8343981: Remove usage of security manager from Thread and related classes

[AlanBateman]

Removes the SecurityManager usage from Thread + friends.

In Thread, the getContextClassLoader method is no longer caller-sensitive method.

JavaLangAccess.newThreadWithAcc is removed and jdk.internal.access is no longer exported to java.naming. The usage of newThreadWithAcc is removed from com.sun.jndi.ldap.VersionHelper. There will be further work on the java.naming module to remove usage of SM, the change here is specific to the usage of ewThreadWithAcc.

---

Progress

• Change must be properly reviewed (1 review required, with at least 1 Reviewer)
• Change must not contain extraneous whitespace
• Commit message must refer to an issue

Issue

• JDK-8343981: Remove usage of security manager from Thread and related classes (Enhancement - P4)

Reviewers

• Roger Riggs (@RogerRiggs - Reviewer)
• Yudi Zheng (@mur47x111 - Committer)

Reviewing

Using git

Checkout this PR locally:
$ git fetch https://git.openjdk.org/jdk.git pull/22035/head:pull/22035
$ git checkout pull/22035

Update a local copy of the PR:
$ git checkout pull/22035
$ git pull https://git.openjdk.org/jdk.git pull/22035/head

Using Skara CLI tools

Checkout this PR locally:
$ git pr checkout 22035

View PR using the GUI difftool:
$ git pr show -t 22035

Using diff file

Download this PR as a diff file:
https://git.openjdk.org/jdk/pull/22035.diff

Using Webrev

Link to Webrev Comment

[mlbridge]

Webrevs

• 03: Full (636ebd19)
• 02: Full (4f320f92)
• 01: Full (7bffe787)
• 00: Full (7bffe787)

[openjdk-notifier]

The parent pull request that this pull request depends on has now been integrated and the target branch of this pull request has been updated. This means that changes from the dependent pull request can start to show up as belonging to this pull request, which may be confusing for reviewers. To remedy this situation, simply merge the latest changes from the new target branch into this pull request by running commands similar to these in the local repository for your personal fork:

git checkout JDK-8343981
git fetch https://git.openjdk.org/jdk.git master
git merge FETCH_HEAD
# if there are conflicts, follow the instructions given by git merge
git commit -m "Merge master"
git push

[openjdk]

@AlanBateman this pull request can not be integrated into master due to one or more merge conflicts. To resolve these merge conflicts and update this pull request you can run the following commands in the local repository for your personal fork:

git checkout JDK-8343981
git fetch https://git.openjdk.org/jdk.git master
git merge FETCH_HEAD
# resolve conflicts and follow the instructions given by git merge
git commit -m "Merge master"
git push

[openjdk]

⚠️ @AlanBateman This pull request contains merges that bring in commits not present in the target repository. Since this is not a "merge style" pull request, these changes will be squashed when this pull request in integrated. If this is your intention, then please ignore this message. If you want to preserve the commit structure, you must change the title of this pull request to Merge <project>:<branch> where <project> is the name of another project in the OpenJDK organization (for example Merge jdk:master).

[dfuch]

The proposed changes look reasonable to me. Good simplification of the code. I had some uncertainty about the JNDI changes but I couldn't find any place in JNDI where a Subject would be extracted from the ACC associated with the created thread so I'd say that looks fine.

[AlanBateman]

The proposed changes look reasonable to me. Good simplification of the code. I had some uncertainty about the JNDI changes but I couldn't find any place in JNDI where a Subject would be extracted from the ACC associated with the created thread so I'd say that looks fine.

ACC is dead and Subject is re-implemented on ScopedValue now so I think we are okay. There will be many other places where we will also drop the capture and use of the ACC.

[RogerRiggs]

Can the refactoring go back to the callers of createThread() to just create threads themselves.
And remove this trivial method.

[AlanBateman]

Yes, this will happen in the PR that does the cleanup of java.naming module.

[RogerRiggs]

LGTM

[mur47x111]

Please hold until I have the Graal changes ready
Good to go

[AlanBateman]

/integrate

[openjdk]

Going to push as commit 5e01c40.
Since your change was applied there have been 22 commits pushed to the master branch:

• dbf2346: 8341260: Add Float16 to jdk.incubator.vector
• a5f11b5: 8343483: Remove unnecessary @SuppressWarnings annotations (serviceability)
• 7be7772: 8344112: Remove code to support security manager execution mode from DatagramChannel implementation
• bd3fec3: 8344086: Remove security manager dependency in FFM
• 916694f: 8343317: Extend test generation tool to handle APX NDD/NF flavor of instructions
• eb240a7: 8344051: Problemlist jdk/jfr/event/runtime/TestNativeMemoryUsageEvents.java with ZGC until JDK-8343893 is fixed
• c00e20c: 8343285: java.lang.Process is unresponsive and CPU usage spikes to 100%
• cc2acd1: 8343286: Missing unchecked cast warning in polymorphic method call
• b80ca49: 8344124: JDK-8341411 Broke the build
• a08d67c: 8344080: Return type mismatch for jfr_unregister_stack_filter
• ... and 12 more: https://git.openjdk.org/jdk/compare/63eb4853f6782f350f67b6bcf25d83bc4480be71...master

Your commit was automatically rebased without conflicts.

[openjdk]

@AlanBateman Pushed as commit 5e01c40.

💡 You may see a message that your pull request was closed with unmerged commits. This can be safely ignored.