RFR: 8148188: Enhance the security libraries to record events of interest

Seán Coffey sean.coffey at oracle.com
Fri Jun 22 14:50:01 UTC 2018


Following on from the recent JDK-8203629 code review, I'd like to 
propose enhancements on how we can record events in security libs. The 
introduction of the JFR libraries can give us much better ways of 
examining JDK actions. For the initial phase, I'm looking to enhance 
some key security library events in JDK 11 so that they can be either 
recorded to JFR, logged to a traditional logger, or both.

Examples of how useful JFR recordings could be can be seen here :

http://cr.openjdk.java.net/~coffeys/event_snaps/X509Event_1.png
http://cr.openjdk.java.net/~coffeys/event_snaps/securityProp_1.png
http://cr.openjdk.java.net/~coffeys/event_snaps/securityProp_2.png
http://cr.openjdk.java.net/~coffeys/event_snaps/TLSEvent_1.png

securityProp_2.png gives an example of how the JFR recording can be 
queried to quickly locate events of interest (in this case, code setting 
the jdk.tls.* Security properties). I still need to clean up the 
TLSEvents testcase to improve test coverage and hope to do that in 
coming days.

JBS record :
  * https://bugs.openjdk.java.net/browse/JDK-8148188

webrev : http://cr.openjdk.java.net/~coffeys/webrev.8148188.v1/webrev/

-- 
Regards,
Sean.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/security-dev/attachments/20180622/6cf1cfef/attachment.html>


More information about the security-dev mailing list