diff --git a/whitechapel_pro/file.te b/whitechapel_pro/file.te
index e3a6bd52..288bb7c2 100644
--- a/whitechapel_pro/file.te
+++ b/whitechapel_pro/file.te
@@ -109,6 +109,9 @@ type sysfs_usbc_throttling_stats, sysfs_type, fs_type;
 
 # Touch
 type proc_touch, proc_type, fs_type;
+userdebug_or_eng(`
+    typeattribute proc_touch mlstrustedobject;
+')
 
 # Vendor sched files
 userdebug_or_eng(`
diff --git a/whitechapel_pro/google_touch_app.te b/whitechapel_pro/google_touch_app.te
new file mode 100644
index 00000000..f90fde1e
--- /dev/null
+++ b/whitechapel_pro/google_touch_app.te
@@ -0,0 +1,11 @@
+type google_touch_app, domain;
+
+userdebug_or_eng(`
+  app_domain(google_touch_app)
+
+  allow google_touch_app app_api_service:service_manager find;
+
+  allow google_touch_app sysfs_touch:dir r_dir_perms;
+  allow google_touch_app sysfs_touch:file rw_file_perms;
+  allow google_touch_app proc_touch:file rw_file_perms;
+')
diff --git a/whitechapel_pro/seapp_contexts b/whitechapel_pro/seapp_contexts
index 720081c7..d7fd69de 100644
--- a/whitechapel_pro/seapp_contexts
+++ b/whitechapel_pro/seapp_contexts
@@ -44,6 +44,9 @@ user=_app isPrivApp=true seinfo=mds name=com.google.mds domain=modem_diagnostic_
 # CBRS setup app
 user=_app seinfo=platform name=com.google.googlecbrs domain=cbrs_setup_app type=app_data_file levelFrom=user
 
+# Touch app
+user=_app seinfo=platform name=com.google.touch.touchinspector domain=google_touch_app type=app_data_file levelFrom=user
+
 # Qorvo UWB system app
 # TODO(b/222204912): Should this run under uwb user?
 user=_app isPrivApp=true seinfo=uwb name=com.qorvo.uwb.vendorservice domain=uwb_vendor_app type=uwb_vendor_data_file levelFrom=all