Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

8324648: Avoid NoSuchMethodError when instantiating NativePRNG #17560

Closed
wants to merge 4 commits into from

Conversation

olivergillespie
Copy link
Contributor

@olivergillespie olivergillespie commented Jan 24, 2024

A typical call to new SecureRandom() is slowed down by looking for a constructor in NativePRNG which takes java.security.SecureRandomParameters. NativePRNG does not have such a constructor, so the search fails here, incurring all the cost of the lookup and creating a subsequent exception.

Creating a dummy constructor which takes and ignores this parameter will speed up new SecureRandom() calls significantly.

The benchmark from #17559 shows around 80% reduction in time taken to create a new SecureRandom with NativePRNG (default on my machine).

Before
SecureRandomBench.newSecureRandom  avgt  2930 ± 50 ns/op

After
SecureRandomBench.newSecureRandom  avgt  510 ± 16 ns/op

Progress

  • Change must not contain extraneous whitespace
  • Commit message must refer to an issue
  • Change must be properly reviewed (2 reviews required, with at least 1 Reviewer, 1 Author)

Issue

  • JDK-8324648: Avoid NoSuchMethodError when instantiating NativePRNG (Enhancement - P4)

Reviewers

Reviewing

Using git

Checkout this PR locally:
$ git fetch https://git.openjdk.org/jdk.git pull/17560/head:pull/17560
$ git checkout pull/17560

Update a local copy of the PR:
$ git checkout pull/17560
$ git pull https://git.openjdk.org/jdk.git pull/17560/head

Using Skara CLI tools

Checkout this PR locally:
$ git pr checkout 17560

View PR using the GUI difftool:
$ git pr show -t 17560

Using diff file

Download this PR as a diff file:
https://git.openjdk.org/jdk/pull/17560.diff

Webrev

Link to Webrev Comment

@bridgekeeper
Copy link

bridgekeeper bot commented Jan 24, 2024

👋 Welcome back ogillespie! A progress list of the required criteria for merging this PR into master will be added to the body of your pull request. There are additional pull request commands available for use with this pull request.

@openjdk openjdk bot added the rfr Pull request is ready for review label Jan 24, 2024
@openjdk
Copy link

openjdk bot commented Jan 24, 2024

@olivergillespie The following label will be automatically applied to this pull request:

  • security

When this pull request is ready to be reviewed, an "RFR" email will be sent to the corresponding mailing list. If you would like to change these labels, use the /label pull request command.

@openjdk openjdk bot added the security security-dev@openjdk.org label Jan 24, 2024
@mlbridge
Copy link

mlbridge bot commented Jan 24, 2024

Webrevs

@liach
Copy link
Member

liach commented Jan 24, 2024

I see that the existing caller code has a check for ctorParamClass. Why must we declare SecureRandomParameters.class as the ctorParamClass for these 3 randoms instead of using null?

@olivergillespie
Copy link
Contributor Author

I see that the existing caller code has a check for ctorParamClass. Why must we declare SecureRandomParameters.class as the ctorParamClass for these 3 randoms instead of using null?

From lookup code:

// Looking for the constructor with a params first and fallback
// to one without if not found. This is to support the enhanced
// SecureRandom where both styles of constructors are supported.
// Before jdk9, there was no params support (only getInstance(alg))
// and an impl only had the params-less constructor. Since jdk9,
// there is getInstance(alg,params) and an impl can contain
// an Impl(params) constructor.

The EngineDescription is looked up by type which in this case is SecureRandom, there's no way right now to choose specific parameters for different implementers. Are you proposing that I extend the engine lookup to include algorithm, so we can have specific EngineDescription for SecureRandom->NativePRNG? I don't know this code well enough to know if that's feasible, but it definitely seems more complex.

Copy link
Member

@shipilev shipilev left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Seems like a good workaround. Attn @valeriepeng ;)

/reviewers 2

@openjdk
Copy link

openjdk bot commented Jan 29, 2024

@olivergillespie This change now passes all automated pre-integration checks.

ℹ️ This project also has non-automated pre-integration requirements. Please see the file CONTRIBUTING.md for details.

After integration, the commit message for the final commit will be:

8324648: Avoid NoSuchMethodError when instantiating NativePRNG

Reviewed-by: shade, weijun, liach, valeriep

You can use pull request commands such as /summary, /contributor and /issue to adjust it as needed.

