ClassHierarchyResolver changes for the Classfile object
mandy.chung at oracle.com
mandy.chung at oracle.com
Thu Jun 1 16:10:56 UTC 2023
I don't have an opinion as I'm not close to this area. The javadoc
needs to specify `SecurityException` be thrown if that's the design.
Mandy
On 6/1/23 12:53 AM, Adam Sotona wrote:
>
> I understand the benefits having default class hierarchy resolver
> configuration its own privileged access to the system class loader,
> however such “default” probably should not be available for external
> use and even JDK-internal use differs case by case. I think it should
> be user responsibility to deal with security manager when needed.
>
> Thanks,
>
> Adam
>
> *From: *Mandy Chung <mandy.chung at oracle.com>
> *Date: *Thursday, 1 June 2023 2:47
> *To: *liangchenblue at gmail.com <liangchenblue at gmail.com>, Adam Sotona
> <adam.sotona at oracle.com>
> *Cc: *classfile-api-dev <classfile-api-dev at openjdk.org>
> *Subject: *Re: ClassHierarchyResolver changes for the Classfile object
>
> It's a question to the ClassHierarchyResolver interaction with the
> security manager. Although it's deprecated for removal, we still
> need to consider when it's installed and whether the API would throw
> SecurityException due to the security permission check or the
> implementation is safe to use the system class loader loading
> resources with privilege.
>
> Mandy
>
> On 5/31/23 5:32 PM, - wrote:
>
> The doPrivileged is from Mandy Chung's modification to my patch of
> reimplementation of MethodHandleProxies.asInterfaceInstance. It
> allows system code to fetch from system classloader with security
> manager, but I can just leave this change to be part of that patch
> instead.
>
> On Thu, Jun 1, 2023, 1:34 AM Adam Sotona <adam.sotona at oracle.com>
> wrote:
>
> *From: *classfile-api-dev <classfile-api-dev-retn at openjdk.org>
> on behalf of liangchenblue at gmail.com <liangchenblue at gmail.com>
> *Date: *Wednesday, 31 May 2023 8:26
> *To: *classfile-api-dev <classfile-api-dev at openjdk.org>
> *Subject: *ClassHierarchyResolver changes for the Classfile object
>
> Hello,
> Since we are migrating to the Classfile object (8308899),
> which was
> initiated by our observation that Class hierarchy resolvers
> shouldn't
> always cache their results, I wonder what changes I should
> adapt to my
> current patch (8304425, PR #13082).
>
> We have already decided a few API changes for the resolver:
> 1. Remove the default hierarchy resolver (at least change to
> static
> factories), caching is bound to Classfile lifetime
>
> Yes, but we need to check performance impact on existing use
> cases (where to extra hold Classfile instance with cache).
>
> 2. Two new resolver factories: Bytecode/resource parsing and
> classloading/reflection from a given classloader (The goal of this
> patch)
>
> Yes.
>
>
> 3. The resolution result ClassHierarchyInfo will be converted
> into an
> interface; record is an implementation detail (TBD)
>
> This can go even further. To save footprint ClassHierarchyInfo
> does not need to expose anything, it does not need to carry
> thisClass and all interface infos can point to a singleton
> object, something like this:
>
> /**
>
> * *Information**about**a**resolved**class**or**interface.*
>
> */
>
> sealedinterface*/ClassHierarchyInfo/*
>
> permitsClassHierarchyImpl./ClassHierarchyInfoImpl/ {
>
> /**
>
> * {*@return*the {*@link*ClassHierarchyInfo}
> ofaninterface}
>
> * nootherinformationaboutinterfaceisrequired
>
> */
>
> static/ClassHierarchyInfo/ */ofInterface/*() {
>
> returnClassHierarchyImpl./INTERFACE_INFO_INSTANCE/;
>
> }
>
> /**
>
> * *@return*the {*@link*ClassHierarchyInfo} ofaninterface
>
> * *@param*superClass
> informationaboutsuperoftheclassisrequired
>
> */
>
> static/ClassHierarchyInfo/ */ofClass/*(ClassDesc superClass) {
>
> returnnewClassHierarchyImpl.ClassHierarchyInfoImpl(superClass);
>
> }
>
> }
>
>
>
> What should I do with my patch? Should I drop the changes to
> default
> resolver (which adds security manager suppression) and move on
> with
> the current content, or should I expand it to address all 3
> planned
> changes (despite some of them still in drafting phase) and
> accomodate
> to the Classfile object? (We still have to decide about the
> default
> resolver fo a Classfile object, esp. whether to have one or not)
>
> I’m not sure why the default class hierarchy resolver should
> call AccessController.doPrivileged?
>
>
> Thanks,
>
> Adam
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/classfile-api-dev/attachments/20230601/825490c8/attachment-0001.htm>
More information about the classfile-api-dev
mailing list