RFR: 8331008: Implement JEP 478: Key Derivation Function API (Preview) [v10]
Viktor Klang
vklang at openjdk.org
Thu Sep 5 15:53:09 UTC 2024
On Tue, 3 Sep 2024 20:16:23 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
>> @valeriepeng:
>>
>> I did some research. Based upon what I have seen, no `volatile` keyword is required here. This is also consistent with the `Cipher` API, for example.
>>
>> @ascarpino:
>>
>> I looked up `ReentrantLock`s, and I’m not sure those make sense for the use-case. A simple mutex lock should suffice, since we will not be spinning for long. In addition, as mentioned above, we are consistent with the other JCE/JCA classes by using this paradigm.
>
> Well, I am not so sure, I've sent you pointers separately regarding lazy initialization and the relevant concurrency pointers.
I'd recommend documenting above this line what function the lock is intending to serve, and by each of the members that it guards accesses to. Something like "//guarded by 'lock'".
Also, ook into whether the members guarded by the lock needs `volatile`: http://www.cs.umd.edu/~pugh/java/memoryModel/DoubleCheckedLocking.html
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/20301#discussion_r1745796679
More information about the security-dev
mailing list