Remove doPrivileged uses from server

Now that SecurityManager is no longer used, doPrivileged is no longer
necessary. This commit removes uses of it from core and server

Author: rjernst

libs/core/src/main/java/org/elasticsearch/core/internal/provider/EmbeddedImplClassLoader.java

@@ -23,10 +23,8 @@
 import java.nio.file.FileSystems;
 import java.nio.file.Files;
 import java.nio.file.Path;
-import java.security.AccessController;
 import java.security.CodeSigner;
 import java.security.CodeSource;
-import java.security.PrivilegedAction;
 import java.security.SecureClassLoader;
 import java.util.ArrayList;
 import java.util.Collections;
@@ -96,8 +94,7 @@ record JarMeta(String prefix, boolean isMultiRelease, Set<String> packages, Map<
     private final ClassLoader parent;
 
     static EmbeddedImplClassLoader getInstance(ClassLoader parent, String providerName) {
-        PrivilegedAction<EmbeddedImplClassLoader> pa = () -> new EmbeddedImplClassLoader(parent, getProviderPrefixes(parent, providerName));
-        return AccessController.doPrivileged(pa);
+        return new EmbeddedImplClassLoader(parent, getProviderPrefixes(parent, providerName));
     }
 
     private EmbeddedImplClassLoader(ClassLoader parent, Map<JarMeta, CodeSource> prefixToCodeBase) {
@@ -120,14 +117,12 @@ private EmbeddedImplClassLoader(ClassLoader parent, Map<JarMeta, CodeSource> pre
     record Resource(InputStream inputStream, CodeSource codeSource) {}
 
     /** Searches for the named resource. Iterates over all prefixes. */
-    private Resource privilegedGetResourceOrNull(JarMeta jarMeta, String pkg, String filepath) {
-        return AccessController.doPrivileged((PrivilegedAction<Resource>) () -> {
-            InputStream is = findResourceInLoaderPkgOrNull(jarMeta, pkg, filepath, parent::getResourceAsStream);
-            if (is != null) {
-                return new Resource(is, prefixToCodeBase.get(jarMeta.prefix()));
-            }
-            return null;
-        });
+    private Resource getResourceOrNull(JarMeta jarMeta, String pkg, String filepath) {
+        InputStream is = findResourceInLoaderPkgOrNull(jarMeta, pkg, filepath, parent::getResourceAsStream);
+        if (is != null) {
+            return new Resource(is, prefixToCodeBase.get(jarMeta.prefix()));
+        }
+        return null;
     }
 
     @Override
@@ -148,7 +143,7 @@ public Class<?> findClass(String name) throws ClassNotFoundException {
         String pkg = toPackageName(filepath);
         JarMeta jarMeta = packageToJarMeta.get(pkg);
         if (jarMeta != null) {
-            Resource res = privilegedGetResourceOrNull(jarMeta, pkg, filepath);
+            Resource res = getResourceOrNull(jarMeta, pkg, filepath);
             if (res != null) {
                 try (InputStream in = res.inputStream()) {
                     byte[] bytes = in.readAllBytes();

libs/core/src/main/java/org/elasticsearch/core/internal/provider/ProviderLocator.java

@@ -97,10 +97,9 @@ public ProviderLocator(String providerName, Class<T> providerType, String provid
     @Override
     public T get() {
         try {
-            PrivilegedExceptionAction<T> pa = this::load;
-            return AccessController.doPrivileged(pa);
-        } catch (PrivilegedActionException e) {
-            throw new UncheckedIOException((IOException) e.getCause());
+            return load();
+        } catch (IOException e) {
+            throw new UncheckedIOException(e);
         }
     }
 

server/src/main/java/org/elasticsearch/bootstrap/ElasticsearchUncaughtExceptionHandler.java

