diff options
Diffstat (limited to 'com/android/server/pm/SELinuxMMAC.java')
-rw-r--r-- | com/android/server/pm/SELinuxMMAC.java | 18 |
1 files changed, 17 insertions, 1 deletions
diff --git a/com/android/server/pm/SELinuxMMAC.java b/com/android/server/pm/SELinuxMMAC.java index f0ce3c9d..fbf3d824 100644 --- a/com/android/server/pm/SELinuxMMAC.java +++ b/com/android/server/pm/SELinuxMMAC.java @@ -59,6 +59,8 @@ public final class SELinuxMMAC { // All policy stanzas read from mac_permissions.xml. This is also the lock // to synchronize access during policy load and access attempts. private static List<Policy> sPolicies = new ArrayList<>(); + /** Whether or not the policy files have been read */ + private static boolean sPolicyRead; /** Path to MAC permissions on system image */ private static final File[] MAC_PERMISSIONS = @@ -88,6 +90,12 @@ public final class SELinuxMMAC { * were loaded successfully; no partial loading is possible. */ public static boolean readInstallPolicy() { + synchronized (sPolicies) { + if (sPolicyRead) { + return true; + } + } + // Temp structure to hold the rules while we parse the xml file List<Policy> policies = new ArrayList<>(); @@ -142,7 +150,9 @@ public final class SELinuxMMAC { } synchronized (sPolicies) { - sPolicies = policies; + sPolicies.clear(); + sPolicies.addAll(policies); + sPolicyRead = true; if (DEBUG_POLICY_ORDER) { for (Policy policy : sPolicies) { @@ -280,6 +290,12 @@ public final class SELinuxMMAC { */ public static void assignSeInfoValue(PackageParser.Package pkg) { synchronized (sPolicies) { + if (!sPolicyRead) { + if (DEBUG_POLICY) { + Slog.d(TAG, "Policy not read"); + } + return; + } for (Policy policy : sPolicies) { String seInfo = policy.getMatchedSeInfo(pkg); if (seInfo != null) { |