8055309: RMI needs better transportation considerations

Reviewed-by: alanb, igerasim, skoivu, msheppar

8055309: RMI needs better transportation considerations
Reviewed-by: alanb, igerasim, skoivu, msheppar
d7e3d36a · smarks · c12102a9 · d7e3d36a · d7e3d36a
2 changed file
--- a/src/share/classes/sun/rmi/transport/Transport.java
+++ b/src/share/classes/sun/rmi/transport/Transport.java
 /*
- * Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2014, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@@ -37,6 +37,10 @@ import java.rmi.server.RemoteCall;
 import java.rmi.server.RemoteServer;
 import java.rmi.server.ServerNotActiveException;
 import java.security.AccessControlContext;
+import java.security.AccessController;
+import java.security.Permissions;
+import java.security.PrivilegedAction;
+import java.security.ProtectionDomain;
 import sun.rmi.runtime.Log;
 import sun.rmi.server.Dispatcher;
 import sun.rmi.server.UnicastServerRef;
@@ -68,6 +72,15 @@ public abstract class Transport {
    /** ObjID for DGCImpl */
    private static final ObjID dgcID = new ObjID(ObjID.DGC_ID);
+    /** AccessControlContext for setting context ClassLoader */
+    private static final AccessControlContext SETCCL_ACC;
+    static {
+        Permissions perms = new Permissions();
+        perms.add(new RuntimePermission("setContextClassLoader"));
+        ProtectionDomain[] pd = { new ProtectionDomain(null, perms) };
+        SETCCL_ACC = new AccessControlContext(pd);
+    }
    /**
     * Returns a <I>Channel</I> that generates connections to the
     * endpoint <I>ep</I>. A Channel is an object that creates and
@@ -116,6 +129,16 @@ public abstract class Transport {
     */
    protected abstract void checkAcceptPermission(AccessControlContext acc);
+    /**
+     * Sets the context class loader for the current thread.
+     */
+    private static void setContextClassLoader(ClassLoader ccl) {
+        AccessController.doPrivileged((PrivilegedAction<Void>)() -> {
+                Thread.currentThread().setContextClassLoader(ccl);
+                return null;
+            }, SETCCL_ACC);
+    }
    /**
     * Service an incoming remote call. When a message arrives on the
     * connection indicating the beginning of a remote call, the
@@ -164,11 +187,10 @@ public abstract class Transport {
                    target.getAccessControlContext();
                ClassLoader ccl = target.getContextClassLoader();
-                Thread t = Thread.currentThread();
+                ClassLoader savedCcl = Thread.currentThread().getContextClassLoader();
-                ClassLoader savedCcl = t.getContextClassLoader();
                try {
-                    t.setContextClassLoader(ccl);
+                    setContextClassLoader(ccl);
                    currentTransport.set(this);
                    try {
                        java.security.AccessController.doPrivileged(
@@ -183,7 +205,7 @@ public abstract class Transport {
                        throw (IOException) pae.getException();
                    }
                } finally {
-                    t.setContextClassLoader(savedCcl);
+                    setContextClassLoader(savedCcl);
                    currentTransport.set(null);
                }

--- a/src/share/classes/sun/rmi/transport/tcp/TCPTransport.java
+++ b/src/share/classes/sun/rmi/transport/tcp/TCPTransport.java
 /*
- * Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2014, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@@ -49,6 +49,9 @@ import java.rmi.server.ServerNotActiveException;
 import java.rmi.server.UID;
 import java.security.AccessControlContext;
 import java.security.AccessController;
+import java.security.Permissions;
+import java.security.PrivilegedAction;
+import java.security.ProtectionDomain;
 import java.util.ArrayList;
 import java.util.LinkedList;
 import java.util.List;
@@ -123,6 +126,14 @@ public class TCPTransport extends Transport {
    private static final ThreadLocal<ConnectionHandler>
        threadConnectionHandler = new ThreadLocal<>();
+    /** an AccessControlContext with no permissions */
+    private static final AccessControlContext NOPERMS_ACC;
+    static {
+        Permissions perms = new Permissions();
+        ProtectionDomain[] pd = { new ProtectionDomain(null, perms) };
+        NOPERMS_ACC = new AccessControlContext(pd);
+    }
    /** endpoints for this transport */
    private final LinkedList<TCPEndpoint> epList;
    /** number of objects exported on this transport */
@@ -662,16 +673,19 @@ public class TCPTransport extends Transport {
        }
        public void run() {
-            Thread t = Thread.currentThread();
+            AccessController.doPrivileged((PrivilegedAction<Void>)() -> {
-            String name = t.getName();
+                    Thread t = Thread.currentThread();
-            try {
+                    String name = t.getName();
-                t.setName("RMI TCP Connection(" +
+                    try {
-                          connectionCount.incrementAndGet() +
+                        t.setName("RMI TCP Connection(" +
-                          ")-" + remoteHost);
+                                  connectionCount.incrementAndGet() +
-                run0();
+                                  ")-" + remoteHost);
-            } finally {
+                        run0();
-                t.setName(name);
+                    } finally {
-            }
+                        t.setName(name);
+                    }
+                    return null;
+                }, NOPERMS_ACC);
        }
        private void run0() {