The VM has to save the protection domain that's used with the class loader when loading a class, when a security manager is allowed.
If the security manager is allowed, and then one is installed, the VM calls out to ClassLoader.checkPackageAccess() and caches the result of the access check. We save this protection domain per-class because subsequent loads of the same class with the same protection domain must get the same answer from checkPackageAccess.
eg with the -Djava.security.manager=allow (not the default), we add protection domains for classes initiated by the AppClassLoader, that point to the code source of my example 'hello world' program:
[0.177s][trace][protectiondomain] adding protection domain for class java/lang/Object class loader: a 'jdk/internal/loader/ClassLoaders$AppClassLoader'{0x00000007fef58608} protection domain: a 'java/security/ProtectionDomain'{0x000000011f01d688} pd set count = #1
[0.178s][trace][protectiondomain] adding protection domain for class java/lang/String class loader: a 'jdk/internal/loader/ClassLoaders$AppClassLoader'{0x00000007fef58608} protection domain: a 'java/security/ProtectionDomain'{0x000000011f01d688} pd set count = #1
[0.179s][trace][protectiondomain] adding protection domain for class java/lang/System class loader: a 'jdk/internal/loader/ClassLoaders$AppClassLoader'{0x00000007fef58608} protection domain: a 'java/security/ProtectionDomain'{0x000000011f01d688} pd set count = #1
[0.179s][trace][protectiondomain] adding protection domain for class java/io/PrintStream class loader: a 'jdk/internal/loader/ClassLoaders$AppClassLoader'{0x00000007fef58608} protection domain: a 'java/security/ProtectionDomain'{0x000000011f01d688} pd set count = #1
These ProtectionDomain objects are now stored in a global ProtectionDomainCache<WeakHandle> hashtable.
The Dictionary entries for each class points to the *Entry* in this global hashtable. ie:
DictionaryEntry : _pd_set = {PDTableEntry*, next};
There are cleanup functions where we iterate through all the dictionaries to remove entries that point to unloaded protection domains, so that we can remove the entry in the global table.
The protection domain doesn't have to be associated with the class that initiates the loading, although it usually does.
I was going to move the ProtectionDomain WeakHandles to the ClassLoaderData, but changed my mind. This RFE is to convert the ProtectionDomainCacheTable to ResourceHashtable.
If the security manager is allowed, and then one is installed, the VM calls out to ClassLoader.checkPackageAccess() and caches the result of the access check. We save this protection domain per-class because subsequent loads of the same class with the same protection domain must get the same answer from checkPackageAccess.
eg with the -Djava.security.manager=allow (not the default), we add protection domains for classes initiated by the AppClassLoader, that point to the code source of my example 'hello world' program:
[0.177s][trace][protectiondomain] adding protection domain for class java/lang/Object class loader: a 'jdk/internal/loader/ClassLoaders$AppClassLoader'{0x00000007fef58608} protection domain: a 'java/security/ProtectionDomain'{0x000000011f01d688} pd set count = #1
[0.178s][trace][protectiondomain] adding protection domain for class java/lang/String class loader: a 'jdk/internal/loader/ClassLoaders$AppClassLoader'{0x00000007fef58608} protection domain: a 'java/security/ProtectionDomain'{0x000000011f01d688} pd set count = #1
[0.179s][trace][protectiondomain] adding protection domain for class java/lang/System class loader: a 'jdk/internal/loader/ClassLoaders$AppClassLoader'{0x00000007fef58608} protection domain: a 'java/security/ProtectionDomain'{0x000000011f01d688} pd set count = #1
[0.179s][trace][protectiondomain] adding protection domain for class java/io/PrintStream class loader: a 'jdk/internal/loader/ClassLoaders$AppClassLoader'{0x00000007fef58608} protection domain: a 'java/security/ProtectionDomain'{0x000000011f01d688} pd set count = #1
These ProtectionDomain objects are now stored in a global ProtectionDomainCache<WeakHandle> hashtable.
The Dictionary entries for each class points to the *Entry* in this global hashtable. ie:
DictionaryEntry : _pd_set = {PDTableEntry*, next};
There are cleanup functions where we iterate through all the dictionaries to remove entries that point to unloaded protection domains, so that we can remove the entry in the global table.
The protection domain doesn't have to be associated with the class that initiates the loading, although it usually does.
I was going to move the ProtectionDomain WeakHandles to the ClassLoaderData, but changed my mind. This RFE is to convert the ProtectionDomainCacheTable to ResourceHashtable.
- relates to
-
JDK-8292681 Add JMH for ProtectionDomain
-
- Resolved
-
