Hi all,

This commit avoids calling AccessController.getContext() twice when
creating an AccessControlContext with a security manager enabled.
I've been using BC-compiled Tomcat on gcj to benchmark the security
stuff, and this commit improves gcj's performance from 2200 to 2400
requests per second.

Cheers,
Gary
Index: ChangeLog
===================================================================
RCS file: /cvsroot/classpath/classpath/ChangeLog,v
retrieving revision 1.8357
diff -u -r1.8357 ChangeLog
--- ChangeLog   9 Aug 2006 22:25:51 -0000       1.8357
+++ ChangeLog   10 Aug 2006 14:33:06 -0000
@@ -1,3 +1,8 @@
+2006-08-10  Gary Benson  <[EMAIL PROTECTED]>
+
+       * java/security/AccessControlContext.java (<init>):
+       Avoid a duplicated AccessController.getContext() call.
+
 2006-08-09  Mark Wielaard  <[EMAIL PROTECTED]>
 
        * NEWS: Add updates for 0.92 release.
Index: java/security/AccessControlContext.java
===================================================================
RCS file: /cvsroot/classpath/classpath/java/security/AccessControlContext.java,v
retrieving revision 1.13
diff -u -r1.13 AccessControlContext.java
--- java/security/AccessControlContext.java     23 Oct 2005 17:04:46 -0000      
1.13
+++ java/security/AccessControlContext.java     10 Aug 2006 14:33:06 -0000
@@ -89,12 +89,30 @@
   public AccessControlContext(AccessControlContext acc,
                              DomainCombiner combiner)
   {
+    AccessControlContext acc2 = null;
     SecurityManager sm = System.getSecurityManager ();
     if (sm != null)
       {
-        sm.checkPermission (new SecurityPermission 
("createAccessControlContext"));
+       Permission perm =
+         new SecurityPermission ("createAccessControlContext");
+
+       // The default SecurityManager.checkPermission(perm) just calls 
+       // AccessController.checkPermission(perm) which in turn just
+       // calls AccessController.getContext().checkPermission(perm).
+       // This means AccessController.getContext() is called twice,
+       // once for the security check and once by us.  It's a very
+       // expensive call (on gcj at least) so if we're using the
+       // default security manager we avoid this duplication.
+       if (sm.getClass() == SecurityManager.class)
+         {
+           acc2 = AccessController.getContext ();
+           acc2.checkPermission (perm);
+         }
+       else
+         sm.checkPermission (perm);
       }
-    AccessControlContext acc2 = AccessController.getContext();
+    if (acc2 == null)
+      acc2 = AccessController.getContext ();
     protectionDomains = combiner.combine (acc2.protectionDomains,
                                           acc.protectionDomains);
     this.combiner = combiner;

Reply via email to