RFR: 8072692: Improve performance of SecurityManager.checkPackageAccess
Weijun Wang
weijun.wang at oracle.com
Wed Jun 17 12:42:21 UTC 2015
>>
>> Possibly - but that would be a behavioral change. The current test:
>>
>> plast == plen && restrictedPkg.startsWith(pkg) &&
>> restrictedPkg.charAt(plast) == '.'
>>
>>
>> is strictly equivalent to the old test:
>>
>> restrictedPkg.equals(pkg + ".")
Yes, I understand.
>
> Right, and this is an interesting observation. However, because it is a
> behavior change and there may be potential compatibility issues, I think
> we should open a separate issue to do that.
Agreed.
>
> Any other comments, Max?
None.
Thanks
Max
>
> --Sean
>
>>
>>
>> (side note: pkg + "." was the root of the perf issue).
>>
>>
>> best regards,
>>
>> -- daniel
>>
>>>
>>> Thanks
>>> Max
>>>
>>> On 06/16/2015 10:54 PM, Sean Mullan wrote:
>>>> This is the sixth in a series of fixes for JEP 232 (Improve Secure
>>>> Application Performance) [1].
>>>>
>>>> webrev: http://cr.openjdk.java.net/~mullan/webrevs/8072692/webrev.00/
>>>> bug: https://bugs.openjdk.java.net/browse/JDK-8072692
>>>>
>>>> This fix adds several optimizations to the package matching algorithm
>>>> used by the SecurityManager.checkPackageAcccess method. These
>>>> improvements result in a 5-7x increase in throughput of this method. A
>>>> performance chart has been attached to the bug with more information.
>>>>
>>>> A new test is included which uses a state machine to verify that the
>>>> matching algorithm is working correctly.
>>>>
>>>> Special thanks to Daniel Fuchs for contributing this fix and the test.
>>>>
>>>> Thanks,
>>>> Sean
>>>>
>>>> [1] http://openjdk.java.net/jeps/232
>>
More information about the security-dev
mailing list