Merge pull request #11898 from rmuir/lockdown
steps to remove dangerous security permissions
This commit is contained in:
commit
55c33b29f6
11
core/pom.xml
11
core/pom.xml
|
@ -220,6 +220,14 @@
|
|||
<optional>true</optional>
|
||||
</dependency>
|
||||
|
||||
<!-- remove this for java 8 -->
|
||||
<dependency>
|
||||
<groupId>com.twitter</groupId>
|
||||
<artifactId>jsr166e</artifactId>
|
||||
<version>1.1.0</version>
|
||||
</dependency>
|
||||
|
||||
|
||||
<!-- We don't use this since the publish pom is then messed up -->
|
||||
<!--
|
||||
<dependency>
|
||||
|
@ -409,7 +417,7 @@
|
|||
<shadedPattern>org.elasticsearch.common.hppc</shadedPattern>
|
||||
</relocation>
|
||||
<relocation>
|
||||
<pattern>jsr166e</pattern>
|
||||
<pattern>com.twitter.jsr166e</pattern>
|
||||
<shadedPattern>org.elasticsearch.common.util.concurrent.jsr166e</shadedPattern>
|
||||
</relocation>
|
||||
<relocation>
|
||||
|
@ -1058,7 +1066,6 @@
|
|||
<artifactId>jacoco-maven-plugin</artifactId>
|
||||
<configuration>
|
||||
<excludes>
|
||||
<exclude>jsr166e/**</exclude>
|
||||
<exclude>org/apache/lucene/**</exclude>
|
||||
</excludes>
|
||||
</configuration>
|
||||
|
|
|
@ -25,6 +25,7 @@
|
|||
<include>com.tdunning:t-digest</include>
|
||||
<include>org.apache.commons:commons-lang3</include>
|
||||
<include>commons-cli:commons-cli</include>
|
||||
<include>com.twitter:jsr166e</include>
|
||||
</includes>
|
||||
</dependencySet>
|
||||
<dependencySet>
|
||||
|
|
|
@ -1,198 +0,0 @@
|
|||
/*
|
||||
* Written by Doug Lea with assistance from members of JCP JSR-166
|
||||
* Expert Group and released to the public domain, as explained at
|
||||
* http://creativecommons.org/publicdomain/zero/1.0/
|
||||
*/
|
||||
|
||||
package jsr166e;
|
||||
import java.io.Serializable;
|
||||
|
||||
/**
|
||||
* One or more variables that together maintain an initially zero
|
||||
* {@code double} sum. When updates (method {@link #add}) are
|
||||
* contended across threads, the set of variables may grow dynamically
|
||||
* to reduce contention. Method {@link #sum} (or, equivalently {@link
|
||||
* #doubleValue}) returns the current total combined across the
|
||||
* variables maintaining the sum.
|
||||
*
|
||||
* <p>This class extends {@link Number}, but does <em>not</em> define
|
||||
* methods such as {@code equals}, {@code hashCode} and {@code
|
||||
* compareTo} because instances are expected to be mutated, and so are
|
||||
* not useful as collection keys.
|
||||
*
|
||||
* <p><em>jsr166e note: This class is targeted to be placed in
|
||||
* java.util.concurrent.atomic.</em>
|
||||
*
|
||||
* @since 1.8
|
||||
* @author Doug Lea
|
||||
*/
|
||||
public class DoubleAdder extends Striped64 implements Serializable {
|
||||
private static final long serialVersionUID = 7249069246863182397L;
|
||||
|
||||
/**
|
||||
* Update function. Note that we must use "long" for underlying
|
||||
* representations, because there is no compareAndSet for double,
|
||||
* due to the fact that the bitwise equals used in any CAS
|
||||
* implementation is not the same as double-precision equals.
|
||||
* However, we use CAS only to detect and alleviate contention,
|
||||
* for which bitwise equals works best anyway. In principle, the
|
||||
* long/double conversions used here should be essentially free on
|
||||
* most platforms since they just re-interpret bits.
|
||||
*
|
||||
* Similar conversions are used in other methods.
|
||||
*/
|
||||
final long fn(long v, long x) {
|
||||
return Double.doubleToRawLongBits
|
||||
(Double.longBitsToDouble(v) +
|
||||
Double.longBitsToDouble(x));
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a new adder with initial sum of zero.
|
||||
*/
|
||||
public DoubleAdder() {
|
||||
}
|
||||
|
||||
/**
|
||||
* Adds the given value.
|
||||
*
|
||||
* @param x the value to add
|
||||
*/
|
||||
public void add(double x) {
|
||||
Cell[] as; long b, v; HashCode hc; Cell a; int n;
|
||||
if ((as = cells) != null ||
|
||||
!casBase(b = base,
|
||||
Double.doubleToRawLongBits
|
||||
(Double.longBitsToDouble(b) + x))) {
|
||||
boolean uncontended = true;
|
||||
int h = (hc = threadHashCode.get()).code;
|
||||
if (as == null || (n = as.length) < 1 ||
|
||||
(a = as[(n - 1) & h]) == null ||
|
||||
!(uncontended = a.cas(v = a.value,
|
||||
Double.doubleToRawLongBits
|
||||
(Double.longBitsToDouble(v) + x))))
|
||||
retryUpdate(Double.doubleToRawLongBits(x), hc, uncontended);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the current sum. The returned value is <em>NOT</em> an
|
||||
* atomic snapshot; invocation in the absence of concurrent
|
||||
* updates returns an accurate result, but concurrent updates that
|
||||
* occur while the sum is being calculated might not be
|
||||
* incorporated. Also, because floating-point arithmetic is not
|
||||
* strictly associative, the returned result need not be identical
|
||||
* to the value that would be obtained in a sequential series of
|
||||
* updates to a single variable.
|
||||
*
|
||||
* @return the sum
|
||||
*/
|
||||
public double sum() {
|
||||
Cell[] as = cells;
|
||||
double sum = Double.longBitsToDouble(base);
|
||||
if (as != null) {
|
||||
int n = as.length;
|
||||
for (int i = 0; i < n; ++i) {
|
||||
Cell a = as[i];
|
||||
if (a != null)
|
||||
sum += Double.longBitsToDouble(a.value);
|
||||
}
|
||||
}
|
||||
return sum;
|
||||
}
|
||||
|
||||
/**
|
||||
* Resets variables maintaining the sum to zero. This method may
|
||||
* be a useful alternative to creating a new adder, but is only
|
||||
* effective if there are no concurrent updates. Because this
|
||||
* method is intrinsically racy, it should only be used when it is
|
||||
* known that no threads are concurrently updating.
