RFR: 8296024: Usage of DIrectBuffer::address should be guarded [v16]
Per Minborg
pminborg at openjdk.org
Tue Nov 29 07:57:23 UTC 2022
On Mon, 28 Nov 2022 19:35:24 GMT, Paul Sandoz <psandoz at openjdk.org> wrote:
> I prefer methods that do not expose the scope implementation so access is limited to just to the acquire/release methods, but i am unsure of the performance implications. These methods might not reliably inline, and we may need to ensure that first (which is also separately a good thing). I think it requires that the shared secret fields are stable and that there is only one implementation of `JavaNioAccess`, which there is, but we can enforce via sealing. Something to consider as a further iteration.
I agree. A similar approach was done in a previous incarnation of the PR whereby we exposed a `ScopeAcqusition` that held an internal copy of the buffer and provided means to release. We feared that would cause performance regression. But your comment made me think of another way of doing acquire/release which would not expose the session and that would always be performant. I will explore this idea a bit more.
-------------
PR: https://git.openjdk.org/jdk/pull/11260
More information about the security-dev
mailing list