aboutsummaryrefslogtreecommitdiffstats
path: root/src/java
Commit message (Collapse)AuthorAgeFilesLines
* Security: Tighten DynamicLinker*, NativeLibrary and DynamicLibraryBundle ↵Sven Gothel2013-06-219-108/+190
| | | | | | | | | | | | | | | | | | | | | | access (2) - Completes 23341a2df2d2ea36784a16fa1db8bc7385351a12 - Replace 'DynamicLinker' interface w/ well documented one - All DynamicLinker methods are now considered secure, i.e.: - open/lookup and close utilize reference counting on handle via a hash map. - lookupSymbol(..) and close(..) impl. validate the passed library handle whether it's retrieved via open*. This is the fast path, not that expensive. - lookupSymbolGlobal(..) performs Check acccess of 'new RuntimePermission("loadLibrary.*")' if SecurityManager is installed. This is the slow path. - DynamicLibraryBundleInfo now reflects the security requirements, i.e. whether priviledged access is needed.
* Fix regression of f69831574d4927d03d40c330d0b047d8c89622a4: Use ↵Sven Gothel2013-06-211-3/+5
| | | | getDeclaredField() and setAccessible(true) due to package private handle fields.
* ProcAddressTable: Make all handles package private, use local ↵Sven Gothel2013-06-203-38/+85
| | | | | | | | PROCADDRESS_VAR_PREFIX instance, add checkAllPermissions() for reset() and initEntry(..) - Generated ProcAddressTable's function handles are all package private - Generated ProcAddressTable's visibility can be set via 'AccessControl' config, default: public. - ProcAddressTable's reset() and initEntry(..) perform checkAllPermissions() 1st.
* DynamicLookupHelper: Add secure isFunctionAvailable(..); NativeLibrary: Add ↵Sven Gothel2013-06-203-11/+65
| | | | TODO comments, re protected lookup functions.
* DynamicLinker*: Proper Override notationSven Gothel2013-06-204-3/+15
|
* Security: Gluegen generated native methods w/ 'pass through function ↵Sven Gothel2013-06-201-15/+37
| | | | pointer' _must_ be private!
* Security: Tighten DynamicLinker*, NativeLibrary and DynamicLibraryBundle access.Sven Gothel2013-06-206-136/+207
|
* Fix Bug 757: Regression of URL to URI conversion (Encoded path not ↵Sven Gothel2013-06-195-65/+157
| | | | | | | | | | | | | | | | | | | | | | | | compatible w/ file scheme. Regression of (Bug 683, Commit b98825eb7cfb61aead4a7dff57471cd2d2c26823). The URI encoded path cannot be read by File I/O (if file scheme), since the latter requests an UTF8/16 name, not an URI encoded name (i.e. %20 for space). The encoded URL is produced if calling 'uri.toURL()' and hence the new 'IOUtil.toURL(URI)' provides a custom conversion recovering the UTF name via 'new File(uri).getPath()'. Tested w/ - synthetic URI/URL coposition (unit test) - manual w/ moving 'build' to 'build öä lala' for gluegen, joal and jogl. +++ Misc.: - 'URI JarUtil.getURIDirname(URI)' -> 'URI IOUtil.getDirname(URI)' ++
* Refine 4feb65517ae4a4e2b9b04cdfc4b85582cb8b9784: Handle verbose error cases ↵Sven Gothel2013-06-181-26/+31
| | | | post catch block, i.e. exception (if occured) and dlerror value.
* Robostness: Catch Throwables on NativeLibrary.open(..) and be verbose in ↵Sven Gothel2013-06-184-7/+29
| | | | DEBUG mode ; DynamicLinker: Add 'String getLastError()'.
