< prev index next >

src/java.base/share/classes/jdk/internal/reflect/ReflectionFactory.java

Print this page
rev 49922 : 8202419: Avoid creating Permission constants early
Reviewed-by: TBD


  30 import java.io.ObjectOutputStream;
  31 import java.io.ObjectStreamClass;
  32 import java.io.OptionalDataException;
  33 import java.io.Serializable;
  34 import java.lang.invoke.MethodHandle;
  35 import java.lang.invoke.MethodHandles;
  36 import java.lang.reflect.Field;
  37 import java.lang.reflect.Executable;
  38 import java.lang.reflect.InvocationTargetException;
  39 import java.lang.reflect.Method;
  40 import java.lang.reflect.Constructor;
  41 import java.lang.reflect.Modifier;
  42 import java.security.Permission;
  43 import java.security.PrivilegedAction;
  44 import java.util.Objects;
  45 import java.util.Properties;
  46 
  47 import jdk.internal.misc.VM;
  48 import sun.reflect.misc.ReflectUtil;
  49 import sun.security.action.GetPropertyAction;

  50 
  51 /** <P> The master factory for all reflective objects, both those in
  52     java.lang.reflect (Fields, Methods, Constructors) as well as their
  53     delegates (FieldAccessors, MethodAccessors, ConstructorAccessors).
  54     </P>
  55 
  56     <P> The methods in this class are extremely unsafe and can cause
  57     subversion of both the language and the verifier. For this reason,
  58     they are all instance methods, and access to the constructor of
  59     this factory is guarded by a security check, in similar style to
  60     {@link jdk.internal.misc.Unsafe}. </P>
  61 */
  62 
  63 public class ReflectionFactory {
  64 
  65     private static boolean initted = false;
  66     private static final Permission reflectionFactoryAccessPerm
  67         = new RuntimePermission("reflectionFactoryAccess");
  68     private static final ReflectionFactory soleInstance = new ReflectionFactory();
  69     // Provides access to package-private mechanisms in java.lang.reflect
  70     private static volatile LangReflectAccess langReflectAccess;
  71 
  72     /* Method for static class initializer <clinit>, or null */
  73     private static volatile Method hasStaticInitializerMethod;
  74 
  75     //
  76     // "Inflation" mechanism. Loading bytecodes to implement
  77     // Method.invoke() and Constructor.newInstance() currently costs
  78     // 3-4x more than an invocation via native code for the first
  79     // invocation (though subsequent invocations have been benchmarked
  80     // to be over 20x faster). Unfortunately this cost increases
  81     // startup time for certain applications that use reflection
  82     // intensively (but only once per class) to bootstrap themselves.
  83     // To avoid this penalty we reuse the existing JVM entry points
  84     // for the first few invocations of Methods and Constructors and
  85     // then switch to the bytecode-based implementations.
  86     //
  87     // Package-private to be accessible to NativeMethodAccessorImpl


 113      * objects.
 114      *
 115      * <p> First, if there is a security manager, its
 116      * <code>checkPermission</code> method is called with a {@link
 117      * java.lang.RuntimePermission} with target
 118      * <code>"reflectionFactoryAccess"</code>.  This may result in a
 119      * security exception.
 120      *
 121      * <p> The returned <code>ReflectionFactory</code> object should be
 122      * carefully guarded by the caller, since it can be used to read and
 123      * write private data and invoke private methods, as well as to load
 124      * unverified bytecodes.  It must never be passed to untrusted code.
 125      *
 126      * @exception SecurityException if a security manager exists and its
 127      *             <code>checkPermission</code> method doesn't allow
 128      *             access to the RuntimePermission "reflectionFactoryAccess".  */
 129     public static ReflectionFactory getReflectionFactory() {
 130         SecurityManager security = System.getSecurityManager();
 131         if (security != null) {
 132             // TO DO: security.checkReflectionFactoryAccess();
 133             security.checkPermission(reflectionFactoryAccessPerm);

 134         }
 135         return soleInstance;
 136     }
 137 
 138     /**
 139      * Returns an alternate reflective Method instance for the given method
 140      * intended for reflection to invoke, if present.
 141      *
 142      * A trusted method can define an alternate implementation for a method `foo`
 143      * by defining a method named "reflected$foo" that will be invoked
 144      * reflectively.
 145      */
 146     private static Method findMethodForReflection(Method method) {
 147         String altName = "reflected$" + method.getName();
 148         try {
 149            return method.getDeclaringClass()
 150                         .getDeclaredMethod(altName, method.getParameterTypes());
 151         } catch (NoSuchMethodException ex) {
 152             return null;
 153         }




