diff --git a/services/param/BUILD.gn b/services/param/BUILD.gn
index caac05e9f2b9d37769401ec6b792729cb2e88842..f8c038ed450a5f4a5f7098b01f8ab7ea6cef8305 100755
--- a/services/param/BUILD.gn
+++ b/services/param/BUILD.gn
@@ -201,7 +201,10 @@ if (defined(ohos_lite)) {
     ]
     include_dirs = param_include_dirs
 
-    defines = [ "_GNU_SOURCE" ]
+    defines = [
+      "_GNU_SOURCE",
+      "INIT_AGENT",
+    ]
     if (build_selinux) {
       sources += [ "adapter/param_selinux.c" ]
       defines += [
diff --git a/services/param/manager/param_manager.c b/services/param/manager/param_manager.c
index dba3c3c65478fc68aaee0368d079365708708794..effb5ca65f36e5064c793f9c9105809d20cfc555 100644
--- a/services/param/manager/param_manager.c
+++ b/services/param/manager/param_manager.c
@@ -213,6 +213,16 @@ int ReadParamWithCheck(const char *name, uint32_t op, ParamHandle *handle)
     *handle = -1;
     int ret = CheckParamPermission(&g_paramWorkSpace.securityLabel, name, op);
     PARAM_CHECK(ret == 0, return ret, "Forbid to access parameter %s", name);
+#ifdef PARAM_SUPPORT_SELINUX
+    if (ret == DAC_RESULT_PERMISSION) {
+        const char *label = GetSelinuxContent(name);
+        if (label != NULL) {
+            AddWorkSpace(label, 1, PARAM_WORKSPACE_DEF);
+        } else {
+            AddWorkSpace(WORKSPACE_NAME_DEF_SELINUX, 1, PARAM_WORKSPACE_DEF);
+        }
+    }
+#endif
     WorkSpace *space = GetWorkSpace(name);
     PARAM_CHECK(space != NULL, return PARAM_CODE_INVALID_PARAM, "Invalid workSpace");
     ParamTrieNode *node = FindTrieNode(space, name, strlen(name), NULL);
diff --git a/services/param/manager/param_trie.c b/services/param/manager/param_trie.c
index 966f142d8417e59dad900225e0b7002e7f21f166..7fedb9538386ebe7564a9ec4b9aadf13ea4a235a 100644
--- a/services/param/manager/param_trie.c
+++ b/services/param/manager/param_trie.c
@@ -105,6 +105,7 @@ int InitWorkSpace(WorkSpace *workSpace, int onlyRead, uint32_t spaceSize)
     }
     workSpace->compareTrieNode = CompareParamTrieNode;
     workSpace->allocTrieNode = AllocateParamTrieNode;
+    workSpace->area = NULL;
     int ret = InitWorkSpace_(workSpace, spaceSize, onlyRead);
     PARAM_CHECK(ret == 0, return ret, "Failed to init workspace  %s", workSpace->fileName);
     PARAMSPACE_AREA_INIT_LOCK(workSpace);
@@ -397,7 +398,7 @@ void SaveIndex(uint32_t *index, uint32_t offset)
 
 ParamTrieNode *FindTrieNode(WorkSpace *workSpace, const char *key, uint32_t keyLen, uint32_t *matchLabel)
 {
-    PARAM_CHECK(workSpace != NULL, return NULL, "Invalid workSpace");
+    PARAM_CHECK(workSpace != NULL && workSpace->area != NULL, return NULL, "Invalid workSpace");
     ParamTrieNode *node = NULL;
     PARAMSPACE_AREA_RD_LOCK(workSpace);
     node = FindTrieNode_(workSpace, key, keyLen, matchLabel);