JavaAdapterClassLoader.java revision 1715:b1de131a3fed
1/* 2 * Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26package jdk.nashorn.internal.runtime.linker; 27 28import java.lang.reflect.InvocationTargetException; 29import java.lang.reflect.Method; 30import java.lang.reflect.Module; 31import java.security.AccessControlContext; 32import java.security.AccessController; 33import java.security.PrivilegedAction; 34import java.security.ProtectionDomain; 35import java.security.SecureClassLoader; 36import java.util.Arrays; 37import java.util.Collection; 38import java.util.Collections; 39import java.util.HashSet; 40import java.util.Set; 41import jdk.dynalink.beans.StaticClass; 42import jdk.nashorn.internal.codegen.DumpBytecode; 43import jdk.nashorn.internal.runtime.Context; 44import jdk.nashorn.internal.runtime.JSType; 45import jdk.nashorn.internal.runtime.ScriptFunction; 46import jdk.nashorn.internal.runtime.ScriptObject; 47 48/** 49 * This class encapsulates the bytecode of the adapter class and can be used to load it into the JVM as an actual Class. 50 * It can be invoked repeatedly to create multiple adapter classes from the same bytecode; adapter classes that have 51 * class-level overrides must be re-created for every set of such overrides. Note that while this class is named 52 * "class loader", it does not, in fact, extend {@code ClassLoader}, but rather uses them internally. Instances of this 53 * class are normally created by {@code JavaAdapterBytecodeGenerator}. 54 */ 55final class JavaAdapterClassLoader { 56 private static final Module NASHORN_MODULE = Context.class.getModule(); 57 58 private static final AccessControlContext CREATE_LOADER_ACC_CTXT = ClassAndLoader.createPermAccCtxt("createClassLoader"); 59 private static final AccessControlContext GET_CONTEXT_ACC_CTXT = ClassAndLoader.createPermAccCtxt(Context.NASHORN_GET_CONTEXT); 60 61 private static final Collection<String> VISIBLE_INTERNAL_CLASS_NAMES = Collections.unmodifiableCollection(new HashSet<>( 62 Arrays.asList(JavaAdapterServices.class.getName(), ScriptObject.class.getName(), ScriptFunction.class.getName(), JSType.class.getName()))); 63 64 private final String className; 65 private final byte[] classBytes; 66 67 JavaAdapterClassLoader(final String className, final byte[] classBytes) { 68 this.className = className.replace('/', '.'); 69 this.classBytes = classBytes; 70 } 71 72 /** 73 * Loads the generated adapter class into the JVM. 74 * @param parentLoader the parent class loader for the generated class loader 75 * @param protectionDomain the protection domain for the generated class 76 * @return the generated adapter class 77 */ 78 StaticClass generateClass(final ClassLoader parentLoader, final ProtectionDomain protectionDomain) { 79 assert protectionDomain != null; 80 return AccessController.doPrivileged(new PrivilegedAction<StaticClass>() { 81 @Override 82 public StaticClass run() { 83 try { 84 return StaticClass.forClass(Class.forName(className, true, createClassLoader(parentLoader, protectionDomain))); 85 } catch (final ClassNotFoundException e) { 86 throw new AssertionError(e); // cannot happen 87 } 88 } 89 }, CREATE_LOADER_ACC_CTXT); 90 } 91 92 // Note that the adapter class is created in the protection domain of the class/interface being 93 // extended/implemented, and only the privileged global setter action class is generated in the protection domain 94 // of Nashorn itself. Also note that the creation and loading of the global setter is deferred until it is 95 // required by JVM linker, which will only happen on first invocation of any of the adapted method. We could defer 96 // it even more by separating its invocation into a separate static method on the adapter class, but then someone 97 // with ability to introspect on the class and use setAccessible(true) on it could invoke the method. It's a 98 // security tradeoff... 99 private ClassLoader createClassLoader(final ClassLoader parentLoader, final ProtectionDomain protectionDomain) { 100 return new SecureClassLoader(parentLoader) { 101 private final ClassLoader myLoader = getClass().getClassLoader(); 102 103 // the unnamed module into which adapter is loaded! 104 private final Module adapterModule = getUnnamedModule(); 105 106 { 107 // specific exports from nashorn to the new adapter module 108 NASHORN_MODULE.addExports("jdk.nashorn.internal.runtime", adapterModule); 109 NASHORN_MODULE.addExports("jdk.nashorn.internal.runtime.linker", adapterModule); 110 111 // nashorn should be be able to read methods of classes loaded in adapter module 112 NASHORN_MODULE.addReads(adapterModule); 113 } 114 115 @Override 116 public Class<?> loadClass(final String name, final boolean resolve) throws ClassNotFoundException { 117 try { 118 Context.checkPackageAccess(name); 119 return super.loadClass(name, resolve); 120 } catch (final SecurityException se) { 121 // we may be implementing an interface or extending a class that was 122 // loaded by a loader that prevents package.access. If so, it'd throw 123 // SecurityException for nashorn's classes!. For adapter's to work, we 124 // should be able to refer to the few classes it needs in its implementation. 125 if(VISIBLE_INTERNAL_CLASS_NAMES.contains(name)) { 126 return myLoader != null? myLoader.loadClass(name) : Class.forName(name, false, myLoader); 127 } 128 throw se; 129 } 130 } 131 132 @Override 133 protected Class<?> findClass(final String name) throws ClassNotFoundException { 134 if(name.equals(className)) { 135 assert classBytes != null : "what? already cleared .class bytes!!"; 136 137 final Context ctx = AccessController.doPrivileged(new PrivilegedAction<Context>() { 138 @Override 139 public Context run() { 140 return Context.getContext(); 141 } 142 }, GET_CONTEXT_ACC_CTXT); 143 DumpBytecode.dumpBytecode(ctx.getEnv(), ctx.getLogger(jdk.nashorn.internal.codegen.Compiler.class), classBytes, name); 144 return defineClass(name, classBytes, 0, classBytes.length, protectionDomain); 145 } 146 throw new ClassNotFoundException(name); 147 } 148 }; 149 } 150} 151