diff --git a/non_plat/file_contexts b/non_plat/file_contexts
index 81318de..c963e84 100644
--- a/non_plat/file_contexts
+++ b/non_plat/file_contexts
@@ -18,6 +18,7 @@
 #############################
 # Data files
 #
+/data/vendor/.tp(/.*)?  u:object_r:thermal_manager_data_file:s0
 /data/vendor_de/meta(/.*)?    u:object_r:mddb_data_file:s0
 /data/aee_exp(/.*)?  u:object_r:aee_exp_data_file:s0
 /data/vendor/aee_exp(/.*)?  u:object_r:aee_exp_vendor_file:s0
diff --git a/non_plat/thermal_manager.te b/non_plat/thermal_manager.te
index 96b5248..2ad3f91 100644
--- a/non_plat/thermal_manager.te
+++ b/non_plat/thermal_manager.te
@@ -23,9 +23,11 @@ allow thermal_manager proc_thermal:file rw_file_perms;
 # Date : WK15.30
 # Operation : Migration
 # Purpose : Use file_type_auto_trans to specify label to avoid violated(never allow)
-allow thermal_manager thermal_manager_data_file:file { create write read open setattr write lock};
+
+allow thermal_manager thermal_manager_data_file:file create_file_perms;
 allow thermal_manager thermal_manager_data_file:dir { rw_dir_perms setattr };
 
+
 allow thermal_manager mediaserver:fd use;
 allow thermal_manager mediaserver:fifo_file { read write };
 allow thermal_manager mediaserver:tcp_socket { read write };
@@ -51,5 +53,6 @@ allow thermal_manager mtk_thermal_config_prop:property_service set;
 # Date : WK18.18
 # Operation : P Migration
 # Purpose : Allow thermal_manager to access vendor data file.
-allow thermal_manager vendor_data_file:dir { write add_name };
+
 allow thermal_manager self:capability { fowner chown };
+