RFR: 8253795: Implementation of JEP 391: macOS/AArch64 Port [v25]

David Holmes dholmes at openjdk.java.net
Fri Mar 12 05:27:17 UTC 2021

On Thu, 11 Mar 2021 14:07:43 GMT, Anton Kozlov <akozlov at openjdk.org> wrote:

>> Please review the implementation of JEP 391: macOS/AArch64 Port.
>> It's heavily based on existing ports to linux/aarch64, macos/x86_64, and windows/aarch64. 
>> Major changes are in:
>> * src/hotspot/cpu/aarch64: support of the new calling convention (subtasks JDK-8253817, JDK-8253818)
>> * src/hotspot/os_cpu/bsd_aarch64: copy of os_cpu/linux_aarch64 with necessary adjustments (JDK-8253819)
>> * src/hotspot/share, test/hotspot/gtest: support of write-xor-execute (W^X), required on macOS/AArch64 platform. It's implemented with pthread_jit_write_protect_np provided by Apple. The W^X mode is local to a thread, so W^X mode change relates to the java thread state change (for java threads). In most cases, JVM executes in write-only mode, except when calling a generated stub like SafeFetch, which requires a temporary switch to execute-only mode. The same execute-only mode is enabled when a java thread executes in java or native states. This approach of managing W^X mode turned out to be simple and efficient enough.
>> * src/jdk.hotspot.agent: serviceability agent implementation (JDK-8254941)
> Anton Kozlov has updated the pull request incrementally with one additional commit since the last revision:
>   8262903: [macos_aarch64] Thread::current() called on detached thread

src/hotspot/share/runtime/safefetch.inline.hpp line 35:

> 33: inline int SafeFetch32(int* adr, int errValue) {
> 34:   assert(StubRoutines::SafeFetch32_stub(), "stub not yet generated");
> 35:   MACOS_AARCH64_ONLY(ThreadWXEnable wx(WXExec, Thread::current()));

I think you may have to use `Thread::current_or_null_safe()` here in case this gets called from a signal handling context - see vmError.cpp testing for TestSafeFetchInErrorHandler. Same possibly for SafeFetchN.


PR: https://git.openjdk.java.net/jdk/pull/2200

More information about the security-dev mailing list