diff --git a/non_plat/device.te b/non_plat/device.te
index 702a58d..9251874 100644
--- a/non_plat/device.te
+++ b/non_plat/device.te
@@ -272,3 +272,5 @@ type m_bio_misc_device, dev_type;
 # Operation : Migration
 # Purpose : Add permission for gpu access
 type dri_device, dev_type, mlstrustedobject;
+
+type teei_fp_device, dev_type;
diff --git a/non_plat/file_contexts b/non_plat/file_contexts
index a0f7234..a6b19eb 100644
--- a/non_plat/file_contexts
+++ b/non_plat/file_contexts
@@ -691,3 +691,6 @@
 
 # Thermal
 /(system\/vendor|vendor)/bin/thermal u:object_r:thermal_exec:s0
+
+# TEE
+/dev/teei_fp u:object_r:teei_fp_device:s0
diff --git a/non_plat/hal_fingerprint_default.te b/non_plat/hal_fingerprint_default.te
new file mode 100644
index 0000000..857623a
--- /dev/null
+++ b/non_plat/hal_fingerprint_default.te
@@ -0,0 +1 @@
+allow hal_fingerprint_default teei_fp_device:chr_file { read write open ioctl };
diff --git a/non_plat/system_server.te b/non_plat/system_server.te
index 16be4fe..c2aa0ff 100644
--- a/non_plat/system_server.te
+++ b/non_plat/system_server.te
@@ -277,3 +277,5 @@ allow system_server sf_rtt_file:dir rmdir;
 # Date : 2019/11/29
 # Operation : Q Migration
 allow system_server storage_stub_file:dir getattr;
+
+allow system_server teei_fp_device:chr_file rw_file_perms;