diff --git a/.gitee/PULL_REQUEST_TEMPLATE.zh-CN.md b/.gitee/PULL_REQUEST_TEMPLATE.zh-CN.md
index 34c0efe84d7536ab5b5b9db06d2720d99dea05dd..77d3a2ac9b9faafaa873a5937ecde6ca9ea233e2 100644
--- a/.gitee/PULL_REQUEST_TEMPLATE.zh-CN.md
+++ b/.gitee/PULL_REQUEST_TEMPLATE.zh-CN.md
@@ -9,6 +9,13 @@
 
 3、手工用例（自验证步骤/预期结果/实际结果）:
 
+### 权限合入自检：
+- [ ] 是否需要合入权限定义
+    - [ ] 仅向系统服务开放的权限（availableType为SERVICE的权限）不允许合入global_system_resources仓
+    - [ ] 非SERVICE的权限与global_system_resources联合构建，即两笔pr关联同一个issue
+    - [ ] 填入必要参数name/grantMode/availableLevel/since/provisionEnable/distributedSceneEnable， 且与global_system_resources中声明（如果有）一致
+    - [ ] 声明权限生效的设备平台范围deviceTypes，以列表方式声明("deviceTypes" : [ "xxx", "xxx"])，权限在所有设备通用为"general"，非全平台生效按需填写，包括但不限于"phone"、"wearable"、"tablet"、"2in1"、"tv"、"car"
+
 ### 安全编码自检：
 - [ ] 裸指针避免通过隐式转换构造为sptr
 - [ ] json对象在取值之前必须先判断类型，避免类型不匹配
diff --git a/BUILD.gn b/BUILD.gn
index 1d7cc5cdf6fa0f713e3e387ee994035e87ae47ef..da01e997332026566518f290820bbedfb48fb0d7 100644
--- a/BUILD.gn
+++ b/BUILD.gn
@@ -29,6 +29,7 @@ group("accesstoken_build_module_test") {
       "interfaces/innerkits/token_setproc/test:unittest",
       "services/accesstokenmanager/test:unittest",
       "services/common/database/test:unittest",
+      "services/common/json_parse/test:unittest"
     ]
     if (ability_base_enable == true) {
       deps += [
diff --git a/access_token.gni b/access_token.gni
index d62e2c4a4b363d44f82ee9dd9b40512174681eaa..303cfde59a7f59bcd957c06437f49a43a71ceda1 100644
--- a/access_token.gni
+++ b/access_token.gni
@@ -21,6 +21,9 @@ module_output_path_interface_access_token =
 module_output_path_service_privacy = "access_token/access_token/service_privacy"
 module_output_path_service_access_token =
     "access_token/access_token/service_access_token"
+module_output_path_unittest_accesstoken = "access_token/access_token"
+module_output_path_unittest_privacy = "access_token/privacy"
+
 VENDOR_CONFIG_PATH = rebase_path(
         "//vendor/${product_company}/${product_name}/base/security/access_token/access_token_impl.gni")
 CMD = "if [ -f ${VENDOR_CONFIG_PATH} ]; then echo true; else echo false; fi"
@@ -98,13 +101,6 @@ if (!defined(global_parts_info) ||
   security_component_enhance_enable = false
 }
 
-if (!defined(global_parts_info) ||
-    defined(global_parts_info.resourceschedule_ffrt)) {
-  resourceschedule_ffrt_enable = true
-} else {
-  resourceschedule_ffrt_enable = false
-}
-
 if (!defined(global_parts_info) ||
     defined(global_parts_info.customization_config_policy)) {
   customization_config_policy_enable = true
diff --git a/bundle.json b/bundle.json
index 9a569db586553ce268493299cd781be24b951201..f98e6ef958c31ca975c3b74d70b9750ff01167c8 100644
--- a/bundle.json
+++ b/bundle.json
@@ -41,7 +41,6 @@
         "device_manager",
         "dsoftbus",
         "eventhandler",
-        "ffrt",
         "hicollie",
         "hisysevent",
         "hitrace",
diff --git a/frameworks/accesstoken/BUILD.gn b/frameworks/accesstoken/BUILD.gn
index 905cf97537af37433da66c892757cf3a9c615565..122215ae516e61fe825f1bfb1a85edc4f71656d4 100644
--- a/frameworks/accesstoken/BUILD.gn
+++ b/frameworks/accesstoken/BUILD.gn
@@ -55,13 +55,18 @@ ohos_shared_library("accesstoken_communication_adapter_cxx") {
     "src/hap_token_info_for_sync_parcel.cpp",
     "src/hap_token_info_parcel.cpp",
     "src/native_token_info_parcel.cpp",
+    "src/perm_state_change_scope_parcel.cpp",
     "src/permission_def_parcel.cpp",
     "src/permission_grant_info_parcel.cpp",
     "src/permission_list_state_parcel.cpp",
     "src/permission_state_change_info_parcel.cpp",
-    "src/permission_state_change_scope_parcel.cpp",
     "src/permission_status_parcel.cpp",
   ]
 
   external_deps = [ "c_utils:utils" ]
+
+  if (security_component_enhance_enable) {
+    sources += [ "src/sec_comp_enhance_data_parcel.cpp" ]
+    external_deps += [ "ipc:ipc_single" ]
+  }
 }
diff --git a/frameworks/accesstoken/include/accesstoken_service_ipc_interface_code.h b/frameworks/accesstoken/include/accesstoken_service_ipc_interface_code.h
index 07d0e107b261d2a3c78b13f9a124d622e8ffc1c1..1faa90993f672d0654b24438855a9e8fd02a0a3f 100644
--- a/frameworks/accesstoken/include/accesstoken_service_ipc_interface_code.h
+++ b/frameworks/accesstoken/include/accesstoken_service_ipc_interface_code.h
@@ -67,7 +67,6 @@ enum class AccessTokenInterfaceCode {
     DUMP_PERM_DEFINITION_INFO,
     GET_VERSION,
     GET_PERMISSION_MANAGER_INFO,
-    GET_NATIVE_TOKEN_NAME,
     INIT_USER_POLICY,
     UPDATE_USER_POLICY,
     CLEAR_USER_POLICY,
diff --git a/frameworks/accesstoken/include/i_accesstoken_manager.h b/frameworks/accesstoken/include/i_accesstoken_manager.h
deleted file mode 100644
index 22709473ae9dc8e916febd58dd587019534850fd..0000000000000000000000000000000000000000
--- a/frameworks/accesstoken/include/i_accesstoken_manager.h
+++ /dev/null
@@ -1,126 +0,0 @@
-/*
- * Copyright (c) 2021-2024 Huawei Device Co., Ltd.
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef I_ACCESSTOKEN_MANAGER_H
-#define I_ACCESSTOKEN_MANAGER_H
-
-#include <string>
-#include <unordered_set>
-
-#include "access_token.h"
-#include "accesstoken_service_ipc_interface_code.h"
-#include "atm_tools_param_info_parcel.h"
-#include "errors.h"
-#include "hap_base_info_parcel.h"
-#include "hap_info_parcel.h"
-#include "hap_policy_parcel.h"
-#include "hap_token_info_for_sync_parcel.h"
-#include "hap_token_info_parcel.h"
-#include "iremote_broker.h"
-#include "i_permission_state_callback.h"
-#include "native_token_info_parcel.h"
-#include "permission_def_parcel.h"
-#include "permission_grant_info_parcel.h"
-#include "permission_list_state_parcel.h"
-#include "permission_status_parcel.h"
-#include "permission_state_change_scope_parcel.h"
-#include "system_ability_definition.h"
-
-namespace OHOS {
-namespace Security {
-namespace AccessToken {
-class IAccessTokenManager : public IRemoteBroker {
-public:
-    static const int SA_ID_ACCESSTOKEN_MANAGER_SERVICE = ACCESS_TOKEN_MANAGER_SERVICE_ID;
-
-    DECLARE_INTERFACE_DESCRIPTOR(u"ohos.security.accesstoken.IAccessTokenManager");
-
-    virtual PermUsedTypeEnum GetPermissionUsedType(
-        AccessTokenID tokenID, const std::string& permissionName) = 0;
-    virtual int VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName) = 0;
-    virtual int VerifyAccessToken(AccessTokenID tokenID,
-        const std::vector<std::string>& permissionList, std::vector<int32_t>& permStateList) = 0;
-    virtual int GetDefPermission(const std::string& permissionName, PermissionDefParcel& permissionDefResult) = 0;
-    virtual int GetReqPermissions(
-        AccessTokenID tokenID, std::vector<PermissionStatusParcel>& reqPermList, bool isSystemGrant) = 0;
-    virtual int GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName, uint32_t& flag) = 0;
-    virtual int32_t SetPermissionRequestToggleStatus(const std::string& permissionName, uint32_t status,
-        int32_t userID = 0) = 0;
-    virtual int32_t GetPermissionRequestToggleStatus(const std::string& permissionName, uint32_t& status,
-        int32_t userID = 0) = 0;
-    virtual int32_t RequestAppPermOnSetting(AccessTokenID tokenID) = 0;
-    virtual PermissionOper GetSelfPermissionsState(std::vector<PermissionListStateParcel>& permListParcel,
-        PermissionGrantInfoParcel& infoParcel) = 0;
-    virtual int32_t GetPermissionsStatus(
-        AccessTokenID tokenID, std::vector<PermissionListStateParcel>& permListParcel) = 0;
-    virtual int GrantPermission(AccessTokenID tokenID, const std::string& permissionName, uint32_t flag) = 0;
-    virtual int RevokePermission(AccessTokenID tokenID, const std::string& permissionName, uint32_t flag) = 0;
-    virtual int GrantPermissionForSpecifiedTime(
-        AccessTokenID tokenID, const std::string& permissionName, uint32_t onceTime) = 0;
-    virtual int ClearUserGrantedPermissionState(AccessTokenID tokenID) = 0;
-    virtual AccessTokenIDEx AllocHapToken(const HapInfoParcel& hapInfo, const HapPolicyParcel& policyParcel) = 0;
-    virtual int32_t InitHapToken(const HapInfoParcel& info, HapPolicyParcel& policy,
-        AccessTokenIDEx& fullTokenId, HapInfoCheckResult& result) = 0;
-    virtual int DeleteToken(AccessTokenID tokenID) = 0;
-    virtual int GetTokenType(AccessTokenID tokenID) = 0;
-    virtual AccessTokenIDEx GetHapTokenID(int32_t userID, const std::string& bundleName, int32_t instIndex) = 0;
-    virtual AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID) = 0;
-    virtual int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfoParcel& nativeTokenInfoRes) = 0;
-    virtual int32_t GetTokenIDByUserID(int32_t userID, std::unordered_set<AccessTokenID>& tokenIdList) = 0;
-    virtual int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfoParcel& hapTokenInfoRes) = 0;
-    virtual int32_t UpdateHapToken(AccessTokenIDEx& tokenIdEx, const UpdateHapInfoParams& info,
-        const HapPolicyParcel& policyParcel, HapInfoCheckResult& result) = 0;
-    virtual int32_t RegisterPermStateChangeCallback(
-        const PermStateChangeScopeParcel& scope, const sptr<IRemoteObject>& callback) = 0;
-    virtual int32_t UnRegisterPermStateChangeCallback(const sptr<IRemoteObject>& callback) = 0;
-    virtual int32_t RegisterSelfPermStateChangeCallback(const PermStateChangeScopeParcel& scope,
-        const sptr<IRemoteObject>& callback) = 0;
-    virtual int32_t UnRegisterSelfPermStateChangeCallback(const sptr<IRemoteObject>& callback) = 0;
-#ifndef ATM_BUILD_VARIANT_USER_ENABLE
-    virtual int32_t ReloadNativeTokenInfo() = 0;
-#endif
-    virtual int GetHapTokenInfoExtension(AccessTokenID tokenID,
-        HapTokenInfoParcel& hapTokenInfoRes, std::string& appID) = 0;
-    virtual AccessTokenID GetNativeTokenId(const std::string& processName) = 0;
-
-#ifdef TOKEN_SYNC_ENABLE
-    virtual int GetHapTokenInfoFromRemote(AccessTokenID tokenID,
-        HapTokenInfoForSyncParcel& hapSyncParcel) = 0;
-    virtual int SetRemoteHapTokenInfo(const std::string& deviceID,
-        HapTokenInfoForSyncParcel& hapSyncParcel) = 0;
-    virtual int DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID) = 0;
-    virtual AccessTokenID GetRemoteNativeTokenID(const std::string& deviceID, AccessTokenID tokenID) = 0;
-    virtual int DeleteRemoteDeviceTokens(const std::string& deviceID)  = 0;
-    virtual int32_t RegisterTokenSyncCallback(const sptr<IRemoteObject>& callback) = 0;
-    virtual int32_t UnRegisterTokenSyncCallback() = 0;
-#endif
-    virtual int32_t GetKernelPermissions(
-        AccessTokenID tokenId, std::vector<PermissionWithValue>& kernelPermList) = 0;
-    virtual int32_t GetReqPermissionByName(
-        AccessTokenID tokenId, const std::string& permissionName, std::string& value) = 0;
-    virtual int SetPermDialogCap(const HapBaseInfoParcel& hapBaseInfoParcel, bool enable) = 0;
-    virtual int32_t InitUserPolicy(
-        const std::vector<UserState>& userList, const std::vector<std::string>& permList) = 0;
-    virtual int32_t UpdateUserPolicy(const std::vector<UserState>& userList) = 0;
-    virtual int32_t ClearUserPolicy() = 0;
-    virtual void DumpTokenInfo(const AtmToolsParamInfoParcel& infoParcel, std::string& tokenInfo) = 0;
-    virtual int32_t GetVersion(uint32_t& version) = 0;
-    virtual void GetPermissionManagerInfo(PermissionGrantInfoParcel& infoParcel) = 0;
-};
-} // namespace AccessToken
-} // namespace Security
-} // namespace OHOS
-
-#endif // I_ACCESSTOKEN_MANAGER_H
diff --git a/frameworks/accesstoken/include/permission_state_change_scope_parcel.h b/frameworks/accesstoken/include/perm_state_change_scope_parcel.h
similarity index 95%
rename from frameworks/accesstoken/include/permission_state_change_scope_parcel.h
rename to frameworks/accesstoken/include/perm_state_change_scope_parcel.h
index e1988a8f27bcc112fa80722991116954c28122eb..b6807c499cedbd072ea0d2fe7d59460991679cf6 100644
--- a/frameworks/accesstoken/include/permission_state_change_scope_parcel.h
+++ b/frameworks/accesstoken/include/perm_state_change_scope_parcel.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Copyright (c) 2022-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
diff --git a/frameworks/privacy/include/sec_comp_enhance_data_parcel.h b/frameworks/accesstoken/include/sec_comp_enhance_data_parcel.h
similarity index 100%
rename from frameworks/privacy/include/sec_comp_enhance_data_parcel.h
rename to frameworks/accesstoken/include/sec_comp_enhance_data_parcel.h
diff --git a/frameworks/accesstoken/src/hap_info_parcel.cpp b/frameworks/accesstoken/src/hap_info_parcel.cpp
index bac45bdb64d03a83769a46e9d46e0f4758580709..3025e37775cacde1ba4977f4cb718692723d5053 100644
--- a/frameworks/accesstoken/src/hap_info_parcel.cpp
+++ b/frameworks/accesstoken/src/hap_info_parcel.cpp
@@ -33,6 +33,7 @@ bool HapInfoParcel::Marshalling(Parcel& out) const
     if (this->hapInfoParameter.isRestore) {
         RETURN_IF_FALSE(out.WriteUint32(this->hapInfoParameter.tokenID));
     }
+    RETURN_IF_FALSE(out.WriteBool(this->hapInfoParameter.isAtomicService));
     return true;
 }
 
@@ -54,6 +55,7 @@ HapInfoParcel* HapInfoParcel::Unmarshalling(Parcel& in)
     if (hapInfoParcel->hapInfoParameter.isRestore) {
         RELEASE_IF_FALSE(in.ReadUint32(hapInfoParcel->hapInfoParameter.tokenID), hapInfoParcel);
     }
+    RELEASE_IF_FALSE(in.ReadBool(hapInfoParcel->hapInfoParameter.isAtomicService), hapInfoParcel);
     return hapInfoParcel;
 }
 } // namespace AccessToken
diff --git a/frameworks/accesstoken/src/hap_policy_parcel.cpp b/frameworks/accesstoken/src/hap_policy_parcel.cpp
index d986206765a77800717f50cc98d54ef45f782af1..b80c7044f997ed4cc5bdaabaa8d710db68583eae 100644
--- a/frameworks/accesstoken/src/hap_policy_parcel.cpp
+++ b/frameworks/accesstoken/src/hap_policy_parcel.cpp
@@ -75,6 +75,35 @@ bool HapPolicyParcel::Marshalling(Parcel& out) const
     return true;
 }
 
+static bool ReadLeftHapPolicyParcel(Parcel& in, HapPolicyParcel* hapPolicyParcel)
+{
+    uint32_t infoSize;
+    RETURN_IF_FALSE(in.ReadUint32(infoSize));
+    RETURN_IF_FALSE((infoSize <= MAX_PERMLIST_SIZE));
+    for (uint32_t i = 0; i < infoSize; i++) {
+        PreAuthorizationInfo info;
+        RETURN_IF_FALSE(in.ReadString(info.permissionName));
+        RETURN_IF_FALSE(in.ReadBool(info.userCancelable));
+        hapPolicyParcel->hapPolicy.preAuthorizationInfo.emplace_back(info);
+    }
+    int32_t checkIgnore;
+    RETURN_IF_FALSE(in.ReadInt32(checkIgnore));
+    hapPolicyParcel->hapPolicy.checkIgnore = HapPolicyCheckIgnore(checkIgnore);
+
+    uint32_t extSize;
+    RETURN_IF_FALSE(in.ReadUint32(extSize));
+    RETURN_IF_FALSE((extSize <= MAX_ACL_MAP_SIZE));
+    for (uint32_t i = 0; i < extSize; i++) {
+        std::string perm;
+        std::string value;
+        RETURN_IF_FALSE(in.ReadString(perm));
+        RETURN_IF_FALSE(in.ReadString(value));
+        hapPolicyParcel->hapPolicy.aclExtendedMap[perm] = value;
+    }
+
+    return true;
+}
+
 HapPolicyParcel* HapPolicyParcel::Unmarshalling(Parcel& in)
 {
     auto* hapPolicyParcel = new (std::nothrow) HapPolicyParcel();
@@ -114,29 +143,7 @@ HapPolicyParcel* HapPolicyParcel::Unmarshalling(Parcel& in)
         RELEASE_IF_FALSE(in.ReadString(acl), hapPolicyParcel);
         hapPolicyParcel->hapPolicy.aclRequestedList.emplace_back(acl);
     }
-    uint32_t infoSize;
-    RELEASE_IF_FALSE(in.ReadUint32(infoSize), hapPolicyParcel);
-    RELEASE_IF_FALSE((infoSize <= MAX_PERMLIST_SIZE), hapPolicyParcel);
-    for (uint32_t i = 0; i < infoSize; i++) {
-        PreAuthorizationInfo info;
-        RELEASE_IF_FALSE(in.ReadString(info.permissionName), hapPolicyParcel);
-        RELEASE_IF_FALSE(in.ReadBool(info.userCancelable), hapPolicyParcel);
-        hapPolicyParcel->hapPolicy.preAuthorizationInfo.emplace_back(info);
-    }
-    int32_t checkIgnore;
-    RELEASE_IF_FALSE(in.ReadInt32(checkIgnore), hapPolicyParcel);
-    hapPolicyParcel->hapPolicy.checkIgnore = HapPolicyCheckIgnore(checkIgnore);
-
-    uint32_t extSize;
-    RELEASE_IF_FALSE(in.ReadUint32(extSize), hapPolicyParcel);
-    RELEASE_IF_FALSE((extSize <= MAX_ACL_MAP_SIZE), hapPolicyParcel);
-    for (uint32_t i = 0; i < extSize; i++) {
-        std::string perm;
-        std::string value;
-        RELEASE_IF_FALSE(in.ReadString(perm), hapPolicyParcel);
-        RELEASE_IF_FALSE(in.ReadString(value), hapPolicyParcel);
-        hapPolicyParcel->hapPolicy.aclExtendedMap[perm] = value;
-    }
+    RELEASE_IF_FALSE(ReadLeftHapPolicyParcel(in, hapPolicyParcel), hapPolicyParcel);
     return hapPolicyParcel;
 }
 } // namespace AccessToken
diff --git a/frameworks/accesstoken/src/permission_state_change_scope_parcel.cpp b/frameworks/accesstoken/src/perm_state_change_scope_parcel.cpp
similarity index 96%
rename from frameworks/accesstoken/src/permission_state_change_scope_parcel.cpp
rename to frameworks/accesstoken/src/perm_state_change_scope_parcel.cpp
index 8555df3533764777dee7971f36034edad0b48a5d..1d7345cd5b144d8acf890a1ee90e272d6c7b8f08 100644
--- a/frameworks/accesstoken/src/permission_state_change_scope_parcel.cpp
+++ b/frameworks/accesstoken/src/perm_state_change_scope_parcel.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Copyright (c) 2022-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -13,7 +13,7 @@
  * limitations under the License.
  */
 
-#include "permission_state_change_scope_parcel.h"
+#include "perm_state_change_scope_parcel.h"
 #include "parcel_utils.h"
 
 namespace OHOS {
diff --git a/frameworks/privacy/src/sec_comp_enhance_data_parcel.cpp b/frameworks/accesstoken/src/sec_comp_enhance_data_parcel.cpp
similarity index 100%
rename from frameworks/privacy/src/sec_comp_enhance_data_parcel.cpp
rename to frameworks/accesstoken/src/sec_comp_enhance_data_parcel.cpp
diff --git a/frameworks/common/BUILD.gn b/frameworks/common/BUILD.gn
index d8c90e81738de09e554829011cc951566b14e331..30c9f2b9543a15f31e62f02cfa31cddadb60a8bc 100644
--- a/frameworks/common/BUILD.gn
+++ b/frameworks/common/BUILD.gn
@@ -19,16 +19,66 @@ config("accesstoken_common_cxx_public_config") {
   include_dirs = [ "include" ]
 }
 
+action("permission_definition_check") {
+  script = "permission_check.py"
+  args = [
+    "--source-root-dir",
+    rebase_path("//", root_build_dir),
+    "--input-full-permissions",
+    rebase_path("${access_token_path}") +
+        "/services/accesstokenmanager/permission_definitions.json",
+  ]
+  inputs = [ rebase_path("${access_token_path}") +
+             "/services/accesstokenmanager/permission_definitions.json" ]
+  outputs = [ "$target_out_dir" ]
+}
+
 action("permission_definition_parse") {
   script = "permission_definition_parser.py"
+  inputs = [ rebase_path("${access_token_path}") +
+             "/services/accesstokenmanager/permission_definitions.json" ]
   args = [
     "--input-json",
     rebase_path("${access_token_path}") +
         "/services/accesstokenmanager/permission_definitions.json",
     "--output-path",
     rebase_path(target_out_dir) + "/permission_map_constant.h",
+    "--target-platform",
+    target_platform,
   ]
-  outputs = [ "$target_out_dir" ]
+  outputs = [ "$target_out_dir" + "/permission_map_constant.h" ]
+  if (!ohos_indep_compiler_enable) {
+    deps = [ ":permission_definition_check" ]
+  }
+}
+
+ohos_static_library("accesstoken_static_log") {
+  subsystem_name = "security"
+  part_name = "access_token"
+  sanitize = {
+    cfi = true
+    cfi_cross_dso = true
+    debug = false
+  }
+  branch_protector_ret = "pac_ret"
+
+  public_configs = [ ":accesstoken_common_cxx_public_config" ]
+
+  include_dirs = [ "include" ]
+
+  sources = [ "src/accesstoken_common_log.cpp" ]
+
+  external_deps = [
+    "c_utils:utils",
+    "hilog:libhilog",
+  ]
+
+  configs = [
+    "${access_token_path}/config:access_token_compile_flags",
+    "${access_token_path}/config:coverage_flags",
+  ]
+
+  cflags_cc = [ "-DHILOG_ENABLE" ]
 }
 
 ohos_shared_library("accesstoken_common_cxx") {
@@ -61,7 +111,11 @@ ohos_shared_library("accesstoken_common_cxx") {
     "src/time_util.cpp",
   ]
 
-  deps = [ ":permission_definition_parse" ]
+  deps = [
+    ":accesstoken_static_log",
+    ":permission_definition_parse",
+  ]
+
   external_deps = [
     "c_utils:utils",
     "hilog:libhilog",
diff --git a/frameworks/common/include/accesstoken_common_log.h b/frameworks/common/include/accesstoken_common_log.h
index 634f533a0655ba177f4053083db6556dc794ad80..3286f0bc371a09bfe0a54e3dda6b6730a8ca7dc5 100644
--- a/frameworks/common/include/accesstoken_common_log.h
+++ b/frameworks/common/include/accesstoken_common_log.h
@@ -16,6 +16,7 @@
 #ifndef ACCESSTOKEN_COMMON_LOG_H
 #define ACCESSTOKEN_COMMON_LOG_H
 
+#include <stdint.h>
 #include "hilog/log.h"
 
 #define ATM_DOMAIN 0xD005A01
@@ -24,9 +25,11 @@
 #define PRI_DOMAIN 0xD005A02
 #define PRI_TAG "PRIVACY"
 
+#define LOG_PUBLIC "{public}"
+
 #define LOGF(domain, tag, fmt, ...)            \
     ((void)HILOG_IMPL(LOG_CORE, LOG_FATAL, domain, tag, \
-    "[%{upblic}s:%{public}d]" fmt, __FUNCTION__, __LINE__, ##__VA_ARGS__))
+    "[%{public}s:%{public}d]" fmt, __FUNCTION__, __LINE__, ##__VA_ARGS__))
 #define LOGE(domain, tag, fmt, ...)            \
     ((void)HILOG_IMPL(LOG_CORE, LOG_ERROR, domain, tag, \
     "[%{public}s:%{public}d]" fmt, __FUNCTION__, __LINE__, ##__VA_ARGS__))
@@ -40,6 +43,25 @@
     ((void)HILOG_IMPL(LOG_CORE, LOG_DEBUG, domain, tag, \
     "[%{public}s:%{public}d]" fmt, __FUNCTION__, __LINE__, ##__VA_ARGS__))
 
+namespace OHOS {
+namespace Security {
+namespace AccessToken {
+uint32_t GetThreadErrorMsgLen(void);
+const char *GetThreadErrorMsg(void);
+void ClearThreadErrorMsg(void);
+void AddEventMessage(unsigned int domain, const char *tag, const char *format, ...);
+}
+}
+}
+
+#define LOGC(domain, tag, fmt, ...)            \
+do { \
+    ((void)HILOG_IMPL(LOG_CORE, LOG_ERROR, domain, tag, \
+    "[%{public}s:%{public}d]" fmt, __FUNCTION__, __LINE__, ##__VA_ARGS__)); \
+    OHOS::Security::AccessToken::AddEventMessage(domain, tag, \
+        "%" LOG_PUBLIC "s[%" LOG_PUBLIC "u]: " fmt, __func__, __LINE__, ##__VA_ARGS__); \
+} while (0)
+
 #define IF_FALSE_PRINT_LOG(domain, tag, cond, fmt, ...) \
     do { \
         if (!(cond)) { \
diff --git a/frameworks/common/permission_check.py b/frameworks/common/permission_check.py
new file mode 100755
index 0000000000000000000000000000000000000000..4cbcce5fa2509c8a200a0716796f06fb3be9563e
--- /dev/null
+++ b/frameworks/common/permission_check.py
@@ -0,0 +1,117 @@
+#!/usr/bin/env python
+# coding: utf-8
+
+"""
+Copyright (c) 2025 Huawei Device Co., Ltd.
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+"""
+
+import json
+import argparse
+import os
+
+
+REQUIRED_ATTRS = [
+    "name",
+    "grantMode",
+    "availableLevel",
+    "since",
+    "provisionEnable",
+    "distributedSceneEnable"
+]
+
+
+ATTRS_ONLY_IN_RESOURCE = [
+    "label",
+    "description"
+]
+
+
+def parse_definition_json(path):
+    permission_maps = {}
+    with open(path, "r", encoding="utf-8") as f:
+        data = json.load(f)
+        for perm in data["definePermissions"]:
+            permission_maps[perm["name"]] = perm
+    return permission_maps
+
+
+def parse_module_json(path):
+    permission_maps = {}
+    if not os.path.exists(path):
+        return {}
+    with open(path, "r", encoding="utf-8") as f:
+        data = json.load(f)
+        for perm in data["module"]["definePermissions"]:
+            permission_maps[perm["name"]] = perm
+    return permission_maps
+
+
+def check_required_param(defs, filename):
+    for attr in REQUIRED_ATTRS:
+        if not attr in defs:
+            raise Exception("Not found {} of {} in {}".format(
+                attr, defs["name"], filename))
+
+
+def check_consistency(def_in_module, full_def):
+    for attr, value in full_def.items():
+        if not attr in def_in_module:
+            continue
+        if not value == def_in_module[attr]:
+            raise Exception("{} of {} is inconsistent in module.json and permission_definition.json".format(
+                attr, def_in_module["name"]))
+
+    for attr in def_in_module.keys():
+        if attr in ATTRS_ONLY_IN_RESOURCE:
+            continue
+        elif not attr in full_def:
+            raise Exception("{} of {} should be define in permission_definition.json".format(attr,
+                def_in_module["name"]))
+
+
+def check_maps(module_map, definition_map):
+    for name, perm_def in definition_map.items():
+        if not "availableType" in perm_def:
+            raise Exception("Cannot define permission {} without availableType " \
+                "in permission_definition.json".format(name))
+        if perm_def["availableType"] == "SERVICE":
+            if name in module_map:
+                raise Exception("Cannot define permission {} for SERVICE in module.json".format(name))
+            continue
+        if not name in module_map:
+            raise Exception("To add permission definition of {} in system_global_resource.".format(name))
+        check_required_param(module_map[name], "module.json")
+        check_required_param(definition_map[name], "permission_definition.json")
+        check_consistency(module_map[name], definition_map[name])
+
+
+def parse_args():
+    parser = argparse.ArgumentParser()
+    parser.add_argument('--source-root-dir', help='build root dir', required=True)
+    parser.add_argument('--input-full-permissions', help='json file for permission definition', required=True)
+    return parser.parse_args()
+
+
+if __name__ == "__main__":
+    input_args = parse_args()
+    module_json_path = os.path.join("base/global/system_resources/systemres/main", "module.json")
+    module_json_path = os.path.join(input_args.source_root_dir, module_json_path)
+    module_json_map = parse_module_json(module_json_path)
+    if not module_json_map:
+        print("Not found {}, no need to check consistency.".format(module_json_path))
+        exit(0)
+    full_permissions_map = parse_definition_json(input_args.input_full_permissions)
+    check_maps(module_json_map, full_permissions_map)
+    print("Check permission consistency pass!")
\ No newline at end of file
diff --git a/frameworks/common/permission_definition_parser.py b/frameworks/common/permission_definition_parser.py
index 924f3734fbe604ff2a94785c4a007938d1a89816..129aff0288c0d7d59e368e5859a82f6d8a3847ae 100755
--- a/frameworks/common/permission_definition_parser.py
+++ b/frameworks/common/permission_definition_parser.py
@@ -82,6 +82,16 @@ JSON_VALUE_CONVERT_TO_CPP_DICT = {
     "system_core": "APL_SYSTEM_CORE",
 }
 
+CONVERT_TARGET_PLATFORM = {
+    "phone": "phone",
+    "watch": "wearable",
+    "wearable": "wearable",
+    "tablet": "tablet",
+    "pc": "2in1",
+    "tv": "tv",
+    "car": "car",
+}
+
 
 class PermissionDef(object):
     def __init__(self, permission_def_dict, code):
@@ -114,6 +124,17 @@ class PermissionDef(object):
         else:
             self.has_value = "false"
 
+        if permission_def_dict["since"] >= 20 and not "deviceTypes" in permission_def_dict:
+            raise Exception("No deviceTypes in permission difinition of {}".format(self.name))
+
+        if "deviceTypes" in permission_def_dict:
+            if isinstance(permission_def_dict["deviceTypes"], list) and len(permission_def_dict["deviceTypes"]) > 0:
+                self.device_types = permission_def_dict["deviceTypes"]
+            else:
+                raise Exception("Must be filled with available device type list, name = {}".format(self.name))
+        else:
+            self.device_types = ["general"]
+
         self.code = code
 
     def dump_permission_name(self):
@@ -129,8 +150,15 @@ class PermissionDef(object):
         )
         return entry
 
+    def check_device_type(self, target_platform):
+        if "general" in self.device_types:
+            return True
+        if target_platform in self.device_types:
+            return True
+        return False
+
 
-def parse_json(path):
+def parse_json(path, platform):
     extend_perm = {
         'name' : 'ohos.permission.KERNEL_ATM_SELF_USE',
         'grantMode' : 'system_grant',
@@ -149,12 +177,11 @@ def parse_json(path):
     with open(path, "r", encoding="utf-8") as f:
         data = json.load(f)
         index = 0
-        for perm in data["systemGrantPermissions"]:
-            permission_list.append(PermissionDef(perm, index))
-            index += 1
-
-        for perm in data["userGrantPermissions"]:
-            permission_list.append(PermissionDef(perm, index))
+        for perm in data["definePermissions"]:
+            perm_def = PermissionDef(perm, index)
+            if not perm_def.check_device_type(platform):
+                continue
+            permission_list.append(perm_def)
             index += 1
         permission_list.append(PermissionDef(extend_perm, index))
     return permission_list
@@ -177,10 +204,14 @@ def parse_args():
     parser = argparse.ArgumentParser()
     parser.add_argument('--output-path', help='the output cpp path', required=True)
     parser.add_argument('--input-json', help='json file for permission difinition', required=True)
+    parser.add_argument('--target-platform', help='build target platform', required=True)
     return parser.parse_args()
 
 
 if __name__ == "__main__":
     input_args = parse_args()
-    permission_list = parse_json(input_args.input_json)
+    curr_platform = "general"
+    if input_args.target_platform in CONVERT_TARGET_PLATFORM:
+        curr_platform = CONVERT_TARGET_PLATFORM[input_args.target_platform]
+    permission_list = parse_json(input_args.input_json, curr_platform)
     convert_to_cpp(input_args.output_path, permission_list)
\ No newline at end of file
diff --git a/frameworks/common/src/accesstoken_common_log.cpp b/frameworks/common/src/accesstoken_common_log.cpp
new file mode 100644
index 0000000000000000000000000000000000000000..47f6fa8e8bc1331f97881b66acc1578510305d34
--- /dev/null
+++ b/frameworks/common/src/accesstoken_common_log.cpp
@@ -0,0 +1,132 @@
+/*
+ * Copyright (c) 2025 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "accesstoken_common_log.h"
+
+#include <cstdlib>
+#include <cstdio>
+#include <cstdarg>
+#include <cstdint>
+#include <cstring>
+#include <string>
+#include "securec.h"
+
+namespace OHOS {
+namespace Security {
+namespace AccessToken {
+
+constexpr uint32_t MAX_ERROR_MESSAGE_LEN = 4096;
+static __thread uint32_t g_msgLen = 0;
+static __thread char g_errMsg[MAX_ERROR_MESSAGE_LEN + 1];
+
+uint32_t GetThreadErrorMsgLen(void)
+{
+    return g_msgLen;
+}
+
+const char *GetThreadErrorMsg(void)
+{
+    return g_errMsg;
+}
+
+void ClearThreadErrorMsg(void)
+{
+    (void)memset_s(g_errMsg, MAX_ERROR_MESSAGE_LEN + 1, 0, MAX_ERROR_MESSAGE_LEN + 1);
+    g_msgLen = 0;
+}
+
+void AppendThreadErrMsg(unsigned int domain, const char *tag,
+    const uint8_t *buff, uint32_t buffLen)
+{
+    if (g_msgLen + buffLen >= MAX_ERROR_MESSAGE_LEN) {
+        LOGE(domain, tag, "buff will overflow!"
+            "g_msgLen = %{public}u, buffLen = %{public}u", g_msgLen, buffLen);
+        return;
+    }
+    if (memcpy_s(g_errMsg + g_msgLen, MAX_ERROR_MESSAGE_LEN - g_msgLen, buff, buffLen) != EOK) {
+        LOGE(domain, tag, "memcpy_s fail!"
+            "g_msgLen = %{public}u, buffLen = %{public}u", g_msgLen, buffLen);
+        return;
+    }
+    g_msgLen += buffLen;
+}
+
+static bool ReplaceSubstring(unsigned int domain, const char *tag,
+    const char *format, char result[MAX_ERROR_MESSAGE_LEN])
+{
+    std::string formatString(format);
+    std::string::size_type pos;
+    while ((pos = formatString.find(LOG_PUBLIC)) != std::string::npos) {
+        formatString.replace(pos, strlen(LOG_PUBLIC), "");
+    }
+    if (memcpy_s(result, MAX_ERROR_MESSAGE_LEN, formatString.c_str(), formatString.size()) != EOK) {
+        return false;
+    }
+    return true;
+}
+
+void AddEventMessage(unsigned int domain, const char *tag,
+    const char *format, ...)
+{
+    va_list ap;
+
+    if (g_msgLen == 0) {
+        char newFormat[MAX_ERROR_MESSAGE_LEN] = {0};
+        if (!ReplaceSubstring(domain, tag, format, newFormat)) {
+            LOGE(domain, tag, "skip to add errMsg");
+            return;
+        }
+        va_start(ap, format);
+        char buff[MAX_ERROR_MESSAGE_LEN] = {0};
+        int32_t buffLen = vsnprintf_s(buff, MAX_ERROR_MESSAGE_LEN, MAX_ERROR_MESSAGE_LEN - 1, newFormat, ap);
+        va_end(ap);
+        if (buffLen < 0) {
+            LOGE(domain, tag, "vsnprintf_s fail! ret: %{public}d, newFormat:[%{public}s]", buffLen,
+                newFormat);
+            return;
+        }
+        if (g_msgLen + static_cast<uint32_t>(buffLen) >= MAX_ERROR_MESSAGE_LEN) {
+            LOGE(domain, tag, "errMsg is almost full!");
+            return;
+        }
+
+        if (memcpy_s(g_errMsg + g_msgLen, MAX_ERROR_MESSAGE_LEN, buff, buffLen) != EOK) {
+            LOGE(domain, tag, "copy errMsg buff fail!");
+            return;
+        }
+        g_msgLen += static_cast<uint32_t>(buffLen);
+    } else {
+        va_start(ap, format);
+        char *funName = va_arg(ap, char *);
+        uint32_t lineNo = va_arg(ap, uint32_t);
+        va_end(ap);
+
+        if (funName == nullptr) {
+            LOGE(domain, tag, "Get funName fail!");
+            return;
+        }
+        int32_t offset = sprintf_s(g_errMsg + g_msgLen, MAX_ERROR_MESSAGE_LEN - g_msgLen, " <%s[%u]",
+            funName, lineNo);
+        if (offset <= 0) {
+            LOGE(domain, tag, "append call chain fail! offset: [%{public}d]", offset);
+            return;
+        }
+        g_msgLen += static_cast<uint32_t>(offset);
+    }
+}
+
+} // namespace AccessToken
+} // namespace Security
+} // namespace OHOS
\ No newline at end of file
diff --git a/frameworks/common/src/data_validator.cpp b/frameworks/common/src/data_validator.cpp
index 88b217f2a19dccb48bba9a9ba2a8947809f170b3..329636c472a986101af356759f6725f14b71f15c 100644
--- a/frameworks/common/src/data_validator.cpp
+++ b/frameworks/common/src/data_validator.cpp
@@ -27,23 +27,35 @@ namespace AccessToken {
 
 bool DataValidator::IsBundleNameValid(const std::string& bundleName)
 {
-    return !bundleName.empty() && (bundleName.length() <= MAX_LENGTH);
+    bool ret = (!bundleName.empty() && (bundleName.length() <= MAX_LENGTH));
+    if (!ret) {
+        LOGC(ATM_DOMAIN, ATM_TAG, "bunldename %{public}s is invalid.", bundleName.c_str());
+    }
+    return ret;
 }
 
 bool DataValidator::IsLabelValid(const std::string& label)
 {
-    return label.length() <= MAX_LENGTH;
+    bool ret = (label.length() <= MAX_LENGTH);
+    if (!ret) {
+        LOGC(ATM_DOMAIN, ATM_TAG, "label %{public}s is invalid.", label.c_str());
+    }
+    return ret;
 }
 
 bool DataValidator::IsDescValid(const std::string& desc)
 {
-    return desc.length() <= MAX_LENGTH;
+    bool ret = desc.length() <= MAX_LENGTH;
+    if (!ret) {
+        LOGC(ATM_DOMAIN, ATM_TAG, "desc %{public}s is invalid.", desc.c_str());
+    }
+    return ret;
 }
 
 bool DataValidator::IsPermissionNameValid(const std::string& permissionName)
 {
     if (permissionName.empty() || (permissionName.length() > MAX_LENGTH)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Invalid perm length(%{public}d).", static_cast<int32_t>(permissionName.length()));
+        LOGC(ATM_DOMAIN, ATM_TAG, "Invalid perm length(%{public}d).", static_cast<int32_t>(permissionName.length()));
         return false;
     }
     return true;
@@ -51,12 +63,17 @@ bool DataValidator::IsPermissionNameValid(const std::string& permissionName)
 
 bool DataValidator::IsUserIdValid(const int userId)
 {
-    return userId >= 0;
+    bool ret = (userId >= 0);
+    if (!ret) {
+        LOGC(ATM_DOMAIN, ATM_TAG, "userId %{public}d is invalid.", userId);
+    }
+    return ret;
 }
 
 bool DataValidator::IsAclExtendedMapSizeValid(const std::map<std::string, std::string>& aclExtendedMap)
 {
     if (aclExtendedMap.size() > MAX_EXTENDED_MAP_SIZE) {
+        LOGC(ATM_DOMAIN, ATM_TAG, "aclExtendedMap is oversize %{public}zu.", aclExtendedMap.size());
         return false;
     }
     return true;
@@ -69,7 +86,7 @@ bool DataValidator::IsAclExtendedMapContentValid(const std::string& permissionNa
     }
 
     if (value.empty() || (value.length() > MAX_VALUE_LENGTH)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Invalid value length(%{public}d).", static_cast<int32_t>(value.length()));
+        LOGC(ATM_DOMAIN, ATM_TAG, "Invalid value length(%{public}d).", static_cast<int32_t>(value.length()));
         return false;
     }
     return true;
diff --git a/frameworks/js/napi/accesstoken/src/napi_atmanager.cpp b/frameworks/js/napi/accesstoken/src/napi_atmanager.cpp
index 3f98af78960b617b799ca090c793c8ca68c41b70..3eecddd8759b81070cbc178f0a74919472bdb312 100644
--- a/frameworks/js/napi/accesstoken/src/napi_atmanager.cpp
+++ b/frameworks/js/napi/accesstoken/src/napi_atmanager.cpp
@@ -31,12 +31,16 @@ namespace AccessToken {
 std::mutex g_lockForPermStateChangeRegisters;
 std::vector<RegisterPermStateChangeInfo*> g_permStateChangeRegisters;
 std::mutex g_lockCache;
-std::map<std::string, PermissionStatusCache> g_cache;
+std::map<std::string, GrantStatusCache> g_cache;
+std::mutex g_lockStatusCache;
+std::map<std::string, PermissionStatusCache> g_statusCache;
 static PermissionParamCache g_paramCache;
+static PermissionParamCache g_paramFlagCache;
 static std::atomic<int32_t> g_cnt = 0;
 constexpr uint32_t REPORT_CNT = 10;
 namespace {
 static const char* PERMISSION_STATUS_CHANGE_KEY = "accesstoken.permission.change";
+static const char* PERMISSION_STATUS_FLAG_CHANGE_KEY = "accesstoken.permission.flagchange";
 static const char* REGISTER_PERMISSION_STATE_CHANGE_TYPE = "permissionStateChange";
 static const char* REGISTER_SELF_PERMISSION_STATE_CHANGE_TYPE = "selfPermissionStateChange";
 constexpr uint32_t THIRD_PARAM = 2;
@@ -238,6 +242,7 @@ napi_value NapiAtManager::Init(napi_env env, napi_value exports)
         DECLARE_NAPI_FUNCTION("requestPermissionOnSetting", NapiRequestPermissionOnSetting::RequestPermissionOnSetting),
         DECLARE_NAPI_FUNCTION("requestGlobalSwitch", NapiRequestGlobalSwitch::RequestGlobalSwitch),
         DECLARE_NAPI_FUNCTION("requestPermissionOnApplicationSetting", RequestAppPermOnSetting),
+        DECLARE_NAPI_FUNCTION("getSelfPermissionStatus", GetSelfPermissionStatusSync),
     };
 
     napi_value cons = nullptr;
@@ -345,7 +350,7 @@ bool NapiAtManager::ParseInputVerifyPermissionOrGetFlag(const napi_env env, cons
 
     // 1: the second parameter of argv
     if (!ParseString(env, argv[1], asyncContext.permissionName)) {
-        errMsg = GetParamErrorMsg("permissionName", "string");
+        errMsg = GetParamErrorMsg("permissionName", "Permissions");
         NAPI_CALL_BASE(env,
             napi_throw(env, GenerateBusinessError(env, JsErrorCode::JS_ERROR_PARAM_ILLEGAL, errMsg)), false);
         return false;
@@ -382,7 +387,7 @@ bool NapiAtManager::ParseInputVerifyPermissionSync(const napi_env env, const nap
 
     // 1: the second parameter of argv
     if (!ParseString(env, argv[1], syncContext.permissionName)) {
-        errMsg = GetParamErrorMsg("permissionName", "string");
+        errMsg = GetParamErrorMsg("permissionName", "Permissions");
         NAPI_CALL_BASE(env,
             napi_throw(env, GenerateBusinessError(env, JsErrorCode::JS_ERROR_PARAM_ILLEGAL, errMsg)), false);
         return false;
@@ -399,13 +404,14 @@ void NapiAtManager::VerifyAccessTokenExecute(napi_env env, void *data)
     if (asyncContext == nullptr) {
         return;
     }
-    AccessTokenID selfTokenId = static_cast<AccessTokenID>(GetSelfTokenID());
-    if (asyncContext->tokenId != selfTokenId) {
+    AccessTokenIDEx selfTokenIdEx = {GetSelfTokenID()};
+    if (!AccessTokenKit::IsSystemAppByFullTokenID(static_cast<uint64_t>(selfTokenIdEx.tokenIDEx)) &&
+        asyncContext->tokenId != selfTokenIdEx.tokenIdExStruct.tokenID) {
         int32_t cnt = g_cnt.fetch_add(1);
         if (cnt % REPORT_CNT == 0) {
             HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "VERIFY_ACCESS_TOKEN_EVENT",
                 HiviewDFX::HiSysEvent::EventType::STATISTIC, "EVENT_CODE", VERIFY_TOKENID_INCONSISTENCY,
-                "SELF_TOKENID", selfTokenId, "CONTEXT_TOKENID", asyncContext->tokenId);
+                "SELF_TOKENID", selfTokenIdEx.tokenIdExStruct.tokenID, "CONTEXT_TOKENID", asyncContext->tokenId);
         }
     }
     asyncContext->result = AccessTokenKit::VerifyAccessToken(asyncContext->tokenId, asyncContext->permissionName);
@@ -474,13 +480,14 @@ void NapiAtManager::CheckAccessTokenExecute(napi_env env, void *data)
         asyncContext->errorCode = JS_ERROR_PARAM_INVALID;
         return;
     }
-    AccessTokenID selfTokenId = static_cast<AccessTokenID>(GetSelfTokenID());
-    if (asyncContext->tokenId != selfTokenId) {
+    AccessTokenIDEx selfTokenIdEx = {GetSelfTokenID()};
+    if (!AccessTokenKit::IsSystemAppByFullTokenID(static_cast<uint64_t>(selfTokenIdEx.tokenIDEx)) &&
+        asyncContext->tokenId != selfTokenIdEx.tokenIdExStruct.tokenID) {
         int32_t cnt = g_cnt.fetch_add(1);
         if (cnt % REPORT_CNT == 0) {
             HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "VERIFY_ACCESS_TOKEN_EVENT",
                 HiviewDFX::HiSysEvent::EventType::STATISTIC, "EVENT_CODE", VERIFY_TOKENID_INCONSISTENCY,
-                "SELF_TOKENID", selfTokenId, "CONTEXT_TOKENID", asyncContext->tokenId);
+                "SELF_TOKENID", selfTokenIdEx.tokenIdExStruct.tokenID, "CONTEXT_TOKENID", asyncContext->tokenId);
         }
     }
 
@@ -531,36 +538,36 @@ napi_value NapiAtManager::CheckAccessToken(napi_env env, napi_callback_info info
     return result;
 }
 
-std::string NapiAtManager::GetPermParamValue()
+std::string NapiAtManager::GetPermParamValue(PermissionParamCache& paramCache, const char* paramKey)
 {
     long long sysCommitId = GetSystemCommitId();
-    if (sysCommitId == g_paramCache.sysCommitIdCache) {
+    if (sysCommitId == paramCache.sysCommitIdCache) {
         LOGD(ATM_DOMAIN, ATM_TAG, "SysCommitId = %{public}lld", sysCommitId);
-        return g_paramCache.sysParamCache;
+        return paramCache.sysParamCache;
     }
-    g_paramCache.sysCommitIdCache = sysCommitId;
-    if (g_paramCache.handle == PARAM_DEFAULT_VALUE) {
-        int32_t handle = static_cast<int32_t>(FindParameter(PERMISSION_STATUS_CHANGE_KEY));
+    paramCache.sysCommitIdCache = sysCommitId;
+    if (paramCache.handle == PARAM_DEFAULT_VALUE) {
+        int32_t handle = static_cast<int32_t>(FindParameter(paramKey));
         if (handle == PARAM_DEFAULT_VALUE) {
             LOGE(ATM_DOMAIN, ATM_TAG, "FindParameter failed");
             return "-1";
         }
-        g_paramCache.handle = handle;
+        paramCache.handle = handle;
     }
 
-    int32_t currCommitId = static_cast<int32_t>(GetParameterCommitId(g_paramCache.handle));
-    if (currCommitId != g_paramCache.commitIdCache) {
+    int32_t currCommitId = static_cast<int32_t>(GetParameterCommitId(paramCache.handle));
+    if (currCommitId != paramCache.commitIdCache) {
         char value[NapiContextCommon::VALUE_MAX_LEN] = {0};
-        auto ret = GetParameterValue(g_paramCache.handle, value, NapiContextCommon::VALUE_MAX_LEN - 1);
+        auto ret = GetParameterValue(paramCache.handle, value, NapiContextCommon::VALUE_MAX_LEN - 1);
         if (ret < 0) {
             LOGE(ATM_DOMAIN, ATM_TAG, "Return default value, ret=%{public}d", ret);
             return "-1";
         }
         std::string resStr(value);
-        g_paramCache.sysParamCache = resStr;
-        g_paramCache.commitIdCache = currCommitId;
+        paramCache.sysParamCache = resStr;
+        paramCache.commitIdCache = currCommitId;
     }
-    return g_paramCache.sysParamCache;
+    return paramCache.sysParamCache;
 }
 
 void NapiAtManager::UpdatePermissionCache(AtManagerSyncContext* syncContext)
@@ -568,7 +575,7 @@ void NapiAtManager::UpdatePermissionCache(AtManagerSyncContext* syncContext)
     std::lock_guard<std::mutex> lock(g_lockCache);
     auto iter = g_cache.find(syncContext->permissionName);
     if (iter != g_cache.end()) {
-        std::string currPara = GetPermParamValue();
+        std::string currPara = GetPermParamValue(g_paramCache, PERMISSION_STATUS_CHANGE_KEY);
         if (currPara != iter->second.paramValue) {
             syncContext->result = AccessTokenKit::VerifyAccessToken(
                 syncContext->tokenId, syncContext->permissionName);
@@ -581,7 +588,7 @@ void NapiAtManager::UpdatePermissionCache(AtManagerSyncContext* syncContext)
     } else {
         syncContext->result = AccessTokenKit::VerifyAccessToken(syncContext->tokenId, syncContext->permissionName);
         g_cache[syncContext->permissionName].status = syncContext->result;
-        g_cache[syncContext->permissionName].paramValue = GetPermParamValue();
+        g_cache[syncContext->permissionName].paramValue = GetPermParamValue(g_paramCache, PERMISSION_STATUS_CHANGE_KEY);
         LOGD(ATM_DOMAIN, ATM_TAG, "G_cacheParam set %{public}s",
             g_cache[syncContext->permissionName].paramValue.c_str());
     }
@@ -607,13 +614,13 @@ napi_value NapiAtManager::VerifyAccessTokenSync(napi_env env, napi_callback_info
     }
     if ((syncContext->permissionName.empty()) ||
         ((syncContext->permissionName.length() > NapiContextCommon::MAX_LENGTH))) {
-        std::string errMsg = GetParamErrorMsg("permissionName", "string");
+        std::string errMsg = GetParamErrorMsg("permissionName", "Permissions");
         NAPI_CALL(env, napi_throw(env, GenerateBusinessError(env, JS_ERROR_PARAM_INVALID, errMsg)));
         return nullptr;
     }
     if (syncContext->tokenId != static_cast<AccessTokenID>(selfTokenId)) {
         int32_t cnt = g_cnt.fetch_add(1);
-        if (cnt % REPORT_CNT == 0) {
+        if (!AccessTokenKit::IsSystemAppByFullTokenID(selfTokenId) && cnt % REPORT_CNT == 0) {
             AccessTokenID selfToken = static_cast<AccessTokenID>(selfTokenId);
             HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "VERIFY_ACCESS_TOKEN_EVENT",
                 HiviewDFX::HiSysEvent::EventType::STATISTIC, "EVENT_CODE", VERIFY_TOKENID_INCONSISTENCY,
@@ -659,7 +666,7 @@ bool NapiAtManager::ParseInputGrantOrRevokePermission(const napi_env env, const
 
     // 1: the second parameter of argv
     if (!ParseString(env, argv[1], asyncContext.permissionName)) {
-        errMsg = GetParamErrorMsg("permissionName", "string");
+        errMsg = GetParamErrorMsg("permissionName", "Permissions");
         NAPI_CALL_BASE(env,
             napi_throw(env, GenerateBusinessError(env, JsErrorCode::JS_ERROR_PARAM_ILLEGAL, errMsg)), false);
         return false;
@@ -987,7 +994,7 @@ bool NapiAtManager::ParseInputSetToggleStatus(const napi_env env, const napi_cal
     asyncContext.env = env;
     // 0: the first parameter of argv
     if (!ParseString(env, argv[0], asyncContext.permissionName)) {
-        errMsg = GetParamErrorMsg("permissionName", "string");
+        errMsg = GetParamErrorMsg("permissionName", "Permissions");
         NAPI_CALL_BASE(env,
             napi_throw(env, GenerateBusinessError(env, JsErrorCode::JS_ERROR_PARAM_ILLEGAL, errMsg)), false);
         return false;
@@ -1022,7 +1029,7 @@ bool NapiAtManager::ParseInputGetToggleStatus(const napi_env env, const napi_cal
     asyncContext.env = env;
     // 0: the first parameter of argv
     if (!ParseString(env, argv[0], asyncContext.permissionName)) {
-        errMsg = GetParamErrorMsg("permissionName", "string");
+        errMsg = GetParamErrorMsg("permissionName", "Permissions");
         NAPI_CALL_BASE(env,
             napi_throw(env, GenerateBusinessError(env, JsErrorCode::JS_ERROR_PARAM_ILLEGAL, errMsg)), false);
         return false;
@@ -1169,7 +1176,7 @@ bool NapiAtManager::FillPermStateChangeScope(const napi_env env, const napi_valu
         scopeInfo.tokenIDs = {GetSelfTokenID()};
     }
     if (!ParseStringArray(env, argv[index++], scopeInfo.permList)) {
-        errMsg = GetParamErrorMsg("permissionNameList", "Array<string>");
+        errMsg = GetParamErrorMsg("permissionNameList", "Array<Permissions>");
         napi_throw(env, GenerateBusinessError(env, JsErrorCode::JS_ERROR_PARAM_ILLEGAL, errMsg));
         return false;
     }
@@ -1242,6 +1249,85 @@ napi_value NapiAtManager::RequestAppPermOnSetting(napi_env env, napi_callback_in
     return result;
 }
 
+bool NapiAtManager::ParseInputGetPermStatus(const napi_env env, const napi_callback_info info,
+    AtManagerSyncContext& syncContext)
+{
+    size_t argc = NapiContextCommon::MAX_PARAMS_ONE;
+    napi_value argv[NapiContextCommon::MAX_PARAMS_ONE] = {nullptr};
+    napi_value thisVar = nullptr;
+
+    void *data = nullptr;
+    NAPI_CALL_BASE(env, napi_get_cb_info(env, info, &argc, argv, &thisVar, &data), false);
+    if (argc < NapiContextCommon::MAX_PARAMS_ONE) {
+        NAPI_CALL_BASE(env, napi_throw(env, GenerateBusinessError(env,
+            JsErrorCode::JS_ERROR_PARAM_ILLEGAL, "Parameter is missing.")), false);
+        return false;
+    }
+
+    syncContext.env = env;
+    if (!ParseString(env, argv[0], syncContext.permissionName)) {
+        std::string errMsg = GetParamErrorMsg("permissionName", "Permissions");
+        NAPI_CALL_BASE(env,
+            napi_throw(env, GenerateBusinessError(env, JsErrorCode::JS_ERROR_PARAM_ILLEGAL, errMsg)), false);
+        return false;
+    }
+    return true;
+}
+
+napi_value NapiAtManager::GetSelfPermissionStatusSync(napi_env env, napi_callback_info info)
+{
+    auto* syncContext = new (std::nothrow) AtManagerSyncContext();
+    if (syncContext == nullptr) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "New struct fail.");
+        return nullptr;
+    }
+
+    std::unique_ptr<AtManagerSyncContext> context {syncContext};
+    if (!ParseInputGetPermStatus(env, info, *syncContext)) {
+        return nullptr;
+    }
+
+    if ((syncContext->permissionName.empty()) ||
+        ((syncContext->permissionName.length() > NapiContextCommon::MAX_LENGTH))) {
+        std::string errMsg = "Invalid parameter. The permissionName is empty or exceeds 256 characters.";
+        NAPI_CALL(env, napi_throw(env, GenerateBusinessError(env, JS_ERROR_PARAM_INVALID, errMsg)));
+        return nullptr;
+    }
+
+    {
+        std::lock_guard<std::mutex> lock(g_lockStatusCache);
+        auto iter = g_statusCache.find(syncContext->permissionName);
+        if (iter != g_statusCache.end()) {
+            std::string currPara = GetPermParamValue(g_paramFlagCache, PERMISSION_STATUS_FLAG_CHANGE_KEY);
+            if (currPara != iter->second.paramValue) {
+                syncContext->result = AccessTokenKit::GetSelfPermissionStatus(syncContext->permissionName,
+                    syncContext->permissionsState);
+                iter->second.status = syncContext->permissionsState;
+                iter->second.paramValue = currPara;
+            } else {
+                syncContext->result = RET_SUCCESS;
+                syncContext->permissionsState = iter->second.status;
+            }
+        } else {
+            syncContext->result = AccessTokenKit::GetSelfPermissionStatus(syncContext->permissionName,
+                syncContext->permissionsState);
+            g_statusCache[syncContext->permissionName].status = syncContext->permissionsState;
+            g_statusCache[syncContext->permissionName].paramValue = GetPermParamValue(
+                g_paramFlagCache, PERMISSION_STATUS_FLAG_CHANGE_KEY);
+        }
+    }
+
+    if (syncContext->result != RET_SUCCESS) {
+        int32_t jsCode = NapiContextCommon::GetJsErrorCode(syncContext->result);
+        NAPI_CALL(env, napi_throw(env, GenerateBusinessError(env, jsCode, GetErrorMessage(jsCode))));
+        return nullptr;
+    }
+
+    napi_value result = nullptr;
+    NAPI_CALL(env, napi_create_int32(env, static_cast<int32_t>(syncContext->permissionsState), &result));
+    return result;
+}
+
 bool NapiAtManager::FillPermStateChangeInfo(const napi_env env, const napi_value* argv, const std::string& type,
     const napi_value thisVar, RegisterPermStateChangeInfo& registerPermStateChangeInfo)
 {
@@ -1346,7 +1432,6 @@ napi_value NapiAtManager::RegisterPermStateChangeCallback(napi_env env, napi_cal
             std::string errMsg = GetErrorMessage(JsErrorCode::JS_ERROR_PARAM_INVALID);
             NAPI_CALL(env, napi_throw(env, GenerateBusinessError(env, JsErrorCode::JS_ERROR_PARAM_INVALID, errMsg)));
         }
-        
         return nullptr;
     }
     int32_t result;
diff --git a/frameworks/js/napi/accesstoken/src/napi_request_global_switch_on_setting.cpp b/frameworks/js/napi/accesstoken/src/napi_request_global_switch_on_setting.cpp
index e6b05b6d271c4c22c920388b1bc36388356aac6c..ceb3fe322ea03abf61a6d299d83452887cd1cc35 100644
--- a/frameworks/js/napi/accesstoken/src/napi_request_global_switch_on_setting.cpp
+++ b/frameworks/js/napi/accesstoken/src/napi_request_global_switch_on_setting.cpp
@@ -24,6 +24,9 @@
 namespace OHOS {
 namespace Security {
 namespace AccessToken {
+std::map<int32_t, std::vector<std::shared_ptr<RequestGlobalSwitchAsyncContext>>>
+    RequestGlobalSwitchAsyncInstanceControl::instanceIdMap_;
+std::mutex RequestGlobalSwitchAsyncInstanceControl::instanceIdMutex_;
 namespace {
 const std::string GLOBAL_SWITCH_KEY = "ohos.user.setting.global_switch";
 const std::string GLOBAL_SWITCH_RESULT_KEY = "ohos.user.setting.global_switch.result";
@@ -199,6 +202,8 @@ void SwitchOnSettingUICallback::ReleaseHandler(int32_t code)
     if (code == -1) {
         this->reqContext_->errorCode = code;
     }
+    RequestGlobalSwitchAsyncInstanceControl::UpdateQueueData(this->reqContext_);
+    RequestGlobalSwitchAsyncInstanceControl::ExecCallback(this->reqContext_->instanceId);
     GlobalSwitchResultsCallbackUI(
         TransferToJsErrorCode(this->reqContext_->errorCode), this->reqContext_->switchStatus, this->reqContext_);
 }
@@ -356,6 +361,117 @@ static int32_t StartUIExtension(std::shared_ptr<RequestGlobalSwitchAsyncContext>
     return CreateUIExtension(want, asyncContext);
 }
 
+static void GetInstanceId(std::shared_ptr<RequestGlobalSwitchAsyncContext>& asyncContext)
+{
+    auto task = [asyncContext]() {
+        Ace::UIContent* uiContent = GetUIContent(asyncContext);
+        if (uiContent == nullptr) {
+            LOGE(ATM_DOMAIN, ATM_TAG, "Get ui content failed!");
+            return;
+        }
+        asyncContext->instanceId = uiContent->GetInstanceId();
+    };
+#ifdef EVENTHANDLER_ENABLE
+    if (asyncContext->handler_ != nullptr) {
+        asyncContext->handler_->PostSyncTask(task, "AT:GetInstanceId");
+    } else {
+        task();
+    }
+#else
+    task();
+#endif
+    LOGI(ATM_DOMAIN, ATM_TAG, "Instance id: %{public}d", asyncContext->instanceId);
+}
+
+void RequestGlobalSwitchAsyncInstanceControl::AddCallbackByInstanceId(
+    std::shared_ptr<RequestGlobalSwitchAsyncContext>& asyncContext)
+{
+    LOGI(ATM_DOMAIN, ATM_TAG, "InstanceId: %{public}d", asyncContext->instanceId);
+    {
+        std::lock_guard<std::mutex> lock(instanceIdMutex_);
+        auto iter = instanceIdMap_.find(asyncContext->instanceId);
+        // id is existed mean a pop window is showing, add context to waiting queue
+        if (iter != instanceIdMap_.end()) {
+            LOGI(ATM_DOMAIN, ATM_TAG, "InstanceId: %{public}d has existed.", asyncContext->instanceId);
+            instanceIdMap_[asyncContext->instanceId].emplace_back(asyncContext);
+            return;
+        }
+        // make sure id is in map to indicate a pop-up window is showing
+        instanceIdMap_[asyncContext->instanceId] = {};
+    }
+    StartUIExtension(asyncContext);
+}
+
+void RequestGlobalSwitchAsyncInstanceControl::UpdateQueueData(
+    const std::shared_ptr<RequestGlobalSwitchAsyncContext>& reqContext)
+{
+    if ((reqContext->errorCode != RET_SUCCESS) || !(reqContext->switchStatus)) {
+        LOGI(ATM_DOMAIN, ATM_TAG, "The queue data does not need to be updated.");
+        return;
+    }
+
+    {
+        std::lock_guard<std::mutex> lock(instanceIdMutex_);
+        int32_t id = reqContext->instanceId;
+        auto iter = instanceIdMap_.find(id);
+        if (iter == instanceIdMap_.end()) {
+            LOGI(ATM_DOMAIN, ATM_TAG, "Id: %{public}d not existed.", id);
+            return;
+        }
+        int32_t targetSwitchType = reqContext->switchType;
+        LOGI(ATM_DOMAIN, ATM_TAG, "Id: %{public}d, map size: %{public}zu.", id, iter->second.size());
+        for (auto& asyncContext : iter->second) {
+            if (targetSwitchType == asyncContext->switchType) {
+                asyncContext->errorCode = reqContext->errorCode;
+                asyncContext->switchStatus = reqContext->switchStatus;
+                asyncContext->isDynamic = false;
+            }
+        }
+    }
+}
+
+void RequestGlobalSwitchAsyncInstanceControl::ExecCallback(int32_t id)
+{
+    std::shared_ptr<RequestGlobalSwitchAsyncContext> asyncContext = nullptr;
+    bool isDynamic = false;
+    {
+        std::lock_guard<std::mutex> lock(instanceIdMutex_);
+        auto iter = instanceIdMap_.find(id);
+        if (iter == instanceIdMap_.end()) {
+            LOGI(ATM_DOMAIN, ATM_TAG, "Id: %{public}d not existed.", id);
+            return;
+        }
+        while (!iter->second.empty()) {
+            LOGI(ATM_DOMAIN, ATM_TAG, "Id: %{public}d, map size: %{public}zu.", id, iter->second.size());
+            asyncContext = iter->second[0];
+            iter->second.erase(iter->second.begin());
+            CheckDynamicRequest(asyncContext, isDynamic);
+            if (isDynamic) {
+                break;
+            }
+        }
+        if (iter->second.empty()) {
+            LOGI(ATM_DOMAIN, ATM_TAG, "Id: %{public}d, map is empty", id);
+            instanceIdMap_.erase(id);
+        }
+    }
+    if (isDynamic) {
+        StartUIExtension(asyncContext);
+    }
+}
+
+void RequestGlobalSwitchAsyncInstanceControl::CheckDynamicRequest(
+    std::shared_ptr<RequestGlobalSwitchAsyncContext>& asyncContext, bool& isDynamic)
+{
+    isDynamic = asyncContext->isDynamic;
+    if (!isDynamic) {
+        LOGI(ATM_DOMAIN, ATM_TAG, "It does not need to request permission exsion");
+        GlobalSwitchResultsCallbackUI(
+            TransferToJsErrorCode(asyncContext->errorCode), asyncContext->switchStatus, asyncContext);
+        return;
+    }
+}
+
 napi_value NapiRequestGlobalSwitch::RequestGlobalSwitch(napi_env env, napi_callback_info info)
 {
     LOGD(ATM_DOMAIN, ATM_TAG, "RequestGlobalSwitch begin.");
@@ -461,8 +577,10 @@ void NapiRequestGlobalSwitch::RequestGlobalSwitchExecute(napi_env env, void* dat
         return;
     }
 
+    GetInstanceId(asyncContextHandle->asyncContextPtr);
     LOGI(ATM_DOMAIN, ATM_TAG, "Start to pop ui extension dialog");
-    StartUIExtension(asyncContextHandle->asyncContextPtr);
+
+    RequestGlobalSwitchAsyncInstanceControl::AddCallbackByInstanceId(asyncContextHandle->asyncContextPtr);
     if (asyncContextHandle->asyncContextPtr->result != JsErrorCode::JS_OK) {
         LOGW(ATM_DOMAIN, ATM_TAG, "Failed to pop uiextension dialog.");
     }
diff --git a/frameworks/js/napi/accesstoken/src/napi_request_permission.cpp b/frameworks/js/napi/accesstoken/src/napi_request_permission.cpp
index 38930d947ac2b8d5396382eb90e490fced91d2ca..cd2a6c3f6ddb29f86bd3dff8fea0f58f88c50433 100644
--- a/frameworks/js/napi/accesstoken/src/napi_request_permission.cpp
+++ b/frameworks/js/napi/accesstoken/src/napi_request_permission.cpp
@@ -640,7 +640,7 @@ bool NapiRequestPermission::ParseRequestPermissionFromUser(const napi_env& env,
     // argv[1] : permissionList
     if (!ParseStringArray(env, argv[1], asyncContext->permissionList) ||
         (asyncContext->permissionList.empty())) {
-        errMsg = GetParamErrorMsg("permissionList", "Array<string>");
+        errMsg = GetParamErrorMsg("permissionList", "Array<Permissions>");
         NAPI_CALL_BASE(
             env, napi_throw(env, GenerateBusinessError(env, JsErrorCode::JS_ERROR_PARAM_ILLEGAL, errMsg)), false);
         return false;
@@ -805,7 +805,7 @@ bool NapiRequestPermission::ParseInputToGetQueryResult(const napi_env& env, cons
 
     // the second parameter of argv
     if (!ParseStringArray(env, argv[1], asyncContext.permissionList)) {
-        errMsg = GetParamErrorMsg("permissions", "Array<string>");
+        errMsg = GetParamErrorMsg("permissions", "Array<Permissions>");
         NAPI_CALL_BASE(
             env, napi_throw(env, GenerateBusinessError(env, JsErrorCode::JS_ERROR_PARAM_ILLEGAL, errMsg)), false);
         return false;
diff --git a/frameworks/js/napi/accesstoken/src/napi_request_permission_on_setting.cpp b/frameworks/js/napi/accesstoken/src/napi_request_permission_on_setting.cpp
index 8bc4516dca9210f471e25fc366e96979e769055d..9a16d25efe59e85ad9879e3996d6d24313931026 100644
--- a/frameworks/js/napi/accesstoken/src/napi_request_permission_on_setting.cpp
+++ b/frameworks/js/napi/accesstoken/src/napi_request_permission_on_setting.cpp
@@ -24,6 +24,9 @@
 namespace OHOS {
 namespace Security {
 namespace AccessToken {
+std::map<int32_t, std::vector<std::shared_ptr<RequestPermOnSettingAsyncContext>>>
+    RequestOnSettingAsyncInstanceControl::instanceIdMap_;
+std::mutex RequestOnSettingAsyncInstanceControl::instanceIdMutex_;
 namespace {
 const std::string PERMISSION_KEY = "ohos.user.setting.permission";
 const std::string PERMISSION_RESULT_KEY = "ohos.user.setting.permission.result";
@@ -37,8 +40,6 @@ const int32_t PERM_NOT_BELONG_TO_SAME_GROUP = 2;
 const int32_t PERM_IS_NOT_DECLARE = 3;
 const int32_t ALL_PERM_GRANTED = 4;
 const int32_t PERM_REVOKE_BY_USER = 5;
-bool g_windowFlag = false;
-std::mutex g_lockWindowFlag;
 std::mutex g_lockFlag;
 } // namespace
 static void ReturnPromiseResult(napi_env env, int32_t jsCode, napi_deferred deferred, napi_value result)
@@ -228,10 +229,8 @@ void PermissonOnSettingUICallback::ReleaseHandler(int32_t code)
     if (code == -1) {
         this->reqContext_->errorCode = code;
     }
-    {
-        std::lock_guard<std::mutex> lock(g_lockWindowFlag);
-        g_windowFlag = false;
-    }
+    RequestOnSettingAsyncInstanceControl::UpdateQueueData(this->reqContext_);
+    RequestOnSettingAsyncInstanceControl::ExecCallback(this->reqContext_->instanceId);
     PermissionResultsCallbackUI(
         TransferToJsErrorCode(this->reqContext_->errorCode), this->reqContext_->stateList, this->reqContext_);
 }
@@ -369,22 +368,8 @@ static int32_t CreateUIExtension(const Want &want, std::shared_ptr<RequestPermOn
         },
     };
 
-    {
-        std::lock_guard<std::mutex> lock(g_lockWindowFlag);
-        if (g_windowFlag) {
-            LOGW(ATM_DOMAIN, ATM_TAG, "The request already exists.");
-            asyncContext->result = RET_FAILED;
-            asyncContext->errorCode = REQUEST_REALDY_EXIST;
-            return RET_FAILED;
-        }
-        g_windowFlag = true;
-    }
     CreateUIExtensionMainThread(asyncContext, want, uiExtensionCallbacks, uiExtCallback);
     if (asyncContext->result == RET_FAILED) {
-        {
-            std::lock_guard<std::mutex> lock(g_lockWindowFlag);
-            g_windowFlag = false;
-        }
         return RET_FAILED;
     }
     return JS_OK;
@@ -402,6 +387,144 @@ static int32_t StartUIExtension(std::shared_ptr<RequestPermOnSettingAsyncContext
     return CreateUIExtension(want, asyncContext);
 }
 
+static void GetInstanceId(std::shared_ptr<RequestPermOnSettingAsyncContext>& asyncContext)
+{
+    auto task = [asyncContext]() {
+        Ace::UIContent* uiContent = GetUIContent(asyncContext);
+        if (uiContent == nullptr) {
+            LOGE(ATM_DOMAIN, ATM_TAG, "Get ui content failed!");
+            return;
+        }
+        asyncContext->instanceId = uiContent->GetInstanceId();
+    };
+#ifdef EVENTHANDLER_ENABLE
+    if (asyncContext->handler_ != nullptr) {
+        asyncContext->handler_->PostSyncTask(task, "AT:GetInstanceId");
+    } else {
+        task();
+    }
+#else
+    task();
+#endif
+    LOGI(ATM_DOMAIN, ATM_TAG, "Instance id: %{public}d", asyncContext->instanceId);
+}
+
+void RequestOnSettingAsyncInstanceControl::AddCallbackByInstanceId(
+    std::shared_ptr<RequestPermOnSettingAsyncContext>& asyncContext)
+{
+    LOGI(ATM_DOMAIN, ATM_TAG, "InstanceId: %{public}d", asyncContext->instanceId);
+    {
+        std::lock_guard<std::mutex> lock(instanceIdMutex_);
+        auto iter = instanceIdMap_.find(asyncContext->instanceId);
+        // id is existed mean a pop window is showing, add context to waiting queue
+        if (iter != instanceIdMap_.end()) {
+            LOGI(ATM_DOMAIN, ATM_TAG, "InstanceId: %{public}d has existed.", asyncContext->instanceId);
+            instanceIdMap_[asyncContext->instanceId].emplace_back(asyncContext);
+            return;
+        }
+        // make sure id is in map to indicate a pop-up window is showing
+        instanceIdMap_[asyncContext->instanceId] = {};
+    }
+    StartUIExtension(asyncContext);
+}
+
+bool static CheckPermList(std::vector<std::string> permList, std::vector<std::string> tmpPermList)
+{
+    if (permList.size() != tmpPermList.size()) {
+        LOGI(ATM_DOMAIN, ATM_TAG, "Perm list size not equal, CurrentPermList size: %{public}zu.", tmpPermList.size());
+        return false;
+    }
+
+    for (const auto& item : permList) {
+        auto iter = std::find_if(tmpPermList.begin(), tmpPermList.end(), [item](const std::string& perm) {
+            return item == perm;
+        });
+        if (iter == tmpPermList.end()) {
+            LOGI(ATM_DOMAIN, ATM_TAG, "Different permission lists.");
+            return false;
+        }
+    }
+    return true;
+}
+
+void RequestOnSettingAsyncInstanceControl::UpdateQueueData(
+    const std::shared_ptr<RequestPermOnSettingAsyncContext>& reqContext)
+{
+    if (reqContext->errorCode != RET_SUCCESS) {
+        LOGI(ATM_DOMAIN, ATM_TAG, "The queue data does not need to be updated.");
+        return;
+    }
+    for (const int32_t item : reqContext->stateList) {
+        if (item != PERMISSION_GRANTED) {
+            LOGI(ATM_DOMAIN, ATM_TAG, "The queue data does not need to be updated");
+            return;
+        }
+    }
+
+    {
+        std::lock_guard<std::mutex> lock(instanceIdMutex_);
+        int32_t id = reqContext->instanceId;
+        auto iter = instanceIdMap_.find(id);
+        if (iter == instanceIdMap_.end()) {
+            LOGI(ATM_DOMAIN, ATM_TAG, "Id: %{public}d not existed.", id);
+            return;
+        }
+        std::vector<std::string> permList = reqContext->permissionList;
+        LOGI(ATM_DOMAIN, ATM_TAG, "Id: %{public}d, map size: %{public}zu.", id, iter->second.size());
+        for (auto& asyncContext : iter->second) {
+            std::vector<std::string> tmpPermList = asyncContext->permissionList;
+            
+            if (CheckPermList(permList, tmpPermList)) {
+                asyncContext->errorCode = reqContext->errorCode;
+                asyncContext->stateList = reqContext->stateList;
+                asyncContext->isDynamic = false;
+            }
+        }
+    }
+}
+
+void RequestOnSettingAsyncInstanceControl::ExecCallback(int32_t id)
+{
+    std::shared_ptr<RequestPermOnSettingAsyncContext> asyncContext = nullptr;
+    bool isDynamic = false;
+    {
+        std::lock_guard<std::mutex> lock(instanceIdMutex_);
+        auto iter = instanceIdMap_.find(id);
+        if (iter == instanceIdMap_.end()) {
+            LOGI(ATM_DOMAIN, ATM_TAG, "Id: %{public}d not existed.", id);
+            return;
+        }
+        while (!iter->second.empty()) {
+            LOGI(ATM_DOMAIN, ATM_TAG, "Id: %{public}d, map size: %{public}zu.", id, iter->second.size());
+            asyncContext = iter->second[0];
+            iter->second.erase(iter->second.begin());
+            CheckDynamicRequest(asyncContext, isDynamic);
+            if (isDynamic) {
+                break;
+            }
+        }
+        if (iter->second.empty()) {
+            LOGI(ATM_DOMAIN, ATM_TAG, "Id: %{public}d, map is empty", id);
+            instanceIdMap_.erase(id);
+        }
+    }
+    if (isDynamic) {
+        StartUIExtension(asyncContext);
+    }
+}
+
+void RequestOnSettingAsyncInstanceControl::CheckDynamicRequest(
+    std::shared_ptr<RequestPermOnSettingAsyncContext>& asyncContext, bool& isDynamic)
+{
+    isDynamic = asyncContext->isDynamic;
+    if (!isDynamic) {
+        LOGI(ATM_DOMAIN, ATM_TAG, "It does not need to request permission exsion");
+        PermissionResultsCallbackUI(
+            TransferToJsErrorCode(asyncContext->errorCode), asyncContext->stateList, asyncContext);
+        return;
+    }
+}
+
 napi_value NapiRequestPermissionOnSetting::RequestPermissionOnSetting(napi_env env, napi_callback_info info)
 {
     LOGD(ATM_DOMAIN, ATM_TAG, "RequestPermissionOnSetting begin.");
@@ -508,8 +631,10 @@ void NapiRequestPermissionOnSetting::RequestPermissionOnSettingExecute(napi_env
         return;
     }
 
+    GetInstanceId(asyncContextHandle->asyncContextPtr);
     LOGI(ATM_DOMAIN, ATM_TAG, "Start to pop ui extension dialog");
-    StartUIExtension(asyncContextHandle->asyncContextPtr);
+
+    RequestOnSettingAsyncInstanceControl::AddCallbackByInstanceId(asyncContextHandle->asyncContextPtr);
     if (asyncContextHandle->asyncContextPtr->result != JsErrorCode::JS_OK) {
         LOGW(ATM_DOMAIN, ATM_TAG, "Failed to pop uiextension dialog.");
     }
@@ -532,10 +657,6 @@ void NapiRequestPermissionOnSetting::RequestPermissionOnSettingComplete(napi_env
     // return error
     if (asyncContextHandle->asyncContextPtr->deferred != nullptr) {
         int32_t jsCode = NapiContextCommon::GetJsErrorCode(asyncContextHandle->asyncContextPtr->result);
-        if ((asyncContextHandle->asyncContextPtr->result == RET_FAILED) &&
-            (asyncContextHandle->asyncContextPtr->errorCode == REQUEST_REALDY_EXIST)) {
-            jsCode = TransferToJsErrorCode(REQUEST_REALDY_EXIST);
-        }
         napi_value businessError = GenerateBusinessError(env, jsCode, GetErrorMessage(jsCode));
         NAPI_CALL_RETURN_VOID(env,
             napi_reject_deferred(env, asyncContextHandle->asyncContextPtr->deferred, businessError));
diff --git a/frameworks/js/napi/privacy/src/permission_record_manager_napi.cpp b/frameworks/js/napi/privacy/src/permission_record_manager_napi.cpp
index d5f55eb757c857318481da2482064ed82d191f51..37f3e0a2e300096045872520749f32542f12d400 100644
--- a/frameworks/js/napi/privacy/src/permission_record_manager_napi.cpp
+++ b/frameworks/js/napi/privacy/src/permission_record_manager_napi.cpp
@@ -192,7 +192,7 @@ static bool ParseAddPermissionRecord(
 
     // 1: the second parameter of argv
     if (!ParseString(env, argv[SECOND_PARAM], asyncContext.permissionName)) {
-        ParamResolveErrorThrow(env, "permissionName", "string");
+        ParamResolveErrorThrow(env, "permissionName", "Permissions");
         return false;
     }
 
@@ -295,7 +295,7 @@ static bool ParseStartAndStopUsingPermission(
 
     // 1: the second parameter of argv is permissionName
     if (!ParseString(env, argv[SECOND_PARAM], asyncContext.permissionName)) {
-        ParamResolveErrorThrow(env, "permissionName", "string");
+        ParamResolveErrorThrow(env, "permissionName", "Permissions");
         return false;
     }
 
@@ -492,7 +492,7 @@ static bool ParseRequest(const napi_env& env, const napi_value& value, Permissio
 
     if (IsNeedParseProperty(env, value, "permissionNames", property) &&
         !ParseStringArray(env, property, request.permissionList)) {
-        ParamResolveErrorThrow(env, "request:permissionNames", "Array<string>");
+        ParamResolveErrorThrow(env, "request:permissionNames", "Array<Permissions>");
         return false;
     }
 
@@ -943,7 +943,7 @@ static bool ParseInputToRegister(const napi_env env, const napi_callback_info cb
     std::vector<std::string> permList;
     // 1: the second parameter of argv
     if (!ParseStringArray(env, argv[1], permList)) {
-        ParamResolveErrorThrow(env, "permList", "Array<string>");
+        ParamResolveErrorThrow(env, "permList", "Array<Permissions>");
         return false;
     }
     std::sort(permList.begin(), permList.end());
@@ -979,13 +979,13 @@ static bool ParseInputToUnregister(const napi_env env, const napi_callback_info
     std::string type;
     // 0: the first parameter of argv
     if (!ParseString(env, argv[0], type)) {
-        ParamResolveErrorThrow(env, "permList", "Array<string>");
+        ParamResolveErrorThrow(env, "type", "string");
         return false;
     }
     // 1: the second parameter of argv
     std::vector<std::string> permList;
     if (!ParseStringArray(env, argv[1], permList)) {
-        ParamResolveErrorThrow(env, "permList", "Array<string>");
+        ParamResolveErrorThrow(env, "permList", "Array<Permissions>");
         return false;
     }
     std::sort(permList.begin(), permList.end());
@@ -1189,7 +1189,7 @@ static bool ParseGetPermissionUsedType(const napi_env env, const napi_callback_i
         }
 
         if (!ParseString(env, argv[1], permissionName)) {
-            ParamResolveErrorThrow(env, "permissionName", "string");
+            ParamResolveErrorThrow(env, "permissionName", "Permissions");
             return false;
         }
     }
diff --git a/frameworks/privacy/BUILD.gn b/frameworks/privacy/BUILD.gn
index b452f0cda89a9310f87a1c980fb21a5b32c4ff2b..6209524ec06086950b33d59820935fda93767c9c 100644
--- a/frameworks/privacy/BUILD.gn
+++ b/frameworks/privacy/BUILD.gn
@@ -50,9 +50,4 @@ ohos_shared_library("privacy_communication_adapter_cxx") {
   ]
 
   external_deps = [ "c_utils:utils" ]
-
-  if (security_component_enhance_enable) {
-    sources += [ "src/sec_comp_enhance_data_parcel.cpp" ]
-    external_deps += [ "ipc:ipc_single" ]
-  }
 }
diff --git a/frameworks/privacy/include/i_privacy_manager.h b/frameworks/privacy/include/i_privacy_manager.h
deleted file mode 100644
index 6c8cf6a2af1d260f00c8834d0e497fe8fa670056..0000000000000000000000000000000000000000
--- a/frameworks/privacy/include/i_privacy_manager.h
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * Copyright (c) 2022-2023 Huawei Device Co., Ltd.
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef I_PRIVACY_MANAGER_H
-#define I_PRIVACY_MANAGER_H
-
-#include <string>
-
-#include "access_token.h"
-#include "add_perm_param_info_parcel.h"
-#include "errors.h"
-#include "iremote_broker.h"
-
-#include "on_permission_used_record_callback.h"
-#include "privacy_service_ipc_interface_code.h"
-#include "permission_used_request_parcel.h"
-#include "permission_used_result_parcel.h"
-#include "permission_used_type_info_parcel.h"
-#include "privacy_param.h"
-#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE
-#include "sec_comp_enhance_data_parcel.h"
-#endif
-
-/* SAID:3505 */
-namespace OHOS {
-namespace Security {
-namespace AccessToken {
-class IPrivacyManager : public IRemoteBroker {
-public:
-    static const int32_t SA_ID_PRIVACY_MANAGER_SERVICE = 3505;
-
-    DECLARE_INTERFACE_DESCRIPTOR(u"ohos.security.accesstoken.IPrivacyManager");
-
-    virtual int32_t AddPermissionUsedRecord(const AddPermParamInfoParcel& infoParcel, bool asyncMode = false) = 0;
-    virtual int32_t SetPermissionUsedRecordToggleStatus(int32_t userID, bool status) = 0;
-    virtual int32_t GetPermissionUsedRecordToggleStatus(int32_t userID, bool& status) = 0;
-    virtual int32_t StartUsingPermission(const PermissionUsedTypeInfoParcel &infoParcel,
-        const sptr<IRemoteObject>& anonyStub) = 0;
-    virtual int32_t StartUsingPermission(const PermissionUsedTypeInfoParcel &infoParcel,
-        const sptr<IRemoteObject>& callback, const sptr<IRemoteObject>& anonyStub) = 0;
-    virtual int32_t StopUsingPermission(AccessTokenID tokenID, int32_t pid, const std::string& permissionName) = 0;
-    virtual int32_t RemovePermissionUsedRecords(AccessTokenID tokenID) = 0;
-    virtual int32_t GetPermissionUsedRecords(
-        const PermissionUsedRequestParcel& request, PermissionUsedResultParcel& result) = 0;
-    virtual int32_t GetPermissionUsedRecords(
-        const PermissionUsedRequestParcel& request, const sptr<OnPermissionUsedRecordCallback>& callback) = 0;
-    virtual int32_t RegisterPermActiveStatusCallback(
-        std::vector<std::string>& permList, const sptr<IRemoteObject>& callback) = 0;
-    virtual int32_t UnRegisterPermActiveStatusCallback(const sptr<IRemoteObject>& callback) = 0;
-    virtual bool IsAllowedUsingPermission(AccessTokenID tokenID, const std::string& permissionName, int32_t pid) = 0;
-    virtual int32_t SetMutePolicy(uint32_t policyType, uint32_t callerType, bool isMute, AccessTokenID tokenID) = 0;
-    virtual int32_t SetHapWithFGReminder(uint32_t tokenId, bool isAllowed) = 0;
-#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE
-    virtual int32_t RegisterSecCompEnhance(const SecCompEnhanceDataParcel& enhanceParcel) = 0;
-    virtual int32_t UpdateSecCompEnhance(int32_t pid, uint32_t seqNum) = 0;
-    virtual int32_t GetSecCompEnhance(int32_t pid, SecCompEnhanceDataParcel& enhanceParcel) = 0;
-    virtual int32_t GetSpecialSecCompEnhance(const std::string& bundleName,
-        std::vector<SecCompEnhanceDataParcel>& enhanceParcelList) = 0;
-#endif
-    virtual int32_t GetPermissionUsedTypeInfos(const AccessTokenID tokenId, const std::string& permissionName,
-        std::vector<PermissionUsedTypeInfoParcel>& resultsParcel) = 0;
-};
-} // namespace AccessToken
-} // namespace Security
-} // namespace OHOS
-
-#endif // I_PRIVACY_MANAGER_H
diff --git a/frameworks/privacy/include/privacy_service_ipc_interface_code.h b/frameworks/privacy/include/privacy_service_ipc_interface_code.h
deleted file mode 100644
index db02228f2c991d1d1230a6700e5aaa9ed13c8898..0000000000000000000000000000000000000000
--- a/frameworks/privacy/include/privacy_service_ipc_interface_code.h
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * Copyright (c) 2023 Huawei Device Co., Ltd.
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef PRIVACY_SERVICE_IPC_INTERFACE_CODE_H
-#define PRIVACY_SERVICE_IPC_INTERFACE_CODE_H
-
-namespace OHOS {
-namespace Security {
-namespace AccessToken {
-/* SAID:3505 */
-enum class PrivacyInterfaceCode {
-    ADD_PERMISSION_USED_RECORD = 0x0000,
-    START_USING_PERMISSION,
-    START_USING_PERMISSION_CALLBACK,
-    STOP_USING_PERMISSION,
-    DELETE_PERMISSION_USED_RECORDS,
-    GET_PERMISSION_USED_RECORDS,
-    GET_PERMISSION_USED_RECORDS_ASYNC,
-    REGISTER_PERM_ACTIVE_STATUS_CHANGE_CALLBACK,
-    UNREGISTER_PERM_ACTIVE_STATUS_CHANGE_CALLBACK,
-    IS_ALLOWED_USING_PERMISSION,
-#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE
-    REGISTER_SEC_COMP_ENHANCE,
-    UPDATE_SEC_COMP_ENHANCE,
-    GET_SEC_COMP_ENHANCE,
-    GET_SPECIAL_SEC_COMP_ENHANCE,
-#endif
-    GET_PERMISSION_USED_TYPE_INFOS,
-    SET_MUTE_POLICY,
-    SET_HAP_WITH_FOREGROUND_REMINDER,
-    SET_PERMISSION_USED_RECORD_TOGGLE_STATUS,
-    GET_PERMISSION_USED_RECORD_TOGGLE_STATUS
-};
-} // namespace AccessToken
-} // namespace Security
-} // namespace OHOS
-
-#endif // PRIVACY_SERVICE_IPC_INTERFACE_CODE_H
diff --git a/frameworks/test/unittest/BUILD.gn b/frameworks/test/unittest/BUILD.gn
index 36b40804cf398b0adfefbea0657da44211ccd1f5..a5800918ec8ef506158f64089c530bffe6c16614 100644
--- a/frameworks/test/unittest/BUILD.gn
+++ b/frameworks/test/unittest/BUILD.gn
@@ -25,9 +25,8 @@ config("accesstoken_test_config") {
 }
 
 ohos_unittest("libaccesstoken_framework_test") {
-  subsystem_name = "security"
-  part_name = "access_token"
-  module_out_path = part_name + "/" + part_name
+  subsystem_name = "accesscontrol"
+  module_out_path = module_output_path_unittest_accesstoken
   sanitize = {
     cfi = true
     cfi_cross_dso = true
diff --git a/frameworks/test/unittest/accesstoken_parcel_test.cpp b/frameworks/test/unittest/accesstoken_parcel_test.cpp
index ebafe0eb737d453bd0fafb944f36f45a3fd75c48..aae920356b9496e2c396677b3dfc95440aab2fa0 100644
--- a/frameworks/test/unittest/accesstoken_parcel_test.cpp
+++ b/frameworks/test/unittest/accesstoken_parcel_test.cpp
@@ -27,7 +27,7 @@
 #include "parcel.h"
 #include "parcel_utils.h"
 #include "permission_grant_info_parcel.h"
-#include "permission_state_change_scope_parcel.h"
+#include "perm_state_change_scope_parcel.h"
 #include "permission_state_change_info_parcel.h"
 #include "permission_status_parcel.h"
 
diff --git a/hisysevent.yaml b/hisysevent.yaml
index 9db48c4d2eaea49c94f6ddf5676e6e03c28dfd36..c59ebc41d2106651741f3365aee349eb8de81d17 100644
--- a/hisysevent.yaml
+++ b/hisysevent.yaml
@@ -19,6 +19,8 @@ ACCESSTOKEN_SERVICE_START:
   HAP_SIZE: {type: UINT32, desc: hap token size}
   NATIVE_SIZE: {type: UINT32, desc: native token size}
   PERM_DEFINITION_SIZE: {type: UINT32, desc: permission definition size}
+  DLP_PERMISSION_SIZE: {type: UINT32, desc: dlp permission size}
+  PARSE_CONFIG_FLAG: {type: UINT32, desc: parse config policy file value flag}
 
 ACCESSTOKEN_SERVICE_START_ERROR:
   __BASE: {type: FAULT, level: CRITICAL, desc: service startup error}
@@ -58,10 +60,21 @@ PERMISSION_SYNC:
 
 ADD_HAP:
   __BASE: {type: STATISTIC, level: MINOR, tag: usability, desc: add a hap to device}
+  SCENE_CODE: {type: INT32, desc: scene code}
   TOKENID: {type: UINT32, desc: token id}
+  ORI_TOKENID: {type: UINT32, desc: original token id}
+  TOKENIDEX: {type: UINT64, desc: token id ex}
   USERID: {type: INT32, desc: user id}
   BUNDLENAME: {type: STRING, desc: bundle name}
   INSTINDEX: {type: INT32, desc: inst index}
+  DLP_TYPE: {type: UINT32, desc: dlp type}
+  IS_RESTORE: {type: BOOL, desc: is restore scene}
+  PERM_INFO: {type: STRING, desc: request permission list}
+  ACL_INFO: {type: STRING, desc: acl permission list}
+  PREAUTH_INFO: {type: STRING, desc: preauth permission list}
+  EXTEND_INFO: {type: STRING, desc: extend permission map}
+  DURATION: {type: UINT64, desc: time required for installing an application}
+  ERROR_CODE: {type: INT32, desc: error code}
 
 DEL_HAP:
   __BASE: {type: STATISTIC, level: MINOR, tag: usability, desc: delete a hap from device}
@@ -69,6 +82,9 @@ DEL_HAP:
   USERID: {type: INT32, desc: user id}
   BUNDLENAME: {type: STRING, desc: bundle name}
   INSTINDEX: {type: INT32, desc: inst index}
+  SCENE_CODE: {type: INT32, desc: scene code}
+  ERROR_CODE: {type: INT32, desc: error code}
+  DURATION: {type: INT64, desc: duration}
 
 PERM_DIALOG_STATUS_INFO:
   __BASE: {type: STATISTIC, level: MINOR, desc: status information of permission dialog}
@@ -93,6 +109,11 @@ UPDATE_PERMISSION:
   PERMISSION_NAME: {type: STRING, desc: permission name}
   PERMISSION_FLAG: {type: UINT32, desc: permission flag}
   GRANTED_FLAG: {type: BOOL, desc: grant or revoke}
+  SCENE_CODE: {type: INT32, desc: scene code}
+  ERROR_CODE: {type: INT32, desc: error code}
+  USERID: {type: INT32, desc: user id}
+  BUNDLENAME: {type: STRING, desc: bundle name}
+  INSTINDEX: {type: INT32, desc: inst index}
 
 UPDATE_HAP:
   __BASE: {type: STATISTIC, level: MINOR, tag: usability, desc: update hap to device}
@@ -100,6 +121,14 @@ UPDATE_HAP:
   USERID: {type: INT32, desc: user id}
   BUNDLENAME: {type: STRING, desc: bundle name}
   INSTINDEX: {type: INT32, desc: inst index}
+  SCENE_CODE: {type: INT32, desc: scene code}
+  ERROR_CODE: {type: INT32, desc: error code}
+  TOKENIDEX: {type: UINT64, desc: tokenIDEx}
+  PERM_INFO: {type: STRING, desc: perm info}
+  ACL_INFO: {type: STRING, desc: acl info}
+  PREAUTH_INFO: {type: STRING, desc: pre-auth info}
+  EXTEND_INFO: {type: STRING, desc: extend info}
+  DURATION: {type: INT64, desc: duration}
 
 CLEAR_USER_PERMISSION_STATE:
   __BASE: {type: BEHAVIOR, level: MINOR, desc: clear user permission state}
@@ -136,3 +165,9 @@ VERIFY_ACCESS_TOKEN_EVENT:
   SELF_TOKENID: {type: UINT32, desc: self tokenID}
   CONTEXT_TOKENID: {type: UINT32, desc: context tokenID}
 
+ACCESSTOKEN_EXCEPTION:
+  __BASE: {type: FAULT, level: CRITICAL, desc: accesstoken exception}
+  SCENE_CODE: {type: INT32, desc: scene code}
+  ERROR_CODE: {type: INT32, desc: error code}
+  ERROR_MSG: {type: STRING, desc: error reason}
+
diff --git a/interfaces/inner_api/el5filekeymanager/BUILD.gn b/interfaces/inner_api/el5filekeymanager/BUILD.gn
index 5e4034620697236d09ea674a85c2771d6a8f89be..31697a04e2d53ca82985522b2848b759fc2df8cb 100644
--- a/interfaces/inner_api/el5filekeymanager/BUILD.gn
+++ b/interfaces/inner_api/el5filekeymanager/BUILD.gn
@@ -102,6 +102,7 @@ ohos_shared_library("el5_filekey_manager_sdk") {
   external_deps = [
     "c_utils:utils",
     "hilog:libhilog",
+    "ipc:ipc_core",
     "ipc:ipc_single",
     "samgr:samgr_proxy",
   ]
diff --git a/interfaces/inner_api/el5filekeymanager/include/el5_filekey_manager_kit.h b/interfaces/inner_api/el5filekeymanager/include/el5_filekey_manager_kit.h
index 61b4077e5f90715aa3a236de08a81ae28595d286..eb833f97028e1550ce1ca7b5c4903769a4315759 100644
--- a/interfaces/inner_api/el5filekeymanager/include/el5_filekey_manager_kit.h
+++ b/interfaces/inner_api/el5filekeymanager/include/el5_filekey_manager_kit.h
@@ -85,7 +85,7 @@ public:
      */
     static int32_t RegisterCallback(const sptr<El5FilekeyCallbackInterface> &callback);
     /**
-     * @brief Get key infos of the specified user.
+     * @brief Get all key infos of the specified user
      * @param userId The user id
      * @param keyInfos Key infos of the specified user id, as query result
      * @return error code, see el5_filekey_manager_error.h
diff --git a/interfaces/inner_api/el5filekeymanager/test/BUILD.gn b/interfaces/inner_api/el5filekeymanager/test/BUILD.gn
index e2ee9d40db8ad699aee6078915b247fce3b93028..bc1b9052fc50f34cd1d5393a9160e3905bdb3e9a 100644
--- a/interfaces/inner_api/el5filekeymanager/test/BUILD.gn
+++ b/interfaces/inner_api/el5filekeymanager/test/BUILD.gn
@@ -15,9 +15,9 @@ import("//build/test.gni")
 import("../../../../access_token.gni")
 
 ohos_unittest("el5_filekey_manager_kit_unittest") {
-  subsystem_name = "security"
+  subsystem_name = "accesscontrol"
   part_name = "access_token"
-  module_out_path = "access_token/access_token"
+  module_out_path = "access_token/el5_filekey_manager"
   sanitize = {
     cfi = true
     cfi_cross_dso = true
diff --git a/interfaces/inner_api/el5filekeymanager/test/unittest/src/el5_filekey_manager_kit_unittest.cpp b/interfaces/inner_api/el5filekeymanager/test/unittest/src/el5_filekey_manager_kit_unittest.cpp
index 07337f27650bda3ccc83c98b624135e4304adb8d..9dcf219fd7bc5f647b93f735abebbc44d8ee8a97 100644
--- a/interfaces/inner_api/el5filekeymanager/test/unittest/src/el5_filekey_manager_kit_unittest.cpp
+++ b/interfaces/inner_api/el5filekeymanager/test/unittest/src/el5_filekey_manager_kit_unittest.cpp
@@ -16,6 +16,7 @@
 #include "el5_filekey_manager_kit_unittest.h"
 
 #include "accesstoken_kit.h"
+#include "user_app_key_info.h"
 #include "el5_filekey_callback_interface_stub.h"
 #include "el5_filekey_manager_error.h"
 #include "el5_filekey_manager_kit.h"
@@ -137,6 +138,26 @@ HWTEST_F(El5FilekeyManagerKitTest, GetUserAppKey001, TestSize.Level1)
     ASSERT_EQ(El5FilekeyManagerKit::GetUserAppKey(userId, keyInfos), EFM_ERR_NO_PERMISSION);
 }
 
+/**
+ * @tc.name: UserAppKeyInfo001
+ * @tc.desc: interface coverage
+ * @tc.type: FUNC
+ * @tc.require: issueI9JGMV
+ */
+HWTEST_F(El5FilekeyManagerKitTest, UserAppKeyInfo001, TestSize.Level0)
+{
+    std::string mockKeyInfo("mockKeyInfo");
+    UserAppKeyInfo src(100, mockKeyInfo);
+    OHOS::Parcel parcel{};
+    EXPECT_TRUE(src.Marshalling(parcel));
+
+    UserAppKeyInfo *dst = UserAppKeyInfo::Unmarshalling(parcel);
+    EXPECT_NE(dst, nullptr);
+    EXPECT_EQ(src.first, dst->first);
+    EXPECT_EQ(src.second, dst->second);
+    delete dst;
+}
+
 /**
  * @tc.name: ChangeUserAppkeysLoadInfo001
  * @tc.desc: Change key infos of the specified user id without permission.
diff --git a/interfaces/innerkits/accesstoken/BUILD.gn b/interfaces/innerkits/accesstoken/BUILD.gn
index 72f24f1d600b94427e6e990ccc29233df29e3ee5..e330621df71657aab95751965ea54038b350096a 100644
--- a/interfaces/innerkits/accesstoken/BUILD.gn
+++ b/interfaces/innerkits/accesstoken/BUILD.gn
@@ -41,7 +41,10 @@ if (is_standard_system) {
 
     output_name = "libaccesstoken_sdk"
 
-    public_configs = [ ":accesstoken" ]
+    public_configs = [
+      ":accesstoken",
+      "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+    ]
 
     include_dirs = [
       "${access_token_path}/frameworks/accesstoken/include",
@@ -55,7 +58,6 @@ if (is_standard_system) {
       "src/accesstoken_death_recipient.cpp",
       "src/accesstoken_kit.cpp",
       "src/accesstoken_manager_client.cpp",
-      "src/accesstoken_manager_proxy.cpp",
       "src/perm_state_change_callback_customize.cpp",
     ]
 
@@ -63,6 +65,7 @@ if (is_standard_system) {
       "${access_token_path}/frameworks/accesstoken:accesstoken_communication_adapter_cxx",
       "${access_token_path}/frameworks/common:accesstoken_common_cxx",
       "${access_token_path}/interfaces/innerkits/token_setproc:libperm_setproc",
+      "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_proxy",
     ]
 
     external_deps = [
@@ -90,6 +93,9 @@ if (is_standard_system) {
     if (token_sync_enable == true) {
       cflags_cc += [ "-DTOKEN_SYNC_ENABLE" ]
     }
+    if (security_component_enhance_enable == true) {
+      cflags_cc += [ "-DSECURITY_COMPONENT_ENHANCE_ENABLE" ]
+    }
   }
 }
 
diff --git a/interfaces/innerkits/accesstoken/include/access_token_error.h b/interfaces/innerkits/accesstoken/include/access_token_error.h
index 80c4b10f8ee45431579cba82415c936a2eabeccc..fd3076ec893b4dc419941e70be65211b1a7147f3 100644
--- a/interfaces/innerkits/accesstoken/include/access_token_error.h
+++ b/interfaces/innerkits/accesstoken/include/access_token_error.h
@@ -73,9 +73,9 @@ enum AccessTokenError {
     ERR_DATABASE_OPERATE_FAILED,
     ERR_SIZE_NOT_EQUAL,
     ERR_PERM_REQUEST_CFG_FAILED,
-    ERR_LOAD_SO_FAILED,
     ERR_USER_POLICY_INITIALIZED,
     ERR_USER_POLICY_NOT_INITIALIZED,
+    ERR_LOAD_SO_FAILED,
     ERR_REMOTE_CONNECTION,
     ERR_ADD_DEATH_RECIPIENT_FAILED,
     ERR_PRASE_RAW_DATA_FAILED,
diff --git a/interfaces/innerkits/accesstoken/include/accesstoken_kit.h b/interfaces/innerkits/accesstoken/include/accesstoken_kit.h
index abe082293a887c66c856f5c35049e05dad7dc87d..1e9ceb137e23e7af1ca343298a1220c1c7371652 100644
--- a/interfaces/innerkits/accesstoken/include/accesstoken_kit.h
+++ b/interfaces/innerkits/accesstoken/include/accesstoken_kit.h
@@ -54,6 +54,9 @@
 #include "permission_state_change_info.h"
 #include "permission_state_full.h"
 #include "perm_state_change_callback_customize.h"
+#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE
+#include "sec_comp_enhance_data.h"
+#endif
 #ifdef TOKEN_SYNC_ENABLE
 #include "token_sync_kit_interface.h"
 #endif // TOKEN_SYNC_ENABLE
@@ -297,6 +300,13 @@ public:
      * @return error code, see access_token_error.h
      */
     static int32_t RequestAppPermOnSetting(AccessTokenID tokenID);
+    /**
+     * @brief Get self permission status
+     * @param permissionName permission name quote
+     * @param status the permission status
+     * @return error code, see access_token_error.h
+     */
+    static int32_t GetSelfPermissionStatus(const std::string& permissionName, PermissionOper& status);
     /**
      * @brief Get requsted permission grant result
      * @param permList PermissionListState list quote, as input and query result
@@ -513,6 +523,42 @@ public:
      */
     static int32_t GetReqPermissionByName(
         AccessTokenID tokenID, const std::string& permissionName, std::string& value);
+#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE
+    /**
+     * @brief Register security component enhance data when security component service did not start
+     * @param enhance enhance data
+     * @return error code, see access_token_error.h
+     */
+    static int32_t RegisterSecCompEnhance(const SecCompEnhanceData& enhance);
+    /**
+     * @brief update security component enhance data
+     * @param pid process id
+     * @param seqNum sequence number
+     * @return error code, see access_token_error.h
+     */
+    static int32_t UpdateSecCompEnhance(int32_t pid, uint32_t seqNum);
+    /**
+     * @brief get security component enhance data
+     * @param pid process id
+     * @param enhance enhance data
+     * @return error code, see access_token_error.h
+     */
+    static int32_t GetSecCompEnhance(int32_t pid, SecCompEnhanceData& enhance);
+#endif
+
+    /**
+     * Whether it is a atomic service
+     * @param tokenId token id.
+     * @return bool
+     */
+    static bool IsAtomicServiceByFullTokenID(uint64_t tokenId);
+
+    /**
+     * @brief whether the process need to show the toast
+     * @param pid process id
+     * @return bool
+     */
+    static bool IsToastShownNeeded(int32_t pid);
 };
 } // namespace AccessToken
 } // namespace Security
diff --git a/interfaces/innerkits/accesstoken/include/hap_token_info.h b/interfaces/innerkits/accesstoken/include/hap_token_info.h
index 5e80c3ced990c4fbc5d1b4aa6e8c9ded7bf34ade..24e0982013a880771e3a01f4da4f8bfc48f65a4d 100644
--- a/interfaces/innerkits/accesstoken/include/hap_token_info.h
+++ b/interfaces/innerkits/accesstoken/include/hap_token_info.h
@@ -74,6 +74,8 @@ public:
     std::string appDistributionType;
     bool isRestore = false;
     AccessTokenID tokenID = INVALID_TOKENID;
+    /** Whether hap is a atomic-service */
+    bool isAtomicService = false;
 };
 
 /**
@@ -88,6 +90,8 @@ public:
     bool isSystemApp;
     /* app type */
     std::string appDistributionType;
+    /** Whether hap is a atomic-service */
+    bool isAtomicService = false;
 };
 
 /**
@@ -96,12 +100,12 @@ public:
 class HapTokenInfo final {
 public:
     char ver;
-    int userID;
+    int userID = 0;
     std::string bundleName;
     /** which version of the SDK is used to develop this hap */
     int32_t apiVersion;
     /** instance index */
-    int instIndex;
+    int instIndex = 0;
     /**
      * dlp type, for details about the valid values,
      * see the definition of HapDlpType in the access_token.h file.
diff --git a/interfaces/innerkits/accesstoken/include/sec_comp_enhance_data.h b/interfaces/innerkits/accesstoken/include/sec_comp_enhance_data.h
index 011572703f4cf23d8ca2a796d171ca12b7ca9c9d..c5be2919cca3229dda34b492dfb652300c1f1946 100644
--- a/interfaces/innerkits/accesstoken/include/sec_comp_enhance_data.h
+++ b/interfaces/innerkits/accesstoken/include/sec_comp_enhance_data.h
@@ -71,10 +71,6 @@ struct SecCompEnhanceData {
      * sequence number of session.
      */
     uint32_t seqNum;
-    /**
-     * mark whether sceneboard application or not.
-     */
-    bool isSceneBoard;
     /**
      * key to encrypt ipc message.
      */
diff --git a/interfaces/innerkits/accesstoken/libaccesstoken_sdk.map b/interfaces/innerkits/accesstoken/libaccesstoken_sdk.map
index 19192e683f5cad787ad0a8a8e96f7b8781932543..6ff38a5da5aed2fd3de6f31fd16b7041628abb1c 100644
--- a/interfaces/innerkits/accesstoken/libaccesstoken_sdk.map
+++ b/interfaces/innerkits/accesstoken/libaccesstoken_sdk.map
@@ -82,9 +82,15 @@
         "OHOS::Security::AccessToken::AccessTokenKit::GetHapTokenInfoExtension(unsigned int, OHOS::Security::AccessToken::HapTokenInfoExt&)";
         "OHOS::Security::AccessToken::AccessTokenKit::RequestAppPermOnSetting(unsigned int)";
         "OHOS::Security::AccessToken::AccessTokenKit::GetReqPermissionByName(unsigned int, std::__h::basic_string<char, std::__h::char_traits<char>, std::__h::allocator<char>> const&, std::__h::basic_string<char, std::__h::char_traits<char>, std::__h::allocator<char>>&)";
+        "OHOS::Security::AccessToken::AccessTokenKit::RegisterSecCompEnhance(OHOS::Security::AccessToken::SecCompEnhanceData const&)";
+        "OHOS::Security::AccessToken::AccessTokenKit::UpdateSecCompEnhance(int, unsigned int)";
+        "OHOS::Security::AccessToken::AccessTokenKit::GetSecCompEnhance(int, OHOS::Security::AccessToken::SecCompEnhanceData&)";
+        "OHOS::Security::AccessToken::AccessTokenKit::IsToastShownNeeded(int)";
         "OHOS::Security::AccessToken::AccessTokenKit::GetKernelPermissions(unsigned int, std::__h::vector<OHOS::Security::AccessToken::PermissionWithValue, std::__h::allocator<OHOS::Security::AccessToken::PermissionWithValue>>&)";
+        "OHOS::Security::AccessToken::AccessTokenKit::GetSelfPermissionStatus(std::__h::basic_string<char, std::__h::char_traits<char>, std::__h::allocator<char>> const&, OHOS::Security::AccessToken::TypePermissionOper&)";
         OHOS::Security::AccessToken::AccessTokenKit::IsSystemAppByFullTokenID*;
         OHOS::Security::AccessToken::AccessTokenKit::GetRenderTokenID*;
+        OHOS::Security::AccessToken::AccessTokenKit::IsAtomicServiceByFullTokenID*;
         "";
         "";
     };
diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp
index 83590b74dcc027e25f3547236cbe54183b556408..9e64a8b7a7c32351bcc95d493386d504d38127be 100644
--- a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp
+++ b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp
@@ -14,6 +14,7 @@
  */
 
 #include "accesstoken_kit.h"
+#include <cinttypes>
 #include <string>
 #include <vector>
 #include "accesstoken_common_log.h"
@@ -34,9 +35,11 @@ namespace Security {
 namespace AccessToken {
 namespace {
 static const uint64_t SYSTEM_APP_MASK = (static_cast<uint64_t>(1) << 32);
+static const uint64_t ATOMIC_SERVICE_MASK = (static_cast<uint64_t>(1) << 33);
 static const uint64_t TOKEN_ID_LOWMASK = 0xffffffff;
 static const int INVALID_DLP_TOKEN_FLAG = -1;
 static const int FIRSTCALLER_TOKENID_DEFAULT = 0;
+static const int MAX_LENGTH = 256;
 } // namespace
 
 PermUsedTypeEnum AccessTokenKit::GetPermissionUsedType(
@@ -89,8 +92,9 @@ AccessTokenIDEx AccessTokenKit::AllocHapToken(const HapInfoParams& info, const H
 {
     AccessTokenIDEx res = {0};
     LOGI(ATM_DOMAIN, ATM_TAG, "UserID: %{public}d, bundleName :%{public}s, \
-permList: %{public}zu, stateList: %{public}zu, checkIgnore: %{public}d",
-        info.userID, info.bundleName.c_str(), policy.permList.size(), policy.permStateList.size(), policy.checkIgnore);
+permList: %{public}zu, stateList: %{public}zu, checkIgnore: %{public}d, isAtomicService: %{public}d",
+        info.userID, info.bundleName.c_str(), policy.permList.size(), policy.permStateList.size(), policy.checkIgnore,
+        info.isAtomicService);
     if ((!DataValidator::IsUserIdValid(info.userID)) || !DataValidator::IsAppIDDescValid(info.appIDDesc) ||
         !DataValidator::IsBundleNameValid(info.bundleName) || !DataValidator::IsAplNumValid(policy.apl) ||
         !DataValidator::IsDomainValid(policy.domain) || !DataValidator::IsDlpTypeValid(info.dlpType)) {
@@ -113,9 +117,9 @@ int32_t AccessTokenKit::InitHapToken(const HapInfoParams& info, HapPolicyParams&
     AccessTokenIDEx& fullTokenId, HapInfoCheckResult& result)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "UserID: %{public}d, bundleName :%{public}s, permList: %{public}zu, "
-        "stateList: %{public}zu, aclExtendedMap: %{public}zu, checkIgnore: %{public}d",
+        "stateList: %{public}zu, aclExtendedMap: %{public}zu, checkIgnore: %{public}d, isAtomicService: %{public}d",
         info.userID, info.bundleName.c_str(), policy.permList.size(), policy.permStateList.size(),
-        policy.aclExtendedMap.size(), policy.checkIgnore);
+        policy.aclExtendedMap.size(), policy.checkIgnore, info.isAtomicService);
     if ((!DataValidator::IsUserIdValid(info.userID)) || !DataValidator::IsAppIDDescValid(info.appIDDesc) ||
         !DataValidator::IsBundleNameValid(info.bundleName) || !DataValidator::IsAplNumValid(policy.apl) ||
         !DataValidator::IsDomainValid(policy.domain) || !DataValidator::IsDlpTypeValid(info.dlpType) ||
@@ -153,9 +157,10 @@ int32_t AccessTokenKit::UpdateHapToken(AccessTokenIDEx& tokenIdEx, const UpdateH
     const HapPolicyParams& policy, HapInfoCheckResult& result)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "TokenID: %{public}d, isSystemApp: %{public}d, \
-permList: %{public}zu, stateList: %{public}zu, aclExtendedMap: %{public}zu, checkIgnore: %{public}d",
+permList: %{public}zu, stateList: %{public}zu, aclExtendedMap: %{public}zu, checkIgnore: %{public}d, \
+isAtomicService: %{public}d",
         tokenIdEx.tokenIdExStruct.tokenID, info.isSystemApp, policy.permList.size(), policy.permStateList.size(),
-        policy.aclExtendedMap.size(), policy.checkIgnore);
+        policy.aclExtendedMap.size(), policy.checkIgnore, info.isAtomicService);
     if ((tokenIdEx.tokenIdExStruct.tokenID == INVALID_TOKENID) || (!DataValidator::IsAppIDDescValid(info.appIDDesc)) ||
         (!DataValidator::IsAplNumValid(policy.apl)) ||
         !DataValidator::IsAclExtendedMapSizeValid(policy.aclExtendedMap)) {
@@ -279,6 +284,14 @@ int AccessTokenKit::GetNativeTokenInfo(
     return AccessTokenManagerClient::GetInstance().GetNativeTokenInfo(tokenID, nativeTokenInfoRes);
 }
 
+int32_t AccessTokenKit::GetSelfPermissionStatus(const std::string& permissionName, PermissionOper& status)
+{
+    if (permissionName.empty() || permissionName.size() > MAX_LENGTH) {
+        return ERR_PARAM_INVALID;
+    }
+    return AccessTokenManagerClient::GetInstance().GetSelfPermissionStatus(permissionName, status);
+}
+
 PermissionOper AccessTokenKit::GetSelfPermissionsState(std::vector<PermissionListState>& permList,
     PermissionGrantInfo& info)
 {
@@ -821,6 +834,34 @@ int32_t AccessTokenKit::GetReqPermissionByName(
     }
     return AccessTokenManagerClient::GetInstance().GetReqPermissionByName(tokenID, permissionName, value);
 }
+
+#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE
+int32_t AccessTokenKit::RegisterSecCompEnhance(const SecCompEnhanceData& enhance)
+{
+    return AccessTokenManagerClient::GetInstance().RegisterSecCompEnhance(enhance);
+}
+
+int32_t AccessTokenKit::UpdateSecCompEnhance(int32_t pid, uint32_t seqNum)
+{
+    return AccessTokenManagerClient::GetInstance().UpdateSecCompEnhance(pid, seqNum);
+}
+
+int32_t AccessTokenKit::GetSecCompEnhance(int32_t pid, SecCompEnhanceData& enhance)
+{
+    return AccessTokenManagerClient::GetInstance().GetSecCompEnhance(pid, enhance);
+}
+#endif
+
+bool AccessTokenKit::IsAtomicServiceByFullTokenID(uint64_t tokenId)
+{
+    LOGI(ATM_DOMAIN, ATM_TAG, "Called, tokenId=%{public}" PRId64, tokenId);
+    return (tokenId & ATOMIC_SERVICE_MASK) == ATOMIC_SERVICE_MASK;
+}
+
+bool AccessTokenKit::IsToastShownNeeded(int32_t pid)
+{
+    return AccessTokenManagerClient::GetInstance().IsToastShownNeeded(pid);
+}
 } // namespace AccessToken
 } // namespace Security
 } // namespace OHOS
diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp
index 2f7a6df29baf3251b059d14ce7dd0f8f69653356..6847c7a67bfe9207ef6f1ef4512447e1a29c159b 100644
--- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp
+++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2021-2024 Huawei Device Co., Ltd.
+ * Copyright (c) 2021-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -15,16 +15,21 @@
 
 #include "accesstoken_manager_client.h"
 
-#include "accesstoken_common_log.h"
 #include "access_token_error.h"
-#include "accesstoken_manager_proxy.h"
+#include "access_token_manager_proxy.h"
+#include "accesstoken_callbacks.h"
+#include "accesstoken_common_log.h"
 #include "atm_tools_param_info_parcel.h"
 #include "hap_token_info.h"
 #include "hap_token_info_for_sync_parcel.h"
+#include "idl_common.h"
 #include "iservice_registry.h"
 #include "parameter.h"
+#include "perm_state_change_scope_parcel.h"
 #include "permission_grant_info_parcel.h"
-#include "accesstoken_callbacks.h"
+#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE
+#include "sec_comp_enhance_data_parcel.h"
+#endif
 
 namespace OHOS {
 namespace Security {
@@ -33,6 +38,10 @@ namespace {
 static constexpr int32_t VALUE_MAX_LEN = 32;
 static const char* ACCESS_TOKEN_SERVICE_INIT_KEY = "accesstoken.permission.init";
 std::recursive_mutex g_instanceMutex;
+static const int32_t SA_ID_ACCESSTOKEN_MANAGER_SERVICE = 3503;
+static const int MAX_PERMISSION_SIZE = 1024;
+static const int32_t MAX_USER_POLICY_SIZE = 1024;
+static const int32_t MAX_EXTENDED_VALUE_LIST_SIZE = 512;
 } // namespace
 static const uint32_t MAX_CALLBACK_MAP_SIZE = 200;
 
@@ -59,6 +68,21 @@ AccessTokenManagerClient::~AccessTokenManagerClient()
     ReleaseProxy();
 }
 
+static int32_t ConvertResult(int32_t ret)
+{
+    switch (ret) {
+        case ERR_INVALID_DATA:
+            ret = ERR_WRITE_PARCEL_FAILED;
+            break;
+        case ERR_TRANSACTION_FAILED:
+            ret = ERR_SERVICE_ABNORMAL;
+            break;
+        default:
+            return ret;
+    }
+    return ret;
+}
+
 PermUsedTypeEnum AccessTokenManagerClient::GetPermissionUsedType(
     AccessTokenID tokenID, const std::string &permissionName)
 {
@@ -67,14 +91,28 @@ PermUsedTypeEnum AccessTokenManagerClient::GetPermissionUsedType(
         LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null.");
         return PermUsedTypeEnum::INVALID_USED_TYPE;
     }
-    return proxy->GetPermissionUsedType(tokenID, permissionName);
+    int32_t permUsedType;
+    int32_t errCode = proxy->GetPermissionUsedType(tokenID, permissionName, permUsedType);
+    if (errCode != RET_SUCCESS) {
+        errCode = ConvertResult(errCode);
+        LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", errCode);
+        return PermUsedTypeEnum::INVALID_USED_TYPE;
+    }
+    PermUsedTypeEnum result = static_cast<PermUsedTypeEnum>(permUsedType);
+    return result;
 }
 
 int AccessTokenManagerClient::VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName)
 {
     auto proxy = GetProxy();
     if (proxy != nullptr) {
-        return proxy->VerifyAccessToken(tokenID, permissionName);
+        int32_t errCode = proxy->VerifyAccessToken(tokenID, permissionName);
+        if (errCode != RET_SUCCESS) {
+            errCode = ConvertResult(errCode);
+            LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", errCode);
+            return PERMISSION_DENIED;
+        }
+        return errCode;
     }
     char value[VALUE_MAX_LEN] = {0};
     int32_t ret = GetParameter(ACCESS_TOKEN_SERVICE_INIT_KEY, "", value, VALUE_MAX_LEN - 1);
@@ -99,7 +137,12 @@ int AccessTokenManagerClient::VerifyAccessToken(AccessTokenID tokenID,
         LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null");
         return AccessTokenError::ERR_SERVICE_ABNORMAL;
     }
-    return proxy->VerifyAccessToken(tokenID, permissionList, permStateList);
+    int32_t errCode = proxy->VerifyAccessToken(tokenID, permissionList, permStateList);
+    if (errCode != RET_SUCCESS) {
+        errCode = ConvertResult(errCode);
+        LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", errCode);
+    }
+    return errCode;
 }
 
 int AccessTokenManagerClient::GetDefPermission(
@@ -113,6 +156,10 @@ int AccessTokenManagerClient::GetDefPermission(
     PermissionDefParcel permissionDefParcel;
     int result = proxy->GetDefPermission(permissionName, permissionDefParcel);
     permissionDefResult = permissionDefParcel.permissionDef;
+    if (result != RET_SUCCESS) {
+        result = ConvertResult(result);
+        LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", result);
+    }
     return result;
 }
 
@@ -126,6 +173,18 @@ int AccessTokenManagerClient::GetReqPermissions(
     }
     std::vector<PermissionStatusParcel> parcelList;
     int result = proxy->GetReqPermissions(tokenID, parcelList, isSystemGrant);
+    if (result != RET_SUCCESS) {
+        result = ConvertResult(result);
+        LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", result);
+        return result;
+    }
+
+    uint32_t reqPermSize = parcelList.size();
+    if (reqPermSize > MAX_PERMISSION_SIZE) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Size(%{public}u) is oversize.", reqPermSize);
+        return ERR_OVERSIZE;
+    }
+
     for (const auto& permParcel : parcelList) {
         PermissionStateFull perm;
         perm.permissionName = permParcel.permState.permissionName;
@@ -146,7 +205,30 @@ int AccessTokenManagerClient::GetPermissionFlag(
         LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null");
         return AccessTokenError::ERR_SERVICE_ABNORMAL;
     }
-    return proxy->GetPermissionFlag(tokenID, permissionName, flag);
+    int32_t result = proxy->GetPermissionFlag(tokenID, permissionName, flag);
+    if (result != RET_SUCCESS) {
+        result = ConvertResult(result);
+    }
+    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d, flag=%{public}d).", result, flag);
+    return result;
+}
+
+int32_t AccessTokenManagerClient::GetSelfPermissionStatus(const std::string& permissionName, PermissionOper& status)
+{
+    auto proxy = GetProxy();
+    if (proxy == nullptr) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null.");
+        status = INVALID_OPER;
+        return AccessTokenError::ERR_SERVICE_ABNORMAL;
+    }
+    int32_t retStatus = INVALID_OPER;
+    int32_t result = proxy->GetSelfPermissionStatus(permissionName, retStatus);
+    if (result != RET_SUCCESS) {
+        result = ConvertResult(result);
+    }
+    status = static_cast<PermissionOper>(retStatus);
+    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d, status=%{public}d).", result, retStatus);
+    return result;
 }
 
 PermissionOper AccessTokenManagerClient::GetSelfPermissionsState(std::vector<PermissionListState>& permList,
@@ -172,7 +254,24 @@ PermissionOper AccessTokenManagerClient::GetSelfPermissionsState(std::vector<Per
         parcelList.emplace_back(permParcel);
     }
     PermissionGrantInfoParcel infoParcel;
-    PermissionOper result = proxy->GetSelfPermissionsState(parcelList, infoParcel);
+    int32_t permOper;
+    int32_t errCode = proxy->GetSelfPermissionsState(parcelList, infoParcel, permOper);
+    if (errCode != RET_SUCCESS) {
+        errCode = ConvertResult(errCode);
+        LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", errCode);
+        return INVALID_OPER;
+    }
+
+    size_t size = parcelList.size();
+    if (size != len) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Size(%{public}zu) from server is not equal inputSize(%{public}zu)!",
+            size, len);
+        return INVALID_OPER;
+    }
+    if (size > MAX_PERMISSION_SIZE) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Size(%{public}zu) is oversize.", size);
+        return INVALID_OPER;
+    }
 
     for (uint32_t i = 0; i < len; i++) {
         PermissionListState perm = parcelList[i].permsState;
@@ -181,7 +280,7 @@ PermissionOper AccessTokenManagerClient::GetSelfPermissionsState(std::vector<Per
     }
 
     info = infoParcel.info;
-    return result;
+    return static_cast<PermissionOper>(permOper);
 }
 
 int32_t AccessTokenManagerClient::GetPermissionsStatus(
@@ -208,8 +307,18 @@ int32_t AccessTokenManagerClient::GetPermissionsStatus(
     }
     int32_t result = proxy->GetPermissionsStatus(tokenID, parcelList);
     if (result != RET_SUCCESS) {
+        result = ConvertResult(result);
+        LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", result);
         return result;
     }
+
+    size_t size = parcelList.size();
+    if (size != len) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Size(%{public}zu) from server is not equal inputSize(%{public}zu)!",
+            size, len);
+        return ERR_SIZE_NOT_EQUAL;
+    }
+
     for (uint32_t i = 0; i < len; i++) {
         PermissionListState perm = parcelList[i].permsState;
         permList[i].state = perm.state;
@@ -225,7 +334,12 @@ int AccessTokenManagerClient::GrantPermission(AccessTokenID tokenID, const std::
         LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null");
         return AccessTokenError::ERR_SERVICE_ABNORMAL;
     }
-    return proxy->GrantPermission(tokenID, permissionName, flag);
+    int32_t result = proxy->GrantPermission(tokenID, permissionName, flag);
+    if (result != RET_SUCCESS) {
+        result = ConvertResult(result);
+    }
+    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result);
+    return result;
 }
 
 int AccessTokenManagerClient::RevokePermission(AccessTokenID tokenID, const std::string& permissionName, uint32_t flag)
@@ -235,7 +349,12 @@ int AccessTokenManagerClient::RevokePermission(AccessTokenID tokenID, const std:
         LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null");
         return AccessTokenError::ERR_SERVICE_ABNORMAL;
     }
-    return proxy->RevokePermission(tokenID, permissionName, flag);
+    int32_t result = proxy->RevokePermission(tokenID, permissionName, flag);
+    if (result != RET_SUCCESS) {
+        result = ConvertResult(result);
+    }
+    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result);
+    return result;
 }
 
 int AccessTokenManagerClient::GrantPermissionForSpecifiedTime(
@@ -246,7 +365,12 @@ int AccessTokenManagerClient::GrantPermissionForSpecifiedTime(
         LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null");
         return AccessTokenError::ERR_SERVICE_ABNORMAL;
     }
-    return proxy->GrantPermissionForSpecifiedTime(tokenID, permissionName, onceTime);
+    int32_t result = proxy->GrantPermissionForSpecifiedTime(tokenID, permissionName, onceTime);
+    if (result != RET_SUCCESS) {
+        result = ConvertResult(result);
+    }
+    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result);
+    return result;
 }
 
 int AccessTokenManagerClient::ClearUserGrantedPermissionState(AccessTokenID tokenID)
@@ -256,7 +380,12 @@ int AccessTokenManagerClient::ClearUserGrantedPermissionState(AccessTokenID toke
         LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null");
         return AccessTokenError::ERR_SERVICE_ABNORMAL;
     }
-    return proxy->ClearUserGrantedPermissionState(tokenID);
+    int32_t result = proxy->ClearUserGrantedPermissionState(tokenID);
+    if (result != RET_SUCCESS) {
+        result = ConvertResult(result);
+    }
+    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result);
+    return result;
 }
 
 int32_t AccessTokenManagerClient::SetPermissionRequestToggleStatus(const std::string& permissionName, uint32_t status,
@@ -267,7 +396,12 @@ int32_t AccessTokenManagerClient::SetPermissionRequestToggleStatus(const std::st
         LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null.");
         return AccessTokenError::ERR_SERVICE_ABNORMAL;
     }
-    return proxy->SetPermissionRequestToggleStatus(permissionName, status, userID);
+    int32_t result = proxy->SetPermissionRequestToggleStatus(permissionName, status, userID);
+    if (result != RET_SUCCESS) {
+        result = ConvertResult(result);
+    }
+    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result);
+    return result;
 }
 
 int32_t AccessTokenManagerClient::GetPermissionRequestToggleStatus(const std::string& permissionName, uint32_t& status,
@@ -278,7 +412,12 @@ int32_t AccessTokenManagerClient::GetPermissionRequestToggleStatus(const std::st
         LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null.");
         return AccessTokenError::ERR_SERVICE_ABNORMAL;
     }
-    return proxy->GetPermissionRequestToggleStatus(permissionName, status, userID);
+    int32_t result = proxy->GetPermissionRequestToggleStatus(permissionName, status, userID);
+    if (result != RET_SUCCESS) {
+        result = ConvertResult(result);
+    }
+    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d, status=%{public}d).", result, status);
+    return result;
 }
 
 int32_t AccessTokenManagerClient::RequestAppPermOnSetting(AccessTokenID tokenID)
@@ -288,7 +427,12 @@ int32_t AccessTokenManagerClient::RequestAppPermOnSetting(AccessTokenID tokenID)
         LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null.");
         return AccessTokenError::ERR_SERVICE_ABNORMAL;
     }
-    return proxy->RequestAppPermOnSetting(tokenID);
+    int32_t result = proxy->RequestAppPermOnSetting(tokenID);
+    if (result != RET_SUCCESS) {
+        result = ConvertResult(result);
+    }
+    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result);
+    return result;
 }
 
 int32_t AccessTokenManagerClient::CreatePermStateChangeCallback(
@@ -358,6 +502,10 @@ int32_t AccessTokenManagerClient::RegisterPermStateChangeCallback(
         std::lock_guard<std::mutex> lock(callbackMutex_);
         callbackMap_[customizedCb] = callback;
     }
+    if (result != RET_SUCCESS) {
+        result = ConvertResult(result);
+    }
+    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result);
     return result;
 }
 
@@ -385,6 +533,10 @@ int32_t AccessTokenManagerClient::UnRegisterPermStateChangeCallback(
     if (result == RET_SUCCESS) {
         callbackMap_.erase(goalCallback);
     }
+    if (result != RET_SUCCESS) {
+        result = ConvertResult(result);
+    }
+    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result);
     return result;
 }
 
@@ -401,7 +553,16 @@ AccessTokenIDEx AccessTokenManagerClient::AllocHapToken(const HapInfoParams& inf
     hapInfoParcel.hapInfoParameter = info;
     hapPolicyParcel.hapPolicy = policy;
 
-    return proxy->AllocHapToken(hapInfoParcel, hapPolicyParcel);
+    uint64_t fullTokenId;
+    int32_t errCode = proxy->AllocHapToken(hapInfoParcel, hapPolicyParcel, fullTokenId);
+    if (errCode != RET_SUCCESS) {
+        errCode = ConvertResult(errCode);
+        LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", errCode);
+        return tokenIdEx;
+    }
+    tokenIdEx.tokenIDEx = fullTokenId;
+    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (id=%{public}llu).", tokenIdEx.tokenIDEx);
+    return tokenIdEx;
 }
 
 int32_t AccessTokenManagerClient::InitHapToken(const HapInfoParams& info, HapPolicy& policy,
@@ -417,7 +578,24 @@ int32_t AccessTokenManagerClient::InitHapToken(const HapInfoParams& info, HapPol
     hapInfoParcel.hapInfoParameter = info;
     hapPolicyParcel.hapPolicy = policy;
 
-    return proxy->InitHapToken(hapInfoParcel, hapPolicyParcel, fullTokenId, result);
+    HapInfoCheckResultIdl resultInfoIdl;
+    uint64_t fullToken = 0;
+    int32_t res = proxy->InitHapToken(hapInfoParcel, hapPolicyParcel, fullToken, resultInfoIdl);
+    if (fullToken == 0 && res == RET_SUCCESS) {
+        res = AccessTokenError::ERR_PERM_REQUEST_CFG_FAILED;
+        PermissionInfoCheckResult permCheckResult;
+        permCheckResult.permissionName = resultInfoIdl.permissionName;
+        int32_t rule = static_cast<int32_t>(resultInfoIdl.rule);
+        permCheckResult.rule = static_cast<PermissionRulesEnum>(rule);
+        result.permCheckResult = permCheckResult;
+    }
+    fullTokenId.tokenIDEx = fullToken;
+    if (res != RET_SUCCESS) {
+        res = ConvertResult(res);
+    }
+    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d, id=%{public}llu).",
+        res, fullTokenId.tokenIDEx);
+    return res;
 }
 
 int AccessTokenManagerClient::DeleteToken(AccessTokenID tokenID)
@@ -427,7 +605,12 @@ int AccessTokenManagerClient::DeleteToken(AccessTokenID tokenID)
         LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null");
         return AccessTokenError::ERR_SERVICE_ABNORMAL;
     }
-    return proxy->DeleteToken(tokenID);
+    int32_t result = proxy->DeleteToken(tokenID);
+    if (result != RET_SUCCESS) {
+        result = ConvertResult(result);
+    }
+    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d, id=%{public}u).", result, tokenID);
+    return result;
 }
 
 ATokenTypeEnum AccessTokenManagerClient::GetTokenType(AccessTokenID tokenID)
@@ -437,7 +620,13 @@ ATokenTypeEnum AccessTokenManagerClient::GetTokenType(AccessTokenID tokenID)
         LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null");
         return TOKEN_INVALID;
     }
-    return static_cast<ATokenTypeEnum>(proxy->GetTokenType(tokenID));
+    int32_t tokenType = static_cast<int32_t>(TOKEN_INVALID);
+    int32_t result = proxy->GetTokenType(tokenID, tokenType);
+    if (result != RET_SUCCESS) {
+        result = ConvertResult(result);
+        LOGE(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result);
+    }
+    return static_cast<ATokenTypeEnum>(tokenType);
 }
 
 AccessTokenIDEx AccessTokenManagerClient::GetHapTokenID(
@@ -449,7 +638,15 @@ AccessTokenIDEx AccessTokenManagerClient::GetHapTokenID(
         LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null");
         return result;
     }
-    return proxy->GetHapTokenID(userID, bundleName, instIndex);
+    uint64_t fullTokenId;
+    int32_t errCode = proxy->GetHapTokenID(userID, bundleName, instIndex, fullTokenId);
+    if (errCode != RET_SUCCESS) {
+        errCode = ConvertResult(errCode);
+        LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", errCode);
+        return result;
+    }
+    result.tokenIDEx = fullTokenId;
+    return result;
 }
 
 AccessTokenID AccessTokenManagerClient::AllocLocalTokenID(
@@ -460,7 +657,15 @@ AccessTokenID AccessTokenManagerClient::AllocLocalTokenID(
         LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null");
         return INVALID_TOKENID;
     }
-    return proxy->AllocLocalTokenID(remoteDeviceID, remoteTokenID);
+    uint32_t tokenId;
+    int32_t errCode = proxy->AllocLocalTokenID(remoteDeviceID, remoteTokenID, tokenId);
+    if (errCode != RET_SUCCESS) {
+        errCode = ConvertResult(errCode);
+        LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", errCode);
+        return INVALID_TOKENID;
+    }
+    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (id=%{public}d).", tokenId);
+    return tokenId;
 }
 
 int32_t AccessTokenManagerClient::UpdateHapToken(AccessTokenIDEx& tokenIdEx, const UpdateHapInfoParams& info,
@@ -473,7 +678,29 @@ int32_t AccessTokenManagerClient::UpdateHapToken(AccessTokenIDEx& tokenIdEx, con
     }
     HapPolicyParcel hapPolicyParcel;
     hapPolicyParcel.hapPolicy = policy;
-    return proxy->UpdateHapToken(tokenIdEx, info, hapPolicyParcel, result);
+    UpdateHapInfoParamsIdl infoIdl;
+    infoIdl.appIDDesc = info.appIDDesc;
+    infoIdl.apiVersion = info.apiVersion;
+    infoIdl.isSystemApp = info.isSystemApp;
+    infoIdl.appDistributionType = info.appDistributionType;
+    infoIdl.isAtomicService = info.isAtomicService;
+    HapInfoCheckResultIdl resultInfoIdl;
+    uint64_t fullTokenId = tokenIdEx.tokenIDEx;
+    int32_t res = proxy->UpdateHapToken(fullTokenId, infoIdl, hapPolicyParcel, resultInfoIdl);
+    tokenIdEx.tokenIDEx = fullTokenId;
+    if (res == RET_SUCCESS && resultInfoIdl.realResult != RET_SUCCESS) {
+        res = AccessTokenError::ERR_PERM_REQUEST_CFG_FAILED;
+        PermissionInfoCheckResult permCheckResult;
+        permCheckResult.permissionName = resultInfoIdl.permissionName;
+        int32_t rule = static_cast<int32_t>(resultInfoIdl.rule);
+        permCheckResult.rule = static_cast<PermissionRulesEnum>(rule);
+        result.permCheckResult = permCheckResult;
+    }
+    if (res != RET_SUCCESS) {
+        res = ConvertResult(res);
+    }
+    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", res);
+    return res;
 }
 
 int32_t AccessTokenManagerClient::GetTokenIDByUserID(int32_t userID, std::unordered_set<AccessTokenID>& tokenIdList)
@@ -483,7 +710,15 @@ int32_t AccessTokenManagerClient::GetTokenIDByUserID(int32_t userID, std::unorde
         LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null");
         return AccessTokenError::ERR_SERVICE_ABNORMAL;
     }
-    return proxy->GetTokenIDByUserID(userID, tokenIdList);
+    std::vector<uint32_t> tokenIds;
+    auto result = proxy->GetTokenIDByUserID(userID, tokenIds);
+    if (result != RET_SUCCESS) {
+        result = ConvertResult(result);
+        LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result);
+        return result;
+    }
+    std::copy(tokenIds.begin(), tokenIds.end(), std::inserter(tokenIdList, tokenIdList.begin()));
+    return result;
 }
 
 int AccessTokenManagerClient::GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfo& hapTokenInfoRes)
@@ -495,6 +730,11 @@ int AccessTokenManagerClient::GetHapTokenInfo(AccessTokenID tokenID, HapTokenInf
     }
     HapTokenInfoParcel hapTokenInfoParcel;
     int res = proxy->GetHapTokenInfo(tokenID, hapTokenInfoParcel);
+    if (res != RET_SUCCESS) {
+        res = ConvertResult(res);
+        LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", res);
+        return res;
+    }
 
     hapTokenInfoRes = hapTokenInfoParcel.hapTokenInfoParams;
     return res;
@@ -509,6 +749,11 @@ int AccessTokenManagerClient::GetNativeTokenInfo(AccessTokenID tokenID, NativeTo
     }
     NativeTokenInfoParcel nativeTokenInfoParcel;
     int res = proxy->GetNativeTokenInfo(tokenID, nativeTokenInfoParcel);
+    if (res != RET_SUCCESS) {
+        res = ConvertResult(res);
+        LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", res);
+        return res;
+    }
     nativeTokenInfoRes = nativeTokenInfoParcel.nativeTokenInfoParams;
     return res;
 }
@@ -521,7 +766,13 @@ int32_t AccessTokenManagerClient::ReloadNativeTokenInfo()
         LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null");
         return AccessTokenError::ERR_SERVICE_ABNORMAL;
     }
-    return proxy->ReloadNativeTokenInfo();
+    int32_t res = proxy->ReloadNativeTokenInfo();
+    if (res != RET_SUCCESS) {
+        res = ConvertResult(res);
+        LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", res);
+        return res;
+    }
+    return res;
 }
 #endif
 
@@ -535,6 +786,11 @@ int AccessTokenManagerClient::GetHapTokenInfoExtension(AccessTokenID tokenID, Ha
 
     HapTokenInfoParcel hapTokenInfoParcel;
     int res = proxy->GetHapTokenInfoExtension(tokenID, hapTokenInfoParcel, info.appID);
+    if (res != RET_SUCCESS) {
+        res = ConvertResult(res);
+        LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", res);
+        return res;
+    }
     info.baseInfo = hapTokenInfoParcel.hapTokenInfoParams;
     return res;
 }
@@ -546,7 +802,14 @@ AccessTokenID AccessTokenManagerClient::GetNativeTokenId(const std::string& proc
         LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null");
         return INVALID_TOKENID;
     }
-    return proxy->GetNativeTokenId(processName);
+    uint32_t tokenID;
+    ErrCode errCode = proxy->GetNativeTokenId(processName, tokenID);
+    if (errCode != RET_SUCCESS) {
+        errCode = ConvertResult(errCode);
+        LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", errCode);
+        return INVALID_TOKENID;
+    }
+    return tokenID;
 }
 
 #ifdef TOKEN_SYNC_ENABLE
@@ -560,6 +823,11 @@ int AccessTokenManagerClient::GetHapTokenInfoFromRemote(AccessTokenID tokenID, H
 
     HapTokenInfoForSyncParcel hapSyncParcel;
     int res = proxy->GetHapTokenInfoFromRemote(tokenID, hapSyncParcel);
+    if (res != RET_SUCCESS) {
+        res = ConvertResult(res);
+        LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", res);
+        return res;
+    }
     hapSync = hapSyncParcel.hapTokenInfoForSyncParams;
     return res;
 }
@@ -576,6 +844,10 @@ int AccessTokenManagerClient::SetRemoteHapTokenInfo(const std::string& deviceID,
     hapSyncParcel.hapTokenInfoForSyncParams = hapSync;
 
     int res = proxy->SetRemoteHapTokenInfo(deviceID, hapSyncParcel);
+    if (res != RET_SUCCESS) {
+        res = ConvertResult(res);
+    }
+    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", res);
     return res;
 }
 
