diff --git a/gatekeeperd.te b/gatekeeperd.te
index 45bf7d948b25e08233c403ad2e54e94b3e8ef3aa..dfb2c7fc32ce9128c37f682f3e92a57c2e423806 100644
--- a/gatekeeperd.te
+++ b/gatekeeperd.te
@@ -7,9 +7,15 @@ binder_use(gatekeeperd)
 binder_service(gatekeeperd)
 allow gatekeeperd tee_device:chr_file rw_file_perms;
 
+# need to find KeyStore and add self
 allow gatekeeperd gatekeeper_service:service_manager { add find };
 
+# Need to add auth tokens to KeyStore
 allow gatekeeperd keystore:keystore_key { add_auth };
 
+# For permissions checking
+allow gatekeeperd system_server:binder call;
+allow gatekeeperd permission_service:service_manager find;
+
 neverallow { domain -gatekeeperd -system_server } gatekeeper_service:service_manager find;
 neverallow { domain -gatekeeperd } gatekeeper_service:service_manager add;