|
||||
*/
|
||||
public void reset() {
|
||||
internalReset(0L);
|
||||
}
|
||||
|
||||
/**
|
||||
* Equivalent in effect to {@link #sum} followed by {@link
|
||||
* #reset}. This method may apply for example during quiescent
|
||||
* points between multithreaded computations. If there are
|
||||
* updates concurrent with this method, the returned value is
|
||||
* <em>not</em> guaranteed to be the final value occurring before
|
||||
* the reset.
|
||||
*
|
||||
* @return the sum
|
||||
*/
|
||||
public double sumThenReset() {
|
||||
Cell[] as = cells;
|
||||
double sum = Double.longBitsToDouble(base);
|
||||
base = 0L;
|
||||
if (as != null) {
|
||||
int n = as.length;
|
||||
for (int i = 0; i < n; ++i) {
|
||||
Cell a = as[i];
|
||||
if (a != null) {
|
||||
long v = a.value;
|
||||
a.value = 0L;
|
||||
sum += Double.longBitsToDouble(v);
|
||||
}
|
||||
}
|
||||
}
|
||||
return sum;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the String representation of the {@link #sum}.
|
||||
* @return the String representation of the {@link #sum}
|
||||
*/
|
||||
public String toString() {
|
||||
return Double.toString(sum());
|
||||
}
|
||||
|
||||
/**
|
||||
* Equivalent to {@link #sum}.
|
||||
*
|
||||
* @return the sum
|
||||
*/
|
||||
public double doubleValue() {
|
||||
return sum();
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the {@link #sum} as a {@code long} after a
|
||||
* narrowing primitive conversion.
|
||||
*/
|
||||
public long longValue() {
|
||||
return (long)sum();
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the {@link #sum} as an {@code int} after a
|
||||
* narrowing primitive conversion.
|
||||
*/
|
||||
public int intValue() {
|
||||
return (int)sum();
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the {@link #sum} as a {@code float}
|
||||
* after a narrowing primitive conversion.
|
||||
*/
|
||||
public float floatValue() {
|
||||
return (float)sum();
|
||||
}
|
||||
|
||||
private void writeObject(java.io.ObjectOutputStream s)
|
||||
throws java.io.IOException {
|
||||
s.defaultWriteObject();
|
||||
s.writeDouble(sum());
|
||||
}
|
||||
|
||||
private void readObject(java.io.ObjectInputStream s)
|
||||
throws java.io.IOException, ClassNotFoundException {
|
||||
s.defaultReadObject();
|
||||
busy = 0;
|
||||
cells = null;
|
||||
base = Double.doubleToRawLongBits(s.readDouble());
|
||||
}
|
||||
|
||||
}
|
|
@ -1,193 +0,0 @@
|
|||
/*
|
||||
* Written by Doug Lea with assistance from members of JCP JSR-166
|
||||
* Expert Group and released to the public domain, as explained at
|
||||
* http://creativecommons.org/publicdomain/zero/1.0/
|
||||
*/
|
||||
|
||||
package jsr166e;
|
||||
import java.io.Serializable;
|
||||
|
||||
/**
|
||||
* One or more variables that together maintain a running {@code double}
|
||||
* maximum with initial value {@code Double.NEGATIVE_INFINITY}. When
|
||||
* updates (method {@link #update}) are contended across threads, the
|
||||
* set of variables may grow dynamically to reduce contention. Method
|
||||
* {@link #max} (or, equivalently, {@link #doubleValue}) returns the
|
||||
* current maximum across the variables maintaining updates.
|
||||
*
|
||||
* <p>This class extends {@link Number}, but does <em>not</em> define
|
||||
* methods such as {@code equals}, {@code hashCode} and {@code
|
||||
* compareTo} because instances are expected to be mutated, and so are
|
||||
* not useful as collection keys.
|
||||
*
|
||||
* <p><em>jsr166e note: This class is targeted to be placed in
|
||||
* java.util.concurrent.atomic.</em>
|
||||
*
|
||||
* @since 1.8
|
||||
* @author Doug Lea
|
||||
*/
|
||||
public class DoubleMaxUpdater extends Striped64 implements Serializable {
|
||||
private static final long serialVersionUID = 7249069246863182397L;
|
||||
/**
|
||||
* Long representation of negative infinity. See class Double
|
||||
* internal documentation for explanation.
|
||||
*/
|
||||
private static final long MIN_AS_LONG = 0xfff0000000000000L;
|
||||
|
||||
/**
|
||||
* Update function. See class DoubleAdder for rationale
|
||||
* for using conversions from/to long.
|
||||
*/
|
||||
final long fn(long v, long x) {
|
||||
return Double.longBitsToDouble(v) > Double.longBitsToDouble(x) ? v : x;
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a new instance with initial value of {@code
|
||||
* Double.NEGATIVE_INFINITY}.
|
||||
*/
|
||||
public DoubleMaxUpdater() {
|
||||
base = MIN_AS_LONG;
|
||||
}
|
||||
|
||||
/**
|
||||
* Updates the maximum to be at least the given value.
|
||||
*
|
||||
* @param x the value to update
|
||||
*/
|
||||
public void update(double x) {
|
||||
long lx = Double.doubleToRawLongBits(x);
|
||||
Cell[] as; long b, v; HashCode hc; Cell a; int n;
|
||||
if ((as = cells) != null ||
|
||||
(Double.longBitsToDouble(b = base) < x && !casBase(b, lx))) {
|
||||
boolean uncontended = true;
|
||||
int h = (hc = threadHashCode.get()).code;
|
||||
if (as == null || (n = as.length) < 1 ||
|
||||
(a = as[(n - 1) & h]) == null ||
|
||||
(Double.longBitsToDouble(v = a.value) < x &&
|
||||
!(uncontended = a.cas(v, lx))))
|
||||
retryUpdate(lx, hc, uncontended);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the current maximum. The returned value is
|
||||
* <em>NOT</em> an atomic snapshot; invocation in the absence of
|
||||
* concurrent updates returns an accurate result, but concurrent
|
||||
* updates that occur while the value is being calculated might
|
||||
* not be incorporated.
