diff --git a/sepolicy/device.te b/sepolicy/device.te
index c2b4d2b..5a4f4ab 100644
--- a/sepolicy/device.te
+++ b/sepolicy/device.te
@@ -1 +1,5 @@
+# EFS
 type efs_block_device, dev_type;
+
+# Fingerprint
+type vfsspi_device, dev_type;
diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts
index f742d51..468f7f2 100644
--- a/sepolicy/file_contexts
+++ b/sepolicy/file_contexts
@@ -9,6 +9,9 @@
 # FRP
 /dev/block/bootdevice/by-name/persistent     u:object_r:frp_block_device:s0
 
+# Fingerprint
+/dev/vfsspi                                  u:object_r:vfsspi_device:s0
+
 # mDNIe
 /sys/devices/virtual/mdnie/mdnie/mode        u:object_r:sysfs_mdnie:s0
 /sys/devices/virtual/mdnie/mdnie/scenario    u:object_r:sysfs_mdnie:s0
diff --git a/sepolicy/fingerprintd.te b/sepolicy/fingerprintd.te
new file mode 100644
index 0000000..aff5c76
--- /dev/null
+++ b/sepolicy/fingerprintd.te
@@ -0,0 +1,2 @@
+allow fingerprintd tee_device:chr_file rw_file_perms;
+allow fingerprintd vfsspi_device:chr_file rw_file_perms;