RFR(M) 8189116: Give the jdk.internal.vm.compiler.management only the permissions it really needs to expose the bean
Jaroslav Tulach
jaroslav.tulach at oracle.com
Tue Nov 14 06:22:05 UTC 2017
I tried the same test with
changeset: 47679:d85284ccd1bd
user: sspitsyn
date: Fri Nov 03 17:09:25 2017 -0700
summary: 8189731: Disable CFLH when there are no transformers
and it also yields the exception. E.g. the problem is certainly not result of
my changes.
-jt
PS: I try full rebuild on d85284ccd1bd maybe it disappears...
On pondělí 13. listopadu 2017 20:53:35 CET Jaroslav Tulach wrote:
> Hello Mandy,
>
> this was a good test:
> > > ./build/linux-x64/jdk/bin/java -XX:+UnlockExperimentalVMOptions -XX:
> > > +EnableJVMCI -XX:+UseJVMCICompiler -jar ...
> >
> > You can also try running the above command with -Djava.security.manager
> > as a sanity test (the application may need additional permissions) -
> > just a sanity test.
>
> I've just tried:
>
> $ ./build/linux-x64/jdk/bin/java -XX:+UnlockExperimentalVMOptions -XX:
> +EnableJVMCI -XX:+UseJVMCICompiler -Djava.security.manager -jar ~/
> NetBeansProjects/sieve/java/algorithm/target/sieve-algorithm-1.0-SNAPSHOT.ja
> r
>
> and it doesn't work. I am getting an error below, however the code is not
> running through my module at all. I don't understand the failure, I will
> have to investigate more.
>
> -jt
>
>
> Caused by: java.security.AccessControlException: access denied
> ("java.lang.RuntimePermission" "accessClassInPackage.jdk.vm.ci.services")
> at java.base/
> java.security.AccessControlContext.checkPermission(AccessControlContext.java
> : 472)
> at java.base/
> java.security.AccessController.checkPermission(AccessController.java:895)
> at java.base/
> java.lang.SecurityManager.checkPermission(SecurityManager.java:558)
> at java.base/
> java.lang.SecurityManager.checkPackageAccess(SecurityManager.java:1534)
> at java.base/java.lang.ClassLoader$1.run(ClassLoader.java:680)
> at java.base/java.lang.ClassLoader$1.run(ClassLoader.java:678)
> at java.base/java.security.AccessController.doPrivileged(Native
> Method)
> at java.base/
> java.lang.ClassLoader.checkPackageAccess(ClassLoader.java:678)
> at java.base/java.lang.ClassLoader.defineClass1(Native Method)
> at
> java.base/java.lang.ClassLoader.defineClass(ClassLoader.java:1006) at
> java.base/java.lang.ClassLoader.defineClass(ClassLoader.java:1085) at
> java.base/
> java.security.SecureClassLoader.defineClass(SecureClassLoader.java:206)
> at java.base/
> jdk.internal.loader.BuiltinClassLoader.defineClass(BuiltinClassLoader.java:7
> 60) at java.base/jdk.internal.loader.BuiltinClassLoader.lambda
> $findClassInModuleOrNull$2(BuiltinClassLoader.java:683)
> at java.base/java.security.AccessController.doPrivileged(Native
> Method)
> at java.base/
> jdk.internal.loader.BuiltinClassLoader.findClassInModuleOrNull(BuiltinClassL
> oader.java: 684)
> at java.base/
> jdk.internal.loader.BuiltinClassLoader.findClass(BuiltinClassLoader.java:562
> ) at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:607) at
> java.base/java.lang.Class.forName(Class.java:451)
> at java.base/java.util.ServiceLoader.lambda$loadProvider
> $1(ServiceLoader.java:856)
> at java.base/java.security.AccessController.doPrivileged(Native
> Method)
> at
> java.base/java.util.ServiceLoader.loadProvider(ServiceLoader.java: 858)
More information about the core-libs-dev
mailing list