RFR: 8155023: jdk.vm.ci needs to securely export services

Doug Simon doug.simon at oracle.com
Mon May 9 12:48:14 UTC 2016

> On 09 May 2016, at 14:30, Alan Bateman <Alan.Bateman at oracle.com> wrote:
> On 09/05/2016 12:50, Doug Simon wrote:
>> :
>> Should I be passing System.getSystemClassLoader() as the second argument to ServiceLoader.load()?
> Probably as I assume you want to restrict deployments to the class path or module path. That is, I assume compiler implementation aren't going to be bundled with applications that are loaded into a running VM.

That is correct.

> If you do then you'll need to call ClassLoader::getSystemClassLoaded in a privileged block.

Ok. I’ve pushed these changes along with a comment explaining the use of the system class loader:


> The updated permission checks, to check JVMCIPermission, looks fine. Strictly speaking then the Services.loadXXX methods should need it but this isn't a general purpose service loading class so what you have is fine.

Got it.

Thanks for answering the final questions I have about this change.


More information about the hotspot-compiler-dev mailing list