8192789: Avoid using AtomicReference in sun.security.provider.PolicyFile

Reviewed-by: mullan, ahgross
2017-12-07 12:25:09 -08:00 · 2017-12-07 12:25:09 -08:00 · 72ac0bfc88
commit 72ac0bfc88
parent 29534320cd
1 changed files with 10 additions and 16 deletions
--- a/src/java.base/share/classes/sun/security/provider/PolicyFile.java
+++ b/src/java.base/share/classes/sun/security/provider/PolicyFile.java
@ -40,7 +40,7 @@ import javax.security.auth.x500.X500Principal;
 import java.io.FilePermission;
 import java.net.SocketPermission;
 import java.net.NetPermission;
-import java.util.concurrent.atomic.AtomicReference;
+import java.util.concurrent.ConcurrentHashMap;
 import jdk.internal.misc.JavaSecurityAccess;
 import static jdk.internal.misc.JavaSecurityAccess.ProtectionDomainCache;
 import jdk.internal.misc.SharedSecrets;
@ -248,7 +248,8 @@ public class PolicyFile extends java.security.Policy {
    private static final int DEFAULT_CACHE_SIZE = 1;

    // contains the policy grant entries, PD cache, and alias mapping
-    private AtomicReference<PolicyInfo> policyInfo = new AtomicReference<>();
+    // can be updated if refresh() is called
+    private volatile PolicyInfo policyInfo;

    private boolean expandProperties = true;
    private boolean allowSystemProperties = true;
@ -268,8 +269,8 @@ public class PolicyFile extends java.security.Policy {
     * previously parsed and have syntax errors, so that they can be
     * subsequently ignored.
     */
-    private static AtomicReference<Set<URL>> badPolicyURLs =
-        new AtomicReference<>(new HashSet<>());
+    private static Set<URL> badPolicyURLs =
+        Collections.newSetFromMap(new ConcurrentHashMap<URL,Boolean>());

    // The default.policy file
    private static final URL DEFAULT_POLICY_URL =
@ -341,7 +342,7 @@ public class PolicyFile extends java.security.Policy {
        // System.out.println("number caches=" + numCaches);
        PolicyInfo newInfo = new PolicyInfo(numCaches);
        initPolicyFile(newInfo, url);
-        policyInfo.set(newInfo);
+        policyInfo = newInfo;
    }

    private void initPolicyFile(final PolicyInfo newInfo, final URL url) {
@ -498,7 +499,7 @@ public class PolicyFile extends java.security.Policy {

        // skip parsing policy file if it has been previously parsed and
        // has syntax errors
-        if (badPolicyURLs.get().contains(policy)) {
+        if (badPolicyURLs.contains(policy)) {
            if (debug != null) {
                debug.println("skipping bad policy file: " + policy);
            }
@ -539,10 +540,7 @@ public class PolicyFile extends java.security.Policy {
                throw new InternalError("Failed to load default.policy", pe);
            }
            // record bad policy file to avoid later reparsing it
-            badPolicyURLs.updateAndGet(k -> {
-                k.add(policy);
-                return k;
-            });
+            badPolicyURLs.add(policy);
            Object[] source = {policy, pe.getNonlocalizedMessage()};
            System.err.println(LocalizedMessage.getNonlocalized
                (POLICY + ".error.parsing.policy.message", source));
@ -991,9 +989,7 @@ public class PolicyFile extends java.security.Policy {
     */
    @Override
    public boolean implies(ProtectionDomain pd, Permission p) {
-        PolicyInfo pi = policyInfo.get();
-        ProtectionDomainCache pdMap = pi.getPdMapping();
-
+        ProtectionDomainCache pdMap = policyInfo.getPdMapping();
        PermissionCollection pc = pdMap.get(pd);

        if (pc != null) {
@ -1139,9 +1135,7 @@ public class PolicyFile extends java.security.Policy {
    private Permissions getPermissions(Permissions perms,
                                       final CodeSource cs,
                                       Principal[] principals) {
-        PolicyInfo pi = policyInfo.get();
-
-        for (PolicyEntry entry : pi.policyEntries) {
+        for (PolicyEntry entry : policyInfo.policyEntries) {
            addPermissions(perms, cs, principals, entry);
        }