Review Request: 7164376 Replace use of sun.security.action.LoadLibraryAction (original) (raw)

Mandy Chung mandy.chung at oracle.com
Wed May 2 18:30:30 UTC 2012

On 5/2/2012 11:09 AM, Artem Ananiev wrote:

Hi, Mandy,

the client part of the fix looks fine.

Thanks for the review. I have pushed the changeset and hope you don't mind I couldn't fix the changeset comment to add you as a reviewer.

Let me ask a naive question, though.

From your explanation, I see that System.loadLibrary() is now aware of modules. What prevents us to change LoadLibraryAction the same way? "FROM" code looks much more elegant than the new (the old?) "TO" one.

I would say the old code is little compact than the new one and both versions look elegant to me.

The fix here is to get the caller of System.loadLibrary be in the same class loader as the native library being loaded (see ClassLoader.findLibrary).

Another alternative is that each component can have its own copy of LoadLibraryAction (e.g. sun.awt.LoadLibraryAction) and so you can modify the old code like this: java.security.AccessController.doPrivileged(new sun.awt.LoadLibraryAction("awt"));

provided that sun.awt.LoadLibraryAction is loaded by the same class loader with whom awt.dll is associated. Adding one copy of this simple LoadLibraryAction utility class for each component seems overkill and also error-prone e.g. refactoring a module into two modules require adding another copy of this per-module utility class if both have native libraries. This is certainly an option if the component team prefers to use the utility class.

Mandy

Thanks,

Artem On 4/26/2012 10:49 PM, Mandy Chung wrote: 7164376 Replace use of sun.security.action.LoadLibraryAction with direct call of System.loadLibrary

Webrev: http://cr.openjdk.java.net/~mchung/jdk8/webrevs/7164376/webrev.00/ This change is required for jdk modularization. High level summary: it replaces the use of LoadLibraryAction: FROM: java.security.AccessController.doPrivileged(new LoadLibraryAction("net")); TO: AccessController.doPrivileged( new java.security.PrivilegedAction() { public Void run() { System.loadLibrary("net"); return null; } }); It touches files in awt, security and serviceability area (cc'ed). For this type of simple change, I think 1-2 reviewers can review all files (simpler to review jdk.patch) and no need for all teams to do the reviews. System.loadLibrary and Runtime.loadLibrary loads a system library of the given library name that requires RuntimePermission("loadLibrary."+lib) permission. Many places in the JDK code loading a system native library is using the sun.security.action.LoadLibraryAction convenient class that will load the system library as a privileged action: java.security.AccessController.doPrivileged(new LoadLibraryAction("net")); The search path of native libraries are coupled with an associated class loader. For example, the application class loader uses the path specified in the "java.library.path" system property for native library lookup. The loadLibrary implementation uses the caller's class loader for finding the native library being requested. For system libraries, the class loader is null and the system library lookup is handled as a special case. When the sun.security.action.LoadLibraryAction class is used that is the caller of System.loadLibrary, the caller's class loader in this case is "null" loader and thus it always finds the native library from the system library path. In a modular world, JDK modules may be loaded by multiple different module class loader. The following code would not work if it is expected to load a native library from a module which is not the module where the sun.security.action.LoadLibraryAction lives. For example, the management module is trying to load libmanagement.so. Calling the following will fail to find libmanagement.so because the caller of System.loadLibrary is the LoadLibraryAction which is in the base module and search the library from the base module only. To prepare for jdk modularization, the use of LoadLibraryAction should be replaced with a direct call of System.loadLibrary. This patch also removes sun.security.action.LoadLibraryAction class to avoid regression. Thanks Mandy

More information about the core-libs-dev mailing list