diff --git a/configs/manifest.xml b/configs/manifest.xml
index 2772d89..0b3863f 100644
--- a/configs/manifest.xml
+++ b/configs/manifest.xml
@@ -8,6 +8,15 @@
default
+
+ vendor.samsung.hardware.biometrics.fingerprint
+ hwbinder
+ 2.1
+
+ ISecBiometricsFingerprint
+ default
+
+
android.hardware.audio
hwbinder
@@ -123,7 +132,7 @@
default
-
+
android.hardware.media.omx
hwbinder
diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts
index 6ade8bf..5ac611e 100644
--- a/sepolicy/file_contexts
+++ b/sepolicy/file_contexts
@@ -29,3 +29,6 @@
/sys/devices/virtual/sec/sec_key/hall_irq_ctrl u:object_r:sysfs_sec:s0
/system/bin/wifiloader u:object_r:wifiloader_exec:s0
+
+/system/vendor/bin/hw/vendor\.samsung\.hardware\.biometrics\.fingerprint@2\.1-service u:object_r:hal_fingerprint_default_exec:s0
+
diff --git a/sepolicy/hal_fingerprint_default.te b/sepolicy/hal_fingerprint_default.te
index f073166..43653e0 100644
--- a/sepolicy/hal_fingerprint_default.te
+++ b/sepolicy/hal_fingerprint_default.te
@@ -1,6 +1,10 @@
allow hal_fingerprint_default system_data_file:dir { add_name create open read write remove_name rmdir };
allow hal_fingerprint_default system_data_file:file { getattr open read };
-allow hal_fingerprint_default tee_device:chr_file ioctl;
+allow hal_fingerprint_default tee_device:chr_file { open read write ioctl };
allow hal_fingerprint_default firmware_file:file { getattr open read };
-allow hal_fingerprint_default tee_device:chr_file { open read write };
-allow hal_fingerprint_default vfsspi_device:chr_file ioctl;
+allow hal_fingerprint_default firmware_file:dir search;
+allow hal_fingerprint_default vfsspi_device:chr_file { read open write ioctl getattr };
+
+file_type_auto_trans(hal_fingerprint_default, system_data_file, biometrics_data_file);
+allow hal_fingerprint_default biometrics_data_file:dir { add_name create open read write remove_name rmdir };
+allow hal_fingerprint_default biometrics_data_file:file { getattr open read create write };
diff --git a/sepolicy/hal_keymaster_default.te b/sepolicy/hal_keymaster_default.te
index 7c9237a..8b9f17f 100644
--- a/sepolicy/hal_keymaster_default.te
+++ b/sepolicy/hal_keymaster_default.te
@@ -1,2 +1,2 @@
allow hal_keymaster_default firmware_file:dir search;
-allow hal_keymaster_default firmware_file:file read;
+allow hal_keymaster_default firmware_file:file { getattr open read };
diff --git a/sepolicy/hwservice_contexts b/sepolicy/hwservice_contexts
new file mode 100644
index 0000000..0a04a99
--- /dev/null
+++ b/sepolicy/hwservice_contexts
@@ -0,0 +1,2 @@
+vendor.samsung.hardware.biometrics.fingerprint::ISecBiometricsFingerprint u:object_r:hal_fingerprint_hwservice:s0
+
diff --git a/sepolicy/tee.te b/sepolicy/tee.te
index 10954b4..e424790 100644
--- a/sepolicy/tee.te
+++ b/sepolicy/tee.te
@@ -8,3 +8,6 @@ allow tee init:unix_stream_socket connectto;
allow tee gatekeeper_data_file:file { open read };
allow tee efs_file:file { open read };
+allow tee efs_file:dir search;
+
+allow tee gatekeeper_data_file:dir { read search };