From ef4ee7b0c0bfe5347942dfd28345805aa03e41d2 Mon Sep 17 00:00:00 2001
From: Hinix <greenland10@126.com>
Date: Fri, 5 Sep 2025 20:22:26 +0800
Subject: [PATCH] skip selinux check

---
 .../base/core/java/android/os/storage/StorageManager.java   | 2 ++
 .../java/com/android/server/pm/PackageManagerService.java   | 6 +++++-
 .../services/core/java/com/android/server/pm/Settings.java  | 4 ++++
 .../native/cmds/installd/InstalldNativeService.cpp          | 5 +++--
 aosp/frameworks/native/cmds/installd/installd_constants.h   | 1 +
 5 files changed, 15 insertions(+), 3 deletions(-)

diff --git a/aosp/frameworks/base/core/java/android/os/storage/StorageManager.java b/aosp/frameworks/base/core/java/android/os/storage/StorageManager.java
index 4434f21ca..7a5cf78ca 100644
--- a/aosp/frameworks/base/core/java/android/os/storage/StorageManager.java
+++ b/aosp/frameworks/base/core/java/android/os/storage/StorageManager.java
@@ -215,6 +215,8 @@ public class StorageManager {
     public static final int FLAG_STORAGE_DE = 1 << 0;
     /** {@hide} */
     public static final int FLAG_STORAGE_CE = 1 << 1;
+    /** {@hide} */
+    public static final int FLAG_SKIP_SELINUX_CHECK = 1 << 7;
 
     /** {@hide} */
     public static final int FLAG_FOR_WRITE = 1 << 8;
diff --git a/aosp/frameworks/base/services/core/java/com/android/server/pm/PackageManagerService.java b/aosp/frameworks/base/services/core/java/com/android/server/pm/PackageManagerService.java
index f99ff7d84..ea90018b7 100644
--- a/aosp/frameworks/base/services/core/java/com/android/server/pm/PackageManagerService.java
+++ b/aosp/frameworks/base/services/core/java/com/android/server/pm/PackageManagerService.java
@@ -22778,7 +22778,7 @@ Slog.v(TAG, ":: stepped forward, applying functor at tag " + parser.getName());
         final UserManagerService um = sUserManager;
         UserManagerInternal umInternal = getUserManagerInternal();
         for (UserInfo user : um.getUsers(false /* excludeDying */)) {
-            final int flags;
+            int flags;
             if (umInternal.isUserUnlockingOrUnlocked(user.id)) {
                 flags = StorageManager.FLAG_STORAGE_DE | StorageManager.FLAG_STORAGE_CE;
             } else if (umInternal.isUserRunning(user.id)) {
@@ -22787,6 +22787,10 @@ Slog.v(TAG, ":: stepped forward, applying functor at tag " + parser.getName());
                 continue;
             }
 
+            if (mSettings.isAssignAppUid(ps.appId)) {
+                flags |= StorageManager.FLAG_SKIP_SELINUX_CHECK;
+            }
+
             if (ps.getInstalled(user.id)) {
                 // TODO: when user data is locked, mark that we're still dirty
                 prepareAppDataLIF(pkg, user.id, flags);
diff --git a/aosp/frameworks/base/services/core/java/com/android/server/pm/Settings.java b/aosp/frameworks/base/services/core/java/com/android/server/pm/Settings.java
index 7d1e1f15b..cf08aa6b3 100644
--- a/aosp/frameworks/base/services/core/java/com/android/server/pm/Settings.java
+++ b/aosp/frameworks/base/services/core/java/com/android/server/pm/Settings.java
@@ -1163,6 +1163,10 @@ public final class Settings {
         return true;
     }
 
+    public boolean isAssignAppUid(int uid) {
+        return mHwSettings.isAssignAppUid(uid);
+    }
+
     public Object getUserIdLPr(int uid) {
         if (mHwSettings.isAssignAppUid(uid)) {
             return mHwSettings.getAssignUidObject(uid);
diff --git a/aosp/frameworks/native/cmds/installd/InstalldNativeService.cpp b/aosp/frameworks/native/cmds/installd/InstalldNativeService.cpp
index a428782b1..faceb1546 100644
--- a/aosp/frameworks/native/cmds/installd/InstalldNativeService.cpp
+++ b/aosp/frameworks/native/cmds/installd/InstalldNativeService.cpp
@@ -481,7 +481,7 @@ binder::Status InstalldNativeService::createAppData(const std::unique_ptr<std::s
         }
 
         // Consider restorecon over contents if label changed
-        if (is_selinux_enabled() && (restorecon_app_data_lazy(path, seInfo, uid, existing) ||
+        if (!(flags & FLAG_SKIP_SELINUX_CHECK) && is_selinux_enabled() && (restorecon_app_data_lazy(path, seInfo, uid, existing) ||
                 restorecon_app_data_lazy(path, "cache", seInfo, uid, existing) ||
                 restorecon_app_data_lazy(path, "code_cache", seInfo, uid, existing))) {
             return error("Failed to restorecon " + path);
@@ -504,6 +504,7 @@ binder::Status InstalldNativeService::createAppData(const std::unique_ptr<std::s
     if (flags & FLAG_STORAGE_DE) {
         auto path = create_data_user_de_package_path(uuid_, userId, pkgname);
         bool existing = (access(path.c_str(), F_OK) == 0);
+        bool skip_selinux_check = existing ? (flags & FLAG_SKIP_SELINUX_CHECK) : false;
         (void) existing;
         if (prepare_app_dir(path, targetMode, uid) ||
                 prepare_app_cache_dir(path, "cache", 02771, uid, cacheGid) ||
@@ -513,7 +514,7 @@ binder::Status InstalldNativeService::createAppData(const std::unique_ptr<std::s
         }
 
         // Consider restorecon over contents if label changed
-        if (is_selinux_enabled() && (restorecon_app_data_lazy(path, seInfo, uid, existing) ||
+        if (!skip_selinux_check && is_selinux_enabled() && (restorecon_app_data_lazy(path, seInfo, uid, existing) ||
                 restorecon_app_data_lazy(path, "cache", seInfo, uid, existing) ||
                 restorecon_app_data_lazy(path, "code_cache", seInfo, uid, existing))) {
             return error("Failed to restorecon " + path);
diff --git a/aosp/frameworks/native/cmds/installd/installd_constants.h b/aosp/frameworks/native/cmds/installd/installd_constants.h
index c928631d8..7e165fc6e 100644
--- a/aosp/frameworks/native/cmds/installd/installd_constants.h
+++ b/aosp/frameworks/native/cmds/installd/installd_constants.h
@@ -74,6 +74,7 @@ constexpr int DEXOPT_MASK =
 // NOTE: keep in sync with StorageManager
 constexpr int FLAG_STORAGE_DE = 1 << 0;
 constexpr int FLAG_STORAGE_CE = 1 << 1;
+constexpr int FLAG_SKIP_SELINUX_CHECK = 1 << 7;
 
 #define ARRAY_SIZE(a) (sizeof(a) / sizeof(*(a)))
 
-- 
Gitee