import sun.security.util.FilePermCompat;
import sun.security.util.SecurityConstants;
import sun.security.util.SecurityProperties;

/**
* This class represents access to a file or directory. A FilePermission consists
Expand Down Expand Up @@ -155,6 +153,26 @@ public final class FilePermission extends Permission implements Serializable {
private static final char RECURSIVE_CHAR = '-';
private static final char WILD_CHAR = '*';

/**
* New behavior? Keep compatibility?
* The new behavior does not use the canonical path normalization
*/
private static final boolean nb = initNb();

// Initialize the nb flag from the System property jdk.io.permissionsUseCanonicalPath.
private static boolean initNb() {
String flag = SecurityProperties.getOverridableProperty(
"jdk.io.permissionsUseCanonicalPath");
return switch (flag) {
case "true" -> false; // compatibility mode to canonicalize paths
case "false" -> true; // do not canonicalize
case null -> true; // default, do not canonicalize
default ->
throw new RuntimeException(
"Invalid jdk.io.permissionsUseCanonicalPath: " + flag);
};
}

// public String toString() {
// StringBuilder sb = new StringBuilder();
// sb.append("*** FilePermission on " + getName() + " ***");
Expand Down Expand Up @@ -232,51 +250,49 @@ private static Path altPath(Path in) {
}
}

static {
SharedSecrets.setJavaIOFilePermissionAccess(
/**
* Creates FilePermission objects with special internals.
* See {@link FilePermCompat#newPermPlusAltPath(Permission)} and
* {@link FilePermCompat#newPermUsingAltPath(Permission)}.
*/
new JavaIOFilePermissionAccess() {
public FilePermission newPermPlusAltPath(FilePermission input) {
if (!input.invalid && input.npath2 == null && !input.allFiles) {
Path npath2 = altPath(input.npath);
if (npath2 != null) {
// Please note the name of the new permission is
// different than the original so that when one is
// added to a FilePermissionCollection it will not
// be merged with the original one.
return new FilePermission(input.getName() + "#plus",
input,
input.npath,
npath2,
input.mask,
input.actions);
}
}
return input;
}
public FilePermission newPermUsingAltPath(FilePermission input) {
if (!input.invalid && !input.allFiles) {
Path npath2 = altPath(input.npath);
if (npath2 != null) {
// New name, see above.
return new FilePermission(input.getName() + "#using",
input,
npath2,
null,
input.mask,
input.actions);
}
}
return null;
}
// Construct a new Permission with altPath
// Used by test FilePermissionCollectionMerge
private FilePermission newPermPlusAltPath() {
System.err.println("PlusAlt path: " + this + ", npath: " + npath);
if (nb && !invalid && npath2 == null && !allFiles) {
Path npath2 = altPath(npath);
if (npath2 != null) {
// Please note the name of the new permission is
// different than the original so that when one is
// added to a FilePermissionCollection it will not
// be merged with the original one.
return new FilePermission(getName() + "#plus",
this,
npath,
npath2,
mask,
actions);
}
);
}
return this;
}

// Construct a new Permission adding altPath
// Used by test FilePermissionCollectionMerge
private FilePermission newPermUsingAltPath() {
System.err.println("Alt path: " + this + ", npath: " + npath);
if (!invalid && !allFiles) {
Path npath2 = altPath(npath);
if (npath2 != null) {
// New name, see above.
return new FilePermission(getName() + "#using",
this,
npath2,
null,
mask,
actions);
}
}
return this;
}



/**
* initialize a FilePermission object. Common to all constructors.
* Also called during de-serialization.
Expand All @@ -291,7 +307,7 @@ private void init(int mask) {
if (mask == NONE)
throw new IllegalArgumentException("invalid actions mask");

if (FilePermCompat.nb) {
if (nb) {
String name = getName();

if (name == null)
Expand Down Expand Up @@ -567,7 +583,7 @@ boolean impliesIgnoreMask(FilePermission that) {
if (that.allFiles) {
return false;
}
if (FilePermCompat.nb) {
if (nb) {
// Left at least same level of wildness as right
if ((this.recursive && that.recursive) != that.recursive
|| (this.directory && that.directory) != that.directory) {
Expand Down Expand Up @@ -766,7 +782,7 @@ public boolean equals(Object obj) {
if (this.invalid || that.invalid) {
return false;
}
if (FilePermCompat.nb) {
if (nb) {
return (this.mask == that.mask) &&
(this.allFiles == that.allFiles) &&
this.npath.equals(that.npath) &&
Expand All @@ -789,7 +805,7 @@ public boolean equals(Object obj) {
*/
@Override
public int hashCode() {
if (FilePermCompat.nb) {
if (nb) {
return Objects.hash(
mask, allFiles, directory, recursive, npath, npath2, invalid);
} else {
Expand Down
50 changes: 0 additions & 50 deletions src/java.base/share/classes/jdk/internal/access/JavaIOFilePermissionAccess.java
View file
Open in desktop

