diff --git a/sepolicy/common/hal_power_default.te b/sepolicy/common/hal_power_default.te
index dbf2d4a..59c0748 100644
--- a/sepolicy/common/hal_power_default.te
+++ b/sepolicy/common/hal_power_default.te
@@ -1 +1,4 @@
 allow hal_power_default sysfs_hal_pwr:file w_file_perms;
+allow hal_power_stats_default sysfs_iio:dir { search open r_dir_perms };
+allow hal_power_stats_default sysfs_iio:lnk_file r_file_perms;
+allow hal_power_stats_default sysfs_iio:file r_file_perms;
diff --git a/sepolicy/common/vold.te b/sepolicy/common/vold.te
index 548e81e..67b8167 100644
--- a/sepolicy/common/vold.te
+++ b/sepolicy/common/vold.te
@@ -11,7 +11,6 @@ allow vold {
     system_block_device
 }:blk_file getattr;
 
-allowxperm vold vold_device:blk_file ioctl 0x1271;
-allowxperm vold vold_device:blk_file ioctl BLKROGET;
+allowxperm vold vold_device:blk_file ioctl { BLKDISCARD BLKGETSIZE };
 
 dontaudit vold hal_bootctl_hwservice:hwservice_manager find;
diff --git a/sepolicy/private/blkid.te b/sepolicy/private/blkid.te
new file mode 100644
index 0000000..a2b911e
--- /dev/null
+++ b/sepolicy/private/blkid.te
@@ -0,0 +1 @@
+allow vold blkid_exec:file rx_file_perms;