diff --git a/libselinux/src/selinux_restorecon.c b/libselinux/src/selinux_restorecon.c
index 524b171b8f1f8e25a84dec264e66c8ecdd0d5cdc..244d17bde05d5a56f6854e1a45412fa29598737d 100644
--- a/libselinux/src/selinux_restorecon.c
+++ b/libselinux/src/selinux_restorecon.c
@@ -637,6 +637,10 @@ out:
 #define HNP_PUBLIC_DIR "/hnppublic"
 #define HNP_ROOT_PATH_LEN 21
 #define HNP_PUBLIC_DIR_LEN 10
+#define AOT_ARK_SUFIXX "aot_compiler"
+#define AOT_ARK_PUBLIC "public"
+#define DATA_APP_EL1_LEN 14
+#define AOT_ARK_SUFIXX_LEN 12
 
 // Allow the hnp process to refresh the labels of files in the HNP_ROOT_PATH directory
 static bool is_hnp_path(const char *path)
@@ -653,9 +657,46 @@ static bool is_hnp_path(const char *path)
 	return true;
 }
 
+static bool is_all_digits(const char *str, size_t len) {
+    for (size_t i = 0; i < len; i++) {
+        if (!isdigit(str[i])) {
+            return false;
+        }
+    }
+    return true;
+}
+
+static bool is_aot_path(const char *path)
+{
+	// only /data/app/el1/{userid}/aot_compiler or /data/app/el1/public/aot_compiler will be true
+	// length is the length of '/data/app/el1/' + 'aot_compiler' +'{userid}/', The minimum length of the userid is 1
+	if (strlen(path) < DATA_APP_EL1_LEN + 2 + AOT_ARK_SUFIXX_LEN) {
+		return false;
+	}
+    path += strlen(DATA_APP_EL1) - 1;
+    if (*path != '/') {
+        return false;
+    }
+    path++;
+    // find next '/'
+    const char *next_slash = strchr(path, '/');
+    if (next_slash == NULL) {
+        return false;
+    }
+    size_t len = next_slash - path;
+    if ((len != strlen(AOT_ARK_PUBLIC) || strncmp(path, AOT_ARK_PUBLIC, strlen(AOT_ARK_PUBLIC)) != 0) &&
+		!is_all_digits(path, len)) {
+        return false;
+    }
+    // end with aot_compiler
+    return strncmp(next_slash + 1, AOT_ARK_SUFIXX, strlen(AOT_ARK_SUFIXX)) == 0 &&
+		strlen(next_slash + 1) == strlen(AOT_ARK_SUFIXX);
+}
+
 static bool check_path_allow_restorecon(const char *pathname)
 {
-	if ((!strncmp(pathname, DATA_APP_EL1, sizeof(DATA_APP_EL1) - 1) && (!is_hnp_path(pathname))) ||
+	if ((!strncmp(pathname, DATA_APP_EL1, sizeof(DATA_APP_EL1) - 1) && (!is_hnp_path(pathname)) &&
+		(!is_aot_path(pathname))) ||
 		!strncmp(pathname, DATA_APP_EL2, sizeof(DATA_APP_EL2) - 1) ||
 		!strncmp(pathname, DATA_APP_EL3, sizeof(DATA_APP_EL3) - 1) ||
 		!strncmp(pathname, DATA_APP_EL4, sizeof(DATA_APP_EL4) - 1) ||