diff --git a/private/dumpstate.te b/private/dumpstate.te
index 79a3f74c..a5522fd8 100644
--- a/private/dumpstate.te
+++ b/private/dumpstate.te
@@ -1,3 +1,2 @@
-# b/193084798
-dontaudit dumpstate incident:process signal;
-dontaudit dumpstate incident:process sigkill;
+# b/192197221
+dontaudit dumpstate artd:binder call;
diff --git a/private/incidentd.te b/private/incidentd.te
index c951dbc9..fe203cd1 100644
--- a/private/incidentd.te
+++ b/private/incidentd.te
@@ -1,2 +1,2 @@
-# b/193084909
+# b/192985880
 dontaudit incidentd odsign_prop:file read;
diff --git a/private/toolbox.te b/private/toolbox.te
new file mode 100644
index 00000000..e2676e95
--- /dev/null
+++ b/private/toolbox.te
@@ -0,0 +1,6 @@
+# b/192506182
+dontaudit toolbox toolbox:capability dac_read_search ;
+dontaudit toolbox toolbox:capability dac_override ;
+dontaudit toolbox virtualizationservice_data_file:dir setattr;
+# b/192985881
+dontaudit toolbox toolbox:capability fowner;
diff --git a/tracking_denials/hal_dumpstate_impl.te b/tracking_denials/hal_dumpstate_impl.te
new file mode 100644
index 00000000..92def335
--- /dev/null
+++ b/tracking_denials/hal_dumpstate_impl.te
@@ -0,0 +1,2 @@
+# b/193472671
+dontaudit hal_dumpstate_impl sysfs:file getattr;
diff --git a/vendor/qcom/common/qspmhal.te b/vendor/qcom/common/qspmhal.te
index 4f1aae6c..5f2724b5 100644
--- a/vendor/qcom/common/qspmhal.te
+++ b/vendor/qcom/common/qspmhal.te
@@ -25,6 +25,4 @@ hal_client_domain(system_app, hal_qspmhal)
 # It's not necessary to use the google camera app.
 dontaudit google_camera_app hal_qspmhal_hwservice:hwservice_manager find;
 
-dontaudit untrusted_app_29 hal_qspmhal_hwservice:hwservice_manager find;
-dontaudit untrusted_app_27 hal_qspmhal_hwservice:hwservice_manager find;
-dontaudit untrusted_app_25 hal_qspmhal_hwservice:hwservice_manager find;
+dontaudit untrusted_app_all hal_qspmhal_hwservice:hwservice_manager find;