summaryrefslogtreecommitdiffstats
path: root/src/java/jogamp
Commit message (Collapse)AuthorAgeFilesLines
* Security: Tighten DynamicLinker*, NativeLibrary and DynamicLibraryBundle ↵Sven Gothel2013-06-214-27/+63
| | | | | | | | | | | | | | | | | | | | | | access (2) - Completes 23341a2df2d2ea36784a16fa1db8bc7385351a12 - Replace 'DynamicLinker' interface w/ well documented one - All DynamicLinker methods are now considered secure, i.e.: - open/lookup and close utilize reference counting on handle via a hash map. - lookupSymbol(..) and close(..) impl. validate the passed library handle whether it's retrieved via open*. This is the fast path, not that expensive. - lookupSymbolGlobal(..) performs Check acccess of 'new RuntimePermission("loadLibrary.*")' if SecurityManager is installed. This is the slow path. - DynamicLibraryBundleInfo now reflects the security requirements, i.e. whether priviledged access is needed.
* DynamicLinker*: Proper Override notationSven Gothel2013-06-204-3/+15
|
* Security: Tighten DynamicLinker*, NativeLibrary and DynamicLibraryBundle access.Sven Gothel2013-06-204-66/+137
|
* Robostness: Catch Throwables on NativeLibrary.open(..) and be verbose in ↵Sven Gothel2013-06-182-1/+9
| | | | DEBUG mode ; DynamicLinker: Add 'String getLastError()'.
* Fix DynamicLinker Impl: Add Bionic specialization using Bionic's non POSIX ↵Sven Gothel2013-06-164-58/+83
| | | | | | | | | | | | | | | values; Using same pattern for Mac OS X. Add Bionic specialization using Bionic's non POSIX values - derive from UnixDynamicLinkerImpl - specify own flag and mode values - use UnixDynamicLinkerImpl native code Using same pattern for Mac OS X - derive from UnixDynamicLinkerImpl - specify own flag and mode values - use UnixDynamicLinkerImpl native code - drop MacOSXDynamicLinkerImpl native code
* Fix Bug 749: Add Support for Solaris SPARC 32bitBritta Eckhardt2013-06-131-12/+17
|
* Bug 752: Review Code Vulnerabilities (Permission Checks of new exposed code ↵Sven Gothel2013-06-114-24/+24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | and privileged access) This review focuses on how we perform permission checks, or better - do we circumvent some assuming full privileges ? Some native methods do need extra permission validation, i.e. loading native libraries. Further more AccessController.doPrivileged(..) shall not cover generic code exposing a critical feature to the user. Further more .. we should rely on the SecuritManager, i.e. AccessControlContext's 'checkPermission(Permission)' code to comply w/ fine grained permission access. It is also possible to have full permission w/o having any certificates (-> policy file). +++ We remove implicit AccessController.doPrivileged(..) from within our trusted code for generic methods, like Property access, temp. files. +++ SecurityUtil: - Remove 'getCommonAccessControlContext(Class<?> clz)', which returned a local AccessControlContext for later restriction if the passed class contains all certificates as the 'trusted' GlueGen class has. - Simply expose convenient permission check methods relying on SecurityManager / AccessControlContext. PropertyAccess: - 'protected static void addTrustedPrefix(..)' requires AllPermissions if SecurityManager is installed. - Remove implicit doPrivileged(..) triggered by passed AccessControlContext instance, only leave it for trusted prefixes. IOUtil: - Remove all doPrivileged(..) - Elevation shall be performed by caller. DynamicLinker: - 'public long openLibraryLocal(..)' and 'public long openLibraryGlobal(..)' may throw SecurityException, if a SecurityManager is installed and the dyn. link permission is not granted in the calling code. Implemented in their respective Unix, OSX and Windows manifestation. Caller has to elevate privileges via 'doPrivileged(..) {}' ! +++ Tests: - Property access - File access - Native library loading Manual Applet test (unsigned, but w/ SecurityManager and policy file): > gluegen/test/applet Applet has been tested w/ signed JAR w/ Firefox and Java7 on GNU/Linux as well. Manual Application test (unsigned, but w/ SecurityManager and policy file): com.jogamp.junit.sec.TestSecIOUtil01 - Run w/ SecurityManager and policy file: - gluegen/scripts/runtest-secmgr.sh - Run w/o SecurityManager: - gluegen/scripts/runtest.sh
* Enhance VersionNumber*: Use only RegExp and cache default (no wrapped ↵Sven Gothel2013-05-311-2/+2
| | | | whitespace tokenizer); String match: Store end-of-match and flag defined components.
