8195744: Avoid calling ClassLoader.checkPackageAccess if security manager is not installed

[coleenp]

This change does not call up to Java for checkPackageAccess if the security manager is NULL, but still saves the protection domain in the pd_set for that dictionary entry. If the option -Djava.security.manager=disallow is set, that means that there will never be a security manager and the JVM code can avoid saving the protection domains completely.
See the two functions java_lang_System::has_security_manager() and java_lang_System::allow_security_manager() for details.
Also deleted ProtectionDomainVerification because there's no use for this option.

Tested with tier1 hotspot, jdk and langtools.
and tier2-6.

---

Progress

• Change must not contain extraneous whitespace
• Commit message must refer to an issue
• Change must be properly reviewed

Issue

• JDK-8195744: Avoid calling ClassLoader.checkPackageAccess if security manager is not installed

Reviewers

• David Holmes (@dholmes-ora - Reviewer)
• Ioi Lam (@iklam - Reviewer)

Download

$ git fetch https://git.openjdk.java.net/jdk pull/2410/head:pull/2410
$ git checkout pull/2410

[bridgekeeper]

👋 Welcome back coleenp! A progress list of the required criteria for merging this PR into master will be added to the body of your pull request. There are additional pull request commands available for use with this pull request.

[openjdk]

@coleenp The following label will be automatically applied to this pull request:

• hotspot-runtime

When this pull request is ready to be reviewed, an "RFR" email will be sent to the corresponding mailing list. If you would like to change these labels, use the /label pull request command.

[mlbridge]

Webrevs

• 03: Full - Incremental (edc3770)
• 02: Full - Incremental (7a2a361)
• 01: Full - Incremental (296d0ad)
• 00: Full (19ddd06)

[mlchung]

It's good to see this change benefitting from -Djava.security.manager=disallow work. A minor comment: VM now hardcodes the value for NEVER (1). It may worth adding a comment in System::NEVER of such dependency.

[coleenp]

Thanks Mandy! It's nice to be able to optimize this. How's this comment? Is it an @implNote ??
// @implNote The HotSpot JVM hardcodes the value of NEVER.

[iklam]

Thanks Mandy! It's nice to be able to optimize this. How's this comment? Is it an @implNote ??
// @implNote The HotSpot JVM hardcodes the value of NEVER.

I think it's better to define const int NEVER = 1, and add code in debug builds to compare its value with the System::NEVER static field.

[coleenp]

I didn't think a static final field would have an offset?
private static final int NEVER = 1;

[dholmes-ora]

Hi Coleen,

Basic optimization looks good. I have a concern over the locking change. Some minor comments below.

Thanks,
David

[dholmes-ora]

Some comments remain confusing.

Thanks,
David

[dholmes-ora]

No this field returns the installed SM if any. It doesn't tell you anything about whether you can install a SM or not (though obviously if non-NULL then you could).

[coleenp]

// This field tells us that a security manager is installed.

How about I just put this. I had a bug earlier that this explained to me but the allow_security_manager() also explains it.

[dholmes-ora]

Updates seem fine to me.

Thanks,
David

[openjdk]

@coleenp This change now passes all automated pre-integration checks.

ℹ️ This project also has non-automated pre-integration requirements. Please see the file CONTRIBUTING.md for details.

After integration, the commit message for the final commit will be:

8195744: Avoid calling ClassLoader.checkPackageAccess if security manager is not installed

Reviewed-by: dholmes, iklam

You can use pull request commands such as /summary, /contributor and /issue to adjust it as needed.

At the time when this comment was updated there had been 47 new commits pushed to the master branch:

• ab65d53: 8261261: The version extra fields needs to be overridable in jib-profiles.js
• 20d7713: 8261334: NMT: tuning statistic shows incorrect hash distribution
• 92c6e6d: 8261254: Initialize charset mapping data lazily
• 351d788: 8259074: regex benchmarks and tests
• d6d5d9b: 8261231: Windows IME was disabled after DnD operation
• 29a428f: 8261229: MethodData is not correctly initialized with TieredStopAtLevel=3
• 48c932e: 8231286: HTML font size too large with high-DPI scaling and W3C_LENGTH_UNITS
• dbc35f6: 8261094: Open javax/swing/text/html/CSS/4765271/bug4765271.java
• db0ca2b: 8261161: Clean up warnings in hotspot/jtreg/vmTestbase tests
• 2c28e36: 8237352: Update DatagramSocket to add support for joining multicast groups
• ... and 37 more: https://git.openjdk.java.net/jdk/compare/c1dea39d08e3a9af03430b603e24192a02cde223...master

As there are no conflicts, your changes will automatically be rebased on top of these commits when integrating. If you prefer to avoid this automatic rebasing, please check the documentation for the /integrate command for further details.

➡️ To integrate this PR with the above commit message to the master branch, type /integrate in a new comment.

[coleenp]

Thanks for the code review, David.

[coleenp]

Thanks for the code review Ioi, and thank you Mandy for looking at it.
/integrate

[openjdk]

@coleenp Since your change was applied there have been 47 commits pushed to the master branch:

• ab65d53: 8261261: The version extra fields needs to be overridable in jib-profiles.js
• 20d7713: 8261334: NMT: tuning statistic shows incorrect hash distribution
• 92c6e6d: 8261254: Initialize charset mapping data lazily
• 351d788: 8259074: regex benchmarks and tests
• d6d5d9b: 8261231: Windows IME was disabled after DnD operation
• 29a428f: 8261229: MethodData is not correctly initialized with TieredStopAtLevel=3
• 48c932e: 8231286: HTML font size too large with high-DPI scaling and W3C_LENGTH_UNITS
• dbc35f6: 8261094: Open javax/swing/text/html/CSS/4765271/bug4765271.java
• db0ca2b: 8261161: Clean up warnings in hotspot/jtreg/vmTestbase tests
• 2c28e36: 8237352: Update DatagramSocket to add support for joining multicast groups
• ... and 37 more: https://git.openjdk.java.net/jdk/compare/c1dea39d08e3a9af03430b603e24192a02cde223...master

Your commit was automatically rebased without conflicts.

Pushed as commit ace8f94.

💡 You may see a message that your pull request was closed with unmerged commits. This can be safely ignored.

[mlchung]

Looks good.

[coleenp]

Thanks Mandy!