@@ -588,6 +860,10 @@ int AccessTokenManagerClient::DeleteRemoteToken(const std::string& deviceID, Acc
     }
 
     int res = proxy->DeleteRemoteToken(deviceID, tokenID);
+    if (res != RET_SUCCESS) {
+        res = ConvertResult(res);
+    }
+    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", res);
     return res;
 }
 
@@ -599,8 +875,15 @@ AccessTokenID AccessTokenManagerClient::GetRemoteNativeTokenID(const std::string
         return INVALID_TOKENID;
     }
 
-    AccessTokenID res = proxy->GetRemoteNativeTokenID(deviceID, tokenID);
-    return res;
+    uint32_t tokenId;
+    ErrCode errCode = proxy->GetRemoteNativeTokenID(deviceID, tokenID, tokenId);
+    if (errCode != RET_SUCCESS) {
+        errCode = ConvertResult(errCode);
+        LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", errCode);
+        return INVALID_TOKENID;
+    }
+    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (id=%{public}d).", tokenId);
+    return tokenId;
 }
 
 int AccessTokenManagerClient::DeleteRemoteDeviceTokens(const std::string& deviceID)
@@ -612,6 +895,10 @@ int AccessTokenManagerClient::DeleteRemoteDeviceTokens(const std::string& device
     }
 
     int res = proxy->DeleteRemoteDeviceTokens(deviceID);
+    if (res != RET_SUCCESS) {
+        res = ConvertResult(res);
+    }
+    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", res);
     return res;
 }
 
@@ -637,6 +924,10 @@ int32_t AccessTokenManagerClient::RegisterTokenSyncCallback(
         tokenSyncCallback_ = callback;
         syncCallbackImpl_ = syncCallback;
     }
+    if (res != RET_SUCCESS) {
+        res = ConvertResult(res);
+    }
+    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", res);
     return res;
 }
 
@@ -653,6 +944,10 @@ int32_t AccessTokenManagerClient::UnRegisterTokenSyncCallback()
         tokenSyncCallback_ = nullptr;
         syncCallbackImpl_ = nullptr;
     }
+    if (res != RET_SUCCESS) {
+        res = ConvertResult(res);
+    }
+    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", res);
     return res;
 }
 #endif
@@ -667,7 +962,11 @@ void AccessTokenManagerClient::DumpTokenInfo(const AtmToolsParamInfo& info, std:
 
     AtmToolsParamInfoParcel infoParcel;
     infoParcel.info = info;
-    proxy->DumpTokenInfo(infoParcel, dumpInfo);
+    int32_t errCode = proxy->DumpTokenInfo(infoParcel, dumpInfo);
+    if (errCode != RET_SUCCESS) {
+        errCode = ConvertResult(errCode);
+        LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", errCode);
+    }
 }
 
 int32_t AccessTokenManagerClient::GetVersion(uint32_t& version)
@@ -678,7 +977,12 @@ int32_t AccessTokenManagerClient::GetVersion(uint32_t& version)
         return AccessTokenError::ERR_SERVICE_ABNORMAL;
     }
 
-    return proxy->GetVersion(version);
+    int32_t errCode = proxy->GetVersion(version);
+    if (errCode != RET_SUCCESS) {
+        errCode = ConvertResult(errCode);
+        LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", errCode);
+    }
+    return errCode;
 }
 
 void AccessTokenManagerClient::InitProxy()
@@ -690,10 +994,10 @@ void AccessTokenManagerClient::InitProxy()
             return;
         }
         sptr<IRemoteObject> accesstokenSa =
-            sam->GetSystemAbility(IAccessTokenManager::SA_ID_ACCESSTOKEN_MANAGER_SERVICE);
+            sam->GetSystemAbility(SA_ID_ACCESSTOKEN_MANAGER_SERVICE);
         if (accesstokenSa == nullptr) {
             LOGE(ATM_DOMAIN, ATM_TAG, "GetSystemAbility %{public}d is null",
-                IAccessTokenManager::SA_ID_ACCESSTOKEN_MANAGER_SERVICE);
+                SA_ID_ACCESSTOKEN_MANAGER_SERVICE);
             return;
         }
 
@@ -741,7 +1045,12 @@ int32_t AccessTokenManagerClient::SetPermDialogCap(const HapBaseInfo& hapBaseInf
     }
     HapBaseInfoParcel hapBaseInfoParcel;
     hapBaseInfoParcel.hapBaseInfo = hapBaseInfo;
-    return proxy->SetPermDialogCap(hapBaseInfoParcel, enable);
+    int32_t errCode = proxy->SetPermDialogCap(hapBaseInfoParcel, enable);
+    if (errCode != RET_SUCCESS) {
+        errCode = ConvertResult(errCode);
+        LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", errCode);
+    }
+    return errCode;
 }
 
 void AccessTokenManagerClient::GetPermissionManagerInfo(PermissionGrantInfo& info)
@@ -752,7 +1061,12 @@ void AccessTokenManagerClient::GetPermissionManagerInfo(PermissionGrantInfo& inf
         return;
     }
     PermissionGrantInfoParcel infoParcel;
-    proxy->GetPermissionManagerInfo(infoParcel);
+    int32_t errorCode = proxy->GetPermissionManagerInfo(infoParcel);
+    if (errorCode != RET_SUCCESS) {
+        errorCode = ConvertResult(errorCode);
+        LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", errorCode);
+        return;
+    }
     info = infoParcel.info;
 }
 
@@ -764,7 +1078,27 @@ int32_t AccessTokenManagerClient::InitUserPolicy(
         LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null");
         return AccessTokenError::ERR_SERVICE_ABNORMAL;
     }
-    return proxy->InitUserPolicy(userList, permList);
+
+    size_t userLen = userList.size();
+    size_t permLen = permList.size();
+    if ((userLen == 0) || (userLen > MAX_USER_POLICY_SIZE) || (permLen == 0) || (permLen > MAX_USER_POLICY_SIZE)) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "UserLen %{public}zu or permLen %{public}zu is invalid", userLen, permLen);
+        return AccessTokenError::ERR_PARAM_INVALID;
+    }
+
+    std::vector<UserStateIdl> userIdlList;
+    for (const auto& userSate : userList) {
+        UserStateIdl userIdl;
+        userIdl.userId = userSate.userId;
+        userIdl.isActive = userSate.isActive;
+        userIdlList.emplace_back(userIdl);
+    }
+    int32_t errCode = proxy->InitUserPolicy(userIdlList, permList);
+    if (errCode != RET_SUCCESS) {
+        errCode = ConvertResult(errCode);
+        LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", errCode);
+    }
+    return errCode;
 }
 
 int32_t AccessTokenManagerClient::ClearUserPolicy()
@@ -774,7 +1108,12 @@ int32_t AccessTokenManagerClient::ClearUserPolicy()
         LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null");
         return AccessTokenError::ERR_SERVICE_ABNORMAL;
     }
-    return proxy->ClearUserPolicy();
+    int32_t errCode = proxy->ClearUserPolicy();
+    if (errCode != RET_SUCCESS) {
+        errCode = ConvertResult(errCode);
+        LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", errCode);
+    }
+    return errCode;
 }
 
 int32_t AccessTokenManagerClient::UpdateUserPolicy(const std::vector<UserState>& userList)
@@ -784,7 +1123,26 @@ int32_t AccessTokenManagerClient::UpdateUserPolicy(const std::vector<UserState>&
         LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null");
         return AccessTokenError::ERR_SERVICE_ABNORMAL;
     }
-    return proxy->UpdateUserPolicy(userList);
+
+    size_t userLen = userList.size();
+    if ((userLen == 0) || (userLen > MAX_USER_POLICY_SIZE)) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "UserLen %{public}zu is invalid.", userLen);
+        return AccessTokenError::ERR_PARAM_INVALID;
+    }
+
+    std::vector<UserStateIdl> userIdlList;
+    for (const auto& userSate : userList) {
+        UserStateIdl userIdl;
+        userIdl.userId = userSate.userId;
+        userIdl.isActive = userSate.isActive;
+        userIdlList.emplace_back(userIdl);
+    }
+    int32_t errCode = proxy->UpdateUserPolicy(userIdlList);
+    if (errCode != RET_SUCCESS) {
+        errCode = ConvertResult(errCode);
+        LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", errCode);
+    }
+    return errCode;
 }
 
 void AccessTokenManagerClient::ReleaseProxy()
@@ -804,7 +1162,29 @@ int32_t AccessTokenManagerClient::GetKernelPermissions(
         LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null");
         return AccessTokenError::ERR_SERVICE_ABNORMAL;
     }
-    return proxy->GetKernelPermissions(tokenId, kernelPermList);
+    std::vector<PermissionWithValueIdl> kernelPermIdlList;
+    int32_t errCode = proxy->GetKernelPermissions(tokenId, kernelPermIdlList);
+    if (errCode != RET_SUCCESS) {
+        errCode = ConvertResult(errCode);
+        LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", errCode);
+        return errCode;
+    }
+
+    if (kernelPermIdlList.size() > MAX_EXTENDED_VALUE_LIST_SIZE) {
+        return AccessTokenError::ERR_OVERSIZE;
+    }
+
+    for (const auto& item : kernelPermIdlList) {
+        PermissionWithValue tmp;
+        tmp.permissionName = item.permissionName;
+        tmp.value = item.value;
+        if (tmp.value == "true") {
+            tmp.value.clear();
+        }
+        kernelPermList.emplace_back(tmp);
+    }
+
+    return errCode;
 }
 
 int32_t AccessTokenManagerClient::GetReqPermissionByName(
@@ -815,7 +1195,73 @@ int32_t AccessTokenManagerClient::GetReqPermissionByName(
         LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null");
         return AccessTokenError::ERR_SERVICE_ABNORMAL;
     }
-    return proxy->GetReqPermissionByName(tokenId, permissionName, value);
+    int32_t errCode = proxy->GetReqPermissionByName(tokenId, permissionName, value);
+    if (errCode != RET_SUCCESS) {
+        errCode = ConvertResult(errCode);
+        LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", errCode);
+    }
+    return errCode;
+}
+
+#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE
+int32_t AccessTokenManagerClient::RegisterSecCompEnhance(const SecCompEnhanceData& enhance)
+{
+    auto proxy = GetProxy();
+    if (proxy == nullptr) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null.");
+        return AccessTokenError::ERR_PARAM_INVALID;
+    }
+    SecCompEnhanceDataParcel registerParcel;
+    registerParcel.enhanceData = enhance;
+    int32_t ret = proxy->RegisterSecCompEnhance(registerParcel);
+    return ConvertResult(ret);
+}
+
+int32_t AccessTokenManagerClient::UpdateSecCompEnhance(int32_t pid, uint32_t seqNum)
+{
+    auto proxy = GetProxy();
+    if (proxy == nullptr) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null.");
+        return AccessTokenError::ERR_PARAM_INVALID;
+    }
+    int32_t ret = proxy->UpdateSecCompEnhance(pid, seqNum);
+    return ConvertResult(ret);
+}
+
+int32_t AccessTokenManagerClient::GetSecCompEnhance(int32_t pid, SecCompEnhanceData& enhance)
+{
+    auto proxy = GetProxy();
+    if (proxy == nullptr) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null.");
+        return AccessTokenError::ERR_PARAM_INVALID;
+    }
+    SecCompEnhanceDataParcel parcel;
+    int32_t res = proxy->GetSecCompEnhance(pid, parcel);
+    if (res != RET_SUCCESS) {
+        return ConvertResult(res);
+    }
+    enhance = parcel.enhanceData;
+    return RET_SUCCESS;
+}
+#endif
+
+bool AccessTokenManagerClient::IsToastShownNeeded(int32_t pid)
+{
+    auto proxy = GetProxy();
+    if (proxy == nullptr) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null.");
+        return true;
+    }
+
+    bool needToShow;
+    int32_t errCode = proxy->IsToastShownNeeded(pid, needToShow);
+    if (errCode != RET_SUCCESS) {
+        errCode = ConvertResult(errCode);
+        LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", errCode);
+        return true;
+    }
+
+    return needToShow;
 }
 } // namespace AccessToken
 } // namespace Security
diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h
index b5a4d09849c09855d7c0f021f1f5f9312dc80531..64ddbd8c6a16808dedec68ed6e835ae208a581b0 100644
--- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h
+++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2021-2024 Huawei Device Co., Ltd.
+ * Copyright (c) 2021-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -19,6 +19,7 @@
 #include <map>
 #include <mutex>
 #include <string>
+#include <unordered_set>
 #include <vector>
 
 #include "access_token.h"
@@ -28,7 +29,7 @@
 #include "hap_info_parcel.h"
 #include "hap_policy_parcel.h"
 #include "hap_token_info.h"
-#include "i_accesstoken_manager.h"
+#include "iaccess_token_manager.h"
 #include "nocopyable.h"
 #include "permission_def.h"
 #include "permission_grant_info.h"
@@ -59,6 +60,7 @@ public:
     int32_t SetPermissionRequestToggleStatus(const std::string& permissionName, uint32_t status, int32_t userID);
     int32_t GetPermissionRequestToggleStatus(const std::string& permissionName, uint32_t& status, int32_t userID);
     int32_t RequestAppPermOnSetting(AccessTokenID tokenID);
+    int32_t GetSelfPermissionStatus(const std::string& permissionName, PermissionOper& status);
     PermissionOper GetSelfPermissionsState(std::vector<PermissionListState>& permList,
         PermissionGrantInfo& info);
     int32_t GetPermissionsStatus(AccessTokenID tokenID, std::vector<PermissionListState>& permList);
@@ -111,6 +113,12 @@ public:
     int32_t InitUserPolicy(const std::vector<UserState>& userList, const std::vector<std::string>& permList);
     int32_t UpdateUserPolicy(const std::vector<UserState>& userList);
     int32_t ClearUserPolicy();
+#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE
+    int32_t RegisterSecCompEnhance(const SecCompEnhanceData& enhance);
+    int32_t UpdateSecCompEnhance(int32_t pid, uint32_t seqNum);
+    int32_t GetSecCompEnhance(int32_t pid, SecCompEnhanceData& enhance);
+#endif // SECURITY_COMPONENT_ENHANCE_ENABLE
+    bool IsToastShownNeeded(int32_t pid);
 
 private:
     AccessTokenManagerClient();
diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp
deleted file mode 100644
index 767678b542b194dfd1acbaf5e85142555f2600f5..0000000000000000000000000000000000000000
--- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp
+++ /dev/null
@@ -1,1578 +0,0 @@
-/*
- * Copyright (c) 2021-2024 Huawei Device Co., Ltd.
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include "accesstoken_manager_proxy.h"
-
-#include "accesstoken_log.h"
-#include "accesstoken_common_log.h"
-#include "access_token_error.h"
-
-#include "parcel.h"
-#include "string_ex.h"
-
-namespace OHOS {
-namespace Security {
-namespace AccessToken {
-namespace {
-static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "ATMProxy"};
-static const int MAX_PERMISSION_SIZE = 1000;
-static const int32_t MAX_USER_POLICY_SIZE = 1024;
-static const int32_t MAX_EXTENDED_VALUE_LIST_SIZE = 512;
-}
-
-AccessTokenManagerProxy::AccessTokenManagerProxy(const sptr<IRemoteObject>& impl)
-    : IRemoteProxy<IAccessTokenManager>(impl) {
-}
-
-AccessTokenManagerProxy::~AccessTokenManagerProxy()
-{}
-
-bool AccessTokenManagerProxy::SendRequest(
-    AccessTokenInterfaceCode code, MessageParcel& data, MessageParcel& reply)
-{
-    MessageOption option(MessageOption::TF_SYNC);
-
-    sptr<IRemoteObject> remote = Remote();
-    if (remote == nullptr) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Code: %{public}d remote service null.", code);
-        return false;
-    }
-    int32_t requestResult = remote->SendRequest(
-        static_cast<uint32_t>(code), data, reply, option);
-    if (requestResult != NO_ERROR) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Code: %{public}d request fail, result: %{public}d", code, requestResult);
-        return false;
-    }
-    return true;
-}
-
-PermUsedTypeEnum AccessTokenManagerProxy::GetPermissionUsedType(
-    AccessTokenID tokenID, const std::string &permissionName)
-{
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed.");
-        return PermUsedTypeEnum::INVALID_USED_TYPE;
-    }
-    if (!data.WriteUint32(tokenID)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteUint32 failed.");
-        return PermUsedTypeEnum::INVALID_USED_TYPE;
-    }
-    if (!data.WriteString(permissionName)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteString failed.");
-        return PermUsedTypeEnum::INVALID_USED_TYPE;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(AccessTokenInterfaceCode::GET_USER_GRANTED_PERMISSION_USED_TYPE, data, reply)) {
-        return PermUsedTypeEnum::INVALID_USED_TYPE;
-    }
-
-    int32_t ret;
-    if (!reply.ReadInt32(ret)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "ReadInt32t failed.");
-        return PermUsedTypeEnum::INVALID_USED_TYPE;
-    }
-    PermUsedTypeEnum result = static_cast<PermUsedTypeEnum>(ret);
-    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (type=%{public}d).", result);
-    return result;
-}
-
-int AccessTokenManagerProxy::VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName)
-{
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed.");
-        return PERMISSION_DENIED;
-    }
-    if (!data.WriteUint32(tokenID)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteUint32 failed.");
-        return PERMISSION_DENIED;
-    }
-    if (!data.WriteString(permissionName)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteString failed.");
-        return PERMISSION_DENIED;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(AccessTokenInterfaceCode::VERIFY_ACCESSTOKEN, data, reply)) {
-        return PERMISSION_DENIED;
-    }
-
-    int32_t result = reply.ReadInt32();
-    LOGD(ATM_DOMAIN, ATM_TAG, "Result from server (status=%{public}d).", result);
-    return result;
-}
-
-int AccessTokenManagerProxy::VerifyAccessToken(AccessTokenID tokenID,
-    const std::vector<std::string>& permissionList, std::vector<int32_t>& permStateList)
-{
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteUint32(tokenID)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteUint32 failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteStringVector(permissionList)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteStringVector failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(AccessTokenInterfaceCode::VERIFY_ACCESSTOKEN_WITH_LIST, data, reply)) {
-        return ERR_SERVICE_ABNORMAL;
-    }
-
-    if (!reply.ReadInt32Vector(&permStateList)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "ReadInt32Vector failed.");
-        return ERR_READ_PARCEL_FAILED;
-    }
-
-    return ERR_OK;
-}
-
-int AccessTokenManagerProxy::GetDefPermission(
-    const std::string& permissionName, PermissionDefParcel& permissionDefResult)
-{
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteString(permissionName)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteString failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(AccessTokenInterfaceCode::GET_DEF_PERMISSION, data, reply)) {
-        return ERR_SERVICE_ABNORMAL;
-    }
-
-    int32_t result = reply.ReadInt32();
-    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result);
-    if (result != RET_SUCCESS) {
-        return result;
-    }
-    sptr<PermissionDefParcel> resultSptr = reply.ReadParcelable<PermissionDefParcel>();
-    if (resultSptr == nullptr) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "ReadParcelable failed.");
-        return ERR_READ_PARCEL_FAILED;
-    }
-    permissionDefResult = *resultSptr;
-    return result;
-}
-
-int AccessTokenManagerProxy::GetReqPermissions(
-    AccessTokenID tokenID, std::vector<PermissionStatusParcel>& reqPermList, bool isSystemGrant)
-{
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteUint32(tokenID)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteUint32 failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteInt32(isSystemGrant)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInt32 failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(AccessTokenInterfaceCode::GET_REQ_PERMISSIONS, data, reply)) {
-        return ERR_SERVICE_ABNORMAL;
-    }
-
-    int32_t result = reply.ReadInt32();
-    LOGD(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result);
-    if (result != RET_SUCCESS) {
-        return result;
-    }
-    uint32_t reqPermSize = reply.ReadUint32();
-    if (reqPermSize > MAX_PERMISSION_SIZE) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Size(%{public}u) is oversize.", reqPermSize);
-        return ERR_OVERSIZE;
-    }
-    for (uint32_t i = 0; i < reqPermSize; i++) {
-        sptr<PermissionStatusParcel> permissionReq = reply.ReadParcelable<PermissionStatusParcel>();
-        if (permissionReq != nullptr) {
-            reqPermList.emplace_back(*permissionReq);
-        }
-    }
-    return result;
-}
-
-int32_t AccessTokenManagerProxy::SetPermissionRequestToggleStatus(const std::string& permissionName, uint32_t status,
-    int32_t userID = 0)
-{
-    MessageParcel sendData;
-    if (!sendData.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!sendData.WriteString(permissionName)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteString failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!sendData.WriteUint32(status)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteUint32 failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!sendData.WriteInt32(userID)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInt32 failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(AccessTokenInterfaceCode::SET_PERMISSION_REQUEST_TOGGLE_STATUS, sendData, reply)) {
-        return ERR_SERVICE_ABNORMAL;
-    }
-
-    int32_t result = reply.ReadInt32();
-    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result);
-    return result;
-}
-
-int32_t AccessTokenManagerProxy::GetPermissionRequestToggleStatus(const std::string& permissionName, uint32_t& status,
-    int32_t userID = 0)
-{
-    MessageParcel sendData;
-    if (!sendData.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!sendData.WriteString(permissionName)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteString failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!sendData.WriteInt32(userID)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInt32 failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(AccessTokenInterfaceCode::GET_PERMISSION_REQUEST_TOGGLE_STATUS, sendData, reply)) {
-        return ERR_SERVICE_ABNORMAL;
-    }
-
-    int32_t result = reply.ReadInt32();
-    if (result == RET_SUCCESS) {
-        status = reply.ReadUint32();
-    }
-    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d, status=%{public}d).", result, status);
-    return result;
-}
-
-int32_t AccessTokenManagerProxy::RequestAppPermOnSetting(AccessTokenID tokenID)
-{
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteUint32(tokenID)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInt32 failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(AccessTokenInterfaceCode::REQUEST_APP_PERM_ON_SETTING, data, reply)) {
-        return ERR_SERVICE_ABNORMAL;
-    }
-
-    int32_t result;
-    if (!reply.ReadInt32(result)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "ReadInt32 failed.");
-        return ERR_READ_PARCEL_FAILED;
-    }
-    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (result=%{public}d).", result);
-    return result;
-}
-
-int AccessTokenManagerProxy::GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName, uint32_t& flag)
-{
-    MessageParcel sendData;
-    if (!sendData.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!sendData.WriteUint32(tokenID)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteUint32 failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!sendData.WriteString(permissionName)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteString failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(AccessTokenInterfaceCode::GET_PERMISSION_FLAG, sendData, reply)) {
-        return ERR_SERVICE_ABNORMAL;
-    }
-
-    int32_t result = reply.ReadInt32();
-    if (result == RET_SUCCESS) {
-        flag = reply.ReadUint32();
-    }
-    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d, flag=%{public}d).", result, flag);
-    return result;
-}
-
-PermissionOper AccessTokenManagerProxy::GetSelfPermissionsState(std::vector<PermissionListStateParcel>& permListParcel,
-    PermissionGrantInfoParcel& infoParcel)
-{
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed.");
-        return INVALID_OPER;
-    }
-    if (!data.WriteUint32(permListParcel.size())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteUint32 failed.");
-        return INVALID_OPER;
-    }
-    for (const auto& permission : permListParcel) {
-        if (!data.WriteParcelable(&permission)) {
-            LOGE(ATM_DOMAIN, ATM_TAG, "WriteParcelable failed.");
-            return INVALID_OPER;
-        }
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(AccessTokenInterfaceCode::GET_PERMISSION_OPER_STATE, data, reply)) {
-        return INVALID_OPER;
-    }
-
-    PermissionOper result = static_cast<PermissionOper>(reply.ReadInt32());
-    size_t size = reply.ReadUint32();
-    if (size != permListParcel.size()) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Size(%{public}zu) from server is not equal inputSize(%{public}zu)!",
-            size, permListParcel.size());
-        return INVALID_OPER;
-    }
-    if (size > MAX_PERMISSION_SIZE) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Size(%{public}zu) is oversize.", size);
-        return INVALID_OPER;
-    }
-    for (uint32_t i = 0; i < size; i++) {
-        sptr<PermissionListStateParcel> permissionReq = reply.ReadParcelable<PermissionListStateParcel>();
-        if (permissionReq != nullptr) {
-            permListParcel[i].permsState.state = permissionReq->permsState.state;
-            permListParcel[i].permsState.errorReason = permissionReq->permsState.errorReason;
-        }
-    }
-
-    sptr<PermissionGrantInfoParcel> resultSptr = reply.ReadParcelable<PermissionGrantInfoParcel>();
-    if (resultSptr == nullptr) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "ReadParcelable failed.");
-        return INVALID_OPER;
-    }
-    infoParcel = *resultSptr;
-
-    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (status=%{public}d).", result);
-    return result;
-}
-
-int32_t AccessTokenManagerProxy::GetPermissionsStatus(AccessTokenID tokenID,
-    std::vector<PermissionListStateParcel>& permListParcel)
-{
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteUint32(tokenID)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteUint32 failed");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteUint32(permListParcel.size())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteUint32 failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    for (const auto& permission : permListParcel) {
-        if (!data.WriteParcelable(&permission)) {
-            LOGE(ATM_DOMAIN, ATM_TAG, "WriteParcelable failed.");
-            return ERR_WRITE_PARCEL_FAILED;
-        }
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(AccessTokenInterfaceCode::GET_PERMISSIONS_STATUS, data, reply)) {
-        return ERR_SERVICE_ABNORMAL;
-    }
-
-    int32_t result = reply.ReadInt32();
-    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result);
-    if (result != RET_SUCCESS) {
-        return result;
-    }
-    size_t size = reply.ReadUint32();
-    if (size != permListParcel.size()) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Size(%{public}zu) from server is not equal inputSize(%{public}zu)!",
-            size, permListParcel.size());
-        return ERR_SIZE_NOT_EQUAL;
-    }
-    for (uint32_t i = 0; i < size; i++) {
-        sptr<PermissionListStateParcel> permissionReq = reply.ReadParcelable<PermissionListStateParcel>();
-        if (permissionReq != nullptr) {
-            permListParcel[i].permsState.state = permissionReq->permsState.state;
-        }
-    }
-    return result;
-}
-
-int AccessTokenManagerProxy::GrantPermission(AccessTokenID tokenID, const std::string& permissionName, uint32_t flag)
-{
-    MessageParcel inData;
-    if (!inData.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!inData.WriteUint32(tokenID)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteUint32 failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!inData.WriteString(permissionName)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteString failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!inData.WriteUint32(flag)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteUint32 failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(AccessTokenInterfaceCode::GRANT_PERMISSION, inData, reply)) {
-        return ERR_SERVICE_ABNORMAL;
-    }
-
-    int32_t result = reply.ReadInt32();
-    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result);
-    return result;
-}
-
-int AccessTokenManagerProxy::RevokePermission(AccessTokenID tokenID, const std::string& permissionName, uint32_t flag)
-{
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteUint32(tokenID)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteUint32 failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteString(permissionName)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteString failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteUint32(flag)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteUint32 failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(AccessTokenInterfaceCode::REVOKE_PERMISSION, data, reply)) {
-        return ERR_SERVICE_ABNORMAL;
-    }
-
-    int32_t result = reply.ReadInt32();
-    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result);
-    return result;
-}
-
-int AccessTokenManagerProxy::GrantPermissionForSpecifiedTime(
-    AccessTokenID tokenID, const std::string& permissionName, uint32_t onceTime)
-{
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteUint32(tokenID)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteUint32 failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteString(permissionName)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteString failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteUint32(onceTime)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteUint32 failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(AccessTokenInterfaceCode::GRANT_PERMISSION_FOR_SPECIFIEDTIME, data, reply)) {
-        return ERR_SERVICE_ABNORMAL;
-    }
-
-    int32_t result;
-    if (!reply.ReadInt32(result)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "ReadInt32 failed.");
-        return ERR_READ_PARCEL_FAILED;
-    }
-    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (result=%{public}d).", result);
-    return result;
-}
-
-int AccessTokenManagerProxy::ClearUserGrantedPermissionState(AccessTokenID tokenID)
-{
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteUint32(tokenID)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteUint32 failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(AccessTokenInterfaceCode::CLEAR_USER_GRANT_PERMISSION, data, reply)) {
-        return ERR_SERVICE_ABNORMAL;
-    }
-
-    int32_t result = reply.ReadInt32();
-    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result);
-    return result;
-}
-
-int32_t AccessTokenManagerProxy::RegisterPermStateChangeCallback(
-    const PermStateChangeScopeParcel& scope, const sptr<IRemoteObject>& callback)
-{
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteParcelable(&scope)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteParcelable failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteRemoteObject(callback)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteRemoteObject failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    MessageParcel reply;
-    if (!SendRequest(AccessTokenInterfaceCode::REGISTER_PERM_STATE_CHANGE_CALLBACK, data, reply)) {
-        return ERR_SERVICE_ABNORMAL;
-    }
-
-    int32_t ret;
-    if (!reply.ReadInt32(ret)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "ReadInt32 failed.");
-        return ERR_READ_PARCEL_FAILED;
-    }
-    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", ret);
-    return ret;
-}
-
-int32_t AccessTokenManagerProxy::UnRegisterPermStateChangeCallback(const sptr<IRemoteObject>& callback)
-{
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteRemoteObject(callback)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteRemoteObject failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(
-        AccessTokenInterfaceCode::UNREGISTER_PERM_STATE_CHANGE_CALLBACK, data, reply)) {
-        return ERR_SERVICE_ABNORMAL;
-    }
-
-    int32_t result;
-    if (!reply.ReadInt32(result)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "ReadInt32 failed.");
-        return ERR_READ_PARCEL_FAILED;
-    }
-    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result);
-    return result;
-}
-
-int32_t AccessTokenManagerProxy::RegisterSelfPermStateChangeCallback(
-    const PermStateChangeScopeParcel& scope, const sptr<IRemoteObject>& callback)
-{
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteParcelable(&scope)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteParcelable failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteRemoteObject(callback)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteRemoteObject failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    MessageParcel reply;
-    if (!SendRequest(AccessTokenInterfaceCode::REGISTER_SELF_PERM_STATE_CHANGE_CALLBACK, data, reply)) {
-        return ERR_SERVICE_ABNORMAL;
-    }
-
-    int32_t ret;
-    if (!reply.ReadInt32(ret)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "ReadInt32 failed.");
-        return ERR_READ_PARCEL_FAILED;
-    }
-    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", ret);
-    return ret;
-}
-
-int32_t AccessTokenManagerProxy::UnRegisterSelfPermStateChangeCallback(const sptr<IRemoteObject>& callback)
-{
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteRemoteObject(callback)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteRemoteObject failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(
-        AccessTokenInterfaceCode::UNREGISTER_SELF_PERM_STATE_CHANGE_CALLBACK, data, reply)) {
-        return ERR_SERVICE_ABNORMAL;
-    }
-
-    int32_t result;
-    if (!reply.ReadInt32(result)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "ReadInt32 failed.");
-        return ERR_READ_PARCEL_FAILED;
-    }
-    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result);
-    return result;
-}
-
-AccessTokenIDEx AccessTokenManagerProxy::AllocHapToken(
-    const HapInfoParcel& hapInfo, const HapPolicyParcel& policyParcel)
-{
-    MessageParcel data;
-    AccessTokenIDEx res = { 0 };
-    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed.");
-        return res;
-    }
-
-    if (!data.WriteParcelable(&hapInfo)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteParcelable failed.");
-        return res;
-    }
-    if (!data.WriteParcelable(&policyParcel)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteParcelable failed.");
-        return res;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(AccessTokenInterfaceCode::ALLOC_TOKEN_HAP, data, reply)) {
-        return res;
-    }
-
-    unsigned long long result = reply.ReadUint64();
-    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (id=%{public}llu).", result);
-    res.tokenIDEx = result;
-    return res;
-}
-
-int32_t AccessTokenManagerProxy::InitHapToken(const HapInfoParcel& hapInfoParcel, HapPolicyParcel& policyParcel,
-    AccessTokenIDEx& fullTokenId, HapInfoCheckResult& resultInfo)
-{
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-
-    if (!data.WriteParcelable(&hapInfoParcel)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteParcelable failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteParcelable(&policyParcel)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteParcelable failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(AccessTokenInterfaceCode::INIT_TOKEN_HAP, data, reply)) {
-        return ERR_SERVICE_ABNORMAL;
-    }
-    int32_t result = 0;
-    if (!reply.ReadInt32(result)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "ReadInt32 failed.");
-        return ERR_READ_PARCEL_FAILED;
-    }
-    if (result == RET_SUCCESS) {
-        uint64_t tokenId = 0;
-        if (!reply.ReadUint64(tokenId)) {
-            LOGE(ATM_DOMAIN, ATM_TAG, "ReadUint64 faild.");
-            return ERR_READ_PARCEL_FAILED;
-        }
-        fullTokenId.tokenIDEx = tokenId;
-    } else {
-        if (reply.GetDataSize() > reply.GetReadPosition()) {
-            IF_FALSE_RETURN_VALUE_LOG(LABEL, reply.ReadString(resultInfo.permCheckResult.permissionName),
-                ERR_READ_PARCEL_FAILED, "ReadString faild.");
-
-            int32_t rule;
-            IF_FALSE_RETURN_VALUE_LOG(LABEL, reply.ReadInt32(rule),
-                ERR_READ_PARCEL_FAILED, "ReadString faild.");
-            resultInfo.permCheckResult.rule = static_cast<PermissionRulesEnum>(rule);
-        }
-    }
-    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d, id=%{public}llu).",
-        result, fullTokenId.tokenIDEx);
-    return result;
-}
-
-int AccessTokenManagerProxy::DeleteToken(AccessTokenID tokenID)
-{
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-
-    if (!data.WriteUint32(tokenID)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteUint32 failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(AccessTokenInterfaceCode::TOKEN_DELETE, data, reply)) {
-        return ERR_SERVICE_ABNORMAL;
-    }
-
-    int result = reply.ReadInt32();
-    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d, id=%{public}u).", result, tokenID);
-    return result;
-}
-
-int AccessTokenManagerProxy::GetTokenType(AccessTokenID tokenID)
-{
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-
-    if (!data.WriteUint32(tokenID)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Failed to write tokenID");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(AccessTokenInterfaceCode::GET_TOKEN_TYPE, data, reply)) {
-        return ERR_SERVICE_ABNORMAL;
-    }
-
-    int result = reply.ReadInt32();
-    LOGD(ATM_DOMAIN, ATM_TAG, "Result from server (type=%{public}d).", result);
-    return result;
-}
-
-AccessTokenIDEx AccessTokenManagerProxy::GetHapTokenID(int32_t userID, const std::string& bundleName, int32_t instIndex)
-{
-    AccessTokenIDEx tokenIdEx = {0};
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed.");
-        return tokenIdEx;
-    }
-
-    if (!data.WriteInt32(userID)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Failed to write tokenID");
-        return tokenIdEx;
-    }
-    if (!data.WriteString(bundleName)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Failed to write dcap");
-        return tokenIdEx;
-    }
-    if (!data.WriteInt32(instIndex)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Failed to write dcap");
-        return tokenIdEx;
-    }
-    MessageParcel reply;
-    if (!SendRequest(AccessTokenInterfaceCode::GET_HAP_TOKEN_ID, data, reply)) {
-        return tokenIdEx;
-    }
-
-    tokenIdEx.tokenIDEx = reply.ReadUint64();
-    LOGD(ATM_DOMAIN, ATM_TAG, "Result from server (id=%{public}llu).", tokenIdEx.tokenIDEx);
-    return tokenIdEx;
-}
-
-AccessTokenID AccessTokenManagerProxy::AllocLocalTokenID(
-    const std::string& remoteDeviceID, AccessTokenID remoteTokenID)
-{
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed.");
-        return 0;
-    }
-
-    if (!data.WriteString(remoteDeviceID)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Failed to write dcap");
-        return 0;
-    }
-    if (!data.WriteUint32(remoteTokenID)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Failed to write dcap");
-        return 0;
-    }
-    MessageParcel reply;
-    if (!SendRequest(AccessTokenInterfaceCode::ALLOC_LOCAL_TOKEN_ID, data, reply)) {
-        return 0;
-    }
-
-    AccessTokenID result = reply.ReadUint32();
-    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (id=%{public}d).", result);
-    return result;
-}
-
-int AccessTokenManagerProxy::GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfoParcel& nativeTokenInfoRes)
-{
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteUint32(tokenID)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteUint32 failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(AccessTokenInterfaceCode::GET_NATIVE_TOKENINFO, data, reply)) {
-        return ERR_SERVICE_ABNORMAL;
-    }
-
-    int32_t result = reply.ReadInt32();
-    LOGD(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result);
-    if (result != RET_SUCCESS) {
-        return result;
-    }
-    sptr<NativeTokenInfoParcel> resultSptr = reply.ReadParcelable<NativeTokenInfoParcel>();
-    if (resultSptr == nullptr) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "ReadParcelable fail");
-        return ERR_READ_PARCEL_FAILED;
-    }
-    nativeTokenInfoRes = *resultSptr;
-    return result;
-}
-
-int32_t AccessTokenManagerProxy::GetTokenIDByUserID(int32_t userID, std::unordered_set<AccessTokenID>& tokenIdList)
-{
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteInt32(userID)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInt32 failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(AccessTokenInterfaceCode::GET_TOKEN_ID_BY_USER_ID, data, reply)) {
-        return ERR_SERVICE_ABNORMAL;
-    }
-
-    int32_t result = 0;
-    if (!reply.ReadInt32(result)) {
-        LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result);
-        return ERR_READ_PARCEL_FAILED;
-    }
-    if (result != RET_SUCCESS) {
-        return result;
-    }
-
-    uint32_t tokenIDListSize = 0;
-    if (!reply.ReadUint32(tokenIDListSize)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "ReadUint32 failed.");
-        return ERR_READ_PARCEL_FAILED;
-    }
-    for (uint32_t i = 0; i < tokenIDListSize; i++) {
-        AccessTokenID tokenId = 0;
-        if (!reply.ReadUint32(tokenId)) {
-            LOGE(ATM_DOMAIN, ATM_TAG, "ReadUint32 failed.");
-            return ERR_READ_PARCEL_FAILED;
-        }
-        tokenIdList.emplace(tokenId);
-    }
-    return result;
-}
-
-int AccessTokenManagerProxy::GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfoParcel& hapTokenInfoRes)
-{
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteUint32(tokenID)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteUint32 failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(AccessTokenInterfaceCode::GET_HAP_TOKENINFO, data, reply)) {
-        return ERR_SERVICE_ABNORMAL;
-    }
-
-    int32_t result = reply.ReadInt32();
-    LOGD(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result);
-    if (result != RET_SUCCESS) {
-        return result;
-    }
-    sptr<HapTokenInfoParcel> resultSptr = reply.ReadParcelable<HapTokenInfoParcel>();
-    if (resultSptr == nullptr) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "ReadParcelable failed.");
-        return ERR_READ_PARCEL_FAILED;
-    }
-    hapTokenInfoRes = *resultSptr;
-    return result;
-}
-
-int32_t AccessTokenManagerProxy::UpdateHapToken(AccessTokenIDEx& tokenIdEx, const UpdateHapInfoParams& info,
-    const HapPolicyParcel& policyParcel, HapInfoCheckResult& resultInfo)
-{
-    AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteUint32(tokenID)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Write tokenID failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteBool(info.isSystemApp)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Write isSystemApp failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteString(info.appIDDesc)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Write appIDDesc failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteInt32(info.apiVersion)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Write apiVersion failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteString(info.appDistributionType)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Write appDistributionType failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteParcelable(&policyParcel)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Write policyParcel failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(AccessTokenInterfaceCode::UPDATE_HAP_TOKEN, data, reply)) {
-        return ERR_SERVICE_ABNORMAL;
-    }
-    int32_t result = reply.ReadInt32();
-    tokenIdEx.tokenIdExStruct.tokenAttr = reply.ReadUint32();
-    if (result != RET_SUCCESS && reply.GetDataSize() > reply.GetReadPosition()) {
-        IF_FALSE_RETURN_VALUE_LOG(LABEL, reply.ReadString(resultInfo.permCheckResult.permissionName),
-            ERR_READ_PARCEL_FAILED, "ReadString faild.");
-
-        int32_t rule;
-        IF_FALSE_RETURN_VALUE_LOG(LABEL, reply.ReadInt32(rule),
-            ERR_READ_PARCEL_FAILED, "ReadString faild.");
-        resultInfo.permCheckResult.rule = static_cast<PermissionRulesEnum>(rule);
-    }
-    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result);
-    return result;
-}
-
-#ifndef ATM_BUILD_VARIANT_USER_ENABLE
-int32_t AccessTokenManagerProxy::ReloadNativeTokenInfo()
-{
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    MessageParcel reply;
-    if (!SendRequest(AccessTokenInterfaceCode::RELOAD_NATIVE_TOKEN_INFO, data, reply)) {
-        return ERR_SERVICE_ABNORMAL;
-    }
-
-    int32_t result = reply.ReadInt32();
-    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result);
-    return result;
-}
-
-#endif
-
-int AccessTokenManagerProxy::GetHapTokenInfoExtension(AccessTokenID tokenID,
-    HapTokenInfoParcel& hapTokenInfoRes, std::string& appID)
-{
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteUint32(tokenID)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteUint32 fail");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(AccessTokenInterfaceCode::GET_HAP_TOKENINFO_EXT, data, reply)) {
-        return ERR_SERVICE_ABNORMAL;
-    }
-
-    int32_t result = reply.ReadInt32();
-    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result);
-    if (result != RET_SUCCESS) {
-        return result;
-    }
-    sptr<HapTokenInfoParcel> hapResult = reply.ReadParcelable<HapTokenInfoParcel>();
-    if (hapResult == nullptr) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "ReadParcelable fail.");
-        return ERR_READ_PARCEL_FAILED;
-    }
-    hapTokenInfoRes = *hapResult;
-    if (!reply.ReadString(appID)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "ReadString fail.");
-        return ERR_READ_PARCEL_FAILED;
-    }
-
-    return result;
-}
-
-AccessTokenID AccessTokenManagerProxy::GetNativeTokenId(const std::string& processName)
-{
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed.");
-        return INVALID_TOKENID;
-    }
-
-    if (!data.WriteString(processName)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteString failed.");
-        return INVALID_TOKENID;
-    }
-    MessageParcel reply;
-    if (!SendRequest(AccessTokenInterfaceCode::GET_NATIVE_TOKEN_ID, data, reply)) {
-        return INVALID_TOKENID;
-    }
-    AccessTokenID id;
-    if (!reply.ReadUint32(id)) {
-        LOGI(ATM_DOMAIN, ATM_TAG, "ReadInt32 failed.");
-        return INVALID_TOKENID;
-    }
-    LOGD(ATM_DOMAIN, ATM_TAG, "Result from server (process=%{public}s, id=%{public}d).", processName.c_str(), id);
-    return id;
-}
-
-#ifdef TOKEN_SYNC_ENABLE
-int AccessTokenManagerProxy::GetHapTokenInfoFromRemote(AccessTokenID tokenID,
-    HapTokenInfoForSyncParcel& hapSyncParcel)
-{
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteUint32(tokenID)) {
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(AccessTokenInterfaceCode::GET_HAP_TOKEN_FROM_REMOTE, data, reply)) {
-        return ERR_SERVICE_ABNORMAL;
-    }
-
-    int32_t result = reply.ReadInt32();
-    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result);
-    if (result != RET_SUCCESS) {
-        return result;
-    }
-    sptr<HapTokenInfoForSyncParcel> hapResult = reply.ReadParcelable<HapTokenInfoForSyncParcel>();
-    if (hapResult == nullptr) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "ReadParcelable fail");
-        return ERR_READ_PARCEL_FAILED;
-    }
-    hapSyncParcel = *hapResult;
-    return result;
-}
-
-int AccessTokenManagerProxy::SetRemoteHapTokenInfo(const std::string& deviceID,
-    HapTokenInfoForSyncParcel& hapSyncParcel)
-{
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteString(deviceID)) {
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteParcelable(&hapSyncParcel)) {
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(AccessTokenInterfaceCode::SET_REMOTE_HAP_TOKEN_INFO, data, reply)) {
-        return ERR_SERVICE_ABNORMAL;
-    }
-
-    int32_t result = reply.ReadInt32();
-    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result);
-    return result;
-}
-
-int AccessTokenManagerProxy::DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID)
-{
-    MessageParcel data;
-    data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor());
-    if (!data.WriteString(deviceID)) {
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-
-    if (!data.WriteUint32(tokenID)) {
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(AccessTokenInterfaceCode::DELETE_REMOTE_TOKEN_INFO, data, reply)) {
-        return ERR_SERVICE_ABNORMAL;
-    }
-
-    int32_t result = reply.ReadInt32();
-    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result);
-    return result;
-}
-
-AccessTokenID AccessTokenManagerProxy::GetRemoteNativeTokenID(const std::string& deviceID, AccessTokenID tokenID)
-{
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed.");
-        return 0;
-    }
-    if (!data.WriteString(deviceID)) {
-        return 0;
-    }
-
-    if (!data.WriteUint32(tokenID)) {
-        return 0;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(AccessTokenInterfaceCode::GET_NATIVE_REMOTE_TOKEN, data, reply)) {
-        return 0;
-    }
-
-    AccessTokenID id = reply.ReadUint32();
-    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (id=%{public}d).", id);
-    return id;
-}
-
-int AccessTokenManagerProxy::DeleteRemoteDeviceTokens(const std::string& deviceID)
-{
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteString(deviceID)) {
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(AccessTokenInterfaceCode::DELETE_REMOTE_DEVICE_TOKEN, data, reply)) {
-        return ERR_SERVICE_ABNORMAL;
-    }
-
-    int32_t result = reply.ReadInt32();
-    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result);
-    return result;
-}
-
-int32_t AccessTokenManagerProxy::RegisterTokenSyncCallback(const sptr<IRemoteObject>& callback)
-{
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteRemoteObject(callback)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteRemoteObject failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(
-        AccessTokenInterfaceCode::REGISTER_TOKEN_SYNC_CALLBACK, data, reply)) {
-        return ERR_SERVICE_ABNORMAL;
-    }
-
-    int32_t result;
-    if (!reply.ReadInt32(result)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "ReadInt32 failed.");
-        return ERR_READ_PARCEL_FAILED;
-    }
-    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result);
-    return result;
-}
-
-int32_t AccessTokenManagerProxy::UnRegisterTokenSyncCallback()
-{
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(
-        AccessTokenInterfaceCode::UNREGISTER_TOKEN_SYNC_CALLBACK, data, reply)) {
-        return ERR_SERVICE_ABNORMAL;
-    }
-
-    int32_t result;
-    if (!reply.ReadInt32(result)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "ReadInt32 failed.");
-        return ERR_READ_PARCEL_FAILED;
-    }
-    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result);
-    return result;
-}
-#endif
-
-void AccessTokenManagerProxy::DumpTokenInfo(const AtmToolsParamInfoParcel& infoParcel, std::string& dumpInfo)
-{
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed.");
-        return;
-    }
-
-    if (!data.WriteParcelable(&infoParcel)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Write infoParcel failed.");
-        return;
-    }
-    MessageParcel reply;
-    if (!SendRequest(AccessTokenInterfaceCode::DUMP_TOKENINFO, data, reply)) {
-        return;
-    }
-    if (!reply.ReadString(dumpInfo)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "ReadString failed.");
-    }
-}
-
-int32_t AccessTokenManagerProxy::GetVersion(uint32_t& version)
-{
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Write interface token failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(AccessTokenInterfaceCode::GET_VERSION, data, reply)) {
-        return ERR_SERVICE_ABNORMAL;
-    }
-    int32_t result = reply.ReadInt32();
-    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result);
-    if (result != RET_SUCCESS) {
-        return result;
-    }
-    if (!reply.ReadUint32(version)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "ReadUint32 failed.");
-        return ERR_READ_PARCEL_FAILED;
-    }
-    return result;
-}
-
-int32_t AccessTokenManagerProxy::SetPermDialogCap(const HapBaseInfoParcel& hapBaseInfo, bool enable)
-{
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-
-    if (!data.WriteParcelable(&hapBaseInfo)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteParcelable failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteBool(enable)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteBool failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(AccessTokenInterfaceCode::SET_PERM_DIALOG_CAPABILITY, data, reply)) {
-        return ERR_SERVICE_ABNORMAL;
-    }
-    return reply.ReadInt32();
-}
-
-void AccessTokenManagerProxy::GetPermissionManagerInfo(PermissionGrantInfoParcel& infoParcel)
-{
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed.");
-        return;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(AccessTokenInterfaceCode::GET_PERMISSION_MANAGER_INFO, data, reply)) {
-        return;
-    }
-
-    sptr<PermissionGrantInfoParcel> parcel = reply.ReadParcelable<PermissionGrantInfoParcel>();
-    if (parcel == nullptr) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "ReadParcelable failed.");
-        return;
-    }
-    infoParcel = *parcel;
-}
-
-int32_t AccessTokenManagerProxy::InitUserPolicy(
-    const std::vector<UserState>& userList, const std::vector<std::string>& permList)
-{
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Write interface token failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-
-    size_t userLen = userList.size();
-    size_t permLen = permList.size();
-    if ((userLen == 0) || (userLen > MAX_USER_POLICY_SIZE) || (permLen == 0) || (permLen > MAX_USER_POLICY_SIZE)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "UserLen %{public}zu or permLen %{public}zu is invalid", userLen, permLen);
-        return ERR_PARAM_INVALID;
-    }
-
-    if (!data.WriteUint32(userLen)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Failed to write userLen size.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteUint32(permLen)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Failed to write permLen size.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-    for (const auto& userInfo : userList) {
-        if (!data.WriteInt32(userInfo.userId)) {
-            LOGE(ATM_DOMAIN, ATM_TAG, "Failed to write userId.");
-            return ERR_WRITE_PARCEL_FAILED;
-        }
-        if (!data.WriteBool(userInfo.isActive)) {
-            LOGE(ATM_DOMAIN, ATM_TAG, "Failed to write isActive.");
-            return ERR_WRITE_PARCEL_FAILED;
-        }
-    }
-    for (const auto& permission : permList) {
-        if (!data.WriteString(permission)) {
-            LOGE(ATM_DOMAIN, ATM_TAG, "Failed to write permission.");
-            return ERR_WRITE_PARCEL_FAILED;
-        }
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(AccessTokenInterfaceCode::INIT_USER_POLICY, data, reply)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Read replay failed");
-        return ERR_SERVICE_ABNORMAL;
-    }
-    int32_t result;
-    if (!reply.ReadInt32(result)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Read Int32 failed");
-        return AccessTokenError::ERR_READ_PARCEL_FAILED;
-    }
-    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server data = %{public}d", result);
-    return result;
-}
-
-int32_t AccessTokenManagerProxy::ClearUserPolicy()
-{
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Write interface token failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(AccessTokenInterfaceCode::CLEAR_USER_POLICY, data, reply)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Read replay failed");
-        return ERR_SERVICE_ABNORMAL;
-    }
-    int32_t result;
-    if (!reply.ReadInt32(result)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Read Int32 failed");
-        return AccessTokenError::ERR_READ_PARCEL_FAILED;
-    }
-    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server data = %{public}d", result);
-    return result;
-}
-
-int32_t AccessTokenManagerProxy::UpdateUserPolicy(const std::vector<UserState>& userList)
-{
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Write interface token failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-
-    size_t userLen = userList.size();
-    if ((userLen == 0) || (userLen > MAX_USER_POLICY_SIZE)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "UserLen %{public}zu is invalid.", userLen);
-        return ERR_PARAM_INVALID;
-    }
-
-    if (!data.WriteUint32(userLen)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Failed to write userLen size.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-
-    for (const auto& userInfo : userList) {
-        if (!data.WriteInt32(userInfo.userId)) {
-            LOGE(ATM_DOMAIN, ATM_TAG, "Failed to write userId.");
-            return ERR_WRITE_PARCEL_FAILED;
-        }
-        if (!data.WriteBool(userInfo.isActive)) {
-            LOGE(ATM_DOMAIN, ATM_TAG, "Failed to write isActive.");
-            return ERR_WRITE_PARCEL_FAILED;
-        }
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(AccessTokenInterfaceCode::UPDATE_USER_POLICY, data, reply)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Read replay failed");
-        return ERR_SERVICE_ABNORMAL;
-    }
-    int32_t result;
-    if (!reply.ReadInt32(result)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Read Int32 failed");
-        return AccessTokenError::ERR_READ_PARCEL_FAILED;
-    }
-    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server data = %{public}d", result);
-    return result;
-}
-
-int32_t AccessTokenManagerProxy::GetKernelPermissions(
-    AccessTokenID tokenID, std::vector<PermissionWithValue>& kernelPermList)
-{
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Write interface token failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-
-    if (!data.WriteUint32(tokenID)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Failed to write tokenID.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(AccessTokenInterfaceCode::GET_KERNEL_PERMISSIONS, data, reply)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Read replay failed");
-        return ERR_SERVICE_ABNORMAL;
-    }
-    int32_t result;
-    if (!reply.ReadInt32(result)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Read result failed");
-        return AccessTokenError::ERR_READ_PARCEL_FAILED;
-    }
-    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server data = %{public}d", result);
-    if (result != RET_SUCCESS) {
-        return result;
-    }
-    uint32_t size;
-    if (!reply.ReadUint32(size)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Read size failed");
-        return AccessTokenError::ERR_READ_PARCEL_FAILED;
-    }
-    if (size > MAX_EXTENDED_VALUE_LIST_SIZE) {
-        return AccessTokenError::ERR_OVERSIZE;
-    }
-    for (uint32_t i = 0; i < size; ++i) {
-        PermissionWithValue perm;
-        if (!reply.ReadString(perm.permissionName)) {
-            LOGE(ATM_DOMAIN, ATM_TAG, "Read permission name failed.");
-            return AccessTokenError::ERR_READ_PARCEL_FAILED;
-        }
-        if (!reply.ReadString(perm.value)) {
-            LOGE(ATM_DOMAIN, ATM_TAG, "Read value failed.");
-            return AccessTokenError::ERR_READ_PARCEL_FAILED;
-        }
-        if (perm.value == "true") {
-            perm.value.clear();
-        }
-        kernelPermList.emplace_back(perm);
-    }
-    return RET_SUCCESS;
-}
-
-int32_t AccessTokenManagerProxy::GetReqPermissionByName(
-    AccessTokenID tokenID, const std::string& permissionName, std::string& value)
-{
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Write interface token failed.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-
-    if (!data.WriteUint32(tokenID)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Failed to write tokenID.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-
-    if (!data.WriteString(permissionName)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Failed to write tokenID.");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(AccessTokenInterfaceCode::GET_PERMISSION_BY_NAME, data, reply)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Read replay failed");
-        return ERR_SERVICE_ABNORMAL;
-    }
-    int32_t result;
-    if (!reply.ReadInt32(result)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Read result failed");
-        return AccessTokenError::ERR_READ_PARCEL_FAILED;
-    }
-    LOGI(ATM_DOMAIN, ATM_TAG, "Result from server data = %{public}d", result);
-    if (result != RET_SUCCESS) {
-        return result;
-    }
-    if (!reply.ReadString(value)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Read value failed");
-        return AccessTokenError::ERR_READ_PARCEL_FAILED;
-    }
-
-    return RET_SUCCESS;
-}
-
-} // namespace AccessToken
-} // namespace Security
-} // namespace OHOS
diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h
deleted file mode 100644
index 99ff5740f4f0fa71c9ea0f4091d9f8ba4fee7ef3..0000000000000000000000000000000000000000
--- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h
+++ /dev/null
@@ -1,122 +0,0 @@
-/*
- * Copyright (c) 2021-2024 Huawei Device Co., Ltd.
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef ACCESSTOKEN_MANAGER_PROXY_H
-#define ACCESSTOKEN_MANAGER_PROXY_H
-
-#include <string>
-#include <vector>
-
-#include "access_token.h"
-#include "atm_tools_param_info_parcel.h"
-#include "hap_info_parcel.h"
-#include "hap_base_info_parcel.h"
-#include "hap_policy_parcel.h"
-#include "hap_token_info_parcel.h"
-#include "hap_token_info_for_sync_parcel.h"
-#include "i_accesstoken_manager.h"
-#include "iremote_proxy.h"
-#include "native_token_info_parcel.h"
-#include "permission_def_parcel.h"
-#include "permission_grant_info_parcel.h"
-#include "permission_list_state_parcel.h"
-#include "permission_status_parcel.h"
-
-namespace OHOS {
-namespace Security {
-namespace AccessToken {
-class AccessTokenManagerProxy : public IRemoteProxy<IAccessTokenManager> {
-public:
-    explicit AccessTokenManagerProxy(const sptr<IRemoteObject>& impl);
-    ~AccessTokenManagerProxy() override;
-
-    PermUsedTypeEnum GetPermissionUsedType(
-        AccessTokenID tokenID, const std::string& permissionName) override;
-    int VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName) override;
-    int VerifyAccessToken(AccessTokenID tokenID,
-        const std::vector<std::string>& permissionList, std::vector<int32_t>& permStateList) override;
-    int GetDefPermission(const std::string& permissionName, PermissionDefParcel& permissionDefResult) override;
-    int GetReqPermissions(
-        AccessTokenID tokenID, std::vector<PermissionStatusParcel>& reqPermList, bool isSystemGrant) override;
-    int GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName, uint32_t& flag) override;
-    int32_t SetPermissionRequestToggleStatus(const std::string& permissionName, uint32_t status,
-        int32_t userID) override;
-    int32_t GetPermissionRequestToggleStatus(const std::string& permissionName, uint32_t& status,
-        int32_t userID) override;
-    int32_t RequestAppPermOnSetting(AccessTokenID tokenID) override;
-    int GrantPermission(AccessTokenID tokenID, const std::string& permissionName, uint32_t flag) override;
-    int RevokePermission(AccessTokenID tokenID, const std::string& permissionName, uint32_t flag) override;
-    int GrantPermissionForSpecifiedTime(
-        AccessTokenID tokenID, const std::string& permissionName, uint32_t onceTime) override;
-    PermissionOper GetSelfPermissionsState(std::vector<PermissionListStateParcel>& permListParcel,
-        PermissionGrantInfoParcel& infoParcel) override;
-    int32_t GetPermissionsStatus(
-        AccessTokenID tokenID, std::vector<PermissionListStateParcel>& permListParcel) override;
-    int ClearUserGrantedPermissionState(AccessTokenID tokenID) override;
-    int GetTokenType(AccessTokenID tokenID) override;
-    AccessTokenIDEx GetHapTokenID(int32_t userID, const std::string& bundleName, int32_t instIndex) override;
-    AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID) override;
-    AccessTokenIDEx AllocHapToken(const HapInfoParcel& hapInfo, const HapPolicyParcel& policyParcel) override;
-    int32_t InitHapToken(const HapInfoParcel& hapInfoParcel, HapPolicyParcel& policyParcel,
-        AccessTokenIDEx& fullTokenId, HapInfoCheckResult& resultInfo) override;
-    int DeleteToken(AccessTokenID tokenID) override;
-    int32_t UpdateHapToken(AccessTokenIDEx& tokenIdEx, const UpdateHapInfoParams& info,
-        const HapPolicyParcel& policyParcel, HapInfoCheckResult& resultInfo) override;
-    int32_t GetTokenIDByUserID(int32_t userID, std::unordered_set<AccessTokenID>& tokenIdList) override;
-    int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfoParcel& hapTokenInfoRes) override;
-    int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfoParcel& nativeTokenInfoRes) override;
-#ifndef ATM_BUILD_VARIANT_USER_ENABLE
-    int32_t ReloadNativeTokenInfo() override;
-#endif
-    int32_t RegisterPermStateChangeCallback(const PermStateChangeScopeParcel& scope,
-        const sptr<IRemoteObject>& callback) override;
-    int32_t UnRegisterPermStateChangeCallback(const sptr<IRemoteObject>& callback) override;
-    int32_t RegisterSelfPermStateChangeCallback(const PermStateChangeScopeParcel& scope,
-        const sptr<IRemoteObject>& callback) override;
-    int32_t UnRegisterSelfPermStateChangeCallback(const sptr<IRemoteObject>& callback) override;
-    AccessTokenID GetNativeTokenId(const std::string& processName) override;
-    int GetHapTokenInfoExtension(AccessTokenID tokenID,
-        HapTokenInfoParcel& hapTokenInfoRes, std::string& appID) override;
-    int32_t InitUserPolicy(const std::vector<UserState>& userList, const std::vector<std::string>& permList) override;
-    int32_t UpdateUserPolicy(const std::vector<UserState>& userList) override;
-    int32_t ClearUserPolicy() override;
-
-#ifdef TOKEN_SYNC_ENABLE
-    int GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSyncParcel& hapSyncParcel) override;
-    int SetRemoteHapTokenInfo(const std::string& deviceID, HapTokenInfoForSyncParcel& hapSyncParcel) override;
-    int DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID) override;
-    AccessTokenID GetRemoteNativeTokenID(const std::string& deviceID, AccessTokenID tokenID) override;
-    int DeleteRemoteDeviceTokens(const std::string& deviceID) override;
-    int32_t RegisterTokenSyncCallback(const sptr<IRemoteObject>& callback) override;
-    int32_t UnRegisterTokenSyncCallback() override;
-#endif
-
-    int32_t GetKernelPermissions(
-        AccessTokenID tokenId, std::vector<PermissionWithValue>& kernelPermList) override;
-    int32_t GetReqPermissionByName(
-        AccessTokenID tokenId, const std::string& permissionName, std::string& value) override;
-    int32_t SetPermDialogCap(const HapBaseInfoParcel& hapBaseInfo, bool enable) override;
-    void DumpTokenInfo(const AtmToolsParamInfoParcel& infoParcel, std::string& dumpInfo) override;
-    int32_t GetVersion(uint32_t& version) override;
-    void GetPermissionManagerInfo(PermissionGrantInfoParcel& infoParcel) override;
-
-private:
-    bool SendRequest(AccessTokenInterfaceCode code, MessageParcel& data, MessageParcel& reply);
-    static inline BrokerDelegator<AccessTokenManagerProxy> delegator_;
-};
-} // namespace AccessToken
-} // namespace Security
-} // namespace OHOS
-#endif // ACCESSTOKEN_MANAGER_PROXY_H
diff --git a/interfaces/innerkits/accesstoken/test/unittest/BUILD.gn b/interfaces/innerkits/accesstoken/test/unittest/BUILD.gn
index 1808c7cde1dcf74a546af5b86da723c837cc7102..a01a3cbf635bd7f8b1c2c87728749e0d51bc031c 100755
--- a/interfaces/innerkits/accesstoken/test/unittest/BUILD.gn
+++ b/interfaces/innerkits/accesstoken/test/unittest/BUILD.gn
@@ -15,9 +15,8 @@ import("//build/test.gni")
 import("../../../../../access_token.gni")
 
 ohos_unittest("libaccesstoken_sdk_test") {
-  subsystem_name = "security"
-  part_name = "access_token"
-  module_out_path = part_name + "/" + part_name
+  subsystem_name = "accesscontrol"
+  module_out_path = module_output_path_unittest_accesstoken
   sanitize = {
     cfi = true
     cfi_cross_dso = true
@@ -60,9 +59,9 @@ ohos_unittest("libaccesstoken_sdk_test") {
     "PermDenyTest/accesstoken_deny_test.cpp",
     "PermisionDialogTest/accesstoken_location_request_test.cpp",
     "PermisionDialogTest/get_self_permission_state_test.cpp",
+    "PermisionDialogTest/get_self_permission_status_test.cpp",
     "PermisionDialogTest/request_permission_on_setting_test.cpp",
     "PermisionDialogTest/set_perm_dialog_cap_test.cpp",
-    "PermissionsTest/check_permission_map_test.cpp",
     "PermissionsTest/clear_user_granted__permission_state_test.cpp",
     "PermissionsTest/get_permission_test.cpp",
     "PermissionsTest/grant_permission_for_specified_time_test.cpp",
@@ -102,10 +101,7 @@ ohos_unittest("libaccesstoken_sdk_test") {
   ]
   if (token_sync_enable == true) {
     cflags_cc += [ "-DTOKEN_SYNC_ENABLE" ]
-    external_deps += [
-      "device_manager:devicemanagersdk",
-      "json:nlohmann_json_static",
-    ]
+    external_deps += [ "device_manager:devicemanagersdk" ]
   }
   if (dlp_permission_enable == true) {
     cflags_cc += [ "-DSUPPORT_SANDBOX_APP" ]
@@ -114,15 +110,11 @@ ohos_unittest("libaccesstoken_sdk_test") {
       "DlpTest/share_permission_with_sandbox_test.cpp",
     ]
   }
-  if (build_variant == "user") {
-    cflags_cc += [ "-DATM_BUILD_VARIANT_USER_ENABLE" ]
-  }
 }
 
 ohos_unittest("accesstoken_mock_test") {
-  subsystem_name = "security"
-  part_name = "access_token"
-  module_out_path = part_name + "/" + part_name
+  subsystem_name = "accesscontrol"
+  module_out_path = module_output_path_unittest_accesstoken
   sanitize = {
     cfi = true
     cfi_cross_dso = true
@@ -146,14 +138,16 @@ ohos_unittest("accesstoken_mock_test") {
     "${access_token_innerkit_path}/src/accesstoken_death_recipient.cpp",
     "${access_token_innerkit_path}/src/accesstoken_kit.cpp",
     "${access_token_innerkit_path}/src/accesstoken_manager_client.cpp",
-    "${access_token_innerkit_path}/src/accesstoken_manager_proxy.cpp",
     "${access_token_innerkit_path}/src/perm_state_change_callback_customize.cpp",
     "../mock/src/iservice_registry.cpp",
     "ProxyMockTest/accesstoken_mock_test.cpp",
   ]
 
   cflags_cc = [ "-DHILOG_ENABLE" ]
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
   deps = [
     "${access_token_path}/frameworks/accesstoken:accesstoken_communication_adapter_cxx",
@@ -161,6 +155,7 @@ ohos_unittest("accesstoken_mock_test") {
     "${access_token_path}/interfaces/innerkits/accesstoken:libtokenid_sdk",
     "${access_token_path}/interfaces/innerkits/token_setproc:libperm_setproc",
     "${access_token_path}/interfaces/innerkits/token_setproc:libtokensetproc_shared",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_proxy",
   ]
 
   external_deps = [
@@ -182,7 +177,4 @@ ohos_unittest("accesstoken_mock_test") {
   if (token_sync_enable == true) {
     cflags_cc += [ "-DTOKEN_SYNC_ENABLE" ]
   }
-  if (build_variant == "user") {
-    cflags_cc += [ "-DATM_BUILD_VARIANT_USER_ENABLE" ]
-  }
 }
diff --git a/interfaces/innerkits/accesstoken/test/unittest/Coverage/accesstoken_kit_coverage_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/Coverage/accesstoken_kit_coverage_test.cpp
index 1f1c76a04026ffa3af42ba262a4d44c4472dd265..fda0ef88b105d3020e60d8d4307d55e843939053 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/Coverage/accesstoken_kit_coverage_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/Coverage/accesstoken_kit_coverage_test.cpp
@@ -19,7 +19,6 @@
 #include "access_token.h"
 #include "access_token_error.h"
 #include "accesstoken_common_log.h"
-#include "accesstoken_service_ipc_interface_code.h"
 #include "hap_token_info.h"
 #include "nativetoken_kit.h"
 #include "permission_grant_info.h"
@@ -95,7 +94,7 @@ public:
  * @tc.type: FUNC
  * @tc.require: issueI61NS6
  */
-HWTEST_F(AccessTokenCoverageTest, PermStateChangeCallback001, TestSize.Level1)
+HWTEST_F(AccessTokenCoverageTest, PermStateChangeCallback001, TestSize.Level4)
 {
     PermStateChangeInfo result = {
         .permStateChangeType = 0,
@@ -130,7 +129,7 @@ public:
  * @tc.type: FUNC
  * @tc.require: issueI61A6M
  */
-HWTEST_F(AccessTokenCoverageTest, OnRemoteRequest001, TestSize.Level1)
+HWTEST_F(AccessTokenCoverageTest, OnRemoteRequest001, TestSize.Level4)
 {
     PermStateChangeInfo info = {
         .permStateChangeType = 0,
@@ -165,7 +164,7 @@ HWTEST_F(AccessTokenCoverageTest, OnRemoteRequest001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI61A6M
  */
-HWTEST_F(AccessTokenCoverageTest, CreatePermStateChangeCallback001, TestSize.Level1)
+HWTEST_F(AccessTokenCoverageTest, CreatePermStateChangeCallback001, TestSize.Level4)
 {
     std::vector<std::string> reqPerm;
     reqPerm.emplace_back("ohos.permission.GET_SENSITIVE_PERMISSIONS");
@@ -202,7 +201,7 @@ HWTEST_F(AccessTokenCoverageTest, CreatePermStateChangeCallback001, TestSize.Lev
  * @tc.type: FUNC
  * @tc.require: issueI61A6M
  */
-HWTEST_F(AccessTokenCoverageTest, InitProxy001, TestSize.Level1)
+HWTEST_F(AccessTokenCoverageTest, InitProxy001, TestSize.Level4)
 {
     ASSERT_NE(nullptr, AccessTokenManagerClient::GetInstance().proxy_);
     OHOS::sptr<IAccessTokenManager> proxy = AccessTokenManagerClient::GetInstance().proxy_; // backup
@@ -218,7 +217,7 @@ HWTEST_F(AccessTokenCoverageTest, InitProxy001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI61A6M
  */
-HWTEST_F(AccessTokenCoverageTest, AllocHapToken001, TestSize.Level1)
+HWTEST_F(AccessTokenCoverageTest, AllocHapToken001, TestSize.Level4)
 {
     HapInfoParams info;
     HapPolicyParams policy;
@@ -233,7 +232,7 @@ HWTEST_F(AccessTokenCoverageTest, AllocHapToken001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI61A6M
  */
-HWTEST_F(AccessTokenCoverageTest, VerifyAccessToken005, TestSize.Level1)
+HWTEST_F(AccessTokenCoverageTest, VerifyAccessToken005, TestSize.Level4)
 {
     HapInfoParams info = {
         .userID = TEST_USER_ID,
@@ -265,18 +264,18 @@ HWTEST_F(AccessTokenCoverageTest, VerifyAccessToken005, TestSize.Level1)
     // ret = PERMISSION_GRANTED + firstTokenID = 0
     std::string permissionName = "ohos.permission.GET_BUNDLE_INFO";
     firstTokenID = 0;
-    ASSERT_EQ(PermissionState::PERMISSION_GRANTED, AccessTokenKit::VerifyAccessToken(
+    EXPECT_EQ(PermissionState::PERMISSION_GRANTED, AccessTokenKit::VerifyAccessToken(
         callerTokenID, firstTokenID, permissionName, false));
 
     firstTokenID = 1;
     // ret = PERMISSION_GRANTED + firstTokenID != 0
-    ASSERT_EQ(PermissionState::PERMISSION_DENIED, AccessTokenKit::VerifyAccessToken(
+    EXPECT_EQ(PermissionState::PERMISSION_DENIED, AccessTokenKit::VerifyAccessToken(
         callerTokenID, firstTokenID, permissionName, false));
-    TestCommon::DeleteTestHapToken(callerTokenID);
+    ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(callerTokenID));
 
     callerTokenID = 0;
     // ret = PERMISSION_DENIED
-    ASSERT_EQ(PermissionState::PERMISSION_DENIED, AccessTokenKit::VerifyAccessToken(
+    EXPECT_EQ(PermissionState::PERMISSION_DENIED, AccessTokenKit::VerifyAccessToken(
         callerTokenID, firstTokenID, permissionName, false));
 }
 
@@ -286,7 +285,7 @@ HWTEST_F(AccessTokenCoverageTest, VerifyAccessToken005, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI7MOA1
  */
-HWTEST_F(AccessTokenCoverageTest, GetRenderTokenIDTest001, TestSize.Level1)
+HWTEST_F(AccessTokenCoverageTest, GetRenderTokenIDTest001, TestSize.Level4)
 {
     uint64_t validTokenID = GetSelfTokenID();
     uint64_t retTokenId = validTokenID;
@@ -302,7 +301,7 @@ HWTEST_F(AccessTokenCoverageTest, GetRenderTokenIDTest001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI7MOA1
  */
-HWTEST_F(AccessTokenCoverageTest, GetRenderTokenIDTest002, TestSize.Level1)
+HWTEST_F(AccessTokenCoverageTest, GetRenderTokenIDTest002, TestSize.Level4)
 {
     uint64_t invalidTokenID = 0;
     uint64_t retTokenId = 1;    /* 1, for testing purposes */
@@ -317,7 +316,7 @@ HWTEST_F(AccessTokenCoverageTest, GetRenderTokenIDTest002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenCoverageTest, GetRenderTokenIDTest003, TestSize.Level1)
+HWTEST_F(AccessTokenCoverageTest, GetRenderTokenIDTest003, TestSize.Level4)
 {
     uint64_t invalidTokenID = 0;
     uint64_t retTokenId = 1;    /* 1, for testing purposes */
@@ -380,7 +379,7 @@ public:
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenCoverageTest, TokenSyncCallbackStubTest001, TestSize.Level1)
+HWTEST_F(AccessTokenCoverageTest, TokenSyncCallbackStubTest001, TestSize.Level4)
 {
     TokenSyncCallbackStubTest callback;
 
@@ -401,7 +400,7 @@ HWTEST_F(AccessTokenCoverageTest, TokenSyncCallbackStubTest001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenCoverageTest, TokenSyncCallbackStubTest002, TestSize.Level1)
+HWTEST_F(AccessTokenCoverageTest, TokenSyncCallbackStubTest002, TestSize.Level4)
 {
     TokenSyncCallbackStubTest callback;
     OHOS::MessageParcel data;
@@ -419,7 +418,7 @@ HWTEST_F(AccessTokenCoverageTest, TokenSyncCallbackStubTest002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenCoverageTest, TokenSyncCallbackStubTest003, TestSize.Level1)
+HWTEST_F(AccessTokenCoverageTest, TokenSyncCallbackStubTest003, TestSize.Level4)
 {
     TokenSyncCallbackStubTest callback;
     OHOS::MessageParcel data;
@@ -451,7 +450,7 @@ HWTEST_F(AccessTokenCoverageTest, TokenSyncCallbackStubTest003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenCoverageTest, TokenSyncCallbackStubTest004, TestSize.Level1)
+HWTEST_F(AccessTokenCoverageTest, TokenSyncCallbackStubTest004, TestSize.Level4)
 {
     setuid(3020); // ACCESSTOKEN_UID
 
@@ -493,7 +492,7 @@ HWTEST_F(AccessTokenCoverageTest, TokenSyncCallbackStubTest004, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenCoverageTest, TokenSyncCallbackTest001, TestSize.Level1)
+HWTEST_F(AccessTokenCoverageTest, TokenSyncCallbackTest001, TestSize.Level4)
 {
     TokenSyncCallback callback(nullptr);
     EXPECT_EQ(nullptr, callback.tokenSyncCallback_); // test input
@@ -514,7 +513,7 @@ HWTEST_F(AccessTokenCoverageTest, TokenSyncCallbackTest001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenCoverageTest, GetPermissionManagerInfo001, TestSize.Level1)
+HWTEST_F(AccessTokenCoverageTest, GetPermissionManagerInfo001, TestSize.Level4)
 {
     PermissionGrantInfo info;
     AccessTokenKit::GetPermissionManagerInfo(info);
diff --git a/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/alloc_local_token_id_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/alloc_local_token_id_test.cpp
index f4aa037bb6ddbbc5bddbec95b94aa5f6b15547f9..f9c77dc83a383f32f407961f36c4b11c5697d0c0 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/alloc_local_token_id_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/alloc_local_token_id_test.cpp
@@ -130,7 +130,7 @@ void AllocLocalTokenIDTest::TearDown()
  * @tc.type: FUNC
  * @tc.require:issue I5R4UF
  */
-HWTEST_F(AllocLocalTokenIDTest, AllocLocalTokenIDFuncTest001, TestSize.Level1)
+HWTEST_F(AllocLocalTokenIDTest, AllocLocalTokenIDFuncTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "AllocLocalTokenIDFuncTest001 start.");
     HapInfoParams infoParms = {
@@ -164,7 +164,7 @@ HWTEST_F(AllocLocalTokenIDTest, AllocLocalTokenIDFuncTest001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:issue I5R4UF
  */
-HWTEST_F(AllocLocalTokenIDTest, AllocLocalTokenIDFuncTest002, TestSize.Level1)
+HWTEST_F(AllocLocalTokenIDTest, AllocLocalTokenIDFuncTest002, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "AllocLocalTokenIDFuncTest002 start.");
     MockNativeToken mock("token_sync_service");
diff --git a/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/delete_remote_device_tokens_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/delete_remote_device_tokens_test.cpp
index 558f809a3c00a2ca08c233a15cd0178996a5e137..527346073305c9bdbb9d5a5e6c9c962317d07b24 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/delete_remote_device_tokens_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/delete_remote_device_tokens_test.cpp
@@ -131,7 +131,7 @@ void DeleteRemoteDeviceTokensTest::TearDown()
  * @tc.type: FUNC
  * @tc.require:issue I5R4UF
  */
-HWTEST_F(DeleteRemoteDeviceTokensTest, DeleteRemoteDeviceTokensFuncTest001, TestSize.Level1)
+HWTEST_F(DeleteRemoteDeviceTokensTest, DeleteRemoteDeviceTokensFuncTest001, TestSize.Level0)
 {
     MockNativeToken mock("token_sync_service");
     LOGI(ATM_DOMAIN, ATM_TAG, "DeleteRemoteDeviceTokensFuncTest001 start.");
@@ -180,7 +180,7 @@ HWTEST_F(DeleteRemoteDeviceTokensTest, DeleteRemoteDeviceTokensFuncTest001, Test
  * @tc.type: FUNC
  * @tc.require:issue I5R4UF
  */
-HWTEST_F(DeleteRemoteDeviceTokensTest, DeleteRemoteDeviceTokensFuncTest002, TestSize.Level1)
+HWTEST_F(DeleteRemoteDeviceTokensTest, DeleteRemoteDeviceTokensFuncTest002, TestSize.Level0)
 {
     MockNativeToken mock("token_sync_service");
     LOGI(ATM_DOMAIN, ATM_TAG, "DeleteRemoteDeviceTokensFuncTest002 start.");
@@ -226,7 +226,7 @@ HWTEST_F(DeleteRemoteDeviceTokensTest, DeleteRemoteDeviceTokensFuncTest002, Test
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(DeleteRemoteDeviceTokensTest, DeleteRemoteDeviceTokensAbnormalTest001, TestSize.Level1)
+HWTEST_F(DeleteRemoteDeviceTokensTest, DeleteRemoteDeviceTokensAbnormalTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "DeleteRemoteDeviceTokensAbnormalTest001 start.");
     SetSelfTokenID(g_selfTokenId);
diff --git a/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/delete_remote_token_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/delete_remote_token_test.cpp
index e3f7cabce6375244384c3345176399753fd19467..681a23acde501400b281d600df42e53b48aefe34 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/delete_remote_token_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/delete_remote_token_test.cpp
@@ -137,7 +137,7 @@ void DeleteRemoteTokenTest::TearDown()
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(DeleteRemoteTokenTest, DeleteRemoteTokenAbnormalTest001, TestSize.Level1)
+HWTEST_F(DeleteRemoteTokenTest, DeleteRemoteTokenAbnormalTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "DeleteRemoteTokenAbnormalTest001 start.");
     MockNativeToken mock("token_sync_service");
@@ -160,7 +160,7 @@ HWTEST_F(DeleteRemoteTokenTest, DeleteRemoteTokenAbnormalTest001, TestSize.Level
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(DeleteRemoteTokenTest, DeleteRemoteTokenAbnormalTest002, TestSize.Level1)
+HWTEST_F(DeleteRemoteTokenTest, DeleteRemoteTokenAbnormalTest002, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "DeleteRemoteTokenAbnormalTest002 start.");
     std::string device = "device";
@@ -174,7 +174,7 @@ HWTEST_F(DeleteRemoteTokenTest, DeleteRemoteTokenAbnormalTest002, TestSize.Level
  * @tc.type: FUNC
  * @tc.require:issue I5R4UF
  */
-HWTEST_F(DeleteRemoteTokenTest, DeleteRemoteTokenFuncTest001, TestSize.Level1)
+HWTEST_F(DeleteRemoteTokenTest, DeleteRemoteTokenFuncTest001, TestSize.Level0)
 {
     MockNativeToken mock("token_sync_service");
     LOGI(ATM_DOMAIN, ATM_TAG, "DeleteRemoteTokenFuncTest001 start.");
@@ -215,7 +215,7 @@ HWTEST_F(DeleteRemoteTokenTest, DeleteRemoteTokenFuncTest001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:issue I5R4UF
  */
-HWTEST_F(DeleteRemoteTokenTest, DeleteRemoteTokenFuncTest002, TestSize.Level1)
+HWTEST_F(DeleteRemoteTokenTest, DeleteRemoteTokenFuncTest002, TestSize.Level0)
 {
     MockNativeToken mock("token_sync_service");
     LOGI(ATM_DOMAIN, ATM_TAG, "DeleteRemoteTokenFuncTest002 start.");
@@ -259,7 +259,7 @@ HWTEST_F(DeleteRemoteTokenTest, DeleteRemoteTokenFuncTest002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:issue I5R4UF
  */
-HWTEST_F(DeleteRemoteTokenTest, DeleteRemoteTokenFuncTest003, TestSize.Level1)
+HWTEST_F(DeleteRemoteTokenTest, DeleteRemoteTokenFuncTest003, TestSize.Level0)
 {
     MockNativeToken mock("token_sync_service");
     LOGI(ATM_DOMAIN, ATM_TAG, "DeleteRemoteTokenFuncTest003 start.");
diff --git a/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/get_hap_token_info_from_remote_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/get_hap_token_info_from_remote_test.cpp
index a7a1826adbbf244666c05d19c018aafb11c2b295..f3b65df1e203cac010d21cbbd7209c22f36478f1 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/get_hap_token_info_from_remote_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/get_hap_token_info_from_remote_test.cpp
@@ -142,7 +142,7 @@ void GetHapTokenInfoFromRemoteTest::TearDown()
  * @tc.type: FUNC
  * @tc.require:issue I5R4UF
  */
-HWTEST_F(GetHapTokenInfoFromRemoteTest, GetHapTokenInfoFromRemoteFuncTest001, TestSize.Level1)
+HWTEST_F(GetHapTokenInfoFromRemoteTest, GetHapTokenInfoFromRemoteFuncTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GetHapTokenInfoFromRemoteFuncTest001 start.");
 
@@ -155,19 +155,19 @@ HWTEST_F(GetHapTokenInfoFromRemoteTest, GetHapTokenInfoFromRemoteFuncTest001, Te
 
     HapTokenInfoForSync infoSync;
     int ret = AccessTokenKit::GetHapTokenInfoFromRemote(localTokenID, infoSync);
-    ASSERT_EQ(ret, RET_SUCCESS);
-    ASSERT_EQ(infoSync.permStateList.size(), static_cast<uint32_t>(2));
+    EXPECT_EQ(ret, RET_SUCCESS);
+    EXPECT_EQ(infoSync.permStateList.size(), static_cast<uint32_t>(2));
 
-    ASSERT_EQ(infoSync.permStateList[0].permissionName, g_infoManagerTestPolicyPrams.permStateList[0].permissionName);
+    EXPECT_EQ(infoSync.permStateList[0].permissionName, g_infoManagerTestPolicyPrams.permStateList[0].permissionName);
 
-    ASSERT_EQ(infoSync.permStateList[1].permissionName, g_infoManagerTestPolicyPrams.permStateList[1].permissionName);
+    EXPECT_EQ(infoSync.permStateList[1].permissionName, g_infoManagerTestPolicyPrams.permStateList[1].permissionName);
 
-    ASSERT_EQ(infoSync.baseInfo.bundleName, g_infoManagerTestInfoParms.bundleName);
-    ASSERT_EQ(infoSync.baseInfo.userID, g_infoManagerTestInfoParms.userID);
-    ASSERT_EQ(infoSync.baseInfo.instIndex, g_infoManagerTestInfoParms.instIndex);
-    ASSERT_EQ(infoSync.baseInfo.ver, 1);
-    ASSERT_EQ(infoSync.baseInfo.tokenID, localTokenID);
-    ASSERT_EQ(infoSync.baseInfo.tokenAttr, 0);
+    EXPECT_EQ(infoSync.baseInfo.bundleName, g_infoManagerTestInfoParms.bundleName);
+    EXPECT_EQ(infoSync.baseInfo.userID, g_infoManagerTestInfoParms.userID);
+    EXPECT_EQ(infoSync.baseInfo.instIndex, g_infoManagerTestInfoParms.instIndex);
+    EXPECT_EQ(infoSync.baseInfo.ver, 1);
+    EXPECT_EQ(infoSync.baseInfo.tokenID, localTokenID);
+    EXPECT_EQ(infoSync.baseInfo.tokenAttr, 0);
 
     EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(localTokenID));
 }
@@ -178,7 +178,7 @@ HWTEST_F(GetHapTokenInfoFromRemoteTest, GetHapTokenInfoFromRemoteFuncTest001, Te
  * @tc.type: FUNC
  * @tc.require:issue I5R4UF
  */
-HWTEST_F(GetHapTokenInfoFromRemoteTest, GetHapTokenInfoFromRemoteFuncTest002, TestSize.Level1)
+HWTEST_F(GetHapTokenInfoFromRemoteTest, GetHapTokenInfoFromRemoteFuncTest002, TestSize.Level0)
 {
     MockNativeToken mock("token_sync_service");
     LOGI(ATM_DOMAIN, ATM_TAG, "GetHapTokenInfoFromRemoteFuncTest002 start.");
@@ -215,7 +215,7 @@ HWTEST_F(GetHapTokenInfoFromRemoteTest, GetHapTokenInfoFromRemoteFuncTest002, Te
  * @tc.type: FUNC
  * @tc.require:issue I5R4UF
  */
-HWTEST_F(GetHapTokenInfoFromRemoteTest, GetHapTokenInfoFromRemoteAbnormalTest001, TestSize.Level1)
+HWTEST_F(GetHapTokenInfoFromRemoteTest, GetHapTokenInfoFromRemoteAbnormalTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GetHapTokenInfoFromRemoteAbnormalTest001 start.");
     HapTokenInfoForSync infoSync;
@@ -229,7 +229,7 @@ HWTEST_F(GetHapTokenInfoFromRemoteTest, GetHapTokenInfoFromRemoteAbnormalTest001
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(GetHapTokenInfoFromRemoteTest, GetHapTokenInfoFromRemoteAbnormalTest002, TestSize.Level1)
+HWTEST_F(GetHapTokenInfoFromRemoteTest, GetHapTokenInfoFromRemoteAbnormalTest002, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GetHapTokenInfoFromRemoteAbnormalTest002 start.");
     EXPECT_EQ(0, SetSelfTokenID(g_selfTokenId));
diff --git a/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/get_remote_native_tokenid_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/get_remote_native_tokenid_test.cpp
index ea33192e174a546e2c03e509d938769f092cd9a7..20e1960b8f30b99607d204554951d4d490869d25 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/get_remote_native_tokenid_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/get_remote_native_tokenid_test.cpp
@@ -102,7 +102,7 @@ void GetRemoteNativeTokenIDTest::TearDown()
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(GetRemoteNativeTokenIDTest, GetRemoteNativeTokenIDAbnormalTest001, TestSize.Level1)
+HWTEST_F(GetRemoteNativeTokenIDTest, GetRemoteNativeTokenIDAbnormalTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GetRemoteNativeTokenIDAbnormalTest001 start.");
     std::string device = "device";
diff --git a/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/register_token_sync_callback_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/register_token_sync_callback_test.cpp
index 16e49bd206ef593c6f5c31e0e8878876a8b51736..d7e261f2d7bc4c62a1e6917fde6217f182a74037 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/register_token_sync_callback_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/register_token_sync_callback_test.cpp
@@ -131,7 +131,7 @@ void RegisterTokenSyncCallbackTest::TearDown()
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(RegisterTokenSyncCallbackTest, RegisterTokenSyncCallbackAbnormalTest001, TestSize.Level1)
+HWTEST_F(RegisterTokenSyncCallbackTest, RegisterTokenSyncCallbackAbnormalTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "RegisterTokenSyncCallbackAbnormalTest001 start.");
     int32_t ret = AccessTokenKit::RegisterTokenSyncCallback(nullptr);
@@ -144,7 +144,7 @@ HWTEST_F(RegisterTokenSyncCallbackTest, RegisterTokenSyncCallbackAbnormalTest001
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(RegisterTokenSyncCallbackTest, RegisterTokenSyncCallbackAbnormalTest002, TestSize.Level1)
+HWTEST_F(RegisterTokenSyncCallbackTest, RegisterTokenSyncCallbackAbnormalTest002, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "RegisterTokenSyncCallbackAbnormalTest002 start.");
     std::shared_ptr<TokenSyncKitInterface> callback = std::make_shared<TokenSyncCallbackImpl>();
@@ -158,7 +158,7 @@ HWTEST_F(RegisterTokenSyncCallbackTest, RegisterTokenSyncCallbackAbnormalTest002
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(RegisterTokenSyncCallbackTest, RegisterTokenSyncCallbackFuncTest001, TestSize.Level1)
+HWTEST_F(RegisterTokenSyncCallbackTest, RegisterTokenSyncCallbackFuncTest001, TestSize.Level0)
 {
     MockNativeToken mock("token_sync_service");
     LOGI(ATM_DOMAIN, ATM_TAG, "RegisterTokenSyncCallbackFuncTest001 start.");
diff --git a/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/set_remote_hap_token_info_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/set_remote_hap_token_info_test.cpp
index a081155148ad8ec9f80a6a7d5885473a53f638aa..db89cdcfcf4cd2cfdd82a4766f2d28dc1468a49f 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/set_remote_hap_token_info_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/set_remote_hap_token_info_test.cpp
@@ -132,7 +132,7 @@ void SetRemoteHapTokenInfoTest::TearDown()
  * @tc.type: FUNC
  * @tc.require:issue I5R4UF
  */
-HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoFuncTest001, TestSize.Level1)
+HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoFuncTest001, TestSize.Level0)
 {
     MockNativeToken mock("token_sync_service");
     LOGI(ATM_DOMAIN, ATM_TAG, "SetRemoteHapTokenInfoFuncTest001 start.");
@@ -199,7 +199,7 @@ void SetRemoteHapTokenInfoWithWrongInfo1(HapTokenInfo &wrongBaseInfo, const HapT
  * @tc.type: FUNC
  * @tc.require:issue I5R4UF
  */
-HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoFuncTest002, TestSize.Level1)
+HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoFuncTest002, TestSize.Level0)
 {
     MockNativeToken mock("token_sync_service");
     LOGI(ATM_DOMAIN, ATM_TAG, "SetRemoteHapTokenInfoFuncTest002 start.");
@@ -241,7 +241,7 @@ HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoFuncTest002, TestSize.L
  * @tc.type: FUNC
  * @tc.require:issue I5R4UF
  */
-HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoFuncTest003, TestSize.Level1)
+HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoFuncTest003, TestSize.Level0)
 {
     MockNativeToken mock("token_sync_service");
     LOGI(ATM_DOMAIN, ATM_TAG, "SetRemoteHapTokenInfoFuncTest003 start.");
@@ -281,7 +281,7 @@ HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoFuncTest003, TestSize.L
  * @tc.type: FUNC
  * @tc.require:issue I5R4UF
  */
-HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoFuncTest004, TestSize.Level1)
+HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoFuncTest004, TestSize.Level0)
 {
     MockNativeToken mock("token_sync_service");
     LOGI(ATM_DOMAIN, ATM_TAG, "SetRemoteHapTokenInfoFuncTest004 start.");
@@ -326,7 +326,7 @@ HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoFuncTest004, TestSize.L
  * @tc.type: FUNC
  * @tc.require:issue I5R4UF
  */
-HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest001, TestSize.Level1)
+HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest001, TestSize.Level0)
 {
     MockNativeToken mock("token_sync_service");
     LOGI(ATM_DOMAIN, ATM_TAG, "SetRemoteHapTokenInfoSpecTest001 start.");
@@ -375,7 +375,7 @@ HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest001, TestSize.L
  * @tc.type: FUNC
  * @tc.require:issue I5R4UF
  */
-HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest002, TestSize.Level1)
+HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest002, TestSize.Level0)
 {
     MockNativeToken mock("token_sync_service");
     LOGI(ATM_DOMAIN, ATM_TAG, "SetRemoteHapTokenInfoSpecTest002 start.");
@@ -429,7 +429,7 @@ HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest002, TestSize.L
  * @tc.type: FUNC
  * @tc.require:issue I5R4UF
  */
-HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest003, TestSize.Level1)
+HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest003, TestSize.Level0)
 {
     MockNativeToken mock("token_sync_service");
     LOGI(ATM_DOMAIN, ATM_TAG, "SetRemoteHapTokenInfoSpecTest003 start.");
@@ -467,7 +467,7 @@ HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest003, TestSize.L
  * @tc.type: FUNC
  * @tc.require:issue I5R4UF
  */
-HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest004, TestSize.Level1)
+HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest004, TestSize.Level0)
 {
     MockNativeToken mock("token_sync_service");
     LOGI(ATM_DOMAIN, ATM_TAG, "SetRemoteHapTokenInfoSpecTest004 start.");
@@ -514,7 +514,7 @@ HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest004, TestSize.L
  * @tc.type: FUNC
  * @tc.require:issue I5R4UF
  */
-HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest005, TestSize.Level1)
+HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest005, TestSize.Level0)
 {
     MockNativeToken mock("token_sync_service");
     LOGI(ATM_DOMAIN, ATM_TAG, "SetRemoteHapTokenInfoSpecTest005 start.");
@@ -560,7 +560,7 @@ HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest005, TestSize.L
  * @tc.type: FUNC
  * @tc.require:issue I5R4UF
  */
-HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest006, TestSize.Level1)
+HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest006, TestSize.Level0)
 {
     MockNativeToken mock("token_sync_service");
     LOGI(ATM_DOMAIN, ATM_TAG, "SetRemoteHapTokenInfoSpecTest006 start.");
@@ -596,7 +596,7 @@ HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest006, TestSize.L
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoAbnormalTest001, TestSize.Level1)
+HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoAbnormalTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "SetRemoteHapTokenInfoAbnormalTest001 start.");
     std::string device = "device";
diff --git a/interfaces/innerkits/accesstoken/test/unittest/DlpTest/clone_app_permission_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/DlpTest/clone_app_permission_test.cpp
index edd179fd756214c262b4d14810a49e7b70dec0be..e2266e20e52bca2fc0b8ab394a9a3065368c852f 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/DlpTest/clone_app_permission_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/DlpTest/clone_app_permission_test.cpp
@@ -186,7 +186,7 @@ static AccessTokenID AllocHapTokenId(HapInfoParams info, HapPolicyParams policy)
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(CloneAppPermissionTest, OriginApp01, TestSize.Level1)
+HWTEST_F(CloneAppPermissionTest, OriginApp01, TestSize.Level0)
 {
     int ret;
     auto policyParams = g_policyParams;
@@ -228,7 +228,7 @@ HWTEST_F(CloneAppPermissionTest, OriginApp01, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(CloneAppPermissionTest, OriginApp02, TestSize.Level1)
+HWTEST_F(CloneAppPermissionTest, OriginApp02, TestSize.Level0)
 {
     int ret;
     auto policyParams = g_policyParams;
@@ -290,7 +290,7 @@ HWTEST_F(CloneAppPermissionTest, OriginApp02, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(CloneAppPermissionTest, OriginApp03, TestSize.Level1)
+HWTEST_F(CloneAppPermissionTest, OriginApp03, TestSize.Level0)
 {
     int ret;
     auto policyParams = g_policyParams;
@@ -358,7 +358,7 @@ HWTEST_F(CloneAppPermissionTest, OriginApp03, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(CloneAppPermissionTest, ReadDlp01, TestSize.Level1)
+HWTEST_F(CloneAppPermissionTest, ReadDlp01, TestSize.Level0)
 {
     int ret;
     auto policyParams = g_policyParams;
@@ -400,7 +400,7 @@ HWTEST_F(CloneAppPermissionTest, ReadDlp01, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(CloneAppPermissionTest, ReadDlp02, TestSize.Level1)
+HWTEST_F(CloneAppPermissionTest, ReadDlp02, TestSize.Level0)
 {
     int ret;
     auto policyParams = g_policyParams;
@@ -463,7 +463,7 @@ HWTEST_F(CloneAppPermissionTest, ReadDlp02, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(CloneAppPermissionTest, ReadDlp03, TestSize.Level1)
+HWTEST_F(CloneAppPermissionTest, ReadDlp03, TestSize.Level0)
 {
     int ret;
     auto policyParams = g_policyParams;
@@ -530,7 +530,7 @@ HWTEST_F(CloneAppPermissionTest, ReadDlp03, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(CloneAppPermissionTest, CloneApp01, TestSize.Level1)
+HWTEST_F(CloneAppPermissionTest, CloneApp01, TestSize.Level0)
 {
     int ret;
     auto policyParams = g_policyParams;
@@ -572,7 +572,7 @@ HWTEST_F(CloneAppPermissionTest, CloneApp01, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(CloneAppPermissionTest, CloneApp02, TestSize.Level1)
+HWTEST_F(CloneAppPermissionTest, CloneApp02, TestSize.Level0)
 {
     int ret;
     auto policyParams = g_policyParams;
@@ -624,7 +624,7 @@ HWTEST_F(CloneAppPermissionTest, CloneApp02, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(CloneAppPermissionTest, CloneApp03, TestSize.Level1)
+HWTEST_F(CloneAppPermissionTest, CloneApp03, TestSize.Level0)
 {
     int ret;
     auto policyParams = g_policyParams;
@@ -691,7 +691,7 @@ HWTEST_F(CloneAppPermissionTest, CloneApp03, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(CloneAppPermissionTest, CloneApp04, TestSize.Level1)
+HWTEST_F(CloneAppPermissionTest, CloneApp04, TestSize.Level0)
 {
     int ret;
     uint32_t flag;
@@ -741,7 +741,7 @@ HWTEST_F(CloneAppPermissionTest, CloneApp04, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(CloneAppPermissionTest, CloneApp05, TestSize.Level1)
+HWTEST_F(CloneAppPermissionTest, CloneApp05, TestSize.Level0)
 {
     int ret;
     auto policyParams = g_policyParams;
diff --git a/interfaces/innerkits/accesstoken/test/unittest/DlpTest/share_permission_with_sandbox_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/DlpTest/share_permission_with_sandbox_test.cpp
index df352af24655fa44e7a35f7ac68480f2b2049bd5..3e4408d13a90239bc954311818d3cb477a2fceb4 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/DlpTest/share_permission_with_sandbox_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/DlpTest/share_permission_with_sandbox_test.cpp
@@ -182,7 +182,7 @@ static AccessTokenID AllocHapTokenId(HapInfoParams info, HapPolicyParams policy)
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(SharePermissionTest, PermissionShareTest001, TestSize.Level1)
+HWTEST_F(SharePermissionTest, PermissionShareTest001, TestSize.Level0)
 {
     int ret;
     AccessTokenID tokenCommon = AllocHapTokenId(g_infoParmsCommon, g_policyParams);
@@ -230,7 +230,7 @@ HWTEST_F(SharePermissionTest, PermissionShareTest001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(SharePermissionTest, PermissionShareTest002, TestSize.Level1)
+HWTEST_F(SharePermissionTest, PermissionShareTest002, TestSize.Level0)
 {
     int ret;
     AccessTokenID tokenCommon = AllocHapTokenId(g_infoParmsCommon, g_policyParams);
@@ -278,7 +278,7 @@ HWTEST_F(SharePermissionTest, PermissionShareTest002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(SharePermissionTest, PermissionShareClearUserGrantTest001, TestSize.Level1)
+HWTEST_F(SharePermissionTest, PermissionShareClearUserGrantTest001, TestSize.Level0)
 {
     int ret;
     AccessTokenID tokenCommon = AllocHapTokenId(g_infoParmsCommon, g_policyParams);
@@ -319,7 +319,7 @@ HWTEST_F(SharePermissionTest, PermissionShareClearUserGrantTest001, TestSize.Lev
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(SharePermissionTest, PermissionShareClearUserGrantTest002, TestSize.Level1)
+HWTEST_F(SharePermissionTest, PermissionShareClearUserGrantTest002, TestSize.Level0)
 {
     int ret;
     AccessTokenID tokenCommon = AllocHapTokenId(g_infoParmsCommon, g_policyParams);
@@ -372,7 +372,7 @@ HWTEST_F(SharePermissionTest, PermissionShareClearUserGrantTest002, TestSize.Lev
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(SharePermissionTest, PermissionShareTest03, TestSize.Level1)
+HWTEST_F(SharePermissionTest, PermissionShareTest03, TestSize.Level0)
 {
     uint64_t tokenId = GetSelfTokenID();
     AccessTokenID tokenCommon = AllocHapTokenId(g_infoParmsCommon, g_policyParams);
@@ -420,7 +420,7 @@ static void SetPermList(std::vector<PermissionListState> &permsList)
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(SharePermissionTest, PermissionShareTest004, TestSize.Level1)
+HWTEST_F(SharePermissionTest, PermissionShareTest004, TestSize.Level0)
 {
     AccessTokenID tokenCommon = AllocHapTokenId(g_infoParmsCommon, g_policyParams);
     AccessTokenID tokenFullControl = AllocHapTokenId(g_infoParmsFullControl, g_policyParams);
@@ -484,7 +484,7 @@ HWTEST_F(SharePermissionTest, PermissionShareTest004, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(SharePermissionTest, PermissionShareTest005, TestSize.Level1)
+HWTEST_F(SharePermissionTest, PermissionShareTest005, TestSize.Level0)
 {
     AccessTokenID tokenCommon = AllocHapTokenId(g_infoParmsCommon, g_policyParams);
     AccessTokenID tokenFullControl = AllocHapTokenId(g_infoParmsFullControl, g_policyParams);
@@ -547,7 +547,7 @@ HWTEST_F(SharePermissionTest, PermissionShareTest005, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(SharePermissionTest, PermissionShareTest006, TestSize.Level1)
+HWTEST_F(SharePermissionTest, PermissionShareTest006, TestSize.Level0)
 {
     int ret;
     AccessTokenID tokenCommon = AllocHapTokenId(g_infoParmsCommon, g_policyParams);
@@ -596,7 +596,7 @@ HWTEST_F(SharePermissionTest, PermissionShareTest006, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(SharePermissionTest, PermissionShareTest007, TestSize.Level1)
+HWTEST_F(SharePermissionTest, PermissionShareTest007, TestSize.Level0)
 {
     int ret;
     uint32_t flag;
diff --git a/interfaces/innerkits/accesstoken/test/unittest/EdmPolicyTest/edm_policy_set_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/EdmPolicyTest/edm_policy_set_test.cpp
index 3c9bfe92e870a66d342a3e7cec12a52129b24194..e8388d6f7525437159da89e2d83b7775a2abcc11 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/EdmPolicyTest/edm_policy_set_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/EdmPolicyTest/edm_policy_set_test.cpp
@@ -127,7 +127,7 @@ void EdmPolicySetTest::SetUpTestCase()
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(EdmPolicySetTest, InitUserPolicy001, TestSize.Level1)
+HWTEST_F(EdmPolicySetTest, InitUserPolicy001, TestSize.Level0)
 {
     const int32_t invalidSize = 1025; // 1025 is invalid size.
     std::vector<UserState> userList(invalidSize);
@@ -142,7 +142,7 @@ HWTEST_F(EdmPolicySetTest, InitUserPolicy001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(EdmPolicySetTest, InitUserPolicy002, TestSize.Level1)
+HWTEST_F(EdmPolicySetTest, InitUserPolicy002, TestSize.Level0)
 {
     std::vector<UserState> userListEmtpy;
     std::vector<std::string> permList = { "ohos.permission.INTERNET" };
@@ -156,7 +156,7 @@ HWTEST_F(EdmPolicySetTest, InitUserPolicy002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(EdmPolicySetTest, InitUserPolicy003, TestSize.Level1)
+HWTEST_F(EdmPolicySetTest, InitUserPolicy003, TestSize.Level0)
 {
     UserState user = {.userId = DEFAULT_ACCOUNT_ID, .isActive = true};
     const int32_t invalidSize = 1025; // 1025 is invalid size.
@@ -172,7 +172,7 @@ HWTEST_F(EdmPolicySetTest, InitUserPolicy003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(EdmPolicySetTest, InitUserPolicy004, TestSize.Level1)
+HWTEST_F(EdmPolicySetTest, InitUserPolicy004, TestSize.Level0)
 {
     UserState user = {.userId = DEFAULT_ACCOUNT_ID, .isActive = true};
     std::vector<UserState> userList = { user };
@@ -188,7 +188,7 @@ HWTEST_F(EdmPolicySetTest, InitUserPolicy004, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(EdmPolicySetTest, InitUserPolicy005, TestSize.Level1)
+HWTEST_F(EdmPolicySetTest, InitUserPolicy005, TestSize.Level0)
 {
     GTEST_LOG_(INFO) << "permissionSet OK ";
     MockNativeToken mock("foundation");
@@ -241,7 +241,7 @@ HWTEST_F(EdmPolicySetTest, InitUserPolicy005, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(EdmPolicySetTest, InitUserPolicy006, TestSize.Level1)
+HWTEST_F(EdmPolicySetTest, InitUserPolicy006, TestSize.Level0)
 {
     GTEST_LOG_(INFO) << "permissionSet OK ";
     MockNativeToken mock("foundation");
@@ -269,7 +269,7 @@ HWTEST_F(EdmPolicySetTest, InitUserPolicy006, TestSize.Level1)
 
     std::vector<PermissionStateFull> permStatList;
     EXPECT_EQ(RET_SUCCESS, AccessTokenKit::GetReqPermissions(fullIdUser2.tokenIdExStruct.tokenID, permStatList, true));
-    ASSERT_EQ(static_cast<uint32_t>(2), permStatList.size());
+    EXPECT_EQ(static_cast<uint32_t>(2), permStatList.size());
     EXPECT_EQ(INTERNET, permStatList[0].permissionName);
     EXPECT_EQ(PERMISSION_GRANTED, permStatList[0].grantStatus[0]);
 
@@ -287,7 +287,7 @@ HWTEST_F(EdmPolicySetTest, InitUserPolicy006, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(EdmPolicySetTest, UpdateUserPolicy001, TestSize.Level1)
+HWTEST_F(EdmPolicySetTest, UpdateUserPolicy001, TestSize.Level0)
 {
     GTEST_LOG_(INFO) << "permissionSet OK ";
     MockNativeToken mock("foundation");
@@ -307,7 +307,7 @@ HWTEST_F(EdmPolicySetTest, UpdateUserPolicy001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(EdmPolicySetTest, UpdateUserPolicy003, TestSize.Level1)
+HWTEST_F(EdmPolicySetTest, UpdateUserPolicy003, TestSize.Level0)
 {
     const int32_t invalidSize = 1025; // 1025 is invalid size.
     std::vector<UserState> userList(invalidSize);
@@ -325,7 +325,7 @@ HWTEST_F(EdmPolicySetTest, UpdateUserPolicy003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(EdmPolicySetTest, UpdateUserPolicy004, TestSize.Level1)
+HWTEST_F(EdmPolicySetTest, UpdateUserPolicy004, TestSize.Level0)
 {
     g_testHapInfoParams.userID = MOCK_USER_ID_10001;
     AccessTokenIDEx fullIdUser1;
@@ -335,21 +335,15 @@ HWTEST_F(EdmPolicySetTest, UpdateUserPolicy004, TestSize.Level1)
     AccessTokenIDEx fullIdUser2;
     EXPECT_EQ(RET_SUCCESS,
         TestCommon::AllocTestHapToken(g_testHapInfoParams, g_testPolicyParams, fullIdUser2));
-    g_testHapInfoParams.userID = MOCK_USER_ID_10003;
-    AccessTokenIDEx fullIdUser3;
-    EXPECT_EQ(RET_SUCCESS,
-        TestCommon::AllocTestHapToken(g_testHapInfoParams, g_testPolicyParams, fullIdUser3));
 
     UserState user1 = {.userId = MOCK_USER_ID_10001, .isActive = false};
     UserState user2 = {.userId = MOCK_USER_ID_10002, .isActive = true};
-    UserState user3 = {.userId = MOCK_USER_ID_10003, .isActive = true};
-    std::vector<UserState> userListBefore = { user1, user2, user3 };
+    std::vector<UserState> userListBefore = { user1, user2 };
     std::vector<std::string> permList = { INTERNET, LOCATION };
     int32_t ret = AccessTokenKit::InitUserPolicy(userListBefore, permList);
     EXPECT_EQ(ret, 0);
     EXPECT_EQ(AccessTokenKit::VerifyAccessToken(fullIdUser1.tokenIdExStruct.tokenID, INTERNET), PERMISSION_DENIED);
     EXPECT_EQ(AccessTokenKit::VerifyAccessToken(fullIdUser2.tokenIdExStruct.tokenID, INTERNET), PERMISSION_GRANTED);
-    EXPECT_EQ(AccessTokenKit::VerifyAccessToken(fullIdUser3.tokenIdExStruct.tokenID, INTERNET), PERMISSION_GRANTED);
     EXPECT_EQ(AccessTokenKit::VerifyAccessToken(fullIdUser1.tokenIdExStruct.tokenID, LOCATION),
         PERMISSION_DENIED);
     EXPECT_EQ(AccessTokenKit::VerifyAccessToken(fullIdUser2.tokenIdExStruct.tokenID, LOCATION),
@@ -363,7 +357,6 @@ HWTEST_F(EdmPolicySetTest, UpdateUserPolicy004, TestSize.Level1)
     EXPECT_EQ(ret, 0);
     EXPECT_EQ(AccessTokenKit::VerifyAccessToken(fullIdUser1.tokenIdExStruct.tokenID, INTERNET), PERMISSION_GRANTED);
     EXPECT_EQ(AccessTokenKit::VerifyAccessToken(fullIdUser2.tokenIdExStruct.tokenID, INTERNET), PERMISSION_DENIED);
-    EXPECT_EQ(AccessTokenKit::VerifyAccessToken(fullIdUser3.tokenIdExStruct.tokenID, INTERNET), PERMISSION_GRANTED);
     EXPECT_EQ(AccessTokenKit::VerifyAccessToken(fullIdUser1.tokenIdExStruct.tokenID, LOCATION),
         PERMISSION_DENIED);
     EXPECT_EQ(AccessTokenKit::VerifyAccessToken(fullIdUser2.tokenIdExStruct.tokenID, LOCATION),
@@ -371,7 +364,6 @@ HWTEST_F(EdmPolicySetTest, UpdateUserPolicy004, TestSize.Level1)
 
     EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(fullIdUser1.tokenIdExStruct.tokenID));
     EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(fullIdUser2.tokenIdExStruct.tokenID));
-    EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(fullIdUser3.tokenIdExStruct.tokenID));
 
     int32_t res = AccessTokenKit::ClearUserPolicy();
     EXPECT_EQ(res, 0);
@@ -384,7 +376,7 @@ HWTEST_F(EdmPolicySetTest, UpdateUserPolicy004, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(EdmPolicySetTest, UserPolicyTestForNewHap, TestSize.Level1)
+HWTEST_F(EdmPolicySetTest, UserPolicyTestForNewHap, TestSize.Level0)
 {
     UserState user1 = {.userId = MOCK_USER_ID_10001, .isActive = true};
     UserState user2 = {.userId = MOCK_USER_ID_10002, .isActive = true};
@@ -439,7 +431,7 @@ HWTEST_F(EdmPolicySetTest, UserPolicyTestForNewHap, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(EdmPolicySetTest, UserPolicyTestForClearUserGranted, TestSize.Level1)
+HWTEST_F(EdmPolicySetTest, UserPolicyTestForClearUserGranted, TestSize.Level0)
 {
     UserState user1 = {.userId = MOCK_USER_ID_10001, .isActive = true};
     UserState user2 = {.userId = MOCK_USER_ID_10002, .isActive = false};
@@ -494,7 +486,7 @@ HWTEST_F(EdmPolicySetTest, UserPolicyTestForClearUserGranted, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(EdmPolicySetTest, ClearUserPolicy001, TestSize.Level1)
+HWTEST_F(EdmPolicySetTest, ClearUserPolicy001, TestSize.Level0)
 {
     g_testHapInfoParams.userID = MOCK_USER_ID_10002;
     AccessTokenIDEx fullIdUser2;
@@ -534,7 +526,7 @@ HWTEST_F(EdmPolicySetTest, ClearUserPolicy001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(EdmPolicySetTest, UserPolicyForUpdateHapTokenTest, TestSize.Level1)
+HWTEST_F(EdmPolicySetTest, UserPolicyForUpdateHapTokenTest, TestSize.Level0)
 {
     HapPolicyParams testPolicyParams1 = {
         .apl = APL_SYSTEM_CORE,
diff --git a/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/get_hap_dlp_flag_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/get_hap_dlp_flag_test.cpp
index 8800bdfa9bd5d4f0cb403097846e0e702dbfa2a0..f55615cce94181ee7339914eb3b0a6bc7886c12a 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/get_hap_dlp_flag_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/get_hap_dlp_flag_test.cpp
@@ -21,7 +21,7 @@
 #include "access_token.h"
 #include "access_token_error.h"
 #include "accesstoken_common_log.h"
-#include "accesstoken_service_ipc_interface_code.h"
+#include "iaccess_token_manager.h"
 #include "permission_grant_info.h"
 #include "permission_state_change_info_parcel.h"
 #include "string_ex.h"
diff --git a/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/get_permission_flag_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/get_permission_flag_test.cpp
index e9eb03f38288b229d9beaafb38fbf15725c86c81..9aab3422a335575f6a14fdbde1b8f166b113130c 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/get_permission_flag_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/get_permission_flag_test.cpp
@@ -21,7 +21,7 @@
 #include "access_token.h"
 #include "access_token_error.h"
 #include "accesstoken_common_log.h"
-#include "accesstoken_service_ipc_interface_code.h"
+#include "iaccess_token_manager.h"
 #include "permission_grant_info.h"
 #include "permission_state_change_info_parcel.h"
 #include "string_ex.h"
@@ -127,7 +127,7 @@ void GetPermissionFlagTest::TearDown()
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(GetPermissionFlagTest, GetPermissionFlagFuncTest001, TestSize.Level1)
+HWTEST_F(GetPermissionFlagTest, GetPermissionFlagFuncTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GetPermissionFlagFuncTest001");
     AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
@@ -149,7 +149,7 @@ HWTEST_F(GetPermissionFlagTest, GetPermissionFlagFuncTest001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(GetPermissionFlagTest, GetPermissionFlagAbnormalTest001, TestSize.Level1)
+HWTEST_F(GetPermissionFlagTest, GetPermissionFlagAbnormalTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GetPermissionFlagAbnormalTest001");
 
diff --git a/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/get_permissions_status_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/get_permissions_status_test.cpp
index 2174649a0dadbe3eb3cd18de9d5a1547b5f27ea5..bb287281af9e25c22d903f350c008b51bf6f72f3 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/get_permissions_status_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/get_permissions_status_test.cpp
@@ -21,7 +21,7 @@
 #include "access_token.h"
 #include "access_token_error.h"
 #include "accesstoken_common_log.h"
-#include "accesstoken_service_ipc_interface_code.h"
+#include "iaccess_token_manager.h"
 #include "permission_grant_info.h"
 #include "permission_state_change_info_parcel.h"
 #include "string_ex.h"
@@ -148,7 +148,7 @@ void GetPermissionsStatusTest::TearDown()
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(GetPermissionsStatusTest, GetPermissionsStatusFuncTest001, TestSize.Level1)
+HWTEST_F(GetPermissionsStatusTest, GetPermissionsStatusFuncTest001, TestSize.Level0)
 {
     AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
     AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
@@ -195,7 +195,7 @@ HWTEST_F(GetPermissionsStatusTest, GetPermissionsStatusFuncTest001, TestSize.Lev
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(GetPermissionsStatusTest, GetPermissionsStatusFuncTest002, TestSize.Level1)
+HWTEST_F(GetPermissionsStatusTest, GetPermissionsStatusFuncTest002, TestSize.Level0)
 {
     AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
     AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
@@ -250,7 +250,7 @@ HWTEST_F(GetPermissionsStatusTest, GetPermissionsStatusFuncTest002, TestSize.Lev
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(GetPermissionsStatusTest, GetPermissionsStatusAbnormalTest001, TestSize.Level1)
+HWTEST_F(GetPermissionsStatusTest, GetPermissionsStatusAbnormalTest001, TestSize.Level0)
 {
     AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
     AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
@@ -274,7 +274,7 @@ HWTEST_F(GetPermissionsStatusTest, GetPermissionsStatusAbnormalTest001, TestSize
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(GetPermissionsStatusTest, GetPermissionsStatusAbnormalTest002, TestSize.Level1)
+HWTEST_F(GetPermissionsStatusTest, GetPermissionsStatusAbnormalTest002, TestSize.Level0)
 {
     std::vector<PermissionListState> permsList;
     PermissionListState tmpA = {
@@ -293,7 +293,7 @@ HWTEST_F(GetPermissionsStatusTest, GetPermissionsStatusAbnormalTest002, TestSize
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(GetPermissionsStatusTest, GetPermissionsStatusAbnormalTest003, TestSize.Level1)
+HWTEST_F(GetPermissionsStatusTest, GetPermissionsStatusAbnormalTest003, TestSize.Level0)
 {
     std::vector<std::string> reqPerm;
     MockHapToken mock("GetPermissionsStatusAbnormalTest003", reqPerm, true);
@@ -323,7 +323,7 @@ HWTEST_F(GetPermissionsStatusTest, GetPermissionsStatusAbnormalTest003, TestSize
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(GetPermissionsStatusTest, GetPermissionsStatusSpecTest001, TestSize.Level1)
+HWTEST_F(GetPermissionsStatusTest, GetPermissionsStatusSpecTest001, TestSize.Level0)
 {
     std::vector<std::string> reqPerm;
     reqPerm.emplace_back("ohos.permission.GET_SENSITIVE_PERMISSIONS");
@@ -351,7 +351,7 @@ HWTEST_F(GetPermissionsStatusTest, GetPermissionsStatusSpecTest001, TestSize.Lev
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(GetPermissionsStatusTest, GetPermissionsStatusSpecTest002, TestSize.Level1)
+HWTEST_F(GetPermissionsStatusTest, GetPermissionsStatusSpecTest002, TestSize.Level0)
 {
     AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
     AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
diff --git a/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/permission_request_toggle_status_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/permission_request_toggle_status_test.cpp
index 6f5452f5eb7a2a1331df0307f7740042fb43cd97..41d16d4e5c415365ce1db327d14d72edb108e06b 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/permission_request_toggle_status_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/permission_request_toggle_status_test.cpp
@@ -21,7 +21,7 @@
 #include "access_token.h"
 #include "access_token_error.h"
 #include "accesstoken_common_log.h"
-#include "accesstoken_service_ipc_interface_code.h"
+#include "iaccess_token_manager.h"
 #include "permission_grant_info.h"
 #include "permission_state_change_info_parcel.h"
 #include "string_ex.h"
@@ -111,7 +111,7 @@ void PermissionRequestToggleStatusTest::TearDown()
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(PermissionRequestToggleStatusTest, SetPermissionRequestToggleStatusAbnormalTest001, TestSize.Level1)
+HWTEST_F(PermissionRequestToggleStatusTest, SetPermissionRequestToggleStatusAbnormalTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "SetPermissionRequestToggleStatusAbnormalTest001");
 
@@ -211,7 +211,7 @@ HWTEST_F(PermissionRequestToggleStatusTest, SetPermissionRequestToggleStatusSpec
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(PermissionRequestToggleStatusTest, GetPermissionRequestToggleStatusAbnormalTest001, TestSize.Level1)
+HWTEST_F(PermissionRequestToggleStatusTest, GetPermissionRequestToggleStatusAbnormalTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GetPermissionRequestToggleStatusAbnormalTest001");
 
@@ -283,7 +283,7 @@ HWTEST_F(PermissionRequestToggleStatusTest, GetPermissionRequestToggleStatusSpec
     std::vector<std::string> reqPerm;
     reqPerm.emplace_back("ohos.permission.DISABLE_PERMISSION_DIALOG");
     reqPerm.emplace_back("ohos.permission.GET_SENSITIVE_PERMISSIONS");
-    MockHapToken mock("GetPermissionRequestToggleStatusSpecTest002", reqPerm, true);
+    MockHapToken mock("GetPermissionRequestToggleStatusSpecTest003", reqPerm, true);
 
     // Set a closed status value.
     uint32_t status = PermissionRequestToggleStatus::CLOSED;
diff --git a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/alloc_hap_token_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/alloc_hap_token_test.cpp
index d8d286e83d25df1cffc761d38408da31afae104f..914e978813c0c6b0939669bfedb14fad02e052e6 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/alloc_hap_token_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/alloc_hap_token_test.cpp
@@ -20,7 +20,6 @@
 #include "access_token.h"
 #include "access_token_error.h"
 #include "accesstoken_common_log.h"
-#include "accesstoken_service_ipc_interface_code.h"
 #include "nativetoken_kit.h"
 #include "permission_grant_info.h"
 #include "permission_state_change_info_parcel.h"
@@ -195,7 +194,7 @@ void AllocHapTokenTest::TearDown()
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AllocHapTokenTest, AllocHapToken001, TestSize.Level1)
+HWTEST_F(AllocHapTokenTest, AllocHapToken001, TestSize.Level0)
 {
     AccessTokenIDEx tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
     AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
@@ -211,7 +210,7 @@ HWTEST_F(AllocHapTokenTest, AllocHapToken001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AllocHapTokenTest, AllocHapToken002, TestSize.Level1)
+HWTEST_F(AllocHapTokenTest, AllocHapToken002, TestSize.Level0)
 {
     AccessTokenID tokenID = AllocTestToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
     GTEST_LOG_(INFO) << "tokenID :" << tokenID;
@@ -230,7 +229,7 @@ HWTEST_F(AllocHapTokenTest, AllocHapToken002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AllocHapTokenTest, AllocHapToken003, TestSize.Level1)
+HWTEST_F(AllocHapTokenTest, AllocHapToken003, TestSize.Level0)
 {
     std::string invalidBundleName (INVALID_BUNDLENAME_LEN, 'x');
     std::string bundle = g_infoManagerTestInfoParms.bundleName;
@@ -259,7 +258,7 @@ HWTEST_F(AllocHapTokenTest, AllocHapToken003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AllocHapTokenTest, AllocHapToken004, TestSize.Level1)
+HWTEST_F(AllocHapTokenTest, AllocHapToken004, TestSize.Level0)
 {
     ATokenAplEnum typeBackUp = g_infoManagerTestPolicyPrams.apl;
     DeleteTestToken();
@@ -285,7 +284,7 @@ HWTEST_F(AllocHapTokenTest, AllocHapToken004, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AllocHapTokenTest, AllocHapToken005, TestSize.Level1)
+HWTEST_F(AllocHapTokenTest, AllocHapToken005, TestSize.Level0)
 {
     std::string backUpPermission = g_infoManagerTestPolicyPrams.permList[INDEX_ONE].permissionName;
     std::string bundleNameBackUp = g_infoManagerTestPolicyPrams.permList[INDEX_ONE].bundleName;
@@ -319,7 +318,7 @@ HWTEST_F(AllocHapTokenTest, AllocHapToken005, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AllocHapTokenTest, AllocHapToken006, TestSize.Level1)
+HWTEST_F(AllocHapTokenTest, AllocHapToken006, TestSize.Level0)
 {
     std::string backUp = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName;
     DeleteTestToken();
@@ -346,7 +345,7 @@ HWTEST_F(AllocHapTokenTest, AllocHapToken006, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AllocHapTokenTest, AllocHapToken007, TestSize.Level1)
+HWTEST_F(AllocHapTokenTest, AllocHapToken007, TestSize.Level0)
 {
     std::string backUp = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].bundleName;
     std::string backUpPermission = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName;
@@ -378,7 +377,7 @@ HWTEST_F(AllocHapTokenTest, AllocHapToken007, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AllocHapTokenTest, AllocHapToken008, TestSize.Level1)
+HWTEST_F(AllocHapTokenTest, AllocHapToken008, TestSize.Level0)
 {
     std::string backUp = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].label;
     std::string backUpPermission = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName;
@@ -409,7 +408,7 @@ HWTEST_F(AllocHapTokenTest, AllocHapToken008, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AllocHapTokenTest, AllocHapToken009, TestSize.Level1)
+HWTEST_F(AllocHapTokenTest, AllocHapToken009, TestSize.Level0)
 {
     std::string backUp = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].description;
     std::string backUpPermission = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName;
@@ -452,7 +451,7 @@ static bool ExistInVector(vector<unsigned int> array, unsigned int value)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AllocHapTokenTest, AllocHapToken010, TestSize.Level1)
+HWTEST_F(AllocHapTokenTest, AllocHapToken010, TestSize.Level0)
 {
     int ret;
     bool exist = false;
@@ -485,7 +484,7 @@ HWTEST_F(AllocHapTokenTest, AllocHapToken010, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AllocHapTokenTest, AllocHapToken011, TestSize.Level1)
+HWTEST_F(AllocHapTokenTest, AllocHapToken011, TestSize.Level0)
 {
     std::string invalidAppIDDesc (INVALID_APPIDDESC_LEN, 'x');
     std::string backup = g_infoManagerTestInfoParms.appIDDesc;
@@ -504,7 +503,7 @@ HWTEST_F(AllocHapTokenTest, AllocHapToken011, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AllocHapTokenTest, AllocHapToken012, TestSize.Level1)
+HWTEST_F(AllocHapTokenTest, AllocHapToken012, TestSize.Level0)
 {
     std::string backup = g_infoManagerTestInfoParms.bundleName;
 
@@ -520,7 +519,7 @@ HWTEST_F(AllocHapTokenTest, AllocHapToken012, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AllocHapTokenTest, AllocHapToken013, TestSize.Level1)
+HWTEST_F(AllocHapTokenTest, AllocHapToken013, TestSize.Level0)
 {
     std::string backup = g_infoManagerTestInfoParms.appIDDesc;
 
@@ -536,7 +535,7 @@ HWTEST_F(AllocHapTokenTest, AllocHapToken013, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AllocHapTokenTest, AllocHapToken014, TestSize.Level1)
+HWTEST_F(AllocHapTokenTest, AllocHapToken014, TestSize.Level0)
 {
     std::string backup = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName;
 
@@ -555,7 +554,7 @@ HWTEST_F(AllocHapTokenTest, AllocHapToken014, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AllocHapTokenTest, AllocHapToken015, TestSize.Level1)
+HWTEST_F(AllocHapTokenTest, AllocHapToken015, TestSize.Level0)
 {
     std::string backup = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].bundleName;
     std::string backUpPermission = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName;
@@ -583,7 +582,7 @@ HWTEST_F(AllocHapTokenTest, AllocHapToken015, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AllocHapTokenTest, AllocHapToken016, TestSize.Level1)
+HWTEST_F(AllocHapTokenTest, AllocHapToken016, TestSize.Level0)
 {
     std::string backup = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].label;
     std::string backUpPermission = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName;
@@ -608,7 +607,7 @@ HWTEST_F(AllocHapTokenTest, AllocHapToken016, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AllocHapTokenTest, AllocHapToken017, TestSize.Level1)
+HWTEST_F(AllocHapTokenTest, AllocHapToken017, TestSize.Level0)
 {
     std::string backUpPermission = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName;
     std::string backupDec = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].description;
@@ -633,7 +632,7 @@ HWTEST_F(AllocHapTokenTest, AllocHapToken017, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AllocHapTokenTest, AllocHapToken018, TestSize.Level1)
+HWTEST_F(AllocHapTokenTest, AllocHapToken018, TestSize.Level0)
 {
     HapPolicyParams infoManagerTestPolicyPrams = {
         .apl = APL_NORMAL,
@@ -676,7 +675,7 @@ HWTEST_F(AllocHapTokenTest, AllocHapToken018, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AllocHapTokenTest, AllocHapToken019, TestSize.Level1)
+HWTEST_F(AllocHapTokenTest, AllocHapToken019, TestSize.Level0)
 {
     AccessTokenIDEx tokenIdEx = {0};
     HapPolicyParams infoManagerTestPolicyPrams = {
diff --git a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/app_installation_optimized_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/app_installation_optimized_test.cpp
index a53385c714c6b50f9d82072d56f401bbf38a961c..9e61f835e2a50a15a4d5ea9ce8957ae8042c5dd9 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/app_installation_optimized_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/app_installation_optimized_test.cpp
@@ -18,7 +18,7 @@
 
 #include "access_token_error.h"
 #include "accesstoken_common_log.h"
-#include "accesstoken_service_ipc_interface_code.h"
+#include "iaccess_token_manager.h"
 #include "nativetoken_kit.h"
 #include "permission_grant_info.h"
 #include "permission_state_change_info_parcel.h"
@@ -148,7 +148,7 @@ void AppInstallationOptimizedTest::TearDown()
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AppInstallationOptimizedTest, InitHapToken001, TestSize.Level1)
+HWTEST_F(AppInstallationOptimizedTest, InitHapToken001, TestSize.Level0)
 {
     AccessTokenIDEx fullTokenId;
     int32_t ret = AccessTokenKit::InitHapToken(g_testHapInfoParams, g_testPolicyParams, fullTokenId);
@@ -163,7 +163,7 @@ HWTEST_F(AppInstallationOptimizedTest, InitHapToken001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AppInstallationOptimizedTest, InitHapToken002, TestSize.Level1)
+HWTEST_F(AppInstallationOptimizedTest, InitHapToken002, TestSize.Level0)
 {
     HapPolicyParams testPolicyParams = {
         .apl = APL_SYSTEM_BASIC,
@@ -192,7 +192,7 @@ HWTEST_F(AppInstallationOptimizedTest, InitHapToken002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AppInstallationOptimizedTest, InitHapToken003, TestSize.Level1)
+HWTEST_F(AppInstallationOptimizedTest, InitHapToken003, TestSize.Level0)
 {
     HapPolicyParams testPolicyParams = {
         .apl = APL_NORMAL,
@@ -217,7 +217,7 @@ HWTEST_F(AppInstallationOptimizedTest, InitHapToken003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AppInstallationOptimizedTest, InitHapToken004, TestSize.Level1)
+HWTEST_F(AppInstallationOptimizedTest, InitHapToken004, TestSize.Level0)
 {
     PreAuthorizationInfo info1 = {
         .permissionName = CALENDAR_PERMISSION,
@@ -251,7 +251,7 @@ HWTEST_F(AppInstallationOptimizedTest, InitHapToken004, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AppInstallationOptimizedTest, InitHapToken005, TestSize.Level1)
+HWTEST_F(AppInstallationOptimizedTest, InitHapToken005, TestSize.Level0)
 {
     PreAuthorizationInfo info1 = {
         .permissionName = CALENDAR_PERMISSION,
@@ -285,7 +285,7 @@ HWTEST_F(AppInstallationOptimizedTest, InitHapToken005, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AppInstallationOptimizedTest, InitHapToken006, TestSize.Level1)
+HWTEST_F(AppInstallationOptimizedTest, InitHapToken006, TestSize.Level0)
 {
     HapPolicyParams testPolicyParam = {
         .apl = APL_SYSTEM_BASIC,
@@ -305,7 +305,7 @@ HWTEST_F(AppInstallationOptimizedTest, InitHapToken006, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AppInstallationOptimizedTest, InitHapToken007, TestSize.Level1)
+HWTEST_F(AppInstallationOptimizedTest, InitHapToken007, TestSize.Level0)
 {
     HapPolicyParams testPolicyParam = {
         .apl = APL_SYSTEM_BASIC,
@@ -324,7 +324,7 @@ HWTEST_F(AppInstallationOptimizedTest, InitHapToken007, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AppInstallationOptimizedTest, InitHapToken008, TestSize.Level1)
+HWTEST_F(AppInstallationOptimizedTest, InitHapToken008, TestSize.Level0)
 {
     HapPolicyParams testPolicyParam = {
         .apl = APL_SYSTEM_BASIC,
@@ -343,7 +343,7 @@ HWTEST_F(AppInstallationOptimizedTest, InitHapToken008, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AppInstallationOptimizedTest, InitHapToken009, TestSize.Level1)
+HWTEST_F(AppInstallationOptimizedTest, InitHapToken009, TestSize.Level0)
 {
     HapPolicyParams testPolicyParam = {
         .apl = APL_NORMAL,
@@ -362,7 +362,7 @@ HWTEST_F(AppInstallationOptimizedTest, InitHapToken009, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AppInstallationOptimizedTest, InitHapToken010, TestSize.Level1)
+HWTEST_F(AppInstallationOptimizedTest, InitHapToken010, TestSize.Level0)
 {
     HapPolicyParams testPolicyParam = {
         .apl = APL_SYSTEM_BASIC,
@@ -382,7 +382,7 @@ HWTEST_F(AppInstallationOptimizedTest, InitHapToken010, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AppInstallationOptimizedTest, InitHapToken011, TestSize.Level1)
+HWTEST_F(AppInstallationOptimizedTest, InitHapToken011, TestSize.Level0)
 {
     HapPolicyParams testPolicyParams = {
         .apl = APL_SYSTEM_BASIC,
@@ -438,7 +438,7 @@ HWTEST_F(AppInstallationOptimizedTest, InitHapToken011, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken001, TestSize.Level1)
+HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken001, TestSize.Level0)
 {
     HapPolicyParams testPolicyParams1 = {
         .apl = APL_NORMAL,
@@ -496,7 +496,7 @@ HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken002, TestSize.Level1)
+HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken002, TestSize.Level0)
 {
     HapPolicyParams testPolicyParams1 = {
         .apl = APL_NORMAL,
@@ -549,7 +549,7 @@ HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken003, TestSize.Level1)
+HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken003, TestSize.Level0)
 {
     HapPolicyParams testPolicyParams1 = {
         .apl = APL_NORMAL,
@@ -600,7 +600,7 @@ HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken004, TestSize.Level1)
+HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken004, TestSize.Level0)
 {
     HapPolicyParams testPolicyParams1 = {
         .apl = APL_NORMAL,
@@ -645,7 +645,7 @@ HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken004, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken005, TestSize.Level1)
+HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken005, TestSize.Level0)
 {
     HapPolicyParams testPolicyParam = {
         .apl = APL_SYSTEM_BASIC,
@@ -678,7 +678,7 @@ HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken005, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken006, TestSize.Level1)
+HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken006, TestSize.Level0)
 {
     HapPolicyParams testPolicyParam = {
         .apl = APL_SYSTEM_BASIC,
@@ -711,7 +711,7 @@ HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken006, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken007, TestSize.Level1)
+HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken007, TestSize.Level0)
 {
     HapPolicyParams testPolicyParam = {
         .apl = APL_SYSTEM_BASIC,
@@ -744,7 +744,7 @@ HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken007, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken008, TestSize.Level1)
+HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken008, TestSize.Level0)
 {
     HapPolicyParams testPolicyParam = {
         .apl = APL_NORMAL,
@@ -776,7 +776,7 @@ HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken008, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken009, TestSize.Level1)
+HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken009, TestSize.Level0)
 {
     HapPolicyParams testPolicyParam = {
         .apl = APL_NORMAL,
@@ -808,7 +808,7 @@ HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken009, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken010, TestSize.Level1)
+HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken010, TestSize.Level0)
 {
     HapPolicyParams testPolicyParams1 = {
         .apl = APL_NORMAL,
@@ -853,7 +853,7 @@ HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken010, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken011, TestSize.Level1)
+HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken011, TestSize.Level0)
 {
     HapPolicyParams testPolicyParams1 = {
         .apl = APL_NORMAL,
@@ -898,7 +898,7 @@ HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken011, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken012, TestSize.Level1)
+HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken012, TestSize.Level0)
 {
     HapPolicyParams testPolicyParams1 = {
         .apl = APL_NORMAL,
@@ -957,7 +957,7 @@ HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken012, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken013, TestSize.Level1)
+HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken013, TestSize.Level0)
 {
     PreAuthorizationInfo info1 = {
         .permissionName = APP_TRACKING_PERMISSION,
@@ -1011,7 +1011,7 @@ HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken013, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken014, TestSize.Level1)
+HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken014, TestSize.Level0)
 {
     PreAuthorizationInfo info1 = {
         .permissionName = APP_TRACKING_PERMISSION,
@@ -1061,7 +1061,7 @@ HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken014, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AppInstallationOptimizedTest, InitHapTokenAbnormal001, TestSize.Level1)
+HWTEST_F(AppInstallationOptimizedTest, InitHapTokenAbnormal001, TestSize.Level0)
 {
     HapPolicyParams testPolicyParam = {
         .apl = APL_NORMAL,
@@ -1088,7 +1088,7 @@ HWTEST_F(AppInstallationOptimizedTest, InitHapTokenAbnormal001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AppInstallationOptimizedTest, InitHapTokenAbnormal002, TestSize.Level1)
+HWTEST_F(AppInstallationOptimizedTest, InitHapTokenAbnormal002, TestSize.Level0)
 {
     HapPolicyParams testPolicyParam = {
         .apl = APL_NORMAL,
@@ -1119,7 +1119,7 @@ HWTEST_F(AppInstallationOptimizedTest, InitHapTokenAbnormal002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AppInstallationOptimizedTest, InitHapTokenAbnormal003, TestSize.Level1)
+HWTEST_F(AppInstallationOptimizedTest, InitHapTokenAbnormal003, TestSize.Level0)
 {
     HapInfoParams testHapInfoParams = g_testHapInfoParams;
     HapPolicyParams testPolicyParam = {
@@ -1164,7 +1164,7 @@ HWTEST_F(AppInstallationOptimizedTest, InitHapTokenAbnormal003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AppInstallationOptimizedTest, InitHapTokenAbnormal004, TestSize.Level1)
+HWTEST_F(AppInstallationOptimizedTest, InitHapTokenAbnormal004, TestSize.Level0)
 {
     HapInfoParams testHapInfoParams = g_testHapInfoParams;
     HapPolicyParams testPolicyParam = g_testPolicyParams;
diff --git a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/delete_token_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/delete_token_test.cpp
index 68281ff829b04ca035ab8b28a46fce806b700fd4..c0d71005ef00951e77169041fc45994c40c791c2 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/delete_token_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/delete_token_test.cpp
@@ -21,7 +21,7 @@
 #include "access_token.h"
 #include "access_token_error.h"
 #include "accesstoken_common_log.h"
-#include "accesstoken_service_ipc_interface_code.h"
+#include "iaccess_token_manager.h"
 #include "permission_grant_info.h"
 #include "permission_state_change_info_parcel.h"
 #include "string_ex.h"
@@ -125,7 +125,7 @@ void DeleteTokenTest::TearDown()
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(DeleteTokenTest, DeleteTokenFuncTest001, TestSize.Level1)
+HWTEST_F(DeleteTokenTest, DeleteTokenFuncTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "DeleteTokenFuncTest001");
 
@@ -149,7 +149,7 @@ HWTEST_F(DeleteTokenTest, DeleteTokenFuncTest001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(DeleteTokenTest, DeleteTokenFuncTest002, TestSize.Level1)
+HWTEST_F(DeleteTokenTest, DeleteTokenFuncTest002, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "DeleteTokenFuncTest002");
 
@@ -173,7 +173,7 @@ HWTEST_F(DeleteTokenTest, DeleteTokenFuncTest002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(DeleteTokenTest, DeleteTokenAbnormalTest001, TestSize.Level1)
+HWTEST_F(DeleteTokenTest, DeleteTokenAbnormalTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "DeleteTokenAbnormalTest001");
 
@@ -187,7 +187,7 @@ HWTEST_F(DeleteTokenTest, DeleteTokenAbnormalTest001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(DeleteTokenTest, DeleteTokenAbnormalTest002, TestSize.Level1)
+HWTEST_F(DeleteTokenTest, DeleteTokenAbnormalTest002, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "DeleteTokenAbnormalTest002");
     AccessTokenID tokenID = GetSelfTokenID(); // native token
@@ -201,7 +201,7 @@ HWTEST_F(DeleteTokenTest, DeleteTokenAbnormalTest002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(DeleteTokenTest, DeleteTokenSpecTest001, TestSize.Level1)
+HWTEST_F(DeleteTokenTest, DeleteTokenSpecTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "DeleteTokenSpecTest001");
 
diff --git a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/get_hap_token_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/get_hap_token_test.cpp
index 91c471ad1e13840c38ceb54f42a34cfd0ef7f8c1..05f91d5ae26e615a08661d0e484caf91f339a47a 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/get_hap_token_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/get_hap_token_test.cpp
@@ -20,7 +20,7 @@
 #include "access_token.h"
 #include "access_token_error.h"
 #include "accesstoken_common_log.h"
-#include "accesstoken_service_ipc_interface_code.h"
+#include "iaccess_token_manager.h"
 #include "permission_grant_info.h"
 #include "permission_state_change_info_parcel.h"
 #include "string_ex.h"
@@ -66,6 +66,7 @@ void GetHapTokenTest::TearDownTestCase()
         g_mock = nullptr;
     }
     SetSelfTokenID(g_selfTokenId);
+    TestCommon::ResetTestEvironment();
 }
 
 void GetHapTokenTest::SetUp()
@@ -103,7 +104,7 @@ void GetHapTokenTest::TearDown()
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(GetHapTokenTest, GetHapTokenIDFuncTest001, TestSize.Level1)
+HWTEST_F(GetHapTokenTest, GetHapTokenIDFuncTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GetHapTokenIDFuncTest001");
 
@@ -125,7 +126,7 @@ HWTEST_F(GetHapTokenTest, GetHapTokenIDFuncTest001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(GetHapTokenTest, GetHapTokenIDAbnormalTest001, TestSize.Level1)
+HWTEST_F(GetHapTokenTest, GetHapTokenIDAbnormalTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GetHapTokenIDAbnormalTest001");
 
@@ -139,7 +140,7 @@ HWTEST_F(GetHapTokenTest, GetHapTokenIDAbnormalTest001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(GetHapTokenTest, GetHapTokenIDAbnormalTest002, TestSize.Level1)
+HWTEST_F(GetHapTokenTest, GetHapTokenIDAbnormalTest002, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GetHapTokenIDAbnormalTest002");
 
@@ -156,7 +157,7 @@ HWTEST_F(GetHapTokenTest, GetHapTokenIDAbnormalTest002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(GetHapTokenTest, GetHapTokenIDAbnormalTest003, TestSize.Level1)
+HWTEST_F(GetHapTokenTest, GetHapTokenIDAbnormalTest003, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GetHapTokenIDAbnormalTest003");
 
@@ -170,7 +171,7 @@ HWTEST_F(GetHapTokenTest, GetHapTokenIDAbnormalTest003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI60F1M
  */
-HWTEST_F(GetHapTokenTest, GetHapTokenIDExFuncTest001, TestSize.Level1)
+HWTEST_F(GetHapTokenTest, GetHapTokenIDExFuncTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GetHapTokenIDExFuncTest001");
 
@@ -183,10 +184,9 @@ HWTEST_F(GetHapTokenTest, GetHapTokenIDExFuncTest001, TestSize.Level1)
     ASSERT_EQ(tokenIdEx.tokenIDEx, tokenIdEx1.tokenIDEx);
     HapTokenInfo hapTokenInfoRes;
     AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
-    int ret = AccessTokenKit::GetHapTokenInfo(tokenID, hapTokenInfoRes);
-    ASSERT_EQ(RET_SUCCESS, ret);
-    ASSERT_EQ(hapTokenInfoRes.bundleName, g_infoManagerTestSystemInfoParms.bundleName);
-    ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID));
+    EXPECT_EQ(RET_SUCCESS, AccessTokenKit::GetHapTokenInfo(tokenID, hapTokenInfoRes));
+    EXPECT_EQ(hapTokenInfoRes.bundleName, g_infoManagerTestSystemInfoParms.bundleName);
+    EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID));
 }
 
