diff --git a/priv_app.te b/priv_app.te
index 37764ebe5cb505661ff60077ab220593a013e948..ea2a8e8617b1a7c3df743cfe924b79aab9439226 100644
--- a/priv_app.te
+++ b/priv_app.te
@@ -42,6 +42,10 @@ allow priv_app media_rw_data_file:file create_file_perms;
 allow priv_app shell_data_file:file r_file_perms;
 allow priv_app shell_data_file:dir r_dir_perms;
 
+# Allow verifier to access staged apks.
+allow priv_app { apk_tmp_file apk_private_tmp_file }:dir r_dir_perms;
+allow priv_app { apk_tmp_file apk_private_tmp_file }:file r_file_perms;
+
 # b/18504118: Allow reads from /data/anr/traces.txt
 allow priv_app anr_data_file:file r_file_perms;
 
diff --git a/service.te b/service.te
index cc0bbbe446ba087d65d35806e87914c80b66f47f..c1772d45426837dceb8ad6104b491060fa919b13 100644
--- a/service.te
+++ b/service.te
@@ -24,7 +24,7 @@ type audio_service, app_api_service, system_server_service, service_manager_type
 type backup_service, app_api_service, system_server_service, service_manager_type;
 type batterystats_service, app_api_service, system_server_service, service_manager_type;
 type battery_service, system_server_service, service_manager_type;
-type bluetooth_manager_service, system_api_service, system_server_service, service_manager_type;
+type bluetooth_manager_service, app_api_service, system_server_service, service_manager_type;
 type cameraproxy_service, system_server_service, service_manager_type;
 type clipboard_service, app_api_service, system_server_service, service_manager_type;
 type IProxyService_service, system_api_service, system_server_service, service_manager_type;
@@ -87,7 +87,7 @@ type statusbar_service, app_api_service, system_server_service, service_manager_
 type task_service, system_server_service, service_manager_type;
 type textservices_service, app_api_service, system_server_service, service_manager_type;
 type telecom_service, app_api_service, system_server_service, service_manager_type;
-type trust_service, system_api_service, system_server_service, service_manager_type;
+type trust_service, app_api_service, system_server_service, service_manager_type;
 type tv_input_service, app_api_service, system_server_service, service_manager_type;
 type uimode_service, app_api_service, system_server_service, service_manager_type;
 type updatelock_service, system_api_service, system_server_service, service_manager_type;