|
||||
*
|
||||
* @return the maximum
|
||||
*/
|
||||
public double max() {
|
||||
Cell[] as = cells;
|
||||
double max = Double.longBitsToDouble(base);
|
||||
if (as != null) {
|
||||
int n = as.length;
|
||||
double v;
|
||||
for (int i = 0; i < n; ++i) {
|
||||
Cell a = as[i];
|
||||
if (a != null && (v = Double.longBitsToDouble(a.value)) > max)
|
||||
max = v;
|
||||
}
|
||||
}
|
||||
return max;
|
||||
}
|
||||
|
||||
/**
|
||||
* Resets variables maintaining updates to {@code
|
||||
* Double.NEGATIVE_INFINITY}. This method may be a useful
|
||||
* alternative to creating a new updater, but is only effective if
|
||||
* there are no concurrent updates. Because this method is
|
||||
* intrinsically racy, it should only be used when it is known
|
||||
* that no threads are concurrently updating.
|
||||
*/
|
||||
public void reset() {
|
||||
internalReset(MIN_AS_LONG);
|
||||
}
|
||||
|
||||
/**
|
||||
* Equivalent in effect to {@link #max} followed by {@link
|
||||
* #reset}. This method may apply for example during quiescent
|
||||
* points between multithreaded computations. If there are
|
||||
* updates concurrent with this method, the returned value is
|
||||
* <em>not</em> guaranteed to be the final value occurring before
|
||||
* the reset.
|
||||
*
|
||||
* @return the maximum
|
||||
*/
|
||||
public double maxThenReset() {
|
||||
Cell[] as = cells;
|
||||
double max = Double.longBitsToDouble(base);
|
||||
base = MIN_AS_LONG;
|
||||
if (as != null) {
|
||||
int n = as.length;
|
||||
for (int i = 0; i < n; ++i) {
|
||||
Cell a = as[i];
|
||||
if (a != null) {
|
||||
double v = Double.longBitsToDouble(a.value);
|
||||
a.value = MIN_AS_LONG;
|
||||
if (v > max)
|
||||
max = v;
|
||||
}
|
||||
}
|
||||
}
|
||||
return max;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the String representation of the {@link #max}.
|
||||
* @return the String representation of the {@link #max}
|
||||
*/
|
||||
public String toString() {
|
||||
return Double.toString(max());
|
||||
}
|
||||
|
||||
/**
|
||||
* Equivalent to {@link #max}.
|
||||
*
|
||||
* @return the max
|
||||
*/
|
||||
public double doubleValue() {
|
||||
return max();
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the {@link #max} as a {@code long} after a
|
||||
* narrowing primitive conversion.
|
||||
*/
|
||||
public long longValue() {
|
||||
return (long)max();
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the {@link #max} as an {@code int} after a
|
||||
* narrowing primitive conversion.
|
||||
*/
|
||||
public int intValue() {
|
||||
return (int)max();
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the {@link #max} as a {@code float}
|
||||
* after a narrowing primitive conversion.
|
||||
*/
|
||||
public float floatValue() {
|
||||
return (float)max();
|
||||
}
|
||||
|
||||
private void writeObject(java.io.ObjectOutputStream s)
|
||||
throws java.io.IOException {
|
||||
s.defaultWriteObject();
|
||||
s.writeDouble(max());
|
||||
}
|
||||
|
||||
private void readObject(java.io.ObjectInputStream s)
|
||||
throws java.io.IOException, ClassNotFoundException {
|
||||
s.defaultReadObject();
|
||||
busy = 0;
|
||||
cells = null;
|
||||
base = Double.doubleToRawLongBits(s.readDouble());
|
||||
}
|
||||
|
||||
}
|
|
@ -1,199 +0,0 @@
|
|||
/*
|
||||
* Written by Doug Lea with assistance from members of JCP JSR-166
|
||||
* Expert Group and released to the public domain, as explained at
|
||||
* http://creativecommons.org/publicdomain/zero/1.0/
|
||||
*/
|
||||
|
||||
package jsr166e;
|
||||
import java.util.concurrent.atomic.AtomicLong;
|
||||
import java.io.Serializable;
|
||||
|
||||
/**
|
||||
* One or more variables that together maintain an initially zero
|
||||
* {@code long} sum. When updates (method {@link #add}) are contended
|
||||
* across threads, the set of variables may grow dynamically to reduce
|
||||
* contention. Method {@link #sum} (or, equivalently, {@link
|
||||
* #longValue}) returns the current total combined across the
|
||||
* variables maintaining the sum.
|
||||
*
|
||||
* <p>This class is usually preferable to {@link AtomicLong} when
|
||||
* multiple threads update a common sum that is used for purposes such
|
||||
* as collecting statistics, not for fine-grained synchronization
|
||||
* control. Under low update contention, the two classes have similar
|
||||
* characteristics. But under high contention, expected throughput of
|
||||
* this class is significantly higher, at the expense of higher space
|
||||
* consumption.
|
||||
*
|
||||
* <p>This class extends {@link Number}, but does <em>not</em> define
|
||||
* methods such as {@code equals}, {@code hashCode} and {@code
|
||||
* compareTo} because instances are expected to be mutated, and so are
|
||||
* not useful as collection keys.
|
||||
*
|
||||
* <p><em>jsr166e note: This class is targeted to be placed in
|
||||
* java.util.concurrent.atomic.</em>
|
||||
*
|
||||
* @since 1.8
|
||||
* @author Doug Lea
|
||||
*/
|
||||
public class LongAdder extends Striped64 implements Serializable {
|
||||
private static final long serialVersionUID = 7249069246863182397L;
|
||||
|
||||
/**
|
||||
* Version of plus for use in retryUpdate
|
||||
*/
|
||||
final long fn(long v, long x) { return v + x; }
|
||||
|
||||
/**
|
||||
* Creates a new adder with initial sum of zero.
|
||||
*/
|
||||
public LongAdder() {
|
||||
}
|
||||
|
||||
/**
|
||||
* Adds the given value.
|
||||
*
|
||||
* @param x the value to add
|
||||
*/
|
||||
public void add(long x) {
|
||||
Cell[] as; long b, v; HashCode hc; Cell a; int n;
|
||||
if ((as = cells) != null || !casBase(b = base, b + x)) {
|
||||
boolean uncontended = true;
|
||||
int h = (hc = threadHashCode.get()).code;
|
||||
if (as == null || (n = as.length) < 1 ||
|
||||
(a = as[(n - 1) & h]) == null ||
|
||||
!(uncontended = a.cas(v = a.value, v + x)))
|
||||
retryUpdate(x, hc, uncontended);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Equivalent to {@code add(1)}.
|
||||
*/
|
||||
public void increment() {
|
||||
add(1L);
|
||||
}
|
||||
|
||||
/**
|
||||
* Equivalent to {@code add(-1)}.
|
||||
*/
|
||||
public void decrement() {
|
||||
add(-1L);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the current sum. The returned value is <em>NOT</em> an
|
||||
* atomic snapshot; invocation in the absence of concurrent
|
||||
* updates returns an accurate result, but concurrent updates that
|
||||
* occur while the sum is being calculated might not be
|
||||
* incorporated.
