diff --git a/sepolicy/ohos_policy/ability/ability_runtime/system/foundation.te b/sepolicy/ohos_policy/ability/ability_runtime/system/foundation.te
index 66630e9e5aaacec0f80d8149df5a451f08968456..ab787bb0fa05e91e43fe5e2f4a1d9a5e3c8aadaa 100644
--- a/sepolicy/ohos_policy/ability/ability_runtime/system/foundation.te
+++ b/sepolicy/ohos_policy/ability/ability_runtime/system/foundation.te
@@ -90,5 +90,7 @@ allowxperm foundation data_system_ce:file ioctl {  0xf50c  };
 allowxperm foundation dev_mali:chr_file ioctl {  0x8002  };
 allowxperm foundation sys_file:file ioctl {  0x5413  };
 allow foundation foundation:capability { sys_ptrace };
+allow foundation storage_manager:dir { search };
+allow foundation netmanager:binder { transfer };
 neverallow foundation *:process ptrace;
 
diff --git a/sepolicy/ohos_policy/communication/netmanager/system/netmanager.te b/sepolicy/ohos_policy/communication/netmanager/system/netmanager.te
index e1eacecffcecbe9a4b62284b057162f407fb1ce9..964dd606b67f5ab81fab21d61b1cc5760b7e8e4b 100644
--- a/sepolicy/ohos_policy/communication/netmanager/system/netmanager.te
+++ b/sepolicy/ohos_policy/communication/netmanager/system/netmanager.te
@@ -20,6 +20,7 @@ allow netmanager data_file:dir { remove_name rmdir search };
 allow netmanager data_init_agent:dir { search };
 allow netmanager data_init_agent:file { ioctl open read append };
 allow netmanager data_service_el1_file:dir { add_name create getattr ioctl lock open read remove_name rmdir search setattr unlink write };
+allow netmanager data_service_el1_file:dir { add_name create getattr ioctl lock open read remove_name search setattr unlink write rmdir };
 allow netmanager data_service_el1_file:file { append create getattr ioctl lock map open read setattr unlink write };
 allow netmanager data_service_file:dir { add_name create getattr ioctl lock open read remove_name search setattr unlink write };
 allow netmanager data_system:dir { add_name search write };
@@ -67,3 +68,5 @@ allowxperm netmanager netmanager:udp_socket ioctl { 0x8915 0x8916 0x891b 0x891c
 allowxperm netmanager netmanager:unix_dgram_socket ioctl { 0x8910 };
 allow netsysnative netmanager:fd { use };
 allow netsysnative netmanager:tcp_socket { read write bind getopt setopt connect };
+allow netmanager data_service_el1_file:file { rename };
+allow netmanager sa_foundation_appms:samgr_class { get };
\ No newline at end of file