@@ -11,11 +11,8 @@
 
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
-import org.elasticsearch.core.SuppressForbidden;
 
 import java.io.IOError;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
 
 class ElasticsearchUncaughtExceptionHandler implements Thread.UncaughtExceptionHandler {
     private static final Logger logger = LogManager.getLogger(ElasticsearchUncaughtExceptionHandler.class);
@@ -53,41 +50,16 @@ static boolean isFatalUncaught(Throwable e) {
 
     void onFatalUncaught(final String threadName, final Throwable t) {
         final String message = "fatal error in thread [" + threadName + "], exiting";
-        logErrorMessage(t, message);
+        logger.error(message, t);
     }
 
     void onNonFatalUncaught(final String threadName, final Throwable t) {
         final String message = "uncaught exception in thread [" + threadName + "]";
-        logErrorMessage(t, message);
-    }
-
-    private static void logErrorMessage(Throwable t, String message) {
-        AccessController.doPrivileged((PrivilegedAction<Void>) () -> {
-            logger.error(message, t);
-            return null;
-        });
+        logger.error(message, t);
     }
 
     void halt(int status) {
-        AccessController.doPrivileged(new PrivilegedHaltAction(status));
+        // we halt to prevent shutdown hooks from running
+        Runtime.getRuntime().halt(status);
     }
-
-    static class PrivilegedHaltAction implements PrivilegedAction<Void> {
-
-        private final int status;
-
-        private PrivilegedHaltAction(final int status) {
-            this.status = status;
-        }
-
-        @SuppressForbidden(reason = "halt")
-        @Override
-        public Void run() {
-            // we halt to prevent shutdown hooks from running
-            Runtime.getRuntime().halt(status);
-            return null;
-        }
-
-    }
-
 }

server/src/main/java/org/elasticsearch/common/blobstore/fs/FsBlobStore.java

@@ -18,8 +18,6 @@
 import java.io.IOException;
 import java.nio.file.Files;
 import java.nio.file.Path;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
 import java.util.Iterator;
 import java.util.List;
 
@@ -57,14 +55,11 @@ public int bufferSizeInBytes() {
     public BlobContainer blobContainer(BlobPath path) {
         Path f = buildPath(path);
         if (readOnly == false) {
-            AccessController.doPrivileged((PrivilegedAction<Void>) () -> {
-                try {
-                    Files.createDirectories(f);
-                } catch (IOException ex) {
-                    throw new ElasticsearchException("failed to create blob container", ex);
-                }
-                return null;
-            });
+            try {
+                Files.createDirectories(f);
+            } catch (IOException ex) {
+                throw new ElasticsearchException("failed to create blob container", ex);
+            }
         }
         return new FsBlobContainer(this, path, f);
     }

server/src/main/java/org/elasticsearch/common/logging/DeprecationLogger.java

@@ -15,8 +15,6 @@
 import org.elasticsearch.common.regex.Regex;
 import org.elasticsearch.common.settings.Settings;
 
-import java.security.AccessController;
-import java.security.PrivilegedAction;
 import java.util.Collections;
 import java.util.List;
 
@@ -119,18 +117,11 @@ private DeprecationLogger logDeprecation(Level level, DeprecationCategory catego
             String opaqueId = HeaderWarning.getXOpaqueId();
             String productOrigin = HeaderWarning.getProductOrigin();
             ESLogMessage deprecationMessage = DeprecatedMessage.of(category, key, opaqueId, productOrigin, msg, params);
-            doPrivilegedLog(level, deprecationMessage);
+            logger.log(level, deprecationMessage);
         }
         return this;
     }
 
-    private void doPrivilegedLog(Level level, ESLogMessage deprecationMessage) {
-        AccessController.doPrivileged((PrivilegedAction<Void>) () -> {
-            logger.log(level, deprecationMessage);
-            return null;
-        });
-    }
-
     /**
      * Used for handling previous version RestApiCompatible logic.
      * Logs a message at the {@link DeprecationLogger#CRITICAL} level

server/src/main/java/org/elasticsearch/common/util/concurrent/EsExecutors.java

@@ -17,8 +17,6 @@
 import org.elasticsearch.core.SuppressForbidden;
 import org.elasticsearch.node.Node;
 
-import java.security.AccessController;
-import java.security.PrivilegedAction;
 import java.util.List;
 import java.util.Optional;
 import java.util.concurrent.AbstractExecutorService;
@@ -393,11 +391,9 @@ static class EsThreadFactory implements ThreadFactory {
 
