8245194: Unix domain socket channel implementation

Reviewed-by: erikj, dfuchs, alanb, chegar
openjdk · Oct 28, 2020 · 6bb7e45 · 6bb7e45 · bridgekeeper · Oct 28, 2020
1 parent 8bde2f4
commit 6bb7e45
Show file tree

Hide file tree

Showing 73 changed files with 5,431 additions and 1,113 deletions.
diff --git a/make/modules/java.base/Copy.gmk b/make/modules/java.base/Copy.gmk
@@ -182,12 +182,16 @@ endif
 
 ################################################################################
 
-$(eval $(call SetupCopyFiles, COPY_NET_PROPERTIES, \
-    FILES := $(TOPDIR)/src/java.base/share/conf/net.properties, \
-    DEST := $(CONF_DST_DIR), \
-))
+NET_PROPERTIES_SRCS := $(TOPDIR)/src/java.base/share/conf/net.properties \
+	$(TOPDIR)/src/java.base/$(OPENJDK_TARGET_OS_TYPE)/conf/net.properties
+
+NET_PROPERTIES_DST  := $(CONF_DST_DIR)/net.properties
+
+$(NET_PROPERTIES_DST): $(NET_PROPERTIES_SRCS)
+	$(call MakeTargetDir)
+	$(CAT) $(NET_PROPERTIES_SRCS) > $@
 
-TARGETS += $(COPY_NET_PROPERTIES)
+TARGETS += $(NET_PROPERTIES_DST)
 
 ifeq ($(call isTargetOs, linux), true)
   $(eval $(call SetupCopyFiles, COPY_SDP_CONF, \

diff --git a/src/java.base/share/classes/java/net/NetPermission.java b/src/java.base/share/classes/java/net/NetPermission.java
@@ -66,6 +66,16 @@
  *   </tr>
  *
  * <tr>
+ *   <th scope="row">accessUnixDomainSocket</th>
+ *   <td>The ability to accept, bind, connect or get the local address
+ *   of a <i>Unix Domain</i> socket.
+ *   </td>
+ *   <td>Malicious code could connect to local processes using Unix domain sockets
+ *    or impersonate local processes, by binding to the same pathnames (assuming they
+ *    have the required Operating System permissions.</td>
+ * </tr>
+ *
+ * <tr>
  *   <th scope="row">getCookieHandler</th>
  *   <td>The ability to get the cookie handler that processes highly
  *   security sensitive cookie information for an Http session.</td>