At the time when this comment was updated there had been 192 new commits pushed to the master branch:

  • 52d4976: 8325437: Safepoint polling in monitor deflation can cause massive logs
  • 8b70b8d: 8325440: Confusing error reported for octal literals with wrong digits
  • 5daf622: 8325309: Amend "Listeners and Threads" in AWTThreadIssues.html
  • d165d12: 8325510: Serial: Remove redundant arg in non_clean_card_iterate
  • 71b46c3: 8325471: CHeapBitMap(MEMFLAGS flags) constructor misleading use of super-constructor
  • e3dc6a7: 8314275: Incorrect stepping in switch
  • cc276ff: 8325516: Shenandoah: Move heap change tracking into ShenandoahHeap
  • 8d9ad97: 8324641: [IR Framework] Add Setup method to provide custom arguments and set fields
  • b797652: 8322927: Unused code in LIR_Assembler::verify_oop_map
  • 9936aee: 8324824: AArch64: Detect Ampere-1B core and update default options for Ampere CPUs
  • ... and 182 more: https://git.openjdk.org/jdk/compare/bccd823c8e40863bed70ff5b24772843203871a5...master

As there are no conflicts, your changes will automatically be rebased on top of these commits when integrating. If you prefer to avoid this automatic rebasing, please check the documentation for the /integrate command for further details.

As you do not have Committer status in this project an existing Committer must agree to sponsor your change. Possible candidates are the reviewers of this PR (@shipilev, @wangweij, @valeriepeng) but any other Committer may sponsor as well.

➡️ To flag this PR as ready for integration with the above commit message, type /integrate in a new comment. (Afterwards, your sponsor types /sponsor in a new comment to perform the integration).

@openjdk openjdk bot added the ready Pull request is ready to be integrated label Jan 29, 2024
@openjdk
Copy link

openjdk bot commented Jan 29, 2024

@shipilev
The total number of required reviews for this PR (including the jcheck configuration and the last /reviewers command) is now set to 2 (with at least 1 Reviewer, 1 Author).

@openjdk openjdk bot removed the ready Pull request is ready to be integrated label Jan 29, 2024
@valeriepeng
Copy link
Contributor

For NativePRNG, should the dummy constructor just ignores the parameters? If passed with a non-null parameter, should it accept it? Max and Brad is more familiar with SecureRandom than me, so it's better that they chime in on this. @bradfordwetmore @wangweij

@wangweij
Copy link
Contributor

I think Valerie is correct. Otherwise, SecureRandom.getInstance("NativePRNG", DrbgParameters.instantiation(...)) will return something that it actually does not support.

@olivergillespie
Copy link
Contributor Author

Good point, thanks, I should have thought of that. I see DBRG has this for when the params are not appropriate:

throw new IllegalArgumentException("Unsupported params: " + params.getClass());

I'll add something similar in my dummy constructors, unless someone objects.

@olivergillespie
Copy link
Contributor Author

The more I think about it, adding a new public constructor seems a bit ugly and potentially confusing.

So I'll offer a few more ideas. Which do you think is best?

  1. New public constructor with IllegalArgumentException if params != null
// constructor, unused argument to speed up lookups from Provider
public NativePRNG(SecureRandomParameters params) {
    this();
    if (params != null) {
        throw new IllegalArgumentException("Unsupported params: " + params.getClass());
    }
}
  1. Use getConstructors() instead of getConstructor(...), and manually look for the match (basically implement our own tryGetConstructor). This way, we avoid the exception which is the main cost of the current approach, but don't need to add any special cases. Benchmark says this is only a little slower than 1. (550ns vs 510ns).
// new style with params
for (Constructor<?> c : getImplClass().getConstructors()) {
    Class<?>[] args = c.getParameterTypes();
    if (args.length == 1 && args[0].equals(ctrParamClz)) {
        // found match
        return c.newInstance(ctorParamObj);
    }
}
// old style without params
if (ctorParamObj == null) {
    return newInstanceOf();
} else {
    throw new NoSuchMethodException("...");
}
  1. Add explicit handling of NativePRNG inside Provider.
static HashSet<String> NO_ARG_SECURE_RANDOMS = new HashSet<>();
static {
    NO_ARG_SECURE_RANDOMS.add("sun.security.provider.NativePRNG");
    NO_ARG_SECURE_RANDOMS.add("sun.security.provider.NativePRNG$Blocking");
    NO_ARG_SECURE_RANDOMS.add("sun.security.provider.NativePRNG$NonBlocking");
};

private Object newInstanceUtil(Class<?> ctrParamClz, Object ctorParamObj)
        throws Exception {
    if (ctrParamClz == null) {
        return newInstanceOf();
    } else if (ctorParamObj == null && NO_ARG_SECURE_RANDOMS.contains(getImplClass().getName())) {
        return newInstanceOf();
    } else {
  1. Add some kind of caching in Provider to only pay the cost once (not coded up yet, potentially a bit annoying to also save the NSME if we want to keep that behaviour).