         @Override
         public Thread newThread(Runnable r) {
-            return AccessController.doPrivileged((PrivilegedAction<Thread>) () -> {
-                Thread t = new EsThread(group, r, namePrefix + "[T#" + threadNumber.getAndIncrement() + "]", 0, isSystem);
-                t.setDaemon(true);
-                return t;
-            });
+            Thread t = new EsThread(group, r, namePrefix + "[T#" + threadNumber.getAndIncrement() + "]", 0, isSystem);
+            t.setDaemon(true);
+            return t;
         }
     }
 

server/src/main/java/org/elasticsearch/index/codec/vectors/reflect/AssertingKnnVectorsReaderReflect.java

@@ -14,8 +14,6 @@
 
 import java.lang.invoke.MethodHandle;
 import java.lang.invoke.MethodHandles;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
 
 /**
  * Reflective access to unwrap non-accessible delegate in AssertingKnnVectorsReader.
@@ -52,25 +50,13 @@ private static MethodHandle getDelegateFieldHandle() {
             if (cls == null) {
                 return MethodHandles.throwException(KnnVectorsReader.class, AssertionError.class);
             }
-            var lookup = privilegedPrivateLookupIn(cls, MethodHandles.lookup());
+            var lookup = MethodHandles.privateLookupIn((cls, MethodHandles.lookup());
             return lookup.findGetter(cls, "delegate", KnnVectorsReader.class);
         } catch (ReflectiveOperationException e) {
             throw new AssertionError(e);
         }
     }
 
-    @SuppressWarnings("removal")
-    static MethodHandles.Lookup privilegedPrivateLookupIn(Class<?> cls, MethodHandles.Lookup lookup) throws IllegalAccessException {
-        PrivilegedAction<MethodHandles.Lookup> pa = () -> {
-            try {
-                return MethodHandles.privateLookupIn(cls, lookup);
-            } catch (IllegalAccessException e) {
-                throw new AssertionError("should not happen, check opens", e);
-            }
-        };
-        return AccessController.doPrivileged(pa);
-    }
-
     static void handleThrowable(Throwable t) {
         if (t instanceof Error error) {
             throw error;

server/src/main/java/org/elasticsearch/index/codec/vectors/reflect/OffHeapReflectionUtils.java

@@ -26,8 +26,6 @@
 import java.lang.invoke.MethodHandle;
 import java.lang.invoke.MethodHandles;
 import java.lang.invoke.VarHandle;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
 import java.util.Map;
 
