RFR: 8268129: LibraryLookup::ofDefault leaks symbols from loaded libraries

Maurizio Cimadamore mcimadamore at openjdk.java.net
Wed Jun 2 17:30:09 UTC 2021 

On Wed, 2 Jun 2021 17:19:06 GMT, Maurizio Cimadamore <mcimadamore at openjdk.org> wrote:

> This patch overhauls the library loading mechanism used by the Foreign Linker API. We realized that, while handy, the *default* lookup abstraction (`LibraryLookup::ofDefault`) was behaving inconsistentlt across platforms.
> 
> This patch replaces `LibraryLookup` with a simpler `SymbolLookup` abstraction, a functional interface. Crucially, `SymbolLookup` does not concern with library loading, only symbol lookup. For this reason, two factories are added:
> 
> * `SymbolLookup::loaderLookup` - which obtains a lookup that can be used to lookup symbols in libraries loaded by current loader
> * `CLinker::systemLookup` - a more stable replacement for the *default* lookup, which looks for symbols in libc.so (or its equivalent in other platforms). The contents of this lookup are unspecified.
> 
> Both factories are *restricted*, so they can only be called when `--enable-native-access` is set.

Some notes on how the *system* lookup is implemented (see class SystemLookup):

* On Linux and MacOS, we generate, at build time, an empty shim library. Since this library depends on the C standard libraries, we can, at runtime, load this shim library, and use `dlsym` to lookup symbols in it (since `dlsym` will also look at the dependencies).

* Since Windows does not allow for library symbols in dependent libraries to be re-exported, Windows uses a different approach - which loads either `ucrtbase.dll` or `msvcrt.dll` (the former is preferred, if available), and returns a lookup object based on that.

In both cases, the required libraries are loaded in a classloader-independent fashion, by taking advantage of the support available in NativeLibraries.

Class loader lookups are built on top of ClassLoader::findNative (which is also the method used by JNI to find JNI methods).

This patch removes all the native code which was required to support the default lookup abstraction. The implementation changes are relatively straightforward - but several test and microbenchmark updates were required.

-------------

PR: https://git.openjdk.java.net/jdk/pull/4316

More information about the security-dev mailing list