* RecursiveThreadGroupLockImpl01Unfairish: Fix DEBUG outputSven Gothel2013-05-051-3/+4
|
* gluegen: remove executable bit from java and c source filesHarvey Harrison2013-04-093-0/+0
| | | | Signed-off-by: Harvey Harrison <[email protected]>
* Fix RecursiveLockImpl* corner case: Timeout reached but lock released -> ↵Sven Gothel2013-03-182-16/+20
| | | | | | Assume Lock If timeout has been reached but the lock has been released, the lock has to be assumed.
* Promote AWTEDTExecutor to public package com.jogamp.common.util.awt ; ↵Sven Gothel2013-02-281-110/+0
| | | | Exclude java.part.awt in android gluegen-rt.
* Bug 681: Add Elf Parsing for other OS than Linux, if ARM and !ANDROID using ↵Sven Gothel2013-02-091-34/+83
| | | | | | | | /proc/self/exe (Linux) or a found java/jvm native lib. - PlatformPropsImpl.queryABITypeImpl: Check Elf Header for ARM + !ANDROID (i.e. add other OS than Linux, use native java/jmv lib) - NativeLibrary.enumerateLibraryPaths: Add 'sun.boot.library.path' to enumeration! - TestElfReader01: Add test for finding java/jvm native lib and parse it
* Bug 681: Use ELF Header + ARM EABI Section Parsing in PlatformPropsImpl to ↵Sven Gothel2013-02-082-22/+133
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | to distinguish ARM soft-float/hard-float (part-2) + /** + * Returns the {@link ABIType} of the current platform using given {@link CPUType cpuType} + * and {@link OSType osType} as a hint. + * <p> + * Note the following queries are performed: + * <ul> + * <li> not {@link CPUFamily#ARM} -> {@link ABIType#GENERIC_ABI} </li> + * <li> else + * <ul> + * <li> not {@link OSType#LINUX} -> {@link ABIType#EABI_GNU_ARMEL} </li> + * <li> else + * <ul> + * <li> Elf ARM Tags -> {@link ABIType#EABI_GNU_ARMEL}, {@link ABIType#EABI_GNU_ARMHF} </li> + * </ul></li> + * </ul></li> + * </ul> + * </p> + * <p> + * Elf ARM Tags are read using {@link ElfHeader}, .. and {@link SectionArmAttributes#abiVFPArgsAcceptsVFPVariant(byte)}. + * </p> + * + * @param cpuType + * @param osType + * @return + */ + private static final ABIType queryABITypeImpl(CPUType cpuType, OSType osType) {
* Bug 681: Add Basic ELF Header + ARM EABI Section Parsing, allowing to ↵Sven Gothel2013-02-087-0/+1683
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | distinguish ARM soft-float/hard-float (part-1) https://jogamp.org/bugzilla/show_bug.cgi?id=681 + * References: + * <ul> + * <li>http://linux.die.net/man/5/elf</li> + * <li>http://www.sco.com/developers/gabi/latest/contents.html</li> + * <li>http://infocenter.arm.com/ + * <ul> + * <li>ARM IHI 0044E, current through ABI release 2.09</li> + * <li>ARM IHI 0045D, current through ABI release 2.09</li> + * </ul></li> Added self contained jogamp.common.os.elf package w/ entry point class ElfHeader to read a RandomAccessFile and parse it as an ELF file. ELF Parsing completness: - Header: OK - SectionHeader: OK - Section Type SHT_ARM_ATTRIBUTES: OK - Will be read into SectionArmAttributes - Used to distinguisgh soft/hard VFP float Tested manually on: - Linux intel 32bit / 64bit, arm soft-float and hard-float
* Android: Cleanup ClassLoaderUtil/LauncherUtil - Using cached parent ↵Sven Gothel2013-01-314-61/+153
| | | | | | | | | | | | | | | | | | | | | ClassLoader for SYS-Packages w/ native libs, and non cached child ClassLoader for USR-Packages Android's Dalvik VM, like a JVM, cannot load a native library from one location by multiple ClassLoader. Since we don't like to hardcode the system-packages, as it was before, i.e. "com.jogamp.common", "javax.media.opengl", we need to either copy the libs or use parenting of cached ClassLoader. The latter is chosen, since it's faster and uses less resources. - System-packages are passed through from the user 'List<String> LauncherUtil.BaseActivityLauncher::getSysPackages()' to the ActivityLauncher, which instantiates the ClassLoader. - No more hard-reference the system-packages in ClassLoaderUtil ("com.jogamp.common", "javax.media.opengl"), just use the new user provided system-packages. - The system-packages denominate a hash-key for caching, a new ClassLoader is created and mapped if it does not yet exist. - A non-chached user-packages ClassLoader is created using the cached system-packages ClassLoader as it's parent.