 import static java.lang.invoke.MethodType.methodType;
@@ -91,62 +89,62 @@ private OffHeapReflectionUtils() {}
         try {
             // Lucene99ScalarQuantizedVectorsReader
             var cls = Class.forName("org.apache.lucene.codecs.lucene99.Lucene99ScalarQuantizedVectorsReader$FieldEntry");
-            var lookup = privilegedPrivateLookupIn(L99_SQ_VR_CLS, MethodHandles.lookup());
+            var lookup = MethodHandles.privateLookupIn(L99_SQ_VR_CLS, MethodHandles.lookup());
             var mt = methodType(cls, String.class);
             GET_FIELD_ENTRY_HNDL_SQ = lookup.findVirtual(L99_SQ_VR_CLS, "getFieldEntry", mt);
             GET_VECTOR_DATA_LENGTH_HANDLE_SQ = lookup.findVirtual(cls, "vectorDataLength", methodType(long.class));
             RAW_VECTORS_READER_HNDL_SQ = lookup.findVarHandle(L99_SQ_VR_CLS, "rawVectorsReader", FlatVectorsReader.class);
             // Lucene99FlatVectorsReader
             cls = Class.forName("org.apache.lucene.codecs.lucene99.Lucene99FlatVectorsReader$FieldEntry");
-            lookup = privilegedPrivateLookupIn(L99_FLT_VR_CLS, MethodHandles.lookup());
+            lookup = MethodHandles.privateLookupIn(L99_FLT_VR_CLS, MethodHandles.lookup());
             mt = methodType(cls, String.class, VectorEncoding.class);
             GET_FIELD_ENTRY_HANDLE_L99FLT = lookup.findVirtual(L99_FLT_VR_CLS, "getFieldEntry", mt);
             VECTOR_DATA_LENGTH_HANDLE_L99FLT = lookup.findVirtual(cls, "vectorDataLength", methodType(long.class));
             // DirectIOLucene99FlatVectorsReader
             cls = Class.forName("org.elasticsearch.index.codec.vectors.es818.DirectIOLucene99FlatVectorsReader$FieldEntry");
-            lookup = privilegedPrivateLookupIn(DIOL99_FLT_VR_CLS, MethodHandles.lookup());
+            lookup = MethodHandles.privateLookupIn(DIOL99_FLT_VR_CLS, MethodHandles.lookup());
             mt = methodType(cls, String.class, VectorEncoding.class);
             GET_FIELD_ENTRY_HANDLE_DIOL99FLT = lookup.findVirtual(DIOL99_FLT_VR_CLS, "getFieldEntry", mt);
             VECTOR_DATA_LENGTH_HANDLE_DIOL99FLT = lookup.findVirtual(cls, "vectorDataLength", methodType(long.class));
             // Lucene99HnswVectorsReader
             cls = Class.forName("org.apache.lucene.codecs.lucene99.Lucene99HnswVectorsReader$FieldEntry");
-            lookup = privilegedPrivateLookupIn(L99_HNSW_VR_CLS, MethodHandles.lookup());
+            lookup = MethodHandles.privateLookupIn(L99_HNSW_VR_CLS, MethodHandles.lookup());
             mt = methodType(cls, String.class, VectorEncoding.class);
             GET_FIELD_ENTRY_HANDLE_L99HNSW = lookup.findVirtual(L99_HNSW_VR_CLS, "getFieldEntry", mt);
             GET_VECTOR_INDEX_LENGTH_HANDLE_L99HNSW = lookup.findVirtual(cls, "vectorIndexLength", methodType(long.class));
-            lookup = privilegedPrivateLookupIn(L99_HNSW_VR_CLS, MethodHandles.lookup());
+            lookup = MethodHandles.privateLookupIn(L99_HNSW_VR_CLS, MethodHandles.lookup());
             FLAT_VECTORS_READER_HNDL_L99HNSW = lookup.findVarHandle(L99_HNSW_VR_CLS, "flatVectorsReader", FlatVectorsReader.class);
             // Lucene90HnswVectorsReader
             cls = Class.forName("org.apache.lucene.backward_codecs.lucene90.Lucene90HnswVectorsReader$FieldEntry");
-            lookup = privilegedPrivateLookupIn(L90_HNSW_VR_CLS, MethodHandles.lookup());
+            lookup = MethodHandles.privateLookupIn(L90_HNSW_VR_CLS, MethodHandles.lookup());
             mt = methodType(cls, String.class);
             GET_FIELD_ENTRY_HANDLE_L90HNSW = lookup.findVirtual(L90_HNSW_VR_CLS, "getFieldEntry", mt);
             GET_VECTOR_INDEX_LENGTH_HANDLE_L90HNSW = lookup.findVirtual(cls, "indexDataLength", methodType(long.class));
             GET_VECTOR_DATA_LENGTH_HANDLE_L90HNSW = lookup.findVirtual(cls, "vectorDataLength", methodType(long.class));
             // Lucene91HnswVectorsReader
             cls = Class.forName("org.apache.lucene.backward_codecs.lucene91.Lucene91HnswVectorsReader$FieldEntry");
-            lookup = privilegedPrivateLookupIn(L91_HNSW_VR_CLS, MethodHandles.lookup());
+            lookup = MethodHandles.privateLookupIn(L91_HNSW_VR_CLS, MethodHandles.lookup());
             mt = methodType(cls, String.class);
             GET_FIELD_ENTRY_HANDLE_L91HNSW = lookup.findVirtual(L91_HNSW_VR_CLS, "getFieldEntry", mt);
             GET_VECTOR_INDEX_LENGTH_HANDLE_L91HNSW = lookup.findVirtual(cls, "vectorIndexLength", methodType(long.class));
             GET_VECTOR_DATA_LENGTH_HANDLE_L91HNSW = lookup.findVirtual(cls, "vectorDataLength", methodType(long.class));
             // Lucene92HnswVectorsReader
             cls = Class.forName("org.apache.lucene.backward_codecs.lucene92.Lucene92HnswVectorsReader$FieldEntry");
-            lookup = privilegedPrivateLookupIn(L92_HNSW_VR_CLS, MethodHandles.lookup());
+            lookup = MethodHandles.privateLookupIn(L92_HNSW_VR_CLS, MethodHandles.lookup());
             mt = methodType(cls, String.class);
             GET_FIELD_ENTRY_HANDLE_L92HNSW = lookup.findVirtual(L92_HNSW_VR_CLS, "getFieldEntry", mt);
             GET_VECTOR_INDEX_LENGTH_HANDLE_L92HNSW = lookup.findVirtual(cls, "vectorIndexLength", methodType(long.class));
             GET_VECTOR_DATA_LENGTH_HANDLE_L92HNSW = lookup.findVirtual(cls, "vectorDataLength", methodType(long.class));
             // Lucene94HnswVectorsReader
             cls = Class.forName("org.apache.lucene.backward_codecs.lucene94.Lucene94HnswVectorsReader$FieldEntry");
-            lookup = privilegedPrivateLookupIn(L94_HNSW_VR_CLS, MethodHandles.lookup());
+            lookup = MethodHandles.privateLookupIn(L94_HNSW_VR_CLS, MethodHandles.lookup());
             mt = methodType(cls, String.class, VectorEncoding.class);
             GET_FIELD_ENTRY_HANDLE_L94HNSW = lookup.findVirtual(L94_HNSW_VR_CLS, "getFieldEntry", mt);
             GET_VECTOR_INDEX_LENGTH_HANDLE_L94HNSW = lookup.findVirtual(cls, "vectorIndexLength", methodType(long.class));
             GET_VECTOR_DATA_LENGTH_HANDLE_L94HNSW = lookup.findVirtual(cls, "vectorDataLength", methodType(long.class));
             // Lucene95HnswVectorsReader
             cls = Class.forName("org.apache.lucene.backward_codecs.lucene95.Lucene95HnswVectorsReader$FieldEntry");
-            lookup = privilegedPrivateLookupIn(L95_HNSW_VR_CLS, MethodHandles.lookup());
+            lookup = MethodHandles.privateLookupIn(L95_HNSW_VR_CLS, MethodHandles.lookup());
             mt = methodType(cls, String.class, VectorEncoding.class);
             GET_FIELD_ENTRY_HANDLE_L95HNSW = lookup.findVirtual(L95_HNSW_VR_CLS, "getFieldEntry", mt);
             GET_VECTOR_INDEX_LENGTH_HANDLE_L95HNSW = lookup.findVirtual(cls, "vectorIndexLength", methodType(long.class));
@@ -278,18 +276,6 @@ static Map<String, Long> getOffHeapByteSizeL95HNSW(Lucene95HnswVectorsReader rea
         throw new AssertionError("should not reach here");
     }
 
