From 597d7f650b0656fcb3985b01f53284717b41e5cc Mon Sep 17 00:00:00 2001 From: Mathew Inwood Date: Thu, 22 Mar 2018 11:36:47 +0000 Subject: More flexible API enforcement policy support. This CL adds the ability to configure which banned API lists to enforce, defined by new enum hiddenapi::ApiEnforcementPolicy. Currently, the policy can be set at zygote fork time, but not at dex optimization time where blacklist enforcement is still assumed. As such, making the policy more strict will not work as expected yet. This will be improved in a follow up CL. Test: art tests pass Test: Device boots BUG: 73337509 (cherry-picked from commit 159f596eec01adbb5a1c9654402c137cdb943131) Change-Id: I6c319bb8a3000cb1d3c4693b4fb196e749c36d96 Merged-In: I33f9afce628a86727e400052f4d5979d3536da8c --- runtime/native/java_lang_Class.cc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'runtime/native/java_lang_Class.cc') diff --git a/runtime/native/java_lang_Class.cc b/runtime/native/java_lang_Class.cc index 25d50376de..fc61c9597e 100644 --- a/runtime/native/java_lang_Class.cc +++ b/runtime/native/java_lang_Class.cc @@ -89,8 +89,8 @@ static bool IsCallerInBootClassPath(Thread* self) REQUIRES_SHARED(Locks::mutator // access hidden APIs. This can be *very* expensive. Never call this in a loop. ALWAYS_INLINE static bool ShouldEnforceHiddenApi(Thread* self) REQUIRES_SHARED(Locks::mutator_lock_) { - return Runtime::Current()->AreHiddenApiChecksEnabled() && - !IsCallerInBootClassPath(self); + hiddenapi::EnforcementPolicy policy = Runtime::Current()->GetHiddenApiEnforcementPolicy(); + return policy != hiddenapi::EnforcementPolicy::kNoChecks && !IsCallerInBootClassPath(self); } // Returns true if the first non-ClassClass caller up the stack should not be -- cgit v1.2.3-59-g8ed1b