RFR: 8343020: SecureDirectoryStream not supported on MacOS

David M. Lloyd duke at openjdk.org
Fri Oct 25 12:48:05 UTC 2024 

On Thu, 24 Oct 2024 21:54:55 GMT, David M. Lloyd <duke at openjdk.org> wrote:

> OpenJDK will not produce SecureDirectoryStreams on MacOS. Support for SecureDirectoryStream on UNIX-like OSes is predicated on the `SUPPORTS_OPENAT` flag in UnixNativeDispatcher. That flag in turn is set when the runtime environment supports `openat`, `fstatat`, `unlinkat`, `renameat`, `futimesat`, and `fdopendir`.
> 
> This fails on MacOS because `futimesat` does not exist on that platform, apparently having been a proposed-but-not-accepted part of POSIX some time ago. While there is an indirect replacement that is supported on MacOS - `utimensat` - this is not actually needed, because the unique functionality provided by `futimesat` (that is, performing the action of `futimes` relative to an open directory file descriptor) is not utilized, since the only place this function is used passes `NULL` as the relative filename argument.
> 
> Replacing this with simply calling `futimes` instead allows `SecureDirectoryStream` to function on MacOS.

There's an unexpected plot twist. It turns out there's some kind of off-by-one problem when reading the directory when SDS is active. So the exceptions being thrown are like:


java.nio.file.NoSuchFileException: /Volumes/Case-sensitive/Users/david/src/java/openjdk/build/macosx-x86_64-server-release/jdk/modules/ava.management.rmi
	at java.base/sun.nio.fs.UnixException.translateToIOException(UnixException.java:92)
	at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:106)
	at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:113)
	at java.base/sun.nio.fs.UnixFileAttributeViews$Basic.readAttributes(UnixFileAttributeViews.java:56)
	at java.base/sun.nio.fs.UnixFileSystemProvider.readAttributes(UnixFileSystemProvider.java:163)
	at java.base/java.nio.file.Files.readAttributes(Files.java:1865)
	at java.base/jdk.internal.module.ModulePath.scanDirectory(ModulePath.java:279)
	at java.base/jdk.internal.module.ModulePath.scan(ModulePath.java:233)
	at java.base/jdk.internal.module.ModulePath.scanNextEntry(ModulePath.java:191)
	at java.base/jdk.internal.module.ModulePath.find(ModulePath.java:155)
	at java.base/jdk.internal.module.SystemModuleFinders$1.lambda$find$0(SystemModuleFinders.java:217)
	at java.base/java.security.AccessController.doPrivileged(AccessController.java:319)


AFAICT this is coming out of `UnixNativeDispatcher#readdir0` so now I'm digging into that.

-------------

PR Comment: https://git.openjdk.org/jdk/pull/21696#issuecomment-2437684233

More information about the nio-dev mailing list