|
||||
*
|
||||
* @return the sum
|
||||
*/
|
||||
public long sum() {
|
||||
long sum = base;
|
||||
Cell[] as = cells;
|
||||
if (as != null) {
|
||||
int n = as.length;
|
||||
for (int i = 0; i < n; ++i) {
|
||||
Cell a = as[i];
|
||||
if (a != null)
|
||||
sum += a.value;
|
||||
}
|
||||
}
|
||||
return sum;
|
||||
}
|
||||
|
||||
/**
|
||||
* Resets variables maintaining the sum to zero. This method may
|
||||
* be a useful alternative to creating a new adder, but is only
|
||||
* effective if there are no concurrent updates. Because this
|
||||
* method is intrinsically racy, it should only be used when it is
|
||||
* known that no threads are concurrently updating.
|
||||
*/
|
||||
public void reset() {
|
||||
internalReset(0L);
|
||||
}
|
||||
|
||||
/**
|
||||
* Equivalent in effect to {@link #sum} followed by {@link
|
||||
* #reset}. This method may apply for example during quiescent
|
||||
* points between multithreaded computations. If there are
|
||||
* updates concurrent with this method, the returned value is
|
||||
* <em>not</em> guaranteed to be the final value occurring before
|
||||
* the reset.
|
||||
*
|
||||
* @return the sum
|
||||
*/
|
||||
public long sumThenReset() {
|
||||
long sum = base;
|
||||
Cell[] as = cells;
|
||||
base = 0L;
|
||||
if (as != null) {
|
||||
int n = as.length;
|
||||
for (int i = 0; i < n; ++i) {
|
||||
Cell a = as[i];
|
||||
if (a != null) {
|
||||
sum += a.value;
|
||||
a.value = 0L;
|
||||
}
|
||||
}
|
||||
}
|
||||
return sum;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the String representation of the {@link #sum}.
|
||||
* @return the String representation of the {@link #sum}
|
||||
*/
|
||||
public String toString() {
|
||||
return Long.toString(sum());
|
||||
}
|
||||
|
||||
/**
|
||||
* Equivalent to {@link #sum}.
|
||||
*
|
||||
* @return the sum
|
||||
*/
|
||||
public long longValue() {
|
||||
return sum();
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the {@link #sum} as an {@code int} after a narrowing
|
||||
* primitive conversion.
|
||||
*/
|
||||
public int intValue() {
|
||||
return (int)sum();
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the {@link #sum} as a {@code float}
|
||||
* after a widening primitive conversion.
|
||||
*/
|
||||
public float floatValue() {
|
||||
return (float)sum();
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the {@link #sum} as a {@code double} after a widening
|
||||
* primitive conversion.
|
||||
*/
|
||||
public double doubleValue() {
|
||||
return (double)sum();
|
||||
}
|
||||
|
||||
private void writeObject(java.io.ObjectOutputStream s)
|
||||
throws java.io.IOException {
|
||||
s.defaultWriteObject();
|
||||
s.writeLong(sum());
|
||||
}
|
||||
|
||||
private void readObject(java.io.ObjectInputStream s)
|
||||
throws java.io.IOException, ClassNotFoundException {
|
||||
s.defaultReadObject();
|
||||
busy = 0;
|
||||
cells = null;
|
||||
base = s.readLong();
|
||||
}
|
||||
|
||||
}
|
|
@ -1,183 +0,0 @@
|
|||
/*
|
||||
* Written by Doug Lea with assistance from members of JCP JSR-166
|
||||
* Expert Group and released to the public domain, as explained at
|
||||
* http://creativecommons.org/publicdomain/zero/1.0/
|
||||
*/
|
||||
|
||||
package jsr166e;
|
||||
import java.io.Serializable;
|
||||
|
||||
/**
|
||||
* One or more variables that together maintain a running {@code long}
|
||||
* maximum with initial value {@code Long.MIN_VALUE}. When updates
|
||||
* (method {@link #update}) are contended across threads, the set of
|
||||
* variables may grow dynamically to reduce contention. Method {@link
|
||||
* #max} (or, equivalently, {@link #longValue}) returns the current
|
||||
* maximum across the variables maintaining updates.
|
||||
*
|
||||
* <p>This class extends {@link Number}, but does <em>not</em> define
|
||||
* methods such as {@code equals}, {@code hashCode} and {@code
|
||||
* compareTo} because instances are expected to be mutated, and so are
|
||||
* not useful as collection keys.
|
||||
*
|
||||
* <p><em>jsr166e note: This class is targeted to be placed in
|
||||
* java.util.concurrent.atomic.</em>
|
||||
*
|
||||
* @since 1.8
|
||||
* @author Doug Lea
|
||||
*/
|
||||
public class LongMaxUpdater extends Striped64 implements Serializable {
|
||||
private static final long serialVersionUID = 7249069246863182397L;
|
||||
|
||||
/**
|
||||
* Version of max for use in retryUpdate
|
||||
*/
|
||||
final long fn(long v, long x) { return v > x ? v : x; }
|
||||
|
||||
/**
|
||||
* Creates a new instance with initial maximum of {@code
|
||||
* Long.MIN_VALUE}.
|
||||
*/
|
||||
public LongMaxUpdater() {
|
||||
base = Long.MIN_VALUE;
|
||||
}
|
||||
|
||||
/**
|
||||
* Updates the maximum to be at least the given value.
|
||||
*
|
||||
* @param x the value to update
|
||||
*/
|
||||
public void update(long x) {
|
||||
Cell[] as; long b, v; HashCode hc; Cell a; int n;
|
||||
if ((as = cells) != null ||
|
||||
(b = base) < x && !casBase(b, x)) {
|
||||
boolean uncontended = true;
|
||||
int h = (hc = threadHashCode.get()).code;
|
||||
if (as == null || (n = as.length) < 1 ||
|
||||
(a = as[(n - 1) & h]) == null ||
|
||||
((v = a.value) < x && !(uncontended = a.cas(v, x))))
|
||||
retryUpdate(x, hc, uncontended);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the current maximum. The returned value is
|
||||
* <em>NOT</em> an atomic snapshot; invocation in the absence of
|
||||
* concurrent updates returns an accurate result, but concurrent
|
||||
* updates that occur while the value is being calculated might
|
||||
* not be incorporated.
