diff --git a/sepolicy/vendor/attributes b/sepolicy/vendor/attributes
new file mode 100644
index 0000000..d6fedfa
--- /dev/null
+++ b/sepolicy/vendor/attributes
@@ -0,0 +1,3 @@
+attribute hal_dms;
+attribute hal_dms_client;
+attribute hal_dms_server;
diff --git a/sepolicy/vendor/file_contexts b/sepolicy/vendor/file_contexts
index 529f5a0..6717f40 100644
--- a/sepolicy/vendor/file_contexts
+++ b/sepolicy/vendor/file_contexts
@@ -137,3 +137,6 @@
 
 # Files in fsg
 /fsg(/.*)?               u:object_r:fsg_file:s0
+
+# Dolby
+/(vendor|system/vendor)/bin/hw/vendor\.dolby\.hardware\.dms@1\.0-service                     u:object_r:hal_dms_default_exec:s0
diff --git a/sepolicy/vendor/hal_audio_default.te b/sepolicy/vendor/hal_audio_default.te
index 7cfdfc7..1e809ef 100644
--- a/sepolicy/vendor/hal_audio_default.te
+++ b/sepolicy/vendor/hal_audio_default.te
@@ -1,3 +1,7 @@
 allow hal_audio_default sysfs:dir {open read };
 get_prop(hal_audio_default, dirac_prop)
 set_prop(hal_audio_default, dirac_prop)
+
+# Dolby
+allow hal_audio_default hal_dms_default:binder { transfer call };
+allow hal_audio_default hal_dms_hwservice:hwservice_manager find;
diff --git a/sepolicy/vendor/hal_dms.te b/sepolicy/vendor/hal_dms.te
new file mode 100644
index 0000000..3611554
--- /dev/null
+++ b/sepolicy/vendor/hal_dms.te
@@ -0,0 +1,5 @@
+binder_call(hal_dms_client, hal_dms_server)
+binder_call(hal_dms_server, hal_dms_client)
+
+add_hwservice(hal_dms_server, hal_dms_hwservice)
+allow hal_dms_client hal_dms_hwservice:hwservice_manager find; 
diff --git a/sepolicy/vendor/hal_dms_default.te b/sepolicy/vendor/hal_dms_default.te
new file mode 100644
index 0000000..ce3c360
--- /dev/null
+++ b/sepolicy/vendor/hal_dms_default.te
@@ -0,0 +1,13 @@
+type hal_dms_default, domain;
+hal_server_domain(hal_dms_default, hal_dms)
+
+type hal_dms_default_exec, exec_type, vendor_file_type, file_type;
+init_daemon_domain(hal_dms_default)
+
+allow hal_dms_default hal_audio_default:binder call;
+allow hal_dms_default platform_app:binder call;
+allow hal_dms_default vendor_data_file:file { rw_file_perms create };
+allow hal_dms_default vendor_data_file:dir { rw_file_perms add_name };
+
+allow hal_dms_default vendor_media_data_file:dir { add_name remove_name read write search open };
+allow hal_dms_default vendor_media_data_file:file { read write open create ioctl getattr lock unlink };
diff --git a/sepolicy/vendor/hwservice.te b/sepolicy/vendor/hwservice.te
new file mode 100644
index 0000000..da673be
--- /dev/null
+++ b/sepolicy/vendor/hwservice.te
@@ -0,0 +1 @@
+type hal_dms_hwservice, hwservice_manager_type;
diff --git a/sepolicy/vendor/hwservice_contexts b/sepolicy/vendor/hwservice_contexts
index 4ef660c..1a244a2 100644
--- a/sepolicy/vendor/hwservice_contexts
+++ b/sepolicy/vendor/hwservice_contexts
@@ -3,3 +3,5 @@ vendor.nxp.nxpnfc::INxpNfc                                       u:object_r:hal_
 
 motorola.hardware.camera.provider::ICameraProvider               u:object_r:hal_camera_hwservice:s0
 motorola.hardware.mods_camera.provider::ICameraProvider          u:object_r:hal_camera_hwservice:s0
+
+vendor.dolby.hardware.dms::IDms                                                   u:object_r:hal_dms_hwservice:s0
diff --git a/sepolicy/vendor/init.te b/sepolicy/vendor/init.te
index bd78335..db463ce 100644
--- a/sepolicy/vendor/init.te
+++ b/sepolicy/vendor/init.te
@@ -64,3 +64,7 @@ allow init sysfs:file setattr;
 allow init system_file:dir relabelfrom;
 allow init shell_exec:file execute_no_trans;
 allow init system_file:file relabelfrom;
+
+allow init vendor_data_file:file lock;
+allow init hal_audio_default:binder call;
+allow init platform_app:binder call;
diff --git a/sepolicy/vendor/platform_app.te b/sepolicy/vendor/platform_app.te
index 5dee295..f848ac0 100644
--- a/sepolicy/vendor/platform_app.te
+++ b/sepolicy/vendor/platform_app.te
@@ -5,3 +5,7 @@ allow platform_app rootfs:dir getattr;
 allow platform_app init:unix_stream_socket { read write };
 allow platform_app hal_sensors_default:unix_stream_socket { read write };
 allow platform_app vendor_file:file getattr;
+
+allow platform_app hal_dms_hwservice:hwservice_manager find;
+allow platform_app hal_dms_default:binder { call transfer };
+allow platform_app sysfs_kgsl:lnk_file read;
diff --git a/sepolicy/vendor/property.te b/sepolicy/vendor/property.te
index 68c63c3..e27c047 100644
--- a/sepolicy/vendor/property.te
+++ b/sepolicy/vendor/property.te
@@ -10,3 +10,6 @@ type wcnss_prop, property_type;
 type dirac_prop, property_type;
 # Spectrum
 type spectrum_prop, property_type;
+
+# Dolby
+type vendor_dolby_loglevel_prop, property_type;
diff --git a/sepolicy/vendor/property_contexts b/sepolicy/vendor/property_contexts
index 6c8da52..303c343 100644
--- a/sepolicy/vendor/property_contexts
+++ b/sepolicy/vendor/property_contexts
@@ -7,3 +7,5 @@ sys.listeners.registered           u:object_r:tee_listener_prop:s0
 persist.audio.dirac.               u:object_r:dirac_prop:s0
 # Spectrum
 persist.spectrum.profile           u:object_r:spectrum_prop:s0
+
+persist.vendor.dolby.loglevel      u:object_r:vendor_dolby_loglevel_prop:s0