diff --git a/camera/sepolicy/hal_camera_default.te b/camera/sepolicy/hal_camera_default.te
index 35eea3c..62eef4a 100644
--- a/camera/sepolicy/hal_camera_default.te
+++ b/camera/sepolicy/hal_camera_default.te
@@ -1,4 +1,6 @@
 allow hal_camera_default vendor_camera_binder_service:service_manager find;
+# Allow Lyric Hal to find the LyricConfigProvider service through ServiceManager.
+allow hal_camera_default vendor_camera_lyricconfigprovider_service:service_manager find;
 
 allow hal_camera_default hal_pixel_remote_camera_service:service_manager find;
 
diff --git a/camera/sepolicy/seapp_contexts b/camera/sepolicy/seapp_contexts
index 9059600..f956929 100644
--- a/camera/sepolicy/seapp_contexts
+++ b/camera/sepolicy/seapp_contexts
@@ -1,5 +1,7 @@
 # Pixel PeristentBackgroundCameraServices
 user=system seinfo=platform name=com.google.pixel.camera.services domain=vendor_pbcs_app type=system_app_data_file levelFrom=all
+# The :* will allow all services, which run in their own processes, to use the same vendor_pbcs_app domain.
+user=system seinfo=platform name=com.google.pixel.camera.services:* domain=vendor_pbcs_app type=system_app_data_file levelFrom=all
 
 # Pixel Camera Services
 user=_app seinfo=CameraServices name=com.google.android.apps.camera.services domain=vendor_pcs_app type=app_data_file levelFrom=all
diff --git a/camera/sepolicy/service.te b/camera/sepolicy/service.te
index 4a2dcbb..330c7ff 100644
--- a/camera/sepolicy/service.te
+++ b/camera/sepolicy/service.te
@@ -1,3 +1,5 @@
 type vendor_camera_binder_service, hal_service_type, protected_service, service_manager_type;
 
 type hal_pixel_remote_camera_service, hal_service_type, protected_service, service_manager_type;
+
+type vendor_camera_lyricconfigprovider_service, hal_service_type, protected_service, service_manager_type;
diff --git a/camera/sepolicy/service_contexts b/camera/sepolicy/service_contexts
index 5ea067f..bec3402 100644
--- a/camera/sepolicy/service_contexts
+++ b/camera/sepolicy/service_contexts
@@ -1,3 +1,5 @@
 com.google.pixel.camera.services.binder.IServiceBinder/default u:object_r:vendor_camera_binder_service:s0
 
 com.google.pixel.camera.connectivity.hal.provider.ICameraProvider/default u:object_r:hal_pixel_remote_camera_service:s0
+
+com.google.pixel.camera.services.lyricconfigprovider.ILyricConfigProvider/default u:object_r:vendor_camera_lyricconfigprovider_service:s0
diff --git a/camera/sepolicy/vendor_pbcs_app.te b/camera/sepolicy/vendor_pbcs_app.te
index 1ee663f..1a3a0ef 100644
--- a/camera/sepolicy/vendor_pbcs_app.te
+++ b/camera/sepolicy/vendor_pbcs_app.te
@@ -6,6 +6,9 @@ dontaudit vendor_pbcs_app system_app_data_file:dir *;
 
 allow vendor_pbcs_app app_api_service:service_manager find;
 
-allow vendor_pbcs_app vendor_camera_binder_service:service_manager add;
+# Allow PBCS to add the ServiceBinder service to ServiceManager.
+add_service(vendor_pbcs_app, vendor_camera_binder_service);
+# Allow PBCS to add the LyricConfigProvider service to ServiceManager.
+add_service(vendor_pbcs_app, vendor_camera_lyricconfigprovider_service);
 
 binder_call(vendor_pbcs_app, hal_camera_default);