|
||||
*
|
||||
* @return the maximum
|
||||
*/
|
||||
public long max() {
|
||||
Cell[] as = cells;
|
||||
long max = base;
|
||||
if (as != null) {
|
||||
int n = as.length;
|
||||
long v;
|
||||
for (int i = 0; i < n; ++i) {
|
||||
Cell a = as[i];
|
||||
if (a != null && (v = a.value) > max)
|
||||
max = v;
|
||||
}
|
||||
}
|
||||
return max;
|
||||
}
|
||||
|
||||
/**
|
||||
* Resets variables maintaining updates to {@code Long.MIN_VALUE}.
|
||||
* This method may be a useful alternative to creating a new
|
||||
* updater, but is only effective if there are no concurrent
|
||||
* updates. Because this method is intrinsically racy, it should
|
||||
* only be used when it is known that no threads are concurrently
|
||||
* updating.
|
||||
*/
|
||||
public void reset() {
|
||||
internalReset(Long.MIN_VALUE);
|
||||
}
|
||||
|
||||
/**
|
||||
* Equivalent in effect to {@link #max} followed by {@link
|
||||
* #reset}. This method may apply for example during quiescent
|
||||
* points between multithreaded computations. If there are
|
||||
* updates concurrent with this method, the returned value is
|
||||
* <em>not</em> guaranteed to be the final value occurring before
|
||||
* the reset.
|
||||
*
|
||||
* @return the maximum
|
||||
*/
|
||||
public long maxThenReset() {
|
||||
Cell[] as = cells;
|
||||
long max = base;
|
||||
base = Long.MIN_VALUE;
|
||||
if (as != null) {
|
||||
int n = as.length;
|
||||
for (int i = 0; i < n; ++i) {
|
||||
Cell a = as[i];
|
||||
if (a != null) {
|
||||
long v = a.value;
|
||||
a.value = Long.MIN_VALUE;
|
||||
if (v > max)
|
||||
max = v;
|
||||
}
|
||||
}
|
||||
}
|
||||
return max;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the String representation of the {@link #max}.
|
||||
* @return the String representation of the {@link #max}
|
||||
*/
|
||||
public String toString() {
|
||||
return Long.toString(max());
|
||||
}
|
||||
|
||||
/**
|
||||
* Equivalent to {@link #max}.
|
||||
*
|
||||
* @return the maximum
|
||||
*/
|
||||
public long longValue() {
|
||||
return max();
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the {@link #max} as an {@code int} after a narrowing
|
||||
* primitive conversion.
|
||||
*/
|
||||
public int intValue() {
|
||||
return (int)max();
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the {@link #max} as a {@code float}
|
||||
* after a widening primitive conversion.
|
||||
*/
|
||||
public float floatValue() {
|
||||
return (float)max();
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the {@link #max} as a {@code double} after a widening
|
||||
* primitive conversion.
|
||||
*/
|
||||
public double doubleValue() {
|
||||
return (double)max();
|
||||
}
|
||||
|
||||
private void writeObject(java.io.ObjectOutputStream s)
|
||||
throws java.io.IOException {
|
||||
s.defaultWriteObject();
|
||||
s.writeLong(max());
|
||||
}
|
||||
|
||||
private void readObject(java.io.ObjectInputStream s)
|
||||
throws java.io.IOException, ClassNotFoundException {
|
||||
s.defaultReadObject();
|
||||
busy = 0;
|
||||
cells = null;
|
||||
base = s.readLong();
|
||||
}
|
||||
|
||||
}
|
|
@ -1,341 +0,0 @@
|
|||
/*
|
||||
* Written by Doug Lea with assistance from members of JCP JSR-166
|
||||
* Expert Group and released to the public domain, as explained at
|
||||
* http://creativecommons.org/publicdomain/zero/1.0/
|
||||
*/
|
||||
|
||||
package jsr166e;
|
||||
import java.util.Random;
|
||||
|
||||
/**
|
||||
* A package-local class holding common representation and mechanics
|
||||
* for classes supporting dynamic striping on 64bit values. The class
|
||||
* extends Number so that concrete subclasses must publicly do so.
|
||||
*/
|
||||
abstract class Striped64 extends Number {
|
||||
/*
|
||||
* This class maintains a lazily-initialized table of atomically
|
||||
* updated variables, plus an extra "base" field. The table size
|
||||
* is a power of two. Indexing uses masked per-thread hash codes.
|
||||
* Nearly all declarations in this class are package-private,
|
||||
* accessed directly by subclasses.
|
||||
*
|
||||
* Table entries are of class Cell; a variant of AtomicLong padded
|
||||
* to reduce cache contention on most processors. Padding is
|
||||
* overkill for most Atomics because they are usually irregularly
|
||||
* scattered in memory and thus don't interfere much with each
|
||||
* other. But Atomic objects residing in arrays will tend to be
|
||||
* placed adjacent to each other, and so will most often share
|
||||
* cache lines (with a huge negative performance impact) without
|
||||
* this precaution.
|
||||
*
|
||||
* In part because Cells are relatively large, we avoid creating
|
||||
* them until they are needed. When there is no contention, all
|
||||
* updates are made to the base field. Upon first contention (a
|
||||
* failed CAS on base update), the table is initialized to size 2.
|
||||
* The table size is doubled upon further contention until
|
||||
* reaching the nearest power of two greater than or equal to the
|
||||
* number of CPUS. Table slots remain empty (null) until they are
|
||||
* needed.
|
||||
*
|
||||
* A single spinlock ("busy") is used for initializing and
|
||||
* resizing the table, as well as populating slots with new Cells.
|
||||
* There is no need for a blocking lock; when the lock is not
|
||||
* available, threads try other slots (or the base). During these
|
||||
* retries, there is increased contention and reduced locality,
|
||||
* which is still better than alternatives.
|
||||
*
|
||||
* Per-thread hash codes are initialized to random values.
|
||||
* Contention and/or table collisions are indicated by failed
|
||||
* CASes when performing an update operation (see method
|
||||
* retryUpdate). Upon a collision, if the table size is less than
|
||||
* the capacity, it is doubled in size unless some other thread
|
||||
* holds the lock. If a hashed slot is empty, and lock is
|
||||
* available, a new Cell is created. Otherwise, if the slot
|
||||
* exists, a CAS is tried. Retries proceed by "double hashing",
|
||||
* using a secondary hash (Marsaglia XorShift) to try to find a
|
||||
* free slot.