This file was deleted.

15 changes: 0 additions & 15 deletions src/java.base/share/classes/jdk/internal/access/SharedSecrets.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,6 @@ public class SharedSecrets {
private static JavaLangReflectAccess javaLangReflectAccess;
private static JavaIOAccess javaIOAccess;
private static JavaIOFileDescriptorAccess javaIOFileDescriptorAccess;
private static JavaIOFilePermissionAccess javaIOFilePermissionAccess;
private static JavaIORandomAccessFileAccess javaIORandomAccessFileAccess;
private static JavaObjectInputStreamReadString javaObjectInputStreamReadString;
private static JavaObjectInputStreamAccess javaObjectInputStreamAccess;
Expand Down Expand Up @@ -287,20 +286,6 @@ public static void setJavaIOFileDescriptorAccess(JavaIOFileDescriptorAccess jiof
javaIOFileDescriptorAccess = jiofda;
}

@SuppressWarnings("removal")
public static JavaIOFilePermissionAccess getJavaIOFilePermissionAccess() {
var access = javaIOFilePermissionAccess;
if (access == null) {
ensureClassInitialized(FilePermission.class);
access = javaIOFilePermissionAccess;
}
return access;
}

public static void setJavaIOFilePermissionAccess(JavaIOFilePermissionAccess jiofpa) {
javaIOFilePermissionAccess = jiofpa;
}

public static JavaIOFileDescriptorAccess getJavaIOFileDescriptorAccess() {
var access = javaIOFileDescriptorAccess;
if (access == null) {
Expand Down
80 changes: 0 additions & 80 deletions src/java.base/share/classes/sun/security/util/FilePermCompat.java
View file
Open in desktop

This file was deleted.

29 changes: 20 additions & 9 deletions test/jdk/java/io/FilePermission/FilePermissionCollectionMerge.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2016, 2025, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
Expand All @@ -24,19 +24,21 @@
/**
*
* @test
* @bug 8168127
* @bug 8168127 8354053
* @summary FilePermissionCollection merges incorrectly
* @modules java.base/sun.security.util
* @modules java.base/java.io:open
* @library /test/lib
* @build jdk.test.lib.Asserts
* @run main FilePermissionCollectionMerge
*/

import sun.security.util.FilePermCompat;
import java.io.FilePermission;
import java.lang.reflect.Method;
import java.security.Permissions;

import jdk.test.lib.Asserts;

@SuppressWarnings("removal")
public class FilePermissionCollectionMerge {

public static void main(String[] args) throws Exception {
Expand All @@ -50,13 +52,22 @@ public static void main(String[] args) throws Exception {
test("/x/-");
}

static void test(String arg) {
static void test(String arg) throws Exception {

Method altPathMethod;
Method plusAltPathMethod;
try {
altPathMethod = FilePermission.class.getDeclaredMethod("newPermUsingAltPath");
altPathMethod.setAccessible(true);
plusAltPathMethod = FilePermission.class.getDeclaredMethod("newPermPlusAltPath");
plusAltPathMethod.setAccessible(true);
} catch (Exception ex) {
System.err.println("File permission compatibility initialization failed");
throw ex;
}
FilePermission fp1 = new FilePermission(arg, "read");
FilePermission fp2 = (FilePermission)
FilePermCompat.newPermUsingAltPath(fp1);
FilePermission fp3 = (FilePermission)
FilePermCompat.newPermPlusAltPath(fp1);
FilePermission fp2 = (FilePermission) altPathMethod.invoke(fp1);
FilePermission fp3 = (FilePermission) plusAltPathMethod.invoke(fp1);

// All 3 are different
Asserts.assertNE(fp1, fp2);
Expand Down