* Fix DynamicLinker Impl: Add Bionic specialization using Bionic's non POSIX ↵Sven Gothel2013-06-165-59/+90
| | | | | | | | | | | | | | | values; Using same pattern for Mac OS X. Add Bionic specialization using Bionic's non POSIX values - derive from UnixDynamicLinkerImpl - specify own flag and mode values - use UnixDynamicLinkerImpl native code Using same pattern for Mac OS X - derive from UnixDynamicLinkerImpl - specify own flag and mode values - use UnixDynamicLinkerImpl native code - drop MacOSXDynamicLinkerImpl native code
* Fix CStruct APT File Location - Threw FileNotFoundException w/ Java7Sven Gothel2013-06-151-32/+38
|
* GlueGen (Compile Time): Add 'CStruct' Annotation Processor (APT) to ↵Sven Gothel2013-06-145-7/+317
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 'gluegen' C Structs on-the-fly (2-pass actually). Convenient annotation processing (APT) hooked to 'javac' (1.6) via gluegen.jar META-INF service provider 'javax.annotation.processing.Processor' -> 'com.jogamp.gluegen.structgen.CStructAnnotationProcessor'. Am implicit APT / JAVAC would be possible, however - to have a proper process the unit test utilizes an explicit 2 pass run: <!-- Annotation Processor Only - First --> <javac destdir="${build_t.java}"> <classpath refid="junit.compile.classpath"/> <compilerarg value="-proc:only"/> <compilerarg value="-J-Djogamp.gluegen.structgen.debug"/> <compilerarg value="-J-Djogamp.gluegen.structgen.output=${build_t.gen}/classes"/> <src path="${test.base.dir}/com/jogamp/gluegen/test/junit/structgen"/> </javac> <!-- Javac Only - Second --> <javac destdir="${build_t.java}"> <classpath refid="junit.compile.classpath"/> <compilerarg value="-proc:none"/> <src path="${test.base.dir}"/> <src path="${build_t.gen}" /> </javac> Original code from Michael Bien's 'superglue' git://github.com/mbien/superglue.git, finally merged to GlueGen (as once intended). Note: The APT javac pass requires to use 'gluegen.jar' instead of 'gluegen-rt.jar' ! The 2-pass process also alows using the runtime gluegen-rt.jar and hence ensures clean namespace check at compilation.
* Fix Bug 749: Add Support for Solaris SPARC 32bitBritta Eckhardt2013-06-132-19/+30
|
* Bug 752: Review Code Vulnerabilities (Permission Checks of new exposed code ↵Sven Gothel2013-06-1112-224/+263
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | and privileged access) This review focuses on how we perform permission checks, or better - do we circumvent some assuming full privileges ? Some native methods do need extra permission validation, i.e. loading native libraries. Further more AccessController.doPrivileged(..) shall not cover generic code exposing a critical feature to the user. Further more .. we should rely on the SecuritManager, i.e. AccessControlContext's 'checkPermission(Permission)' code to comply w/ fine grained permission access. It is also possible to have full permission w/o having any certificates (-> policy file). +++ We remove implicit AccessController.doPrivileged(..) from within our trusted code for generic methods, like Property access, temp. files. +++ SecurityUtil: - Remove 'getCommonAccessControlContext(Class<?> clz)', which returned a local AccessControlContext for later restriction if the passed class contains all certificates as the 'trusted' GlueGen class has. - Simply expose convenient permission check methods relying on SecurityManager / AccessControlContext. PropertyAccess: - 'protected static void addTrustedPrefix(..)' requires AllPermissions if SecurityManager is installed. - Remove implicit doPrivileged(..) triggered by passed AccessControlContext instance, only leave it for trusted prefixes. IOUtil: - Remove all doPrivileged(..) - Elevation shall be performed by caller. DynamicLinker: - 'public long openLibraryLocal(..)' and 'public long openLibraryGlobal(..)' may throw SecurityException, if a SecurityManager is installed and the dyn. link permission is not granted in the calling code. Implemented in their respective Unix, OSX and Windows manifestation. Caller has to elevate privileges via 'doPrivileged(..) {}' ! +++ Tests: - Property access - File access - Native library loading Manual Applet test (unsigned, but w/ SecurityManager and policy file): > gluegen/test/applet Applet has been tested w/ signed JAR w/ Firefox and Java7 on GNU/Linux as well. Manual Application test (unsigned, but w/ SecurityManager and policy file): com.jogamp.junit.sec.TestSecIOUtil01 - Run w/ SecurityManager and policy file: - gluegen/scripts/runtest-secmgr.sh - Run w/o SecurityManager: - gluegen/scripts/runtest.sh
* Fix Bug 683 part1b: Add IOUtil.getRelativeOf(URL, ..), wrapper for URI for ↵Sven Gothel2013-06-091-0/+12
| | | | convenience (JOGL ShaderCode) and bwd. compatibility
* Bug 747: AndroidVersion: HashMap -> IntObjectHashMapSven Gothel2013-06-091-7/+6
|
* Fix Bug 683 part1: IOUtil, JarUtil, TempJarCache, .. uses URI instead of URL ↵Sven Gothel2013-06-097-313/+350
| | | | to remove DNS Lookups etc ..
* Enhance VersionNumber*: Use only RegExp and cache default (no wrapped ↵Sven Gothel2013-05-313-30/+193
| | | | whitespace tokenizer); String match: Store end-of-match and flag defined components.
* RecursiveThreadGroupLockImpl01Unfairish: Fix DEBUG outputSven Gothel2013-05-051-3/+4
|
* Buffers: getRemainingBytes(Object) -> remainingBytes(Object); ↵Sven Gothel2013-04-291-60/+60
| | | | | | | | | | | | sizeOfBufferElem(Buffer) -> sizeOfBufferElem(Object) to include NativeBuffer<?> Misc: - Add remainingElem(Object buffer). - Removed 'sizeOfBufferType(Class<?> bufferType)', since we don't use such calling convention w/ class type Note: remainingBytes(..) exist to allow using only one branch traversal to return the remaining size in bytes instead of 2, remaining(obj) and sizeOfBufferElem(obj). Note: The methods can take NativeBuffer<?> as an argument.
* Buffers: Add 'sizeOfBufferType(Class<?> bufferType)'Sven Gothel2013-04-271-1/+24
|
* Buffers: Expose 'getRemainingBytes(Object buffer)'Sven Gothel2013-04-272-6/+31
|
* VersionNumber*: Add static final 'zeroVersion' for convenience and identity.Sven Gothel2013-04-262-1/+8
|
* VersionNumber: Add API doc, use final int values, remove protected 'nop' ↵Sven Gothel2013-04-162-21/+94
| | | | ctor; Add VersionNumberString [extends VersionNumber] which additionally holds the orig. string value.
* Fix Bug 715: Don't modify 'carray' pointer returned from ↵Sven Gothel2013-04-131-5/+15
| | | | | | | | | | | | | | | GetPrimitiveArrayCritical(..) The 'carray' pointer returned from GetPrimitiveArrayCritical(..) was moved about the array offset and used in ReleasePrimitiveArrayCritical(..) to release the pinpointed memory. Even though this 'is' a bug by violating the _sparse_ specification, Hotspot impl. doesn't use the value at all (NOP) and hence this code didn't produce an error since .. (Same w/ Dalvik). Now the array offset is added while passing the carray pointer to the native function call and hence is no more modified and the orig. value is passed to ReleasePrimitiveArrayCritical(..). Tested w/ GlueGen unit tests and all JOGL unit tests (on Linux x64 w/ 'a' hotspot VM).
* IntBitfield: Add bit-count, O(1) per int-element, using HAKEM.Sven Gothel2013-04-111-0/+26
|
* Merge remote-tracking branch 'hharrison/master'Sven Gothel2013-04-1116-0/+0
|\
| * gluegen: remove executable bit from java and c source filesHarvey Harrison2013-04-0916-0/+0
| | | | | | | | Signed-off-by: Harvey Harrison <[email protected]>
* | IntBitfield: Add optimization path w/ int bitCount bitfield range. Replace ↵Sven Gothel2013-04-112-12/+61
|/ | | | '* 32' -> '<< 5', same for division.
* gluegen: use enhanced for-loops in ArrayHashSetHarvey Harrison2013-04-031-10/+9
| | | | | | | | | | | | Fixes an infinite loop in addAll due to the following line: mod = mod || add(iter.next()) ; After the first successful add, mod will be true and thereafter iter.next will never be called again, due to || shortcutting. the loop will then run forever as any further elements will never be taken from the iterator, so hasNext will always be true. Signed-off-by: Harvey Harrison <[email protected]>
* gluegen: use explicit ArrayList constructor to avoid @SuppressWarnings and ↵Harvey Harrison2013-04-031-4/+2
| | | | | | | | | clone() ArrayList.clone does _not_ make a shallow copy, a new internal array is allocated. As such, there is nearly no benefit to using clone(). Signed-off-by: Harvey Harrison <[email protected]>
* ArrayHashSet: Add ctor w/ initialCapacity and (initialCapacity, loadFactor)Sven Gothel2013-04-011-4/+24
|
* VersionUtil: add getManifest(.., String[] extensions) variant, allowing ↵Sven Gothel2013-03-281-5/+30
| | | | detection of multiple ordered extensions
* Revert version.timestamp to yyyyMMdd only, i.e. w/o HHmmSven Gothel2013-03-281-2/+2
| | | | | Changes in hour/minute is not only overkill, but may confuse our aggregation scripts, which compare versions. Out nodes time daemon may not be in synchronized that well.
* Bug 588: Adding jogamp.version property, i.e. 2.0.2-rc-<TIMESTAMP> used for ↵Sven Gothel2013-03-281-0/+25
| | | | | | | | | | | | Manifest ; Common jogamp_int_version for Android. Until 2.0.2 gets released, the version string is 2.0.2-rc-<TIMESTAMP> and used in the Manifest for IMPLEMENTATION_VERSION. The previous build version name of IMPLEMENTATION_VERSION goes into the new tag IMPLEMENTATION_BUILD. Further more, we use a common jogamp_int_version for Android, to make life more easy.