|
||||
*
|
||||
* The table size is capped because, when there are more threads
|
||||
* than CPUs, supposing that each thread were bound to a CPU,
|
||||
* there would exist a perfect hash function mapping threads to
|
||||
* slots that eliminates collisions. When we reach capacity, we
|
||||
* search for this mapping by randomly varying the hash codes of
|
||||
* colliding threads. Because search is random, and collisions
|
||||
* only become known via CAS failures, convergence can be slow,
|
||||
* and because threads are typically not bound to CPUS forever,
|
||||
* may not occur at all. However, despite these limitations,
|
||||
* observed contention rates are typically low in these cases.
|
||||
*
|
||||
* It is possible for a Cell to become unused when threads that
|
||||
* once hashed to it terminate, as well as in the case where
|
||||
* doubling the table causes no thread to hash to it under
|
||||
* expanded mask. We do not try to detect or remove such cells,
|
||||
* under the assumption that for long-running instances, observed
|
||||
* contention levels will recur, so the cells will eventually be
|
||||
* needed again; and for short-lived ones, it does not matter.
|
||||
*/
|
||||
|
||||
/**
|
||||
* Padded variant of AtomicLong supporting only raw accesses plus CAS.
|
||||
* The value field is placed between pads, hoping that the JVM doesn't
|
||||
* reorder them.
|
||||
*
|
||||
* JVM intrinsics note: It would be possible to use a release-only
|
||||
* form of CAS here, if it were provided.
|
||||
*/
|
||||
static final class Cell {
|
||||
volatile long p0, p1, p2, p3, p4, p5, p6;
|
||||
volatile long value;
|
||||
volatile long q0, q1, q2, q3, q4, q5, q6;
|
||||
Cell(long x) { value = x; }
|
||||
|
||||
final boolean cas(long cmp, long val) {
|
||||
return UNSAFE.compareAndSwapLong(this, valueOffset, cmp, val);
|
||||
}
|
||||
|
||||
// Unsafe mechanics
|
||||
private static final sun.misc.Unsafe UNSAFE;
|
||||
private static final long valueOffset;
|
||||
static {
|
||||
try {
|
||||
UNSAFE = getUnsafe();
|
||||
Class<?> ak = Cell.class;
|
||||
valueOffset = UNSAFE.objectFieldOffset
|
||||
(ak.getDeclaredField("value"));
|
||||
} catch (Exception e) {
|
||||
throw new Error(e);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* Holder for the thread-local hash code. The code is initially
|
||||
* random, but may be set to a different value upon collisions.
|
||||
*/
|
||||
static final class HashCode {
|
||||
static final Random rng = new Random();
|
||||
int code;
|
||||
HashCode() {
|
||||
int h = rng.nextInt(); // Avoid zero to allow xorShift rehash
|
||||
code = (h == 0) ? 1 : h;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* The corresponding ThreadLocal class
|
||||
*/
|
||||
static final class ThreadHashCode extends ThreadLocal<HashCode> {
|
||||
public HashCode initialValue() { return new HashCode(); }
|
||||
}
|
||||
|
||||
/**
|
||||
* Static per-thread hash codes. Shared across all instances to
|
||||
* reduce ThreadLocal pollution and because adjustments due to
|
||||
* collisions in one table are likely to be appropriate for
|
||||
* others.
|
||||
*/
|
||||
static final ThreadHashCode threadHashCode = new ThreadHashCode();
|
||||
|
||||
/** Number of CPUS, to place bound on table size */
|
||||
static final int NCPU = Runtime.getRuntime().availableProcessors();
|
||||
|
||||
/**
|
||||
* Table of cells. When non-null, size is a power of 2.
|
||||
*/
|
||||
transient volatile Cell[] cells;
|
||||
|
||||
/**
|
||||
* Base value, used mainly when there is no contention, but also as
|
||||
* a fallback during table initialization races. Updated via CAS.
|
||||
*/
|
||||
transient volatile long base;
|
||||
|
||||
/**
|
||||
* Spinlock (locked via CAS) used when resizing and/or creating Cells.
|
||||
*/
|
||||
transient volatile int busy;
|
||||
|
||||
/**
|
||||
* Package-private default constructor
|
||||
*/
|
||||
Striped64() {
|
||||
}
|
||||
|
||||
/**
|
||||
* CASes the base field.
|
||||
*/
|
||||
final boolean casBase(long cmp, long val) {
|
||||
return UNSAFE.compareAndSwapLong(this, baseOffset, cmp, val);
|
||||
}
|
||||
|
||||
/**
|
||||
* CASes the busy field from 0 to 1 to acquire lock.
|
||||
*/
|
||||
final boolean casBusy() {
|
||||
return UNSAFE.compareAndSwapInt(this, busyOffset, 0, 1);
|
||||
}
|
||||
|
||||
/**
|
||||
* Computes the function of current and new value. Subclasses
|
||||
* should open-code this update function for most uses, but the
|
||||
* virtualized form is needed within retryUpdate.
|
||||
*
|
||||
* @param currentValue the current value (of either base or a cell)
|
||||
* @param newValue the argument from a user update call
|
||||
* @return result of the update function
|
||||
*/
|
||||
abstract long fn(long currentValue, long newValue);
|
||||
|
||||
/**
|
||||
* Handles cases of updates involving initialization, resizing,
|
||||
* creating new Cells, and/or contention. See above for
|
||||
* explanation. This method suffers the usual non-modularity
|
||||
* problems of optimistic retry code, relying on rechecked sets of
|
||||
* reads.
