JEP 176: Mechanical Checking of Caller-Sensitive Methods

Jeroen Frijters jeroen at sumatra.nl
Sat Mar 2 08:46:21 UTC 2013


Hi John,

This is really great. I've been using an annotation for caller sensitive methods for many year in IKVM as a performance enhancement and I can say that my experiences with my simple mechanism are really great.

I've got a class ikvm.internal.CallerID that looks something like this:

public final class CallerID {
  @Internal (IKVM specific annotation meaning that it is only public in the module)
  public native Call getCallerClass();

  @Internal
  public native ClassLoader getClassClassLoader();

  @Internal
  public static native getCallerID();
}

Any (trusted) method with an ikvm.internal.HasCallerID annotation can call the CallerID.getCallerID() intrinsic and from there on the CallerID object gets explicitly passed around to other methods when necessary. I modified sun.reflect.MethodAccessor.invoke() to have an additional CallerID parameter and MethodHandles.Lookup is also CallerID based.

JNI methods automatically act as if they have a HasCalleriD annotation and store the caller on a stack inside the thread's JNIEnv.

(I'm not suggesting HotSpot uses the same design, that probably doesn't make sense. Just that in the many years I've used this, I've found the explicit caller sensitive annotation and explicitly passing around a cookie that represents the caller to be an efficient and secure way to handle this.)

Regards,
Jeroen

> -----Original Message-----
> From: core-libs-dev-bounces at openjdk.java.net [mailto:core-libs-dev-
> bounces at openjdk.java.net] On Behalf Of mark.reinhold at oracle.com
> Sent: Friday, March 1, 2013 18:59
> To: john.r.rose at oracle.com
> Cc: core-libs-dev at openjdk.java.net
> Subject: JEP 176: Mechanical Checking of Caller-Sensitive Methods
> 
> Posted: http://openjdk.java.net/jeps/176
> 
> - Mark



More information about the core-libs-dev mailing list