package jrds.agent;

import java.io.File;
import java.io.FilePermission;
import java.lang.reflect.InvocationTargetException;
import java.security.Permission;
import java.security.Permissions;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.TreeSet;
import java.util.concurrent.ConcurrentHashMap;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import jrds.agent.Start;

/* loaded from: input_file:jrds/agent/AgentSecurityManager.class */
public class AgentSecurityManager extends SecurityManager {
    private static final ThreadLocal<PrivilegHolder> Privilege = ThreadLocal.withInitial(() -> {
        return new PrivilegHolder();
    });
    private final Set<String> permUsed;
    private final Set<String> permCreated;
    private final ThreadLocal<Matcher> procinfoMatcher;
    private final ThreadLocal<Matcher> diskMatcher;
    private final boolean debugPerm;
    private final Permissions allowed = new Permissions();
    private final Set<String> filesallowed = Collections.newSetFromMap(new ConcurrentHashMap());

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:jrds/agent/AgentSecurityManager$PrivilegHolder.class */
    public static final class PrivilegHolder {
        private boolean privileged = false;

        private PrivilegHolder() {
        }
    }

    public AgentSecurityManager(boolean z, Start.PROTOCOL protocol) {
        this.debugPerm = z;
        Pattern compile = Pattern.compile("/proc/\\d+(/(cmdline|io|stat|statm|smaps|exe))?");
        this.procinfoMatcher = ThreadLocal.withInitial(() -> {
            return compile.matcher("");
        });
        Pattern compile2 = Pattern.compile("/dev/((sd|hd|xvd|vd)[a-z]+\\d*|cciss/c\\dd\\d(p\\d+)?|nvme\\d+n\\d+(p\\d+)?|disk/by-[a-z]+/.*|mapper/.*|dm-\\d+|[0-9a-z]{33})");
        this.diskMatcher = ThreadLocal.withInitial(() -> {
            return compile2.matcher("");
        });
        if (z) {
            this.permUsed = Collections.newSetFromMap(new ConcurrentHashMap());
            this.permCreated = Collections.newSetFromMap(new ConcurrentHashMap());
            Runtime.getRuntime().addShutdownHook(new Thread(() -> {
                Iterator it = new HashSet(this.permCreated).iterator();
                while (it.hasNext()) {
                    String str = (String) it.next();
                    if (this.permUsed.contains(str + " =")) {
                        this.permCreated.remove(str);
                    }
                }
                Iterator<String> it2 = this.permCreated.iterator();
                while (it2.hasNext()) {
                    this.permUsed.add(it2.next() + " +");
                }
                Iterator it3 = new TreeSet(this.permUsed).iterator();
                while (it3.hasNext()) {
                    System.out.println((String) it3.next());
                }
            }));
        } else {
            this.permUsed = null;
            this.permCreated = null;
        }
        FilePermission filePermission = new FilePermission(System.getProperty("java.home") + File.separator + "-", "read");
        this.allowed.add(filePermission);
        if (z) {
            this.permCreated.add(filePermission.toString());
        }
        Map<String, Set<Permission>> permsSets = getPermsSets();
        for (Permission permission : permsSets.get("common")) {
            this.allowed.add(permission);
            if (z) {
                this.permCreated.add(permission.toString());
            }
        }
        for (Permission permission2 : permsSets.get("forprobes")) {
            this.allowed.add(permission2);
            if (z) {
                this.permCreated.add(permission2.toString());
            }
        }
        for (Permission permission3 : permsSets.get(protocol.name())) {
            this.allowed.add(permission3);
            if (z) {
                this.permCreated.add(permission3.toString());
            }
        }
        this.allowed.setReadOnly();
    }

    /* JADX WARN: Removed duplicated region for block: B:61:0x01bd  */
    @Override // java.lang.SecurityManager
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void checkPermission(java.security.Permission r6) {
        /*
            Method dump skipped, instructions count: 604
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: jrds.agent.AgentSecurityManager.checkPermission(java.security.Permission):void");
    }

