diff --git a/tracking_denials/cbd.te b/tracking_denials/cbd.te
index 83f606c3..6527506e 100644
--- a/tracking_denials/cbd.te
+++ b/tracking_denials/cbd.te
@@ -1,2 +1,4 @@
 # b/205779872
 dontaudit cbd persist_file:dir { search };
+# b/205904432
+dontaudit cbd cbd:capability { setuid };
diff --git a/tracking_denials/citadeld.te b/tracking_denials/citadeld.te
index c6b16b6e..a6a36f1e 100644
--- a/tracking_denials/citadeld.te
+++ b/tracking_denials/citadeld.te
@@ -8,3 +8,9 @@ dontaudit citadeld vndbinder_device:chr_file { map };
 dontaudit citadeld vndbinder_device:chr_file { open };
 dontaudit citadeld vndbinder_device:chr_file { read };
 dontaudit citadeld vndbinder_device:chr_file { write };
+# b/205904322
+dontaudit citadeld servicemanager:binder { call };
+dontaudit citadeld servicemanager:binder { transfer };
+dontaudit citadeld system_server:binder { call };
+dontaudit citadeld vndservicemanager:binder { call };
+dontaudit citadeld vndservicemanager:binder { transfer };
diff --git a/tracking_denials/convert-to-f2fs-sh.te b/tracking_denials/convert-to-f2fs-sh.te
index 2478f01b..6231c945 100644
--- a/tracking_denials/convert-to-f2fs-sh.te
+++ b/tracking_denials/convert-to-f2fs-sh.te
@@ -12,3 +12,5 @@ dontaudit convert-to-f2fs-sh toolbox_exec:file { execute };
 dontaudit convert-to-f2fs-sh toolbox_exec:file { execute_no_trans };
 dontaudit convert-to-f2fs-sh toolbox_exec:file { getattr };
 dontaudit convert-to-f2fs-sh toolbox_exec:file { read open };
+# b/205904438
+dontaudit convert-to-f2fs-sh toolbox_exec:file { map };
diff --git a/tracking_denials/hal_camera_default.te b/tracking_denials/hal_camera_default.te
index b7c2ccc0..451ff93a 100644
--- a/tracking_denials/hal_camera_default.te
+++ b/tracking_denials/hal_camera_default.te
@@ -41,3 +41,12 @@ dontaudit hal_camera_default vendor_camera_data_file:dir { read };
 dontaudit hal_camera_default vendor_camera_data_file:dir { search };
 dontaudit hal_camera_default vendor_camera_data_file:file { open };
 dontaudit hal_camera_default vendor_camera_data_file:file { read };
+# b/205904406
+dontaudit hal_camera_default hal_camera_default:capability { sys_nice };
+dontaudit hal_camera_default hal_power_default:binder { call };
+dontaudit hal_camera_default hal_radioext_default:binder { call };
+dontaudit hal_camera_default init:unix_stream_socket { connectto };
+dontaudit hal_camera_default property_socket:sock_file { write };
+dontaudit hal_camera_default servicemanager:binder { call };
+dontaudit hal_camera_default servicemanager:binder { transfer };
+dontaudit hal_camera_default system_server:binder { call };
diff --git a/tracking_denials/hal_fingerprint_default.te b/tracking_denials/hal_fingerprint_default.te
index cda5fa89..43d1f3a2 100644
--- a/tracking_denials/hal_fingerprint_default.te
+++ b/tracking_denials/hal_fingerprint_default.te
@@ -17,3 +17,7 @@ dontaudit hal_fingerprint_default fingerprint_device:chr_file { read write };
 dontaudit hal_fingerprint_default tee_device:chr_file { ioctl };
 dontaudit hal_fingerprint_default tee_device:chr_file { open };
 dontaudit hal_fingerprint_default tee_device:chr_file { read write };
+# b/205904310
+dontaudit hal_fingerprint_default hal_fingerprint_default:netlink_socket { bind };
+dontaudit hal_fingerprint_default hal_fingerprint_default:netlink_socket { create };
+dontaudit hal_fingerprint_default hal_fingerprint_default:netlink_socket { write };