  30 import java.io.ObjectOutputStream;
  31 import java.io.ObjectStreamClass;
  32 import java.io.OptionalDataException;
  33 import java.io.Serializable;
  34 import java.lang.invoke.MethodHandle;
  35 import java.lang.invoke.MethodHandles;
  36 import java.lang.reflect.Field;
  37 import java.lang.reflect.Executable;
  38 import java.lang.reflect.InvocationTargetException;
  39 import java.lang.reflect.Method;
  40 import java.lang.reflect.Constructor;
  41 import java.lang.reflect.Modifier;
  42 import java.security.Permission;
  43 import java.security.PrivilegedAction;
  44 import java.util.Objects;
  45 import java.util.Properties;
  46 
  47 import jdk.internal.misc.VM;
  48 import sun.reflect.misc.ReflectUtil;
  49 import sun.security.action.GetPropertyAction;
  50 import sun.security.util.SecurityConstants;
  51 
  52 /** <P> The master factory for all reflective objects, both those in
  53     java.lang.reflect (Fields, Methods, Constructors) as well as their
  54     delegates (FieldAccessors, MethodAccessors, ConstructorAccessors).
  55     </P>
  56 
  57     <P> The methods in this class are extremely unsafe and can cause
  58     subversion of both the language and the verifier. For this reason,
  59     they are all instance methods, and access to the constructor of
  60     this factory is guarded by a security check, in similar style to
  61     {@link jdk.internal.misc.Unsafe}. </P>
  62 */
  63 
  64 public class ReflectionFactory {
  65 
  66     private static boolean initted = false;


  67     private static final ReflectionFactory soleInstance = new ReflectionFactory();
  68     // Provides access to package-private mechanisms in java.lang.reflect
  69     private static volatile LangReflectAccess langReflectAccess;
  70 
  71     /* Method for static class initializer <clinit>, or null */
  72     private static volatile Method hasStaticInitializerMethod;
  73 
  74     //
  75     // "Inflation" mechanism. Loading bytecodes to implement
  76     // Method.invoke() and Constructor.newInstance() currently costs
  77     // 3-4x more than an invocation via native code for the first
  78     // invocation (though subsequent invocations have been benchmarked
  79     // to be over 20x faster). Unfortunately this cost increases
  80     // startup time for certain applications that use reflection
  81     // intensively (but only once per class) to bootstrap themselves.
  82     // To avoid this penalty we reuse the existing JVM entry points
  83     // for the first few invocations of Methods and Constructors and
  84     // then switch to the bytecode-based implementations.
  85     //
  86     // Package-private to be accessible to NativeMethodAccessorImpl


 112      * objects.
 113      *
 114      * <p> First, if there is a security manager, its
 115      * <code>checkPermission</code> method is called with a {@link
 116      * java.lang.RuntimePermission} with target
 117      * <code>"reflectionFactoryAccess"</code>.  This may result in a
 118      * security exception.
 119      *
 120      * <p> The returned <code>ReflectionFactory</code> object should be
 121      * carefully guarded by the caller, since it can be used to read and
 122      * write private data and invoke private methods, as well as to load
 123      * unverified bytecodes.  It must never be passed to untrusted code.
 124      *
 125      * @exception SecurityException if a security manager exists and its
 126      *             <code>checkPermission</code> method doesn't allow
 127      *             access to the RuntimePermission "reflectionFactoryAccess".  */
 128     public static ReflectionFactory getReflectionFactory() {
 129         SecurityManager security = System.getSecurityManager();
 130         if (security != null) {
 131             // TO DO: security.checkReflectionFactoryAccess();
 132             security.checkPermission(
 133                 SecurityConstants.REFLECTION_FACTORY_ACCESS_PERMISSION);
 134         }
 135         return soleInstance;
 136     }
 137 
 138     /**
 139      * Returns an alternate reflective Method instance for the given method
 140      * intended for reflection to invoke, if present.
 141      *
 142      * A trusted method can define an alternate implementation for a method `foo`
 143      * by defining a method named "reflected$foo" that will be invoked
 144      * reflectively.
 145      */
 146     private static Method findMethodForReflection(Method method) {
 147         String altName = "reflected$" + method.getName();
 148         try {
 149            return method.getDeclaringClass()
 150                         .getDeclaredMethod(altName, method.getParameterTypes());
 151         } catch (NoSuchMethodException ex) {
 152             return null;
 153         }


< prev index next >