    /* JADX WARN: Multi-variable type inference failed */
    private Map<String, Set<Permission>> getPermsSets() {
        HashMap hashMap = new HashMap();
        HashMap hashMap2 = new HashMap();
        hashMap.put("common", new String[]{new String[]{"java.lang.RuntimePermission", "accessDeclaredMembers"}, new String[]{"java.lang.RuntimePermission", "createClassLoader"}, new String[]{"java.lang.RuntimePermission", "fileSystemProvider"}, new String[]{"java.lang.RuntimePermission", "getClassLoader"}, new String[]{"java.lang.RuntimePermission", "getFileSystemAttributes"}, new String[]{"java.lang.RuntimePermission", "getProtectionDomain"}, new String[]{"java.lang.RuntimePermission", "loadLibrary.net"}, new String[]{"java.lang.RuntimePermission", "modifyThread"}, new String[]{"java.lang.RuntimePermission", "modifyThreadGroup"}, new String[]{"java.lang.RuntimePermission", "readFileDescriptor"}, new String[]{"java.lang.RuntimePermission", "setContextClassLoader"}, new String[]{"java.lang.RuntimePermission", "writeFileDescriptor"}, new String[]{"java.lang.RuntimePermission", "accessSystemModules"}, new String[]{"java.lang.RuntimePermission", "accessClassInPackage.jdk.internal.reflect"}, new String[]{"java.lang.reflect.ReflectPermission", "suppressAccessChecks"}, new String[]{"java.net.NetPermission", "specifyStreamHandler"}, new String[]{"java.net.NetPermission", "setSocketImpl"}, new String[]{"java.util.logging.LoggingPermission", "control", ""}, new String[]{"java.util.PropertyPermission", "java.nio.file.spi.DefaultFileSystemProvider", "read"}, new String[]{"java.util.PropertyPermission", "jdk.logging.allowStackWalkSearch", "read"}, new String[]{"java.util.PropertyPermission", "jdk.net.ephemeralPortRange.high", "read"}, new String[]{"java.util.PropertyPermission", "jdk.net.ephemeralPortRange.low", "read"}, new String[]{"java.util.PropertyPermission", "sun.jnu.encoding", "read"}, new String[]{"java.util.PropertyPermission", "sun.nio.fs.chdirAllowed", "read"}});
        hashMap.put("forprobes", new String[]{new String[]{"java.io.FilePermission", "/proc", "read"}, new String[]{"java.io.FilePermission", "/proc/*", "read"}, new String[]{"java.io.FilePermission", "/proc/net/*", "read"}, new String[]{"java.io.FilePermission", "/proc/net/rpc/*", "read"}, new String[]{"java.io.FilePermission", "/sys/devices/system/node/-", "read"}, new String[]{"java.io.FilePermission", "/dev/mapper/-", "read"}, new String[]{"java.io.FilePermission", "/dev/disk/-", "read"}});
        hashMap.put(Start.PROTOCOL.rmi.name(), new String[]{new String[]{"java.io.SerializablePermission", "enableSubstitution"}, new String[]{"java.lang.RuntimePermission", "accessClassInPackage.sun.reflect"}, new String[]{"java.lang.RuntimePermission", "getProtectionDomain"}, new String[]{"java.lang.RuntimePermission", "loadLibrary.rmi"}, new String[]{"java.lang.RuntimePermission", "reflectionFactoryAccess"}, new String[]{"java.lang.RuntimePermission", "sun.rmi.runtime.RuntimeUtil.getInstance"}, new String[]{"java.net.SocketPermission", "*", "accept,resolve"}, new String[]{"java.security.SecurityPermission", "getPolicy"}, new String[]{"java.util.PropertyPermission", "java.rmi.server.RMIClassLoaderSpi", "read"}, new String[]{"java.util.PropertyPermission", "java.rmi.server.codebase", "read"}, new String[]{"java.util.PropertyPermission", "java.rmi.server.useCodebaseOnly", "read"}, new String[]{"java.util.PropertyPermission", "jdk.internal.lambda.dumpProxyClasses", "read"}, new String[]{"java.util.PropertyPermission", "sun.io.serialization.extendedDebugInfo", "read"}, new String[]{"java.util.PropertyPermission", "sun.net.maxDatagramSockets", "read"}, new String[]{"java.util.PropertyPermission", "sun.rmi.dgc.ackTimeout", "read"}, new String[]{"java.util.PropertyPermission", "sun.rmi.loader.logLevel", "read"}, new String[]{"java.util.PropertyPermission", "sun.rmi.transport.connectionTimeout", "read"}, new String[]{"java.util.PropertyPermission", "sun.rmi.transport.tcp.handshakeTimeout", "read"}, new String[]{"java.util.PropertyPermission", "sun.rmi.transport.tcp.responseTimeout", "read"}, new String[]{"java.util.PropertyPermission", "sun.util.logging.disableCallerCheck", "read"}});
