diff --git a/sepolicy/ohos_policy/communication/netmanager/system/foundation.te b/sepolicy/ohos_policy/communication/netmanager/system/foundation.te
index 77438289d0bddba411b1d72c9db93c0492f0aa46..11c05223dbacf90439ada83846c89365c1dbf088 100644
--- a/sepolicy/ohos_policy/communication/netmanager/system/foundation.te
+++ b/sepolicy/ohos_policy/communication/netmanager/system/foundation.te
@@ -12,4 +12,5 @@
 # limitations under the License.
 
 allow foundation netmanager:binder { call };
+allow foundation netsysnative:binder { call };
 
diff --git a/sepolicy/ohos_policy/communication/netmanager/system/netsysnative.te b/sepolicy/ohos_policy/communication/netmanager/system/netsysnative.te
index b563bc43bd7c732a8bd429b8242084875a3e18cd..d757b3c5e7493dc24849f9696c43e8a9d0fb8e47 100644
--- a/sepolicy/ohos_policy/communication/netmanager/system/netsysnative.te
+++ b/sepolicy/ohos_policy/communication/netmanager/system/netsysnative.te
@@ -35,11 +35,14 @@ allow netsysnative netsysnative:netlink_kobject_uevent_socket { listen };
 allow netsysnative system_bin_file:lnk_file { read };
 allow netsysnative accessibility_param:file { read open map };
 allow netsysnative data_service_file:dir { search };
-allow netsysnative data_service_el1_file:dir { search write add_name };
-allow netsysnative data_service_el1_file:file { create write open ioctl read };
+allow netsysnative data_service_el1_file:dir { search write add_name create remove_name };
+allow netsysnative data_service_el1_file:file { create write open ioctl read getattr setattr unlink lock };
 allow netsysnative fwmark_service:sock_file { create unlink setattr write };
 allow netsysnative dnsproxy_service:sock_file { create unlink setattr };
 allow netsysnative netsysnative:process { setfscreate };
+allow netsysnative netsysnative:packet_socket { create bind write read };
+allow netsysnative sa_foundation_cesfwk_service:samgr_class { get };
+allow netsysnative foundation:binder { call transfer };
 allow netsysnative normal_hap_attr:fd { use };
 allow netsysnative normal_hap_attr:tcp_socket { read write getopt setopt };
 allow netsysnative normal_hap_attr:unix_dgram_socket { read write getopt setopt };