RFR: 8285398: Cache the results of constraint checks
Anthony Scarpino
ascarpino at openjdk.java.net
Mon Apr 25 16:07:27 UTC 2022
On Thu, 21 Apr 2022 19:58:39 GMT, Daniel Jeliński <djelinski at openjdk.org> wrote:
> Profiling the TLS handshakes using SSLHandshake benchmark shows that a large portion of time is spent in HandshakeContext initialization, specifically in DisabledAlgorithmConstraints class.
>
> There are only a few instances of that class, and they are immutable. Caching the results should be a low-risk operation.
>
> The cache is implemented as a softly reachable ConcurrentHashMap; this way it can be removed from memory after a period of inactivity. Under normal circumstances the cache holds no more than 100 algorithms.
I'm good with this idea. It's not caching the whole list like I struggled with, but it's a good solution for the algorithm name based constraints. It also shows that more caching probably would help further.
I'll let Xuelei finish his review comments
-------------
PR: https://git.openjdk.java.net/jdk/pull/8349
More information about the security-dev
mailing list