[prev in list] [next in list] [prev in thread] [next in thread]
List: openjdk-swing-dev
Subject: Re: RFR: 8331671: Implement JEP 472: Prepare to Restrict the Use of JNI [v8]
From: Jaikiran Pai <jpai () openjdk ! org>
Date: 2024-05-18 11:43:02
Message-ID: _4CgX7Ojzb5QH2sJ4k2fDgfz_zba03l_4feYaVyzhl0=.a6128ce8-56c3-4b71-a0e3-cf48c9b68c3e () github ! com
[Download RAW message or body]
On Fri, 17 May 2024 13:38:25 GMT, Maurizio Cimadamore <mcimadamore@openjdk.org> \
wrote:
> > This PR implements [JEP 472](https://openjdk.org/jeps/472), by restricting the \
> > use of JNI in the following ways:
> > * `System::load` and `System::loadLibrary` are now restricted methods
> > * `Runtime::load` and `Runtime::loadLibrary` are now restricted methods
> > * binding a JNI `native` method declaration to a native implementation is now \
> > considered a restricted operation
> > This PR slightly changes the way in which the JDK deals with restricted methods, \
> > even for FFM API calls. In Java 22, the single `--enable-native-access` was used \
> > both to specify a set of modules for which native access should be allowed *and* \
> > to specify whether illegal native access (that is, native access occurring from a \
> > module not specified by `--enable-native-access`) should be treated as an error \
> > or a warning. More specifically, an error is only issued if the \
> > `--enable-native-access flag` is used at least once.
> > Here, a new flag is introduced, namely `illegal-native-access=allow/warn/deny`, \
> > which is used to specify what should happen when access to a restricted method \
> > and/or functionality is found outside the set of modules specified with \
> > `--enable-native-access`. The default policy is `warn`, but users can select \
> > `allow` to suppress the warnings, or `deny` to cause `IllegalCallerException` to \
> > be thrown. This aligns the treatment of restricted methods with other mechanisms, \
> > such as `--illegal-access` and the more recent `--sun-misc-unsafe-memory-access`. \
> > Some changes were required in the package-info javadoc for `java.lang.foreign`, \
> > to reflect the changes in the command line flags described above.
>
> Maurizio Cimadamore has updated the pull request incrementally with one additional \
> commit since the last revision:
> Address review comments
Marked as reviewed by jpai (Reviewer).
-------------
PR Review: https://git.openjdk.org/jdk/pull/19213#pullrequestreview-2064736036
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic