diff options
Diffstat (limited to 'runtime/hidden_api.cc')
| -rw-r--r-- | runtime/hidden_api.cc | 21 |
1 files changed, 14 insertions, 7 deletions
diff --git a/runtime/hidden_api.cc b/runtime/hidden_api.cc index 98774bdf2d..6a9bdf6c79 100644 --- a/runtime/hidden_api.cc +++ b/runtime/hidden_api.cc @@ -435,15 +435,10 @@ bool ShouldDenyAccessToMemberImpl(T* member, ApiList api_list, AccessMethod acce DCHECK(member != nullptr); Runtime* runtime = Runtime::Current(); - EnforcementPolicy policy = runtime->GetHiddenApiEnforcementPolicy(); - DCHECK(policy != EnforcementPolicy::kDisabled) + EnforcementPolicy hiddenApiPolicy = runtime->GetHiddenApiEnforcementPolicy(); + DCHECK(hiddenApiPolicy != EnforcementPolicy::kDisabled) << "Should never enter this function when access checks are completely disabled"; - const bool deny_access = - (policy == EnforcementPolicy::kEnabled) && - IsSdkVersionSetAndMoreThan(runtime->GetTargetSdkVersion(), - api_list.GetMaxAllowedSdkVersion()); - MemberSignature member_signature(member); // Check for an exemption first. Exempted APIs are treated as white list. @@ -455,6 +450,18 @@ bool ShouldDenyAccessToMemberImpl(T* member, ApiList api_list, AccessMethod acce return false; } + EnforcementPolicy testApiPolicy = runtime->GetTestApiEnforcementPolicy(); + + bool deny_access = false; + if (hiddenApiPolicy == EnforcementPolicy::kEnabled) { + if (testApiPolicy == EnforcementPolicy::kDisabled && api_list.IsTestApi()) { + deny_access = false; + } else { + deny_access = IsSdkVersionSetAndMoreThan(runtime->GetTargetSdkVersion(), + api_list.GetMaxAllowedSdkVersion()); + } + } + if (access_method != AccessMethod::kNone) { // Print a log message with information about this class member access. // We do this if we're about to deny access, or the app is debuggable. |