diff options
| author | Gary Benson <gbenson@redhat.com> | 2006-08-14 14:24:52 +0000 |
|---|---|---|
| committer | Gary Benson <gary@gcc.gnu.org> | 2006-08-14 14:24:52 +0000 |
| commit | be6415beaefe63fbcf0f8fad53cf9662fb6640ba (patch) | |
| tree | 7fe539e40e9ebdcbc39e02be15bd5107a3797cac /libjava/java/security/VMAccessController.java | |
| parent | 2b3969faee4094c5b857bf024e8ce4b7d832dc2d (diff) | |
| download | gcc-be6415beaefe63fbcf0f8fad53cf9662fb6640ba.zip gcc-be6415beaefe63fbcf0f8fad53cf9662fb6640ba.tar.gz gcc-be6415beaefe63fbcf0f8fad53cf9662fb6640ba.tar.bz2 | |
Thread.java (accessControlState): New field.
2006-08-14 Gary Benson <gbenson@redhat.com>
* java/lang/Thread.java (accessControlState): New field.
* java/security/VMAccessControlState.java: New file.
* java/security/natVMAccessControlState.cc: Likewise.
* java/security/VMAccessController.java
(contexts, inGetContext): Removed.
(pushContext, popContext, getContext): Use VMAccessControlState.
* Makefile.am (nat_source_files): Updated.
* sources.am, Makefile.in: Rebuilt.
From-SVN: r116128
Diffstat (limited to 'libjava/java/security/VMAccessController.java')
| -rw-r--r-- | libjava/java/security/VMAccessController.java | 55 |
1 files changed, 18 insertions, 37 deletions
diff --git a/libjava/java/security/VMAccessController.java b/libjava/java/security/VMAccessController.java index 85d0313..8436c9c 100644 --- a/libjava/java/security/VMAccessController.java +++ b/libjava/java/security/VMAccessController.java @@ -46,21 +46,6 @@ final class VMAccessController // ------------------------------------------------------------------------- /** - * This is a per-thread stack of AccessControlContext objects (which can - * be null) for each call to AccessController.doPrivileged in each thread's - * call stack. We use this to remember which context object corresponds to - * which call. - */ - private static final ThreadLocal contexts = new ThreadLocal(); - - /** - * This is a Boolean that, if set, tells getContext that it has already - * been called once, allowing us to handle recursive permission checks - * caused by methods getContext calls. - */ - private static final ThreadLocal inGetContext = new ThreadLocal(); - - /** * And we return this all-permissive context to ensure that privileged * methods called from getContext succeed. */ @@ -103,19 +88,15 @@ final class VMAccessController */ static void pushContext (AccessControlContext acc) { - if (Thread.currentThread() == null) + // Can't really do anything while the VM is initializing. + VMAccessControlState state = VMAccessControlState.getThreadState(); + if (state == null) return; if (DEBUG) debug("pushing " + acc); - LinkedList stack = (LinkedList) contexts.get(); - if (stack == null) - { - if (DEBUG) - debug("no stack... creating "); - stack = new LinkedList(); - contexts.set(stack); - } + + LinkedList stack = state.getContexts(); stack.addFirst(acc); } @@ -127,7 +108,9 @@ final class VMAccessController */ static void popContext() { - if (Thread.currentThread() == null) + // Can't really do anything while the VM is initializing. + VMAccessControlState state = VMAccessControlState.getThreadState(); + if (state == null) return; if (DEBUG) @@ -135,12 +118,10 @@ final class VMAccessController // Stack should never be null, nor should it be empty, if this method // and its counterpart has been called properly. - LinkedList stack = (LinkedList) contexts.get(); - if (stack != null) + LinkedList stack = state.getContexts(); + if (!stack.isEmpty()) { - stack.removeFirst(); - if (stack.isEmpty()) - contexts.set(null); + stack.removeFirst(); } else if (DEBUG) { @@ -159,7 +140,8 @@ final class VMAccessController { // If the VM is initializing return the all-permissive context // so that any security checks succeed. - if (Thread.currentThread() == null) + VMAccessControlState state = VMAccessControlState.getThreadState(); + if (state == null) return DEFAULT_CONTEXT; // If we are already in getContext, but called a method that needs @@ -168,15 +150,14 @@ final class VMAccessController // // XXX is this necessary? We should verify if there are any calls in // the stack below this method that require permission checks. - Boolean inCall = (Boolean) inGetContext.get(); - if (inCall != null && inCall.booleanValue()) + if (state.isInGetContext()) { if (DEBUG) debug("already in getContext"); return DEFAULT_CONTEXT; } - inGetContext.set(Boolean.TRUE); + state.setInGetContext(true); Object[] stack = getStack(); Class[] classes = (Class[]) stack[0]; @@ -210,8 +191,8 @@ final class VMAccessController // If there was a call to doPrivileged with a supplied context, // return that context. If using JAAS doAs*, it should be // a context with a SubjectDomainCombiner - LinkedList l = (LinkedList) contexts.get(); - if (l != null) + LinkedList l = state.getContexts(); + if (!l.isEmpty()) context = (AccessControlContext) l.getFirst(); } @@ -256,7 +237,7 @@ final class VMAccessController else context = new AccessControlContext (result); - inGetContext.set(Boolean.FALSE); + state.setInGetContext(false); return context; } |