diff --git a/caiman-sepolicy.mk b/caiman-sepolicy.mk
index f6c52b39..6354acf7 100644
--- a/caiman-sepolicy.mk
+++ b/caiman-sepolicy.mk
@@ -3,3 +3,6 @@ BOARD_SEPOLICY_DIRS += device/google/caimito-sepolicy/caiman
 
 # UDFPS sepolicy.
 BOARD_SEPOLICY_DIRS += device/google/caimito-sepolicy/fingerprint
+
+# GPS sepolicy
+BOARD_SEPOLICY_DIRS += device/google/caimito-sepolicy/gnss
diff --git a/gnss/file_contexts b/gnss/file_contexts
new file mode 100644
index 00000000..1a4c2d4b
--- /dev/null
+++ b/gnss/file_contexts
@@ -0,0 +1,11 @@
+# GPS
+/dev/gnss_ipc                  u:object_r:vendor_gnss_device:s0
+/dev/gnss_boot                 u:object_r:vendor_gnss_device:s0
+/dev/gnss_dump                 u:object_r:vendor_gnss_device:s0
+
+/vendor/bin/hw/gnssd            u:object_r:gnssd_exec:s0
+/vendor/bin/hw/sctd             u:object_r:sctd_exec:s0
+/vendor/bin/hw/swcnd            u:object_r:swcnd_exec:s0
+/vendor/bin/hw/spad             u:object_r:spad_exec:s0
+/vendor/bin/hw/gnss-aidl-service_IGnssV2_ISlsiGnssV1           u:object_r:hal_gnss_default_exec:s0
+/vendor/bin/gnss_check\.sh                                     u:object_r:gnss_check_exec:s0
diff --git a/gnss/gnss_check.te b/gnss/gnss_check.te
new file mode 100644
index 00000000..e19a8b97
--- /dev/null
+++ b/gnss/gnss_check.te
@@ -0,0 +1,6 @@
+type gnss_check, domain;
+type gnss_check_exec, exec_type, vendor_file_type, file_type;
+
+init_daemon_domain(gnss_check);
+
+allow gnss_check vendor_toolbox_exec:file { execute_no_trans };
diff --git a/gnss/gnssd.te b/gnss/gnssd.te
new file mode 100644
index 00000000..ea16762b
--- /dev/null
+++ b/gnss/gnssd.te
@@ -0,0 +1,23 @@
+type gnssd, domain;
+type gnssd_exec, exec_type, vendor_file_type, file_type;
+init_daemon_domain(gnssd);
+
+# Allow gnssd to access rild
+binder_call(gnssd, rild);
+# binder_call(gnssd, hwservicemanager)
+allow gnssd hal_exynos_rild_hwservice:hwservice_manager find;
+allow gnssd radio_device:chr_file rw_file_perms;
+
+# Allow gnssd to acess gnss device
+allow gnssd vendor_gnss_device:chr_file rw_file_perms;
+allow gnssd vendor_gps_file:dir create_dir_perms;
+allow gnssd vendor_gps_file:file create_file_perms;
+allow gnssd vendor_gps_file:fifo_file create_file_perms;
+
+get_prop(gnssd, bootanim_system_prop)
+
+# Allow gnssd to obtain wakelock
+wakelock_use(gnssd)
+
+# Allow a base set of permissions required for network access.
+net_domain(gnssd);
diff --git a/gnss/hal_gnss_default.te b/gnss/hal_gnss_default.te
new file mode 100644
index 00000000..25fc30a9
--- /dev/null
+++ b/gnss/hal_gnss_default.te
@@ -0,0 +1,2 @@
+binder_call(hal_gnss_default, gnssd);
+
diff --git a/gnss/rild.te b/gnss/rild.te
new file mode 100644
index 00000000..c620a19b
--- /dev/null
+++ b/gnss/rild.te
@@ -0,0 +1 @@
+binder_call(rild, gnssd)
diff --git a/gnss/sctd.te b/gnss/sctd.te
new file mode 100644
index 00000000..8966ef8a
--- /dev/null
+++ b/gnss/sctd.te
@@ -0,0 +1,3 @@
+type sctd, domain;
+type sctd_exec, exec_type, vendor_file_type, file_type;
+init_daemon_domain(sctd);
diff --git a/gnss/spad.te b/gnss/spad.te
new file mode 100644
index 00000000..eaf8b1c8
--- /dev/null
+++ b/gnss/spad.te
@@ -0,0 +1,3 @@
+type spad, domain;
+type spad_exec, exec_type, vendor_file_type, file_type;
+init_daemon_domain(spad);
diff --git a/gnss/swcnd.te b/gnss/swcnd.te
new file mode 100644
index 00000000..c366cad8
--- /dev/null
+++ b/gnss/swcnd.te
@@ -0,0 +1,3 @@
+type swcnd, domain;
+type swcnd_exec, exec_type, vendor_file_type, file_type;
+init_daemon_domain(swcnd);
diff --git a/komodo-sepolicy.mk b/komodo-sepolicy.mk
index f5d822d9..c01cdba2 100644
--- a/komodo-sepolicy.mk
+++ b/komodo-sepolicy.mk
@@ -3,3 +3,6 @@ BOARD_SEPOLICY_DIRS += device/google/caimito-sepolicy/komodo
 
 # UDFPS sepolicy.
 BOARD_SEPOLICY_DIRS += device/google/caimito-sepolicy/fingerprint
+
+# GPS sepolicy
+BOARD_SEPOLICY_DIRS += device/google/caimito-sepolicy/gnss
diff --git a/ripcurrent24-sepolicy.mk b/ripcurrent24-sepolicy.mk
index 63f1e2f6..f195b047 100644
--- a/ripcurrent24-sepolicy.mk
+++ b/ripcurrent24-sepolicy.mk
@@ -3,3 +3,6 @@ BOARD_SEPOLICY_DIRS += device/google/caimito-sepolicy/ripcurrent24
 
 # UDFPS sepolicy.
 BOARD_SEPOLICY_DIRS += device/google/caimito-sepolicy/fingerprint
+
+# GPS sepolicy
+BOARD_SEPOLICY_DIRS += device/google/caimito-sepolicy/gnss
diff --git a/tokay-sepolicy.mk b/tokay-sepolicy.mk
index 90689a32..2711c2cd 100644
--- a/tokay-sepolicy.mk
+++ b/tokay-sepolicy.mk
@@ -3,3 +3,6 @@ BOARD_SEPOLICY_DIRS += device/google/caimito-sepolicy/tokay
 
 # UDFPS sepolicy.
 BOARD_SEPOLICY_DIRS += device/google/caimito-sepolicy/fingerprint
+
+# GPS sepolicy
+BOARD_SEPOLICY_DIRS += device/google/caimito-sepolicy/gnss