> On Jul 11, 2016, at 4:15 PM, Weijun Wang <weijun.w...@oracle.com> wrote: > > Hi All > > Please review the code change at > > dev: http://cr.openjdk.java.net/~weijun/8159528/dev/webrev.00
Good to keep the PLATFORM_MODULE list in alphabetical order. So java.security.jgss should be moved up. > dev/jdk: http://cr.openjdk.java.net/~weijun/8159528/jdk/webrev.00 > Two comments related to the use of unsafe here. You use reflection to get access to Unsafe instance to bypass the caller’s class loader check. I think Unsafe::getUnsafe should be relaxed for null or ClassLoader::getPlatformLoader to access. On the other hand, we should also examine the use of Unsafe and see if they can be converted to VarHandle or other means. Maybe you can file a JBS issue for Unsafe::getUnsafe to allow the platform class loader to access it and another one to examine the use of unsafe in java.security.jgss module. I file a JBS issue to track this (JDK-8161121) to audit the callers of VM::isSystemDomainLoader and make appropriate adjustment. Mandy