diff --git a/tracking_denials/hal_graphics_composer_default.te b/tracking_denials/hal_graphics_composer_default.te
index 95a4c0a2..d416f72f 100644
--- a/tracking_denials/hal_graphics_composer_default.te
+++ b/tracking_denials/hal_graphics_composer_default.te
@@ -12,3 +12,9 @@ dontaudit hal_graphics_composer_default vndbinder_device:chr_file { write };
 # b/205779906
 dontaudit hal_graphics_composer_default mnt_vendor_file:dir { search };
 dontaudit hal_graphics_composer_default persist_file:dir { search };
+# b/205904436
+dontaudit hal_graphics_composer_default hal_graphics_composer_default:netlink_kobject_uevent_socket { bind };
+dontaudit hal_graphics_composer_default hal_graphics_composer_default:netlink_kobject_uevent_socket { create };
+dontaudit hal_graphics_composer_default hal_graphics_composer_default:netlink_kobject_uevent_socket { read };
+dontaudit hal_graphics_composer_default vndservicemanager:binder { call };
+dontaudit hal_graphics_composer_default vndservicemanager:binder { transfer };
diff --git a/tracking_denials/hal_health_default.te b/tracking_denials/hal_health_default.te
index 6306f197..bd55c270 100644
--- a/tracking_denials/hal_health_default.te
+++ b/tracking_denials/hal_health_default.te
@@ -7,3 +7,6 @@ dontaudit hal_health_default vendor_battery_defender_prop:property_service { set
 # b/205779737
 dontaudit hal_health_default mnt_vendor_file:dir { search };
 dontaudit hal_health_default persist_file:dir { search };
+# b/205904402
+dontaudit hal_health_default init:unix_stream_socket { connectto };
+dontaudit hal_health_default property_socket:sock_file { write };
diff --git a/tracking_denials/hal_identity_citadel.te b/tracking_denials/hal_identity_citadel.te
index 15777759..dd1af9bf 100644
--- a/tracking_denials/hal_identity_citadel.te
+++ b/tracking_denials/hal_identity_citadel.te
@@ -4,3 +4,5 @@ dontaudit hal_identity_citadel vndbinder_device:chr_file { map };
 dontaudit hal_identity_citadel vndbinder_device:chr_file { open };
 dontaudit hal_identity_citadel vndbinder_device:chr_file { read };
 dontaudit hal_identity_citadel vndbinder_device:chr_file { write };
+# b/205904552
+dontaudit hal_identity_citadel vndservicemanager:binder { call };
diff --git a/tracking_denials/hal_keymint_citadel.te b/tracking_denials/hal_keymint_citadel.te
index b2d1bcf4..6d19e0e5 100644
--- a/tracking_denials/hal_keymint_citadel.te
+++ b/tracking_denials/hal_keymint_citadel.te
@@ -9,3 +9,6 @@ dontaudit hal_keymint_citadel vndbinder_device:chr_file { map };
 dontaudit hal_keymint_citadel vndbinder_device:chr_file { open };
 dontaudit hal_keymint_citadel vndbinder_device:chr_file { read };
 dontaudit hal_keymint_citadel vndbinder_device:chr_file { write };
+# b/205904323
+dontaudit hal_keymint_citadel citadeld:binder { call };
+dontaudit hal_keymint_citadel vndservicemanager:binder { call };
diff --git a/tracking_denials/hal_power_default.te b/tracking_denials/hal_power_default.te
new file mode 100644
index 00000000..05e3c0c1
--- /dev/null
+++ b/tracking_denials/hal_power_default.te
@@ -0,0 +1,2 @@
+# b/205904442
+dontaudit hal_power_default hal_camera_default:binder { transfer };
diff --git a/tracking_denials/hal_power_stats_default.te b/tracking_denials/hal_power_stats_default.te
new file mode 100644
index 00000000..86e4dc43
--- /dev/null
+++ b/tracking_denials/hal_power_stats_default.te
