Revert "[Entitlements] Exclude java.desktop from system modules (#124563)"

This reverts commit d844c6a.

Author: prdoyle

libs/entitlement/qa/entitlement-test-plugin/src/main/java/module-info.java

@@ -18,5 +18,4 @@
     requires java.logging;
     requires java.net.http;
     requires jdk.net;
-    requires java.desktop;
 }

libs/entitlement/qa/entitlement-test-plugin/src/main/java/org/elasticsearch/entitlement/qa/test/FileCheckActions.java

@@ -38,8 +38,6 @@
 import java.util.zip.ZipException;
 import java.util.zip.ZipFile;
 
-import javax.imageio.stream.FileImageInputStream;
-
 import static java.nio.charset.Charset.defaultCharset;
 import static java.nio.file.StandardOpenOption.CREATE;
 import static java.nio.file.StandardOpenOption.WRITE;
@@ -591,13 +589,5 @@ static void writeAccessSourcePath() throws IOException, URISyntaxException {
         Files.createFile(file);
     }
 
-    @EntitlementTest(expectedAccess = ALWAYS_DENIED)
-    static void javaDesktopFileAccess() throws Exception {
-        // Test file access from a java.desktop class. We explicitly exclude that module from the "system modules", so we expect
-        // any sensitive operation from java.desktop to fail.
-        var file = EntitledActions.createTempFileForRead();
-        new FileImageInputStream(file.toFile()).close();
-    }
-
     private FileCheckActions() {}
 }

libs/entitlement/src/main/java/org/elasticsearch/entitlement/runtime/policy/PolicyManager.java

@@ -67,8 +67,6 @@ public class PolicyManager {
 
     static final Class<?> DEFAULT_FILESYSTEM_CLASS = PathUtils.getDefaultFileSystem().getClass();
 
-    static final Set<String> MODULES_EXCLUDED_FROM_SYSTEM_MODULES = Set.of("java.desktop");
-
     /**
      * @param componentName the plugin name; or else one of the special component names
      *                      like {@link #SERVER_COMPONENT_NAME} or {@link #APM_AGENT_COMPONENT_NAME}.
@@ -143,13 +141,7 @@ private static Set<Module> findSystemModules() {
             // entitlements is a "system" module, we can do anything from it
             Stream.of(PolicyManager.class.getModule()),
             // anything in the boot layer is also part of the system
-            ModuleLayer.boot()
-                .modules()
-                .stream()
-                .filter(
-                    m -> systemModulesDescriptors.contains(m.getDescriptor())
-                        && MODULES_EXCLUDED_FROM_SYSTEM_MODULES.contains(m.getName()) == false
-                )
+            ModuleLayer.boot().modules().stream().filter(m -> systemModulesDescriptors.contains(m.getDescriptor()))
         ).collect(Collectors.toUnmodifiableSet());
     }