|
||||
*
|
||||
* @param x the value
|
||||
* @param hc the hash code holder
|
||||
* @param wasUncontended false if CAS failed before call
|
||||
*/
|
||||
final void retryUpdate(long x, HashCode hc, boolean wasUncontended) {
|
||||
int h = hc.code;
|
||||
boolean collide = false; // True if last slot nonempty
|
||||
for (;;) {
|
||||
Cell[] as; Cell a; int n; long v;
|
||||
if ((as = cells) != null && (n = as.length) > 0) {
|
||||
if ((a = as[(n - 1) & h]) == null) {
|
||||
if (busy == 0) { // Try to attach new Cell
|
||||
Cell r = new Cell(x); // Optimistically create
|
||||
if (busy == 0 && casBusy()) {
|
||||
boolean created = false;
|
||||
try { // Recheck under lock
|
||||
Cell[] rs; int m, j;
|
||||
if ((rs = cells) != null &&
|
||||
(m = rs.length) > 0 &&
|
||||
rs[j = (m - 1) & h] == null) {
|
||||
rs[j] = r;
|
||||
created = true;
|
||||
}
|
||||
} finally {
|
||||
busy = 0;
|
||||
}
|
||||
if (created)
|
||||
break;
|
||||
continue; // Slot is now non-empty
|
||||
}
|
||||
}
|
||||
collide = false;
|
||||
}
|
||||
else if (!wasUncontended) // CAS already known to fail
|
||||
wasUncontended = true; // Continue after rehash
|
||||
else if (a.cas(v = a.value, fn(v, x)))
|
||||
break;
|
||||
else if (n >= NCPU || cells != as)
|
||||
collide = false; // At max size or stale
|
||||
else if (!collide)
|
||||
collide = true;
|
||||
else if (busy == 0 && casBusy()) {
|
||||
try {
|
||||
if (cells == as) { // Expand table unless stale
|
||||
Cell[] rs = new Cell[n << 1];
|
||||
for (int i = 0; i < n; ++i)
|
||||
rs[i] = as[i];
|
||||
cells = rs;
|
||||
}
|
||||
} finally {
|
||||
busy = 0;
|
||||
}
|
||||
collide = false;
|
||||
continue; // Retry with expanded table
|
||||
}
|
||||
h ^= h << 13; // Rehash
|
||||
h ^= h >>> 17;
|
||||
h ^= h << 5;
|
||||
}
|
||||
else if (busy == 0 && cells == as && casBusy()) {
|
||||
boolean init = false;
|
||||
try { // Initialize table
|
||||
if (cells == as) {
|
||||
Cell[] rs = new Cell[2];
|
||||
rs[h & 1] = new Cell(x);
|
||||
cells = rs;
|
||||
init = true;
|
||||
}
|
||||
} finally {
|
||||
busy = 0;
|
||||
}
|
||||
if (init)
|
||||
break;
|
||||
}
|
||||
else if (casBase(v = base, fn(v, x)))
|
||||
break; // Fall back on using base
|
||||
}
|
||||
hc.code = h; // Record index for next time
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Sets base and all cells to the given value.
|
||||
*/
|
||||
final void internalReset(long initialValue) {
|
||||
Cell[] as = cells;
|
||||
base = initialValue;
|
||||
if (as != null) {
|
||||
int n = as.length;
|
||||
for (int i = 0; i < n; ++i) {
|
||||
Cell a = as[i];
|
||||
if (a != null)
|
||||
a.value = initialValue;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Unsafe mechanics
|
||||
private static final sun.misc.Unsafe UNSAFE;
|
||||
private static final long baseOffset;
|
||||
private static final long busyOffset;
|
||||
static {
|
||||
try {
|
||||
UNSAFE = getUnsafe();
|
||||
Class<?> sk = Striped64.class;
|
||||
baseOffset = UNSAFE.objectFieldOffset
|
||||
(sk.getDeclaredField("base"));
|
||||
busyOffset = UNSAFE.objectFieldOffset
|
||||
(sk.getDeclaredField("busy"));
|
||||
} catch (Exception e) {
|
||||
throw new Error(e);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a sun.misc.Unsafe. Suitable for use in a 3rd party package.
|
||||
* Replace with a simple call to Unsafe.getUnsafe when integrating
|
||||
* into a jdk.
|
||||
*
|
||||
* @return a sun.misc.Unsafe
|
||||
*/
|
||||
private static sun.misc.Unsafe getUnsafe() {
|
||||
try {
|
||||
return sun.misc.Unsafe.getUnsafe();
|
||||
} catch (SecurityException tryReflectionInstead) {}
|
||||
try {
|
||||
return java.security.AccessController.doPrivileged
|
||||
(new java.security.PrivilegedExceptionAction<sun.misc.Unsafe>() {
|
||||
public sun.misc.Unsafe run() throws Exception {
|
||||
Class<sun.misc.Unsafe> k = sun.misc.Unsafe.class;
|
||||
for (java.lang.reflect.Field f : k.getDeclaredFields()) {
|
||||
f.setAccessible(true);
|
||||
Object x = f.get(null);
|
||||
if (k.isInstance(x))
|
||||
return k.cast(x);
|
||||
}
|
||||
throw new NoSuchFieldError("the Unsafe");
|
||||
}});
|
||||
} catch (java.security.PrivilegedActionException e) {
|
||||
throw new RuntimeException("Could not initialize intrinsics",
|
||||
e.getCause());
|
||||
}
|
||||
}
|
||||
}
|
|
@ -23,6 +23,8 @@ import org.elasticsearch.common.SuppressForbidden;
|
|||
import org.elasticsearch.env.Environment;
|
||||
|
||||
import java.io.*;
|
||||
import java.net.URL;
|
||||
import java.net.URLClassLoader;
|
||||
import java.nio.file.AccessMode;
|
||||
import java.nio.file.FileAlreadyExistsException;
|
||||
import java.nio.file.Files;
|
||||
|
@ -30,6 +32,10 @@ import java.nio.file.NotDirectoryException;
|
|||
import java.nio.file.Path;
|
||||
import java.security.Permissions;
|
||||
import java.security.Policy;
|
||||
import java.util.Collections;
|
||||
import java.util.IdentityHashMap;
|
||||
import java.util.Map;
|
||||
import java.util.regex.Pattern;
|
||||
|
||||
/**
|
||||
* Initializes securitymanager with necessary permissions.
|
||||
|
@ -44,6 +50,9 @@ final class Security {
|
|||
* Can only happen once!
|
||||
*/
|
||||
static void configure(Environment environment) throws Exception {
|
||||
// set properties for jar locations
|
||||
setCodebaseProperties();
|
||||
|
||||
// enable security policy: union of template and environment-based paths.
|
||||
Policy.setPolicy(new ESPolicy(createPermissions(environment)));
|
||||
|
||||
|
@ -54,6 +63,48 @@ final class Security {
|
|||
selfTest();
|
||||
}
|
||||
|
||||
// mapping of jars to codebase properties
|
||||
// note that this is only read once, when policy is parsed.
|
||||
private static final Map<Pattern,String> SPECIAL_JARS;
|
||||
static {
|
||||
Map<Pattern,String> m = new IdentityHashMap<>();
|
||||
m.put(Pattern.compile(".*lucene-core-.*\\.jar$"), "es.security.jar.lucene.core");
|
||||
m.put(Pattern.compile(".*jsr166e-.*\\.jar$"), "es.security.jar.twitter.jsr166e");
|
||||
m.put(Pattern.compile(".*securemock-.*\\.jar$"), "es.security.jar.elasticsearch.securemock");
|
||||
SPECIAL_JARS = Collections.unmodifiableMap(m);
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets properties (codebase URLs) for policy files.
|
||||
* JAR locations are not fixed so we have to find the locations of
|
||||
* the ones we want.