@@ -0,0 +1,2 @@
+# b/205904367
+dontaudit hal_power_stats_default hal_bluetooth_btlinux:binder { call };
diff --git a/tracking_denials/hal_secure_element_gto.te b/tracking_denials/hal_secure_element_gto.te
index 866071c2..ea3e96f6 100644
--- a/tracking_denials/hal_secure_element_gto.te
+++ b/tracking_denials/hal_secure_element_gto.te
@@ -3,3 +3,6 @@ dontaudit hal_secure_element_gto vendor_secure_element_prop:property_service { s
 # b/205656951
 dontaudit hal_secure_element_gto secure_element_device:chr_file { open };
 dontaudit hal_secure_element_gto secure_element_device:chr_file { read write };
+# b/205904452
+dontaudit hal_secure_element_gto init:unix_stream_socket { connectto };
+dontaudit hal_secure_element_gto property_socket:sock_file { write };
diff --git a/tracking_denials/hal_secure_element_uicc.te b/tracking_denials/hal_secure_element_uicc.te
new file mode 100644
index 00000000..10323849
--- /dev/null
+++ b/tracking_denials/hal_secure_element_uicc.te
@@ -0,0 +1,3 @@
+# b/205904403
+dontaudit hal_secure_element_uicc rild:binder { call };
+dontaudit hal_secure_element_uicc rild:binder { transfer };
diff --git a/tracking_denials/hal_sensors_default.te b/tracking_denials/hal_sensors_default.te
index 05ccf8ac..06aaec58 100644
--- a/tracking_denials/hal_sensors_default.te
+++ b/tracking_denials/hal_sensors_default.te
@@ -9,3 +9,7 @@ dontaudit hal_sensors_default persist_file:dir { search };
 dontaudit hal_sensors_default sensor_reg_data_file:dir { getattr };
 dontaudit hal_sensors_default sensor_reg_data_file:dir { open };
 dontaudit hal_sensors_default sensor_reg_data_file:dir { read };
+# b/205904379
+dontaudit hal_sensors_default chre:unix_stream_socket { connectto };
+dontaudit hal_sensors_default chre_socket:sock_file { write };
+dontaudit hal_sensors_default system_server:binder { call };
diff --git a/tracking_denials/hal_thermal_default.te b/tracking_denials/hal_thermal_default.te
new file mode 100644
index 00000000..abbd2f97
--- /dev/null
+++ b/tracking_denials/hal_thermal_default.te
@@ -0,0 +1,7 @@
+# b/205904328
+dontaudit hal_thermal_default hal_thermal_default:netlink_generic_socket { bind };
+dontaudit hal_thermal_default hal_thermal_default:netlink_generic_socket { create };
+dontaudit hal_thermal_default hal_thermal_default:netlink_generic_socket { getattr };
+dontaudit hal_thermal_default hal_thermal_default:netlink_generic_socket { read };
+dontaudit hal_thermal_default hal_thermal_default:netlink_generic_socket { setopt };
+dontaudit hal_thermal_default hal_thermal_default:netlink_generic_socket { write };
diff --git a/tracking_denials/hal_weaver_citadel.te b/tracking_denials/hal_weaver_citadel.te
index 4c0fbbab..b847751f 100644
--- a/tracking_denials/hal_weaver_citadel.te
+++ b/tracking_denials/hal_weaver_citadel.te
@@ -4,3 +4,6 @@ dontaudit hal_weaver_citadel vndbinder_device:chr_file { map };
 dontaudit hal_weaver_citadel vndbinder_device:chr_file { open };
 dontaudit hal_weaver_citadel vndbinder_device:chr_file { read };
 dontaudit hal_weaver_citadel vndbinder_device:chr_file { write };
+# b/205904286
+dontaudit hal_weaver_citadel citadeld:binder { call };
+dontaudit hal_weaver_citadel vndservicemanager:binder { call };
diff --git a/tracking_denials/hbmsvmanager_app.te b/tracking_denials/hbmsvmanager_app.te
index 22a8102e..e015fa9b 100644
--- a/tracking_denials/hbmsvmanager_app.te
