diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts
index 4cc7c49c..755a15ac 100644
--- a/sepolicy/file_contexts
+++ b/sepolicy/file_contexts
@@ -107,6 +107,7 @@
 /sys/devices/bt_wcn3990/rfkill(/.*)?                                u:object_r:sysfs_bluetooth_writable:s0
 /sys/devices/bt_wcn3990/extldo                                      u:object_r:sysfs_bluetooth_writable:s0
 /sys/devices/soc/a1800000\.qcom,rmtfs_rtel_sharedmem(/.*)?          u:object_r:sysfs_rmtfs:s0
+/sys/devices/soc/c17a000\.i2c(/.*)?                                 u:object_r:sysfs_msm_subsys:s0
 /sys/devices/soc/800f000\.qcom,spmi(/.*)?                           u:object_r:sysfs_msm_subsys:s0
 /sys/devices/soc/4080000\.qcom,mss(/.*)?                            u:object_r:sysfs_msm_subsys:s0
 /sys/devices/soc/17300000\.qcom,lpass(/.*)?                         u:object_r:sysfs_msm_subsys:s0
diff --git a/sepolicy/hal_fingerprint.te b/sepolicy/hal_fingerprint.te
index 67967b52..ca0c4b5e 100644
--- a/sepolicy/hal_fingerprint.te
+++ b/sepolicy/hal_fingerprint.te
@@ -7,4 +7,4 @@ allow hal_fingerprint sysfs_msm_subsys:dir search;
 allow hal_fingerprint sysfs_msm_subsys:file r_file_perms;
 allow hal_fingerprint tee_device:file rw_file_perms;
 allow hal_fingerprint tee_device:chr_file rw_file_perms;
-allow hal_fingerprint uhid_device:chr_file w_file_perms;
+allow hal_fingerprint uhid_device:chr_file rw_file_perms;
diff --git a/sepolicy/hal_vibrator_default.te b/sepolicy/hal_vibrator_default.te
index 1eb462f5..86aa269e 100644
--- a/sepolicy/hal_vibrator_default.te
+++ b/sepolicy/hal_vibrator_default.te
@@ -1,2 +1,3 @@
 r_dir_file(hal_vibrator_default, sysfs_leds)
 allow hal_vibrator_default sysfs_leds:file w_file_perms;
+allow hal_vibrator_default sysfs_msm_subsys:file rw_file_perms;
diff --git a/sepolicy/hal_wifi_default.te b/sepolicy/hal_wifi_default.te
index fd030c24..80e28380 100644
--- a/sepolicy/hal_wifi_default.te
+++ b/sepolicy/hal_wifi_default.te
@@ -6,5 +6,7 @@ allow hal_wifi_default location_data_file:sock_file write;
 allow hal_wifi_default location_data_file:dir create_dir_perms;
 allow hal_wifi_default location_data_file:{ file fifo_file } create_file_perms;
 
+allow hal_wifi_default wlan_device:chr_file w_file_perms;
+
 # Allow wifi hal to read debug info from the driver.
 r_dir_file(hal_wifi_default, proc_wifi_dbg)
diff --git a/sepolicy/init_power.te b/sepolicy/init_power.te
index 93b2c86d..3139ffed 100644
--- a/sepolicy/init_power.te
+++ b/sepolicy/init_power.te
@@ -8,8 +8,9 @@ set_prop(init_power, post_boot_prop)
 allow init_power shell_exec:file rx_file_perms;
 allow init_power toolbox_exec:file rx_file_perms;
 
-allow init_power sysfs_msm_subsys:dir r_dir_perms;
-allow init_power sysfs_msm_subsys:file w_file_perms;
+r_dir_file(init_power, sysfs_msm_subsys)
+
+allow init_power sysfs_msm_subsys:file write;
 allow init_power sysfs_thermal:dir search;
 allow init_power sysfs_thermal:file w_file_perms;
 allow init_power sysfs_devices_system_cpu:file w_file_perms;
diff --git a/sepolicy/perfd.te b/sepolicy/perfd.te
index 59ac2583..b68a80c4 100644
--- a/sepolicy/perfd.te
+++ b/sepolicy/perfd.te
@@ -18,6 +18,7 @@ allow perfd post_boot_prop:file r_file_perms;
 allow perfd proc:file rw_file_perms;
 allow perfd sysfs_soc:dir search;
 allow perfd sysfs_soc:file r_file_perms;
+allow perfd sysfs_msm_subsys:file w_file_perms;
 
 allow perfd perfd_socket:sock_file write;
 
diff --git a/sepolicy/radio.te b/sepolicy/radio.te
index eddf5763..70ea7669 100644
--- a/sepolicy/radio.te
+++ b/sepolicy/radio.te
@@ -3,7 +3,14 @@ get_prop(radio, ims_prop)
 allow radio qmuxd_socket:dir search;
 allow radio qmuxd_socket:sock_file write;
 
+allow radio vendor_file:lnk_file r_file_perms;
+allow radio vendor_framework_file:file r_file_perms;
+
 add_service(radio, radio_service)
+
+# TODO(b/37212952): Remove this once imscm_service switches over to using
+# vendorservicemanager
 add_service(radio, imscm_service)
+auditallow radio imscm_service:service_manager { add find };
 
 r_dir_file(radio, sysfs_msm_subsys)
diff --git a/sepolicy/system_server.te b/sepolicy/system_server.te
index ac7ab2ea..95e4af50 100644
--- a/sepolicy/system_server.te
+++ b/sepolicy/system_server.te
@@ -21,11 +21,7 @@ allow system_server wlan_device:chr_file rw_file_perms;
 
 # TODO(b/30675296): Remove following dontaudit's upon resolution of this bug
 # The timerslack_ns denials spam the system really horribly
-dontaudit system_server untrusted_app_25:file write;
-dontaudit system_server platform_app:file write;
-dontaudit system_server system_app:file write;
 dontaudit system_server audioserver:file write;
-dontaudit system_server priv_app:file write;
 dontaudit system_server untrusted_app:file write;
-dontaudit system_server radio:file write;
 dontaudit system_server hal_audio_default:file write;
+dontaudit system_server appdomain:file write;
diff --git a/sepolicy/time_daemon.te b/sepolicy/time_daemon.te
index 4feaa852..6f5cec96 100644
--- a/sepolicy/time_daemon.te
+++ b/sepolicy/time_daemon.te
@@ -13,5 +13,8 @@ allow time_daemon sysfs_soc:dir search;
 allow time_daemon sysfs_soc:file r_file_perms;
 allow time_daemon sysfs_msm_subsys:dir search;
 
+allow time_daemon persist_file:dir w_dir_perms;
+allow time_daemon persist_file:file rw_file_perms;
+
 allow time_daemon self:socket create_socket_perms;
 allowxperm time_daemon self:socket ioctl msm_sock_ipc_ioctls;