|
||||
*/
|
||||
@SuppressForbidden(reason = "proper use of URL")
|
||||
static void setCodebaseProperties() {
|
||||
ClassLoader loader = ClassLoader.getSystemClassLoader();
|
||||
if (loader instanceof URLClassLoader) {
|
||||
for (URL url : ((URLClassLoader)loader).getURLs()) {
|
||||
for (Map.Entry<Pattern,String> e : SPECIAL_JARS.entrySet()) {
|
||||
if (e.getKey().matcher(url.getPath()).matches()) {
|
||||
String prop = e.getValue();
|
||||
if (System.getProperty(prop) != null) {
|
||||
throw new IllegalStateException("property: " + prop + " is unexpectedly set");
|
||||
}
|
||||
System.setProperty(prop, url.toString());
|
||||
}
|
||||
}
|
||||
}
|
||||
for (String prop : SPECIAL_JARS.values()) {
|
||||
if (System.getProperty(prop) == null) {
|
||||
System.setProperty(prop, "file:/dev/null"); // no chance to be interpreted as "all"
|
||||
}
|
||||
}
|
||||
} else {
|
||||
// we could try to parse the classpath or something, but screw it for now.
|
||||
throw new UnsupportedOperationException("Unsupported system classloader type: " + loader.getClass());
|
||||
}
|
||||
}
|
||||
|
||||
/** returns dynamic Permissions to configured paths */
|
||||
static Permissions createPermissions(Environment environment) throws IOException {
|
||||
// TODO: improve test infra so we can reduce permissions where read/write
|
||||
|
|
|
@ -19,7 +19,7 @@
|
|||
|
||||
package org.elasticsearch.common.metrics;
|
||||
|
||||
import jsr166e.LongAdder;
|
||||
import com.twitter.jsr166e.LongAdder;
|
||||
|
||||
/**
|
||||
*/
|
||||
|
|
|
@ -19,7 +19,7 @@
|
|||
|
||||
package org.elasticsearch.common.metrics;
|
||||
|
||||
import jsr166e.LongAdder;
|
||||
import com.twitter.jsr166e.LongAdder;
|
||||
|
||||
import java.util.concurrent.TimeUnit;
|
||||
|
||||
|
|
|
@ -19,7 +19,7 @@
|
|||
|
||||
package org.elasticsearch.common.metrics;
|
||||
|
||||
import jsr166e.LongAdder;
|
||||
import com.twitter.jsr166e.LongAdder;
|
||||
|
||||
/**
|
||||
*/
|
||||
|
|
|
@ -19,7 +19,7 @@
|
|||
|
||||
package org.elasticsearch.common.metrics;
|
||||
|
||||
import jsr166e.LongAdder;
|
||||
import com.twitter.jsr166e.LongAdder;
|
||||
import org.elasticsearch.common.util.concurrent.FutureUtils;
|
||||
|
||||
import java.util.concurrent.ScheduledExecutorService;
|
||||
|
|
|
@ -28,6 +28,25 @@ grant codeBase "file:${{java.ext.dirs}}/*" {
|
|||
permission java.security.AllPermission;
|
||||
};
|
||||
|
||||
//// Very special jar permissions:
|
||||
//// These are dangerous permissions that we don't want to grant to everything.
|
||||
|
||||
grant codeBase "${es.security.jar.lucene.core}" {
|
||||
// needed to allow MMapDirectory's "unmap hack"
|
||||
permission java.lang.RuntimePermission "accessClassInPackage.sun.misc";
|
||||
};
|
||||
|
||||
grant codeBase "${es.security.jar.twitter.jsr166e}" {
|
||||
// needed for LongAdder etc
|
||||
// TODO: remove this in java 8!
|
||||
permission java.lang.RuntimePermission "accessClassInPackage.sun.misc";
|
||||
};
|
||||
|
||||
grant codeBase "${es.security.jar.elasticsearch.securemock}" {
|
||||
// needed to support creation of mocks
|
||||
permission java.lang.RuntimePermission "reflectionFactoryAccess";
|
||||
};
|
||||
|
||||
//// Everything else:
|
||||
|
||||
grant {
|
||||
|
@ -67,7 +86,7 @@ grant {
|
|||
permission java.lang.RuntimePermission "getProtectionDomain";
|
||||
|
||||
// reflection hacks:
|
||||
// needed for Striped64 (what is this doing), also enables unmap hack
|
||||
// needed by pluginmanager to CHANGE THE CLASSLOADER (!)
|
||||
permission java.lang.RuntimePermission "accessClassInPackage.sun.misc";
|
||||
// needed for mock filesystems in tests (to capture implCloseChannel)
|
||||
permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch";
|
||||
|
@ -99,9 +118,6 @@ grant {
|
|||
// needed by JDKESLoggerTests
|
||||
permission java.util.logging.LoggingPermission "control";
|
||||
|
||||
// needed by Mockito
|
||||
permission java.lang.RuntimePermission "reflectionFactoryAccess";
|
||||
|
||||
// needed to install SSLFactories, advanced SSL configuration, etc.
|
||||
permission java.lang.RuntimePermission "setFactory";
|
||||
};
|
||||
|
|
|
@ -63,6 +63,7 @@ public class BootstrapForTesting {
|
|||
// install security manager if requested
|
||||
if (systemPropertyAsBoolean("tests.security.manager", false)) {
|
||||
try {
|
||||
Security.setCodebaseProperties();
|
||||
// initialize paths the same exact way as bootstrap.
|
||||
Permissions perms = new Permissions();
|
||||
Path basedir = PathUtils.get(Objects.requireNonNull(System.getProperty("project.basedir"),
|
||||
|
|
9
pom.xml
9
pom.xml
|
@ -153,6 +153,12 @@
|
|||
<version>1.0</version>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>com.twitter</groupId>
|
||||
<artifactId>jsr166e</artifactId>
|
||||
<version>1.1.0</version>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>org.apache.lucene</groupId>
|
||||
<artifactId>lucene-test-framework</artifactId>
|
||||
|
@ -737,9 +743,6 @@
|
|||
<internalRuntimeForbidden>true</internalRuntimeForbidden>
|
||||
<!-- if the used Java version is too new, don't fail, just do nothing: -->
|
||||
<failOnUnsupportedJava>false</failOnUnsupportedJava>
|
||||
<excludes>
|
||||
<exclude>jsr166e/**</exclude>
|
||||
</excludes>
|
||||
<bundledSignatures>
|
||||
<!-- This will automatically choose the right signatures based on 'targetVersion': -->
|
||||
<bundledSignature>jdk-unsafe</bundledSignature>
|
||||
|
|
Loading…
Reference in New Issue