+++ b/tracking_denials/hbmsvmanager_app.te
@@ -1,2 +1,4 @@
 # b/204718757
 dontaudit hbmsvmanager_app hal_pixel_display_service:service_manager { find };
+# b/205904380
+dontaudit hbmsvmanager_app hal_graphics_composer_default:binder { call };
diff --git a/tracking_denials/init_citadel.te b/tracking_denials/init_citadel.te
index 48e98d67..587d4ea4 100644
--- a/tracking_denials/init_citadel.te
+++ b/tracking_denials/init_citadel.te
@@ -7,3 +7,6 @@ dontaudit init_citadel vndbinder_device:chr_file { write };
 # b/205779736
 dontaudit init_citadel citadel_updater:file { execute_no_trans };
 dontaudit init_citadel vendor_toolbox_exec:file { execute_no_trans };
+# b/205904401
+dontaudit init_citadel citadeld:binder { call };
+dontaudit init_citadel vndservicemanager:binder { call };
diff --git a/tracking_denials/mediacodec_samsung.te b/tracking_denials/mediacodec_samsung.te
index 09e2f0ed..234242dd 100644
--- a/tracking_denials/mediacodec_samsung.te
+++ b/tracking_denials/mediacodec_samsung.te
@@ -8,3 +8,6 @@ dontaudit mediacodec_samsung vndbinder_device:chr_file { map };
 dontaudit mediacodec_samsung vndbinder_device:chr_file { open };
 dontaudit mediacodec_samsung vndbinder_device:chr_file { read };
 dontaudit mediacodec_samsung vndbinder_device:chr_file { write };
+# b/205904381
+dontaudit mediacodec_samsung vndservicemanager:binder { call };
+dontaudit mediacodec_samsung vndservicemanager:binder { transfer };
diff --git a/tracking_denials/nfc.te b/tracking_denials/nfc.te
new file mode 100644
index 00000000..3e17ff52
--- /dev/null
+++ b/tracking_denials/nfc.te
@@ -0,0 +1,2 @@
+# b/205904208
+dontaudit nfc zygote:binder { transfer };
diff --git a/tracking_denials/pixelstats_vendor.te b/tracking_denials/pixelstats_vendor.te
new file mode 100644
index 00000000..96c305a5
--- /dev/null
+++ b/tracking_denials/pixelstats_vendor.te
@@ -0,0 +1,2 @@
+# b/205904433
+dontaudit pixelstats_vendor servicemanager:binder { call };
diff --git a/tracking_denials/platform_app.te b/tracking_denials/platform_app.te
index 6e1b0e1c..0efc45bd 100644
--- a/tracking_denials/platform_app.te
+++ b/tracking_denials/platform_app.te
@@ -1,2 +1,4 @@
 # b/204718221
 dontaudit platform_app touch_service:service_manager { find };
+# b/205904327
+dontaudit platform_app hal_wlc:binder { call };
diff --git a/tracking_denials/priv_app.te b/tracking_denials/priv_app.te
index 450db67c..cee32be8 100644
--- a/tracking_denials/priv_app.te
+++ b/tracking_denials/priv_app.te
@@ -4,3 +4,6 @@ dontaudit priv_app hal_exynos_rild_hwservice:hwservice_manager { find };
 dontaudit priv_app vendor_default_prop:file { getattr };
 dontaudit priv_app vendor_default_prop:file { map };
 dontaudit priv_app vendor_default_prop:file { open };
+# b/205904553
+dontaudit priv_app rild:binder { call };
+dontaudit priv_app rild:binder { transfer };
diff --git a/tracking_denials/rfsd.te b/tracking_denials/rfsd.te
new file mode 100644
index 00000000..bf921ff4
--- /dev/null
+++ b/tracking_denials/rfsd.te
@@ -0,0 +1,3 @@
+# b/205904361
+dontaudit rfsd rfsd:capability { chown };
+dontaudit rfsd rfsd:capability { setuid };
diff --git a/tracking_denials/rild.te b/tracking_denials/rild.te
index 875d5d24..532083f3 100644
--- a/tracking_denials/rild.te
+++ b/tracking_denials/rild.te
@@ -4,3 +4,8 @@ dontaudit rild vendor_persist_config_default_prop:file { getattr };