        hashMap.put(Start.PROTOCOL.jmx.name(), new String[]{new String[]{"java.io.SerializablePermission", "enableSubstitution"}, new String[]{"java.io.SerializablePermission", "serialFilter"}, new String[]{"java.lang.RuntimePermission", "accessClassInPackage.sun.reflect"}, new String[]{"java.lang.RuntimePermission", "accessClassInPackage.sun.reflect.misc"}, new String[]{"java.net.NetPermission", "getProxySelector"}, new String[]{"java.net.SocketPermission", "*", "accept,listen,resolve"}, new String[]{"java.security.SecurityPermission", "getPolicy"}, new String[]{"java.util.PropertyPermission", "java.rmi.server.hostname", "read"}, new String[]{"java.util.PropertyPermission", "java.rmi.server.randomIDs", "read"}, new String[]{"java.util.PropertyPermission", "socksProxyHost", "read"}, new String[]{"java.util.PropertyPermission", "sun.net.maxDatagramSockets", "read"}, new String[]{"javax.management.MBeanPermission", "-#-[-]", "getClassLoaderRepository"}, new String[]{"javax.management.MBeanPermission", "jrds.agent.RProbeJMXImpl#-[jrds:type=agent]", "getClassLoaderFor"}, new String[]{"javax.management.MBeanPermission", "jrds.agent.RProbeJMXImpl#prepare[jrds:type=agent]", "invoke"}, new String[]{"javax.management.MBeanPermission", "jrds.agent.RProbeJMXImpl#query[jrds:type=agent]", "invoke"}, new String[]{"javax.management.MBeanPermission", "jrds.agent.RProbeJMXImpl#Uptime[jrds:type=agent]", "getAttribute"}, new String[]{"javax.management.MBeanPermission", "jrds.agent.RProbeJMXImpl#-[jrds:type=agent]", "getClassLoaderFor"}, new String[]{"javax.management.MBeanPermission", "sun.management.RuntimeImpl#Uptime[java.lang:type=Runtime]", "getAttribute"}});
        hashMap.put(Start.PROTOCOL.jmxmp.name(), new String[]{new String[]{"java.io.FilePermission", "/dev/random", "read"}, new String[]{"java.io.FilePermission", "/dev/urandom", "read"}, new String[]{"java.lang.RuntimePermission", "accessClassInPackage.sun.reflect"}, new String[]{"java.lang.RuntimePermission", "accessClassInPackage.sun.reflect.misc"}, new String[]{"java.lang.RuntimePermission", "accessClassInPackage.sun.security.provider"}, new String[]{"java.net.SocketPermission", "*", "accept,resolve"}, new String[]{"java.security.SecurityPermission", "getProperty.securerandom.source"}, new String[]{"java.security.SecurityPermission", "putProviderProperty.SUN"}, new String[]{"java.util.PropertyPermission", "com.sun.jmx.remote.bug.compatible", "read"}, new String[]{"java.util.PropertyPermission", "java.security.egd", "read"}, new String[]{"java.util.PropertyPermission", "os.arch", "read"}, new String[]{"java.util.PropertyPermission", "sun.net.maxDatagramSockets", "read"}, new String[]{"java.util.PropertyPermission", "sun.util.logging.disableCallerCheck", "read"}, new String[]{"javax.management.MBeanPermission", "-#-[-]", "getClassLoaderRepository"}, new String[]{"javax.management.MBeanPermission", "jrds.agent.RProbeJMXImpl#-[jrds:type=agent]", "getClassLoaderFor"}, new String[]{"javax.management.MBeanPermission", "jrds.agent.RProbeJMXImpl#prepare[jrds:type=agent]", "invoke"}, new String[]{"javax.management.MBeanPermission", "jrds.agent.RProbeJMXImpl#query[jrds:type=agent]", "invoke"}, new String[]{"javax.management.MBeanPermission", "jrds.agent.RProbeJMXImpl#Uptime[jrds:type=agent]", "getAttribute"}, new String[]{"javax.management.MBeanPermission", "sun.management.RuntimeImpl#Uptime[java.lang:type=Runtime]", "getAttribute"}});
