diff --git a/tracking_denials/hal_camera_default.te b/tracking_denials/hal_camera_default.te
index e8619fc1..3ebc8e5e 100644
--- a/tracking_denials/hal_camera_default.te
+++ b/tracking_denials/hal_camera_default.te
@@ -6,5 +6,3 @@ dontaudit hal_camera_default gxp_device:chr_file { read write };
 userdebug_or_eng(`
   permissive hal_camera_default;
 ')
-# b/264483024
-dontaudit hal_camera_default hal_radioext_hwservice:hwservice_manager { find };
diff --git a/tracking_denials/rlsservice.te b/tracking_denials/rlsservice.te
deleted file mode 100644
index 26c301f2..00000000
--- a/tracking_denials/rlsservice.te
+++ /dev/null
@@ -1,29 +0,0 @@
-# b/263185565
-dontaudit rlsservice aoc_device:chr_file { getattr };
-dontaudit rlsservice aoc_device:chr_file { open };
-dontaudit rlsservice aoc_device:chr_file { read write };
-dontaudit rlsservice apex_info_file:file { getattr };
-dontaudit rlsservice apex_info_file:file { open };
-dontaudit rlsservice apex_info_file:file { read };
-dontaudit rlsservice apex_info_file:file { watch };
-dontaudit rlsservice device:dir { read };
-dontaudit rlsservice device:dir { watch };
-dontaudit rlsservice rls_service:service_manager { add };
-dontaudit rlsservice sysfs_leds:dir { search };
-dontaudit rlsservice sysfs_leds:file { open };
-dontaudit rlsservice sysfs_leds:file { read };
-dontaudit rlsservice vendor_camera_prop:file { getattr };
-dontaudit rlsservice vendor_camera_prop:file { map };
-dontaudit rlsservice vendor_camera_prop:file { open };
-dontaudit rlsservice vendor_camera_prop:file { read };
-dontaudit rlsservice vndbinder_device:chr_file { ioctl };
-dontaudit rlsservice vndbinder_device:chr_file { map };
-dontaudit rlsservice vndbinder_device:chr_file { open };
-dontaudit rlsservice vndbinder_device:chr_file { read };
-dontaudit rlsservice vndbinder_device:chr_file { write };
-dontaudit rlsservice vndservicemanager:binder { call };
-dontaudit rlsservice vndservicemanager:binder { transfer };
-# b/264489641
-userdebug_or_eng(`
-  permissive rlsservice;
-')
\ No newline at end of file
diff --git a/vendor/hal_camera_default.te b/vendor/hal_camera_default.te
index 7a0cdb2e..f59be53c 100644
--- a/vendor/hal_camera_default.te
+++ b/vendor/hal_camera_default.te
@@ -68,8 +68,13 @@ allow hal_camera_default sysfs_leds:file r_file_perms;
 
 # Allow camera HAL to query preferred camera frequencies from the radio HAL
 # extensions to avoid interference with cellular antennas.
+allow hal_camera_default hal_radioext_hwservice:hwservice_manager find;
 binder_call(hal_camera_default, hal_radioext_default);
 
+# For camera hal to talk with rlsservice
+allow hal_camera_default rls_service:service_manager find;
+binder_call(hal_camera_default, rlsservice)
+
 # Allow camera HAL to send trace packets to Perfetto
 userdebug_or_eng(`perfetto_producer(hal_camera_default)')
 
diff --git a/vendor/rlsservice.te b/vendor/rlsservice.te
index 6f6b3b48..186471a7 100644
--- a/vendor/rlsservice.te
+++ b/vendor/rlsservice.te
@@ -2,4 +2,31 @@ type rlsservice, domain;
 type rlsservice_exec, exec_type, vendor_file_type, file_type;
 
 init_daemon_domain(rlsservice)
+vndbinder_use(rlsservice)
+add_service(rlsservice, rls_service)
+
+# access rainbow sensor calibration files
+allow rlsservice persist_file:dir search;
+allow rlsservice persist_camera_file:dir search;
+allow rlsservice persist_camera_file:file r_file_perms;
+allow rlsservice mnt_vendor_file:dir search;
+
+# access device files
+allow rlsservice rls_device:chr_file rw_file_perms;
+
+binder_call(rlsservice, hal_camera_default)
+
+# Allow access to display backlight information
+allow rlsservice sysfs_leds:dir search;
+allow rlsservice sysfs_leds:file r_file_perms;
+
+# Allow access to always-on compute device node
+allow rlsservice device:dir r_file_perms;
+allow rlsservice aoc_device:chr_file rw_file_perms;
+
+# For observing apex file changes
+allow rlsservice apex_info_file:file r_file_perms;
+
+# Allow read camera property
+get_prop(rlsservice, vendor_camera_prop);