 dontaudit rild vendor_persist_config_default_prop:file { map };
 dontaudit rild vendor_persist_config_default_prop:file { open };
 dontaudit rild vendor_persist_config_default_prop:file { read };
+# b/205904441
+dontaudit rild hal_secure_element_uicc:binder { call };
+dontaudit rild priv_app:binder { call };
+dontaudit rild vendor_ims_app:binder { call };
+dontaudit rild vendor_rcs_app:binder { call };
diff --git a/tracking_denials/rlsservice.te b/tracking_denials/rlsservice.te
index 2231fbb5..ba5e07a8 100644
--- a/tracking_denials/rlsservice.te
+++ b/tracking_denials/rlsservice.te
@@ -14,3 +14,6 @@ dontaudit rlsservice apex_info_file:file { getattr };
 dontaudit rlsservice apex_info_file:file { open };
 dontaudit rlsservice apex_info_file:file { read };
 dontaudit rlsservice apex_info_file:file { watch };
+# b/205904324
+dontaudit rlsservice vndservicemanager:binder { call };
+dontaudit rlsservice vndservicemanager:binder { transfer };
diff --git a/tracking_denials/servicemanager.te b/tracking_denials/servicemanager.te
new file mode 100644
index 00000000..ed7eefbb
--- /dev/null
+++ b/tracking_denials/servicemanager.te
@@ -0,0 +1,4 @@
+# b/205904207
+dontaudit servicemanager citadeld:binder { call };
+dontaudit servicemanager hal_camera_default:binder { call };
+dontaudit servicemanager hal_fingerprint_default:binder { call };
diff --git a/tracking_denials/system_server.te b/tracking_denials/system_server.te
new file mode 100644
index 00000000..03229278
--- /dev/null
+++ b/tracking_denials/system_server.te
@@ -0,0 +1,2 @@
+# b/205904404
+dontaudit system_server zygote:binder { call };
diff --git a/tracking_denials/tee.te b/tracking_denials/tee.te
new file mode 100644
index 00000000..e20f6584
--- /dev/null
+++ b/tracking_denials/tee.te
@@ -0,0 +1,3 @@
+# b/205904330
+dontaudit tee tee:capability { setgid };
+dontaudit tee tee:capability { setuid };
diff --git a/tracking_denials/vendor_ims_app.te b/tracking_denials/vendor_ims_app.te
index 2695c9c8..9ef9ca82 100644
--- a/tracking_denials/vendor_ims_app.te
+++ b/tracking_denials/vendor_ims_app.te
@@ -1,2 +1,5 @@
 # b/205780067
 dontaudit vendor_ims_app radio_service:service_manager { find };
+# b/205904439
+dontaudit vendor_ims_app rild:binder { call };
+dontaudit vendor_ims_app rild:binder { transfer };
diff --git a/tracking_denials/vendor_rcs_app.te b/tracking_denials/vendor_rcs_app.te
index bc5dcaae..7c6042eb 100644
--- a/tracking_denials/vendor_rcs_app.te
+++ b/tracking_denials/vendor_rcs_app.te
@@ -1,2 +1,5 @@
 # b/205779581
 dontaudit vendor_rcs_app radio_service:service_manager { find };
+# b/205904435
+dontaudit vendor_rcs_app rild:binder { call };
+dontaudit vendor_rcs_app rild:binder { transfer };
diff --git a/tracking_denials/zygote.te b/tracking_denials/zygote.te
index c9fd8bba..7ec594d4 100644
--- a/tracking_denials/zygote.te
+++ b/tracking_denials/zygote.te
@@ -6,3 +6,9 @@ dontaudit zygote default_android_service:service_manager { find };
 dontaudit zygote game_service:service_manager { find };
 dontaudit zygote nfc_service:service_manager { find };
 dontaudit zygote radio_service:service_manager { find };
+# b/205904384
+dontaudit zygote adbd:unix_stream_socket { connectto };
+dontaudit zygote nfc:binder { call };
+dontaudit zygote servicemanager:binder { call };
+dontaudit zygote system_server:binder { call };
+dontaudit zygote system_server:binder { transfer };