RFR: 8284855: Update needed to Cleaners added to jdk.crypto.cryptoki [v2]

Brent Christian bchristi at openjdk.java.net
Thu Apr 14 22:35:38 UTC 2022

On Thu, 14 Apr 2022 22:01:55 GMT, Xue-Lei Andrew Fan <xuelei at openjdk.org> wrote:

>> This is an effort to fix a problem introduced in the fix for [JDK-8284368](https://bugs.openjdk.java.net/browse/JDK-8284368), which replaced the finalizers in jdk.crypto.cryptoki with Cleaners.  However, there is a problem with the code changes. The Runnables registered with Cleaner refer to the object being registered ('this'). Meaning, the Cleaner mechanism will keep the objects reachable, preventing them from being cleaned and collected.
> Xue-Lei Andrew Fan has updated the pull request incrementally with one additional commit since the last revision:
>   use static cleaner, and clean up swp file

Thanks for updating this.

Can a test case be included?
While it doesn't _seem_ like `this` would need to be captured for these lambdas, it's good to be sure -- now, and in the future.

If test code could access a PKCS11 instance, the WeakHashMap technique from [PR 8136](https://github.com/openjdk/jdk/pull/8136#issuecomment-1092881171) could be used. The same goes for P11KeyStore (well, a `PasswordCallbackHandler` instance, in that case).
But I don't know how practical it would be for test code to get access to those objects.


PR: https://git.openjdk.java.net/jdk/pull/8248

More information about the security-dev mailing list