diff --git a/sepolicy/ohos_policy/filemanagement/user_file_service/system/file_access_service.te b/sepolicy/ohos_policy/filemanagement/user_file_service/system/file_access_service.te
index 3eaa3e3f93c7a6118204ef7be1d99f9d0f6df445..7e7f535119f6147be0564f17863e2d623cc1781d 100644
--- a/sepolicy/ohos_policy/filemanagement/user_file_service/system/file_access_service.te
+++ b/sepolicy/ohos_policy/filemanagement/user_file_service/system/file_access_service.te
@@ -110,3 +110,10 @@ allow file_access_service hap_domain:binder { transfer };
 
 # avc:denied { getopt } for pid=6408,comm="/system/bin/sa_main" scontex=u:r:file_acccess_services:s0 tcontext=u:r:file_access_service:s0 tclass=unix_dgram_socket permissive=1
 allow file_access_service file_access_service:unix_dgram_socket { getopt setopt };
+allow file_access_service sa_foundation_cesfwk_service:samgr_class { get };
+allow file_access_service data_service_file:dir { search };
+allow file_access_service data_service_el1_file:dir { create open read write add_name remove_name search };
+allow file_access_service data_service_el1_file:file { append create getattr lock map open read write unlink };
+allow file_access_service data_user_file:dir { getattr search };
+allow file_access_service data_service_el2_file:dir { search };
+allow file_access_service data_service_el2_hmdfs:dir { search };