RFR: 8234930: Use MAP_JIT when allocating pages for code cache on macOS
Anton Kozlov
akozlov at azul.com
Fri Aug 28 13:57:52 UTC 2020
Hi,
Could you please review a change for
JDK-8234930: Use MAP_JIT when allocating pages for code cache on macOS
Bug: https://bugs.openjdk.java.net/browse/JDK-8234930
Webrev: http://cr.openjdk.java.net/~akozlov/8234930/webrev.00/
On macOS, MAP_JIT cannot be used with MAP_FIXED[1]. So pd_reserve_memory have
to provide MAP_JIT for mmap(NULL, PROT_NONE), the function was made aware of
exec permissions.
For executable and data regions, pd_commit_memory only unlocks the memory with
mprotect, this should make no difference compared with old code.
For data regions, pd_uncommit_memory still uses a new overlapping anonymous
mmap which returns pages to the OS and immediately reflects this in diagnostic
tools like ps. For executable regions it would require MAP_FIXED|MAP_JIT, so
instead madvise(MADV_FREE)+mprotect(PROT_NONE) are used. They should also allow
OS to reclaim pages, but apparently this does not happen immediately. In
practice, it should not be a problem for executable regions, as codecache does
not shrink (if I haven't missed anything, by the implementation and in
principle).
Tested:
* local tier1
* jdk-submit
* codesign[2] with hardened runtime and allow-jit but without
allow-unsigned-executable-memory entitlements[3] produce a working bundle.
Thanks,
Anton
[1] https://github.com/apple/darwin-xnu/blob/master/bsd/kern/kern_mman.c#L227
[2]
codesign \
--sign - \
--options runtime \
--entitlements ents.plist \
--timestamp \
$J/bin/* $J/lib/server/*.dylib $J/lib/*.dylib
[3]
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>com.apple.security.cs.allow-jit</key>
<true/>
<key>com.apple.security.cs.disable-library-validation</key>
<true/>
<key>com.apple.security.cs.allow-dyld-environment-variables</key>
<true/>
</dict>
</plist>
More information about the hotspot-runtime-dev
mailing list