diff --git a/tools/sepolicy-analyze/Android.mk b/tools/sepolicy-analyze/Android.mk
index 2667d56661dc9a6104fb177aff79427bf6d0d138..3f957027b6c1075908feab56651e5f0c89ebc91b 100644
--- a/tools/sepolicy-analyze/Android.mk
+++ b/tools/sepolicy-analyze/Android.mk
@@ -7,7 +7,7 @@ LOCAL_MODULE := sepolicy-analyze
 LOCAL_MODULE_TAGS := optional
 LOCAL_C_INCLUDES := external/libsepol/include
 LOCAL_CFLAGS := -Wall -Werror
-LOCAL_SRC_FILES := sepolicy-analyze.c dups.c neverallow.c perm.c typecmp.c utils.c
+LOCAL_SRC_FILES := sepolicy-analyze.c dups.c neverallow.c perm.c typecmp.c booleans.c utils.c
 LOCAL_STATIC_LIBRARIES := libsepol
 
 include $(BUILD_HOST_EXECUTABLE)
diff --git a/tools/sepolicy-analyze/README b/tools/sepolicy-analyze/README
index f78eb66434cb01a3230eb2c000269b831bc2db82..6e3f83bb9d88785eee905064f6a71fe5b766a68e 100644
--- a/tools/sepolicy-analyze/README
+++ b/tools/sepolicy-analyze/README
@@ -53,6 +53,13 @@ sepolicy-analyze
     permissive domains can be helpful during development, they
     should not be present in a final -user build.
 
+    BOOLEANS (booleans)
+    sepolicy-analyze out/target/product/<board>/root/sepolicy booleans
+
+    Displays the number of booleans defined in the policy.  Policy
+    booleans are forbidden in Android policy, so if the output is
+    non-zero, the policy will fail CTS.
+
     NEVERALLOW CHECKING (neverallow)
     sepolicy-analyze out/target/product/<board>/root/sepolicy neverallow \
     [-w] [-d] [-f neverallows.conf] | [-n "neverallow string"]
diff --git a/tools/sepolicy-analyze/booleans.c b/tools/sepolicy-analyze/booleans.c
new file mode 100644
index 0000000000000000000000000000000000000000..6533b8948876af93926c69f63be83e9a99ebae80
--- /dev/null
+++ b/tools/sepolicy-analyze/booleans.c
@@ -0,0 +1,21 @@
+#include "booleans.h"
+#include <sepol/booleans.h>
+
+void booleans_usage() {
+    fprintf(stderr, "\tbooleans\n");
+}
+
+int booleans_func (int argc, __attribute__ ((unused)) char **argv, policydb_t *policydb) {
+    int rc;
+    unsigned int count;
+    if (argc != 1) {
+        USAGE_ERROR = true;
+        return -1;
+    }
+    rc = sepol_bool_count(NULL, (const struct sepol_policydb *) policydb,
+                          &count);
+    if (rc)
+        return rc;
+    printf("%u\n", count);
+    return 0;
+}
diff --git a/tools/sepolicy-analyze/booleans.h b/tools/sepolicy-analyze/booleans.h
new file mode 100644
index 0000000000000000000000000000000000000000..bfbe0e12522f1300fb9411f0cccc63e7f0d542b4
--- /dev/null
+++ b/tools/sepolicy-analyze/booleans.h
@@ -0,0 +1,11 @@
+#ifndef BOOLEANS_H
+#define BOOLEANS_H
+
+#include <sepol/policydb/policydb.h>
+
+#include "utils.h"
+
+void booleans_usage(void);
+int booleans_func(int argc, char **argv, policydb_t *policydb);
+
+#endif /* BOOLEANS_H */
diff --git a/tools/sepolicy-analyze/sepolicy-analyze.c b/tools/sepolicy-analyze/sepolicy-analyze.c
index 8c0c423f9874a61bef19e5ca6fd62f6682c24824..a6fa20052b05971fe76c87eda65316ea8ac80df6 100644
--- a/tools/sepolicy-analyze/sepolicy-analyze.c
+++ b/tools/sepolicy-analyze/sepolicy-analyze.c
@@ -6,6 +6,7 @@
 #include "neverallow.h"
 #include "perm.h"
 #include "typecmp.h"
+#include "booleans.h"
 #include "utils.h"
 
 #define NUM_COMPONENTS (int) (sizeof(analyze_components)/sizeof(analyze_components[0]))
@@ -20,7 +21,8 @@ static struct {
     COMP(dups),
     COMP(neverallow),
     COMP(permissive),
-    COMP(typecmp)
+    COMP(typecmp),
+    COMP(booleans)
 };
 
 void usage(char *arg0)