diff --git a/non_plat/recovery.te b/non_plat/recovery.te
new file mode 100644
index 0000000..a130f89
--- /dev/null
+++ b/non_plat/recovery.te
@@ -0,0 +1,57 @@
+# ==============================================
+# MTK Policy Rule
+# ==============================================
+# recovery console (used in recovery init.rc for /sbin/recovery)
+
+# Date : WK15.13
+# Operation : UT
+# Purpose : Nand device policy
+allow recovery mtd_device:dir search;
+allow recovery mtd_device:chr_file rw_file_perms;
+allow recovery self:capability sys_resource;
+
+# Date : WK18.16
+# Operation : UT
+# Purpose : Refine policy
+allow recovery misc_sd_device:chr_file rw_file_perms;
+allow recovery vfat:dir r_dir_perms;
+allow recovery vfat:file r_file_perms;
+allow recovery sysfs_mmcblk:dir r_dir_perms;
+allow recovery sysfs_mmcblk:file rw_file_perms;
+allow recovery sysfs_mmcblk:lnk_file r_file_perms;
+
+# Date : WK18.25
+# Operation : UT
+# Purpose : Add policy for therm, gpu, battery, and boot_type
+allow recovery sysfs:dir r_dir_perms;
+allow recovery sysfs_batteryinfo:dir r_dir_perms;
+allow recovery sysfs_boot_type:file r_file_perms;
+allow recovery sysfs_therm:dir r_dir_perms;
+allow recovery sysfs_therm:file r_file_perms;
+allow recovery gpu_device:dir r_dir_perms;
+
+# Date : WK18.09
+# Operation : UT
+# Purpose : Allow recovery can update boot partition
+allow recovery tmpfs:lnk_file r_file_perms;
+
+# Date : WK19.03
+# Operation : UT
+# Purpose : Android Migration
+allow recovery bootdevice_block_device:blk_file rw_file_perms;
+allow recovery self:capability { sys_rawio fsetid };
+allowxperm recovery bootdevice_block_device:blk_file ioctl {
+ MMC_IOCTLCMD
+ UFS_IOCTLCMD
+};
+allow recovery block_device:blk_file ioctl;
+allowxperm recovery block_device:blk_file ioctl {
+ BLKIOMIN
+ BLKALIGNOFF
+};
+allow recovery sysfs_dm:dir search;
+allow recovery sysfs_dm:file r_file_perms;
+allowxperm recovery tmpfs:file ioctl FS_IOC_FIEMAP;
+allowxperm recovery cache_block_device:blk_file ioctl BLKPBSZGET;
+allowxperm recovery nvdata_device:blk_file ioctl BLKPBSZGET;
+allow recovery proc_filesystems:file r_file_perms;