diff --git a/sepolicy/file.te b/sepolicy/file.te
index b421391..945789d 100644
--- a/sepolicy/file.te
+++ b/sepolicy/file.te
@@ -1,2 +1,7 @@
-type ir_dev_file, file_type;
-type fp_device, file_type;
+type ir_dev_file, file_type, dev_type;
+
+# Fingerprint
+type fingerprintd_device, file_type, dev_type;
+type fingerprint_data_file, data_file_type, file_type;
+type fingerprint_persist_file, file_type;
+type sysfs_fpc_dev, sysfs_type, fs_type;
diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts
index 2fd832b..35093c4 100644
--- a/sepolicy/file_contexts
+++ b/sepolicy/file_contexts
@@ -2,7 +2,7 @@
 /dev/spidev7\.1  u:object_r:ir_dev_file:s0
 
 # Fingerprint
-/dev/goodix_fp  u:object_r:fp_device:s0
+/dev/goodix_fp  u:object_r:fingerprintd_device:s0
 
 # HVDCP
 /sys/devices(/platform)?/soc/[a-z0-9]+\.i2c/i2c-[0-9]+/[0-9]+-[a-z0-9]+/[a-z0-9]+\.i2c:qcom,[a-z0-9]+@[a-z0-9]:qcom,smb[a-z0-9]+-parallel-slave@[0-9]+/power_supply/parallel(/.*)? u:object_r:sysfs_usb_supply:s0
@@ -12,3 +12,14 @@
 
 # Fingerprint HIDL
 /(vendor|system/vendor)/bin/hw/android\.hardware\.biometrics\.fingerprint@2\.1-service\.xiaomi_sdm660 u:object_r:hal_fingerprint_default_exec:s0
+
+# Fingerprint
+/data/vendor/fpc(/.*)?                                        u:object_r:fingerprint_data_file:s0
+/data/vendor/goodix(/.*)?                                     u:object_r:fingerprint_data_file:s0
+/data/misc/gf_data(/.*)?                                      u:object_r:fingerprint_data_file:s0
+/data/gf_data(/.*)?                                           u:object_r:fingerprint_data_file:s0
+/data/misc/goodix(/.*)?                                       u:object_r:fingerprint_data_file:s0
+/persist/fpc(/.*)?                                            u:object_r:fingerprint_persist_file:s0
+/sys/devices/soc/soc:fpc1020.*/irq                            u:object_r:sysfs_fpc_dev:s0
+/sys/devices/soc/soc:fpc1020.*/hw_reset                       u:object_r:sysfs_fpc_dev:s0
+/sys/devices/soc/soc:fpc1020.*/wakeup_enable                  u:object_r:sysfs_fpc_dev:s0
diff --git a/sepolicy/hal_fingerprint_default.te b/sepolicy/hal_fingerprint_default.te
index a76bed5..58c6817 100644
--- a/sepolicy/hal_fingerprint_default.te
+++ b/sepolicy/hal_fingerprint_default.te
@@ -1,11 +1,27 @@
 r_dir_file(hal_fingerprint_default, firmware_file)
 
-allow hal_fingerprint_default storage_file:dir rw_dir_perms;
-
 allow hal_fingerprint_default init:unix_stream_socket connectto;
 
 allow hal_fingerprint_default tee_device:chr_file rw_file_perms;
 allow hal_fingerprint_default uhid_device:chr_file rw_file_perms;
-allow hal_fingerprint_default fp_device:chr_file rw_file_perms;
+allow hal_fingerprint_default fingerprintd_device:chr_file rw_file_perms;
 
 allow hal_fingerprint_default hal_perf_hwservice:hwservice_manager find;
+allow hal_fingerprint_default hal_perf_default:binder call;
+
+allow hal_fingerprint_default sysfs_fpc_dev:dir r_dir_perms;
+allow hal_fingerprint_default sysfs_fpc_dev:file rw_file_perms;
+
+allow hal_fingerprint_default fingerprint_data_file:dir rw_dir_perms;
+allow hal_fingerprint_default fingerprint_data_file:file create_file_perms;
+
+allow hal_fingerprint_default fingerprint_persist_file:file r_file_perms;
+
+binder_call(hal_fingerprint_default, goodix_fingerprint_vndservice)
+allow hal_fingerprint_default goodix_fingerprint_vndservice:service_manager add;
+
+allow hal_fingerprint_default goodixfingerprintd_service:service_manager add;
+
+allow hal_fingerprint_default self:netlink_socket create_socket_perms_no_ioctl;
+
+set_prop(hal_fingerprint_default, fingerprint_prop)
diff --git a/sepolicy/hwservice_contexts b/sepolicy/hwservice_contexts
new file mode 100644
index 0000000..d04ba02
--- /dev/null
+++ b/sepolicy/hwservice_contexts
@@ -0,0 +1 @@
+vendor.goodix.hardware.fingerprint::IGoodixBiometricsFingerprint         u:object_r:hal_fingerprint_hwservice:s0
diff --git a/sepolicy/init.te b/sepolicy/init.te
new file mode 100644
index 0000000..84fd21d
--- /dev/null
+++ b/sepolicy/init.te
@@ -0,0 +1 @@
+allow init fingerprintd_device:chr_file setattr;
diff --git a/sepolicy/property_contexts b/sepolicy/property_contexts
new file mode 100644
index 0000000..514bcd9
--- /dev/null
+++ b/sepolicy/property_contexts
@@ -0,0 +1,4 @@
+# Fingerprint
+persist.sys.fp.                                               u:object_r:fingerprint_prop:s0
+ro.boot.fp.                                                   u:object_r:fingerprint_prop:s0
+sys.fp.                                                       u:object_r:fingerprint_prop:s0
diff --git a/sepolicy/service.te b/sepolicy/service.te
new file mode 100644
index 0000000..f7257d2
--- /dev/null
+++ b/sepolicy/service.te
@@ -0,0 +1,2 @@
+type goodixfingerprintd_service, service_manager_type;
+type goodix_fingerprint_service, service_manager_type;
diff --git a/sepolicy/service_contexts b/sepolicy/service_contexts
new file mode 100644
index 0000000..3859d12
--- /dev/null
+++ b/sepolicy/service_contexts
@@ -0,0 +1,2 @@
+com.goodix.FingerprintService u:object_r:goodix_fingerprint_service:s0
+android.hardware.fingerprint.IGoodixFingerprintDaemon u:object_r:goodixfingerprintd_service:s0
diff --git a/sepolicy/system_app.te b/sepolicy/system_app.te
new file mode 100644
index 0000000..dede4fa
--- /dev/null
+++ b/sepolicy/system_app.te
@@ -0,0 +1 @@
+add_service(system_app, goodix_fingerprint_service)
diff --git a/sepolicy/vndservice.te b/sepolicy/vndservice.te
new file mode 100644
index 0000000..6da5a21
--- /dev/null
+++ b/sepolicy/vndservice.te
@@ -0,0 +1 @@
+type goodix_fingerprint_vndservice, vndservice_manager_type;
diff --git a/sepolicy/vndservice_contexts b/sepolicy/vndservice_contexts
new file mode 100644
index 0000000..3e6e7d3
--- /dev/null
+++ b/sepolicy/vndservice_contexts
@@ -0,0 +1 @@
+android.hardware.fingerprint.IGoodixFingerprintDaemon    u:object_r:goodix_fingerprint_vndservice:s0