RFR: 8195744: Avoid calling ClassLoader.checkPackageAccess if security manager is not installed
Coleen Phillimore
coleenp at openjdk.java.net
Thu Feb 4 23:10:42 UTC 2021
On Thu, 4 Feb 2021 22:39:42 GMT, Mandy Chung <mchung at openjdk.org> wrote:
>> This change does not call up to Java for checkPackageAccess if the security manager is NULL, but still saves the protection domain in the pd_set for that dictionary entry. If the option -Djava.security.manager=disallow is set, that means that there will never be a security manager and the JVM code can avoid saving the protection domains completely.
>> See the two functions java_lang_System::has_security_manager() and java_lang_System::allow_security_manager() for details.
>> Also deleted ProtectionDomainVerification because there's no use for this option.
>>
>> Tested with tier1 hotspot, jdk and langtools.
>> and tier2-6.
>
> It's good to see this change benefitting from `-Djava.security.manager=disallow` work. A minor comment: VM now hardcodes the value for `NEVER` (1). It may worth adding a comment in `System::NEVER` of such dependency.
Thanks Mandy! It's nice to be able to optimize this. How's this comment? Is it an @implNote ??
// @implNote The HotSpot JVM hardcodes the value of NEVER.
-------------
PR: https://git.openjdk.java.net/jdk/pull/2410
More information about the hotspot-runtime-dev
mailing list