diff --git a/dhcp.te b/dhcp.te
new file mode 100644
index 0000000000000000000000000000000000000000..b596479e31ba8d52ad8720a0d8405a4e9a32d491
--- /dev/null
+++ b/dhcp.te
@@ -0,0 +1,22 @@
+type dhcp, domain;
+type dhcp_exec, exec_type, file_type;
+type dhcp_data_file, file_type, data_file_type;
+type dhcp_system_file, file_type, data_file_type;
+
+init_daemon_domain(dhcp)
+
+allow dhcp cgroup:dir { create add_name };
+allow dhcp self:capability { setgid setuid net_admin net_raw };
+allow dhcp self:packet_socket { create setopt bind write read };
+allow dhcp self:netlink_route_socket { write nlmsg_write read create bind };
+allow dhcp self:udp_socket { create ioctl };
+allow dhcp shell_exec:file { read open execute };
+allow dhcp proc:file write;
+allow dhcp property_socket:sock_file write ;
+allow dhcp system_prop:property_service set ;
+allow dhcp dhcp_system_file:file rx_file_perms;
+allow dhcp dhcp_system_file:dir r_dir_perms;
+unix_socket_connect(dhcp, property, init)
+
+type_transition dhcp system_data_file:{ dir file } dhcp_data_file;
+allow dhcp dhcp_data_file:dir { write add_name search };
diff --git a/file_contexts b/file_contexts
index ecf6e2222c6b9c21e541c1621851ee07ae538c23..77e0875bc0dd7da72548f85a4ae435c21a7d3924 100644
--- a/file_contexts
+++ b/file_contexts
@@ -102,6 +102,8 @@
 /system/bin/wpa_supplicant	u:object_r:wpa_exec:s0
 /system/bin/qemud	u:object_r:qemud_exec:s0
 /system/bin/sdcard      u:object_r:sdcardd_exec:s0
+/system/bin/dhcpcd      u:object_r:dhcp_exec:s0
+/system/etc/dhcpcd(/.*)? u:object_r:dhcp_system_file:s0
 /system/xbin/su		u:object_r:su_exec:s0
 /system/vendor/bin/gpsd u:object_r:gpsd_exec:s0
 #############################
@@ -124,6 +126,7 @@
 /data/misc/systemkeys(/.*)?	u:object_r:systemkeys_data_file:s0
 /data/misc/wifi(/.*)?		u:object_r:wifi_data_file:s0
 /data/misc/camera(/.*)?	u:object_r:camera_calibration_file:s0
+/data/misc/dhcp(/.*)?           u:object_r:dhcp_data_file:s0
 # App sandboxes
 /data/data/.*		u:object_r:app_data_file:s0
 # Wallpaper file.