Uploaded image for project: 'WildFly Core'
  1. WildFly Core
  2. WFCORE-6933

Missing permissions in AbstractLoggingTestCase

XMLWordPrintable

      From https://ci.wildfly.org/viewLog.html?buildId=447279&buildTypeId=WildFlyCore_PullRequest_LinuxSecurityManagerJdk11&fromSakuraUI=true we see that the 'logging-test.jar' deployment (which sets up an in-deployment Undertow server) is missing needed SM permissions:

      [31m08:57:26,051 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-1) MSC000001: Failed to start service jboss.undertow-test-server: org.jboss.msc.service.StartException in service jboss.undertow-test-server: Failed to start service
	at org.jboss.msc@1.5.5.Final//org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1609)
	at org.jboss.msc@1.5.5.Final//org.jboss.msc.service.ServiceControllerImpl$ControllerTask.run(ServiceControllerImpl.java:1438)
	at org.jboss.threads@2.4.0.Final//org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
	at org.jboss.threads@2.4.0.Final//org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1990)
	at org.jboss.threads@2.4.0.Final//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486)
	at org.jboss.threads@2.4.0.Final//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377)
	at java.base/java.lang.Thread.run(Thread.java:829)
Caused by: java.lang.ExceptionInInitializerError
	at io.undertow.core@2.3.15.Final//io.undertow.util.Headers.<clinit>(Headers.java:129)
	at java.base/jdk.internal.misc.Unsafe.ensureClassInitialized0(Native Method)
	at java.base/jdk.internal.misc.Unsafe.ensureClassInitialized(Unsafe.java:1042)
	at java.base/jdk.internal.reflect.UnsafeFieldAccessorFactory.newFieldAccessor(UnsafeFieldAccessorFactory.java:43)
	at java.base/jdk.internal.reflect.ReflectionFactory.newFieldAccessor(ReflectionFactory.java:186)
	at java.base/java.lang.reflect.Field.acquireFieldAccessor(Field.java:1105)
	at java.base/java.lang.reflect.Field.getFieldAccessor(Field.java:1086)
	at java.base/java.lang.reflect.Field.get(Field.java:418)
	at io.undertow.core@2.3.15.Final//io.undertow.server.protocol.http.HttpRequestParser.httpStrings(HttpRequestParser.java:921)
	at io.undertow.core@2.3.15.Final//io.undertow.server.protocol.http.HttpRequestParser$$generated.<clinit>(Unknown Source)
	at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
	at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
	at java.base/jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
	at java.base/java.lang.reflect.Constructor.newInstance(Constructor.java:490)
	at io.undertow.core@2.3.15.Final//io.undertow.server.protocol.http.HttpRequestParser.instance(HttpRequestParser.java:228)
	at io.undertow.core@2.3.15.Final//io.undertow.server.protocol.http.HttpOpenListener.<init>(HttpOpenListener.java:93)
	at io.undertow.core@2.3.15.Final//io.undertow.Undertow.start(Undertow.java:182)
	at deployment.logging-test.jar//org.wildfly.test.undertow.UndertowService.start(UndertowService.java:37)
	at org.jboss.msc@1.5.5.Final//org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1617)
	at org.jboss.msc@1.5.5.Final//org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1580)
	... 6 more
Caused by: java.security.AccessControlException: WFSM000001: Permission check failed (permission "("java.lang.reflect.ReflectPermission" "suppressAccessChecks")" in code source "(vfs:/content/logging-test.jar <no signer certificates>)" of "ModuleClassLoader for Module "deployment.logging-test.jar" from Service Module Loader")
	at org.wildfly.security.elytron-base@2.5.0.Final//org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:309)
	at org.wildfly.security.elytron-base@2.5.0.Final//org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:201)
	at java.base/java.lang.reflect.AccessibleObject.checkPermission(AccessibleObject.java:83)
	at java.base/java.lang.reflect.Field.setAccessible(Field.java:169)
	at io.undertow.core@2.3.15.Final//io.undertow.util.HttpString.<clinit>(HttpString.java:56)
	... 26 more

      I don't know if this is why the test in the above linked test job failed; it seems odd that it would be as I think this problem is likely affecting many tests and the Undertow HttpString class that does something needing a permission is unchanged for years.

      I expect this affects many tests using org.jboss.as.test.manualmode.logging.AbstractLoggingTestCase.

              jperkins-rhn James Perkins
              bstansbe@redhat.com Brian Stansberry
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: