深入源码分析non-sdk并绕过Android 9.0反射限制

最新推荐文章于 2023-05-22 11:43:12 发布
最新推荐文章于 2023-05-22 11:43:12 发布
阅读量1.6k 收藏 2
点赞数
分类专栏: Android深度探索 # Android Security Android Reflection / 反射调用 文章标签: Android P 反射 Android 9.0 non-sdk

Android 9.0终于来了,non-sdk或许是我们最大的适配点。本文将分析non-sdk的原理以及如何绕过它继续反射调用系统私有API。

 

先看一段简单的反射代码:

            Class<?> activityThreadClass = Class.forName("android.app.ActivityThread");
            Method currentActivityThreadMethod = activityThreadClass.getDeclaredMethod("currentActivityThread");
运行这段代码便会出现""Accessing hidden ....."警告。

 

先看一下getDeclaredMethod()实现:

    public Method getDeclaredMethod(String name, Class<?>... parameterTypes)
        throws NoSuchMethodException, SecurityException {
        return getMethod(name, parameterTypes, false);
    }
接下来看下getMethod()函数:

    private Method getMethod(String name, Class<?>[] parameterTypes, boolean recursivePublicMethods)
            throws NoSuchMethodException {
        if (name == null) {
            throw new NullPointerException("name == null");
        }
        if (parameterTypes == null) {
            parameterTypes = EmptyArray.CLASS;
        }
        for (Class<?> c : parameterTypes) {
            if (c == null) {
                throw new NoSuchMethodException("parameter type is null");
            }
        }
        Method result = recursivePublicMethods ? getPublicMethodRecursive(name, parameterTypes)
                                               : getDeclaredMethodInternal(name, parameterTypes);
        // Fail if we didn't find the method or it was expected to be public.
        if (result == null ||
            (recursivePublicMethods && !Modifier.isPublic(result.getAccessFlags()))) {
            throw new NoSuchMethodException(name + " " + Arrays.toString(parameterTypes));
        }
        return result;
    }
因为它的参数固定为recursivePublicMethods为false,所以最后会调用getDeclaredMethodInternal(),而这是一个natie函数,定义如下。

    /**
     * Returns the method if it is defined by this class; {@code null} otherwise. This may return a
     * non-public member.
     *
     * @param name the method name
     * @param args the method's parameter types
     */
    @FastNative
    private native Method getDeclaredMethodInternal(String name, Class<?>[] args);
 

getDeclaredMethodInternal()的native实现在art/runtime/native/java_lang_Class.cc中,为了看得更直观的,我们来看一下9.0和8.1相比做了哪些修改。下图中左边是9.0,右边是8.1:

一下就看出来了,9.1的代码在反射时候会增加一个ShouldBlockAccessToMember()判断,如果返回true,那么你在getDeclaredMethod()时候就会得到null。

 

顺着往下看ShouldBlockAccessToMember()是怎么判断的:

// Returns true if the first non-ClassClass caller up the stack should not be
// allowed access to `member`.
template<typename T>
ALWAYS_INLINE static bool ShouldBlockAccessToMember(T* member, Thread* self)
    REQUIRES_SHARED(Locks::mutator_lock_) {
  hiddenapi::Action action = hiddenapi::GetMemberAction(
      member, self, IsCallerTrusted, hiddenapi::kReflection);
  if (action != hiddenapi::kAllow) {
    hiddenapi::NotifyHiddenApiListener(member);
  }
 
  return action == hiddenapi::kDeny;
}
它会调用hiddenapi::GetMemberAction(),如果返回hiddenapi::kDeny,则会block反射调用。

hiddenapi主要会涉及到art/runtime/hidden_api.h和art/runtime/hidden_api.cc两个文件。

 

继续往下看GetMemberAction()的实现: 

template<typename T> inline Action GetMemberAction(T* member,Thread* self,std::function<bool(Thread*)> fn_caller_is_trusted,AccessMethod access_method)
    REQUIRES_SHARED(Locks::mutator_lock_) {
  DCHECK(member != nullptr);
 
  HiddenApiAccessFlags::ApiList api_list = member->GetHiddenApiAccessFlags();
 
  Action action = GetActionFromAccessFlags(member->GetHiddenApiAccessFlags());
  if (action == kAllow) {
    // Nothing to do.
    return action;
  }
 
  if (fn_caller_is_trusted(self)) {
    // Caller is trusted. Exit.
    return kAllow;
  }
 
  return detail::GetMemberActionImpl(member, api_list, action, access_method);
}
这个函数会先通过GetHiddenApiAccessFlags()获取到API的hidden访问级别,再根据它用GetActionFromAccessFlags()来拿到对应的Action。

如果Action为kAllow,则不做任何处理。

如果Action不为kAllow再通过fn_caller_is_trusted看当前是否是系统调用的,如果是系统调用则返回kAllow。

如果Action不为kAllow且不是系统调用则继续通过GetMemberActionImpl()做进一步判断,看是否需要block。

(by the way,如果我们要绕过反射限制,就可以在这个函数中做处理,后面会讲到)

 

GetHiddenApiAccessFlags()的实现在runtime/art_method-inl.h中:

inline HiddenApiAccessFlags::ApiList ArtMethod::GetHiddenApiAccessFlags()
    REQUIRES_SHARED(Locks::mutator_lock_) {
  if (UNLIKELY(IsIntrinsic())) {
    switch (static_cast<Intrinsics>(GetIntrinsic())) {
      case Intrinsics::kSystemArrayCopyChar:
      case Intrinsics::kStringGetCharsNoCheck:
      case Intrinsics::kReferenceGetReferent:
        // These intrinsics are on the light greylist and will fail a DCHECK in
        // SetIntrinsic() if their flags change on the respective dex methods.
        // Note that the DCHECK currently won't fail if the dex methods are
        // whitelisted, e.g. in the core image (b/77733081). As a result, we
        // might print warnings but we won't change the semantics.
        return HiddenApiAccessFlags::kLightGreylist;
      case Intrinsics::kVarHandleFullFence:
      case Intrinsics::kVarHandleAcquireFence:
      case Intrinsics::kVarHandleReleaseFence:
      case Intrinsics::kVarHandleLoadLoadFence:
      case Intrinsics::kVarHandleStoreStoreFence:
      case Intrinsics::kVarHandleCompareAndExchange:
      case Intrinsics::kVarHandleCompareAndExchangeAcquire:
      case Intrinsics::kVarHandleCompareAndExchangeRelease:
      case Intrinsics::kVarHandleCompareAndSet:
      case Intrinsics::kVarHandleGet:
      case Intrinsics::kVarHandleGetAcquire:
      case Intrinsics::kVarHandleGetAndAdd:
      case Intrinsics::kVarHandleGetAndAddAcquire:
      case Intrinsics::kVarHandleGetAndAddRelease:
      case Intrinsics::kVarHandleGetAndBitwiseAnd:
      case Intrinsics::kVarHandleGetAndBitwiseAndAcquire:
      case Intrinsics::kVarHandleGetAndBitwiseAndRelease:
      case Intrinsics::kVarHandleGetAndBitwiseOr:
      case Intrinsics::kVarHandleGetAndBitwiseOrAcquire:
      case Intrinsics::kVarHandleGetAndBitwiseOrRelease:
      case Intrinsics::kVarHandleGetAndBitwiseXor:
      case Intrinsics::kVarHandleGetAndBitwiseXorAcquire:
      case Intrinsics::kVarHandleGetAndBitwiseXorRelease:
      case Intrinsics::kVarHandleGetAndSet:
      case Intrinsics::kVarHandleGetAndSetAcquire:
      case Intrinsics::kVarHandleGetAndSetRelease:
      case Intrinsics::kVarHandleGetOpaque:
      case Intrinsics::kVarHandleGetVolatile:
      case Intrinsics::kVarHandleSet:
      case Intrinsics::kVarHandleSetOpaque:
      case Intrinsics::kVarHandleSetRelease:
      case Intrinsics::kVarHandleSetVolatile:
      case Intrinsics::kVarHandleWeakCompareAndSet:
      case Intrinsics::kVarHandleWeakCompareAndSetAcquire:
      case Intrinsics::kVarHandleWeakCompareAndSetPlain:
      case Intrinsics::kVarHandleWeakCompareAndSetRelease:
        // These intrinsics are on the blacklist and will fail a DCHECK in
        // SetIntrinsic() if their flags change on the respective dex methods.
        // Note that the DCHECK currently won't fail if the dex methods are
        // whitelisted, e.g. in the core image (b/77733081). Given that they are
        // exclusively VarHandle intrinsics, they should not be used outside
        // tests that do not enable hidden API checks.
        return HiddenApiAccessFlags::kBlacklist;
      default:
        // Remaining intrinsics are public API. We DCHECK that in SetIntrinsic().
        return HiddenApiAccessFlags::kWhitelist;
    }
  } else {
    return HiddenApiAccessFlags::DecodeFromRuntime(GetAccessFlags());
  }
}
就是简单的获取函数flag,我们可以简单的认为一个函数的flag是固定的。

这个函数的返回值ApiList其实也是一个int值,具体的定位在at/libdexfile/dex/hidden_api_access_flags.h中:

  enum ApiList {
    kWhitelist = 0,
    kLightGreylist,
    kDarkGreylist,
    kBlacklist,
  };
和这个ApiList对应的Action定义在hidden_api.h中:

enum Action {
  kAllow,
  kAllowButWarn,
  kAllowButWarnAndToast,
  kDeny
};
我们先来看看GetActionFromAccessFlags()是如何根据ApiList得到Action的:

inline Action GetActionFromAccessFlags(HiddenApiAccessFlags::ApiList api_list) {
  if (api_list == HiddenApiAccessFlags::kWhitelist) {
    return kAllow;
  }
 
  EnforcementPolicy policy = Runtime::Current()->GetHiddenApiEnforcementPolicy();
  if (policy == EnforcementPolicy::kNoChecks) {
    // Exit early. Nothing to enforce.
    return kAllow;
  }
 
  // if policy is "just warn", always warn. We returned above for whitelist APIs.
  if (policy == EnforcementPolicy::kJustWarn) {
    return kAllowButWarn;
  }
  DCHECK(policy >= EnforcementPolicy::kDarkGreyAndBlackList);
  // The logic below relies on equality of values in the enums EnforcementPolicy and
  // HiddenApiAccessFlags::ApiList, and their ordering. Assertions are in hidden_api.cc.
  if (static_cast<int>(policy) > static_cast<int>(api_list)) {
    return api_list == HiddenApiAccessFlags::kDarkGreylist
        ? kAllowButWarnAndToast
        : kAllowButWarn;
  } else {
    return kDeny;
  }
}
如果ApiList为kWhitelist,或者GetHiddenApiEnforcementPolicy()返回的策略为kNoChecks,则不做任何处理。

这里涉及到了EnforcementPolicy,我们看看它的定义:

enum class EnforcementPolicy {
  kNoChecks             = 0,
  kJustWarn             = 1,  // keep checks enabled, but allow everything (enables logging)
  kDarkGreyAndBlackList = 2,  // ban dark grey & blacklist
  kBlacklistOnly        = 3,  // ban blacklist violations only
  kMax = kBlacklistOnly,
};
kNoChecks:允许调用所有API,不做任何检测

kJustWarn:允许调用所有API,但是对于私有API的调用会打印警告log

kDarkGreyAndBlackList:会阻止调用dark grey或black list中的API

kBlacklistOnly:会阻止调用black list中的API
 

到这里我们也就明白了ApiList,Action,EnforcementPolicy这三者的关系。

Google其实是通过EnforcementPolicy的配置,将ApiList转成Action。脑海里突然想到了我们天天说的要将业务和实现分离,这就是例子....

 

下面将GetActionFromAccessFlags()的处理逻辑整理成一个表格,不想看看代码的看这个表格就可以了:

     ApiList
kWhitelist    kLightGreylist    kDarkGreylist    kBlacklist
EnforcementPolicy    kNoChecks    kAllow    kAllow    kAllow    kAllow
kJustWarn    kAllow    kAllowButWarn    kAllowButWarn    kAllowButWarn
kDarkGreyAndBlackList    kAllow    kAllowButWarn    kDeny    kDeny
kBlacklistOnly    kAllow    kAllowButWarn    kAllowButWarnAndToast    kDeny
 

 

 

接下来再看下GetMemberActionImpl()函数会做哪些判断:

template<typename T>
Action GetMemberActionImpl(T* member,
                           HiddenApiAccessFlags::ApiList api_list,
                           Action action,
                           AccessMethod access_method) {
  DCHECK_NE(action, kAllow);
 
  // Get the signature, we need it later.
  MemberSignature member_signature(member);
 
  Runtime* runtime = Runtime::Current();
 
  // Check for an exemption first. Exempted APIs are treated as white list.
  // We only do this if we're about to deny, or if the app is debuggable. This is because:
  // - we only print a warning for light greylist violations for debuggable apps
  // - for non-debuggable apps, there is no distinction between light grey & whitelisted APIs.
  // - we want to avoid the overhead of checking for exemptions for light greylisted APIs whenever
  //   possible.
  const bool shouldWarn = kLogAllAccesses || runtime->IsJavaDebuggable();
  if (shouldWarn || action == kDeny) {
    if (member_signature.IsExempted(runtime->GetHiddenApiExemptions())) {
      action = kAllow;
      // Avoid re-examining the exemption list next time.
      // Note this results in no warning for the member, which seems like what one would expect.
      // Exemptions effectively adds new members to the whitelist.
      MaybeWhitelistMember(runtime, member);
      return kAllow;
    }
 
    if (access_method != kNone) {
      // Print a log message with information about this class member access.
      // We do this if we're about to block access, or the app is debuggable.
      member_signature.WarnAboutAccess(access_method, api_list);
    }
  }
 
  if (kIsTargetBuild) {
    uint32_t eventLogSampleRate = runtime->GetHiddenApiEventLogSampleRate();
    // Assert that RAND_MAX is big enough, to ensure sampling below works as expected.
    static_assert(RAND_MAX >= 0xffff, "RAND_MAX too small");
    if (eventLogSampleRate != 0 &&
        (static_cast<uint32_t>(std::rand()) & 0xffff) < eventLogSampleRate) {
      member_signature.LogAccessToEventLog(access_method, action);
    }
  }
 
  if (action == kDeny) {
    // Block access
    return action;
  }
 
  // Allow access to this member but print a warning.
  DCHECK(action == kAllowButWarn || action == kAllowButWarnAndToast);
 
  if (access_method != kNone) {
    // Depending on a runtime flag, we might move the member into whitelist and
    // skip the warning the next time the member is accessed.
    MaybeWhitelistMember(runtime, member);
 
    // If this action requires a UI warning, set the appropriate flag.
    if (shouldWarn &&
        (action == kAllowButWarnAndToast || runtime->ShouldAlwaysSetHiddenApiWarningFlag())) {
      runtime->SetPendingHiddenApiWarning(true);
    }
  }
 
  return action;
}
 

kLogAllAccesses表示是否强制打印警告,默认值为false。

IsJavaDebuggable()则是看我们的App是release版本还是debug版本。
当app为debug版本或者action为kDeny时,这时还会调用IsExempted()来看这个函数是否真的需要处理。如果函数在豁免名单中,则不会处理,返回kAllow。并且调用MaybeWhitelistMember()将这个API的flag修改为kWhitelist。

MaybeWhitelistMember()实现:

template<typename T>
static ALWAYS_INLINE void MaybeWhitelistMember(Runtime* runtime, T* member)
    REQUIRES_SHARED(Locks::mutator_lock_) {
  if (CanUpdateMemberAccessFlags(member) && runtime->ShouldDedupeHiddenApiWarnings()) {
    member->SetAccessFlags(HiddenApiAccessFlags::EncodeForRuntime(
        member->GetAccessFlags(), HiddenApiAccessFlags::kWhitelist));
  }
}
所以现在我们知道了其实系统是有2个列表的,一个列表是系统中自带的list,另外一个是进程启动时,设置的豁免列表。

 

接着上面继续分析,如果不在豁免名单里面,并且这个函数访问模式不是kNone,则会打印警告Log.

hidden_api.h中定义了几种访问模式:

enum AccessMethod {
  kNone,  // internal test that does not correspond to an actual access by app
  kReflection,
  kJNI,
  kLinking,
};
下面讲一下这几种模式分别在什么情况下使用:

1.kNone是一种测试模式,这种模式下不会打印任何log。比如linker中检测某个函数是否存在,则会用这种模式。

下面是class_linker.cc中的代码:

// Returns true if `method` is either null or hidden.
// Does not print any warnings if it is hidden.
static bool CheckNoSuchMethod(ArtMethod* method,
                              ObjPtr<mirror::DexCache> dex_cache,
                              ObjPtr<mirror::ClassLoader> class_loader)
      REQUIRES_SHARED(Locks::mutator_lock_) {
  return method == nullptr ||
         hiddenapi::GetMemberAction(method,
                                    class_loader,
                                    dex_cache,
                                    hiddenapi::kNone)  // do not print warnings
             == hiddenapi::kDeny;
}
 

2.kReflection如其名字,java层反射调用API时使用的。

下面是java_lang_Class.cc中的代码:

static jobject Class_getDeclaredMethodInternal(JNIEnv* env, jobject javaThis,
                                               jstring name, jobjectArray args) {
 
.................
  if (result == nullptr || ShouldBlockAccessToMember(result->GetArtMethod(), soa.Self())) {
    return nullptr;
  }
  return soa.AddLocalReference<jobject>(result.Get());
}
 
 
 
template<typename T>
ALWAYS_INLINE static bool ShouldBlockAccessToMember(T* member, Thread* self)
    REQUIRES_SHARED(Locks::mutator_lock_) {
  hiddenapi::Action action = hiddenapi::GetMemberAction(
      member, self, IsCallerTrusted, hiddenapi::kReflection);
  if (action != hiddenapi::kAllow) {
    hiddenapi::NotifyHiddenApiListener(member);
  }
  return action == hiddenapi::kDeny;
}
3.kJNI则是在JNI层通过FindMethodID()/FindFieldID()调用函数时使用的。

下面是jni_internal.cc中的代码:

static jmethodID FindMethodID(ScopedObjectAccess& soa, jclass jni_class,
                              const char* name, const char* sig, bool is_static)
    REQUIRES_SHARED(Locks::mutator_lock_) {
  .............
  if (method != nullptr && ShouldBlockAccessToMember(method, soa.Self())) {
    method = nullptr;
  }
  if (method == nullptr || method->IsStatic() != is_static) {
    ThrowNoSuchMethodError(soa, c, name, sig, is_static ? "static" : "non-static");
    return nullptr;
  }
  return jni::EncodeArtMethod(method);
}
 
 
 
template<typename T>
ALWAYS_INLINE static bool ShouldBlockAccessToMember(T* member, Thread* self)
    REQUIRES_SHARED(Locks::mutator_lock_) {
  hiddenapi::Action action = hiddenapi::GetMemberAction(
      member, self, IsCallerTrusted, hiddenapi::kJNI);
  if (action != hiddenapi::kAllow) {
    hiddenapi::NotifyHiddenApiListener(member);
  }
 
  return action == hiddenapi::kDeny;
}
4.kLinking是在linker调用FindResolvedMethod()/FindResolvedField()时使用,针对动态链接的方式。

下面是jni_internal.cc中的代码:

ArtMethod* ClassLinker::FindResolvedMethod(ObjPtr<mirror::Class> klass,
                                           ObjPtr<mirror::DexCache> dex_cache,
                                           ObjPtr<mirror::ClassLoader> class_loader,
                                           uint32_t method_idx) {
........
  if (resolved != nullptr &&
      hiddenapi::GetMemberAction(
          resolved, class_loader, dex_cache, hiddenapi::kLinking) == hiddenapi::kDeny) {
    resolved = nullptr;
  }
  .....
  return resolved;
}
 

 

到现在GetMemberActionImpl()主要代码分析完了,剩下最后提示的部分:

emplate<typename T>
Action GetMemberActionImpl(T* member,
                           HiddenApiAccessFlags::ApiList api_list,
                           Action action,
                           AccessMethod access_method) {
  ...................
 
  if (action == kDeny) {
    // Block access
    return action;
  }
 
  // Allow access to this member but print a warning.
  DCHECK(action == kAllowButWarn || action == kAllowButWarnAndToast);
 
  if (access_method != kNone) {
    // Depending on a runtime flag, we might move the member into whitelist and
    // skip the warning the next time the member is accessed.
    MaybeWhitelistMember(runtime, member);
 
    // If this action requires a UI warning, set the appropriate flag.
    if (shouldWarn &&
        (action == kAllowButWarnAndToast || runtime->ShouldAlwaysSetHiddenApiWarningFlag())) {
      runtime->SetPendingHiddenApiWarning(true);
    }
  }
 
  return action;
}
如果action为kDeny,则直接返回,不是就会看是否需要弹出对话框等UI上的提示。

 

下面是打印警告Log的代码:

void MemberSignature::WarnAboutAccess(AccessMethod access_method,
                                      HiddenApiAccessFlags::ApiList list) {
  LOG(WARNING) << "Accessing hidden " << (type_ == kField ? "field " : "method ")
               << Dumpable<MemberSignature>(*this) << " (" << list << ", " << access_method << ")";
}
 

分析到此暂告一段落。总结一下:

1.对我们APP开发者来说,有3种做法会处触发API检查:a.java层反射;  b.jni调用; c.provided方式的动态链接 

整理如下:

类型    触发non-sdk检查的函数
hiddenapi::kJNI(Jni调用java Api)    FindMethodID()
FindFieldID()
hiddenapi::kLinking(Linker动态链接)    FindResolvedMethod()
ResolveMethodWithoutInvokeType()
FindResolvedField()
FindResolvedFieldJLS()
hiddenapi::kReflection(java反射)    Class_getPublicFieldRecursive()
Class_getDeclaredField()
Class_getDeclaredConstructorInternal()
Class_getDeclaredMethodInternal()
Class_newInstance()
 

2.API的检查结果都是由hidden_api.h中的GetMemberAction()返回的

 

3.ApiList,Action,EnforcementPolicy关系整理如下:

     ApiList
kWhitelist    kLightGreylist    kDarkGreylist    kBlacklist
EnforcementPolicy    kNoChecks    kAllow    kAllow    kAllow    kAllow
kJustWarn    kAllow    kAllowButWarn    kAllowButWarn    kAllowButWarn
kDarkGreyAndBlackList    kAllow    kAllowButWarn    kDeny    kDeny
kBlacklistOnly    kAllow    kAllowButWarn    kAllowButWarnAndToast    kDeny
 

4.如果Runtime::Current()->GetHiddenApiEnforcementPolicy()的返回值为kNoChecks,也就是0,则允许访问,并且这个函数并不是inline,就可以被我们比较容易的hook并修改返回值。

 

5.对于私有API调用,还会调用GetMemberActionImpl()进一步处理,如果Action为kDeny,还会看通过IsExempted()来看是否在豁免名单中,如果在,则会返回kAllow,并修改该API为kWhitelist。

 

 

接下来我们通过Hook GetHiddenApiEnforcementPolicy()来绕过non-sdk API检查。

休息一会再回来接着写.......


--------------------- 
作者:XXOOYC 
来源:CSDN 
原文:https://blog.csdn.net/XXOOYC/article/details/81585655 
版权声明:本文为博主原创文章,转载请附上博文链接!

Omni-Space
关注
  • 0
    点赞
  • 2
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
android9、10、11反射限制(Hidden Api)分析以及解决方法
鱼蛋的博客
06-09 6072
android9、10、11反射限制(Hidden Api)分析以及解决方法
【论文总结】揭秘 AndroidSDK API:测量和理解
Ohh24的博客
01-09 298
这是来自2022年ICSE的一篇论文《Demystifying Android Non-SDK APIs: Measurement and Understanding》,作者有:Shishuai Yang, Rui Li, Jiongyi Chen, Wenrui Diao, and Shangqing Guo。
看我如何绕过android P的Restrictions on non-SDK interfaces(限制反射调用系统私有方法)...
weixin_34335458的博客
07-10 845
0x1:背景 android P出了个新特性,限制了对hidden field 和 method 的 反射调用,那组件化这些是不是都快要挂了。我第一感觉应该是可以绕过的,于是马上研究了下,详情可以看 https://developer.android.com/preview/restrictions-non-sdk-interfaces.html 限制...
解决hide方法反射限制的问题
西西里的木头
10-19 908
android9.0后对hide方法反射限制需要系统签名或者加入白名单才可以反射hide方法。如果重置回原来的策略(即,限制调用),可以执行下面的命令。
ESP8266 Non-OS SDK API参考.pdf
10-06
本⽂文档提供 ESP8266_NONOS_SDK 的 API 说明,版本3.0.1(2019.03)
non-sdk-list-and-veridex-2018-07-02
07-02
Android P版本中,Google对使用非公开SDK接口(Non-SDK Interfaces)进行了严格的限制,以维护系统的稳定性和安全性。这个名为"non-sdk-list-and-veridex-2018-07-02"的资源包正是针对这一变化的重要参考资料。它...
ESP8266 Non-OS SDK API参考
01-03
ESP8266 Non-OS SDK API参考,提供了API接口,可以查询,利于硬件开发
Unfortunately you can’t have non-Gradle Java modules and Android-Gradle modules in one project.
01-03
you can’t have non-Gradle Java modules and Android-Gradle modules in one project. 既然gradle的问题,那就同步一下吧。 结果发现左上角的Sync Project with Gradle Files按钮竟然是灰色的
android studio finished with non-zero exit value 1, value 2解决办法
12-12
解决androidstudio中出现finished with non-zero exit value 1,或者finished with non-zero exit value 2的问题
Android 9以上系统放开反射限制
changliangdoscript的专栏
05-22 488
android 9 放开反射检查
android thread activity,Android开发中关于获取当前Activity的一些思考
weixin_39893274的博客
05-28 257
Android开发过程中,我们有时候需要获取当前的Activity实例,比如弹出Dialog操作,必须要用到这个。关于如何实现由很多种思路,这其中有的简单,有的复杂,这里简单总结一下个人的一些经验吧。反射反射是我们经常会想到的方法,思路大概为获取ActivityThread中所有的ActivityRecord从ActivityRecord中获取状态不是pause的Activity并返回一个使用反...
andorid 9.0 适配 与 api 扫描
从零点零开始
12-20 965
andorid 9.0 渐进的改进方式 sdk检查原理 工程中已经发现需要注意的三方库 andorid 9.0 google终于开始解决悬在自己头上的达摩斯之剑了,安全+卡顿两个被诟病的地方;这次在nogout的p升级上,开始对sdk中被各大厂商和黑科技玩坏的反射和对底层的各种调用问题开始着手解决;这个版本对于非sdk暴露api方法做了限制,不论是调用,反射还是jni,提升自己的兼容性;...
通过反射获取当前Activity实例,获取当前Activity 或者Application(解决不同机型context获取失败问题)
非鱼博客
10-16 1616
