From e19680b70c150035303b5e44a87af70918f3e4a3 Mon Sep 17 00:00:00 2001
From: "gurunandan.rao@oracle.com" <gurunandan.rao@oracle.com>
Date: Wed, 17 Mar 2021 17:46:58 +0530
Subject: [PATCH] allow permission to execute jimage, also access to jdk
 internals.

Signed-off-by: gurunandan.rao@oracle.com <gurunandan.rao@oracle.com>
---
 install/jakartaee/bin/client_policy.append | 6 +++++-
 install/jakartaee/bin/server_policy.append | 6 +++++-
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/install/jakartaee/bin/client_policy.append b/install/jakartaee/bin/client_policy.append
index 3408039b00..d5cfaf6423 100644
--- a/install/jakartaee/bin/client_policy.append
+++ b/install/jakartaee/bin/client_policy.append
@@ -3,7 +3,11 @@ grant {
 /* Required by CTS tests to read, write and delete files */
 /* File io permissions should only exist for appclient and web containers. */
 /* For signature tests, read permission is also required for EJB container. */
-	permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete";
+	permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete,execute";
+  	permission java.lang.RuntimePermission "accessClassInPackage.jdk.internal";
+    permission java.lang.RuntimePermission "accessClassInPackage.jdk.internal.reflect";
+    permission java.lang.RuntimePermission "accessClassInPackage.jdk.internal.vm.annotation";
+    
 
 /* CTS harness requirement */
     permission java.lang.RuntimePermission "setFactory";
diff --git a/install/jakartaee/bin/server_policy.append b/install/jakartaee/bin/server_policy.append
index e30d40246f..5893b02780 100644
--- a/install/jakartaee/bin/server_policy.append
+++ b/install/jakartaee/bin/server_policy.append
@@ -3,7 +3,11 @@ grant {
 /* Required by TS tests to read, write and delete files */
 /* File io permissions should only exist for appclient and web containers. */
 /* For signature tests, read permission is also required for EJB container. */
-	permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete";
+	permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete,execute";
+	permission java.lang.RuntimePermission "accessClassInPackage.jdk.internal";
+    permission java.lang.RuntimePermission "accessClassInPackage.jdk.internal.reflect";
+    permission java.lang.RuntimePermission "accessClassInPackage.jdk.internal.vm.annotation";
+    
 
 /* TS harness requirement */
     permission java.lang.RuntimePermission "setFactory";