        hashMap.put(Start.PROTOCOL.jolokia.name(), new String[]{new String[]{"java.io.FilePermission", "/usr/share/javazi", "read"}, new String[]{"java.io.FilePermission", "/usr/share/javazi/-", "read"}, new String[]{"java.lang.RuntimePermission", "accessClassInPackage.sun.reflect"}, new String[]{"java.lang.RuntimePermission", "accessClassInPackage.sun.reflect"}, new String[]{"java.lang.RuntimePermission", "accessClassInPackage.sun.reflect.misc"}, new String[]{"java.lang.RuntimePermission", "accessClassInPackage.sun.text.resources"}, new String[]{"java.lang.RuntimePermission", "accessClassInPackage.sun.text.resources.*"}, new String[]{"java.lang.RuntimePermission", "accessClassInPackage.sun.util.resources"}, new String[]{"java.lang.RuntimePermission", "accessClassInPackage.sun.util.resources.*"}, new String[]{"java.lang.RuntimePermission", "loadLibrary.nio"}, new String[]{"java.net.SocketPermission", "*", "accept,resolve"}, new String[]{"java.util.PropertyPermission", "java.home", "read"}, new String[]{"java.util.PropertyPermission", "java.util.currency.data", "read"}, new String[]{"java.util.PropertyPermission", "jdk.logging.allowStackWalkSearch", "read"}, new String[]{"java.util.PropertyPermission", "jdk.net.revealLocalAddress", "read"}, new String[]{"java.util.PropertyPermission", "line.separator", "read"}, new String[]{"java.util.PropertyPermission", "sun.timezone.ids.oldmapping", "read"}, new String[]{"java.util.PropertyPermission", "user.country", "read"}, new String[]{"java.util.PropertyPermission", "user.dir", "read"}, new String[]{"java.util.PropertyPermission", "user.timezone", "read,write"}, new String[]{"javax.management.MBeanPermission", "jrds.agent.RProbeJolokiaImpl#-[jrds:type=agent]", "getMBeanInfo"}, new String[]{"javax.management.MBeanPermission", "jrds.agent.RProbeJolokiaImpl#Uptime[jrds:type=agent]", "getAttribute"}, new String[]{"javax.management.MBeanPermission", "jrds.agent.RProbeJolokiaImpl#prepare[jrds:type=agent]", "invoke"}, new String[]{"javax.management.MBeanPermission", "jrds.agent.RProbeJolokiaImpl#query[jrds:type=agent]", "invoke"}});
        Class[] clsArr = {new Class[]{String.class}, new Class[]{String.class, String.class}};
        for (Map.Entry entry : hashMap.entrySet()) {
            String str = (String) entry.getKey();
            HashSet hashSet = new HashSet();
            hashMap2.put(str, hashSet);
            for (String[] strArr : (String[][]) entry.getValue()) {
                String str2 = strArr[0];
                String[] strArr2 = (String[]) Arrays.copyOfRange(strArr, 1, strArr.length);
                try {
                    hashSet.add((Permission) Start.class.getClassLoader().loadClass(str2).getConstructor(clsArr[strArr2.length - 1]).newInstance(strArr2));
                } catch (ClassNotFoundException | IllegalAccessException | IllegalArgumentException | InstantiationException | NoSuchMethodException | SecurityException | InvocationTargetException e) {
                    throw new IllegalArgumentException("Can't add permission " + str2 + "(" + strArr2[0] + ")", e);
                }
            }
        }
        for (String str3 : System.getProperty("java.endorsed.dirs", "").split(File.pathSeparator)) {
            ((Set) hashMap2.get("common")).add(new FilePermission(str3 + "/*", "read"));
        }
        for (String str4 : System.getProperty("java.ext.dirs", "").split(File.pathSeparator)) {
            ((Set) hashMap2.get("common")).add(new FilePermission(str4 + "/*", "read"));
        }
        return hashMap2;
    }
}