diff --git a/src/java.base/share/classes/java/net/StandardProtocolFamily.java b/src/java.base/share/classes/java/net/StandardProtocolFamily.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2007, 2009, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2007, 2020, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -41,5 +41,11 @@ public enum StandardProtocolFamily implements ProtocolFamily {
     /**
      * Internet Protocol Version 6 (IPv6)
      */
-    INET6
+    INET6,
+
+    /**
+     * Unix domain (Local) interprocess communication.
+     * @since 16
+     */
+    UNIX
 }
diff --git a/src/java.base/share/classes/java/net/UnixDomainSocketAddress.java b/src/java.base/share/classes/java/net/UnixDomainSocketAddress.java
@@ -0,0 +1,211 @@
+/*
+ * Copyright (c) 2020, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package java.net;
+
+import java.io.ObjectStreamException;
+import java.io.Serializable;
+import java.net.SocketAddress;
+import java.nio.channels.SocketChannel;
+import java.nio.file.FileSystem;
+import java.nio.file.FileSystems;
+import java.nio.file.InvalidPathException;
+import java.nio.file.Path;
+
+/**
+ * A <a href="package-summary.html#unixdomain">Unix domain</a> socket address.
+ * A Unix domain socket address encapsulates a file-system path that Unix domain sockets
+ * bind or connect to.
+ *
+ * <p> An <a id="unnamed"></a><i>unnamed</i> {@code UnixDomainSocketAddress} has
+ * an empty path. The local address of a {@link SocketChannel} to a Unix domain socket
+ * that is <i>automatically</i> or <i>implicitly</i> bound will be unnamed.
+ *
+ * <p> {@link Path} objects used to create instances of this class must be obtained
+ * from the {@linkplain FileSystems#getDefault system-default} file system.
+ *
+ * @see java.nio.channels.SocketChannel
+ * @see java.nio.channels.ServerSocketChannel
+ * @since 16
+ */
+public final class UnixDomainSocketAddress extends SocketAddress {
+    @java.io.Serial
+    static final long serialVersionUID = 92902496589351288L;
+
+    private final transient Path path;
+
+    /**
+     * A serial proxy for all {@link UnixDomainSocketAddress} instances.
+     * It captures the file path name and reconstructs using the public static
+     * {@link #of(String) factory}.
+     *
+     * @serial include
+     */
+    private static final class Ser implements Serializable {
+        @java.io.Serial
+        static final long serialVersionUID = -7955684448513979814L;
+
+        /**
+         * The path name.
+         * @serial
+         */
+        private final String pathname;
+
+        Ser(String pathname) {
+            this.pathname = pathname;
+        }
+
+        /**
+         * Creates a {@link UnixDomainSocketAddress} instance, by an invocation
+         * of the {@link #of(String) factory} method passing the path name.
+         * @return a UnixDomainSocketAddress
+         */
+        @java.io.Serial
+        private Object readResolve() {
+            return UnixDomainSocketAddress.of(pathname);
+        }
+    }
+
+    /**
+     * Returns a
+     * <a href="{@docRoot}/serialized-form.html#java.net.UnixDomainSocketAddress.Ser">
+     * Ser</a> containing the path name of this instance.
+     *
+     * @return a {@link Ser}
+     * representing the path name of this instance
+     */
+    @java.io.Serial
+    private Object writeReplace() throws ObjectStreamException {
+        return new Ser(path.toString());
+    }
+
+    /**
+     * Throws InvalidObjectException, always.
+     * @param s the stream
+     * @throws java.io.InvalidObjectException always
+     */
+    @java.io.Serial
+    private void readObject(java.io.ObjectInputStream s)
+        throws java.io.InvalidObjectException
+    {
+        throw new java.io.InvalidObjectException("Proxy required");
+    }
+
+    /**
+     * Throws InvalidObjectException, always.
+     * @throws java.io.InvalidObjectException always
+     */
+    @java.io.Serial
+    private void readObjectNoData()
+        throws java.io.InvalidObjectException
+    {
+        throw new java.io.InvalidObjectException("Proxy required");
+    }
+
+    private UnixDomainSocketAddress(Path path) {
+        this.path = path;
+    }
+
+    /**
+     * Creates a UnixDomainSocketAddress from the given path string.
+     *
+     * @param  pathname
+     *         The path string, which can be empty
+     *
+     * @return A UnixDomainSocketAddress
+     *
+     * @throws InvalidPathException
+     *         If the path cannot be converted to a Path
+     *
+     * @throws NullPointerException if pathname is {@code null}
+     */
+    public static UnixDomainSocketAddress of(String pathname) {
+        return of(Path.of(pathname));
+    }
+
+    /**
+     * Creates a UnixDomainSocketAddress for the given path.
+     *
+     * @param  path
+     *         The path to the socket, which can be empty
+     *
+     * @return A UnixDomainSocketAddress
+     *
+     * @throws IllegalArgumentException
+     *         If the path is not associated with the default file system
+     *
+     * @throws NullPointerException if path is {@code null}
+     */
+    public static UnixDomainSocketAddress of(Path path) {
+        FileSystem fs = path.getFileSystem();
+        if (fs != FileSystems.getDefault()) {
+            throw new IllegalArgumentException();
+        }
+        if (fs.getClass().getModule() != Object.class.getModule()) {
+            throw new IllegalArgumentException();
+        }
+        return new UnixDomainSocketAddress(path);
+    }
+
+    /**
+     * Returns this address's path.
+     *
+     * @return this address's path
+     */
+    public Path getPath() {
+        return path;
+    }
+
+    /**
+     * Returns the hash code of this {@code UnixDomainSocketAddress}
+     */
+    @Override
+    public int hashCode() {
+        return path.hashCode();
+    }
+
+    /**
+     * Compares this address with another object.
+     *
+     * @return true if the path fields are equal
+     */
+    @Override
+    public boolean equals(Object o) {
+        if (!(o instanceof UnixDomainSocketAddress))
+            return false;
+        UnixDomainSocketAddress that = (UnixDomainSocketAddress)o;
+        return this.path.equals(that.path);
+    }
+
+    /**
+     * Returns a string representation of this {@code UnixDomainSocketAddress}.
+     *
+     * @return this address's path which may be empty for an unnamed address
+     */
+    @Override
+    public String toString() {
+        return path.toString();
+    }
+}
diff --git a/src/java.base/share/classes/java/nio/channels/DatagramChannel.java b/src/java.base/share/classes/java/nio/channels/DatagramChannel.java
@@ -150,6 +150,9 @@ protected DatagramChannel(SelectorProvider provider) {
      *
      * @throws  IOException
      *          If an I/O error occurs
+     *
+     * @see     <a href="../../net/doc-files/net-properties.html#Ipv4IPv6">
+     *          java.net.preferIPv4Stack</a> system property
      */
     public static DatagramChannel open() throws IOException {
         return SelectorProvider.provider().openDatagramChannel();
@@ -169,6 +172,9 @@ public static DatagramChannel open() throws IOException {
      * java.nio.channels.spi.SelectorProvider} object.  The channel will not be
      * connected.
      *
+     * @apiNote <a href="package-summary.html#unixdomain">Unix domain</a> sockets
+     * are not supported by DatagramChannel.
+     *
      * @param   family
      *          The protocol family
      *
@@ -182,6 +188,9 @@ public static DatagramChannel open() throws IOException {
      * @throws  IOException
      *          If an I/O error occurs
      *
+     * @see     <a href="../../net/doc-files/net-properties.html#Ipv4IPv6">
+     *          java.net.preferIPv4Stack</a> system property
+     *
      * @since   1.7
      */
     public static DatagramChannel open(ProtocolFamily family) throws IOException {
@@ -629,5 +638,4 @@ public final long write(ByteBuffer[] srcs) throws IOException {
      */
     @Override
     public abstract SocketAddress getLocalAddress() throws IOException;
-
 }