-    @SuppressWarnings("removal")
-    private static MethodHandles.Lookup privilegedPrivateLookupIn(Class<?> cls, MethodHandles.Lookup lookup) {
-        PrivilegedAction<MethodHandles.Lookup> pa = () -> {
-            try {
-                return MethodHandles.privateLookupIn(cls, lookup);
-            } catch (IllegalAccessException e) {
-                throw new AssertionError("should not happen, check opens", e);
-            }
-        };
-        return AccessController.doPrivileged(pa);
-    }
-
     private static void handleThrowable(Throwable t) {
         if (t instanceof Error error) {
             throw error;

server/src/main/java/org/elasticsearch/plugins/ExtendedPluginsClassLoader.java

@@ -9,8 +9,6 @@
 
 package org.elasticsearch.plugins;
 
-import java.security.AccessController;
-import java.security.PrivilegedAction;
 import java.util.Collections;
 import java.util.List;
 
@@ -43,8 +41,6 @@ protected Class<?> findClass(String name) throws ClassNotFoundException {
      * Return a new classloader across the parent and extended loaders.
      */
     public static ExtendedPluginsClassLoader create(ClassLoader parent, List<ClassLoader> extendedLoaders) {
-        return AccessController.doPrivileged(
-            (PrivilegedAction<ExtendedPluginsClassLoader>) () -> new ExtendedPluginsClassLoader(parent, extendedLoaders)
-        );
+        return new ExtendedPluginsClassLoader(parent, extendedLoaders);
     }
 }