@wangweij
Copy link
Contributor

wangweij commented Feb 2, 2024

No matter if we touch the Provider class, I think we can remove the old constructors. With the params class defined for SecureRandom, those old constructors should be useless. And they step 3 above is not needed.

@olivergillespie
Copy link
Contributor Author

Thanks. Updated with option 1 and removed old constructors.

Copy link
Contributor

@wangweij wangweij left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me.

Please update the copyright year. Thanks.

@openjdk openjdk bot added the ready Pull request is ready to be integrated label Feb 6, 2024
@@ -203,11 +203,14 @@ static boolean isAvailable() {
}

// constructor, called by the JCA framework
public NativePRNG() {
public NativePRNG(SecureRandomParameters params) {
super();
Copy link
Contributor

@valeriepeng valeriepeng Feb 6, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: maybe super() not needed? Same goes for the Blocking and NonBlocking ctors.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It was already there before, but yes it doesn't do anything useful. The other impls I've checked don't use it, so I'll remove.

@olivergillespie
Copy link
Contributor Author

/integrate

Thanks for the reviews, all!

@openjdk openjdk bot added the sponsor Pull request is ready to be sponsored label Feb 9, 2024
@openjdk
Copy link

openjdk bot commented Feb 9, 2024

@olivergillespie
Your change (at version e51350b) is now ready to be sponsored by a Committer.

@wangweij
Copy link
Contributor

wangweij commented Feb 9, 2024

/sponsor

@openjdk
Copy link

openjdk bot commented Feb 9, 2024

Going to push as commit 69b2674.
Since your change was applied there have been 192 commits pushed to the master branch:

  • 52d4976: 8325437: Safepoint polling in monitor deflation can cause massive logs
  • 8b70b8d: 8325440: Confusing error reported for octal literals with wrong digits
  • 5daf622: 8325309: Amend "Listeners and Threads" in AWTThreadIssues.html
  • d165d12: 8325510: Serial: Remove redundant arg in non_clean_card_iterate
  • 71b46c3: 8325471: CHeapBitMap(MEMFLAGS flags) constructor misleading use of super-constructor
  • e3dc6a7: 8314275: Incorrect stepping in switch
  • cc276ff: 8325516: Shenandoah: Move heap change tracking into ShenandoahHeap
  • 8d9ad97: 8324641: [IR Framework] Add Setup method to provide custom arguments and set fields
  • b797652: 8322927: Unused code in LIR_Assembler::verify_oop_map
  • 9936aee: 8324824: AArch64: Detect Ampere-1B core and update default options for Ampere CPUs
  • ... and 182 more: https://git.openjdk.org/jdk/compare/bccd823c8e40863bed70ff5b24772843203871a5...master

Your commit was automatically rebased without conflicts.

@openjdk openjdk bot added the integrated Pull request has been integrated label Feb 9, 2024
@openjdk openjdk bot closed this Feb 9, 2024
@openjdk openjdk bot removed ready Pull request is ready to be integrated rfr Pull request is ready for review sponsor Pull request is ready to be sponsored labels Feb 9, 2024
@openjdk
Copy link

openjdk bot commented Feb 9, 2024

@wangweij @olivergillespie Pushed as commit 69b2674.

💡 You may see a message that your pull request was closed with unmerged commits. This can be safely ignored.

@olivergillespie
Copy link
Contributor Author

/backport jdk17u

@olivergillespie olivergillespie deleted the 8324648 branch February 13, 2024 11:19
@openjdk
Copy link

openjdk bot commented Feb 13, 2024

@olivergillespie Could not automatically backport 69b2674c to openjdk/jdk17u due to conflicts in the following files:

  • src/java.base/unix/classes/sun/security/provider/NativePRNG.java

Please fetch the appropriate branch/commit and manually resolve these conflicts by using the following commands in your personal fork of openjdk/jdk17u. Note: these commands are just some suggestions and you can use other equivalent commands you know.

