RFR: 8364182: Add jcmd VM.security_properties command [v9]

[Sean Coffey]

On Wed, 18 Feb 2026 09:30:29 GMT, Kieran Farrell <kfarrell at openjdk.org> wrote:

>> The goal of this PR is to add a means of exposing security properties at runtime to aid the debugging security related issues/misconfigurations etc. Currently, only initial security properties set at start up can be exposed via the `InitialSecurityProperty` JFR event. 
>> 
>> This patch introduces a new jcmd diagnostic command `VM.properties`, which enables developers to print either the current system properties or security properties of a running Java process via command-line arguments (-system or -security). To avoid clutter within the jcmd command list, the old `VM.system_properties` command is hidden, but not removed so will not break existing usages. The implementation of each is shared to reduce duplication.
>
> Kieran Farrell has updated the pull request incrementally with one additional commit since the last revision:
> 
>   remove clone

Looks good Kieran. Thanks for pushing ahead with this. Minor comments,

src/java.base/share/classes/java/security/Security.java line 334:

> 332:             }
> 333:             @Override
> 334:             public Properties getCurrentProperties() { return props;

minor nit: new line for "return props;"

test/hotspot/jtreg/serviceability/dcmd/vm/SecurityPropertiesTest.java line 33:

> 31: 
> 32: /*
> 33:  * @test

should a bug tag be added to this test ? Not sure if it's the norm for hotspot tests

-------------

PR Review: https://git.openjdk.org/jdk/pull/29124#pullrequestreview-3821178943
PR Review Comment: https://git.openjdk.org/jdk/pull/29124#discussion_r2823487016
PR Review Comment: https://git.openjdk.org/jdk/pull/29124#discussion_r2823490366