 /**
@@ -195,7 +195,7 @@ HWTEST_F(GetHapTokenTest, GetHapTokenIDExFuncTest001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI60F1M
  */
-HWTEST_F(GetHapTokenTest, GetHapTokenIDExAbnormalTest001, TestSize.Level1)
+HWTEST_F(GetHapTokenTest, GetHapTokenIDExAbnormalTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GetHapTokenIDExAbnormalTest001");
 
@@ -209,7 +209,7 @@ HWTEST_F(GetHapTokenTest, GetHapTokenIDExAbnormalTest001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI60F1M
  */
-HWTEST_F(GetHapTokenTest, GetHapTokenIDExAbnormalTest002, TestSize.Level1)
+HWTEST_F(GetHapTokenTest, GetHapTokenIDExAbnormalTest002, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GetHapTokenIDExAbnormalTest002");
 
@@ -223,7 +223,7 @@ HWTEST_F(GetHapTokenTest, GetHapTokenIDExAbnormalTest002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI60F1M
  */
-HWTEST_F(GetHapTokenTest, GetHapTokenIDExAbnormalTest003, TestSize.Level1)
+HWTEST_F(GetHapTokenTest, GetHapTokenIDExAbnormalTest003, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GetHapTokenIDExAbnormalTest003");
 
@@ -281,7 +281,7 @@ HWTEST_F(GetHapTokenTest, GetHapTokenInfoAbnormalTest001, TestSize.Level0)
  * @tc.type: FUNC
  * @tc.require: IAZTZD
  */
-HWTEST_F(GetHapTokenTest, GetHapTokenInfoExtensionFuncTest001, TestSize.Level1)
+HWTEST_F(GetHapTokenTest, GetHapTokenInfoExtensionFuncTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GetHapTokenInfoExtensionFuncTest001");
     setuid(0);
@@ -303,7 +303,7 @@ HWTEST_F(GetHapTokenTest, GetHapTokenInfoExtensionFuncTest001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI60F1M
  */
-HWTEST_F(GetHapTokenTest, IsSystemAppByFullTokenIDTest001, TestSize.Level1)
+HWTEST_F(GetHapTokenTest, IsSystemAppByFullTokenIDTest001, TestSize.Level0)
 {
     std::vector<std::string> reqPerm;
     AccessTokenIDEx tokenIdEx = {0};
@@ -311,18 +311,18 @@ HWTEST_F(GetHapTokenTest, IsSystemAppByFullTokenIDTest001, TestSize.Level1)
     ASSERT_EQ(true, TokenIdKit::IsSystemAppByFullTokenID(tokenIdEx.tokenIDEx));
 
     AccessTokenIDEx tokenIdEx1 = AccessTokenKit::GetHapTokenIDEx(1, "accesstoken_test", 0);
-    ASSERT_EQ(tokenIdEx.tokenIDEx, tokenIdEx1.tokenIDEx);
+    EXPECT_EQ(tokenIdEx.tokenIDEx, tokenIdEx1.tokenIDEx);
 
     UpdateHapInfoParams info;
     info.appIDDesc = g_infoManagerTestSystemInfoParms.appIDDesc;
     info.apiVersion = g_infoManagerTestSystemInfoParms.apiVersion;
     info.isSystemApp = false;
-    ASSERT_EQ(RET_SUCCESS, AccessTokenKit::UpdateHapToken(tokenIdEx, info, g_infoManagerTestPolicyPrams));
+    EXPECT_EQ(RET_SUCCESS, AccessTokenKit::UpdateHapToken(tokenIdEx, info, g_infoManagerTestPolicyPrams));
     tokenIdEx1 = AccessTokenKit::GetHapTokenIDEx(1, "accesstoken_test", 0);
-    ASSERT_EQ(tokenIdEx.tokenIDEx, tokenIdEx1.tokenIDEx);
+    EXPECT_EQ(tokenIdEx.tokenIDEx, tokenIdEx1.tokenIDEx);
 
-    ASSERT_EQ(false, TokenIdKit::IsSystemAppByFullTokenID(tokenIdEx.tokenIDEx));
-    ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID));
+    EXPECT_EQ(false, TokenIdKit::IsSystemAppByFullTokenID(tokenIdEx.tokenIDEx));
+    EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID));
 }
 
 /**
@@ -331,24 +331,24 @@ HWTEST_F(GetHapTokenTest, IsSystemAppByFullTokenIDTest001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI60F1M
  */
-HWTEST_F(GetHapTokenTest, IsSystemAppByFullTokenIDTest002, TestSize.Level1)
+HWTEST_F(GetHapTokenTest, IsSystemAppByFullTokenIDTest002, TestSize.Level0)
 {
     AccessTokenIDEx tokenIdEx = {0};
     TestCommon::AllocTestHapToken(g_infoManagerTestSystemInfoParms, g_infoManagerTestPolicyPrams, tokenIdEx);
-    ASSERT_TRUE(TokenIdKit::IsSystemAppByFullTokenID(tokenIdEx.tokenIDEx));
+    EXPECT_TRUE(TokenIdKit::IsSystemAppByFullTokenID(tokenIdEx.tokenIDEx));
 
     AccessTokenIDEx tokenIdEx1 = AccessTokenKit::GetHapTokenIDEx(1, "accesstoken_test", 0);
-    ASSERT_EQ(tokenIdEx.tokenIDEx, tokenIdEx1.tokenIDEx);
+    EXPECT_EQ(tokenIdEx.tokenIDEx, tokenIdEx1.tokenIDEx);
     UpdateHapInfoParams info;
     info.appIDDesc = g_infoManagerTestNormalInfoParms.appIDDesc;
     info.apiVersion = g_infoManagerTestNormalInfoParms.apiVersion;
     info.isSystemApp = true;
-    ASSERT_EQ(RET_SUCCESS, AccessTokenKit::UpdateHapToken(tokenIdEx, info, g_infoManagerTestPolicyPrams));
+    EXPECT_EQ(RET_SUCCESS, AccessTokenKit::UpdateHapToken(tokenIdEx, info, g_infoManagerTestPolicyPrams));
     tokenIdEx1 = AccessTokenKit::GetHapTokenIDEx(1, "accesstoken_test", 0);
-    ASSERT_EQ(tokenIdEx.tokenIDEx, tokenIdEx1.tokenIDEx);
+    EXPECT_EQ(tokenIdEx.tokenIDEx, tokenIdEx1.tokenIDEx);
 
-    ASSERT_EQ(true,  TokenIdKit::IsSystemAppByFullTokenID(tokenIdEx.tokenIDEx));
-    ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID));
+    EXPECT_EQ(true,  TokenIdKit::IsSystemAppByFullTokenID(tokenIdEx.tokenIDEx));
+    EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID));
 }
 
 /**
@@ -357,7 +357,7 @@ HWTEST_F(GetHapTokenTest, IsSystemAppByFullTokenIDTest002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(GetHapTokenTest, IsSystemAppByFullTokenIDTest003, TestSize.Level1)
+HWTEST_F(GetHapTokenTest, IsSystemAppByFullTokenIDTest003, TestSize.Level0)
 {
     AccessTokenIDEx tokenIdEx = {0};
     TestCommon::AllocTestHapToken(g_infoManagerTestSystemInfoParms, g_infoManagerTestPolicyPrams, tokenIdEx);
@@ -365,7 +365,7 @@ HWTEST_F(GetHapTokenTest, IsSystemAppByFullTokenIDTest003, TestSize.Level1)
     ASSERT_EQ(tokenIdEx.tokenIDEx, tokenIdEx1.tokenIDEx);
     bool res = AccessTokenKit::IsSystemAppByFullTokenID(tokenIdEx.tokenIDEx);
     ASSERT_TRUE(res);
-    ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID));
+    EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID));
 }
 } // namespace AccessToken
 } // namespace Security
diff --git a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/get_token_type_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/get_token_type_test.cpp
index b6b81fb803aeef015e26cc3a8a59dbd133761114..0c0d0d9b16fb3ecc85f837676176a197abce8066 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/get_token_type_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/get_token_type_test.cpp
@@ -20,7 +20,7 @@
 #include "access_token.h"
 #include "access_token_error.h"
 #include "accesstoken_common_log.h"
-#include "accesstoken_service_ipc_interface_code.h"
+#include "iaccess_token_manager.h"
 #include "permission_grant_info.h"
 #include "permission_state_change_info_parcel.h"
 #include "string_ex.h"
@@ -132,7 +132,7 @@ HWTEST_F(GetTokenTypeTest, GetTokenTypeAbnormalTest001, TestSize.Level0)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(GetTokenTypeTest, GetTokenTypeFlagAbnormalTest001, TestSize.Level1)
+HWTEST_F(GetTokenTypeTest, GetTokenTypeFlagAbnormalTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GetTokenTypeFlagAbnormalTest001");
 
@@ -147,7 +147,7 @@ HWTEST_F(GetTokenTypeTest, GetTokenTypeFlagAbnormalTest001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(GetTokenTypeTest, GetTokenTypeFlagFuncTest001, TestSize.Level1)
+HWTEST_F(GetTokenTypeTest, GetTokenTypeFlagFuncTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GetTokenTypeFlagFuncTest001");
 
diff --git a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/init_hap_token_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/init_hap_token_test.cpp
index 8ce8e5dd89ef07aad98ca7c16840fc7081946516..8bbd287b4a589ff778bd34ebc06699f87757e7df 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/init_hap_token_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/init_hap_token_test.cpp
@@ -20,7 +20,7 @@
 #include "access_token.h"
 #include "access_token_error.h"
 #include "accesstoken_common_log.h"
-#include "accesstoken_service_ipc_interface_code.h"
+#include "iaccess_token_manager.h"
 #include "nativetoken_kit.h"
 #include "permission_grant_info.h"
 #include "permission_state_change_info_parcel.h"
@@ -34,6 +34,9 @@ namespace OHOS {
 namespace Security {
 namespace AccessToken {
 namespace {
+static constexpr uint32_t NUMBER_ONE = 1;
+static constexpr uint32_t NUMBER_TWO = 2;
+static constexpr uint32_t NUMBER_THREE = 3;
 static uint64_t g_selfTokenId = 0;
 static constexpr int32_t THIRTY_TIME_CYCLES = 30;
 static constexpr int32_t MAX_EXTENDED_MAP_SIZE = 512;
@@ -132,7 +135,7 @@ void InitHapTokenTest::TearDown()
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest001, TestSize.Level1)
+HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenFuncTest001");
     MockNativeToken mock("foundation");
@@ -169,7 +172,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest002, TestSize.Level1)
+HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest002, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenFuncTest002");
     MockNativeToken mock("foundation");
@@ -206,7 +209,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest003, TestSize.Level1)
+HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest003, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenFuncTest003");
     MockNativeToken mock("foundation");
@@ -251,7 +254,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest004, TestSize.Level1)
+HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest004, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenFuncTest004");
     MockNativeToken mock("foundation");
@@ -268,7 +271,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest004, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest005, TestSize.Level1)
+HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest005, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenFuncTest005");
     MockNativeToken mock("foundation");
@@ -332,7 +335,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest005, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest006, TestSize.Level1)
+HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest006, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenFuncTest006");
     MockNativeToken mock("foundation");
@@ -360,7 +363,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest006, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest007, TestSize.Level1)
+HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest007, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenFuncTest007");
     MockNativeToken mock("foundation");
@@ -387,13 +390,95 @@ HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest007, TestSize.Level1)
     ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(tokenID));
 }
 
+/**
+ * @tc.name: InitHapTokenFuncTest008
+ * @tc.desc: Install atomic app success
+ * @tc.type: FUNC
+ * @tc.require:
+ */
+HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest008, TestSize.Level0)
+{
+    LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenFuncTest008");
+    MockNativeToken mock("foundation");
+
+    HapInfoParams infoParams;
+    HapPolicyParams policyParams;
+    TestCommon::GetHapParams(infoParams, policyParams);
+    infoParams.isSystemApp = false;
+    infoParams.isAtomicService = true;
+    infoParams.bundleName = "install.atomic.service.test";
+    AccessTokenIDEx fullTokenId;
+    HapInfoCheckResult result;
+    ASSERT_EQ(RET_SUCCESS, AccessTokenKit::InitHapToken(infoParams, policyParams, fullTokenId, result));
+    ASSERT_TRUE(AccessTokenKit::IsAtomicServiceByFullTokenID(static_cast<uint64_t>(fullTokenId.tokenIDEx)));
+
+    AccessTokenIDEx tokenIDEx = AccessTokenKit::GetHapTokenIDEx(
+        infoParams.userID, infoParams.bundleName, infoParams.instIndex);
+    ASSERT_TRUE(AccessTokenKit::IsAtomicServiceByFullTokenID(static_cast<uint64_t>(tokenIDEx.tokenIDEx)));
+    EXPECT_EQ(tokenIDEx.tokenIDEx, fullTokenId.tokenIDEx);
+
+    AccessTokenID tokenID = fullTokenId.tokenIdExStruct.tokenID;
+    HapTokenInfo hapTokenInfoRes;
+    ASSERT_EQ(RET_SUCCESS, AccessTokenKit::GetHapTokenInfo(tokenID, hapTokenInfoRes));
+    EXPECT_EQ(NUMBER_TWO, hapTokenInfoRes.tokenAttr);
+
+    ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(tokenID));
+}
+
+/**
+ * @tc.name: InitHapTokenFuncTest009
+ * @tc.desc: Install the system service app and update it as a atomic service
+ * @tc.type: FUNC
+ * @tc.require:
+ */
+HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest009, TestSize.Level0)
+{
+    LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenFuncTest009");
+    MockNativeToken mock("foundation");
+
+    HapInfoParams infoParams;
+    HapPolicyParams policyParams;
+    TestCommon::GetHapParams(infoParams, policyParams);
+    infoParams.isSystemApp = true;
+    infoParams.bundleName = "update.atomic.service.test";
+    AccessTokenIDEx fullTokenId;
+    HapInfoCheckResult result;
+    ASSERT_EQ(RET_SUCCESS, AccessTokenKit::InitHapToken(infoParams, policyParams, fullTokenId, result));
+    ASSERT_TRUE(AccessTokenKit::IsSystemAppByFullTokenID(static_cast<uint64_t>(fullTokenId.tokenIDEx)));
+    ASSERT_FALSE(AccessTokenKit::IsAtomicServiceByFullTokenID(static_cast<uint64_t>(fullTokenId.tokenIDEx)));
+
+    UpdateHapInfoParams info;
+    info.appIDDesc = infoParams.appIDDesc;
+    info.apiVersion = infoParams.apiVersion;
+    info.isSystemApp = infoParams.isSystemApp;
+    info.appDistributionType = infoParams.appDistributionType;
+    info.isAtomicService = true;
+    ASSERT_EQ(RET_SUCCESS, AccessTokenKit::UpdateHapToken(fullTokenId, info, policyParams));
+    ASSERT_TRUE(AccessTokenKit::IsSystemAppByFullTokenID(static_cast<uint64_t>(fullTokenId.tokenIDEx)));
+    ASSERT_TRUE(AccessTokenKit::IsAtomicServiceByFullTokenID(static_cast<uint64_t>(fullTokenId.tokenIDEx)));
+
+    AccessTokenID tokenID = fullTokenId.tokenIdExStruct.tokenID;
+    HapTokenInfo hapTokenInfoRes;
+    ASSERT_EQ(RET_SUCCESS, AccessTokenKit::GetHapTokenInfo(tokenID, hapTokenInfoRes));
+    EXPECT_EQ(NUMBER_THREE, hapTokenInfoRes.tokenAttr);
+
+    info.isAtomicService = false;
+    ASSERT_EQ(RET_SUCCESS, AccessTokenKit::UpdateHapToken(fullTokenId, info, policyParams));
+    ASSERT_TRUE(AccessTokenKit::IsSystemAppByFullTokenID(static_cast<uint64_t>(fullTokenId.tokenIDEx)));
+    ASSERT_FALSE(AccessTokenKit::IsAtomicServiceByFullTokenID(static_cast<uint64_t>(fullTokenId.tokenIDEx)));
+    ASSERT_EQ(RET_SUCCESS, AccessTokenKit::GetHapTokenInfo(tokenID, hapTokenInfoRes));
+    EXPECT_EQ(NUMBER_ONE, hapTokenInfoRes.tokenAttr);
+
+    ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(tokenID));
+}
+
 /**
  * @tc.name: InitHapTokenSpecsTest001
  * @tc.desc: Test  request the high-level permission authorized by acl.
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest001, TestSize.Level1)
+HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenSpecsTest001");
     MockNativeToken mock("foundation");
@@ -439,7 +524,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest002, TestSize.Level1)
+HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest002, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenSpecsTest002");
     MockNativeToken mock("foundation");
@@ -479,7 +564,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest003, TestSize.Level1)
+HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest003, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenSpecsTest003");
     MockNativeToken mock("foundation");
@@ -533,7 +618,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest004, TestSize.Level1)
+HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest004, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenSpecsTest004");
     MockNativeToken mock("foundation");
@@ -597,7 +682,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest004, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest005, TestSize.Level1)
+HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest005, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenSpecsTest005");
     MockNativeToken mock("foundation");
@@ -626,7 +711,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest005, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest006, TestSize.Level1)
+HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest006, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenSpecsTest006");
     MockNativeToken mock("foundation");
@@ -666,7 +751,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest006, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest007, TestSize.Level1)
+HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest007, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenSpecsTest007");
     MockNativeToken mock("foundation");
@@ -705,7 +790,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest007, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest008, TestSize.Level1)
+HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest008, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenSpecsTest008");
     MockNativeToken mock("foundation");
@@ -745,7 +830,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest008, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest009, TestSize.Level1)
+HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest009, TestSize.Level0)
 {
     MockNativeToken mock("foundation");
     HapInfoParams infoParams;
@@ -797,7 +882,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest009, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest010, TestSize.Level1)
+HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest010, TestSize.Level0)
 {
     HapInfoParams infoParams;
     HapPolicyParams policyParams;
@@ -834,7 +919,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest010, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest011, TestSize.Level1)
+HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest011, TestSize.Level0)
 {
     HapInfoParams infoParams;
     HapPolicyParams policyParams;
@@ -855,12 +940,12 @@ HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest011, TestSize.Level1)
     policyParams.aclExtendedMap["ohos.permission.ACCESS_CERT_MANAGER"] = testValue;
     ret = AccessTokenKit::InitHapToken(infoParams, policyParams, fullTokenId);
     ASSERT_EQ(RET_SUCCESS, ret);
+    AccessTokenID tokenID = fullTokenId.tokenIdExStruct.tokenID;
 
     testValue.push_back('1');
     policyParams.aclExtendedMap["ohos.permission.ACCESS_CERT_MANAGER"] = testValue;
     ret = AccessTokenKit::InitHapToken(infoParams, policyParams, fullTokenId);
     ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
-    AccessTokenID tokenID = fullTokenId.tokenIdExStruct.tokenID;
 
     ret = AccessTokenKit::DeleteToken(tokenID);
     EXPECT_EQ(RET_SUCCESS, ret);
@@ -872,7 +957,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest011, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest012, TestSize.Level1)
+HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest012, TestSize.Level0)
 {
     HapInfoParams infoParams;
     HapPolicyParams policyParams;
@@ -907,7 +992,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest012, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest013, TestSize.Level1)
+HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest013, TestSize.Level0)
 {
     MockNativeToken mock("foundation");
     HapInfoParams infoParams;
@@ -935,7 +1020,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest013, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest014, TestSize.Level1)
+HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest014, TestSize.Level0)
 {
     HapInfoParams infoParams;
     HapPolicyParams policyParams;
@@ -968,7 +1053,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest014, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(InitHapTokenTest, InitHapTokenAbnormalTest001, TestSize.Level1)
+HWTEST_F(InitHapTokenTest, InitHapTokenAbnormalTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenAbnormalTest001");
 
@@ -1004,7 +1089,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenAbnormalTest001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(InitHapTokenTest, InitHapTokenAbnormalTest002, TestSize.Level1)
+HWTEST_F(InitHapTokenTest, InitHapTokenAbnormalTest002, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenAbnormalTest002");
 
@@ -1038,7 +1123,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenAbnormalTest002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(InitHapTokenTest, InitHapTokenAbnormalTest003, TestSize.Level1)
+HWTEST_F(InitHapTokenTest, InitHapTokenAbnormalTest003, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenAbnormalTest003");
 
@@ -1080,7 +1165,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenAbnormalTest003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(InitHapTokenTest, InitHapTokenAbnormalTest004, TestSize.Level1)
+HWTEST_F(InitHapTokenTest, InitHapTokenAbnormalTest004, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenAbnormalTest004");
 
@@ -1145,7 +1230,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenAbnormalTest004, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(InitHapTokenTest, InitHapTokenAbnormalTest005, TestSize.Level1)
+HWTEST_F(InitHapTokenTest, InitHapTokenAbnormalTest005, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenAbnormalTest005");
 
@@ -1189,7 +1274,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenAbnormalTest005, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(InitHapTokenTest, InitHapTokenAbnormalTest006, TestSize.Level1)
+HWTEST_F(InitHapTokenTest, InitHapTokenAbnormalTest006, TestSize.Level0)
 {
     HapInfoParams infoParams;
     HapPolicyParams policyParams;
diff --git a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/update_hap_token_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/update_hap_token_test.cpp
index 54ff953bae2defd8aa23ce4e336e769b18d31730..4e3f85a9ec38bed33afdac8151cc2618eb7c5d4d 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/update_hap_token_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/update_hap_token_test.cpp
@@ -20,7 +20,7 @@
 #include "access_token.h"
 #include "access_token_error.h"
 #include "accesstoken_common_log.h"
-#include "accesstoken_service_ipc_interface_code.h"
+#include "iaccess_token_manager.h"
 #include "nativetoken_kit.h"
 #include "permission_grant_info.h"
 #include "permission_state_change_info_parcel.h"
@@ -159,7 +159,7 @@ void UpdateHapTokenTest::TearDown()
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest001, TestSize.Level1)
+HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "UpdateHapTokenFuncTest001");
 
@@ -203,7 +203,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest002, TestSize.Level1)
+HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest002, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "UpdateHapTokenFuncTest002");
 
@@ -247,7 +247,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest003, TestSize.Level1)
+HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest003, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "UpdateHapTokenFuncTest003");
 
@@ -311,7 +311,7 @@ void GetPermissions(string permissionName, PermissionStateFull& stateFull, PreAu
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest004, TestSize.Level1)
+HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest004, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "UpdateHapTokenFuncTest004");
 
@@ -363,7 +363,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest004, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest005, TestSize.Level1)
+HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest005, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "UpdateHapTokenFuncTest005");
 
@@ -418,7 +418,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest005, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest006, TestSize.Level1)
+HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest006, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "UpdateHapTokenFuncTest006");
 
@@ -482,7 +482,7 @@ static bool ExistInVector(vector<unsigned int> array, unsigned int value)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest007, TestSize.Level1)
+HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest007, TestSize.Level0)
 {
     int allocFlag = 0;
     int updateFlag = 0;
@@ -544,7 +544,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest007, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest008, TestSize.Level1)
+HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest008, TestSize.Level0)
 {
     AccessTokenIDEx tokenIdEx = {0};
     ASSERT_EQ(RET_SUCCESS, AccessTokenKit::InitHapToken(g_testHapInfoParams, g_testPolicyParams, tokenIdEx));
@@ -581,7 +581,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest008, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest009, TestSize.Level1)
+HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest009, TestSize.Level0)
 {
     const std::string appIDDesc = g_testHapInfoParams.appIDDesc;
     int backupMode = g_testPolicyParams.permList[INDEX_ZERO].grantMode;
@@ -624,7 +624,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest009, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest010, TestSize.Level1)
+HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest010, TestSize.Level0)
 {
     const std::string appIDDesc = g_testHapInfoParams.appIDDesc;
     std::string permission = g_infoManagerCameraState.permissionName;
@@ -661,7 +661,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest010, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest011, TestSize.Level1)
+HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest011, TestSize.Level0)
 {
     const std::string appIDDesc = g_testHapInfoParams.appIDDesc;
     AccessTokenIDEx tokenIdEx = {0};
@@ -696,7 +696,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest011, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI61A6M
  */
-HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest012, TestSize.Level1)
+HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest012, TestSize.Level0)
 {
     AccessTokenIDEx tokenID = {0};
     HapPolicyParams policy;
@@ -745,7 +745,7 @@ static void *ThreadTestFunc02(void *args)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(UpdateHapTokenTest, Mulitpulthread001, TestSize.Level1)
+HWTEST_F(UpdateHapTokenTest, Mulitpulthread001, TestSize.Level0)
 {
     AccessTokenID tokenID = AccessTokenKit::GetHapTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
     ASSERT_NE(INVALID_TOKENID, tokenID);
@@ -781,7 +781,7 @@ void ConcurrencyTask(unsigned int tokenID)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(UpdateHapTokenTest, ConcurrencyTest001, TestSize.Level1)
+HWTEST_F(UpdateHapTokenTest, ConcurrencyTest001, TestSize.Level0)
 {
     AccessTokenID tokenID = AccessTokenKit::GetHapTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
     ASSERT_NE(INVALID_TOKENID, tokenID);
@@ -802,7 +802,7 @@ HWTEST_F(UpdateHapTokenTest, ConcurrencyTest001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest001, TestSize.Level1)
+HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "UpdateHapTokenSpecsTest001");
 
@@ -857,7 +857,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest002, TestSize.Level1)
+HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest002, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "UpdateHapTokenSpecsTest002");
 
@@ -911,7 +911,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest003, TestSize.Level1)
+HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest003, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "UpdateHapTokenSpecsTest003");
 
@@ -964,7 +964,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest004, TestSize.Level1)
+HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest004, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "UpdateHapTokenSpecsTest004");
 
@@ -1010,7 +1010,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest004, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest005, TestSize.Level1)
+HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest005, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "UpdateHapTokenSpecsTest005");
 
@@ -1068,7 +1068,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest005, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest006, TestSize.Level1)
+HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest006, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "UpdateHapTokenSpecsTest006");
 
@@ -1115,7 +1115,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest006, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest007, TestSize.Level1)
+HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest007, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "UpdateHapTokenSpecsTest007");
 
@@ -1177,7 +1177,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest007, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest008, TestSize.Level1)
+HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest008, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "UpdateHapTokenSpecsTest008");
 
@@ -1235,7 +1235,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest008, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest009, TestSize.Level1)
+HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest009, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "UpdateHapTokenSpecsTest009");
 
@@ -1289,7 +1289,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest009, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest010, TestSize.Level1)
+HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest010, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "UpdateHapTokenSpecsTest010");
 
@@ -1342,7 +1342,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest010, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest011, TestSize.Level1)
+HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest011, TestSize.Level0)
 {
     HapInfoParams infoParams;
     HapPolicyParams policyParams;
@@ -1386,7 +1386,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest011, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(UpdateHapTokenTest, UpdateHapTokenAbnormalTest001, TestSize.Level1)
+HWTEST_F(UpdateHapTokenTest, UpdateHapTokenAbnormalTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "UpdateHapTokenAbnormalTest001");
 
@@ -1417,7 +1417,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenAbnormalTest001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(UpdateHapTokenTest, UpdateHapTokenAbnormalTest002, TestSize.Level1)
+HWTEST_F(UpdateHapTokenTest, UpdateHapTokenAbnormalTest002, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "UpdateHapTokenAbnormalTest002");
 
@@ -1452,7 +1452,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenAbnormalTest002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(UpdateHapTokenTest, UpdateHapTokenAbnormalTest003, TestSize.Level1)
+HWTEST_F(UpdateHapTokenTest, UpdateHapTokenAbnormalTest003, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "UpdateHapTokenAbnormalTest003");
     std::string backUpPermission = g_testPolicyParams.permList[INDEX_ZERO].permissionName;
@@ -1515,7 +1515,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenAbnormalTest003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(UpdateHapTokenTest, UpdateHapTokenAbnormalTest004, TestSize.Level1)
+HWTEST_F(UpdateHapTokenTest, UpdateHapTokenAbnormalTest004, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "UpdateHapTokenAbnormalTest004");
 
@@ -1579,7 +1579,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenAbnormalTest004, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(UpdateHapTokenTest, UpdateHapTokenAbnormalTest005, TestSize.Level1)
+HWTEST_F(UpdateHapTokenTest, UpdateHapTokenAbnormalTest005, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "UpdateHapTokenAbnormalTest005");
 
@@ -1629,7 +1629,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenAbnormalTest005, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(UpdateHapTokenTest, UpdateHapTokenAbnormalTest006, TestSize.Level1)
+HWTEST_F(UpdateHapTokenTest, UpdateHapTokenAbnormalTest006, TestSize.Level0)
 {
     AccessTokenIDEx tokenIdEx = {
         .tokenIdExStruct.tokenID = INVALID_TOKENID,
diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermDenyTest/accesstoken_deny_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermDenyTest/accesstoken_deny_test.cpp
index d1f8e22229eaf8209db4c7a022701273acba0206..734ae08c56bdf8c7d8e28cb13b83f041318abff7 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/PermDenyTest/accesstoken_deny_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/PermDenyTest/accesstoken_deny_test.cpp
@@ -100,7 +100,7 @@ void AccessTokenDenyTest::TearDown()
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(AccessTokenDenyTest, InitUserPolicy001, TestSize.Level1)
+HWTEST_F(AccessTokenDenyTest, InitUserPolicy001, TestSize.Level0)
 {
     UserState user = {.userId = 100, .isActive = true}; // 100 is userId
     const std::vector<UserState> userList = { user };
@@ -116,7 +116,7 @@ HWTEST_F(AccessTokenDenyTest, InitUserPolicy001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(AccessTokenDenyTest, UpdateUserPolicy001, TestSize.Level1)
+HWTEST_F(AccessTokenDenyTest, UpdateUserPolicy001, TestSize.Level0)
 {
     UserState user = {.userId = 100, .isActive = true}; // 100 is userId
     const std::vector<UserState> userList = { user };
@@ -131,7 +131,7 @@ HWTEST_F(AccessTokenDenyTest, UpdateUserPolicy001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenDenyTest, AllocHapToken001, TestSize.Level1)
+HWTEST_F(AccessTokenDenyTest, AllocHapToken001, TestSize.Level0)
 {
     AccessTokenIDEx tokenIdEx = {0};
     tokenIdEx = AccessTokenKit::AllocHapToken(g_InfoParms, g_PolicyPrams);
@@ -144,7 +144,7 @@ HWTEST_F(AccessTokenDenyTest, AllocHapToken001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenDenyTest, InitHapToken001, TestSize.Level1)
+HWTEST_F(AccessTokenDenyTest, InitHapToken001, TestSize.Level0)
 {
     AccessTokenIDEx tokenIdEx = {0};
     int32_t ret = AccessTokenKit::InitHapToken(g_InfoParms, g_PolicyPrams, tokenIdEx);
@@ -157,7 +157,7 @@ HWTEST_F(AccessTokenDenyTest, InitHapToken001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenDenyTest, AllocLocalTokenID001, TestSize.Level1)
+HWTEST_F(AccessTokenDenyTest, AllocLocalTokenID001, TestSize.Level0)
 {
     std::string remoteDevice = "remote device";
     AccessTokenID tokenId = 123;
@@ -171,7 +171,7 @@ HWTEST_F(AccessTokenDenyTest, AllocLocalTokenID001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenDenyTest, UpdateHapToken001, TestSize.Level1)
+HWTEST_F(AccessTokenDenyTest, UpdateHapToken001, TestSize.Level0)
 {
     AccessTokenIDEx tokenIdEx = {0};
     tokenIdEx.tokenIdExStruct.tokenID = 123;
@@ -189,7 +189,7 @@ HWTEST_F(AccessTokenDenyTest, UpdateHapToken001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenDenyTest, DeleteToken001, TestSize.Level1)
+HWTEST_F(AccessTokenDenyTest, DeleteToken001, TestSize.Level0)
 {
     AccessTokenID tokenId = 123;
     ASSERT_EQ(AccessTokenError::ERR_PERMISSION_DENIED, AccessTokenKit::DeleteToken(tokenId));
@@ -201,7 +201,7 @@ HWTEST_F(AccessTokenDenyTest, DeleteToken001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenDenyTest, GetHapTokenID001, TestSize.Level1)
+HWTEST_F(AccessTokenDenyTest, GetHapTokenID001, TestSize.Level0)
 {
     int32_t userID = 0;
     std::string bundleName = "test";
@@ -216,7 +216,7 @@ HWTEST_F(AccessTokenDenyTest, GetHapTokenID001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenDenyTest, GetHapTokenInfo001, TestSize.Level1)
+HWTEST_F(AccessTokenDenyTest, GetHapTokenInfo001, TestSize.Level0)
 {
     AccessTokenID tokenId = 123;
     HapTokenInfo tokenInfo;
@@ -229,7 +229,7 @@ HWTEST_F(AccessTokenDenyTest, GetHapTokenInfo001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenDenyTest, GetNativeTokenInfo001, TestSize.Level1)
+HWTEST_F(AccessTokenDenyTest, GetNativeTokenInfo001, TestSize.Level0)
 {
     AccessTokenID tokenId = 805920561; //805920561 is a native tokenId.
     NativeTokenInfo tokenInfo;
@@ -242,7 +242,7 @@ HWTEST_F(AccessTokenDenyTest, GetNativeTokenInfo001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenDenyTest, GetReqPermissions001, TestSize.Level1)
+HWTEST_F(AccessTokenDenyTest, GetReqPermissions001, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permStatList;
     AccessTokenID tokenID = 123; // 123: tokenid
@@ -258,7 +258,7 @@ HWTEST_F(AccessTokenDenyTest, GetReqPermissions001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenDenyTest, GetPermissionFlag001, TestSize.Level1)
+HWTEST_F(AccessTokenDenyTest, GetPermissionFlag001, TestSize.Level0)
 {
     AccessTokenID tokenId = 123;
     std::string permission = "ohos.permission.CAMERA";
@@ -272,7 +272,7 @@ HWTEST_F(AccessTokenDenyTest, GetPermissionFlag001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenDenyTest, SetPermissionRequestToggleStatus001, TestSize.Level1)
+HWTEST_F(AccessTokenDenyTest, SetPermissionRequestToggleStatus001, TestSize.Level0)
 {
     int32_t userID = 123;
     uint32_t status = PermissionRequestToggleStatus::CLOSED;
@@ -288,7 +288,7 @@ HWTEST_F(AccessTokenDenyTest, SetPermissionRequestToggleStatus001, TestSize.Leve
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenDenyTest, GetPermissionRequestToggleStatus001, TestSize.Level1)
+HWTEST_F(AccessTokenDenyTest, GetPermissionRequestToggleStatus001, TestSize.Level0)
 {
     int32_t userID = 123;
     uint32_t status;
@@ -304,7 +304,7 @@ HWTEST_F(AccessTokenDenyTest, GetPermissionRequestToggleStatus001, TestSize.Leve
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenDenyTest, GrantPermission001, TestSize.Level1)
+HWTEST_F(AccessTokenDenyTest, GrantPermission001, TestSize.Level0)
 {
     AccessTokenID tokenId = 123; // 123: tokenid
     std::string permission = "ohos.permission.CAMERA";
@@ -318,7 +318,7 @@ HWTEST_F(AccessTokenDenyTest, GrantPermission001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenDenyTest, RevokePermission001, TestSize.Level1)
+HWTEST_F(AccessTokenDenyTest, RevokePermission001, TestSize.Level0)
 {
     AccessTokenID tokenId = 123;
     std::string permission = "ohos.permission.CAMERA";
@@ -332,7 +332,7 @@ HWTEST_F(AccessTokenDenyTest, RevokePermission001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenDenyTest, ClearUserGrantedPermissionState001, TestSize.Level1)
+HWTEST_F(AccessTokenDenyTest, ClearUserGrantedPermissionState001, TestSize.Level0)
 {
     AccessTokenID tokenId = 123;
     ASSERT_EQ(AccessTokenError::ERR_PERMISSION_DENIED, AccessTokenKit::ClearUserGrantedPermissionState(tokenId));
@@ -357,7 +357,7 @@ public:
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenDenyTest, RegisterPermStateChangeCallback001, TestSize.Level1)
+HWTEST_F(AccessTokenDenyTest, RegisterPermStateChangeCallback001, TestSize.Level0)
 {
     PermStateChangeScope scopeInfo;
     scopeInfo.permList = {"ohos.permission.CAMERA"};
@@ -372,7 +372,7 @@ HWTEST_F(AccessTokenDenyTest, RegisterPermStateChangeCallback001, TestSize.Level
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenDenyTest, UnregisterPermStateChangeCallback001, TestSize.Level1)
+HWTEST_F(AccessTokenDenyTest, UnregisterPermStateChangeCallback001, TestSize.Level0)
 {
     setuid(g_selfUid);
 
@@ -398,39 +398,26 @@ HWTEST_F(AccessTokenDenyTest, UnregisterPermStateChangeCallback001, TestSize.Lev
     scopeInfo.permList = {"ohos.permission.CAMERA"};
     scopeInfo.tokenIDs = {};
     auto callbackPtr = std::make_shared<CbCustomizeTest1>(scopeInfo);
-    ASSERT_EQ(RET_SUCCESS, AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr));
+    EXPECT_EQ(RET_SUCCESS, AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr));
 
     EXPECT_EQ(RET_SUCCESS, SetSelfTokenID(g_testTokenIDEx.tokenIDEx));
 
-    ASSERT_EQ(AccessTokenError::ERR_PERMISSION_DENIED, AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr));
+    EXPECT_EQ(AccessTokenError::ERR_PERMISSION_DENIED, AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr));
 
     EXPECT_EQ(RET_SUCCESS, SetSelfTokenID(tokenIdEx.tokenIDEx));
-    ASSERT_EQ(RET_SUCCESS, AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr));
+    EXPECT_EQ(RET_SUCCESS, AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr));
 
     setuid(g_selfUid);
-    ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID));
+    EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID));
 }
 
-#ifndef ATM_BUILD_VARIANT_USER_ENABLE
-/**
- * @tc.name: ReloadNativeTokenInfo001
- * @tc.desc: ReloadNativeTokenInfo with no permission
- * @tc.type: FUNC
- * @tc.require:
- */
-HWTEST_F(AccessTokenDenyTest, ReloadNativeTokenInfo001, TestSize.Level1)
-{
-    ASSERT_EQ(AccessTokenError::ERR_PERMISSION_DENIED, AccessTokenKit::ReloadNativeTokenInfo());
-}
-#endif
-
 /**
  * @tc.name: GetNativeTokenId001
  * @tc.desc: Verify the GetNativeTokenId abnormal branch return nullptr proxy.
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AccessTokenDenyTest, GetNativeTokenId001, TestSize.Level1)
+HWTEST_F(AccessTokenDenyTest, GetNativeTokenId001, TestSize.Level0)
 {
     std::string processName = "hdcd";
     AccessTokenID tokenID = AccessTokenKit::GetNativeTokenId(processName);
@@ -443,7 +430,7 @@ HWTEST_F(AccessTokenDenyTest, GetNativeTokenId001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(AccessTokenDenyTest, DumpTokenInfo001, TestSize.Level1)
+HWTEST_F(AccessTokenDenyTest, DumpTokenInfo001, TestSize.Level0)
 {
     std::string dumpInfo;
     AtmToolsParamInfo info;
@@ -459,7 +446,7 @@ HWTEST_F(AccessTokenDenyTest, DumpTokenInfo001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenDenyTest, GetHapTokenInfoFromRemote001, TestSize.Level1)
+HWTEST_F(AccessTokenDenyTest, GetHapTokenInfoFromRemote001, TestSize.Level0)
 {
     AccessTokenID tokenId = 123;
     HapTokenInfoForSync hapSync;
@@ -472,7 +459,7 @@ HWTEST_F(AccessTokenDenyTest, GetHapTokenInfoFromRemote001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenDenyTest, SetRemoteHapTokenInfo001, TestSize.Level1)
+HWTEST_F(AccessTokenDenyTest, SetRemoteHapTokenInfo001, TestSize.Level0)
 {
     std::string device = "device";
     HapTokenInfoForSync hapSync;
@@ -485,7 +472,7 @@ HWTEST_F(AccessTokenDenyTest, SetRemoteHapTokenInfo001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenDenyTest, DeleteRemoteToken001, TestSize.Level1)
+HWTEST_F(AccessTokenDenyTest, DeleteRemoteToken001, TestSize.Level0)
 {
     std::string device = "device";
     AccessTokenID tokenId = 123;
@@ -498,7 +485,7 @@ HWTEST_F(AccessTokenDenyTest, DeleteRemoteToken001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenDenyTest, GetRemoteNativeTokenID001, TestSize.Level1)
+HWTEST_F(AccessTokenDenyTest, GetRemoteNativeTokenID001, TestSize.Level0)
 {
     std::string device = "device";
     AccessTokenID tokenId = 123;
@@ -511,13 +498,13 @@ HWTEST_F(AccessTokenDenyTest, GetRemoteNativeTokenID001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenDenyTest, DeleteRemoteDeviceTokens001, TestSize.Level1)
+HWTEST_F(AccessTokenDenyTest, DeleteRemoteDeviceTokens001, TestSize.Level0)
 {
     std::string device = "device";
     ASSERT_EQ(AccessTokenError::ERR_PERMISSION_DENIED, AccessTokenKit::DeleteRemoteDeviceTokens(device));
 }
 
-HWTEST_F(AccessTokenDenyTest, RegisterTokenSyncCallback001, TestSize.Level1)
+HWTEST_F(AccessTokenDenyTest, RegisterTokenSyncCallback001, TestSize.Level0)
 {
     std::shared_ptr<TokenSyncKitInterface> callback = std::make_shared<TokenSyncCallbackImpl>();
     EXPECT_EQ(AccessTokenError::ERR_PERMISSION_DENIED, AccessTokenKit::RegisterTokenSyncCallback(callback));
@@ -531,7 +518,7 @@ HWTEST_F(AccessTokenDenyTest, RegisterTokenSyncCallback001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenDenyTest, SetPermDialogCap001, TestSize.Level1)
+HWTEST_F(AccessTokenDenyTest, SetPermDialogCap001, TestSize.Level0)
 {
     HapBaseInfo hapBaseInfo;
     ASSERT_EQ(AccessTokenError::ERR_PERMISSION_DENIED, AccessTokenKit::SetPermDialogCap(hapBaseInfo, true));
@@ -543,7 +530,7 @@ HWTEST_F(AccessTokenDenyTest, SetPermDialogCap001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenDenyTest, GrantPermissionForSpecifiedTime001, TestSize.Level1)
+HWTEST_F(AccessTokenDenyTest, GrantPermissionForSpecifiedTime001, TestSize.Level0)
 {
     AccessTokenID tokenId = 123;
     std::string permission = "permission";
@@ -558,7 +545,7 @@ HWTEST_F(AccessTokenDenyTest, GrantPermissionForSpecifiedTime001, TestSize.Level
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenDenyTest, GetKernelPermissions001, TestSize.Level1)
+HWTEST_F(AccessTokenDenyTest, GetKernelPermissions001, TestSize.Level0)
 {
     AccessTokenID tokenId = 123;
     std::vector<PermissionWithValue> kernelPermList;
diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/accesstoken_location_request_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/accesstoken_location_request_test.cpp
index faaf9209ad2d3f08d9dd5d109554c56deffc679f..e6fdf0ae1712de433b691b1d732f44d345c42f30 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/accesstoken_location_request_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/accesstoken_location_request_test.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1922 Huawei Device Co., Ltd.
+ * Copyright (c) 2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -202,7 +202,7 @@ AccessTokenIDEx AllocHapToken(std::vector<PermissionStateFull>& permissionStateF
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState001, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState001, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateVague10); // {-1,0} {grantStatus, grantFlags}
@@ -210,7 +210,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState001, TestSize.Le
     AccessTokenIDEx tokenIdEx = AllocHapToken(permissionStateFulls, BACKGROUND_LOCATION_API_VERSION);
     AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
     ASSERT_NE(INVALID_TOKENID, tokenID);
-    ASSERT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx));
+    EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx));
 
     PermissionListState permVague1 = {
         .permissionName = "ohos.permission.APPROXIMATELY_LOCATION",
@@ -222,9 +222,10 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState001, TestSize.Le
 
     PermissionGrantInfo info;
     PermissionOper ret = AccessTokenKit::GetSelfPermissionsState(permsList1, info);
-    ASSERT_EQ(DYNAMIC_OPER, ret);
-    ASSERT_EQ(static_cast<uint32_t>(1), permsList1.size());
-    ASSERT_EQ(DYNAMIC_OPER, permsList1[0].state);
+    EXPECT_EQ(DYNAMIC_OPER, ret);
+    EXPECT_EQ(static_cast<uint32_t>(1), permsList1.size());
+    EXPECT_EQ(DYNAMIC_OPER, permsList1[0].state);
+    EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID));
 }
 
 /**
@@ -233,7 +234,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState001, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState002, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState002, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateVague12); // {-1,2}
@@ -267,7 +268,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState002, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState003, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState003, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateVague02); // {0,2}
@@ -301,7 +302,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState003, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState004, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState004, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateAccurate10); // {-1,0}
@@ -335,7 +336,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState004, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState005, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState005, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateAccurate10); // {-1,0}
@@ -370,7 +371,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState005, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState006, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState006, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateBack10); // {-1,0}
@@ -404,7 +405,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState006, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState007, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState007, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateBack10); // {-1,0}
@@ -439,7 +440,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState007, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState008, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState008, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateVague10); // {-1,0}
@@ -480,7 +481,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState008, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState009, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState009, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateVague02); // {0,2}
@@ -520,7 +521,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState009, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState010, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState010, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateVague12); // {-1,2}
@@ -561,7 +562,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState010, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState011, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState011, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateVague02); // {0,2}
@@ -602,7 +603,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState011, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState012, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState012, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateVague10); // {-1,0}
@@ -653,7 +654,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState012, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState013, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState013, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateVague02); // {0,2}
@@ -703,7 +704,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState013, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState014, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState014, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateVague12); // {-1,2}
@@ -753,7 +754,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState014, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState015, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState015, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateVague02); // {0,2}
@@ -803,7 +804,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState015, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState016, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState016, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateAccurate10); // {-1,0}
@@ -854,7 +855,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState016, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState017, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState017, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateVague02); // {0,2}
@@ -906,7 +907,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState017, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState018, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState018, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateVague10); // {-1,0}
@@ -966,7 +967,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState018, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState019, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState019, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateVague02); // {0,2}
@@ -1026,7 +1027,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState019, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState020, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState020, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateVague02); // {0,2}
@@ -1086,7 +1087,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState020, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState021, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState021, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateVague02); // {0,2}
@@ -1144,7 +1145,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState021, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState022, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState022, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateVague02); // {0,2}
@@ -1202,7 +1203,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState022, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState023, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState023, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateVague12); // {-1,2}
@@ -1261,7 +1262,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState023, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState024, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState024, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateVague12); // {-1,2}
@@ -1327,7 +1328,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState024, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState025, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState025, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateVague12); // {-1,2}
@@ -1393,7 +1394,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState025, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState026, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState026, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateVague12); // {-1,2}
@@ -1459,7 +1460,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState026, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState027, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState027, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateVague10); // {-1,0}
@@ -1521,7 +1522,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState027, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState028, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState028, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateVague10); // {-1,0}
@@ -1555,7 +1556,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState028, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState029, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState029, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateAccurate10); // {-1,0}
@@ -1589,7 +1590,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState029, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState030, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState030, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateBack10); // {-1,0}
@@ -1623,7 +1624,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState030, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState031, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState031, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateVague10); // {-1,0}
@@ -1664,7 +1665,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState031, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState032, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState032, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateVague10); // {-1,0}
@@ -1705,7 +1706,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState032, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState033, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState033, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateAccurate10); // {-1,0}
@@ -1745,7 +1746,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState033, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState034, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState034, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateVague10); // {-1,0}
@@ -1793,7 +1794,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState034, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState035, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState035, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateVague10); // {-1,0}
@@ -1844,7 +1845,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState035, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState036, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState036, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateVague02); // {0,2}
@@ -1885,7 +1886,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState036, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState037, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState037, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateVague12); // {-1,2}
@@ -1926,7 +1927,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState037, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState038, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState038, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateVague02); // {0,2}
@@ -1967,7 +1968,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState038, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState039, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState039, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateAccurate10); // {-1,0}
@@ -2008,7 +2009,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState039, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState040, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState040, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateVague02); // {0,2}
@@ -2050,7 +2051,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState040, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState041, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState041, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateVague10); // {-1,0}
@@ -2098,7 +2099,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState041, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState042, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState042, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateVague02); // {0,2}
@@ -2146,7 +2147,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState042, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState043, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState043, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateVague02); // {0,2}
@@ -2194,7 +2195,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState043, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState044, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState044, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateVague02); // {0,2}
@@ -2242,7 +2243,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState044, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState045, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState045, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateVague02); // {0,2}
@@ -2290,7 +2291,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState045, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState046, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState046, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateVague12); // {-1,2}
@@ -2338,7 +2339,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState046, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState047, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState047, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateVague12); // {-1,2}
@@ -2386,7 +2387,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState047, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState048, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState048, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateVague12); // {-1,2}
@@ -2434,7 +2435,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState048, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState049, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState049, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateVague12); // {-1,2}
@@ -2482,7 +2483,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState049, TestSize.Le
  * @tc.type: FUNC
  * @tc.require: issueI5NOQI
  */
-HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState050, TestSize.Level1)
+HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState050, TestSize.Level0)
 {
     std::vector<PermissionStateFull> permissionStateFulls;
     permissionStateFulls.emplace_back(g_locationTestStateVague10); // {-1,0}
diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_state_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_state_test.cpp
index e183d79616fbc4dddd2cb9010e5746ad737ec8b4..374e36e69fc20ed726828d97827422d74946b52c 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_state_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_state_test.cpp
@@ -22,7 +22,7 @@ namespace Security {
 namespace AccessToken {
 using namespace testing::ext;
 namespace {
-static const int MAX_PERMISSION_SIZE = 1000;
+static const int MAX_PERMISSION_SIZE = 1024;
 static const std::string TEST_BUNDLE_NAME = "ohos";
 static const int TEST_USER_ID = 0;
 static const std::string LOCATION_PERMISSION = "ohos.permission.LOCATION";
@@ -158,7 +158,7 @@ void GetPermsList2(std::vector<PermissionListState> &permsList2)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState001, TestSize.Level1)
+HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState001, TestSize.Level0)
 {
     AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
     AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
@@ -215,7 +215,7 @@ HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState001, TestSize.Level1
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState002, TestSize.Level1)
+HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState002, TestSize.Level0)
 {
     std::vector<PermissionListState> permsList;
     PermissionGrantInfo info;
@@ -237,7 +237,7 @@ HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState002, TestSize.Level1
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState003, TestSize.Level1)
+HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState003, TestSize.Level0)
 {
     MockNativeToken mock("hdcd");
     std::vector<PermissionListState> permsList3;
@@ -256,7 +256,7 @@ HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState003, TestSize.Level1
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState004, TestSize.Level1)
+HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState004, TestSize.Level0)
 {
     AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
     AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
@@ -277,7 +277,7 @@ HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState004, TestSize.Level1
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState005, TestSize.Level1)
+HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState005, TestSize.Level0)
 {
     std::vector<PermissionListState> permsList4;
     PermissionListState tmp = {
@@ -295,7 +295,7 @@ HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState005, TestSize.Level1
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState006, TestSize.Level1)
+HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState006, TestSize.Level0)
 {
     std::vector<PermissionListState> permsList;
     PermissionListState tmp = {
@@ -379,7 +379,7 @@ HapPolicyParams GetPolicyParam()
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState007, TestSize.Level1)
+HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState007, TestSize.Level0)
 {
     HapPolicyParams policyParam = GetPolicyParam();
     AccessTokenIDEx tokenIdEx = TestCommon::AllocAndGrantHapTokenByTest(g_infoManager, policyParam);
@@ -425,7 +425,7 @@ HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState007, TestSize.Level1
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState008, TestSize.Level1)
+HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState008, TestSize.Level0)
 {
     HapPolicyParams policyParam = GetPolicyParam();
     AccessTokenIDEx tokenIdEx = TestCommon::AllocAndGrantHapTokenByTest(g_infoManager, policyParam);
@@ -494,7 +494,7 @@ HapPolicyParams getHapPolicyLocationParams(const std::vector<std::string>& permi
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState009, TestSize.Level1)
+HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState009, TestSize.Level0)
 {
     std::vector<std::string> permissions = {LOCATION_PERMISSION, APPROXIMATELY_LOCATION_PERMISSION};
     HapPolicyParams policyParam = getHapPolicyLocationParams(permissions);
diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_status_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_status_test.cpp
new file mode 100644
index 0000000000000000000000000000000000000000..f962bcf9781a4fd2550aaa89fd09b5b5286f6d90
--- /dev/null
+++ b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_status_test.cpp
@@ -0,0 +1,560 @@
+/*
+ * Copyright (c) 2025 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#include "get_self_permission_status_test.h"
+#include "access_token_error.h"
+#include "nativetoken_kit.h"
+#include "test_common.h"
+#include "token_setproc.h"
+
+namespace OHOS {
+namespace Security {
+namespace AccessToken {
+using namespace testing::ext;
+namespace {
+static const std::string TEST_BUNDLE_NAME = "ohos";
+static const int TEST_USER_ID = 0;
+static const std::string APPROXIMATELY_LOCATION_PERMISSION = "ohos.permission.APPROXIMATELY_LOCATION";
+static const std::string LOCATION_PERMISSION = "ohos.permission.LOCATION";
+
+PermissionStateFull g_permTestState1 = {
+    .permissionName = APPROXIMATELY_LOCATION_PERMISSION,
+    .isGeneral = true,
+    .resDeviceID = {"local"},
+    .grantStatus = {PermissionState::PERMISSION_DENIED},
+    .grantFlags = {PermissionFlag::PERMISSION_DEFAULT_FLAG},
+};
+
+PermissionStateFull g_permTestState2 = {
+    .permissionName = "ohos.permission.MICROPHONE",
+    .isGeneral = true,
+    .resDeviceID = {"local"},
+    .grantStatus = {PermissionState::PERMISSION_DENIED},
+    .grantFlags = {PermissionFlag::PERMISSION_USER_SET}
+};
+
+PermissionStateFull g_permTestState3 = {
+    .permissionName = "ohos.permission.WRITE_CALENDAR",
+    .isGeneral = true,
+    .resDeviceID = {"local"},
+    .grantStatus = {PermissionState::PERMISSION_DENIED},
+    .grantFlags = {PermissionFlag::PERMISSION_USER_FIXED}
+};
+
+PermissionStateFull g_permTestState4 = {
+    .permissionName = "ohos.permission.READ_IMAGEVIDEO",
+    .isGeneral = true,
+    .resDeviceID = {"local"},
+    .grantStatus = {PermissionState::PERMISSION_GRANTED},
+    .grantFlags = {PermissionFlag::PERMISSION_USER_SET}
+};
+
+PermissionStateFull g_permTestState5 = {
+    .permissionName = LOCATION_PERMISSION,
+    .isGeneral = true,
+    .resDeviceID = {"local"},
+    .grantStatus = {PermissionState::PERMISSION_DENIED},
+    .grantFlags = {PermissionFlag::PERMISSION_DEFAULT_FLAG},
+};
+
+PermissionStateFull g_permTestState6 = {
+    .permissionName = "ohos.permission.READ_CALENDAR",
+    .isGeneral = true,
+    .resDeviceID = {"local"},
+    .grantStatus = {PermissionState::PERMISSION_DENIED},
+    .grantFlags = {PermissionFlag::PERMISSION_DEFAULT_FLAG},
+};
+
+HapPolicyParams g_policy = {
+    .apl = APL_NORMAL,
+    .domain = "domain",
+    .permStateList = {g_permTestState1, g_permTestState2, g_permTestState3, g_permTestState4, g_permTestState5,
+        g_permTestState6}
+};
+
+static uint64_t g_selfTokenId = 0;
+}
+
+void GetSelfPermissionStatusTest::SetUpTestCase()
+{
+    g_selfTokenId = GetSelfTokenID();
+    TestCommon::SetTestEvironment(g_selfTokenId);
+}
+
+void GetSelfPermissionStatusTest::TearDownTestCase()
+{
+    ASSERT_EQ(RET_SUCCESS, SetSelfTokenID(g_selfTokenId));
+    TestCommon::ResetTestEvironment();
+}
+
+void GetSelfPermissionStatusTest::SetUp()
+{
+    HapInfoParams info = {
+        .userID = TEST_USER_ID,
+        .bundleName = TEST_BUNDLE_NAME,
+        .instIndex = 0,
+        .appIDDesc = "appIDDesc",
+        .apiVersion = 20 // 20: api version
+    };
+
+    AccessTokenIDEx tokenIdEx = TestCommon::AllocAndGrantHapTokenByTest(info, g_policy);
+    AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
+    ASSERT_NE(tokenId, INVALID_TOKENID);
+    ASSERT_EQ(RET_SUCCESS, SetSelfTokenID(tokenIdEx.tokenIDEx));
+}
+
+void GetSelfPermissionStatusTest::TearDown()
+{
+    AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
+    AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
+    if (tokenId != INVALID_TOKENID) {
+        EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenId));
+    }
+}
+
+/**
+ * @tc.name: GetSelfPermissionStatus001
+ * @tc.desc: default permission status
+ * @tc.type: FUNC
+ * @tc.require: Issue Number
+ */
+HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus001, TestSize.Level0)
+{
+    AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
+    AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
+    ASSERT_NE(INVALID_TOKENID, tokenID);
+
+    // default flag, user not operation
+    PermissionOper status;
+    int32_t ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status);
+    EXPECT_EQ(RET_SUCCESS, ret);
+    EXPECT_EQ(DYNAMIC_OPER, status);
+
+    // user set DENIED
+    ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.MICROPHONE", status);
+    EXPECT_EQ(RET_SUCCESS, ret);
+    EXPECT_EQ(DYNAMIC_OPER, status);
+
+    // user fixed DENIED
+    ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.WRITE_CALENDAR", status);
+    EXPECT_EQ(RET_SUCCESS, ret);
+    EXPECT_EQ(SETTING_OPER, status);
+
+    // user set GRANTED
+    ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.READ_IMAGEVIDEO", status);
+    EXPECT_EQ(RET_SUCCESS, ret);
+    EXPECT_EQ(PASS_OPER, status);
+
+    // not request permission CAMERA
+    ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.CAMERA", status);
+    EXPECT_EQ(RET_SUCCESS, ret);
+    EXPECT_EQ(INVALID_OPER, status);
+}
+
+/**
+ * @tc.name: GetSelfPermissionStatus002
+ * @tc.desc: forbidden permission status
+ * @tc.type: FUNC
+ * @tc.require: Issue Number
+ */
+HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus002, TestSize.Level0)
+{
+    AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
+    AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
+    ASSERT_NE(INVALID_TOKENID, tokenID);
+
+    {
+        std::vector<std::string> reqPerm;
+        reqPerm.emplace_back("ohos.permission.DISABLE_PERMISSION_DIALOG");
+        MockHapToken mock("GetSelfPermissionStatus002", reqPerm, true);
+
+        HapBaseInfo hapBaseInfo = {
+            .userID = TEST_USER_ID,
+            .bundleName = TEST_BUNDLE_NAME,
+            .instIndex = 0,
+        };
+
+        ASSERT_EQ(0, AccessTokenKit::SetPermDialogCap(hapBaseInfo, true));
+    }
+
+    // default flag, user not operation
+    PermissionOper status;
+    int32_t ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status);
+    EXPECT_EQ(RET_SUCCESS, ret);
+    EXPECT_EQ(FORBIDDEN_OPER, status);
+
+    // user set DENIED
+    ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.MICROPHONE", status);
+    EXPECT_EQ(RET_SUCCESS, ret);
+    EXPECT_EQ(FORBIDDEN_OPER, status);
+
+    // user fixed DENIED
+    ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.WRITE_CALENDAR", status);
+    EXPECT_EQ(RET_SUCCESS, ret);
+    EXPECT_EQ(FORBIDDEN_OPER, status);
+
+    // user set GRANTED
+    ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.READ_IMAGEVIDEO", status);
+    EXPECT_EQ(RET_SUCCESS, ret);
+    EXPECT_EQ(FORBIDDEN_OPER, status);
+
+    // not request permission CAMERA
+    ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.CAMERA", status);
+    EXPECT_EQ(RET_SUCCESS, ret);
+    EXPECT_EQ(INVALID_OPER, status);
+}
+
+/**
+ * @tc.name: GetSelfPermissionStatus003
+ * @tc.desc: grant permission status
+ * @tc.type: FUNC
+ * @tc.require: Issue Number
+ */
+HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus003, TestSize.Level0)
+{
+    AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
+    AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
+    ASSERT_NE(INVALID_TOKENID, tokenID);
+
+    {
+        std::vector<std::string> reqPerm;
+        reqPerm.emplace_back("ohos.permission.GRANT_SENSITIVE_PERMISSIONS");
+        MockHapToken mock("GetSelfPermissionStatus003", reqPerm, true);
+
+        // grant user set
+        ASSERT_EQ(0, AccessTokenKit::GrantPermission(tokenID, APPROXIMATELY_LOCATION_PERMISSION, PERMISSION_USER_SET));
+    }
+
+    // grant permission
+    PermissionOper status;
+    int32_t ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status);
+    EXPECT_EQ(RET_SUCCESS, ret);
+    EXPECT_EQ(PASS_OPER, status);
+
+    // user set DENIED
+    ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.MICROPHONE", status);
+    EXPECT_EQ(RET_SUCCESS, ret);
+    EXPECT_EQ(DYNAMIC_OPER, status);
+
+    // user fixed DENIED
+    ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.WRITE_CALENDAR", status);
+    EXPECT_EQ(RET_SUCCESS, ret);
+    EXPECT_EQ(SETTING_OPER, status);
+
+    // user set GRANTED
+    ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.READ_IMAGEVIDEO", status);
+    EXPECT_EQ(RET_SUCCESS, ret);
+    EXPECT_EQ(PASS_OPER, status);
+
+    // not request permission CAMERA
+    ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.CAMERA", status);
+    EXPECT_EQ(RET_SUCCESS, ret);
+    EXPECT_EQ(INVALID_OPER, status);
+}
+
+/**
+ * @tc.name: GetSelfPermissionStatus004
+ * @tc.desc: revoke user set permission status
+ * @tc.type: FUNC
+ * @tc.require: Issue Number
+ */
+HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus004, TestSize.Level0)
+{
+    AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
+    AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
+    ASSERT_NE(INVALID_TOKENID, tokenID);
+
+    {
+        std::vector<std::string> reqPerm;
+        reqPerm.emplace_back("ohos.permission.REVOKE_SENSITIVE_PERMISSIONS");
+        MockHapToken mock("GetSelfPermissionStatus004", reqPerm, true);
+
+        // revoke user set
+        ASSERT_EQ(0, AccessTokenKit::RevokePermission(tokenID, "ohos.permission.READ_IMAGEVIDEO", PERMISSION_USER_SET));
+    }
+
+    // default flag, user not operation
+    PermissionOper status;
+    int32_t ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status);
+    EXPECT_EQ(RET_SUCCESS, ret);
+    EXPECT_EQ(DYNAMIC_OPER, status);
+
+    // user set DENIED
+    ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.MICROPHONE", status);
+    EXPECT_EQ(RET_SUCCESS, ret);
+    EXPECT_EQ(DYNAMIC_OPER, status);
+
+    // user fixed DENIED
+    ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.WRITE_CALENDAR", status);
+    EXPECT_EQ(RET_SUCCESS, ret);
+    EXPECT_EQ(SETTING_OPER, status);
+
+    // revoke user set
+    ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.READ_IMAGEVIDEO", status);
+    EXPECT_EQ(RET_SUCCESS, ret);
+    EXPECT_EQ(DYNAMIC_OPER, status);
+
+    // not request permission CAMERA
+    ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.CAMERA", status);
+    EXPECT_EQ(RET_SUCCESS, ret);
+    EXPECT_EQ(INVALID_OPER, status);
+}
+
+/**
+ * @tc.name: GetSelfPermissionStatus005
+ * @tc.desc: revoke user fixed permission status
+ * @tc.type: FUNC
+ * @tc.require: Issue Number
+ */
+HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus005, TestSize.Level0)
+{
+    AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
+    AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
+    ASSERT_NE(INVALID_TOKENID, tokenID);
+
+    {
+        std::vector<std::string> reqPerm;
+        reqPerm.emplace_back("ohos.permission.REVOKE_SENSITIVE_PERMISSIONS");
+        MockHapToken mock("GetSelfPermissionStatus005", reqPerm, true);
+
+        // revoke user fixed
+        ASSERT_EQ(0,
+            AccessTokenKit::RevokePermission(tokenID, "ohos.permission.READ_IMAGEVIDEO", PERMISSION_USER_FIXED));
+    }
+
+    // default flag, user not operation
+    PermissionOper status;
+    int32_t ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status);
+    EXPECT_EQ(RET_SUCCESS, ret);
+    EXPECT_EQ(DYNAMIC_OPER, status);
+
+    // user set DENIED
+    ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.MICROPHONE", status);
+    EXPECT_EQ(RET_SUCCESS, ret);
+    EXPECT_EQ(DYNAMIC_OPER, status);
+
+    // user fixed DENIED
+    ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.WRITE_CALENDAR", status);
+    EXPECT_EQ(RET_SUCCESS, ret);
+    EXPECT_EQ(SETTING_OPER, status);
+
+    // revoke user fixed
+    ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.READ_IMAGEVIDEO", status);
+    EXPECT_EQ(RET_SUCCESS, ret);
+    EXPECT_EQ(SETTING_OPER, status);
+
+    // not request permission CAMERA
+    ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.CAMERA", status);
+    EXPECT_EQ(RET_SUCCESS, ret);
+    EXPECT_EQ(INVALID_OPER, status);
+}
+
+/**
+ * @tc.name: GetSelfPermissionStatus006
+ * @tc.desc: invalid permission
+ * @tc.type: FUNC
+ * @tc.require: Issue Number
+ */
+HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus006, TestSize.Level0)
+{
+    AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
+    AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
+    ASSERT_NE(INVALID_TOKENID, tokenID);
+
+    PermissionOper status;
+    // invalid permission
+    int32_t ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.TTTTT", status);
+    EXPECT_EQ(RET_SUCCESS, ret);
+    EXPECT_EQ(INVALID_OPER, status);
+
+    // not request permission
+    ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.ACCESS_NEARLINK", status);
+    EXPECT_EQ(RET_SUCCESS, ret);
+    EXPECT_EQ(INVALID_OPER, status);
+
+    // empty permission
+    std::string testPerm1;
+    ret = AccessTokenKit::GetSelfPermissionStatus(testPerm1, status);
+    EXPECT_EQ(ERR_PARAM_INVALID, ret);
+
+    // oversize permission
+    std::string testPerm2(257, 'a');
+    ret = AccessTokenKit::GetSelfPermissionStatus(testPerm2, status);
+    EXPECT_EQ(ERR_PARAM_INVALID, ret);
+}
+
+/**
+ * @tc.name: GetSelfPermissionStatus007
+ * @tc.desc: location permission test
+ * @tc.type: FUNC
+ * @tc.require: Issue Number
+ */
+HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus007, TestSize.Level0)
+{
+    AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
+    AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
+    ASSERT_NE(INVALID_TOKENID, tokenID);
+
+    // default flag, user not operation
+    PermissionOper status;
+    int32_t ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status);
+    EXPECT_EQ(RET_SUCCESS, ret);
+    EXPECT_EQ(DYNAMIC_OPER, status);
+
+    // APPROXIMATELY_LOCATION not set, LOCATION status is INVALID_OPER
+    ret = AccessTokenKit::GetSelfPermissionStatus(LOCATION_PERMISSION, status);
+    EXPECT_EQ(RET_SUCCESS, ret);
+    EXPECT_EQ(INVALID_OPER, status);
+
+    {
+        std::vector<std::string> reqPerm;
+        reqPerm.emplace_back("ohos.permission.GRANT_SENSITIVE_PERMISSIONS");
+        MockHapToken mock("GetSelfPermissionStatus0071", reqPerm, true);
+
+        // grant user set
+        ASSERT_EQ(0, AccessTokenKit::GrantPermission(tokenID, APPROXIMATELY_LOCATION_PERMISSION, PERMISSION_USER_SET));
+    }
+
+    // grant permission
+    ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status);
+    EXPECT_EQ(RET_SUCCESS, ret);
+    EXPECT_EQ(PASS_OPER, status);
+
+    // APPROXIMATELY_LOCATION already set, LOCATION status is DYNAMIC_OPER
+    ret = AccessTokenKit::GetSelfPermissionStatus(LOCATION_PERMISSION, status);
+    EXPECT_EQ(RET_SUCCESS, ret);
+    EXPECT_EQ(DYNAMIC_OPER, status);
+
+    {
+        std::vector<std::string> reqPerm;
+        reqPerm.emplace_back("ohos.permission.GRANT_SENSITIVE_PERMISSIONS");
+        MockHapToken mock("GetSelfPermissionStatus0072", reqPerm, true);
+
+        // grant user set
+        ASSERT_EQ(0, AccessTokenKit::GrantPermission(tokenID, LOCATION_PERMISSION, PERMISSION_USER_SET));
+    }
+
+    // grant permission
+    ret = AccessTokenKit::GetSelfPermissionStatus(LOCATION_PERMISSION, status);
+    EXPECT_EQ(RET_SUCCESS, ret);
+    EXPECT_EQ(PASS_OPER, status);
+}
+
+/**
+ * @tc.name: GetSelfPermissionStatus008
+ * @tc.desc: only change flag
+ * @tc.type: FUNC
+ * @tc.require: Issue Number
+ */
+HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus008, TestSize.Level0)
+{
+    AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
+    AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
+    ASSERT_NE(INVALID_TOKENID, tokenID);
+
+    // default flag, user not operation
+    PermissionOper status;
+    int32_t ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status);
+    EXPECT_EQ(RET_SUCCESS, ret);
+    EXPECT_EQ(DYNAMIC_OPER, status);
+
+    {
+        std::vector<std::string> reqPerm;
+        reqPerm.emplace_back("ohos.permission.GRANT_SENSITIVE_PERMISSIONS");
+        MockHapToken mock("GetSelfPermissionStatus0081", reqPerm, true);
+
+        // grant user set
+        ASSERT_EQ(0, AccessTokenKit::GrantPermission(tokenID, APPROXIMATELY_LOCATION_PERMISSION, PERMISSION_USER_SET));
+    }
+
+    // grant permission
+    ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status);
+    EXPECT_EQ(RET_SUCCESS, ret);
+    EXPECT_EQ(PASS_OPER, status);
+
+    {
+        std::vector<std::string> reqPerm;
+        reqPerm.emplace_back("ohos.permission.REVOKE_SENSITIVE_PERMISSIONS");
+        MockHapToken mock("GetSelfPermissionStatus0082", reqPerm, true);
+
+        // revoke user fixed
+        ASSERT_EQ(0, AccessTokenKit::RevokePermission(
+            tokenID, APPROXIMATELY_LOCATION_PERMISSION, PERMISSION_USER_FIXED));
+    }
+
+    // revoke permission
+    ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status);
+    EXPECT_EQ(RET_SUCCESS, ret);
+    EXPECT_EQ(SETTING_OPER, status);
+
+    {
+        std::vector<std::string> reqPerm;
+        reqPerm.emplace_back("ohos.permission.REVOKE_SENSITIVE_PERMISSIONS");
+        MockHapToken mock("GetSelfPermissionStatus0083", reqPerm, true);
+
+        // revoke to default flag
+        ASSERT_EQ(0, AccessTokenKit::RevokePermission(
+            tokenID, APPROXIMATELY_LOCATION_PERMISSION, PERMISSION_DEFAULT_FLAG));
+    }
+
+    ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status);
+    EXPECT_EQ(RET_SUCCESS, ret);
+    EXPECT_EQ(DYNAMIC_OPER, status);
+}
+
+/**
+ * @tc.name: GetSelfPermissionStatus009
+ * @tc.desc: test permission group
+ * @tc.type: FUNC
+ * @tc.require: Issue Number
+ */
+HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus009, TestSize.Level0)
+{
+    AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
+    AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
+    ASSERT_NE(INVALID_TOKENID, tokenID);
+
+    PermissionOper status;
+    
+    // default
+    int32_t ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.READ_CALENDAR", status);
+    EXPECT_EQ(RET_SUCCESS, ret);
+    EXPECT_EQ(DYNAMIC_OPER, status);
+
+    // default denied
+    ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.WRITE_CALENDAR", status);
+    EXPECT_EQ(RET_SUCCESS, ret);
+    EXPECT_EQ(SETTING_OPER, status);
+
+    {
+        std::vector<std::string> reqPerm;
+        reqPerm.emplace_back("ohos.permission.GRANT_SENSITIVE_PERMISSIONS");
+        MockHapToken mock("GetSelfPermissionStatus009", reqPerm, true);
+
+        // grant user set
+        ASSERT_EQ(0, AccessTokenKit::GrantPermission(tokenID, "ohos.permission.WRITE_CALENDAR", PERMISSION_USER_SET));
+    }
+
+    ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.READ_CALENDAR", status);
+    EXPECT_EQ(RET_SUCCESS, ret);
+    EXPECT_EQ(DYNAMIC_OPER, status);
+
+    // no change
+    ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.WRITE_CALENDAR", status);
+    EXPECT_EQ(RET_SUCCESS, ret);
+    EXPECT_EQ(PASS_OPER, status);
+}
+} // namespace AccessToken
+} // namespace Security
+} // namespace OHOS
diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/check_permission_map_test.h b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_status_test.h
similarity index 67%
rename from interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/check_permission_map_test.h
rename to interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_status_test.h
index f539a211d5ff1d782c6dee3996d79b4850584013..58ee97f3ef33df1a0083627c6f1f7068d87b90fa 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/check_permission_map_test.h
+++ b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_status_test.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Copyright (c) 2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -13,8 +13,8 @@
  * limitations under the License.
  */
 
-#ifndef CHECK_PERMISSION_MAP_TEST_H
-#define CHECK_PERMISSION_MAP_TEST_H
+#ifndef GET_SELF_PERMISSION_STATUS_TEST_H
+#define GET_SELF_PERMISSION_STATUS_TEST_H
 
 #include <gtest/gtest.h>
 
@@ -22,24 +22,21 @@
 #include "accesstoken_kit.h"
 #include "permission_def.h"
 #include "permission_state_full.h"
-#include "nocopyable.h"
-#include "permission_def.h"
 
 namespace OHOS {
 namespace Security {
 namespace AccessToken {
-struct PermissionDefParseRet {
-    PermissionDef permDef;
-    bool isSuccessful = false;
-};
-class CheckPermissionMapTest : public testing::Test {
+class GetSelfPermissionStatusTest : public testing::Test {
 public:
     static void SetUpTestCase();
     static void TearDownTestCase();
     void SetUp();
     void TearDown();
+    unsigned int GetAccessTokenID(int userID, std::string bundleName, int instIndex);
+    AccessTokenID AllocTestToken(const HapInfoParams& hapInfo, const HapPolicyParams& hapPolicy) const;
+    void DeleteTestToken() const;
 };
 } // namespace AccessToken
 } // namespace Security
 } // namespace OHOS
-#endif // CHECK_PERMISSION_MAP_TEST_H
\ No newline at end of file
+#endif // GET_SELF_PERMISSION_STATUS_TEST_H
diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/request_permission_on_setting_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/request_permission_on_setting_test.cpp
index 4d022d65e94db9c8bd5a82202729a93456c839fb..120bfdee873815c3e61cf8fcabceee41161e2e45 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/request_permission_on_setting_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/request_permission_on_setting_test.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1922 Huawei Device Co., Ltd.
+ * Copyright (c) 2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -57,13 +57,12 @@ void RequestPermissionOnSettingTest::TearDown()
 HWTEST_F(RequestPermissionOnSettingTest, RequestAppPermOnSettingTest001, TestSize.Level1)
 {
     std::vector<std::string> reqPerm;
-    MockHapToken mock("RequestPermissionOnSettingTest", reqPerm, true);
+    MockHapToken mock("RequestAppPermOnSettingTest001", reqPerm, true);
 
     // invalid tokenID in client
     uint64_t tokenID = 0;
     ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, AccessTokenKit::RequestAppPermOnSetting(tokenID));
 
-        GTEST_LOG_(INFO) << "------------2,  tokenID is " << GetSelfTokenID();
     tokenID = 123; // 123: invalid token
     ASSERT_EQ(AccessTokenError::ERR_TOKENID_NOT_EXIST, AccessTokenKit::RequestAppPermOnSetting(tokenID));
 }
@@ -77,7 +76,7 @@ HWTEST_F(RequestPermissionOnSettingTest, RequestAppPermOnSettingTest001, TestSiz
 HWTEST_F(RequestPermissionOnSettingTest, RequestAppPermOnSettingTest002, TestSize.Level0)
 {
     std::vector<std::string> reqPerm;
-    MockHapToken("RequestPermissionOnSettingTest", reqPerm, false);
+    MockHapToken mock("RequestAppPermOnSettingTest002", reqPerm, false);
 
     AccessTokenID tokenID = 123;
     ASSERT_EQ(ERR_NOT_SYSTEM_APP, AccessTokenKit::RequestAppPermOnSetting(tokenID));
@@ -92,7 +91,7 @@ HWTEST_F(RequestPermissionOnSettingTest, RequestAppPermOnSettingTest002, TestSiz
 HWTEST_F(RequestPermissionOnSettingTest, RequestAppPermOnSettingTest003, TestSize.Level0)
 {
     std::vector<std::string> reqPerm;
-    MockHapToken("RequestPermissionOnSettingTest", reqPerm, true);
+    MockHapToken mock("RequestAppPermOnSettingTest003", reqPerm, true);
 
     HapInfoParams infoManager = {
         .userID = 1,
@@ -121,7 +120,7 @@ HWTEST_F(RequestPermissionOnSettingTest, RequestAppPermOnSettingTest003, TestSiz
     ASSERT_NE(INVALID_TOKENID, tokenID);
     AccessTokenKit::RequestAppPermOnSetting(tokenID);
 
-    ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID));
+    EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID));
 }
 
 /**
@@ -133,7 +132,7 @@ HWTEST_F(RequestPermissionOnSettingTest, RequestAppPermOnSettingTest003, TestSiz
 HWTEST_F(RequestPermissionOnSettingTest, RequestAppPermOnSettingTest004, TestSize.Level0)
 {
     std::vector<std::string> reqPerm;
-    MockHapToken("RequestPermissionOnSettingTest", reqPerm, true);
+    MockHapToken mock("RequestAppPermOnSettingTest004", reqPerm, true);
 
     AccessTokenKit::RequestAppPermOnSetting(GetSelfTokenID());
 }
diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/set_perm_dialog_cap_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/set_perm_dialog_cap_test.cpp
index 3d6bab78ea08f30334c159604fc5322baaafc774..6f9c1ecdf3b5fdf95e50190343987fd786bc961a 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/set_perm_dialog_cap_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/set_perm_dialog_cap_test.cpp
@@ -21,7 +21,6 @@
 #include "access_token.h"
 #include "access_token_error.h"
 #include "accesstoken_common_log.h"
-#include "accesstoken_service_ipc_interface_code.h"
 #include "permission_grant_info.h"
 #include "permission_state_change_info_parcel.h"
 #include "string_ex.h"
@@ -84,7 +83,7 @@ void SetPermDialogCapTest::TearDown()
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(SetPermDialogCapTest, SetPermDialogCapAbnormalTest001, TestSize.Level1)
+HWTEST_F(SetPermDialogCapTest, SetPermDialogCapAbnormalTest001, TestSize.Level0)
 {
     std::vector<std::string> reqPerm;
     reqPerm.emplace_back("ohos.permission.DISABLE_PERMISSION_DIALOG");
@@ -107,11 +106,11 @@ HWTEST_F(SetPermDialogCapTest, SetPermDialogCapAbnormalTest001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(SetPermDialogCapTest, SetPermDialogCapFuncTest001, TestSize.Level1)
+HWTEST_F(SetPermDialogCapTest, SetPermDialogCapFuncTest001, TestSize.Level0)
 {
     std::vector<std::string> reqPerm;
     reqPerm.emplace_back("ohos.permission.DISABLE_PERMISSION_DIALOG");
-    MockHapToken mock("SetPermDialogCapAbnormalTest001", reqPerm, true);
+    MockHapToken mock("SetPermDialogCapFuncTest001", reqPerm, true);
     uint64_t selfToken = GetSelfTokenID();
 
     LOGI(ATM_DOMAIN, ATM_TAG, "SetPermDialogCapFuncTest001");
@@ -132,19 +131,19 @@ HWTEST_F(SetPermDialogCapTest, SetPermDialogCapFuncTest001, TestSize.Level1)
     permsList.emplace_back(tmp);
 
     // test dialog is forbiddedn
-    ASSERT_EQ(RET_SUCCESS, AccessTokenKit::SetPermDialogCap(hapBaseInfo, true));
-    ASSERT_EQ(RET_SUCCESS, SetSelfTokenID(tokenIdEx.tokenIDEx));
+    EXPECT_EQ(RET_SUCCESS, AccessTokenKit::SetPermDialogCap(hapBaseInfo, true));
+    EXPECT_EQ(RET_SUCCESS, SetSelfTokenID(tokenIdEx.tokenIDEx));
     PermissionGrantInfo info;
-    ASSERT_EQ(FORBIDDEN_OPER, AccessTokenKit::GetSelfPermissionsState(permsList, info));
-    ASSERT_EQ(RET_SUCCESS, SetSelfTokenID(selfToken));
+    EXPECT_EQ(FORBIDDEN_OPER, AccessTokenKit::GetSelfPermissionsState(permsList, info));
+    EXPECT_EQ(RET_SUCCESS, SetSelfTokenID(selfToken));
 
     // test dialog is not forbiddedn
-    ASSERT_EQ(RET_SUCCESS, AccessTokenKit::SetPermDialogCap(hapBaseInfo, false));
-    ASSERT_EQ(RET_SUCCESS, SetSelfTokenID(tokenIdEx.tokenIDEx));
+    EXPECT_EQ(RET_SUCCESS, AccessTokenKit::SetPermDialogCap(hapBaseInfo, false));
+    EXPECT_EQ(RET_SUCCESS, SetSelfTokenID(tokenIdEx.tokenIDEx));
     ASSERT_NE(FORBIDDEN_OPER, AccessTokenKit::GetSelfPermissionsState(permsList, info));
-    ASSERT_EQ(RET_SUCCESS, SetSelfTokenID(selfToken));
+    EXPECT_EQ(RET_SUCCESS, SetSelfTokenID(selfToken));
 
-    ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID));
+    EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID));
 }
 } // namespace AccessToken
 } // namespace Security
diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/check_permission_map_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/check_permission_map_test.cpp
deleted file mode 100644
index bb184830e179035be8aa91a96ec79405284716d9..0000000000000000000000000000000000000000
--- a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/check_permission_map_test.cpp
+++ /dev/null
@@ -1,227 +0,0 @@
-/*
- * Copyright (c) 2024 Huawei Device Co., Ltd.
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include "check_permission_map_test.h"
-#include "gtest/gtest.h"
-#include <fcntl.h>
-#include <cstdint>
-#include <memory>
-#include <string>
-#include <sys/stat.h>
-#include <sys/types.h>
-#include <cstdio>
-#include <cstdlib>
-
-#include "access_token.h"
-#include "cJSON.h"
-
-#include "permission_def.h"
-#include "permission_map.h"
-
-using namespace testing::ext;
-typedef cJSON CJson;
-typedef std::unique_ptr<CJson, std::function<void(CJson *ptr)>> CJsonUnique;
-namespace OHOS {
-namespace Security {
-namespace AccessToken {
-namespace {
-static const std::string DEFINE_PERMISSION_FILE = "/system/etc/access_token/permission_definitions.json";
-static const std::string SYSTEM_GRANT_DEFINE_PERMISSION = "systemGrantPermissions";
-static const std::string USER_GRANT_DEFINE_PERMISSION = "userGrantPermissions";
-static const std::string PERMISSION_GRANT_MODE_SYSTEM_GRANT = "system_grant";
-constexpr int32_t MAX_NATIVE_CONFIG_FILE_SIZE = 5 * 1024 * 1024; // 5M
-constexpr size_t BUFFER_SIZE = 1024;
-constexpr uint32_t ACCESS_TOKEN_UID = 3020;
-}
-
-void CheckPermissionMapTest::SetUpTestCase()
-{
-}
-
-void CheckPermissionMapTest::TearDownTestCase()
-{
-}
-
-void CheckPermissionMapTest::SetUp()
-{
-}
-
-void CheckPermissionMapTest::TearDown()
-{
-}
-
-static int32_t GetPermissionGrantMode(const std::string &mode)
-{
-    if (mode == PERMISSION_GRANT_MODE_SYSTEM_GRANT) {
-        return AccessToken::GrantMode::SYSTEM_GRANT;
-    }
-    return AccessToken::GrantMode::USER_GRANT;
-}
-
-static bool ReadCfgFile(const std::string& file, std::string& rawData)
-{
-    int32_t selfUid = getuid();
-    setuid(ACCESS_TOKEN_UID);
-    char filePath[PATH_MAX] = {0};
-    if (realpath(file.c_str(), filePath) == NULL) {
-        setuid(selfUid);
-        return false;
-    }
-    int32_t fd = open(filePath, O_RDONLY);
-    if (fd < 0) {
-        setuid(selfUid);
-        return false;
-    }
-    struct stat statBuffer;
-
-    if (fstat(fd, &statBuffer) != 0) {
-        close(fd);
-        setuid(selfUid);
-        return false;
-    }
-
-    if (statBuffer.st_size == 0) {
-        close(fd);
-        setuid(selfUid);
-        return false;
-    }
-    if (statBuffer.st_size > MAX_NATIVE_CONFIG_FILE_SIZE) {
-        close(fd);
-        setuid(selfUid);
-        return false;
-    }
-    rawData.reserve(statBuffer.st_size);
-
-    char buff[BUFFER_SIZE] = { 0 };
-    ssize_t readLen = 0;
-    while ((readLen = read(fd, buff, BUFFER_SIZE)) > 0) {
-        rawData.append(buff, readLen);
-    }
-    close(fd);
-    setuid(selfUid);
-    return true;
-}
-
-void FreeJson(CJson* jsonObj)
-{
-    cJSON_Delete(jsonObj);
-    jsonObj = nullptr;
-}
-
-CJsonUnique CreateJsonFromString(const std::string& jsonStr)
-{
-    if (jsonStr.empty()) {
-        CJsonUnique aPtr(cJSON_CreateObject(), FreeJson);
-        return aPtr;
-    }
-    CJsonUnique aPtr(cJSON_Parse(jsonStr.c_str()), FreeJson);
-    return aPtr;
-}
-
-static CJson* GetArrayFromJson(const CJson* jsonObj, const std::string& key)
-{
-    if (key.empty()) {
-        return nullptr;
-    }
-
-    CJson* objValue = cJSON_GetObjectItemCaseSensitive(jsonObj, key.c_str());
-    if (objValue != nullptr && cJSON_IsArray(objValue)) {
-        return objValue;
-    }
-    return nullptr;
-}
-
-bool GetStringFromJson(const CJson *jsonObj, const std::string& key, std::string& out)
-{
-    if (jsonObj == nullptr || key.empty()) {
-        return false;
-    }
-
-    cJSON *jsonObjTmp = cJSON_GetObjectItemCaseSensitive(jsonObj, key.c_str());
-    if (jsonObjTmp != nullptr && cJSON_IsString(jsonObjTmp)) {
-        out = cJSON_GetStringValue(jsonObjTmp);
-        return true;
-    }
-    return false;
-}
-
-static bool GetPermissionDefList(const CJsonUnique &json, const std::string& permsRawData,
-    const std::string& type, std::vector<PermissionDef>& permDefList)
-{
-    cJSON *permDefObj = GetArrayFromJson(json.get(), type);
-    if (permDefObj == nullptr) {
-        return false;
-    }
-    CJson *j = nullptr;
-    cJSON_ArrayForEach(j, permDefObj) {
-        PermissionDef result;
-        GetStringFromJson(j, "name", result.permissionName);
-        std::string grantModeStr = "";
-        GetStringFromJson(j, "grantMode", grantModeStr);
-        result.grantMode = GetPermissionGrantMode(grantModeStr);
-        permDefList.emplace_back(result);
-    }
-    return true;
-}
-
-static bool ParserPermsRawData(const std::string& permsRawData,
-    std::vector<PermissionDef>& permDefList)
-{
-    CJsonUnique jsonRes = CreateJsonFromString(permsRawData);
-    if (jsonRes == nullptr) {
-        return false;
-    }
-
-    bool ret = GetPermissionDefList(jsonRes, permsRawData, SYSTEM_GRANT_DEFINE_PERMISSION, permDefList);
-    if (!ret) {
-        return false;
-    }
-
-    return GetPermissionDefList(jsonRes, permsRawData, USER_GRANT_DEFINE_PERMISSION, permDefList);
-}
-
-/**
- * @tc.name: CheckPermissionMapFuncTest001
- * @tc.desc: Check if permissions in permission_definitions.json are consistent with g_permMap in permission_map.cpp
- * @tc.type: FUNC
- * @tc.require:
- */
-HWTEST_F(CheckPermissionMapTest, CheckPermissionMapFuncTest001, TestSize.Level1)
-{
-    std::string permsRawData;
-    EXPECT_TRUE(ReadCfgFile(DEFINE_PERMISSION_FILE, permsRawData));
-
-    std::vector<PermissionDef> permDefList;
-    EXPECT_TRUE(ParserPermsRawData(permsRawData, permDefList));
-
-    uint32_t opCode;
-    for (const auto& perm : permDefList) {
-        // Check if permissions exist
-        bool isExsit = TransferPermissionToOpcode(perm.permissionName, opCode);
-        if (!isExsit) {
-            GTEST_LOG_(INFO) << "permission name is " << perm.permissionName;
-        }
-        EXPECT_TRUE(isExsit);
-        // Check true-user_grant/false-system_grant
-        if (perm.grantMode == AccessToken::GrantMode::USER_GRANT) {
-            EXPECT_TRUE(IsUserGrantPermission(perm.permissionName));
-        } else if (perm.grantMode == AccessToken::GrantMode::SYSTEM_GRANT) {
-            EXPECT_FALSE(IsUserGrantPermission(perm.permissionName));
-        }
-    }
-}
-} // namespace AccessToken
-} // namespace Security
-} // namespace OHOS
\ No newline at end of file
diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/clear_user_granted__permission_state_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/clear_user_granted__permission_state_test.cpp
index 636cbcb4231dfc08b323bf09e4544e9b530e32cb..bc84fa973db4ea8670e09a6c45c7e8736922d938 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/clear_user_granted__permission_state_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/clear_user_granted__permission_state_test.cpp
@@ -20,7 +20,7 @@
 #include "access_token.h"
 #include "access_token_error.h"
 #include "accesstoken_common_log.h"
-#include "accesstoken_service_ipc_interface_code.h"
+#include "iaccess_token_manager.h"
 #include "test_common.h"
 #include "permission_grant_info.h"
 #include "permission_state_change_info_parcel.h"
diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/get_permission_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/get_permission_test.cpp
index 69aa3bb99bc01e1dcf641daf73b585fd51fd599f..7fefd43df7226fa4042c2a06e848b6fcb269adf9 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/get_permission_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/get_permission_test.cpp
@@ -20,7 +20,7 @@
 #include "access_token.h"
 #include "access_token_error.h"
 #include "accesstoken_common_log.h"
-#include "accesstoken_service_ipc_interface_code.h"
+#include "iaccess_token_manager.h"
 #include "permission_grant_info.h"
 #include "permission_state_change_info_parcel.h"
 #include "string_ex.h"
@@ -106,21 +106,15 @@ void GetPermissionTest::TearDown()
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(GetPermissionTest, GetPermissionUsedTypeAbnormalTest001, TestSize.Level1)
+HWTEST_F(GetPermissionTest, GetPermissionUsedTypeAbnormalTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GetPermissionUsedTypeAbnormalTest001");
     std::string permisson = "ohos.permission.CAMERA";
-#ifndef ATM_BUILD_VARIANT_USER_ENABLE
     // caller is not native, IsPrivilegedCalling return false(uid != accesstoken_uid)
     int32_t selfUid = getuid();
     setuid(1);
     EXPECT_EQ(PermUsedTypeEnum::INVALID_USED_TYPE, AccessTokenKit::GetPermissionUsedType(g_selfTokenId, permisson));
     setuid(selfUid);
-#else
-    // caller is not native, IsPrivilegedCalling return false
-    EXPECT_EQ(PermUsedTypeEnum::INVALID_USED_TYPE,
-        AccessTokenKit::GetPermissionUsedType(g_selfTokenId, permisson));
-#endif
 }
 
 /**
@@ -129,14 +123,14 @@ HWTEST_F(GetPermissionTest, GetPermissionUsedTypeAbnormalTest001, TestSize.Level
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(GetPermissionTest, GetPermissionUsedTypeAbnormalTest002, TestSize.Level1)
+HWTEST_F(GetPermissionTest, GetPermissionUsedTypeAbnormalTest002, TestSize.Level0)
 {
-    LOGI(ATM_DOMAIN, ATM_TAG, "GetPermissionUsedTypeAbnormalTest001");
+    LOGI(ATM_DOMAIN, ATM_TAG, "GetPermissionUsedTypeAbnormalTest002");
 
     std::string accessBluetooth = "ohos.permission.ACCESS_BLUETOOTH";
     std::vector<std::string> reqPerm;
     reqPerm.emplace_back(accessBluetooth);
-    MockHapToken mockHap("GetPermissionUsedTypeAbnormalTest001", reqPerm, true);
+    MockHapToken mockHap("GetPermissionUsedTypeAbnormalTest002", reqPerm, true);
     AccessTokenID tokenID = GetSelfTokenID(); // get hap tokenId
     ASSERT_NE(INVALID_TOKENID, tokenID);
 
@@ -167,7 +161,7 @@ HWTEST_F(GetPermissionTest, GetPermissionUsedTypeAbnormalTest002, TestSize.Level
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(GetPermissionTest, GetPermissionUsedTypeFuncTest001, TestSize.Level1)
+HWTEST_F(GetPermissionTest, GetPermissionUsedTypeFuncTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GetPermissionUsedTypeFuncTest001");
 
@@ -217,7 +211,7 @@ HWTEST_F(GetPermissionTest, GetPermissionUsedTypeFuncTest001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(GetPermissionTest, GetDefPermissionFuncTest001, TestSize.Level1)
+HWTEST_F(GetPermissionTest, GetDefPermissionFuncTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GetDefPermissionFuncTest001");
 
@@ -251,7 +245,7 @@ HWTEST_F(GetPermissionTest, GetDefPermissionFuncTest001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(GetPermissionTest, GetReqPermissionsFuncTest001, TestSize.Level1)
+HWTEST_F(GetPermissionTest, GetReqPermissionsFuncTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GetReqPermissionsFuncTest001");
     std::vector<std::string> reqPerm;
@@ -277,7 +271,7 @@ HWTEST_F(GetPermissionTest, GetReqPermissionsFuncTest001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(GetPermissionTest, GetReqPermissionsFuncTest002, TestSize.Level1)
+HWTEST_F(GetPermissionTest, GetReqPermissionsFuncTest002, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GetReqPermissionsFuncTest002");
     std::vector<std::string> reqPerm;
@@ -303,7 +297,7 @@ HWTEST_F(GetPermissionTest, GetReqPermissionsFuncTest002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(GetPermissionTest, GetReqPermissionsFuncTest003, TestSize.Level1)
+HWTEST_F(GetPermissionTest, GetReqPermissionsFuncTest003, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GetReqPermissionsFuncTest003");
     std::vector<std::string> reqPerm;
@@ -374,12 +368,12 @@ HWTEST_F(GetPermissionTest, GetReqPermissionsFuncTest004, TestSize.Level0)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(GetPermissionTest, GetReqPermissionsAbnormalTest001, TestSize.Level1)
+HWTEST_F(GetPermissionTest, GetReqPermissionsAbnormalTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GetReqPermissionsAbnormalTest001");
     std::vector<std::string> reqPerm;
     reqPerm.emplace_back("ohos.permission.GET_SENSITIVE_PERMISSIONS");
-    MockHapToken mockHap("GetReqPermissionsFuncTest002", reqPerm, true);
+    MockHapToken mockHap("GetReqPermissionsAbnormalTest001", reqPerm, true);
 
     AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
     AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
@@ -407,7 +401,7 @@ HWTEST_F(GetPermissionTest, GetReqPermissionsSpecTest001, TestSize.Level0)
     LOGI(ATM_DOMAIN, ATM_TAG, "GetReqPermissionsSpecTest001");
     std::vector<std::string> reqPerm;
     reqPerm.emplace_back("ohos.permission.GET_SENSITIVE_PERMISSIONS");
-    MockHapToken mockHap("GetReqPermissionsFuncTest002", reqPerm, true);
+    MockHapToken mockHap("GetReqPermissionsSpecTest001", reqPerm, true);
 
     AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
     AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
@@ -427,7 +421,7 @@ HWTEST_F(GetPermissionTest, GetReqPermissionsSpecTest001, TestSize.Level0)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(GetPermissionTest, GetPermissionManagerInfoFuncTest001, TestSize.Level1)
+HWTEST_F(GetPermissionTest, GetPermissionManagerInfoFuncTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GetPermissionManagerInfoFuncTest001");
 
@@ -442,7 +436,7 @@ HWTEST_F(GetPermissionTest, GetPermissionManagerInfoFuncTest001, TestSize.Level1
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(GetPermissionTest, GetTokenIDByUserID001, TestSize.Level1)
+HWTEST_F(GetPermissionTest, GetTokenIDByUserID001, TestSize.Level0)
 {
     MockNativeToken mock("accesstoken_service");
     int32_t userID = -1;
@@ -462,70 +456,19 @@ HWTEST_F(GetPermissionTest, GetTokenIDByUserID001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(GetPermissionTest, ReloadNativeTokenInfo001, TestSize.Level1)
+HWTEST_F(GetPermissionTest, ReloadNativeTokenInfo001, TestSize.Level0)
 {
     int32_t ret = AccessTokenKit::ReloadNativeTokenInfo();
     ASSERT_EQ(RET_SUCCESS, ret);
 }
 
-#ifndef ATM_BUILD_VARIANT_USER_ENABLE
-uint64_t GetNativeTokenTest(const char *processName, const char **perms, int32_t permNum)
-{
-    uint64_t tokenId;
-    NativeTokenInfoParams infoInstance = {
-        .dcapsNum = 0,
-        .permsNum = permNum,
-        .aclsNum = 0,
-        .dcaps = nullptr,
-        .perms = perms,
-        .acls = nullptr,
-        .aplStr = "system_core",
-        .processName = processName,
-    };
-
-    tokenId = GetAccessTokenId(&infoInstance);
-    AccessTokenKit::ReloadNativeTokenInfo();
-    return tokenId;
-}
-
-/**
- * @tc.name: ReloadNativeTokenInfo002
- * @tc.desc: ReloadNativeTokenInfo with same bundlename twicely.
- * @tc.type: FUNC
- * @tc.require: Issue Number
- */
-HWTEST_F(GetPermissionTest, ReloadNativeTokenInfo002, TestSize.Level1)
-{
-    const char **perms = new const char *[1];
-    perms[0] = "ohos.permission.MANAGE_HAP_TOKENID";
-    uint64_t token1 = GetNativeTokenTest("TestCase_core", perms, 1);
-    ASSERT_NE(INVALID_TOKENID, token1);
-    ASSERT_EQ(
-        PERMISSION_GRANTED, AccessTokenKit::VerifyAccessToken(token1, "ohos.permission.MANAGE_HAP_TOKENID", false));
-
-    uint64_t token2 = GetNativeTokenTest("TestCase_core", nullptr, 0);
-    ASSERT_NE(INVALID_TOKENID, token2);
-
-    ASSERT_EQ(token1, token2);
-    ASSERT_EQ(
-        PERMISSION_DENIED, AccessTokenKit::VerifyAccessToken(token2, "ohos.permission.MANAGE_HAP_TOKENID", false));
-
-    uint64_t token3 = GetNativeTokenTest("TestCase_core", perms, 1);
-    ASSERT_NE(INVALID_TOKENID, token3);
-
-    ASSERT_EQ(token1, token3);
-    ASSERT_EQ(
-        PERMISSION_GRANTED, AccessTokenKit::VerifyAccessToken(token3, "ohos.permission.MANAGE_HAP_TOKENID", false));
-}
-#endif
-
 /**
  * @tc.name: GetKernelPermissionTest001
  * @tc.desc:
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(GetPermissionTest, GetKernelPermissionTest001, TestSize.Level1)
+HWTEST_F(GetPermissionTest, GetKernelPermissionTest001, TestSize.Level0)
 {
     std::vector<PermissionWithValue> kernelPermList;
     {
@@ -551,7 +494,7 @@ HWTEST_F(GetPermissionTest, GetKernelPermissionTest001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(GetPermissionTest, GetReqPermissionByNameTest001, TestSize.Level1)
+HWTEST_F(GetPermissionTest, GetReqPermissionByNameTest001, TestSize.Level0)
 {
     std::string value;
     std::vector<PermissionWithValue> kernelPermList;
diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/grant_permission_for_specified_time_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/grant_permission_for_specified_time_test.cpp
index 892426db406c8899f9d5bc8653709733ea8522be..e61f22b39204becda3df7175d435fc3bedf6e13f 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/grant_permission_for_specified_time_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/grant_permission_for_specified_time_test.cpp
@@ -103,7 +103,7 @@ void GrantPermissionForSpecifiedTimeTest::TearDown()
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(GrantPermissionForSpecifiedTimeTest, GrantPermissionForSpecifiedTimeAbnormalTest001, TestSize.Level1)
+HWTEST_F(GrantPermissionForSpecifiedTimeTest, GrantPermissionForSpecifiedTimeAbnormalTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GrantPermissionForSpecifiedTimeAbnormalTest001");
     AccessTokenID tokenId = INVALID_TOKENID;
@@ -141,7 +141,7 @@ HWTEST_F(GrantPermissionForSpecifiedTimeTest, GrantPermissionForSpecifiedTimeAbn
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(GrantPermissionForSpecifiedTimeTest, GrantPermissionForSpecifiedTimeAbnormalTest002, TestSize.Level1)
+HWTEST_F(GrantPermissionForSpecifiedTimeTest, GrantPermissionForSpecifiedTimeAbnormalTest002, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GrantPermissionForSpecifiedTimeAbnormalTest002");
     HapPolicyParams policyPrams = g_policyPrams;
@@ -154,8 +154,10 @@ HWTEST_F(GrantPermissionForSpecifiedTimeTest, GrantPermissionForSpecifiedTimeAbn
     ASSERT_NE(INVALID_TOKENID, tokenID);
     uint32_t onceTime = 10; // 10: 10s
 
-    ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID,
+    EXPECT_EQ(AccessTokenError::ERR_PARAM_INVALID,
         AccessTokenKit::GrantPermissionForSpecifiedTime(tokenID, SHORT_TEMP_PERMISSION, onceTime));
+
+    EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID));
 }
 
 /**
@@ -164,7 +166,7 @@ HWTEST_F(GrantPermissionForSpecifiedTimeTest, GrantPermissionForSpecifiedTimeAbn
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(GrantPermissionForSpecifiedTimeTest, GrantPermissionForSpecifiedTimeAbnormalTest003, TestSize.Level1)
+HWTEST_F(GrantPermissionForSpecifiedTimeTest, GrantPermissionForSpecifiedTimeAbnormalTest003, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GrantPermissionForSpecifiedTimeAbnormalTest003");
     AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(
@@ -184,7 +186,7 @@ HWTEST_F(GrantPermissionForSpecifiedTimeTest, GrantPermissionForSpecifiedTimeAbn
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(GrantPermissionForSpecifiedTimeTest, GrantPermissionForSpecifiedTimeAbnormalTest004, TestSize.Level1)
+HWTEST_F(GrantPermissionForSpecifiedTimeTest, GrantPermissionForSpecifiedTimeAbnormalTest004, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GrantPermissionForSpecifiedTimeAbnormalTest004");
     uint64_t selfTokenId = GetSelfTokenID();
@@ -206,7 +208,7 @@ HWTEST_F(GrantPermissionForSpecifiedTimeTest, GrantPermissionForSpecifiedTimeAbn
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(GrantPermissionForSpecifiedTimeTest, GrantPermissionForSpecifiedTimeSpecsTest001, TestSize.Level1)
+HWTEST_F(GrantPermissionForSpecifiedTimeTest, GrantPermissionForSpecifiedTimeSpecsTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GrantPermissionForSpecifiedTimeSpecsTest001");
     AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(
@@ -233,7 +235,7 @@ HWTEST_F(GrantPermissionForSpecifiedTimeTest, GrantPermissionForSpecifiedTimeSpe
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(GrantPermissionForSpecifiedTimeTest, GrantPermissionForSpecifiedTimeSpecsTest002, TestSize.Level1)
+HWTEST_F(GrantPermissionForSpecifiedTimeTest, GrantPermissionForSpecifiedTimeSpecsTest002, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GrantPermissionForSpecifiedTimeSpecsTest002");
     AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(
diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/grant_permission_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/grant_permission_test.cpp
index 3c5538bef7124c65c7c5da3e844db254d27a8fbf..31262f12904066e3d69c28be75dfa366144f5d0f 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/grant_permission_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/grant_permission_test.cpp
@@ -20,7 +20,7 @@
 #include "access_token.h"
 #include "access_token_error.h"
 #include "accesstoken_common_log.h"
-#include "accesstoken_service_ipc_interface_code.h"
+#include "iaccess_token_manager.h"
 #include "permission_grant_info.h"
 #include "permission_state_change_info_parcel.h"
 #include "string_ex.h"
@@ -40,6 +40,7 @@ static const unsigned int TEST_TOKENID_INVALID = 0;
 static const int CYCLE_TIMES = 100;
 static const int TEST_USER_ID = 0;
 static constexpr int32_t DEFAULT_API_VERSION = 8;
+static MockHapToken* g_mock = nullptr;
 };
 
 void GrantPermissionTest::SetUpTestCase()
@@ -47,6 +48,11 @@ void GrantPermissionTest::SetUpTestCase()
     g_selfTokenId = GetSelfTokenID();
     TestCommon::SetTestEvironment(g_selfTokenId);
 
+    std::vector<std::string> reqPerm;
+    reqPerm.emplace_back("ohos.permission.GRANT_SENSITIVE_PERMISSIONS");
+    reqPerm.emplace_back("ohos.permission.REVOKE_SENSITIVE_PERMISSIONS");
+    g_mock = new (std::nothrow) MockHapToken("GrantPermissionTest", reqPerm);
+
     // clean up test cases
     AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
     AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
@@ -55,6 +61,10 @@ void GrantPermissionTest::SetUpTestCase()
 
 void GrantPermissionTest::TearDownTestCase()
 {
+    if (g_mock != nullptr) {
+        delete g_mock;
+        g_mock = nullptr;
+    }
     AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
     AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
     TestCommon::DeleteTestHapToken(tokenID);
@@ -118,9 +128,6 @@ void GrantPermissionTest::TearDown()
 HWTEST_F(GrantPermissionTest, GrantPermissionFuncTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GrantPermissionFuncTest001");
-    std::vector<std::string> reqPerm;
-    reqPerm.emplace_back("ohos.permission.GRANT_SENSITIVE_PERMISSIONS");
-    MockHapToken mock("GrantPermissionFuncTest001", reqPerm);
 
     AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
     AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
@@ -149,9 +156,6 @@ HWTEST_F(GrantPermissionTest, GrantPermissionFuncTest001, TestSize.Level0)
 HWTEST_F(GrantPermissionTest, GrantPermissionAbnormalTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GrantPermissionAbnormalTest001");
-    std::vector<std::string> reqPerm;
-    reqPerm.emplace_back("ohos.permission.GRANT_SENSITIVE_PERMISSIONS");
-    MockHapToken mock("GrantPermissionAbnormalTest001", reqPerm);
 
     AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
     AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
@@ -185,9 +189,6 @@ HWTEST_F(GrantPermissionTest, GrantPermissionAbnormalTest001, TestSize.Level0)
 HWTEST_F(GrantPermissionTest, GrantPermissionAbnormalTest002, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GrantPermissionAbnormalTest002");
-    std::vector<std::string> reqPerm;
-    reqPerm.emplace_back("ohos.permission.GRANT_SENSITIVE_PERMISSIONS");
-    MockHapToken mock("GrantPermissionAbnormalTest002", reqPerm);
 
     AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
     AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
@@ -208,9 +209,6 @@ HWTEST_F(GrantPermissionTest, GrantPermissionAbnormalTest002, TestSize.Level0)
 HWTEST_F(GrantPermissionTest, GrantPermissionSpecsTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GrantPermissionSpecsTest001");
-    std::vector<std::string> reqPerm;
-    reqPerm.emplace_back("ohos.permission.GRANT_SENSITIVE_PERMISSIONS");
-    MockHapToken mock("GrantPermissionSpecsTest001", reqPerm);
 
     AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
     AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
@@ -261,9 +259,6 @@ HWTEST_F(GrantPermissionTest, GrantPermissionSpecsTest002, TestSize.Level0)
 HWTEST_F(GrantPermissionTest, GrantPermissionSpecsTest003, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GrantPermissionSpecsTest003");
-    std::vector<std::string> reqPerm;
-    reqPerm.emplace_back("ohos.permission.GRANT_SENSITIVE_PERMISSIONS");
-    MockHapToken mock("GrantPermissionSpecsTest003", reqPerm, true);
 
     AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
     AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
@@ -285,6 +280,8 @@ HWTEST_F(GrantPermissionTest, GrantPermissionSpecsTest003, TestSize.Level0)
 HWTEST_F(GrantPermissionTest, GrantPermissionSpecsTest004, TestSize.Level0)
 {
     std::vector<std::string> reqPerm;
+    reqPerm.emplace_back("ohos.permission.GRANT_SENSITIVE_PERMISSIONS");
+    reqPerm.emplace_back("ohos.permission.REVOKE_SENSITIVE_PERMISSIONS");
     MockHapToken mock("GrantPermissionSpecsTest004", reqPerm, true);
 
     AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/revoke_permission_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/revoke_permission_test.cpp
index de702225e79e36b2033ae7008753dccbeb8c17c0..3e3c794eb4006f134477ea012dadf645350747d4 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/revoke_permission_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/revoke_permission_test.cpp
@@ -20,7 +20,7 @@
 #include "access_token.h"
 #include "access_token_error.h"
 #include "accesstoken_common_log.h"
-#include "accesstoken_service_ipc_interface_code.h"
+#include "iaccess_token_manager.h"
 #include "permission_grant_info.h"
 #include "permission_state_change_info_parcel.h"
 #include "string_ex.h"
@@ -40,6 +40,7 @@ static const unsigned int TEST_TOKENID_INVALID = 0;
 static const int CYCLE_TIMES = 100;
 static const int TEST_USER_ID = 0;
 static constexpr int32_t DEFAULT_API_VERSION = 8;
+static MockHapToken* g_mock = nullptr;
 };
 
 void RevokePermissionTest::SetUpTestCase()
@@ -47,6 +48,10 @@ void RevokePermissionTest::SetUpTestCase()
     g_selfTokenId = GetSelfTokenID();
     TestCommon::SetTestEvironment(g_selfTokenId);
 
+    std::vector<std::string> reqPerm;
+    reqPerm.emplace_back("ohos.permission.REVOKE_SENSITIVE_PERMISSIONS");
+    g_mock = new (std::nothrow) MockHapToken("RevokePermissionTest", reqPerm);
+
     // clean up test cases
     AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
     AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
@@ -55,6 +60,11 @@ void RevokePermissionTest::SetUpTestCase()
 
 void RevokePermissionTest::TearDownTestCase()
 {
+    if (g_mock != nullptr) {
+        delete g_mock;
+        g_mock = nullptr;
+    }
+
     AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
     AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
     TestCommon::DeleteTestHapToken(tokenID);
@@ -119,9 +129,6 @@ void RevokePermissionTest::TearDown()
 HWTEST_F(RevokePermissionTest, RevokePermissionFuncTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "RevokePermissionFuncTest001");
-    std::vector<std::string> reqPerm;
-    reqPerm.emplace_back("ohos.permission.REVOKE_SENSITIVE_PERMISSIONS");
-    MockHapToken mock("RevokePermissionFuncTest001", reqPerm);
 
     AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
     AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
@@ -150,9 +157,6 @@ HWTEST_F(RevokePermissionTest, RevokePermissionFuncTest001, TestSize.Level0)
 HWTEST_F(RevokePermissionTest, RevokePermissionAbnormalTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "RevokePermissionAbnormalTest001");
-    std::vector<std::string> reqPerm;
-    reqPerm.emplace_back("ohos.permission.REVOKE_SENSITIVE_PERMISSIONS");
-    MockHapToken mock("RevokePermissionAbnormalTest001", reqPerm);
 
     AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
     AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
@@ -173,9 +177,6 @@ HWTEST_F(RevokePermissionTest, RevokePermissionAbnormalTest001, TestSize.Level0)
 HWTEST_F(RevokePermissionTest, RevokePermissionAbnormalTest002, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "RevokePermissionAbnormalTest002");
-    std::vector<std::string> reqPerm;
-    reqPerm.emplace_back("ohos.permission.REVOKE_SENSITIVE_PERMISSIONS");
-    MockHapToken mock("RevokePermissionAbnormalTest002", reqPerm);
 
     AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
     AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
@@ -206,9 +207,6 @@ HWTEST_F(RevokePermissionTest, RevokePermissionAbnormalTest002, TestSize.Level0)
 HWTEST_F(RevokePermissionTest, RevokePermissionAbnormalTest003, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "RevokePermissionAbnormalTest003");
-    std::vector<std::string> reqPerm;
-    reqPerm.emplace_back("ohos.permission.REVOKE_SENSITIVE_PERMISSIONS");
-    MockHapToken mock("RevokePermissionAbnormalTest003", reqPerm);
 
     AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
     AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
@@ -230,9 +228,6 @@ HWTEST_F(RevokePermissionTest, RevokePermissionAbnormalTest003, TestSize.Level0)
 HWTEST_F(RevokePermissionTest, RevokePermissionSpecsTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "RevokePermissionSpecsTest001");
-    std::vector<std::string> reqPerm;
-    reqPerm.emplace_back("ohos.permission.REVOKE_SENSITIVE_PERMISSIONS");
-    MockHapToken mock("RevokePermissionSpecsTest001", reqPerm);
 
     AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
     AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
@@ -284,9 +279,6 @@ HWTEST_F(RevokePermissionTest, RevokePermissionSpecsTest002, TestSize.Level0)
 HWTEST_F(RevokePermissionTest, RevokePermissionSpecsTest003, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "RevokePermissionSpecsTest003");
-    std::vector<std::string> reqPerm;
-    reqPerm.emplace_back("ohos.permission.REVOKE_SENSITIVE_PERMISSIONS");
-    MockHapToken mock("RevokePermissionSpecsTest003", reqPerm, true);
 
     AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
     AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/verify_access_token_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/verify_access_token_test.cpp
index 262d7ca2df0fbe5e5b80b0d19ef1f71fcb7d2fc9..2bf298ec3cb18a6a83cd24977ddd685500e57a88 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/verify_access_token_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/verify_access_token_test.cpp
@@ -20,7 +20,7 @@
 #include "access_token.h"
 #include "access_token_error.h"
 #include "accesstoken_common_log.h"
-#include "accesstoken_service_ipc_interface_code.h"
+#include "iaccess_token_manager.h"
 #include "permission_grant_info.h"
 #include "permission_state_change_info_parcel.h"
 #include "string_ex.h"
diff --git a/interfaces/innerkits/accesstoken/test/unittest/ProxyMockTest/accesstoken_mock_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/ProxyMockTest/accesstoken_mock_test.cpp
index 1678ab82f99baf1ac8b96b27072b24a32e1bb2d9..ee7af7bafda3d701cd52a6310390a0dfb7f0e4b6 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/ProxyMockTest/accesstoken_mock_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/ProxyMockTest/accesstoken_mock_test.cpp
@@ -78,7 +78,7 @@ void AccessTokenMockTest::TearDown()
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenMockTest, InitHapToken001, TestSize.Level1)
+HWTEST_F(AccessTokenMockTest, InitHapToken001, TestSize.Level4)
 {
     AccessTokenIDEx tokenIdEx = {0};
     int32_t ret = AccessTokenKit::InitHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams, tokenIdEx);
@@ -91,7 +91,7 @@ HWTEST_F(AccessTokenMockTest, InitHapToken001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenMockTest, AllocHapToken001, TestSize.Level1)
+HWTEST_F(AccessTokenMockTest, AllocHapToken001, TestSize.Level4)
 {
     AccessTokenIDEx tokenIdEx = {0};
     tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
@@ -104,7 +104,7 @@ HWTEST_F(AccessTokenMockTest, AllocHapToken001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenMockTest, AllocLocalTokenID001, TestSize.Level1)
+HWTEST_F(AccessTokenMockTest, AllocLocalTokenID001, TestSize.Level4)
 {
     std::string remoteDevice = "remote device";
     AccessTokenID tokenId = 123;
@@ -118,7 +118,7 @@ HWTEST_F(AccessTokenMockTest, AllocLocalTokenID001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenMockTest, UpdateHapToken001, TestSize.Level1)
+HWTEST_F(AccessTokenMockTest, UpdateHapToken001, TestSize.Level4)
 {
     AccessTokenIDEx tokenIdEx = {0};
     tokenIdEx.tokenIdExStruct.tokenID = 123;
@@ -136,7 +136,7 @@ HWTEST_F(AccessTokenMockTest, UpdateHapToken001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenMockTest, DeleteToken001, TestSize.Level1)
+HWTEST_F(AccessTokenMockTest, DeleteToken001, TestSize.Level4)
 {
     AccessTokenID tokenId = 123;
     ASSERT_EQ(AccessTokenError::ERR_SERVICE_ABNORMAL, AccessTokenKit::DeleteToken(tokenId));
@@ -148,7 +148,7 @@ HWTEST_F(AccessTokenMockTest, DeleteToken001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenMockTest, GetTokenType001, TestSize.Level1)
+HWTEST_F(AccessTokenMockTest, GetTokenType001, TestSize.Level4)
 {
     AccessTokenID tokenId = 123;
     ASSERT_EQ(TOKEN_INVALID, AccessTokenKit::GetTokenType(tokenId));
@@ -160,7 +160,7 @@ HWTEST_F(AccessTokenMockTest, GetTokenType001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenMockTest, GetHapTokenID001, TestSize.Level1)
+HWTEST_F(AccessTokenMockTest, GetHapTokenID001, TestSize.Level4)
 {
     int32_t userID = 0;
     std::string bundleName = "test";
@@ -175,7 +175,7 @@ HWTEST_F(AccessTokenMockTest, GetHapTokenID001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenMockTest, GetHapTokenIDEx001, TestSize.Level1)
+HWTEST_F(AccessTokenMockTest, GetHapTokenIDEx001, TestSize.Level4)
 {
     int32_t userID = 0;
     std::string bundleName = "test";
@@ -190,7 +190,7 @@ HWTEST_F(AccessTokenMockTest, GetHapTokenIDEx001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenMockTest, GetHapTokenInfo001, TestSize.Level1)
+HWTEST_F(AccessTokenMockTest, GetHapTokenInfo001, TestSize.Level4)
 {
     AccessTokenID tokenId = 123;
     HapTokenInfo tokenInfo;
@@ -203,7 +203,7 @@ HWTEST_F(AccessTokenMockTest, GetHapTokenInfo001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenMockTest, GetNativeTokenInfo001, TestSize.Level1)
+HWTEST_F(AccessTokenMockTest, GetNativeTokenInfo001, TestSize.Level4)
 {
     AccessTokenID tokenId = 805920561; //805920561 is a native tokenId.
     NativeTokenInfo tokenInfo;
@@ -216,7 +216,7 @@ HWTEST_F(AccessTokenMockTest, GetNativeTokenInfo001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenMockTest, VerifyAccessToken001, TestSize.Level1)
+HWTEST_F(AccessTokenMockTest, VerifyAccessToken001, TestSize.Level4)
 {
     AccessTokenID tokenId = 123;
     std::string permission = "ohos.permission.CAMERA";
@@ -230,7 +230,7 @@ HWTEST_F(AccessTokenMockTest, VerifyAccessToken001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenMockTest, VerifyAccessToken002, TestSize.Level1)
+HWTEST_F(AccessTokenMockTest, VerifyAccessToken002, TestSize.Level4)
 {
     AccessTokenID callerTokenID = 123;
     AccessTokenID firstTokenID = 456;
@@ -245,7 +245,7 @@ HWTEST_F(AccessTokenMockTest, VerifyAccessToken002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenMockTest, VerifyAccessTokenWithList001, TestSize.Level1)
+HWTEST_F(AccessTokenMockTest, VerifyAccessTokenWithList001, TestSize.Level4)
 {
     AccessTokenID tokenId = 123;
     std::vector<std::string> permissionList = {"ohos.permission.CAMERA"};
@@ -264,7 +264,7 @@ HWTEST_F(AccessTokenMockTest, VerifyAccessTokenWithList001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenMockTest, GetDefPermission001, TestSize.Level1)
+HWTEST_F(AccessTokenMockTest, GetDefPermission001, TestSize.Level4)
 {
     std::string permission = "ohos.permission.CAMERA";
     PermissionDef def;
@@ -277,7 +277,7 @@ HWTEST_F(AccessTokenMockTest, GetDefPermission001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenMockTest, GetReqPermissions001, TestSize.Level1)
+HWTEST_F(AccessTokenMockTest, GetReqPermissions001, TestSize.Level4)
 {
     AccessTokenID tokenId = 123;
     std::vector<PermissionStateFull> permList;
@@ -290,7 +290,7 @@ HWTEST_F(AccessTokenMockTest, GetReqPermissions001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenMockTest, GetTokenIDByUserID001, TestSize.Level1)
+HWTEST_F(AccessTokenMockTest, GetTokenIDByUserID001, TestSize.Level4)
 {
     int32_t userID = 1;
     std::unordered_set<AccessTokenID> tokenIdList;
@@ -303,7 +303,7 @@ HWTEST_F(AccessTokenMockTest, GetTokenIDByUserID001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenMockTest, GetPermissionFlag001, TestSize.Level1)
+HWTEST_F(AccessTokenMockTest, GetPermissionFlag001, TestSize.Level4)
 {
     AccessTokenID tokenId = 123;
     std::string permission = "ohos.permission.CAMERA";
@@ -317,7 +317,7 @@ HWTEST_F(AccessTokenMockTest, GetPermissionFlag001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenMockTest, SetPermissionRequestToggleStatus001, TestSize.Level1)
+HWTEST_F(AccessTokenMockTest, SetPermissionRequestToggleStatus001, TestSize.Level4)
 {
     int32_t userID = 123;
     std::string permission = "ohos.permission.CAMERA";
@@ -332,7 +332,7 @@ HWTEST_F(AccessTokenMockTest, SetPermissionRequestToggleStatus001, TestSize.Leve
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenMockTest, GetPermissionRequestToggleStatus001, TestSize.Level1)
+HWTEST_F(AccessTokenMockTest, GetPermissionRequestToggleStatus001, TestSize.Level4)
 {
     int32_t userID = 123;
     std::string permission = "ohos.permission.CAMERA";
@@ -341,13 +341,26 @@ HWTEST_F(AccessTokenMockTest, GetPermissionRequestToggleStatus001, TestSize.Leve
         status, userID));
 }
 
+/**
+ * @tc.name: GetSelfPermissionStatus001
+ * @tc.desc: GetSelfPermissionStatus with proxy is null
+ * @tc.type: FUNC
+ * @tc.require:
+ */
+HWTEST_F(AccessTokenMockTest, GetSelfPermissionStatus001, TestSize.Level4)
+{
+    std::string permission = "ohos.permission.CAMERA";
+    PermissionOper status;
+    ASSERT_EQ(AccessTokenError::ERR_SERVICE_ABNORMAL, AccessTokenKit::GetSelfPermissionStatus(permission, status));
+}
+
 /**
  * @tc.name: GetSelfPermissionsState001
  * @tc.desc: GetSelfPermissionsState with proxy is null
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenMockTest, GetSelfPermissionsState001, TestSize.Level1)
+HWTEST_F(AccessTokenMockTest, GetSelfPermissionsState001, TestSize.Level4)
 {
     std::vector<PermissionListState> permList;
     PermissionGrantInfo info;
@@ -360,7 +373,7 @@ HWTEST_F(AccessTokenMockTest, GetSelfPermissionsState001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenMockTest, GetPermissionsStatus001, TestSize.Level1)
+HWTEST_F(AccessTokenMockTest, GetPermissionsStatus001, TestSize.Level4)
 {
     AccessTokenID tokenId = 123;
     std::vector<PermissionListState> permsList;
@@ -379,7 +392,7 @@ HWTEST_F(AccessTokenMockTest, GetPermissionsStatus001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenMockTest, GrantPermission001, TestSize.Level1)
+HWTEST_F(AccessTokenMockTest, GrantPermission001, TestSize.Level4)
 {
     AccessTokenID tokenId = 123;
     std::string permission = "ohos.permission.CAMERA";
@@ -393,7 +406,7 @@ HWTEST_F(AccessTokenMockTest, GrantPermission001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenMockTest, RevokePermission001, TestSize.Level1)
+HWTEST_F(AccessTokenMockTest, RevokePermission001, TestSize.Level4)
 {
     AccessTokenID tokenId = 123;
     std::string permission = "ohos.permission.CAMERA";
@@ -407,7 +420,7 @@ HWTEST_F(AccessTokenMockTest, RevokePermission001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenMockTest, ClearUserGrantedPermissionState001, TestSize.Level1)
+HWTEST_F(AccessTokenMockTest, ClearUserGrantedPermissionState001, TestSize.Level4)
 {
     AccessTokenID tokenId = 123;
     ASSERT_EQ(AccessTokenError::ERR_SERVICE_ABNORMAL, AccessTokenKit::ClearUserGrantedPermissionState(tokenId));
@@ -432,7 +445,7 @@ public:
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenMockTest, RegisterPermStateChangeCallback001, TestSize.Level1)
+HWTEST_F(AccessTokenMockTest, RegisterPermStateChangeCallback001, TestSize.Level4)
 {
     PermStateChangeScope scopeInfo;
     scopeInfo.permList = {"ohos.permission.CAMERA"};
@@ -448,7 +461,7 @@ HWTEST_F(AccessTokenMockTest, RegisterPermStateChangeCallback001, TestSize.Level
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenMockTest, ReloadNativeTokenInfo001, TestSize.Level1)
+HWTEST_F(AccessTokenMockTest, ReloadNativeTokenInfo001, TestSize.Level4)
 {
     ASSERT_EQ(AccessTokenError::ERR_SERVICE_ABNORMAL, AccessTokenKit::ReloadNativeTokenInfo());
 }
@@ -459,7 +472,7 @@ HWTEST_F(AccessTokenMockTest, ReloadNativeTokenInfo001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(AccessTokenMockTest, GetNativeTokenId001, TestSize.Level1)
+HWTEST_F(AccessTokenMockTest, GetNativeTokenId001, TestSize.Level4)
 {
     std::string processName = "hdcd";
     AccessTokenID tokenID = AccessTokenKit::GetNativeTokenId(processName);
@@ -473,7 +486,7 @@ HWTEST_F(AccessTokenMockTest, GetNativeTokenId001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenMockTest, GetHapTokenInfoFromRemote001, TestSize.Level1)
+HWTEST_F(AccessTokenMockTest, GetHapTokenInfoFromRemote001, TestSize.Level4)
 {
     AccessTokenID tokenId = 123;
     HapTokenInfoForSync hapSync;
@@ -486,7 +499,7 @@ HWTEST_F(AccessTokenMockTest, GetHapTokenInfoFromRemote001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenMockTest, SetRemoteHapTokenInfo001, TestSize.Level1)
+HWTEST_F(AccessTokenMockTest, SetRemoteHapTokenInfo001, TestSize.Level4)
 {
     std::string device = "device";
     HapTokenInfoForSync hapSync;
@@ -499,7 +512,7 @@ HWTEST_F(AccessTokenMockTest, SetRemoteHapTokenInfo001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenMockTest, DeleteRemoteToken001, TestSize.Level1)
+HWTEST_F(AccessTokenMockTest, DeleteRemoteToken001, TestSize.Level4)
 {
     std::string device = "device";
     AccessTokenID tokenId = 123;
@@ -512,7 +525,7 @@ HWTEST_F(AccessTokenMockTest, DeleteRemoteToken001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenMockTest, GetRemoteNativeTokenID001, TestSize.Level1)
+HWTEST_F(AccessTokenMockTest, GetRemoteNativeTokenID001, TestSize.Level4)
 {
     std::string device = "device";
     AccessTokenID tokenId = 123;
@@ -525,7 +538,7 @@ HWTEST_F(AccessTokenMockTest, GetRemoteNativeTokenID001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenMockTest, DeleteRemoteDeviceTokens001, TestSize.Level1)
+HWTEST_F(AccessTokenMockTest, DeleteRemoteDeviceTokens001, TestSize.Level4)
 {
     std::string device = "device";
     ASSERT_EQ(AccessTokenError::ERR_SERVICE_ABNORMAL, AccessTokenKit::DeleteRemoteDeviceTokens(device));
@@ -537,7 +550,7 @@ HWTEST_F(AccessTokenMockTest, DeleteRemoteDeviceTokens001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenMockTest, RegisterTokenSyncCallback001, TestSize.Level1)
+HWTEST_F(AccessTokenMockTest, RegisterTokenSyncCallback001, TestSize.Level4)
 {
     std::shared_ptr<TokenSyncKitInterface> callback = std::make_shared<TokenSyncCallbackImpl>();
     EXPECT_EQ(AccessTokenError::ERR_SERVICE_ABNORMAL, AccessTokenKit::RegisterTokenSyncCallback(callback));
@@ -551,7 +564,7 @@ HWTEST_F(AccessTokenMockTest, RegisterTokenSyncCallback001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenMockTest, DumpTokenInfo001, TestSize.Level1)
+HWTEST_F(AccessTokenMockTest, DumpTokenInfo001, TestSize.Level4)
 {
     std::string dumpInfo;
     AtmToolsParamInfo info;
@@ -566,7 +579,7 @@ HWTEST_F(AccessTokenMockTest, DumpTokenInfo001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenMockTest, SetPermDialogCap001, TestSize.Level1)
+HWTEST_F(AccessTokenMockTest, SetPermDialogCap001, TestSize.Level4)
 {
     HapBaseInfo hapBaseInfo;
     ASSERT_EQ(AccessTokenError::ERR_SERVICE_ABNORMAL, AccessTokenKit::SetPermDialogCap(hapBaseInfo, true));
@@ -578,7 +591,7 @@ HWTEST_F(AccessTokenMockTest, SetPermDialogCap001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenMockTest, GetPermissionManagerInfo001, TestSize.Level1)
+HWTEST_F(AccessTokenMockTest, GetPermissionManagerInfo001, TestSize.Level4)
 {
     PermissionGrantInfo info;
     AccessTokenKit::GetPermissionManagerInfo(info);
@@ -591,7 +604,7 @@ HWTEST_F(AccessTokenMockTest, GetPermissionManagerInfo001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenMockTest, GrantPermissionForSpecifiedTime001, TestSize.Level1)
+HWTEST_F(AccessTokenMockTest, GrantPermissionForSpecifiedTime001, TestSize.Level4)
 {
     AccessTokenID tokenId = 123;
     std::string permission = "permission";
@@ -606,7 +619,7 @@ HWTEST_F(AccessTokenMockTest, GrantPermissionForSpecifiedTime001, TestSize.Level
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenMockTest, RequestAppPermOnSettingTest001, TestSize.Level1)
+HWTEST_F(AccessTokenMockTest, RequestAppPermOnSettingTest001, TestSize.Level4)
 {
     AccessTokenID tokenId = 123;
     ASSERT_EQ(AccessTokenError::ERR_SERVICE_ABNORMAL, AccessTokenKit::RequestAppPermOnSetting(tokenId));
@@ -618,7 +631,7 @@ HWTEST_F(AccessTokenMockTest, RequestAppPermOnSettingTest001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenMockTest, GetKernelPermissions001, TestSize.Level1)
+HWTEST_F(AccessTokenMockTest, GetKernelPermissions001, TestSize.Level4)
 {
     AccessTokenID tokenId = 123;
     std::vector<PermissionWithValue> kernelPermList;
diff --git a/interfaces/innerkits/accesstoken/test/unittest/RegisterCallbackTest/register_perm_state_change_callback_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/RegisterCallbackTest/register_perm_state_change_callback_test.cpp
index 0e1383786f4d58ab9fcd9e9eb4e2b1e19add6061..e5f7e623f51a10b879ffb694e13b1f9a81d5534f 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/RegisterCallbackTest/register_perm_state_change_callback_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/RegisterCallbackTest/register_perm_state_change_callback_test.cpp
@@ -19,7 +19,7 @@
 #include "access_token.h"
 #include "access_token_error.h"
 #include "accesstoken_common_log.h"
-#include "accesstoken_service_ipc_interface_code.h"
+#include "iaccess_token_manager.h"
 #include "hap_token_info.h"
 #include "nativetoken_kit.h"
 #include "permission_grant_info.h"
@@ -105,7 +105,7 @@ public:
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X
  */
-HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackFuncTest001, TestSize.Level1)
+HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackFuncTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "RegisterPermStateChangeCallbackFuncTest001");
     PermStateChangeScope scopeInfo;
@@ -128,33 +128,33 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackFun
     AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
     ASSERT_NE(tokenID, INVALID_TOKENID);
 
-    ASSERT_EQ(RET_SUCCESS, TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2));
+    EXPECT_EQ(RET_SUCCESS, TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2));
 
-    ASSERT_EQ(PERMISSION_GRANTED, AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA", false));
+    EXPECT_EQ(PERMISSION_GRANTED, AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA", false));
     usleep(500000); // 500000us = 0.5s
     EXPECT_EQ(true, callbackPtr->ready_);
 
     callbackPtr->ready_ = false;
 
-    ASSERT_EQ(RET_SUCCESS, TestCommon::RevokePermissionByTest(tokenID, "ohos.permission.CAMERA", 2));
+    EXPECT_EQ(RET_SUCCESS, TestCommon::RevokePermissionByTest(tokenID, "ohos.permission.CAMERA", 2));
     usleep(500000); // 500000us = 0.5s
     EXPECT_EQ(true, callbackPtr->ready_);
 
-    ASSERT_EQ(RET_SUCCESS, AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr));
+    EXPECT_EQ(RET_SUCCESS, AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr));
 
     callbackPtr->ready_ = false;
 
-    ASSERT_EQ(RET_SUCCESS, TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2));
+    EXPECT_EQ(RET_SUCCESS, TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2));
     usleep(500000); // 500000us = 0.5s
-    ASSERT_EQ(false, callbackPtr->ready_);
+    EXPECT_EQ(false, callbackPtr->ready_);
 
     callbackPtr->ready_ = false;
 
-    ASSERT_EQ(RET_SUCCESS, TestCommon::RevokePermissionByTest(tokenID, "ohos.permission.CAMERA", 2));
+    EXPECT_EQ(RET_SUCCESS, TestCommon::RevokePermissionByTest(tokenID, "ohos.permission.CAMERA", 2));
     usleep(500000); // 500000us = 0.5s
-    ASSERT_EQ(false, callbackPtr->ready_);
+    EXPECT_EQ(false, callbackPtr->ready_);
 
-    ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID));
+    EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID));
 }
 
 /**
@@ -163,7 +163,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackFun
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X
  */
-HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackFuncTest002, TestSize.Level1)
+HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackFuncTest002, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "RegisterPermStateChangeCallbackFuncTest002");
     PermStateChangeScope scopeInfo;
@@ -201,17 +201,17 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackFun
     ASSERT_NE(tokenID, INVALID_TOKENID);
 
     res = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA", false);
-    ASSERT_EQ(PERMISSION_DENIED, res);
+    EXPECT_EQ(PERMISSION_DENIED, res);
 
     res = TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2);
-    ASSERT_EQ(RET_SUCCESS, res);
+    EXPECT_EQ(RET_SUCCESS, res);
     usleep(500000); // 500000us = 0.5s
     EXPECT_EQ(false, callbackPtr->ready_);
 
-    ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID));
+    EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID));
 
     res = AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr);
-    ASSERT_EQ(RET_SUCCESS, res);
+    EXPECT_EQ(RET_SUCCESS, res);
 }
 
 /**
@@ -220,7 +220,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackFun
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X
  */
-HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackFuncTest003, TestSize.Level1)
+HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackFuncTest003, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "RegisterPermStateChangeCallbackFuncTest003");
     PermStateChangeScope scopeInfo;
@@ -244,14 +244,14 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackFun
     ASSERT_NE(tokenID, INVALID_TOKENID);
 
     callbackPtr->ready_ = false;
-    ASSERT_EQ(RET_SUCCESS, TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2));
-    ASSERT_EQ(PERMISSION_GRANTED, AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA", false));
+    EXPECT_EQ(RET_SUCCESS, TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2));
+    EXPECT_EQ(PERMISSION_GRANTED, AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA", false));
     usleep(500000); // 500000us = 0.5s
     EXPECT_EQ(true, callbackPtr->ready_);
 
-    ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID));
+    EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID));
 
-    ASSERT_EQ(RET_SUCCESS, AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr));
+    EXPECT_EQ(RET_SUCCESS, AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr));
 }
 
 /**
@@ -260,7 +260,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackFun
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X
  */
-HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackFuncTest004, TestSize.Level1)
+HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackFuncTest004, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "RegisterPermStateChangeCallbackFuncTest004");
 
@@ -282,17 +282,17 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackFun
     auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
     callbackPtr->ready_ = false;
 
-    ASSERT_EQ(RET_SUCCESS, AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr));
+    EXPECT_EQ(RET_SUCCESS, AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr));
 
     callbackPtr->ready_ = false;
-    ASSERT_EQ(PERMISSION_DENIED, AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA", false));
-    ASSERT_EQ(RET_SUCCESS, TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2));
+    EXPECT_EQ(PERMISSION_DENIED, AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA", false));
+    EXPECT_EQ(RET_SUCCESS, TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2));
     usleep(500000); // 500000us = 0.5s
     EXPECT_EQ(true, callbackPtr->ready_);
 
-    ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID));
+    EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID));
 
-    ASSERT_EQ(RET_SUCCESS, AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr));
+    EXPECT_EQ(RET_SUCCESS, AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr));
 }
 
 
@@ -347,7 +347,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackFun
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X
  */
-HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackAbnormalTest001, TestSize.Level1)
+HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackAbnormalTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "RegisterPermStateChangeCallbackAbnormalTest001");
     PermStateChangeScope scopeInfo;
@@ -378,13 +378,13 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackAbn
     ASSERT_NE(tokenID, INVALID_TOKENID);
 
     callbackPtr->ready_ = false;
-    ASSERT_EQ(PERMISSION_DENIED, AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA", false));
-    ASSERT_EQ(RET_SUCCESS, TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2));
-    ASSERT_EQ(PERMISSION_GRANTED, AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA", false));
+    EXPECT_EQ(PERMISSION_DENIED, AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA", false));
+    EXPECT_EQ(RET_SUCCESS, TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2));
+    EXPECT_EQ(PERMISSION_GRANTED, AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA", false));
     usleep(500000); // 500000us = 0.5s
     EXPECT_EQ(false, callbackPtr->ready_);
 
-    ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID));
+    EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID));
 }
 
 /**
@@ -393,7 +393,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackAbn
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X
  */
-HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackAbnormalTest002, TestSize.Level1)
+HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackAbnormalTest002, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "RegisterPermStateChangeCallbackAbnormalTest002");
     PermStateChangeScope scopeInfo;
@@ -423,17 +423,17 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackAbn
     scopeInfo.tokenIDs = {tokenIdEx.tokenIdExStruct.tokenID};
     scopeInfo.permList = {"ohos.permission.INVALID", "ohos.permission.CAMERA"};
     auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
-    ASSERT_EQ(RET_SUCCESS, AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr));
+    EXPECT_EQ(RET_SUCCESS, AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr));
 
     int32_t res = TestCommon::GrantPermissionByTest(tokenIdEx.tokenIdExStruct.tokenID, "ohos.permission.CAMERA", 2);
-    ASSERT_EQ(RET_SUCCESS, res);
+    EXPECT_EQ(RET_SUCCESS, res);
     usleep(500000); // 500000us = 0.5s
     EXPECT_EQ(true, callbackPtr->ready_);
 
-    ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID));
+    EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID));
 
     res = AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr);
-    ASSERT_EQ(RET_SUCCESS, res);
+    EXPECT_EQ(RET_SUCCESS, res);
 }
 
 /**
@@ -442,7 +442,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackAbn
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X
  */
-HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackAbnormalTest003, TestSize.Level1)
+HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackAbnormalTest003, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "RegisterPermStateChangeCallbackAbnormalTest003");
     int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(nullptr);
@@ -455,7 +455,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackAbn
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X
  */
-HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackSpecTest001, TestSize.Level1)
+HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackSpecTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "RegisterPermStateChangeCallbackSpecTest001");
     PermStateChangeScope scopeInfo;
@@ -481,7 +481,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackSpe
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X
  */
-HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackSpecTest002, TestSize.Level1)
+HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackSpecTest002, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "RegisterPermStateChangeCallbackSpecTest002");
     PermStateChangeScope scopeInfo;
@@ -505,16 +505,16 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackSpe
         scopeInfo.tokenIDs.emplace_back(tokenIdEx.tokenIdExStruct.tokenID);
         if (i == TOKENIDS_LIST_SIZE_MAX_TEST) {
             auto callbackPtr1 = std::make_shared<CbCustomizeTest>(scopeInfo);
-            ASSERT_EQ(
+            EXPECT_EQ(
                 AccessTokenError::ERR_PARAM_INVALID, AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr1));
             break;
         }
         auto callbackPtr1 = std::make_shared<CbCustomizeTest>(scopeInfo);
-        ASSERT_EQ(RET_SUCCESS, AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr1));
-        ASSERT_EQ(RET_SUCCESS, AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr1));
+        EXPECT_EQ(RET_SUCCESS, AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr1));
+        EXPECT_EQ(RET_SUCCESS, AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr1));
     }
 
-    ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID));
+    EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID));
 }
 
 /**
@@ -523,7 +523,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackSpe
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X
  */
-HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackSpecTest003, TestSize.Level1)
+HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackSpecTest003, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "RegisterPermStateChangeCallbackSpecTest003");
     PermStateChangeScope scopeInfo;
@@ -555,7 +555,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackSpe
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X
  */
-HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackSpecTest004, TestSize.Level1)
+HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackSpecTest004, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "RegisterPermStateChangeCallbackSpecTest004");
     PermStateChangeScope scopeInfo;
@@ -575,7 +575,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackSpe
     scopeInfo.permList = {"ohos.permission.CAMERA"};
     auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
     int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr);
-    ASSERT_EQ(RET_SUCCESS, res);
+    EXPECT_EQ(RET_SUCCESS, res);
 
     res = TestCommon::GrantPermissionByTest(tokenIdEx.tokenIdExStruct.tokenID, "ohos.permission.CAMERA", 2);
     EXPECT_EQ(RET_SUCCESS, res);
@@ -599,11 +599,11 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackSpe
     EXPECT_EQ(true, callbackPtr->ready_);
 
     callbackPtr->ready_ = false;
-    ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID));
+    EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID));
     usleep(500000); // 500000us = 0.5s
     EXPECT_EQ(true, callbackPtr->ready_);
 
-    ASSERT_EQ(RET_SUCCESS, AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr));
+    EXPECT_EQ(RET_SUCCESS, AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr));
 }
 
 /**
@@ -612,7 +612,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackSpe
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X
  */
-HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackSpecTest005, TestSize.Level1)
+HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackSpecTest005, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "RegisterPermStateChangeCallbackSpecTest005");
     PermStateChangeScope scopeInfo;
@@ -638,7 +638,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackSpe
     scopeInfo.permList = {"ohos.permission.READ_MEDIA"};
     auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
     int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr);
-    ASSERT_EQ(RET_SUCCESS, res);
+    EXPECT_EQ(RET_SUCCESS, res);
 
     res = TestCommon::GrantPermissionByTest(tokenIdEx.tokenIdExStruct.tokenID,
         "ohos.permission.READ_MEDIA", PERMISSION_SYSTEM_FIXED);
@@ -650,19 +650,19 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackSpe
     {
         std::vector<std::string> reqPerm;
         reqPerm.emplace_back("ohos.permission.REVOKE_SENSITIVE_PERMISSIONS");
-        MockHapToken mock("RegisterPermStateChangeCallbackSpecTest004", reqPerm);
+        MockHapToken mock("RegisterPermStateChangeCallbackSpecTest005", reqPerm);
         EXPECT_EQ(RET_SUCCESS, AccessTokenKit::ClearUserGrantedPermissionState(tokenIdEx.tokenIdExStruct.tokenID));
     }
     usleep(500000); // 500000us = 0.5s
     EXPECT_EQ(false, callbackPtr->ready_);
 
     callbackPtr->ready_ = false;
-    ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID));
+    EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID));
     usleep(500000); // 500000us = 0.5s
     EXPECT_EQ(true, callbackPtr->ready_);
 
     res = AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr);
-    ASSERT_EQ(RET_SUCCESS, res);
+    EXPECT_EQ(RET_SUCCESS, res);
 }
 
 /**
@@ -671,7 +671,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackSpe
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X
  */
-HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallback001, TestSize.Level1)
+HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallback001, TestSize.Level0)
 {
     static HapPolicyParams infoManagerTestPolicyPrams1 = {
         .apl = APL_NORMAL,
@@ -692,27 +692,27 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallbac
 
     SetSelfTokenID(tokenID);
     int32_t res = AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr);
-    ASSERT_EQ(RET_SUCCESS, res);
+    EXPECT_EQ(RET_SUCCESS, res);
     SetSelfTokenID(g_selfShellTokenId);
 
     res = TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2);
-    ASSERT_EQ(RET_SUCCESS, res);
+    EXPECT_EQ(RET_SUCCESS, res);
 
     res = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA", false);
-    ASSERT_EQ(PERMISSION_GRANTED, res);
+    EXPECT_EQ(PERMISSION_GRANTED, res);
     usleep(500000); // 500000us = 0.5s
     EXPECT_EQ(true, callbackPtr->ready_);
 
     callbackPtr->ready_ = false;
 
     res = TestCommon::RevokePermissionByTest(tokenID, "ohos.permission.CAMERA", 2);
-    ASSERT_EQ(RET_SUCCESS, res);
+    EXPECT_EQ(RET_SUCCESS, res);
     usleep(500000); // 500000us = 0.5s
     EXPECT_EQ(true, callbackPtr->ready_);
 
     SetSelfTokenID(tokenID);
     res = AccessTokenKit::UnRegisterSelfPermStateChangeCallback(callbackPtr);
-    ASSERT_EQ(RET_SUCCESS, res);
+    EXPECT_EQ(RET_SUCCESS, res);
     SetSelfTokenID(g_selfShellTokenId);
 
     ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID));
@@ -724,7 +724,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallbac
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X
  */
-HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallback002, TestSize.Level1)
+HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallback002, TestSize.Level0)
 {
     static HapPolicyParams infoManagerTestPolicyPrams1 = {
         .apl = APL_NORMAL,
@@ -744,23 +744,23 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallbac
     callbackPtr->ready_ = false;
 
     SetSelfTokenID(tokenID);
-    ASSERT_EQ(RET_SUCCESS, AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr));
+    EXPECT_EQ(RET_SUCCESS, AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr));
     SetSelfTokenID(g_selfShellTokenId);
 
-    ASSERT_EQ(RET_SUCCESS, TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2));
+    EXPECT_EQ(RET_SUCCESS, TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2));
     usleep(500000); // 500000us = 0.5s
     EXPECT_EQ(true, callbackPtr->ready_);
 
     callbackPtr->ready_ = false;
 
-    ASSERT_EQ(RET_SUCCESS, TestCommon::RevokePermissionByTest(tokenID, "ohos.permission.CAMERA", 2));
+    EXPECT_EQ(RET_SUCCESS, TestCommon::RevokePermissionByTest(tokenID, "ohos.permission.CAMERA", 2));
     usleep(500000); // 500000us = 0.5s
     EXPECT_EQ(true, callbackPtr->ready_);
 
     callbackPtr->ready_ = false;
 
     SetSelfTokenID(tokenID);
-    ASSERT_EQ(RET_SUCCESS, AccessTokenKit::UnRegisterSelfPermStateChangeCallback(callbackPtr));
+    EXPECT_EQ(RET_SUCCESS, AccessTokenKit::UnRegisterSelfPermStateChangeCallback(callbackPtr));
     SetSelfTokenID(g_selfShellTokenId);
 
     ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID));
@@ -772,7 +772,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallbac
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X
  */
-HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallback003, TestSize.Level1)
+HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallback003, TestSize.Level0)
 {
     static HapPolicyParams infoManagerTestPolicyPrams1 = {
         .apl = APL_NORMAL,
@@ -793,27 +793,27 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallbac
 
     SetSelfTokenID(tokenID);
     int32_t res = AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr);
-    ASSERT_EQ(RET_SUCCESS, res);
+    EXPECT_EQ(RET_SUCCESS, res);
     SetSelfTokenID(g_selfShellTokenId);
 
     res = TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2);
-    ASSERT_EQ(RET_SUCCESS, res);
+    EXPECT_EQ(RET_SUCCESS, res);
 
     res = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA", false);
-    ASSERT_EQ(PERMISSION_GRANTED, res);
+    EXPECT_EQ(PERMISSION_GRANTED, res);
     usleep(500000); // 500000us = 0.5s
     EXPECT_EQ(true, callbackPtr->ready_);
 
     callbackPtr->ready_ = false;
 
     res = TestCommon::RevokePermissionByTest(tokenID, "ohos.permission.CAMERA", 2);
-    ASSERT_EQ(RET_SUCCESS, res);
+    EXPECT_EQ(RET_SUCCESS, res);
     usleep(500000); // 500000us = 0.5s
     EXPECT_EQ(true, callbackPtr->ready_);
 
     SetSelfTokenID(tokenID);
     res = AccessTokenKit::UnRegisterSelfPermStateChangeCallback(callbackPtr);
-    ASSERT_EQ(RET_SUCCESS, res);
+    EXPECT_EQ(RET_SUCCESS, res);
     SetSelfTokenID(g_selfShellTokenId);
 
     ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID));
@@ -825,7 +825,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallbac
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X
  */
-HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallback004, TestSize.Level1)
+HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallback004, TestSize.Level0)
 {
     PermissionStateFull infoManagerTestStateB = {
         .permissionName = "ohos.permission.MICROPHONE",
@@ -852,30 +852,30 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallbac
     callbackPtr->ready_ = false;
 
     SetSelfTokenID(tokenID);
-    ASSERT_EQ(RET_SUCCESS, AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr));
+    EXPECT_EQ(RET_SUCCESS, AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr));
     SetSelfTokenID(g_selfShellTokenId);
 
-    ASSERT_EQ(RET_SUCCESS, TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2));
+    EXPECT_EQ(RET_SUCCESS, TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2));
     usleep(500000); // 500000us = 0.5s
     EXPECT_EQ(true, callbackPtr->ready_);
 
     callbackPtr->ready_ = false;
-    ASSERT_EQ(RET_SUCCESS, TestCommon::RevokePermissionByTest(tokenID, "ohos.permission.CAMERA", 2));
+    EXPECT_EQ(RET_SUCCESS, TestCommon::RevokePermissionByTest(tokenID, "ohos.permission.CAMERA", 2));
     usleep(500000); // 500000us = 0.5s
     EXPECT_EQ(true, callbackPtr->ready_);
 
     callbackPtr->ready_ = false;
-    ASSERT_EQ(RET_SUCCESS, TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.MICROPHONE", 2));
+    EXPECT_EQ(RET_SUCCESS, TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.MICROPHONE", 2));
     usleep(500000); // 500000us = 0.5s
     EXPECT_EQ(true, callbackPtr->ready_);
 
     callbackPtr->ready_ = false;
-    ASSERT_EQ(RET_SUCCESS, TestCommon::RevokePermissionByTest(tokenID, "ohos.permission.MICROPHONE", 2));
+    EXPECT_EQ(RET_SUCCESS, TestCommon::RevokePermissionByTest(tokenID, "ohos.permission.MICROPHONE", 2));
     usleep(500000); // 500000us = 0.5s
     EXPECT_EQ(true, callbackPtr->ready_);
 
     SetSelfTokenID(tokenID);
-    ASSERT_EQ(RET_SUCCESS, AccessTokenKit::UnRegisterSelfPermStateChangeCallback(callbackPtr));
+    EXPECT_EQ(RET_SUCCESS, AccessTokenKit::UnRegisterSelfPermStateChangeCallback(callbackPtr));
     ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID));
 }
 
@@ -885,7 +885,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallbac
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X
  */
-HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallback005, TestSize.Level1)
+HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallback005, TestSize.Level0)
 {
     static PermissionStateFull infoManagerTestStateA = {
         .permissionName = "ohos.permission.CAMERA",
@@ -913,32 +913,32 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallbac
 
     SetSelfTokenID(tokenID);
     int32_t res = AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr1);
-    ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, res);
+    EXPECT_EQ(AccessTokenError::ERR_PARAM_INVALID, res);
 
     scopeInfo.permList = {"ohos.permission.INVALID", "ohos.permission.CAMERA"};
     auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
     res = AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr);
-    ASSERT_EQ(RET_SUCCESS, res);
+    EXPECT_EQ(RET_SUCCESS, res);
     SetSelfTokenID(g_selfShellTokenId);
 
     res = TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2);
-    ASSERT_EQ(RET_SUCCESS, res);
+    EXPECT_EQ(RET_SUCCESS, res);
 
     res = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA", false);
-    ASSERT_EQ(PERMISSION_GRANTED, res);
+    EXPECT_EQ(PERMISSION_GRANTED, res);
     usleep(500000); // 500000us = 0.5s
     EXPECT_EQ(true, callbackPtr->ready_);
 
     callbackPtr->ready_ = false;
 
     res = TestCommon::RevokePermissionByTest(tokenID, "ohos.permission.CAMERA", 2);
-    ASSERT_EQ(RET_SUCCESS, res);
+    EXPECT_EQ(RET_SUCCESS, res);
     usleep(500000); // 500000us = 0.5s
     EXPECT_EQ(true, callbackPtr->ready_);
 
     SetSelfTokenID(tokenID);
     res = AccessTokenKit::UnRegisterSelfPermStateChangeCallback(callbackPtr);
-    ASSERT_EQ(RET_SUCCESS, res);
+    EXPECT_EQ(RET_SUCCESS, res);
 
     ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID));
 }
@@ -949,7 +949,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallbac
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X
  */
-HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallback006, TestSize.Level1)
+HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallback006, TestSize.Level0)
 {
     static PermissionStateFull infoManagerTestStateA = {
         .permissionName = "ohos.permission.GET_BUNDLE_INFO",
@@ -979,12 +979,12 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallbac
         if (i == PERMS_LIST_SIZE_MAX_TEST) { // 1025 is a invalid size
             auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
             int32_t res = AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr);
-            ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, res);
+            EXPECT_EQ(AccessTokenError::ERR_PARAM_INVALID, res);
             break;
         }
         auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
-        ASSERT_EQ(RET_SUCCESS, AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr));
-        ASSERT_EQ(RET_SUCCESS, AccessTokenKit::UnRegisterSelfPermStateChangeCallback(callbackPtr));
+        EXPECT_EQ(RET_SUCCESS, AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr));
+        EXPECT_EQ(RET_SUCCESS, AccessTokenKit::UnRegisterSelfPermStateChangeCallback(callbackPtr));
     }
     ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID));
 }
@@ -995,7 +995,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallbac
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X
  */
-HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallback007, TestSize.Level1)
+HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallback007, TestSize.Level0)
 {
     static HapPolicyParams infoManagerTestPolicyPrams1 = {
         .apl = APL_NORMAL,
@@ -1016,7 +1016,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallbac
     callbackPtr->ready_ = false;
 
     int32_t res = AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr);
-    ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, res);
+    EXPECT_EQ(AccessTokenError::ERR_PARAM_INVALID, res);
 
     ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID));
 }
@@ -1027,7 +1027,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallbac
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X
  */
-HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallback008, TestSize.Level1)
+HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallback008, TestSize.Level0)
 {
     static HapPolicyParams infoManagerTestPolicyPrams1 = {
         .apl = APL_NORMAL,
@@ -1061,7 +1061,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallbac
 
     // tokenIDs size si 0,
     int32_t res = AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr1);
-    ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, res);
+    EXPECT_EQ(AccessTokenError::ERR_PARAM_INVALID, res);
 
     scopeInfo.tokenIDs = {tokenID, tokenID2};
     auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
@@ -1069,11 +1069,11 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallbac
 
     // tokenIDs size != 1
     res = AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr);
-    ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, res);
+    EXPECT_EQ(AccessTokenError::ERR_PARAM_INVALID, res);
 
     SetSelfTokenID(g_selfShellTokenId);
-    ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID));
-    ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID2));
+    EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID));
+    EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID2));
 }
 
 /**
@@ -1082,7 +1082,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallbac
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X
  */
-HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallback009, TestSize.Level1)
+HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallback009, TestSize.Level0)
 {
     static HapPolicyParams infoManagerTestPolicyPrams1 = {
         .apl = APL_NORMAL,
@@ -1106,11 +1106,11 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallbac
         if (i == MAX_CALLBACK_MAP_SIZE) { // 200 is the max size
             auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
             int32_t res = AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr);
-            ASSERT_EQ(AccessTokenError::ERR_CALLBACKS_EXCEED_LIMITATION, res);
+            EXPECT_EQ(AccessTokenError::ERR_CALLBACKS_EXCEED_LIMITATION, res);
             break;
         }
         auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
-        ASSERT_EQ(RET_SUCCESS, AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr));
+        EXPECT_EQ(RET_SUCCESS, AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr));
         callbackList.emplace_back(callbackPtr);
     }
     for (int32_t i = 0; i < MAX_CALLBACK_MAP_SIZE; i++) { // release 200 callback
@@ -1129,7 +1129,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallbac
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X
  */
-HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallback010, TestSize.Level1)
+HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallback010, TestSize.Level0)
 {
     int32_t res = AccessTokenKit::RegisterSelfPermStateChangeCallback(nullptr);
     ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, res);
diff --git a/interfaces/innerkits/accesstoken/test/unittest/RegisterCallbackTest/un_register_perm_state_change_callback_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/RegisterCallbackTest/un_register_perm_state_change_callback_test.cpp
index d3338ef368881f63e0b81766a2249fa60e8e5313..d2d5cd8214568758b6d4eb23a61325268ef91f39 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/RegisterCallbackTest/un_register_perm_state_change_callback_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/RegisterCallbackTest/un_register_perm_state_change_callback_test.cpp
@@ -19,7 +19,7 @@
 #include "access_token.h"
 #include "access_token_error.h"
 #include "accesstoken_common_log.h"
-#include "accesstoken_service_ipc_interface_code.h"
+#include "iaccess_token_manager.h"
 #include "hap_token_info.h"
 #include "nativetoken_kit.h"
 #include "permission_grant_info.h"
@@ -95,7 +95,7 @@ public:
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X
  */
-HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterPermStateChangeCallbackAbnormalTest001, TestSize.Level1)
+HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterPermStateChangeCallbackAbnormalTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "UnRegisterPermStateChangeCallbackAbnormalTest001");
     PermStateChangeScope scopeInfo;
@@ -114,7 +114,7 @@ HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterPermStateChangeCallbac
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X
  */
-HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterPermStateChangeCallbackSpecTest001, TestSize.Level1)
+HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterPermStateChangeCallbackSpecTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "UnRegisterPermStateChangeCallbackSpecTest001");
     PermStateChangeScope scopeInfo;
@@ -170,7 +170,7 @@ HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterPermStateChangeCallbac
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X
  */
-HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCallback001, TestSize.Level1)
+HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCallback001, TestSize.Level0)
 {
     static PermissionStateFull infoManagerTestStateA = {
         .permissionName = "ohos.permission.CAMERA",
@@ -198,7 +198,7 @@ HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCal
 
     SetSelfTokenID(tokenID);
     int32_t res = AccessTokenKit::UnRegisterSelfPermStateChangeCallback(callbackPtr);
-    ASSERT_EQ(AccessTokenError::ERR_INTERFACE_NOT_USED_TOGETHER, res);
+    EXPECT_EQ(AccessTokenError::ERR_INTERFACE_NOT_USED_TOGETHER, res);
 
     ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID));
     SetSelfTokenID(g_selfShellTokenId);
@@ -210,7 +210,7 @@ HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCal
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X
  */
-HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCallback002, TestSize.Level1)
+HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCallback002, TestSize.Level0)
 {
     static PermissionStateFull infoManagerTestStateA = {
         .permissionName = "ohos.permission.CAMERA",
@@ -238,13 +238,13 @@ HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCal
 
     SetSelfTokenID(tokenID);
     int32_t res = AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr);
-    ASSERT_EQ(RET_SUCCESS, res);
+    EXPECT_EQ(RET_SUCCESS, res);
     res = AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr);
-    ASSERT_EQ(AccessTokenError::ERR_CALLBACK_ALREADY_EXIST, res);
+    EXPECT_EQ(AccessTokenError::ERR_CALLBACK_ALREADY_EXIST, res);
     res = AccessTokenKit::UnRegisterSelfPermStateChangeCallback(callbackPtr);
-    ASSERT_EQ(RET_SUCCESS, res);
+    EXPECT_EQ(RET_SUCCESS, res);
     res = AccessTokenKit::UnRegisterSelfPermStateChangeCallback(callbackPtr);
-    ASSERT_EQ(AccessTokenError::ERR_INTERFACE_NOT_USED_TOGETHER, res);
+    EXPECT_EQ(AccessTokenError::ERR_INTERFACE_NOT_USED_TOGETHER, res);
     SetSelfTokenID(g_selfShellTokenId);
 
     ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID));
@@ -256,7 +256,7 @@ HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCal
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X
  */
-HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCallback003, TestSize.Level1)
+HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCallback003, TestSize.Level0)
 {
     static PermissionStateFull infoManagerTestStateA = {
         .permissionName = "ohos.permission.CAMERA",
@@ -284,25 +284,25 @@ HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCal
 
     SetSelfTokenID(tokenID);
     int32_t res = AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr);
-    ASSERT_EQ(RET_SUCCESS, res);
+    EXPECT_EQ(RET_SUCCESS, res);
 
     res = AccessTokenKit::UnRegisterSelfPermStateChangeCallback(callbackPtr);
-    ASSERT_EQ(RET_SUCCESS, res);
+    EXPECT_EQ(RET_SUCCESS, res);
     SetSelfTokenID(g_selfShellTokenId);
 
     callbackPtr->ready_ = false;
 
     res = TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2);
-    ASSERT_EQ(RET_SUCCESS, res);
+    EXPECT_EQ(RET_SUCCESS, res);
     usleep(500000); // 500000us = 0.5s
-    ASSERT_EQ(false, callbackPtr->ready_);
+    EXPECT_EQ(false, callbackPtr->ready_);
 
     callbackPtr->ready_ = false;
 
     res = TestCommon::RevokePermissionByTest(tokenID, "ohos.permission.CAMERA", 2);
-    ASSERT_EQ(RET_SUCCESS, res);
+    EXPECT_EQ(RET_SUCCESS, res);
     usleep(500000); // 500000us = 0.5s
-    ASSERT_EQ(false, callbackPtr->ready_);
+    EXPECT_EQ(false, callbackPtr->ready_);
 
     ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID));
 }
@@ -313,7 +313,7 @@ HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCal
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X
  */
-HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCallback004, TestSize.Level1)
+HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCallback004, TestSize.Level0)
 {
     static PermissionStateFull infoManagerTestStateA = {
         .permissionName = "ohos.permission.CAMERA",
@@ -348,25 +348,25 @@ HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCal
 
     SetSelfTokenID(tokenID);
     int32_t res = AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr);
-    ASSERT_EQ(RET_SUCCESS, res);
+    EXPECT_EQ(RET_SUCCESS, res);
 
     res = AccessTokenKit::UnRegisterSelfPermStateChangeCallback(callbackPtr);
-    ASSERT_EQ(RET_SUCCESS, res);
+    EXPECT_EQ(RET_SUCCESS, res);
     SetSelfTokenID(g_selfShellTokenId);
 
     callbackPtr->ready_ = false;
 
     res = TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2);
-    ASSERT_EQ(RET_SUCCESS, res);
+    EXPECT_EQ(RET_SUCCESS, res);
     usleep(500000); // 500000us = 0.5s
-    ASSERT_EQ(false, callbackPtr->ready_);
+    EXPECT_EQ(false, callbackPtr->ready_);
 
     callbackPtr->ready_ = false;
 
     res = TestCommon::RevokePermissionByTest(tokenID, "ohos.permission.CAMERA", 2);
-    ASSERT_EQ(RET_SUCCESS, res);
+    EXPECT_EQ(RET_SUCCESS, res);
     usleep(500000); // 500000us = 0.5s
-    ASSERT_EQ(false, callbackPtr->ready_);
+    EXPECT_EQ(false, callbackPtr->ready_);
 
     ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID));
 }
@@ -377,7 +377,7 @@ HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCal
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X
  */
-HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCallback005, TestSize.Level1)
+HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCallback005, TestSize.Level0)
 {
     static PermissionStateFull infoManagerTestStateA = {
         .permissionName = "ohos.permission.CAMERA",
@@ -405,27 +405,27 @@ HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCal
 
     SetSelfTokenID(tokenID);
     int32_t res = AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr);
-    ASSERT_EQ(RET_SUCCESS, res);
+    EXPECT_EQ(RET_SUCCESS, res);
     SetSelfTokenID(g_selfShellTokenId);
 
     SetSelfTokenID(tokenID);
     res = AccessTokenKit::UnRegisterSelfPermStateChangeCallback(callbackPtr);
-    ASSERT_EQ(RET_SUCCESS, res);
+    EXPECT_EQ(RET_SUCCESS, res);
     SetSelfTokenID(g_selfShellTokenId);
 
     callbackPtr->ready_ = false;
 
     res = TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2);
-    ASSERT_EQ(RET_SUCCESS, res);
+    EXPECT_EQ(RET_SUCCESS, res);
     usleep(500000); // 500000us = 0.5s
-    ASSERT_EQ(false, callbackPtr->ready_);
+    EXPECT_EQ(false, callbackPtr->ready_);
 
     callbackPtr->ready_ = false;
 
     res = TestCommon::RevokePermissionByTest(tokenID, "ohos.permission.CAMERA", 2);
-    ASSERT_EQ(RET_SUCCESS, res);
+    EXPECT_EQ(RET_SUCCESS, res);
     usleep(500000); // 500000us = 0.5s
-    ASSERT_EQ(false, callbackPtr->ready_);
+    EXPECT_EQ(false, callbackPtr->ready_);
 
     ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID));
 }
@@ -436,7 +436,7 @@ HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCal
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X
  */
-HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCallback006, TestSize.Level1)
+HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCallback006, TestSize.Level0)
 {
     static PermissionStateFull infoManagerTestStateA = {
         .permissionName = "ohos.permission.CAMERA",
@@ -470,28 +470,28 @@ HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCal
     callbackPtr->ready_ = false;
 
     SetSelfTokenID(tokenID);
-    ASSERT_EQ(RET_SUCCESS, AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr));
+    EXPECT_EQ(RET_SUCCESS, AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr));
 
-    ASSERT_EQ(RET_SUCCESS, AccessTokenKit::UnRegisterSelfPermStateChangeCallback(callbackPtr));
+    EXPECT_EQ(RET_SUCCESS, AccessTokenKit::UnRegisterSelfPermStateChangeCallback(callbackPtr));
     SetSelfTokenID(g_selfShellTokenId);
 
     callbackPtr->ready_ = false;
 
-    ASSERT_EQ(RET_SUCCESS, TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2));
+    EXPECT_EQ(RET_SUCCESS, TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2));
     usleep(500000); // 500000us = 0.5s
-    ASSERT_EQ(false, callbackPtr->ready_);
+    EXPECT_EQ(false, callbackPtr->ready_);
 
-    ASSERT_EQ(RET_SUCCESS, TestCommon::RevokePermissionByTest(tokenID, "ohos.permission.CAMERA", 2));
+    EXPECT_EQ(RET_SUCCESS, TestCommon::RevokePermissionByTest(tokenID, "ohos.permission.CAMERA", 2));
     usleep(500000); // 500000us = 0.5s
-    ASSERT_EQ(false, callbackPtr->ready_);
+    EXPECT_EQ(false, callbackPtr->ready_);
 
-    ASSERT_EQ(RET_SUCCESS, TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.DISTRIBUTED_DATASYNC", 2));
+    EXPECT_EQ(RET_SUCCESS, TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.DISTRIBUTED_DATASYNC", 2));
     usleep(500000); // 500000us = 0.5s
-    ASSERT_EQ(false, callbackPtr->ready_);
+    EXPECT_EQ(false, callbackPtr->ready_);
 
-    ASSERT_EQ(RET_SUCCESS, TestCommon::RevokePermissionByTest(tokenID, "ohos.permission.DISTRIBUTED_DATASYNC", 2));
+    EXPECT_EQ(RET_SUCCESS, TestCommon::RevokePermissionByTest(tokenID, "ohos.permission.DISTRIBUTED_DATASYNC", 2));
     usleep(500000); // 500000us = 0.5s
-    ASSERT_EQ(false, callbackPtr->ready_);
+    EXPECT_EQ(false, callbackPtr->ready_);
 
     ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID));
 }
@@ -502,7 +502,7 @@ HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCal
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X
  */
-HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCallback007, TestSize.Level1)
+HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCallback007, TestSize.Level0)
 {
     static PermissionStateFull infoManagerTestStateA = {
         .permissionName = "ohos.permission.CAMERA",
@@ -530,25 +530,25 @@ HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCal
 
     SetSelfTokenID(tokenID);
     int32_t res = AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr);
-    ASSERT_EQ(RET_SUCCESS, res);
+    EXPECT_EQ(RET_SUCCESS, res);
 
     res = AccessTokenKit::UnRegisterSelfPermStateChangeCallback(callbackPtr);
-    ASSERT_EQ(RET_SUCCESS, res);
+    EXPECT_EQ(RET_SUCCESS, res);
     SetSelfTokenID(g_selfShellTokenId);
 
     callbackPtr->ready_ = false;
 
     res = TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2);
-    ASSERT_EQ(RET_SUCCESS, res);
+    EXPECT_EQ(RET_SUCCESS, res);
     usleep(500000); // 500000us = 0.5s
-    ASSERT_EQ(false, callbackPtr->ready_);
+    EXPECT_EQ(false, callbackPtr->ready_);
 
     callbackPtr->ready_ = false;
 
     res = TestCommon::RevokePermissionByTest(tokenID, "ohos.permission.CAMERA", 2);
-    ASSERT_EQ(RET_SUCCESS, res);
+    EXPECT_EQ(RET_SUCCESS, res);
     usleep(500000); // 500000us = 0.5s
-    ASSERT_EQ(false, callbackPtr->ready_);
+    EXPECT_EQ(false, callbackPtr->ready_);
 
     ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID));
 }
diff --git a/interfaces/innerkits/accesstoken/test/unittest/SaTest/dump_token_info_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/SaTest/dump_token_info_test.cpp
index 7a32f46603fa2a0061f498829a2f04d236bac080..5f7ff2fbaf0a428940571cbf811db123431fc7d9 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/SaTest/dump_token_info_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/SaTest/dump_token_info_test.cpp
@@ -21,7 +21,7 @@
 #include "access_token.h"
 #include "access_token_error.h"
 #include "accesstoken_common_log.h"
-#include "accesstoken_service_ipc_interface_code.h"
+#include "iaccess_token_manager.h"
 #include "permission_grant_info.h"
 #include "permission_state_change_info_parcel.h"
 #include "string_ex.h"
@@ -98,7 +98,7 @@ HWTEST_F(DumpTokenInfoTest, DumpTokenInfoAbnormalTest001, TestSize.Level1)
     AtmToolsParamInfo info;
     info.tokenId = 123;
     AccessTokenKit::DumpTokenInfo(info, dumpInfo);
-    ASSERT_EQ("", dumpInfo);
+    EXPECT_EQ("", dumpInfo);
 
     setuid(g_selfUid);
     EXPECT_EQ(0, SetSelfTokenID(g_selfTokenId));
diff --git a/interfaces/innerkits/accesstoken/test/unittest/SaTest/get_native_token_id_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/SaTest/get_native_token_id_test.cpp
index 2f910f59b997db3f68a093197c08857f9af05169..9022d861f88250f51f260950920ea0a36b0a5f70 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/SaTest/get_native_token_id_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/SaTest/get_native_token_id_test.cpp
@@ -21,7 +21,7 @@
 #include "access_token.h"
 #include "access_token_error.h"
 #include "accesstoken_common_log.h"
-#include "accesstoken_service_ipc_interface_code.h"
+#include "iaccess_token_manager.h"
 #include "permission_grant_info.h"
 #include "permission_state_change_info_parcel.h"
 #include "string_ex.h"
@@ -64,7 +64,7 @@ void GetNativeTokenIdTest::TearDown()
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(GetNativeTokenIdTest, GetNativeTokenIdAbnormalTest001, TestSize.Level1)
+HWTEST_F(GetNativeTokenIdTest, GetNativeTokenIdAbnormalTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GetNativeTokenIdAbnormalTest001");
     std::string processName = "";
@@ -80,7 +80,7 @@ HWTEST_F(GetNativeTokenIdTest, GetNativeTokenIdAbnormalTest001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(GetNativeTokenIdTest, GetNativeTokenIdAbnormalTest002, TestSize.Level1)
+HWTEST_F(GetNativeTokenIdTest, GetNativeTokenIdAbnormalTest002, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GetNativeTokenIdAbnormalTest002");
     std::string processName = "hdcd";
@@ -102,7 +102,7 @@ HWTEST_F(GetNativeTokenIdTest, GetNativeTokenIdAbnormalTest002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(GetNativeTokenIdTest, GetNativeTokenIdAbnormalTest003, TestSize.Level1)
+HWTEST_F(GetNativeTokenIdTest, GetNativeTokenIdAbnormalTest003, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GetNativeTokenIdAbnormalTest003");
     int32_t gSelfUid = getuid();
@@ -122,7 +122,7 @@ HWTEST_F(GetNativeTokenIdTest, GetNativeTokenIdAbnormalTest003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(GetNativeTokenIdTest, GetNativeTokenIdFuncTest001, TestSize.Level1)
+HWTEST_F(GetNativeTokenIdTest, GetNativeTokenIdFuncTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GetNativeTokenIdFuncTest001");
     MockNativeToken mock("accesstoken_service");
@@ -142,7 +142,7 @@ HWTEST_F(GetNativeTokenIdTest, GetNativeTokenIdFuncTest001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(GetNativeTokenIdTest, GetNativeTokenIdFuncTest002, TestSize.Level1)
+HWTEST_F(GetNativeTokenIdTest, GetNativeTokenIdFuncTest002, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GetNativeTokenIdFuncTest002");
     std::string processName = "hdcd";
diff --git a/interfaces/innerkits/accesstoken/test/unittest/SaTest/get_native_token_info_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/SaTest/get_native_token_info_test.cpp
index ada8b705aa8a63d017b6d2809b8a3c79a3d1d1e9..b041dda302dbe6b0142912912db0a2f32c8e22e9 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/SaTest/get_native_token_info_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/SaTest/get_native_token_info_test.cpp
@@ -21,7 +21,7 @@
 #include "access_token.h"
 #include "access_token_error.h"
 #include "accesstoken_common_log.h"
-#include "accesstoken_service_ipc_interface_code.h"
+#include "iaccess_token_manager.h"
 #include "permission_grant_info.h"
 #include "permission_state_change_info_parcel.h"
 #include "string_ex.h"
@@ -93,7 +93,7 @@ void GetNativeTokenInfoTest::TearDown()
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(GetNativeTokenInfoTest, GeTokenInfoAbnormalTest001, TestSize.Level1)
+HWTEST_F(GetNativeTokenInfoTest, GeTokenInfoAbnormalTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GeTokenInfoAbnormalTest001");
     AccessTokenID tokenID = 0;
@@ -110,7 +110,7 @@ HWTEST_F(GetNativeTokenInfoTest, GeTokenInfoAbnormalTest001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(GetNativeTokenInfoTest, GetTokenInfoAbnormalTest002, TestSize.Level1)
+HWTEST_F(GetNativeTokenInfoTest, GetTokenInfoAbnormalTest002, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GetNativeTokenInfoAbnormalTest002");
     MockNativeToken mock("accesstoken_service");
@@ -137,7 +137,7 @@ HWTEST_F(GetNativeTokenInfoTest, GetTokenInfoAbnormalTest002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(GetNativeTokenInfoTest, GetTokenInfoAbnormalTest003, TestSize.Level1)
+HWTEST_F(GetNativeTokenInfoTest, GetTokenInfoAbnormalTest003, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GetNativeTokenInfoAbnormalTest002");
     g_selfUid = getuid();
@@ -159,7 +159,7 @@ HWTEST_F(GetNativeTokenInfoTest, GetTokenInfoAbnormalTest003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(GetNativeTokenInfoTest, GetNativeTokenInfoFuncTest001, TestSize.Level1)
+HWTEST_F(GetNativeTokenInfoTest, GetNativeTokenInfoFuncTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GetNativeTokenInfoFuncTest001");
     MockNativeToken mock("accesstoken_service");
diff --git a/interfaces/innerkits/accesstoken/test/unittest/SaTest/get_version_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/SaTest/get_version_test.cpp
index eb6c1343d7857bdd0a6abafecab8de5be25736fa..c0b9c2d5da3457f50f4c8eb7bc6aa6e2879133bd 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/SaTest/get_version_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/SaTest/get_version_test.cpp
@@ -19,7 +19,7 @@
 #include "access_token.h"
 #include "access_token_error.h"
 #include "accesstoken_common_log.h"
-#include "accesstoken_service_ipc_interface_code.h"
+#include "iaccess_token_manager.h"
 #include "hap_token_info.h"
 #include "nativetoken_kit.h"
 #include "permission_grant_info.h"
diff --git a/interfaces/innerkits/accesstoken/test/unittest/SecurityComponentTest/security_component_grant_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/SecurityComponentTest/security_component_grant_test.cpp
index 3f535fb8d36a73e0ca1c881391cb3b0b99951244..6dd48a605547dee41d8e641b73477e51a857684e 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/SecurityComponentTest/security_component_grant_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/SecurityComponentTest/security_component_grant_test.cpp
@@ -105,7 +105,7 @@ AccessTokenID SecurityComponentGrantTest::AllocTestToken() const
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest001, TestSize.Level1)
+HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest001, TestSize.Level0)
 {
     AccessTokenID tokenID = AllocTestToken();
     ASSERT_NE(tokenID, INVALID_TOKENID);
@@ -138,7 +138,7 @@ HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest001, TestSize.Lev
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest002, TestSize.Level1)
+HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest002, TestSize.Level0)
 {
     AccessTokenID tokenID = AllocTestToken();
     ASSERT_NE(tokenID, INVALID_TOKENID);
@@ -175,7 +175,7 @@ HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest002, TestSize.Lev
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest003, TestSize.Level1)
+HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest003, TestSize.Level0)
 {
     AccessTokenID tokenID = AllocTestToken();
     ASSERT_NE(tokenID, INVALID_TOKENID);
@@ -212,7 +212,7 @@ HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest003, TestSize.Lev
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest004, TestSize.Level1)
+HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest004, TestSize.Level0)
 {
     AccessTokenID tokenID = AllocTestToken();
     ASSERT_NE(tokenID, INVALID_TOKENID);
@@ -249,7 +249,7 @@ HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest004, TestSize.Lev
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest005, TestSize.Level1)
+HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest005, TestSize.Level0)
 {
     AccessTokenID tokenID = AllocTestToken();
     ASSERT_NE(tokenID, INVALID_TOKENID);
@@ -286,7 +286,7 @@ HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest005, TestSize.Lev
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest006, TestSize.Level1)
+HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest006, TestSize.Level0)
 {
     AccessTokenID tokenID = AllocTestToken();
     ASSERT_NE(tokenID, INVALID_TOKENID);
@@ -326,7 +326,7 @@ HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest006, TestSize.Lev
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest007, TestSize.Level1)
+HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest007, TestSize.Level0)
 {
     uint64_t selfToken = GetSelfTokenID();
     MockNativeToken mock("foundation");
@@ -377,7 +377,7 @@ HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest007, TestSize.Lev
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest008, TestSize.Level1)
+HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest008, TestSize.Level0)
 {
     AccessTokenID tokenID = AllocTestToken();
     ASSERT_NE(tokenID, INVALID_TOKENID);
@@ -428,7 +428,7 @@ public:
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest009, TestSize.Level1)
+HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest009, TestSize.Level0)
 {
     PermStateChangeScope scopeInfo9;
     scopeInfo9.permList = {TEST_PERMISSION};
@@ -481,7 +481,7 @@ HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest009, TestSize.Lev
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest010, TestSize.Level1)
+HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest010, TestSize.Level0)
 {
     PermStateChangeScope scopeInfo10;
     scopeInfo10.permList = {TEST_PERMISSION};
@@ -528,7 +528,7 @@ HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest010, TestSize.Lev
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest011, TestSize.Level1)
+HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest011, TestSize.Level0)
 {
     PermStateChangeScope scopeInfo;
     scopeInfo.permList = {TEST_PERMISSION_NOT_REQUESTED};
@@ -567,3 +567,46 @@ HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest011, TestSize.Lev
     res = TestCommon::DeleteTestHapToken(tokenID);
     ASSERT_EQ(res, RET_SUCCESS);
 }
+
+/**
+ * @tc.name: IsToastShownNeededTest001
+ * @tc.desc: test whether the security component need to show the toast.
+ * @tc.type: FUNC
+ * @tc.require:Issue Number
+ */
+HWTEST_F(SecurityComponentGrantTest, IsToastShownNeededTest001, TestSize.Level0)
+{
+    int32_t pid = 10;
+    MockNativeToken mock("security_component_service");
+    EXPECT_EQ(true, AccessTokenKit::IsToastShownNeeded(pid));
+    EXPECT_EQ(false, AccessTokenKit::IsToastShownNeeded(pid));
+}
+
+#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE
+/**
+ * @tc.name: RegisterSecCompEnhance001
+ * @tc.desc: AccessTokenKit:: function test register enhance data
+ * @tc.type: FUNC
+ * @tc.require: Issue Number
+ */
+HWTEST_F(SecurityComponentGrantTest, RegisterSecCompEnhance001, TestSize.Level0)
+{
+    SecCompEnhanceData data;
+    data.callback = nullptr;
+    data.challenge = 0;
+    data.seqNum = 0;
+    EXPECT_EQ(PrivacyError::ERR_WRITE_PARCEL_FAILED, AccessTokenKit::RegisterSecCompEnhance(data));
+
+    // StateChangeCallback is not the real callback of SecCompEnhance, but it does not effect the final result.
+    auto callbackPtr = std::make_shared<CbCustomizeTest4>();
+    data.callback = new (std::nothrow) StateChangeCallback(callbackPtr);
+    EXPECT_EQ(RET_SUCCESS, AccessTokenKit::RegisterSecCompEnhance(data));
+
+    MockNativeToken mock("security_component_service");
+    SecCompEnhanceData data1;
+    EXPECT_EQ(RET_SUCCESS, AccessTokenKit::GetSecCompEnhance(getpid(), data1));
+    EXPECT_NE(RET_SUCCESS, AccessTokenKit::GetSecCompEnhance(0, data1));
+    EXPECT_EQ(RET_SUCCESS, AccessTokenKit::UpdateSecCompEnhance(getpid(), 1));
+    EXPECT_NE(RET_SUCCESS, AccessTokenKit::UpdateSecCompEnhance(0, 1));
+}
+#endif
diff --git a/interfaces/innerkits/accesstoken/test/unittest/common/test_common.cpp b/interfaces/innerkits/accesstoken/test/unittest/common/test_common.cpp
index 93f0d22d4b9242a798b4025900195104f026e88c..bd50abdada05f3bacaf3e535c231befc74b9514d 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/common/test_common.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/common/test_common.cpp
@@ -336,25 +336,6 @@ int32_t TestCommon::RevokePermissionByTest(AccessTokenID tokenID, const std::str
     return AccessTokenKit::RevokePermission(tokenID, permission, flag);
 }
 
-uint64_t TestCommon::GetNativeToken(const char *processName, const char **perms, int32_t permNum)
-{
-    uint64_t tokenId;
-    NativeTokenInfoParams infoInstance = {
-        .dcapsNum = 0,
-        .permsNum = permNum,
-        .aclsNum = 0,
-        .dcaps = nullptr,
-        .perms = perms,
-        .acls = nullptr,
-        .aplStr = "system_core",
-        .processName = processName,
-    };
-
-    tokenId = GetAccessTokenId(&infoInstance);
-    AccessTokenKit::ReloadNativeTokenInfo();
-    return tokenId;
-}
-
 AccessTokenID TestCommon::GetNativeTokenIdFromProcess(const std::string &process)
 {
     uint64_t selfTokenId = GetSelfTokenID();
diff --git a/interfaces/innerkits/accesstoken/test/unittest/common/test_common.h b/interfaces/innerkits/accesstoken/test/unittest/common/test_common.h
index f58fb6bb4ed215132e89cd6e23bd12d69f7b3191..56d814aad4540a5b8d2782607ba36208ad671447 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/common/test_common.h
+++ b/interfaces/innerkits/accesstoken/test/unittest/common/test_common.h
@@ -66,8 +66,6 @@ public:
         HapPolicyParams& hapPolicy, AccessTokenIDEx& tokenIdEx);
     static AccessTokenIDEx AllocAndGrantHapTokenByTest(const HapInfoParams& info, HapPolicyParams& policy);
     static int32_t DeleteTestHapToken(AccessTokenID tokenID);
-    static void GetNativeTokenTest();
-    static uint64_t GetNativeToken(const char* processName, const char** perms, int32_t permNum);
     static AccessTokenID GetNativeTokenIdFromProcess(const std::string& process);
     static AccessTokenIDEx GetHapTokenIdFromBundle(
         int32_t userID, const std::string& bundleName, int32_t instIndex);
diff --git a/interfaces/innerkits/analysis_model/test/BUILD.gn b/interfaces/innerkits/analysis_model/test/BUILD.gn
index 365f5497e327bc00dc80440ec3ed5cee5d3cd0c8..d2141ee95360e58e967dc84fa85f986cbfa7cc19 100644
--- a/interfaces/innerkits/analysis_model/test/BUILD.gn
+++ b/interfaces/innerkits/analysis_model/test/BUILD.gn
@@ -15,9 +15,8 @@ import("//build/test.gni")
 import("../../../../access_token.gni")
 
 ohos_unittest("lib_code_signature_analysis_test") {
-  subsystem_name = "security"
-  part_name = "access_token"
-  module_out_path = part_name + "/" + part_name
+  subsystem_name = "accesscontrol"
+  module_out_path = module_output_path_unittest_accesstoken
   sanitize = {
     cfi = true
     cfi_cross_dso = true
diff --git a/interfaces/innerkits/nativetoken/include/nativetoken.h b/interfaces/innerkits/nativetoken/include/nativetoken.h
index 6c403e02ed59aa611fb6a07d638f32d9d96aec24..78ec21af5d3cae415f55ee1553403a96990d05e6 100644
--- a/interfaces/innerkits/nativetoken/include/nativetoken.h
+++ b/interfaces/innerkits/nativetoken/include/nativetoken.h
@@ -42,6 +42,7 @@ extern "C" {
 #define TOKEN_RANDOM_MASK ((1 << 20) - 1)
 #define MAX_RETRY_LOCK_TIMES 10
 #define SLEEP_TIME (500*1000)
+#define MAX_MALLOC_SIZE 8192
 
 #define ATRET_FAILED 1
 #define ATRET_SUCCESS 0
diff --git a/interfaces/innerkits/nativetoken/src/nativetoken.c b/interfaces/innerkits/nativetoken/src/nativetoken.c
index f1935c816dd3590414d3f64b9c0ca952b2ec2f9a..b1db39183f50ec9d772eeeed637d3458e8cc9c10 100644
--- a/interfaces/innerkits/nativetoken/src/nativetoken.c
+++ b/interfaces/innerkits/nativetoken/src/nativetoken.c
@@ -33,6 +33,7 @@
 
 NativeTokenList *g_tokenListHead;
 int32_t g_isNativeTokenInited = 0;
+const uint64_t g_nativeFdTag = 0xD005A01;
 
 int32_t GetFileBuff(const char *cfg, char **retBuff)
 {
@@ -247,12 +248,13 @@ static int32_t ClearOrCreateCfgFile(void)
         NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:open failed.", __func__);
         return ATRET_FAILED;
     }
+    fdsan_exchange_owner_tag(fd, 0, g_nativeFdTag);
 
 #ifdef WITH_SELINUX
     Restorecon(TOKEN_ID_CFG_FILE_PATH);
 #endif // WITH_SELINUX
 
-    close(fd);
+    fdsan_close_with_tag(fd, g_nativeFdTag);
     fd = -1;
 
     struct stat buf;
@@ -312,8 +314,9 @@ static int32_t GetRandomTokenId(uint32_t *randNum)
     if (fd < 0) {
         return ATRET_FAILED;
     }
+    fdsan_exchange_owner_tag(fd, 0, g_nativeFdTag);
     len = read(fd, &random, sizeof(random));
-    (void)close(fd);
+    fdsan_close_with_tag(fd, g_nativeFdTag);
 
     if (len != sizeof(random)) {
         NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:read failed.", __func__);
@@ -404,12 +407,13 @@ static void WriteToFile(const cJSON *root)
             NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:open failed.", __func__);
             break;
         }
+        fdsan_exchange_owner_tag(fd, 0, g_nativeFdTag);
         size_t strLen = strlen(jsonStr);
         ssize_t writtenLen = write(fd, (void *)jsonStr, (size_t)strLen);
         if (fsync(fd) != 0) {
             NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:fsync failed, errno is %d.", __func__, errno);
         }
-        close(fd);
+        fdsan_close_with_tag(fd, g_nativeFdTag);
         if (writtenLen < 0 || (size_t)writtenLen != strLen) {
             NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:write failed, writtenLen is %zu.", __func__, writtenLen);
             break;
@@ -703,6 +707,7 @@ static uint32_t LockNativeTokenFile(int32_t *lockFileFd)
             "[%s]: Failed to open native token file, errno is %d.", __func__, errno);
         return ATRET_FAILED;
     }
+    fdsan_exchange_owner_tag(fd, 0, g_nativeFdTag);
 #ifdef WITH_SELINUX
     Restorecon(TOKEN_ID_CFG_FILE_LOCK_PATH);
 #endif // WITH_SELINUX
@@ -723,7 +728,7 @@ static uint32_t LockNativeTokenFile(int32_t *lockFileFd)
         }
     }
     if (ret == -1) {
-        close(fd);
+        fdsan_close_with_tag(fd, g_nativeFdTag);
         return ATRET_FAILED;
     }
     *lockFileFd = fd;
@@ -742,7 +747,7 @@ static void UnlockNativeTokenFile(int32_t lockFileFd)
         NativeTokenKmsg(NATIVETOKEN_KERROR,
             "[%s]: Failed to unlock file, errno is %d.", __func__, errno);
     }
-    close(lockFileFd);
+    fdsan_close_with_tag(lockFileFd, g_nativeFdTag);
 }
 
 static uint32_t AddOrUpdateTokenInfo(NativeTokenInfoParams *tokenInfo, NativeTokenList *tokenNode,
diff --git a/interfaces/innerkits/nativetoken/src/nativetoken_json_oper.c b/interfaces/innerkits/nativetoken/src/nativetoken_json_oper.c
index 0288d6adca07af233a59f6ae46e9217be6242cdb..3108c96a844779319c5dc4b8fb4eea43a91f749c 100644
--- a/interfaces/innerkits/nativetoken/src/nativetoken_json_oper.c
+++ b/interfaces/innerkits/nativetoken/src/nativetoken_json_oper.c
@@ -90,7 +90,7 @@ uint32_t GetInfoArrFromJson(cJSON *cjsonItem, char **strArr[], int32_t *strNum,
 {
     cJSON *strArrJson = cJSON_GetObjectItem(cjsonItem, attr->strKey);
     int32_t size = cJSON_GetArraySize(strArrJson);
-    if (size > attr->maxStrNum) {
+    if (size > MAX_MALLOC_SIZE) {
         NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:size = %d is invalid.", __func__, size);
         return ATRET_FAILED;
     }
diff --git a/interfaces/innerkits/nativetoken/src/nativetoken_klog.c b/interfaces/innerkits/nativetoken/src/nativetoken_klog.c
index 0cc6d81e6ff61efe076b62954e01a7b6aac466cf..f4962b7a7417a8eea45b0134e9f2a4bac5ea056a 100644
--- a/interfaces/innerkits/nativetoken/src/nativetoken_klog.c
+++ b/interfaces/innerkits/nativetoken/src/nativetoken_klog.c
@@ -15,6 +15,7 @@
 
 #include "nativetoken_klog.h"
 #include <fcntl.h>
+#include <stdio.h>
 #include <unistd.h>
 #include "securec.h"
 
@@ -28,12 +29,15 @@ static const char *LOG_LEVEL_STR[] = {"ERROR", "WARNING", "INFO"};
 #endif
 
 static int g_fd = -1;
+const uint64_t g_nativeKmsgFdTag = 0xD005A01;
+
 static void NativeTokenOpenLogDevice(void)
 {
     int fd = open("/dev/kmsg", O_WRONLY | O_CLOEXEC);
     if (fd >= 0) {
         g_fd = fd;
     }
+    fdsan_exchange_owner_tag(g_fd, 0, g_nativeKmsgFdTag);
     return;
 }
 
@@ -52,7 +56,7 @@ int NativeTokenKmsg(int logLevel, const char *fmt, ...)
     va_start(vargs, fmt);
     char tmpFmt[MAX_LOG_SIZE];
     if (vsnprintf_s(tmpFmt, MAX_LOG_SIZE, MAX_LOG_SIZE - 1, fmt, vargs) == -1) {
-        close(g_fd);
+        fdsan_close_with_tag(g_fd, g_nativeKmsgFdTag);
         g_fd = -1;
         va_end(vargs);
         return -1;
@@ -62,7 +66,7 @@ int NativeTokenKmsg(int logLevel, const char *fmt, ...)
     int res = snprintf_s(logInfo, MAX_LOG_SIZE, MAX_LOG_SIZE - 1, "[pid=%d][%s][%s] %s",
         getpid(), "access_token", LOG_LEVEL_STR[logLevel], tmpFmt);
     if (res == -1) {
-        close(g_fd);
+        fdsan_close_with_tag(g_fd, g_nativeKmsgFdTag);
         g_fd = -1;
         va_end(vargs);
         return -1;
@@ -70,7 +74,7 @@ int NativeTokenKmsg(int logLevel, const char *fmt, ...)
     va_end(vargs);
 
     if (write(g_fd, logInfo, strlen(logInfo)) < 0) {
-        close(g_fd);
+        fdsan_close_with_tag(g_fd, g_nativeKmsgFdTag);
         g_fd = -1;
     }
     return 0;
diff --git a/interfaces/innerkits/nativetoken/test/BUILD.gn b/interfaces/innerkits/nativetoken/test/BUILD.gn
index 641453b0aa03c0dd36ad71673bf098aaaf0b6fa5..4b3ce9e2835a04b98cc873e3666660bf758aaf1b 100644
--- a/interfaces/innerkits/nativetoken/test/BUILD.gn
+++ b/interfaces/innerkits/nativetoken/test/BUILD.gn
@@ -15,9 +15,8 @@ import("//build/test.gni")
 import("../../../../access_token.gni")
 
 ohos_unittest("libnativetoken_test") {
-  subsystem_name = "security"
-  part_name = "access_token"
-  module_out_path = part_name + "/" + part_name
+  subsystem_name = "accesscontrol"
+  module_out_path = module_output_path_unittest_accesstoken
   sanitize = {
     cfi = true
     cfi_cross_dso = true
@@ -44,9 +43,8 @@ ohos_unittest("libnativetoken_test") {
 }
 
 ohos_unittest("libnativetoken_mock_test") {
-  subsystem_name = "security"
-  part_name = "access_token"
-  module_out_path = part_name + "/" + part_name
+  subsystem_name = "accesscontrol"
+  module_out_path = module_output_path_unittest_accesstoken
   sanitize = {
     cfi = true
     cfi_cross_dso = true
diff --git a/interfaces/innerkits/nativetoken/test/unittest/mock/nativetoken_oper_test.cpp b/interfaces/innerkits/nativetoken/test/unittest/mock/nativetoken_oper_test.cpp
index ef6f8bf9699c655966acf6ad160b4adf5206d19e..b88a09059b6281b35c5f1beb99dbc53e0ae06f93 100644
--- a/interfaces/innerkits/nativetoken/test/unittest/mock/nativetoken_oper_test.cpp
+++ b/interfaces/innerkits/nativetoken/test/unittest/mock/nativetoken_oper_test.cpp
@@ -122,7 +122,7 @@ static void CopyNativeTokenJson(const std::string& sourceFileName, const std::st
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenOperTest, UpdateGoalItemFromRecord001, TestSize.Level1)
+HWTEST_F(TokenOperTest, UpdateGoalItemFromRecord001, TestSize.Level0)
 {
     SetTimes();
     NativeTokenList tokenNode;
@@ -149,7 +149,7 @@ HWTEST_F(TokenOperTest, UpdateGoalItemFromRecord001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenOperTest, UpdateItemcontent001, TestSize.Level1)
+HWTEST_F(TokenOperTest, UpdateItemcontent001, TestSize.Level0)
 {
     SetTimes();
     g_createNumberTime = DEFAULT_TIME;
@@ -178,7 +178,7 @@ HWTEST_F(TokenOperTest, UpdateItemcontent001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenOperTest, UpdateItemcontent002, TestSize.Level1)
+HWTEST_F(TokenOperTest, UpdateItemcontent002, TestSize.Level0)
 {
     SetTimes();
     NativeTokenList tokenNode;
@@ -216,7 +216,7 @@ HWTEST_F(TokenOperTest, UpdateItemcontent002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenOperTest, UpdateItemcontent003, TestSize.Level1)
+HWTEST_F(TokenOperTest, UpdateItemcontent003, TestSize.Level0)
 {
     SetTimes();
     NativeTokenList tokenNode;
@@ -267,7 +267,7 @@ HWTEST_F(TokenOperTest, UpdateItemcontent003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenOperTest, UpdateItemcontent004, TestSize.Level1)
+HWTEST_F(TokenOperTest, UpdateItemcontent004, TestSize.Level0)
 {
     SetTimes();
     NativeTokenList tokenNode;
@@ -325,7 +325,7 @@ HWTEST_F(TokenOperTest, UpdateItemcontent004, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenOperTest, CreateNativeTokenJsonObject001, TestSize.Level1)
+HWTEST_F(TokenOperTest, CreateNativeTokenJsonObject001, TestSize.Level0)
 {
     SetTimes();
     NativeTokenList tokenNode;
@@ -394,7 +394,7 @@ HWTEST_F(TokenOperTest, CreateNativeTokenJsonObject001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenOperTest, CreateNativeTokenJsonObject002, TestSize.Level1)
+HWTEST_F(TokenOperTest, CreateNativeTokenJsonObject002, TestSize.Level0)
 {
     SetTimes();
     NativeTokenList tokenNode;
@@ -434,7 +434,7 @@ HWTEST_F(TokenOperTest, CreateNativeTokenJsonObject002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenOperTest, GetNativeTokenFromJson001, TestSize.Level1)
+HWTEST_F(TokenOperTest, GetNativeTokenFromJson001, TestSize.Level0)
 {
     SetTimes();
     EXPECT_EQ(IsFileEmpty(TOKEN_ID_CFG_FILE_PATH), false);
@@ -511,7 +511,7 @@ static int32_t Start(const char *processName)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenOperTest, GetInfoArrFromJson001, TestSize.Level1)
+HWTEST_F(TokenOperTest, GetInfoArrFromJson001, TestSize.Level0)
 {
     SetTimes();
     CopyNativeTokenJson(TOKEN_ID_CFG_FILE_PATH, TOKEN_ID_CFG_FILE_COPY_PATH);
@@ -547,7 +547,7 @@ HWTEST_F(TokenOperTest, GetInfoArrFromJson001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenOperTest, RemoveNodeFromList001, TestSize.Level1)
+HWTEST_F(TokenOperTest, RemoveNodeFromList001, TestSize.Level0)
 {
     CopyNativeTokenJson(TOKEN_ID_CFG_FILE_PATH, TOKEN_ID_CFG_FILE_COPY_PATH);
     AtlibInit();
diff --git a/interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_kit_test.cpp b/interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_kit_test.cpp
index ddb70a17af9723e2e6864abced5643ddb7f01a57..931819f74fedaf0bc6b8c3260d6d45128a49f521 100644
--- a/interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_kit_test.cpp
+++ b/interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_kit_test.cpp
@@ -189,7 +189,7 @@ int32_t Start(const char *processName)
  * @tc.type: FUNC
  * @tc.require:AR000GK6TD
  */
-HWTEST_F(TokenLibKitTest, GetAccessTokenId001, TestSize.Level1)
+HWTEST_F(TokenLibKitTest, GetAccessTokenId001, TestSize.Level0)
 {
     const char **dcaps = new (std::nothrow) const char *[2];
     ASSERT_NE(dcaps, nullptr);
@@ -246,7 +246,7 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:AR000GK6TD
  */
-HWTEST_F(TokenLibKitTest, GetAccessTokenId002, TestSize.Level1)
+HWTEST_F(TokenLibKitTest, GetAccessTokenId002, TestSize.Level0)
 {
     const char **dcaps = new (std::nothrow) const char *[32];
     ASSERT_NE(dcaps, nullptr);
@@ -301,7 +301,7 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:AR000GK6TD
  */
-HWTEST_F(TokenLibKitTest, GetAccessTokenId003, TestSize.Level1)
+HWTEST_F(TokenLibKitTest, GetAccessTokenId003, TestSize.Level0)
 {
     const char **dcaps = new (std::nothrow) const char *[2];
     ASSERT_NE(dcaps, nullptr);
@@ -367,7 +367,7 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:AR000GK6TD
  */
-HWTEST_F(TokenLibKitTest, GetAccessTokenId004, TestSize.Level1)
+HWTEST_F(TokenLibKitTest, GetAccessTokenId004, TestSize.Level0)
 {
     const char **dcaps = new (std::nothrow) const char *[2];
     ASSERT_NE(dcaps, nullptr);
@@ -401,7 +401,7 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId004, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:AR000GK6TD
  */
-HWTEST_F(TokenLibKitTest, GetAccessTokenId005, TestSize.Level1)
+HWTEST_F(TokenLibKitTest, GetAccessTokenId005, TestSize.Level0)
 {
     uint64_t tokenId01 = Start("GetAccessTokenId005");
     ASSERT_NE(tokenId01, 0);
@@ -418,7 +418,7 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId005, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:AR000GK6TD
  */
-HWTEST_F(TokenLibKitTest, GetAccessTokenId006, TestSize.Level1)
+HWTEST_F(TokenLibKitTest, GetAccessTokenId006, TestSize.Level0)
 {
     uint64_t tokenID;
     tokenID = Start("GetAccessTokenId006");
@@ -439,7 +439,7 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId006, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:AR000GK6TD
  */
-HWTEST_F(TokenLibKitTest, GetAccessTokenId007, TestSize.Level1)
+HWTEST_F(TokenLibKitTest, GetAccessTokenId007, TestSize.Level0)
 {
     const char **perms = new (std::nothrow) const char *[MAX_PERM_NUM];
     ASSERT_NE(perms, nullptr);
@@ -493,7 +493,7 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId007, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:AR000GK6TD
  */
-HWTEST_F(TokenLibKitTest, GetAccessTokenId008, TestSize.Level1)
+HWTEST_F(TokenLibKitTest, GetAccessTokenId008, TestSize.Level0)
 {
     const char **dcaps = new (std::nothrow) const char *[2];
     ASSERT_NE(dcaps, nullptr);
@@ -534,7 +534,7 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId008, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:AR000GK6TD
  */
-HWTEST_F(TokenLibKitTest, GetAccessTokenId009, TestSize.Level1)
+HWTEST_F(TokenLibKitTest, GetAccessTokenId009, TestSize.Level0)
 {
     const char **perms = new (std::nothrow) const char *[2];
     ASSERT_NE(perms, nullptr);
@@ -599,7 +599,7 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId009, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:AR000GK6TD
  */
-HWTEST_F(TokenLibKitTest, GetAccessTokenId010, TestSize.Level1)
+HWTEST_F(TokenLibKitTest, GetAccessTokenId010, TestSize.Level0)
 {
     char processName[200][MAX_PROCESS_NAME_LEN];
     /* enable 200 process before fondation is prepared */
@@ -629,7 +629,7 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId010, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:AR000GK6TD
  */
-HWTEST_F(TokenLibKitTest, GetAccessTokenId011, TestSize.Level1)
+HWTEST_F(TokenLibKitTest, GetAccessTokenId011, TestSize.Level0)
 {
     Start("process1");
     Start("process2");
@@ -661,7 +661,7 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId011, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:AR000H09K6
  */
-HWTEST_F(TokenLibKitTest, GetAccessTokenId012, TestSize.Level1)
+HWTEST_F(TokenLibKitTest, GetAccessTokenId012, TestSize.Level0)
 {
     const char **dcaps = new (std::nothrow) const char *[2];
     ASSERT_NE(dcaps, nullptr);
@@ -699,7 +699,7 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId012, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:AR000H09K6
  */
-HWTEST_F(TokenLibKitTest, GetAccessTokenId013, TestSize.Level1)
+HWTEST_F(TokenLibKitTest, GetAccessTokenId013, TestSize.Level0)
 {
     const char **acls = new (std::nothrow) const char *[2];
     ASSERT_NE(acls, nullptr);
@@ -806,7 +806,7 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId014, TestSize.Level0)
  * @tc.type: FUNC
  * @tc.require:AR000H09K6
  */
-HWTEST_F(TokenLibKitTest, GetAccessTokenId015, TestSize.Level1)
+HWTEST_F(TokenLibKitTest, GetAccessTokenId015, TestSize.Level0)
 {
     const char **perms = new (std::nothrow) const char *[MAX_PERM_NUM + 1];
     ASSERT_NE(perms, nullptr);
diff --git a/interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_oper_test.cpp b/interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_oper_test.cpp
index abc3a6258ca9ac301cf1a29b50e3c017a3007429..34821f6933962af4597302bb6f8d6a3c83a8c4fe 100644
--- a/interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_oper_test.cpp
+++ b/interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_oper_test.cpp
@@ -43,7 +43,7 @@ void TokenOperTest::TearDown()
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenOperTest, FreeStrArray001, TestSize.Level1)
+HWTEST_F(TokenOperTest, FreeStrArray001, TestSize.Level0)
 {
     const int32_t testSize = 2; // 2 means test size
     char **test = reinterpret_cast<char **>(malloc(sizeof(char *) * testSize));
@@ -71,7 +71,7 @@ HWTEST_F(TokenOperTest, FreeStrArray001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenOperTest, GetProcessNameFromJson001, TestSize.Level1)
+HWTEST_F(TokenOperTest, GetProcessNameFromJson001, TestSize.Level0)
 {
     NativeTokenList tokenNode;
     std::string stringJson1 = R"()"\
@@ -109,7 +109,7 @@ HWTEST_F(TokenOperTest, GetProcessNameFromJson001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenOperTest, GetTokenIdFromJson001, TestSize.Level1)
+HWTEST_F(TokenOperTest, GetTokenIdFromJson001, TestSize.Level0)
 {
     NativeTokenList tokenNode;
     const char *stringJson1 = "{\"processName\":\"partitionslot_host\","
@@ -140,7 +140,7 @@ HWTEST_F(TokenOperTest, GetTokenIdFromJson001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenOperTest, GetAplFromJson001, TestSize.Level1)
+HWTEST_F(TokenOperTest, GetAplFromJson001, TestSize.Level0)
 {
     NativeTokenList tokenNode;
     const char *stringJson1 = "{\"APL\":2}";
@@ -175,7 +175,7 @@ HWTEST_F(TokenOperTest, GetAplFromJson001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenOperTest, GetInfoArrFromJson001, TestSize.Level1)
+HWTEST_F(TokenOperTest, GetInfoArrFromJson001, TestSize.Level0)
 {
     const int32_t testSize = 2;
     int32_t resSize;
@@ -188,7 +188,7 @@ HWTEST_F(TokenOperTest, GetInfoArrFromJson001, TestSize.Level1)
         "\"dcaps\":[\"DCAPS_AT\",\"DCAPS_AT\", \"DCAPS_AT\",\"DCAPS_AT\"],"
         "\"permissions\":[],\"nativeAcls\":[]}";
     cJSON* jsonroot = cJSON_Parse(stringJson1);
-    EXPECT_NE(GetInfoArrFromJson(jsonroot, &test, &resSize, &attr), 0);
+    EXPECT_EQ(GetInfoArrFromJson(jsonroot, &test, &resSize, &attr), 0);
     cJSON_Delete(jsonroot);
 
     stringJson1 = "{\"processName\":\"partitionslot_host\","
@@ -214,7 +214,7 @@ HWTEST_F(TokenOperTest, GetInfoArrFromJson001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenOperTest, UpdateGoalItemFromRecord001, TestSize.Level1)
+HWTEST_F(TokenOperTest, UpdateGoalItemFromRecord001, TestSize.Level0)
 {
     NativeTokenList tokenNode;
 
diff --git a/interfaces/innerkits/privacy/BUILD.gn b/interfaces/innerkits/privacy/BUILD.gn
index 1b1c41ad0a5461d716ed2cd5b95eca43b8e9a2c3..b0604152e1aca90e84bdfd8d2feb1aa8e5c1305e 100644
--- a/interfaces/innerkits/privacy/BUILD.gn
+++ b/interfaces/innerkits/privacy/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2022-2023 Huawei Device Co., Ltd.
+# Copyright (c) 2022-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -36,7 +36,10 @@ if (is_standard_system) {
 
     output_name = "libprivacy_sdk"
 
-    public_configs = [ ":pricacy" ]
+    public_configs = [
+      ":pricacy",
+      "${access_token_path}/services/privacymanager:privacy_manager_gen_config",
+    ]
 
     include_dirs = [
       "${access_token_path}/frameworks/privacy/include",
@@ -54,7 +57,6 @@ if (is_standard_system) {
       "src/privacy_death_recipient.cpp",
       "src/privacy_kit.cpp",
       "src/privacy_manager_client.cpp",
-      "src/privacy_manager_proxy.cpp",
       "src/state_change_callback.cpp",
       "src/state_change_callback_stub.cpp",
       "src/state_customized_cbk.cpp",
@@ -64,6 +66,7 @@ if (is_standard_system) {
       "${access_token_path}/frameworks/common:accesstoken_common_cxx",
       "${access_token_path}/frameworks/privacy:privacy_communication_adapter_cxx",
       "${access_token_path}/services/common/proxy_death:proxy_death_stub",
+      "${access_token_path}/services/privacymanager:privacy_manager_proxy",
     ]
 
     configs = [
@@ -83,10 +86,6 @@ if (is_standard_system) {
       "-DDEBUG_API_PERFORMANCE",
     ]
 
-    if (security_component_enhance_enable == true) {
-      cflags_cc += [ "-DSECURITY_COMPONENT_ENHANCE_ENABLE" ]
-    }
-
     if (build_variant == "user") {
       cflags_cc += [ "-DATM_BUILD_VARIANT_USER_ENABLE" ]
     }
diff --git a/interfaces/innerkits/privacy/include/active_change_response_info.h b/interfaces/innerkits/privacy/include/active_change_response_info.h
index b8a148965d3522248339beb1d588fa7c08b9400b..ef6d349f097676c932c2da308b827df7be09504f 100644
--- a/interfaces/innerkits/privacy/include/active_change_response_info.h
+++ b/interfaces/innerkits/privacy/include/active_change_response_info.h
@@ -51,7 +51,7 @@ enum ActiveChangeType {
     PERM_INACTIVE = 0,
     PERM_ACTIVE_IN_FOREGROUND = 1,
     PERM_ACTIVE_IN_BACKGROUND = 2,
-    PERM_TEMPORARY_CALL,
+    PERM_TEMPORARY_CALL = 3,
 };
 
 /**
diff --git a/interfaces/innerkits/privacy/include/privacy_error.h b/interfaces/innerkits/privacy/include/privacy_error.h
index d1b622338bdd35cf4ee89ac152f0d843936b7a8d..dc98690a6da70cad9eceb7b06892bbdc704ec030 100644
--- a/interfaces/innerkits/privacy/include/privacy_error.h
+++ b/interfaces/innerkits/privacy/include/privacy_error.h
@@ -63,8 +63,8 @@ enum PrivacyError {
     ERR_EDM_POLICY_CHECK_FAILED,
     ERR_PRIVACY_POLICY_CHECK_FAILED,
     ERR_REMOTE_CONNECTION,
-    ERR_ADD_DEATH_RECIPIENT_FAILED,
     ERR_FIRST_CALLER_NOT_EDM,
+    ERR_ADD_DEATH_RECIPIENT_FAILED,
     PRIVACY_TOGGELE_RESTRICTED,
 };
 } // namespace AccessToken
diff --git a/interfaces/innerkits/privacy/include/privacy_kit.h b/interfaces/innerkits/privacy/include/privacy_kit.h
index 0cd8b415280e7273eea68785143fd898c96eb76d..e2bbc7821a2802df6b531d273a72c5698c2d7a82 100644
--- a/interfaces/innerkits/privacy/include/privacy_kit.h
+++ b/interfaces/innerkits/privacy/include/privacy_kit.h
@@ -45,9 +45,6 @@
 #include "permission_used_type_info.h"
 #include "perm_active_status_customized_cbk.h"
 #include "privacy_param.h"
-#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE
-#include "sec_comp_enhance_data.h"
-#endif
 #include "state_customized_cbk.h"
 
 namespace OHOS {
@@ -157,36 +154,6 @@ public:
      */
     static bool IsAllowedUsingPermission(AccessTokenID tokenID, const std::string& permissionName, int32_t pid = -1);
 
-#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE
-    /**
-     * @brief Register security component enhance data when security component service did not start
-     * @param enhance enhance data
-     * @return error code, see privacy_error.h
-     */
-    static int32_t RegisterSecCompEnhance(const SecCompEnhanceData& enhance);
-    /**
-     * @brief update security component enhance data
-     * @param pid process id
-     * @param seqNum sequence number
-     * @return error code, see privacy_error.h
-     */
-    static int32_t UpdateSecCompEnhance(int32_t pid, uint32_t seqNum);
-    /**
-     * @brief get security component enhance data
-     * @param pid process id
-     * @param enhance enhance data
-     * @return error code, see privacy_error.h
-     */
-    static int32_t GetSecCompEnhance(int32_t pid, SecCompEnhanceData& enhance);
-    /**
-     * @brief get special security component enhance data
-     * @param bundleName bundle name
-     * @param enhanceList enhance data
-     * @return error code, see privacy_error.h
-     */
-    static int32_t GetSpecialSecCompEnhance(const std::string& bundleName,
-        std::vector<SecCompEnhanceData>& enhanceList);
-#endif
     /**
      * @brief query permission used type.
      * @param tokenId token id, if 0 return all tokenIds
diff --git a/interfaces/innerkits/privacy/libprivacy_sdk.map b/interfaces/innerkits/privacy/libprivacy_sdk.map
index f99cde5012102c72776d2bf4941971fcdc5f1b54..96392941a92eed3c2d35f3951670a05a64f6ab68 100644
--- a/interfaces/innerkits/privacy/libprivacy_sdk.map
+++ b/interfaces/innerkits/privacy/libprivacy_sdk.map
@@ -31,10 +31,6 @@
       "OHOS::Security::AccessToken::PrivacyKit::StartUsingPermission(unsigned int, std::__h::basic_string<char, std::__h::char_traits<char>, std::__h::allocator<char>> const&, std::__h::shared_ptr<OHOS::Security::AccessToken::StateCustomizedCbk> const&, int, OHOS::Security::AccessToken::PermissionUsedTypeValue)";
       "OHOS::Security::AccessToken::PrivacyKit::GetPermissionUsedRecords(OHOS::Security::AccessToken::PermissionUsedRequest const&, OHOS::sptr<OHOS::Security::AccessToken::OnPermissionUsedRecordCallback> const&)";
       "OHOS::Security::AccessToken::PrivacyKit::IsAllowedUsingPermission(unsigned int, std::__h::basic_string<char, std::__h::char_traits<char>, std::__h::allocator<char>> const&, int)";
-      "OHOS::Security::AccessToken::PrivacyKit::RegisterSecCompEnhance(OHOS::Security::AccessToken::SecCompEnhanceData const&)";
-      "OHOS::Security::AccessToken::PrivacyKit::UpdateSecCompEnhance(int, unsigned int)";
-      "OHOS::Security::AccessToken::PrivacyKit::GetSecCompEnhance(int, OHOS::Security::AccessToken::SecCompEnhanceData&)";
-      "OHOS::Security::AccessToken::PrivacyKit::GetSpecialSecCompEnhance(std::__h::basic_string<char, std::__h::char_traits<char>, std::__h::allocator<char>> const&, std::__h::vector<OHOS::Security::AccessToken::SecCompEnhanceData, std::__h::allocator<OHOS::Security::AccessToken::SecCompEnhanceData>>&)";
       "OHOS::Security::AccessToken::StateCustomizedCbk::~StateCustomizedCbk()";
       "OHOS::Security::AccessToken::OnPermissionUsedRecordCallbackStub::OnRemoteRequest(unsigned int, OHOS::MessageParcel&, OHOS::MessageParcel&, OHOS::MessageOption&)";
       "OHOS::Security::AccessToken::PrivacyManagerClient::GetInstance()";
diff --git a/interfaces/innerkits/privacy/src/privacy_kit.cpp b/interfaces/innerkits/privacy/src/privacy_kit.cpp
index 5f796a8546e2539443973fa5057ce9eff2f102ca..786a9812b765726bbd9be60b55dc75241f31fcda 100644
--- a/interfaces/innerkits/privacy/src/privacy_kit.cpp
+++ b/interfaces/innerkits/privacy/src/privacy_kit.cpp
@@ -215,30 +215,6 @@ bool PrivacyKit::IsAllowedUsingPermission(AccessTokenID tokenID, const std::stri
     return PrivacyManagerClient::GetInstance().IsAllowedUsingPermission(tokenID, permissionName, pid);
 }
 
-#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE
-int32_t PrivacyKit::RegisterSecCompEnhance(const SecCompEnhanceData& enhance)
-{
-    return PrivacyManagerClient::GetInstance().RegisterSecCompEnhance(enhance);
-}
-
-int32_t PrivacyKit::UpdateSecCompEnhance(int32_t pid, uint32_t seqNum)
-{
-    return PrivacyManagerClient::GetInstance().UpdateSecCompEnhance(pid, seqNum);
-}
-
-int32_t PrivacyKit::GetSecCompEnhance(int32_t pid, SecCompEnhanceData& enhance)
-{
-    return PrivacyManagerClient::GetInstance().GetSecCompEnhance(pid, enhance);
-}
-
-int32_t PrivacyKit::GetSpecialSecCompEnhance(const std::string& bundleName,
-    std::vector<SecCompEnhanceData>& enhanceList)
-{
-    return PrivacyManagerClient::GetInstance().
-        GetSpecialSecCompEnhance(bundleName, enhanceList);
-}
-#endif
-
 int32_t PrivacyKit::GetPermissionUsedTypeInfos(const AccessTokenID tokenId, const std::string& permissionName,
     std::vector<PermissionUsedTypeInfo>& results)
 {
diff --git a/interfaces/innerkits/privacy/src/privacy_manager_client.cpp b/interfaces/innerkits/privacy/src/privacy_manager_client.cpp
index b3ecd9fa4aac327e39f641c89584740c04d7ca3d..2b59b1da16ff9dea5876fe47e2d38019171245c5 100644
--- a/interfaces/innerkits/privacy/src/privacy_manager_client.cpp
+++ b/interfaces/innerkits/privacy/src/privacy_manager_client.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2022-2023 Huawei Device Co., Ltd.
+ * Copyright (c) 2022-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -19,9 +19,6 @@
 #include "iservice_registry.h"
 #include "privacy_error.h"
 #include "privacy_manager_proxy.h"
-#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE
-#include "sec_comp_enhance_data_parcel.h"
-#endif
 
 namespace OHOS {
 namespace Security {
@@ -30,6 +27,7 @@ namespace {
 const static int32_t MAX_CALLBACK_SIZE = 200;
 const static int32_t MAX_PERM_LIST_SIZE = 1024;
 constexpr const char* CAMERA_PERMISSION_NAME = "ohos.permission.CAMERA";
+static const int32_t SA_ID_PRIVACY_MANAGER_SERVICE = 3505;
 std::recursive_mutex g_instanceMutex;
 } // namespace
 
@@ -56,6 +54,21 @@ PrivacyManagerClient::~PrivacyManagerClient()
     ReleaseProxy();
 }
 
+static int32_t ConvertResult(int32_t ret)
+{
+    switch (ret) {
+        case ERR_INVALID_DATA:
+            ret = ERR_WRITE_PARCEL_FAILED;
+            break;
+        case ERR_TRANSACTION_FAILED:
+            ret = ERR_SERVICE_ABNORMAL;
+            break;
+        default:
+            return ret;
+    }
+    return ret;
+}
+
 int32_t PrivacyManagerClient::AddPermissionUsedRecord(const AddPermParamInfo& info, bool asyncMode)
 {
     auto proxy = GetProxy();
@@ -65,7 +78,13 @@ int32_t PrivacyManagerClient::AddPermissionUsedRecord(const AddPermParamInfo& in
     }
     AddPermParamInfoParcel infoParcel;
     infoParcel.info = info;
-    return proxy->AddPermissionUsedRecord(infoParcel, asyncMode);
+    int32_t ret;
+    if (asyncMode) {
+        ret = proxy->AddPermissionUsedRecordAsync(infoParcel);
+    } else {
+        ret = proxy->AddPermissionUsedRecord(infoParcel);
+    }
+    return ConvertResult(ret);
 }
 
 int32_t PrivacyManagerClient::SetPermissionUsedRecordToggleStatus(int32_t userID, bool status)
@@ -76,7 +95,8 @@ int32_t PrivacyManagerClient::SetPermissionUsedRecordToggleStatus(int32_t userID
         return PrivacyError::ERR_SERVICE_ABNORMAL;
     }
 
-    return proxy->SetPermissionUsedRecordToggleStatus(userID, status);
+    int32_t ret = proxy->SetPermissionUsedRecordToggleStatus(userID, status);
+    return ConvertResult(ret);
 }
 
 int32_t PrivacyManagerClient::GetPermissionUsedRecordToggleStatus(int32_t userID, bool& status)
@@ -87,7 +107,8 @@ int32_t PrivacyManagerClient::GetPermissionUsedRecordToggleStatus(int32_t userID
         return PrivacyError::ERR_SERVICE_ABNORMAL;
     }
 
-    return proxy->GetPermissionUsedRecordToggleStatus(userID, status);
+    int32_t ret = proxy->GetPermissionUsedRecordToggleStatus(userID, status);
+    return ConvertResult(ret);
 }
 
 int32_t PrivacyManagerClient::StartUsingPermission(
@@ -110,7 +131,8 @@ int32_t PrivacyManagerClient::StartUsingPermission(
         LOGE(PRI_DOMAIN, PRI_TAG, "Proxy death recipent is null.");
         return PrivacyError::ERR_MALLOC_FAILED;
     }
-    return proxy->StartUsingPermission(parcel, anonyStub);
+    int32_t ret = proxy->StartUsingPermission(parcel, anonyStub);
+    return ConvertResult(ret);
 }
 
 int32_t PrivacyManagerClient::CreateStateChangeCbk(uint64_t id,
@@ -161,13 +183,13 @@ int32_t PrivacyManagerClient::StartUsingPermission(AccessTokenID tokenId, int32_
         LOGE(PRI_DOMAIN, PRI_TAG, "Proxy death recipent is null.");
         return PrivacyError::ERR_MALLOC_FAILED;
     }
-    result = proxy->StartUsingPermission(parcel, callbackWrap->AsObject(), anonyStub);
+    result = proxy->StartUsingPermissionCallback(parcel, callbackWrap->AsObject(), anonyStub);
     if (result == RET_SUCCESS) {
         std::lock_guard<std::mutex> lock(stateCbkMutex_);
         stateChangeCallbackMap_[id] = callbackWrap;
         LOGI(PRI_DOMAIN, PRI_TAG, "CallbackObject added.");
     }
-    return result;
+    return ConvertResult(result);
 }
 
 int32_t PrivacyManagerClient::StopUsingPermission(
@@ -187,7 +209,8 @@ int32_t PrivacyManagerClient::StopUsingPermission(
         }
     }
 
-    return proxy->StopUsingPermission(tokenID, pid, permissionName);
+    int32_t ret = proxy->StopUsingPermission(tokenID, pid, permissionName);
+    return ConvertResult(ret);
 }
 
 int32_t PrivacyManagerClient::RemovePermissionUsedRecords(AccessTokenID tokenID)
@@ -197,7 +220,8 @@ int32_t PrivacyManagerClient::RemovePermissionUsedRecords(AccessTokenID tokenID)
         LOGE(PRI_DOMAIN, PRI_TAG, "Proxy is null.");
         return PrivacyError::ERR_SERVICE_ABNORMAL;
     }
-    return proxy->RemovePermissionUsedRecords(tokenID);
+    int32_t ret = proxy->RemovePermissionUsedRecords(tokenID);
+    return ConvertResult(ret);
 }
 
 int32_t PrivacyManagerClient::GetPermissionUsedRecords(
@@ -214,7 +238,7 @@ int32_t PrivacyManagerClient::GetPermissionUsedRecords(
     requestParcel.request = request;
     int32_t ret = proxy->GetPermissionUsedRecords(requestParcel, resultParcel);
     result = resultParcel.result;
-    return ret;
+    return ConvertResult(ret);
 }
 
 int32_t PrivacyManagerClient::GetPermissionUsedRecords(const PermissionUsedRequest& request,
@@ -228,7 +252,8 @@ int32_t PrivacyManagerClient::GetPermissionUsedRecords(const PermissionUsedReque
 
     PermissionUsedRequestParcel requestParcel;
     requestParcel.request = request;
-    return proxy->GetPermissionUsedRecords(requestParcel, callback);
+    int32_t ret = proxy->GetPermissionUsedRecordsAsync(requestParcel, callback);
+    return ConvertResult(ret);
 }
 
 int32_t PrivacyManagerClient::CreateActiveStatusChangeCbk(
@@ -285,7 +310,7 @@ int32_t PrivacyManagerClient::RegisterPermActiveStatusCallback(
         activeCbkMap_[callback] = callbackWrap;
         LOGI(PRI_DOMAIN, PRI_TAG, "CallbackObject added.");
     }
-    return result;
+    return ConvertResult(result);
 }
 
 int32_t PrivacyManagerClient::UnRegisterPermActiveStatusCallback(
@@ -308,7 +333,7 @@ int32_t PrivacyManagerClient::UnRegisterPermActiveStatusCallback(
     if (result == RET_SUCCESS) {
         activeCbkMap_.erase(goalCallback);
     }
-    return result;
+    return ConvertResult(result);
 }
 
 bool PrivacyManagerClient::IsAllowedUsingPermission(AccessTokenID tokenID, const std::string& permissionName,
@@ -319,67 +344,10 @@ bool PrivacyManagerClient::IsAllowedUsingPermission(AccessTokenID tokenID, const
         LOGE(PRI_DOMAIN, PRI_TAG, "Proxy is null.");
         return false;
     }
-    return proxy->IsAllowedUsingPermission(tokenID, permissionName, pid);
-}
-
-#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE
-int32_t PrivacyManagerClient::RegisterSecCompEnhance(const SecCompEnhanceData& enhance)
-{
-    auto proxy = GetProxy();
-    if (proxy == nullptr) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Proxy is null.");
-        return PrivacyError::ERR_PARAM_INVALID;
-    }
-    SecCompEnhanceDataParcel registerParcel;
-    registerParcel.enhanceData = enhance;
-    return proxy->RegisterSecCompEnhance(registerParcel);
-}
-
-int32_t PrivacyManagerClient::UpdateSecCompEnhance(int32_t pid, uint32_t seqNum)
-{
-    auto proxy = GetProxy();
-    if (proxy == nullptr) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Proxy is null.");
-        return PrivacyError::ERR_PARAM_INVALID;
-    }
-    return proxy->UpdateSecCompEnhance(pid, seqNum);
-}
-
-int32_t PrivacyManagerClient::GetSecCompEnhance(int32_t pid, SecCompEnhanceData& enhance)
-{
-    auto proxy = GetProxy();
-    if (proxy == nullptr) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Proxy is null.");
-        return PrivacyError::ERR_PARAM_INVALID;
-    }
-    SecCompEnhanceDataParcel parcel;
-    int32_t res = proxy->GetSecCompEnhance(pid, parcel);
-    if (res != RET_SUCCESS) {
-        return res;
-    }
-    enhance = parcel.enhanceData;
-    return RET_SUCCESS;
-}
-
-int32_t PrivacyManagerClient::GetSpecialSecCompEnhance(const std::string& bundleName,
-    std::vector<SecCompEnhanceData>& enhanceList)
-{
-    auto proxy = GetProxy();
-    if (proxy == nullptr) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Proxy is null.");
-        return PrivacyError::ERR_PARAM_INVALID;
-    }
-    std::vector<SecCompEnhanceDataParcel> parcelList;
-    int32_t res = proxy->GetSpecialSecCompEnhance(bundleName, parcelList);
-    if (res != RET_SUCCESS) {
-        return res;
-    }
-
-    std::transform(parcelList.begin(), parcelList.end(), std::back_inserter(enhanceList),
-        [](SecCompEnhanceDataParcel pair) { return pair.enhanceData; });
-    return RET_SUCCESS;
+    bool isAllowed = false;
+    proxy->IsAllowedUsingPermission(tokenID, permissionName, pid, isAllowed);
+    return isAllowed;
 }
-#endif
 
 int32_t PrivacyManagerClient::GetPermissionUsedTypeInfos(const AccessTokenID tokenId, const std::string& permissionName,
     std::vector<PermissionUsedTypeInfo>& results)
@@ -393,7 +361,7 @@ int32_t PrivacyManagerClient::GetPermissionUsedTypeInfos(const AccessTokenID tok
     std::vector<PermissionUsedTypeInfoParcel> resultsParcel;
     int32_t res = proxy->GetPermissionUsedTypeInfos(tokenId, permissionName, resultsParcel);
     if (res != RET_SUCCESS) {
-        return res;
+        return ConvertResult(res);
     }
 
     std::transform(resultsParcel.begin(), resultsParcel.end(), std::back_inserter(results),
@@ -409,7 +377,8 @@ int32_t PrivacyManagerClient::SetMutePolicy(uint32_t policyType, uint32_t caller
         LOGE(PRI_DOMAIN, PRI_TAG, "Proxy is null.");
         return PrivacyError::ERR_SERVICE_ABNORMAL;
     }
-    return proxy->SetMutePolicy(policyType, callerType, isMute, tokenID);
+    int32_t ret = proxy->SetMutePolicy(policyType, callerType, isMute, tokenID);
+    return ConvertResult(ret);
 }
 
 int32_t PrivacyManagerClient::SetHapWithFGReminder(uint32_t tokenId, bool isAllowed)
@@ -419,7 +388,8 @@ int32_t PrivacyManagerClient::SetHapWithFGReminder(uint32_t tokenId, bool isAllo
         LOGE(PRI_DOMAIN, PRI_TAG, "Proxy is null.");
         return PrivacyError::ERR_SERVICE_ABNORMAL;
     }
-    return proxy->SetHapWithFGReminder(tokenId, isAllowed);
+    int32_t ret = proxy->SetHapWithFGReminder(tokenId, isAllowed);
+    return ConvertResult(ret);
 }
 
 uint64_t PrivacyManagerClient::GetUniqueId(uint32_t tokenId, int32_t pid) const
@@ -433,13 +403,12 @@ void PrivacyManagerClient::InitProxy()
     if (proxy_ == nullptr || proxy_->AsObject() == nullptr || proxy_->AsObject()->IsObjectDead()) {
         auto sam = SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager();
         if (sam == nullptr) {
-            LOGD(PRI_DOMAIN, PRI_TAG, "GetSystemAbilityManager is null");
+            LOGE(PRI_DOMAIN, PRI_TAG, "GetSystemAbilityManager is null");
             return;
         }
-        auto privacySa = sam->CheckSystemAbility(IPrivacyManager::SA_ID_PRIVACY_MANAGER_SERVICE);
+        auto privacySa = sam->CheckSystemAbility(SA_ID_PRIVACY_MANAGER_SERVICE);
         if (privacySa == nullptr) {
-            LOGD(PRI_DOMAIN, PRI_TAG, "CheckSystemAbility %{public}d is null",
-                IPrivacyManager::SA_ID_PRIVACY_MANAGER_SERVICE);
+            LOGE(PRI_DOMAIN, PRI_TAG, "CheckSystemAbility %{public}d is null", SA_ID_PRIVACY_MANAGER_SERVICE);
             return;
         }
 
@@ -449,7 +418,7 @@ void PrivacyManagerClient::InitProxy()
         }
         proxy_ = new PrivacyManagerProxy(privacySa);
         if (proxy_ == nullptr || proxy_->AsObject() == nullptr || proxy_->AsObject()->IsObjectDead()) {
-            LOGD(PRI_DOMAIN, PRI_TAG, "Iface_cast get null");
+            LOGE(PRI_DOMAIN, PRI_TAG, "Iface_cast get null");
         }
     }
 }
diff --git a/interfaces/innerkits/privacy/src/privacy_manager_client.h b/interfaces/innerkits/privacy/src/privacy_manager_client.h
index 9003ec57c5e2ca50a815b9bc2d014196a222477a..0a652cb51c5c998a63b3bd31c0208973b1d7487d 100644
--- a/interfaces/innerkits/privacy/src/privacy_manager_client.h
+++ b/interfaces/innerkits/privacy/src/privacy_manager_client.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2022-2023 Huawei Device Co., Ltd.
+ * Copyright (c) 2022-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -21,7 +21,7 @@
 #include <string>
 #include <vector>
 
-#include "i_privacy_manager.h"
+#include "iprivacy_manager.h"
 #include "perm_active_status_change_callback.h"
 #include "perm_active_status_customized_cbk.h"
 #include "privacy_death_recipient.h"
@@ -59,13 +59,6 @@ public:
         sptr<PermActiveStatusChangeCallback>& callbackWrap);
     bool IsAllowedUsingPermission(AccessTokenID tokenID, const std::string& permissionName, int32_t pid);
     void OnRemoteDiedHandle();
-#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE
-    int32_t RegisterSecCompEnhance(const SecCompEnhanceData& enhance);
-    int32_t UpdateSecCompEnhance(int32_t pid, uint32_t seqNum);
-    int32_t GetSecCompEnhance(int32_t pid, SecCompEnhanceData& enhance);
-    int32_t GetSpecialSecCompEnhance(const std::string& bundleName,
-        std::vector<SecCompEnhanceData>& enhanceList);
-#endif
     int32_t GetPermissionUsedTypeInfos(const AccessTokenID tokenId, const std::string& permissionName,
         std::vector<PermissionUsedTypeInfo>& results);
     int32_t SetMutePolicy(uint32_t policyType, uint32_t callerType, bool isMute, AccessTokenID tokenID);
diff --git a/interfaces/innerkits/privacy/src/privacy_manager_proxy.cpp b/interfaces/innerkits/privacy/src/privacy_manager_proxy.cpp
deleted file mode 100644
index 77f50a8360f2872c366be8aa02e574b39b03b2fd..0000000000000000000000000000000000000000
--- a/interfaces/innerkits/privacy/src/privacy_manager_proxy.cpp
+++ /dev/null
@@ -1,609 +0,0 @@
-/*
- * Copyright (c) 2022-2024 Huawei Device Co., Ltd.
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include "privacy_manager_proxy.h"
-
-#include "accesstoken_common_log.h"
-#include "privacy_error.h"
-
-namespace OHOS {
-namespace Security {
-namespace AccessToken {
-namespace {
-
-#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE
-static const int MAX_SEC_COMP_ENHANCE_SIZE = 1000;
-#endif
-// if change this, copy value in privacy_kit_test.cpp should change together
-static const uint32_t MAX_PERMISSION_USED_TYPE_SIZE = 2000;
-}
-
-PrivacyManagerProxy::PrivacyManagerProxy(const sptr<IRemoteObject>& impl)
-    : IRemoteProxy<IPrivacyManager>(impl) {
-}
-
-PrivacyManagerProxy::~PrivacyManagerProxy()
-{}
-
-int32_t PrivacyManagerProxy::AddPermissionUsedRecord(const AddPermParamInfoParcel& infoParcel, bool asyncMode)
-{
-    MessageParcel addData;
-    addData.WriteInterfaceToken(IPrivacyManager::GetDescriptor());
-    if (!addData.WriteParcelable(&infoParcel)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to WriteParcelable(infoParcel)");
-        return PrivacyError::ERR_WRITE_PARCEL_FAILED;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(PrivacyInterfaceCode::ADD_PERMISSION_USED_RECORD, addData, reply, asyncMode)) {
-        return PrivacyError::ERR_SERVICE_ABNORMAL;
-    }
-    int32_t result = reply.ReadInt32();
-    LOGI(PRI_DOMAIN, PRI_TAG, "Result from server data = %{public}d", result);
-    return result;
-}
-
-int32_t PrivacyManagerProxy::SetPermissionUsedRecordToggleStatus(int32_t userID, bool status)
-{
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write WriteInterfaceToken.");
-        return PrivacyError::ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteInt32(userID)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write userID");
-        return PrivacyError::ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteBool(status)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write status");
-        return PrivacyError::ERR_WRITE_PARCEL_FAILED;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(PrivacyInterfaceCode::SET_PERMISSION_USED_RECORD_TOGGLE_STATUS, data, reply)) {
-        return PrivacyError::ERR_SERVICE_ABNORMAL;
-    }
-
-    int32_t result = 0;
-    if (!reply.ReadInt32(result)) {
-        LOGI(PRI_DOMAIN, PRI_TAG, "Result from server (error=%{public}d)", result);
-        return ERR_READ_PARCEL_FAILED;
-    }
-    LOGI(PRI_DOMAIN, PRI_TAG, "Result from server data = %{public}d", result);
-    return result;
-}
-
-int32_t PrivacyManagerProxy::GetPermissionUsedRecordToggleStatus(int32_t userID, bool& status)
-{
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write WriteInterfaceToken.");
-        return PrivacyError::ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteInt32(userID)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write userID");
-        return ERR_WRITE_PARCEL_FAILED;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(PrivacyInterfaceCode::GET_PERMISSION_USED_RECORD_TOGGLE_STATUS, data, reply)) {
-        return PrivacyError::ERR_SERVICE_ABNORMAL;
-    }
-
-    int32_t result = 0;
-    if (!reply.ReadInt32(result)) {
-        LOGI(PRI_DOMAIN, PRI_TAG, "Result from server (error=%{public}d)", result);
-        return ERR_READ_PARCEL_FAILED;
-    }
-    if (result != RET_SUCCESS) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Result from server data = %{public}d", result);
-        return result;
-    }
-
-    if (!reply.ReadBool(status)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to read status");
-        return ERR_READ_PARCEL_FAILED;
-    }
-    LOGI(PRI_DOMAIN, PRI_TAG, "Result from server data = %{public}d", result);
-    return result;
-}
-
-int32_t PrivacyManagerProxy::StartUsingPermission(
-    const PermissionUsedTypeInfoParcel &infoParcel, const sptr<IRemoteObject>& anonyStub)
-{
-    MessageParcel startData;
-    startData.WriteInterfaceToken(IPrivacyManager::GetDescriptor());
-    if (!startData.WriteParcelable(&infoParcel)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write permission used info parcel.");
-        return PrivacyError::ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!startData.WriteRemoteObject(anonyStub)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write remote object.");
-        return PrivacyError::ERR_WRITE_PARCEL_FAILED;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(PrivacyInterfaceCode::START_USING_PERMISSION, startData, reply)) {
-        return PrivacyError::ERR_SERVICE_ABNORMAL;
-    }
-
-    int32_t result = reply.ReadInt32();
-    LOGI(PRI_DOMAIN, PRI_TAG, "Result from server data = %{public}d", result);
-    return result;
-}
-
-int32_t PrivacyManagerProxy::StartUsingPermission(
-    const PermissionUsedTypeInfoParcel &infoParcel,
-    const sptr<IRemoteObject>& callback, const sptr<IRemoteObject>& anonyStub)
-{
-    MessageParcel data;
-    data.WriteInterfaceToken(IPrivacyManager::GetDescriptor());
-    if (!data.WriteParcelable(&infoParcel)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write permission used info parcel.");
-        return PrivacyError::ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteRemoteObject(callback)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write remote object.");
-        return PrivacyError::ERR_WRITE_PARCEL_FAILED;
-    }
-
-    if (!data.WriteRemoteObject(anonyStub)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write remote object.");
-        return PrivacyError::ERR_WRITE_PARCEL_FAILED;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(PrivacyInterfaceCode::START_USING_PERMISSION_CALLBACK, data, reply)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "SendRequest fail");
-        return PrivacyError::ERR_SERVICE_ABNORMAL;
-    }
-
-    int32_t result = reply.ReadInt32();
-    LOGI(PRI_DOMAIN, PRI_TAG, "Result from server data = %{public}d", result);
-    return result;
-}
-
-int32_t PrivacyManagerProxy::StopUsingPermission(
-    AccessTokenID tokenID, int32_t pid, const std::string& permissionName)
-{
-    MessageParcel stopData;
-    stopData.WriteInterfaceToken(IPrivacyManager::GetDescriptor());
-    if (!stopData.WriteUint32(tokenID)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write tokenID");
-        return PrivacyError::ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!stopData.WriteInt32(pid)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write pid");
-        return PrivacyError::ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!stopData.WriteString(permissionName)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write permissionName");
-        return PrivacyError::ERR_WRITE_PARCEL_FAILED;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(PrivacyInterfaceCode::STOP_USING_PERMISSION, stopData, reply)) {
-        return PrivacyError::ERR_SERVICE_ABNORMAL;
-    }
-
-    int32_t result = reply.ReadInt32();
-    LOGI(PRI_DOMAIN, PRI_TAG, "Result from server data = %{public}d", result);
-    return result;
-}
-
-int32_t PrivacyManagerProxy::RemovePermissionUsedRecords(AccessTokenID tokenID)
-{
-    MessageParcel data;
-    data.WriteInterfaceToken(IPrivacyManager::GetDescriptor());
-    if (!data.WriteUint32(tokenID)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to WriteUint32(%{public}d)", tokenID);
-        return PrivacyError::ERR_WRITE_PARCEL_FAILED;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(PrivacyInterfaceCode::DELETE_PERMISSION_USED_RECORDS, data, reply)) {
-        return PrivacyError::ERR_SERVICE_ABNORMAL;
-    }
-
-    int32_t result = reply.ReadInt32();
-    LOGI(PRI_DOMAIN, PRI_TAG, "Result from server data = %{public}d", result);
-    return result;
-}
-
-int32_t PrivacyManagerProxy::GetPermissionUsedRecords(const PermissionUsedRequestParcel& request,
-    PermissionUsedResultParcel& result)
-{
-    MessageParcel data;
-    data.WriteInterfaceToken(IPrivacyManager::GetDescriptor());
-    if (!data.WriteParcelable(&request)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to WriteParcelable(request)");
-        return PrivacyError::ERR_WRITE_PARCEL_FAILED;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(PrivacyInterfaceCode::GET_PERMISSION_USED_RECORDS, data, reply)) {
-        return PrivacyError::ERR_SERVICE_ABNORMAL;
-    }
-
-    int32_t ret = reply.ReadInt32();
-    LOGI(PRI_DOMAIN, PRI_TAG, "Result from server data = %{public}d", ret);
-    if (ret != RET_SUCCESS) {
-        return ret;
-    }
-    sptr<PermissionUsedResultParcel> resultSptr = reply.ReadParcelable<PermissionUsedResultParcel>();
-    if (resultSptr == nullptr) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "ReadParcelable fail");
-        return PrivacyError::ERR_READ_PARCEL_FAILED;
-    }
-    result = *resultSptr;
-    return ret;
-}
-
-int32_t PrivacyManagerProxy::GetPermissionUsedRecords(const PermissionUsedRequestParcel& request,
-    const sptr<OnPermissionUsedRecordCallback>& callback)
-{
-    MessageParcel data;
-    data.WriteInterfaceToken(IPrivacyManager::GetDescriptor());
-    if (!data.WriteParcelable(&request)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to WriteParcelable(request)");
-        return PrivacyError::ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteRemoteObject(callback->AsObject())) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to WriteRemoteObject(callback)");
-        return PrivacyError::ERR_WRITE_PARCEL_FAILED;
-    }
-
-    MessageParcel reply;
-    if (!SendRequest(PrivacyInterfaceCode::GET_PERMISSION_USED_RECORDS_ASYNC, data, reply)) {
-        return PrivacyError::ERR_SERVICE_ABNORMAL;
-    }
-
-    int32_t result = reply.ReadInt32();
-    LOGI(PRI_DOMAIN, PRI_TAG, "Result from server data = %{public}d", result);
-    return result;
-}
-
-int32_t PrivacyManagerProxy::RegisterPermActiveStatusCallback(
-    std::vector<std::string>& permList, const sptr<IRemoteObject>& callback)
-{
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write WriteInterfaceToken.");
-        return PrivacyError::ERR_WRITE_PARCEL_FAILED;
-    }
-
-    uint32_t listSize = permList.size();
-    if (!data.WriteUint32(listSize)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write listSize");
-        return PrivacyError::ERR_WRITE_PARCEL_FAILED;
-    }
-    for (uint32_t i = 0; i < listSize; i++) {
-        if (!data.WriteString(permList[i])) {
-            LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write permList[%{public}d], %{public}s", i, permList[i].c_str());
-            return PrivacyError::ERR_WRITE_PARCEL_FAILED;
-        }
-    }
-
-    if (!data.WriteRemoteObject(callback)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write remote object.");
-        return PrivacyError::ERR_WRITE_PARCEL_FAILED;
-    }
-    MessageParcel reply;
-    if (!SendRequest(PrivacyInterfaceCode::REGISTER_PERM_ACTIVE_STATUS_CHANGE_CALLBACK, data, reply)) {
-        return PrivacyError::ERR_SERVICE_ABNORMAL;
-    }
-
-    int32_t result = reply.ReadInt32();
-    LOGI(PRI_DOMAIN, PRI_TAG, "Result from server data = %{public}d", result);
-    return result;
-}
-
-int32_t PrivacyManagerProxy::UnRegisterPermActiveStatusCallback(const sptr<IRemoteObject>& callback)
-{
-    MessageParcel data;
-    if (!data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write WriteInterfaceToken.");
-        return PrivacyError::ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteRemoteObject(callback)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write remote object.");
-        return PrivacyError::ERR_WRITE_PARCEL_FAILED;
-    }
-    MessageParcel reply;
-    if (!SendRequest(
-        PrivacyInterfaceCode::UNREGISTER_PERM_ACTIVE_STATUS_CHANGE_CALLBACK, data, reply)) {
-        return PrivacyError::ERR_SERVICE_ABNORMAL;
-    }
-
-    int32_t result = reply.ReadInt32();
-    LOGI(PRI_DOMAIN, PRI_TAG, "Result from server data = %{public}d", result);
-    return result;
-}
-
-bool PrivacyManagerProxy::IsAllowedUsingPermission(AccessTokenID tokenID, const std::string& permissionName,
-    int32_t pid)
-{
-    MessageParcel data;
-    MessageParcel reply;
-    if (!data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write WriteInterfaceToken.");
-        return false;
-    }
-    if (!data.WriteUint32(tokenID)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to WriteUint32(%{public}d)", tokenID);
-        return false;
-    }
-    if (!data.WriteString(permissionName)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to WriteString(%{public}s)", permissionName.c_str());
-        return false;
-    }
-    if (!data.WriteInt32(pid)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to WriteInt32(%{public}d)", pid);
-        return false;
-    }
-    if (!SendRequest(PrivacyInterfaceCode::IS_ALLOWED_USING_PERMISSION, data, reply)) {
-        return false;
-    }
-
-    bool result = reply.ReadBool();
-    LOGI(PRI_DOMAIN, PRI_TAG, "Result from server data = %{public}d", result);
-    return result;
-}
-
-#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE
-int32_t PrivacyManagerProxy::RegisterSecCompEnhance(const SecCompEnhanceDataParcel& enhance)
-{
-    MessageParcel data;
-    MessageParcel reply;
-    if (!data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write WriteInterfaceToken.");
-        return PrivacyError::ERR_WRITE_PARCEL_FAILED;
-    }
-
-    if (!data.WriteParcelable(&enhance)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write parcel.");
-        return PrivacyError::ERR_WRITE_PARCEL_FAILED;
-    }
-
-    if (!SendRequest(PrivacyInterfaceCode::REGISTER_SEC_COMP_ENHANCE, data, reply, true)) {
-        return PrivacyError::ERR_SERVICE_ABNORMAL;
-    }
-
-    int32_t result = reply.ReadInt32();
-    LOGI(PRI_DOMAIN, PRI_TAG, "Result from server data = %{public}d", result);
-    return result;
-}
-
-int32_t PrivacyManagerProxy::UpdateSecCompEnhance(int32_t pid, uint32_t seqNum)
-{
-    MessageParcel data;
-    MessageParcel reply;
-    if (!data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write GetDescriptor.");
-        return PrivacyError::ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteInt32(pid)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write pid=%{public}d.", pid);
-        return false;
-    }
-    if (!data.WriteUint32(seqNum)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write seqNum=%{public}u.", seqNum);
-        return false;
-    }
-    if (!SendRequest(PrivacyInterfaceCode::UPDATE_SEC_COMP_ENHANCE, data, reply)) {
-        return PrivacyError::ERR_SERVICE_ABNORMAL;
-    }
-
-    int32_t result = reply.ReadInt32();
-    LOGI(PRI_DOMAIN, PRI_TAG, "Result=%{public}d", result);
-    return result;
-}
-
-int32_t PrivacyManagerProxy::GetSecCompEnhance(int32_t pid, SecCompEnhanceDataParcel& enhanceParcel)
-{
-    MessageParcel data;
-    MessageParcel reply;
-    if (!data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write WriteInterfaceToken.");
-        return PrivacyError::ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteInt32(pid)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to WriteInt32(%{public}d)", pid);
-        return false;
-    }
-    if (!SendRequest(PrivacyInterfaceCode::GET_SEC_COMP_ENHANCE, data, reply)) {
-        return PrivacyError::ERR_SERVICE_ABNORMAL;
-    }
-
-    int32_t result = reply.ReadInt32();
-    LOGI(PRI_DOMAIN, PRI_TAG, "Result from server data = %{public}d", result);
-    if (result != RET_SUCCESS) {
-        return result;
-    }
-
-    sptr<SecCompEnhanceDataParcel> parcel = reply.ReadParcelable<SecCompEnhanceDataParcel>();
-    if (parcel != nullptr) {
-        enhanceParcel = *parcel;
-    }
-    return result;
-}
-
-int32_t PrivacyManagerProxy::GetSpecialSecCompEnhance(const std::string& bundleName,
-    std::vector<SecCompEnhanceDataParcel>& enhanceParcelList)
-{
-    MessageParcel data;
-    MessageParcel reply;
-    if (!data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write WriteInterfaceToken.");
-        return PrivacyError::ERR_WRITE_PARCEL_FAILED;
-    }
-
-    if (!data.WriteString(bundleName)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write string.");
-        return PrivacyError::ERR_WRITE_PARCEL_FAILED;
-    }
-
-    if (!SendRequest(PrivacyInterfaceCode::GET_SPECIAL_SEC_COMP_ENHANCE, data, reply)) {
-        return PrivacyError::ERR_SERVICE_ABNORMAL;
-    }
-
-    int32_t result = reply.ReadInt32();
-    LOGI(PRI_DOMAIN, PRI_TAG, "Result from server data = %{public}d", result);
-    if (result != RET_SUCCESS) {
-        return result;
-    }
-
-    uint32_t size = reply.ReadUint32();
-    if (size > MAX_SEC_COMP_ENHANCE_SIZE) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Size = %{public}d get from request is invalid", size);
-        return PrivacyError::ERR_OVERSIZE;
-    }
-    for (uint32_t i = 0; i < size; i++) {
-        sptr<SecCompEnhanceDataParcel> parcel = reply.ReadParcelable<SecCompEnhanceDataParcel>();
-        if (parcel != nullptr) {
-            enhanceParcelList.emplace_back(*parcel);
-        }
-    }
-    return result;
-}
-#endif
-
-int32_t PrivacyManagerProxy::GetPermissionUsedTypeInfos(const AccessTokenID tokenId, const std::string& permissionName,
-    std::vector<PermissionUsedTypeInfoParcel>& resultsParcel)
-{
-    MessageParcel data;
-    MessageParcel reply;
-    if (!data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write WriteInterfaceToken.");
-        return PrivacyError::ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteUint32(tokenId)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to WriteUint32(%{public}d)", tokenId);
-        return false;
-    }
-    if (!data.WriteString(permissionName)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to WriteString(%{public}s)", permissionName.c_str());
-        return false;
-    }
-
-    if (!SendRequest(PrivacyInterfaceCode::GET_PERMISSION_USED_TYPE_INFOS, data, reply)) {
-        return PrivacyError::ERR_SERVICE_ABNORMAL;
-    }
-
-    int32_t result = reply.ReadInt32();
-    LOGI(PRI_DOMAIN, PRI_TAG, "Result from server is %{public}d.", result);
-    if (result != RET_SUCCESS) {
-        return result;
-    }
-
-    uint32_t size = reply.ReadUint32();
-    if (size > MAX_PERMISSION_USED_TYPE_SIZE) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed, results oversize %{public}d, please add query params!", size);
-        return PrivacyError::ERR_OVERSIZE;
-    }
-    for (uint32_t i = 0; i < size; i++) {
-        sptr<PermissionUsedTypeInfoParcel> parcel = reply.ReadParcelable<PermissionUsedTypeInfoParcel>();
-        if (parcel != nullptr) {
-            resultsParcel.emplace_back(*parcel);
-        }
-    }
-    return result;
-}
-
-int32_t PrivacyManagerProxy::SetMutePolicy(uint32_t policyType, uint32_t callerType, bool isMute, AccessTokenID tokenID)
-{
-    MessageParcel data;
-    MessageParcel reply;
-    if (!data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write WriteInterfaceToken.");
-        return PrivacyError::ERR_WRITE_PARCEL_FAILED;
-    }
-
-    if (!data.WriteUint32(policyType)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to WriteUint32(%{public}d)", policyType);
-        return PrivacyError::ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteUint32(callerType)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to WriteUint32(%{public}d)", callerType);
-        return PrivacyError::ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteBool(isMute)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to WriteBool(%{public}d)", isMute);
-        return PrivacyError::ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!data.WriteUint32(tokenID)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to WriteUint32(%{public}d)", tokenID);
-        return PrivacyError::ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!SendRequest(PrivacyInterfaceCode::SET_MUTE_POLICY, data, reply)) {
-        return PrivacyError::ERR_SERVICE_ABNORMAL;
-    }
-    int32_t result = reply.ReadInt32();
-    LOGI(PRI_DOMAIN, PRI_TAG, "result from server is %{public}d.", result);
-    return result;
-}
-
-int32_t PrivacyManagerProxy::SetHapWithFGReminder(uint32_t tokenId, bool isAllowed)
-{
-    MessageParcel data;
-    MessageParcel reply;
-    if (!data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write WriteInterfaceToken.");
-        return PrivacyError::ERR_WRITE_PARCEL_FAILED;
-    }
-
-    if (!data.WriteUint32(tokenId)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to WriteUint32(%{public}d)", tokenId);
-        return PrivacyError::ERR_WRITE_PARCEL_FAILED;
-    }
-
-    if (!data.WriteBool(isAllowed)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to WriteBool(%{public}d)", isAllowed);
-        return PrivacyError::ERR_WRITE_PARCEL_FAILED;
-    }
-    if (!SendRequest(PrivacyInterfaceCode::SET_HAP_WITH_FOREGROUND_REMINDER, data, reply)) {
-        return PrivacyError::ERR_SERVICE_ABNORMAL;
-    }
-    int32_t result = reply.ReadInt32();
-    LOGI(PRI_DOMAIN, PRI_TAG, "Result from server is %{public}d.", result);
-    return result;
-}
-
-bool PrivacyManagerProxy::SendRequest(
-    PrivacyInterfaceCode code, MessageParcel& data, MessageParcel& reply, bool asyncMode)
-{
-    int flag = 0;
-    if (asyncMode) {
-        flag = static_cast<int>(MessageOption::TF_ASYNC);
-    } else {
-        flag = static_cast<int>(MessageOption::TF_SYNC);
-    }
-    MessageOption option(flag);
-    sptr<IRemoteObject> remote = Remote();
-    if (remote == nullptr) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Remote service null.");
-        return false;
-    }
-
-    int32_t result = remote->SendRequest(static_cast<uint32_t>(code), data, reply, option);
-    if (result != NO_ERROR) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "SendRequest(code=%{public}d) fail, result: %{public}d", code, result);
-        return false;
-    }
-    return true;
-}
-} // namespace AccessToken
-} // namespace Security
-} // namespace OHOS
diff --git a/interfaces/innerkits/privacy/src/privacy_manager_proxy.h b/interfaces/innerkits/privacy/src/privacy_manager_proxy.h
deleted file mode 100644
index c9da62420386a43fd1c6b77b4d9ce9f4be069d15..0000000000000000000000000000000000000000
--- a/interfaces/innerkits/privacy/src/privacy_manager_proxy.h
+++ /dev/null
@@ -1,67 +0,0 @@
-/*
- * Copyright (c) 2022-2023 Huawei Device Co., Ltd.
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef PRIVACY_MANAGER_PROXY_H
-#define PRIVACY_MANAGER_PROXY_H
-
-#include <string>
-
-#include "i_privacy_manager.h"
-#include "iremote_proxy.h"
-
-namespace OHOS {
-namespace Security {
-namespace AccessToken {
-class PrivacyManagerProxy : public IRemoteProxy<IPrivacyManager> {
-public:
-    explicit PrivacyManagerProxy(const sptr<IRemoteObject>& impl);
-    ~PrivacyManagerProxy() override;
-
-    int32_t AddPermissionUsedRecord(const AddPermParamInfoParcel& infoParcel, bool asyncMode = false) override;
-    int32_t SetPermissionUsedRecordToggleStatus(int32_t userID, bool status) override;
-    int32_t GetPermissionUsedRecordToggleStatus(int32_t userID, bool& status) override;
-    int32_t StartUsingPermission(const PermissionUsedTypeInfoParcel &infoParcel,
-        const sptr<IRemoteObject>& anonyStub) override;
-    int32_t StartUsingPermission(const PermissionUsedTypeInfoParcel &infoParcel,
-        const sptr<IRemoteObject>& callback, const sptr<IRemoteObject>& anonyStub) override;
-    int32_t StopUsingPermission(AccessTokenID tokenID, int32_t pid, const std::string& permissionName) override;
-    int32_t RemovePermissionUsedRecords(AccessTokenID tokenID) override;
-    int32_t GetPermissionUsedRecords(
-        const PermissionUsedRequestParcel& request, PermissionUsedResultParcel& result) override;
-    int32_t GetPermissionUsedRecords(const PermissionUsedRequestParcel& request,
-        const sptr<OnPermissionUsedRecordCallback>& callback) override;
-    int32_t RegisterPermActiveStatusCallback(
-        std::vector<std::string>& permList, const sptr<IRemoteObject>& callback) override;
-    int32_t UnRegisterPermActiveStatusCallback(const sptr<IRemoteObject>& callback) override;
-    bool IsAllowedUsingPermission(AccessTokenID tokenID, const std::string& permissionName, int32_t pid) override;
-#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE
-    int32_t RegisterSecCompEnhance(const SecCompEnhanceDataParcel& enhance) override;
-    int32_t UpdateSecCompEnhance(int32_t pid, uint32_t seqNum) override;
-    int32_t GetSecCompEnhance(int32_t pid, SecCompEnhanceDataParcel& enhanceParcel) override;
-    int32_t GetSpecialSecCompEnhance(const std::string& bundleName,
-        std::vector<SecCompEnhanceDataParcel>& enhanceParcelList) override;
-#endif
-    int32_t GetPermissionUsedTypeInfos(const AccessTokenID tokenId, const std::string& permissionName,
-        std::vector<PermissionUsedTypeInfoParcel>& resultsParcel) override;
-    int32_t SetMutePolicy(uint32_t policyType, uint32_t callerType, bool isMute, AccessTokenID tokenID) override;
-    int32_t SetHapWithFGReminder(uint32_t tokenId, bool isAllowed) override;
-private:
-    bool SendRequest(PrivacyInterfaceCode code, MessageParcel& data, MessageParcel& reply, bool asyncMode = false);
-    static inline BrokerDelegator<PrivacyManagerProxy> delegator_;
-};
-} // namespace AccessToken
-} // namespace Security
-} // namespace OHOS
-#endif // PRIVACY_MANAGER_PROXY_H
diff --git a/interfaces/innerkits/privacy/test/BUILD.gn b/interfaces/innerkits/privacy/test/BUILD.gn
index e4a1974aea7fe9fedf8791b674b0067eae817fc7..45a402c425a2669a7c8763b953f2712f93e410db 100644
--- a/interfaces/innerkits/privacy/test/BUILD.gn
+++ b/interfaces/innerkits/privacy/test/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2022-2024 Huawei Device Co., Ltd.
+# Copyright (c) 2022-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -15,9 +15,8 @@ import("//build/test.gni")
 import("../../../../access_token.gni")
 
 ohos_unittest("libprivacy_sdk_test") {
-  subsystem_name = "security"
-  part_name = "access_token"
-  module_out_path = part_name + "/" + part_name
+  subsystem_name = "accesscontrol"
+  module_out_path = module_output_path_unittest_privacy
   sanitize = {
     cfi = true
     cfi_cross_dso = true
@@ -41,6 +40,7 @@ ohos_unittest("libprivacy_sdk_test") {
     "mock/src/app_manager_access_client.cpp",
     "unittest/src/permission_deny_test.cpp",
     "unittest/src/privacy_kit_test.cpp",
+    "unittest/src/privacy_test_common.cpp",
   ]
 
   cflags_cc = [ "-DHILOG_ENABLE" ]
@@ -77,9 +77,8 @@ ohos_unittest("libprivacy_sdk_test") {
 }
 
 ohos_unittest("libprivacy_mock_test") {
-  subsystem_name = "security"
-  part_name = "access_token"
-  module_out_path = part_name + "/" + part_name
+  subsystem_name = "accesscontrol"
+  module_out_path = module_output_path_unittest_privacy
   sanitize = {
     cfi = true
     cfi_cross_dso = true
@@ -107,7 +106,6 @@ ohos_unittest("libprivacy_mock_test") {
     "../src/privacy_death_recipient.cpp",
     "../src/privacy_kit.cpp",
     "../src/privacy_manager_client.cpp",
-    "../src/privacy_manager_proxy.cpp",
     "../src/state_change_callback.cpp",
     "../src/state_change_callback_stub.cpp",
     "../src/state_customized_cbk.cpp",
@@ -115,7 +113,10 @@ ohos_unittest("libprivacy_mock_test") {
     "unittest/privacy_mock_test/privacy_kit_test.cpp",
   ]
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/privacymanager:privacy_manager_gen_config",
+  ]
 
   deps = [
     "${access_token_path}/frameworks/common:accesstoken_common_cxx",
@@ -124,6 +125,7 @@ ohos_unittest("libprivacy_mock_test") {
     "${access_token_path}/interfaces/innerkits/nativetoken:libnativetoken_shared",
     "${access_token_path}/interfaces/innerkits/token_setproc:libtokensetproc_shared",
     "${access_token_path}/services/common/proxy_death:proxy_death_stub",
+    "${access_token_path}/services/privacymanager:privacy_manager_proxy",
   ]
 
   external_deps = [
diff --git a/interfaces/innerkits/privacy/test/unittest/privacy_mock_test/privacy_kit_test.cpp b/interfaces/innerkits/privacy/test/unittest/privacy_mock_test/privacy_kit_test.cpp
index f548a3bb70c14889393b9cd05f563738d340c6c9..069dce5b915afd3ed440b1f3a1be99513616388d 100644
--- a/interfaces/innerkits/privacy/test/unittest/privacy_mock_test/privacy_kit_test.cpp
+++ b/interfaces/innerkits/privacy/test/unittest/privacy_mock_test/privacy_kit_test.cpp
@@ -53,7 +53,7 @@ void PrivacyKitTest::TearDown()
  * @tc.type: FUNC
  * @tc.require: issueI5RWX3 issueI5RWX8
  */
-HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord001, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord001, TestSize.Level0)
 {
     AccessTokenID tokenId = 0xff;
     std::string permissionName = "ohos.permission.CAMERA";
@@ -69,7 +69,7 @@ HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5RWX3 issueI5RWX8
  */
-HWTEST_F(PrivacyKitTest, StartUsingPermission001, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, StartUsingPermission001, TestSize.Level0)
 {
     AccessTokenID tokenId = 0xff;
     std::string permissionName = "ohos.permission.CAMERA";
@@ -95,7 +95,7 @@ public:
  * @tc.type: FUNC
  * @tc.require: issueI5RWX5 issueI5RWX3 issueI5RWXA
  */
-HWTEST_F(PrivacyKitTest, StartUsingPermission002, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, StartUsingPermission002, TestSize.Level0)
 {
     auto callbackPtr = std::make_shared<CbCustomizeTest4>();
     AccessTokenID g_TokenId_A = 0xff;
@@ -110,7 +110,7 @@ HWTEST_F(PrivacyKitTest, StartUsingPermission002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5RWX3 issueI5RWX8
  */
-HWTEST_F(PrivacyKitTest, StopUsingPermission001, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, StopUsingPermission001, TestSize.Level0)
 {
     AccessTokenID tokenId = 0xff;
     std::string permissionName = "ohos.permission.CAMERA";
@@ -124,7 +124,7 @@ HWTEST_F(PrivacyKitTest, StopUsingPermission001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5RWX3 issueI5RWX8
  */
-HWTEST_F(PrivacyKitTest, RemovePermissionUsedRecords001, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, RemovePermissionUsedRecords001, TestSize.Level0)
 {
     AccessTokenID tokenId = 0xff;
     int32_t ret = PrivacyKit::RemovePermissionUsedRecords(tokenId);
@@ -137,7 +137,7 @@ HWTEST_F(PrivacyKitTest, RemovePermissionUsedRecords001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5RWX3 issueI5RWX8
  */
-HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords001, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords001, TestSize.Level0)
 {
     PermissionUsedRequest request;
     PermissionUsedResult result;
@@ -162,7 +162,7 @@ public:
  * @tc.type: FUNC
  * @tc.require: issueI5RWX3 issueI5RWX8
  */
-HWTEST_F(PrivacyKitTest, GetPermissionUsedRecordsAsync001, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, GetPermissionUsedRecordsAsync001, TestSize.Level0)
 {
     PermissionUsedRequest request;
     OHOS::sptr<TestCallBack> callback(new TestCallBack());
@@ -192,7 +192,7 @@ public:
  * @tc.type: FUNC
  * @tc.require: issueI5RWX3 issueI5RWX8
  */
-HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback001, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback001, TestSize.Level0)
 {
     std::vector<std::string> permList = {"ohos.permission.CAMERA"};
     auto callbackPtr = std::make_shared<PermActiveStatusCallbackTest>(permList);
@@ -209,7 +209,7 @@ HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5RWX3 issueI5RWX8
  */
-HWTEST_F(PrivacyKitTest, IsAllowedUsingPermissionTest001, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, IsAllowedUsingPermissionTest001, TestSize.Level0)
 {
     AccessTokenID tokenId = 0xff;
     std::string permissionName = "ohos.permission.CAMERA";
@@ -223,7 +223,7 @@ HWTEST_F(PrivacyKitTest, IsAllowedUsingPermissionTest001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyKitTest, SetPermissionUsedRecordToggleStatus001, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, SetPermissionUsedRecordToggleStatus001, TestSize.Level0)
 {
     int32_t userID = 1;
     bool status = true;
@@ -237,7 +237,7 @@ HWTEST_F(PrivacyKitTest, SetPermissionUsedRecordToggleStatus001, TestSize.Level1
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyKitTest, GetPermissionUsedRecordToggleStatus001, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, GetPermissionUsedRecordToggleStatus001, TestSize.Level0)
 {
     int32_t userID = 1;
     bool status = true;
diff --git a/interfaces/innerkits/privacy/test/unittest/src/permission_deny_test.cpp b/interfaces/innerkits/privacy/test/unittest/src/permission_deny_test.cpp
index ba30b8a57322b87e1a164180930bc2722e3ab1ce..65d5386c92a1cddbbe8cad36578e179f39668bab 100644
--- a/interfaces/innerkits/privacy/test/unittest/src/permission_deny_test.cpp
+++ b/interfaces/innerkits/privacy/test/unittest/src/permission_deny_test.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Copyright (c) 2022-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -18,6 +18,7 @@
 #include "on_permission_used_record_callback_stub.h"
 #include "privacy_kit.h"
 #include "privacy_error.h"
+#include "privacy_test_common.h"
 #include "token_setproc.h"
 
 namespace OHOS {
@@ -27,7 +28,6 @@ namespace {
 static uint32_t g_selfTokenId = 0;
 static uint64_t g_FullTokenId = 0;
 static uint32_t g_testTokenId = 0;
-
 static HapPolicyParams g_PolicyPrams = {
     .apl = APL_NORMAL,
     .domain = "test.domain",
@@ -40,22 +40,23 @@ static HapInfoParams g_InfoParms = {
     .appIDDesc = "privacy_test.bundle",
     .isSystemApp = true
 };
-
 }
 using namespace testing::ext;
 
 void PermDenyTest::SetUpTestCase()
 {
     g_selfTokenId = GetSelfTokenID();
+    PrivacyTestCommon::SetTestEvironment(g_selfTokenId);
 }
 
 void PermDenyTest::TearDownTestCase()
 {
+    PrivacyTestCommon::ResetTestEvironment();
 }
 
 void PermDenyTest::SetUp()
 {
-    AccessTokenIDEx tokenIDEx = AccessTokenKit::AllocHapToken(g_InfoParms, g_PolicyPrams);
+    AccessTokenIDEx tokenIDEx = PrivacyTestCommon::AllocTestHapToken(g_InfoParms, g_PolicyPrams);
 
     g_FullTokenId = tokenIDEx.tokenIDEx;
     g_testTokenId = tokenIDEx.tokenIdExStruct.tokenID;
@@ -65,8 +66,13 @@ void PermDenyTest::SetUp()
 void PermDenyTest::TearDown()
 {
     EXPECT_EQ(0, SetSelfTokenID(g_selfTokenId));
-    AccessTokenKit::DeleteToken(g_testTokenId);
-    PrivacyKit::RemovePermissionUsedRecords(g_testTokenId);
+    PrivacyTestCommon::DeleteTestHapToken(g_testTokenId);
+    {
+        std::vector<std::string> reqPerm;
+        reqPerm.emplace_back("ohos.permission.PERMISSION_USED_STATS");
+        MockHapToken mock("PermDenyTest", reqPerm, true);
+        PrivacyKit::RemovePermissionUsedRecords(g_testTokenId);
+    }
 }
 
 /**
@@ -75,7 +81,7 @@ void PermDenyTest::TearDown()
  * @tc.type: FUNC
  * @tc.require: issueI5SRUO
  */
-HWTEST_F(PermDenyTest, AddPermissionUsedRecord001, TestSize.Level1)
+HWTEST_F(PermDenyTest, AddPermissionUsedRecord001, TestSize.Level0)
 {
     ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED,
         PrivacyKit::AddPermissionUsedRecord(g_testTokenId, "ohos.permission.CAMERA", 1, 0));
@@ -87,7 +93,7 @@ HWTEST_F(PermDenyTest, AddPermissionUsedRecord001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5SRUO
  */
-HWTEST_F(PermDenyTest, RemovePermissionUsedRecords001, TestSize.Level1)
+HWTEST_F(PermDenyTest, RemovePermissionUsedRecords001, TestSize.Level0)
 {
     ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, PrivacyKit::RemovePermissionUsedRecords(g_testTokenId));
 }
@@ -110,7 +116,7 @@ public:
 * @tc.type: FUNC
 * @tc.require: issueI5SRUO
 */
-HWTEST_F(PermDenyTest, StarAndStoptUsingPermission001, TestSize.Level1)
+HWTEST_F(PermDenyTest, StarAndStoptUsingPermission001, TestSize.Level0)
 {
     auto callbackPtr = std::make_shared<CbPermDenyTest>();
     ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED,
@@ -138,7 +144,7 @@ public:
  * @tc.type: FUNC
  * @tc.require: issueI5SRUO
  */
-HWTEST_F(PermDenyTest, GetPermissionUsedRecords001, TestSize.Level1)
+HWTEST_F(PermDenyTest, GetPermissionUsedRecords001, TestSize.Level0)
 {
     PermissionUsedRequest request;
     request.tokenId = g_testTokenId;
@@ -173,7 +179,7 @@ public:
 * @tc.type: FUNC
 * @tc.require: issueI5SRUO
 */
-HWTEST_F(PermDenyTest, RegisterAndUnregister001, TestSize.Level1)
+HWTEST_F(PermDenyTest, RegisterAndUnregister001, TestSize.Level0)
 {
     std::vector<std::string> permList = {"ohos.permission.CAMERA"};
     auto callbackPtr = std::make_shared<CbCustomizeTest>(permList);
@@ -200,7 +206,7 @@ HWTEST_F(PermDenyTest, RegisterAndUnregister001, TestSize.Level1)
 * @tc.type: FUNC
 * @tc.require: issueI5SRUO
 */
-HWTEST_F(PermDenyTest, IsAllowedUsingPermission001, TestSize.Level1)
+HWTEST_F(PermDenyTest, IsAllowedUsingPermission001, TestSize.Level0)
 {
     ASSERT_EQ(false, PrivacyKit::IsAllowedUsingPermission(123, "ohos.permission.CAMERA"));
 }
diff --git a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp
index 48dbb606c6408e486e4ecd12320c440c7ef1ec4b..2aef3adb5e0428cbff9683baeea8e92450801eec 100644
--- a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp
+++ b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2022-2024 Huawei Device Co., Ltd.
+ * Copyright (c) 2022-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -37,6 +37,7 @@
 #include "perm_setproc.h"
 #include "privacy_error.h"
 #include "privacy_kit.h"
+#include "privacy_test_common.h"
 #include "state_change_callback_stub.h"
 #include "string_ex.h"
 #include "token_setproc.h"
@@ -46,8 +47,8 @@ using namespace OHOS::Security::AccessToken;
 
 const static int32_t RET_NO_ERROR = 0;
 static const uint32_t ACCESS_TOKEN_UID = 3020;
-static constexpr int32_t DEFAULT_API_VERSION = 8;
 static AccessTokenID g_nativeToken = 0;
+static MockHapToken* g_mock = nullptr;
 #ifdef AUDIO_FRAMEWORK_ENABLE
 static bool g_isMicMute = false;
 #endif
@@ -122,13 +123,6 @@ static HapPolicyParams g_policyPramsC = {
     .permStateList = {g_infoManagerTestStateC}
 };
 
-static PermissionStateFull g_infoManagerTestStateD = {
-    .permissionName = "ohos.permission.MICROPHONE_BACKGROUND",
-    .isGeneral = true,
-    .resDeviceID = {"localC"},
-    .grantStatus = {PermissionState::PERMISSION_GRANTED},
-    .grantFlags = {1}
-};
 static HapInfoParams g_infoParmsD = {
     .userID = 1,
     .bundleName = "ohos.privacy_test.bundleD",
@@ -200,88 +194,59 @@ static BundleUsedRecord g_bundleUsedRecord = {
     .bundleName = "com.ohos.test",
 };
 
-static HapInfoParams g_normalInfoParms = {
-    .userID = 1,
-    .bundleName = "accesstoken_test",
-    .instIndex = 0,
-    .appIDDesc = "testtesttesttest",
-    .apiVersion = DEFAULT_API_VERSION,
-    .isSystemApp = false
-};
-static HapInfoParams g_systemInfoParms = {
-    .userID = 1,
-    .bundleName = "accesstoken_test",
-    .instIndex = 0,
-    .appIDDesc = "testtesttesttest",
-    .apiVersion = DEFAULT_API_VERSION,
-    .isSystemApp = true
-};
-
 static AccessTokenID g_selfTokenId = 0;
 static AccessTokenID g_tokenIdA = 0;
 static AccessTokenID g_tokenIdB = 0;
-static AccessTokenIDEx g_tokenIdC = {0};
+static AccessTokenID g_tokenIdC = 0;
 static AccessTokenID g_tokenIdE = 0;
 static AccessTokenID g_tokenIdF = 0;
 static AccessTokenID g_tokenIdG = 0;
 
 static void DeleteTestToken()
 {
-    AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_infoParmsA.userID,
-                                                          g_infoParmsA.bundleName,
-                                                          g_infoParmsA.instIndex);
-    AccessTokenKit::DeleteToken(tokenId);
-    PrivacyKit::RemovePermissionUsedRecords(tokenId);
-
-    tokenId = AccessTokenKit::GetHapTokenID(g_infoParmsB.userID,
-                                            g_infoParmsB.bundleName,
-                                            g_infoParmsB.instIndex);
-    AccessTokenKit::DeleteToken(tokenId);
-    PrivacyKit::RemovePermissionUsedRecords(tokenId);
-
-    tokenId = AccessTokenKit::GetHapTokenID(g_infoParmsC.userID,
-                                            g_infoParmsC.bundleName,
-                                            g_infoParmsC.instIndex);
-    AccessTokenKit::DeleteToken(tokenId);
-    PrivacyKit::RemovePermissionUsedRecords(tokenId);
-
-    tokenId = AccessTokenKit::GetHapTokenID(g_infoParmsE.userID,
-                                            g_infoParmsE.bundleName,
-                                            g_infoParmsE.instIndex);
-    AccessTokenKit::DeleteToken(tokenId);
-    PrivacyKit::RemovePermissionUsedRecords(tokenId);
-
-    tokenId = AccessTokenKit::GetHapTokenID(g_infoParmsF.userID,
-                                            g_infoParmsF.bundleName,
-                                            g_infoParmsF.instIndex);
-    AccessTokenKit::DeleteToken(tokenId);
-    PrivacyKit::RemovePermissionUsedRecords(tokenId);
-
-    tokenId = AccessTokenKit::GetHapTokenID(g_infoParmsG.userID,
-                                            g_infoParmsG.bundleName,
-                                            g_infoParmsG.instIndex);
-    AccessTokenKit::DeleteToken(tokenId);
-    PrivacyKit::RemovePermissionUsedRecords(tokenId);
-
-    tokenId = AccessTokenKit::GetHapTokenID(g_normalInfoParms.userID,
-                                            g_normalInfoParms.bundleName,
-                                            g_normalInfoParms.instIndex);
-    AccessTokenKit::DeleteToken(tokenId);
-    PrivacyKit::RemovePermissionUsedRecords(tokenId);
-
-    tokenId = AccessTokenKit::GetHapTokenID(g_systemInfoParms.userID,
-                                            g_systemInfoParms.bundleName,
-                                            g_systemInfoParms.instIndex);
-    AccessTokenKit::DeleteToken(tokenId);
-    PrivacyKit::RemovePermissionUsedRecords(tokenId);
+    AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(
+        g_infoParmsA.userID, g_infoParmsA.bundleName, g_infoParmsA.instIndex);
+    PrivacyTestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID);
+    PrivacyKit::RemovePermissionUsedRecords(tokenIdEx.tokenIdExStruct.tokenID);
+
+    tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(
+        g_infoParmsB.userID, g_infoParmsB.bundleName, g_infoParmsB.instIndex);
+    PrivacyTestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID);
+    PrivacyKit::RemovePermissionUsedRecords(tokenIdEx.tokenIdExStruct.tokenID);
+
+    tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(
+        g_infoParmsC.userID, g_infoParmsC.bundleName, g_infoParmsC.instIndex);
+    PrivacyTestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID);
+    PrivacyKit::RemovePermissionUsedRecords(tokenIdEx.tokenIdExStruct.tokenID);
+
+    tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(
+        g_infoParmsE.userID, g_infoParmsE.bundleName, g_infoParmsE.instIndex);
+    PrivacyTestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID);
+    PrivacyKit::RemovePermissionUsedRecords(tokenIdEx.tokenIdExStruct.tokenID);
+
+    tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(
+        g_infoParmsF.userID, g_infoParmsF.bundleName, g_infoParmsF.instIndex);
+    PrivacyTestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID);
+    PrivacyKit::RemovePermissionUsedRecords(tokenIdEx.tokenIdExStruct.tokenID);
+
+    tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(
+        g_infoParmsG.userID, g_infoParmsG.bundleName, g_infoParmsG.instIndex);
+    PrivacyTestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID);
+    PrivacyKit::RemovePermissionUsedRecords(tokenIdEx.tokenIdExStruct.tokenID);
 }
 
 void PrivacyKitTest::SetUpTestCase()
 {
-    DeleteTestToken();
     g_selfTokenId = GetSelfTokenID();
-    g_nativeToken = AccessTokenKit::GetNativeTokenId("privacy_service");
-    
+    PrivacyTestCommon::SetTestEvironment(g_selfTokenId);
+
+    std::vector<std::string> reqPerm;
+    reqPerm.emplace_back("ohos.permission.PERMISSION_USED_STATS");
+    g_mock = new (std::nothrow) MockHapToken("PrivacyKitTest", reqPerm, true);
+
+    g_nativeToken = PrivacyTestCommon::GetNativeTokenIdFromProcess("privacy_service");
+
+    DeleteTestToken();
 #ifdef AUDIO_FRAMEWORK_ENABLE
     auto audioGroupManager = OHOS::AudioStandard::AudioSystemManager::GetInstance()->GetGroupManager(
         OHOS::AudioStandard::DEFAULT_VOLUME_GROUP_ID);
@@ -293,6 +258,12 @@ void PrivacyKitTest::SetUpTestCase()
 
 void PrivacyKitTest::TearDownTestCase()
 {
+    if (g_mock != nullptr) {
+        delete g_mock;
+        g_mock = nullptr;
+    }
+    SetSelfTokenID(g_selfTokenId);
+    PrivacyTestCommon::ResetTestEvironment();
 }
 
 void PrivacyKitTest::SetUp()
@@ -304,19 +275,30 @@ void PrivacyKitTest::SetUp()
         audioGroupManager->SetMicrophoneMutePersistent(false, OHOS::AudioStandard::PolicyType::PRIVACY_POLCIY_TYPE);
     }
 #endif
-    AccessTokenKit::AllocHapToken(g_infoParmsA, g_policyPramsA);
-    AccessTokenKit::AllocHapToken(g_infoParmsB, g_policyPramsB);
-    AccessTokenKit::AllocHapToken(g_infoParmsC, g_policyPramsC);
-    AccessTokenKit::AllocHapToken(g_infoParmsE, g_policyPramsE);
-    AccessTokenKit::AllocHapToken(g_infoParmsF, g_policyPramsF);
-    AccessTokenKit::AllocHapToken(g_infoParmsG, g_policyPramsG);
+    AccessTokenIDEx tokenIdEx = {0};
+    tokenIdEx = PrivacyTestCommon::AllocTestHapToken(g_infoParmsA, g_policyPramsA);
+    g_tokenIdA = tokenIdEx.tokenIdExStruct.tokenID;
+    ASSERT_NE(INVALID_TOKENID, g_tokenIdA);
+
+    tokenIdEx = PrivacyTestCommon::AllocTestHapToken(g_infoParmsB, g_policyPramsB);
+    g_tokenIdB = tokenIdEx.tokenIdExStruct.tokenID;
+    ASSERT_NE(INVALID_TOKENID, g_tokenIdB);
+
+    tokenIdEx = PrivacyTestCommon::AllocTestHapToken(g_infoParmsC, g_policyPramsC);
+    g_tokenIdC = tokenIdEx.tokenIdExStruct.tokenID;
+    ASSERT_NE(INVALID_TOKENID, g_tokenIdC);
+
+    tokenIdEx = PrivacyTestCommon::AllocTestHapToken(g_infoParmsE, g_policyPramsE);
+    g_tokenIdE = tokenIdEx.tokenIdExStruct.tokenID;
+    ASSERT_NE(INVALID_TOKENID, g_tokenIdE);
+
+    tokenIdEx = PrivacyTestCommon::AllocTestHapToken(g_infoParmsF, g_policyPramsF);
+    g_tokenIdF = tokenIdEx.tokenIdExStruct.tokenID;
+    ASSERT_NE(INVALID_TOKENID, g_tokenIdF);
 
-    g_tokenIdA = AccessTokenKit::GetHapTokenID(g_infoParmsA.userID, g_infoParmsA.bundleName, g_infoParmsA.instIndex);
-    g_tokenIdB = AccessTokenKit::GetHapTokenID(g_infoParmsB.userID, g_infoParmsB.bundleName, g_infoParmsB.instIndex);
-    g_tokenIdC = AccessTokenKit::GetHapTokenIDEx(g_infoParmsC.userID, g_infoParmsC.bundleName, g_infoParmsC.instIndex);
-    g_tokenIdE = AccessTokenKit::GetHapTokenID(g_infoParmsE.userID, g_infoParmsE.bundleName, g_infoParmsE.instIndex);
-    g_tokenIdF = AccessTokenKit::GetHapTokenID(g_infoParmsF.userID, g_infoParmsF.bundleName, g_infoParmsF.instIndex);
-    g_tokenIdG = AccessTokenKit::GetHapTokenID(g_infoParmsG.userID, g_infoParmsG.bundleName, g_infoParmsG.instIndex);
+    tokenIdEx = PrivacyTestCommon::AllocTestHapToken(g_infoParmsG, g_policyPramsG);
+    g_tokenIdG = tokenIdEx.tokenIdExStruct.tokenID;
+    ASSERT_NE(INVALID_TOKENID, g_tokenIdG);
 }
 
 void PrivacyKitTest::TearDown()
@@ -329,7 +311,6 @@ void PrivacyKitTest::TearDown()
             OHOS::AudioStandard::PolicyType::PRIVACY_POLCIY_TYPE);
     }
 #endif
-    EXPECT_EQ(0, SetSelfTokenID(g_selfTokenId));
     DeleteTestToken();
 }
 
@@ -388,7 +369,7 @@ static void SleepUtilMinuteEnd()
  * @tc.type: FUNC
  * @tc.require: issueI5P4IU
  */
-HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord001, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord001, TestSize.Level0)
 {
     AddPermParamInfo info;
     info.tokenId = 0;
@@ -419,7 +400,7 @@ HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5P4IU
  */
-HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord002, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord002, TestSize.Level0)
 {
     AddPermParamInfo info;
     info.tokenId = g_tokenIdA;
@@ -455,7 +436,7 @@ HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5P4IU
  */
-HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord003, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord003, TestSize.Level0)
 {
     AddPermParamInfo info;
     info.tokenId = g_nativeToken;
@@ -479,7 +460,7 @@ HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5P4IU
  */
-HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord004, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord004, TestSize.Level0)
 {
     AddPermParamInfo info;
     info.tokenId = g_tokenIdA;
@@ -513,7 +494,7 @@ HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord004, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5P4IU
  */
-HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord005, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord005, TestSize.Level0)
 {
     AddPermParamInfo info;
     info.tokenId = g_tokenIdA;
@@ -570,7 +551,7 @@ HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord005, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5P4IU
  */
-HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord006, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord006, TestSize.Level0)
 {
     SleepUtilMinuteEnd();
     AddPermParamInfo info;
@@ -601,17 +582,16 @@ HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord006, TestSize.Level1)
 }
 
 /**
- * @tc.name: AddPermissionUsedRecord008
+ * @tc.name: AddPermissionUsedRecord007
  * @tc.desc: AddPermissionUsedRecord caller is normal app.
  * @tc.type: FUNC
  * @tc.require: issueI66BH3
  */
-HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord008, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord007, TestSize.Level0)
 {
-    AccessTokenIDEx tokenIdEx = {0};
-    tokenIdEx = AccessTokenKit::AllocHapToken(g_normalInfoParms, g_policyPramsA);
-    ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx);
-    EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx));
+    std::vector<std::string> reqPerm;
+    reqPerm.emplace_back("ohos.permission.PERMISSION_USED_STATS");
+    MockHapToken mock("AddPermissionUsedRecord007", reqPerm, false);
 
     AddPermParamInfo info;
     info.tokenId = g_tokenIdA;
@@ -623,12 +603,12 @@ HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord008, TestSize.Level1)
 }
 
 /**
- * @tc.name: AddPermissionUsedRecord009
+ * @tc.name: AddPermissionUsedRecord008
  * @tc.desc: query permission record detail count.
  * @tc.type: FUNC
  * @tc.require: issueI5P4IU
  */
-HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord009, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord008, TestSize.Level0)
 {
     int32_t permRecordSize = 0;
 
@@ -680,12 +660,12 @@ HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord009, TestSize.Level1)
 }
 
 /**
- * @tc.name: AddPermissionUsedRecord010
+ * @tc.name: AddPermissionUsedRecord009
  * @tc.desc: test record cross minute not merge.
  * @tc.type: FUNC
  * @tc.require: issueI5P4IU
  */
-HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord010, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord009, TestSize.Level0)
 {
     AddPermParamInfo info;
     info.tokenId = g_tokenIdA;
@@ -714,7 +694,7 @@ HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord010, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5P4IU
  */
-HWTEST_F(PrivacyKitTest, RemovePermissionUsedRecords001, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, RemovePermissionUsedRecords001, TestSize.Level0)
 {
     ASSERT_EQ(PrivacyError::ERR_PARAM_INVALID, PrivacyKit::RemovePermissionUsedRecords(0));
 }
@@ -725,7 +705,7 @@ HWTEST_F(PrivacyKitTest, RemovePermissionUsedRecords001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5P4IU
  */
-HWTEST_F(PrivacyKitTest, RemovePermissionUsedRecords002, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, RemovePermissionUsedRecords002, TestSize.Level0)
 {
     AddPermParamInfo info;
     info.tokenId = g_tokenIdA;
@@ -749,15 +729,13 @@ HWTEST_F(PrivacyKitTest, RemovePermissionUsedRecords002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyKitTest, RemovePermissionUsedRecords003, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, RemovePermissionUsedRecords003, TestSize.Level0)
 {
-    AccessTokenIDEx tokenIdEx = {0};
-    tokenIdEx = AccessTokenKit::AllocHapToken(g_normalInfoParms, g_policyPramsA);
-    ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx);
-    EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx));
-    ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP,
-        PrivacyKit::RemovePermissionUsedRecords(tokenIdEx.tokenIdExStruct.tokenID));
-    EXPECT_EQ(0, AccessTokenKit::DeleteToken(tokenIdEx.tokenIdExStruct.tokenID));
+    std::vector<std::string> reqPerm;
+    reqPerm.emplace_back("ohos.permission.PERMISSION_USED_STATS");
+    MockHapToken mock("RemovePermissionUsedRecords003", reqPerm, false);
+    AccessTokenID tokenID = GetSelfTokenID();
+    ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, PrivacyKit::RemovePermissionUsedRecords(tokenID));
 }
 
 /**
@@ -766,7 +744,7 @@ HWTEST_F(PrivacyKitTest, RemovePermissionUsedRecords003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5P4IU
  */
-HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords001, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords001, TestSize.Level0)
 {
     AddPermParamInfo info;
     info.tokenId = g_tokenIdA;
@@ -796,7 +774,7 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5P4IU
  */
-HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords002, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords002, TestSize.Level0)
 {
     AddPermParamInfo info;
     info.tokenId = g_tokenIdA;
@@ -841,7 +819,7 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5P4IU
  */
-HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords003, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords003, TestSize.Level0)
 {
     AddPermParamInfo info;
     info.tokenId = g_tokenIdA;
@@ -888,7 +866,7 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5P4IU
  */
-HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords004, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords004, TestSize.Level0)
 {
     AddPermParamInfo info;
     info.tokenId = g_tokenIdA;
@@ -924,18 +902,18 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords004, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI66BH3
  */
-HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords005, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords005, TestSize.Level0)
 {
-    AccessTokenIDEx tokenIdEx = {0};
-    tokenIdEx = AccessTokenKit::AllocHapToken(g_normalInfoParms, g_policyPramsA);
-    ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx);
-    EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx));
+    std::vector<std::string> reqPerm;
+    reqPerm.emplace_back("ohos.permission.PERMISSION_USED_STATS");
+    MockHapToken mock("GetPermissionUsedRecords005", reqPerm, false);
+    AccessTokenID tokenID = GetSelfTokenID();
 
     PermissionUsedRequest request;
     PermissionUsedResult result;
     std::vector<std::string> permissionList;
     // query by tokenId
-    BuildQueryRequest(g_tokenIdA, "", permissionList, request);
+    BuildQueryRequest(tokenID, "", permissionList, request);
     ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, PrivacyKit::GetPermissionUsedRecords(request, result));
 }
 
@@ -945,7 +923,7 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords005, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI66BH3
  */
-HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords006, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords006, TestSize.Level0)
 {
     AddPermParamInfo info;
     info.tokenId = g_tokenIdA;
@@ -983,7 +961,7 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords006, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5P4IU
  */
-HWTEST_F(PrivacyKitTest, GetPermissionUsedRecordsAsync001, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, GetPermissionUsedRecordsAsync001, TestSize.Level0)
 {
     AddPermParamInfo info;
     info.tokenId = g_tokenIdA;
@@ -1006,7 +984,7 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedRecordsAsync001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5P4IU
  */
-HWTEST_F(PrivacyKitTest, GetPermissionUsedRecordsAsync002, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, GetPermissionUsedRecordsAsync002, TestSize.Level0)
 {
     AddPermParamInfo info;
     info.tokenId = g_tokenIdA;
@@ -1027,35 +1005,34 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedRecordsAsync002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5P4IU
  */
-HWTEST_F(PrivacyKitTest, GetPermissionUsedRecordsAsync003, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, GetPermissionUsedRecordsAsync003, TestSize.Level0)
 {
-    AccessTokenIDEx tokenIdEx = {0};
-    tokenIdEx = AccessTokenKit::AllocHapToken(g_systemInfoParms, g_policyPramsA);
-    ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx);
-    EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx));
+    std::vector<std::string> reqPerm;
+    MockHapToken mock("GetPermissionUsedRecordsAsync003", reqPerm, true);
+    AccessTokenID tokenID = GetSelfTokenID();
 
     PermissionUsedRequest request;
     std::vector<std::string> permissionList;
-    BuildQueryRequest(g_tokenIdA, "", permissionList, request);
+    BuildQueryRequest(tokenID, "", permissionList, request);
     OHOS::sptr<TestCallBack> callback(new TestCallBack());
     ASSERT_EQ(ERR_PERMISSION_DENIED, PrivacyKit::GetPermissionUsedRecords(request, callback));
 }
 
 /**
  * @tc.name: GetPermissionUsedRecordsAsync004
- * @tc.desc: cannot GetPermissionUsedRecordsAsync without permission.
+ * @tc.desc: cannot GetPermissionUsedRecordsAsync caller is normal app.
  * @tc.type: FUNC
  * @tc.require: issueI5P4IU
  */
-HWTEST_F(PrivacyKitTest, GetPermissionUsedRecordsAsync004, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, GetPermissionUsedRecordsAsync004, TestSize.Level0)
 {
-    AccessTokenIDEx tokenIdEx = {0};
-    tokenIdEx = AccessTokenKit::AllocHapToken(g_normalInfoParms, g_policyPramsA);
-    ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx);
-    EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx));
+    std::vector<std::string> reqPerm;
+    MockHapToken mock("GetPermissionUsedRecordsAsync004", reqPerm, false);
+    AccessTokenID tokenID = GetSelfTokenID();
+
     PermissionUsedRequest request;
     std::vector<std::string> permissionList;
-    BuildQueryRequest(g_tokenIdA, "", permissionList, request);
+    BuildQueryRequest(tokenID, "", permissionList, request);
     OHOS::sptr<TestCallBack> callback(new TestCallBack());
     ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, PrivacyKit::GetPermissionUsedRecords(request, callback));
 }
@@ -1114,7 +1091,7 @@ public:
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X issueI5P4IU issueI5P530
  */
-HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback001, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback001, TestSize.Level0)
 {
     std::vector<std::string> permList = {"ohos.permission.CAMERA"};
 
@@ -1175,7 +1152,7 @@ public:
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X issueI5P4IU issueI5P530
  */
-HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback002, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback002, TestSize.Level0)
 {
     std::vector<std::string> permList1 = {"ohos.permission.READ_CONTACTS"};
     auto callbackPtr1 = std::make_shared<CbCustomizeTest1>(permList1);
@@ -1228,7 +1205,7 @@ HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X
  */
-HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback003, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback003, TestSize.Level0)
 {
     std::vector<std::string> permList;
     for (int32_t i = 0; i < 1024; i++) { // 1024 is the limitation
@@ -1249,7 +1226,7 @@ HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X
  */
-HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback004, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback004, TestSize.Level0)
 {
     std::vector<std::string> permList = {"ohos.permission.CAMERA"};
     std::vector<std::shared_ptr<CbCustomizeTest3>> callbackList;
@@ -1278,7 +1255,7 @@ HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback004, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X
  */
-HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback005, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback005, TestSize.Level0)
 {
     std::vector<std::string> permList = {"ohos.permission.INVALD"};
 
@@ -1297,7 +1274,7 @@ HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback005, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X
  */
-HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback006, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback006, TestSize.Level0)
 {
     std::vector<std::string> permList = {"ohos.permission.CAMERA"};
     auto callbackPtr = std::make_shared<CbCustomizeTest3>(permList);
@@ -1310,7 +1287,7 @@ HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback006, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X
  */
-HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback007, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback007, TestSize.Level0)
 {
     std::vector<std::string> permList = {"ohos.permission.CAMERA"};
     auto callbackPtr = std::make_shared<CbCustomizeTest3>(permList);
@@ -1326,7 +1303,7 @@ HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback007, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5SZHG
  */
-HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback008, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback008, TestSize.Level0)
 {
     std::vector<std::string> permList = {
         "ohos.permission.CAMERA",
@@ -1358,7 +1335,7 @@ HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback008, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI61A6M
  */
-HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback009, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback009, TestSize.Level0)
 {
     std::shared_ptr<PermActiveStatusCustomizedCbk> callback = nullptr;
     ASSERT_EQ(nullptr, callback);
@@ -1371,12 +1348,10 @@ HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback009, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI66BH3
  */
-HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback010, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback010, TestSize.Level0)
 {
-    AccessTokenIDEx tokenIdEx = {0};
-    tokenIdEx = AccessTokenKit::AllocHapToken(g_normalInfoParms, g_policyPramsA);
-    ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx);
-    EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx));
+    std::vector<std::string> reqPerm;
+    MockHapToken mock("RegisterPermActiveStatusCallback010", reqPerm, false);
 
     std::vector<std::string> permList1 = {"ohos.permission.CAMERA"};
     auto callbackPtr = std::make_shared<CbCustomizeTest3>(permList1);
@@ -1389,19 +1364,16 @@ HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback010, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI66BH3
  */
-HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback011, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback011, TestSize.Level0)
 {
     std::vector<std::string> permList1 = {"ohos.permission.CAMERA"};
     auto callbackPtr1 = std::make_shared<CbCustomizeTest3>(permList1);
     ASSERT_EQ(RET_NO_ERROR, PrivacyKit::RegisterPermActiveStatusCallback(callbackPtr1));
-
-    AccessTokenIDEx tokenIdEx = {0};
-    tokenIdEx = AccessTokenKit::AllocHapToken(g_normalInfoParms, g_policyPramsA);
-    ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx);
-    EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx));
-    ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, PrivacyKit::UnRegisterPermActiveStatusCallback(callbackPtr1));
-
-    EXPECT_EQ(0, SetSelfTokenID(g_selfTokenId));
+    {
+        std::vector<std::string> reqPerm;
+        MockHapToken mockTmp("RegisterPermActiveStatusCallback011_1", reqPerm, false);
+        ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, PrivacyKit::UnRegisterPermActiveStatusCallback(callbackPtr1));
+    }
     ASSERT_EQ(RET_NO_ERROR, PrivacyKit::UnRegisterPermActiveStatusCallback(callbackPtr1));
 }
 
@@ -1432,7 +1404,7 @@ public:
  * @tc.type: FUNC
  * @tc.require: issueI66BH3
  */
-HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback012, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback012, TestSize.Level0)
 {
     std::vector<std::string> permList = {"ohos.permission.READ_CALL_LOG"};
     auto callbackPtr = std::make_shared<CbCustomizeTest5>(permList);
@@ -1466,7 +1438,7 @@ HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback012, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5RWX3 issueI5RWX8
  */
-HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission001, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission001, TestSize.Level0)
 {
     std::string permissionName = "ohos.permission.CAMERA";
     ASSERT_EQ(false, PrivacyKit::IsAllowedUsingPermission(g_tokenIdE, permissionName));
@@ -1480,9 +1452,10 @@ HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5RWX3 issueI5RWX8
  */
-HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission002, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission002, TestSize.Level0)
 {
-    EXPECT_EQ(0, SetSelfTokenID(g_selfTokenId));
+    std::vector<std::string> reqPerm;
+    MockHapToken mock("IsAllowedUsingPermission002", reqPerm, true);
     std::string permissionName = "ohos.permission.CAMERA";
     ASSERT_EQ(false, PrivacyKit::IsAllowedUsingPermission(g_tokenIdE, permissionName));
 }
@@ -1493,23 +1466,141 @@ HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5RWX3 issueI5RWX8
  */
-HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission003, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission003, TestSize.Level0)
 {
-    AccessTokenIDEx tokenIdEx = {0};
-    tokenIdEx = AccessTokenKit::AllocHapToken(g_systemInfoParms, g_policyPramsA);
-    ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx);
-    EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx));
+    std::vector<std::string> reqPerm;
+    MockHapToken mock("IsAllowedUsingPermission003", reqPerm, true);
+
     std::string permissionName = "ohos.permission.CAMERA";
     ASSERT_EQ(false, PrivacyKit::IsAllowedUsingPermission(g_tokenIdE, permissionName));
 }
 
+
+/**
+ * @tc.name: IsAllowedUsingPermission004
+ * @tc.desc: IsAllowedUsingPermission with valid tokenId.
+ * @tc.type: FUNC
+ * @tc.require:
+ */
+HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission004, TestSize.Level0)
+{
+    std::string permissionName = "ohos.permission.MICROPHONE";
+    std::vector<AppStateData> list;
+    int32_t ret = AppManagerAccessClient::GetInstance().GetForegroundApplications(list);
+    ASSERT_EQ(0, ret);
+    if (list.empty()) {
+        GTEST_LOG_(INFO) << "GetForegroundApplications empty ";
+    } else {
+        uint32_t tokenIdForeground = list[0].accessTokenId;
+        ASSERT_EQ(true, PrivacyKit::IsAllowedUsingPermission(tokenIdForeground, permissionName));
+    }
+}
+
+/**
+ * @tc.name: IsAllowedUsingPermission005
+ * @tc.desc: IsAllowedUsingPermission with valid pid.
+ * @tc.type: FUNC
+ * @tc.require:
+ */
+HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission005, TestSize.Level0)
+{
+    std::vector<AppStateData> list;
+    ASSERT_EQ(0, AppManagerAccessClient::GetInstance().GetForegroundApplications(list));
+    if (list.empty()) {
+        GTEST_LOG_(INFO) << "GetForegroundApplications empty ";
+    } else {
+        uint32_t tokenIdForeground = list[0].accessTokenId;
+        int32_t pidForground = list[0].pid;
+        std::string permissionName = "ohos.permission.MICROPHONE";
+        ASSERT_EQ(false, PrivacyKit::IsAllowedUsingPermission(tokenIdForeground, permissionName, NOT_EXSIT_PID));
+        ASSERT_EQ(true, PrivacyKit::IsAllowedUsingPermission(tokenIdForeground, permissionName, pidForground));
+
+        permissionName = "ohos.permission.CAMERA";
+        ASSERT_EQ(false, PrivacyKit::IsAllowedUsingPermission(tokenIdForeground, permissionName, NOT_EXSIT_PID));
+        ASSERT_EQ(true, PrivacyKit::IsAllowedUsingPermission(tokenIdForeground, permissionName, pidForground));
+    }
+}
+
+/**
+ * @tc.name: IsAllowedUsingPermission006
+ * @tc.desc: IsAllowedUsingPermission with MICROPHONE_BACKGROUND permission.
+ * @tc.type: FUNC
+ * @tc.require:
+ */
+HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission006, TestSize.Level0)
+{
+    std::string permissionName = "ohos.permission.MICROPHONE";
+    ASSERT_EQ(false, PrivacyKit::IsAllowedUsingPermission(g_tokenIdE, permissionName));
+
+    HapInfoParams info = {
+        .userID = 1,
+        .bundleName = "ohos.privacy_test.microphone",
+        .instIndex = 0,
+        .appIDDesc = "privacy_test.microphone"
+    };
+
+    PermissionStateFull infoManagerTestStateD = {
+        .permissionName = "ohos.permission.MICROPHONE_BACKGROUND",
+        .isGeneral = true,
+        .resDeviceID = {"localC"},
+        .grantStatus = {PermissionState::PERMISSION_GRANTED},
+        .grantFlags = {1}
+    };
+
+    HapPolicyParams policy = {
+        .apl = APL_NORMAL,
+        .domain = "test.domain",
+        .permList = {},
+        .permStateList = {infoManagerTestStateD}
+    };
+
+    AccessTokenIDEx tokenIdEx = PrivacyTestCommon::AllocTestHapToken(info, policy);
+    AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
+    ASSERT_NE(0, tokenId); // hap MICROPHONE_BACKGROUND permission
+    ASSERT_EQ(true, PrivacyKit::IsAllowedUsingPermission(tokenId, permissionName)); // background hap
+
+    info.isSystemApp = true;
+    info.bundleName = "ohos.privacy_test.microphone.sys_app";
+    tokenIdEx = PrivacyTestCommon::AllocTestHapToken(info, policy);
+    AccessTokenID sysApptokenId = tokenIdEx.tokenIdExStruct.tokenID;
+
+    uint32_t selfUid = getuid();
+    uint64_t selfTokenId = GetSelfTokenID();
+    setuid(ACCESS_TOKEN_UID);
+
+    uint32_t opCode1 = -1;
+    uint32_t opCode2 = -1;
+    ASSERT_EQ(true, TransferPermissionToOpcode("ohos.permission.SET_FOREGROUND_HAP_REMINDER", opCode1));
+    ASSERT_EQ(true, TransferPermissionToOpcode("ohos.permission.PERMISSION_USED_STATS", opCode2));
+    ASSERT_EQ(0, AddPermissionToKernel(sysApptokenId, {opCode1, opCode2}, {1, 1}));
+    EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx));
+
+    // callkit set hap to foreground with MICROPHONE_BACKGROUND
+    EXPECT_EQ(0, PrivacyKit::SetHapWithFGReminder(tokenId, true));
+    EXPECT_EQ(true, PrivacyKit::IsAllowedUsingPermission(tokenId, permissionName));
+
+    // callkit set g_tokenIdE to foreground without MICROPHONE_BACKGROUND
+    EXPECT_EQ(0, PrivacyKit::SetHapWithFGReminder(g_tokenIdE, true));
+    EXPECT_EQ(true, PrivacyKit::IsAllowedUsingPermission(g_tokenIdE, permissionName));
+    
+    EXPECT_EQ(0, PrivacyKit::SetHapWithFGReminder(tokenId, false));
+    EXPECT_EQ(0, PrivacyKit::SetHapWithFGReminder(g_tokenIdE, false));
+
+    ASSERT_EQ(0, RemovePermissionFromKernel(sysApptokenId));
+    ASSERT_EQ(0, PrivacyTestCommon::DeleteTestHapToken(tokenId));
+    ASSERT_EQ(0, PrivacyTestCommon::DeleteTestHapToken(sysApptokenId));
+
+    setuid(selfUid);
+    EXPECT_EQ(0, SetSelfTokenID(selfTokenId));
+}
+
 /**
  * @tc.name: StartUsingPermission001
  * @tc.desc: StartUsingPermission with invalid tokenId or permission or usedType.
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X issueI5P4IU issueI5P530
  */
-HWTEST_F(PrivacyKitTest, StartUsingPermission001, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, StartUsingPermission001, TestSize.Level0)
 {
     ASSERT_EQ(PrivacyError::ERR_PARAM_INVALID, PrivacyKit::StartUsingPermission(0, "ohos.permission.CAMERA"));
     ASSERT_EQ(PrivacyError::ERR_PARAM_INVALID, PrivacyKit::StartUsingPermission(0, "permissionName"));
@@ -1523,7 +1614,7 @@ HWTEST_F(PrivacyKitTest, StartUsingPermission001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X issueI5P4IU issueI5P530
  */
-HWTEST_F(PrivacyKitTest, StartUsingPermission002, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, StartUsingPermission002, TestSize.Level0)
 {
     std::string permissionName = "ohos.permission.CAMERA";
     ASSERT_EQ(RET_NO_ERROR, PrivacyKit::StartUsingPermission(g_tokenIdE, permissionName));
@@ -1538,7 +1629,7 @@ HWTEST_F(PrivacyKitTest, StartUsingPermission002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X issueI5P4IU issueI5P530
  */
-HWTEST_F(PrivacyKitTest, StartUsingPermission003, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, StartUsingPermission003, TestSize.Level0)
 {
     std::string permissionName = "ohos.permission.READ_CONTACTS";
     ASSERT_EQ(RET_NO_ERROR, PrivacyKit::StartUsingPermission(g_tokenIdE, permissionName));
@@ -1565,7 +1656,7 @@ HWTEST_F(PrivacyKitTest, StartUsingPermission003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X issueI5P4IU issueI5P530
  */
-HWTEST_F(PrivacyKitTest, StartUsingPermission004, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, StartUsingPermission004, TestSize.Level0)
 {
     std::string permissionName = "ohos.permission.CAMERA";
     ASSERT_EQ(RET_NO_ERROR, PrivacyKit::StartUsingPermission(g_tokenIdE, permissionName));
@@ -1578,7 +1669,7 @@ HWTEST_F(PrivacyKitTest, StartUsingPermission004, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X issueI5P4IU issueI5P530
  */
-HWTEST_F(PrivacyKitTest, StartUsingPermission005, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, StartUsingPermission005, TestSize.Level0)
 {
     std::string permissionName = "ohos.permission.UtTestInvalidPermission";
     ASSERT_EQ(PrivacyError::ERR_PERMISSION_NOT_EXIST, PrivacyKit::StartUsingPermission(g_tokenIdE, permissionName));
@@ -1593,7 +1684,7 @@ HWTEST_F(PrivacyKitTest, StartUsingPermission005, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5RWX5 issueI5RWX3 issueI5RWXA
  */
-HWTEST_F(PrivacyKitTest, StartUsingPermission006, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, StartUsingPermission006, TestSize.Level0)
 {
     auto callbackPtr = std::make_shared<CbCustomizeTest4>();
     ASSERT_EQ(PrivacyError::ERR_PARAM_INVALID,
@@ -1614,7 +1705,7 @@ HWTEST_F(PrivacyKitTest, StartUsingPermission006, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5RWX5 issueI5RWX3 issueI5RWXA
  */
-HWTEST_F(PrivacyKitTest, StartUsingPermission007, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, StartUsingPermission007, TestSize.Level0)
 {
     std::string permissionName = "ohos.permission.CAMERA";
     auto callbackPtr = std::make_shared<CbCustomizeTest4>();
@@ -1630,7 +1721,7 @@ HWTEST_F(PrivacyKitTest, StartUsingPermission007, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI61A6M
  */
-HWTEST_F(PrivacyKitTest, StartUsingPermission008, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, StartUsingPermission008, TestSize.Level0)
 {
     AccessTokenID tokenId = 0;
     std::string permissionName;
@@ -1646,7 +1737,7 @@ HWTEST_F(PrivacyKitTest, StartUsingPermission008, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5RWX5 issueI5RWX3 issueI5RWXA
  */
-HWTEST_F(PrivacyKitTest, StartUsingPermission009, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, StartUsingPermission009, TestSize.Level0)
 {
     std::string permissionName = "ohos.permission.CAMERA";
     auto callbackPtr = std::make_shared<CbCustomizeTest4>();
@@ -1662,13 +1753,11 @@ HWTEST_F(PrivacyKitTest, StartUsingPermission009, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI66BH3
  */
-HWTEST_F(PrivacyKitTest, StartUsingPermission010, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, StartUsingPermission010, TestSize.Level0)
 {
-    g_policyPramsA.permStateList.emplace_back(g_infoManagerTestStateC);
-    AccessTokenIDEx tokenIdEx = {0};
-    tokenIdEx = AccessTokenKit::AllocHapToken(g_normalInfoParms, g_policyPramsA);
-    ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx);
-    EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx));
+    std::vector<std::string> reqPerm;
+    reqPerm.emplace_back("ohos.permission.PERMISSION_USED_STATS");
+    MockHapToken mock("StartUsingPermission010", reqPerm, false);
 
     std::string permissionName = "ohos.permission.CAMERA";
     ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, PrivacyKit::StartUsingPermission(g_tokenIdE, permissionName));
@@ -1680,7 +1769,7 @@ HWTEST_F(PrivacyKitTest, StartUsingPermission010, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyKitTest, StartUsingPermission011, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, StartUsingPermission011, TestSize.Level0)
 {
     std::string permissionName = "ohos.permission.CAMERA";
     int32_t pid1 = 1001;
@@ -1698,7 +1787,7 @@ HWTEST_F(PrivacyKitTest, StartUsingPermission011, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyKitTest, StartUsingPermission012, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, StartUsingPermission012, TestSize.Level0)
 {
     std::string permissionName = "ohos.permission.CAMERA";
     int32_t pid1 = 1001;
@@ -1716,7 +1805,7 @@ HWTEST_F(PrivacyKitTest, StartUsingPermission012, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyKitTest, StartUsingPermission013, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, StartUsingPermission013, TestSize.Level0)
 {
     std::string permissionName = "ohos.permission.CAMERA";
     int32_t pid1 = 1001;
@@ -1737,12 +1826,12 @@ HWTEST_F(PrivacyKitTest, StartUsingPermission013, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5RWX5 issueI5RWX3 issueI5RWXA
  */
-HWTEST_F(PrivacyKitTest, StartUsingPermission014, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, StartUsingPermission014, TestSize.Level0)
 {
-    AccessTokenIDEx tokenIdEx = {0};
-    tokenIdEx = AccessTokenKit::AllocHapToken(g_normalInfoParms, g_policyPramsA);
-    ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx);
-    EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx));
+    std::vector<std::string> reqPerm;
+    reqPerm.emplace_back("ohos.permission.PERMISSION_USED_STATS");
+    MockHapToken mock("StartUsingPermission014", reqPerm, false);
+
     std::string permissionName = "ohos.permission.CAMERA";
     auto callbackPtr = std::make_shared<CbCustomizeTest4>();
     ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP,
@@ -1755,7 +1844,7 @@ HWTEST_F(PrivacyKitTest, StartUsingPermission014, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X issueI5P4IU issueI5P530
  */
-HWTEST_F(PrivacyKitTest, StopUsingPermission001, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, StopUsingPermission001, TestSize.Level0)
 {
     ASSERT_EQ(PrivacyError::ERR_PARAM_INVALID, PrivacyKit::StopUsingPermission(0, "ohos.permission.CAMERA"));
     ASSERT_EQ(PrivacyError::ERR_PARAM_INVALID, PrivacyKit::StopUsingPermission(0, "permissionName"));
@@ -1767,7 +1856,7 @@ HWTEST_F(PrivacyKitTest, StopUsingPermission001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X issueI5P4IU issueI5P530
  */
-HWTEST_F(PrivacyKitTest, StopUsingPermission002, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, StopUsingPermission002, TestSize.Level0)
 {
     std::string permissionName = "ohos.permission.CAMERA";
     ASSERT_EQ(
@@ -1780,7 +1869,7 @@ HWTEST_F(PrivacyKitTest, StopUsingPermission002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X issueI5P4IU issueI5P530
  */
-HWTEST_F(PrivacyKitTest, StopUsingPermission003, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, StopUsingPermission003, TestSize.Level0)
 {
     std::string permissionName = "ohos.permission.CAMERA";
     ASSERT_EQ(RET_NO_ERROR, PrivacyKit::StartUsingPermission(g_tokenIdE, permissionName));
@@ -1796,7 +1885,7 @@ HWTEST_F(PrivacyKitTest, StopUsingPermission003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X issueI5P4IU issueI5P530
  */
-HWTEST_F(PrivacyKitTest, StopUsingPermission004, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, StopUsingPermission004, TestSize.Level0)
 {
     std::string permissionName = "ohos.permission.CAMERA";
     ASSERT_EQ(RET_NO_ERROR, PrivacyKit::StartUsingPermission(g_tokenIdE, permissionName));
@@ -1811,7 +1900,7 @@ HWTEST_F(PrivacyKitTest, StopUsingPermission004, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5SZHG
  */
-HWTEST_F(PrivacyKitTest, StopUsingPermission005, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, StopUsingPermission005, TestSize.Level0)
 {
     ASSERT_EQ(
         PrivacyError::ERR_PARAM_INVALID, PrivacyKit::StopUsingPermission(g_nativeToken, "ohos.permission.CAMERA"));
@@ -1823,12 +1912,11 @@ HWTEST_F(PrivacyKitTest, StopUsingPermission005, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI66BH3
  */
-HWTEST_F(PrivacyKitTest, StopUsingPermission006, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, StopUsingPermission006, TestSize.Level0)
 {
-    AccessTokenIDEx tokenIdEx = {0};
-    tokenIdEx = AccessTokenKit::AllocHapToken(g_normalInfoParms, g_policyPramsA);
-    ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx);
-    EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx));
+    std::vector<std::string> reqPerm;
+    reqPerm.emplace_back("ohos.permission.PERMISSION_USED_STATS");
+    MockHapToken mock("StopUsingPermission006", reqPerm, false);
 
     std::string permissionName = "ohos.permission.CAMERA";
     ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, PrivacyKit::StopUsingPermission(g_tokenIdE, permissionName));
@@ -1840,7 +1928,7 @@ HWTEST_F(PrivacyKitTest, StopUsingPermission006, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5RWX5 issueI5RWX3 issueI5RWXA
  */
-HWTEST_F(PrivacyKitTest, StopUsingPermission007, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, StopUsingPermission007, TestSize.Level0)
 {
     std::string permissionName = "ohos.permission.READ_CONTACTS";
     auto callbackPtr = std::make_shared<CbCustomizeTest4>();
@@ -1879,7 +1967,7 @@ public:
  * @tc.type: FUNC
  * @tc.require: issueI61A6M
  */
-HWTEST_F(PrivacyKitTest, OnRemoteRequest001, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, OnRemoteRequest001, TestSize.Level0)
 {
     AccessTokenID tokenId = 123; // 123 is random input
     bool isShowing = false;
@@ -1926,7 +2014,7 @@ public:
  * @tc.type: FUNC
  * @tc.require: issueI61A6M
  */
-HWTEST_F(PrivacyKitTest, OnRemoteRequest002, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, OnRemoteRequest002, TestSize.Level0)
 {
     g_permissionUsedRecord.accessRecords.emplace_back(g_usedRecordDetail);
     g_bundleUsedRecord.permissionRecords.emplace_back(g_permissionUsedRecord);
@@ -1981,7 +2069,7 @@ public:
  * @tc.type: FUNC
  * @tc.require: issueI61A6M
  */
-HWTEST_F(PrivacyKitTest, OnRemoteRequest003, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, OnRemoteRequest003, TestSize.Level0)
 {
     ActiveChangeResponse response = {
         .tokenID = 123,
@@ -2016,7 +2104,7 @@ HWTEST_F(PrivacyKitTest, OnRemoteRequest003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI61A6M
  */
-HWTEST_F(PrivacyKitTest, ActiveStatusChangeCallback001, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, ActiveStatusChangeCallback001, TestSize.Level0)
 {
     ActiveChangeResponse response = {
         .tokenID = 123,
@@ -2038,7 +2126,7 @@ HWTEST_F(PrivacyKitTest, ActiveStatusChangeCallback001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI61A6M
  */
-HWTEST_F(PrivacyKitTest, StateChangeNotify001, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, StateChangeNotify001, TestSize.Level0)
 {
     AccessTokenID tokenId = 123; // 123 is random input
     bool isShowing = false;
@@ -2054,7 +2142,7 @@ HWTEST_F(PrivacyKitTest, StateChangeNotify001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI61A6M
  */
-HWTEST_F(PrivacyKitTest, InitProxy001, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, InitProxy001, TestSize.Level0)
 {
     ASSERT_NE(nullptr, PrivacyManagerClient::GetInstance().proxy_);
     OHOS::sptr<IPrivacyManager> proxy = PrivacyManagerClient::GetInstance().proxy_; // backup
@@ -2064,60 +2152,13 @@ HWTEST_F(PrivacyKitTest, InitProxy001, TestSize.Level1)
     PrivacyManagerClient::GetInstance().proxy_ = proxy; // recovery
 }
 
-#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE
-/**
- * @tc.name: RegisterSecCompEnhance001
- * @tc.desc: PrivacyKit:: function test register enhance data
- * @tc.type: FUNC
- * @tc.require: issueI7MXZ
- */
-HWTEST_F(PrivacyKitTest, RegisterSecCompEnhance001, TestSize.Level1)
-{
-    SetSelfTokenID(g_tokenIdA);
-    SecCompEnhanceData data;
-    data.callback = nullptr;
-    data.challenge = 0;
-    data.seqNum = 0;
-    EXPECT_EQ(PrivacyError::ERR_WRITE_PARCEL_FAILED, PrivacyKit::RegisterSecCompEnhance(data));
-
-    // StateChangeCallback is not the real callback of SecCompEnhance, but it does not effect the final result.
-    auto callbackPtr = std::make_shared<CbCustomizeTest4>();
-    data.callback = new (std::nothrow) StateChangeCallback(callbackPtr);
-    EXPECT_EQ(RET_SUCCESS, PrivacyKit::RegisterSecCompEnhance(data));
-
-    AccessTokenID secCompId = AccessTokenKit::GetNativeTokenId("security_component_service");
-    EXPECT_EQ(0, SetSelfTokenID(secCompId));
-    SecCompEnhanceData data1;
-    EXPECT_EQ(RET_SUCCESS, PrivacyKit::GetSecCompEnhance(getpid(), data1));
-    EXPECT_NE(RET_SUCCESS, PrivacyKit::GetSecCompEnhance(0, data1));
-    EXPECT_EQ(RET_SUCCESS, PrivacyKit::UpdateSecCompEnhance(getpid(), 1));
-    EXPECT_NE(RET_SUCCESS, PrivacyKit::UpdateSecCompEnhance(0, 1));
-}
-
-/**
- * @tc.name: GetSpecialSecCompEnhance001
- * @tc.desc: PrivacyKit:: function test Get Special enhance
- * @tc.type: FUNC
- * @tc.require: issueI7MXZ
- */
-HWTEST_F(PrivacyKitTest, GetSpecialSecCompEnhance001, TestSize.Level1)
-{
-    AccessTokenID secCompId = AccessTokenKit::GetNativeTokenId("security_component_service");
-    EXPECT_EQ(0, SetSelfTokenID(secCompId));
-
-    std::vector<SecCompEnhanceData> res;
-    ASSERT_EQ(RET_SUCCESS, PrivacyKit::GetSpecialSecCompEnhance("", res));
-    ASSERT_EQ(RET_SUCCESS, PrivacyKit::GetSpecialSecCompEnhance(g_infoParmsA.bundleName, res));
-}
-#endif
-
 /**
  * @tc.name: AddPermissionUsedRecord011
  * @tc.desc: Test AddPermissionUsedRecord with default normal used type
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord011, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord011, TestSize.Level0)
 {
     AddPermParamInfo info;
     info.tokenId = g_tokenIdA;
@@ -2146,7 +2187,7 @@ HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord011, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord012, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord012, TestSize.Level0)
 {
     AddPermParamInfo info;
     info.tokenId = g_tokenIdA;
@@ -2176,7 +2217,7 @@ HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord012, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord013, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord013, TestSize.Level0)
 {
     AddPermParamInfo info;
     info.tokenId = g_tokenIdA;
@@ -2206,7 +2247,7 @@ HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord013, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord014, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord014, TestSize.Level0)
 {
     AddPermParamInfo info;
     info.tokenId = g_tokenIdA;
@@ -2232,7 +2273,7 @@ HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord014, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord015, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord015, TestSize.Level0)
 {
     AddPermParamInfo info;
     info.tokenId = g_tokenIdA;
@@ -2258,7 +2299,7 @@ HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord015, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord016, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord016, TestSize.Level0)
 {
     AddPermParamInfo info;
     info.tokenId = g_tokenIdA;
@@ -2285,7 +2326,7 @@ HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord016, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord017, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord017, TestSize.Level0)
 {
     AddPermParamInfo info;
     info.tokenId = g_tokenIdA;
@@ -2315,7 +2356,7 @@ HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord017, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord018, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord018, TestSize.Level0)
 {
     AddPermParamInfo info;
     info.tokenId = g_tokenIdA;
@@ -2332,7 +2373,7 @@ HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord018, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos001, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos001, TestSize.Level0)
 {
     AddPermParamInfo info;
     info.tokenId = g_tokenIdA;
@@ -2347,7 +2388,7 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos001, TestSize.Level1)
     // g_tokenIdB add picker used type
     ASSERT_EQ(RET_SUCCESS, PrivacyKit::AddPermissionUsedRecord(info));
 
-    info.tokenId = g_tokenIdC.tokenIdExStruct.tokenID;
+    info.tokenId = g_tokenIdC;
     info.type = PermissionUsedType::SECURITY_COMPONENT_TYPE;
     // g_tokenIdC add security component used type
     ASSERT_EQ(RET_SUCCESS, PrivacyKit::AddPermissionUsedRecord(info));
@@ -2361,7 +2402,7 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos001, TestSize.Level1)
             ASSERT_EQ(PermissionUsedType::NORMAL_TYPE, result.type); // g_tokenIdA only normal type
         } else if (result.tokenId == g_tokenIdB) {
             ASSERT_EQ(PermissionUsedType::PICKER_TYPE, result.type); // g_tokenIdB only picker type
-        } else if (result.tokenId == g_tokenIdC.tokenIdExStruct.tokenID) {
+        } else if (result.tokenId == g_tokenIdC) {
             // g_tokenIdC only security component type
             ASSERT_EQ(PermissionUsedType::SECURITY_COMPONENT_TYPE, result.type);
         }
@@ -2374,7 +2415,7 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos002, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos002, TestSize.Level0)
 {
     AddPermParamInfo info;
     info.tokenId = g_tokenIdA;
@@ -2429,7 +2470,7 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos003, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos003, TestSize.Level0)
 {
     AddPermParamInfo info;
     info.tokenId = g_tokenIdA;
@@ -2444,7 +2485,7 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos003, TestSize.Level1)
     // g_tokenIdB add picker used type
     ASSERT_EQ(RET_SUCCESS, PrivacyKit::AddPermissionUsedRecord(info));
 
-    info.tokenId = g_tokenIdC.tokenIdExStruct.tokenID;
+    info.tokenId = g_tokenIdC;
     info.type = PermissionUsedType::SECURITY_COMPONENT_TYPE;
     // g_tokenIdC add security component used type
     ASSERT_EQ(RET_SUCCESS, PrivacyKit::AddPermissionUsedRecord(info));
@@ -2463,10 +2504,9 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos003, TestSize.Level1)
     ASSERT_EQ(PermissionUsedType::PICKER_TYPE, results2[FIRST_INDEX].type); // picker type
 
     std::vector<PermissionUsedTypeInfo> results3;
-    ASSERT_EQ(RET_SUCCESS, PrivacyKit::GetPermissionUsedTypeInfos(g_tokenIdC.tokenIdExStruct.tokenID,
-        permissionName, results3));
+    ASSERT_EQ(RET_SUCCESS, PrivacyKit::GetPermissionUsedTypeInfos(g_tokenIdC, permissionName, results3));
     ASSERT_EQ(static_cast<size_t>(RESULT_NUM_ONE), results3.size()); // only g_tokenIdC
-    ASSERT_EQ(g_tokenIdC.tokenIdExStruct.tokenID, results3[FIRST_INDEX].tokenId);
+    ASSERT_EQ(g_tokenIdC, results3[FIRST_INDEX].tokenId);
     ASSERT_EQ(PermissionUsedType::SECURITY_COMPONENT_TYPE, results3[FIRST_INDEX].type); // security component type
 }
 
@@ -2476,7 +2516,7 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos004, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos004, TestSize.Level0)
 {
     std::vector<PermissionUsedTypeInfo> results;
     // tokenId invalid
@@ -2500,23 +2540,24 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos004, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos005, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos005, TestSize.Level0)
 {
-    EXPECT_EQ(0, SetSelfTokenID(g_tokenIdA)); // g_tokenIdA is a normal hap
-
+    std::vector<std::string> reqPerm;
     std::string permissionName;
     std::vector<PermissionUsedTypeInfo> results;
-    ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, PrivacyKit::GetPermissionUsedTypeInfos(0, permissionName, results));
 
-    AccessTokenIDEx tokenIdEx = {0};
-    tokenIdEx = AccessTokenKit::AllocHapToken(g_infoParmsD, g_policyPramsD);
-    ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx);
-    EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx)); // as a system hap without PERMISSION_USED_STATE
-    ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, PrivacyKit::GetPermissionUsedTypeInfos(
-        0, permissionName, results));
+    {
+        // as a normal hap without PERMISSION_USED_STATE
+        MockHapToken mock("GetPermissionUsedTypeInfos005", reqPerm, false);
+        ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, PrivacyKit::GetPermissionUsedTypeInfos(0, permissionName, results));
+    }
 
-    PrivacyKit::RemovePermissionUsedRecords(tokenIdEx.tokenIdExStruct.tokenID);
-    EXPECT_EQ(0, AccessTokenKit::DeleteToken(tokenIdEx.tokenIdExStruct.tokenID)); // delete test hap
+    {
+        // as a system hap without PERMISSION_USED_STATE
+        MockHapToken mock("GetPermissionUsedTypeInfos005", reqPerm, true);
+        ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, PrivacyKit::GetPermissionUsedTypeInfos(
+            0, permissionName, results));
+    }
 }
 
 /*
@@ -2525,23 +2566,21 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos005, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos006, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos006, TestSize.Level0)
 {
     uint32_t count = MAX_PERMISSION_USED_TYPE_SIZE + 1;
 
-    // set callertoken to system app
-    ASSERT_EQ(0, SetSelfTokenID(g_tokenIdC.tokenIDEx));
-
     // add 2001 permission used type record
     std::vector<AccessTokenID> tokenIdList;
-    std::string tmpBundleName = g_infoParmsC.bundleName;
 
     for (uint32_t i = 0; i < count; i++) {
-        std::string bundleName = tmpBundleName + std::to_string(i);
-        g_infoParmsC.bundleName = bundleName;
-        AccessTokenIDEx tokenIdEx = AccessTokenKit::AllocHapToken(g_infoParmsC, g_policyPramsC);
+        HapInfoParams infoParms = g_infoParmsC;
+        HapPolicyParams policyPrams = g_policyPramsC;
+        infoParms.bundleName = infoParms.bundleName + std::to_string(i);
+
+        AccessTokenIDEx tokenIdEx = PrivacyTestCommon::AllocTestHapToken(infoParms, policyPrams);
         AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
-        ASSERT_NE(tokenId, INVALID_TOKENID);
+        EXPECT_NE(INVALID_TOKENID, tokenId);
         tokenIdList.emplace_back(tokenId);
 
         AddPermParamInfo info;
@@ -2549,21 +2588,19 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos006, TestSize.Level1)
         info.permissionName = "ohos.permission.READ_CONTACTS";
         info.successCount = 1;
         info.failCount = 0;
-        ASSERT_EQ(RET_NO_ERROR, PrivacyKit::AddPermissionUsedRecord(info));
+        EXPECT_EQ(RET_NO_ERROR, PrivacyKit::AddPermissionUsedRecord(info));
     }
 
     AccessTokenID tokenId = 0;
     std::string permissionName;
     std::vector<PermissionUsedTypeInfo> results;
     // record over size
-    ASSERT_EQ(PrivacyError::ERR_OVERSIZE, PrivacyKit::GetPermissionUsedTypeInfos(tokenId, permissionName, results));
+    EXPECT_EQ(PrivacyError::ERR_OVERSIZE, PrivacyKit::GetPermissionUsedTypeInfos(tokenId, permissionName, results));
 
     for (const auto& id : tokenIdList) {
-        PrivacyKit::RemovePermissionUsedRecords(id);
-        ASSERT_EQ(0, AccessTokenKit::DeleteToken(id));
+        EXPECT_EQ(RET_SUCCESS, PrivacyKit::RemovePermissionUsedRecords(id));
+        EXPECT_EQ(RET_SUCCESS, PrivacyTestCommon::DeleteTestHapToken(id));
     }
-
-    g_infoParmsC.bundleName = tmpBundleName;
 }
 
 /**
@@ -2572,7 +2609,7 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos006, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyKitTest, SetMutePolicyTest001, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, SetMutePolicyTest001, TestSize.Level0)
 {
     ASSERT_EQ(PrivacyError::ERR_PARAM_INVALID,
         PrivacyKit::SetMutePolicy(PolicyType::EDM - 1, CallerType::MICROPHONE, true, RANDOM_TOKENID));
@@ -2592,12 +2629,9 @@ HWTEST_F(PrivacyKitTest, SetMutePolicyTest001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyKitTest, SetMutePolicyTest002, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, SetMutePolicyTest002, TestSize.Level0)
 {
-    AccessTokenIDEx tokenIdEx = {0};
-    tokenIdEx = AccessTokenKit::AllocHapToken(g_infoParmsD, g_policyPramsD);
-    ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx);
-    EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx)); // as a system hap without SET_MUTE_POLICY
+    MockNativeToken mock("accesstoken_service"); // as a sa without SET_MUTE_POLICY
     ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED,
         PrivacyKit::SetMutePolicy(PolicyType::EDM, CallerType::MICROPHONE, true, RANDOM_TOKENID));
 }
@@ -2608,120 +2642,39 @@ HWTEST_F(PrivacyKitTest, SetMutePolicyTest002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyKitTest, SetMutePolicyTest003, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, SetMutePolicyTest003, TestSize.Level0)
 {
-    uint32_t tokenId = AccessTokenKit::GetNativeTokenId("camera_service");
-    ASSERT_NE(0, tokenId);
-    EXPECT_EQ(0, SetSelfTokenID(tokenId)); // as a system service with SET_MUTE_POLICY
+    MockNativeToken mock("camera_service"); // as a system service with SET_MUTE_POLICY
 
     ASSERT_EQ(PrivacyError::ERR_FIRST_CALLER_NOT_EDM,
         PrivacyKit::SetMutePolicy(PolicyType::EDM, CallerType::MICROPHONE, true, RANDOM_TOKENID));
 }
 
 /**
- * @tc.name: IsAllowedUsingPermission011
- * @tc.desc: IsAllowedUsingPermission with valid tokenId.
+ * @tc.name: SetMutePolicyTest004
+ * @tc.desc: Test SetMutePolicy with not permission
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission011, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, SetMutePolicyTest004, TestSize.Level0)
 {
-    std::string permissionName = "ohos.permission.MICROPHONE";
-    std::vector<AppStateData> list;
-    int32_t ret = AppManagerAccessClient::GetInstance().GetForegroundApplications(list);
-    ASSERT_EQ(0, ret);
-    if (list.empty()) {
-        GTEST_LOG_(INFO) << "GetForegroundApplications empty ";
-        return;
-    }
-    uint32_t tokenIdForeground = list[0].accessTokenId;
-    ASSERT_EQ(true, PrivacyKit::IsAllowedUsingPermission(tokenIdForeground, permissionName));
-}
-
-/**
- * @tc.name: IsAllowedUsingPermission012
- * @tc.desc: IsAllowedUsingPermission with valid pid.
- * @tc.type: FUNC
- * @tc.require:
- */
-HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission012, TestSize.Level1)
-{
-    std::vector<AppStateData> list;
-    ASSERT_EQ(0, AppManagerAccessClient::GetInstance().GetForegroundApplications(list));
-    if (list.empty()) {
-        GTEST_LOG_(INFO) << "GetForegroundApplications empty ";
-        return;
-    }
-
-    uint32_t tokenIdForeground = list[0].accessTokenId;
-    int32_t pidForground = list[0].pid;
-    std::string permissionName = "ohos.permission.MICROPHONE";
-    ASSERT_EQ(false, PrivacyKit::IsAllowedUsingPermission(tokenIdForeground, permissionName, NOT_EXSIT_PID));
-    ASSERT_EQ(true, PrivacyKit::IsAllowedUsingPermission(tokenIdForeground, permissionName, pidForground));
-
-    permissionName = "ohos.permission.CAMERA";
-    ASSERT_EQ(false, PrivacyKit::IsAllowedUsingPermission(tokenIdForeground, permissionName, NOT_EXSIT_PID));
-    ASSERT_EQ(true, PrivacyKit::IsAllowedUsingPermission(tokenIdForeground, permissionName, pidForground));
+    std::vector<std::string> reqPerm;
+    MockHapToken mock("SetMutePolicyTest004", reqPerm, true); // as a system hap
+    ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED,
+        PrivacyKit::SetMutePolicy(PolicyType::EDM, CallerType::MICROPHONE, true, RANDOM_TOKENID));
 }
 
 /**
- * @tc.name: IsAllowedUsingPermission013
- * @tc.desc: IsAllowedUsingPermission with MICROPHONE_BACKGROUND permission.
+ * @tc.name: SetMutePolicyTest005
+ * @tc.desc: hdcd without SET_MUTE_POLICY permission
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission013, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, SetMutePolicyTest005, TestSize.Level0)
 {
-    std::string permissionName = "ohos.permission.MICROPHONE";
-    ASSERT_EQ(false, PrivacyKit::IsAllowedUsingPermission(g_tokenIdE, permissionName));
-
-    HapInfoParams info = {
-        .userID = 1,
-        .bundleName = "ohos.privacy_test.microphone",
-        .instIndex = 0,
-        .appIDDesc = "privacy_test.microphone"
-    };
-
-    HapPolicyParams policy = {
-        .apl = APL_NORMAL,
-        .domain = "test.domain",
-        .permList = {},
-        .permStateList = {g_infoManagerTestStateD}
-    };
-
-    AccessTokenIDEx tokenIdEx = AccessTokenKit::AllocHapToken(info, policy);
-    AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
-    ASSERT_NE(0, tokenId); // hap MICROPHONE_BACKGROUND permission
-    ASSERT_EQ(true, PrivacyKit::IsAllowedUsingPermission(tokenId, permissionName)); // background hap
-    info.isSystemApp = true;
-    info.bundleName = "ohos.privacy_test.microphone.sys_app";
-    tokenIdEx = AccessTokenKit::AllocHapToken(info, policy);
-    AccessTokenID sysApptokenId = tokenIdEx.tokenIdExStruct.tokenID;
-
-    uint32_t selfUid = getuid();
-    setuid(ACCESS_TOKEN_UID);
-
-    uint32_t opCode1 = -1;
-    uint32_t opCode2 = -1;
-    ASSERT_EQ(true, TransferPermissionToOpcode("ohos.permission.SET_FOREGROUND_HAP_REMINDER", opCode1));
-    ASSERT_EQ(true, TransferPermissionToOpcode("ohos.permission.PERMISSION_USED_STATS", opCode2));
-    ASSERT_EQ(0, AddPermissionToKernel(sysApptokenId, {opCode1, opCode2}, {1, 1}));
-    EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx));
-    GTEST_LOG_(INFO) << "permissionSet OK ";
-
-    // callkit set hap to foreground with MICROPHONE_BACKGROUND
-    EXPECT_EQ(0, PrivacyKit::SetHapWithFGReminder(tokenId, true));
-    EXPECT_EQ(true, PrivacyKit::IsAllowedUsingPermission(tokenId, permissionName));
-
-    // callkit set g_tokenIdE to foreground without MICROPHONE_BACKGROUND
-    EXPECT_EQ(0, PrivacyKit::SetHapWithFGReminder(g_tokenIdE, true));
-    EXPECT_EQ(true, PrivacyKit::IsAllowedUsingPermission(g_tokenIdE, permissionName));
-    
-    EXPECT_EQ(0, PrivacyKit::SetHapWithFGReminder(tokenId, false));
-    EXPECT_EQ(0, PrivacyKit::SetHapWithFGReminder(g_tokenIdE, false));
-    ASSERT_EQ(0, RemovePermissionFromKernel(sysApptokenId));
-    setuid(selfUid);
-    ASSERT_EQ(0, AccessTokenKit::DeleteToken(sysApptokenId));
+    MockNativeToken mock("hdcd");
+    ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED,
+        PrivacyKit::SetMutePolicy(PolicyType::EDM, CallerType::MICROPHONE, true, RANDOM_TOKENID));
 }
 
 /**
@@ -2730,37 +2683,36 @@ HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission013, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyKitTest, SetHapWithFGReminder01, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, SetHapWithFGReminder01, TestSize.Level0)
 {
     uint32_t opCode1;
     uint32_t opCode2;
     uint32_t selfUid = getuid();
-    setuid(0);
-    g_infoParmsA.isSystemApp = true;
-    AccessTokenIDEx tokenIdEx = AccessTokenKit::AllocHapToken(g_infoParmsA, g_policyPramsA);
+    uint64_t selfTokenId = GetSelfTokenID();
+    HapInfoParams infoParmsA = g_infoParmsA;
+    HapPolicyParams policyPramsA = g_policyPramsA;
+    infoParmsA.isSystemApp = true;
+    AccessTokenIDEx tokenIdEx = PrivacyTestCommon::AllocTestHapToken(infoParmsA, policyPramsA);
     uint32_t tokenTest = tokenIdEx.tokenIdExStruct.tokenID;
     setuid(ACCESS_TOKEN_UID);
 
     EXPECT_EQ(true, TransferPermissionToOpcode("ohos.permission.SET_FOREGROUND_HAP_REMINDER", opCode1));
     EXPECT_EQ(true, TransferPermissionToOpcode("ohos.permission.PERMISSION_USED_STATS", opCode2));
-    int32_t res = AddPermissionToKernel(tokenTest, {opCode1, opCode2}, {1, 1});
-    ASSERT_EQ(res, 0);
-    GTEST_LOG_(INFO) << "permissionSet OK ";
+    ASSERT_EQ(RET_SUCCESS, AddPermissionToKernel(tokenTest, {opCode1, opCode2}, {1, 1}));
 
     EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx));
+
     std::string permissionName = "ohos.permission.MICROPHONE";
     ASSERT_EQ(false, PrivacyKit::IsAllowedUsingPermission(g_tokenIdE, permissionName));
-    int32_t ret = PrivacyKit::SetHapWithFGReminder(g_tokenIdE, true);
-    ASSERT_EQ(ret, 0);
+    ASSERT_EQ(RET_SUCCESS, PrivacyKit::SetHapWithFGReminder(g_tokenIdE, true));
     ASSERT_EQ(true, PrivacyKit::IsAllowedUsingPermission(g_tokenIdE, permissionName));
-    ret = PrivacyKit::SetHapWithFGReminder(g_tokenIdE, false);
-    ASSERT_EQ(ret, 0);
+    ASSERT_EQ(RET_SUCCESS, PrivacyKit::SetHapWithFGReminder(g_tokenIdE, false));
+
+    ASSERT_EQ(RET_SUCCESS, RemovePermissionFromKernel(tokenIdEx.tokenIDEx));
+    ASSERT_EQ(RET_SUCCESS, PrivacyTestCommon::DeleteTestHapToken(tokenTest));
 
-    res = RemovePermissionFromKernel(tokenIdEx.tokenIDEx);
-    ASSERT_EQ(res, 0);
-    setuid(0);
-    ASSERT_EQ(0, AccessTokenKit::DeleteToken(tokenTest));
     setuid(selfUid);
+    EXPECT_EQ(RET_SUCCESS, SetSelfTokenID(selfTokenId));
 }
 
 /**
@@ -2769,12 +2721,13 @@ HWTEST_F(PrivacyKitTest, SetHapWithFGReminder01, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyKitTest, SetHapWithFGReminder02, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, SetHapWithFGReminder02, TestSize.Level0)
 {
     uint32_t opCode1;
     uint32_t opCode2;
     uint32_t tokenTest = 111; /// 111 is a tokenId
     uint32_t selfUid = getuid();
+    uint64_t selfTokenId = GetSelfTokenID();
     setuid(ACCESS_TOKEN_UID);
 
     EXPECT_EQ(true, TransferPermissionToOpcode("ohos.permission.SET_FOREGROUND_HAP_REMINDER", opCode1));
@@ -2783,17 +2736,16 @@ HWTEST_F(PrivacyKitTest, SetHapWithFGReminder02, TestSize.Level1)
     ASSERT_EQ(res, 0);
 
     EXPECT_EQ(0, SetSelfTokenID(tokenTest));
-    int32_t ret = PrivacyKit::SetHapWithFGReminder(g_tokenIdE, true);
-    ASSERT_EQ(ret, 0);
-    ret = PrivacyKit::SetHapWithFGReminder(g_tokenIdE, true);
-    ASSERT_EQ(ret, PrivacyError::ERR_PARAM_INVALID);
-    ret = PrivacyKit::SetHapWithFGReminder(g_tokenIdE, false);
-    ASSERT_EQ(ret, 0);
-    ret = PrivacyKit::SetHapWithFGReminder(g_tokenIdE, false);
-    ASSERT_EQ(ret, PrivacyError::ERR_PARAM_INVALID);
-    res = RemovePermissionFromKernel(tokenTest);
-    ASSERT_EQ(res, 0);
+
+    ASSERT_EQ(RET_SUCCESS, PrivacyKit::SetHapWithFGReminder(g_tokenIdE, true));
+    ASSERT_EQ(PrivacyKit::SetHapWithFGReminder(g_tokenIdE, true), PrivacyError::ERR_PARAM_INVALID);
+    ASSERT_EQ(PrivacyKit::SetHapWithFGReminder(g_tokenIdE, false), 0);
+    ASSERT_EQ(PrivacyKit::SetHapWithFGReminder(g_tokenIdE, false), PrivacyError::ERR_PARAM_INVALID);
+
+    ASSERT_EQ(RET_SUCCESS, RemovePermissionFromKernel(tokenTest));
+
     setuid(selfUid);
+    EXPECT_EQ(RET_SUCCESS, SetSelfTokenID(selfTokenId));
 }
 
 /**
@@ -2802,12 +2754,13 @@ HWTEST_F(PrivacyKitTest, SetHapWithFGReminder02, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyKitTest, SetHapWithFGReminder03, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, SetHapWithFGReminder03, TestSize.Level0)
 {
     uint32_t opCode1;
     uint32_t opCode2;
     uint32_t tokenTest = 111; /// 111 is a tokenId
     uint32_t selfUid = getuid();
+    uint64_t selfTokenId = GetSelfTokenID();
     setuid(ACCESS_TOKEN_UID);
 
     EXPECT_EQ(true, TransferPermissionToOpcode("ohos.permission.SET_FOREGROUND_HAP_REMINDER", opCode1));
@@ -2816,16 +2769,17 @@ HWTEST_F(PrivacyKitTest, SetHapWithFGReminder03, TestSize.Level1)
     ASSERT_EQ(res, 0);
 
     EXPECT_EQ(0, SetSelfTokenID(tokenTest));
+
     uint32_t nativeTokenId = 672137215; // 672137215 is a native token
-    int32_t ret = PrivacyKit::SetHapWithFGReminder(nativeTokenId, true);
-    ASSERT_EQ(ret, PrivacyError::ERR_PARAM_INVALID);
-    res = RemovePermissionFromKernel(tokenTest);
-    ASSERT_EQ(res, 0);
-    setuid(selfUid);
+    ASSERT_EQ(PrivacyKit::SetHapWithFGReminder(nativeTokenId, true), PrivacyError::ERR_PARAM_INVALID);
 
     uint32_t invalidTokenId = 0;
-    ret = PrivacyKit::SetHapWithFGReminder(invalidTokenId, true);
-    ASSERT_EQ(ret, PrivacyError::ERR_PARAM_INVALID);
+    ASSERT_EQ(PrivacyKit::SetHapWithFGReminder(invalidTokenId, true), PrivacyError::ERR_PARAM_INVALID);
+
+    ASSERT_EQ(RET_SUCCESS, RemovePermissionFromKernel(tokenTest));
+
+    setuid(selfUid);
+    EXPECT_EQ(RET_SUCCESS, SetSelfTokenID(selfTokenId));
 }
 
 /**
@@ -2834,7 +2788,7 @@ HWTEST_F(PrivacyKitTest, SetHapWithFGReminder03, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyKitTest, SetPermissionUsedRecordToggleStatus001, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, SetPermissionUsedRecordToggleStatus001, TestSize.Level0)
 {
     bool status = true;
     int32_t resSet = PrivacyKit::SetPermissionUsedRecordToggleStatus(INVALID_USER_ID, status);
@@ -2849,13 +2803,18 @@ HWTEST_F(PrivacyKitTest, SetPermissionUsedRecordToggleStatus001, TestSize.Level1
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyKitTest, SetPermissionUsedRecordToggleStatus002, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, SetPermissionUsedRecordToggleStatus002, TestSize.Level0)
 {
+    std::vector<std::string> reqPerm;
+    reqPerm.emplace_back("ohos.permission.ERR_PERMISSION_DENIED");
+    reqPerm.emplace_back("ohos.permission.PERMISSION_USED_STATS");
+    MockHapToken mock("SetPermissionUsedRecordToggleStatus002", reqPerm, true);
+
     int32_t permRecordSize = 0;
     bool status = true;
 
-    int32_t resGet = PrivacyKit::GetPermissionUsedRecordToggleStatus(USER_ID_2, status);
-    EXPECT_EQ(resGet, 0);
+    EXPECT_EQ(RET_SUCCESS, PrivacyKit::SetPermissionUsedRecordToggleStatus(USER_ID_2, true));
+    EXPECT_EQ(RET_SUCCESS, PrivacyKit::GetPermissionUsedRecordToggleStatus(USER_ID_2, status));
     EXPECT_TRUE(status);
 
     AddPermParamInfo info;
@@ -2880,8 +2839,7 @@ HWTEST_F(PrivacyKitTest, SetPermissionUsedRecordToggleStatus002, TestSize.Level1
     ASSERT_EQ(1, static_cast<int32_t>(result.bundleRecords.size()));
     ASSERT_EQ(permRecordSize, static_cast<int32_t>(result.bundleRecords[0].permissionRecords.size()));
 
-    int32_t resSet = PrivacyKit::SetPermissionUsedRecordToggleStatus(USER_ID_2, false);
-    EXPECT_EQ(resSet, 0);
+    EXPECT_EQ(RET_NO_ERROR, PrivacyKit::SetPermissionUsedRecordToggleStatus(USER_ID_2, false));
     ASSERT_EQ(RET_NO_ERROR, PrivacyKit::GetPermissionUsedRecords(request, result));
     ASSERT_EQ(0, static_cast<int32_t>(result.bundleRecords.size()));
 
@@ -2892,8 +2850,7 @@ HWTEST_F(PrivacyKitTest, SetPermissionUsedRecordToggleStatus002, TestSize.Level1
     ASSERT_EQ(RET_NO_ERROR, PrivacyKit::GetPermissionUsedRecords(request, result));
     ASSERT_EQ(0, static_cast<int32_t>(result.bundleRecords.size()));
 
-    resSet = PrivacyKit::SetPermissionUsedRecordToggleStatus(USER_ID_2, true);
-    EXPECT_EQ(resSet, 0);
+    EXPECT_EQ(RET_NO_ERROR, PrivacyKit::SetPermissionUsedRecordToggleStatus(USER_ID_2, true));
 }
 
 /**
@@ -2902,15 +2859,18 @@ HWTEST_F(PrivacyKitTest, SetPermissionUsedRecordToggleStatus002, TestSize.Level1
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyKitTest, SetPermissionUsedRecordToggleStatus003, TestSize.Level1)
+HWTEST_F(PrivacyKitTest, SetPermissionUsedRecordToggleStatus003, TestSize.Level0)
 {
+    std::vector<std::string> reqPerm;
+    reqPerm.emplace_back("ohos.permission.ERR_PERMISSION_DENIED");
+    reqPerm.emplace_back("ohos.permission.PERMISSION_USED_STATS");
+    MockHapToken mock("SetPermissionUsedRecordToggleStatus003", reqPerm, true);
+
     int32_t permRecordSize = 0;
     bool status = true;
 
-    int32_t resSet = PrivacyKit::SetPermissionUsedRecordToggleStatus(USER_ID_2, false);
-    int32_t resGet = PrivacyKit::GetPermissionUsedRecordToggleStatus(USER_ID_2, status);
-    EXPECT_EQ(resSet, 0);
-    EXPECT_EQ(resGet, 0);
+    EXPECT_EQ(RET_NO_ERROR, PrivacyKit::SetPermissionUsedRecordToggleStatus(USER_ID_2, false));
+    EXPECT_EQ(RET_NO_ERROR, PrivacyKit::GetPermissionUsedRecordToggleStatus(USER_ID_2, status));
     EXPECT_FALSE(status);
 
     AddPermParamInfo info;
@@ -2932,10 +2892,8 @@ HWTEST_F(PrivacyKitTest, SetPermissionUsedRecordToggleStatus003, TestSize.Level1
     ASSERT_EQ(RET_NO_ERROR, PrivacyKit::GetPermissionUsedRecords(request, result));
     ASSERT_EQ(0, static_cast<int32_t>(result.bundleRecords.size()));
 
-    resSet = PrivacyKit::SetPermissionUsedRecordToggleStatus(USER_ID_2, true);
-    resGet = PrivacyKit::GetPermissionUsedRecordToggleStatus(USER_ID_2, status);
-    EXPECT_EQ(resSet, 0);
-    EXPECT_EQ(resGet, 0);
+    EXPECT_EQ(RET_NO_ERROR, PrivacyKit::SetPermissionUsedRecordToggleStatus(USER_ID_2, true));
+    EXPECT_EQ(RET_NO_ERROR, PrivacyKit::GetPermissionUsedRecordToggleStatus(USER_ID_2, status));
     EXPECT_TRUE(status);
 
     ASSERT_EQ(RET_NO_ERROR, PrivacyKit::AddPermissionUsedRecord(info));
diff --git a/interfaces/innerkits/privacy/test/unittest/src/privacy_test_common.cpp b/interfaces/innerkits/privacy/test/unittest/src/privacy_test_common.cpp
new file mode 100644
index 0000000000000000000000000000000000000000..1f5e502d9ad41daabdf280d351d82e9505264856
--- /dev/null
+++ b/interfaces/innerkits/privacy/test/unittest/src/privacy_test_common.cpp
@@ -0,0 +1,193 @@
+/*
+ * Copyright (c) 2025 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#include "privacy_test_common.h"
+#include "gtest/gtest.h"
+#include <thread>
+
+namespace OHOS {
+namespace Security {
+namespace AccessToken {
+namespace {
+std::mutex g_lockSetToken;
+uint64_t g_shellTokenId = 0;
+}
+void PrivacyTestCommon::SetTestEvironment(uint64_t shellTokenId)
+{
+    std::lock_guard<std::mutex> lock(g_lockSetToken);
+    g_shellTokenId = shellTokenId;
+}
+
+void PrivacyTestCommon::ResetTestEvironment()
+{
+    std::lock_guard<std::mutex> lock(g_lockSetToken);
+    g_shellTokenId = 0;
+}
+
+uint64_t PrivacyTestCommon::GetShellTokenId()
+{
+    std::lock_guard<std::mutex> lock(g_lockSetToken);
+    return g_shellTokenId;
+}
+
+AccessTokenIDEx PrivacyTestCommon::AllocTestHapToken(const HapInfoParams& hapInfo, HapPolicyParams& hapPolicy)
+{
+    AccessTokenIDEx tokenIdEx = {0};
+    uint64_t selfTokenId = GetSelfTokenID();
+    for (auto& permissionStateFull : hapPolicy.permStateList) {
+        PermissionDef permDefResult;
+        if (AccessTokenKit::GetDefPermission(permissionStateFull.permissionName, permDefResult) != RET_SUCCESS) {
+            continue;
+        }
+        if (permDefResult.availableLevel > hapPolicy.apl) {
+            hapPolicy.aclRequestedList.emplace_back(permissionStateFull.permissionName);
+        }
+    }
+    if (PrivacyTestCommon::GetNativeTokenIdFromProcess("foundation") == selfTokenId) {
+        AccessTokenKit::InitHapToken(hapInfo, hapPolicy, tokenIdEx);
+    } else {
+        // set sh token for self
+        MockNativeToken mock("foundation");
+        AccessTokenKit::InitHapToken(hapInfo, hapPolicy, tokenIdEx);
+
+        // restore
+        EXPECT_EQ(0, SetSelfTokenID(selfTokenId));
+    }
+    return tokenIdEx;
+}
+
+int32_t PrivacyTestCommon::DeleteTestHapToken(AccessTokenID tokenID)
+{
+    uint64_t selfTokenId = GetSelfTokenID();
+    if (PrivacyTestCommon::GetNativeTokenIdFromProcess("foundation") == selfTokenId) {
+        return AccessTokenKit::DeleteToken(tokenID);
+    }
+
+    // set sh token for self
+    MockNativeToken mock("foundation");
+
+    int32_t ret = AccessTokenKit::DeleteToken(tokenID);
+    // restore
+    EXPECT_EQ(0, SetSelfTokenID(selfTokenId));
+    return ret;
+}
+
+AccessTokenID PrivacyTestCommon::GetNativeTokenIdFromProcess(const std::string &process)
+{
+    uint64_t selfTokenId = GetSelfTokenID();
+    EXPECT_EQ(0, SetSelfTokenID(PrivacyTestCommon::GetShellTokenId())); // set shell token
+
+    std::string dumpInfo;
+    AtmToolsParamInfo info;
+    info.processName = process;
+    AccessTokenKit::DumpTokenInfo(info, dumpInfo);
+    size_t pos = dumpInfo.find("\"tokenID\": ");
+    if (pos == std::string::npos) {
+        return 0;
+    }
+    pos += std::string("\"tokenID\": ").length();
+    std::string numStr;
+    while (pos < dumpInfo.length() && std::isdigit(dumpInfo[pos])) {
+        numStr += dumpInfo[pos];
+        ++pos;
+    }
+    // restore
+    EXPECT_EQ(0, SetSelfTokenID(selfTokenId));
+
+    std::istringstream iss(numStr);
+    AccessTokenID tokenID;
+    iss >> tokenID;
+    return tokenID;
+}
+
+// need call by native process
+AccessTokenIDEx PrivacyTestCommon::GetHapTokenIdFromBundle(
+    int32_t userID, const std::string& bundleName, int32_t instIndex)
+{
+    uint64_t selfTokenId = GetSelfTokenID();
+    ATokenTypeEnum type = AccessTokenKit::GetTokenTypeFlag(static_cast<AccessTokenID>(selfTokenId));
+    if (type != TOKEN_NATIVE) {
+        AccessTokenID tokenId1 = GetNativeTokenIdFromProcess("privacy_service");
+        EXPECT_EQ(0, SetSelfTokenID(tokenId1));
+    }
+    AccessTokenIDEx tokenIdEx = AccessTokenKit::GetHapTokenIDEx(userID, bundleName, instIndex);
+
+    EXPECT_EQ(0, SetSelfTokenID(selfTokenId));
+    return tokenIdEx;
+}
+
+MockNativeToken::MockNativeToken(const std::string& process)
+{
+    selfToken_ = GetSelfTokenID();
+    uint32_t tokenId = PrivacyTestCommon::GetNativeTokenIdFromProcess(process);
+    SetSelfTokenID(tokenId);
+}
+
+MockNativeToken::~MockNativeToken()
+{
+    SetSelfTokenID(selfToken_);
+}
+
+MockHapToken::MockHapToken(
+    const std::string& bundle, const std::vector<std::string>& reqPerm, bool isSystemApp)
+{
+    selfToken_ = GetSelfTokenID();
+    HapInfoParams infoParams = {
+        .userID = 0,
+        .bundleName = bundle,
+        .instIndex = 0,
+        .appIDDesc = "AccessTokenTestAppID",
+        .apiVersion = PrivacyTestCommon::DEFAULT_API_VERSION,
+        .isSystemApp = isSystemApp,
+        .appDistributionType = "",
+    };
+
+    HapPolicyParams policyParams = {
+        .apl = APL_NORMAL,
+        .domain = "accesstoken_test_domain",
+    };
+    for (size_t i = 0; i < reqPerm.size(); ++i) {
+        PermissionDef permDefResult;
+        if (AccessTokenKit::GetDefPermission(reqPerm[i], permDefResult) != RET_SUCCESS) {
+            continue;
+        }
+        PermissionStateFull permState = {
+            .permissionName = reqPerm[i],
+            .isGeneral = true,
+            .resDeviceID = {"local3"},
+            .grantStatus = {PermissionState::PERMISSION_DENIED},
+            .grantFlags = {PermissionFlag::PERMISSION_DEFAULT_FLAG}
+        };
+        policyParams.permStateList.emplace_back(permState);
+        if (permDefResult.availableLevel > policyParams.apl) {
+            policyParams.aclRequestedList.emplace_back(reqPerm[i]);
+        }
+    }
+
+    AccessTokenIDEx tokenIdEx = PrivacyTestCommon::AllocTestHapToken(infoParams, policyParams);
+    mockToken_= tokenIdEx.tokenIdExStruct.tokenID;
+    EXPECT_NE(mockToken_, INVALID_TOKENID);
+    EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx));
+}
+
+MockHapToken::~MockHapToken()
+{
+    if (mockToken_ != INVALID_TOKENID) {
+        EXPECT_EQ(0, PrivacyTestCommon::DeleteTestHapToken(mockToken_));
+    }
+    EXPECT_EQ(0, SetSelfTokenID(selfToken_));
+}
+}  // namespace SecurityComponent
+}  // namespace Security
+}  // namespace OHOS
\ No newline at end of file
diff --git a/interfaces/innerkits/privacy/test/unittest/src/privacy_test_common.h b/interfaces/innerkits/privacy/test/unittest/src/privacy_test_common.h
new file mode 100644
index 0000000000000000000000000000000000000000..38254950e0a00172e32649c21a3a0d9302c5828d
--- /dev/null
+++ b/interfaces/innerkits/privacy/test/unittest/src/privacy_test_common.h
@@ -0,0 +1,60 @@
+/*
+ * Copyright (c) 2025 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef PRIVACY_TEST_COMMON_H
+#define PRIVACY_TEST_COMMON_H
+
+#include "access_token.h"
+#include "accesstoken_kit.h"
+#include "nativetoken_kit.h"
+#include "token_setproc.h"
+
+namespace OHOS {
+namespace Security {
+namespace AccessToken {
+class MockNativeToken {
+public:
+    explicit MockNativeToken(const std::string& process);
+    ~MockNativeToken();
+private:
+    uint64_t selfToken_;
+};
+
+class MockHapToken {
+public:
+    explicit MockHapToken(
+        const std::string& bundle, const std::vector<std::string>& reqPerm, bool isSystemApp = true);
+    ~MockHapToken();
+private:
+    uint64_t selfToken_;
+    uint32_t mockToken_;
+};
+class PrivacyTestCommon {
+public:
+    static constexpr int32_t DEFAULT_API_VERSION = 12;
+    static void SetTestEvironment(uint64_t shellTokenId);
+    static void ResetTestEvironment();
+    static uint64_t GetShellTokenId();
+
+    static AccessTokenIDEx AllocTestHapToken(const HapInfoParams& hapInfo, HapPolicyParams& hapPolicy);
+    static int32_t DeleteTestHapToken(AccessTokenID tokenID);
+    static AccessTokenID GetNativeTokenIdFromProcess(const std::string& process);
+    static AccessTokenIDEx GetHapTokenIdFromBundle(
+        int32_t userID, const std::string& bundleName, int32_t instIndex);
+};
+}  // namespace AccessToken
+}  // namespace Security
+}  // namespace OHOS
+#endif  // PRIVACY_TEST_COMMON_H
diff --git a/interfaces/innerkits/token_callback/test/BUILD.gn b/interfaces/innerkits/token_callback/test/BUILD.gn
index d2df573b89a72d7428bfed774b0215017ade6ebc..a754369a1c6213546672d8b8c4e972efb2c3423f 100644
--- a/interfaces/innerkits/token_callback/test/BUILD.gn
+++ b/interfaces/innerkits/token_callback/test/BUILD.gn
@@ -15,9 +15,8 @@ import("//build/test.gni")
 import("../../../../access_token.gni")
 
 ohos_unittest("libtoken_callback_test") {
-  subsystem_name = "security"
-  part_name = "access_token"
-  module_out_path = part_name + "/" + part_name
+  subsystem_name = "accesscontrol"
+  module_out_path = module_output_path_unittest_accesstoken
   sanitize = {
     cfi = true
     cfi_cross_dso = true
diff --git a/interfaces/innerkits/token_setproc/src/perm_setproc.cpp b/interfaces/innerkits/token_setproc/src/perm_setproc.cpp
index 4338fb20223113a342452dae3ef0eb425626af51..0aeea7f00cfb2b2ba7ac98a75c3df6c363fc0fa2 100644
--- a/interfaces/innerkits/token_setproc/src/perm_setproc.cpp
+++ b/interfaces/innerkits/token_setproc/src/perm_setproc.cpp
@@ -17,6 +17,7 @@
 
 #include <cerrno>
 #include <cstdint>
+#include <cstdio>
 #include <fcntl.h>
 #include <sys/ioctl.h>
 #include <unistd.h>
@@ -25,6 +26,7 @@ namespace Security {
 namespace AccessToken {
 const uint32_t UINT32_T_BITS = 32;
 const uint32_t MAX_PERM_SIZE = 64;
+constexpr uint64_t FD_TAG = 0xD005A01;
 struct IoctlAddPermData {
     uint32_t token;
     uint32_t perm[MAX_PERM_SIZE] = { 0 };
@@ -73,8 +75,9 @@ int32_t AddPermissionToKernel(
     if (fd < 0) {
         return ACCESS_TOKEN_OPEN_ERROR;
     }
+    fdsan_exchange_owner_tag(fd, 0, FD_TAG);
     int32_t ret = ioctl(fd, ACCESS_TOKENID_ADD_PERMISSIONS, &data);
-    close(fd);
+    fdsan_close_with_tag(fd, FD_TAG);
     if (ret != ACCESS_TOKEN_OK) {
         return errno;
     }
@@ -88,8 +91,9 @@ int32_t RemovePermissionFromKernel(uint32_t tokenID)
     if (fd < 0) {
         return ACCESS_TOKEN_OPEN_ERROR;
     }
+    fdsan_exchange_owner_tag(fd, 0, FD_TAG);
     int32_t ret = ioctl(fd, ACCESS_TOKENID_REMOVE_PERMISSIONS, &tokenID);
-    close(fd);
+    fdsan_close_with_tag(fd, FD_TAG);
     if (ret) {
         return errno;
     }
@@ -109,8 +113,9 @@ int32_t SetPermissionToKernel(uint32_t tokenID, int32_t opCode, bool status)
     if (fd < 0) {
         return ACCESS_TOKEN_OPEN_ERROR;
     }
+    fdsan_exchange_owner_tag(fd, 0, FD_TAG);
     int32_t ret = ioctl(fd, ACCESS_TOKENID_SET_PERMISSION, &data);
-    close(fd);
+    fdsan_close_with_tag(fd, FD_TAG);
     if (ret != ACCESS_TOKEN_OK) {
         return errno;
     }
@@ -131,8 +136,9 @@ int32_t GetPermissionFromKernel(uint32_t tokenID, int32_t opCode, bool& isGrante
     if (fd < 0) {
         return ACCESS_TOKEN_OPEN_ERROR;
     }
+    fdsan_exchange_owner_tag(fd, 0, FD_TAG);
     int32_t ret = ioctl(fd, ACCESS_TOKENID_GET_PERMISSION, &data);
-    close(fd);
+    fdsan_close_with_tag(fd, FD_TAG);
     if (ret < 0) {
         return errno;
     }
diff --git a/interfaces/innerkits/token_setproc/src/token_setproc.c b/interfaces/innerkits/token_setproc/src/token_setproc.c
index 438d7e3b09e168a70dcde4bf25a24ccf7abbdbb5..a5620d1de6929b8f6611b2e3175b138b3b4a482f 100644
--- a/interfaces/innerkits/token_setproc/src/token_setproc.c
+++ b/interfaces/innerkits/token_setproc/src/token_setproc.c
@@ -17,6 +17,7 @@
 
 #include <errno.h>
 #include <stdint.h>
+#include <stdio.h>
 #include <fcntl.h>
 #include <sys/ioctl.h>
 #include <unistd.h>
@@ -33,6 +34,8 @@
 #define INVAL_TOKEN_ID    0x0
 #define TOKEN_ID_LOWMASK 0xffffffff
 
+const uint64_t SET_PROC_FD_TAG = 0xD005A01;
+
 uint64_t GetSelfTokenID(void)
 {
     uint64_t token = INVAL_TOKEN_ID;
@@ -40,13 +43,14 @@ uint64_t GetSelfTokenID(void)
     if (fd < 0) {
         return INVAL_TOKEN_ID;
     }
+    fdsan_exchange_owner_tag(fd, 0, SET_PROC_FD_TAG);
     int ret = ioctl(fd, ACCESS_TOKENID_GET_TOKENID, &token);
     if (ret) {
-        close(fd);
+        fdsan_close_with_tag(fd, SET_PROC_FD_TAG);
         return INVAL_TOKEN_ID;
     }
 
-    close(fd);
+    fdsan_close_with_tag(fd, SET_PROC_FD_TAG);
     return token;
 }
 
@@ -56,13 +60,14 @@ int SetSelfTokenID(uint64_t tokenID)
     if (fd < 0) {
         return ACCESS_TOKEN_OPEN_ERROR;
     }
+    fdsan_exchange_owner_tag(fd, 0, SET_PROC_FD_TAG);
     int ret = ioctl(fd, ACCESS_TOKENID_SET_TOKENID, &tokenID);
     if (ret) {
-        close(fd);
+        fdsan_close_with_tag(fd, SET_PROC_FD_TAG);
         return ret;
     }
 
-    close(fd);
+    fdsan_close_with_tag(fd, SET_PROC_FD_TAG);
     return ACCESS_TOKEN_OK;
 }
 
@@ -73,13 +78,14 @@ uint64_t GetFirstCallerTokenID(void)
     if (fd < 0) {
         return INVAL_TOKEN_ID;
     }
+    fdsan_exchange_owner_tag(fd, 0, SET_PROC_FD_TAG);
     int ret = ioctl(fd, ACCESS_TOKENID_GET_FTOKENID, &token);
     if (ret) {
-        close(fd);
+        fdsan_close_with_tag(fd, SET_PROC_FD_TAG);
         return INVAL_TOKEN_ID;
     }
 
-    close(fd);
+    fdsan_close_with_tag(fd, SET_PROC_FD_TAG);
     return token;
 }
 
@@ -89,12 +95,13 @@ int SetFirstCallerTokenID(uint64_t tokenID)
     if (fd < 0) {
         return ACCESS_TOKEN_OPEN_ERROR;
     }
+    fdsan_exchange_owner_tag(fd, 0, SET_PROC_FD_TAG);
     int ret = ioctl(fd, ACCESS_TOKENID_SET_FTOKENID, &tokenID);
     if (ret) {
-        close(fd);
+        fdsan_close_with_tag(fd, SET_PROC_FD_TAG);
         return ret;
     }
 
-    close(fd);
+    fdsan_close_with_tag(fd, SET_PROC_FD_TAG);
     return ACCESS_TOKEN_OK;
 }
diff --git a/interfaces/innerkits/token_setproc/test/BUILD.gn b/interfaces/innerkits/token_setproc/test/BUILD.gn
index 4a3e2da04e290639e4ee60efa0918c995116f244..f30098323db4530b0f5976938dacb7db9ad2766c 100644
--- a/interfaces/innerkits/token_setproc/test/BUILD.gn
+++ b/interfaces/innerkits/token_setproc/test/BUILD.gn
@@ -15,9 +15,8 @@ import("//build/test.gni")
 import("../../../../access_token.gni")
 
 ohos_unittest("libtoken_setproc_test") {
-  subsystem_name = "security"
-  part_name = "access_token"
-  module_out_path = part_name + "/" + part_name
+  subsystem_name = "accesscontrol"
+  module_out_path = module_output_path_unittest_accesstoken
   sanitize = {
     cfi = true
     cfi_cross_dso = true
diff --git a/interfaces/innerkits/token_setproc/test/unittest/src/tokensetproc_kit_test.cpp b/interfaces/innerkits/token_setproc/test/unittest/src/tokensetproc_kit_test.cpp
index 92a6df1e3b5785f82598bda5058db98d2763b147..6ec5c818546428f1fa5fd181d53a55548a4704d0 100644
--- a/interfaces/innerkits/token_setproc/test/unittest/src/tokensetproc_kit_test.cpp
+++ b/interfaces/innerkits/token_setproc/test/unittest/src/tokensetproc_kit_test.cpp
@@ -54,7 +54,7 @@ void TokensetprocKitTest::TearDown()
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokensetprocKitTest, AddPermissionToKernel001, TestSize.Level1)
+HWTEST_F(TokensetprocKitTest, AddPermissionToKernel001, TestSize.Level0)
 {
     ASSERT_EQ(EPERM, AddPermissionToKernel(g_tokeId, g_opCodeList, g_statusList));
 }
@@ -65,7 +65,7 @@ HWTEST_F(TokensetprocKitTest, AddPermissionToKernel001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokensetprocKitTest, AddPermissionToKernel002, TestSize.Level1)
+HWTEST_F(TokensetprocKitTest, AddPermissionToKernel002, TestSize.Level0)
 {
     setuid(ACCESS_TOKEN_UID);
     std::vector<uint32_t> opcodeList = {0, 1, 2};
@@ -81,7 +81,7 @@ HWTEST_F(TokensetprocKitTest, AddPermissionToKernel002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokensetprocKitTest, AddPermissionToKernel003, TestSize.Level1)
+HWTEST_F(TokensetprocKitTest, AddPermissionToKernel003, TestSize.Level0)
 {
     setuid(ACCESS_TOKEN_UID);
     std::vector<uint32_t> opcodeList;
@@ -97,7 +97,7 @@ HWTEST_F(TokensetprocKitTest, AddPermissionToKernel003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokensetprocKitTest, AddPermissionToKernel004, TestSize.Level1)
+HWTEST_F(TokensetprocKitTest, AddPermissionToKernel004, TestSize.Level0)
 {
     setuid(ACCESS_TOKEN_UID);
     ASSERT_EQ(ACCESS_TOKEN_OK, AddPermissionToKernel(g_tokeId, g_opCodeList, g_statusList));
@@ -111,7 +111,7 @@ HWTEST_F(TokensetprocKitTest, AddPermissionToKernel004, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokensetprocKitTest, AddPermissionToKernel005, TestSize.Level1)
+HWTEST_F(TokensetprocKitTest, AddPermissionToKernel005, TestSize.Level0)
 {
     setuid(ACCESS_TOKEN_UID);
     std::vector<uint32_t> opCodeList1 = {123, 124};
@@ -119,16 +119,16 @@ HWTEST_F(TokensetprocKitTest, AddPermissionToKernel005, TestSize.Level1)
     std::vector<uint32_t> opCodeList2 = {123};
     std::vector<bool> statusList2 = {true}; // granted
 
-    ASSERT_EQ(ACCESS_TOKEN_OK, AddPermissionToKernel(g_tokeId, opCodeList1, statusList1));
+    EXPECT_EQ(ACCESS_TOKEN_OK, AddPermissionToKernel(g_tokeId, opCodeList1, statusList1));
     bool isGranted = false;
-    ASSERT_EQ(ACCESS_TOKEN_OK, GetPermissionFromKernel(g_tokeId, opCodeList1[0], isGranted));
-    ASSERT_EQ(false, isGranted);
+    EXPECT_EQ(ACCESS_TOKEN_OK, GetPermissionFromKernel(g_tokeId, opCodeList1[0], isGranted));
+    EXPECT_EQ(false, isGranted);
 
     EXPECT_EQ(ACCESS_TOKEN_OK, AddPermissionToKernel(g_tokeId, opCodeList2, statusList2));
 
-    ASSERT_EQ(ACCESS_TOKEN_OK, GetPermissionFromKernel(g_tokeId, opCodeList2[0], isGranted));
-    ASSERT_EQ(true, isGranted);
-    ASSERT_EQ(ACCESS_TOKEN_OK, RemovePermissionFromKernel(g_tokeId));
+    EXPECT_EQ(ACCESS_TOKEN_OK, GetPermissionFromKernel(g_tokeId, opCodeList2[0], isGranted));
+    EXPECT_EQ(true, isGranted);
+    EXPECT_EQ(ACCESS_TOKEN_OK, RemovePermissionFromKernel(g_tokeId));
 
     setuid(g_selfUid);
 }
@@ -139,7 +139,7 @@ HWTEST_F(TokensetprocKitTest, AddPermissionToKernel005, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokensetprocKitTest, AddPermissionToKernel006, TestSize.Level1)
+HWTEST_F(TokensetprocKitTest, AddPermissionToKernel006, TestSize.Level0)
 {
     setuid(ACCESS_TOKEN_UID);
     std::vector<uint32_t> opCodeList1 = {123};
@@ -147,16 +147,16 @@ HWTEST_F(TokensetprocKitTest, AddPermissionToKernel006, TestSize.Level1)
     std::vector<uint32_t> opCodeList2 = {123, 124};
     std::vector<bool> statusList2 = {false, false}; // not granted
 
-    ASSERT_EQ(ACCESS_TOKEN_OK, AddPermissionToKernel(g_tokeId, opCodeList1, statusList1));
+    EXPECT_EQ(ACCESS_TOKEN_OK, AddPermissionToKernel(g_tokeId, opCodeList1, statusList1));
     bool isGranted = false;
-    ASSERT_EQ(ACCESS_TOKEN_OK, GetPermissionFromKernel(g_tokeId, opCodeList1[0], isGranted));
-    ASSERT_EQ(true, isGranted);
+    EXPECT_EQ(ACCESS_TOKEN_OK, GetPermissionFromKernel(g_tokeId, opCodeList1[0], isGranted));
+    EXPECT_EQ(true, isGranted);
 
     EXPECT_EQ(ACCESS_TOKEN_OK, AddPermissionToKernel(g_tokeId, opCodeList2, statusList2));
-    ASSERT_EQ(ACCESS_TOKEN_OK, GetPermissionFromKernel(g_tokeId, opCodeList2[0], isGranted));
-    ASSERT_EQ(false, isGranted);
+    EXPECT_EQ(ACCESS_TOKEN_OK, GetPermissionFromKernel(g_tokeId, opCodeList2[0], isGranted));
+    EXPECT_EQ(false, isGranted);
 
-    ASSERT_EQ(ACCESS_TOKEN_OK, RemovePermissionFromKernel(g_tokeId));
+    EXPECT_EQ(ACCESS_TOKEN_OK, RemovePermissionFromKernel(g_tokeId));
 
     setuid(g_selfUid);
 }
@@ -167,7 +167,7 @@ HWTEST_F(TokensetprocKitTest, AddPermissionToKernel006, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokensetprocKitTest, AddPermissionToKernel007, TestSize.Level1)
+HWTEST_F(TokensetprocKitTest, AddPermissionToKernel007, TestSize.Level0)
 {
     setuid(ACCESS_TOKEN_UID);
     uint32_t token1 = 111;
@@ -185,7 +185,7 @@ HWTEST_F(TokensetprocKitTest, AddPermissionToKernel007, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokensetprocKitTest, AddPermissionToKernel008, TestSize.Level1)
+HWTEST_F(TokensetprocKitTest, AddPermissionToKernel008, TestSize.Level0)
 {
     setuid(ACCESS_TOKEN_UID);
     std::vector<uint32_t> tokenList;
@@ -212,29 +212,29 @@ HWTEST_F(TokensetprocKitTest, AddPermissionToKernel008, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokensetprocKitTest, AddPermissionToKernel009, TestSize.Level1)
+HWTEST_F(TokensetprocKitTest, AddPermissionToKernel009, TestSize.Level0)
 {
     setuid(ACCESS_TOKEN_UID);
     ASSERT_EQ(ACCESS_TOKEN_OK, AddPermissionToKernel(g_tokeId, g_opCodeList, g_statusList));
 
-    ASSERT_EQ(ACCESS_TOKEN_OK, SetPermissionToKernel(g_tokeId, g_opCodeList[0], true));
+    EXPECT_EQ(ACCESS_TOKEN_OK, SetPermissionToKernel(g_tokeId, g_opCodeList[0], true));
     bool isGranted = false;
-    ASSERT_EQ(ACCESS_TOKEN_OK, GetPermissionFromKernel(g_tokeId, g_opCodeList[0], isGranted));
-    ASSERT_EQ(true, isGranted);
+    EXPECT_EQ(ACCESS_TOKEN_OK, GetPermissionFromKernel(g_tokeId, g_opCodeList[0], isGranted));
+    EXPECT_EQ(true, isGranted);
 
     std::vector<uint32_t> opCodeList;
     std::vector<bool> statusList;
     // update with less permission(size is 0)
     EXPECT_EQ(ACCESS_TOKEN_OK, AddPermissionToKernel(g_tokeId, opCodeList, statusList));
-    ASSERT_EQ(ENODATA, GetPermissionFromKernel(g_tokeId, g_opCodeList[0], isGranted));
-    ASSERT_EQ(false, isGranted);
+    EXPECT_EQ(ENODATA, GetPermissionFromKernel(g_tokeId, g_opCodeList[0], isGranted));
+    EXPECT_EQ(false, isGranted);
 
     // update with more permission
     EXPECT_EQ(ACCESS_TOKEN_OK, AddPermissionToKernel(g_tokeId, g_opCodeList, g_statusList));
-    ASSERT_EQ(ACCESS_TOKEN_OK, GetPermissionFromKernel(g_tokeId, g_opCodeList[0], isGranted));
-    ASSERT_EQ(g_statusList[0], isGranted);
+    EXPECT_EQ(ACCESS_TOKEN_OK, GetPermissionFromKernel(g_tokeId, g_opCodeList[0], isGranted));
+    EXPECT_EQ(g_statusList[0], isGranted);
 
-    ASSERT_EQ(ACCESS_TOKEN_OK, RemovePermissionFromKernel(g_tokeId));
+    EXPECT_EQ(ACCESS_TOKEN_OK, RemovePermissionFromKernel(g_tokeId));
     setuid(g_selfUid);
 }
 
@@ -244,7 +244,7 @@ HWTEST_F(TokensetprocKitTest, AddPermissionToKernel009, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokensetprocKitTest, RemovePermissionFromKernel001, TestSize.Level1)
+HWTEST_F(TokensetprocKitTest, RemovePermissionFromKernel001, TestSize.Level0)
 {
     ASSERT_EQ(EPERM, RemovePermissionFromKernel(g_tokeId));
 }
@@ -255,7 +255,7 @@ HWTEST_F(TokensetprocKitTest, RemovePermissionFromKernel001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokensetprocKitTest, RemovePermissionFromKernel002, TestSize.Level1)
+HWTEST_F(TokensetprocKitTest, RemovePermissionFromKernel002, TestSize.Level0)
 {
     setuid(ACCESS_TOKEN_UID);
     ASSERT_EQ(ACCESS_TOKEN_OK, AddPermissionToKernel(g_tokeId, g_opCodeList, g_statusList));
@@ -270,7 +270,7 @@ HWTEST_F(TokensetprocKitTest, RemovePermissionFromKernel002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI8HMUH
  */
-HWTEST_F(TokensetprocKitTest, SetPermissionToKernel001, TestSize.Level1)
+HWTEST_F(TokensetprocKitTest, SetPermissionToKernel001, TestSize.Level0)
 {
     ASSERT_EQ(EPERM, SetPermissionToKernel(g_tokeId, 1, true));
 }
@@ -281,7 +281,7 @@ HWTEST_F(TokensetprocKitTest, SetPermissionToKernel001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI8HMUH
  */
-HWTEST_F(TokensetprocKitTest, SetPermissionToKernel002, TestSize.Level1)
+HWTEST_F(TokensetprocKitTest, SetPermissionToKernel002, TestSize.Level0)
 {
     setuid(ACCESS_TOKEN_UID);
     ASSERT_EQ(ENODATA, SetPermissionToKernel(g_tokeId, g_opCodeList[0], true));
@@ -296,7 +296,7 @@ HWTEST_F(TokensetprocKitTest, SetPermissionToKernel002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI8HMUH
  */
-HWTEST_F(TokensetprocKitTest, SetPermissionToKernel003, TestSize.Level1)
+HWTEST_F(TokensetprocKitTest, SetPermissionToKernel003, TestSize.Level0)
 {
     setuid(ACCESS_TOKEN_UID);
     ASSERT_EQ(ACCESS_TOKEN_OK, AddPermissionToKernel(g_tokeId, g_opCodeList, g_statusList));
@@ -313,14 +313,14 @@ HWTEST_F(TokensetprocKitTest, SetPermissionToKernel003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI8HMUH
  */
-HWTEST_F(TokensetprocKitTest, GetPermissionFromKernel001, TestSize.Level1)
+HWTEST_F(TokensetprocKitTest, GetPermissionFromKernel001, TestSize.Level0)
 {
     setuid(ACCESS_TOKEN_UID);
     uint32_t size = g_opCodeList.size();
     ASSERT_EQ(ACCESS_TOKEN_OK, AddPermissionToKernel(g_tokeId, g_opCodeList, g_statusList));
     for (uint32_t i = 0; i < size; i++) {
         bool isGranted = false;
-        ASSERT_EQ(ACCESS_TOKEN_OK, GetPermissionFromKernel(g_tokeId, g_opCodeList[i], isGranted));
+        EXPECT_EQ(ACCESS_TOKEN_OK, GetPermissionFromKernel(g_tokeId, g_opCodeList[i], isGranted));
         EXPECT_EQ(g_statusList[i], isGranted);
     }
 
@@ -328,15 +328,15 @@ HWTEST_F(TokensetprocKitTest, GetPermissionFromKernel001, TestSize.Level1)
     for (uint32_t i = 0; i < MAX_PERM_NUM; i++) {
         if (knownOpCodeSet.find(i) == knownOpCodeSet.end()) {
             bool isGranted = false;
-            ASSERT_EQ(ACCESS_TOKEN_OK, GetPermissionFromKernel(g_tokeId, i, isGranted));
+            EXPECT_EQ(ACCESS_TOKEN_OK, GetPermissionFromKernel(g_tokeId, i, isGranted));
             EXPECT_FALSE(isGranted);
         }
     }
 
-    ASSERT_EQ(ACCESS_TOKEN_OK, RemovePermissionFromKernel(g_tokeId));
+    EXPECT_EQ(ACCESS_TOKEN_OK, RemovePermissionFromKernel(g_tokeId));
     for (uint32_t i = 0; i < size; i++) {
         bool isGranted = false;
-        ASSERT_EQ(ENODATA, GetPermissionFromKernel(g_tokeId, g_opCodeList[i], isGranted));
+        EXPECT_EQ(ENODATA, GetPermissionFromKernel(g_tokeId, g_opCodeList[i], isGranted));
         EXPECT_EQ(false, isGranted);
     }
     setuid(g_selfUid);
@@ -348,7 +348,7 @@ HWTEST_F(TokensetprocKitTest, GetPermissionFromKernel001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI8HMUH
  */
-HWTEST_F(TokensetprocKitTest, GetPermissionFromKernel002, TestSize.Level1)
+HWTEST_F(TokensetprocKitTest, GetPermissionFromKernel002, TestSize.Level0)
 {
     GTEST_LOG_(INFO) << "GetPermissionFromKernel002 start";
     setuid(ACCESS_TOKEN_UID);
@@ -357,12 +357,12 @@ HWTEST_F(TokensetprocKitTest, GetPermissionFromKernel002, TestSize.Level1)
     // set permission status: false
     bool isGranted = false;
     EXPECT_EQ(ACCESS_TOKEN_OK, SetPermissionToKernel(g_tokeId, g_opCodeList[0], false));
-    ASSERT_EQ(ACCESS_TOKEN_OK, GetPermissionFromKernel(g_tokeId, g_opCodeList[0], isGranted));
+    EXPECT_EQ(ACCESS_TOKEN_OK, GetPermissionFromKernel(g_tokeId, g_opCodeList[0], isGranted));
     EXPECT_EQ(false, isGranted);
 
     // set permission status: true
     EXPECT_EQ(ACCESS_TOKEN_OK, SetPermissionToKernel(g_tokeId, g_opCodeList[0], true));
-    ASSERT_EQ(ACCESS_TOKEN_OK, GetPermissionFromKernel(g_tokeId, g_opCodeList[0], isGranted));
+    EXPECT_EQ(ACCESS_TOKEN_OK, GetPermissionFromKernel(g_tokeId, g_opCodeList[0], isGranted));
     EXPECT_EQ(true, isGranted);
 
     ASSERT_EQ(ACCESS_TOKEN_OK, RemovePermissionFromKernel(g_tokeId));
@@ -375,7 +375,7 @@ HWTEST_F(TokensetprocKitTest, GetPermissionFromKernel002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI8HMUH
  */
-HWTEST_F(TokensetprocKitTest, InvalidParam1, TestSize.Level1)
+HWTEST_F(TokensetprocKitTest, InvalidParam1, TestSize.Level0)
 {
     setuid(ACCESS_TOKEN_UID);
     ASSERT_EQ(ACCESS_TOKEN_OK, AddPermissionToKernel(g_tokeId, g_opCodeList, g_statusList));
@@ -424,9 +424,11 @@ static void *ThreadTestFunc02(void *args)
  * @tc.type: FUNC
  * @tc.require: issueI8HMUH
  */
-HWTEST_F(TokensetprocKitTest, Mulitpulthread001, TestSize.Level1)
+HWTEST_F(TokensetprocKitTest, Mulitpulthread001, TestSize.Level0)
 {
     setuid(ACCESS_TOKEN_UID);
+    int64_t beginTime = std::chrono::duration_cast<std::chrono::milliseconds>(
+        std::chrono::system_clock::now().time_since_epoch()).count();
     pthread_t tid[2];
     (void)pthread_create(&tid[0], nullptr, &ThreadTestFunc01, nullptr);
     (void)pthread_create(&tid[1], nullptr, &ThreadTestFunc01, nullptr);
@@ -437,8 +439,11 @@ HWTEST_F(TokensetprocKitTest, Mulitpulthread001, TestSize.Level1)
     (void)pthread_create(&tid[1], nullptr, &ThreadTestFunc02, nullptr);
     (void)pthread_join(tid[0], nullptr);
     (void)pthread_join(tid[1], nullptr);
+    int64_t endTime = std::chrono::duration_cast<std::chrono::milliseconds>(
+        std::chrono::system_clock::now().time_since_epoch()).count();
 
     setuid(g_selfUid);
+    ASSERT_TRUE(endTime - beginTime < 1000 * 100);
 }
 
 /**
@@ -447,7 +452,7 @@ HWTEST_F(TokensetprocKitTest, Mulitpulthread001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI8HMUH
  */
-HWTEST_F(TokensetprocKitTest, APICostTimeTest001, TestSize.Level1)
+HWTEST_F(TokensetprocKitTest, APICostTimeTest001, TestSize.Level0)
 {
     GTEST_LOG_(INFO) << "APICostTimeTest001 start";
     setuid(ACCESS_TOKEN_UID);
diff --git a/interfaces/innerkits/tokensync/BUILD.gn b/interfaces/innerkits/tokensync/BUILD.gn
index 4053b2bf1276a3464141f59db174a46b75611fe4..f9bc463a8632caf30b1829284cf1b04d49e73e51 100644
--- a/interfaces/innerkits/tokensync/BUILD.gn
+++ b/interfaces/innerkits/tokensync/BUILD.gn
@@ -38,7 +38,7 @@ if (is_standard_system) {
       "${access_token_path}/frameworks/common/include",
       "${access_token_path}/frameworks/tokensync/include",
       "${access_token_path}/interfaces/innerkits/accesstoken/include",
-      "${access_token_path}/interfaces/innerkits/tokensync/include",
+      "include",
       "src",
     ]
 
diff --git a/interfaces/innerkits/tokensync/test/BUILD.gn b/interfaces/innerkits/tokensync/test/BUILD.gn
index a2bddbd3a3ee576d60677fdf7d18191c757a604d..01414f9656dc1aa57a3bcf3805fcf0739c7d3df7 100644
--- a/interfaces/innerkits/tokensync/test/BUILD.gn
+++ b/interfaces/innerkits/tokensync/test/BUILD.gn
@@ -15,9 +15,8 @@ import("//build/test.gni")
 import("../../../../access_token.gni")
 
 ohos_unittest("libtokensync_sdk_test") {
-  subsystem_name = "security"
-  part_name = "access_token"
-  module_out_path = part_name + "/" + part_name
+  subsystem_name = "accesscontrol"
+  module_out_path = module_output_path_unittest_accesstoken
   sanitize = {
     cfi = true
     cfi_cross_dso = true
@@ -30,6 +29,9 @@ ohos_unittest("libtokensync_sdk_test") {
     "${access_token_path}/frameworks/tokensync/include",
     "${access_token_path}/interfaces/innerkits/accesstoken/include",
     "${access_token_path}/interfaces/innerkits/tokensync/include",
+    "${access_token_path}/interfaces/innerkits/accesstoken/include",
+    "${access_token_path}/interfaces/innerkits/nativetoken/include",
+    "${access_token_path}/interfaces/innerkits/token_setproc/include",
     "../src",
   ]
 
@@ -39,7 +41,12 @@ ohos_unittest("libtokensync_sdk_test") {
 
   configs = [ "${access_token_path}/config:coverage_flags" ]
 
-  deps = [ "../:libtokensync_sdk" ]
+  deps = [
+    "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk",
+    "${access_token_path}/interfaces/innerkits/nativetoken:libnativetoken_shared",
+    "${access_token_path}/interfaces/innerkits/token_setproc:libtokensetproc_shared",
+    "${access_token_path}/interfaces/innerkits/tokensync:libtokensync_sdk",
+  ]
   external_deps = [ "c_utils:utils" ]
 }
 
diff --git a/interfaces/innerkits/tokensync/test/unittest/src/token_sync_kit_test.cpp b/interfaces/innerkits/tokensync/test/unittest/src/token_sync_kit_test.cpp
index 1e7dc47ff298e03fb1231035f44fc830d90988a6..3df90e8ff787858a14ed0fcec8bc309bdcdd0207 100644
--- a/interfaces/innerkits/tokensync/test/unittest/src/token_sync_kit_test.cpp
+++ b/interfaces/innerkits/tokensync/test/unittest/src/token_sync_kit_test.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Copyright (c) 2022-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -15,7 +15,12 @@
 
 #include "token_sync_kit_test.h"
 
+#include "access_token.h"
+#include "access_token_error.h"
+#include "accesstoken_kit.h"
 #include "i_token_sync_manager.h"
+#include "nativetoken_kit.h"
+#include "token_setproc.h"
 #include "token_sync_manager_client.h"
 
 using namespace testing::ext;
@@ -23,12 +28,35 @@ using namespace testing::ext;
 namespace OHOS {
 namespace Security {
 namespace AccessToken {
+static void SetNativeTokenId(const std::string &process)
+{
+    std::string dumpInfo;
+    AtmToolsParamInfo info;
+    info.processName = process;
+    AccessTokenKit::DumpTokenInfo(info, dumpInfo);
+    size_t pos = dumpInfo.find("\"tokenID\": ");
+    if (pos == std::string::npos) {
+        return;
+    }
+    pos += std::string("\"tokenID\": ").length();
+    std::string numStr;
+    while (pos < dumpInfo.length() && std::isdigit(dumpInfo[pos])) {
+        numStr += dumpInfo[pos];
+        ++pos;
+    }
+
+    std::istringstream iss(numStr);
+    AccessTokenID tokenID;
+    iss >> tokenID;
+
+    SetSelfTokenID(tokenID);
+}
+
 void TokenSyncKitTest::SetUpTestCase()
 {}
 
 void TokenSyncKitTest::TearDownTestCase()
-{
-}
+{}
 
 void TokenSyncKitTest::SetUp()
 {
@@ -63,16 +91,30 @@ static void StartOrStopTokenSyncService(bool start)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenSyncKitTest, UpdateRemoteHapTokenInfo001, TestSize.Level1)
+HWTEST_F(TokenSyncKitTest, UpdateRemoteHapTokenInfo001, TestSize.Level0)
 {
     HapTokenInfoForSync tokenInfo;
+    uint64_t selfTokenId = GetSelfTokenID();
 
+    // proxy is nullptr
     ASSERT_EQ(TokenSyncError::TOKEN_SYNC_IPC_ERROR,
         TokenSyncManagerClient::GetInstance().UpdateRemoteHapTokenInfo(tokenInfo));
 
     StartOrStopTokenSyncService(true);
+
+    // service is starting, but no permission(shell process)
+    SetNativeTokenId("hdcd");
+    int32_t selfUid = getuid();
+    setuid(10001); // 10001： UID
+    ASSERT_EQ(ERR_IDENTITY_CHECK_FAILED, TokenSyncManagerClient::GetInstance().UpdateRemoteHapTokenInfo(tokenInfo));
+    setuid(selfUid);
+
+    // service is starting, and has permission(native process)
+    SetNativeTokenId("accesstoken_service");
     ASSERT_EQ(0, TokenSyncManagerClient::GetInstance().UpdateRemoteHapTokenInfo(tokenInfo));
+
     StartOrStopTokenSyncService(false);
+    SetSelfTokenID(selfTokenId);
 }
 
 /**
@@ -81,15 +123,30 @@ HWTEST_F(TokenSyncKitTest, UpdateRemoteHapTokenInfo001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenSyncKitTest, GetRemoteHapTokenInfo001, TestSize.Level1)
+HWTEST_F(TokenSyncKitTest, GetRemoteHapTokenInfo001, TestSize.Level0)
 {
+    uint64_t selfTokenId = GetSelfTokenID();
+
+    // proxy is nullptr
     ASSERT_EQ(TokenSyncError::TOKEN_SYNC_IPC_ERROR,
         TokenSyncManagerClient::GetInstance().GetRemoteHapTokenInfo("", 0));
 
     StartOrStopTokenSyncService(true);
+
+    // service is starting, but no permission(shell process)
+    SetNativeTokenId("hdcd");
+    int32_t selfUid = getuid();
+    setuid(10001); // 10001： UID
+    ASSERT_EQ(ERR_IDENTITY_CHECK_FAILED, TokenSyncManagerClient::GetInstance().GetRemoteHapTokenInfo("", 0));
+    setuid(selfUid);
+
+    // service is starting, and has permission(native process)
+    SetNativeTokenId("accesstoken_service");
     ASSERT_EQ(TokenSyncError::TOKEN_SYNC_PARAMS_INVALID,
         TokenSyncManagerClient::GetInstance().GetRemoteHapTokenInfo("", 0));
+
     StartOrStopTokenSyncService(false);
+    SetSelfTokenID(selfTokenId);
 }
 
 /**
@@ -98,15 +155,30 @@ HWTEST_F(TokenSyncKitTest, GetRemoteHapTokenInfo001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenSyncKitTest, DeleteRemoteHapTokenInfo001, TestSize.Level1)
+HWTEST_F(TokenSyncKitTest, DeleteRemoteHapTokenInfo001, TestSize.Level0)
 {
+    uint64_t selfTokenId = GetSelfTokenID();
+
+    // proxy is nullptr
     ASSERT_EQ(TokenSyncError::TOKEN_SYNC_IPC_ERROR,
         TokenSyncManagerClient::GetInstance().DeleteRemoteHapTokenInfo(0));
 
     StartOrStopTokenSyncService(true);
+
+    // service is starting, but no permission(shell process)
+    SetNativeTokenId("hdcd");
+    int32_t selfUid = getuid();
+    setuid(10001); // 10001： UID
+    ASSERT_EQ(ERR_IDENTITY_CHECK_FAILED, TokenSyncManagerClient::GetInstance().DeleteRemoteHapTokenInfo(0));
+    setuid(selfUid);
+
+    // service is starting, and has permission(native process)
+    SetNativeTokenId("accesstoken_service");
     ASSERT_EQ(TokenSyncError::TOKEN_SYNC_PARAMS_INVALID,
         TokenSyncManagerClient::GetInstance().DeleteRemoteHapTokenInfo(0));
+
     StartOrStopTokenSyncService(false);
+    SetSelfTokenID(selfTokenId);
 }
 } // namespace AccessToken
 } // namespace Security
diff --git a/interfaces/kits/cj/accesstoken/include/at_manager_impl.h b/interfaces/kits/cj/accesstoken/include/at_manager_impl.h
index 512f66d930d4bbbab5f6268dc5b5f26950eda64f..96e92dae8cb367af0fa15d307934c66d239b7af3 100644
--- a/interfaces/kits/cj/accesstoken/include/at_manager_impl.h
+++ b/interfaces/kits/cj/accesstoken/include/at_manager_impl.h
@@ -57,7 +57,7 @@ const int AT_PERM_OPERA_FAIL = -1;
 const int AT_PERM_OPERA_SUCC = 0;
 const int32_t PARAM_DEFAULT_VALUE = -1;
 
-struct PermissionStatusCache {
+struct GrantStatusCache {
     int32_t status;
     std::string paramValue;
 };
diff --git a/interfaces/kits/cj/accesstoken/src/at_manager_impl.cpp b/interfaces/kits/cj/accesstoken/src/at_manager_impl.cpp
index 6cf2e6c12f152670ecb99eb0f1c0ed6f595e568d..9165560cede139875e2078458f9344cd0a76a7f5 100644
--- a/interfaces/kits/cj/accesstoken/src/at_manager_impl.cpp
+++ b/interfaces/kits/cj/accesstoken/src/at_manager_impl.cpp
@@ -33,7 +33,7 @@ namespace CJSystemapi {
 std::mutex g_lockForPermStateChangeRegisters;
 std::vector<RegisterPermStateChangeInfo*> g_permStateChangeRegisters;
 std::mutex g_lockCache;
-std::map<std::string, PermissionStatusCache> g_cache;
+std::map<std::string, GrantStatusCache> g_cache;
 static PermissionParamCache g_paramCache;
 std::mutex g_lockForPermRequestCallbacks;
 static const char* PERMISSION_STATUS_CHANGE_KEY = "accesstoken.permission.change";
diff --git a/interfaces/kits/js/napi/accesstoken/include/napi_atmanager.h b/interfaces/kits/js/napi/accesstoken/include/napi_atmanager.h
index d36729b2795319dafb075653e42e271230ac8985..5545ecaa247b56c0d287d24f8c4604a5f1fd4854 100644
--- a/interfaces/kits/js/napi/accesstoken/include/napi_atmanager.h
+++ b/interfaces/kits/js/napi/accesstoken/include/napi_atmanager.h
@@ -93,13 +93,19 @@ struct AtManagerSyncContext {
     std::string permissionName;
     int32_t result = RET_FAILED;
     int32_t errorCode = 0;
+    PermissionOper permissionsState = PermissionOper::INVALID_OPER;
 };
 
-struct PermissionStatusCache {
+struct GrantStatusCache {
     int32_t status;
     std::string paramValue;
 };
 
+struct PermissionStatusCache {
+    PermissionOper status;
+    std::string paramValue;
+};
+
 struct PermissionParamCache {
     long long sysCommitIdCache = PARAM_DEFAULT_VALUE;
     int32_t commitIdCache = PARAM_DEFAULT_VALUE;
@@ -124,6 +130,7 @@ private:
     static napi_value SetPermissionRequestToggleStatus(napi_env env, napi_callback_info info);
     static napi_value GetPermissionRequestToggleStatus(napi_env env, napi_callback_info info);
     static napi_value RequestAppPermOnSetting(napi_env env, napi_callback_info info);
+    static napi_value GetSelfPermissionStatusSync(napi_env env, napi_callback_info info);
 
     static bool ParseInputVerifyPermissionOrGetFlag(const napi_env env, const napi_callback_info info,
         AtManagerAsyncContext& asyncContext);
@@ -133,6 +140,8 @@ private:
         AtManagerAsyncContext& asyncContext);
     static bool ParseInputGetToggleStatus(const napi_env env, const napi_callback_info info,
         AtManagerAsyncContext& asyncContext);
+    static bool ParseInputGetPermStatus(const napi_env env, const napi_callback_info info,
+        AtManagerSyncContext& syncContext);
     static void VerifyAccessTokenExecute(napi_env env, void *data);
     static void VerifyAccessTokenComplete(napi_env env, napi_status status, void *data);
     static void CheckAccessTokenExecute(napi_env env, void* data);
@@ -172,7 +181,7 @@ private:
         std::vector<RegisterPermStateChangeInfo*>& batchPermStateChangeRegisters, const napi_env env);
     static void DeleteRegisterFromVector(const PermStateChangeScope& scopeInfo, const napi_env env,
         napi_ref subscriberRef);
-    static std::string GetPermParamValue();
+    static std::string GetPermParamValue(PermissionParamCache& paramCache, const char* paramKey);
     static void UpdatePermissionCache(AtManagerSyncContext* syncContext);
 };
 } // namespace AccessToken
diff --git a/interfaces/kits/js/napi/accesstoken/include/napi_request_global_switch_on_setting.h b/interfaces/kits/js/napi/accesstoken/include/napi_request_global_switch_on_setting.h
index 76f9a1989e7af94161761bc02745b8c74cb4b133..ee549aabe1dc8db215f753e384764c640615cfca 100644
--- a/interfaces/kits/js/napi/accesstoken/include/napi_request_global_switch_on_setting.h
+++ b/interfaces/kits/js/napi/accesstoken/include/napi_request_global_switch_on_setting.h
@@ -47,6 +47,8 @@ struct RequestGlobalSwitchAsyncContext : public AtManagerAsyncWorkData {
     napi_value requestResult = nullptr;
     int32_t errorCode = -1;
     bool switchStatus = false;
+    int32_t instanceId = -1;
+    bool isDynamic = true;
     std::shared_ptr<AbilityRuntime::AbilityContext> abilityContext;
     std::shared_ptr<AbilityRuntime::UIExtensionContext> uiExtensionContext;
     bool uiAbilityFlag = false;
@@ -66,6 +68,18 @@ struct RequestGlobalSwitchAsyncContextHandle {
     std::shared_ptr<RequestGlobalSwitchAsyncContext> asyncContextPtr;
 };
 
+class RequestGlobalSwitchAsyncInstanceControl {
+    public:
+        static void AddCallbackByInstanceId(std::shared_ptr<RequestGlobalSwitchAsyncContext>& asyncContext);
+        static void ExecCallback(int32_t id);
+        static void CheckDynamicRequest(
+            std::shared_ptr<RequestGlobalSwitchAsyncContext>& asyncContext, bool& isDynamic);
+        static void UpdateQueueData(const std::shared_ptr<RequestGlobalSwitchAsyncContext>& asyncContext);
+    private:
+        static std::map<int32_t, std::vector<std::shared_ptr<RequestGlobalSwitchAsyncContext>>> instanceIdMap_;
+        static std::mutex instanceIdMutex_;
+};
+
 class SwitchOnSettingUICallback {
 public:
     explicit SwitchOnSettingUICallback(const std::shared_ptr<RequestGlobalSwitchAsyncContext>& reqContext);
diff --git a/interfaces/kits/js/napi/accesstoken/include/napi_request_permission_on_setting.h b/interfaces/kits/js/napi/accesstoken/include/napi_request_permission_on_setting.h
index 7318e28393cce2f8144751b869221b6409c0f197..603f53fd2d857b79645dfbfdca9b19a2cb4304f8 100644
--- a/interfaces/kits/js/napi/accesstoken/include/napi_request_permission_on_setting.h
+++ b/interfaces/kits/js/napi/accesstoken/include/napi_request_permission_on_setting.h
@@ -38,6 +38,8 @@ struct RequestPermOnSettingAsyncContext : public AtManagerAsyncWorkData {
     PermissionGrantInfo info;
     int32_t resultCode = -1;
 
+    int32_t instanceId = -1;
+    bool isDynamic = true;
     std::vector<std::string> permissionList;
     napi_value requestResult = nullptr;
     int32_t errorCode = -1;
@@ -61,6 +63,18 @@ struct RequestOnSettingAsyncContextHandle {
     std::shared_ptr<RequestPermOnSettingAsyncContext> asyncContextPtr;
 };
 
+class RequestOnSettingAsyncInstanceControl {
+    public:
+        static void AddCallbackByInstanceId(std::shared_ptr<RequestPermOnSettingAsyncContext>& asyncContext);
+        static void ExecCallback(int32_t id);
+        static void CheckDynamicRequest(
+            std::shared_ptr<RequestPermOnSettingAsyncContext>& asyncContext, bool& isDynamic);
+        static void UpdateQueueData(const std::shared_ptr<RequestPermOnSettingAsyncContext>& asyncContext);
+    private:
+        static std::map<int32_t, std::vector<std::shared_ptr<RequestPermOnSettingAsyncContext>>> instanceIdMap_;
+        static std::mutex instanceIdMutex_;
+};
+
 class PermissonOnSettingUICallback {
 public:
     explicit PermissonOnSettingUICallback(const std::shared_ptr<RequestPermOnSettingAsyncContext>& reqContext);
diff --git a/services/accesstokenmanager/BUILD.gn b/services/accesstokenmanager/BUILD.gn
index 9fa2fc93c36ee54fa5a756d11e694c6c0dd6690e..b1973b6029679f06dddb7f7055c5827d49894155 100644
--- a/services/accesstokenmanager/BUILD.gn
+++ b/services/accesstokenmanager/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2021-2024 Huawei Device Co., Ltd.
+# Copyright (c) 2021-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -61,6 +61,7 @@ if (is_standard_system) {
       "main/cpp/include/callback",
       "main/cpp/include/database",
       "main/cpp/include/dfx",
+      "main/cpp/include/seccomp",
       "main/cpp/include/service",
       "main/cpp/include/form_manager",
       "main/cpp/include/token",
@@ -90,8 +91,8 @@ if (is_standard_system) {
       "main/cpp/src/permission/permission_validator.cpp",
       "main/cpp/src/permission/short_grant_manager.cpp",
       "main/cpp/src/permission/temp_permission_observer.cpp",
+      "main/cpp/src/seccomp/sec_comp_monitor.cpp",
       "main/cpp/src/service/accesstoken_manager_service.cpp",
-      "main/cpp/src/service/accesstoken_manager_stub.cpp",
       "main/cpp/src/token/accesstoken_id_manager.cpp",
       "main/cpp/src/token/accesstoken_info_manager.cpp",
       "main/cpp/src/token/hap_token_info_inner.cpp",
@@ -105,6 +106,7 @@ if (is_standard_system) {
     configs = [
       "${access_token_path}/config:access_token_compile_flags",
       "${access_token_path}/config:coverage_flags",
+      "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
     ]
 
     if (dlp_permission_enable == true) {
@@ -120,11 +122,11 @@ if (is_standard_system) {
       "${access_token_path}/frameworks/accesstoken:accesstoken_communication_adapter_cxx",
       "${access_token_path}/frameworks/common:accesstoken_common_cxx",
       "${access_token_path}/interfaces/innerkits/accesstoken:libtokenid_sdk",
-      "${access_token_path}/interfaces/innerkits/privacy:libprivacy_sdk",
       "${access_token_path}/interfaces/innerkits/token_setproc:libperm_setproc",
       "${access_token_path}/interfaces/innerkits/token_setproc:libtoken_setproc",
       "${access_token_path}/services/accesstokenmanager:access_token.rc",
       "${access_token_path}/services/accesstokenmanager:permission_definition_config",
+      "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_stub",
       "${access_token_path}/services/common:accesstoken_service_common",
     ]
 
@@ -175,11 +177,6 @@ if (is_standard_system) {
       external_deps += [ "hitrace:hitrace_meter" ]
     }
 
-    if (resourceschedule_ffrt_enable) {
-      external_deps += [ "ffrt:libffrt" ]
-      cflags_cc += [ "-DRESOURCESCHEDULE_FFRT_ENABLE" ]
-    }
-
     if (access_token_background_task_mgr_continuous_task_enable == true) {
       cflags_cc += [ "-DBGTASKMGR_CONTINUOUS_TASK_ENABLE" ]
       include_dirs += [
@@ -193,5 +190,14 @@ if (is_standard_system) {
         "${access_token_path}/services/common/background_task_manager/src/continuous_task_change_callback.cpp",
       ]
     }
+
+    if (security_component_enhance_enable == true) {
+      cflags_cc += [ "-DSECURITY_COMPONENT_ENHANCE_ENABLE" ]
+      sources +=
+          [ "main/cpp/src/seccomp/sec_comp_enhance_agent.cpp" ]
+    }
+    if ("${target_platform}" == "watch" || "${target_platform}" == "wearable") {
+      cflags_cc += [ "-DDYNAMIC_CLOSE_LIBS" ]
+    }
   }
 }
diff --git a/services/accesstokenmanager/etc/access_token.para b/services/accesstokenmanager/etc/access_token.para
index c9f7458a99c9586df08b1dc4836212c733b78268..27ad4958839e002bd8843a655d5c1213f67a4194 100644
--- a/services/accesstokenmanager/etc/access_token.para
+++ b/services/accesstokenmanager/etc/access_token.para
@@ -1,4 +1,4 @@
-# Copyright (c) 2022 Huawei Device Co., Ltd.
+# Copyright (c) 2022-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -13,4 +13,5 @@
 
 
 accesstoken.permission.change = 0
-accesstoken.permission.init = 0
\ No newline at end of file
+accesstoken.permission.init = 0
+accesstoken.permission.flagchange = 0
\ No newline at end of file
diff --git a/services/accesstokenmanager/etc/access_token.para.dac b/services/accesstokenmanager/etc/access_token.para.dac
index 33de56a3e39aa999cb9712d7251bebe52d9d6ca8..15b0be5d235114f6509cb7223a2422597815a566 100644
--- a/services/accesstokenmanager/etc/access_token.para.dac
+++ b/services/accesstokenmanager/etc/access_token.para.dac
@@ -1,4 +1,4 @@
-# Copyright (c) 2022 Huawei Device Co., Ltd.
+# Copyright (c) 2022-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -13,3 +13,4 @@
 
 accesstoken.permission.change="access_token:access_token:0774"
 accesstoken.permission.init="access_token:access_token:0774"
+accesstoken.permission.flagchange="access_token:access_token:0774"
diff --git a/services/accesstokenmanager/idl/BUILD.gn b/services/accesstokenmanager/idl/BUILD.gn
new file mode 100644
index 0000000000000000000000000000000000000000..4c6192b6ae7c0397a88f9d88a5cdf5ffa424e7a7
--- /dev/null
+++ b/services/accesstokenmanager/idl/BUILD.gn
@@ -0,0 +1,133 @@
+# Copyright (c) 2025 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import("//build/config/components/idl_tool/idl.gni")
+import("//build/ohos.gni")
+import("../../../access_token.gni")
+
+idl_gen_interface("access_token_manager_interface") {
+  sources = [ "IAccessTokenManager.idl" ]
+  sources_common = [ "IdlCommon.idl" ]
+  log_domainid = "0xD005A01"
+  log_tag = "ATM"
+  subsystem_name = "security"
+  part_name = "access_token"
+}
+
+config("access_token_manager_gen_config") {
+  include_dirs = [ "${target_gen_dir}" ]
+}
+
+ohos_source_set("access_token_manager_proxy") {
+  sanitize = {
+    cfi = true
+    cfi_cross_dso = true
+    debug = false
+  }
+
+  cflags_cc = []
+  if (build_variant == "user") {
+    cflags_cc += [ "-DATM_BUILD_VARIANT_USER_ENABLE" ]
+  }
+  if (token_sync_enable == true) {
+    cflags_cc += [ "-DTOKEN_SYNC_ENABLE" ]
+  }
+
+  output_values = get_target_outputs(":access_token_manager_interface")
+
+  include_dirs = [
+    "${access_token_path}/frameworks/accesstoken/include",
+    "${access_token_path}/frameworks/common/include",
+    "src",
+  ]
+
+  sources = filter_include(output_values,
+                           [
+                             "*_proxy.cpp",
+                             "*idl_common.cpp",
+                           ])
+
+  deps = [
+    ":access_token_manager_interface",
+    "${access_token_path}/frameworks/accesstoken:accesstoken_communication_adapter_cxx",
+    "${access_token_path}/frameworks/common:accesstoken_common_cxx",
+    "${access_token_path}/interfaces/innerkits/token_setproc:libperm_setproc",
+  ]
+
+  external_deps = [
+    "c_utils:utils",
+    "hilog:libhilog",
+    "init:libbegetutil",
+    "ipc:ipc_single",
+    "samgr:samgr_proxy",
+  ]
+
+  if (security_component_enhance_enable) {
+    cflags_cc += [ "-DSECURITY_COMPONENT_ENHANCE_ENABLE" ]
+  }
+
+  subsystem_name = "security"
+  part_name = "access_token"
+}
+
+ohos_source_set("access_token_manager_stub") {
+  sanitize = {
+    cfi = true
+    cfi_cross_dso = true
+    debug = false
+  }
+
+  cflags_cc = []
+  if (build_variant == "user") {
+    cflags_cc += [ "-DATM_BUILD_VARIANT_USER_ENABLE" ]
+  }
+  if (token_sync_enable == true) {
+    cflags_cc += [ "-DTOKEN_SYNC_ENABLE" ]
+  }
+
+  output_values = get_target_outputs(":access_token_manager_interface")
+
+  include_dirs = [
+    "${access_token_path}/frameworks/accesstoken/include",
+    "${access_token_path}/frameworks/common/include",
+    "src",
+  ]
+
+  sources = filter_include(output_values,
+                           [
+                             "*_stub.cpp",
+                             "*idl_common.cpp",
+                           ])
+
+  deps = [
+    ":access_token_manager_interface",
+    "${access_token_path}/frameworks/accesstoken:accesstoken_communication_adapter_cxx",
+    "${access_token_path}/frameworks/common:accesstoken_common_cxx",
+    "${access_token_path}/interfaces/innerkits/token_setproc:libperm_setproc",
+  ]
+
+  external_deps = [
+    "c_utils:utils",
+    "hilog:libhilog",
+    "init:libbegetutil",
+    "ipc:ipc_single",
+    "samgr:samgr_proxy",
+  ]
+
+  if (security_component_enhance_enable) {
+    cflags_cc += [ "-DSECURITY_COMPONENT_ENHANCE_ENABLE" ]
+  }
+
+  subsystem_name = "security"
+  part_name = "access_token"
+}
diff --git a/services/accesstokenmanager/idl/IAccessTokenManager.idl b/services/accesstokenmanager/idl/IAccessTokenManager.idl
new file mode 100644
index 0000000000000000000000000000000000000000..d2e29972a12e25d344b48edda5728372d198a3eb
--- /dev/null
+++ b/services/accesstokenmanager/idl/IAccessTokenManager.idl
@@ -0,0 +1,95 @@
+/*
+ * Copyright (c) 2025 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package OHOS.Security.AccessToken;
+sequenceable OHOS.Security.AccessToken.PermissionDefParcel;
+sequenceable OHOS.Security.AccessToken.PermissionStatusParcel;
+sequenceable OHOS.Security.AccessToken.PermissionListStateParcel;
+sequenceable OHOS.Security.AccessToken.PermissionGrantInfoParcel;
+sequenceable OHOS.Security.AccessToken.HapInfoParcel;
+sequenceable OHOS.Security.AccessToken.HapPolicyParcel;
+sequenceable OHOS.Security.AccessToken.NativeTokenInfoParcel;
+sequenceable OHOS.Security.AccessToken.HapTokenInfoParcel;
+sequenceable OHOS.Security.AccessToken.PermStateChangeScopeParcel;
+sequenceable OHOS.IRemoteObject;
+sequenceable OHOS.Security.AccessToken.HapTokenInfoForSyncParcel;
+sequenceable OHOS.Security.AccessToken.HapBaseInfoParcel;
+sequenceable OHOS.Security.AccessToken.AtmToolsParamInfoParcel;
+sequenceable OHOS.Security.AccessToken.SecCompEnhanceDataParcel;
+
+import IdlCommon;
+
+option_stub_hooks on;
+
+interface OHOS.Security.AccessToken.IAccessTokenManager{
+    [ipccode 1] void VerifyAccessToken([in] unsigned int tokenID, [in] String permissionName);
+    [ipccode 2] void GetDefPermission([in] String permissionName, [out] PermissionDefParcel permissionDefResult);
+    [ipccode 3] void GetReqPermissions([in] unsigned int tokenID, [out] List<PermissionStatusParcel> reqPermList, [in] boolean isSystemGrant);
+    [ipccode 4] void GetPermissionFlag([in] unsigned int tokenID, [in] String permissionName, [out] unsigned int flag);
+    [ipccode 5] void GrantPermission([in] unsigned int tokenID, [in] String permissionName, [in] unsigned int flag);
+    [ipccode 6] void RevokePermission([in] unsigned int tokenID, [in] String permissionName, [in] unsigned int flag);
+    [ipccode 7] void ClearUserGrantedPermissionState([in] unsigned int tokenID);
+    [ipccode 8] void AllocHapToken([in] HapInfoParcel hapInfo, [in] HapPolicyParcel policyParcel, [out] unsigned long fullTokenId);
+    [ipccode 9] void DeleteToken([in] unsigned int tokenID);
+    [ipccode 10] void InitHapToken([in] HapInfoParcel info, [in] HapPolicyParcel policy, [out] unsigned long fullTokenId, [out] HapInfoCheckResultIdl resultInfoIdl);
+    [ipccode 11] void SetPermissionRequestToggleStatus([in] String permissionName, [in] unsigned int status, [in] int userID);
+    [ipccode 12] void GetPermissionRequestToggleStatus([in] String permissionName, [out] unsigned int status, [in] int userID);
+    [ipccode 13] void GrantPermissionForSpecifiedTime([in] unsigned int tokenID, [in] String permissionName, [in] unsigned int onceTime);
+    [ipccode 14] void RequestAppPermOnSetting([in] unsigned int tokenID);
+    [ipccode 16] void GetTokenType([in] unsigned int tokenID, [out] int tokenType);
+
+    [ipccode 18] void GetHapTokenID([in] int userID, [in] String bundleName, [in] int instIndex, [out] unsigned long fullTokenId);
+    [ipccode 19] void AllocLocalTokenID([in] String remoteDeviceID, [in] unsigned int remoteTokenID, [out] unsigned int tokenId);
+    [ipccode 20] void GetNativeTokenInfo([in] unsigned int tokenID, [out] NativeTokenInfoParcel nativeTokenInfoRes);
+    [ipccode 21] void GetHapTokenInfo([in] unsigned int tokenID, [out] HapTokenInfoParcel hapTokenInfoRes);
+    [ipccode 22] void UpdateHapToken([inout] unsigned long fullTokenId, [in] UpdateHapInfoParamsIdl infoIdl, [in] HapPolicyParcel policyParcel, [out] HapInfoCheckResultIdl resultInfoIdl);
+    [ipccode 23] void GetTokenIDByUserID([in] int userID, [out] List<unsigned int> tokenIdList);
+    [macrodef TOKEN_SYNC_ENABLE, ipccode 32] void GetHapTokenInfoFromRemote([in] unsigned int tokenID, [out] HapTokenInfoForSyncParcel hapSyncParcel);
+
+    [macrodef TOKEN_SYNC_ENABLE, ipccode 34] void SetRemoteHapTokenInfo([in] String deviceID, [in] HapTokenInfoForSyncParcel hapSyncParcel);
+
+    [macrodef TOKEN_SYNC_ENABLE, ipccode 36] void DeleteRemoteToken([in] String deviceID, [in] unsigned int tokenID);
+    [macrodef TOKEN_SYNC_ENABLE, ipccode 37] void DeleteRemoteDeviceTokens([in] String deviceID);
+    [macrodef TOKEN_SYNC_ENABLE, ipccode 38] void GetRemoteNativeTokenID([in] String deviceID, [in] unsigned int tokenID, [out] unsigned int tokenId);
+    [macrodef TOKEN_SYNC_ENABLE, ipccode 39] void RegisterTokenSyncCallback([in] IRemoteObject cb);
+    [macrodef TOKEN_SYNC_ENABLE, ipccode 40] void UnRegisterTokenSyncCallback();
+    [ipccode 48, ipcoutcapacity 2000] void DumpTokenInfo([in] AtmToolsParamInfoParcel infoParcel, [out] String tokenInfo);
+    [ipccode 49] void GetSelfPermissionsState([inout] List<PermissionListStateParcel> permListParcel, [out] PermissionGrantInfoParcel infoParcel, [out] int permOper);
+    [ipccode 50] void GetPermissionsStatus([in] unsigned int tokenID, [inout] List<PermissionListStateParcel>permListParcel);
+    [ipccode 51] void RegisterPermStateChangeCallback([in] PermStateChangeScopeParcel scope, [in] IRemoteObject cb);
+    [ipccode 52] void UnRegisterPermStateChangeCallback([in] IRemoteObject cb);
+    [ipccode 53, macrondef ATM_BUILD_VARIANT_USER_ENABLE] void ReloadNativeTokenInfo();
+    [ipccode 54] void GetNativeTokenId([in] String processName, [out] unsigned int tokenID);
+    [ipccode 55] void SetPermDialogCap([in] HapBaseInfoParcel hapBaseInfoParcel, [in] boolean enable);
+    [ipccode 56] void GetPermissionUsedType([in] unsigned int tokenID, [in] String permissionName, [out] int permUsedType);
+
+    [ipccode 58] void GetVersion([out] unsigned int version);
+    [ipccode 59] void GetPermissionManagerInfo([out] PermissionGrantInfoParcel infoParcel);
+
+    [ipccode 61] void InitUserPolicy([in] List<UserStateIdl> userIdlList, [in] List<String> permList);
+    [ipccode 62] void UpdateUserPolicy([in] List<UserStateIdl> userIdlList);
+    [ipccode 63] void ClearUserPolicy();
+    [ipccode 64] void GetHapTokenInfoExtension([in] unsigned int tokenID, [out] HapTokenInfoParcel hapTokenInfoRes, [out] String appID);
+    [ipccode 65] void RegisterSelfPermStateChangeCallback([in] PermStateChangeScopeParcel scope, [in] IRemoteObject cb);
+    [ipccode 66] void UnRegisterSelfPermStateChangeCallback([in] IRemoteObject cb);
+    [ipccode 67] void GetKernelPermissions([in] unsigned int tokenId, [out] List<PermissionWithValueIdl> kernelPermIdlList);
+    [ipccode 68] void GetReqPermissionByName([in] unsigned int tokenId, [in] String permissionName, [out] String value);
+    [ipccode 80] void VerifyAccessToken([in] unsigned int tokenID, [in] List<String> permissionList, [out] List<int> permStateList);  
+    [ipccode 81] void GetSelfPermissionStatus([in] String permissionName, [out] int status);
+    [ipccode 101, macrodef SECURITY_COMPONENT_ENHANCE_ENABLE, oneway] void RegisterSecCompEnhance([in] SecCompEnhanceDataParcel enhanceParcel);
+    [ipccode 102, macrodef SECURITY_COMPONENT_ENHANCE_ENABLE] void UpdateSecCompEnhance([in] int pid, [in] unsigned int seqNum);
+    [ipccode 103, macrodef SECURITY_COMPONENT_ENHANCE_ENABLE] void GetSecCompEnhance([in] int pid, [out] SecCompEnhanceDataParcel enhanceParcel);
+    [ipccode 104] void IsToastShownNeeded([in] int pid, [out] boolean needToShow);
+}
diff --git a/services/accesstokenmanager/idl/IdlCommon.idl b/services/accesstokenmanager/idl/IdlCommon.idl
new file mode 100644
index 0000000000000000000000000000000000000000..384c7aee5594d7e4863c26f49e3738f7b1053f51
--- /dev/null
+++ b/services/accesstokenmanager/idl/IdlCommon.idl
@@ -0,0 +1,51 @@
+/*
+ * Copyright (c) 2025 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package OHOS.Security.AccessToken;
+
+struct UserStateIdl {
+    /** user id */
+    int userId;
+    /** active status */
+    boolean isActive;
+};
+
+struct PermissionWithValueIdl {
+    String permissionName;
+    String value;
+};
+
+struct UpdateHapInfoParamsIdl {
+    String appIDDesc;
+    /** which version of the SDK is used to develop the hap */
+    int apiVersion;
+    /** indicates whether the hap is a system app */
+    boolean isSystemApp;
+    /* app type */
+    String appDistributionType;
+    /** Whether hap is a atomic service */
+    boolean isAtomicService;
+};
+
+enum PermissionRulesEnumIdl {
+    PERMISSION_EDM_RULE = 0,
+    PERMISSION_ACL_RULE
+};
+
+struct HapInfoCheckResultIdl {
+    String permissionName;
+    PermissionRulesEnumIdl rule;
+    int realResult
+};
\ No newline at end of file
diff --git a/services/accesstokenmanager/main/cpp/include/callback/callback_manager.h b/services/accesstokenmanager/main/cpp/include/callback/callback_manager.h
index 56f976f7caac5921fc41b7a6ee64f81e436969a3..5999aee8faff237e31bd5d46950fe3d0e8a75ec3 100644
--- a/services/accesstokenmanager/main/cpp/include/callback/callback_manager.h
+++ b/services/accesstokenmanager/main/cpp/include/callback/callback_manager.h
@@ -21,9 +21,6 @@
 
 #include "access_token.h"
 #include "accesstoken_common_log.h"
-#ifdef RESOURCESCHEDULE_FFRT_ENABLE
-#include "ffrt.h"
-#endif
 #include "i_permission_state_callback.h"
 #include "permission_state_change_info.h"
 #include "accesstoken_callback_proxys.h"
@@ -59,11 +56,7 @@ private:
         int32_t changeType);
     void GetCallbackObjectList(AccessTokenID tokenID, const std::string& permName,
         std::vector<sptr<IRemoteObject>>& list);
-#ifdef RESOURCESCHEDULE_FFRT_ENABLE
-    ffrt::mutex mutex_;
-#else
     std::mutex mutex_;
-#endif
     std::vector<CallbackRecord> callbackInfoList_;
     sptr<IRemoteObject::DeathRecipient> callbackDeathRecipient_;
 };
diff --git a/services/accesstokenmanager/main/cpp/include/dfx/hisysevent_adapter.h b/services/accesstokenmanager/main/cpp/include/dfx/hisysevent_adapter.h
index ea480d4406ad42e01a82271f1cf1d1fd4475c6d6..4e58271b2ef401406d100d6b524150554ee53069 100644
--- a/services/accesstokenmanager/main/cpp/include/dfx/hisysevent_adapter.h
+++ b/services/accesstokenmanager/main/cpp/include/dfx/hisysevent_adapter.h
@@ -17,6 +17,7 @@
 #define ACCESSTOKEN_HISYSEVENT_ADAPTER_H
 
 #include <string>
+#include "access_token.h"
 
 namespace OHOS {
 namespace Security {
@@ -34,9 +35,46 @@ enum UpdatePermStatusErrorCode {
     DLP_CHECK_FAILED = 1,
     UPDATE_PERMISSION_STATUS_FAILED = 2,
 };
+enum CommonSceneCode {
+    AT_COMMOM_START = 0,
+    AT_COMMON_FINISH = 1,
+};
+enum AddHapSceneCode {
+    INSTALL_START = 0,
+    TOKEN_ID_CHANGE,
+    INIT,
+    MAP,
+    INSTALL_FINISH,
+};
+struct AccessTokenDfxInfo {
+    AddHapSceneCode sceneCode;
+    AccessTokenID tokenId;
+    AccessTokenID oriTokenId;
+    AccessTokenIDEx tokenIdEx;
+    int32_t userId;
+    std::string bundleName;
+    int32_t instIndex;
+    HapDlpType dlpType;
+    bool isRestore;
+    std::string permInfo;
+    std::string aclInfo;
+    std::string preauthInfo;
+    std::string extendInfo;
+    int64_t duration;
+    int32_t errorCode;
+    int32_t pid;
+    uint32_t hapSize;
+    uint32_t nativeSize;
+    uint32_t permDefSize;
+    uint32_t dlpSize;
+    uint32_t parseConfigFlag;
+};
 void ReportSysEventPerformance();
-void ReportSysEventServiceStart(int32_t pid, uint32_t hapSize, uint32_t nativeSize, uint32_t permDefSize);
+void ReportSysEventServiceStart(const AccessTokenDfxInfo& info);
 void ReportSysEventServiceStartError(SceneCode scene, const std::string& errMsg, int32_t errCode);
+void ReportSysCommonEventError(int32_t ipcCode, int32_t errCode);
+void ReportSysEventAddHap(const AccessTokenDfxInfo& info);
+
 } // namespace AccessToken
 } // namespace Security
 } // namespace OHOS
diff --git a/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h b/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h
index e0b4eb58ccdf3f6fbfdd309c3a3abb4c9fa93fc9..90b2b6f84048452a7307a2b6f610ee9cdfe24a22 100644
--- a/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h
+++ b/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h
@@ -67,6 +67,8 @@ public:
         const std::string& bundleName, const std::string& abilityName);
     int32_t CheckAndUpdatePermission(AccessTokenID tokenID, const std::string& permissionName,
         bool isGranted, uint32_t flag);
+    int32_t CheckAndUpdatePermissionInner(AccessTokenID tokenID, const std::string& permissionName,
+        bool isGranted, uint32_t flag);
     int32_t UpdatePermission(AccessTokenID tokenID, const std::string& permissionName,
         bool isGranted, uint32_t flag, bool needKill);
     int32_t GrantPermission(AccessTokenID tokenID, const std::string& permissionName, uint32_t flag);
@@ -83,6 +85,7 @@ public:
         std::vector<PermissionStatus>& permsList, int32_t apiVersion);
     void NotifyPermGrantStoreResult(bool result, uint64_t timestamp);
     void ParamUpdate(const std::string& permissionName, uint32_t flag, bool filtered);
+    void ParamFlagUpdate();
     void NotifyWhenPermissionStateUpdated(AccessTokenID tokenID, const std::string& permissionName,
         bool isGranted, uint32_t flag, const std::shared_ptr<HapTokenInfoInner>& infoPtr);
     void AddNativePermToKernel(
@@ -114,7 +117,7 @@ private:
     bool GetLocationPermissionState(AccessTokenID tokenID, std::vector<PermissionListStateParcel>& reqPermList,
         std::vector<PermissionStatus>& permsList, int32_t apiVersion, const LocationIndex& locationIndex);
     bool IsPermissionStateOrFlagMatched(const PermissionStatus& stata1, const PermissionStatus& stata2);
-    AbilityManagerAccessLoaderInterface* GetAbilityManager();
+    std::shared_ptr<LibraryLoader> GetAbilityManager();
 
     PermissionGrantEvent grantEvent_;
     static std::recursive_mutex mutex_;
@@ -123,6 +126,9 @@ private:
     OHOS::Utils::RWLock permParamSetLock_;
     uint64_t paramValue_ = 0;
 
+    OHOS::Utils::RWLock permFlagParamSetLock_;
+    uint64_t paramFlagValue_ = 0;
+
     OHOS::Utils::RWLock permToggleStateLock_;
     DISALLOW_COPY_AND_MOVE(PermissionManager);
 
diff --git a/services/accesstokenmanager/main/cpp/include/permission/temp_permission_observer.h b/services/accesstokenmanager/main/cpp/include/permission/temp_permission_observer.h
index c9e96dc8fbebb0d7424011f45ede90f256204160..c910d555d538cf57aab9b1a7002294b71ea2a276 100644
--- a/services/accesstokenmanager/main/cpp/include/permission/temp_permission_observer.h
+++ b/services/accesstokenmanager/main/cpp/include/permission/temp_permission_observer.h
@@ -120,7 +120,7 @@ private:
     std::shared_ptr<AccessEventHandler> eventHandler_;
     std::mutex eventHandlerLock_;
 #endif
-    int32_t cancleTimes_;
+    int32_t cancelTimes_;
     std::mutex tempPermissionMutex_;
     std::map<AccessTokenID, std::vector<bool>> tempPermTokenMap_;
 
diff --git a/services/privacymanager/include/seccomp/privacy_sec_comp_enhance_agent.h b/services/accesstokenmanager/main/cpp/include/seccomp/sec_comp_enhance_agent.h
similarity index 56%
rename from services/privacymanager/include/seccomp/privacy_sec_comp_enhance_agent.h
rename to services/accesstokenmanager/main/cpp/include/seccomp/sec_comp_enhance_agent.h
index 76896f7b09a8dd590c4f2bf27466a5be76a0683b..099be0afd8e9cafd4ddf916a178f71eeaf0c30cd 100644
--- a/services/privacymanager/include/seccomp/privacy_sec_comp_enhance_agent.h
+++ b/services/accesstokenmanager/main/cpp/include/seccomp/sec_comp_enhance_agent.h
@@ -21,52 +21,35 @@
 #include "app_status_change_callback.h"
 #include "nocopyable.h"
 #include "sec_comp_enhance_data.h"
+#include "sec_comp_monitor.h"
 
 namespace OHOS {
 namespace Security {
 namespace AccessToken {
-class PrivacyAppUsingSecCompStateObserver : public ApplicationStateObserverStub {
+#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE
+class SecCompEnhanceAgent final {
 public:
-    PrivacyAppUsingSecCompStateObserver() = default;
-    ~PrivacyAppUsingSecCompStateObserver() = default;
-
-    void OnProcessDied(const ProcessData &processData) override;
-    DISALLOW_COPY_AND_MOVE(PrivacyAppUsingSecCompStateObserver);
-};
-
-class PrivacySecCompAppManagerDeathCallback : public AppManagerDeathCallback {
-public:
-    PrivacySecCompAppManagerDeathCallback() = default;
-    ~PrivacySecCompAppManagerDeathCallback() = default;
-
-    void NotifyAppManagerDeath() override;
-    DISALLOW_COPY_AND_MOVE(PrivacySecCompAppManagerDeathCallback);
-};
-
-class PrivacySecCompEnhanceAgent final {
-public:
-    static PrivacySecCompEnhanceAgent& GetInstance();
-    virtual ~PrivacySecCompEnhanceAgent();
+    static SecCompEnhanceAgent& GetInstance();
+    virtual ~SecCompEnhanceAgent();
 
     int32_t RegisterSecCompEnhance(const SecCompEnhanceData& enhanceData);
     int32_t UpdateSecCompEnhance(int32_t pid, uint32_t seqNum);
     int32_t GetSecCompEnhance(int32_t pid, SecCompEnhanceData& enhanceData);
-    int32_t GetSpecialSecCompEnhance(const std::string& bundleName,
-        std::vector<SecCompEnhanceData>& enhanceList);
     void RemoveSecCompEnhance(int pid);
     void OnAppMgrRemoteDiedHandle();
 
 private:
-    PrivacySecCompEnhanceAgent();
+    SecCompEnhanceAgent();
     void InitAppObserver();
-    DISALLOW_COPY_AND_MOVE(PrivacySecCompEnhanceAgent);
+    DISALLOW_COPY_AND_MOVE(SecCompEnhanceAgent);
 
 private:
-    sptr<PrivacyAppUsingSecCompStateObserver> observer_ = nullptr;
-    std::shared_ptr<PrivacySecCompAppManagerDeathCallback> appManagerDeathCallback_ = nullptr;
+    sptr<SecCompUsageObserver> observer_ = nullptr;
+    std::shared_ptr<SecCompAppManagerDeathCallback> appManagerDeathCallback_ = nullptr;
     std::mutex secCompEnhanceMutex_;
     std::vector<SecCompEnhanceData> secCompEnhanceData_;
 };
+#endif
 } // namespace AccessToken
 } // namespace Security
 } // namespace OHOS
diff --git a/services/accesstokenmanager/main/cpp/include/seccomp/sec_comp_monitor.h b/services/accesstokenmanager/main/cpp/include/seccomp/sec_comp_monitor.h
new file mode 100644
index 0000000000000000000000000000000000000000..5cd28ce653282655d542de5b188a5de44303a5eb
--- /dev/null
+++ b/services/accesstokenmanager/main/cpp/include/seccomp/sec_comp_monitor.h
@@ -0,0 +1,69 @@
+/*
+ * Copyright (c) 2025 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#ifndef PERMISSION_SEC_COMP_MONITOR_H
+#define PERMISSION_SEC_COMP_MONITOR_H
+
+#include <mutex>
+#include <set>
+#include <vector>
+#include "app_manager_death_callback.h"
+#include "app_status_change_callback.h"
+#include "nocopyable.h"
+
+namespace OHOS {
+namespace Security {
+namespace AccessToken {
+class SecCompUsageObserver : public ApplicationStateObserverStub {
+public:
+    SecCompUsageObserver() = default;
+    ~SecCompUsageObserver() = default;
+
+    void OnProcessDied(const ProcessData &processData) override;
+    void OnProcessStateChanged(const ProcessData &processData) override;
+    void OnAppCacheStateChanged(const AppStateData &appStateData) override;
+    DISALLOW_COPY_AND_MOVE(SecCompUsageObserver);
+};
+
+class SecCompAppManagerDeathCallback : public AppManagerDeathCallback {
+public:
+    SecCompAppManagerDeathCallback() = default;
+    ~SecCompAppManagerDeathCallback() = default;
+
+    void NotifyAppManagerDeath() override;
+    DISALLOW_COPY_AND_MOVE(SecCompAppManagerDeathCallback);
+};
+
+class SecCompMonitor final {
+public:
+    static SecCompMonitor& GetInstance();
+    ~SecCompMonitor();
+
+    void RemoveProcessFromForegroundList(int32_t pid);
+    bool IsToastShownNeeded(int32_t pid);
+    void OnAppMgrRemoteDiedHandle();
+
+private:
+    SecCompMonitor();
+    void InitAppObserver();
+    DISALLOW_COPY_AND_MOVE(SecCompMonitor);
+    sptr<SecCompUsageObserver> observer_ = nullptr;
+    std::shared_ptr<SecCompAppManagerDeathCallback> appManagerDeathCallback_ = nullptr;
+    std::mutex appfgLock_;
+    std::set<int32_t> appsInForeground_;
+};
+} // namespace AccessToken
+} // namespace Security
+} // namespace OHOS
+#endif // PERMISSION_SEC_COMP_MONITOR_H
diff --git a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h
index befb3df1bcf8fc6344b1f543c97d2ae639eac167..cd14e79d9e081f69f42964e666345847615aa7b1 100644
--- a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h
+++ b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h
@@ -18,14 +18,16 @@
 
 #include <string>
 #include <vector>
+#include <unordered_set>
 
-#include "accesstoken_manager_stub.h"
+#include "access_token_manager_stub.h"
 #ifdef EVENTHANDLER_ENABLE
 #include "access_event_handler.h"
 #endif
 #include "access_token.h"
 #include "hap_token_info.h"
 #include "iremote_object.h"
+#include "json_parse_loader.h"
 #include "nocopyable.h"
 #include "singleton.h"
 #include "system_ability.h"
@@ -45,19 +47,20 @@ public:
     void OnAddSystemAbility(int32_t systemAbilityId, const std::string& deviceId) override;
     void OnRemoveSystemAbility(int32_t systemAbilityId, const std::string& deviceId) override;
 
-    AccessTokenIDEx AllocHapToken(const HapInfoParcel& info, const HapPolicyParcel& policy) override;
-    PermUsedTypeEnum GetPermissionUsedType(
-        AccessTokenID tokenID, const std::string& permissionName) override;
-    int32_t InitHapToken(const HapInfoParcel& info, HapPolicyParcel& policy,
-        AccessTokenIDEx& fullTokenId, HapInfoCheckResult& result) override;
+    int32_t AllocHapToken(const HapInfoParcel& info, const HapPolicyParcel& policy, uint64_t& fullTokenId) override;
+    int32_t GetPermissionUsedType(
+        AccessTokenID tokenID, const std::string& permissionName, int32_t& permUsedType) override;
+    int32_t InitHapToken(const HapInfoParcel& info, const HapPolicyParcel& policy,
+        uint64_t& fullTokenId, HapInfoCheckResultIdl& resultInfoIdl) override;
     int VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName) override;
     int VerifyAccessToken(AccessTokenID tokenID,
         const std::vector<std::string>& permissionList, std::vector<int32_t>& permStateList) override;
     int GetDefPermission(const std::string& permissionName, PermissionDefParcel& permissionDefResult) override;
     int GetReqPermissions(
         AccessTokenID tokenID, std::vector<PermissionStatusParcel>& reqPermList, bool isSystemGrant) override;
-    PermissionOper GetSelfPermissionsState(std::vector<PermissionListStateParcel>& reqPermList,
-        PermissionGrantInfoParcel& infoParcel) override;
+    int32_t GetSelfPermissionStatus(const std::string& permissionName, int32_t& status) override;
+    int32_t GetSelfPermissionsState(std::vector<PermissionListStateParcel>& reqPermList,
+        PermissionGrantInfoParcel& infoParcel, int32_t& permOper) override;
     int32_t GetPermissionsStatus(AccessTokenID tokenID, std::vector<PermissionListStateParcel>& reqPermList) override;
     int GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName, uint32_t& flag) override;
     int32_t SetPermissionRequestToggleStatus(const std::string& permissionName, uint32_t status,
@@ -71,14 +74,17 @@ public:
         AccessTokenID tokenID, const std::string& permissionName, uint32_t onceTime) override;
     int ClearUserGrantedPermissionState(AccessTokenID tokenID) override;
     int DeleteToken(AccessTokenID tokenID) override;
-    int GetTokenType(AccessTokenID tokenID) override;
-    AccessTokenIDEx GetHapTokenID(int32_t userID, const std::string& bundleName, int32_t instIndex) override;
-    AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID) override;
+    int GetTokenType(AccessTokenID tokenID);
+    int GetTokenType(AccessTokenID tokenID, int32_t& tokenType) override;
+    int32_t GetHapTokenID(
+        int32_t userID, const std::string& bundleName, int32_t instIndex, uint64_t& fullTokenId) override;
+    int32_t AllocLocalTokenID(
+        const std::string& remoteDeviceID, AccessTokenID remoteTokenID, AccessTokenID& tokenId) override;
     int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfoParcel& infoParcel) override;
-    int32_t GetTokenIDByUserID(int32_t userID, std::unordered_set<AccessTokenID>& tokenIdList) override;
+    int32_t GetTokenIDByUserID(int32_t userID, std::vector<AccessTokenID>& tokenIds) override;
     int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfoParcel& infoParcel) override;
-    int32_t UpdateHapToken(AccessTokenIDEx& tokenIdEx, const UpdateHapInfoParams& info,
-        const HapPolicyParcel& policyParcel, HapInfoCheckResult& result) override;
+    int32_t UpdateHapToken(uint64_t& fullTokenId, const UpdateHapInfoParamsIdl& infoIdl,
+        const HapPolicyParcel& policyParcel, HapInfoCheckResultIdl& resultInfoIdl) override;
     int32_t RegisterPermStateChangeCallback(
         const PermStateChangeScopeParcel& scope, const sptr<IRemoteObject>& callback) override;
     int32_t UnRegisterPermStateChangeCallback(const sptr<IRemoteObject>& callback) override;
@@ -90,37 +96,54 @@ public:
 #endif
     int GetHapTokenInfoExtension(AccessTokenID tokenID,
         HapTokenInfoParcel& hapTokenInfoRes, std::string& appID) override;
-    AccessTokenID GetNativeTokenId(const std::string& processName) override;
+    int32_t GetNativeTokenId(const std::string& processName, AccessTokenID& tokenID) override;
+#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE
+    int32_t RegisterSecCompEnhance(const SecCompEnhanceDataParcel& enhanceParcel) override;
+    int32_t UpdateSecCompEnhance(int32_t pid, uint32_t seqNum) override;
+    int32_t GetSecCompEnhance(int32_t pid, SecCompEnhanceDataParcel& enhanceParcel) override;
+#endif
+    int32_t IsToastShownNeeded(int32_t pid, bool& needToShow) override;
 
 #ifdef TOKEN_SYNC_ENABLE
     int GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSyncParcel& hapSyncParcel) override;
-    int SetRemoteHapTokenInfo(const std::string& deviceID, HapTokenInfoForSyncParcel& hapSyncParcel) override;
+    int SetRemoteHapTokenInfo(const std::string& deviceID, const HapTokenInfoForSyncParcel& hapSyncParcel) override;
     int DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID) override;
-    AccessTokenID GetRemoteNativeTokenID(const std::string& deviceID, AccessTokenID tokenID) override;
+    int32_t GetRemoteNativeTokenID(const std::string& deviceID, AccessTokenID tokenID, AccessTokenID& tokenId) override;
     int DeleteRemoteDeviceTokens(const std::string& deviceID) override;
     int32_t RegisterTokenSyncCallback(const sptr<IRemoteObject>& callback) override;
     int32_t UnRegisterTokenSyncCallback() override;
 #endif
     int32_t GetKernelPermissions(
-        AccessTokenID tokenId, std::vector<PermissionWithValue>& kernelPermList) override;
+        AccessTokenID tokenId, std::vector<PermissionWithValueIdl>& kernelPermIdlList) override;
     int32_t GetReqPermissionByName(
         AccessTokenID tokenId, const std::string& permissionName, std::string& value) override;
     int SetPermDialogCap(const HapBaseInfoParcel& hapBaseInfoParcel, bool enable) override;
-    void GetPermissionManagerInfo(PermissionGrantInfoParcel& infoParcel) override;
-    int32_t InitUserPolicy(const std::vector<UserState>& userList, const std::vector<std::string>& permList) override;
-    int32_t UpdateUserPolicy(const std::vector<UserState>& userList) override;
+    int32_t GetPermissionManagerInfo(PermissionGrantInfoParcel& infoParcel) override;
+    int32_t InitUserPolicy(
+        const std::vector<UserStateIdl>& userIdlList, const std::vector<std::string>& permList) override;
+    int32_t UpdateUserPolicy(const std::vector<UserStateIdl>& userIdlList) override;
     int32_t ClearUserPolicy() override;
-    void DumpTokenInfo(const AtmToolsParamInfoParcel& infoParcel, std::string& dumpInfo) override;
+    int32_t DumpTokenInfo(const AtmToolsParamInfoParcel& infoParcel, std::string& dumpInfo) override;
     int32_t GetVersion(uint32_t& version) override;
     int Dump(int fd, const std::vector<std::u16string>& args) override;
 
+    int32_t CallbackEnter(uint32_t code) override;
+    int32_t CallbackExit(uint32_t code, int32_t result) override;
+
 private:
     void GetValidConfigFilePathList(std::vector<std::string>& pathList);
     bool GetConfigGrantValueFromFile(std::string& fileContent);
-    void GetConfigValue();
+    void SetFlagIfNeed(const AccessTokenServiceConfig& atConfig, int32_t& cancelTime, uint32_t& parseConfigFlag);
+    void GetConfigValue(uint32_t& parseConfigFlag);
     bool Initialize();
     void AccessTokenServiceParamSet() const;
     PermissionOper GetPermissionsState(AccessTokenID tokenID, std::vector<PermissionListStateParcel>& reqPermList);
+    int32_t UpdateHapTokenCore(AccessTokenIDEx& tokenIdEx, const UpdateHapInfoParams& info,
+        const HapPolicyParcel& policyParcel, HapInfoCheckResultIdl& resultInfoIdl);
+    void ReportAddHap(const HapInfoParcel& info, const HapPolicyParcel& policy);
+    void ReportAddHapFinish(AccessTokenIDEx fullTokenId, const HapInfoParcel& info, int64_t beginTime,
+        int32_t errorCode);
+
     ServiceRunningState state_;
     std::string grantBundleName_;
     std::string grantAbilityName_;
@@ -128,6 +151,20 @@ private:
     std::string permStateAbilityName_;
     std::string globalSwitchAbilityName_;
     std::string applicationSettingAbilityName_;
+
+    bool IsPrivilegedCalling() const;
+    bool IsAccessTokenCalling();
+    bool IsNativeProcessCalling();
+    bool IsSystemAppCalling() const;
+    bool IsShellProcessCalling();
+    bool IsSecCompServiceCalling();
+#ifndef ATM_BUILD_VARIANT_USER_ENABLE
+    static const int32_t ROOT_UID = 0;
+#endif
+    static const int32_t ACCESSTOKEN_UID = 3020;
+
+    AccessTokenID tokenSyncId_ = 0;
+    AccessTokenID secCompTokenId_ = 0;
 };
 } // namespace AccessToken
 } // namespace Security
diff --git a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_stub.h b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_stub.h
deleted file mode 100644
index 03647a2e53455f54d9065aad8f0582b0de3e25a5..0000000000000000000000000000000000000000
--- a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_stub.h
+++ /dev/null
@@ -1,113 +0,0 @@
-/*
- * Copyright (c) 2021-2024 Huawei Device Co., Ltd.
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef ACCESSTOKEN_MANAGER_STUB_H
-#define ACCESSTOKEN_MANAGER_STUB_H
-
-#include <map>
-
-#include "i_accesstoken_manager.h"
-
-#include "iremote_stub.h"
-#include "nocopyable.h"
-
-namespace OHOS {
-namespace Security {
-namespace AccessToken {
-class AccessTokenManagerStub : public IRemoteStub<IAccessTokenManager> {
-public:
-    AccessTokenManagerStub();
-    virtual ~AccessTokenManagerStub();
-
-    int OnRemoteRequest(uint32_t code, MessageParcel& data, MessageParcel& reply, MessageOption& options) override;
-
-private:
-    void GetPermissionUsedTypeInner(MessageParcel& data, MessageParcel& reply);
-    void VerifyAccessTokenInner(MessageParcel& data, MessageParcel& reply);
-    void VerifyAccessTokenWithListInner(MessageParcel& data, MessageParcel& reply);
-    void GetDefPermissionInner(MessageParcel& data, MessageParcel& reply);
-    void GetReqPermissionsInner(MessageParcel& data, MessageParcel& reply);
-    void GetSelfPermissionsStateInner(MessageParcel& data, MessageParcel& reply);
-    void GetPermissionsStatusInner(MessageParcel& data, MessageParcel& reply);
-    void GetPermissionFlagInner(MessageParcel& data, MessageParcel& reply);
-    void SetPermissionRequestToggleStatusInner(MessageParcel& data, MessageParcel& reply);
-    void GetPermissionRequestToggleStatusInner(MessageParcel& data, MessageParcel& reply);
-    void RequestAppPermOnSettingInner(MessageParcel& data, MessageParcel& reply);
-    void GrantPermissionInner(MessageParcel& data, MessageParcel& reply);
-    void RevokePermissionInner(MessageParcel& data, MessageParcel& reply);
-    void GrantPermissionForSpecifiedTimeInner(MessageParcel& data, MessageParcel& reply);
-    void ClearUserGrantedPermissionStateInner(MessageParcel& data, MessageParcel& reply);
-    void AllocHapTokenInner(MessageParcel& data, MessageParcel& reply);
-    void InitHapTokenInner(MessageParcel& data, MessageParcel& reply);
-    void DeleteTokenInfoInner(MessageParcel& data, MessageParcel& reply);
-    void UpdateHapTokenInner(MessageParcel& data, MessageParcel& reply);
-    void GetTokenIDByUserIDInner(MessageParcel& data, MessageParcel& reply);
-    void GetHapTokenInfoInner(MessageParcel& data, MessageParcel& reply);
-    void GetNativeTokenInfoInner(MessageParcel& data, MessageParcel& reply);
-    void AllocLocalTokenIDInner(MessageParcel& data, MessageParcel& reply);
-    void GetHapTokenIDInner(MessageParcel& data, MessageParcel& reply);
-    void GetTokenTypeInner(MessageParcel& data, MessageParcel& reply);
-    void RegisterPermStateChangeCallbackInner(MessageParcel& data, MessageParcel& reply);
-    void UnRegisterPermStateChangeCallbackInner(MessageParcel& data, MessageParcel& reply);
-    void RegisterSelfPermStateChangeCallbackInner(MessageParcel& data, MessageParcel& reply);
-    void UnRegisterSelfPermStateChangeCallbackInner(MessageParcel& data, MessageParcel& reply);
-#ifndef ATM_BUILD_VARIANT_USER_ENABLE
-    void ReloadNativeTokenInfoInner(MessageParcel& data, MessageParcel& reply);
-    void DumpPermDefInfoInner(MessageParcel& data, MessageParcel& reply);
-#endif
-    void GetHapTokenInfoExtensionInner(MessageParcel& data, MessageParcel& reply);
-    void GetNativeTokenIdInner(MessageParcel& data, MessageParcel& reply);
-
-#ifdef TOKEN_SYNC_ENABLE
-    void GetHapTokenInfoFromRemoteInner(MessageParcel& data, MessageParcel& reply);
-    void SetRemoteHapTokenInfoInner(MessageParcel& data, MessageParcel& reply);
-    void DeleteRemoteTokenInner(MessageParcel& data, MessageParcel& reply);
-    void DeleteRemoteDeviceTokensInner(MessageParcel& data, MessageParcel& reply);
-    void GetRemoteNativeTokenIDInner(MessageParcel& data, MessageParcel& reply);
-    void RegisterTokenSyncCallbackInner(MessageParcel& data, MessageParcel& reply);
-    void UnRegisterTokenSyncCallbackInner(MessageParcel& data, MessageParcel& reply);
-    void SetTokenSyncFuncInMap();
-#endif
-    void SetPermissionOpFuncInMap();
-    void SetLocalTokenOpFuncInMap();
-    void DumpTokenInfoInner(MessageParcel& data, MessageParcel& reply);
-    void GetVersionInner(MessageParcel& data, MessageParcel& reply);
-    void SetPermDialogCapInner(MessageParcel& data, MessageParcel& reply);
-    void GetPermissionManagerInfoInner(MessageParcel& data, MessageParcel& reply);
-    void InitUserPolicyInner(MessageParcel& data, MessageParcel& reply);
-    void UpdateUserPolicyInner(MessageParcel& data, MessageParcel& reply);
-    void ClearUserPolicyInner(MessageParcel& data, MessageParcel& reply);
-    void GetReqPermissionByNameInner(MessageParcel& data, MessageParcel& reply);
-    void GetKernelPermissionsInner(MessageParcel& data, MessageParcel& reply);
-
-    bool IsPrivilegedCalling() const;
-    bool IsAccessTokenCalling();
-    bool IsNativeProcessCalling();
-    bool IsSystemAppCalling() const;
-    bool IsShellProcessCalling();
-#ifndef ATM_BUILD_VARIANT_USER_ENABLE
-    static const int32_t ROOT_UID = 0;
-#endif
-    static const int32_t ACCESSTOKEN_UID = 3020;
-
-    AccessTokenID tokenSyncId_ = 0;
-
-    using RequestFuncType = void (AccessTokenManagerStub::*)(MessageParcel &data, MessageParcel &reply);
-    std::map<uint32_t, RequestFuncType> requestFuncMap_;
-};
-} // namespace AccessToken
-} // namespace Security
-} // namespace OHOS
-#endif // ACCESSTOKEN_MANAGER_STUB_H
diff --git a/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h b/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h
index e2819047c99c233651cb6cac02c080695511f758..0242c11545f8290ca6ba33090c81642d94eb6d9b 100644
--- a/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h
+++ b/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h
@@ -46,7 +46,7 @@ class AccessTokenInfoManager final {
 public:
     static AccessTokenInfoManager& GetInstance();
     ~AccessTokenInfoManager();
-    void Init();
+    void Init(uint32_t& hapSize, uint32_t& nativeSize, uint32_t& pefDefSize, uint32_t& dlpSize);
     void InitNativeTokenInfos(const std::vector<NativeTokenInfoBase>& tokenInfos);
     int32_t GetTokenIDByUserID(int32_t userID, std::unordered_set<AccessTokenID>& tokenIdList);
     std::shared_ptr<HapTokenInfoInner> GetHapTokenInfoInner(AccessTokenID id);
@@ -104,10 +104,14 @@ private:
     AccessTokenInfoManager();
     DISALLOW_COPY_AND_MOVE(AccessTokenInfoManager);
 
+    int32_t AddHapInfoToCache(const GenericValues& tokenValue, const std::vector<GenericValues>& permStateRes,
+        const std::vector<GenericValues>& extendedPermRes);
     void InitHapTokenInfos(uint32_t& hapSize);
-    int AddHapTokenInfo(const std::shared_ptr<HapTokenInfoInner>& info);
+    void ReportAddHapIdChange(const std::shared_ptr<HapTokenInfoInner>& hapInfo, AccessTokenID oriTokenId);
+    int AddHapTokenInfo(const std::shared_ptr<HapTokenInfoInner>& info, AccessTokenID& oriTokenId);
     std::string GetHapUniqueStr(const std::shared_ptr<HapTokenInfoInner>& info) const;
     std::string GetHapUniqueStr(const int& userID, const std::string& bundleName, const int& instIndex) const;
+    int32_t RegisterTokenId(const HapInfoParams& info, AccessTokenID& tokenId);
     int AddHapTokenInfoToDb(const std::shared_ptr<HapTokenInfoInner>& hapInfo,
         const std::string& appId, const HapPolicy& policy, bool isUpdate);
     int RemoveHapTokenInfoFromDb(const std::shared_ptr<HapTokenInfoInner>& info);
@@ -139,6 +143,7 @@ private:
     void NativeTokenToString(AccessTokenID tokenID, std::string& info);
     int32_t CheckHapInfoParam(const HapInfoParams& info, const HapPolicy& policy);
     void UpdateHapToKernel(AccessTokenID tokenID, int32_t userId);
+    std::shared_ptr<HapTokenInfoInner> GetHapTokenInfoInnerFromDb(AccessTokenID id);
     bool hasInited_;
     std::atomic_int32_t dumpTaskNum_;
 
diff --git a/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h b/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h
index 4b0c7ef8234d63ec54af59ae7010314af283ceaf..e0d3ad63e3f8e9c113ca920d623fe8a63c546036 100644
--- a/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h
+++ b/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h
@@ -52,6 +52,7 @@ public:
     HapTokenInfo GetHapInfoBasic() const;
     int GetUserID() const;
     int GetDlpType() const;
+    AccessTokenAttr GetAttr() const;
     std::string GetBundleName() const;
     int GetInstIndex() const;
     AccessTokenID GetTokenID() const;
diff --git a/services/accesstokenmanager/main/cpp/include/token/token_modify_notifier.h b/services/accesstokenmanager/main/cpp/include/token/token_modify_notifier.h
index 22620fa41d3044573eb6cea1d2e01aa9ffb9481b..bff43d416d4796c173b37b86dbd266054a2c4233 100644
--- a/services/accesstokenmanager/main/cpp/include/token/token_modify_notifier.h
+++ b/services/accesstokenmanager/main/cpp/include/token/token_modify_notifier.h
@@ -24,9 +24,7 @@
 #include "i_token_sync_callback.h"
 #include "nocopyable.h"
 #include "rwlock.h"
-#ifndef RESOURCESCHEDULE_FFRT_ENABLE
 #include "thread_pool.h"
-#endif
 #include "callback_death_recipients.h"
 
 namespace OHOS {
@@ -44,11 +42,6 @@ public:
     int32_t GetRemoteHapTokenInfo(const std::string& deviceID, AccessTokenID tokenID);
     int32_t RegisterTokenSyncCallback(const sptr<IRemoteObject>& callback);
     int32_t UnRegisterTokenSyncCallback();
-#ifdef RESOURCESCHEDULE_FFRT_ENABLE
-    int32_t GetCurTaskNum();
-    void AddCurTaskNum();
-    void ReduceCurTaskNum();
-#endif
 
 private:
     TokenModifyNotifier();
@@ -56,12 +49,9 @@ private:
 
     bool hasInited_;
     OHOS::Utils::RWLock initLock_;
-    OHOS::Utils::RWLock Notifylock_;
-#ifdef RESOURCESCHEDULE_FFRT_ENABLE
-    std::atomic_int32_t curTaskNum_;
-#else
+    OHOS::Utils::RWLock listLock_;
+    OHOS::Utils::RWLock notifyLock_;
     OHOS::ThreadPool notifyTokenWorker_;
-#endif
     std::set<AccessTokenID> observationSet_;
     std::vector<AccessTokenID> deleteTokenList_;
     std::vector<AccessTokenID> modifiedTokenList_;
diff --git a/services/accesstokenmanager/main/cpp/src/callback/callback_manager.cpp b/services/accesstokenmanager/main/cpp/src/callback/callback_manager.cpp
index 70a6d93d824e9b34dc5ccdd188117795a5ccd6cf..a5bb529082a5d444471a0e6689c3f65d2286f2cc 100644
--- a/services/accesstokenmanager/main/cpp/src/callback/callback_manager.cpp
+++ b/services/accesstokenmanager/main/cpp/src/callback/callback_manager.cpp
@@ -30,9 +30,7 @@ namespace Security {
 namespace AccessToken {
 namespace {
 static const uint32_t MAX_CALLBACK_SIZE = 1024;
-#ifndef RESOURCESCHEDULE_FFRT_ENABLE
 static const int MAX_PTHREAD_NAME_LEN = 15; // pthread name max length
-#endif
 std::recursive_mutex g_instanceMutex;
 }
 
@@ -66,11 +64,7 @@ int32_t CallbackManager::AddCallback(const PermStateChangeScope& scopeRes, const
     }
     auto callbackScopePtr = std::make_shared<PermStateChangeScope>(scopeRes);
 
-#ifdef RESOURCESCHEDULE_FFRT_ENABLE
-    std::lock_guard<ffrt::mutex> lock(mutex_);
-#else
     std::lock_guard<std::mutex> lock(mutex_);
-#endif
     if (callbackInfoList_.size() >= MAX_CALLBACK_SIZE) {
         LOGE(ATM_DOMAIN, ATM_TAG, "Callback size has reached limitation");
         return AccessTokenError::ERR_CALLBACKS_EXCEED_LIMITATION;
@@ -96,11 +90,7 @@ int32_t CallbackManager::RemoveCallback(const sptr<IRemoteObject>& callback)
         return AccessTokenError::ERR_PARAM_INVALID;
     }
 
-#ifdef RESOURCESCHEDULE_FFRT_ENABLE
-    std::lock_guard<ffrt::mutex> lock(mutex_);
-#else
     std::lock_guard<std::mutex> lock(mutex_);
-#endif
 
     for (auto it = callbackInfoList_.begin(); it != callbackInfoList_.end(); ++it) {
         if (callback == (*it).callbackObject_) {
@@ -140,23 +130,6 @@ void CallbackManager::ExecuteAllCallback(std::vector<sptr<IRemoteObject>>& list,
     const std::string& permName, int32_t changeType)
 {
     for (auto it = list.begin(); it != list.end(); ++it) {
-#ifdef RESOURCESCHEDULE_FFRT_ENABLE
-        auto callbackSingle = [it, tokenID, permName, changeType]() {
-            sptr<IPermissionStateCallback> callback = new PermissionStateChangeCallbackProxy(*it);
-            if (callback != nullptr) {
-                LOGI(ATM_DOMAIN, ATM_TAG, "Callback execute, id=%{public}u perm=%{public}s changeType=%{public}d",
-                    tokenID, permName.c_str(), changeType);
-                PermStateChangeInfo resInfo;
-                resInfo.permStateChangeType = changeType;
-                resInfo.permissionName = permName;
-                resInfo.tokenID = tokenID;
-                callback->PermStateChangeCallback(resInfo);
-                LOGI(ATM_DOMAIN, ATM_TAG, "Callback execute end, "
-                    "id=%{public}u perm=%{public}s changeType=%{public}d", tokenID, permName.c_str(), changeType);
-            }
-        };
-        ffrt::submit(callbackSingle, {}, {}, ffrt::task_attr().qos(ffrt::qos_default));
-#else
         sptr<IPermissionStateCallback> callback = new PermissionStateChangeCallbackProxy(*it);
         if (callback != nullptr) {
             LOGI(ATM_DOMAIN, ATM_TAG, "Callback execute");
@@ -166,21 +139,13 @@ void CallbackManager::ExecuteAllCallback(std::vector<sptr<IRemoteObject>>& list,
             resInfo.tokenID = tokenID;
             callback->PermStateChangeCallback(resInfo);
         }
-#endif
     }
-#ifdef RESOURCESCHEDULE_FFRT_ENABLE
-    ffrt::wait();
-#endif
 }
 
 void CallbackManager::GetCallbackObjectList(AccessTokenID tokenID, const std::string& permName,
     std::vector<sptr<IRemoteObject>>& list)
 {
-#ifdef RESOURCESCHEDULE_FFRT_ENABLE
-    std::lock_guard<ffrt::mutex> lock(mutex_);
-#else
     std::lock_guard<std::mutex> lock(mutex_);
-#endif
     for (auto it = callbackInfoList_.begin(); it != callbackInfoList_.end(); ++it) {
         std::shared_ptr<PermStateChangeScope> scopePtr = (*it).scopePtr_;
         if (scopePtr == nullptr) {
@@ -204,23 +169,15 @@ void CallbackManager::ExecuteCallbackAsync(AccessTokenID tokenID, const std::str
     auto callbackStart = [this, tokenID, permName, changeType]() {
         LOGI(ATM_DOMAIN, ATM_TAG, "CallbackStart, id=%{public}u perm=%{public}s changeType=%{public}d",
             tokenID, permName.c_str(), changeType);
-#ifndef RESOURCESCHEDULE_FFRT_ENABLE
         std::string name = "AtmCallback";
         pthread_setname_np(pthread_self(), name.substr(0, MAX_PTHREAD_NAME_LEN).c_str());
-#endif
         std::vector<sptr<IRemoteObject>> list;
         this->GetCallbackObjectList(tokenID, permName, list);
         this->ExecuteAllCallback(list, tokenID, permName, changeType);
     };
 
-#ifdef RESOURCESCHEDULE_FFRT_ENABLE
-    std::string taskName = "AtmCallback";
-    ffrt::submit_h(callbackStart, {}, {},
-        ffrt::task_attr().qos(ffrt::qos_default).name(taskName.c_str()));
-#else
     std::packaged_task<void()> callbackTask(callbackStart);
     std::make_unique<std::thread>(std::move(callbackTask))->detach();
-#endif
     LOGD(ATM_DOMAIN, ATM_TAG, "The callback execution is complete");
 }
 } // namespace AccessToken
diff --git a/services/accesstokenmanager/main/cpp/src/database/access_token_db.cpp b/services/accesstokenmanager/main/cpp/src/database/access_token_db.cpp
index b1c4631b9e47a258b49e2535abc4f84211931d31..6a85638f89de5bb38059fe3bb84c107bda86b858 100644
--- a/services/accesstokenmanager/main/cpp/src/database/access_token_db.cpp
+++ b/services/accesstokenmanager/main/cpp/src/database/access_token_db.cpp
@@ -244,6 +244,7 @@ int32_t AccessTokenDb::Modify(const AtmDataType type, const GenericValues& modif
     std::string tableName;
     AccessTokenDbUtil::GetTableNameByType(type, tableName);
     if (tableName.empty()) {
+        LOGC(ATM_DOMAIN, ATM_TAG, "Get table name failed, type=%{public}d!", static_cast<int32_t>(type));
         return AccessTokenError::ERR_PARAM_INVALID;
     }
 
@@ -251,6 +252,7 @@ int32_t AccessTokenDb::Modify(const AtmDataType type, const GenericValues& modif
 
     AccessTokenDbUtil::ToRdbValueBucket(modifyValue, bucket);
     if (bucket.IsEmpty()) {
+        LOGC(ATM_DOMAIN, ATM_TAG, "To rdb value bucket failed!");
         return AccessTokenError::ERR_PARAM_INVALID;
     }
 
@@ -262,7 +264,7 @@ int32_t AccessTokenDb::Modify(const AtmDataType type, const GenericValues& modif
         OHOS::Utils::UniqueWriteGuard<OHOS::Utils::RWLock> lock(this->rwLock_);
         auto db = GetRdb();
         if (db == nullptr) {
-            LOGE(ATM_DOMAIN, ATM_TAG, "db is nullptr.");
+            LOGC(ATM_DOMAIN, ATM_TAG, "db is nullptr.");
             return AccessTokenError::ERR_DATABASE_OPERATE_FAILED;
         }
 
@@ -272,6 +274,7 @@ int32_t AccessTokenDb::Modify(const AtmDataType type, const GenericValues& modif
                 tableName.c_str(), res);
             int32_t result = RestoreAndUpdateIfCorrupt(res, changedRows, bucket, predicates, db);
             if (result != NativeRdb::E_OK) {
+                LOGC(ATM_DOMAIN, ATM_TAG, "Failed to restore and update, result is %{public}d.", result);
                 return result;
             }
         }
@@ -298,19 +301,19 @@ int32_t AccessTokenDb::RestoreAndQueryIfCorrupt(const NativeRdb::RdbPredicates&
             LOGW(ATM_DOMAIN, ATM_TAG, "Detech database corrupt, restore from backup!");
             res = db->Restore("");
             if (res != NativeRdb::E_OK) {
-                LOGE(ATM_DOMAIN, ATM_TAG, "Db restore failed, res is %{public}d.", res);
+                LOGC(ATM_DOMAIN, ATM_TAG, "Db restore failed, res is %{public}d.", res);
                 return res;
             }
             LOGI(ATM_DOMAIN, ATM_TAG, "Database restore success, try query again!");
 
             queryResultSet = db->Query(predicates, columns);
             if (queryResultSet == nullptr) {
-                LOGE(ATM_DOMAIN, ATM_TAG, "Failed to find records from table %{public}s again.",
+                LOGC(ATM_DOMAIN, ATM_TAG, "Failed to find records from table %{public}s again.",
                     predicates.GetTableName().c_str());
                 return AccessTokenError::ERR_DATABASE_OPERATE_FAILED;
             }
         } else {
-            LOGE(ATM_DOMAIN, ATM_TAG, "Failed to get result count.");
+            LOGC(ATM_DOMAIN, ATM_TAG, "Failed to get result count.");
             return AccessTokenError::ERR_DATABASE_OPERATE_FAILED;
         }
     }
@@ -337,19 +340,20 @@ int32_t AccessTokenDb::Find(AtmDataType type, const GenericValues& conditionValu
         OHOS::Utils::UniqueReadGuard<OHOS::Utils::RWLock> lock(this->rwLock_);
         auto db = GetRdb();
         if (db == nullptr) {
-            LOGE(ATM_DOMAIN, ATM_TAG, "db is nullptr.");
+            LOGC(ATM_DOMAIN, ATM_TAG, "db is nullptr.");
             return AccessTokenError::ERR_DATABASE_OPERATE_FAILED;
         }
 
         auto queryResultSet = db->Query(predicates, columns);
         if (queryResultSet == nullptr) {
-            LOGE(ATM_DOMAIN, ATM_TAG, "Failed to find records from table %{public}s.",
+            LOGC(ATM_DOMAIN, ATM_TAG, "Failed to find records from table %{public}s.",
                 tableName.c_str());
             return AccessTokenError::ERR_DATABASE_OPERATE_FAILED;
         }
 
         int32_t res = RestoreAndQueryIfCorrupt(predicates, columns, queryResultSet, db);
         if (res != 0) {
+            LOGC(ATM_DOMAIN, ATM_TAG, "Restore and query failed!");
             return res;
         }
 
@@ -382,14 +386,14 @@ int32_t AccessTokenDb::RestoreAndCommitIfCorrupt(const int32_t resultCode,
     LOGW(ATM_DOMAIN, ATM_TAG, "Detech database corrupt, restore from backup!");
     int32_t res = db->Restore("");
     if (res != NativeRdb::E_OK) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Db restore failed, res is %{public}d.", res);
+        LOGC(ATM_DOMAIN, ATM_TAG, "Db restore failed, res is %{public}d.", res);
         return res;
     }
     LOGI(ATM_DOMAIN, ATM_TAG, "Database restore success, try commit again!");
 
     res = db->Commit();
     if (res != NativeRdb::E_OK) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Failed to Commit again, res is %{public}d.", res);
+        LOGC(ATM_DOMAIN, ATM_TAG, "Failed to Commit again, res is %{public}d.", res);
         return res;
     }
 
@@ -406,7 +410,7 @@ int32_t AccessTokenDb::DeleteAndInsertValues(
         OHOS::Utils::UniqueWriteGuard<OHOS::Utils::RWLock> lock(this->rwLock_);
         std::shared_ptr<NativeRdb::RdbStore> db = GetRdb();
         if (db == nullptr) {
-            LOGE(ATM_DOMAIN, ATM_TAG, "db is nullptr.");
+            LOGC(ATM_DOMAIN, ATM_TAG, "db is nullptr.");
             return AccessTokenError::ERR_DATABASE_OPERATE_FAILED;
         }
 
@@ -418,6 +422,7 @@ int32_t AccessTokenDb::DeleteAndInsertValues(
             res = RemoveValues(delDataTypes[i], delValues[i]);
             if (res != 0) {
                 db->RollBack();
+                LOGC(ATM_DOMAIN, ATM_TAG, "Remove values failed, res is %{public}d.", res);
                 return res;
             }
         }
@@ -427,6 +432,7 @@ int32_t AccessTokenDb::DeleteAndInsertValues(
             res = AddValues(addDataTypes[i], addValues[i]);
             if (res != 0) {
                 db->RollBack();
+                LOGC(ATM_DOMAIN, ATM_TAG, "Add values failed, res is %{public}d.", res);
                 return res;
             }
         }
@@ -436,6 +442,7 @@ int32_t AccessTokenDb::DeleteAndInsertValues(
             LOGE(ATM_DOMAIN, ATM_TAG, "Failed to commit, res is %{public}d.", res);
             int32_t result = RestoreAndCommitIfCorrupt(res, db);
             if (result != NativeRdb::E_OK) {
+                LOGC(ATM_DOMAIN, ATM_TAG, "Failed to restore and commit, result is %{public}d.", result);
                 return result;
             }
         }
diff --git a/services/accesstokenmanager/main/cpp/src/database/access_token_db_util.cpp b/services/accesstokenmanager/main/cpp/src/database/access_token_db_util.cpp
index 21b3d9c3a479858f03a70cb0a80fa997ddaf6968..7b47a11e78ba4fd616d96ff8a4448f7b378d0c6a 100644
--- a/services/accesstokenmanager/main/cpp/src/database/access_token_db_util.cpp
+++ b/services/accesstokenmanager/main/cpp/src/database/access_token_db_util.cpp
@@ -17,8 +17,6 @@
 
 #include <map>
 
-#include "token_field_const.h"
-
 namespace OHOS {
 namespace Security {
 namespace AccessToken {
diff --git a/services/accesstokenmanager/main/cpp/src/database/data_translator.cpp b/services/accesstokenmanager/main/cpp/src/database/data_translator.cpp
index b5845c9be4f9777973f20deefbc7450fde65c1d5..dc496c85bbf7b01e3c1c6ed406640b05ddf426f7 100644
--- a/services/accesstokenmanager/main/cpp/src/database/data_translator.cpp
+++ b/services/accesstokenmanager/main/cpp/src/database/data_translator.cpp
@@ -76,7 +76,8 @@ int DataTranslator::TranslationIntoGenericValues(const PermissionStatus& inPermi
     GenericValues& outGenericValues)
 {
     outGenericValues.Put(TokenFiledConst::FIELD_PERMISSION_NAME, inPermissionState.permissionName);
-    outGenericValues.Put(TokenFiledConst::FIELD_DEVICE_ID, "");
+    outGenericValues.Put(TokenFiledConst::FIELD_DEVICE_ID, "PHONE-001");
+    outGenericValues.Put(TokenFiledConst::FIELD_GRANT_IS_GENERAL, 1);
     outGenericValues.Put(TokenFiledConst::FIELD_GRANT_STATE, inPermissionState.grantStatus);
     int32_t grantFlag = static_cast<int32_t>(inPermissionState.grantFlag);
     outGenericValues.Put(TokenFiledConst::FIELD_GRANT_FLAG, grantFlag);
@@ -133,13 +134,6 @@ int32_t DataTranslator::TranslationIntoExtendedPermission(
         return ERR_PARAM_INVALID;
     }
     perm.value = inGenericValues.GetString(TokenFiledConst::FIELD_VALUE);
-    if (perm.value.empty()) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Extended Permission value is empty");
-        HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "PERMISSION_CHECK",
-            HiviewDFX::HiSysEvent::EventType::FAULT, "CODE", LOAD_DATABASE_ERROR,
-            "ERROR_REASON", "extended value empty");
-        return ERR_PARAM_INVALID;
-    }
 
     return RET_SUCCESS;
 }
diff --git a/services/accesstokenmanager/main/cpp/src/dfx/hisysevent_adapter.cpp b/services/accesstokenmanager/main/cpp/src/dfx/hisysevent_adapter.cpp
index 18558ee01ff2c7a3d5b34c505385f8f4ef4b849a..f13756be48d35cc2d04d19dd1e8505f798554d21 100644
--- a/services/accesstokenmanager/main/cpp/src/dfx/hisysevent_adapter.cpp
+++ b/services/accesstokenmanager/main/cpp/src/dfx/hisysevent_adapter.cpp
@@ -39,11 +39,13 @@ void ReportSysEventPerformance()
     }
 }
 
-void ReportSysEventServiceStart(int32_t pid, uint32_t hapSize, uint32_t nativeSize, uint32_t permDefSize)
+void ReportSysEventServiceStart(const AccessTokenDfxInfo& info)
 {
     int32_t ret = HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "ACCESSTOKEN_SERVICE_START",
         HiviewDFX::HiSysEvent::EventType::STATISTIC,
-        "PID", pid, "HAP_SIZE", hapSize, "NATIVE_SIZE", nativeSize, "PERM_DEFINITION_SIZE", permDefSize);
+        "PID", info.pid, "HAP_SIZE", info.hapSize, "NATIVE_SIZE", info.nativeSize,
+        "PERM_DEFINITION_SIZE", info.permDefSize, "DLP_PERMISSION_SIZE", info.dlpSize,
+        "PARSE_CONFIG_FLAG", info.parseConfigFlag);
     if (ret != 0) {
         LOGE(ATM_DOMAIN, ATM_TAG, "Failed to write hisysevent write, ret %{public}d.", ret);
     }
@@ -57,6 +59,42 @@ void ReportSysEventServiceStartError(SceneCode scene, const std::string& errMsg,
         LOGE(ATM_DOMAIN, ATM_TAG, "Failed to write hisysevent write, ret %{public}d.", ret);
     }
 }
+
+void ReportSysCommonEventError(int32_t ipcCode, int32_t errCode)
+{
+    if (GetThreadErrorMsgLen() == 0) {
+        return;
+    }
+    int32_t ret = HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "ACCESSTOKEN_EXCEPTION",
+        HiviewDFX::HiSysEvent::EventType::FAULT, "SCENE_CODE", ipcCode, "ERROR_CODE", errCode,
+        "ERROR_MSG", GetThreadErrorMsg());
+    if (ret != 0) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Failed to write hisysevent write, ret %{public}d.", ret);
+    }
+    ClearThreadErrorMsg();
+}
+
+void ReportSysEventAddHap(const AccessTokenDfxInfo& info)
+{
+    if ((info.sceneCode != AddHapSceneCode::INSTALL_START) &&
+        (info.sceneCode != AddHapSceneCode::TOKEN_ID_CHANGE) &&
+        (info.sceneCode != AddHapSceneCode::INIT) &&
+        (info.sceneCode != AddHapSceneCode::MAP) &&
+        (info.sceneCode != AddHapSceneCode::INSTALL_FINISH)) {
+        return;
+    }
+    int32_t res = HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "ADD_HAP",
+        HiviewDFX::HiSysEvent::EventType::STATISTIC,
+        "SCENE_CODE", info.sceneCode, "TOKENID", info.tokenId, "ORI_TOKENID", info.oriTokenId,
+        "TOKENIDEX", static_cast<uint64_t>(info.tokenIdEx.tokenIDEx), "USERID", info.userId,
+        "BUNDLENAME", info.bundleName, "INSTINDEX", info.instIndex, "DLP_TYPE", info.dlpType,
+        "IS_RESTORE", info.isRestore, "PERM_INFO", info.permInfo, "ACL_INFO", info.aclInfo,
+        "PREAUTH_INFO", info.preauthInfo, "EXTEND_INFO", info.extendInfo, "DURATION", info.duration,
+        "ERROR_CODE", info.errorCode);
+    if (res != 0) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Failed to write hisysevent write, ret %{public}d.", res);
+    }
+}
 } // namespace AccessToken
 } // namespace Security
 } // namespace OHOS
\ No newline at end of file
diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_data_brief.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_data_brief.cpp
index 3c76de83742a6f80614a35cb0984109efd12599f..f9f9ca828dffb590e43c90eceb68ad98a6d72485 100644
--- a/services/accesstokenmanager/main/cpp/src/permission/permission_data_brief.cpp
+++ b/services/accesstokenmanager/main/cpp/src/permission/permission_data_brief.cpp
@@ -411,7 +411,7 @@ int32_t PermissionDataBrief::UpdatePermStateList(
 {
     auto iterPermData = requestedPermData_.find(tokenId);
     if (iterPermData == requestedPermData_.end()) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "TokenID %{public}d is not exist.", tokenId);
+        LOGC(ATM_DOMAIN, ATM_TAG, "TokenID %{public}d is not exist.", tokenId);
         return ERR_TOKEN_INVALID;
     }
     std::vector<BriefPermData>& permBriefDatalist = requestedPermData_[tokenId];
@@ -420,12 +420,12 @@ int32_t PermissionDataBrief::UpdatePermStateList(
             return opCode == permData.permCode;
         });
     if (iter == permBriefDatalist.end()) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Permission not request!");
+        LOGC(ATM_DOMAIN, ATM_TAG, "Permission not request!");
         return AccessTokenError::ERR_PARAM_INVALID;
     }
     
     if ((static_cast<uint32_t>(iter->flag) & PERMISSION_SYSTEM_FIXED) == PERMISSION_SYSTEM_FIXED) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Permission fixed by system!");
+        LOGC(ATM_DOMAIN, ATM_TAG, "Permission fixed by system!");
         return AccessTokenError::ERR_PARAM_INVALID;
     }
     iter->status = isGranted ? PERMISSION_GRANTED : PERMISSION_DENIED;
@@ -450,7 +450,7 @@ int32_t PermissionDataBrief::UpdateSecCompGrantedPermList(AccessTokenID tokenId,
             if (status == PERMISSION_GRANTED) {
                 return RET_SUCCESS;
             } else {
-                LOGE(ATM_DOMAIN, ATM_TAG, "Permission has been revoked by user.");
+                LOGC(ATM_DOMAIN, ATM_TAG, "Permission has been revoked by user.");
                 return ERR_PERMISSION_DENIED;
             }
         } else {
diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp
index 74d7934018f6057452cf25f8082a3b12e706e9a5..7f60382a86a3d8588632c06467eeb937bae90b31 100644
--- a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp
+++ b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp
@@ -32,6 +32,7 @@
 #ifdef SUPPORT_SANDBOX_APP
 #include "dlp_permission_set_manager.h"
 #endif
+#include "iaccess_token_manager.h"
 #include "ipc_skeleton.h"
 #include "hisysevent_adapter.h"
 #include "parameter.h"
@@ -49,6 +50,7 @@ namespace Security {
 namespace AccessToken {
 namespace {
 static const char* PERMISSION_STATUS_CHANGE_KEY = "accesstoken.permission.change";
+static const char* PERMISSION_STATUS_FLAG_CHANGE_KEY = "accesstoken.permission.flagchange";
 static constexpr int32_t VALUE_MAX_LEN = 32;
 static const std::vector<std::string> g_notDisplayedPerms = {
     "ohos.permission.ANSWER_CALL",
@@ -91,9 +93,18 @@ PermissionManager::PermissionManager()
     if (ret < 0) {
         LOGE(ATM_DOMAIN, ATM_TAG, "Return default value, ret=%{public}d", ret);
         paramValue_ = 0;
+    } else {
+        paramValue_ = static_cast<uint64_t>(std::atoll(value));
+    }
+
+    char flagValue[VALUE_MAX_LEN] = {0};
+    ret = GetParameter(PERMISSION_STATUS_FLAG_CHANGE_KEY, "", flagValue, VALUE_MAX_LEN - 1);
+    if (ret < 0) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Return default flag value, ret=%{public}d", ret);
+        paramFlagValue_ = 0;
         return;
     }
-    paramValue_ = static_cast<uint64_t>(std::atoll(value));
+    paramFlagValue_ = static_cast<uint64_t>(std::atoll(flagValue));
 }
 
 PermissionManager::~PermissionManager()
@@ -262,16 +273,18 @@ int PermissionManager::GetPermissionFlag(AccessTokenID tokenID, const std::strin
     return ret;
 }
 
-AbilityManagerAccessLoaderInterface* PermissionManager::GetAbilityManager()
+std::shared_ptr<LibraryLoader> PermissionManager::GetAbilityManager()
 {
+#ifdef DYNAMIC_CLOSE_LIBS
+    return std::make_shared<LibraryLoader>(ABILITY_MANAGER_LIBPATH);
+#endif
     if (abilityManagerLoader_ == nullptr) {
         std::lock_guard<std::mutex> lock(abilityManagerMutex_);
         if (abilityManagerLoader_ == nullptr) {
             abilityManagerLoader_ = std::make_shared<LibraryLoader>(ABILITY_MANAGER_LIBPATH);
         }
     }
-
-    return abilityManagerLoader_->GetObject<AbilityManagerAccessLoaderInterface>();
+    return abilityManagerLoader_;
 }
 
 int32_t PermissionManager::RequestAppPermOnSetting(const HapTokenInfo& hapInfo,
@@ -289,7 +302,9 @@ int32_t PermissionManager::RequestAppPermOnSetting(const HapTokenInfo& hapInfo,
         .callerTokenId = IPCSkeleton::GetCallingTokenID()
     };
 
-    AbilityManagerAccessLoaderInterface* abilityManager = GetAbilityManager();
+    std::shared_ptr<LibraryLoader> abilityManagerLoader = GetAbilityManager();
+    AbilityManagerAccessLoaderInterface* abilityManager =
+        abilityManagerLoader->GetObject<AbilityManagerAccessLoaderInterface>();
     if (abilityManager == nullptr) {
         LOGE(ATM_DOMAIN, ATM_TAG, "AbilityManager is nullptr!");
         return AccessTokenError::ERR_SERVICE_ABNORMAL;
@@ -317,6 +332,18 @@ void PermissionManager::ParamUpdate(const std::string& permissionName, uint32_t
     }
 }
 
+void PermissionManager::ParamFlagUpdate()
+{
+    Utils::UniqueWriteGuard<Utils::RWLock> infoGuard(this->permFlagParamSetLock_);
+    paramFlagValue_++;
+    LOGD(ATM_DOMAIN, ATM_TAG,
+        "paramFlagValue_ change %{public}llu", static_cast<unsigned long long>(paramFlagValue_));
+    int32_t res = SetParameter(PERMISSION_STATUS_FLAG_CHANGE_KEY, std::to_string(paramFlagValue_).c_str());
+    if (res != 0) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "SetParameter failed %{public}d", res);
+    }
+}
+
 void PermissionManager::NotifyWhenPermissionStateUpdated(AccessTokenID tokenID, const std::string& permissionName,
     bool isGranted, uint32_t flag, const std::shared_ptr<HapTokenInfoInner>& infoPtr)
 {
@@ -345,7 +372,7 @@ int32_t PermissionManager::UpdateTokenPermissionState(
 {
     std::shared_ptr<HapTokenInfoInner> infoPtr = AccessTokenInfoManager::GetInstance().GetHapTokenInfoInner(id);
     if (infoPtr == nullptr) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "tokenInfo is null, tokenId=%{public}u", id);
+        LOGC(ATM_DOMAIN, ATM_TAG, "tokenInfo is null, tokenId=%{public}u", id);
         return AccessTokenError::ERR_TOKENID_NOT_EXIST;
     }
 
@@ -359,18 +386,25 @@ int32_t PermissionManager::UpdateTokenPermissionState(
     bool statusChanged = false;
     ret = infoPtr->UpdatePermissionStatus(permission, isGranted, flag, statusChanged);
     if (ret != RET_SUCCESS) {
+        LOGC(ATM_DOMAIN, ATM_TAG, "Update info perm status failed, ret is %{public}d", ret);
         HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "UPDATE_PERMISSION_STATUS_ERROR",
             HiviewDFX::HiSysEvent::EventType::FAULT, "ERROR_CODE", UPDATE_PERMISSION_STATUS_FAILED, "TOKENID", id,
             "PERM", permission, "BUNDLE_NAME", infoPtr->GetBundleName(), "INT_VAL1", ret,
             "INT_VAL2", static_cast<int32_t>(flag), "NEED_KILL", needKill);
         return ret;
     }
+
+    // notify flag change
+    ParamFlagUpdate();
+
     if (statusChanged) {
         NotifyWhenPermissionStateUpdated(id, permission, isGranted, flag, infoPtr);
         // To notify kill process when perm is revoke
         if (needKill && (!isGranted && !isSecCompGrantedBefore)) {
             LOGI(ATM_DOMAIN, ATM_TAG, "(%{public}s) is revoked, kill process(%{public}u).", permission.c_str(), id);
-            AbilityManagerAccessLoaderInterface* abilityManager = GetAbilityManager();
+            std::shared_ptr<LibraryLoader> abilityManagerLoader = GetAbilityManager();
+            AbilityManagerAccessLoaderInterface* abilityManager =
+                abilityManagerLoader->GetObject<AbilityManagerAccessLoaderInterface>();
             if (abilityManager == nullptr) {
                 LOGE(ATM_DOMAIN, ATM_TAG, "AbilityManager is nullptr!");
             } else if ((ret = abilityManager->KillProcessForPermissionUpdate(id)) != ERR_OK) {
@@ -389,12 +423,12 @@ int32_t PermissionManager::UpdateTokenPermissionStateCheck(const std::shared_ptr
     AccessTokenID id, const std::string& permission, bool isGranted, uint32_t flag)
 {
     if (infoPtr->IsRemote()) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Remote token can not update");
+        LOGC(ATM_DOMAIN, ATM_TAG, "Remote token can not update");
         return AccessTokenError::ERR_IDENTITY_CHECK_FAILED;
     }
     if ((flag == PERMISSION_ALLOW_THIS_TIME) && isGranted) {
         if (!TempPermissionObserver::GetInstance().IsAllowGrantTempPermission(id, permission)) {
-            LOGE(ATM_DOMAIN, ATM_TAG, "Id:%{public}d fail to grant permission:%{public}s", id, permission.c_str());
+            LOGC(ATM_DOMAIN, ATM_TAG, "Id:%{public}d fail to grant permission:%{public}s", id, permission.c_str());
             return ERR_IDENTITY_CHECK_FAILED;
         }
     }
@@ -404,7 +438,7 @@ int32_t PermissionManager::UpdateTokenPermissionStateCheck(const std::shared_ptr
     if (hapDlpType != DLP_COMMON) {
         int32_t permDlpMode = DlpPermissionSetManager::GetInstance().GetPermDlpMode(permission);
         if (!DlpPermissionSetManager::GetInstance().IsPermDlpModeAvailableToDlpHap(hapDlpType, permDlpMode)) {
-            LOGD(ATM_DOMAIN, ATM_TAG, "%{public}s cannot to be granted to %{public}u", permission.c_str(), id);
+            LOGC(ATM_DOMAIN, ATM_TAG, "%{public}s cannot to be granted to %{public}u", permission.c_str(), id);
             HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "UPDATE_PERMISSION_STATUS_ERROR",
                 HiviewDFX::HiSysEvent::EventType::FAULT, "ERROR_CODE", DLP_CHECK_FAILED, "TOKENID", id, "PERM",
                 permission, "BUNDLE_NAME", infoPtr->GetBundleName(), "INT_VAL1", hapDlpType, "INT_VAL2", permDlpMode);
@@ -420,6 +454,8 @@ int32_t PermissionManager::UpdatePermission(AccessTokenID tokenID, const std::st
 {
     int32_t ret = UpdateTokenPermissionState(tokenID, permissionName, isGranted, flag, needKill);
     if (ret != RET_SUCCESS) {
+        LOGC(ATM_DOMAIN, ATM_TAG, "Update permission %{public}u %{public}s failed, ret is %{public}d", tokenID,
+            permissionName.c_str(), ret);
         return ret;
     }
 
@@ -432,10 +468,6 @@ int32_t PermissionManager::UpdatePermission(AccessTokenID tokenID, const std::st
     }
 #endif
 
-    // DFX
-    HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "UPDATE_PERMISSION",
-        HiviewDFX::HiSysEvent::EventType::BEHAVIOR, "TOKENID", tokenID, "PERMISSION_NAME",
-        permissionName, "PERMISSION_FLAG", flag, "GRANTED_FLAG", isGranted);
     return RET_SUCCESS;
 }
 
@@ -443,15 +475,15 @@ int32_t PermissionManager::CheckAndUpdatePermission(AccessTokenID tokenID, const
     bool isGranted, uint32_t flag)
 {
     if (!PermissionValidator::IsPermissionNameValid(permissionName)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "permissionName: %{public}s, Invalid params!", permissionName.c_str());
+        LOGC(ATM_DOMAIN, ATM_TAG, "permissionName: %{public}s, Invalid params!", permissionName.c_str());
         return AccessTokenError::ERR_PARAM_INVALID;
     }
     if (!IsDefinedPermission(permissionName)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "No definition for permission: %{public}s!", permissionName.c_str());
+        LOGC(ATM_DOMAIN, ATM_TAG, "No definition for permission: %{public}s!", permissionName.c_str());
         return AccessTokenError::ERR_PERMISSION_NOT_EXIST;
     }
     if (!PermissionValidator::IsPermissionFlagValid(flag)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "flag: %{public}d, Invalid params!", flag);
+        LOGC(ATM_DOMAIN, ATM_TAG, "flag: %{public}d, Invalid params!", flag);
         return AccessTokenError::ERR_PARAM_INVALID;
     }
     bool needKill = false;
@@ -465,18 +497,45 @@ int32_t PermissionManager::CheckAndUpdatePermission(AccessTokenID tokenID, const
     return UpdatePermission(tokenID, permissionName, isGranted, flag, needKill);
 }
 
+int32_t PermissionManager::CheckAndUpdatePermissionInner(AccessTokenID tokenID, const std::string& permissionName,
+    bool isGranted, uint32_t flag)
+{
+    HapTokenInfo hapInfo;
+    AccessTokenInfoManager::GetInstance().GetHapTokenInfo(tokenID, hapInfo);
+    ClearThreadErrorMsg();
+    HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "UPDATE_PERMISSION",
+        HiviewDFX::HiSysEvent::EventType::BEHAVIOR, "SCENE_CODE", CommonSceneCode::AT_COMMOM_START,
+        "TOKENID", tokenID, "USERID", hapInfo.userID, "BUNDLENAME", hapInfo.bundleName, "INSTINDEX", hapInfo.instIndex,
+        "PERMISSION_NAME", permissionName, "PERMISSION_FLAG", flag, "GRANTED_FLAG", isGranted);
+
+    int32_t ret = CheckAndUpdatePermission(tokenID, permissionName, isGranted, flag);
+
+    uint32_t newFlag = flag;
+    if (ret == RET_SUCCESS && GetPermissionFlag(tokenID, permissionName, flag) == RET_SUCCESS) {
+        flag = newFlag;
+    }
+
+    HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "UPDATE_PERMISSION",
+        HiviewDFX::HiSysEvent::EventType::BEHAVIOR, "SCENE_CODE", CommonSceneCode::AT_COMMON_FINISH,
+        "TOKENID", tokenID, "PERMISSION_NAME", permissionName, "PERMISSION_FLAG", flag, "GRANTED_FLAG", isGranted,
+        "ERROR_CODE", ret);
+    ReportSysCommonEventError(static_cast<int32_t>(isGranted ? IAccessTokenManagerIpcCode::COMMAND_GRANT_PERMISSION :
+        IAccessTokenManagerIpcCode::COMMAND_REVOKE_PERMISSION), ret);
+    return ret;
+}
+
 int32_t PermissionManager::GrantPermission(AccessTokenID tokenID, const std::string& permissionName, uint32_t flag)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "TokenID: %{public}u, permissionName: %{public}s, flag: %{public}d",
         tokenID, permissionName.c_str(), flag);
-    return CheckAndUpdatePermission(tokenID, permissionName, true, flag);
+    return CheckAndUpdatePermissionInner(tokenID, permissionName, true, flag);
 }
 
 int32_t PermissionManager::RevokePermission(AccessTokenID tokenID, const std::string& permissionName, uint32_t flag)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "TokenID: %{public}u, permissionName: %{public}s, flag: %{public}d",
         tokenID, permissionName.c_str(), flag);
-    return CheckAndUpdatePermission(tokenID, permissionName, false, flag);
+    return CheckAndUpdatePermissionInner(tokenID, permissionName, false, flag);
 }
 
 int32_t PermissionManager::GrantPermissionForSpecifiedTime(
@@ -543,7 +602,7 @@ int32_t PermissionManager::AddPermStateChangeCallback(
     if (result != RET_SUCCESS) {
         return result;
     }
-    return CallbackManager::GetInstance().AddCallback(scope, callback);
+    return CallbackManager::GetInstance().AddCallback(scopeRes, callback);
 }
 
 int32_t PermissionManager::RemovePermStateChangeCallback(const sptr<IRemoteObject>& callback)
@@ -803,7 +862,7 @@ bool IsAclSatisfied(const PermissionBriefDef& briefDef, const HapPolicy& policy)
 
     if (policy.apl < briefDef.availableLevel) {
         if (!briefDef.provisionEnable) {
-            LOGE(ATM_DOMAIN, ATM_TAG, "%{public}s provisionEnable is false.", briefDef.permissionName);
+            LOGC(ATM_DOMAIN, ATM_TAG, "%{public}s provisionEnable is false.", briefDef.permissionName);
             return false;
         }
         bool isAclExist = false;
@@ -820,7 +879,7 @@ bool IsAclSatisfied(const PermissionBriefDef& briefDef, const HapPolicy& policy)
         }
         
         if (!isAclExist) {
-            LOGE(ATM_DOMAIN, ATM_TAG, "%{public}s need acl.", briefDef.permissionName);
+            LOGC(ATM_DOMAIN, ATM_TAG, "%{public}s need acl.", briefDef.permissionName);
             return false;
         }
     }
@@ -892,7 +951,7 @@ bool PermissionManager::InitPermissionList(const std::string& appDistributionTyp
         if (!IsAclSatisfied(briefDef, policy)) {
             result.permCheckResult.permissionName = state.permissionName;
             result.permCheckResult.rule = PERMISSION_ACL_RULE;
-            LOGE(ATM_DOMAIN, ATM_TAG, "Acl of %{public}s is invalid.", briefDef.permissionName);
+            LOGC(ATM_DOMAIN, ATM_TAG, "Acl of %{public}s is invalid.", briefDef.permissionName);
             return false;
         }
 
@@ -900,7 +959,7 @@ bool PermissionManager::InitPermissionList(const std::string& appDistributionTyp
         if (!IsPermAvailableRangeSatisfied(briefDef, appDistributionType)) {
             result.permCheckResult.permissionName = state.permissionName;
             result.permCheckResult.rule = PERMISSION_EDM_RULE;
-            LOGE(ATM_DOMAIN, ATM_TAG, "Available range of %{public}s is invalid.", briefDef.permissionName);
+            LOGC(ATM_DOMAIN, ATM_TAG, "Available range of %{public}s is invalid.", briefDef.permissionName);
             return false;
         }
         state.grantFlag = PERMISSION_DEFAULT_FLAG;
diff --git a/services/accesstokenmanager/main/cpp/src/permission/short_grant_manager.cpp b/services/accesstokenmanager/main/cpp/src/permission/short_grant_manager.cpp
index 5f7f120ec059290c36cb3c1ea69a91e6115edc58..0dcb9012bd18afaec3cf0acd9d1de7ffbafb5b04 100644
--- a/services/accesstokenmanager/main/cpp/src/permission/short_grant_manager.cpp
+++ b/services/accesstokenmanager/main/cpp/src/permission/short_grant_manager.cpp
@@ -165,13 +165,13 @@ int ShortGrantManager::RefreshPermission(AccessTokenID tokenID, const std::strin
         return RET_SUCCESS;
     }
 
-    uint32_t maxRemainedTime = maxTime_ - (GetCurrentTime() - iter->firstGrantTimes);
-    uint32_t currRemainedTime = iter->revokeTimes > GetCurrentTime() ? (iter->revokeTimes - GetCurrentTime()) : 0;
+    uint32_t maxRemainedTime = maxTime_ > (GetCurrentTime() - iter->firstGrantTimes) ?
+        (maxTime_ - (GetCurrentTime() - iter->firstGrantTimes)) : 0;
+    uint32_t currRemainedTime = iter->revokeTimes > GetCurrentTime() ?
+        (iter->revokeTimes - GetCurrentTime()) : 0;
     uint32_t cancelTimes = (maxRemainedTime > onceTime) ? onceTime : maxRemainedTime;
-    LOGI(ATM_DOMAIN, ATM_TAG, "currRemainedTime %{public}d", currRemainedTime);
     if (cancelTimes > currRemainedTime) {
         iter->revokeTimes = GetCurrentTime() + cancelTimes;
-        LOGI(ATM_DOMAIN, ATM_TAG, "iter->revokeTimes %{public}d", iter->revokeTimes);
         ShortGrantManager::GetInstance().CancelTaskOfPermissionRevoking(taskName);
         int32_t ret = PermissionManager::GetInstance().GrantPermission(tokenID, permission, PERMISSION_USER_FIXED);
         if (ret != RET_SUCCESS) {
diff --git a/services/accesstokenmanager/main/cpp/src/permission/temp_permission_observer.cpp b/services/accesstokenmanager/main/cpp/src/permission/temp_permission_observer.cpp
index ccb878ac6e04331fee9a7f2da4861c312c4f9720..60765bbd3cd21494df5da5cc7c77fa87fa6c9352 100644
--- a/services/accesstokenmanager/main/cpp/src/permission/temp_permission_observer.cpp
+++ b/services/accesstokenmanager/main/cpp/src/permission/temp_permission_observer.cpp
@@ -37,7 +37,9 @@ namespace {
 static const std::string TASK_NAME_TEMP_PERMISSION = "atm_permission_manager_temp_permission";
 static const std::string FORM_INVISIBLE_NAME = "#0";
 static const std::string FORM_VISIBLE_NAME = "#1";
+#ifndef ATM_BUILD_VARIANT_USER_ENABLE
 static constexpr int32_t ROOT_UID = 0;
+#endif
 static constexpr int32_t FOREGROUND_FLAG = 0;
 static constexpr int32_t FORMS_FLAG = 1;
 static constexpr int32_t CONTINUOUS_TASK_FLAG = 2;
@@ -214,7 +216,7 @@ void PermissionAppManagerDeathCallback::NotifyAppManagerDeath()
     TempPermissionObserver::GetInstance().OnAppMgrRemoteDiedHandle();
 }
 
-TempPermissionObserver::TempPermissionObserver() : cancleTimes_(DEFAULT_CANCLE_MILLISECONDS)
+TempPermissionObserver::TempPermissionObserver() : cancelTimes_(DEFAULT_CANCLE_MILLISECONDS)
 {}
 
 TempPermissionObserver::~TempPermissionObserver()
@@ -425,12 +427,12 @@ bool TempPermissionObserver::IsAllowGrantTempPermission(AccessTokenID tokenID, c
 {
     HapTokenInfo tokenInfo;
     if (AccessTokenInfoManager::GetInstance().GetHapTokenInfo(tokenID, tokenInfo) != RET_SUCCESS) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Invalid tokenId(%{public}d)", tokenID);
+        LOGC(ATM_DOMAIN, ATM_TAG, "Invalid tokenId(%{public}d)", tokenID);
         return false;
     }
     auto iterator = std::find(g_tempPermission.begin(), g_tempPermission.end(), permissionName);
     if (iterator == g_tempPermission.end()) {
-        LOGW(ATM_DOMAIN, ATM_TAG, "Permission is not available to temp grant: %{public}s!", permissionName.c_str());
+        LOGC(ATM_DOMAIN, ATM_TAG, "Permission is not available to temp grant: %{public}s!", permissionName.c_str());
         return false;
     }
     return CheckPermissionState(tokenID, permissionName, tokenInfo.bundleName);
@@ -633,7 +635,7 @@ bool TempPermissionObserver::DelayRevokePermission(AccessToken::AccessTokenID to
         TempPermissionObserver::GetInstance().RevokeAllTempPermission(tokenID);
         LOGI(ATM_DOMAIN, ATM_TAG, "Token: %{public}d, delay revoke permission end", tokenID);
     });
-    eventHandler->ProxyPostTask(delayed, taskName, cancleTimes_);
+    eventHandler->ProxyPostTask(delayed, taskName, cancelTimes_);
     return true;
 #else
     LOGW(ATM_DOMAIN, ATM_TAG, "Eventhandler is not existed");
@@ -659,13 +661,13 @@ bool TempPermissionObserver::CancleTaskOfPermissionRevoking(const std::string& t
 #endif
 }
 
-void TempPermissionObserver::SetCancelTime(int32_t cancleTime)
+void TempPermissionObserver::SetCancelTime(int32_t cancelTime)
 {
-    if (cancleTime != 0) {
-        cancleTimes_ = cancleTime;
+    if (cancelTime != 0) {
+        cancelTimes_ = cancelTime;
     }
 
-    LOGI(ATM_DOMAIN, ATM_TAG, "CancleTimes_ is %{public}d.", cancleTimes_);
+    LOGI(ATM_DOMAIN, ATM_TAG, "CancelTimes_ is %{public}d.", cancelTimes_);
 }
 } // namespace AccessToken
 } // namespace Security
diff --git a/services/privacymanager/src/seccomp/privacy_sec_comp_enhance_agent.cpp b/services/accesstokenmanager/main/cpp/src/seccomp/sec_comp_enhance_agent.cpp
similarity index 56%
rename from services/privacymanager/src/seccomp/privacy_sec_comp_enhance_agent.cpp
rename to services/accesstokenmanager/main/cpp/src/seccomp/sec_comp_enhance_agent.cpp
index 8091a5f9341ef921ebb26925da58f6e9f5bd8faa..5359bc3b4f7b9ca54e8dd9a3f51000605cdb3243 100644
--- a/services/privacymanager/src/seccomp/privacy_sec_comp_enhance_agent.cpp
+++ b/services/accesstokenmanager/main/cpp/src/seccomp/sec_comp_enhance_agent.cpp
@@ -12,76 +12,63 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-#include "privacy_sec_comp_enhance_agent.h"
+#include "sec_comp_enhance_agent.h"
 
 #include "access_token.h"
+#include "access_token_error.h"
 #include "accesstoken_kit.h"
 #include "accesstoken_common_log.h"
+#include "accesstoken_info_manager.h"
 #include "app_manager_access_client.h"
 #include "ipc_skeleton.h"
-#include "privacy_error.h"
 #include "securec.h"
 
 namespace OHOS {
 namespace Security {
 namespace AccessToken {
 namespace {
-static const std::string SCENE_BOARD_PKG_NAME = "com.ohos.sceneboard";
 std::recursive_mutex g_instanceMutex;
 }
-void PrivacyAppUsingSecCompStateObserver::OnProcessDied(const ProcessData &processData)
+SecCompEnhanceAgent& SecCompEnhanceAgent::GetInstance()
 {
-    LOGI(PRI_DOMAIN, PRI_TAG, "OnProcessDied pid %{public}d", processData.pid);
-    PrivacySecCompEnhanceAgent::GetInstance().RemoveSecCompEnhance(processData.pid);
-}
-
-void PrivacySecCompAppManagerDeathCallback::NotifyAppManagerDeath()
-{
-    LOGI(PRI_DOMAIN, PRI_TAG, "AppManagerDeath called");
-
-    PrivacySecCompEnhanceAgent::GetInstance().OnAppMgrRemoteDiedHandle();
-}
-
-PrivacySecCompEnhanceAgent& PrivacySecCompEnhanceAgent::GetInstance()
-{
-    static PrivacySecCompEnhanceAgent* instance = nullptr;
+    static SecCompEnhanceAgent* instance = nullptr;
     if (instance == nullptr) {
         std::lock_guard<std::recursive_mutex> lock(g_instanceMutex);
         if (instance == nullptr) {
-            PrivacySecCompEnhanceAgent* tmp = new PrivacySecCompEnhanceAgent();
+            SecCompEnhanceAgent* tmp = new SecCompEnhanceAgent();
             instance = std::move(tmp);
         }
     }
     return *instance;
 }
 
-void PrivacySecCompEnhanceAgent::InitAppObserver()
+void SecCompEnhanceAgent::InitAppObserver()
 {
     if (observer_ != nullptr) {
         return;
     }
-    observer_ = new (std::nothrow) PrivacyAppUsingSecCompStateObserver();
+    observer_ = new (std::nothrow) SecCompUsageObserver();
     if (observer_ == nullptr) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "New observer failed.");
+        LOGE(ATM_DOMAIN, ATM_TAG, "New observer failed.");
         return;
     }
     if (AppManagerAccessClient::GetInstance().RegisterApplicationStateObserver(observer_) != 0) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Register observer failed.");
+        LOGE(ATM_DOMAIN, ATM_TAG, "Register observer failed.");
         observer_ = nullptr;
         return;
     }
     if (appManagerDeathCallback_ == nullptr) {
-        appManagerDeathCallback_ = std::make_shared<PrivacySecCompAppManagerDeathCallback>();
+        appManagerDeathCallback_ = std::make_shared<SecCompAppManagerDeathCallback>();
         AppManagerAccessClient::GetInstance().RegisterDeathCallback(appManagerDeathCallback_);
     }
 }
 
-PrivacySecCompEnhanceAgent::PrivacySecCompEnhanceAgent()
+SecCompEnhanceAgent::SecCompEnhanceAgent()
 {
     InitAppObserver();
 }
 
-PrivacySecCompEnhanceAgent::~PrivacySecCompEnhanceAgent()
+SecCompEnhanceAgent::~SecCompEnhanceAgent()
 {
     if (observer_ != nullptr) {
         AppManagerAccessClient::GetInstance().UnregisterApplicationStateObserver(observer_);
@@ -89,37 +76,37 @@ PrivacySecCompEnhanceAgent::~PrivacySecCompEnhanceAgent()
     }
 }
 
-void PrivacySecCompEnhanceAgent::OnAppMgrRemoteDiedHandle()
+void SecCompEnhanceAgent::OnAppMgrRemoteDiedHandle()
 {
-    LOGI(PRI_DOMAIN, PRI_TAG, "OnAppMgrRemoteDiedHandle.");
+    LOGI(ATM_DOMAIN, ATM_TAG, "OnAppMgrRemoteDiedHandle.");
     std::lock_guard<std::mutex> lock(secCompEnhanceMutex_);
     secCompEnhanceData_.clear();
     observer_ = nullptr;
 }
 
-void PrivacySecCompEnhanceAgent::RemoveSecCompEnhance(int pid)
+void SecCompEnhanceAgent::RemoveSecCompEnhance(int pid)
 {
     std::lock_guard<std::mutex> lock(secCompEnhanceMutex_);
     for (auto iter = secCompEnhanceData_.begin(); iter != secCompEnhanceData_.end(); ++iter) {
         if (iter->pid == pid) {
             secCompEnhanceData_.erase(iter);
-            LOGI(PRI_DOMAIN, PRI_TAG, "Remove pid %{public}d data.", pid);
+            LOGI(ATM_DOMAIN, ATM_TAG, "Remove pid %{public}d data.", pid);
             return;
         }
     }
-    LOGE(PRI_DOMAIN, PRI_TAG, "Not found pid %{public}d data.", pid);
+    LOGE(ATM_DOMAIN, ATM_TAG, "Not found pid %{public}d data.", pid);
     return;
 }
 
-int32_t PrivacySecCompEnhanceAgent::RegisterSecCompEnhance(const SecCompEnhanceData& enhanceData)
+int32_t SecCompEnhanceAgent::RegisterSecCompEnhance(const SecCompEnhanceData& enhanceData)
 {
     std::lock_guard<std::mutex> lock(secCompEnhanceMutex_);
     InitAppObserver();
     int pid = IPCSkeleton::GetCallingPid();
     if (std::any_of(secCompEnhanceData_.begin(), secCompEnhanceData_.end(),
         [pid](const auto& e) { return e.pid == pid; })) {
-            LOGE(PRI_DOMAIN, PRI_TAG, "Register sec comp enhance exist, pid %{public}d.", pid);
-            return PrivacyError::ERR_CALLBACK_ALREADY_EXIST;
+            LOGE(ATM_DOMAIN, ATM_TAG, "Register sec comp enhance exist, pid %{public}d.", pid);
+            return AccessTokenError::ERR_CALLBACK_ALREADY_EXIST;
     }
     SecCompEnhanceData enhance;
     enhance.callback = enhanceData.callback;
@@ -128,61 +115,42 @@ int32_t PrivacySecCompEnhanceAgent::RegisterSecCompEnhance(const SecCompEnhanceD
     enhance.challenge = enhanceData.challenge;
     enhance.sessionId = enhanceData.sessionId;
     enhance.seqNum = enhanceData.seqNum;
-    enhance.isSceneBoard = false;
     if (memcpy_s(enhance.key, AES_KEY_STORAGE_LEN, enhanceData.key, AES_KEY_STORAGE_LEN) != EOK) {
-        return PrivacyError::ERR_CALLBACK_ALREADY_EXIST;
-    }
-    HapTokenInfo info;
-    if (AccessTokenKit::GetHapTokenInfo(enhance.token, info) == AccessTokenKitRet::RET_SUCCESS) {
-        if (info.bundleName == SCENE_BOARD_PKG_NAME) {
-            enhance.isSceneBoard = true;
-        }
+        return AccessTokenError::ERR_CALLBACK_ALREADY_EXIST;
     }
     secCompEnhanceData_.emplace_back(enhance);
-    LOGI(PRI_DOMAIN, PRI_TAG, "Register sec comp enhance success, pid %{public}d, total %{public}u.",
+    LOGI(ATM_DOMAIN, ATM_TAG, "Register sec comp enhance success, pid %{public}d, total %{public}u.",
         pid, static_cast<uint32_t>(secCompEnhanceData_.size()));
     return RET_SUCCESS;
 }
 
-int32_t PrivacySecCompEnhanceAgent::UpdateSecCompEnhance(int32_t pid, uint32_t seqNum)
+int32_t SecCompEnhanceAgent::UpdateSecCompEnhance(int32_t pid, uint32_t seqNum)
 {
     std::lock_guard<std::mutex> lock(secCompEnhanceMutex_);
     InitAppObserver();
     for (auto iter = secCompEnhanceData_.begin(); iter != secCompEnhanceData_.end(); ++iter) {
         if (iter->pid == pid) {
             iter->seqNum = seqNum;
-            LOGI(PRI_DOMAIN, PRI_TAG, "Update pid=%{public}d data successful.", pid);
+            LOGI(ATM_DOMAIN, ATM_TAG, "Update pid=%{public}d data successful.", pid);
             return RET_SUCCESS;
         }
     }
     return ERR_PARAM_INVALID;
 }
 
-int32_t PrivacySecCompEnhanceAgent::GetSecCompEnhance(int32_t pid, SecCompEnhanceData& enhanceData)
+int32_t SecCompEnhanceAgent::GetSecCompEnhance(int32_t pid, SecCompEnhanceData& enhanceData)
 {
     std::lock_guard<std::mutex> lock(secCompEnhanceMutex_);
     InitAppObserver();
     for (auto iter = secCompEnhanceData_.begin(); iter != secCompEnhanceData_.end(); ++iter) {
         if (iter->pid == pid) {
             enhanceData = *iter;
-            LOGI(PRI_DOMAIN, PRI_TAG, "Get pid %{public}d data.", pid);
+            LOGI(ATM_DOMAIN, ATM_TAG, "Get pid %{public}d data.", pid);
             return RET_SUCCESS;
         }
     }
     return ERR_PARAM_INVALID;
 }
-
-int32_t PrivacySecCompEnhanceAgent::GetSpecialSecCompEnhance(const std::string& bundleName,
-    std::vector<SecCompEnhanceData>& enhanceList)
-{
-    std::lock_guard<std::mutex> lock(secCompEnhanceMutex_);
-    for (auto iter = secCompEnhanceData_.begin(); iter != secCompEnhanceData_.end(); iter++) {
-        if ((*iter).isSceneBoard) {
-            enhanceList.emplace_back(*iter);
-        }
-    }
-    return RET_SUCCESS;
-}
 } // namespace AccessToken
 } // namespace Security
 } // namespace OHOS
diff --git a/services/accesstokenmanager/main/cpp/src/seccomp/sec_comp_monitor.cpp b/services/accesstokenmanager/main/cpp/src/seccomp/sec_comp_monitor.cpp
new file mode 100644
index 0000000000000000000000000000000000000000..1248b5f9b6b653ff2ec835548d50e04e125661ac
--- /dev/null
+++ b/services/accesstokenmanager/main/cpp/src/seccomp/sec_comp_monitor.cpp
@@ -0,0 +1,156 @@
+/*
+ * Copyright (c) 2025 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#include "sec_comp_monitor.h"
+
+#include "access_token.h"
+#include "access_token_error.h"
+#include "accesstoken_kit.h"
+#include "accesstoken_common_log.h"
+#include "accesstoken_info_manager.h"
+#include "app_manager_access_client.h"
+#include "ipc_skeleton.h"
+#include "securec.h"
+#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE
+#include "sec_comp_enhance_agent.h"
+#endif
+
+namespace OHOS {
+namespace Security {
+namespace AccessToken {
+namespace {
+static std::mutex g_instanceMutex;
+constexpr int32_t APP_STATE_CACHED = 100;
+}
+void SecCompUsageObserver::OnProcessDied(const ProcessData &processData)
+{
+    LOGI(ATM_DOMAIN, ATM_TAG, "OnProcessDied pid %{public}d", processData.pid);
+#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE
+    SecCompEnhanceAgent::GetInstance().RemoveSecCompEnhance(processData.pid);
+#endif
+    SecCompMonitor::GetInstance().RemoveProcessFromForegroundList(processData.pid);
+}
+
+void SecCompUsageObserver::OnProcessStateChanged(const ProcessData &processData)
+{
+    LOGI(ATM_DOMAIN, ATM_TAG, "OnChange pid=%{public}d.", processData.pid);
+
+    if (processData.state != AppProcessState::APP_STATE_BACKGROUND) {
+        return;
+    }
+    SecCompMonitor::GetInstance().RemoveProcessFromForegroundList(processData.pid);
+}
+
+void SecCompUsageObserver::OnAppCacheStateChanged(const AppStateData &appStateData)
+{
+    LOGI(ATM_DOMAIN, ATM_TAG, "OnAppCacheStateChanged pid %{public}d", appStateData.pid);
+    if (appStateData.state != APP_STATE_CACHED) {
+        return;
+    }
+
+    SecCompMonitor::GetInstance().RemoveProcessFromForegroundList(appStateData.pid);
+}
+
+void SecCompAppManagerDeathCallback::NotifyAppManagerDeath()
+{
+    LOGI(ATM_DOMAIN, ATM_TAG, "AppManagerDeath called");
+
+#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE
+    SecCompEnhanceAgent::GetInstance().OnAppMgrRemoteDiedHandle();
+#endif
+    SecCompMonitor::GetInstance().OnAppMgrRemoteDiedHandle();
+}
+
+bool SecCompMonitor::IsToastShownNeeded(int32_t pid)
+{
+    std::lock_guard<std::mutex> lock(appfgLock_);
+    InitAppObserver();
+    auto iter = appsInForeground_.find(pid);
+    if (iter != appsInForeground_.end()) {
+        return false;
+    }
+
+    appsInForeground_.insert(pid);
+    return true;
+}
+
+void SecCompMonitor::RemoveProcessFromForegroundList(int32_t pid)
+{
+    std::lock_guard<std::mutex> lock(appfgLock_);
+    auto iter = appsInForeground_.find(pid);
+    if (iter == appsInForeground_.end()) {
+        return;
+    }
+    LOGI(ATM_DOMAIN, ATM_TAG, "Process pid=%{public}d removed from foreground list.", pid);
+    appsInForeground_.erase(pid);
+}
+
+SecCompMonitor& SecCompMonitor::GetInstance()
+{
+    static SecCompMonitor* instance = nullptr;
+    if (instance == nullptr) {
+        std::lock_guard<std::mutex> lock(g_instanceMutex);
+        if (instance == nullptr) {
+            SecCompMonitor* tmp = new SecCompMonitor();
+            instance = std::move(tmp);
+        }
+    }
+    return *instance;
+}
+
+void SecCompMonitor::InitAppObserver()
+{
+    if (observer_ != nullptr) {
+        return;
+    }
+    observer_ = new (std::nothrow) SecCompUsageObserver();
+    if (observer_ == nullptr) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "New observer failed.");
+        return;
+    }
+    if (AppManagerAccessClient::GetInstance().RegisterApplicationStateObserver(observer_) != 0) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Register observer failed.");
+        observer_ = nullptr;
+        return;
+    }
+    if (appManagerDeathCallback_ == nullptr) {
+        appManagerDeathCallback_ = std::make_shared<SecCompAppManagerDeathCallback>();
+        AppManagerAccessClient::GetInstance().RegisterDeathCallback(appManagerDeathCallback_);
+    }
+}
+
+SecCompMonitor::SecCompMonitor()
+{
+    InitAppObserver();
+}
+
+SecCompMonitor::~SecCompMonitor()
+{
+    if (observer_ != nullptr) {
+        AppManagerAccessClient::GetInstance().UnregisterApplicationStateObserver(observer_);
+        observer_ = nullptr;
+    }
+}
+
+void SecCompMonitor::OnAppMgrRemoteDiedHandle()
+{
+    LOGI(ATM_DOMAIN, ATM_TAG, "OnAppMgrRemoteDiedHandle.");
+    if (observer_ != nullptr) {
+        AppManagerAccessClient::GetInstance().UnregisterApplicationStateObserver(observer_);
+        observer_ = nullptr;
+    }
+}
+} // namespace AccessToken
+} // namespace Security
+} // namespace OHOS
diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp
index ff56b39ddf41e54724253db8e4d1d577931953ac..e9d93c5e31cba4e6f9480a8d651c4a4285f63222 100644
--- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp
+++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp
@@ -18,12 +18,13 @@
 #include <unistd.h>
 
 #include "access_token.h"
-#include "access_token_error.h"
 #include "access_token_db.h"
+#include "access_token_error.h"
+#include "accesstoken_common_log.h"
 #include "accesstoken_dfx_define.h"
 #include "accesstoken_id_manager.h"
 #include "accesstoken_info_manager.h"
-#include "accesstoken_common_log.h"
+#include "accesstoken_service_ipc_interface_code.h"
 #include "constant_common.h"
 #include "data_validator.h"
 #include "hap_token_info.h"
@@ -33,7 +34,6 @@
 #include "hitrace_meter.h"
 #endif
 #include "ipc_skeleton.h"
-#include "json_parse_loader.h"
 #include "libraryloader.h"
 #include "memory_guard.h"
 #include "parameter.h"
@@ -42,13 +42,22 @@
 #include "permission_manager.h"
 #include "permission_map.h"
 #include "permission_validator.h"
+#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE
+#include "sec_comp_enhance_agent.h"
+#endif
+#include "sec_comp_monitor.h"
 #include "short_grant_manager.h"
 #include "string_ex.h"
 #include "system_ability_definition.h"
+#include "time_util.h"
 #include "token_field_const.h"
 #ifdef TOKEN_SYNC_ENABLE
 #include "token_modify_notifier.h"
 #endif // TOKEN_SYNC_ENABLE
+#include "tokenid_kit.h"
+#ifdef HICOLLIE_ENABLE
+#include "xcollie/xcollie.h"
+#endif // HICOLLIE_ENABLE
 
 namespace OHOS {
 namespace Security {
@@ -63,6 +72,29 @@ const char* PERMISSION_STATE_SHEET_ABILITY_NAME = "com.ohos.permissionmanager.Pe
 const char* GLOBAL_SWITCH_SHEET_ABILITY_NAME = "com.ohos.permissionmanager.GlobalSwitchSheetAbility";
 const char* APPLICATION_SETTING_ABILITY_NAME = "com.ohos.permissionmanager.MainAbility";
 const char* DEVELOPER_MODE_STATE = "const.security.developermode.state";
+
+const std::string MANAGE_HAP_TOKENID_PERMISSION = "ohos.permission.MANAGE_HAP_TOKENID";
+static constexpr int MAX_PERMISSION_SIZE = 1024;
+static constexpr int32_t MAX_USER_POLICY_SIZE = 1024;
+const std::string GRANT_SENSITIVE_PERMISSIONS = "ohos.permission.GRANT_SENSITIVE_PERMISSIONS";
+const std::string REVOKE_SENSITIVE_PERMISSIONS = "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS";
+const std::string GET_SENSITIVE_PERMISSIONS = "ohos.permission.GET_SENSITIVE_PERMISSIONS";
+const std::string DISABLE_PERMISSION_DIALOG = "ohos.permission.DISABLE_PERMISSION_DIALOG";
+const std::string GRANT_SHORT_TERM_WRITE_MEDIAVIDEO = "ohos.permission.GRANT_SHORT_TERM_WRITE_MEDIAVIDEO";
+
+static constexpr int32_t SA_ID_ACCESSTOKEN_MANAGER_SERVICE = 3503;
+
+#ifdef HICOLLIE_ENABLE
+constexpr uint32_t TIMEOUT = 40; // 40s
+thread_local int32_t g_timerId = 0;
+#endif // HICOLLIE_ENABLE
+
+constexpr uint32_t BITMAP_INDEX_1 = 1;
+constexpr uint32_t BITMAP_INDEX_2 = 2;
+constexpr uint32_t BITMAP_INDEX_3 = 3;
+constexpr uint32_t BITMAP_INDEX_4 = 4;
+constexpr uint32_t BITMAP_INDEX_5 = 5;
+constexpr uint32_t BITMAP_INDEX_6 = 6;
 }
 
 const bool REGISTER_RESULT =
@@ -128,11 +160,18 @@ void AccessTokenManagerService::OnRemoveSystemAbility(int32_t systemAbilityId, c
     }
 }
 
-PermUsedTypeEnum AccessTokenManagerService::GetPermissionUsedType(
-    AccessTokenID tokenID, const std::string& permissionName)
+int32_t AccessTokenManagerService::GetPermissionUsedType(
+    AccessTokenID tokenID, const std::string& permissionName, int32_t& permUsedType)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "TokenID=%{public}d, permission=%{public}s", tokenID, permissionName.c_str());
-    return PermissionManager::GetInstance().GetPermissionUsedType(tokenID, permissionName);
+    if (!IsNativeProcessCalling() && !IsPrivilegedCalling()) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID());
+        permUsedType = static_cast<int32_t>(PermUsedTypeEnum::INVALID_USED_TYPE);
+        return permUsedType;
+    }
+    permUsedType = static_cast<int32_t>(
+        PermissionManager::GetInstance().GetPermissionUsedType(tokenID, permissionName));
+    return ERR_OK;
 }
 
 int AccessTokenManagerService::VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName)
@@ -210,6 +249,16 @@ int AccessTokenManagerService::GetDefPermission(
 int AccessTokenManagerService::GetReqPermissions(
     AccessTokenID tokenID, std::vector<PermissionStatusParcel>& reqPermList, bool isSystemGrant)
 {
+    AccessTokenID callingTokenID = IPCSkeleton::GetCallingTokenID();
+    if ((this->GetTokenType(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) {
+        return AccessTokenError::ERR_NOT_SYSTEM_APP;
+    }
+    if (!IsPrivilegedCalling() &&
+        VerifyAccessToken(callingTokenID, GET_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingTokenID);
+        return AccessTokenError::ERR_PERMISSION_DENIED;
+    }
+
     std::vector<PermissionStatus> permList;
     int ret = PermissionManager::GetInstance().GetReqPermissions(tokenID, permList, isSystemGrant);
 
@@ -221,19 +270,56 @@ int AccessTokenManagerService::GetReqPermissions(
     return ret;
 }
 
-PermissionOper AccessTokenManagerService::GetSelfPermissionsState(std::vector<PermissionListStateParcel>& reqPermList,
-    PermissionGrantInfoParcel& infoParcel)
+int32_t AccessTokenManagerService::GetSelfPermissionStatus(const std::string& permissionName, int32_t& status)
 {
+    status = INVALID_OPER;
+    AccessTokenID callingTokenID = IPCSkeleton::GetCallingTokenID();
+    PermissionListStateParcel parcel;
+    parcel.permsState.permissionName = permissionName;
+    parcel.permsState.state = INVALID_OPER;
+    std::vector<PermissionListStateParcel> list{parcel};
+    (void)GetPermissionsState(callingTokenID, list);
+    if (!list.empty()) {
+        status = static_cast<int32_t>(list[0].permsState.state);
+    }
+    return ERR_OK;
+}
+
+int32_t AccessTokenManagerService::GetSelfPermissionsState(std::vector<PermissionListStateParcel>& reqPermList,
+    PermissionGrantInfoParcel& infoParcel, int32_t& permOper)
+{
+    uint32_t size = reqPermList.size();
+    if (size > MAX_PERMISSION_SIZE) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "PermList size %{public}d is invalid", size);
+        return INVALID_OPER;
+    }
     infoParcel.info.grantBundleName = grantBundleName_;
     infoParcel.info.grantAbilityName = grantAbilityName_;
     infoParcel.info.grantServiceAbilityName = grantServiceAbilityName_;
     AccessTokenID callingTokenID = IPCSkeleton::GetCallingTokenID();
-    return GetPermissionsState(callingTokenID, reqPermList);
+    permOper = GetPermissionsState(callingTokenID, reqPermList);
+    return ERR_OK;
 }
 
 int32_t AccessTokenManagerService::GetPermissionsStatus(AccessTokenID tokenID,
     std::vector<PermissionListStateParcel>& reqPermList)
 {
+    AccessTokenID callingTokenID = IPCSkeleton::GetCallingTokenID();
+    if ((this->GetTokenType(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) {
+        return AccessTokenError::ERR_NOT_SYSTEM_APP;
+    }
+    if (!IsPrivilegedCalling() &&
+        VerifyAccessToken(callingTokenID, GET_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingTokenID);
+        return AccessTokenError::ERR_PERMISSION_DENIED;
+    }
+
+    uint32_t size = reqPermList.size();
+    if (size > MAX_PERMISSION_SIZE) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "PermList size %{public}d is invalid", size);
+        return AccessTokenError::ERR_PARAM_INVALID;
+    }
+
     if (!AccessTokenInfoManager::GetInstance().IsTokenIdExist(tokenID)) {
         LOGE(ATM_DOMAIN, ATM_TAG, "TokenID=%{public}d does not exist", tokenID);
         return ERR_TOKENID_NOT_EXIST;
@@ -314,23 +400,64 @@ PermissionOper AccessTokenManagerService::GetPermissionsState(AccessTokenID toke
 int AccessTokenManagerService::GetPermissionFlag(
     AccessTokenID tokenID, const std::string& permissionName, uint32_t& flag)
 {
+    AccessTokenID callingTokenID = IPCSkeleton::GetCallingTokenID();
+    if ((this->GetTokenType(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) {
+        return AccessTokenError::ERR_NOT_SYSTEM_APP;
+    }
+
+    if (!IsPrivilegedCalling() &&
+        VerifyAccessToken(callingTokenID, GRANT_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED &&
+        VerifyAccessToken(callingTokenID, REVOKE_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED &&
+        VerifyAccessToken(callingTokenID, GET_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingTokenID);
+        return AccessTokenError::ERR_PERMISSION_DENIED;
+    }
     return PermissionManager::GetInstance().GetPermissionFlag(tokenID, permissionName, flag);
 }
 
 int32_t AccessTokenManagerService::SetPermissionRequestToggleStatus(
     const std::string& permissionName, uint32_t status, int32_t userID = 0)
 {
+    uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID();
+    if ((this->GetTokenType(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) {
+        return AccessTokenError::ERR_NOT_SYSTEM_APP;
+    }
+
+    if (!IsPrivilegedCalling() && VerifyAccessToken(callingTokenID, DISABLE_PERMISSION_DIALOG) == PERMISSION_DENIED) {
+        HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "PERMISSION_VERIFY_REPORT",
+            HiviewDFX::HiSysEvent::EventType::SECURITY, "CODE", VERIFY_PERMISSION_ERROR, "CALLER_TOKENID",
+            callingTokenID, "PERMISSION_NAME", permissionName, "INTERFACE", "SetToggleStatus");
+        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d).", callingTokenID);
+        return AccessTokenError::ERR_PERMISSION_DENIED;
+    }
     return AccessTokenInfoManager::GetInstance().SetPermissionRequestToggleStatus(permissionName, status, userID);
 }
 
 int32_t AccessTokenManagerService::GetPermissionRequestToggleStatus(
     const std::string& permissionName, uint32_t& status, int32_t userID = 0)
 {
+    uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID();
+    if ((this->GetTokenType(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) {
+        return AccessTokenError::ERR_NOT_SYSTEM_APP;
+    }
+
+    if (!IsShellProcessCalling() && !IsPrivilegedCalling() &&
+        VerifyAccessToken(callingTokenID, GET_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) {
+        HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "PERMISSION_VERIFY_REPORT",
+            HiviewDFX::HiSysEvent::EventType::SECURITY, "CODE", VERIFY_PERMISSION_ERROR, "CALLER_TOKENID",
+            callingTokenID, "PERMISSION_NAME", permissionName, "INTERFACE", "GetToggleStatus");
+        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d).", callingTokenID);
+        return AccessTokenError::ERR_PERMISSION_DENIED;
+    }
     return AccessTokenInfoManager::GetInstance().GetPermissionRequestToggleStatus(permissionName, status, userID);
 }
 
 int32_t AccessTokenManagerService::RequestAppPermOnSetting(AccessTokenID tokenID)
 {
+    if (!IsSystemAppCalling()) {
+        return AccessTokenError::ERR_NOT_SYSTEM_APP;
+    }
+
     HapTokenInfo hapInfo;
     int32_t ret = AccessTokenInfoManager::GetInstance().GetHapTokenInfo(tokenID, hapInfo);
     if (ret != ERR_OK) {
@@ -343,18 +470,59 @@ int32_t AccessTokenManagerService::RequestAppPermOnSetting(AccessTokenID tokenID
 
 int AccessTokenManagerService::GrantPermission(AccessTokenID tokenID, const std::string& permissionName, uint32_t flag)
 {
+    AccessTokenID callingTokenID = IPCSkeleton::GetCallingTokenID();
+    if ((this->GetTokenType(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) {
+        return AccessTokenError::ERR_NOT_SYSTEM_APP;
+    }
+    
+    if (!IsPrivilegedCalling() &&
+        VerifyAccessToken(callingTokenID, GRANT_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) {
+        HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "PERMISSION_VERIFY_REPORT",
+            HiviewDFX::HiSysEvent::EventType::SECURITY, "CODE", VERIFY_PERMISSION_ERROR,
+            "CALLER_TOKENID", callingTokenID, "PERMISSION_NAME", permissionName);
+        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingTokenID);
+        return AccessTokenError::ERR_PERMISSION_DENIED;
+    }
+
     int32_t ret = PermissionManager::GetInstance().GrantPermission(tokenID, permissionName, flag);
     return ret;
 }
 
 int AccessTokenManagerService::RevokePermission(AccessTokenID tokenID, const std::string& permissionName, uint32_t flag)
 {
+    AccessTokenID callingTokenID = IPCSkeleton::GetCallingTokenID();
+    if ((this->GetTokenType(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) {
+        return AccessTokenError::ERR_NOT_SYSTEM_APP;
+    }
+    
+    if (!IsPrivilegedCalling() &&
+        VerifyAccessToken(callingTokenID, REVOKE_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) {
+        HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "PERMISSION_VERIFY_REPORT",
+            HiviewDFX::HiSysEvent::EventType::SECURITY, "CODE", VERIFY_PERMISSION_ERROR,
+            "CALLER_TOKENID", callingTokenID, "PERMISSION_NAME", permissionName);
+        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingTokenID);
+        return AccessTokenError::ERR_PERMISSION_DENIED;
+    }
     return PermissionManager::GetInstance().RevokePermission(tokenID, permissionName, flag);
 }
 
 int AccessTokenManagerService::GrantPermissionForSpecifiedTime(
     AccessTokenID tokenID, const std::string& permissionName, uint32_t onceTime)
 {
+    AccessTokenID callingTokenID = IPCSkeleton::GetCallingTokenID();
+    if ((this->GetTokenType(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) {
+        return AccessTokenError::ERR_NOT_SYSTEM_APP;
+    }
+    
+    if (!IsPrivilegedCalling() &&
+        VerifyAccessToken(callingTokenID, GRANT_SHORT_TERM_WRITE_MEDIAVIDEO) == PERMISSION_DENIED) {
+        HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "PERMISSION_VERIFY_REPORT",
+            HiviewDFX::HiSysEvent::EventType::SECURITY, "CODE", VERIFY_PERMISSION_ERROR,
+            "CALLER_TOKENID", callingTokenID, "PERMISSION_NAME", permissionName);
+        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingTokenID);
+        return AccessTokenError::ERR_PERMISSION_DENIED;
+    }
+
     int32_t ret = PermissionManager::GetInstance().GrantPermissionForSpecifiedTime(tokenID, permissionName, onceTime);
     return ret;
 }
@@ -362,6 +530,16 @@ int AccessTokenManagerService::GrantPermissionForSpecifiedTime(
 int AccessTokenManagerService::ClearUserGrantedPermissionState(AccessTokenID tokenID)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "TokenID: %{public}d", tokenID);
+    uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID();
+    if (!IsPrivilegedCalling() &&
+        VerifyAccessToken(callingTokenID, REVOKE_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) {
+        HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "PERMISSION_VERIFY_REPORT",
+            HiviewDFX::HiSysEvent::EventType::SECURITY, "CODE", VERIFY_PERMISSION_ERROR,
+            "CALLER_TOKENID", callingTokenID);
+        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingTokenID);
+        return AccessTokenError::ERR_PERMISSION_DENIED;
+    }
+
     AccessTokenInfoManager::GetInstance().ClearUserGrantedPermissionState(tokenID);
     AccessTokenInfoManager::GetInstance().SetPermDialogCap(tokenID, false);
     return RET_SUCCESS;
@@ -370,62 +548,192 @@ int AccessTokenManagerService::ClearUserGrantedPermissionState(AccessTokenID tok
 int32_t AccessTokenManagerService::RegisterPermStateChangeCallback(
     const PermStateChangeScopeParcel& scope, const sptr<IRemoteObject>& callback)
 {
+    uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID();
+    if ((this->GetTokenType(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) {
+        return AccessTokenError::ERR_NOT_SYSTEM_APP;
+    }
+    if (VerifyAccessToken(callingTokenID, GET_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingTokenID);
+        return AccessTokenError::ERR_PERMISSION_DENIED;
+    }
     return PermissionManager::GetInstance().AddPermStateChangeCallback(scope.scope, callback);
 }
 
 int32_t AccessTokenManagerService::UnRegisterPermStateChangeCallback(const sptr<IRemoteObject>& callback)
 {
+    uint32_t callingToken = IPCSkeleton::GetCallingTokenID();
+    if ((this->GetTokenType(callingToken) == TOKEN_HAP) && (!IsSystemAppCalling())) {
+        return AccessTokenError::ERR_NOT_SYSTEM_APP;
+    }
+    if (VerifyAccessToken(callingToken, GET_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingToken);
+
+        return AccessTokenError::ERR_PERMISSION_DENIED;
+    }
     return PermissionManager::GetInstance().RemovePermStateChangeCallback(callback);
 }
 
 int32_t AccessTokenManagerService::RegisterSelfPermStateChangeCallback(
     const PermStateChangeScopeParcel& scope, const sptr<IRemoteObject>& callback)
 {
+    uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID();
+    if (this->GetTokenType(callingTokenID) != TOKEN_HAP) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "TokenID is not hap.");
+        return AccessTokenError::ERR_PARAM_INVALID;
+    }
     return PermissionManager::GetInstance().AddPermStateChangeCallback(scope.scope, callback);
 }
 
 int32_t AccessTokenManagerService::UnRegisterSelfPermStateChangeCallback(const sptr<IRemoteObject>& callback)
 {
+    uint32_t callingToken = IPCSkeleton::GetCallingTokenID();
+    if (this->GetTokenType(callingToken) != TOKEN_HAP) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "TokenID is not hap.");
+        return AccessTokenError::ERR_PARAM_INVALID;
+    }
     return PermissionManager::GetInstance().RemovePermStateChangeCallback(callback);
 }
 
-AccessTokenIDEx AccessTokenManagerService::AllocHapToken(const HapInfoParcel& info, const HapPolicyParcel& policy)
+int32_t AccessTokenManagerService::AllocHapToken(const HapInfoParcel& info, const HapPolicyParcel& policy,
+    uint64_t& fullTokenId)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "BundleName: %{public}s", info.hapInfoParameter.bundleName.c_str());
     AccessTokenIDEx tokenIdEx;
     tokenIdEx.tokenIDEx = 0LL;
 
+    AccessTokenID tokenID = IPCSkeleton::GetCallingTokenID();
+    if (!IsPrivilegedCalling() &&
+        (VerifyAccessToken(tokenID, MANAGE_HAP_TOKENID_PERMISSION) == PERMISSION_DENIED)) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", tokenID);
+        fullTokenId = static_cast<uint64_t>(tokenIdEx.tokenIDEx);
+        return ERR_OK;
+    }
+
     int ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(
         info.hapInfoParameter, policy.hapPolicy, tokenIdEx);
     if (ret != RET_SUCCESS) {
         LOGE(ATM_DOMAIN, ATM_TAG, "Hap token info create failed");
     }
-    return tokenIdEx;
+    fullTokenId = static_cast<uint64_t>(tokenIdEx.tokenIDEx);
+    return ERR_OK;
+}
+
+static void TransferHapPolicy(const HapPolicy& policyIn, HapPolicy& policyOut)
+{
+    policyOut.apl = policyIn.apl;
+    policyOut.domain = policyIn.domain;
+    policyOut.permList.assign(policyIn.permList.begin(), policyIn.permList.end());
+    policyOut.aclRequestedList.assign(policyIn.aclRequestedList.begin(), policyIn.aclRequestedList.end());
+    policyOut.preAuthorizationInfo.assign(policyIn.preAuthorizationInfo.begin(), policyIn.preAuthorizationInfo.end());
+    for (const auto& perm : policyIn.permStateList) {
+        PermissionStatus tmp;
+        tmp.permissionName = perm.permissionName;
+        tmp.grantStatus = perm.grantStatus;
+        tmp.grantFlag = perm.grantFlag;
+        policyOut.permStateList.emplace_back(tmp);
+    }
+    policyOut.checkIgnore = policyIn.checkIgnore;
+    policyOut.aclExtendedMap = policyIn.aclExtendedMap;
+}
+
+void AccessTokenManagerService::ReportAddHap(const HapInfoParcel& info, const HapPolicyParcel& policy)
+{
+    AccessTokenDfxInfo dfxInfo;
+    dfxInfo.sceneCode = AddHapSceneCode::INSTALL_START;
+    dfxInfo.tokenId = info.hapInfoParameter.tokenID;
+    dfxInfo.userId = info.hapInfoParameter.userID;
+    dfxInfo.bundleName = info.hapInfoParameter.bundleName;
+    dfxInfo.instIndex = info.hapInfoParameter.instIndex;
+    dfxInfo.dlpType = static_cast<HapDlpType>(info.hapInfoParameter.dlpType);
+    dfxInfo.isRestore = info.hapInfoParameter.isRestore;
+
+    dfxInfo.permInfo = std::to_string(policy.hapPolicy.permStateList.size()) + " : [";
+    for (const auto& permState : policy.hapPolicy.permStateList) {
+        dfxInfo.permInfo.append(permState.permissionName + ", ");
+    }
+    dfxInfo.permInfo.append("]");
+
+    dfxInfo.aclInfo = std::to_string(policy.hapPolicy.aclRequestedList.size()) + " : [";
+    for (const auto& perm : policy.hapPolicy.aclRequestedList) {
+        dfxInfo.aclInfo.append(perm + ", ");
+    }
+    dfxInfo.aclInfo.append("]");
+
+    dfxInfo.preauthInfo = std::to_string(policy.hapPolicy.preAuthorizationInfo.size()) + " : [";
+    for (const auto& preAuthInfo : policy.hapPolicy.preAuthorizationInfo) {
+        dfxInfo.preauthInfo.append(preAuthInfo.permissionName + ", ");
+    }
+    dfxInfo.preauthInfo.append("]");
+
+    dfxInfo.extendInfo = std::to_string(policy.hapPolicy.aclExtendedMap.size()) + " : {";
+    for (const auto& aclExtend : policy.hapPolicy.aclExtendedMap) {
+        dfxInfo.extendInfo.append(aclExtend.first + ": " + aclExtend.second + ", ");
+    }
+    dfxInfo.extendInfo.append("}");
+
+    ReportSysEventAddHap(dfxInfo);
 }
 
-int32_t AccessTokenManagerService::InitHapToken(const HapInfoParcel& info, HapPolicyParcel& policy,
-    AccessTokenIDEx& fullTokenId, HapInfoCheckResult& result)
+void AccessTokenManagerService::ReportAddHapFinish(AccessTokenIDEx fullTokenId, const HapInfoParcel& info,
+    int64_t beginTime, int32_t errorCode)
+{
+    int64_t endTime = TimeUtil::GetCurrentTimestamp();
+    AccessTokenDfxInfo dfxInfo;
+    dfxInfo.sceneCode = AddHapSceneCode::INSTALL_FINISH;
+    dfxInfo.tokenId = fullTokenId.tokenIdExStruct.tokenID;
+    dfxInfo.tokenIdEx = fullTokenId;
+    dfxInfo.userId = info.hapInfoParameter.userID;
+    dfxInfo.bundleName = info.hapInfoParameter.bundleName;
+    dfxInfo.instIndex = info.hapInfoParameter.instIndex;
+    dfxInfo.duration = endTime - beginTime;
+    dfxInfo.errorCode = errorCode;
+    ReportSysEventAddHap(dfxInfo);
+}
+
+int32_t AccessTokenManagerService::InitHapToken(const HapInfoParcel& info, const HapPolicyParcel& policy,
+    uint64_t& fullTokenId, HapInfoCheckResultIdl& resultInfoIdl)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "Init hap %{public}s.", info.hapInfoParameter.bundleName.c_str());
+    int64_t beginTime = TimeUtil::GetCurrentTimestamp();
+    ReportAddHap(info, policy);
+
+    AccessTokenID tokenID = IPCSkeleton::GetCallingTokenID();
+    if (!IsPrivilegedCalling() &&
+        (VerifyAccessToken(tokenID, MANAGE_HAP_TOKENID_PERMISSION) == PERMISSION_DENIED)) {
+        LOGC(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", tokenID);
+        return AccessTokenError::ERR_PERMISSION_DENIED;
+    }
+
+    HapPolicyParcel policyCopy;
+    TransferHapPolicy(policy.hapPolicy, policyCopy.hapPolicy);
+
+    resultInfoIdl.realResult = ERR_OK;
     std::vector<PermissionStatus> initializedList;
     if (info.hapInfoParameter.dlpType == DLP_COMMON) {
+        HapInfoCheckResult permCheckResult;
         if (!PermissionManager::GetInstance().InitPermissionList(info.hapInfoParameter.appDistributionType,
-            policy.hapPolicy, initializedList, result)) {
-            return ERR_PERM_REQUEST_CFG_FAILED;
+            policyCopy.hapPolicy, initializedList, permCheckResult)) {
+            resultInfoIdl.realResult = ERROR;
+            resultInfoIdl.permissionName = permCheckResult.permCheckResult.permissionName;
+            int32_t rule = permCheckResult.permCheckResult.rule;
+            resultInfoIdl.rule = static_cast<PermissionRulesEnumIdl>(rule);
+            ReportAddHapFinish({0}, info, beginTime, ERR_PERM_REQUEST_CFG_FAILED);
+            return ERR_OK;
         }
     } else {
         if (!PermissionManager::GetInstance().InitDlpPermissionList(
             info.hapInfoParameter.bundleName, info.hapInfoParameter.userID, initializedList)) {
+            ReportAddHapFinish({0}, info, beginTime, ERR_PERM_REQUEST_CFG_FAILED);
             return ERR_PERM_REQUEST_CFG_FAILED;
         }
     }
-    policy.hapPolicy.permStateList = initializedList;
+    policyCopy.hapPolicy.permStateList = initializedList;
 
+    AccessTokenIDEx tokenIdEx;
     int32_t ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(
-        info.hapInfoParameter, policy.hapPolicy, fullTokenId);
-    if (ret != RET_SUCCESS) {
-        return ret;
-    }
+        info.hapInfoParameter, policyCopy.hapPolicy, tokenIdEx);
+    fullTokenId = tokenIdEx.tokenIDEx;
+    ReportAddHapFinish(tokenIdEx, info, beginTime, ret);
 
     return ret;
 }
@@ -433,8 +741,34 @@ int32_t AccessTokenManagerService::InitHapToken(const HapInfoParcel& info, HapPo
 int AccessTokenManagerService::DeleteToken(AccessTokenID tokenID)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "TokenID: %{public}d", tokenID);
+    AccessTokenID callingTokenID = IPCSkeleton::GetCallingTokenID();
+    if (!IsPrivilegedCalling() &&
+        (VerifyAccessToken(callingTokenID, MANAGE_HAP_TOKENID_PERMISSION) == PERMISSION_DENIED)) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingTokenID);
+        return AccessTokenError::ERR_PERMISSION_DENIED;
+    }
+    if (this->GetTokenType(tokenID) != TOKEN_HAP) {
+        return AccessTokenError::ERR_PARAM_INVALID;
+    }
+
+    int64_t beginTime = TimeUtil::GetCurrentTimestamp();
+
+    HapTokenInfo hapInfo;
+    AccessTokenInfoManager::GetInstance().GetHapTokenInfo(tokenID, hapInfo);
+    ClearThreadErrorMsg();
+    HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "DEL_HAP",
+        HiviewDFX::HiSysEvent::EventType::STATISTIC, "SCENE_CODE", CommonSceneCode::AT_COMMOM_START,
+        "TOKENID", tokenID, "USERID", hapInfo.userID, "BUNDLENAME", hapInfo.bundleName, "INSTINDEX", hapInfo.instIndex);
+
     // only support hap token deletion
-    return AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenID);
+    int32_t ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenID);
+
+    int64_t endTime = TimeUtil::GetCurrentTimestamp();
+    HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "DEL_HAP",
+        HiviewDFX::HiSysEvent::EventType::STATISTIC, "SCENE_CODE", CommonSceneCode::AT_COMMON_FINISH,
+        "TOKENID", tokenID, "DURATION", endTime - beginTime, "ERROR_CODE", ret);
+    ReportSysCommonEventError(static_cast<int32_t>(IAccessTokenManagerIpcCode::COMMAND_DELETE_TOKEN), ret);
+    return ret;
 }
 
 int AccessTokenManagerService::GetTokenType(AccessTokenID tokenID)
@@ -443,47 +777,164 @@ int AccessTokenManagerService::GetTokenType(AccessTokenID tokenID)
     return AccessTokenIDManager::GetInstance().GetTokenIdType(tokenID);
 }
 
-AccessTokenIDEx AccessTokenManagerService::GetHapTokenID(
-    int32_t userID, const std::string& bundleName, int32_t instIndex)
+int AccessTokenManagerService::GetTokenType(AccessTokenID tokenID, int32_t& tokenType)
+{
+    LOGD(ATM_DOMAIN, ATM_TAG, "TokenID: %{public}d", tokenID);
+    tokenType = AccessTokenIDManager::GetInstance().GetTokenIdType(tokenID);
+    return ERR_OK;
+}
+
+int32_t AccessTokenManagerService::GetHapTokenID(
+    int32_t userID, const std::string& bundleName, int32_t instIndex, uint64_t& fullTokenId)
 {
     LOGD(ATM_DOMAIN, ATM_TAG, "UserID: %{public}d, bundle: %{public}s, instIndex: %{public}d",
         userID, bundleName.c_str(), instIndex);
-    return AccessTokenInfoManager::GetInstance().GetHapTokenID(userID, bundleName, instIndex);
+    if (!IsNativeProcessCalling() && !IsPrivilegedCalling()) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID());
+
+        AccessTokenIDEx tokenIdEx = {0};
+        fullTokenId = tokenIdEx.tokenIDEx;
+        return ERR_OK;
+    }
+    AccessTokenIDEx tokenIdEx = AccessTokenInfoManager::GetInstance().GetHapTokenID(userID, bundleName, instIndex);
+    fullTokenId = tokenIdEx.tokenIDEx;
+    return ERR_OK;
 }
 
-AccessTokenID AccessTokenManagerService::AllocLocalTokenID(
-    const std::string& remoteDeviceID, AccessTokenID remoteTokenID)
+int32_t AccessTokenManagerService::AllocLocalTokenID(
+    const std::string& remoteDeviceID, AccessTokenID remoteTokenID, AccessTokenID& tokenId)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "RemoteDeviceID: %{public}s, remoteTokenID: %{public}d",
         ConstantCommon::EncryptDevId(remoteDeviceID).c_str(), remoteTokenID);
+    if ((!IsNativeProcessCalling()) && !IsPrivilegedCalling()) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID());
+        tokenId = INVALID_TOKENID;
+        return ERR_OK;
+    }
     AccessTokenID tokenID = AccessTokenInfoManager::GetInstance().AllocLocalTokenID(remoteDeviceID, remoteTokenID);
-    return tokenID;
+    tokenId = tokenID;
+    return ERR_OK;
 }
 
-int32_t AccessTokenManagerService::UpdateHapToken(AccessTokenIDEx& tokenIdEx, const UpdateHapInfoParams& info,
-    const HapPolicyParcel& policyParcel, HapInfoCheckResult& result)
+int32_t AccessTokenManagerService::UpdateHapTokenCore(AccessTokenIDEx& tokenIdEx, const UpdateHapInfoParams& info,
+    const HapPolicyParcel& policyParcel, HapInfoCheckResultIdl& resultInfoIdl)
 {
-    LOGI(ATM_DOMAIN, ATM_TAG, "TokenID: %{public}d", tokenIdEx.tokenIdExStruct.tokenID);
     std::vector<PermissionStatus> InitializedList;
+    resultInfoIdl.realResult = ERR_OK;
+    HapInfoCheckResult permCheckResult;
     if (!PermissionManager::GetInstance().InitPermissionList(
-        info.appDistributionType, policyParcel.hapPolicy, InitializedList, result)) {
-        return ERR_PERM_REQUEST_CFG_FAILED;
+        info.appDistributionType, policyParcel.hapPolicy, InitializedList, permCheckResult)) {
+        resultInfoIdl.realResult = ERROR;
+        resultInfoIdl.permissionName = permCheckResult.permCheckResult.permissionName;
+        int32_t rule = permCheckResult.permCheckResult.rule;
+        resultInfoIdl.rule = static_cast<PermissionRulesEnumIdl>(rule);
+        LOGC(ATM_DOMAIN, ATM_TAG, "InitPermissionList failed, tokenId=%{public}u.", tokenIdEx.tokenIdExStruct.tokenID);
+        ReportSysCommonEventError(static_cast<int32_t>(IAccessTokenManagerIpcCode::COMMAND_UPDATE_HAP_TOKEN),
+            ERR_PERM_REQUEST_CFG_FAILED);
+        return ERR_OK;
     }
+
     int32_t ret = AccessTokenInfoManager::GetInstance().UpdateHapToken(tokenIdEx, info,
         InitializedList, policyParcel.hapPolicy);
     return ret;
 }
-int32_t AccessTokenManagerService::GetTokenIDByUserID(int32_t userID, std::unordered_set<AccessTokenID>& tokenIdList)
+
+static void DumpEventInfo(const HapPolicy& policy, AccessTokenDfxInfo& dfxInfo)
+{
+    dfxInfo.permInfo = std::to_string(policy.permStateList.size()) + " : [";
+    for (const auto& permState : policy.permStateList) {
+        dfxInfo.permInfo.append(permState.permissionName + ", ");
+    }
+    dfxInfo.permInfo.append("]");
+
+    dfxInfo.aclInfo = std::to_string(policy.aclRequestedList.size()) + " : [";
+    for (const auto& perm : policy.aclRequestedList) {
+        dfxInfo.aclInfo.append(perm + ", ");
+    }
+    dfxInfo.aclInfo.append("]");
+
+    dfxInfo.preauthInfo = std::to_string(policy.preAuthorizationInfo.size()) + " : [";
+    for (const auto& preAuthInfo : policy.preAuthorizationInfo) {
+        dfxInfo.preauthInfo.append(preAuthInfo.permissionName + ", ");
+    }
+    dfxInfo.preauthInfo.append("]");
+
+    dfxInfo.extendInfo = std::to_string(policy.aclExtendedMap.size()) + " : {";
+    for (const auto& aclExtend : policy.aclExtendedMap) {
+        dfxInfo.extendInfo.append(aclExtend.first + ": " + aclExtend.second + ", ");
+    }
+    dfxInfo.extendInfo.append("}");
+}
+
+int32_t AccessTokenManagerService::UpdateHapToken(uint64_t& fullTokenId, const UpdateHapInfoParamsIdl& infoIdl,
+    const HapPolicyParcel& policyParcel, HapInfoCheckResultIdl& resultInfoIdl)
+{
+    AccessTokenIDEx tokenIdEx;
+    tokenIdEx.tokenIDEx = fullTokenId;
+    LOGI(ATM_DOMAIN, ATM_TAG, "TokenID: %{public}d", tokenIdEx.tokenIdExStruct.tokenID);
+    AccessTokenID callingTokenID = IPCSkeleton::GetCallingTokenID();
+    if (!IsPrivilegedCalling() &&
+        (VerifyAccessToken(callingTokenID, MANAGE_HAP_TOKENID_PERMISSION) == PERMISSION_DENIED)) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingTokenID);
+        return AccessTokenError::ERR_PERMISSION_DENIED;
+    }
+    UpdateHapInfoParams info;
+    info.appIDDesc = infoIdl.appIDDesc;
+    info.apiVersion = infoIdl.apiVersion;
+    info.isSystemApp = infoIdl.isSystemApp;
+    info.appDistributionType = infoIdl.appDistributionType;
+    info.isAtomicService = infoIdl.isAtomicService;
+
+    int64_t beginTime = TimeUtil::GetCurrentTimestamp();
+    HapTokenInfo hapInfo;
+    AccessTokenInfoManager::GetInstance().GetHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID, hapInfo);
+    ClearThreadErrorMsg();
+
+    AccessTokenDfxInfo dfxInfo;
+    DumpEventInfo(policyParcel.hapPolicy, dfxInfo);
+    HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "UPDATE_HAP",
+        HiviewDFX::HiSysEvent::EventType::STATISTIC, "SCENE_CODE", CommonSceneCode::AT_COMMOM_START,
+        "TOKENID", tokenIdEx.tokenIdExStruct.tokenID, "TOKENIDEX", tokenIdEx.tokenIDEx,
+        "USERID", hapInfo.userID, "BUNDLENAME", hapInfo.bundleName, "INSTINDEX", hapInfo.instIndex,
+        "PERM_INFO", dfxInfo.permInfo, "ACL_INFO", dfxInfo.aclInfo, "PREAUTH_INFO", dfxInfo.preauthInfo,
+        "EXTEND_INFO", dfxInfo.extendInfo);
+
+    int32_t ret = UpdateHapTokenCore(tokenIdEx, info, policyParcel, resultInfoIdl);
+    fullTokenId = tokenIdEx.tokenIDEx;
+
+    int64_t endTime = TimeUtil::GetCurrentTimestamp();
+    HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "UPDATE_HAP",
+        HiviewDFX::HiSysEvent::EventType::STATISTIC, "SCENE_CODE", CommonSceneCode::AT_COMMON_FINISH,
+        "TOKENID", tokenIdEx.tokenIdExStruct.tokenID, "TOKENIDEX", tokenIdEx.tokenIDEx,
+        "DURATION", endTime - beginTime, "ERROR_CODE", ret);
+    ReportSysCommonEventError(static_cast<int32_t>(IAccessTokenManagerIpcCode::COMMAND_UPDATE_HAP_TOKEN), ret);
+    return ret;
+}
+
+int32_t AccessTokenManagerService::GetTokenIDByUserID(int32_t userID, std::vector<AccessTokenID>& tokenIds)
 {
     LOGD(ATM_DOMAIN, ATM_TAG, "UserID: %{public}d", userID);
 
-    return AccessTokenInfoManager::GetInstance().GetTokenIDByUserID(userID, tokenIdList);
+    if (!IsNativeProcessCalling()) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID());
+        return AccessTokenError::ERR_PERMISSION_DENIED;
+    }
+    std::unordered_set<AccessTokenID> tokenIdList;
+
+    auto result = AccessTokenInfoManager::GetInstance().GetTokenIDByUserID(userID, tokenIdList);
+    std::copy(tokenIdList.begin(), tokenIdList.end(), std::back_inserter(tokenIds));
+    return result;
 }
 
 int AccessTokenManagerService::GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfoParcel& infoParcel)
 {
     LOGD(ATM_DOMAIN, ATM_TAG, "TokenID: %{public}d", tokenID);
 
+    if (!IsNativeProcessCalling() && !IsPrivilegedCalling()) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID());
+        return AccessTokenError::ERR_PERMISSION_DENIED;
+    }
+
     return AccessTokenInfoManager::GetInstance().GetHapTokenInfo(tokenID, infoParcel.hapTokenInfoParams);
 }
 
@@ -491,6 +942,11 @@ int AccessTokenManagerService::GetHapTokenInfoExtension(AccessTokenID tokenID,
     HapTokenInfoParcel& hapTokenInfoRes, std::string& appID)
 {
     LOGD(ATM_DOMAIN, ATM_TAG, "TokenID: %{public}d.", tokenID);
+    if (!IsNativeProcessCalling() && !IsPrivilegedCalling()) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID());
+        return AccessTokenError::ERR_PERMISSION_DENIED;
+    }
+
     int ret = AccessTokenInfoManager::GetInstance().GetHapTokenInfo(tokenID, hapTokenInfoRes.hapTokenInfoParams);
     if (ret != RET_SUCCESS) {
         LOGE(ATM_DOMAIN, ATM_TAG, "Get hap token info extenstion failed, ret is %{public}d.", ret);
@@ -503,6 +959,12 @@ int AccessTokenManagerService::GetHapTokenInfoExtension(AccessTokenID tokenID,
 int AccessTokenManagerService::GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfoParcel& infoParcel)
 {
     LOGD(ATM_DOMAIN, ATM_TAG, "TokenID: %{public}d", tokenID);
+
+    if (!IsNativeProcessCalling() && !IsPrivilegedCalling()) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d).", IPCSkeleton::GetCallingTokenID());
+        return AccessTokenError::ERR_PERMISSION_DENIED;
+    }
+
     NativeTokenInfoBase baseInfo;
     int32_t ret = AccessTokenInfoManager::GetInstance().GetNativeTokenInfo(tokenID, baseInfo);
     infoParcel.nativeTokenInfoParams.apl = baseInfo.apl;
@@ -513,6 +975,10 @@ int AccessTokenManagerService::GetNativeTokenInfo(AccessTokenID tokenID, NativeT
 #ifndef ATM_BUILD_VARIANT_USER_ENABLE
 int32_t AccessTokenManagerService::ReloadNativeTokenInfo()
 {
+    if (!IsPrivilegedCalling()) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID());
+        return AccessTokenError::ERR_PERMISSION_DENIED;
+    }
     LibraryLoader loader(CONFIG_PARSE_LIBPATH);
     ConfigPolicyLoaderInterface* policy = loader.GetObject<ConfigPolicyLoaderInterface>();
     if (policy == nullptr) {
@@ -531,9 +997,15 @@ int32_t AccessTokenManagerService::ReloadNativeTokenInfo()
 }
 #endif
 
-AccessTokenID AccessTokenManagerService::GetNativeTokenId(const std::string& processName)
+int32_t AccessTokenManagerService::GetNativeTokenId(const std::string& processName, AccessTokenID& tokenID)
 {
-    return AccessTokenInfoManager::GetInstance().GetNativeTokenId(processName);
+    if (!IsNativeProcessCalling() && !IsPrivilegedCalling()) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID());
+        tokenID = INVALID_TOKENID;
+        return ERR_OK;
+    }
+    tokenID = AccessTokenInfoManager::GetInstance().GetNativeTokenId(processName);
+    return ERR_OK;
 }
 
 #ifdef TOKEN_SYNC_ENABLE
@@ -542,16 +1014,47 @@ int AccessTokenManagerService::GetHapTokenInfoFromRemote(AccessTokenID tokenID,
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "TokenID: %{public}d", tokenID);
 
+    if (!IsAccessTokenCalling()) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID());
+        return AccessTokenError::ERR_PERMISSION_DENIED;
+    }
     return AccessTokenInfoManager::GetInstance().GetHapTokenInfoFromRemote(tokenID,
         hapSyncParcel.hapTokenInfoForSyncParams);
 }
 
+static void TransferHapTokenInfoForSync(const HapTokenInfoForSync& policyIn, HapTokenInfoForSync& policyOut)
+{
+    policyOut.baseInfo.ver = policyIn.baseInfo.ver;
+    policyOut.baseInfo.userID = policyIn.baseInfo.userID;
+    policyOut.baseInfo.bundleName = policyIn.baseInfo.bundleName;
+    policyOut.baseInfo.apiVersion = policyIn.baseInfo.apiVersion;
+    policyOut.baseInfo.instIndex = policyIn.baseInfo.instIndex;
+    policyOut.baseInfo.dlpType = policyIn.baseInfo.dlpType;
+    policyOut.baseInfo.tokenID = policyIn.baseInfo.tokenID;
+    policyOut.baseInfo.tokenAttr = policyIn.baseInfo.tokenAttr;
+    for (const auto& item : policyIn.permStateList) {
+        PermissionStatus tmp;
+        tmp.permissionName = item.permissionName;
+        tmp.grantStatus = item.grantStatus;
+        tmp.grantFlag = item.grantFlag;
+        policyOut.permStateList.emplace_back(tmp);
+    }
+}
+
 int AccessTokenManagerService::SetRemoteHapTokenInfo(const std::string& deviceID,
-    HapTokenInfoForSyncParcel& hapSyncParcel)
+    const HapTokenInfoForSyncParcel& hapSyncParcel)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "DeviceID: %{public}s", ConstantCommon::EncryptDevId(deviceID).c_str());
+
+    if (!IsAccessTokenCalling()) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID());
+        return AccessTokenError::ERR_PERMISSION_DENIED;
+    }
+    HapTokenInfoForSyncParcel hapSyncParcelCopy;
+    TransferHapTokenInfoForSync(hapSyncParcel.hapTokenInfoForSyncParams, hapSyncParcelCopy.hapTokenInfoForSyncParams);
+
     int ret = AccessTokenInfoManager::GetInstance().SetRemoteHapTokenInfo(deviceID,
-        hapSyncParcel.hapTokenInfoForSyncParams);
+        hapSyncParcelCopy.hapTokenInfoForSyncParams);
     return ret;
 }
 
@@ -559,58 +1062,101 @@ int AccessTokenManagerService::DeleteRemoteToken(const std::string& deviceID, Ac
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "DeviceID: %{public}s, token id %{public}d",
         ConstantCommon::EncryptDevId(deviceID).c_str(), tokenID);
+
+    if (!IsAccessTokenCalling()) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID());
+        return AccessTokenError::ERR_PERMISSION_DENIED;
+    }
     return AccessTokenInfoManager::GetInstance().DeleteRemoteToken(deviceID, tokenID);
 }
 
-AccessTokenID AccessTokenManagerService::GetRemoteNativeTokenID(const std::string& deviceID,
-    AccessTokenID tokenID)
+int32_t AccessTokenManagerService::GetRemoteNativeTokenID(const std::string& deviceID,
+    AccessTokenID tokenID, AccessTokenID& tokenId)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "DeviceID: %{public}s, token id %{public}d",
         ConstantCommon::EncryptDevId(deviceID).c_str(), tokenID);
 
-    return AccessTokenInfoManager::GetInstance().GetRemoteNativeTokenID(deviceID, tokenID);
+    if (!IsAccessTokenCalling()) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID());
+        tokenId = INVALID_TOKENID;
+        return ERR_OK;
+    }
+    tokenId = AccessTokenInfoManager::GetInstance().GetRemoteNativeTokenID(deviceID, tokenID);
+    return ERR_OK;
 }
 
 int AccessTokenManagerService::DeleteRemoteDeviceTokens(const std::string& deviceID)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "DeviceID: %{public}s", ConstantCommon::EncryptDevId(deviceID).c_str());
+
+    if (!IsAccessTokenCalling()) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID());
+        return AccessTokenError::ERR_PERMISSION_DENIED;
+    }
     return AccessTokenInfoManager::GetInstance().DeleteRemoteDeviceTokens(deviceID);
 }
 
 int32_t AccessTokenManagerService::RegisterTokenSyncCallback(const sptr<IRemoteObject>& callback)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "Call token sync callback registed.");
+
+    if (!IsAccessTokenCalling()) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied, tokenID=%{public}d", IPCSkeleton::GetCallingTokenID());
+        return AccessTokenError::ERR_PERMISSION_DENIED;
+    }
     return TokenModifyNotifier::GetInstance().RegisterTokenSyncCallback(callback);
 }
 
 int32_t AccessTokenManagerService::UnRegisterTokenSyncCallback()
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "Call token sync callback unregisted.");
+
+    if (!IsAccessTokenCalling()) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied, tokenID=%{public}d", IPCSkeleton::GetCallingTokenID());
+        return AccessTokenError::ERR_PERMISSION_DENIED;
+    }
     return TokenModifyNotifier::GetInstance().UnRegisterTokenSyncCallback();
 }
 #endif
 
-void AccessTokenManagerService::DumpTokenInfo(const AtmToolsParamInfoParcel& infoParcel, std::string& dumpInfo)
+int32_t AccessTokenManagerService::DumpTokenInfo(const AtmToolsParamInfoParcel& infoParcel, std::string& dumpInfo)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "Called");
+    if (!IsShellProcessCalling()) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID());
+        dumpInfo = "";
+        return ERR_OK;
+    }
+
     bool isDeveloperMode = OHOS::system::GetBoolParameter(DEVELOPER_MODE_STATE, false);
     if (!isDeveloperMode) {
         dumpInfo = "Developer mode not support.";
-        return;
+        return ERR_OK;
     }
 
     AccessTokenInfoManager::GetInstance().DumpTokenInfo(infoParcel.info, dumpInfo);
+    return ERR_OK;
 }
 
 int32_t AccessTokenManagerService::GetVersion(uint32_t& version)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "Called");
+    uint32_t callingToken = IPCSkeleton::GetCallingTokenID();
+    if ((this->GetTokenType(callingToken) == TOKEN_HAP) && (!IsSystemAppCalling())) {
+        return AccessTokenError::ERR_NOT_SYSTEM_APP;
+    }
     version = DEFAULT_TOKEN_VERSION;
     return RET_SUCCESS;
 }
 
 int32_t AccessTokenManagerService::SetPermDialogCap(const HapBaseInfoParcel& hapBaseInfoParcel, bool enable)
 {
+    uint32_t callingToken = IPCSkeleton::GetCallingTokenID();
+    if (VerifyAccessToken(callingToken, DISABLE_PERMISSION_DIALOG) == PERMISSION_DENIED) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingToken);
+        return AccessTokenError::ERR_PERMISSION_DENIED;
+    }
+
     AccessTokenIDEx tokenIdEx = AccessTokenInfoManager::GetInstance().GetHapTokenID(
         hapBaseInfoParcel.hapBaseInfo.userID,
         hapBaseInfoParcel.hapBaseInfo.bundleName,
@@ -624,28 +1170,74 @@ int32_t AccessTokenManagerService::SetPermDialogCap(const HapBaseInfoParcel& hap
     return ret;
 }
 
-void AccessTokenManagerService::GetPermissionManagerInfo(PermissionGrantInfoParcel& infoParcel)
+int32_t AccessTokenManagerService::GetPermissionManagerInfo(PermissionGrantInfoParcel& infoParcel)
 {
     infoParcel.info.grantBundleName = grantBundleName_;
     infoParcel.info.grantAbilityName = grantAbilityName_;
     infoParcel.info.grantServiceAbilityName = grantServiceAbilityName_;
     infoParcel.info.permStateAbilityName = permStateAbilityName_;
     infoParcel.info.globalSwitchAbilityName = globalSwitchAbilityName_;
+    return ERR_OK;
 }
 
 int32_t AccessTokenManagerService::InitUserPolicy(
-    const std::vector<UserState>& userList, const std::vector<std::string>& permList)
+    const std::vector<UserStateIdl>& userIdlList, const std::vector<std::string>& permList)
 {
+    uint32_t callingToken = IPCSkeleton::GetCallingTokenID();
+    if (VerifyAccessToken(callingToken, GET_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingToken);
+        return AccessTokenError::ERR_PERMISSION_DENIED;
+    }
+
+    uint32_t userSize = userIdlList.size();
+    uint32_t permSize = permList.size();
+    if ((userSize > MAX_USER_POLICY_SIZE) || (permSize > MAX_USER_POLICY_SIZE)) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Size %{public}u is invalid", userSize);
+        return AccessTokenError::ERR_OVERSIZE;
+    }
+
+    std::vector<UserState> userList;
+    for (const auto& item : userIdlList) {
+        UserState tmp;
+        tmp.userId = item.userId;
+        tmp.isActive = item.isActive;
+        userList.emplace_back(tmp);
+    }
     return AccessTokenInfoManager::GetInstance().InitUserPolicy(userList, permList);
 }
 
-int32_t AccessTokenManagerService::UpdateUserPolicy(const std::vector<UserState>& userList)
+int32_t AccessTokenManagerService::UpdateUserPolicy(const std::vector<UserStateIdl>& userIdlList)
 {
+    uint32_t callingToken = IPCSkeleton::GetCallingTokenID();
+    if (VerifyAccessToken(callingToken, GET_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingToken);
+        return AccessTokenError::ERR_PERMISSION_DENIED;
+    }
+
+    uint32_t userSize = userIdlList.size();
+    if (userSize > MAX_USER_POLICY_SIZE) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Size %{public}u is invalid", userSize);
+        return AccessTokenError::ERR_OVERSIZE;
+    }
+
+    std::vector<UserState> userList;
+    for (const auto& item : userIdlList) {
+        UserState tmp;
+        tmp.userId = item.userId;
+        tmp.isActive = item.isActive;
+        userList.emplace_back(tmp);
+    }
     return AccessTokenInfoManager::GetInstance().UpdateUserPolicy(userList);
 }
 
 int32_t AccessTokenManagerService::ClearUserPolicy()
 {
+    uint32_t callingToken = IPCSkeleton::GetCallingTokenID();
+    if (VerifyAccessToken(callingToken, GET_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingToken);
+        return AccessTokenError::ERR_PERMISSION_DENIED;
+    }
+
     return AccessTokenInfoManager::GetInstance().ClearUserPolicy();
 }
 
@@ -699,8 +1291,50 @@ void AccessTokenManagerService::AccessTokenServiceParamSet() const
     }
 }
 
-void AccessTokenManagerService::GetConfigValue()
+void AccessTokenManagerService::SetFlagIfNeed(const AccessTokenServiceConfig& atConfig,
+    int32_t& cancelTime, uint32_t& parseConfigFlag)
 {
+    parseConfigFlag = 0;
+    // set value from config
+    if (!atConfig.grantBundleName.empty()) {
+        grantBundleName_ = atConfig.grantBundleName;
+        parseConfigFlag = 0x1;
+    }
+    if (!atConfig.grantAbilityName.empty()) {
+        grantAbilityName_ = atConfig.grantAbilityName;
+        parseConfigFlag |= 0x1 << BITMAP_INDEX_1;
+    }
+    if (!atConfig.grantServiceAbilityName.empty()) {
+        grantServiceAbilityName_ = atConfig.grantServiceAbilityName;
+        parseConfigFlag |= 0x1 << BITMAP_INDEX_2;
+    }
+    if (!atConfig.permStateAbilityName.empty()) {
+        permStateAbilityName_ = atConfig.permStateAbilityName;
+        parseConfigFlag |= 0x1 << BITMAP_INDEX_3;
+    }
+    if (!atConfig.globalSwitchAbilityName.empty()) {
+        globalSwitchAbilityName_ = atConfig.globalSwitchAbilityName;
+        parseConfigFlag |= 0x1 << BITMAP_INDEX_4;
+    }
+    if (atConfig.cancelTime != 0) {
+        cancelTime = atConfig.cancelTime;
+        parseConfigFlag |= 0x1 << BITMAP_INDEX_5;
+    }
+    if (!atConfig.applicationSettingAbilityName.empty()) {
+        applicationSettingAbilityName_ = atConfig.applicationSettingAbilityName;
+        parseConfigFlag |= 0x1 << BITMAP_INDEX_6;
+    }
+}
+
+void AccessTokenManagerService::GetConfigValue(uint32_t& parseConfigFlag)
+{
+    grantBundleName_ = GRANT_ABILITY_BUNDLE_NAME;
+    grantAbilityName_ = GRANT_ABILITY_ABILITY_NAME;
+    grantServiceAbilityName_ = GRANT_ABILITY_ABILITY_NAME;
+    permStateAbilityName_ = PERMISSION_STATE_SHEET_ABILITY_NAME;
+    globalSwitchAbilityName_ = GLOBAL_SWITCH_SHEET_ABILITY_NAME;
+    int32_t cancelTime = 0;
+    applicationSettingAbilityName_ = APPLICATION_SETTING_ABILITY_NAME;
     LibraryLoader loader(CONFIG_PARSE_LIBPATH);
     ConfigPolicyLoaderInterface* policy = loader.GetObject<ConfigPolicyLoaderInterface>();
     if (policy == nullptr) {
@@ -709,30 +1343,9 @@ void AccessTokenManagerService::GetConfigValue()
     }
     AccessTokenConfigValue value;
     if (policy->GetConfigValue(ServiceType::ACCESSTOKEN_SERVICE, value)) {
-        // set value from config
-        grantBundleName_ = value.atConfig.grantBundleName.empty() ?
-            GRANT_ABILITY_BUNDLE_NAME : value.atConfig.grantBundleName;
-        grantAbilityName_ = value.atConfig.grantAbilityName.empty() ?
-            GRANT_ABILITY_ABILITY_NAME : value.atConfig.grantAbilityName;
-        grantServiceAbilityName_ = value.atConfig.grantServiceAbilityName.empty() ?
-            GRANT_ABILITY_ABILITY_NAME : value.atConfig.grantServiceAbilityName;
-        permStateAbilityName_ = value.atConfig.permStateAbilityName.empty() ?
-            PERMISSION_STATE_SHEET_ABILITY_NAME : value.atConfig.permStateAbilityName;
-        globalSwitchAbilityName_ = value.atConfig.globalSwitchAbilityName.empty() ?
-            GLOBAL_SWITCH_SHEET_ABILITY_NAME : value.atConfig.globalSwitchAbilityName;
-        applicationSettingAbilityName_ = value.atConfig.applicationSettingAbilityName.empty() ?
-            APPLICATION_SETTING_ABILITY_NAME : value.atConfig.applicationSettingAbilityName;
-        TempPermissionObserver::GetInstance().SetCancelTime(value.atConfig.cancleTime);
-    } else {
-        LOGI(ATM_DOMAIN, ATM_TAG, "No config file or config file is not valid, use default values");
-        grantBundleName_ = GRANT_ABILITY_BUNDLE_NAME;
-        grantAbilityName_ = GRANT_ABILITY_ABILITY_NAME;
-        grantServiceAbilityName_ = GRANT_ABILITY_ABILITY_NAME;
-        permStateAbilityName_ = PERMISSION_STATE_SHEET_ABILITY_NAME;
-        globalSwitchAbilityName_ = GLOBAL_SWITCH_SHEET_ABILITY_NAME;
-        applicationSettingAbilityName_ = APPLICATION_SETTING_ABILITY_NAME;
+        SetFlagIfNeed(value.atConfig, cancelTime, parseConfigFlag);
     }
-
+    TempPermissionObserver::GetInstance().SetCancelTime(cancelTime);
     LOGI(ATM_DOMAIN, ATM_TAG, "GrantBundleName_ is %{public}s, grantAbilityName_ is %{public}s, "
         "grantServiceAbilityName_ is %{public}s, permStateAbilityName_ is %{public}s, "
         "globalSwitchAbilityName_ is %{public}s, applicationSettingAbilityName_ is %{public}s.",
@@ -741,14 +1354,32 @@ void AccessTokenManagerService::GetConfigValue()
 }
 
 int32_t AccessTokenManagerService::GetKernelPermissions(
-    AccessTokenID tokenId, std::vector<PermissionWithValue>& kernelPermList)
+    AccessTokenID tokenId, std::vector<PermissionWithValueIdl>& kernelPermIdlList)
 {
-    return AccessTokenInfoManager::GetInstance().GetKernelPermissions(tokenId, kernelPermList);
+    auto callingToken = IPCSkeleton::GetCallingTokenID();
+    if (!IsNativeProcessCalling() && !IsPrivilegedCalling()) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingToken);
+        return AccessTokenError::ERR_PERMISSION_DENIED;
+    }
+
+    std::vector<PermissionWithValue> kernelPermList;
+    auto result = AccessTokenInfoManager::GetInstance().GetKernelPermissions(tokenId, kernelPermList);
+    for (const auto& item : kernelPermList) {
+        PermissionWithValueIdl tmp;
+        tmp.permissionName = item.permissionName;
+        tmp.value = item.value;
+        kernelPermIdlList.emplace_back(tmp);
+    }
+    return result;
 }
 
 int32_t AccessTokenManagerService::GetReqPermissionByName(
     AccessTokenID tokenId, const std::string& permissionName, std::string& value)
 {
+    if (!IsNativeProcessCalling() && !IsPrivilegedCalling()) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID());
+        return AccessTokenError::ERR_PERMISSION_DENIED;
+    }
     return AccessTokenInfoManager::GetInstance().GetReqPermissionByName(
         tokenId, permissionName, value);
 }
@@ -757,16 +1388,140 @@ bool AccessTokenManagerService::Initialize()
 {
     MemoryGuard guard;
     ReportSysEventPerformance();
-    AccessTokenInfoManager::GetInstance().Init();
+
+    uint32_t hapSize = 0;
+    uint32_t nativeSize = 0;
+    uint32_t pefDefSize = 0;
+    uint32_t dlpSize = 0;
+    AccessTokenInfoManager::GetInstance().Init(hapSize, nativeSize, pefDefSize, dlpSize);
 
 #ifdef EVENTHANDLER_ENABLE
     TempPermissionObserver::GetInstance().InitEventHandler();
     ShortGrantManager::GetInstance().InitEventHandler();
 #endif
-    GetConfigValue();
+    AccessTokenDfxInfo dfxInfo;
+    dfxInfo.pid = getpid();
+    dfxInfo.hapSize = hapSize;
+    dfxInfo.nativeSize = nativeSize;
+    dfxInfo.permDefSize = pefDefSize;
+    dfxInfo.dlpSize = dlpSize;
+    GetConfigValue(dfxInfo.parseConfigFlag);
+
+    ReportSysEventServiceStart(dfxInfo);
     LOGI(ATM_DOMAIN, ATM_TAG, "Initialize success");
     return true;
 }
+
+bool AccessTokenManagerService::IsPrivilegedCalling() const
+{
+    // shell process is root in debug mode.
+#ifndef ATM_BUILD_VARIANT_USER_ENABLE
+    int32_t callingUid = IPCSkeleton::GetCallingUid();
+    return callingUid == ROOT_UID;
+#else
+    return false;
+#endif
+}
+
+bool AccessTokenManagerService::IsAccessTokenCalling()
+{
+    uint32_t tokenCaller = IPCSkeleton::GetCallingTokenID();
+    if (tokenSyncId_ == 0) {
+        this->GetNativeTokenId("token_sync_service", tokenSyncId_);
+    }
+    return tokenCaller == tokenSyncId_;
+}
+
+bool AccessTokenManagerService::IsNativeProcessCalling()
+{
+    AccessTokenID tokenCaller = IPCSkeleton::GetCallingTokenID();
+    return this->GetTokenType(tokenCaller) == TOKEN_NATIVE;
+}
+
+bool AccessTokenManagerService::IsShellProcessCalling()
+{
+    AccessTokenID tokenCaller = IPCSkeleton::GetCallingTokenID();
+    return this->GetTokenType(tokenCaller) == TOKEN_SHELL;
+}
+
+bool AccessTokenManagerService::IsSystemAppCalling() const
+{
+    uint64_t fullTokenId = IPCSkeleton::GetCallingFullTokenID();
+    return TokenIdKit::IsSystemAppByFullTokenID(fullTokenId);
+}
+
+bool AccessTokenManagerService::IsSecCompServiceCalling()
+{
+    uint32_t tokenCaller = IPCSkeleton::GetCallingTokenID();
+    if (secCompTokenId_ == 0) {
+        this->GetNativeTokenId("security_component_service", secCompTokenId_);
+    }
+    return tokenCaller == secCompTokenId_;
+}
+
+int32_t AccessTokenManagerService::CallbackEnter(uint32_t code)
+{
+    ClearThreadErrorMsg();
+#ifdef HICOLLIE_ENABLE
+    std::string name = "AtmTimer";
+    g_timerId = HiviewDFX::XCollie::GetInstance().SetTimer(name, TIMEOUT, nullptr, nullptr,
+        HiviewDFX::XCOLLIE_FLAG_LOG);
+#endif // HICOLLIE_ENABLE
+    return ERR_OK;
+}
+
+int32_t AccessTokenManagerService::CallbackExit(uint32_t code, int32_t result)
+{
+#ifdef HICOLLIE_ENABLE
+    HiviewDFX::XCollie::GetInstance().CancelTimer(g_timerId);
+#endif // HICOLLIE_ENABLE
+    ClearThreadErrorMsg();
+    return ERR_OK;
+}
+
+#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE
+int32_t AccessTokenManagerService::RegisterSecCompEnhance(const SecCompEnhanceDataParcel& enhanceParcel)
+{
+    LOGI(ATM_DOMAIN, ATM_TAG, "Pid: %{public}d", enhanceParcel.enhanceData.pid);
+    return SecCompEnhanceAgent::GetInstance().RegisterSecCompEnhance(enhanceParcel.enhanceData);
+}
+
+int32_t AccessTokenManagerService::UpdateSecCompEnhance(int32_t pid, uint32_t seqNum)
+{
+    if (!IsSecCompServiceCalling()) {
+        return AccessTokenError::ERR_PERMISSION_DENIED;
+    }
+
+    return SecCompEnhanceAgent::GetInstance().UpdateSecCompEnhance(pid, seqNum);
+}
+
+int32_t AccessTokenManagerService::GetSecCompEnhance(int32_t pid, SecCompEnhanceDataParcel& enhanceParcel)
+{
+    if (!IsSecCompServiceCalling()) {
+        return AccessTokenError::ERR_PERMISSION_DENIED;
+    }
+
+    SecCompEnhanceData enhanceData;
+    int32_t res = SecCompEnhanceAgent::GetInstance().GetSecCompEnhance(pid, enhanceData);
+    if (res != RET_SUCCESS) {
+        LOGW(ATM_DOMAIN, ATM_TAG, "Pid: %{public}d get enhance failed ", pid);
+        return res;
+    }
+
+    enhanceParcel.enhanceData = enhanceData;
+    return RET_SUCCESS;
+}
+#endif
+
+int32_t AccessTokenManagerService::IsToastShownNeeded(int32_t pid, bool& needToShow)
+{
+    if (!IsSecCompServiceCalling()) {
+        return AccessTokenError::ERR_PERMISSION_DENIED;
+    }
+
+    needToShow = SecCompMonitor::GetInstance().IsToastShownNeeded(pid);
+    return RET_SUCCESS;
+}
 } // namespace AccessToken
 } // namespace Security
 } // namespace OHOS
diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp
deleted file mode 100644
index c1341cd00e9d685e1ea5afe442891059e43c034a..0000000000000000000000000000000000000000
--- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp
+++ /dev/null
@@ -1,1333 +0,0 @@
-/*
- * Copyright (c) 2021-2024 Huawei Device Co., Ltd.
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include "accesstoken_manager_stub.h"
-
-#include <unistd.h>
-#include "accesstoken_dfx_define.h"
-#include "accesstoken_common_log.h"
-#include "access_token_error.h"
-#include "ipc_skeleton.h"
-#include "memory_guard.h"
-#include "string_ex.h"
-#include "tokenid_kit.h"
-#ifdef HICOLLIE_ENABLE
-#include "xcollie/xcollie.h"
-#endif // HICOLLIE_ENABLE
-
-namespace OHOS {
-namespace Security {
-namespace AccessToken {
-namespace {
-const std::string MANAGE_HAP_TOKENID_PERMISSION = "ohos.permission.MANAGE_HAP_TOKENID";
-static const int32_t DUMP_CAPACITY_SIZE = 2 * 1024 * 1000;
-static const int MAX_PERMISSION_SIZE = 1000;
-static const int32_t MAX_USER_POLICY_SIZE = 1024;
-const std::string GRANT_SENSITIVE_PERMISSIONS = "ohos.permission.GRANT_SENSITIVE_PERMISSIONS";
-const std::string REVOKE_SENSITIVE_PERMISSIONS = "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS";
-const std::string GET_SENSITIVE_PERMISSIONS = "ohos.permission.GET_SENSITIVE_PERMISSIONS";
-const std::string DISABLE_PERMISSION_DIALOG = "ohos.permission.DISABLE_PERMISSION_DIALOG";
-const std::string GRANT_SHORT_TERM_WRITE_MEDIAVIDEO = "ohos.permission.GRANT_SHORT_TERM_WRITE_MEDIAVIDEO";
-
-#ifdef HICOLLIE_ENABLE
-constexpr uint32_t TIMEOUT = 40; // 40s
-#endif // HICOLLIE_ENABLE
-}
-
-int32_t AccessTokenManagerStub::OnRemoteRequest(
-    uint32_t code, MessageParcel& data, MessageParcel& reply, MessageOption& option)
-{
-    MemoryGuard guard;
-
-    uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID();
-    LOGD(ATM_DOMAIN, ATM_TAG, "Code %{public}u token %{public}u", code, callingTokenID);
-    std::u16string descriptor = data.ReadInterfaceToken();
-    if (descriptor != IAccessTokenManager::GetDescriptor()) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Get unexpect descriptor: %{public}s", Str16ToStr8(descriptor).c_str());
-        return ERROR_IPC_REQUEST_FAIL;
-    }
-
-#ifdef HICOLLIE_ENABLE
-    std::string name = "AtmTimer";
-    int timerId = HiviewDFX::XCollie::GetInstance().SetTimer(name, TIMEOUT, nullptr, nullptr,
-        HiviewDFX::XCOLLIE_FLAG_LOG);
-#endif // HICOLLIE_ENABLE
-
-    auto itFunc = requestFuncMap_.find(code);
-    if (itFunc != requestFuncMap_.end()) {
-        auto requestFunc = itFunc->second;
-        if (requestFunc != nullptr) {
-            (this->*requestFunc)(data, reply);
-
-#ifdef HICOLLIE_ENABLE
-            HiviewDFX::XCollie::GetInstance().CancelTimer(timerId);
-#endif // HICOLLIE_ENABLE
-
-            return NO_ERROR;
-        }
-    }
-
-#ifdef HICOLLIE_ENABLE
-    HiviewDFX::XCollie::GetInstance().CancelTimer(timerId);
-#endif // HICOLLIE_ENABLE
-
-    return IPCObjectStub::OnRemoteRequest(code, data, reply, option); // when code invalid
-}
-
-void AccessTokenManagerStub::DeleteTokenInfoInner(MessageParcel& data, MessageParcel& reply)
-{
-    AccessTokenID callingTokenID = IPCSkeleton::GetCallingTokenID();
-    if (!IsPrivilegedCalling() &&
-        (VerifyAccessToken(callingTokenID, MANAGE_HAP_TOKENID_PERMISSION) == PERMISSION_DENIED)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingTokenID);
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed.");
-        return;
-    }
-    AccessTokenID tokenID = data.ReadUint32();
-    if (this->GetTokenType(tokenID) != TOKEN_HAP) {
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_PARAM_INVALID), "WriteInt32 failed.");
-        return;
-    }
-    int result = this->DeleteToken(tokenID);
-    IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed.");
-}
-
-void AccessTokenManagerStub::GetPermissionUsedTypeInner(MessageParcel& data, MessageParcel& reply)
-{
-    if (!IsNativeProcessCalling() && !IsPrivilegedCalling()) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID());
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(static_cast<int32_t>(PermUsedTypeEnum::INVALID_USED_TYPE)),
-            "WriteInt32 failed.");
-        return;
-    }
-    uint32_t tokenID;
-    if (!data.ReadUint32(tokenID)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Failed to read tokenID.");
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(static_cast<int32_t>(PermUsedTypeEnum::INVALID_USED_TYPE)),
-            "WriteInt32 failed.");
-        return;
-    }
-    std::string permissionName;
-    if (!data.ReadString(permissionName)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Failed to read permissionName.");
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(
-            static_cast<int32_t>(PermUsedTypeEnum::INVALID_USED_TYPE)), "WriteInt32 failed.");
-        return;
-    }
-    PermUsedTypeEnum result = this->GetPermissionUsedType(tokenID, permissionName);
-    int32_t type = static_cast<int32_t>(result);
-    IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(type), "WriteInt32 failed.");
-}
-
-void AccessTokenManagerStub::VerifyAccessTokenInner(MessageParcel& data, MessageParcel& reply)
-{
-    AccessTokenID tokenID = data.ReadUint32();
-    std::string permissionName = data.ReadString();
-    int result = this->VerifyAccessToken(tokenID, permissionName);
-    IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed.");
-}
-
-void AccessTokenManagerStub::VerifyAccessTokenWithListInner(MessageParcel& data, MessageParcel& reply)
-{
-    AccessTokenID tokenID;
-    IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, data.ReadUint32(tokenID), "ReadUint32 failed.");
-    
-    std::vector<std::string> permissionList;
-    IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, data.ReadStringVector(&permissionList), "ReadStringVector failed.");
-
-    std::vector<int32_t> permStateList;
-    this->VerifyAccessToken(tokenID, permissionList, permStateList);
-
-    IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32Vector(permStateList), "WriteInt32Vector failed.");
-}
-
-void AccessTokenManagerStub::GetDefPermissionInner(MessageParcel& data, MessageParcel& reply)
-{
-    std::string permissionName = data.ReadString();
-    PermissionDefParcel permissionDefParcel;
-    int result = this->GetDefPermission(permissionName, permissionDefParcel);
-    IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed.");
-    if (result != RET_SUCCESS) {
-        return;
-    }
-    IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-        reply.WriteParcelable(&permissionDefParcel), "Write PermissionDefParcel fail.");
-}
-
-void AccessTokenManagerStub::GetReqPermissionsInner(MessageParcel& data, MessageParcel& reply)
-{
-    unsigned int callingTokenID = IPCSkeleton::GetCallingTokenID();
-    if ((this->GetTokenType(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) {
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_NOT_SYSTEM_APP), "WriteInt32 failed.");
-        return;
-    }
-    if (!IsPrivilegedCalling() &&
-        VerifyAccessToken(callingTokenID, GET_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingTokenID);
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed.");
-        return;
-    }
-    
-    AccessTokenID tokenID = data.ReadUint32();
-    int isSystemGrant = data.ReadInt32();
-    std::vector<PermissionStatusParcel> permList;
-
-    int result = this->GetReqPermissions(tokenID, permList, isSystemGrant);
-    IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed.");
-    if (result != RET_SUCCESS) {
-        return;
-    }
-    LOGD(ATM_DOMAIN, ATM_TAG, "PermList size: %{public}zu", permList.size());
-    IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(permList.size()), "WriteInt32 failed.");
-    for (const auto& permDef : permList) {
-        IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteParcelable(&permDef), "WriteParcelable fail.");
-    }
-}
-
-void AccessTokenManagerStub::GetSelfPermissionsStateInner(MessageParcel& data, MessageParcel& reply)
-{
-    std::vector<PermissionListStateParcel> permList;
-    uint32_t size = 0;
-    if (!data.ReadUint32(size)) {
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(INVALID_OPER), "WriteInt32 failed.");
-        return;
-    }
-    LOGD(ATM_DOMAIN, ATM_TAG, "PermList size read from client data is %{public}d.", size);
-    if (size > MAX_PERMISSION_SIZE) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "PermList size %{public}d is invalid", size);
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(INVALID_OPER), "WriteInt32 failed.");
-        return;
-    }
-    for (uint32_t i = 0; i < size; i++) {
-        sptr<PermissionListStateParcel> permissionParcel = data.ReadParcelable<PermissionListStateParcel>();
-        if (permissionParcel != nullptr) {
-            permList.emplace_back(*permissionParcel);
-        }
-    }
-    PermissionGrantInfoParcel infoParcel;
-    PermissionOper result = this->GetSelfPermissionsState(permList, infoParcel);
-    IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed.");
-
-    IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteUint32(permList.size()), "WriteUint32 failed.");
-    for (const auto& perm : permList) {
-        IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteParcelable(&perm), "WriteParcelable failed.");
-    }
-    IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteParcelable(&infoParcel), "WriteParcelable failed.");
-}
-
-void AccessTokenManagerStub::GetPermissionsStatusInner(MessageParcel& data, MessageParcel& reply)
-{
-    unsigned int callingTokenID = IPCSkeleton::GetCallingTokenID();
-    if ((this->GetTokenType(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) {
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_NOT_SYSTEM_APP), "WriteInt32 failed.");
-        return;
-    }
-    if (!IsPrivilegedCalling() &&
-        VerifyAccessToken(callingTokenID, GET_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingTokenID);
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed.");
-        return;
-    }
-
-    AccessTokenID tokenID = data.ReadUint32();
-    std::vector<PermissionListStateParcel> permList;
-    uint32_t size = 0;
-    if (!data.ReadUint32(size)) {
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(INVALID_OPER), "WriteInt32 failed.");
-        return;
-    }
-    LOGD(ATM_DOMAIN, ATM_TAG, "PermList size read from client data is %{public}d.", size);
-    if (size > MAX_PERMISSION_SIZE) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "PermList size %{public}d is oversize", size);
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(INVALID_OPER), "WriteInt32 failed.");
-        return;
-    }
-    for (uint32_t i = 0; i < size; i++) {
-        sptr<PermissionListStateParcel> permissionParcel = data.ReadParcelable<PermissionListStateParcel>();
-        if (permissionParcel != nullptr) {
-            permList.emplace_back(*permissionParcel);
-        }
-    }
-    int32_t result = this->GetPermissionsStatus(tokenID, permList);
-
-    IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed.");
-    if (result != RET_SUCCESS) {
-        return;
-    }
-    IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteUint32(permList.size()), "WriteUint32 failed.");
-    for (const auto& perm : permList) {
-        IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteParcelable(&perm), "WriteParcelable failed.");
-    }
-}
-
-void AccessTokenManagerStub::GetPermissionFlagInner(MessageParcel& data, MessageParcel& reply)
-{
-    unsigned int callingTokenID = IPCSkeleton::GetCallingTokenID();
-    if ((this->GetTokenType(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) {
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_NOT_SYSTEM_APP), "WriteInt32 failed.");
-        return;
-    }
-    AccessTokenID tokenID = data.ReadUint32();
-    std::string permissionName = data.ReadString();
-    if (!IsPrivilegedCalling() &&
-        VerifyAccessToken(callingTokenID, GRANT_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED &&
-        VerifyAccessToken(callingTokenID, REVOKE_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED &&
-        VerifyAccessToken(callingTokenID, GET_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingTokenID);
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed.");
-        return;
-    }
-    uint32_t flag;
-    int result = this->GetPermissionFlag(tokenID, permissionName, flag);
-    IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed.");
-    if (result != RET_SUCCESS) {
-        return;
-    }
-
-    IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteUint32(flag), "WriteUint32 failed.");
-}
-
-void AccessTokenManagerStub::SetPermissionRequestToggleStatusInner(MessageParcel& data, MessageParcel& reply)
-{
-    uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID();
-    if ((this->GetTokenType(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) {
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_NOT_SYSTEM_APP), "WriteInt32 failed.");
-        return;
-    }
-
-    std::string permissionName = data.ReadString();
-    uint32_t status = data.ReadUint32();
-    int32_t userID = data.ReadInt32();
-    if (!IsPrivilegedCalling() && VerifyAccessToken(callingTokenID, DISABLE_PERMISSION_DIALOG) == PERMISSION_DENIED) {
-        HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "PERMISSION_VERIFY_REPORT",
-            HiviewDFX::HiSysEvent::EventType::SECURITY, "CODE", VERIFY_PERMISSION_ERROR, "CALLER_TOKENID",
-            callingTokenID, "PERMISSION_NAME", permissionName, "INTERFACE", "SetToggleStatus");
-        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d).", callingTokenID);
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed.");
-        return;
-    }
-    int32_t result = this->SetPermissionRequestToggleStatus(permissionName, status, userID);
-    IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed.");
-}
-
-void AccessTokenManagerStub::GetPermissionRequestToggleStatusInner(MessageParcel& data, MessageParcel& reply)
-{
-    uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID();
-    if ((this->GetTokenType(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) {
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_NOT_SYSTEM_APP), "WriteInt32 failed.");
-        return;
-    }
-
-    std::string permissionName = data.ReadString();
-    int32_t userID = data.ReadInt32();
-    if (!IsShellProcessCalling() && !IsPrivilegedCalling() &&
-        VerifyAccessToken(callingTokenID, GET_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) {
-        HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "PERMISSION_VERIFY_REPORT",
-            HiviewDFX::HiSysEvent::EventType::SECURITY, "CODE", VERIFY_PERMISSION_ERROR, "CALLER_TOKENID",
-            callingTokenID, "PERMISSION_NAME", permissionName, "INTERFACE", "GetToggleStatus");
-        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d).", callingTokenID);
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed.");
-        return;
-    }
-    uint32_t status;
-    int32_t result = this->GetPermissionRequestToggleStatus(permissionName, status, userID);
-    IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed.");
-    if (result != RET_SUCCESS) {
-        return;
-    }
-    IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(status), "WriteInt32 failed.");
-}
-
-void AccessTokenManagerStub::RequestAppPermOnSettingInner(MessageParcel& data, MessageParcel& reply)
-{
-    if (!IsSystemAppCalling()) {
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_NOT_SYSTEM_APP), "WriteInt32 failed.");
-        return;
-    }
-
-    AccessTokenID tokenID;
-    IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, data.ReadUint32(tokenID), "ReadUint32 failed.");
-
-    int result = this->RequestAppPermOnSetting(tokenID);
-    IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed.");
-}
-
-void AccessTokenManagerStub::GrantPermissionInner(MessageParcel& data, MessageParcel& reply)
-{
-    unsigned int callingTokenID = IPCSkeleton::GetCallingTokenID();
-    if ((this->GetTokenType(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) {
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_NOT_SYSTEM_APP), "WriteInt32 failed.");
-        return;
-    }
-    AccessTokenID tokenID = data.ReadUint32();
-    std::string permissionName = data.ReadString();
-    uint32_t flag = data.ReadUint32();
-    if (!IsPrivilegedCalling() &&
-        VerifyAccessToken(callingTokenID, GRANT_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) {
-        HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "PERMISSION_VERIFY_REPORT",
-            HiviewDFX::HiSysEvent::EventType::SECURITY, "CODE", VERIFY_PERMISSION_ERROR,
-            "CALLER_TOKENID", callingTokenID, "PERMISSION_NAME", permissionName);
-        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingTokenID);
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed.");
-        return;
-    }
-    int result = this->GrantPermission(tokenID, permissionName, flag);
-    IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed.");
-}
-
-void AccessTokenManagerStub::RevokePermissionInner(MessageParcel& data, MessageParcel& reply)
-{
-    unsigned int callingTokenID = IPCSkeleton::GetCallingTokenID();
-    if ((this->GetTokenType(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) {
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_NOT_SYSTEM_APP), "WriteInt32 failed.");
-        return;
-    }
-    AccessTokenID tokenID = data.ReadUint32();
-    std::string permissionName = data.ReadString();
-    uint32_t flag = data.ReadUint32();
-    if (!IsPrivilegedCalling() &&
-        VerifyAccessToken(callingTokenID, REVOKE_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) {
-        HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "PERMISSION_VERIFY_REPORT",
-            HiviewDFX::HiSysEvent::EventType::SECURITY, "CODE", VERIFY_PERMISSION_ERROR,
-            "CALLER_TOKENID", callingTokenID, "PERMISSION_NAME", permissionName);
-        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingTokenID);
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed.");
-        return;
-    }
-    int result = this->RevokePermission(tokenID, permissionName, flag);
-    IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed.");
-}
-
-void AccessTokenManagerStub::GrantPermissionForSpecifiedTimeInner(MessageParcel& data, MessageParcel& reply)
-{
-    unsigned int callingTokenID = IPCSkeleton::GetCallingTokenID();
-    if ((this->GetTokenType(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) {
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_NOT_SYSTEM_APP), "WriteInt32 failed.");
-        return;
-    }
-    AccessTokenID tokenID = data.ReadUint32();
-    std::string permissionName = data.ReadString();
-    uint32_t onceTime = data.ReadUint32();
-    if (!IsPrivilegedCalling() &&
-        VerifyAccessToken(callingTokenID, GRANT_SHORT_TERM_WRITE_MEDIAVIDEO) == PERMISSION_DENIED) {
-        HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "PERMISSION_VERIFY_REPORT",
-            HiviewDFX::HiSysEvent::EventType::SECURITY, "CODE", VERIFY_PERMISSION_ERROR,
-            "CALLER_TOKENID", callingTokenID, "PERMISSION_NAME", permissionName);
-        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingTokenID);
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed.");
-        return;
-    }
-    int result = this->GrantPermissionForSpecifiedTime(tokenID, permissionName, onceTime);
-    IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed.");
-}
-
-void AccessTokenManagerStub::ClearUserGrantedPermissionStateInner(MessageParcel& data, MessageParcel& reply)
-{
-    uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID();
-    if (!IsPrivilegedCalling() &&
-        VerifyAccessToken(callingTokenID, REVOKE_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) {
-        HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "PERMISSION_VERIFY_REPORT",
-            HiviewDFX::HiSysEvent::EventType::SECURITY, "CODE", VERIFY_PERMISSION_ERROR,
-            "CALLER_TOKENID", callingTokenID);
-        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingTokenID);
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed.");
-        return;
-    }
-    AccessTokenID tokenID = data.ReadUint32();
-    int result = this->ClearUserGrantedPermissionState(tokenID);
-    IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed.");
-}
-
-void AccessTokenManagerStub::AllocHapTokenInner(MessageParcel& data, MessageParcel& reply)
-{
-    AccessTokenIDEx res = {0};
-    AccessTokenID tokenID = IPCSkeleton::GetCallingTokenID();
-    if (!IsPrivilegedCalling() &&
-        (VerifyAccessToken(tokenID, MANAGE_HAP_TOKENID_PERMISSION) == PERMISSION_DENIED)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", tokenID);
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed.");
-        return;
-    }
-
-    sptr<HapInfoParcel> hapInfoParcel = data.ReadParcelable<HapInfoParcel>();
-    sptr<HapPolicyParcel> hapPolicyParcel = data.ReadParcelable<HapPolicyParcel>();
-    if (hapInfoParcel == nullptr || hapPolicyParcel == nullptr) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Read hapPolicyParcel or hapInfoParcel fail");
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_READ_PARCEL_FAILED), "WriteInt32 failed.");
-        return;
-    }
-    res = this->AllocHapToken(*hapInfoParcel, *hapPolicyParcel);
-    reply.WriteUint64(res.tokenIDEx);
-}
-
-void AccessTokenManagerStub::InitHapTokenInner(MessageParcel& data, MessageParcel& reply)
-{
-    AccessTokenID tokenID = IPCSkeleton::GetCallingTokenID();
-    if (!IsPrivilegedCalling() &&
-        (VerifyAccessToken(tokenID, MANAGE_HAP_TOKENID_PERMISSION) == PERMISSION_DENIED)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", tokenID);
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed.");
-        return;
-    }
-
-    sptr<HapInfoParcel> hapInfoParcel = data.ReadParcelable<HapInfoParcel>();
-    sptr<HapPolicyParcel> hapPolicyParcel = data.ReadParcelable<HapPolicyParcel>();
-    if (hapInfoParcel == nullptr || hapPolicyParcel == nullptr) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Read hapPolicyParcel or hapInfoParcel fail");
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_READ_PARCEL_FAILED), "WriteInt32 failed.");
-        return;
-    }
-    int32_t res;
-    AccessTokenIDEx fullTokenId = { 0 };
-    HapInfoCheckResult result;
-    res = this->InitHapToken(*hapInfoParcel, *hapPolicyParcel, fullTokenId, result);
-    if (!reply.WriteInt32(res)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteInt32 fail");
-    }
-
-    if (res != RET_SUCCESS) {
-        if (!result.permCheckResult.permissionName.empty()) {
-            IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG,
-                reply.WriteString(result.permCheckResult.permissionName), "WriteString failed.");
-            IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG,
-                reply.WriteInt32(result.permCheckResult.rule),  "WriteInt32 failed.");
-        }
-        LOGE(ATM_DOMAIN, ATM_TAG, "Res error %{public}d.", res);
-        return;
-    }
-    IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteUint64(fullTokenId.tokenIDEx), "WriteUint64 failed.");
-}
-
-void AccessTokenManagerStub::GetTokenTypeInner(MessageParcel& data, MessageParcel& reply)
-{
-    AccessTokenID tokenID = data.ReadUint32();
-    int result = this->GetTokenType(tokenID);
-    IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed.");
-}
-
-void AccessTokenManagerStub::GetHapTokenIDInner(MessageParcel& data, MessageParcel& reply)
-{
-    if (!IsNativeProcessCalling() && !IsPrivilegedCalling()) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID());
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(INVALID_TOKENID), "WriteInt32 failed.");
-        return;
-    }
-    int userID = data.ReadInt32();
-    std::string bundleName = data.ReadString();
-    int instIndex = data.ReadInt32();
-    AccessTokenIDEx tokenIdEx = this->GetHapTokenID(userID, bundleName, instIndex);
-    IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteUint64(tokenIdEx.tokenIDEx), "WriteUint64 failed.");
-}
-
-void AccessTokenManagerStub::AllocLocalTokenIDInner(MessageParcel& data, MessageParcel& reply)
-{
-    if ((!IsNativeProcessCalling()) && !IsPrivilegedCalling()) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID());
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(INVALID_TOKENID), "WriteInt32 failed.");
-        return;
-    }
-    std::string remoteDeviceID = data.ReadString();
-    AccessTokenID remoteTokenID = data.ReadUint32();
-    AccessTokenID result = this->AllocLocalTokenID(remoteDeviceID, remoteTokenID);
-    IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteUint32(result), "WriteUint32 failed.");
-}
-
-void AccessTokenManagerStub::UpdateHapTokenInner(MessageParcel& data, MessageParcel& reply)
-{
-    AccessTokenID callingTokenID = IPCSkeleton::GetCallingTokenID();
-    if (!IsPrivilegedCalling() &&
-        (VerifyAccessToken(callingTokenID, MANAGE_HAP_TOKENID_PERMISSION) == PERMISSION_DENIED)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingTokenID);
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed.");
-        return;
-    }
-    UpdateHapInfoParams info;
-    AccessTokenID tokenID = data.ReadUint32();
-    info.isSystemApp = data.ReadBool();
-    info.appIDDesc = data.ReadString();
-    info.apiVersion = data.ReadInt32();
-    info.appDistributionType = data.ReadString();
-    AccessTokenIDEx tokenIdEx;
-    tokenIdEx.tokenIdExStruct.tokenID = tokenID;
-    sptr<HapPolicyParcel> policyParcel = data.ReadParcelable<HapPolicyParcel>();
-    if (policyParcel == nullptr) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "PolicyParcel read faild");
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_READ_PARCEL_FAILED), "WriteInt32 failed.");
-        return;
-    }
-    HapInfoCheckResult resultInfo;
-    int32_t result = this->UpdateHapToken(tokenIdEx, info, *policyParcel, resultInfo);
-    IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed.");
-    IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-        reply.WriteUint32(tokenIdEx.tokenIdExStruct.tokenAttr), "WriteUint32 failed.");
-    if (result != RET_SUCCESS) {
-        if (!resultInfo.permCheckResult.permissionName.empty()) {
-            IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG,
-                reply.WriteString(resultInfo.permCheckResult.permissionName), "WriteString failed.");
-            IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG,
-                reply.WriteInt32(resultInfo.permCheckResult.rule),  "WriteInt32 failed.");
-        }
-        LOGE(ATM_DOMAIN, ATM_TAG, "Res error %{public}d", result);
-        return;
-    }
-}
-
-void AccessTokenManagerStub::GetTokenIDByUserIDInner(MessageParcel& data, MessageParcel& reply)
-{
-    if (!IsNativeProcessCalling()) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID());
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed.");
-        return;
-    }
-    std::unordered_set<AccessTokenID> tokenIdList;
-    int32_t userID = 0;
-    if (!data.ReadInt32(userID)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Failed to read userId.");
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_READ_PARCEL_FAILED), "WriteInt32 failed.");
-        return;
-    }
-    int32_t result = this->GetTokenIDByUserID(userID, tokenIdList);
-    IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed.");
-    if (result != RET_SUCCESS) {
-        return;
-    }
-    IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteUint32(tokenIdList.size()), "WriteUint32 failed.");
-    for (const auto& tokenId : tokenIdList) {
-        IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteUint32(tokenId), "WriteUint32 failed.");
-    }
-}
-
-void AccessTokenManagerStub::GetHapTokenInfoInner(MessageParcel& data, MessageParcel& reply)
-{
-    if (!IsNativeProcessCalling() && !IsPrivilegedCalling()) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID());
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed.");
-        return;
-    }
-    HapTokenInfoParcel hapTokenInfoParcel;
-    AccessTokenID tokenID = data.ReadUint32();
-    int result = this->GetHapTokenInfo(tokenID, hapTokenInfoParcel);
-    IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed.");
-    if (result != RET_SUCCESS) {
-        return;
-    }
-    IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteParcelable(&hapTokenInfoParcel), "Write parcel failed.");
-}
-
-void AccessTokenManagerStub::GetHapTokenInfoExtensionInner(MessageParcel& data, MessageParcel& reply)
-{
-    if (!IsNativeProcessCalling() && !IsPrivilegedCalling()) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID());
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed.");
-        return;
-    }
-    HapTokenInfoParcel hapTokenInfoParcel;
-    std::string appID;
-    AccessTokenID tokenID = data.ReadUint32();
-    int result = this->GetHapTokenInfoExtension(tokenID, hapTokenInfoParcel, appID);
-    IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed.");
-    if (result != RET_SUCCESS) {
-        return;
-    }
-    IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteParcelable(&hapTokenInfoParcel), "Write parcel failed.");
-    IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteString(appID), "Write string failed.");
-}
-
-void AccessTokenManagerStub::GetNativeTokenInfoInner(MessageParcel& data, MessageParcel& reply)
-{
-    if (!IsNativeProcessCalling() && !IsPrivilegedCalling()) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d).", IPCSkeleton::GetCallingTokenID());
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed.");
-        return;
-    }
-    AccessTokenID tokenID = data.ReadUint32();
-    NativeTokenInfoParcel nativeTokenInfoParcel;
-    int result = this->GetNativeTokenInfo(tokenID, nativeTokenInfoParcel);
-    IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed.");
-    if (result != RET_SUCCESS) {
-        return;
-    }
-    IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteParcelable(&nativeTokenInfoParcel), "WriteInt32 failed.");
-}
-
-void AccessTokenManagerStub::RegisterPermStateChangeCallbackInner(MessageParcel& data, MessageParcel& reply)
-{
-    uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID();
-    if ((this->GetTokenType(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) {
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_NOT_SYSTEM_APP), "WriteInt32 failed.");
-        return;
-    }
-    if (VerifyAccessToken(callingTokenID, GET_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingTokenID);
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed.");
-        return;
-    }
-    sptr<PermStateChangeScopeParcel> scopeParcel = data.ReadParcelable<PermStateChangeScopeParcel>();
-    if (scopeParcel == nullptr) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Read scopeParcel fail");
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_READ_PARCEL_FAILED), "WriteInt32 failed.");
-        return;
-    }
-    sptr<IRemoteObject> callback = data.ReadRemoteObject();
-    if (callback == nullptr) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Read callback fail");
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_READ_PARCEL_FAILED), "WriteInt32 failed.");
-        return;
-    }
-    int32_t result = this->RegisterPermStateChangeCallback(*scopeParcel, callback);
-    IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed.");
-}
-
-void AccessTokenManagerStub::UnRegisterPermStateChangeCallbackInner(MessageParcel& data, MessageParcel& reply)
-{
-    uint32_t callingToken = IPCSkeleton::GetCallingTokenID();
-    if ((this->GetTokenType(callingToken) == TOKEN_HAP) && (!IsSystemAppCalling())) {
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_NOT_SYSTEM_APP), "WriteInt32 failed.");
-        return;
-    }
-    if (VerifyAccessToken(callingToken, GET_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingToken);
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed.");
-        return;
-    }
-    sptr<IRemoteObject> callback = data.ReadRemoteObject();
-    if (callback == nullptr) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Read callback fail");
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_READ_PARCEL_FAILED), "WriteInt32 failed.");
-        return;
-    }
-    int32_t result = this->UnRegisterPermStateChangeCallback(callback);
-    IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed.");
-}
-
-void AccessTokenManagerStub::RegisterSelfPermStateChangeCallbackInner(MessageParcel& data, MessageParcel& reply)
-{
-    uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID();
-    if (this->GetTokenType(callingTokenID) != TOKEN_HAP) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "TokenID is not hap.");
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_PARAM_INVALID), "WriteInt32 failed.");
-        return;
-    }
-    sptr<PermStateChangeScopeParcel> scopeParcel = data.ReadParcelable<PermStateChangeScopeParcel>();
-    if (scopeParcel == nullptr) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Read scopeParcel fail");
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_READ_PARCEL_FAILED), "WriteInt32 failed.");
-        return;
-    }
-    sptr<IRemoteObject> callback = data.ReadRemoteObject();
-    if (callback == nullptr) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Read callback fail");
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_READ_PARCEL_FAILED), "WriteInt32 failed.");
-        return;
-    }
-    int32_t result = this->RegisterSelfPermStateChangeCallback(*scopeParcel, callback);
-    IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed.");
-}
-
-void AccessTokenManagerStub::UnRegisterSelfPermStateChangeCallbackInner(MessageParcel& data, MessageParcel& reply)
-{
-    uint32_t callingToken = IPCSkeleton::GetCallingTokenID();
-    if (this->GetTokenType(callingToken) != TOKEN_HAP) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "TokenID is not hap.");
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_PARAM_INVALID), "WriteInt32 failed.");
-        return;
-    }
-    sptr<IRemoteObject> callback = data.ReadRemoteObject();
-    if (callback == nullptr) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Read callback fail");
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_READ_PARCEL_FAILED), "WriteInt32 failed.");
-        return;
-    }
-    int32_t result = this->UnRegisterSelfPermStateChangeCallback(callback);
-    IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed.");
-}
-
-#ifndef ATM_BUILD_VARIANT_USER_ENABLE
-void AccessTokenManagerStub::ReloadNativeTokenInfoInner(MessageParcel& data, MessageParcel& reply)
-{
-    if (!IsPrivilegedCalling()) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID());
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteUint32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed.");
-        return;
-    }
-    int32_t result = this->ReloadNativeTokenInfo();
-    IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed.");
-}
-#endif
-
-void AccessTokenManagerStub::GetNativeTokenIdInner(MessageParcel& data, MessageParcel& reply)
-{
-    if (!IsNativeProcessCalling() && !IsPrivilegedCalling()) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID());
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteUint32(INVALID_TOKENID), "WriteUint32 failed.");
-        return;
-    }
-    std::string processName;
-    if (!data.ReadString(processName)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "ReadString fail, processName=%{public}s", processName.c_str());
-        return;
-    }
-    AccessTokenID result = this->GetNativeTokenId(processName);
-    IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed.");
-}
-
-void AccessTokenManagerStub::GetKernelPermissionsInner(MessageParcel& data, MessageParcel& reply)
-{
-    auto callingToken = IPCSkeleton::GetCallingTokenID();
-    if (!IsNativeProcessCalling() && !IsPrivilegedCalling()) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingToken);
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteUint32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteUint32 failed.");
-        return;
-    }
-
-    AccessTokenID tokenID;
-    IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, data.ReadUint32(tokenID), "ReadUint32 failed.");
-    std::vector<PermissionWithValue> kernelPermList;
-    int32_t result = this->GetKernelPermissions(tokenID, kernelPermList);
-    IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed.");
-    if (result != RET_SUCCESS) {
-        return;
-    }
-    IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteUint32(kernelPermList.size()), "WriteUint32 failed.");
-    for (const auto& perm : kernelPermList) {
-        IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteString(perm.permissionName), "WriteString failed.");
-        IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteString(perm.value), "WriteString failed.");
-    }
-}
-
-void AccessTokenManagerStub::GetReqPermissionByNameInner(MessageParcel& data, MessageParcel& reply)
-{
-    if (!IsNativeProcessCalling() && !IsPrivilegedCalling()) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID());
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteUint32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteUint32 failed.");
-        return;
-    }
-
-    AccessTokenID tokenID;
-    IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, data.ReadUint32(tokenID), "ReadUint32 failed.");
-    std::string permissionName;
-    IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, data.ReadString(permissionName), "ReadUint32 failed.");
-    std::string resultValue;
-    int32_t result = this->GetReqPermissionByName(tokenID, permissionName, resultValue);
-    IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed.");
-    if (result != RET_SUCCESS) {
-        return;
-    }
-    IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteString(resultValue), "WriteString failed.");
-}
-
-#ifdef TOKEN_SYNC_ENABLE
-void AccessTokenManagerStub::GetHapTokenInfoFromRemoteInner(MessageParcel& data, MessageParcel& reply)
-{
-    if (!IsAccessTokenCalling()) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID());
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed.");
-        return;
-    }
-    AccessTokenID tokenID = data.ReadUint32();
-    HapTokenInfoForSyncParcel hapTokenParcel;
-
-    int result = this->GetHapTokenInfoFromRemote(tokenID, hapTokenParcel);
-    IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed.");
-    if (result != RET_SUCCESS) {
-        return;
-    }
-    IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteParcelable(&hapTokenParcel), "WriteParcelable failed.");
-}
-
-void AccessTokenManagerStub::SetRemoteHapTokenInfoInner(MessageParcel& data, MessageParcel& reply)
-{
-    if (!IsAccessTokenCalling()) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID());
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed.");
-        return;
-    }
-    std::string deviceID = data.ReadString();
-    sptr<HapTokenInfoForSyncParcel> hapTokenParcel = data.ReadParcelable<HapTokenInfoForSyncParcel>();
-    if (hapTokenParcel == nullptr) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "HapTokenParcel read faild");
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_READ_PARCEL_FAILED), "WriteInt32 failed.");
-        return;
-    }
-    int result = this->SetRemoteHapTokenInfo(deviceID, *hapTokenParcel);
-    IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed.");
-}
-
-void AccessTokenManagerStub::DeleteRemoteTokenInner(MessageParcel& data, MessageParcel& reply)
-{
-    if (!IsAccessTokenCalling()) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID());
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed.");
-        return;
-    }
-    std::string deviceID = data.ReadString();
-    AccessTokenID tokenID = data.ReadUint32();
-
-    int result = this->DeleteRemoteToken(deviceID, tokenID);
-    IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed.");
-}
-
-void AccessTokenManagerStub::GetRemoteNativeTokenIDInner(MessageParcel& data, MessageParcel& reply)
-{
-    if (!IsAccessTokenCalling()) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID());
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(INVALID_TOKENID), "WriteInt32 failed.");
-        return;
-    }
-    std::string deviceID = data.ReadString();
-    AccessTokenID tokenID = data.ReadUint32();
-
-    AccessTokenID result = this->GetRemoteNativeTokenID(deviceID, tokenID);
-    IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed.");
-}
-
-void AccessTokenManagerStub::DeleteRemoteDeviceTokensInner(MessageParcel& data, MessageParcel& reply)
-{
-    if (!IsAccessTokenCalling()) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID());
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed.");
-        return;
-    }
-    std::string deviceID = data.ReadString();
-
-    int result = this->DeleteRemoteDeviceTokens(deviceID);
-    IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed.");
-}
-
-void AccessTokenManagerStub::RegisterTokenSyncCallbackInner(MessageParcel& data, MessageParcel& reply)
-{
-    if (!IsAccessTokenCalling()) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied, tokenID=%{public}d", IPCSkeleton::GetCallingTokenID());
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed.");
-        return;
-    }
-
-    sptr<IRemoteObject> callback = data.ReadRemoteObject();
-    if (callback == nullptr) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Callback read failed.");
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_READ_PARCEL_FAILED), "WriteInt32 failed.");
-        return;
-    }
-    int32_t result = this->RegisterTokenSyncCallback(callback);
-    IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed.");
-}
-
-void AccessTokenManagerStub::UnRegisterTokenSyncCallbackInner(MessageParcel& data, MessageParcel& reply)
-{
-    if (!IsAccessTokenCalling()) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied, tokenID=%{public}d", IPCSkeleton::GetCallingTokenID());
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed.");
-        return;
-    }
-
-    int32_t result = this->UnRegisterTokenSyncCallback();
-    IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed.");
-}
-#endif
-
-void AccessTokenManagerStub::GetVersionInner(MessageParcel& data, MessageParcel& reply)
-{
-    uint32_t callingToken = IPCSkeleton::GetCallingTokenID();
-    if ((this->GetTokenType(callingToken) == TOKEN_HAP) && (!IsSystemAppCalling())) {
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_NOT_SYSTEM_APP), "WriteInt32 failed.");
-        return;
-    }
-    uint32_t version;
-    int32_t result = this->GetVersion(version);
-    IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed.");
-    if (result != RET_SUCCESS) {
-        return;
-    }
-    IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteUint32(version), "WriteUint32 failed.");
-}
-
-void AccessTokenManagerStub::DumpTokenInfoInner(MessageParcel& data, MessageParcel& reply)
-{
-    if (!IsShellProcessCalling()) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID());
-        reply.WriteString("");
-        return;
-    }
-    sptr<AtmToolsParamInfoParcel> infoParcel = data.ReadParcelable<AtmToolsParamInfoParcel>();
-    if (infoParcel == nullptr) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Read infoParcel fail");
-        reply.WriteString("read infoParcel fail");
-        return;
-    }
-    std::string dumpInfo = "";
-    this->DumpTokenInfo(*infoParcel, dumpInfo);
-    if (!reply.SetDataCapacity(DUMP_CAPACITY_SIZE)) {
-        LOGW(ATM_DOMAIN, ATM_TAG, "SetDataCapacity failed");
-    }
-    if (!reply.WriteString(dumpInfo)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "WriteString failed");
-    }
-}
-
-void AccessTokenManagerStub::SetPermDialogCapInner(MessageParcel& data, MessageParcel& reply)
-{
-    uint32_t callingToken = IPCSkeleton::GetCallingTokenID();
-    if (VerifyAccessToken(callingToken, DISABLE_PERMISSION_DIALOG) == PERMISSION_DENIED) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingToken);
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed.");
-        return;
-    }
-
-    sptr<HapBaseInfoParcel> hapBaseInfoParcel = data.ReadParcelable<HapBaseInfoParcel>();
-    if (hapBaseInfoParcel == nullptr) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Read hapBaseInfoParcel fail");
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_READ_PARCEL_FAILED), "WriteInt32 failed.");
-        return;
-    }
-    bool enable = data.ReadBool();
-    int32_t res = this->SetPermDialogCap(*hapBaseInfoParcel, enable);
-    IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(res), "WriteInt32 failed.");
-}
-
-void AccessTokenManagerStub::GetPermissionManagerInfoInner(MessageParcel& data, MessageParcel& reply)
-{
-    PermissionGrantInfoParcel infoParcel;
-    this->GetPermissionManagerInfo(infoParcel);
-    IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteParcelable(&infoParcel), "WriteParcelable failed.");
-}
-
-void AccessTokenManagerStub::InitUserPolicyInner(MessageParcel& data, MessageParcel& reply)
-{
-    uint32_t callingToken = IPCSkeleton::GetCallingTokenID();
-    if (VerifyAccessToken(callingToken, GET_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingToken);
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed.");
-        return;
-    }
-    std::vector<UserState> userList;
-    std::vector<std::string> permList;
-    uint32_t userSize = data.ReadUint32();
-    uint32_t permSize = data.ReadUint32();
-    if ((userSize > MAX_USER_POLICY_SIZE) || (permSize > MAX_USER_POLICY_SIZE)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Size %{public}u is invalid", userSize);
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_OVERSIZE), "WriteParcelable failed.");
-        return;
-    }
-    for (uint32_t i = 0; i < userSize; i++) {
-        UserState userInfo;
-        if (!data.ReadInt32(userInfo.userId)) {
-            LOGE(ATM_DOMAIN, ATM_TAG, "Failed to read userId.");
-            IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-                reply.WriteInt32(AccessTokenError::ERR_READ_PARCEL_FAILED), "WriteInt32 failed.");
-            return;
-        }
-        if (!data.ReadBool(userInfo.isActive)) {
-            LOGE(ATM_DOMAIN, ATM_TAG, "Failed to read isActive.");
-            IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-                reply.WriteInt32(AccessTokenError::ERR_READ_PARCEL_FAILED), "WriteInt32 failed.");
-            return;
-        }
-        userList.emplace_back(userInfo);
-    }
-    for (uint32_t i = 0; i < permSize; i++) {
-        std::string permission;
-        if (!data.ReadString(permission)) {
-            LOGE(ATM_DOMAIN, ATM_TAG, "Failed to read permission.");
-            IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-                reply.WriteInt32(AccessTokenError::ERR_READ_PARCEL_FAILED), "WriteInt32 failed.");
-            return;
-        }
-        permList.emplace_back(permission);
-    }
-    int32_t res = this->InitUserPolicy(userList, permList);
-    IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(res), "WriteInt32 failed.");
-}
-
-void AccessTokenManagerStub::UpdateUserPolicyInner(MessageParcel& data, MessageParcel& reply)
-{
-    uint32_t callingToken = IPCSkeleton::GetCallingTokenID();
-    if (VerifyAccessToken(callingToken, GET_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingToken);
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed.");
-        return;
-    }
-    std::vector<UserState> userList;
-    uint32_t userSize = data.ReadUint32();
-    if (userSize > MAX_USER_POLICY_SIZE) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Size %{public}u is invalid", userSize);
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(AccessTokenError::ERR_OVERSIZE), "WriteInt32 failed.");
-        return;
-    }
-    for (uint32_t i = 0; i < userSize; i++) {
-        UserState userInfo;
-        if (!data.ReadInt32(userInfo.userId)) {
-            LOGE(ATM_DOMAIN, ATM_TAG, "Failed to read userId.");
-            IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-                reply.WriteInt32(AccessTokenError::ERR_READ_PARCEL_FAILED), "WriteInt32 failed.");
-            return;
-        }
-        if (!data.ReadBool(userInfo.isActive)) {
-            LOGE(ATM_DOMAIN, ATM_TAG, "Failed to read isActive.");
-            IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-                reply.WriteInt32(AccessTokenError::ERR_READ_PARCEL_FAILED), "WriteInt32 failed.");
-            return;
-        }
-        userList.emplace_back(userInfo);
-    }
-    int32_t res = this->UpdateUserPolicy(userList);
-    IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(res), "WriteInt32 failed.");
-}
-
-void AccessTokenManagerStub::ClearUserPolicyInner(MessageParcel& data, MessageParcel& reply)
-{
-    uint32_t callingToken = IPCSkeleton::GetCallingTokenID();
-    if (VerifyAccessToken(callingToken, GET_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingToken);
-        IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG,
-            reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed.");
-        return;
-    }
-
-    int32_t res = this->ClearUserPolicy();
-    IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(res), "WriteInt32 failed.");
-}
-
-bool AccessTokenManagerStub::IsPrivilegedCalling() const
-{
-    // shell process is root in debug mode.
-#ifndef ATM_BUILD_VARIANT_USER_ENABLE
-    int32_t callingUid = IPCSkeleton::GetCallingUid();
-    return callingUid == ROOT_UID;
-#else
-    return false;
-#endif
-}
-
-bool AccessTokenManagerStub::IsAccessTokenCalling()
-{
-    uint32_t tokenCaller = IPCSkeleton::GetCallingTokenID();
-    if (tokenSyncId_ == 0) {
-        tokenSyncId_ = this->GetNativeTokenId("token_sync_service");
-    }
-    return tokenCaller == tokenSyncId_;
-}
-
-bool AccessTokenManagerStub::IsNativeProcessCalling()
-{
-    AccessTokenID tokenCaller = IPCSkeleton::GetCallingTokenID();
-    return this->GetTokenType(tokenCaller) == TOKEN_NATIVE;
-}
-
-bool AccessTokenManagerStub::IsShellProcessCalling()
-{
-    AccessTokenID tokenCaller = IPCSkeleton::GetCallingTokenID();
-    return this->GetTokenType(tokenCaller) == TOKEN_SHELL;
-}
-
-bool AccessTokenManagerStub::IsSystemAppCalling() const
-{
-    uint64_t fullTokenId = IPCSkeleton::GetCallingFullTokenID();
-    return TokenIdKit::IsSystemAppByFullTokenID(fullTokenId);
-}
-
-#ifdef TOKEN_SYNC_ENABLE
-void AccessTokenManagerStub::SetTokenSyncFuncInMap()
-{
-    requestFuncMap_[static_cast<uint32_t>(AccessTokenInterfaceCode::GET_HAP_TOKEN_FROM_REMOTE)] =
-        &AccessTokenManagerStub::GetHapTokenInfoFromRemoteInner;
-    requestFuncMap_[static_cast<uint32_t>(AccessTokenInterfaceCode::SET_REMOTE_HAP_TOKEN_INFO)] =
-        &AccessTokenManagerStub::SetRemoteHapTokenInfoInner;
-    requestFuncMap_[static_cast<uint32_t>(AccessTokenInterfaceCode::DELETE_REMOTE_TOKEN_INFO)] =
-        &AccessTokenManagerStub::DeleteRemoteTokenInner;
-    requestFuncMap_[static_cast<uint32_t>(AccessTokenInterfaceCode::DELETE_REMOTE_DEVICE_TOKEN)] =
-        &AccessTokenManagerStub::DeleteRemoteDeviceTokensInner;
-    requestFuncMap_[static_cast<uint32_t>(AccessTokenInterfaceCode::GET_NATIVE_REMOTE_TOKEN)] =
-        &AccessTokenManagerStub::GetRemoteNativeTokenIDInner;
-    requestFuncMap_[static_cast<uint32_t>(AccessTokenInterfaceCode::REGISTER_TOKEN_SYNC_CALLBACK)] =
-        &AccessTokenManagerStub::RegisterTokenSyncCallbackInner;
-    requestFuncMap_[static_cast<uint32_t>(AccessTokenInterfaceCode::UNREGISTER_TOKEN_SYNC_CALLBACK)] =
-        &AccessTokenManagerStub::UnRegisterTokenSyncCallbackInner;
-}
-#endif
-
-void AccessTokenManagerStub::SetLocalTokenOpFuncInMap()
-{
-    requestFuncMap_[static_cast<uint32_t>(AccessTokenInterfaceCode::ALLOC_TOKEN_HAP)] =
-        &AccessTokenManagerStub::AllocHapTokenInner;
-    requestFuncMap_[static_cast<uint32_t>(AccessTokenInterfaceCode::INIT_TOKEN_HAP)] =
-        &AccessTokenManagerStub::InitHapTokenInner;
-    requestFuncMap_[static_cast<uint32_t>(AccessTokenInterfaceCode::TOKEN_DELETE)] =
-        &AccessTokenManagerStub::DeleteTokenInfoInner;
-    requestFuncMap_[static_cast<uint32_t>(AccessTokenInterfaceCode::GET_TOKEN_TYPE)] =
-        &AccessTokenManagerStub::GetTokenTypeInner;
-    requestFuncMap_[static_cast<uint32_t>(AccessTokenInterfaceCode::GET_HAP_TOKEN_ID)] =
-        &AccessTokenManagerStub::GetHapTokenIDInner;
-    requestFuncMap_[static_cast<uint32_t>(AccessTokenInterfaceCode::ALLOC_LOCAL_TOKEN_ID)] =
-        &AccessTokenManagerStub::AllocLocalTokenIDInner;
-    requestFuncMap_[static_cast<uint32_t>(AccessTokenInterfaceCode::GET_NATIVE_TOKENINFO)] =
-        &AccessTokenManagerStub::GetNativeTokenInfoInner;
-    requestFuncMap_[static_cast<uint32_t>(AccessTokenInterfaceCode::GET_TOKEN_ID_BY_USER_ID)] =
-        &AccessTokenManagerStub::GetTokenIDByUserIDInner;
-    requestFuncMap_[static_cast<uint32_t>(AccessTokenInterfaceCode::GET_HAP_TOKENINFO)] =
-        &AccessTokenManagerStub::GetHapTokenInfoInner;
-    requestFuncMap_[static_cast<uint32_t>(AccessTokenInterfaceCode::UPDATE_HAP_TOKEN)] =
-        &AccessTokenManagerStub::UpdateHapTokenInner;
-#ifndef ATM_BUILD_VARIANT_USER_ENABLE
-    requestFuncMap_[static_cast<uint32_t>(AccessTokenInterfaceCode::RELOAD_NATIVE_TOKEN_INFO)] =
-        &AccessTokenManagerStub::ReloadNativeTokenInfoInner;
-#endif
-    requestFuncMap_[static_cast<uint32_t>(AccessTokenInterfaceCode::GET_NATIVE_TOKEN_ID)] =
-        &AccessTokenManagerStub::GetNativeTokenIdInner;
-    requestFuncMap_[static_cast<uint32_t>(AccessTokenInterfaceCode::SET_PERM_DIALOG_CAPABILITY)] =
-        &AccessTokenManagerStub::SetPermDialogCapInner;
-    requestFuncMap_[static_cast<uint32_t>(AccessTokenInterfaceCode::GET_PERMISSION_MANAGER_INFO)] =
-        &AccessTokenManagerStub::GetPermissionManagerInfoInner;
-    requestFuncMap_[static_cast<uint32_t>(AccessTokenInterfaceCode::INIT_USER_POLICY)] =
-        &AccessTokenManagerStub::InitUserPolicyInner;
-    requestFuncMap_[static_cast<uint32_t>(AccessTokenInterfaceCode::UPDATE_USER_POLICY)] =
-        &AccessTokenManagerStub::UpdateUserPolicyInner;
-    requestFuncMap_[static_cast<uint32_t>(AccessTokenInterfaceCode::CLEAR_USER_POLICY)] =
-        &AccessTokenManagerStub::ClearUserPolicyInner;
-    requestFuncMap_[static_cast<uint32_t>(AccessTokenInterfaceCode::GET_HAP_TOKENINFO_EXT)] =
-        &AccessTokenManagerStub::GetHapTokenInfoExtensionInner;
-    requestFuncMap_[static_cast<uint32_t>(AccessTokenInterfaceCode::GET_KERNEL_PERMISSIONS)] =
-        &AccessTokenManagerStub::GetKernelPermissionsInner;
-    requestFuncMap_[static_cast<uint32_t>(AccessTokenInterfaceCode::GET_PERMISSION_BY_NAME)] =
-        &AccessTokenManagerStub::GetReqPermissionByNameInner;
-}
-
-void AccessTokenManagerStub::SetPermissionOpFuncInMap()
-{
-    requestFuncMap_[static_cast<uint32_t>(AccessTokenInterfaceCode::GET_USER_GRANTED_PERMISSION_USED_TYPE)] =
-        &AccessTokenManagerStub::GetPermissionUsedTypeInner;
-    requestFuncMap_[static_cast<uint32_t>(AccessTokenInterfaceCode::VERIFY_ACCESSTOKEN)] =
-        &AccessTokenManagerStub::VerifyAccessTokenInner;
-    requestFuncMap_[static_cast<uint32_t>(AccessTokenInterfaceCode::VERIFY_ACCESSTOKEN_WITH_LIST)] =
-        &AccessTokenManagerStub::VerifyAccessTokenWithListInner;
-    requestFuncMap_[static_cast<uint32_t>(AccessTokenInterfaceCode::GET_DEF_PERMISSION)] =
-        &AccessTokenManagerStub::GetDefPermissionInner;
-    requestFuncMap_[static_cast<uint32_t>(AccessTokenInterfaceCode::GET_REQ_PERMISSIONS)] =
-        &AccessTokenManagerStub::GetReqPermissionsInner;
-    requestFuncMap_[static_cast<uint32_t>(AccessTokenInterfaceCode::GET_PERMISSION_FLAG)] =
-        &AccessTokenManagerStub::GetPermissionFlagInner;
-    requestFuncMap_[static_cast<uint32_t>(AccessTokenInterfaceCode::GRANT_PERMISSION)] =
-        &AccessTokenManagerStub::GrantPermissionInner;
-    requestFuncMap_[static_cast<uint32_t>(AccessTokenInterfaceCode::REVOKE_PERMISSION)] =
-        &AccessTokenManagerStub::RevokePermissionInner;
-    requestFuncMap_[static_cast<uint32_t>(AccessTokenInterfaceCode::GRANT_PERMISSION_FOR_SPECIFIEDTIME)] =
-        &AccessTokenManagerStub::GrantPermissionForSpecifiedTimeInner;
-    requestFuncMap_[static_cast<uint32_t>(AccessTokenInterfaceCode::CLEAR_USER_GRANT_PERMISSION)] =
-        &AccessTokenManagerStub::ClearUserGrantedPermissionStateInner;
-    requestFuncMap_[static_cast<uint32_t>(AccessTokenInterfaceCode::GET_PERMISSION_OPER_STATE)] =
-        &AccessTokenManagerStub::GetSelfPermissionsStateInner;
-    requestFuncMap_[static_cast<uint32_t>(AccessTokenInterfaceCode::GET_PERMISSIONS_STATUS)] =
-        &AccessTokenManagerStub::GetPermissionsStatusInner;
-    requestFuncMap_[
-        static_cast<uint32_t>(AccessTokenInterfaceCode::REGISTER_PERM_STATE_CHANGE_CALLBACK)] =
-        &AccessTokenManagerStub::RegisterPermStateChangeCallbackInner;
-    requestFuncMap_[
-        static_cast<uint32_t>(AccessTokenInterfaceCode::UNREGISTER_PERM_STATE_CHANGE_CALLBACK)] =
-        &AccessTokenManagerStub::UnRegisterPermStateChangeCallbackInner;
-    requestFuncMap_[static_cast<uint32_t>(AccessTokenInterfaceCode::DUMP_TOKENINFO)] =
-        &AccessTokenManagerStub::DumpTokenInfoInner;
-    requestFuncMap_[static_cast<uint32_t>(AccessTokenInterfaceCode::GET_VERSION)] =
-        &AccessTokenManagerStub::GetVersionInner;
-    requestFuncMap_[static_cast<uint32_t>(AccessTokenInterfaceCode::SET_PERMISSION_REQUEST_TOGGLE_STATUS)] =
-        &AccessTokenManagerStub::SetPermissionRequestToggleStatusInner;
-    requestFuncMap_[static_cast<uint32_t>(AccessTokenInterfaceCode::GET_PERMISSION_REQUEST_TOGGLE_STATUS)] =
-        &AccessTokenManagerStub::GetPermissionRequestToggleStatusInner;
-    requestFuncMap_[
-        static_cast<uint32_t>(AccessTokenInterfaceCode::REGISTER_SELF_PERM_STATE_CHANGE_CALLBACK)] =
-        &AccessTokenManagerStub::RegisterSelfPermStateChangeCallbackInner;
-    requestFuncMap_[
-        static_cast<uint32_t>(AccessTokenInterfaceCode::UNREGISTER_SELF_PERM_STATE_CHANGE_CALLBACK)] =
-        &AccessTokenManagerStub::UnRegisterSelfPermStateChangeCallbackInner;
-    requestFuncMap_[static_cast<uint32_t>(AccessTokenInterfaceCode::REQUEST_APP_PERM_ON_SETTING)] =
-        &AccessTokenManagerStub::RequestAppPermOnSettingInner;
-}
-
-AccessTokenManagerStub::AccessTokenManagerStub()
-{
-    SetPermissionOpFuncInMap();
-    SetLocalTokenOpFuncInMap();
-#ifdef TOKEN_SYNC_ENABLE
-    SetTokenSyncFuncInMap();
-#endif
-}
-
-AccessTokenManagerStub::~AccessTokenManagerStub()
-{
-    requestFuncMap_.clear();
-}
-} // namespace AccessToken
-} // namespace Security
-} // namespace OHOS
diff --git a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp
index 49d0e91b868afbfa407a987b56d917935e7bdbd8..608bae333879d1b762b7bd7ae169f570786008db 100644
--- a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp
+++ b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp
@@ -17,6 +17,7 @@
 
 #include <cinttypes>
 #include <cstdint>
+#include <cstdio>
 #include <fcntl.h>
 #include <unistd.h>
 #include <securec.h>
@@ -56,6 +57,7 @@ namespace AccessToken {
 namespace {
 std::recursive_mutex g_instanceMutex;
 static const unsigned int SYSTEM_APP_FLAG = 0x0001;
+static const unsigned int ATOMIC_SERVICE_FLAG = 0x0002;
 static constexpr int32_t BASE_USER_RANGE = 200000;
 #ifdef TOKEN_SYNC_ENABLE
 static const int MAX_PTHREAD_NAME_LEN = 15; // pthread name max length
@@ -63,6 +65,7 @@ static const char* ACCESS_TOKEN_PACKAGE_NAME = "ohos.security.distributed_token_
 #endif
 static const char* DUMP_JSON_PATH = "/data/service/el1/public/access_token/nativetoken.log";
 static const char* SYSTEM_RESOURCE_BUNDLE_NAME = "ohos.global.systemres";
+constexpr uint64_t FD_TAG = 0xD005A01;
 }
 
 AccessTokenInfoManager::AccessTokenInfoManager() : hasInited_(false) {}
@@ -83,7 +86,7 @@ AccessTokenInfoManager::~AccessTokenInfoManager()
     this->hasInited_ = false;
 }
 
-void AccessTokenInfoManager::Init()
+void AccessTokenInfoManager::Init(uint32_t& hapSize, uint32_t& nativeSize, uint32_t& pefDefSize, uint32_t& dlpSize)
 {
     OHOS::Utils::UniqueWriteGuard<OHOS::Utils::RWLock> lk(this->managerLock_);
     if (hasInited_) {
@@ -103,23 +106,26 @@ void AccessTokenInfoManager::Init()
         ReportSysEventServiceStartError(
             INIT_NATIVE_TOKENINFO_ERROR, "GetAllNativeTokenInfo fail from native json.", ret);
     }
-    uint32_t hapSize = 0;
-    uint32_t nativeSize = tokenInfos.size();
-    InitHapTokenInfos(hapSize);
-    InitNativeTokenInfos(tokenInfos);
-    uint32_t pefDefSize = GetDefPermissionsSize();
-    ReportSysEventServiceStart(getpid(), hapSize, nativeSize, pefDefSize);
-    LOGI(ATM_DOMAIN, ATM_TAG, "InitTokenInfo end, hapSize %{public}d, nativeSize %{public}d, pefDefSize %{public}d.",
-        hapSize, nativeSize, pefDefSize);
 
 #ifdef SUPPORT_SANDBOX_APP
     std::vector<PermissionDlpMode> dlpPerms;
     ret = policy->GetDlpPermissions(dlpPerms);
+    dlpSize = dlpPerms.size();
     if (ret == RET_SUCCESS) {
-        LOGI(ATM_DOMAIN, ATM_TAG, "Load dlpPer size=%{public}zu.", dlpPerms.size());
+        LOGI(ATM_DOMAIN, ATM_TAG, "Load dlpPer size=%{public}u.", dlpSize);
         DlpPermissionSetManager::GetInstance().ProcessDlpPermInfos(dlpPerms);
     }
 #endif
+
+    InitHapTokenInfos(hapSize);
+    nativeSize = tokenInfos.size();
+    InitNativeTokenInfos(tokenInfos);
+    pefDefSize = GetDefPermissionsSize();
+
+    LOGI(ATM_DOMAIN, ATM_TAG,
+        "InitTokenInfo end, hapSize %{public}u, nativeSize %{public}u, pefDefSize %{public}u, dlpSize %{public}u.",
+        hapSize, nativeSize, pefDefSize, dlpSize);
+
     hasInited_ = true;
     LOGI(ATM_DOMAIN, ATM_TAG, "Init success");
 }
@@ -149,6 +155,57 @@ void AccessTokenInfoManager::InitDmCallback(void)
 }
 #endif
 
+int32_t AccessTokenInfoManager::AddHapInfoToCache(const GenericValues& tokenValue,
+    const std::vector<GenericValues>& permStateRes, const std::vector<GenericValues>& extendedPermRes)
+{
+    AccessTokenID tokenId = static_cast<AccessTokenID>(tokenValue.GetInt(TokenFiledConst::FIELD_TOKEN_ID));
+    std::string bundle = tokenValue.GetString(TokenFiledConst::FIELD_BUNDLE_NAME);
+    int result = AccessTokenIDManager::GetInstance().RegisterTokenId(tokenId, TOKEN_HAP);
+    if (result != RET_SUCCESS) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "TokenId %{public}u add id failed, error=%{public}d.", tokenId, result);
+        ReportSysEventServiceStartError(INIT_HAP_TOKENINFO_ERROR,
+            "RegisterTokenId fail, " + bundle + std::to_string(tokenId), result);
+        return result;
+    }
+    std::shared_ptr<HapTokenInfoInner> hap = std::make_shared<HapTokenInfoInner>();
+    result = hap->RestoreHapTokenInfo(tokenId, tokenValue, permStateRes, extendedPermRes);
+    if (result != RET_SUCCESS) {
+        AccessTokenIDManager::GetInstance().ReleaseTokenId(tokenId);
+        LOGE(ATM_DOMAIN, ATM_TAG, "TokenId %{public}u restore failed.", tokenId);
+        return result;
+    }
+
+    AccessTokenID oriTokenId = 0;
+    result = AddHapTokenInfo(hap, oriTokenId);
+    if (result != RET_SUCCESS) {
+        AccessTokenIDManager::GetInstance().ReleaseTokenId(tokenId);
+        LOGE(ATM_DOMAIN, ATM_TAG, "TokenId %{public}u add failed.", tokenId);
+        ReportSysEventServiceStartError(INIT_HAP_TOKENINFO_ERROR,
+            "AddHapTokenInfo fail, " + bundle + std::to_string(tokenId), result);
+        return result;
+    }
+
+    AccessTokenIDEx tokenIdEx = {0};
+    tokenIdEx.tokenIdExStruct.tokenID = tokenId;
+    tokenIdEx.tokenIdExStruct.tokenAttr = hap->GetAttr();
+
+    AccessTokenDfxInfo dfxInfo;
+    dfxInfo.sceneCode = AddHapSceneCode::INIT;
+    dfxInfo.tokenId = tokenId;
+    dfxInfo.tokenIdEx = tokenIdEx;
+    dfxInfo.userId = hap->GetUserID();
+    dfxInfo.bundleName = hap->GetBundleName();
+    dfxInfo.instIndex = hap->GetInstIndex();
+    ReportSysEventAddHap(dfxInfo);
+
+    LOGI(ATM_DOMAIN, ATM_TAG,
+        " Restore hap token %{public}u bundle name %{public}s user %{public}d,"
+        " permSize %{public}d, inst %{public}d ok!",
+        tokenId, hap->GetBundleName().c_str(), hap->GetUserID(), hap->GetReqPermissionSize(), hap->GetInstIndex());
+
+    return RET_SUCCESS;
+}
+
 void AccessTokenInfoManager::InitHapTokenInfos(uint32_t& hapSize)
 {
     GenericValues conditionValue;
@@ -169,36 +226,11 @@ void AccessTokenInfoManager::InitHapTokenInfos(uint32_t& hapSize)
         ReportSysEventServiceStartError(INIT_HAP_TOKENINFO_ERROR, "Load exetended value from db fail.", ret);
     }
     for (const GenericValues& tokenValue : hapTokenRes) {
-        AccessTokenID tokenId = (AccessTokenID)tokenValue.GetInt(TokenFiledConst::FIELD_TOKEN_ID);
-        std::string bundle = tokenValue.GetString(TokenFiledConst::FIELD_BUNDLE_NAME);
-        int result = AccessTokenIDManager::GetInstance().RegisterTokenId(tokenId, TOKEN_HAP);
-        if (result != RET_SUCCESS) {
-            LOGE(ATM_DOMAIN, ATM_TAG, "TokenId %{public}u add id failed, error=%{public}d.", tokenId, result);
-            ReportSysEventServiceStartError(INIT_HAP_TOKENINFO_ERROR,
-                "RegisterTokenId fail, " + bundle + std::to_string(tokenId), result);
-            continue;
-        }
-        std::shared_ptr<HapTokenInfoInner> hap = std::make_shared<HapTokenInfoInner>();
-        result = hap->RestoreHapTokenInfo(tokenId, tokenValue, permStateRes, extendedPermRes);
-        if (result != RET_SUCCESS) {
-            AccessTokenIDManager::GetInstance().ReleaseTokenId(tokenId);
-            LOGE(ATM_DOMAIN, ATM_TAG, "TokenId %{public}u restore failed.", tokenId);
-            continue;
-        }
-
-        result = AddHapTokenInfo(hap);
-        if (result != RET_SUCCESS) {
-            AccessTokenIDManager::GetInstance().ReleaseTokenId(tokenId);
-            LOGE(ATM_DOMAIN, ATM_TAG, "TokenId %{public}u add failed.", tokenId);
-            ReportSysEventServiceStartError(INIT_HAP_TOKENINFO_ERROR,
-                "AddHapTokenInfo fail, " + bundle + std::to_string(tokenId), result);
+        ret = AddHapInfoToCache(tokenValue, permStateRes, extendedPermRes);
+        if (ret != RET_SUCCESS) {
             continue;
         }
         hapSize++;
-        LOGI(ATM_DOMAIN, ATM_TAG,
-            " Restore hap token %{public}u bundle name %{public}s user %{public}d,"
-            " permSize %{public}d, inst %{public}d ok!",
-            tokenId, hap->GetBundleName().c_str(), hap->GetUserID(), hap->GetReqPermissionSize(), hap->GetInstIndex());
     }
 }
 
@@ -216,7 +248,7 @@ std::string AccessTokenInfoManager::GetHapUniqueStr(const std::shared_ptr<HapTok
     return GetHapUniqueStr(info->GetUserID(), info->GetBundleName(), info->GetInstIndex());
 }
 
-int AccessTokenInfoManager::AddHapTokenInfo(const std::shared_ptr<HapTokenInfoInner>& info)
+int AccessTokenInfoManager::AddHapTokenInfo(const std::shared_ptr<HapTokenInfoInner>& info, AccessTokenID& oriTokenId)
 {
     if (info == nullptr) {
         LOGE(ATM_DOMAIN, ATM_TAG, "Token info is null.");
@@ -227,7 +259,7 @@ int AccessTokenInfoManager::AddHapTokenInfo(const std::shared_ptr<HapTokenInfoIn
     {
         Utils::UniqueWriteGuard<Utils::RWLock> infoGuard(this->hapTokenInfoLock_);
         if (hapTokenInfoMap_.count(id) > 0) {
-            LOGE(ATM_DOMAIN, ATM_TAG, "Token %{public}u info has exist.", id);
+            LOGC(ATM_DOMAIN, ATM_TAG, "Token %{public}u info has exist.", id);
             return AccessTokenError::ERR_TOKENID_HAS_EXISTED;
         }
 
@@ -243,13 +275,9 @@ int AccessTokenInfoManager::AddHapTokenInfo(const std::shared_ptr<HapTokenInfoIn
         hapTokenInfoMap_[id] = info;
     }
     if (idRemoved != INVALID_TOKENID) {
+        oriTokenId = idRemoved;
         RemoveHapTokenInfo(idRemoved);
     }
-    HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "ADD_HAP",
-        HiviewDFX::HiSysEvent::EventType::STATISTIC,
-        "TOKENID", info->GetTokenID(), "USERID", info->GetUserID(), "BUNDLENAME", info->GetBundleName(),
-        "INSTINDEX", info->GetInstIndex());
-
     // add hap to kernel
     int32_t userId = info->GetUserID();
     {
@@ -265,30 +293,22 @@ int AccessTokenInfoManager::AddHapTokenInfo(const std::shared_ptr<HapTokenInfoIn
     return RET_SUCCESS;
 }
 
-std::shared_ptr<HapTokenInfoInner> AccessTokenInfoManager::GetHapTokenInfoInner(AccessTokenID id)
+std::shared_ptr<HapTokenInfoInner> AccessTokenInfoManager::GetHapTokenInfoInnerFromDb(AccessTokenID id)
 {
-    {
-        Utils::UniqueReadGuard<Utils::RWLock> infoGuard(this->hapTokenInfoLock_);
-        auto iter = hapTokenInfoMap_.find(id);
-        if (iter != hapTokenInfoMap_.end()) {
-            return iter->second;
-        }
-    }
-
     Utils::UniqueWriteGuard<Utils::RWLock> infoGuard(this->hapTokenInfoLock_);
     GenericValues conditionValue;
     conditionValue.Put(TokenFiledConst::FIELD_TOKEN_ID, static_cast<int32_t>(id));
     std::vector<GenericValues> hapTokenResults;
     int32_t ret = AccessTokenDb::GetInstance().Find(AtmDataType::ACCESSTOKEN_HAP_INFO, conditionValue, hapTokenResults);
     if (ret != RET_SUCCESS || hapTokenResults.empty()) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Failed to find Id(%{public}u) from hap_token_table, err: %{public}d, "
+        LOGC(ATM_DOMAIN, ATM_TAG, "Failed to find Id(%{public}u) from hap_token_table, err: %{public}d, "
             "hapSize: %{public}zu, mapSize: %{public}zu.", id, ret, hapTokenResults.size(), hapTokenInfoMap_.size());
         return nullptr;
     }
     std::vector<GenericValues> permStateRes;
     ret = AccessTokenDb::GetInstance().Find(AtmDataType::ACCESSTOKEN_PERMISSION_STATE, conditionValue, permStateRes);
     if (ret != RET_SUCCESS) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Failed to find Id(%{public}u) from perm_state_table, err: %{public}d, "
+        LOGC(ATM_DOMAIN, ATM_TAG, "Failed to find Id(%{public}u) from perm_state_table, err: %{public}d, "
             "mapSize: %{public}zu.", id, ret, hapTokenInfoMap_.size());
         return nullptr;
     }
@@ -297,7 +317,7 @@ std::shared_ptr<HapTokenInfoInner> AccessTokenInfoManager::GetHapTokenInfoInner(
     ret = AccessTokenDb::GetInstance().Find(
         AtmDataType::ACCESSTOKEN_PERMISSION_EXTEND_VALUE, conditionValue, extendedPermRes);
     if (ret != RET_SUCCESS) { // extendedPermRes may be empty
-        LOGE(ATM_DOMAIN, ATM_TAG, "Failed to find Id(%{public}u) from perm_extend_value_table, err: %{public}d, "
+        LOGC(ATM_DOMAIN, ATM_TAG, "Failed to find Id(%{public}u) from perm_extend_value_table, err: %{public}d, "
             "mapSize: %{public}zu.", id, ret, hapTokenInfoMap_.size());
         return nullptr;
     }
@@ -305,7 +325,7 @@ std::shared_ptr<HapTokenInfoInner> AccessTokenInfoManager::GetHapTokenInfoInner(
     std::shared_ptr<HapTokenInfoInner> hap = std::make_shared<HapTokenInfoInner>();
     ret = hap->RestoreHapTokenInfo(id, hapTokenResults[0], permStateRes, extendedPermRes);
     if (ret != RET_SUCCESS) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Id %{public}u restore failed, err: %{public}d, mapSize: %{public}zu.",
+        LOGC(ATM_DOMAIN, ATM_TAG, "Id %{public}u restore failed, err: %{public}d, mapSize: %{public}zu.",
             id, ret, hapTokenInfoMap_.size());
         return nullptr;
     }
@@ -319,6 +339,18 @@ std::shared_ptr<HapTokenInfoInner> AccessTokenInfoManager::GetHapTokenInfoInner(
     return hap;
 }
 
+std::shared_ptr<HapTokenInfoInner> AccessTokenInfoManager::GetHapTokenInfoInner(AccessTokenID id)
+{
+    {
+        Utils::UniqueReadGuard<Utils::RWLock> infoGuard(this->hapTokenInfoLock_);
+        auto iter = hapTokenInfoMap_.find(id);
+        if (iter != hapTokenInfoMap_.end()) {
+            return iter->second;
+        }
+    }
+    return GetHapTokenInfoInnerFromDb(id);
+}
+
 int32_t AccessTokenInfoManager::GetHapTokenDlpType(AccessTokenID id)
 {
     Utils::UniqueReadGuard<Utils::RWLock> infoGuard(this->hapTokenInfoLock_);
@@ -398,7 +430,7 @@ int AccessTokenInfoManager::RemoveHapTokenInfo(AccessTokenID id)
 {
     ATokenTypeEnum type = AccessTokenIDManager::GetInstance().GetTokenIdType(id);
     if (type != TOKEN_HAP) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Token %{public}u is not hap.", id);
+        LOGC(ATM_DOMAIN, ATM_TAG, "Token %{public}u is not hap.", id);
         return ERR_PARAM_INVALID;
     }
     std::shared_ptr<HapTokenInfoInner> info;
@@ -409,17 +441,17 @@ int AccessTokenInfoManager::RemoveHapTokenInfo(AccessTokenID id)
         AccessTokenIDManager::GetInstance().ReleaseTokenId(id);
 
         if (hapTokenInfoMap_.count(id) == 0) {
-            LOGE(ATM_DOMAIN, ATM_TAG, "Hap token %{public}u no exist.", id);
+            LOGC(ATM_DOMAIN, ATM_TAG, "Hap token %{public}u no exist.", id);
             return ERR_TOKENID_NOT_EXIST;
         }
 
         info = hapTokenInfoMap_[id];
         if (info == nullptr) {
-            LOGE(ATM_DOMAIN, ATM_TAG, "Hap token %{public}u is null.", id);
+            LOGC(ATM_DOMAIN, ATM_TAG, "Hap token %{public}u is null.", id);
             return ERR_TOKEN_INVALID;
         }
         if (info->IsRemote()) {
-            LOGE(ATM_DOMAIN, ATM_TAG, "Remote hap token %{public}u can not delete.", id);
+            LOGC(ATM_DOMAIN, ATM_TAG, "Remote hap token %{public}u can not delete.", id);
             return ERR_IDENTITY_CHECK_FAILED;
         }
         std::string HapUniqueKey = GetHapUniqueStr(info);
@@ -429,7 +461,10 @@ int AccessTokenInfoManager::RemoveHapTokenInfo(AccessTokenID id)
         }
         hapTokenInfoMap_.erase(id);
     }
-    RemoveHapTokenInfoFromDb(info);
+    int32_t ret = RemoveHapTokenInfoFromDb(info);
+    if (ret != RET_SUCCESS) {
+        LOGC(ATM_DOMAIN, ATM_TAG, "Remove info from db failed, ret is %{public}d", ret);
+    }
 
     LOGI(ATM_DOMAIN, ATM_TAG, "Remove hap token %{public}u ok!", id);
     PermissionStateNotify(info, id);
@@ -437,10 +472,6 @@ int AccessTokenInfoManager::RemoveHapTokenInfo(AccessTokenID id)
     TokenModifyNotifier::GetInstance().NotifyTokenDelete(id);
 #endif
 
-    HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "DEL_HAP", HiviewDFX::HiSysEvent::EventType::STATISTIC,
-        "TOKENID", info->GetTokenID(), "USERID", info->GetUserID(), "BUNDLENAME", info->GetBundleName(),
-        "INSTINDEX", info->GetInstIndex());
-
     return RET_SUCCESS;
 }
 
@@ -475,7 +506,7 @@ int32_t AccessTokenInfoManager::CheckHapInfoParam(const HapInfoParams& info, con
         (!DataValidator::IsAppIDDescValid(info.appIDDesc)) || (!DataValidator::IsDomainValid(policy.domain)) ||
         (!DataValidator::IsDlpTypeValid(info.dlpType)) || (info.isRestore && info.tokenID == INVALID_TOKENID) ||
          !DataValidator::IsAclExtendedMapSizeValid(policy.aclExtendedMap)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Hap token param failed");
+        LOGC(ATM_DOMAIN, ATM_TAG, "Hap token param failed");
         return AccessTokenError::ERR_PARAM_INVALID;
     }
 
@@ -484,37 +515,64 @@ int32_t AccessTokenInfoManager::CheckHapInfoParam(const HapInfoParams& info, con
             continue;
         }
         if (!DataValidator::IsAclExtendedMapContentValid(extendValue.first, extendValue.second)) {
-            LOGE(ATM_DOMAIN, ATM_TAG, "acl extended content is unvalid.");
+            LOGC(ATM_DOMAIN, ATM_TAG, "Acl extended content is invalid.");
             return AccessTokenError::ERR_PARAM_INVALID;
         }
     }
     return ERR_OK;
 }
 
-int AccessTokenInfoManager::CreateHapTokenInfo(
-    const HapInfoParams& info, const HapPolicy& policy, AccessTokenIDEx& tokenIdEx)
+void AccessTokenInfoManager::ReportAddHapIdChange(const std::shared_ptr<HapTokenInfoInner>& hapInfo,
+    AccessTokenID oriTokenId)
 {
-    if (CheckHapInfoParam(info, policy) != ERR_OK) {
-        return AccessTokenError::ERR_PARAM_INVALID;
-    }
-    AccessTokenID tokenId = info.tokenID;
+    AccessTokenDfxInfo dfxInfo;
+    dfxInfo.sceneCode = AddHapSceneCode::TOKEN_ID_CHANGE;
+    dfxInfo.tokenId = hapInfo->GetTokenID();
+    dfxInfo.oriTokenId = oriTokenId;
+    dfxInfo.userId = hapInfo->GetUserID();
+    dfxInfo.bundleName = hapInfo->GetBundleName();
+    dfxInfo.instIndex = hapInfo->GetInstIndex();
+    ReportSysEventAddHap(dfxInfo);
+}
+
+int32_t AccessTokenInfoManager::RegisterTokenId(const HapInfoParams& info, AccessTokenID& tokenId)
+{
+    int32_t res = RET_SUCCESS;
+
     if (info.isRestore) {
-        LOGI(ATM_DOMAIN, ATM_TAG, "isRestore is true, tokenId is %{public}u", tokenId);
-        int32_t res = AccessTokenIDManager::GetInstance().RegisterTokenId(tokenId, TOKEN_HAP);
+        LOGI(ATM_DOMAIN, ATM_TAG, "IsRestore is true, tokenId is %{public}u.", info.tokenID);
+
+        res = AccessTokenIDManager::GetInstance().RegisterTokenId(info.tokenID, TOKEN_HAP);
         if (res != RET_SUCCESS) {
-            LOGE(ATM_DOMAIN, ATM_TAG, "Token Id register failed, res is %{public}d", res);
+            LOGC(ATM_DOMAIN, ATM_TAG, "Token Id register failed, errCode is %{public}d.", res);
             return res;
         }
+
+        tokenId = info.tokenID;
     } else {
         int32_t dlpFlag = (info.dlpType > DLP_COMMON) ? 1 : 0;
         int32_t cloneFlag = ((dlpFlag == 0) && (info.instIndex) > 0) ? 1 : 0;
         tokenId = AccessTokenIDManager::GetInstance().CreateAndRegisterTokenId(TOKEN_HAP, dlpFlag, cloneFlag);
         if (tokenId == 0) {
-            LOGE(ATM_DOMAIN, ATM_TAG, "Token Id create failed");
+            LOGC(ATM_DOMAIN, ATM_TAG, "Token Id create failed");
             return ERR_TOKENID_CREATE_FAILED;
         }
     }
 
+    return res;
+}
+
+int AccessTokenInfoManager::CreateHapTokenInfo(
+    const HapInfoParams& info, const HapPolicy& policy, AccessTokenIDEx& tokenIdEx)
+{
+    if (CheckHapInfoParam(info, policy) != ERR_OK) {
+        return AccessTokenError::ERR_PARAM_INVALID;
+    }
+    AccessTokenID tokenId;
+    int32_t ret = RegisterTokenId(info, tokenId);
+    if (ret != RET_SUCCESS) {
+        return ret;
+    }
 #ifdef SUPPORT_SANDBOX_APP
     std::shared_ptr<HapTokenInfoInner> tokenInfo;
     HapPolicy policyNew = policy;
@@ -525,14 +583,26 @@ int AccessTokenInfoManager::CreateHapTokenInfo(
 #else
     std::shared_ptr<HapTokenInfoInner> tokenInfo = std::make_shared<HapTokenInfoInner>(tokenId, info, policy);
 #endif
-    AddHapTokenInfoToDb(tokenInfo, info.appIDDesc, policy, false);
-    int ret = AddHapTokenInfo(tokenInfo);
+    ret = AddHapTokenInfoToDb(tokenInfo, info.appIDDesc, policy, false);
     if (ret != RET_SUCCESS) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "%{public}s add token info failed", info.bundleName.c_str());
+        LOGC(ATM_DOMAIN, ATM_TAG, "AddHapTokenInfoToDb failed, errCode is %{public}d.", ret);
+        AccessTokenIDManager::GetInstance().ReleaseTokenId(tokenId);
+        return ret;
+    }
+
+    AccessTokenID oriTokenID = 0;
+    ret = AddHapTokenInfo(tokenInfo, oriTokenID);
+    if (ret != RET_SUCCESS) {
+        LOGC(ATM_DOMAIN, ATM_TAG, "%{public}s add token info failed", info.bundleName.c_str());
         AccessTokenIDManager::GetInstance().ReleaseTokenId(tokenId);
         RemoveHapTokenInfoFromDb(tokenInfo);
         return ret;
     }
+
+    if (oriTokenID != 0) {
+        ReportAddHapIdChange(tokenInfo, oriTokenID);
+    }
+
     LOGI(ATM_DOMAIN, ATM_TAG,
         "Create hap token %{public}u bundleName %{public}s user %{public}d inst %{public}d isRestore %{public}d ok",
         tokenId, tokenInfo->GetBundleName().c_str(), tokenInfo->GetUserID(), tokenInfo->GetInstIndex(), info.isRestore);
@@ -547,6 +617,9 @@ int AccessTokenInfoManager::AllocAccessTokenIDEx(
     if (info.isSystemApp) {
         tokenIdEx.tokenIdExStruct.tokenAttr |= SYSTEM_APP_FLAG;
     }
+    if (info.isAtomicService) {
+        tokenIdEx.tokenIdExStruct.tokenAttr |= ATOMIC_SERVICE_FLAG;
+    }
     return RET_SUCCESS;
 }
 
@@ -624,17 +697,17 @@ int32_t AccessTokenInfoManager::UpdateHapToken(AccessTokenIDEx& tokenIdEx, const
 {
     AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
     if (!DataValidator::IsAppIDDescValid(info.appIDDesc)) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Token %{public}u parm format error!", tokenID);
+        LOGC(ATM_DOMAIN, ATM_TAG, "Token %{public}u parm format error!", tokenID);
         return AccessTokenError::ERR_PARAM_INVALID;
     }
     std::shared_ptr<HapTokenInfoInner> infoPtr = GetHapTokenInfoInner(tokenID);
     if (infoPtr == nullptr) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Token %{public}u is invalid, can not update!", tokenID);
+        LOGC(ATM_DOMAIN, ATM_TAG, "Token %{public}u is invalid, can not update!", tokenID);
         return AccessTokenError::ERR_TOKENID_NOT_EXIST;
     }
 
     if (infoPtr->IsRemote()) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Remote hap token %{public}u can not update!", tokenID);
+        LOGC(ATM_DOMAIN, ATM_TAG, "Remote hap token %{public}u can not update!", tokenID);
         return ERR_IDENTITY_CHECK_FAILED;
     }
     if (info.isSystemApp) {
@@ -642,6 +715,11 @@ int32_t AccessTokenInfoManager::UpdateHapToken(AccessTokenIDEx& tokenIdEx, const
     } else {
         tokenIdEx.tokenIdExStruct.tokenAttr &= ~SYSTEM_APP_FLAG;
     }
+    if (info.isAtomicService) {
+        tokenIdEx.tokenIdExStruct.tokenAttr |= ATOMIC_SERVICE_FLAG;
+    } else {
+        tokenIdEx.tokenIdExStruct.tokenAttr &= ~ATOMIC_SERVICE_FLAG;
+    }
     {
         Utils::UniqueWriteGuard<Utils::RWLock> infoGuard(this->hapTokenInfoLock_);
         infoPtr->Update(info, permStateList, hapPolicy);
@@ -649,15 +727,12 @@ int32_t AccessTokenInfoManager::UpdateHapToken(AccessTokenIDEx& tokenIdEx, const
 
     int32_t ret = AddHapTokenInfoToDb(infoPtr, info.appIDDesc, hapPolicy, true);
     if (ret != RET_SUCCESS) {
+        LOGC(ATM_DOMAIN, ATM_TAG, "Add hap info %{public}u to db failed!", tokenID);
         return ret;
     }
     LOGI(ATM_DOMAIN, ATM_TAG, "Token %{public}u bundle name %{public}s user %{public}d \
         inst %{public}d tokenAttr %{public}d update ok!", tokenID, infoPtr->GetBundleName().c_str(),
         infoPtr->GetUserID(), infoPtr->GetInstIndex(), infoPtr->GetHapInfoBasic().tokenAttr);
-    // DFX
-    HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "UPDATE_HAP",
-        HiviewDFX::HiSysEvent::EventType::STATISTIC, "TOKENID", tokenID, "USERID",
-        infoPtr->GetUserID(), "BUNDLENAME", infoPtr->GetBundleName(), "INSTINDEX", infoPtr->GetInstIndex());
 
 #ifdef TOKEN_SYNC_ENABLE
     TokenModifyNotifier::GetInstance().NotifyTokenModify(tokenID);
@@ -720,12 +795,21 @@ int AccessTokenInfoManager::CreateRemoteHapTokenInfo(AccessTokenID mapID, HapTok
     std::shared_ptr<HapTokenInfoInner> hap = std::make_shared<HapTokenInfoInner>(mapID, hapSync);
     hap->SetRemote(true);
 
-    int ret = AddHapTokenInfo(hap);
+    AccessTokenID oriTokenId = 0;
+    int ret = AddHapTokenInfo(hap, oriTokenId);
     if (ret != RET_SUCCESS) {
         LOGE(ATM_DOMAIN, ATM_TAG, "Add local token failed.");
         return ret;
     }
 
+    AccessTokenDfxInfo dfxInfo;
+    dfxInfo.sceneCode = AddHapSceneCode::MAP;
+    dfxInfo.tokenId = hap->GetTokenID();
+    dfxInfo.userId = hap->GetUserID();
+    dfxInfo.bundleName = hap->GetBundleName();
+    dfxInfo.instIndex = hap->GetInstIndex();
+    ReportSysEventAddHap(dfxInfo);
+
     return RET_SUCCESS;
 }
 
@@ -955,11 +1039,11 @@ int AccessTokenInfoManager::AddHapTokenInfoToDb(const std::shared_ptr<HapTokenIn
     const std::string& appId, const HapPolicy& policy, bool isUpdate)
 {
     if (hapInfo == nullptr) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Token info is null!");
+        LOGC(ATM_DOMAIN, ATM_TAG, "Token info is null!");
         return AccessTokenError::ERR_TOKENID_NOT_EXIST;
     }
     if (hapInfo->IsRemote()) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "It is a remote hap!");
+        LOGC(ATM_DOMAIN, ATM_TAG, "It is a remote hap!");
         return AccessTokenError::ERR_TOKENID_NOT_EXIST;
     }
     AccessTokenID tokenID = hapInfo->GetTokenID();
@@ -1038,7 +1122,7 @@ int AccessTokenInfoManager::RemoveHapTokenInfoFromDb(const std::shared_ptr<HapTo
     int32_t ret = AccessTokenDb::GetInstance().DeleteAndInsertValues(deleteDataTypes, deleteValues, addDataTypes,
         addValues);
     if (ret != RET_SUCCESS) {
-        LOGE(ATM_DOMAIN, ATM_TAG, "Id %{public}d DeleteAndInsertHap failed, ret %{public}d.", tokenID, ret);
+        LOGC(ATM_DOMAIN, ATM_TAG, "Id %{public}d DeleteAndInsertHap failed, ret %{public}d.", tokenID, ret);
         return ret;
     }
     return RET_SUCCESS;
@@ -1188,11 +1272,12 @@ void AccessTokenInfoManager::DumpToken()
         LOGE(ATM_DOMAIN, ATM_TAG, "Open failed errno %{public}d.", errno);
         return;
     }
+    fdsan_exchange_owner_tag(fd, 0, FD_TAG);
     std::string dumpStr;
     AtmToolsParamInfoParcel infoParcel;
     DumpTokenInfo(infoParcel.info, dumpStr);
     dprintf(fd, "%s\n", dumpStr.c_str());
-    close(fd);
+    fdsan_close_with_tag(fd, FD_TAG);
 }
 
 void AccessTokenInfoManager::DumpTokenInfo(const AtmToolsParamInfo& info, std::string& dumpInfo)
diff --git a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp
index 7133f2a212e2b86d939df806b961662744c7bb2e..82b304acbcfa6bddb28cb584374850af3ac7acaf 100644
--- a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp
+++ b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp
@@ -22,6 +22,7 @@
 #include "access_token_error.h"
 #include "data_translator.h"
 #include "data_validator.h"
+#include "hisysevent_adapter.h"
 #include "short_grant_manager.h"
 #include "token_field_const.h"
 #include "permission_map.h"
@@ -36,6 +37,7 @@ namespace AccessToken {
 namespace {
 static const std::string DEFAULT_DEVICEID = "0";
 static const unsigned int SYSTEM_APP_FLAG = 0x0001;
+static const unsigned int ATOMIC_SERVICE_FLAG = 0x0002;
 }
 
 HapTokenInfoInner::HapTokenInfoInner() : permUpdateTimestamp_(0), isRemote_(false)
@@ -59,6 +61,9 @@ HapTokenInfoInner::HapTokenInfoInner(AccessTokenID id,
     if (info.isSystemApp) {
         tokenInfoBasic_.tokenAttr |= SYSTEM_APP_FLAG;
     }
+    if (info.isAtomicService) {
+        tokenInfoBasic_.tokenAttr |= ATOMIC_SERVICE_FLAG;
+    }
     tokenInfoBasic_.bundleName = info.bundleName;
     tokenInfoBasic_.apiVersion = GetApiVersion(info.apiVersion);
     tokenInfoBasic_.instIndex = info.instIndex;
@@ -97,6 +102,11 @@ void HapTokenInfoInner::Update(const UpdateHapInfoParams& info, const std::vecto
     } else {
         tokenInfoBasic_.tokenAttr &= ~SYSTEM_APP_FLAG;
     }
+    if (info.isAtomicService) {
+        tokenInfoBasic_.tokenAttr |= ATOMIC_SERVICE_FLAG;
+    } else {
+        tokenInfoBasic_.tokenAttr &= ~ATOMIC_SERVICE_FLAG;
+    }
     Utils::UniqueWriteGuard<Utils::RWLock> infoGuard(this->policySetLock_);
     PermissionDataBrief::GetInstance().Update(tokenInfoBasic_.tokenID, permStateList, hapPolicy.aclExtendedMap);
 }
@@ -208,6 +218,11 @@ int HapTokenInfoInner::GetDlpType() const
     return tokenInfoBasic_.dlpType;
 }
 
+AccessTokenAttr HapTokenInfoInner::GetAttr() const
+{
+    return tokenInfoBasic_.tokenAttr;
+}
+
 std::string HapTokenInfoInner::GetBundleName() const
 {
     return tokenInfoBasic_.bundleName;
@@ -280,6 +295,7 @@ int32_t HapTokenInfoInner::UpdatePermissionStatus(
     int32_t ret = PermissionDataBrief::GetInstance().UpdatePermissionStatus(tokenInfoBasic_.tokenID,
         permissionName, isGranted, flag, statusChanged);
     if (ret != RET_SUCCESS) {
+        LOGC(ATM_DOMAIN, ATM_TAG, "Update date brief failed, ret is %{public}d", ret);
         return ret;
     }
     if (ShortGrantManager::GetInstance().IsShortGrantPermission(permissionName)) {
@@ -460,9 +476,9 @@ void HapTokenInfoInner::PermStateFullToString(const PermissionStatus& state, std
     info.append(R"(      "grantStatus": ")" + std::to_string(state.grantStatus) + R"(")" + ",\n");
     info.append(R"(      "grantFlag": ")" + std::to_string(state.grantFlag) + R"(")" + ",\n");
     std::string value;
-    (void)PermissionDataBrief::GetInstance().GetReqPermissionByName(
+    int32_t ret = PermissionDataBrief::GetInstance().GetReqPermissionByName(
         tokenInfoBasic_.tokenID, state.permissionName, value, false);
-    if (!value.empty()) {
+    if (ret == RET_SUCCESS) {
         info.append(R"(      "value": ")" + value + R"(")" + ",\n");
     }
     info.append(R"(    })");
diff --git a/services/accesstokenmanager/main/cpp/src/token/token_modify_notifier.cpp b/services/accesstokenmanager/main/cpp/src/token/token_modify_notifier.cpp
index d40f3f28b6e4a293521b3fb25d31b01f44bd0d98..1592e423ebe0607cb7fa2465d0190145aab22b90 100644
--- a/services/accesstokenmanager/main/cpp/src/token/token_modify_notifier.cpp
+++ b/services/accesstokenmanager/main/cpp/src/token/token_modify_notifier.cpp
@@ -20,9 +20,6 @@
 #include "accesstoken_info_manager.h"
 #include "accesstoken_common_log.h"
 #include "access_token_error.h"
-#ifdef RESOURCESCHEDULE_FFRT_ENABLE
-#include "ffrt.h"
-#endif
 #include "hap_token_info.h"
 #include "hap_token_info_inner.h"
 #include "libraryloader.h"
@@ -35,20 +32,14 @@ namespace {
 std::recursive_mutex g_instanceMutex;
 }
 
-#ifdef RESOURCESCHEDULE_FFRT_ENABLE
-TokenModifyNotifier::TokenModifyNotifier() : hasInited_(false), curTaskNum_(0) {}
-#else
 TokenModifyNotifier::TokenModifyNotifier() : hasInited_(false), notifyTokenWorker_("TokenModify") {}
-#endif
 
 TokenModifyNotifier::~TokenModifyNotifier()
 {
     if (!hasInited_) {
         return;
     }
-#ifndef RESOURCESCHEDULE_FFRT_ENABLE
     this->notifyTokenWorker_.Stop();
-#endif
     this->hasInited_ = false;
 }
 
@@ -58,7 +49,7 @@ void TokenModifyNotifier::AddHapTokenObservation(AccessTokenID tokenID)
         LOGI(ATM_DOMAIN, ATM_TAG, "Observation token is not hap token");
         return;
     }
-    Utils::UniqueWriteGuard<Utils::RWLock> infoGuard(this->Notifylock_);
+    Utils::UniqueWriteGuard<Utils::RWLock> infoGuard(this->listLock_);
     if (observationSet_.count(tokenID) <= 0) {
         observationSet_.insert(tokenID);
     }
@@ -66,7 +57,7 @@ void TokenModifyNotifier::AddHapTokenObservation(AccessTokenID tokenID)
 
 void TokenModifyNotifier::NotifyTokenDelete(AccessTokenID tokenID)
 {
-    Utils::UniqueWriteGuard<Utils::RWLock> infoGuard(this->Notifylock_);
+    Utils::UniqueWriteGuard<Utils::RWLock> infoGuard(this->listLock_);
     if (observationSet_.count(tokenID) <= 0) {
         LOGD(ATM_DOMAIN, ATM_TAG, "Hap token is not observed");
         return;
@@ -78,7 +69,7 @@ void TokenModifyNotifier::NotifyTokenDelete(AccessTokenID tokenID)
 
 void TokenModifyNotifier::NotifyTokenModify(AccessTokenID tokenID)
 {
-    Utils::UniqueWriteGuard<Utils::RWLock> infoGuard(this->Notifylock_);
+    Utils::UniqueWriteGuard<Utils::RWLock> infoGuard(this->listLock_);
     if (observationSet_.count(tokenID) <= 0) {
         LOGD(ATM_DOMAIN, ATM_TAG, "Hap token is not observed");
         return;
@@ -101,9 +92,7 @@ TokenModifyNotifier& TokenModifyNotifier::GetInstance()
     if (!instance->hasInited_) {
         Utils::UniqueWriteGuard<Utils::RWLock> infoGuard(instance->initLock_);
         if (!instance->hasInited_) {
-#ifndef RESOURCESCHEDULE_FFRT_ENABLE
             instance->notifyTokenWorker_.Start(1);
-#endif
             instance->hasInited_ = true;
         }
     }
@@ -115,14 +104,26 @@ void TokenModifyNotifier::NotifyTokenSyncTask()
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "Called!");
 
-    Utils::UniqueWriteGuard<Utils::RWLock> infoGuard(this->Notifylock_);
+    Utils::UniqueWriteGuard<Utils::RWLock> infoGuard(this->notifyLock_);
+    LOGI(ATM_DOMAIN, ATM_TAG, "Start execution!");
     LibraryLoader loader(TOKEN_SYNC_LIBPATH);
     TokenSyncKitInterface* tokenSyncKit = loader.GetObject<TokenSyncKitInterface>();
     if (tokenSyncKit == nullptr) {
         LOGE(ATM_DOMAIN, ATM_TAG, "Dlopen libtokensync_sdk failed.");
         return;
     }
-    for (AccessTokenID deleteToken : deleteTokenList_) {
+
+    std::vector<AccessTokenID> deleteList;
+    std::vector<AccessTokenID> modifiedList;
+    {
+        Utils::UniqueWriteGuard<Utils::RWLock> listGuard(this->listLock_);
+        deleteList = deleteTokenList_;
+        modifiedList = modifiedTokenList_;
+        deleteTokenList_.clear();
+        modifiedTokenList_.clear();
+    }
+
+    for (AccessTokenID deleteToken : deleteList) {
         int ret = TOKEN_SYNC_SUCCESS;
         if (tokenSyncCallbackObject_ != nullptr) {
             ret = tokenSyncCallbackObject_->DeleteRemoteHapTokenInfo(deleteToken);
@@ -133,7 +134,7 @@ void TokenModifyNotifier::NotifyTokenSyncTask()
         }
     }
 
-    for (AccessTokenID modifyToken : modifiedTokenList_) {
+    for (AccessTokenID modifyToken : modifiedList) {
         HapTokenInfoForSync hapSync;
         int ret = AccessTokenInfoManager::GetInstance().GetHapTokenSync(modifyToken, hapSync);
         if (ret != RET_SUCCESS) {
@@ -148,8 +149,6 @@ void TokenModifyNotifier::NotifyTokenSyncTask()
             LOGE(ATM_DOMAIN, ATM_TAG, "Fail to update remote haptoken info, ret is %{public}d", ret);
         }
     }
-    deleteTokenList_.clear();
-    modifiedTokenList_.clear();
 
     LOGI(ATM_DOMAIN, ATM_TAG, "Over!");
 }
@@ -157,7 +156,7 @@ void TokenModifyNotifier::NotifyTokenSyncTask()
 int32_t TokenModifyNotifier::GetRemoteHapTokenInfo(const std::string& deviceID, AccessTokenID tokenID)
 {
     if (tokenSyncCallbackObject_ != nullptr) {
-        Utils::UniqueReadGuard<Utils::RWLock> infoGuard(this->Notifylock_);
+        Utils::UniqueReadGuard<Utils::RWLock> infoGuard(this->notifyLock_);
         int32_t ret = tokenSyncCallbackObject_->GetRemoteHapTokenInfo(deviceID, tokenID);
         if (ret != TOKEN_SYNC_OPENSOURCE_DEVICE) {
             return ret;
@@ -175,7 +174,7 @@ int32_t TokenModifyNotifier::GetRemoteHapTokenInfo(const std::string& deviceID,
 
 int32_t TokenModifyNotifier::RegisterTokenSyncCallback(const sptr<IRemoteObject>& callback)
 {
-    Utils::UniqueWriteGuard<Utils::RWLock> infoGuard(this->Notifylock_);
+    Utils::UniqueWriteGuard<Utils::RWLock> infoGuard(this->notifyLock_);
     tokenSyncCallbackObject_ = new TokenSyncCallbackProxy(callback);
     tokenSyncCallbackDeathRecipient_ = sptr<TokenSyncCallbackDeathRecipient>::MakeSptr();
     callback->AddDeathRecipient(tokenSyncCallbackDeathRecipient_);
@@ -185,7 +184,7 @@ int32_t TokenModifyNotifier::RegisterTokenSyncCallback(const sptr<IRemoteObject>
 
 int32_t TokenModifyNotifier::UnRegisterTokenSyncCallback()
 {
-    Utils::UniqueWriteGuard<Utils::RWLock> infoGuard(this->Notifylock_);
+    Utils::UniqueWriteGuard<Utils::RWLock> infoGuard(this->notifyLock_);
     if (tokenSyncCallbackObject_ != nullptr && tokenSyncCallbackDeathRecipient_ != nullptr) {
         tokenSyncCallbackObject_->AsObject()->RemoveDeathRecipient(tokenSyncCallbackDeathRecipient_);
     }
@@ -195,41 +194,8 @@ int32_t TokenModifyNotifier::UnRegisterTokenSyncCallback()
     return ERR_OK;
 }
 
-#ifdef RESOURCESCHEDULE_FFRT_ENABLE
-int32_t TokenModifyNotifier::GetCurTaskNum()
-{
-    return curTaskNum_.load();
-}
-
-void TokenModifyNotifier::AddCurTaskNum()
-{
-    LOGI(ATM_DOMAIN, ATM_TAG, "Add task!");
-    curTaskNum_++;
-}
-
-void TokenModifyNotifier::ReduceCurTaskNum()
-{
-    LOGI(ATM_DOMAIN, ATM_TAG, "Reduce task!");
-    curTaskNum_--;
-}
-#endif
-
 void TokenModifyNotifier::NotifyTokenChangedIfNeed()
 {
-#ifdef RESOURCESCHEDULE_FFRT_ENABLE
-    if (GetCurTaskNum() > 1) {
-        LOGI(ATM_DOMAIN, ATM_TAG, "Has notify task! taskNum is %{public}d.", GetCurTaskNum());
-        return;
-    }
-
-    std::string taskName = "TokenModify";
-    auto tokenModify = []() {
-        TokenModifyNotifier::GetInstance().NotifyTokenSyncTask();
-        TokenModifyNotifier::GetInstance().ReduceCurTaskNum();
-    };
-    ffrt::submit(tokenModify, {}, {}, ffrt::task_attr().qos(ffrt::qos_default).name(taskName.c_str()));
-    AddCurTaskNum();
-#else
     if (notifyTokenWorker_.GetCurTaskNum() > 1) {
         LOGI(ATM_DOMAIN, ATM_TAG, " has notify task! taskNum is %{public}zu.", notifyTokenWorker_.GetCurTaskNum());
         return;
@@ -238,7 +204,6 @@ void TokenModifyNotifier::NotifyTokenChangedIfNeed()
     notifyTokenWorker_.AddTask([]() {
         TokenModifyNotifier::GetInstance().NotifyTokenSyncTask();
     });
-#endif
 }
 } // namespace AccessToken
 } // namespace Security
diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json
index 770b03143f118c28162dfd0fc7278a6ad8411afc..24f0aa179582958d348252bdf2305fdee036d9cf 100644
--- a/services/accesstokenmanager/permission_definitions.json
+++ b/services/accesstokenmanager/permission_definitions.json
@@ -1,5 +1,5 @@
 {
-    "systemGrantPermissions": [
+    "definePermissions": [
         {
             "name": "ohos.permission.ACCESS_BIOMETRIC",
             "grantMode": "system_grant",
@@ -174,7 +174,7 @@
             "name": "ohos.permission.INPUT_MONITORING",
             "grantMode": "system_grant",
             "availableLevel": "system_basic",
-            "availableType": "SYSTEM",
+            "availableType": "NORMAL",
             "since": 7,
             "deprecated": "",
             "provisionEnable": true,
@@ -234,7 +234,7 @@
             "name": "ohos.permission.GET_BUNDLE_INFO_PRIVILEGED",
             "grantMode": "system_grant",
             "availableLevel": "system_basic",
-            "availableType": "SYSTEM",
+            "availableType": "ENTERPRISE_NORMAL",
             "since": 7,
             "deprecated": "",
             "provisionEnable": true,
@@ -544,7 +544,7 @@
             "name": "ohos.permission.CLEAN_BACKGROUND_PROCESSES",
             "grantMode": "system_grant",
             "availableLevel": "normal",
-            "availableType": "SYSTEM",
+            "availableType": "NORMAL",
             "since": 7,
             "deprecated": "",
             "provisionEnable": true,
@@ -708,7 +708,8 @@
             "since": 8,
             "deprecated": "",
             "provisionEnable": true,
-            "distributedSceneEnable": false
+            "distributedSceneEnable": false,
+            "deviceTypes": ["general"]
         },
         {
             "name": "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS",
@@ -718,7 +719,8 @@
             "since": 8,
             "deprecated": "",
             "provisionEnable": true,
-            "distributedSceneEnable": false
+            "distributedSceneEnable": false,
+            "deviceTypes": ["general"]
         },
         {
             "name": "ohos.permission.GET_SENSITIVE_PERMISSIONS",
@@ -728,7 +730,8 @@
             "since": 8,
             "deprecated": "",
             "provisionEnable": true,
-            "distributedSceneEnable": false
+            "distributedSceneEnable": false,
+            "deviceTypes": ["general"]
         },
         {
             "name": "ohos.permission.SET_TELEPHONY_STATE",
@@ -1123,7 +1126,7 @@
         {
             "name": "ohos.permission.ACCESS_CERT_MANAGER_INTERNAL",
             "grantMode": "system_grant",
-            "availableLevel": "system_basic",
+            "availableLevel": "system_core",
             "availableType": "SYSTEM",
             "since": 9,
             "deprecated": "",
@@ -1284,7 +1287,7 @@
             "name": "ohos.permission.DISTRIBUTED_SOFTBUS_CENTER",
             "grantMode": "system_grant",
             "availableLevel": "system_basic",
-            "availableType": "NORMAL",
+            "availableType": "SYSTEM",
             "since": 9,
             "deprecated": "",
             "provisionEnable": false,
@@ -1894,7 +1897,7 @@
             "name": "ohos.permission.RESTRICT_APPLICATION_ACTIVE",
             "grantMode": "system_grant",
             "availableLevel": "system_basic",
-            "availableType": "NORMAL",
+            "availableType": "SYSTEM",
             "since": 10,
             "deprecated": "",
             "provisionEnable": false,
@@ -2145,7 +2148,7 @@
             "grantMode": "system_grant",
             "availableLevel": "system_basic",
             "availableType": "NORMAL",
-            "since": 10,
+            "since": 11,
             "deprecated": "",
             "provisionEnable": true,
             "distributedSceneEnable": false
@@ -2175,7 +2178,7 @@
             "grantMode": "system_grant",
             "availableLevel": "normal",
             "availableType": "NORMAL",
-            "since": 10,
+            "since": 11,
             "deprecated": "",
             "provisionEnable": false,
             "distributedSceneEnable": false
@@ -2196,7 +2199,7 @@
             "name": "ohos.permission.AGENT_REQUIRE_FORM",
             "grantMode": "system_grant",
             "availableLevel": "system_basic",
-            "availableType": "NORMAL",
+            "availableType": "SYSTEM",
             "since": 11,
             "deprecated": "",
             "provisionEnable": true,
@@ -2332,6 +2335,72 @@
             "provisionEnable": true,
             "distributedSceneEnable": false
         },
+        {
+            "name": "ohos.permission.ENTERPRISE_GET_ALL_BUNDLE_INFO",
+            "grantMode": "system_grant",
+            "availableLevel": "system_basic",
+            "availableType": "MDM",
+            "since": 20,
+            "deprecated": "",
+            "provisionEnable": true,
+            "distributedSceneEnable": false,
+            "deviceTypes": ["phone", "2in1", "tablet"]
+        },
+        {
+            "name": "ohos.permission.ENTERPRISE_SET_USER_RESTRICTION",
+            "grantMode": "system_grant",
+            "availableLevel": "system_basic",
+            "availableType": "MDM",
+            "since": 20,
+            "deprecated": "",
+            "provisionEnable": true,
+            "distributedSceneEnable": false,
+            "deviceTypes": ["phone", "2in1", "tablet"]
+        },
+        {
+            "name": "ohos.permission.ENTERPRISE_MANAGE_APN",
+            "grantMode": "system_grant",
+            "availableLevel": "system_basic",
+            "availableType": "MDM",
+            "since": 20,
+            "deprecated": "",
+            "provisionEnable": true,
+            "distributedSceneEnable": false,
+            "deviceTypes": ["phone", "2in1", "tablet"]
+        },
+        {
+            "name": "ohos.permission.ENTERPRISE_MANAGE_TELEPHONY",
+            "grantMode": "system_grant",
+            "availableLevel": "system_basic",
+            "availableType": "MDM",
+            "since": 20,
+            "deprecated": "",
+            "provisionEnable": true,
+            "distributedSceneEnable": false,
+            "deviceTypes": ["phone", "2in1", "tablet"]
+        },
+        {
+            "name": "ohos.permission.ENTERPRISE_SET_KIOSK",
+            "grantMode": "system_grant",
+            "availableLevel": "system_basic",
+            "availableType": "MDM",
+            "since": 20,
+            "deprecated": "",
+            "provisionEnable": true,
+            "distributedSceneEnable": false,
+            "deviceTypes": ["phone", "2in1", "tablet"]
+        },
+        {
+            "name": "ohos.permission.ENTERPRISE_SET_WALLPAPER",
+            "grantMode": "system_grant",
+            "availableLevel": "system_basic",
+            "availableType": "MDM",
+            "since": 20,
+            "deprecated": "",
+            "provisionEnable": true,
+            "distributedSceneEnable": false,
+            "deviceTypes": ["phone", "2in1", "tablet"]
+        },
         {
             "name": "ohos.permission.PUBLISH_ENTERPRISE_POLICY_EVENT",
             "grantMode": "system_grant",
@@ -2549,7 +2618,7 @@
             "availableType": "NORMAL",
             "since": 11,
             "deprecated": "",
-            "provisionEnable": false,
+            "provisionEnable": true,
             "distributedSceneEnable": false
         },
         {
@@ -2676,7 +2745,7 @@
             "name": "ohos.permission.INTERCEPT_INPUT_EVENT",
             "grantMode": "system_grant",
             "availableLevel": "system_basic",
-            "availableType": "SYSTEM",
+            "availableType": "NORMAL",
             "since": 11,
             "deprecated": "",
             "provisionEnable": true,
@@ -2841,6 +2910,16 @@
             "deprecated": "",
             "provisionEnable": true,
             "distributedSceneEnable": false
+        },
+		{
+            "name": "ohos.permission.MANAGE_APP_UNINSTALL",
+            "grantMode": "system_grant",
+            "availableLevel": "system_basic",
+            "availableType": "SYSTEM",
+            "since": 19,
+            "deprecated": "",
+            "provisionEnable": true,
+            "distributedSceneEnable": false
         },
         {
             "name": "ohos.permission.RECEIVE_APP_INSTALL_INFO_CHANGE",
@@ -3647,7 +3726,7 @@
             "grantMode": "system_grant",
             "availableLevel": "system_basic",
             "availableType": "SYSTEM",
-            "since": 18,
+            "since": 17,
             "deprecated": "",
             "provisionEnable": true,
             "distributedSceneEnable": false
@@ -3657,7 +3736,7 @@
             "grantMode": "system_grant",
             "availableLevel": "system_basic",
             "availableType": "SYSTEM",
-            "since": 18,
+            "since": 17,
             "deprecated": "",
             "provisionEnable": true,
             "distributedSceneEnable": false
@@ -4132,6 +4211,16 @@
             "provisionEnable": true,
             "distributedSceneEnable": false
         },
+        {
+            "name": "ohos.permission.RECEIVE_BMS_BROKER_MESSAGES",
+            "grantMode": "system_grant",
+            "availableLevel": "system_basic",
+            "availableType": "SYSTEM",
+            "since": 18,
+            "deprecated": "",
+            "provisionEnable": true,
+            "distributedSceneEnable": false
+        },
         {
             "name": "ohos.permission.RECEIVE_FUSION_MESSAGES",
             "grantMode": "system_grant",
@@ -4427,7 +4516,7 @@
             "grantMode": "system_grant",
             "availableLevel": "system_core",
             "availableType": "SERVICE",
-            "since": 17,
+            "since": 18,
             "deprecated": "",
             "provisionEnable": false,
             "distributedSceneEnable": false
@@ -4467,7 +4556,7 @@
             "grantMode": "system_grant",
             "availableLevel": "system_basic",
             "availableType": "SYSTEM",
-            "since": 18,
+            "since": 19,
             "deprecated": "",
             "provisionEnable": true,
             "distributedSceneEnable": false
@@ -4477,7 +4566,7 @@
             "grantMode": "system_grant",
             "availableLevel": "system_basic",
             "availableType": "SYSTEM",
-            "since": 18,
+            "since": 19,
             "deprecated": "",
             "provisionEnable": true,
             "distributedSceneEnable": false
@@ -4487,7 +4576,7 @@
             "grantMode": "system_grant",
             "availableLevel": "system_basic",
             "availableType": "NORMAL",
-            "since": 18,
+            "since": 19,
             "deprecated": "",
             "provisionEnable": true,
             "distributedSceneEnable": false
@@ -4511,9 +4600,49 @@
             "deprecated": "",
             "provisionEnable": true,
             "distributedSceneEnable": false
-        }
-    ],
-    "userGrantPermissions": [
+        },
+        {
+            "name": "ohos.permission.CHANGE_DEFAULT_APPLICATION",
+            "grantMode": "system_grant",
+            "availableLevel": "system_basic",
+            "availableType": "SYSTEM",
+            "since": 19,
+            "deprecated": "",
+            "provisionEnable": true,
+            "distributedSceneEnable": false
+        },
+        {
+            "name": "ohos.permission.CUSTOM_SANDBOX",
+            "grantMode": "system_grant",
+            "availableLevel": "system_basic",
+            "availableType": "NORMAL",
+            "since": 18,
+            "deprecated": "",
+            "provisionEnable": true,
+            "distributedSceneEnable": false
+        },
+        {
+            "name": "ohos.permission.READ_SOUND_RECORD_IN_FILE_MANAGER",
+            "grantMode": "system_grant",
+            "availableLevel": "system_basic",
+            "availableType": "SYSTEM",
+            "since": 20,
+            "deprecated": "",
+            "provisionEnable": true,
+            "distributedSceneEnable": false,
+            "deviceTypes": ["phone", "2in1", "tablet"]
+        },
+        {
+            "name": "ohos.permission.WRITE_SOUND_RECORD_IN_FILE_MANAGER",
+            "grantMode": "system_grant",
+            "availableLevel": "system_basic",
+            "availableType": "SYSTEM",
+            "since": 20,
+            "deprecated": "",
+            "provisionEnable": true,
+            "distributedSceneEnable": false,
+            "deviceTypes": ["phone", "2in1", "tablet"]
+        },
         {
             "name": "ohos.permission.CUSTOM_SCREEN_CAPTURE",
             "grantMode": "user_grant",
@@ -4878,7 +5007,7 @@
             "name": "ohos.permission.READ_WHOLE_CALENDAR",
             "grantMode": "user_grant",
             "availableLevel": "system_basic",
-            "availableType": "NORMAL",
+            "availableType": "SYSTEM",
             "since": 9,
             "deprecated": "",
             "provisionEnable": true,
@@ -4890,7 +5019,7 @@
             "name": "ohos.permission.WRITE_WHOLE_CALENDAR",
             "grantMode": "user_grant",
             "availableLevel": "system_basic",
-            "availableType": "NORMAL",
+            "availableType": "SYSTEM",
             "since": 9,
             "deprecated": "",
             "provisionEnable": true,
@@ -5316,7 +5445,7 @@
             "since": 12,
             "deprecated": "",
             "provisionEnable": true,
-            "distributedSceneEnable": false
+            "distributedSceneEnable": true
         },
         {
             "name": "ohos.permission.INJECT_INPUT_EVENT",
@@ -5904,7 +6033,7 @@
             "name": "ohos.permission.MANAGE_APN_SETTING",
             "grantMode": "system_grant",
             "availableLevel": "system_basic",
-            "availableType": "ENTERPRISE_NORMAL",
+            "availableType": "NORMAL",
             "since": 16,
             "deprecated": "",
             "provisionEnable": true,
@@ -6026,7 +6155,7 @@
             "grantMode": "system_grant",
             "availableLevel": "system_basic",
             "availableType": "NORMAL",
-            "since": 16,
+            "since": 17,
             "deprecated": "",
             "provisionEnable": true,
             "distributedSceneEnable": false,
@@ -6042,6 +6171,16 @@
             "provisionEnable": true,
             "distributedSceneEnable": false
         },
+        {
+            "name": "ohos.permission.ALLOW_ACCESS_TIPS",
+            "grantMode": "system_grant",
+            "availableLevel": "system_basic",
+            "availableType": "SYSTEM",
+            "since": 18,
+            "deprecated": "",
+            "provisionEnable": true,
+            "distributedSceneEnable": false
+        },
         {
             "name": "ohos.permission.GET_DOMAIN_ACCOUNT_SERVER_CONFIGS",
             "grantMode": "system_grant",
@@ -6252,12 +6391,22 @@
             "provisionEnable": true,
             "distributedSceneEnable": false
         },
+        {
+            "name": "ohos.permission.ACCESS_MEDIALIB_RESTORE",
+            "grantMode": "system_grant",
+            "availableLevel": "system_basic",
+            "availableType": "SYSTEM",
+            "since": 17,
+            "deprecated": "",
+            "provisionEnable": true,
+            "distributedSceneEnable": false
+        },
         {
             "name": "ohos.permission.UPDATE_FONT",
             "grantMode": "system_grant",
             "availableLevel": "system_basic",
             "availableType": "SYSTEM",
-            "since": 18,
+            "since": 19,
             "deprecated": "",
             "provisionEnable": true,
             "distributedSceneEnable": false
@@ -6302,25 +6451,205 @@
             "provisionEnable": true,
             "distributedSceneEnable": false
         },
+        {
+            "name": "ohos.permission.UNLOCK_DEVELOPER_MODE",
+            "grantMode": "system_grant",
+            "availableLevel": "system_basic",
+            "availableType": "SYSTEM",
+            "since": 18,
+            "deprecated": "",
+            "provisionEnable": true,
+            "distributedSceneEnable": false
+        },
         {
             "name": "ohos.permission.CONNECT_DISTRIBUTED_EXTENSION",
             "grantMode": "system_grant",
             "availableLevel": "system_core",
             "availableType": "SERVICE",
-            "since": 18,
+            "since": 20,
             "deprecated": "",
             "provisionEnable": true,
-            "distributedSceneEnable": true
+            "distributedSceneEnable": true,
+            "deviceTypes": ["phone", "tablet"]
+        },
+        {
+            "name": "ohos.permission.ENTERPRISE_ACCESS_DLP_FILE",
+            "grantMode": "system_grant",
+            "availableLevel": "system_core",
+            "availableType": "SYSTEM",
+            "since": 20,
+            "deprecated": "",
+            "provisionEnable": true,
+            "distributedSceneEnable": false,
+            "deviceTypes": ["2in1"]
         },
         {
             "name": "ohos.permission.GET_FILE_ICON",
             "grantMode": "system_grant",
             "availableLevel": "normal",
             "availableType": "NORMAL",
+            "since": 17,
+            "deprecated": "",
+            "provisionEnable": true,
+            "distributedSceneEnable": false
+        },
+        {
+            "name": "ohos.permission.ACCESS_CALENDARDATA_FOR_BROKER",
+            "grantMode": "system_grant",
+            "availableLevel": "system_core",
+            "availableType": "SYSTEM",
+            "since": 17,
+            "deprecated": "",
+            "provisionEnable": true,
+            "distributedSceneEnable": false
+        },
+        {
+            "name": "ohos.permission.READ_DHA",
+            "grantMode": "system_grant",
+            "availableLevel": "system_core",
+            "availableType": "SYSTEM",
+            "since": 18,
+            "deprecated": "",
+            "provisionEnable": true,
+            "distributedSceneEnable": false
+        },
+        {
+            "name": "ohos.permission.WRITE_DHA",
+            "grantMode": "system_grant",
+            "availableLevel": "system_core",
+            "availableType": "SYSTEM",
             "since": 18,
             "deprecated": "",
             "provisionEnable": true,
             "distributedSceneEnable": false
+        },
+        {
+            "name": "ohos.permission.NOTIFY_DHA",
+            "grantMode": "system_grant",
+            "availableLevel": "system_core",
+            "availableType": "SYSTEM",
+            "since": 18,
+            "deprecated": "",
+            "provisionEnable": true,
+            "distributedSceneEnable": false
+        },
+        {
+            "name": "ohos.permission.CUSTOMIZE_SAVE_BUTTON",
+            "grantMode": "system_grant",
+            "availableLevel": "system_basic",
+            "availableType": "NORMAL",
+            "since": 20,
+            "deprecated": "",
+            "provisionEnable": true,
+            "distributedSceneEnable": false,
+            "deviceTypes": ["phone", "2in1", "tablet"]
+        },
+        {
+            "name": "ohos.permission.SEND_NOTIFICATION_CROSS_USER",
+            "grantMode": "system_grant",
+            "availableLevel": "system_core",
+            "availableType": "SYSTEM",
+            "since": 18,
+            "deprecated": "",
+            "provisionEnable": true,
+            "distributedSceneEnable": false
+        },
+        {
+            "name": "ohos.permission.HIVIEW_TRACE_MANAGE",
+            "grantMode": "system_grant",
+            "availableLevel": "system_core",
+            "availableType": "SERVICE",
+            "since": 19,
+            "deprecated": "",
+            "provisionEnable": true,
+            "distributedSceneEnable": false
+        },
+        {
+            "name": "ohos.permission.SANDBOX_ACCESS_MANAGER",
+            "grantMode": "system_grant",
+            "availableLevel": "system_core",
+            "availableType": "SYSTEM",
+            "since": 17,
+            "deprecated": "",
+            "provisionEnable": true,
+            "distributedSceneEnable": false
+        },
+        {
+            "name": "ohos.permission.ACCESSIBILITY_EXTENSION_ABILITY",
+            "grantMode": "system_grant",
+            "availableLevel": "system_basic",
+            "availableType": "SYSTEM",
+            "since": 20,
+            "deprecated": "",
+            "provisionEnable": true,
+            "distributedSceneEnable": false,
+            "deviceTypes": ["general"]
+        },
+        {
+            "name": "ohos.permission.RESTORE_APP",
+            "grantMode": "system_grant",
+            "availableLevel": "system_basic",
+            "availableType": "SYSTEM",
+            "since": 20,
+            "deprecated": "",
+            "provisionEnable": true,
+            "distributedSceneEnable": false,
+            "deviceTypes": ["phone", "2in1", "tablet"]
+        },
+        {
+            "name": "ohos.permission.READ_PARENT_CONTROL_DATA",
+            "grantMode": "system_grant",
+            "availableLevel": "system_basic",
+            "availableType": "SYSTEM",
+            "since": 19,
+            "deprecated": "",
+            "provisionEnable": true,
+            "distributedSceneEnable": false,
+            "deviceTypes": ["phone", "2in1", "tablet"]
+        },
+        {
+            "name": "ohos.permission.WRITE_PARENT_CONTROL_DATA",
+            "grantMode": "system_grant",
+            "availableLevel": "system_basic",
+            "availableType": "SYSTEM",
+            "since": 19,
+            "deprecated": "",
+            "provisionEnable": true,
+            "distributedSceneEnable": false,
+            "deviceTypes": ["phone", "2in1", "tablet"]
+        },
+        {
+            "name": "ohos.permission.NETWORK_SIMULATE",
+            "grantMode": "system_grant",
+            "availableLevel": "system_core",
+            "availableType": "SYSTEM",
+            "since": 20,
+            "deprecated": "",
+            "provisionEnable": true,
+            "distributedSceneEnable": false,
+            "deviceTypes": ["phone"]
+        },
+        {
+            "name": "ohos.permission.ALLOW_IOURING",
+            "grantMode": "system_grant",
+            "availableLevel": "system_basic",
+            "availableType": "SYSTEM",
+            "since": 20,
+            "deprecated": "",
+            "provisionEnable": true,
+            "distributedSceneEnable": false,
+            "deviceTypes": ["general"]
+        },
+        {
+            "name": "ohos.permission.GET_ABILITY_INFO",
+            "grantMode": "system_grant",
+            "availableLevel": "system_basic",
+            "availableType": "NORMAL",
+            "since": 20,
+            "deprecated": "",
+            "provisionEnable": true,
+            "distributedSceneEnable": false,
+            "deviceTypes": ["2in1"]
         }
     ]
-}
\ No newline at end of file
+}
diff --git a/services/accesstokenmanager/test/coverage/BUILD.gn b/services/accesstokenmanager/test/coverage/BUILD.gn
index 15c858e9c3fd3f323d05f25944b7dcf6cb3ac648..5b44be53412568d3f7edacc84b65f8a7d9c8fd60 100644
--- a/services/accesstokenmanager/test/coverage/BUILD.gn
+++ b/services/accesstokenmanager/test/coverage/BUILD.gn
@@ -35,17 +35,16 @@ accesstoken_manager_service_source = [
   "${access_token_path}/services/accesstokenmanager/main/cpp/src/permission/short_grant_manager.cpp",
   "${access_token_path}/services/accesstokenmanager/main/cpp/src/permission/permission_validator.cpp",
   "${access_token_path}/services/accesstokenmanager/main/cpp/src/permission/temp_permission_observer.cpp",
+  "${access_token_path}/services/accesstokenmanager/main/cpp/src/seccomp/sec_comp_monitor.cpp",
   "${access_token_path}/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp",
-  "${access_token_path}/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp",
   "${access_token_path}/services/accesstokenmanager/main/cpp/src/token/accesstoken_id_manager.cpp",
   "${access_token_path}/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp",
   "${access_token_path}/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp",
 ]
 
 ohos_unittest("libaccesstoken_manager_service_coverage_test") {
-  subsystem_name = "security"
-  part_name = "access_token"
-  module_out_path = part_name + "/" + part_name
+  subsystem_name = "accesscontrol"
+  module_out_path = module_output_path_unittest_accesstoken
   sanitize = {
     cfi = true
     cfi_cross_dso = true
@@ -76,6 +75,7 @@ ohos_unittest("libaccesstoken_manager_service_coverage_test") {
     "${access_token_path}/services/accesstokenmanager/main/cpp/include/dfx",
     "${access_token_path}/services/accesstokenmanager/main/cpp/include/form_manager",
     "${access_token_path}/services/accesstokenmanager/main/cpp/include/permission",
+    "${access_token_path}/services/accesstokenmanager/main/cpp/include/seccomp",
     "${access_token_path}/services/accesstokenmanager/main/cpp/include/service",
     "${access_token_path}/services/accesstokenmanager/main/cpp/include/token",
   ]
@@ -88,7 +88,10 @@ ohos_unittest("libaccesstoken_manager_service_coverage_test") {
 
   cflags_cc = [ "-DHILOG_ENABLE" ]
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
   deps = [
     "${access_token_path}/frameworks/accesstoken:accesstoken_communication_adapter_cxx",
@@ -96,9 +99,9 @@ ohos_unittest("libaccesstoken_manager_service_coverage_test") {
     "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk",
     "${access_token_path}/interfaces/innerkits/accesstoken:libtokenid_sdk",
     "${access_token_path}/interfaces/innerkits/nativetoken:libnativetoken_shared",
-    "${access_token_path}/interfaces/innerkits/privacy:libprivacy_sdk",
     "${access_token_path}/interfaces/innerkits/token_setproc:libperm_setproc",
     "${access_token_path}/interfaces/innerkits/token_setproc:libtokensetproc_shared",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_stub",
     "${access_token_path}/services/common:accesstoken_service_common",
   ]
 
diff --git a/services/accesstokenmanager/test/coverage/accesstoken_database_coverage_test.cpp b/services/accesstokenmanager/test/coverage/accesstoken_database_coverage_test.cpp
index 55603f5ce8d377f090d560109b0e8c7ba71aceb6..6d78206d9b3efa5213177876a97f1b8a528e82fa 100644
--- a/services/accesstokenmanager/test/coverage/accesstoken_database_coverage_test.cpp
+++ b/services/accesstokenmanager/test/coverage/accesstoken_database_coverage_test.cpp
@@ -67,7 +67,7 @@ void AccessTokenDatabaseCoverageTest::TearDown() {}
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenDatabaseCoverageTest, ToRdbValueBuckets001, TestSize.Level1)
+HWTEST_F(AccessTokenDatabaseCoverageTest, ToRdbValueBuckets001, TestSize.Level4)
 {
     std::vector<GenericValues> values;
     GenericValues value;
@@ -83,7 +83,7 @@ HWTEST_F(AccessTokenDatabaseCoverageTest, ToRdbValueBuckets001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenDatabaseCoverageTest, TranslationIntoPermissionStatus001, TestSize.Level1)
+HWTEST_F(AccessTokenDatabaseCoverageTest, TranslationIntoPermissionStatus001, TestSize.Level4)
 {
     GenericValues value;
     value.Put(TokenFiledConst::FIELD_GRANT_IS_GENERAL, 1);
@@ -105,7 +105,7 @@ HWTEST_F(AccessTokenDatabaseCoverageTest, TranslationIntoPermissionStatus001, Te
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenDatabaseCoverageTest, OnUpgrade001, TestSize.Level1)
+HWTEST_F(AccessTokenDatabaseCoverageTest, OnUpgrade001, TestSize.Level4)
 {
     AccessTokenOpenCallback callback;
     uint32_t flag = 0;
@@ -155,7 +155,7 @@ HWTEST_F(AccessTokenDatabaseCoverageTest, OnUpgrade001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenDatabaseCoverageTest, Modify001, TestSize.Level1)
+HWTEST_F(AccessTokenDatabaseCoverageTest, Modify001, TestSize.Level4)
 {
     AtmDataType type = static_cast<AtmDataType>(NOT_EXSIT_ATM_TYPE);
     GenericValues modifyValue;
@@ -194,7 +194,7 @@ HWTEST_F(AccessTokenDatabaseCoverageTest, Modify001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenDatabaseCoverageTest, Find001, TestSize.Level1)
+HWTEST_F(AccessTokenDatabaseCoverageTest, Find001, TestSize.Level4)
 {
     AtmDataType type = static_cast<AtmDataType>(NOT_EXSIT_ATM_TYPE);
     GenericValues conditionValue;
diff --git a/services/accesstokenmanager/test/coverage/permission_manager_coverage_test.cpp b/services/accesstokenmanager/test/coverage/permission_manager_coverage_test.cpp
index 783f919fa599fb9caab8e819bf4ebb150b0fa8a3..6dda09ac9101a9d1251f03fe65d56f0de38d0240 100644
--- a/services/accesstokenmanager/test/coverage/permission_manager_coverage_test.cpp
+++ b/services/accesstokenmanager/test/coverage/permission_manager_coverage_test.cpp
@@ -20,7 +20,6 @@
 #include "accesstoken_kit.h"
 #include "access_token_error.h"
 #define private public
-#include "accesstoken_id_manager.h"
 #include "accesstoken_info_manager.h"
 #include "form_manager_access_client.h"
 #undef private
@@ -73,7 +72,11 @@ public:
 
 void PermissionRecordManagerCoverageTest::SetUpTestCase()
 {
-    AccessTokenInfoManager::GetInstance().Init();
+    uint32_t hapSize = 0;
+    uint32_t nativeSize = 0;
+    uint32_t pefDefSize = 0;
+    uint32_t dlpSize = 0;
+    AccessTokenInfoManager::GetInstance().Init(hapSize, nativeSize, pefDefSize, dlpSize);
 }
 
 void PermissionRecordManagerCoverageTest::TearDownTestCase() {}
@@ -88,7 +91,7 @@ void PermissionRecordManagerCoverageTest::TearDown() {}
  * @tc.type: FUNC
  * @tc.require: issueI5RWXF
  */
-HWTEST_F(PermissionRecordManagerCoverageTest, RegisterAddObserverTest001, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerCoverageTest, RegisterAddObserverTest001, TestSize.Level4)
 {
     AccessTokenID selfTokenId = GetSelfTokenID();
     AccessTokenID nativeToken = AccessTokenInfoManager::GetInstance().GetNativeTokenId("privacy_service");
@@ -113,7 +116,7 @@ HWTEST_F(PermissionRecordManagerCoverageTest, RegisterAddObserverTest001, TestSi
  * @tc.type: FUNC
  * @tc.require: issueI5RWXF
  */
-HWTEST_F(PermissionRecordManagerCoverageTest, FormMgrDiedHandle001, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerCoverageTest, FormMgrDiedHandle001, TestSize.Level4)
 {
     FormManagerAccessClient::GetInstance().OnRemoteDiedHandle();
     ASSERT_EQ(nullptr, FormManagerAccessClient::GetInstance().proxy_);
@@ -141,7 +144,7 @@ public:
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerCoverageTest, OnRemoteRequest001, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerCoverageTest, OnRemoteRequest001, TestSize.Level4)
 {
     PermissionRecordManagerCoverTestCb1 callback;
 