* Fix intptr_t*, uintptr_t*, ptrdiff_t* and size_t* mapping, map them to ↵Sven Gothel2013-03-202-4/+11
| | | | | | PointerBuffer, since referenced memory-size is arch dependent Added extensive PointerBuffer unit tests w/ new mapping in generated test class.
* Fix RecursiveLockImpl* corner case: Timeout reached but lock released -> ↵Sven Gothel2013-03-182-16/+20
| | | | | | Assume Lock If timeout has been reached but the lock has been released, the lock has to be assumed.
* Function- RunnableTask: Clear runnableException @ start for re-entry; Fix ↵Sven Gothel2013-03-183-11/+39
| | | | tExecuted (@ exception); Add debug property 'jogamp.debug.TaskBase.TraceSource', to dump ctor stack trace @ exception.
* Function- RunnableTask: Add PrintStream 'exceptionOut' argument allowing non ↵Sven Gothel2013-03-184-19/+45
| | | | | | | blocking exceptions to be shown. Exceptions occuring on non blocking off-thread tasks shall at least be made visible while not allowed to crash the system.
* Fix Long*HashMap impl. of IntIntHashMap: Better 64bit hash value, using new ↵Sven Gothel2013-03-122-12/+79
| | | | | | HashUtil. Introduce markup: /*keyHash*/(.*)/*keyHash*/ allowing Long*HashMap to inject hash function for 64bit value.
* Promote AWTEDTExecutor to public package com.jogamp.common.util.awt ; ↵Sven Gothel2013-02-282-2/+2
| | | | Exclude java.part.awt in android gluegen-rt.
* Minor edits to JarUtil.Resolver functionality: Exception types, avoiding ↵Sven Gothel2013-02-211-21/+40
| | | | duplicate processing of strings etc.
* Merge remote-tracking branch 'wwalker/bug_687_jar_resolver'Sven Gothel2013-02-211-1/+45
|\
| * Add security checks to resolver methods.Wade Walker2013-02-171-4/+26
| |
| * Make JarUtil work with custom classloadersWade Walker2013-02-111-1/+23
| | | | | | | | | | | | | | | | Added the ability for users to set a "resolver" in JarUtil that lets it find resources that are loaded by a custom classloader. This is needed in OSGi apps (like Eclipse RCP apps), since OSGi resources do not have simple jar: URLs (they use a custom protocol called bundleresource:).
* | Fix FunctionTask's run()/eval(..) return value assignment: Ensure it's done ↵Sven Gothel2013-02-143-34/+38
| | | | | | | | | | | | before syncObject.notifyAll() ; Make methods final Fixes commit b387d012103a02eb7d5eb919306583295ef09a38.
* | Adding Function and FunctionTask extending RunnableTask functionalitySven Gothel2013-02-134-118/+379
|/ | | | | Function allows passing arguments and having a return value in contrast to Runnable, where FunctionTask allows a Function to be invoked and waited for.
* Bug 681: Add Elf Parsing for other OS than Linux, if ARM and !ANDROID using ↵Sven Gothel2013-02-092-48/+123
| | | | | | | | /proc/self/exe (Linux) or a found java/jvm native lib. - PlatformPropsImpl.queryABITypeImpl: Check Elf Header for ARM + !ANDROID (i.e. add other OS than Linux, use native java/jmv lib) - NativeLibrary.enumerateLibraryPaths: Add 'sun.boot.library.path' to enumeration! - TestElfReader01: Add test for finding java/jvm native lib and parse it
* Bug 681: Use ELF Header + ARM EABI Section Parsing in PlatformPropsImpl to ↵Sven Gothel2013-02-082-22/+133
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | to distinguish ARM soft-float/hard-float (part-2) + /** + * Returns the {@link ABIType} of the current platform using given {@link CPUType cpuType} + * and {@link OSType osType} as a hint. + * <p> + * Note the following queries are performed: + * <ul> + * <li> not {@link CPUFamily#ARM} -> {@link ABIType#GENERIC_ABI} </li> + * <li> else + * <ul> + * <li> not {@link OSType#LINUX} -> {@link ABIType#EABI_GNU_ARMEL} </li> + * <li> else + * <ul> + * <li> Elf ARM Tags -> {@link ABIType#EABI_GNU_ARMEL}, {@link ABIType#EABI_GNU_ARMHF} </li> + * </ul></li> + * </ul></li> + * </ul> + * </p> + * <p> + * Elf ARM Tags are read using {@link ElfHeader}, .. and {@link SectionArmAttributes#abiVFPArgsAcceptsVFPVariant(byte)}. + * </p> + * + * @param cpuType + * @param osType + * @return + */ + private static final ABIType queryABITypeImpl(CPUType cpuType, OSType osType) {