* Fix ActivityLauncher/MainLauncher .. and make adb-launch-main more suitableSven Gothel2013-01-192-25/+16
| | | | | | | | | | | | | | - ActivityLauncher - no finish() from onDestroy() - MainLauncher - finish activity after returning 'main()' returns - no finish() from onDestroy() - adb-launch-main: - Clear logcat - Wait until activity is stopped - Dump logcat to local logfile
* MainLauncher: Remove Thread.destroy() - n/a on Android ..Sven Gothel2013-01-191-1/+2
|
* Modified Java 1.5 Buffers patch 2b7d1b1d25cb2cd73311ec9159b465f0391bf5e0 - ↵Sven Gothel2013-01-191-7/+13
| | | | | | | | | | | | | | May break GCJ/ECJ .. needs to be revised. - Adding JAVA_6 in PlatformPropsImpl - Buffers.isDirect() chooses fast-path iff JAVA_6, otherwise using reflection (GCJ/ECJ) - Adding JAVA_6 info in VersionUtil - API doc: Refine JAVA_SE and JAVA_6 spec. TODO: In case GCJ etc is unable to compile the JAVA_6 code even though it uses a static condition (probably not), We have to wrap isStatic in an own class, one for JAVA_6 and one for <= 1.5. This will be a good exercise for further issues we may have w/ Java <= 1.5.
* Merge remote-tracking branch 'xranby/gcj-gij'Sven Gothel2013-01-181-2/+4
|\
| * PlatformPropsImpl: JAVA_RUNTIME_NAME is null using GCJ gij JRE.Xerxes Rånby2013-01-181-2/+4
| | | | | | | | Signed-off-by: Xerxes Rånby <[email protected]>
* | Android Completion for launching main() class via MainLauncher; Fix ↵Sven Gothel2013-01-184-32/+117
|/ | | | | | | | | | | | | | ActivityLauncher order of delegation/super activity callbacks. - StaticContext: - Add ViewGroup for standalone tests w/ UI - MainLauncher/LauncherUtil: - Complete launching a main() class from our activity launcher - adding main-cmdline-args - ActivityLauncher - Fix order of delegation/super activity callbacks.
* Refine AWTEDTExecutor.invoke(..): Allow control whether a non AWT-EDT may ↵Sven Gothel2012-12-281-15/+36
| | | | | | | execute the runnable. For some 'rare' AWT/GL lifecycle actions, it is required to only run the command on the AWT-EDT, hence adding an argument determining the restriction.
* Android Launcher: Fix ClassLoaderUtil's JNI lib-path determination, use ↵Sven Gothel2012-12-271-9/+19
| | | | | | | | | | | | ApplicationInfo's nativeLibraryDir (API level 9). On Android > 4.0.3 (maybe even earlier), w/ a split filesystem (internal and SDCARD) the JNI libs maybe stored at a different location than it's data path. ApplicationInfo's nativeLibraryDir properly determines the JNI storage location, hence use it. Prev. code also derived JNI lib path by the launcher's ApplicationInfo's nativeLibraryDir, which might be different than the user package's nativeLibraryDir. This is especially true, since the launcher may not hold any native libraries.
