diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts
index e60ac8e..bc206f3 100644
--- a/sepolicy/file_contexts
+++ b/sepolicy/file_contexts
@@ -1,6 +1,7 @@
 
 # Bluetooth
 /dev/btlock                                             u:object_r:bluetooth_device:s0
+/dev/block/mmcblk0(.*)                                  u:object_r:mmc_block_device:s0
 /dev/rfkill                                             u:object_r:bluetooth_device:s0
 /efs/bluetooth(/.*)?                                    u:object_r:bluetooth_efs_file:s0
 
@@ -18,12 +19,16 @@
 # GPS
 /data/misc/gsiff_ctrl_q                                 u:object_r:location_data_file:s0
 
+# Mpdecision
+/data/system/default_values                             u:object_r:mpctl_data_file:s0
+
 # NFC
 /dev/bcm2079x                                           u:object_r:nfc_device:s0
 /dev/pn547                                              u:object_r:nfc_device:s0
 
 # SEC
 /sys/devices/virtual/sec/sec_key/hall_irq_ctrl          u:object_r:sysfs_sec:s0
+/sys/devices/virtual/sec/tsp(/.*)?                      u:object_r:sysfs_sec:s0
 
 # Sensors
 /dev/batch_io                                           u:object_r:sensors_device:s0
@@ -31,6 +36,12 @@
 /efs/gyro_cal_data                                      u:object_r:sensors_efs_file:s0
 /efs/prox_cal                                           u:object_r:sensors_efs_file:s0
 
+# Time
+/data/time/time.log                                     u:object_r:time_data_file:s0
+
 # WiFi
 /data/.wifiver.info                                     u:object_r:wifi_data_file:s0
 /efs/wifi(/.*)?                                         u:object_r:wifi_efs_file:s0
+
+# Vold
+/etc/blkid.tab                                          u:object_r:system_file:s0
diff --git a/sepolicy/init.te b/sepolicy/init.te
new file mode 100644
index 0000000..17243da
--- /dev/null
+++ b/sepolicy/init.te
@@ -0,0 +1 @@
+allow init kernel:system syslog_read;
diff --git a/sepolicy/mpdecision.te b/sepolicy/mpdecision.te
new file mode 100644
index 0000000..5889b41
--- /dev/null
+++ b/sepolicy/mpdecision.te
@@ -0,0 +1,4 @@
+allow mpdecision socket_device:dir rw_dir_perms;
+allow mpdecision socket_device:sock_file { write create setattr };
+allow mpdecision thermal_socket:sock_file write;
+allow mpdecision thermal-engine:unix_stream_socket connectto;
diff --git a/sepolicy/rild.te b/sepolicy/rild.te
index 1de7b6b..78040d8 100644
--- a/sepolicy/rild.te
+++ b/sepolicy/rild.te
@@ -1,2 +1,3 @@
 allow rild proc_net:file { write };
 allow rild sysfs_sec:file { getattr open read write };
+allow rild zygote_exec:file execute;
diff --git a/sepolicy/system_app.te b/sepolicy/system_app.te
index d98a68f..799df29 100644
--- a/sepolicy/system_app.te
+++ b/sepolicy/system_app.te
@@ -1,3 +1 @@
 allow system_app shell_data_file:dir search;
-allow system_app sysfs_vibeamp:dir search;
-allow system_app sysfs_vibeamp:file { getattr open read write };
diff --git a/sepolicy/system_server.te b/sepolicy/system_server.te
index 656d4f6..0a6da46 100644
--- a/sepolicy/system_server.te
+++ b/sepolicy/system_server.te
@@ -1,6 +1,8 @@
 allow system_server efs_file:dir search;
 allow system_server sensors_efs_file:file { open read };
-allow system_server sysfs_display:file rw_file_perms;
+allow system_server sysfs_display:file { getattr open read write };
+allow system_server sysfs_sec:dir search;
+allow system_server sysfs_sec:file { getattr open read write };
 allow system_server sysfs_vibeamp:dir search;
-allow system_server sysfs_vibeamp:file { open read write };
+allow system_server sysfs_vibeamp:file { getattr open read write };
 allow system_server time_daemon:unix_stream_socket connectto;
diff --git a/sepolicy/time_daemon.te b/sepolicy/time_daemon.te
index bf20926..46f8de1 100644
--- a/sepolicy/time_daemon.te
+++ b/sepolicy/time_daemon.te
@@ -1,3 +1,6 @@
+allow time_daemon system_app:dir search;
+allow time_daemon system_app:file { read open };
 allow time_daemon system_server:dir search;
 allow time_daemon system_server:file { open read };
-allow time_daemon time_data_file:file { getattr append };
+allow time_daemon time_data_file:dir remove_name;
+allow time_daemon time_data_file:file { getattr append unlink };
diff --git a/sepolicy/ueventd.te b/sepolicy/ueventd.te
index 0018a7d..fcc2aeb 100644
--- a/sepolicy/ueventd.te
+++ b/sepolicy/ueventd.te
@@ -1,2 +1,3 @@
 allow ueventd sysfs_camera:file { open read write };
+allow ueventd sysfs_sec:file { open read write };
 allow ueventd sysfs_vibeamp:file { open read write };
diff --git a/sepolicy/vold.te b/sepolicy/vold.te
new file mode 100644
index 0000000..7ce586b
--- /dev/null
+++ b/sepolicy/vold.te
@@ -0,0 +1,2 @@
+allow vold efs_file:dir { getattr read };
+allow vold mmc_block_device:blk_file { open read write ioctl getattr };