'Re: RFR: 8331671: Implement JEP 472: Prepare to Restrict the Use of JNI [v8]'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openjdk-swing-dev
Subject:    Re: RFR: 8331671: Implement JEP 472: Prepare to Restrict the Use of JNI [v8]
From:       Jaikiran Pai <jpai () openjdk ! org>
Date:       2024-05-18 11:43:02
Message-ID: _4CgX7Ojzb5QH2sJ4k2fDgfz_zba03l_4feYaVyzhl0=.a6128ce8-56c3-4b71-a0e3-cf48c9b68c3e () github ! com
[Download RAW message or body]

On Fri, 17 May 2024 13:38:25 GMT, Maurizio Cimadamore <mcimadamore@openjdk.org> \
wrote:

> > This PR implements [JEP 472](https://openjdk.org/jeps/472), by restricting the \
> > use of JNI in the following ways: 
> > * `System::load` and `System::loadLibrary` are now restricted methods
> > * `Runtime::load` and `Runtime::loadLibrary` are now restricted methods
> > * binding a JNI `native` method declaration to a native implementation is now \
> > considered a restricted operation 
> > This PR slightly changes the way in which the JDK deals with restricted methods, \
> > even for FFM API calls. In Java 22, the single `--enable-native-access` was used \
> > both to specify a set of modules for which native access should be allowed *and* \
> > to specify whether illegal native access (that is, native access occurring from a \
> > module not specified by `--enable-native-access`) should be treated as an error \
> > or a warning. More specifically, an error is only issued if the \
> > `--enable-native-access flag` is used at least once. 
> > Here, a new flag is introduced, namely `illegal-native-access=allow/warn/deny`, \
> > which is used to specify what should happen when access to a restricted method \
> > and/or functionality is found outside the set of modules specified with \
> > `--enable-native-access`. The default policy is `warn`, but users can select \
> > `allow` to suppress the warnings, or `deny` to cause `IllegalCallerException` to \
> > be thrown. This aligns the treatment of restricted methods with other mechanisms, \
> > such as `--illegal-access` and the more recent `--sun-misc-unsafe-memory-access`. \
> >  Some changes were required in the package-info javadoc for `java.lang.foreign`, \
> > to reflect the changes in the command line flags described above.
> 
> Maurizio Cimadamore has updated the pull request incrementally with one additional \
> commit since the last revision: 
> Address review comments

Marked as reviewed by jpai (Reviewer).

-------------

PR Review: https://git.openjdk.org/jdk/pull/19213#pullrequestreview-2064736036


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic