diff --git a/gps/lsi/sepolicy/hal_gnss_default.te b/gps/lsi/sepolicy/hal_gnss_default.te
index 7d363f0..0294a93 100644
--- a/gps/lsi/sepolicy/hal_gnss_default.te
+++ b/gps/lsi/sepolicy/hal_gnss_default.te
@@ -11,3 +11,6 @@ get_prop(hal_gnss_default, vendor_gps_prop)
 
 #IPC between pixel and vendor HAL
 binder_call(hal_gnss_default, hal_gnss_pixel)
+
+# Allow connect to gnss service
+allow hal_gnss_default vendor_gps_file:fifo_file create_file_perms;
diff --git a/gps/pixel/sepolicy/hal_gnss_pixel.te b/gps/pixel/sepolicy/hal_gnss_pixel.te
index 512ecc9..9a0b648 100644
--- a/gps/pixel/sepolicy/hal_gnss_pixel.te
+++ b/gps/pixel/sepolicy/hal_gnss_pixel.te
@@ -12,3 +12,15 @@ allow hal_gnss_pixel sysfs_modem_state:file r_file_perms;
 
 #Toggle coredump node
 allow hal_gnss_pixel sysfs_gps:file rw_file_perms;
+
+# Allow access to CHRE multiclient HAL.
+get_prop(hal_gnss_pixel, vendor_chre_hal_prop)
+
+# Allow binder to CHRE.
+binder_call(hal_gnss_pixel, hal_contexthub_default)
+allow hal_gnss_pixel hal_contexthub_service:service_manager find;
+
+# Allow connect to gnss service
+allow hal_gnss_pixel vendor_gps_file:dir create_dir_perms;
+allow hal_gnss_pixel vendor_gps_file:fifo_file create_file_perms;
+
diff --git a/touch/twoshay/twoshay.mk b/touch/twoshay/twoshay.mk
index 20bf1ba..bae0975 100644
--- a/touch/twoshay/twoshay.mk
+++ b/touch/twoshay/twoshay.mk
@@ -1,3 +1,3 @@
 BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/touch/twoshay/sepolicy
 PRODUCT_PACKAGES += twoshay
-PRODUCT_SOONG_NAMESPACES += vendor/google/input/twoshay
+PRODUCT_SOONG_NAMESPACES += vendor/google/interfaces vendor/google/input/twoshay