# Fetch the up-to-date version of the target branch
$ git fetch --no-tags https://git.openjdk.org/jdk17u.git master:master

# Check out the target branch and create your own branch to backport
$ git checkout master
$ git checkout -b backport-olivergillespie-69b2674c

# Fetch the commit you want to backport
$ git fetch --no-tags https://git.openjdk.org/jdk.git 69b2674c6861fdb7d9f9cb39e07d50515c73e33a

# Backport the commit
$ git cherry-pick --no-commit 69b2674c6861fdb7d9f9cb39e07d50515c73e33a
# Resolve conflicts now

# Commit the files you have modified
$ git add files/with/resolved/conflicts
$ git commit -m 'Backport 69b2674c6861fdb7d9f9cb39e07d50515c73e33a'

Once you have resolved the conflicts as explained above continue with creating a pull request towards the openjdk/jdk17u with the title Backport 69b2674c6861fdb7d9f9cb39e07d50515c73e33a.

Below you can find a suggestion for the pull request body:

Hi all,

This pull request contains a backport of commit 69b2674c from the openjdk/jdk repository.

The commit being backported was authored by Oli Gillespie on 9 Feb 2024 and was reviewed by Aleksey Shipilev, Weijun Wang, Chen Liang and Valerie Peng.

Thanks!

@olivergillespie
Copy link
Contributor Author

/backport jdk21u-dev

@openjdk
Copy link

openjdk bot commented Feb 13, 2024

@olivergillespie the backport was successfully created on the branch backport-olivergillespie-69b2674c in my personal fork of openjdk/jdk21u-dev. To create a pull request with this backport targeting openjdk/jdk21u-dev:master, just click the following link:

➡️ Create pull request

The title of the pull request is automatically filled in correctly and below you find a suggestion for the pull request body:

Hi all,

This pull request contains a backport of commit 69b2674c from the openjdk/jdk repository.

The commit being backported was authored by Oli Gillespie on 9 Feb 2024 and was reviewed by Aleksey Shipilev, Weijun Wang, Chen Liang and Valerie Peng.

Thanks!

If you need to update the source branch of the pull then run the following commands in a local clone of your personal fork of openjdk/jdk21u-dev:

$ git fetch https://github.com/openjdk-bots/jdk21u-dev.git backport-olivergillespie-69b2674c:backport-olivergillespie-69b2674c
$ git checkout backport-olivergillespie-69b2674c
# make changes
$ git add paths/to/changed/files
$ git commit --message 'Describe additional changes made'
$ git push https://github.com/openjdk-bots/jdk21u-dev.git backport-olivergillespie-69b2674c

@olivergillespie
Copy link
Contributor Author

/backport jdk22u

@openjdk
Copy link

openjdk bot commented Mar 12, 2024

@olivergillespie the backport was successfully created on the branch backport-olivergillespie-69b2674c in my personal fork of openjdk/jdk22u. To create a pull request with this backport targeting openjdk/jdk22u:master, just click the following link:

➡️ Create pull request

The title of the pull request is automatically filled in correctly and below you find a suggestion for the pull request body:

Hi all,

This pull request contains a backport of commit 69b2674c from the openjdk/jdk repository.

The commit being backported was authored by Oli Gillespie on 9 Feb 2024 and was reviewed by Aleksey Shipilev, Weijun Wang, Chen Liang and Valerie Peng.

Thanks!

If you need to update the source branch of the pull then run the following commands in a local clone of your personal fork of openjdk/jdk22u:

$ git fetch https://github.com/openjdk-bots/jdk22u.git backport-olivergillespie-69b2674c:backport-olivergillespie-69b2674c
$ git checkout backport-olivergillespie-69b2674c
# make changes
$ git add paths/to/changed/files
$ git commit --message 'Describe additional changes made'
$ git push https://github.com/openjdk-bots/jdk22u.git backport-olivergillespie-69b2674c

⚠️ @olivergillespie You are not yet a collaborator in my fork openjdk-bots/jdk22u. An invite will be sent out and you need to accept it before you can proceed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
integrated Pull request has been integrated security security-dev@openjdk.org
Development

Successfully merging this pull request may close these issues.

5 participants