Recursively restorecon when SELinux label changes.
PackageManager has been pretty aggressive about asking installd to
restorecon over app data when it thinks something might have
changed. However, in the vast majority of cases these are no-op
requests, and we waste a bunch of time recursively walking all
private data, easily costing 60+ seconds on dogfooder devices.
This change updates the initial "create_app_data" command to kick off
a recursive restorecon if it detects that the top-level SELinux label
on the app private data directory changes. The "create_app_data"
command is designed to ensure that an app's storage is ready, so
PackageManager always calls it at least once per boot before apps
can run. (This change means that PackageManager no longer needs to
make separate "restorecon_app_data" calls.)
Test: booted, verified that a label change triggered restorecon
Bug: 30768146
Change-Id: I0c8d4018cf8ff888d0ae07a82adc3d61a6002aad
1 file changed