diff --git a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp
index 4e45faf9d6614caf4cc66f4e4f80ada3d8265e3a..33f7db7ea3f6f72fb3d3201ae419301f8032c909 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp
@@ -2191,7 +2191,7 @@ HWTEST_F(AccessTokenKitTest, GetSelfPermissionsState001, TestSize.Level1)
     };
     permsList1.emplace_back(perm5);
     ret = AccessTokenKit::GetSelfPermissionsState(permsList1);
-    ASSERT_EQ(DYNAMIC_OPER, permsList1[0].state);
+    ASSERT_EQ(INVALID_OPER, permsList1[4].state);
     ASSERT_EQ(DYNAMIC_OPER, ret);
 
     std::vector<PermissionListState> permsList2;
@@ -2201,6 +2201,19 @@ HWTEST_F(AccessTokenKitTest, GetSelfPermissionsState001, TestSize.Level1)
     ASSERT_EQ(SETTING_OPER, permsList2[0].state);
     ASSERT_EQ(PASS_OPER, permsList2[1].state);
     ASSERT_EQ(PASS_OPER, ret);
+
+    permsList2.emplace_back(perm5);
+    ret = AccessTokenKit::GetSelfPermissionsState(permsList2);
+    ASSERT_EQ(SETTING_OPER, permsList2[0].state);
+    ASSERT_EQ(PASS_OPER, permsList2[1].state);
+    ASSERT_EQ(INVALID_OPER, permsList2[2].state);
+    ASSERT_EQ(PASS_OPER, ret);
+
+    std::vector<PermissionListState> permsList3;
+    permsList3.emplace_back(perm5);
+    ret = AccessTokenKit::GetSelfPermissionsState(permsList3);
+    ASSERT_EQ(INVALID_OPER, permsList3[0].state);
+    ASSERT_EQ(PASS_OPER, ret);
 }
 
 /**
diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp
index c6de37ecf2a420e5c4ffa680827693ccd507fbdf..88c2404e9a84f5a0ebea7ca303ef4e385000f367 100644
--- a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp
+++ b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp
@@ -205,6 +205,8 @@ void PermissionManager::GetSelfPermissionState(std::vector<PermissionStateFull>
     int32_t goalGrantFlags;
     for (auto& perm : permsList) {
         if (perm.permissionName == permState.permissionName) {
+            ACCESSTOKEN_LOG_INFO(LABEL,
+                "find goal permission: %{public}s!", permState.permissionName.c_str());
             foundGoal = true;
             goalGrantStatus = perm.grantStatus[0];
             goalGrantFlags = perm.grantFlags[0];
@@ -214,7 +216,13 @@ void PermissionManager::GetSelfPermissionState(std::vector<PermissionStateFull>
     if (foundGoal == false) {
         ACCESSTOKEN_LOG_WARN(LABEL,
             "can not find permission: %{public}s define!", permState.permissionName.c_str());
-        permState.state = DYNAMIC_OPER;
+        permState.state = INVALID_OPER;
+        return;
+    }
+    if (!PermissionDefinitionCache::GetInstance().HasDefinition(permState.permissionName)) {
+        ACCESSTOKEN_LOG_WARN(LABEL,
+            "no definition for permission: %{public}s!", permState.permissionName.c_str());
+        permState.state = INVALID_OPER;
         return;
     }
 
diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp
index 70445c5e4bed532a4cb8296fd233baded59fe617..2607d550ffca9c5723b74d7b99766773a599b634 100644
--- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp
+++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp
@@ -139,14 +139,18 @@ PermissionOper AccessTokenManagerService::GetSelfPermissionsState(
 
     bool needRes = false;
     std::vector<PermissionStateFull> permsList;
-    int ret = PermissionManager::GetInstance().GetReqPermissions(callingTokenID, permsList, false);
-    if (ret != RET_SUCCESS) {
+    int retUserGrant = PermissionManager::GetInstance().GetReqPermissions(callingTokenID, permsList, false);
+    int retSysGrant = PermissionManager::GetInstance().GetReqPermissions(callingTokenID, permsList, true);
+    if ((retSysGrant != RET_SUCCESS) || (retUserGrant != RET_SUCCESS)) {
+        ACCESSTOKEN_LOG_ERROR(LABEL,
+            "GetReqPermissions failed, retUserGrant:%{public}d, retSysGrant:%{public}d",
+            retUserGrant, retSysGrant);
         return INVALID_OPER;
     }
 
-    int32_t size = reqPermList.size();
+    uint32_t size = reqPermList.size();
     ACCESSTOKEN_LOG_INFO(LABEL, "reqPermList size: 0x%{public}x", size);
-    for (int32_t i = 0; i < size; i++) {
+    for (uint32_t i = 0; i < size; i++) {
         PermissionManager::GetInstance().GetSelfPermissionState(
             permsList, reqPermList[i].permsState);
         if (reqPermList[i].permsState.state == DYNAMIC_OPER) {