From 1b9c53b4d92f13b156d81f9e22cec153d79df8a0 Mon Sep 17 00:00:00 2001
From: Tomas Zezula <tomas.zezula@oracle.com>
Date: Mon, 14 Oct 2019 19:41:41 +0200
Subject: [PATCH] [GR-14245] Add privileged access check detector to the
 JavaScript gate.

---
 vm/mx.vm/mx_vm_gate.py | 51 +++++++++++++++++++++++-------------------
 1 file changed, 28 insertions(+), 23 deletions(-)

diff --git a/vm/mx.vm/mx_vm_gate.py b/vm/mx.vm/mx_vm_gate.py
index c3851e3ea1a5..7f17f0976465 100644
--- a/vm/mx.vm/mx_vm_gate.py
+++ b/vm/mx.vm/mx_vm_gate.py
@@ -31,12 +31,11 @@
 import mx_unittest
 
 import functools
-import tempfile
 from mx_gate import Task
 
 from os import environ, listdir, remove
 from os.path import join, exists, dirname, isdir, isfile, getsize
-from tempfile import NamedTemporaryFile
+from tempfile import NamedTemporaryFile, mkdtemp
 from contextlib import contextmanager
 
 _suite = mx.suite('vm')
@@ -224,27 +223,33 @@ def _svm_truffle_tck(native_image, svm_suite, language_suite, language_id):
     if isdir(excludes_dir):
         for excludes_file in listdir(excludes_dir):
             excludes.append(join(excludes_dir, excludes_file))
-    with tempfile.NamedTemporaryFile() as report_file:
-        options = [
-            '--language:{}'.format(language_id),
-            '-H:ClassInitialization=:build_time',
-            '-H:+EnforceMaxRuntimeCompileMethods',
-            '-cp',
-            cp,
-            '--no-server',
-            '-H:-FoldSecurityManagerGetter',
-            '-H:TruffleTCKPermissionsReportFile={}'.format(report_file.name),
-            'com.oracle.svm.truffle.tck.MockMain'
-        ]
-        if excludes:
-            options.append('-H:TruffleTCKPermissionsExcludeFiles={}'.format(','.join(excludes)))
-        native_image(options)
-        if isfile(report_file.name) and getsize(report_file.name) > 0:
-            message = "Failed: Language {} performs following privileged calls:\n\n".format(language_id)
-            with open(report_file.name, "r") as f:
-                for line in f.readlines():
-                    message = message + line
-            mx.abort(message)
+    svmbuild = mkdtemp()
+    try:
+        with NamedTemporaryFile() as report_file:
+            options = [
+                '--language:{}'.format(language_id),
+                '-H:ClassInitialization=:build_time',
+                '-H:+EnforceMaxRuntimeCompileMethods',
+                '-cp',
+                cp,
+                '--no-server',
+                '-H:-FoldSecurityManagerGetter',
+                '-H:TruffleTCKPermissionsReportFile={}'.format(report_file.name),
+                '-H:Path={}'.format(svmbuild),
+                'com.oracle.svm.truffle.tck.MockMain'
+            ]
+            if excludes:
+                options.append('-H:TruffleTCKPermissionsExcludeFiles={}'.format(','.join(excludes)))
+            native_image(options)
+            if isfile(report_file.name) and getsize(report_file.name) > 0:
+                message = "Failed: Language {} performs following privileged calls:\n\n".format(language_id)
+                with open(report_file.name, "r") as f:
+                    for line in f.readlines():
+                        message = message + line
+                mx.abort(message)
+    finally:
+        mx.rmtree(svmbuild)
+
 
 def gate_svm_truffle_tck_js(tasks):
     with Task('JavaScript SVM Truffle TCK', tasks, tags=[VmGateTasks.svm_truffle_tck_js]) as t: