Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
openanolis
dragonwell8_jdk
提交
56291cd2
D
dragonwell8_jdk
项目概览
openanolis
/
dragonwell8_jdk
通知
4
Star
2
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
D
dragonwell8_jdk
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
56291cd2
编写于
11月 22, 2011
作者:
M
mullan
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
7093090: Reduce synchronization in java.security.Policy.getPolicyNoCheck
Reviewed-by: valeriep
上级
fa4eae9d
变更
1
隐藏空白更改
内联
并排
Showing
1 changed file
with
103 addition
and
75 deletion
+103
-75
src/share/classes/java/security/Policy.java
src/share/classes/java/security/Policy.java
+103
-75
未找到文件。
src/share/classes/java/security/Policy.java
浏览文件 @
56291cd2
...
...
@@ -28,6 +28,7 @@ package java.security;
import
java.util.Enumeration
;
import
java.util.WeakHashMap
;
import
java.util.concurrent.atomic.AtomicReference
;
import
sun.security.jca.GetInstance
;
import
sun.security.util.Debug
;
import
sun.security.util.SecurityConstants
;
...
...
@@ -60,8 +61,8 @@ import sun.security.util.SecurityConstants;
* with a standard type. The default policy type is "JavaPolicy".
*
* <p> Once a Policy instance has been installed (either by default, or by
* calling <code>setPolicy</code>),
*
the Java runtime invokes its <code>implies</code>
when it needs to
* calling <code>setPolicy</code>),
the Java runtime invokes its
*
<code>implies</code> method
when it needs to
* determine whether executing code (encapsulated in a ProtectionDomain)
* can perform SecurityManager-protected operations. How a Policy object
* retrieves its policy data is up to the Policy implementation itself.
...
...
@@ -94,18 +95,33 @@ public abstract class Policy {
public
static
final
PermissionCollection
UNSUPPORTED_EMPTY_COLLECTION
=
new
UnsupportedEmptyCollection
();
/** the system-wide policy. */
private
static
Policy
policy
;
// package private for AccessControlContext
// Information about the system-wide policy.
private
static
class
PolicyInfo
{
// the system-wide policy
final
Policy
policy
;
// a flag indicating if the system-wide policy has been initialized
final
boolean
initialized
;
PolicyInfo
(
Policy
policy
,
boolean
initialized
)
{
this
.
policy
=
policy
;
this
.
initialized
=
initialized
;
}
}
// PolicyInfo is stored in an AtomicReference
private
static
AtomicReference
<
PolicyInfo
>
policy
=
new
AtomicReference
<>(
new
PolicyInfo
(
null
,
false
));
private
static
final
Debug
debug
=
Debug
.
getInstance
(
"policy"
);
// Cache mapping ProtectionDomain.Key to PermissionCollection
private
WeakHashMap
<
ProtectionDomain
.
Key
,
PermissionCollection
>
pdMapping
;
/** package private for AccessControlContext */
/** package private for AccessControlContext
and ProtectionDomain
*/
static
boolean
isSet
()
{
return
policy
!=
null
;
PolicyInfo
pi
=
policy
.
get
();
return
pi
.
policy
!=
null
&&
pi
.
initialized
==
true
;
}
private
static
void
checkPermission
(
String
type
)
{
...
...
@@ -143,80 +159,92 @@ public abstract class Policy {
/**
* Returns the installed Policy object, skipping the security check.
* Used by
SecureClassLoader
and getPolicy.
* Used by
ProtectionDomain
and getPolicy.
*
* @return the installed Policy.
*
*/
static
synchronized
Policy
getPolicyNoCheck
()
static
Policy
getPolicyNoCheck
()
{
if
(
policy
==
null
)
{
String
policy_class
=
null
;
policy_class
=
AccessController
.
doPrivileged
(
new
PrivilegedAction
<
String
>()
{
public
String
run
()
{
return
Security
.
getProperty
(
"policy.provider"
);
PolicyInfo
pi
=
policy
.
get
();
// Use double-check idiom to avoid locking if system-wide policy is
// already initialized
if
(
pi
.
initialized
==
false
||
pi
.
policy
==
null
)
{
synchronized
(
Policy
.
class
)
{
PolicyInfo
pinfo
=
policy
.
get
();
if
(
pinfo
.
policy
==
null
)
{
String
policy_class
=
AccessController
.
doPrivileged
(
new
PrivilegedAction
<
String
>()
{
public
String
run
()
{
return
Security
.
getProperty
(
"policy.provider"
);
}
});
if
(
policy_class
==
null
)
{
policy_class
=
"sun.security.provider.PolicyFile"
;
}
});
if
(
policy_class
==
null
)
{
policy_class
=
"sun.security.provider.PolicyFile"
;
}
try
{
policy
=
(
Policy
)
Class
.
forName
(
policy_class
).
newInstance
();
}
catch
(
Exception
e
)
{
/*
* The policy_class seems to be an extension
* so we have to bootstrap loading it via a policy
* provider that is on the bootclasspath
* If it loads then shift gears to using the configured
* provider.
*/
// install the bootstrap provider to avoid recursion
policy
=
new
sun
.
security
.
provider
.