* gluegen: replace Thread name with name of lock file in ↵Harvey Harrison2012-10-161-1/+1
| | | | | | | | | | | | SingletonInstanceFileLock error message The getName() call here is currently calling Thread.getName() inherited by the anonymous inner class. This is ambiguous, and likely meant to call the getName() method of SingletonInstanceFileLock, which would output the lockfile name. In any event, infoPrefix() is already adding the Thread name for us. Signed-off-by: Harvey Harrison <[email protected]>
* SingletonInstanceServerSocket: serverSocket.setReuseAddress(true); // reuse ↵Sven Gothel2012-10-041-0/+1
| | | | same port w/ subsequent instance, i.e. overcome TO state when JVM crashed
* SingletonInstanceServerSocket: Add unit tests; Create new server Thread @ ↵Sven Gothel2012-09-212-18/+18
| | | | start, otherwise we may collide w/ a failed start. Misc: Cleanup / reuse strings.
* SingletonInstanceServerSocket: Add kill @ JVM Shutdown _and_ if normal ↵Sven Gothel2012-09-212-8/+42
| | | | unlock fails ; Added unit tests.
* AWTEDTExecutor: Add convenient "invoke(Object treeLock, boolean wait, ↵Sven Gothel2012-09-101-1/+25
| | | | Runnable r)" to be used directly
* Change/Lower ARM Requierements for GNU/Linux & Android-GNU/Linux ARM: ↵Sven Gothel2012-08-161-6/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ARMv7hf -> ARMv6hf, ARMv7-soft -> ARMv5te/ARMV6 (soft) platform build config files: lib/gluegen-cpptasks-linux-armv7.xml -> lib/gluegen-cpptasks-linux-armv6.xml lib/gluegen-cpptasks-linux-armv7hf.xml -> lib/gluegen-cpptasks-linux-armv6hf.xml properties: isLinuxARMv7 -> isLinuxARMv6 isLinuxARMv7Armel -> isLinuxARMv6Armel isLinuxARMv7Armhf -> isLinuxARMv6Armhf isAndroidARMv7 -> isAndroidARMv6 isAndroidARMv7Armel -> isAndroidARMv6Armel isAndroidARMv7Armhf -> isAndroidARMv6Armhf targets: compiler.cfg.linux.armv7 -> compiler.cfg.linux.armv6 linker.cfg.linux.armv7 -> linker.cfg.linux.armv6 compiler.cfg.linux.armv6: <compilerarg value="-fpic" /> <compilerarg value="-march=armv5te" /> <compilerarg value="-marm" /> <compilerarg value="-mfloat-abi=softfp" /> <linkerarg value="-fpic" /> <linkerarg value="-march=armv5te" /> <linkerarg value="-marm" /> <linkerarg value="-mfloat-abi=softfp" /> <linkerarg value="-nostdlib" /> <linkerarg value="-Bdynamic" /> compiler.cfg.linux.armv6hf: <compilerarg value="-fpic" /> <compilerarg value="-march=armv6" /> <compilerarg value="-marm" /> <compilerarg value="-mfloat-abi=hard" /> <linkerarg value="-fpic" /> <linkerarg value="-march=armv6" /> <linkerarg value="-marm" /> <linkerarg value="-mfloat-abi=hard" /> <linkerarg value="-nostdlib" /> <linkerarg value="-Bdynamic" /> gluegen-cpptasks-android-armv6.xml: <compilerarg value="-fpic" /> <compilerarg value="-march=armv6" /> <compilerarg value="-mfloat-abi=softfp" /> <compilerarg value="-marm" /> <linkerarg value="-march=armv6" /> <linkerarg value="-mfloat-abi=softfp" /> <linkerarg value="-marm" /> <linkerarg value="-nostdlib" /> <linkerarg value="-Bdynamic" />
* Lock Cleanup (API Change)Sven Gothel2012-06-276-17/+64
| | | | | | | | - LockExt -> ThreadLock - clarifying semantics (API Change) - ThreadLock: Remove isOwner(), use isOwner(Thread.currentThread) - adding @Override
* Fix TempFileCache/LauncherTempFileCache (regression commit: ↵v2.0-rc9Sven Gothel2012-06-201-19/+32
| | | | | | | | | | | | | | | | | | | | 1468286bf569a493e4fdb887d5f3732f88c8cec3) 'update' scenario in same JVM instance. TempFileCache/LauncherTempFileCache were using the system property 'jnlp.jogamp.tmp.cache.root', if set. However, in case one JVM launched an old GlueGen (Applet) and then launching a new GlueGen (Applet) w/ a new tmpDir location, the property is still set but the tmpRootDir location does not exist. This patch tolerates this situation and cont. setting a new tmpRootDir. Example: JVM1.GlueGen1 tmpDir: /tmp/, tmpRootDir: /tmp/jogamp.tmp.cache_000000/ JVM1.GlueGen2 tmpDir: /tmp/jogamp_0000/, tmpRootDir: /tmp/jogamp_0000/file_cache/ Misc: - IOUtil: Always use 'jogamp_xxxx' as the sys-temp subfolder for tmpDir - JNILibLoaderBase: Remove unised import - TempJarCache.validateCertificates(): Add OK DEBUG output.
* Fix Platform static initialization interdependencies w/ GlueGen native ↵Sven Gothel2012-06-182-7/+319
| | | | | | | | | | | | library loading Some Platform field declarations and it's static initialization has been delegated to it's new abstract super class PlatformPropsImpl to solve static initialization interdependencies w/ the GlueGen native library loading and it's derived information {@link #getMachineDescription()}, {@link #is32Bit()}, ..<br> This mechanism is preferred in this case to avoid synchronization and locking and allow better performance accessing the mentioned fields/methods.
* Fix Bug 587: Use alternative storage location if platform's temp directory ↵Sven Gothel2012-06-163-9/+8
| | | | | | | | | | | | | | | | | | | | | is mounted w/ noexec ; IOUtil API change! Test whether executable files can be launched in temporary folder by trying to run an empty executable file - if !( WINDOWS | OPENKODE ) TempDir: 1) ${java.io.tmpdir}/jogamp 2) $XDG_CACHE_HOME/jogamp - if !( ANDROID | MACOS | WINDOWS | OPENKODE ) 3) $HOME/.jogamp $XDG_CACHE_HOME defaults to $HOME/.cache - TempFileCache: ${TempDir}/file_cache -> ${java.io.tmpdir}/jogamp/file_cache - LauncherTempFileCache: ${TempDir}/file_cache -> ${java.io.tmpdir}/jogamp/file_cache +++ AndroidUtils*.getTempRoot(): Remove unused AccessControlContext param
* Fix Bug 583: Remove Android compile-time dependencies and exclude Android ↵Sven Gothel2012-06-043-5/+139
| | | | | | | | | | | | | specific classes for non Android platforms. Android specifics are delegated via class AndroidUtils, which uses reflection to call AndroidUtilsImpl if platform is Android. Android code is confined to the packages: jogamp.common.os.android.* jogamp.android.launcher.* and only included when compiled for the Android platform.
* Android AssetDexClassLoader: Disable DEBUG flag.Sven Gothel2012-05-041-1/+1
|
* GlueGenVersionActivity: Add Scroller ..Sven Gothel2012-05-041-1/+5
|
* LauncherUtil: Allow no query in URI and no PKG in querySven Gothel2012-05-041-4/+1
|
* Android: Add the LauncherVersionActivity ..Sven Gothel2012-05-041-0/+92
|
* Android ClassLoaderUtil: Cleanup hack ..Sven Gothel2012-05-041-2/+0
|
* Android Launcher: More verbose ClassLoader*Sven Gothel2012-05-032-4/+30
|
* AndroidLauncher: Add 'MainLauncher'; ClassLoaderUtil adds list of direct ↵Sven Gothel2012-05-034-99/+295
| | | | | | | | | | APKs to add to classpath MainLauncher is capable of launching a traditional static main method from a activity. TODO: - parametrize the APK list (junit, ..) - pass-through the activity instance to be used w/ NEWT AndroidWindow
* StringBuffer -> StringBuilder (Local objects, no concurrency)Sven Gothel2012-04-162-2/+2
|
* ActivityLauncher/LauncherUtil: Clear properties 'onDestroy()'Sven Gothel2012-04-093-12/+29
|
* Platform: Add AWT_AVAILABLE 'knowledge'; RunnableExecutor: Add AWTEDT impl. ↵Sven Gothel2012-03-261-0/+65
| | | | / API doc cleanup; DynamicLibraryBundle: Add getDefaultRunnableExecutor()
* Add 'asset' URLConnection; IOUtil uses URLConnection / incr. effeciency; ↵Sven Gothel2012-03-177-84/+144
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Android ClassLoaderUtil cleanup; - Add 'asset' URLConnection - Please read API doc 'PiggybackURLConnection' and 'AssetURLConnection' - Solves generic resource handling where platform locations may differ, ie ClassLoader lookup on Android in the 'assets/' subfolder. - New Android 'AssetDexClassLoader' uses 'assets/' folder for findResource(..) - aapt.signed (our APK ant task) - uses 'assets/' folder - adds the 'assetsdir' attribute allowing to copy other assets into the APK - IOUtil uses URLConnection / incr. effeciency - using URLConnection on all getResource(..) since URL is connected anyways for validation and URLConnection can be used by caller right away - String getRelativeOf(URL, String) -> URL getRelativeOf(URL, String) - preserves scheme, authority, etc - simple parentOf handling, more efficient - reusing new 'asset' protocol impl. - Android ClassLoaderUtil cleanup; - Use createClassLoader(..) impl for build-in static jogamp and user APKs, which removes code redundancy Tests: New code path, especially 'assets' are covered by new unit tests, no regressions on Linux.
* Android: New ActivityLauncher (jogamp.android-launcher.apk)Sven Gothel2012-03-145-0/+1284
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ActivityLauncher provides delegating Activities, allowing the user to: - daisy chain custom APK classes and native libraries to the classpath - name one custom activity which gets delegated to, the downstream activity Overview: [User:a1] -- (usr-data) --> [Launcher] -> [User:a2] + using [other packages..] [User APK] - The user provided APK [JogAmp APK] - JogAmp APKs [User:a1] - The initial user activity, which starts the [Launcher]. Providing data to [Launcher]: [User:a2], [User APK] Resides in [User APK] [User:a2] - The actual downstream 'real' activity, spoiled w/ full fledged ClassLoader having access to all packages as requested, ie. [User APK], .. Resides in [User APK] [Launcher] - The launcher activity. Gets called by [User:a1]. Creates a new ClassLoader, daisy chainging all requested APKs. Instantiates [User:a2] w/ new ClassLoader. Delegates all calls to [User:a2]. Resides in [JogAmp APK].
* PropertyAccess: Push down 'isPropertyDefined(final String property, final ↵Sven Gothel2012-03-131-0/+4
| | | | | | boolean jnlpAlias)' for trusted properties The method shall be called by the respective Debug specialization, which registers the trusted property prefix.
* SecurityUtil: Generalize cert validation and AccessControlContext query; ↵Sven Gothel2012-03-132-165/+14
| | | | | | | | | | | | | | | | | | PropertyAccess: Fix security code, grant access to common 'trusted' properties - SecurityUtil - Generalize cert validation for JAR and property access - Grant access to common AccessControlContext for 'same' cert - PropertyAccess: - Fix security code: Passing the current AccessControlContext from the caller didn't include priviledges. - Grant access to common 'trusted' properties, which removes the need of passing the AccessControlContext for general properties like 'jnlp.', 'jogamp.' .. - Enable registering 'trusted' properties, when caller's cert is 'same'
* Intro.: PropertyAccess ; Added safe PropertyAccess for JNILibLoaderBase, ↵Sven Gothel2012-03-132-72/+148
| | | | | | | | | | | | | | | | | Platform, IOUtil, .. - Intro.: PropertyAccess - Base class of all Debug impl, reduces redundancies. - jnlpAlias'ed trusted property is queried within local AccessControlContext to avoid 'JRE' implementation differences (should not be required). - throw NPE and IllegalArgumentException for invalid property key - Added safe PropertyAccess - JNILibLoaderBase: sun.jnlp.applet.launcher - Platform: jogamp.gluegen.UseTempJarCache - IOUtil: java.io.tmpdir