kernel: Prune allowlist only after boot completed

For unknown reason, packages.list is not reliable during boot for oplus devices, so we have to disable pruning and re-run pruning after boot.
2025-11-12 21:43:02 +08:00
parent 4c04508267
commit 0c9ebb9bad
5 changed files with 15 additions and 3 deletions
--- a/kernel/allowlist.c
+++ b/kernel/allowlist.c
@@ -18,6 +18,7 @@
 #endif

 #include "klog.h" // IWYU pragma: keep
+#include "ksud.h"
 #include "selinux/selinux.h"
 #include "allowlist.h"
 #include "manager.h"
@@ -500,6 +501,11 @@ void ksu_prune_allowlist(bool (*is_uid_valid)(uid_t, char *, void *),
    struct perm_data *np = NULL;
    struct perm_data *n = NULL;

+    if (!ksu_boot_completed) {
+        pr_info("boot not completed, skip prune\n");
+        return;
+    }
+
    bool modified = false;
    // TODO: use RCU!
    mutex_lock(&allowlist_mutex);