PolicyFile
();
final
String
pc
=
policy_class
;
Policy
p
=
AccessController
.
doPrivileged
(
new
PrivilegedAction
<
Policy
>()
{
public
Policy
run
()
{
try
{
ClassLoader
cl
=
ClassLoader
.
getSystemClassLoader
();
// we want the extension loader
ClassLoader
extcl
=
null
;
while
(
cl
!=
null
)
{
extcl
=
cl
;
cl
=
cl
.
getParent
();
}
return
(
extcl
!=
null
?
(
Policy
)
Class
.
forName
(
pc
,
true
,
extcl
).
newInstance
()
:
null
);
}
catch
(
Exception
e
)
{
if
(
debug
!=
null
)
{
debug
.
println
(
"policy provider "
+
pc
+
" not available"
);
e
.
printStackTrace
();
try
{
pinfo
=
new
PolicyInfo
(
(
Policy
)
Class
.
forName
(
policy_class
).
newInstance
(),
true
);
}
catch
(
Exception
e
)
{
/*
* The policy_class seems to be an extension
* so we have to bootstrap loading it via a policy
* provider that is on the bootclasspath.
* If it loads then shift gears to using the configured
* provider.
*/
// install the bootstrap provider to avoid recursion
Policy
polFile
=
new
sun
.
security
.
provider
.
PolicyFile
();
pinfo
=
new
PolicyInfo
(
polFile
,
false
);
policy
.
set
(
pinfo
);
final
String
pc
=
policy_class
;
Policy
pol
=
AccessController
.
doPrivileged
(
new
PrivilegedAction
<
Policy
>()
{
public
Policy
run
()
{
try
{
ClassLoader
cl
=
ClassLoader
.
getSystemClassLoader
();
// we want the extension loader
ClassLoader
extcl
=
null
;
while
(
cl
!=
null
)
{
extcl
=
cl
;
cl
=
cl
.
getParent
();
}
return
(
extcl
!=
null
?
(
Policy
)
Class
.
forName
(
pc
,
true
,
extcl
).
newInstance
()
:
null
);
}
catch
(
Exception
e
)
{
if
(
debug
!=
null
)
{
debug
.
println
(
"policy provider "
+
pc
+
" not available"
);
e
.
printStackTrace
();
}
return
null
;
}
return
null
;
}
});
/*
* if it loaded install it as the policy provider. Otherwise
* continue to use the system default implementation
*/
if
(
pol
!=
null
)
{
pinfo
=
new
PolicyInfo
(
pol
,
true
);
}
else
{
if
(
debug
!=
null
)
{
debug
.
println
(
"using sun.security.provider.PolicyFile"
);
}
pinfo
=
new
PolicyInfo
(
polFile
,
true
);
}
});
/*
* if it loaded install it as the policy provider. Otherwise
* continue to use the system default implementation
*/
if
(
p
!=
null
)
{
policy
=
p
;
}
else
{
if
(
debug
!=
null
)
{
debug
.
println
(
"using sun.security.provider.PolicyFile"
);
}
policy
.
set
(
pinfo
);
}
return
pinfo
.
policy
;
}
}
return
policy
;
return
p
i
.
p
olicy
;
}
/**
...
...
@@ -245,7 +273,7 @@ public abstract class Policy {
initPolicy
(
p
);
}
synchronized
(
Policy
.
class
)
{
Policy
.
policy
=
p
;
policy
.
set
(
new
PolicyInfo
(
p
,
p
!=
null
))
;
}
}
...
...
@@ -292,14 +320,14 @@ public abstract class Policy {
PermissionCollection
policyPerms
=
null
;
synchronized
(
p
)
{
if
(
p
.
pdMapping
==
null
)
{
p
.
pdMapping
=
new
WeakHashMap
<
ProtectionDomain
.
Key
,
PermissionCollection
>();
p
.
pdMapping
=
new
WeakHashMap
<>();
}
}
if
(
policyDomain
.
getCodeSource
()
!=
null
)
{
if
(
Policy
.
isSet
())
{
policyPerms
=
policy
.
getPermissions
(
policyDomain
);
Policy
pol
=
policy
.
get
().
policy
;
if
(
pol
!=
null
)
{
policyPerms
=
pol
.
getPermissions
(
policyDomain
);
}
if
(
policyPerms
==
null
)
{
// assume it has all
...
...
@@ -434,7 +462,7 @@ public abstract class Policy {
type
,
params
);
}
catch
(
NoSuchAlgorithmException
nsae
)
{
return
handleException
(
nsae
);
return
handleException
(
nsae
);
}
}
...
...
@@ -494,7 +522,7 @@ public abstract class Policy {
type
,
params
);
}
catch
(
NoSuchAlgorithmException
nsae
)
{
return
handleException
(
nsae
);
return
handleException
(
nsae
);
}
}
...
...
@@ -808,7 +836,7 @@ public abstract class Policy {
*
* @param permission the Permission object to compare.
*
* @return true if "permission" is implied by the
permissions in
* @return true if "permission" is implied by the permissions in
* the collection, false if not.
*/
@Override
public
boolean
implies
(
Permission
permission
)
{
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录