Don't block the boot on hashing sepolicy

onBootPhase seems to run sequentially. Moving the work to a background thread should fix the boot time regression around 15ms. Bug: 308471499 Test: enable the flag; atest BinaryTransparencyServiceTest Test: boot and saw sepolicy hash in the log Change-Id: I0f3ea9f852eb6a12554e995615bdb9b05478f387
author: Victor Hsieh <victorhsieh@google.com> 2023-11-29 16:34:05 -0800
committer: Victor Hsieh <victorhsieh@google.com> 2023-11-29 16:45:04 -0800
commit: d2a86b62d7265309d0d1a5d53b640c080c72eca3 (patch)
tree: 9539823e533b865363510fda6d60fb7b02d87f3c
parent: 4ab7dcd6ed8c018aa0bc305a8633300a863640d3 (diff)
1 files changed, 11 insertions, 9 deletions
diff --git a/services/core/java/com/android/server/BinaryTransparencyService.java b/services/core/java/com/android/server/BinaryTransparencyService.java
index eb3ec2444210..05d07ae761c1 100644
--- a/services/core/java/com/android/server/BinaryTransparencyService.java
+++ b/services/core/java/com/android/server/BinaryTransparencyService.java
@@ -1464,15 +1464,17 @@ public class BinaryTransparencyService extends SystemService {
         FrameworkStatsLog.write(FrameworkStatsLog.VBMETA_DIGEST_REPORTED, mVbmetaDigest);
 
         if (android.security.Flags.binaryTransparencySepolicyHash()) {
-            byte[] sepolicyHash = PackageUtils.computeSha256DigestForLargeFileAsBytes(
-                    "/sys/fs/selinux/policy", PackageUtils.createLargeFileBuffer());
-            String sepolicyHashEncoded = null;
-            if (sepolicyHash != null) {
-                sepolicyHashEncoded = HexEncoding.encodeToString(sepolicyHash, false);
-                Slog.d(TAG, "sepolicy hash: " + sepolicyHashEncoded);
-            }
-            FrameworkStatsLog.write(FrameworkStatsLog.BOOT_INTEGRITY_INFO_REPORTED,
-                    sepolicyHashEncoded, mVbmetaDigest);
+            IoThread.getExecutor().execute(() -> {
+                byte[] sepolicyHash = PackageUtils.computeSha256DigestForLargeFileAsBytes(
+                        "/sys/fs/selinux/policy", PackageUtils.createLargeFileBuffer());
+                String sepolicyHashEncoded = null;
+                if (sepolicyHash != null) {
+                    sepolicyHashEncoded = HexEncoding.encodeToString(sepolicyHash, false);
+                    Slog.d(TAG, "sepolicy hash: " + sepolicyHashEncoded);
+                }
+                FrameworkStatsLog.write(FrameworkStatsLog.BOOT_INTEGRITY_INFO_REPORTED,
+                        sepolicyHashEncoded, mVbmetaDigest);
+            });
         }
     }
author	Victor Hsieh <victorhsieh@google.com>	2023-11-29 16:34:05 -0800
committer	Victor Hsieh <victorhsieh@google.com>	2023-11-29 16:45:04 -0800
commit	d2a86b62d7265309d0d1a5d53b640c080c72eca3 (patch)
tree	9539823e533b865363510fda6d60fb7b02d87f3c
parent	4ab7dcd6ed8c018aa0bc305a8633300a863640d3 (diff)