RFR: 8275063: Implementation of Foreign Function & Memory API (Second incubator) [v18]

Jorn Vernee jvernee at openjdk.java.net
Fri Nov 5 14:29:19 UTC 2021 

On Fri, 5 Nov 2021 11:06:53 GMT, Maurizio Cimadamore <mcimadamore at openjdk.org> wrote:

>> This PR contains the API and implementation changes for JEP-419 [1]. A more detailed description of such changes, to avoid repetitions during the review process, is included as a separate comment.
>> 
>> [1] - https://openjdk.java.net/jeps/419
>
> Maurizio Cimadamore has updated the pull request incrementally with one additional commit since the last revision:
> 
>   * Add two new CLinker static methods to compute upcall/downcall method types
>   * Clarify section on CLinker downcall type
>   * Add section on CLinker safety guarantees

src/jdk.incubator.foreign/share/classes/jdk/incubator/foreign/CLinker.java line 65:

> 63:  * <li>if {@code L} is a {@link ValueLayout} with carrier {@code E} then there are two cases:
> 64:  *     <ul>
> 65:  *         <li>if {@code L} occurs in a parameter position and {@code E} is {@code NativeAddress.class},

This looks spurious

src/jdk.incubator.foreign/share/classes/jdk/incubator/foreign/CLinker.java line 134:

> 132:  * <p>
> 133:  * Upcall stubs are generally safer to work with, as the linker runtime can validate the type of the target method
> 134:  * handle against the provided function descriptor and report an error if any mismatch is detected. If the target method

But, in the case of upcalls, errors can still occur if the native code casts the pointer to the upcall stub to an incorrect type, e.g. `FunctionDescriptor.ofVoid(ADDRESS, ADDRESS)`, but on the native side cast it to `void (*)(void*)`, meaning the second argument would be garbage on the Java side. i.e. there is still room for a mismatch the same as with downcalls.

src/jdk.incubator.foreign/share/classes/jdk/incubator/foreign/CLinker.java line 267:

> 265:     static MethodType upcallType(FunctionDescriptor functionDescriptor) {
> 266:         return SharedUtils.inferMethodType(functionDescriptor, true);
> 267:     }

Nice! :)

-------------

PR: https://git.openjdk.java.net/jdk/pull/5907

More information about the security-dev mailing list