private Activity getTopActivityByReflect() { try { @SuppressLint("PrivateApi") Class<?> activityThreadClass = Class.forName("android.app.ActivityThread"); Object currentActivityThreadMethod = activityT...
android9.0后对hide方法反射限制分析
热门推荐
firedancer0089的专栏
10-08 1万+
和之前同事吃饭时候了解到一个消息,就是android9.0开始限制@hide方法的使用,即使是用反射也无法使用hide方法。把我吓出一身汗,app中用各种反射是家常便饭,尤其是对framework很熟的情况下。 回公司赶快看下android的官方文档:https://developer.android.com/about/versions/pie/restrictions-non-sdk-int...
Android特殊权限白名单
流浪风博客
05-08 841
Android设备开机过程中,zygote/wificond等几个服务开机之后不停在重启,一直在查看dmesg log,没有任何发现,突发奇想检查一下logcat log,发现是由于缺少默认权限导致。 logcat log如下: 05-08 07:37:00.986 25762 25762 E AndroidRuntime: *** FATAL EXCEPTION IN SYSTEM PROCESS: main 05-08 07:37:00.986 25762 25762 E AndroidRuntime
Android12权限列表
zzmzzff的博客
04-18 2625
android.permission.READ_CONTACTS dangerous * android.permission.WRITE_CONTACTS dangerous * android.permission.READ_CALENDAR dangerous * android.permission.WRITE_CALENDAR dangerous * android.permission.SEND_SMS dangerous
获取Application的Context
小范屯
07-06 4069
获取Application的Context
android高级面试题,有难度
T-bright的博客
07-28 2034
作者:Focusing 链接:https://juejin.im/post/5c984e926fb9a070c975a9b4 Android进阶延伸点 1、如何进行单元测试,如何保证App稳定 ? 参考回答: 要测试Android应用程序,通常会创建以下类型自动单元测试 本地测试: 只在本地机器JVM上运行,以最小化执行时间,这种单元测试不依赖于Android框架,或者即使有依赖,也很方便使用模拟框架来模拟依赖,以达到隔离Android依赖的目的,模拟框架如Google推荐的Mockito; And
out/soong/.intermediates/frameworks/base/api-stubs-docs-non-updatable/android_common/api-stubs-docs-non-updatable-stubs.srcjar out/soong/.intermediates/frameworks/base/api-stubs-docs-non-updatable/android_common/api-stubs-docs-non-updatable-violations.txt out/soong/.intermediates/frameworks/base/api-stubs-docs-non-updatable/android_common/api-stubs-docs-non-updatable_annotations.zip out/soong/.intermediates/frameworks/base/api-stubs-docs-non-updatable/android_common/api-stubs-docs-non-updatable_api.txt out/soong/.intermediates/frameworks/base/api-stubs-docs-non-updatable/android_common/api-stubs-docs-non-updatable_removed.txt out/soong/.intermediates/frameworks/base/api-stubs-docs-non-updatable/android_common/api_lint.timestamp out/soong/.intermediates/frameworks/base/api-stubs-docs-non-updatable/android_common/api_lint_report.txt
最新发布
06-06
可能是 Android 系统基础框架的 API 文档。其中包含了 stubs、violations、annotations、api、removed 等文件,以及一个 lint 报告。但是这些文件的具体含义和作用需要查看该项目的文档或者源代码才能确定。

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值