@@ -181,7 +184,7 @@ HWTEST_F(PermissionRecordManagerCoverageTest, OnRemoteRequest001, TestSize.Level
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerCoverageTest, UpdateCapStateToDatabase001, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerCoverageTest, UpdateCapStateToDatabase001, TestSize.Level4)
 {
     AccessTokenIDEx tokenIdEx = {0};
     ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_info, g_policy, tokenIdEx));
@@ -199,7 +202,7 @@ HWTEST_F(PermissionRecordManagerCoverageTest, UpdateCapStateToDatabase001, TestS
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerCoverageTest, RestorePermissionPolicy001, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerCoverageTest, RestorePermissionPolicy001, TestSize.Level4)
 {
     GenericValues value1;
     value1.Put(TokenFiledConst::FIELD_TOKEN_ID, 123); // 123 is random input
diff --git a/services/accesstokenmanager/test/mock/BUILD.gn b/services/accesstokenmanager/test/mock/BUILD.gn
index f52d369b6fbc762b7c5dea80f3645840755977ac..ddff767fb0c08c17b725ba8ffcc8156da4e7025e 100644
--- a/services/accesstokenmanager/test/mock/BUILD.gn
+++ b/services/accesstokenmanager/test/mock/BUILD.gn
@@ -35,17 +35,16 @@ accesstoken_manager_service_source = [
   "${access_token_path}/services/accesstokenmanager/main/cpp/src/permission/short_grant_manager.cpp",
   "${access_token_path}/services/accesstokenmanager/main/cpp/src/permission/permission_validator.cpp",
   "${access_token_path}/services/accesstokenmanager/main/cpp/src/permission/temp_permission_observer.cpp",
+  "${access_token_path}/services/accesstokenmanager/main/cpp/src/seccomp/sec_comp_monitor.cpp",
   "${access_token_path}/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp",
-  "${access_token_path}/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp",
   "${access_token_path}/services/accesstokenmanager/main/cpp/src/token/accesstoken_id_manager.cpp",
   "${access_token_path}/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp",
   "${access_token_path}/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp",
 ]
 
 ohos_unittest("libpermission_manager_mock_test") {
-  subsystem_name = "security"
-  part_name = "access_token"
-  module_out_path = part_name + "/" + part_name
+  subsystem_name = "accesscontrol"
+  module_out_path = module_output_path_unittest_accesstoken
   sanitize = {
     cfi = true
     cfi_cross_dso = true
@@ -76,6 +75,7 @@ ohos_unittest("libpermission_manager_mock_test") {
     "${access_token_path}/services/accesstokenmanager/main/cpp/include/dfx",
     "${access_token_path}/services/accesstokenmanager/main/cpp/include/form_manager",
     "${access_token_path}/services/accesstokenmanager/main/cpp/include/permission",
+    "${access_token_path}/services/accesstokenmanager/main/cpp/include/seccomp",
     "${access_token_path}/services/accesstokenmanager/main/cpp/include/service",
     "${access_token_path}/services/accesstokenmanager/main/cpp/include/token",
   ]
@@ -89,7 +89,10 @@ ohos_unittest("libpermission_manager_mock_test") {
 
   cflags_cc = [ "-DHILOG_ENABLE" ]
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
   deps = [
     "${access_token_path}/frameworks/accesstoken:accesstoken_communication_adapter_cxx",
@@ -97,9 +100,9 @@ ohos_unittest("libpermission_manager_mock_test") {
     "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk",
     "${access_token_path}/interfaces/innerkits/accesstoken:libtokenid_sdk",
     "${access_token_path}/interfaces/innerkits/nativetoken:libnativetoken_shared",
-    "${access_token_path}/interfaces/innerkits/privacy:libprivacy_sdk",
     "${access_token_path}/interfaces/innerkits/token_setproc:libperm_setproc",
     "${access_token_path}/interfaces/innerkits/token_setproc:libtokensetproc_shared",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_stub",
     "${access_token_path}/services/common:accesstoken_service_common",
   ]
 
diff --git a/services/accesstokenmanager/test/mock/permission_manager_mock_test.cpp b/services/accesstokenmanager/test/mock/permission_manager_mock_test.cpp
index 4d927aa8eaca903ebef26cb49b0975ab2a7398ae..ee7623073e7c82774ac5c13a38427700045e2ca7 100644
--- a/services/accesstokenmanager/test/mock/permission_manager_mock_test.cpp
+++ b/services/accesstokenmanager/test/mock/permission_manager_mock_test.cpp
@@ -43,7 +43,7 @@ void PermissionManagerMockTest::TearDown()
  * @tc.type: FUNC
  * @tc.require: Issue
  */
-HWTEST_F(PermissionManagerMockTest, RequestAppPermOnSettingTest001, TestSize.Level1)
+HWTEST_F(PermissionManagerMockTest, RequestAppPermOnSettingTest001, TestSize.Level4)
 {
     HapTokenInfo hapInfo;
     hapInfo.bundleName = "aaa";
diff --git a/services/accesstokenmanager/test/unittest/BUILD.gn b/services/accesstokenmanager/test/unittest/BUILD.gn
index 812c0a2a1915dbd31d4f2c30d63e29cae4f56407..8dd44e836552897796b3c7930a821f5095da2ff5 100644
--- a/services/accesstokenmanager/test/unittest/BUILD.gn
+++ b/services/accesstokenmanager/test/unittest/BUILD.gn
@@ -35,17 +35,16 @@ accesstoken_manager_service_source = [
   "${access_token_path}/services/accesstokenmanager/main/cpp/src/permission/short_grant_manager.cpp",
   "${access_token_path}/services/accesstokenmanager/main/cpp/src/permission/permission_validator.cpp",
   "${access_token_path}/services/accesstokenmanager/main/cpp/src/permission/temp_permission_observer.cpp",
+  "${access_token_path}/services/accesstokenmanager/main/cpp/src/seccomp/sec_comp_monitor.cpp",
   "${access_token_path}/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp",
-  "${access_token_path}/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp",
   "${access_token_path}/services/accesstokenmanager/main/cpp/src/token/accesstoken_id_manager.cpp",
   "${access_token_path}/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp",
   "${access_token_path}/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp",
 ]
 
 ohos_unittest("libaccesstoken_manager_service_standard_test") {
-  subsystem_name = "security"
-  part_name = "access_token"
-  module_out_path = part_name + "/" + part_name
+  subsystem_name = "accesscontrol"
+  module_out_path = module_output_path_unittest_accesstoken
   sanitize = {
     cfi = true
     cfi_cross_dso = true
@@ -76,6 +75,7 @@ ohos_unittest("libaccesstoken_manager_service_standard_test") {
     "${access_token_path}/services/accesstokenmanager/main/cpp/include/dfx",
     "${access_token_path}/services/accesstokenmanager/main/cpp/include/form_manager",
     "${access_token_path}/services/accesstokenmanager/main/cpp/include/permission",
+    "${access_token_path}/services/accesstokenmanager/main/cpp/include/seccomp",
     "${access_token_path}/services/accesstokenmanager/main/cpp/include/service",
     "${access_token_path}/services/accesstokenmanager/main/cpp/include/token",
     "${access_token_path}/services/accesstokenmanager/test/unittest",
@@ -90,6 +90,7 @@ ohos_unittest("libaccesstoken_manager_service_standard_test") {
     "parameters.cpp",
     "permission_grant_event_test.cpp",
     "permission_manager_test.cpp",
+    "sec_comp_monitor_test.cpp",
     "short_grant_manager_test.cpp",
   ]
 
@@ -102,7 +103,10 @@ ohos_unittest("libaccesstoken_manager_service_standard_test") {
     sources += [ "${access_token_path}/services/accesstokenmanager/main/cpp/src/permission/dlp_permission_set_manager.cpp" ]
   }
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
   deps = [
     "${access_token_path}/frameworks/accesstoken:accesstoken_communication_adapter_cxx",
@@ -110,9 +114,9 @@ ohos_unittest("libaccesstoken_manager_service_standard_test") {
     "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk",
     "${access_token_path}/interfaces/innerkits/accesstoken:libtokenid_sdk",
     "${access_token_path}/interfaces/innerkits/nativetoken:libnativetoken_shared",
-    "${access_token_path}/interfaces/innerkits/privacy:libprivacy_sdk",
     "${access_token_path}/interfaces/innerkits/token_setproc:libperm_setproc",
     "${access_token_path}/interfaces/innerkits/token_setproc:libtokensetproc_shared",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_stub",
     "${access_token_path}/services/common:accesstoken_service_common",
   ]
 
diff --git a/services/accesstokenmanager/test/unittest/accesstoken_database_test.cpp b/services/accesstokenmanager/test/unittest/accesstoken_database_test.cpp
index 7403a1a56c4b6ceb346b3da7bfc524a9e4eb0592..a41f0a32f6f1f16932416ebe038c239ab7a19437 100644
--- a/services/accesstokenmanager/test/unittest/accesstoken_database_test.cpp
+++ b/services/accesstokenmanager/test/unittest/accesstoken_database_test.cpp
@@ -48,7 +48,7 @@ void AccessTokenDatabaseTest::TearDown()
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenDatabaseTest, DatabaseConverage002, TestSize.Level1)
+HWTEST_F(AccessTokenDatabaseTest, DatabaseConverage002, TestSize.Level4)
 {
     DataTranslator trans;
     GenericValues inGenericValues;
diff --git a/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp b/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp
index 0c7fb6a317c691dd5bda855caaeb59aaf2c2e0ac..9a35bce8f190753c6e4c6ce42170481aed546d0c 100644
--- a/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp
+++ b/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp
@@ -35,6 +35,7 @@
 #include "permission_validator.h"
 #include "string_ex.h"
 #include "token_setproc.h"
+#include "system_ability_definition.h"
 
 using namespace testing::ext;
 using namespace OHOS;
@@ -48,6 +49,7 @@ static constexpr int USER_ID = 100;
 static constexpr int INST_INDEX = 0;
 static constexpr int32_t MAX_EXTENDED_MAP_SIZE = 512;
 static constexpr int32_t MAX_VALUE_LENGTH = 1024;
+static AccessTokenID g_selfTokenId = 0;
 static PermissionDef g_infoManagerTestPermDef1 = {
     .permissionName = "open the door",
     .bundleName = "accesstoken_test",
@@ -107,6 +109,7 @@ static PermissionStatus g_permState = {
 };
 
 #ifdef TOKEN_SYNC_ENABLE
+static uint32_t tokenSyncId_ = 0;
 static const int32_t FAKE_SYNC_RET = 0xabcdef;
 class TokenSyncCallbackMock : public TokenSyncCallbackStub {
 public:
@@ -122,12 +125,18 @@ public:
 
 void AccessTokenInfoManagerTest::SetUpTestCase()
 {
-    AccessTokenInfoManager::GetInstance().Init();
+    g_selfTokenId = GetSelfTokenID();
+    uint32_t hapSize = 0;
+    uint32_t nativeSize = 0;
+    uint32_t pefDefSize = 0;
+    uint32_t dlpSize = 0;
+    AccessTokenInfoManager::GetInstance().Init(hapSize, nativeSize, pefDefSize, dlpSize);
 }
 
 void AccessTokenInfoManagerTest::TearDownTestCase()
 {
     sleep(3); // delay 3 minutes
+    SetSelfTokenID(g_selfTokenId);
 }
 
 void AccessTokenInfoManagerTest::SetUp()
@@ -147,7 +156,7 @@ void AccessTokenInfoManagerTest::TearDown()
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, HapTokenInfoInner001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, HapTokenInfoInner001, TestSize.Level0)
 {
     AccessTokenID id = 0x20240112;
     HapTokenInfo info = {
@@ -178,7 +187,7 @@ HWTEST_F(AccessTokenInfoManagerTest, HapTokenInfoInner001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo001, TestSize.Level0)
 {
     AccessTokenIDEx tokenIdEx = {0};
     int ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_infoManagerTestInfoParms,
@@ -207,7 +216,7 @@ HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo002, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo002, TestSize.Level0)
 {
     AccessTokenIDEx tokenIdEx = {0};
     int ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_infoManagerTestInfoParms,
@@ -241,7 +250,7 @@ HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo003, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo003, TestSize.Level0)
 {
     HapInfoParams info = {
         .userID = -1
@@ -258,7 +267,7 @@ HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo004, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo004, TestSize.Level0)
 {
     HapInfoParams info = {
         .userID = USER_ID,
@@ -276,7 +285,7 @@ HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo004, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo005, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo005, TestSize.Level0)
 {
     HapInfoParams info = {
         .userID = USER_ID,
@@ -295,7 +304,7 @@ HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo005, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo006, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo006, TestSize.Level0)
 {
     HapInfoParams info = {
         .userID = USER_ID,
@@ -316,7 +325,7 @@ HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo006, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo007, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo007, TestSize.Level0)
 {
     HapInfoParams info = {
         .userID = USER_ID,
@@ -338,7 +347,7 @@ HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo007, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo008, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo008, TestSize.Level0)
 {
     static PermissionDef permDef = {
         .permissionName = "ohos.permission.test",
@@ -372,7 +381,7 @@ HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo008, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, InitHapToken001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, InitHapToken001, TestSize.Level0)
 {
     HapInfoParcel hapinfoParcel;
     hapinfoParcel.hapInfoParameter = {
@@ -387,9 +396,10 @@ HWTEST_F(AccessTokenInfoManagerTest, InitHapToken001, TestSize.Level1)
     HapPolicyParcel hapPolicyParcel;
     hapPolicyParcel.hapPolicy.apl = ATokenAplEnum::APL_NORMAL;
     hapPolicyParcel.hapPolicy.domain = "test.domain";
-    AccessTokenIDEx tokenIdEx;
-    HapInfoCheckResult result;
-    ASSERT_EQ(ERR_PARAM_INVALID, atManagerService_->InitHapToken(hapinfoParcel, hapPolicyParcel, tokenIdEx, result));
+    uint64_t fullTokenId;
+    HapInfoCheckResultIdl result;
+    ASSERT_EQ(ERR_PARAM_INVALID,
+        atManagerService_->InitHapToken(hapinfoParcel, hapPolicyParcel, fullTokenId, result));
 }
 
 /**
@@ -398,7 +408,7 @@ HWTEST_F(AccessTokenInfoManagerTest, InitHapToken001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, InitHapToken002, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, InitHapToken002, TestSize.Level0)
 {
     HapInfoParcel hapinfoParcel;
     hapinfoParcel.hapInfoParameter = {
@@ -413,10 +423,10 @@ HWTEST_F(AccessTokenInfoManagerTest, InitHapToken002, TestSize.Level1)
     HapPolicyParcel hapPolicyParcel;
     hapPolicyParcel.hapPolicy.apl = ATokenAplEnum::APL_NORMAL;
     hapPolicyParcel.hapPolicy.domain = "test.domain";
-    AccessTokenIDEx tokenIdEx;
-    HapInfoCheckResult result;
+    uint64_t fullTokenId;
+    HapInfoCheckResultIdl result;
     ASSERT_EQ(ERR_PERM_REQUEST_CFG_FAILED,
-        atManagerService_->InitHapToken(hapinfoParcel, hapPolicyParcel, tokenIdEx, result));
+        atManagerService_->InitHapToken(hapinfoParcel, hapPolicyParcel, fullTokenId, result));
 }
 
 /**
@@ -425,7 +435,7 @@ HWTEST_F(AccessTokenInfoManagerTest, InitHapToken002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, InitHapToken003, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, InitHapToken003, TestSize.Level0)
 {
     HapInfoParcel info;
     info.hapInfoParameter = {
@@ -454,18 +464,29 @@ HWTEST_F(AccessTokenInfoManagerTest, InitHapToken003, TestSize.Level1)
         .permList = {},
         .permStateList = { permissionStateA, permissionStateB }
     };
-    AccessTokenIDEx fullTokenId = {0};
+    uint64_t fullTokenId;;
+    HapInfoCheckResultIdl resultInfoIdl;
     HapInfoCheckResult result;
 
-    ASSERT_EQ(ERR_PERM_REQUEST_CFG_FAILED, atManagerService_->InitHapToken(info, policy, fullTokenId, result));
+    ASSERT_EQ(0,
+        atManagerService_->InitHapToken(info, policy, fullTokenId, resultInfoIdl));
+
+    PermissionInfoCheckResult permCheckResult;
+    permCheckResult.permissionName = resultInfoIdl.permissionName;
+    int32_t rule = static_cast<int32_t>(resultInfoIdl.rule);
+    permCheckResult.rule = PermissionRulesEnum(rule);
+    result.permCheckResult = permCheckResult;
     ASSERT_EQ(result.permCheckResult.permissionName, "ohos.permission.GET_ALL_APP_ACCOUNTS");
     ASSERT_EQ(result.permCheckResult.rule, PERMISSION_ACL_RULE);
     permissionStateA.permissionName = "ohos.permission.ENTERPRISE_MANAGE_SETTINGS";
     policy.hapPolicy.aclRequestedList = { "ohos.permission.ENTERPRISE_MANAGE_SETTINGS" };
     policy.hapPolicy.permStateList = { permissionStateA, permissionStateB };
-    ASSERT_EQ(ERR_PERM_REQUEST_CFG_FAILED, atManagerService_->InitHapToken(info, policy, fullTokenId, result));
-    ASSERT_EQ(result.permCheckResult.permissionName, "ohos.permission.ENTERPRISE_MANAGE_SETTINGS");
-    ASSERT_EQ(result.permCheckResult.rule, PERMISSION_EDM_RULE);
+    ASSERT_EQ(0,
+        atManagerService_->InitHapToken(info, policy, fullTokenId, resultInfoIdl));
+
+    ASSERT_EQ(resultInfoIdl.permissionName, "ohos.permission.ENTERPRISE_MANAGE_SETTINGS");
+    rule = static_cast<int32_t>(resultInfoIdl.rule);
+    ASSERT_EQ(PermissionRulesEnum(rule), PERMISSION_EDM_RULE);
 }
 
 static void GetHapParams(HapInfoParams& infoParams, HapPolicy& policyParams)
@@ -508,14 +529,14 @@ void TestPrepareKernelPermissionStatus(HapPolicy& policyParams)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, InitHapToken004, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, InitHapToken004, TestSize.Level0)
 {
     HapInfoParcel info;
     HapPolicyParcel policy;
     GetHapParams(info.hapInfoParameter, policy.hapPolicy);
 
-    AccessTokenIDEx fullTokenId;
-    HapInfoCheckResult result;
+    uint64_t fullTokenId;;
+    HapInfoCheckResultIdl result;
     int32_t ret = atManagerService_->InitHapToken(info, policy, fullTokenId, result);
     ASSERT_EQ(RET_SUCCESS, ret);
 
@@ -529,12 +550,14 @@ HWTEST_F(AccessTokenInfoManagerTest, InitHapToken004, TestSize.Level1)
         std::to_string(MAX_EXTENDED_MAP_SIZE - 1);
     ret = atManagerService_->InitHapToken(info, policy, fullTokenId, result);
     ASSERT_EQ(RET_SUCCESS, ret);
+    AccessTokenIDEx tokenIDEx = {fullTokenId};
+    AccessTokenID tokenID = tokenIDEx.tokenIdExStruct.tokenID;
 
     policy.hapPolicy.aclExtendedMap[std::to_string(MAX_EXTENDED_MAP_SIZE)] =
         std::to_string(MAX_EXTENDED_MAP_SIZE);
     ret = atManagerService_->InitHapToken(info, policy, fullTokenId, result);
     ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
-    AccessTokenID tokenID = fullTokenId.tokenIdExStruct.tokenID;
+
     ret = atManagerService_->DeleteToken(tokenID);
     EXPECT_EQ(RET_SUCCESS, ret);
 }
@@ -545,14 +568,14 @@ HWTEST_F(AccessTokenInfoManagerTest, InitHapToken004, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, InitHapToken005, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, InitHapToken005, TestSize.Level0)
 {
     HapInfoParcel info;
     HapPolicyParcel policy;
     GetHapParams(info.hapInfoParameter, policy.hapPolicy);
 
-    AccessTokenIDEx fullTokenId;
-    HapInfoCheckResult result;
+    uint64_t fullTokenId;
+    HapInfoCheckResultIdl result;
     policy.hapPolicy.aclExtendedMap["ohos.permission.ACCESS_CERT_MANAGER"] = "";
     int32_t ret = atManagerService_->InitHapToken(info, policy, fullTokenId, result);
     ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
@@ -566,12 +589,13 @@ HWTEST_F(AccessTokenInfoManagerTest, InitHapToken005, TestSize.Level1)
     policy.hapPolicy.aclExtendedMap["ohos.permission.ACCESS_CERT_MANAGER"] = testValue;
     ret = atManagerService_->InitHapToken(info, policy, fullTokenId, result);
     ASSERT_EQ(RET_SUCCESS, ret);
+    AccessTokenIDEx tokenIDEx = {fullTokenId};
+    AccessTokenID tokenID = tokenIDEx.tokenIdExStruct.tokenID;
 
     testValue.push_back('1');
     policy.hapPolicy.aclExtendedMap["ohos.permission.ACCESS_CERT_MANAGER"] = testValue;
     ret = atManagerService_->InitHapToken(info, policy, fullTokenId, result);
     ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
-    AccessTokenID tokenID = fullTokenId.tokenIdExStruct.tokenID;
 
     ret = atManagerService_->DeleteToken(tokenID);
     EXPECT_EQ(RET_SUCCESS, ret);
@@ -583,19 +607,19 @@ HWTEST_F(AccessTokenInfoManagerTest, InitHapToken005, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, InitHapToken006, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, InitHapToken006, TestSize.Level0)
 {
     HapInfoParcel info;
     HapPolicyParcel policy;
     GetHapParams(info.hapInfoParameter, policy.hapPolicy);
-    AccessTokenIDEx fullTokenId;
-    HapInfoCheckResult result;
+    uint64_t fullTokenId;
+    HapInfoCheckResultIdl result;
 
     TestPrepareKernelPermissionStatus(policy.hapPolicy);
     ASSERT_EQ(RET_SUCCESS, atManagerService_->InitHapToken(info, policy, fullTokenId, result));
-    AccessTokenID tokenID = fullTokenId.tokenIdExStruct.tokenID;
+    AccessTokenID tokenID = static_cast<AccessTokenID>(fullTokenId);
 
-    std::vector<PermissionWithValue> kernelPermList;
+    std::vector<PermissionWithValueIdl> kernelPermList;
     EXPECT_EQ(RET_SUCCESS, atManagerService_->GetKernelPermissions(tokenID, kernelPermList));
     EXPECT_EQ(1, kernelPermList.size());
 
@@ -619,20 +643,20 @@ HWTEST_F(AccessTokenInfoManagerTest, InitHapToken006, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, InitHapToken007, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, InitHapToken007, TestSize.Level0)
 {
     HapInfoParcel info;
     HapPolicyParcel policy;
     GetHapParams(info.hapInfoParameter, policy.hapPolicy);
-    AccessTokenIDEx fullTokenId;
-    HapInfoCheckResult result;
+    uint64_t fullTokenId;
+    HapInfoCheckResultIdl result;
 
     TestPrepareKernelPermissionStatus(policy.hapPolicy);
     policy.hapPolicy.aclExtendedMap.erase("ohos.permission.KERNEL_ATM_SELF_USE");
     ASSERT_EQ(RET_SUCCESS, atManagerService_->InitHapToken(info, policy, fullTokenId, result));
-    AccessTokenID tokenID = fullTokenId.tokenIdExStruct.tokenID;
+    AccessTokenID tokenID = static_cast<AccessTokenID>(fullTokenId);
 
-    std::vector<PermissionWithValue> kernelPermList;
+    std::vector<PermissionWithValueIdl> kernelPermList;
     EXPECT_EQ(RET_SUCCESS, atManagerService_->GetKernelPermissions(tokenID, kernelPermList));
     EXPECT_EQ(1, kernelPermList.size());
 
@@ -650,7 +674,7 @@ HWTEST_F(AccessTokenInfoManagerTest, InitHapToken007, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, IsTokenIdExist001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, IsTokenIdExist001, TestSize.Level0)
 {
     AccessTokenID testId = 1;
     ASSERT_EQ(AccessTokenInfoManager::GetInstance().IsTokenIdExist(testId), false);
@@ -662,7 +686,7 @@ HWTEST_F(AccessTokenInfoManagerTest, IsTokenIdExist001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenInfo001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenInfo001, TestSize.Level0)
 {
     AccessTokenIDEx tokenIdEx = {0};
     int result;
@@ -687,7 +711,7 @@ HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenInfo001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, RemoveHapTokenInfo001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, RemoveHapTokenInfo001, TestSize.Level0)
 {
     AccessTokenIDEx tokenIdEx = {0};
     // type != TOKEN_HAP
@@ -729,7 +753,7 @@ HWTEST_F(AccessTokenInfoManagerTest, RemoveHapTokenInfo001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenID001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenID001, TestSize.Level0)
 {
     AccessTokenIDEx tokenIdEx = {0};
     int ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_infoManagerTestInfoParms,
@@ -759,7 +783,7 @@ HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenID001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken001, TestSize.Level0)
 {
     AccessTokenIDEx tokenIdEx = {0};
     int ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_infoManagerTestInfoParms,
@@ -796,7 +820,7 @@ HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken002, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken002, TestSize.Level0)
 {
     AccessTokenIDEx tokenIdEx = {0};
     HapPolicy policy = g_infoManagerTestPolicyPrams1;
@@ -821,7 +845,7 @@ HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken003, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken003, TestSize.Level0)
 {
     AccessTokenID tokenId = 537919487; // 537919487 is max hap tokenId: 001 00 0 000000 11111111111111111111
     AccessTokenIDEx tokenIdEx = {0};
@@ -845,20 +869,20 @@ HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken004, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken004, TestSize.Level0)
 {
     HapInfoParcel info;
     HapPolicyParcel policy;
     GetHapParams(info.hapInfoParameter, policy.hapPolicy);
-    AccessTokenIDEx fullTokenId;
-    HapInfoCheckResult result;
+    uint64_t fullTokenId;
+    HapInfoCheckResultIdl result;
 
     TestPrepareKernelPermissionStatus(policy.hapPolicy);
     ASSERT_EQ(RET_SUCCESS, atManagerService_->InitHapToken(info, policy, fullTokenId, result));
-    AccessTokenID tokenID = fullTokenId.tokenIdExStruct.tokenID;
+    AccessTokenID tokenID = static_cast<AccessTokenID>(fullTokenId);
 
     policy.hapPolicy.aclExtendedMap["ohos.permission.KERNEL_ATM_SELF_USE"] = "1"; // modified value
-    UpdateHapInfoParams updateInfoParams = {
+    UpdateHapInfoParamsIdl updateInfoParams = {
         .appIDDesc = "AccessTokenTestAppID",
         .apiVersion = DEFAULT_API_VERSION,
         .isSystemApp = true,
@@ -866,7 +890,7 @@ HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken004, TestSize.Level1)
     };
     EXPECT_EQ(RET_SUCCESS, atManagerService_->UpdateHapToken(fullTokenId, updateInfoParams, policy, result));
 
-    std::vector<PermissionWithValue> kernelPermList;
+    std::vector<PermissionWithValueIdl> kernelPermList;
     EXPECT_EQ(RET_SUCCESS, atManagerService_->GetKernelPermissions(tokenID, kernelPermList));
     EXPECT_EQ(1, kernelPermList.size());
 
@@ -891,7 +915,7 @@ HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken004, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenSync001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenSync001, TestSize.Level0)
 {
     AccessTokenIDEx tokenIdEx = {0};
     int result;
@@ -918,7 +942,7 @@ HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenSync001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenSync002, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenSync002, TestSize.Level0)
 {
     AccessTokenID tokenId = 537919487; // 537919487 is max hap tokenId: 001 00 0 000000 11111111111111111111
     std::shared_ptr<HapTokenInfoInner> info = std::make_shared<HapTokenInfoInner>();
@@ -934,7 +958,7 @@ HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenSync002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenInfoFromRemote001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenInfoFromRemote001, TestSize.Level0)
 {
     AccessTokenIDEx tokenIdEx = {0};
     int ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(
@@ -957,7 +981,7 @@ HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenInfoFromRemote001, TestSize.Leve
  * @tc.type: FUNC
  * @tc.require: issueI5RJBB
  */
-HWTEST_F(AccessTokenInfoManagerTest, RemoteHapTest001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, RemoteHapTest001, TestSize.Level0)
 {
     AccessTokenIDEx tokenIdEx = {0};
     int32_t ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(
@@ -991,7 +1015,7 @@ HWTEST_F(AccessTokenInfoManagerTest, RemoteHapTest001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5RJBB
  */
-HWTEST_F(AccessTokenInfoManagerTest, DeleteRemoteToken001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, DeleteRemoteToken001, TestSize.Level0)
 {
     AccessTokenIDEx tokenIdEx = {0};
     int32_t ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(
@@ -1037,7 +1061,7 @@ static bool SetRemoteHapTokenInfoTest(const std::string& deviceID, const HapToke
  * @tc.type: FUNC
  * @tc.require: issue5RJBB
  */
-HWTEST_F(AccessTokenInfoManagerTest, SetRemoteHapTokenInfo001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, SetRemoteHapTokenInfo001, TestSize.Level0)
 {
     std::string deviceID = "deviceId";
     HapTokenInfo rightBaseInfo = {
@@ -1084,7 +1108,7 @@ HWTEST_F(AccessTokenInfoManagerTest, SetRemoteHapTokenInfo001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, ClearUserGrantedPermissionState001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, ClearUserGrantedPermissionState001, TestSize.Level0)
 {
     AccessTokenID tokenId = 123; // 123 is random input
 
@@ -1103,7 +1127,7 @@ HWTEST_F(AccessTokenInfoManagerTest, ClearUserGrantedPermissionState001, TestSiz
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, NotifyTokenSyncTask001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, NotifyTokenSyncTask001, TestSize.Level0)
 {
     std::vector<AccessTokenID> modifiedTokenList = TokenModifyNotifier::GetInstance().modifiedTokenList_; // backup
     TokenModifyNotifier::GetInstance().modifiedTokenList_.clear();
@@ -1117,15 +1141,24 @@ HWTEST_F(AccessTokenInfoManagerTest, NotifyTokenSyncTask001, TestSize.Level1)
     TokenModifyNotifier::GetInstance().modifiedTokenList_ = modifiedTokenList; // recovery
 }
 
+void setPermission()
+{
+    setuid(0);
+    if (tokenSyncId_ == 0) {
+        tokenSyncId_ = AccessTokenInfoManager::GetInstance().GetNativeTokenId("token_sync_service");
+    }
+    SetSelfTokenID(tokenSyncId_);
+}
+
 /**
  * @tc.name: RegisterTokenSyncCallback001
  * @tc.desc: TokenModifyNotifier::RegisterTokenSyncCallback function test
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, RegisterTokenSyncCallback001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, RegisterTokenSyncCallback001, TestSize.Level0)
 {
-    setuid(3020);
+    setPermission();
     sptr<TokenSyncCallbackMock> callback = new (std::nothrow) TokenSyncCallbackMock();
     ASSERT_NE(nullptr, callback);
     EXPECT_EQ(RET_SUCCESS,
@@ -1133,6 +1166,7 @@ HWTEST_F(AccessTokenInfoManagerTest, RegisterTokenSyncCallback001, TestSize.Leve
     EXPECT_NE(nullptr, TokenModifyNotifier::GetInstance().tokenSyncCallbackObject_);
     EXPECT_NE(nullptr, TokenModifyNotifier::GetInstance().tokenSyncCallbackDeathRecipient_);
     
+    setuid(3020);
     EXPECT_CALL(*callback, GetRemoteHapTokenInfo(testing::_, testing::_)).WillOnce(testing::Return(FAKE_SYNC_RET));
     EXPECT_EQ(FAKE_SYNC_RET, TokenModifyNotifier::GetInstance().tokenSyncCallbackObject_->GetRemoteHapTokenInfo("", 0));
     
@@ -1143,6 +1177,7 @@ HWTEST_F(AccessTokenInfoManagerTest, RegisterTokenSyncCallback001, TestSize.Leve
     EXPECT_CALL(*callback, UpdateRemoteHapTokenInfo(testing::_)).WillOnce(testing::Return(FAKE_SYNC_RET));
     EXPECT_EQ(FAKE_SYNC_RET,
         TokenModifyNotifier::GetInstance().tokenSyncCallbackObject_->UpdateRemoteHapTokenInfo(tokenInfo));
+    setPermission();
     EXPECT_EQ(RET_SUCCESS,
         atManagerService_->UnRegisterTokenSyncCallback());
     EXPECT_EQ(nullptr, TokenModifyNotifier::GetInstance().tokenSyncCallbackObject_);
@@ -1156,14 +1191,15 @@ HWTEST_F(AccessTokenInfoManagerTest, RegisterTokenSyncCallback001, TestSize.Leve
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, RegisterTokenSyncCallback002, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, RegisterTokenSyncCallback002, TestSize.Level0)
 {
-    setuid(3020);
+    setPermission();
     sptr<TokenSyncCallbackMock> callback = new (std::nothrow) TokenSyncCallbackMock();
     ASSERT_NE(nullptr, callback);
     EXPECT_EQ(RET_SUCCESS,
         atManagerService_->RegisterTokenSyncCallback(callback->AsObject()));
     EXPECT_NE(nullptr, TokenModifyNotifier::GetInstance().tokenSyncCallbackObject_);
+    setuid(3020);
     EXPECT_CALL(*callback, GetRemoteHapTokenInfo(testing::_, testing::_))
         .WillOnce(testing::Return(FAKE_SYNC_RET));
     EXPECT_EQ(FAKE_SYNC_RET, TokenModifyNotifier::GetInstance().GetRemoteHapTokenInfo("", 0));
@@ -1199,6 +1235,7 @@ HWTEST_F(AccessTokenInfoManagerTest, RegisterTokenSyncCallback002, TestSize.Leve
 
     TokenModifyNotifier::GetInstance().modifiedTokenList_ = modifiedTokenList; // recovery
     TokenModifyNotifier::GetInstance().deleteTokenList_ = deleteTokenList;
+    setPermission();
     EXPECT_EQ(RET_SUCCESS,
         atManagerService_->UnRegisterTokenSyncCallback());
     setuid(0);
@@ -1210,12 +1247,13 @@ HWTEST_F(AccessTokenInfoManagerTest, RegisterTokenSyncCallback002, TestSize.Leve
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, GetRemoteHapTokenInfo001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, GetRemoteHapTokenInfo001, TestSize.Level0)
 {
-    setuid(3020);
+    setPermission();
     sptr<TokenSyncCallbackMock> callback = new (std::nothrow) TokenSyncCallbackMock();
     ASSERT_NE(nullptr, callback);
     EXPECT_EQ(RET_SUCCESS, atManagerService_->RegisterTokenSyncCallback(callback->AsObject()));
+    setuid(3020);
     EXPECT_CALL(*callback, GetRemoteHapTokenInfo(testing::_, testing::_))
         .WillOnce(testing::Return(FAKE_SYNC_RET));
     EXPECT_EQ(FAKE_SYNC_RET, TokenModifyNotifier::GetInstance()
@@ -1225,6 +1263,7 @@ HWTEST_F(AccessTokenInfoManagerTest, GetRemoteHapTokenInfo001, TestSize.Level1)
         .WillOnce(testing::Return(TOKEN_SYNC_OPENSOURCE_DEVICE));
     EXPECT_EQ(TOKEN_SYNC_IPC_ERROR, TokenModifyNotifier::GetInstance()
         .GetRemoteHapTokenInfo("invalid_id", 0)); // this is a test input
+    setPermission();
     EXPECT_EQ(RET_SUCCESS,
         atManagerService_->UnRegisterTokenSyncCallback());
     setuid(0);
@@ -1236,7 +1275,7 @@ HWTEST_F(AccessTokenInfoManagerTest, GetRemoteHapTokenInfo001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, UpdateRemoteHapTokenInfo001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, UpdateRemoteHapTokenInfo001, TestSize.Level0)
 {
     AccessTokenID mapID = 0;
     HapTokenInfoForSync hapSync;
@@ -1261,7 +1300,7 @@ HWTEST_F(AccessTokenInfoManagerTest, UpdateRemoteHapTokenInfo001, TestSize.Level
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, CreateRemoteHapTokenInfo001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, CreateRemoteHapTokenInfo001, TestSize.Level0)
 {
     AccessTokenID mapID = 123; // 123 is random input
     HapTokenInfoForSync hapSync;
@@ -1282,7 +1321,7 @@ HWTEST_F(AccessTokenInfoManagerTest, CreateRemoteHapTokenInfo001, TestSize.Level
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, DeleteRemoteToken002, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, DeleteRemoteToken002, TestSize.Level0)
 {
     std::string deviceID = "dev-001";
     AccessTokenID tokenID = 123; // 123 is random input
@@ -1319,7 +1358,7 @@ HWTEST_F(AccessTokenInfoManagerTest, DeleteRemoteToken002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, AllocLocalTokenID001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, AllocLocalTokenID001, TestSize.Level0)
 {
     std::string remoteDeviceID;
     AccessTokenID remoteTokenID = 0;
@@ -1355,7 +1394,7 @@ HWTEST_F(AccessTokenInfoManagerTest, AllocLocalTokenID001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI4V02P
  */
-HWTEST_F(AccessTokenInfoManagerTest, Dump001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, Dump001, TestSize.Level0)
 {
     int fd = -1;
     std::vector<std::u16string> args;
@@ -1401,7 +1440,7 @@ HWTEST_F(AccessTokenInfoManagerTest, Dump001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI4V02P
  */
-HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo001, TestSize.Level0)
 {
     std::string dumpInfo;
     AtmToolsParamInfo info;
@@ -1421,7 +1460,7 @@ HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI4V02P
  */
-HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo002, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo002, TestSize.Level0)
 {
     AccessTokenIDEx tokenIdEx = {0};
     AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_infoManagerTestInfoParms,
@@ -1449,7 +1488,7 @@ HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI4V02P
  */
-HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo003, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo003, TestSize.Level0)
 {
     std::string dumpInfo;
     AtmToolsParamInfo info;
@@ -1464,7 +1503,7 @@ HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI4V02P
  */
-HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo004, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo004, TestSize.Level0)
 {
     std::string dumpInfo;
     AtmToolsParamInfo info;
@@ -1479,7 +1518,7 @@ HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo004, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI4V02P
  */
-HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo006, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo006, TestSize.Level0)
 {
     std::string dumpInfo;
     AtmToolsParamInfo info;
@@ -1494,7 +1533,7 @@ HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo006, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI4V02P
  */
-HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo007, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo007, TestSize.Level0)
 {
     AccessTokenIDEx tokenIdEx = {0};
     AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_infoManagerTestInfoParms,
@@ -1522,10 +1561,14 @@ HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo007, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, AccessTokenInfoManager001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, AccessTokenInfoManager001, TestSize.Level0)
 {
     AccessTokenInfoManager::GetInstance().hasInited_ = true;
-    AccessTokenInfoManager::GetInstance().Init();
+    uint32_t hapSize = 0;
+    uint32_t nativeSize = 0;
+    uint32_t pefDefSize = 0;
+    uint32_t dlpSize = 0;
+    AccessTokenInfoManager::GetInstance().Init(hapSize, nativeSize, pefDefSize, dlpSize);
     AccessTokenInfoManager::GetInstance().hasInited_ = false;
     ASSERT_EQ(false, AccessTokenInfoManager::GetInstance().hasInited_);
 }
@@ -1536,7 +1579,7 @@ HWTEST_F(AccessTokenInfoManagerTest, AccessTokenInfoManager001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, GetHapUniqueStr001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, GetHapUniqueStr001, TestSize.Level0)
 {
     std::shared_ptr<HapTokenInfoInner> info = nullptr;
     ASSERT_EQ("", AccessTokenInfoManager::GetInstance().GetHapUniqueStr(info));
@@ -1548,10 +1591,11 @@ HWTEST_F(AccessTokenInfoManagerTest, GetHapUniqueStr001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, AddHapTokenInfo001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, AddHapTokenInfo001, TestSize.Level0)
 {
     std::shared_ptr<HapTokenInfoInner> info = nullptr;
-    ASSERT_NE(0, AccessTokenInfoManager::GetInstance().AddHapTokenInfo(info));
+    AccessTokenID oriTokenId = 0;
+    ASSERT_NE(0, AccessTokenInfoManager::GetInstance().AddHapTokenInfo(info, oriTokenId));
 }
 
 /**
@@ -1560,7 +1604,7 @@ HWTEST_F(AccessTokenInfoManagerTest, AddHapTokenInfo001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, AddHapTokenInfo002, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, AddHapTokenInfo002, TestSize.Level0)
 {
     HapInfoParams info = {
         .userID = USER_ID,
@@ -1578,7 +1622,8 @@ HWTEST_F(AccessTokenInfoManagerTest, AddHapTokenInfo002, TestSize.Level1)
     ASSERT_NE(static_cast<AccessTokenID>(0), tokenId);
 
     std::shared_ptr<HapTokenInfoInner> infoPtr = AccessTokenInfoManager::GetInstance().GetHapTokenInfoInner(tokenId);
-    ASSERT_NE(0, AccessTokenInfoManager::GetInstance().AddHapTokenInfo(infoPtr));
+    AccessTokenID oriTokenId = 0;
+    ASSERT_NE(0, AccessTokenInfoManager::GetInstance().AddHapTokenInfo(infoPtr, oriTokenId));
 
     ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenId));
 }
@@ -1589,7 +1634,7 @@ HWTEST_F(AccessTokenInfoManagerTest, AddHapTokenInfo002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI60F1M
  */
-HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenID002, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenID002, TestSize.Level0)
 {
     AccessTokenIDEx tokenIdEx = AccessTokenInfoManager::GetInstance().GetHapTokenID(
         USER_ID, "com.ohos.test", INST_INDEX);
@@ -1602,7 +1647,7 @@ HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenID002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, IsPermissionDefValid001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, IsPermissionDefValid001, TestSize.Level0)
 {
     PermissionDef permDef = {
         .permissionName = "ohos.permission.TEST",
@@ -1631,7 +1676,7 @@ HWTEST_F(AccessTokenInfoManagerTest, IsPermissionDefValid001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, IsPermissionStateValid001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, IsPermissionStateValid001, TestSize.Level0)
 {
     std::string permissionName;
     std::string deviceID = "dev-001";
@@ -1663,7 +1708,7 @@ HWTEST_F(AccessTokenInfoManagerTest, IsPermissionStateValid001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, FilterInvalidPermissionDef001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, FilterInvalidPermissionDef001, TestSize.Level0)
 {
     PermissionDef permDef = {
         .permissionName = "ohos.permission.TEST",
@@ -1695,7 +1740,7 @@ HWTEST_F(AccessTokenInfoManagerTest, FilterInvalidPermissionDef001, TestSize.Lev
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, QueryPermissionFlag001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, QueryPermissionFlag001, TestSize.Level0)
 {
     PermissionStatus perm = {
         .permissionName = "ohos.permission.TEST",
@@ -1721,7 +1766,7 @@ HWTEST_F(AccessTokenInfoManagerTest, QueryPermissionFlag001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, UpdatePermissionStatus001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, UpdatePermissionStatus001, TestSize.Level0)
 {
     PermissionStatus perm = {
         .permissionName = "ohos.permission.CAMERA",
@@ -1772,7 +1817,7 @@ HWTEST_F(AccessTokenInfoManagerTest, UpdatePermissionStatus001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, MapRemoteDeviceTokenToLocal001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, MapRemoteDeviceTokenToLocal001, TestSize.Level0)
 {
     std::map<std::string, AccessTokenRemoteDevice> remoteDeviceMap;
     remoteDeviceMap = AccessTokenRemoteTokenManager::GetInstance().remoteDeviceMap_; // backup
@@ -1814,7 +1859,7 @@ HWTEST_F(AccessTokenInfoManagerTest, MapRemoteDeviceTokenToLocal001, TestSize.Le
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, GetDeviceAllRemoteTokenID001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, GetDeviceAllRemoteTokenID001, TestSize.Level0)
 {
     std::string deviceID;
     std::vector<AccessTokenID> remoteIDs;
@@ -1830,7 +1875,7 @@ HWTEST_F(AccessTokenInfoManagerTest, GetDeviceAllRemoteTokenID001, TestSize.Leve
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, RemoveDeviceMappingTokenID001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, RemoveDeviceMappingTokenID001, TestSize.Level0)
 {
     std::map<std::string, AccessTokenRemoteDevice> remoteDeviceMap;
     remoteDeviceMap = AccessTokenRemoteTokenManager::GetInstance().remoteDeviceMap_; // backup
@@ -1859,7 +1904,7 @@ HWTEST_F(AccessTokenInfoManagerTest, RemoveDeviceMappingTokenID001, TestSize.Lev
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, AddHapTokenObservation001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, AddHapTokenObservation001, TestSize.Level0)
 {
     std::set<AccessTokenID> observationSet = TokenModifyNotifier::GetInstance().observationSet_; // backup
     TokenModifyNotifier::GetInstance().observationSet_.clear();
@@ -1883,7 +1928,7 @@ HWTEST_F(AccessTokenInfoManagerTest, AddHapTokenObservation001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, RestoreHapTokenInfo001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, RestoreHapTokenInfo001, TestSize.Level0)
 {
     std::shared_ptr<HapTokenInfoInner> hap = std::make_shared<HapTokenInfoInner>();
     ASSERT_NE(nullptr, hap);
@@ -1929,7 +1974,7 @@ HWTEST_F(AccessTokenInfoManagerTest, RestoreHapTokenInfo001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, RegisterTokenId001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, RegisterTokenId001, TestSize.Level0)
 {
     // 1477443583 is max abnormal butt tokenId which version is 2: 010 11 0 000000 11111111111111111111
     AccessTokenID tokenId = 1477443583;
@@ -1954,7 +1999,7 @@ HWTEST_F(AccessTokenInfoManagerTest, RegisterTokenId001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, ClearAllSecCompGrantedPerm001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, ClearAllSecCompGrantedPerm001, TestSize.Level0)
 {
     AccessTokenIDEx tokenIdEx = {0};
     int32_t ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(
@@ -1983,7 +2028,7 @@ HWTEST_F(AccessTokenInfoManagerTest, ClearAllSecCompGrantedPerm001, TestSize.Lev
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, SetPermDialogCap001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, SetPermDialogCap001, TestSize.Level0)
 {
     AccessTokenID tokenId = 123; // 123: invalid tokenid
     ASSERT_EQ(ERR_TOKENID_NOT_EXIST, AccessTokenInfoManager::GetInstance().SetPermDialogCap(tokenId, true));
@@ -1995,7 +2040,7 @@ HWTEST_F(AccessTokenInfoManagerTest, SetPermDialogCap001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, SetPermDialogCap002, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, SetPermDialogCap002, TestSize.Level0)
 {
     AccessTokenIDEx tokenIdEx = {0};
     int32_t ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(
@@ -2033,7 +2078,7 @@ HWTEST_F(AccessTokenInfoManagerTest, SetPermDialogCap002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, GetPermDialogCap001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, GetPermDialogCap001, TestSize.Level0)
 {
     // invalid token
     ASSERT_EQ(true, AccessTokenInfoManager::GetInstance().GetPermDialogCap(INVALID_TOKENID));
@@ -2066,7 +2111,7 @@ HWTEST_F(AccessTokenInfoManagerTest, GetPermDialogCap001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, AllocHapToken001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, AllocHapToken001, TestSize.Level0)
 {
     HapInfoParcel hapinfoParcel;
     hapinfoParcel.hapInfoParameter = {
@@ -2081,8 +2126,9 @@ HWTEST_F(AccessTokenInfoManagerTest, AllocHapToken001, TestSize.Level1)
     hapPolicyParcel.hapPolicy.apl = ATokenAplEnum::APL_NORMAL;
     hapPolicyParcel.hapPolicy.domain = "test.domain";
 
-    AccessTokenIDEx tokenIDEx = atManagerService_->AllocHapToken(hapinfoParcel, hapPolicyParcel);
-    ASSERT_EQ(INVALID_TOKENID, tokenIDEx.tokenIDEx);
+    uint64_t tokenIDEx;
+    atManagerService_->AllocHapToken(hapinfoParcel, hapPolicyParcel, tokenIDEx);
+    ASSERT_EQ(INVALID_TOKENID, tokenIDEx);
 }
 
 /**
@@ -2091,7 +2137,7 @@ HWTEST_F(AccessTokenInfoManagerTest, AllocHapToken001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, OnStart001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, OnStart001, TestSize.Level0)
 {
     ServiceRunningState state = atManagerService_->state_;
     atManagerService_->state_ = ServiceRunningState::STATE_RUNNING;
@@ -2106,7 +2152,7 @@ HWTEST_F(AccessTokenInfoManagerTest, OnStart001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, Dlopen001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, Dlopen001, TestSize.Level0)
 {
     LibraryLoader loader1("libnotexist.z.so"); // is a not exist path
     EXPECT_EQ(nullptr, loader1.handle_);
@@ -2123,7 +2169,7 @@ HWTEST_F(AccessTokenInfoManagerTest, Dlopen001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, Dlopen002, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, Dlopen002, TestSize.Level0)
 {
     LibraryLoader loader(TOKEN_SYNC_LIBPATH);
     TokenSyncKitInterface* tokenSyncKit = loader.GetObject<TokenSyncKitInterface>();
@@ -2132,41 +2178,13 @@ HWTEST_F(AccessTokenInfoManagerTest, Dlopen002, TestSize.Level1)
 }
 #endif
 
-/**
- * @tc.name: OnRemoteRequest001
- * @tc.desc: Test OnRemoteRequest
- * @tc.type: FUNC
- * @tc.require:
- */
-HWTEST_F(AccessTokenInfoManagerTest, OnRemoteRequest001, TestSize.Level1)
-{
-    uint32_t code = 0;
-    MessageParcel data;
-    MessageParcel reply;
-    MessageOption option;
-    data.WriteInterfaceToken(u"this is a test interface");
-    EXPECT_EQ(ERROR_IPC_REQUEST_FAIL, atManagerService_->OnRemoteRequest(code, data, reply, option));
-
-    std::map<uint32_t, AccessTokenManagerStub::RequestFuncType> oldMap = atManagerService_->requestFuncMap_;
-    atManagerService_->requestFuncMap_.clear();
-    atManagerService_->requestFuncMap_[1] = nullptr;
-
-    data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor());
-    EXPECT_NE(NO_ERROR, atManagerService_->OnRemoteRequest(code, data, reply, option));
-
-    data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor());
-    EXPECT_NE(NO_ERROR, atManagerService_->OnRemoteRequest(1, data, reply, option));
-
-    atManagerService_->requestFuncMap_ = oldMap;
-}
-
 /**
  * @tc.name: VerifyNativeAccessToken001
  * @tc.desc: AccessTokenInfoManagerTest::VerifyNativeAccessToken function test
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, VerifyNativeAccessToken001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, VerifyNativeAccessToken001, TestSize.Level0)
 {
     AccessTokenID tokenId = 0x280bc142; // 0x280bc142 is random input
     std::string permissionName = "ohos.permission.INVALID_AA";
@@ -2195,7 +2213,7 @@ HWTEST_F(AccessTokenInfoManagerTest, VerifyNativeAccessToken001, TestSize.Level1
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, VerifyAccessToken001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, VerifyAccessToken001, TestSize.Level0)
 {
     AccessTokenID tokenId = 0;
     std::string permissionName;
@@ -2217,7 +2235,7 @@ HWTEST_F(AccessTokenInfoManagerTest, VerifyAccessToken001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, GetAppId001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, GetAppId001, TestSize.Level0)
 {
     HapInfoParams info = {
         .userID = USER_ID,
@@ -2246,7 +2264,7 @@ HWTEST_F(AccessTokenInfoManagerTest, GetAppId001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, SetPermissionRequestToggleStatus001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, SetPermissionRequestToggleStatus001, TestSize.Level0)
 {
     int32_t userID = -1;
     uint32_t status = PermissionRequestToggleStatus::CLOSED;
@@ -2284,7 +2302,7 @@ HWTEST_F(AccessTokenInfoManagerTest, SetPermissionRequestToggleStatus001, TestSi
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, SetPermissionRequestToggleStatus002, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, SetPermissionRequestToggleStatus002, TestSize.Level0)
 {
     int32_t userID = 123;
     uint32_t status = PermissionRequestToggleStatus::CLOSED;
@@ -2305,7 +2323,7 @@ HWTEST_F(AccessTokenInfoManagerTest, SetPermissionRequestToggleStatus002, TestSi
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, GetPermissionRequestToggleStatus001, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, GetPermissionRequestToggleStatus001, TestSize.Level0)
 {
     int32_t userID = -1;
     uint32_t status;
@@ -2337,7 +2355,7 @@ HWTEST_F(AccessTokenInfoManagerTest, GetPermissionRequestToggleStatus001, TestSi
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(AccessTokenInfoManagerTest, GetPermissionRequestToggleStatus002, TestSize.Level1)
+HWTEST_F(AccessTokenInfoManagerTest, GetPermissionRequestToggleStatus002, TestSize.Level0)
 {
     int32_t userID = 123;
     uint32_t setStatusClose = PermissionRequestToggleStatus::CLOSED;
@@ -2367,4 +2385,4 @@ HWTEST_F(AccessTokenInfoManagerTest, GetPermissionRequestToggleStatus002, TestSi
 }
 } // namespace AccessToken
 } // namespace Security
-} // namespace OHOS
+} // namespace OHOS
\ No newline at end of file
diff --git a/services/accesstokenmanager/test/unittest/native_token_receptor_test.cpp b/services/accesstokenmanager/test/unittest/native_token_receptor_test.cpp
index 02ec98245437f0e681de3bb5ae728c6d9aa54301..35c2f4d320ef8d3dc6eab85beb902d18e69788b4 100644
--- a/services/accesstokenmanager/test/unittest/native_token_receptor_test.cpp
+++ b/services/accesstokenmanager/test/unittest/native_token_receptor_test.cpp
@@ -68,7 +68,7 @@ void NativeTokenReceptorTest::TearDown()
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(NativeTokenReceptorTest, ParserNativeRawData001, TestSize.Level1)
+HWTEST_F(NativeTokenReceptorTest, ParserNativeRawData001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "test ParserNativeRawData001!");
     std::string testStr = R"([)"\
@@ -95,7 +95,7 @@ HWTEST_F(NativeTokenReceptorTest, ParserNativeRawData001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(NativeTokenReceptorTest, ParserNativeRawData002, TestSize.Level1)
+HWTEST_F(NativeTokenReceptorTest, ParserNativeRawData002, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "test ParserNativeRawData002!");
     std::string testStr = R"([{"processName":""}])";
@@ -150,7 +150,7 @@ HWTEST_F(NativeTokenReceptorTest, ParserNativeRawData002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(NativeTokenReceptorTest, ParserNativeRawData002, TestSize.Level1)
+HWTEST_F(NativeTokenReceptorTest, ParserNativeRawData002, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "test ParserNativeRawData002!");
     std::string testStr = R"([)"\
@@ -171,7 +171,7 @@ HWTEST_F(NativeTokenReceptorTest, ParserNativeRawData002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(NativeTokenReceptorTest, GetnNativeTokenInfoFromJson002, TestSize.Level1)
+HWTEST_F(NativeTokenReceptorTest, GetnNativeTokenInfoFromJson002, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "test GetnNativeTokenInfoFromJson002!");
     // version wrong
@@ -236,7 +236,7 @@ HWTEST_F(NativeTokenReceptorTest, GetnNativeTokenInfoFromJson002, TestSize.Level
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(NativeTokenReceptorTest, init001, TestSize.Level1)
+HWTEST_F(NativeTokenReceptorTest, init001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "test init001!");
 
diff --git a/services/accesstokenmanager/test/unittest/permission_grant_event_test.cpp b/services/accesstokenmanager/test/unittest/permission_grant_event_test.cpp
index 57eb3e48ecd32108b7d2efd3268a8c3ccd802c07..ca3a40a7e32742cef39f765177734d5e6aefc245 100644
--- a/services/accesstokenmanager/test/unittest/permission_grant_event_test.cpp
+++ b/services/accesstokenmanager/test/unittest/permission_grant_event_test.cpp
@@ -42,7 +42,7 @@ void PermissionGrantEventTest::TearDown()
  * @tc.type: FUNC
  * @tc.require:issueI5OOPG
  */
-HWTEST_F(PermissionGrantEventTest, NotifyPermGrantStoreResult001, TestSize.Level1)
+HWTEST_F(PermissionGrantEventTest, NotifyPermGrantStoreResult001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "NotifyPermGrantStoreResult001!");
     AccessTokenID tokenID = 0x100000;
@@ -64,7 +64,7 @@ HWTEST_F(PermissionGrantEventTest, NotifyPermGrantStoreResult001, TestSize.Level
  * @tc.type: FUNC
  * @tc.require:issueI5OOPG
  */
-HWTEST_F(PermissionGrantEventTest, NotifyPermGrantStoreResult002, TestSize.Level1)
+HWTEST_F(PermissionGrantEventTest, NotifyPermGrantStoreResult002, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "NotifyPermGrantStoreResult002!");
     AccessTokenID tokenID = 0x100000;
@@ -86,7 +86,7 @@ HWTEST_F(PermissionGrantEventTest, NotifyPermGrantStoreResult002, TestSize.Level
  * @tc.type: FUNC
  * @tc.require:issueI5OOPG
  */
-HWTEST_F(PermissionGrantEventTest, NotifyPermGrantStoreResult003, TestSize.Level1)
+HWTEST_F(PermissionGrantEventTest, NotifyPermGrantStoreResult003, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "NotifyPermGrantStoreResult003!");
     AccessTokenID tokenID = 0x100000;
diff --git a/services/accesstokenmanager/test/unittest/permission_manager_test.cpp b/services/accesstokenmanager/test/unittest/permission_manager_test.cpp
index 8e63c6dfa739f6545408592f85134f8db5368101..ae6e54427222e0ec0cc3a1cdea1f822a84fbb2fa 100644
--- a/services/accesstokenmanager/test/unittest/permission_manager_test.cpp
+++ b/services/accesstokenmanager/test/unittest/permission_manager_test.cpp
@@ -276,7 +276,7 @@ static AccessTokenID CreateTempHapTokenInfo()
  * @tc.type: FUNC
  * @tc.require: issueI4V02P
  */
-HWTEST_F(PermissionManagerTest, ScopeFilter001, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, ScopeFilter001, TestSize.Level0)
 {
     AccessTokenIDEx tokenIdEx = {0};
     AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_infoManagerTestInfoParms,
@@ -337,7 +337,7 @@ HWTEST_F(PermissionManagerTest, ScopeFilter001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI4V02P
  */
-HWTEST_F(PermissionManagerTest, AddPermStateChangeCallback001, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, AddPermStateChangeCallback001, TestSize.Level0)
 {
     PermStateChangeScope inScopeInfo;
     inScopeInfo.tokenIDs = {123};
@@ -376,7 +376,7 @@ bool PermChangeCallback::AddDeathRecipient(const sptr<IRemoteObject::DeathRecipi
  * @tc.type: FUNC
  * @tc.require: issueI4V02P
  */
-HWTEST_F(PermissionManagerTest, AddPermStateChangeCallback002, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, AddPermStateChangeCallback002, TestSize.Level0)
 {
     PermStateChangeScope inScopeInfo;
     inScopeInfo.tokenIDs = {};
@@ -408,7 +408,7 @@ HWTEST_F(PermissionManagerTest, AddPermStateChangeCallback002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5SSXG
  */
-HWTEST_F(PermissionManagerTest, GrantPermission001, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, GrantPermission001, TestSize.Level0)
 {
     int32_t ret;
     AccessTokenID tokenID = 0;
@@ -427,7 +427,7 @@ HWTEST_F(PermissionManagerTest, GrantPermission001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5SSXG
  */
-HWTEST_F(PermissionManagerTest, RevokePermission001, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, RevokePermission001, TestSize.Level0)
 {
     int32_t ret;
     AccessTokenID tokenID = 0;
@@ -446,7 +446,7 @@ HWTEST_F(PermissionManagerTest, RevokePermission001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionManagerTest, GetReqPermissions001, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, GetReqPermissions001, TestSize.Level0)
 {
     std::vector<PermissionStatus> result;
 
@@ -461,7 +461,7 @@ HWTEST_F(PermissionManagerTest, GetReqPermissions001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionManagerTest, GetReqPermissions002, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, GetReqPermissions002, TestSize.Level0)
 {
     AccessTokenIDEx tokenIdEx = {0};
     int32_t ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_infoManagerTestInfoParms,
@@ -483,7 +483,7 @@ HWTEST_F(PermissionManagerTest, GetReqPermissions002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionManagerTest, GetSelfPermissionState001, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, GetSelfPermissionState001, TestSize.Level0)
 {
     std::vector<PermissionStatus> permsList1;
     permsList1.emplace_back(g_permState1);
@@ -511,7 +511,7 @@ HWTEST_F(PermissionManagerTest, GetSelfPermissionState001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionManagerTest, GetSelfPermissionState002, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, GetSelfPermissionState002, TestSize.Level0)
 {
     std::vector<PermissionStatus> permsList1;
     permsList1.emplace_back(g_permState6);
@@ -557,7 +557,7 @@ HWTEST_F(PermissionManagerTest, GetSelfPermissionState002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionManagerTest, GetSelfPermissionState003, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, GetSelfPermissionState003, TestSize.Level0)
 {
     std::vector<PermissionStatus> permsList1;
     permsList1.emplace_back(g_permState2);
@@ -580,7 +580,7 @@ HWTEST_F(PermissionManagerTest, GetSelfPermissionState003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionManagerTest, GetPermissionFlag001, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, GetPermissionFlag001, TestSize.Level0)
 {
     AccessTokenID tokenID = 123; // 123 is random input
     std::string permissionName;
@@ -607,7 +607,7 @@ HWTEST_F(PermissionManagerTest, GetPermissionFlag001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionManagerTest, GetPermissionFlag002, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, GetPermissionFlag002, TestSize.Level0)
 {
     HapInfoParams infoParms = {
         .userID = 1,
@@ -647,7 +647,7 @@ HWTEST_F(PermissionManagerTest, GetPermissionFlag002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionManagerTest, UpdateTokenPermissionState002, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, UpdateTokenPermissionState002, TestSize.Level0)
 {
     AccessTokenID tokenId = 123; // random input
     std::string permissionName = "ohos.permission.DUMP";
@@ -692,7 +692,7 @@ HWTEST_F(PermissionManagerTest, UpdateTokenPermissionState002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionManagerTest, UpdateTokenPermissionState003, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, UpdateTokenPermissionState003, TestSize.Level0)
 {
     std::string permissionName = "ohos.permission.DUMP";
     uint32_t flag = 0;
@@ -739,7 +739,7 @@ HWTEST_F(PermissionManagerTest, UpdateTokenPermissionState003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionManagerTest, IsAllowGrantTempPermission001, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, IsAllowGrantTempPermission001, TestSize.Level0)
 {
     AccessTokenID tokenId = 123; // random input
     std::string permissionName = "";
@@ -753,7 +753,7 @@ HWTEST_F(PermissionManagerTest, IsAllowGrantTempPermission001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionManagerTest, IsPermissionVaild001, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, IsPermissionVaild001, TestSize.Level0)
 {
     std::string permissionName;
     // permissionName invalid
@@ -773,7 +773,7 @@ HWTEST_F(PermissionManagerTest, IsPermissionVaild001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionManagerTest, GetPermissionState001, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, GetPermissionState001, TestSize.Level0)
 {
     AccessTokenID tokenId = 123; // random input
     std::vector<PermissionStatus> permissionStateList;
@@ -810,7 +810,7 @@ HWTEST_F(PermissionManagerTest, GetPermissionState001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionManagerTest, GetApiVersionByTokenId001, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, GetApiVersionByTokenId001, TestSize.Level0)
 {
     AccessTokenID tokenId = 940572671; // 940572671 is max butt tokenId: 001 11 0 000000 11111111111111111111
     int32_t apiVersion = 0;
@@ -829,7 +829,7 @@ HWTEST_F(PermissionManagerTest, GetApiVersionByTokenId001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionManagerTest, VerifyHapAccessToken001, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, VerifyHapAccessToken001, TestSize.Level0)
 {
     AccessTokenID tokenId = 123; // 123 is random input
     std::string permissionName;
@@ -850,7 +850,7 @@ HWTEST_F(PermissionManagerTest, VerifyHapAccessToken001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionManagerTest, GrantTempPermission001, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, GrantTempPermission001, TestSize.Level0)
 {
     accessTokenService_->state_ = ServiceRunningState::STATE_RUNNING;
     accessTokenService_->Initialize();
@@ -887,7 +887,7 @@ HWTEST_F(PermissionManagerTest, GrantTempPermission001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionManagerTest, GrantTempPermission002, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, GrantTempPermission002, TestSize.Level0)
 {
     accessTokenService_->state_ = ServiceRunningState::STATE_RUNNING;
     accessTokenService_->Initialize();
@@ -921,7 +921,7 @@ HWTEST_F(PermissionManagerTest, GrantTempPermission002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionManagerTest, GrantTempPermission003, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, GrantTempPermission003, TestSize.Level0)
 {
     accessTokenService_->state_ = ServiceRunningState::STATE_RUNNING;
     accessTokenService_->Initialize();
@@ -961,7 +961,7 @@ HWTEST_F(PermissionManagerTest, GrantTempPermission003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionManagerTest, GrantTempPermission004, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, GrantTempPermission004, TestSize.Level0)
 {
     accessTokenService_->state_ = ServiceRunningState::STATE_RUNNING;
     accessTokenService_->Initialize();
@@ -1001,7 +1001,7 @@ HWTEST_F(PermissionManagerTest, GrantTempPermission004, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionManagerTest, GrantTempPermission005, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, GrantTempPermission005, TestSize.Level0)
 {
     accessTokenService_->state_ = ServiceRunningState::STATE_RUNNING;
     accessTokenService_->Initialize();
@@ -1048,7 +1048,7 @@ HWTEST_F(PermissionManagerTest, GrantTempPermission005, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionManagerTest, GrantTempPermission006, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, GrantTempPermission006, TestSize.Level0)
 {
     accessTokenService_->state_ = ServiceRunningState::STATE_RUNNING;
     accessTokenService_->Initialize();
@@ -1085,7 +1085,7 @@ HWTEST_F(PermissionManagerTest, GrantTempPermission006, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionManagerTest, GrantTempPermission007, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, GrantTempPermission007, TestSize.Level0)
 {
     accessTokenService_->state_ = ServiceRunningState::STATE_RUNNING;
     accessTokenService_->Initialize();
@@ -1122,7 +1122,7 @@ HWTEST_F(PermissionManagerTest, GrantTempPermission007, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionManagerTest, GrantTempPermission008, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, GrantTempPermission008, TestSize.Level0)
 {
     accessTokenService_->state_ = ServiceRunningState::STATE_RUNNING;
     accessTokenService_->Initialize();
@@ -1161,7 +1161,7 @@ HWTEST_F(PermissionManagerTest, GrantTempPermission008, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionManagerTest, GrantTempPermission009, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, GrantTempPermission009, TestSize.Level0)
 {
     accessTokenService_->state_ = ServiceRunningState::STATE_RUNNING;
     accessTokenService_->Initialize();
@@ -1207,7 +1207,7 @@ HWTEST_F(PermissionManagerTest, GrantTempPermission009, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionManagerTest, GrantTempPermission010, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, GrantTempPermission010, TestSize.Level0)
 {
     accessTokenService_->state_ = ServiceRunningState::STATE_RUNNING;
     accessTokenService_->Initialize();
@@ -1258,7 +1258,7 @@ HWTEST_F(PermissionManagerTest, GrantTempPermission010, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionManagerTest, GrantTempPermission011, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, GrantTempPermission011, TestSize.Level0)
 {
     accessTokenService_->state_ = ServiceRunningState::STATE_RUNNING;
     accessTokenService_->Initialize();
@@ -1306,7 +1306,7 @@ HWTEST_F(PermissionManagerTest, GrantTempPermission011, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionManagerTest, GrantTempPermission012, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, GrantTempPermission012, TestSize.Level0)
 {
     accessTokenService_->state_ = ServiceRunningState::STATE_RUNNING;
     accessTokenService_->Initialize();
@@ -1362,7 +1362,7 @@ HWTEST_F(PermissionManagerTest, GrantTempPermission012, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionManagerTest, GrantTempPermission013, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, GrantTempPermission013, TestSize.Level0)
 {
     accessTokenService_->state_ = ServiceRunningState::STATE_RUNNING;
     accessTokenService_->Initialize();
@@ -1415,7 +1415,7 @@ HWTEST_F(PermissionManagerTest, GrantTempPermission013, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionManagerTest, GrantTempPermission014, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, GrantTempPermission014, TestSize.Level0)
 {
     accessTokenService_->state_ = ServiceRunningState::STATE_RUNNING;
     accessTokenService_->Initialize();
@@ -1464,7 +1464,7 @@ HWTEST_F(PermissionManagerTest, GrantTempPermission014, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionManagerTest, GrantTempPermission015, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, GrantTempPermission015, TestSize.Level0)
 {
     accessTokenService_->state_ = ServiceRunningState::STATE_RUNNING;
     accessTokenService_->Initialize();
@@ -1491,7 +1491,7 @@ HWTEST_F(PermissionManagerTest, GrantTempPermission015, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionManagerTest, GrantTempPermission016, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, GrantTempPermission016, TestSize.Level0)
 {
     accessTokenService_->state_ = ServiceRunningState::STATE_RUNNING;
     accessTokenService_->Initialize();
@@ -1516,7 +1516,7 @@ HWTEST_F(PermissionManagerTest, GrantTempPermission016, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionManagerTest, GrantTempPermission017, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, GrantTempPermission017, TestSize.Level0)
 {
     accessTokenService_->state_ = ServiceRunningState::STATE_RUNNING;
     accessTokenService_->Initialize();
@@ -1536,7 +1536,7 @@ HWTEST_F(PermissionManagerTest, GrantTempPermission017, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionManagerTest, GrantTempPermission018, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, GrantTempPermission018, TestSize.Level0)
 {
     accessTokenService_->state_ = ServiceRunningState::STATE_RUNNING;
     accessTokenService_->Initialize();
@@ -1580,7 +1580,7 @@ HWTEST_F(PermissionManagerTest, GrantTempPermission018, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionManagerTest, GrantTempPermission019, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, GrantTempPermission019, TestSize.Level0)
 {
     accessTokenService_->state_ = ServiceRunningState::STATE_RUNNING;
     accessTokenService_->Initialize();
@@ -1618,7 +1618,7 @@ HWTEST_F(PermissionManagerTest, GrantTempPermission019, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionManagerTest, GrantTempPermission020, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, GrantTempPermission020, TestSize.Level0)
 {
     accessTokenService_->state_ = ServiceRunningState::STATE_RUNNING;
     accessTokenService_->Initialize();
@@ -1638,7 +1638,7 @@ HWTEST_F(PermissionManagerTest, GrantTempPermission020, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionManagerTest, PermissionCallbackTest001, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, PermissionCallbackTest001, TestSize.Level0)
 {
     PermStateChangeScope scope;
     EXPECT_EQ(AccessTokenError::ERR_PARAM_INVALID, CallbackManager::GetInstance().AddCallback(scope, nullptr));
@@ -1651,7 +1651,7 @@ HWTEST_F(PermissionManagerTest, PermissionCallbackTest001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionManagerTest, ContinuousTaskCallbackInfoParcel001, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, ContinuousTaskCallbackInfoParcel001, TestSize.Level0)
 {
     ContinuousTaskCallbackInfo info;
     Parcel parcel;
diff --git a/services/accesstokenmanager/test/unittest/sec_comp_monitor_test.cpp b/services/accesstokenmanager/test/unittest/sec_comp_monitor_test.cpp
new file mode 100644
index 0000000000000000000000000000000000000000..79f75db14442c450605f58dd9297445c9de6414f
--- /dev/null
+++ b/services/accesstokenmanager/test/unittest/sec_comp_monitor_test.cpp
@@ -0,0 +1,86 @@
+/*
+ * Copyright (c) 2025 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "sec_comp_monitor_test.h"
+
+using namespace testing::ext;
+using namespace OHOS;
+
+namespace OHOS {
+namespace Security {
+namespace AccessToken {
+namespace {
+constexpr int32_t APP_STATE_CACHED = 100;
+}
+
+void SecCompMonitorTest::SetUpTestCase()
+{
+}
+
+void SecCompMonitorTest::TearDownTestCase()
+{
+    sleep(3); // delay 3 minutes
+}
+
+void SecCompMonitorTest::SetUp()
+{
+    if (appStateObserver_ != nullptr) {
+        return;
+    }
+    appStateObserver_ = std::make_shared<SecCompUsageObserver>();
+}
+
+void SecCompMonitorTest::TearDown()
+{
+    appStateObserver_ = nullptr;
+}
+
+/**
+ * @tc.name: ProcessFromForegroundList001
+ * @tc.desc: Monitor foreground list for process after process state changed
+ * @tc.type: FUNC
+ * @tc.require:
+ */
+HWTEST_F(SecCompMonitorTest, ProcessFromForegroundList001, TestSize.Level0)
+{
+    EXPECT_EQ(true, SecCompMonitor::GetInstance().IsToastShownNeeded(10));
+    EXPECT_EQ(false, SecCompMonitor::GetInstance().IsToastShownNeeded(10));
+    ASSERT_NE(nullptr, appStateObserver_);
+    EXPECT_EQ(1, SecCompMonitor::GetInstance().appsInForeground_.size());
+    ProcessData processData;
+    processData.state = AppProcessState::APP_STATE_BACKGROUND;
+    processData.pid = 10;
+    // change to background
+    appStateObserver_->OnProcessStateChanged(processData);
+    EXPECT_EQ(0, SecCompMonitor::GetInstance().appsInForeground_.size());
+
+    EXPECT_EQ(true, SecCompMonitor::GetInstance().IsToastShownNeeded(10));
+    EXPECT_EQ(1, SecCompMonitor::GetInstance().appsInForeground_.size());
+    // change to die
+    appStateObserver_->OnProcessDied(processData);
+    EXPECT_EQ(0, SecCompMonitor::GetInstance().appsInForeground_.size());
+
+    EXPECT_EQ(true, SecCompMonitor::GetInstance().IsToastShownNeeded(10));
+    EXPECT_EQ(1, SecCompMonitor::GetInstance().appsInForeground_.size());
+    AppStateData appStateData;
+    appStateData.state = APP_STATE_CACHED;
+    appStateData.pid = 10;
+    // change to background
+    appStateObserver_->OnAppCacheStateChanged(appStateData);
+    EXPECT_EQ(0, SecCompMonitor::GetInstance().appsInForeground_.size());
+}
+} // namespace AccessToken
+} // namespace Security
+} // namespace OHOS
diff --git a/services/privacymanager/include/record/permission_record_config.h b/services/accesstokenmanager/test/unittest/sec_comp_monitor_test.h
similarity index 60%
rename from services/privacymanager/include/record/permission_record_config.h
rename to services/accesstokenmanager/test/unittest/sec_comp_monitor_test.h
index c0b82481ac734ad887d77f5e7f54c79be78d1836..11bd071dd03a2f8cb194ed06e8a334d006cc9ecc 100644
--- a/services/privacymanager/include/record/permission_record_config.h
+++ b/services/accesstokenmanager/test/unittest/sec_comp_monitor_test.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023 Huawei Device Co., Ltd.
+ * Copyright (c) 2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -13,23 +13,31 @@
  * limitations under the License.
  */
 
-#ifndef INTERFACES_INNER_KITS_ACCESSTOKEN_PERMISSION_RECORD_CONFIG_H
-#define INTERFACES_INNER_KITS_ACCESSTOKEN_PERMISSION_RECORD_CONFIG_H
+#ifndef SEC_COMP_MONITOR_TEST_H
+#define SEC_COMP_MONITOR_TEST_H
 
-#include <string>
+#include <gtest/gtest.h>
+
+#define private public
+#include "sec_comp_monitor.h"
+#undef private
 
 namespace OHOS {
 namespace Security {
 namespace AccessToken {
-class PermissionRecordConfig final {
+class SecCompMonitorTest : public testing::Test {
 public:
-    int32_t sizeMaxImum;
-    int32_t agingTime;
-    std::string globalDialogBundleName;
-    std::string globalDialogAbilityName;
+    static void SetUpTestCase();
+
+    static void TearDownTestCase();
+
+    void SetUp();
+
+    void TearDown();
+
+    std::shared_ptr<SecCompUsageObserver> appStateObserver_ = nullptr;
 };
 } // namespace AccessToken
 } // namespace Security
 } // namespace OHOS
-
-#endif // INTERFACES_INNER_KITS_ACCESSTOKEN_PERMISSION_RECORD_CONFIG_H
+#endif // SEC_COMP_MONITOR_TEST_H
diff --git a/services/accesstokenmanager/test/unittest/short_grant_manager_test.cpp b/services/accesstokenmanager/test/unittest/short_grant_manager_test.cpp
index 3c79b55d3164f9558d2edfd28959feed64d1bd78..de3d9c715455b23b0d7c3e384b217f4a5c2a4c7f 100644
--- a/services/accesstokenmanager/test/unittest/short_grant_manager_test.cpp
+++ b/services/accesstokenmanager/test/unittest/short_grant_manager_test.cpp
@@ -78,7 +78,7 @@ void ShortGrantManagerTest::TearDown()
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(ShortGrantManagerTest, RefreshPermission001, TestSize.Level1)
+HWTEST_F(ShortGrantManagerTest, RefreshPermission001, TestSize.Level0)
 {
     AccessTokenIDEx tokenIdEx = {0};
     int32_t ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_infoParms, g_policyParams, tokenIdEx);
@@ -109,7 +109,7 @@ HWTEST_F(ShortGrantManagerTest, RefreshPermission001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(ShortGrantManagerTest, RefreshPermission002, TestSize.Level1)
+HWTEST_F(ShortGrantManagerTest, RefreshPermission002, TestSize.Level0)
 {
     const uint32_t maxTime = 10; // 10s
     ShortGrantManager::GetInstance().maxTime_ = maxTime;
@@ -150,7 +150,7 @@ HWTEST_F(ShortGrantManagerTest, RefreshPermission002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(ShortGrantManagerTest, RefreshPermission003, TestSize.Level1)
+HWTEST_F(ShortGrantManagerTest, RefreshPermission003, TestSize.Level0)
 {
     const uint32_t maxTime = 10; // 10s
     ShortGrantManager::GetInstance().maxTime_ = maxTime;
@@ -208,7 +208,7 @@ HWTEST_F(ShortGrantManagerTest, RefreshPermission003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:Issue Number
  */
-HWTEST_F(ShortGrantManagerTest, RefreshPermission004, TestSize.Level1)
+HWTEST_F(ShortGrantManagerTest, RefreshPermission004, TestSize.Level0)
 {
     AccessTokenIDEx tokenIdEx = {0};
     int32_t ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_infoParms, g_policyParams, tokenIdEx);
@@ -224,20 +224,19 @@ HWTEST_F(ShortGrantManagerTest, RefreshPermission004, TestSize.Level1)
     ASSERT_EQ(PERMISSION_GRANTED,
         AccessTokenInfoManager::GetInstance().VerifyAccessToken(tokenID, SHORT_TEMP_PERMISSION));
 
-    if (appStateObserver_ != nullptr) {
-        return;
-    }
-    appStateObserver_ = sptr<ShortPermAppStateObserver>::MakeSptr();
-    AppStateData appStateData;
-    appStateData.state = static_cast<int32_t>(ApplicationState::APP_STATE_TERMINATED);
-    appStateData.accessTokenId = tokenID;
-    appStateObserver_->OnAppStopped(appStateData);
+    if (appStateObserver_ == nullptr) {
+        appStateObserver_ = sptr<ShortPermAppStateObserver>::MakeSptr();
+        AppStateData appStateData;
+        appStateData.state = static_cast<int32_t>(ApplicationState::APP_STATE_TERMINATED);
+        appStateData.accessTokenId = tokenID;
+        appStateObserver_->OnAppStopped(appStateData);
 
-    EXPECT_EQ(PERMISSION_DENIED,
-        AccessTokenInfoManager::GetInstance().VerifyAccessToken(tokenID, SHORT_TEMP_PERMISSION));
+        EXPECT_EQ(PERMISSION_DENIED,
+            AccessTokenInfoManager::GetInstance().VerifyAccessToken(tokenID, SHORT_TEMP_PERMISSION));
 
-    ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenID);
-    ASSERT_EQ(RET_SUCCESS, ret);
+        ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenID);
+        ASSERT_EQ(RET_SUCCESS, ret);
+    }
 }
 } // namespace AccessToken
 } // namespace Security
diff --git a/services/common/app_manager/include/app_state_data.h b/services/common/app_manager/include/app_state_data.h
index e8d3523304ed93f3df05ffa3b745fc8b32ac0f3e..2f65d2ac038163f8afc8223edc5630bba4857129 100644
--- a/services/common/app_manager/include/app_state_data.h
+++ b/services/common/app_manager/include/app_state_data.h
@@ -41,6 +41,7 @@ struct AppStateData : public Parcelable {
     std::string bundleName;
     int32_t pid = -1;
     int32_t uid = 0;
+    int32_t callerUid = -1;
     int32_t state = 0;
     uint32_t accessTokenId = 0;
     bool isFocused = false;
diff --git a/services/common/app_manager/src/app_state_data.cpp b/services/common/app_manager/src/app_state_data.cpp
index 48d3bd556460bf0756d2d46182bbec72f8a0c9f5..6763062ff633c7254fdc584425dee3bfd798ab43 100644
--- a/services/common/app_manager/src/app_state_data.cpp
+++ b/services/common/app_manager/src/app_state_data.cpp
@@ -23,7 +23,7 @@ bool AppStateData::Marshalling(Parcel &parcel) const
     return (parcel.WriteString(bundleName) && parcel.WriteInt32(uid) && parcel.WriteInt32(state)
         && parcel.WriteInt32(pid) && parcel.WriteUint32(accessTokenId) && parcel.WriteBool(isFocused)
         && parcel.WriteInt32(extensionType) && parcel.WriteInt32Vector(renderPids)
-        && parcel.WriteString(callerBundleName) && parcel.WriteBool(isSplitScreenMode)
+        && parcel.WriteString(callerBundleName) && parcel.WriteBool(isSplitScreenMode) && parcel.WriteInt32(callerUid)
         && parcel.WriteBool(isFloatingWindowMode) && parcel.WriteInt32(appIndex) && parcel.WriteBool(isPreloadModule));
 }
 
@@ -43,6 +43,7 @@ AppStateData *AppStateData::Unmarshalling(Parcel &parcel)
     parcel.ReadInt32Vector(&appStateData->renderPids);
     appStateData->callerBundleName = parcel.ReadString();
     appStateData->isSplitScreenMode = parcel.ReadBool();
+    appStateData->callerUid = parcel.ReadInt32();
     appStateData->isFloatingWindowMode = parcel.ReadBool();
     appStateData->appIndex = parcel.ReadInt32();
     appStateData->isPreloadModule = parcel.ReadBool();
diff --git a/services/common/background_task_manager/include/background_task_manager_access_proxy.h b/services/common/background_task_manager/include/background_task_manager_access_proxy.h
index b56028f5fed2ff4f02195d2136f5a069c1190c24..58a892fda45ad30f49fb0bfd2ab9a0ff3832e687 100644
--- a/services/common/background_task_manager/include/background_task_manager_access_proxy.h
+++ b/services/common/background_task_manager/include/background_task_manager_access_proxy.h
@@ -25,7 +25,7 @@ namespace Security {
 namespace AccessToken {
 class IBackgroundTaskSubscriber : public IRemoteBroker {
 public:
-    DECLARE_INTERFACE_DESCRIPTOR(u"ohos.resourceschedule.IBackgroundTaskSubscriber");
+    DECLARE_INTERFACE_DESCRIPTOR(u"OHOS.BackgroundTaskMgr.IBackgroundTaskSubscriber");
 
     virtual void OnContinuousTaskStart(
         const std::shared_ptr<ContinuousTaskCallbackInfo> &continuousTaskCallbackInfo) = 0;
diff --git a/services/common/database/test/BUILD.gn b/services/common/database/test/BUILD.gn
index 0984317f17cc1b4c71133f9030d6e9d196b501a1..97ec48ce56dc93096295c3bf0bb0661d84dabbfd 100644
--- a/services/common/database/test/BUILD.gn
+++ b/services/common/database/test/BUILD.gn
@@ -15,9 +15,8 @@ import("//build/test.gni")
 import("../../../../access_token.gni")
 
 ohos_unittest("libdatabase_test") {
-  subsystem_name = "security"
-  part_name = "access_token"
-  module_out_path = part_name + "/" + part_name
+  subsystem_name = "accesscontrol"
+  module_out_path = module_output_path_unittest_accesstoken
   sanitize = {
     cfi = true
     cfi_cross_dso = true
diff --git a/services/common/database/test/unittest/database_test.cpp b/services/common/database/test/unittest/database_test.cpp
index 99bd22516ba775a8a8818add18e54de9200cdfa5..24c75356ffa94d657a7fa4c0671a4e06e8c1fda7 100644
--- a/services/common/database/test/unittest/database_test.cpp
+++ b/services/common/database/test/unittest/database_test.cpp
@@ -58,7 +58,7 @@ void DatabaseTest::TearDown() {}
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(DatabaseTest, PutInt64001, TestSize.Level1)
+HWTEST_F(DatabaseTest, PutInt64001, TestSize.Level0)
 {
     GenericValues genericValues;
     std::string key = "databasetest";
@@ -77,7 +77,7 @@ HWTEST_F(DatabaseTest, PutInt64001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(DatabaseTest, PutVariant001, TestSize.Level1)
+HWTEST_F(DatabaseTest, PutVariant001, TestSize.Level0)
 {
     GenericValues genericValues;
     std::string key = "databasetest";
@@ -98,7 +98,7 @@ HWTEST_F(DatabaseTest, PutVariant001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(DatabaseTest, VariantValue64001, TestSize.Level1)
+HWTEST_F(DatabaseTest, VariantValue64001, TestSize.Level0)
 {
     int64_t testValue = 1;
     VariantValue Test(testValue);
@@ -111,7 +111,7 @@ HWTEST_F(DatabaseTest, VariantValue64001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(DatabaseTest, VariantValue64002, TestSize.Level1)
+HWTEST_F(DatabaseTest, VariantValue64002, TestSize.Level0)
 {
     int32_t ntestValue = 1;
     VariantValue Ntest(ntestValue);
@@ -127,7 +127,7 @@ HWTEST_F(DatabaseTest, VariantValue64002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(DatabaseTest, VariantValue001, TestSize.Level1)
+HWTEST_F(DatabaseTest, VariantValue001, TestSize.Level0)
 {
     VariantValue Test;
     Test.GetString();
@@ -154,7 +154,7 @@ static void RemoveTestTokenHapInfo()
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(DatabaseTest, SqliteStorageModifyTest001, TestSize.Level1)
+HWTEST_F(DatabaseTest, SqliteStorageModifyTest001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "SqliteStorageModifyTest001 begin");
 
@@ -217,7 +217,7 @@ HWTEST_F(DatabaseTest, SqliteStorageModifyTest001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionDef001, TestSize.Level1)
+HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionDef001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "DataTranslatorTranslationIntoPermissionDefTest001 begin");
 
@@ -238,7 +238,7 @@ HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionDef001, TestSize.L
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionStatus001, TestSize.Level1)
+HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionStatus001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "DataTranslatorTranslationIntoPermissionStatus001 begin");
 
@@ -259,7 +259,7 @@ HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionStatus001, TestSiz
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionStatus002, TestSize.Level1)
+HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionStatus002, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "DataTranslatorTranslationIntoPermissionStatus002 begin");
 
@@ -281,7 +281,7 @@ HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionStatus002, TestSiz
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionStatus003, TestSize.Level1)
+HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionStatus003, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "DataTranslatorTranslationIntoPermissionStatus003 begin");
 
@@ -304,7 +304,7 @@ HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionStatus003, TestSiz
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionStatus004, TestSize.Level1)
+HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionStatus004, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "DataTranslatorTranslationIntoPermissionStatus004 begin");
 
diff --git a/services/common/json_parse/BUILD.gn b/services/common/json_parse/BUILD.gn
index 6b340009fac7c2125272bcdfe6f45adb6c420501..52a34088506a558a80403ce8e34364756c57565b 100644
--- a/services/common/json_parse/BUILD.gn
+++ b/services/common/json_parse/BUILD.gn
@@ -98,9 +98,5 @@ ohos_shared_library("accesstoken_cjson_utils") {
       "c_utils:utils",
       "hilog:libhilog",
     ]
-    if (customization_config_policy_enable) {
-      cflags_cc += [ "-DCUSTOMIZATION_CONFIG_POLICY_ENABLE" ]
-      external_deps += [ "config_policy:configpolicy_util" ]
-    }
   }
 }
diff --git a/services/common/json_parse/include/json_parse_loader.h b/services/common/json_parse/include/json_parse_loader.h
index 4af857e66afea3381710cfc5c6314910bd6a6238..ec5920f8d013bd1b7c091da18d67ac4b7ec00e28 100644
--- a/services/common/json_parse/include/json_parse_loader.h
+++ b/services/common/json_parse/include/json_parse_loader.h
@@ -32,7 +32,7 @@ struct AccessTokenServiceConfig final {
     std::string grantServiceAbilityName;
     std::string permStateAbilityName;
     std::string globalSwitchAbilityName;
-    int32_t cancleTime = 0;
+    int32_t cancelTime = 0;
     std::string applicationSettingAbilityName;
 };
 
diff --git a/services/common/json_parse/src/json_parse_loader.cpp b/services/common/json_parse/src/json_parse_loader.cpp
index 5819e152734835954a5dee13a298e7b358cbd8de..e237e8c8ff6df4158bb2519c1a31a3316366ba87 100644
--- a/services/common/json_parse/src/json_parse_loader.cpp
+++ b/services/common/json_parse/src/json_parse_loader.cpp
@@ -14,6 +14,7 @@
  */
 #include "json_parse_loader.h"
 
+#include <cstdio>
 #include <fcntl.h>
 #include <memory>
 #include <set>
@@ -35,6 +36,7 @@ namespace AccessToken {
 namespace {
 constexpr int32_t MAX_NATIVE_CONFIG_FILE_SIZE = 5 * 1024 * 1024; // 5M
 constexpr size_t BUFFER_SIZE = 1024;
+constexpr uint64_t FD_TAG = 0xD005A01;
 
 #ifdef CUSTOMIZATION_CONFIG_POLICY_ENABLE
 static constexpr const char* ACCESSTOKEN_CONFIG_FILE = "/etc/access_token/accesstoken_config.json";
@@ -82,22 +84,23 @@ int32_t ConfigPolicLoader::ReadCfgFile(const std::string& file, std::string& raw
         LOGE(ATM_DOMAIN, ATM_TAG, "Open failed errno %{public}d.", errno);
         return ERR_FILE_OPERATE_FAILED;
     }
+    fdsan_exchange_owner_tag(fd, 0, FD_TAG);
     struct stat statBuffer;
 
     if (fstat(fd, &statBuffer) != 0) {
         LOGE(ATM_DOMAIN, ATM_TAG, "Fstat failed.");
-        close(fd);
+        fdsan_close_with_tag(fd, FD_TAG);
         return ERR_FILE_OPERATE_FAILED;
     }
 
     if (statBuffer.st_size == 0) {
         LOGE(ATM_DOMAIN, ATM_TAG, "Config file size is invalid.");
-        close(fd);
+        fdsan_close_with_tag(fd, FD_TAG);
         return ERR_PARAM_INVALID;
     }
     if (statBuffer.st_size > MAX_NATIVE_CONFIG_FILE_SIZE) {
         LOGE(ATM_DOMAIN, ATM_TAG, "Config file size is too large.");
-        close(fd);
+        fdsan_close_with_tag(fd, FD_TAG);
         return ERR_OVERSIZE;
     }
     rawData.reserve(statBuffer.st_size);
@@ -107,7 +110,7 @@ int32_t ConfigPolicLoader::ReadCfgFile(const std::string& file, std::string& raw
     while ((readLen = read(fd, buff, BUFFER_SIZE)) > 0) {
         rawData.append(buff, readLen);
     }
-    close(fd);
+    fdsan_close_with_tag(fd, FD_TAG);
     if (readLen == 0) {
         return RET_SUCCESS;
     }
@@ -166,7 +169,7 @@ bool GetAtCfgFromJson(const CJson* j, AccessTokenServiceConfig& a)
         return false;
     }
 
-    if (!GetStringFromJson(j, GRANT_SERVICE_ABILITY_NAME_KEY, a.grantAbilityName)) {
+    if (!GetStringFromJson(j, GRANT_SERVICE_ABILITY_NAME_KEY, a.grantServiceAbilityName)) {
         return false;
     }
 
@@ -178,7 +181,7 @@ bool GetAtCfgFromJson(const CJson* j, AccessTokenServiceConfig& a)
         return false;
     }
 
-    if (!GetIntFromJson(j, TEMP_PERM_CANCLE_TIME_KEY, a.cancleTime)) {
+    if (!GetIntFromJson(j, TEMP_PERM_CANCLE_TIME_KEY, a.cancelTime)) {
         return false;
     }
 
diff --git a/services/common/json_parse/test/BUILD.gn b/services/common/json_parse/test/BUILD.gn
new file mode 100644
index 0000000000000000000000000000000000000000..e6f3c4d3da0dd4532d071f069b05b181ebf3fab7
--- /dev/null
+++ b/services/common/json_parse/test/BUILD.gn
@@ -0,0 +1,73 @@
+# Copyright (c) 2025 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import("//build/test.gni")
+import("../../../../access_token.gni")
+
+config("accesstoken_json_parse_config") {
+  visibility = [ ":*" ]
+  include_dirs = [ "include" ]
+}
+
+ohos_unittest("libjsonparse_test") {
+  subsystem_name = "accesscontrol"
+  module_out_path = module_output_path_unittest_accesstoken
+  sanitize = {
+    cfi = true
+    cfi_cross_dso = true
+    debug = false
+  }
+  branch_protector_ret = "pac_ret"
+
+  include_dirs = [
+      "${access_token_path}/frameworks/common/include",
+      "${access_token_path}/interfaces/innerkits/accesstoken/include",
+      "${access_token_path}/services/accesstokenmanager/main/cpp/include/token",
+      "${access_token_path}/services/common/json_parse/include",
+  ]
+
+  sources = [
+    "${access_token_path}/services/common/json_parse/src/cjson_utils.cpp",
+    "${access_token_path}/services/common/json_parse/src/json_parse_loader.cpp",
+    "unittest/cjson_utils_test.cpp",
+    "unittest/json_parse_loader_test.cpp",
+  ]
+
+  cflags_cc = [ "-DHILOG_ENABLE" ]
+  configs = [
+    "${access_token_path}/config:access_token_compile_flags",
+    "${access_token_path}/config:coverage_flags",
+  ]
+  public_configs = [ ":accesstoken_json_parse_config" ]
+
+  deps = [
+    "${access_token_path}/frameworks/common:accesstoken_common_cxx",
+  ]
+
+  external_deps = [
+    "cJSON:cjson",
+    "c_utils:utils",
+    "hilog:libhilog",
+    "ipc:ipc_single",
+  ]
+
+  if (customization_config_policy_enable) {
+    cflags_cc += [ "-DCUSTOMIZATION_CONFIG_POLICY_ENABLE" ]
+    external_deps += [ "config_policy:configpolicy_util" ]
+  }
+}
+
+group("unittest") {
+  testonly = true
+  deps = [ ":libjsonparse_test" ]
+}
diff --git a/services/common/json_parse/test/unittest/cjson_utils_test.cpp b/services/common/json_parse/test/unittest/cjson_utils_test.cpp
new file mode 100644
index 0000000000000000000000000000000000000000..961eec01350953dd529ecbba1b0cbddefba7f1f3
--- /dev/null
+++ b/services/common/json_parse/test/unittest/cjson_utils_test.cpp
@@ -0,0 +1,315 @@
+/*
+ * Copyright (c) 2025 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <gtest/gtest.h>
+#include <memory>
+#include <string>
+#include "cjson_utils.h"
+
+using namespace testing::ext;
+
+namespace OHOS {
+namespace Security {
+namespace AccessToken {
+
+class CJsonUtilsTest : public testing::Test  {
+public:
+    static void SetUpTestCase();
+    static void TearDownTestCase();
+
+    void SetUp();
+    void TearDown();
+};
+
+void CJsonUtilsTest::SetUpTestCase() {}
+void CJsonUtilsTest::TearDownTestCase() {}
+void CJsonUtilsTest::SetUp() {}
+void CJsonUtilsTest::TearDown() {}
+
+/*
+ * @tc.name: CreateJsonFromString
+ * @tc.desc: CreateJsonFromString
+ * @tc.type: FUNC
+ * @tc.require: TDD coverage
+ */
+HWTEST_F(CJsonUtilsTest, CreateJsonFromStringTest001, TestSize.Level3)
+{
+    std::string test;
+    EXPECT_EQ(nullptr, CreateJsonFromString(test));
+}
+
+/*
+ * @tc.name: PackJsonToString
+ * @tc.desc: PackJsonToString
+ * @tc.type: FUNC
+ * @tc.require: TDD coverage
+ */
+HWTEST_F(CJsonUtilsTest, PackJsonToStringTest001, TestSize.Level3)
+{
+    std::string res = PackJsonToString(nullptr);
+    EXPECT_EQ(res.size(), 0);
+
+    FreeJsonString(nullptr);
+}
+
+/*
+ * @tc.name: GetObjFromJson
+ * @tc.desc: GetObjFromJson
+ * @tc.type: FUNC
+ * @tc.require: TDD coverage
+ */
+HWTEST_F(CJsonUtilsTest, GetObjFromJsonTest001, TestSize.Level3)
+{
+    std::string test;
+    EXPECT_EQ(nullptr, GetObjFromJson(nullptr, test));
+
+    test = "test1";
+    CJsonUnique jsonInner = CreateJson();
+    ASSERT_EQ(true, AddStringToJson(jsonInner, "test0", "0"));
+    EXPECT_EQ(nullptr, GetObjFromJson(jsonInner, test));
+
+    test = "test0";
+    EXPECT_EQ(nullptr, GetObjFromJson(jsonInner, test));
+}
+
+/*
+ * @tc.name: GetArrayFromJson
+ * @tc.desc: GetArrayFromJson
+ * @tc.type: FUNC
+ * @tc.require: TDD coverage
+ */
+HWTEST_F(CJsonUtilsTest, GetArrayFromJsonTest001, TestSize.Level3)
+{
+    std::string test;
+    EXPECT_EQ(nullptr, GetArrayFromJson(nullptr, test));
+
+    test = "test1";
+    CJsonUnique jsonInner = CreateJson();
+    ASSERT_EQ(true, AddStringToJson(jsonInner, "test0", "0"));
+    EXPECT_EQ(nullptr, GetArrayFromJson(jsonInner, test));
+
+    test = "test0";
+    EXPECT_EQ(nullptr, GetArrayFromJson(jsonInner, test));
+}
+
+/*
+ * @tc.name: GetStringFromJson
+ * @tc.desc: GetStringFromJson
+ * @tc.type: FUNC
+ * @tc.require: TDD coverage
+ */
+HWTEST_F(CJsonUtilsTest, GetStringFromJsonTest001, TestSize.Level3)
+{
+    std::string test;
+    std::string res;
+    EXPECT_EQ(false, GetStringFromJson(nullptr, test, res));
+
+    CJsonUnique jsonInner = CreateJson();
+    ASSERT_EQ(true, AddStringToJson(jsonInner, "test0", "0"));
+    EXPECT_EQ(false, GetStringFromJson(jsonInner.get(), test, res));
+
+    test = "test1";
+    EXPECT_EQ(false, GetStringFromJson(jsonInner.get(), test, res));
+
+    CJsonUnique jsonArray = CreateJsonArray();
+    ASSERT_EQ(true, AddObjToJson(jsonArray, "test1", jsonInner));
+    EXPECT_EQ(false, GetStringFromJson(jsonArray.get(), test, res));
+}
+
+/*
+ * @tc.name: GetIntFromJson
+ * @tc.desc: GetIntFromJson
+ * @tc.type: FUNC
+ * @tc.require: TDD coverage
+ */
+HWTEST_F(CJsonUtilsTest, GetIntFromJsonTest001, TestSize.Level3)
+{
+    std::string test;
+    int32_t res;
+    EXPECT_EQ(false, GetIntFromJson(nullptr, test, res));
+
+    test = "test1";
+    CJsonUnique jsonInner = CreateJson();
+    ASSERT_EQ(true, AddStringToJson(jsonInner, "test0", "abc"));
+    EXPECT_EQ(false, GetIntFromJson(jsonInner, test, res));
+
+    test = "test0";
+    EXPECT_EQ(false, GetIntFromJson(jsonInner, test, res));
+}
+
+/*
+ * @tc.name: GetUnsignedIntFromJson
+ * @tc.desc: GetUnsignedIntFromJson
+ * @tc.type: FUNC
+ * @tc.require: TDD coverage
+ */
+HWTEST_F(CJsonUtilsTest, GetUnsignedIntFromJsonTest001, TestSize.Level3)
+{
+    std::string test;
+    uint32_t res;
+    EXPECT_EQ(false, GetUnsignedIntFromJson(nullptr, test, res));
+
+    test = "test1";
+    CJsonUnique jsonInner = CreateJson();
+    ASSERT_EQ(true, AddStringToJson(jsonInner, "test0", "abc"));
+    EXPECT_EQ(false, GetUnsignedIntFromJson(jsonInner, test, res));
+
+    test = "test0";
+    EXPECT_EQ(false, GetUnsignedIntFromJson(jsonInner, test, res));
+}
+
+/*
+ * @tc.name: GetBoolFromJson
+ * @tc.desc: GetBoolFromJson
+ * @tc.type: FUNC
+ * @tc.require: TDD coverage
+ */
+HWTEST_F(CJsonUtilsTest, GetBoolFromJsonTest001, TestSize.Level3)
+{
+    std::string test;
+    bool res;
+    EXPECT_EQ(false, GetBoolFromJson(nullptr, test, res));
+
+    test = "test1";
+    CJsonUnique jsonInner = CreateJson();
+    ASSERT_EQ(true, AddStringToJson(jsonInner, "test0", "0"));
+    EXPECT_EQ(false, GetBoolFromJson(jsonInner, test, res));
+
+    test = "test0";
+    EXPECT_EQ(false, GetBoolFromJson(jsonInner, test, res));
+}
+
+/*
+ * @tc.name: GetBoolFromJson
+ * @tc.desc: GetBoolFromJson
+ * @tc.type: FUNC
+ * @tc.require: TDD coverage
+ */
+HWTEST_F(CJsonUtilsTest, GetBoolFromJsonTest002, TestSize.Level3)
+{
+    std::string test = "test1";
+    bool res;
+    CJsonUnique jsonInner = CreateJson();
+    ASSERT_EQ(true, AddBoolToJson(jsonInner, test, true));
+
+    EXPECT_EQ(true, GetBoolFromJson(jsonInner, test, res));
+    EXPECT_EQ(res, true);
+}
+
+/*
+ * @tc.name: AddObjToJson
+ * @tc.desc: AddObjToJson
+ * @tc.type: FUNC
+ * @tc.require: TDD coverage
+ */
+HWTEST_F(CJsonUtilsTest, AddObjToJsonTest001, TestSize.Level3)
+{
+    ASSERT_EQ(false, AddObjToJson(nullptr, "", nullptr));
+    std::string test = "test1";
+    ASSERT_EQ(false, AddObjToJson(nullptr, test, nullptr));
+
+    CJsonUnique jsonInner = CreateJson();
+    ASSERT_EQ(true, AddStringToJson(jsonInner, "test0", "0"));
+    ASSERT_EQ(true, AddStringToJson(jsonInner, "test1", "1"));
+
+    CJsonUnique jsonArray = CreateJsonArray();
+    ASSERT_EQ(true, AddObjToJson(jsonArray, "test1", jsonInner));
+    ASSERT_EQ(true, AddObjToJson(jsonArray, "test1", jsonInner));
+}
+
+/*
+ * @tc.name: AddObjToArray
+ * @tc.desc: AddObjToArray
+ * @tc.type: FUNC
+ * @tc.require: TDD coverage
+ */
+HWTEST_F(CJsonUtilsTest, AddObjToArrayTest001, TestSize.Level3)
+{
+    ASSERT_EQ(false, AddObjToArray(nullptr, nullptr));
+
+    CJsonUnique jsonInner = CreateJson();
+    ASSERT_EQ(false, AddObjToArray(nullptr, jsonInner.get()));
+}
+
+/*
+ * @tc.name: AddStringToJson
+ * @tc.desc: AddStringToJson
+ * @tc.type: FUNC
+ * @tc.require: TDD coverage
+ */
+HWTEST_F(CJsonUtilsTest, AddStringToJsonTest001, TestSize.Level3)
+{
+    ASSERT_EQ(false, AddStringToJson(nullptr, "", ""));
+    ASSERT_EQ(false, AddStringToJson(nullptr, "test0", "test0"));
+
+    CJsonUnique jsonInner = CreateJson();
+    ASSERT_EQ(true, AddStringToJson(jsonInner, "test0", "test0"));
+    // twice
+    ASSERT_EQ(true, AddStringToJson(jsonInner, "test0", "test0"));
+}
+
+/*
+ * @tc.name: AddBoolToJson
+ * @tc.desc: AddBoolToJson
+ * @tc.type: FUNC
+ * @tc.require: TDD coverage
+ */
+HWTEST_F(CJsonUtilsTest, AddBoolToJsonTest001, TestSize.Level3)
+{
+    ASSERT_EQ(false, AddBoolToJson(nullptr, "", true));
+    ASSERT_EQ(false, AddBoolToJson(nullptr, "test0", true));
+
+    CJsonUnique jsonInner = CreateJson();
+    ASSERT_EQ(true, AddBoolToJson(jsonInner, "test0", true));
+    // twice
+    ASSERT_EQ(true, AddBoolToJson(jsonInner, "test0", true));
+}
+
+/*
+ * @tc.name: AddIntToJson
+ * @tc.desc: AddIntToJson
+ * @tc.type: FUNC
+ * @tc.require: TDD coverage
+ */
+HWTEST_F(CJsonUtilsTest, AddIntToJsonTest001, TestSize.Level3)
+{
+    ASSERT_EQ(false, AddIntToJson(nullptr, "", 0));
+    ASSERT_EQ(false, AddIntToJson(nullptr, "test0", 0));
+
+    CJsonUnique jsonInner = CreateJson();
+    ASSERT_EQ(true, AddIntToJson(jsonInner, "test0", 0));
+    // twice
+    ASSERT_EQ(true, AddIntToJson(jsonInner, "test0", 0));
+}
+
+/*
+ * @tc.name: AddUnsignedIntToJson
+ * @tc.desc: AddUnsignedIntToJson
+ * @tc.type: FUNC
+ * @tc.require: TDD coverage
+ */
+HWTEST_F(CJsonUtilsTest, AddUnsignedIntToJsonTest001, TestSize.Level3)
+{
+    ASSERT_EQ(false, AddUnsignedIntToJson(nullptr, "", 0));
+    ASSERT_EQ(false, AddUnsignedIntToJson(nullptr, "test0", 0));
+
+    CJsonUnique jsonInner = CreateJson();
+    ASSERT_EQ(true, AddUnsignedIntToJson(jsonInner, "test0", 0));
+    // twice
+    ASSERT_EQ(true, AddUnsignedIntToJson(jsonInner, "test0", 0));
+}
+} // namespace AccessToken
+} // namespace Security
+} // namespace OHOS
diff --git a/services/common/json_parse/test/unittest/json_parse_loader_test.cpp b/services/common/json_parse/test/unittest/json_parse_loader_test.cpp
new file mode 100644
index 0000000000000000000000000000000000000000..4da1bc534e092f285ef82fa8d9794b63ae11f4e5
--- /dev/null
+++ b/services/common/json_parse/test/unittest/json_parse_loader_test.cpp
@@ -0,0 +1,106 @@
+/*
+ * Copyright (c) 2025 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <gtest/gtest.h>
+#include <fcntl.h>
+#include <memory>
+#include <string>
+
+#define private public
+#include "json_parse_loader.h"
+#undef private
+
+using namespace testing::ext;
+
+namespace OHOS {
+namespace Security {
+namespace AccessToken {
+namespace {
+constexpr const char* TEST_FILE_PATH = "/data/test/abcdefg.txt";
+}
+
+class JsonParseLoaderTest : public testing::Test  {
+public:
+    static void SetUpTestCase();
+    static void TearDownTestCase();
+
+    void SetUp();
+    void TearDown();
+};
+
+void JsonParseLoaderTest::SetUpTestCase() {}
+void JsonParseLoaderTest::TearDownTestCase() {}
+void JsonParseLoaderTest::SetUp() {}
+void JsonParseLoaderTest::TearDown() {}
+
+/*
+ * @tc.name: IsDirExsit
+ * @tc.desc: IsDirExsit
+ * @tc.type: FUNC
+ * @tc.require: TDD coverage
+ */
+HWTEST_F(JsonParseLoaderTest, IsDirExsitTest001, TestSize.Level4)
+{
+    ConfigPolicLoader loader;
+    EXPECT_FALSE(loader.IsDirExsit(""));
+    int32_t fd = open(TEST_FILE_PATH, O_RDWR | O_CREAT);
+    EXPECT_NE(-1, fd);
+
+    EXPECT_FALSE(loader.IsDirExsit(TEST_FILE_PATH));
+}
+
+#ifdef CUSTOMIZATION_CONFIG_POLICY_ENABLE
+/*
+ * @tc.name: GetConfigValueFromFile
+ * @tc.desc: GetConfigValueFromFile
+ * @tc.type: FUNC
+ * @tc.require: TDD coverage
+ */
+HWTEST_F(JsonParseLoaderTest, GetConfigValueFromFileTest001, TestSize.Level4)
+{
+    ConfigPolicLoader loader;
+    AccessTokenConfigValue config;
+    EXPECT_FALSE(loader.GetConfigValueFromFile(ServiceType::ACCESSTOKEN_SERVICE, "", config));
+}
+#endif // CUSTOMIZATION_CONFIG_POLICY_ENABLE
+
+/*
+ * @tc.name: ParserNativeRawData
+ * @tc.desc: ParserNativeRawData
+ * @tc.type: FUNC
+ * @tc.require: TDD coverage
+ */
+HWTEST_F(JsonParseLoaderTest, ParserNativeRawDataTest001, TestSize.Level4)
+{
+    ConfigPolicLoader loader;
+    std::vector<NativeTokenInfoBase> tokenInfos;
+    EXPECT_FALSE(loader.ParserNativeRawData("", tokenInfos));
+}
+
+/*
+ * @tc.name: ParserDlpPermsRawData
+ * @tc.desc: ParserDlpPermsRawData
+ * @tc.type: FUNC
+ * @tc.require: TDD coverage
+ */
+HWTEST_F(JsonParseLoaderTest, ParserDlpPermsRawDataTest001, TestSize.Level4)
+{
+    ConfigPolicLoader loader;
+    std::vector<PermissionDlpMode> dlpPerms;
+    EXPECT_FALSE(loader.ParserDlpPermsRawData("", dlpPerms));
+}
+} // namespace AccessToken
+} // namespace Security
+} // namespace OHOS
diff --git a/services/common/json_parse/unittest/json_parse_test.cpp b/services/common/json_parse/test/unittest/json_parse_test.cpp
similarity index 98%
rename from services/common/json_parse/unittest/json_parse_test.cpp
rename to services/common/json_parse/test/unittest/json_parse_test.cpp
index e361ba345ffd867fb2f802474dede60a74c810cd..5678f12ca9a8c185180a579666a7c42bf9d86e8a 100644
--- a/services/common/json_parse/unittest/json_parse_test.cpp
+++ b/services/common/json_parse/test/unittest/json_parse_test.cpp
@@ -63,7 +63,7 @@ void PrivacyParcelTest::TearDown() {}
  * @tc.type: FUNC
  * @tc.require: issueI6024A
  */
-HWTEST_F(JsonParseTest, IsDirExsit001, TestSize.Level1)
+HWTEST_F(JsonParseTest, IsDirExsit001, TestSize.Level0)
 {
     ConfigPolicLoader loader;
     EXPECT_FALSE(loader.IsDirExsit(""));
@@ -79,7 +79,7 @@ HWTEST_F(JsonParseTest, IsDirExsit001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(JsonParseTest, ParserNativeRawData001, TestSize.Level1)
+HWTEST_F(JsonParseTest, ParserNativeRawData001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "test ParserNativeRawData001!");
     std::string testStr = R"([)"\
@@ -106,7 +106,7 @@ HWTEST_F(JsonParseTest, ParserNativeRawData001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(JsonParseTest, ParserNativeRawData002, TestSize.Level1)
+HWTEST_F(JsonParseTest, ParserNativeRawData002, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "test ParserNativeRawData002!");
     std::string testStr = R"([{"processName":""}])";
@@ -160,7 +160,7 @@ HWTEST_F(JsonParseTest, ParserNativeRawData002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(JsonParseTest, ParserNativeRawData003, TestSize.Level1)
+HWTEST_F(JsonParseTest, ParserNativeRawData003, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "test ParserNativeRawData003!");
     std::string testStr = R"([)"\
@@ -182,7 +182,7 @@ HWTEST_F(JsonParseTest, ParserNativeRawData003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(JsonParseTest, ParserNativeRawData004, TestSize.Level1)
+HWTEST_F(JsonParseTest, ParserNativeRawData004, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "test ParserNativeRawData004!");
     // version wrong
@@ -243,7 +243,7 @@ HWTEST_F(JsonParseTest, ParserNativeRawData004, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(JsonParseTest, init001, TestSize.Level1)
+HWTEST_F(JsonParseTest, init001, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "test init001!");
 
@@ -300,7 +300,7 @@ static void PrepareJsonData1()
  * @tc.type: FUNC
  * @tc.require: SR000GVIGR
  */
-HWTEST_F(PermissionManagerTest, DlpPermissionConfig001, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, DlpPermissionConfig001, TestSize.Level0)
 {
     PrepareJsonData1();
 
@@ -354,7 +354,7 @@ HWTEST_F(PermissionManagerTest, DlpPermissionConfig001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: SR000GVIGR
  */
-HWTEST_F(PermissionManagerTest, DlpPermissionConfig002, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, DlpPermissionConfig002, TestSize.Level0)
 {
     PrepareJsonData1();
 
@@ -408,7 +408,7 @@ HWTEST_F(PermissionManagerTest, DlpPermissionConfig002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: SR000GVIGR
  */
-HWTEST_F(PermissionManagerTest, DlpPermissionConfig003, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, DlpPermissionConfig003, TestSize.Level0)
 {
     PrepareJsonData1();
 
@@ -488,7 +488,7 @@ static void PrepareJsonData2()
  * @tc.type: FUNC
  * @tc.require: SR000GVIGR
  */
-HWTEST_F(PermissionManagerTest, DlpPermissionConfig004, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, DlpPermissionConfig004, TestSize.Level0)
 {
     PrepareJsonData2();
     PrepareUserPermState();
@@ -546,7 +546,7 @@ HWTEST_F(PermissionManagerTest, DlpPermissionConfig004, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: SR000GVIGR
  */
-HWTEST_F(PermissionManagerTest, DlpPermissionConfig005, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, DlpPermissionConfig005, TestSize.Level0)
 {
     PrepareJsonData2();
     PrepareUserPermState();
@@ -603,7 +603,7 @@ HWTEST_F(PermissionManagerTest, DlpPermissionConfig005, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionManagerTest, DlpPermissionConfig006, TestSize.Level1)
+HWTEST_F(PermissionManagerTest, DlpPermissionConfig006, TestSize.Level0)
 {
     PrepareJsonData2();
     PrepareUserPermState();
diff --git a/services/common/screenlock_manager/BUILD.gn b/services/common/screenlock_manager/BUILD.gn
index 8a03c4ba4df1187ea6bf360dc8aae98feb0249fd..e0c9501a3e9a083221b58933f618938f6dc15b22 100644
--- a/services/common/screenlock_manager/BUILD.gn
+++ b/services/common/screenlock_manager/BUILD.gn
@@ -45,6 +45,7 @@ ohos_shared_library("accesstoken_screenlock_manager") {
       "c_utils:utils",
       "ipc:ipc_core",
       "screenlock_mgr:screenlock_client",
+      "eventhandler:libeventhandler",
     ]
   }
 }
diff --git a/services/common/window_manager/src/privacy_mock_session_manager_proxy.cpp b/services/common/window_manager/src/privacy_mock_session_manager_proxy.cpp
index 2f4586b9ec6b693e6e8fed7e0f80f8109eb8e885..b2787ab6bfbff02f3e9f6b514fd7d45be8c6cbfb 100644
--- a/services/common/window_manager/src/privacy_mock_session_manager_proxy.cpp
+++ b/services/common/window_manager/src/privacy_mock_session_manager_proxy.cpp
@@ -36,6 +36,9 @@ sptr<IRemoteObject> PrivacyMockSessionManagerProxy::GetSessionManagerService()
         LOGE(PRI_DOMAIN, PRI_TAG, "SendRequest failed");
         return nullptr;
     }
+    if (reply.ReadInt32() != ERR_NONE) {
+        LOGE(PRI_DOMAIN, PRI_TAG, "Read result failed");
+    }
     sptr<IRemoteObject> remoteObject = reply.ReadRemoteObject();
     return remoteObject;
 }
diff --git a/services/common/window_manager/test/BUILD.gn b/services/common/window_manager/test/BUILD.gn
index a2da391464fa4bfd1abb31ffcedd3111193599ac..0a126623005fa597be339d4e4aea6c011cad080b 100644
--- a/services/common/window_manager/test/BUILD.gn
+++ b/services/common/window_manager/test/BUILD.gn
@@ -15,9 +15,8 @@ import("//build/test.gni")
 import("../../../../access_token.gni")
 
 ohos_unittest("libwindow_manager_test") {
-  subsystem_name = "security"
-  part_name = "access_token"
-  module_out_path = part_name + "/" + part_name
+  subsystem_name = "accesscontrol"
+  module_out_path = module_output_path_unittest_accesstoken
   sanitize = {
     cfi = true
     cfi_cross_dso = true
diff --git a/services/el5filekeymanager/test/BUILD.gn b/services/el5filekeymanager/test/BUILD.gn
index f5e1cc9fd93f4320dbc53a51c6acd2ca08f06e0e..3bc0d39c99993734ba21a0efd77dd39dcaa76081 100644
--- a/services/el5filekeymanager/test/BUILD.gn
+++ b/services/el5filekeymanager/test/BUILD.gn
@@ -16,9 +16,9 @@ import("../../../access_token.gni")
 
 if (is_standard_system && ability_base_enable == true) {
   ohos_unittest("el5_filekey_manager_service_mock_unittest") {
-    subsystem_name = "security"
+    subsystem_name = "accesscontrol"
     part_name = "access_token"
-    module_out_path = "access_token/access_token"
+    module_out_path = "access_token/el5_filekey_manager"
     sanitize = {
       cfi = true
       cfi_cross_dso = true
@@ -83,9 +83,9 @@ if (is_standard_system && ability_base_enable == true) {
   }
 
   ohos_unittest("el5_filekey_manager_service_unittest") {
-    subsystem_name = "security"
+    subsystem_name = "accesscontrol"
     part_name = "access_token"
-    module_out_path = "access_token/access_token"
+    module_out_path = "access_token/el5_filekey_manager"
     sanitize = {
       cfi = true
       cfi_cross_dso = true
@@ -146,9 +146,9 @@ if (is_standard_system && ability_base_enable == true) {
   }
 
   ohos_unittest("el5_filekey_manager_stub_unittest") {
-    subsystem_name = "security"
+    subsystem_name = "accesscontrol"
     part_name = "access_token"
-    module_out_path = "access_token/access_token"
+    module_out_path = "access_token/el5_filekey_manager"
     sanitize = {
       cfi = true
       cfi_cross_dso = true
diff --git a/services/el5filekeymanager/test/src/el5_filekey_manager_service_mock_unittest.cpp b/services/el5filekeymanager/test/src/el5_filekey_manager_service_mock_unittest.cpp
index ef928ba96452376503409b3df6e88f23fd3d5456..9d79db749f96ce4dddf3693640ed4ae198f366c5 100644
--- a/services/el5filekeymanager/test/src/el5_filekey_manager_service_mock_unittest.cpp
+++ b/services/el5filekeymanager/test/src/el5_filekey_manager_service_mock_unittest.cpp
@@ -155,6 +155,11 @@ HWTEST_F(El5FilekeyManagerServiceMockTest, AcquireAccess001, TestSize.Level1)
 
     MockIpc::SetCallingUid(20020025);
     uint64_t tokenId = GetTokenIdFromBundleName("com.ohos.medialibrary.medialibrarydata");
+    // if medialibrarydata not exist, try contactsdataability
+    if (tokenId == INVALID_TOKENID) {
+        tokenId = GetTokenIdFromBundleName("com.ohos.contactsdataability");
+    }
+    ASSERT_NE(tokenId, INVALID_TOKENID);
     MockIpc::SetCallingTokenID(static_cast<uint32_t>(tokenId));
 
     ASSERT_EQ(el5FilekeyManagerService_->AcquireAccess(DataLockType::DEFAULT_DATA), EFM_SUCCESS);
@@ -172,6 +177,11 @@ HWTEST_F(El5FilekeyManagerServiceMockTest, AcquireAccess002, TestSize.Level1)
 
     MockIpc::SetCallingUid(20020025);
     uint64_t tokenId = GetTokenIdFromBundleName("com.ohos.medialibrary.medialibrarydata");
+    // if medialibrarydata not exist, try contactsdataability
+    if (tokenId == INVALID_TOKENID) {
+        tokenId = GetTokenIdFromBundleName("com.ohos.contactsdataability");
+    }
+    ASSERT_NE(tokenId, INVALID_TOKENID);
     MockIpc::SetCallingTokenID(static_cast<uint32_t>(tokenId));
 
     ASSERT_EQ(el5FilekeyManagerService_->AcquireAccess(DataLockType::DEFAULT_DATA), EFM_SUCCESS);
@@ -189,6 +199,11 @@ HWTEST_F(El5FilekeyManagerServiceMockTest, ReleaseAccess001, TestSize.Level1)
 
     MockIpc::SetCallingUid(20020025);
     uint64_t tokenId = GetTokenIdFromBundleName("com.ohos.medialibrary.medialibrarydata");
+    // if medialibrarydata not exist, try contactsdataability
+    if (tokenId == INVALID_TOKENID) {
+        tokenId = GetTokenIdFromBundleName("com.ohos.contactsdataability");
+    }
+    ASSERT_NE(tokenId, INVALID_TOKENID);
     MockIpc::SetCallingTokenID(static_cast<uint32_t>(tokenId));
 
     ASSERT_EQ(el5FilekeyManagerService_->ReleaseAccess(DataLockType::DEFAULT_DATA), EFM_SUCCESS);
@@ -206,6 +221,11 @@ HWTEST_F(El5FilekeyManagerServiceMockTest, ReleaseAccess002, TestSize.Level1)
 
     MockIpc::SetCallingUid(20020025);
     uint64_t tokenId = GetTokenIdFromBundleName("com.ohos.medialibrary.medialibrarydata");
+    // if medialibrarydata not exist, try contactsdataability
+    if (tokenId == INVALID_TOKENID) {
+        tokenId = GetTokenIdFromBundleName("com.ohos.contactsdataability");
+    }
+    ASSERT_NE(tokenId, INVALID_TOKENID);
     MockIpc::SetCallingTokenID(static_cast<uint32_t>(tokenId));
 
     ASSERT_EQ(el5FilekeyManagerService_->ReleaseAccess(DataLockType::DEFAULT_DATA), EFM_SUCCESS);
@@ -539,6 +559,11 @@ HWTEST_F(El5FilekeyManagerServiceMockTest, QueryAppKeyState001, TestSize.Level1)
 
     MockIpc::SetCallingUid(20020025);
     uint64_t tokenId = GetTokenIdFromBundleName("com.ohos.medialibrary.medialibrarydata");
+    // if medialibrarydata not exist, try contactsdataability
+    if (tokenId == INVALID_TOKENID) {
+        tokenId = GetTokenIdFromBundleName("com.ohos.contactsdataability");
+    }
+    ASSERT_NE(tokenId, INVALID_TOKENID);
     MockIpc::SetCallingTokenID(static_cast<uint32_t>(tokenId));
 
     ASSERT_EQ(el5FilekeyManagerService_->QueryAppKeyState(DataLockType::DEFAULT_DATA), EFM_SUCCESS);
@@ -556,6 +581,11 @@ HWTEST_F(El5FilekeyManagerServiceMockTest, QueryAppKeyState002, TestSize.Level1)
 
     MockIpc::SetCallingUid(20020025);
     uint64_t tokenId = GetTokenIdFromBundleName("com.ohos.medialibrary.medialibrarydata");
+    // if medialibrarydata not exist, try contactsdataability
+    if (tokenId == INVALID_TOKENID) {
+        tokenId = GetTokenIdFromBundleName("com.ohos.contactsdataability");
+    }
+    ASSERT_NE(tokenId, INVALID_TOKENID);
     MockIpc::SetCallingTokenID(static_cast<uint32_t>(tokenId));
 
     ASSERT_EQ(el5FilekeyManagerService_->QueryAppKeyState(DataLockType::DEFAULT_DATA), EFM_SUCCESS);
diff --git a/services/el5filekeymanager/test/src/el5_filekey_manager_service_unittest.cpp b/services/el5filekeymanager/test/src/el5_filekey_manager_service_unittest.cpp
index 717bac1a17c786cc80c4134e85f63718493ab53f..c737a150a4cc368c56435b4af04376fc972f64fc 100644
--- a/services/el5filekeymanager/test/src/el5_filekey_manager_service_unittest.cpp
+++ b/services/el5filekeymanager/test/src/el5_filekey_manager_service_unittest.cpp
@@ -24,6 +24,9 @@ using namespace testing::ext;
 using namespace OHOS::Security::AccessToken;
 namespace {
 constexpr uint32_t SCREEN_ON_DELAY_TIME = 30;
+constexpr int32_t COMMON_EVENT_SERVICE_ID = 3299;
+constexpr int32_t TIME_SERVICE_ID = 3702;
+constexpr int32_t SCREENLOCK_SERVICE_ID = 3704;
 } // namespace
 
 void El5FilekeyManagerServiceTest::SetUpTestCase()
@@ -39,6 +42,9 @@ void El5FilekeyManagerServiceTest::SetUp()
 {
     el5FilekeyManagerService_ = DelayedSingleton<El5FilekeyManagerService>::GetInstance();
     el5FilekeyManagerService_->Init();
+    el5FilekeyManagerService_->OnAddSystemAbility(COMMON_EVENT_SERVICE_ID, "");
+    el5FilekeyManagerService_->OnAddSystemAbility(TIME_SERVICE_ID, "");
+    el5FilekeyManagerService_->OnAddSystemAbility(SCREENLOCK_SERVICE_ID, "");
 }
 
 void El5FilekeyManagerServiceTest::TearDown()
diff --git a/services/privacymanager/BUILD.gn b/services/privacymanager/BUILD.gn
index 24f932dbde108aaa5321b5bb55a6bd723c4c66c0..a397ebdb73ae916c366c0e84f44adee48580e3b1 100644
--- a/services/privacymanager/BUILD.gn
+++ b/services/privacymanager/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2022-2024 Huawei Device Co., Ltd.
+# Copyright (c) 2022-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -11,9 +11,100 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+import("//build/config/components/idl_tool/idl.gni")
 import("//build/ohos.gni")
 import("../../access_token.gni")
 
+idl_gen_interface("privacy_manager_interface") {
+  sources = [ "./idl/IPrivacyManager.idl" ]
+  log_domainid = "0xD005A02"
+  log_tag = "PRIVACY"
+  subsystem_name = "security"
+  part_name = "access_token"
+}
+
+config("privacy_manager_gen_config") {
+  include_dirs = [ "${target_gen_dir}" ]
+}
+
+ohos_source_set("privacy_manager_proxy") {
+  sanitize = {
+    cfi = true
+    cfi_cross_dso = true
+    debug = false
+  }
+
+  output_values = get_target_outputs(":privacy_manager_interface")
+
+  include_dirs = [
+    "${access_token_path}/frameworks/privacy/include",
+    "${access_token_path}/frameworks/common/include",
+    "${access_token_path}/interfaces/innerkits/accesstoken/include",
+    "${access_token_path}/interfaces/innerkits/privacy/include",
+    "${access_token_path}/interfaces/innerkits/privacy/src",
+    "include",
+    "src",
+  ]
+
+  sources = filter_include(output_values, [ "*_proxy.cpp" ])
+
+  deps = [
+    ":privacy_manager_interface",
+    "${access_token_path}/frameworks/privacy:privacy_communication_adapter_cxx",
+  ]
+
+  external_deps = [
+    "c_utils:utils",
+    "hilog:libhilog",
+    "ipc:ipc_single",
+    "samgr:samgr_proxy",
+  ]
+
+  cflags_cc = []
+
+  subsystem_name = "security"
+  part_name = "access_token"
+}
+
+ohos_source_set("privacy_manager_stub") {
+  sanitize = {
+    cfi = true
+    cfi_cross_dso = true
+    debug = false
+  }
+
+  output_values = get_target_outputs(":privacy_manager_interface")
+
+  include_dirs = [
+    "${access_token_path}/frameworks/privacy/include",
+    "${access_token_path}/frameworks/common/include",
+    "${access_token_path}/interfaces/innerkits/accesstoken/include",
+    "${access_token_path}/interfaces/innerkits/privacy/include",
+    "${access_token_path}/interfaces/innerkits/privacy/src",
+    "include",
+    "src",
+  ]
+
+  sources = filter_include(output_values, [ "*_stub.cpp" ])
+
+  deps = [
+    ":privacy_manager_interface",
+    "${access_token_path}/frameworks/privacy:privacy_communication_adapter_cxx",
+  ]
+
+  external_deps = [
+    "c_utils:utils",
+    "hilog:libhilog",
+    "ipc:ipc_single",
+    "samgr:samgr_proxy",
+  ]
+
+  cflags_cc = []
+
+  subsystem_name = "security"
+  part_name = "access_token"
+}
+
 ohos_prebuilt_etc("privacy.rc") {
   source = "privacy.cfg"
   relative_install_dir = "init"
@@ -88,7 +179,6 @@ if (is_standard_system && ability_base_enable == true) {
       "src/sensitive/audio_manager/audio_manager_adapter.cpp",
       "src/sensitive/camera_manager/camera_manager_adapter.cpp",
       "src/service/privacy_manager_service.cpp",
-      "src/service/privacy_manager_stub.cpp",
     ]
 
     cflags_cc = [
@@ -98,6 +188,7 @@ if (is_standard_system && ability_base_enable == true) {
     configs = [
       "${access_token_path}/config:access_token_compile_flags",
       "${access_token_path}/config:coverage_flags",
+      "${access_token_path}/services/privacymanager:privacy_manager_gen_config",
     ]
     defines = [ "FEATURE_DTMF_TONE" ]
 
@@ -109,6 +200,7 @@ if (is_standard_system && ability_base_enable == true) {
       "${access_token_path}/services/common:accesstoken_service_common",
       "${access_token_path}/services/common/proxy_death:proxy_death_handler",
       "${access_token_path}/services/privacymanager:privacy.rc",
+      "${access_token_path}/services/privacymanager:privacy_manager_stub",
     ]
 
     external_deps = [
@@ -147,12 +239,6 @@ if (is_standard_system && ability_base_enable == true) {
       sources += [ "src/common/privacy_common_event_subscriber.cpp" ]
     }
 
-    if (security_component_enhance_enable == true) {
-      cflags_cc += [ "-DSECURITY_COMPONENT_ENHANCE_ENABLE" ]
-      include_dirs += [ "include/seccomp" ]
-      sources += [ "src/seccomp/privacy_sec_comp_enhance_agent.cpp" ]
-    }
-
     if (window_manager_enable && access_token_camera_float_window_enable) {
       cflags_cc += [ "-DCAMERA_FLOAT_WINDOW_ENABLE" ]
       include_dirs +=
diff --git a/services/privacymanager/idl/IPrivacyManager.idl b/services/privacymanager/idl/IPrivacyManager.idl
new file mode 100644
index 0000000000000000000000000000000000000000..4a238fdf5944c0c8eecc5b886132a73e2f1a72d1
--- /dev/null
+++ b/services/privacymanager/idl/IPrivacyManager.idl
@@ -0,0 +1,41 @@
+/*
+ * Copyright (c) 2025 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package OHOS.Security.AccessToken;
+interface OHOS.Security.AccessToken.OnPermissionUsedRecordCallback;
+sequenceable OHOS.IRemoteObject;
+sequenceable OHOS.Security.AccessToken.AddPermParamInfoParcel;
+sequenceable OHOS.Security.AccessToken.PermissionUsedTypeInfoParcel;
+sequenceable OHOS.Security.AccessToken.PermissionUsedRequestParcel;
+sequenceable OHOS.Security.AccessToken.PermissionUsedResultParcel;
+
+interface OHOS.Security.AccessToken.IPrivacyManager {
+    [ipccode 1] void AddPermissionUsedRecord([in] AddPermParamInfoParcel infoParcel);
+    [ipccode 2, oneway] void AddPermissionUsedRecordAsync([in] AddPermParamInfoParcel infoParcel);
+    [ipccode 3] void StartUsingPermission([in] PermissionUsedTypeInfoParcel infoParcel, [in] IRemoteObject anonyStub);
+    [ipccode 4] void StartUsingPermissionCallback([in] PermissionUsedTypeInfoParcel infoParcel, [in] IRemoteObject cb, [in] IRemoteObject anonyStub);
+    [ipccode 5] void StopUsingPermission([in] unsigned int tokenID, [in] int pid, [in] String permissionName);
+    [ipccode 6] void RemovePermissionUsedRecords([in] unsigned int tokenID);
+    [ipccode 7] void GetPermissionUsedRecords([in] PermissionUsedRequestParcel request, [out] PermissionUsedResultParcel resultParcel);
+    [ipccode 8] void GetPermissionUsedRecordsAsync([in] PermissionUsedRequestParcel request, [in] OnPermissionUsedRecordCallback cb);
+    [ipccode 9] void RegisterPermActiveStatusCallback([in] List<String> permList, [in] IRemoteObject cb);
+    [ipccode 10] void UnRegisterPermActiveStatusCallback([in] IRemoteObject cb);
+    [ipccode 11] boolean IsAllowedUsingPermission([in] unsigned int tokenID, [in] String permissionName, [in] int pid);
+    [ipccode 12] void GetPermissionUsedTypeInfos([in] unsigned int tokenId, [in] String permissionName, [out] List<PermissionUsedTypeInfoParcel> resultsParcel);
+    [ipccode 13] void SetMutePolicy([in] unsigned int policyType, [in] unsigned int callerType, [in] boolean isMute, [in] unsigned int tokenID);
+    [ipccode 14] void SetHapWithFGReminder([in] unsigned int tokenId, [in] boolean isAllowed);
+    [ipccode 15] void SetPermissionUsedRecordToggleStatus([in] int userID, [in] boolean status);
+    [ipccode 16] void GetPermissionUsedRecordToggleStatus([in] int userID, [out] boolean status);
+}
diff --git a/services/privacymanager/include/service/privacy_manager_service.h b/services/privacymanager/include/service/privacy_manager_service.h
index 08a785cf79b3feeb759cd99bf46a0dbc0c3cd9e9..7c4b2f6d3c256a056e282d6d2c1f0a1ba04b3ecc 100644
--- a/services/privacymanager/include/service/privacy_manager_service.h
+++ b/services/privacymanager/include/service/privacy_manager_service.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2022-2023 Huawei Device Co., Ltd.
+ * Copyright (c) 2022-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -40,30 +40,25 @@ public:
     void OnStart() override;
     void OnStop() override;
 
-    int32_t AddPermissionUsedRecord(const AddPermParamInfoParcel& infoParcel, bool asyncMode = false) override;
-    int32_t SetPermissionUsedRecordToggleStatus(int32_t userID, bool status) override;
-    int32_t GetPermissionUsedRecordToggleStatus(int32_t userID, bool& status) override;
+    int32_t AddPermissionUsedRecord(const AddPermParamInfoParcel& infoParcel) override;
+    int32_t AddPermissionUsedRecordAsync(const AddPermParamInfoParcel& infoParcel) override;
     int32_t StartUsingPermission(const PermissionUsedTypeInfoParcel &infoParcel,
         const sptr<IRemoteObject>& anonyStub) override;
-    int32_t StartUsingPermission(const PermissionUsedTypeInfoParcel &infoParcel,
+    int32_t StartUsingPermissionCallback(const PermissionUsedTypeInfoParcel &infoParcel,
         const sptr<IRemoteObject>& callback, const sptr<IRemoteObject>& anonyStub) override;
+    int32_t SetPermissionUsedRecordToggleStatus(int32_t userID, bool status) override;
+    int32_t GetPermissionUsedRecordToggleStatus(int32_t userID, bool& status) override;
     int32_t StopUsingPermission(AccessTokenID tokenId, int32_t pid, const std::string& permissionName) override;
     int32_t RemovePermissionUsedRecords(AccessTokenID tokenId) override;
     int32_t GetPermissionUsedRecords(
-        const PermissionUsedRequestParcel& request, PermissionUsedResultParcel& result) override;
-    int32_t GetPermissionUsedRecords(
+        const PermissionUsedRequestParcel& request, PermissionUsedResultParcel& resultParcel) override;
+    int32_t GetPermissionUsedRecordsAsync(
         const PermissionUsedRequestParcel& request, const sptr<OnPermissionUsedRecordCallback>& callback) override;
     int32_t RegisterPermActiveStatusCallback(
-        std::vector<std::string>& permList, const sptr<IRemoteObject>& callback) override;
+        const std::vector<std::string>& permList, const sptr<IRemoteObject>& callback) override;
     int32_t UnRegisterPermActiveStatusCallback(const sptr<IRemoteObject>& callback) override;
-#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE
-    int32_t RegisterSecCompEnhance(const SecCompEnhanceDataParcel& enhanceParcel) override;
-    int32_t UpdateSecCompEnhance(int32_t pid, uint32_t seqNum) override;
-    int32_t GetSecCompEnhance(int32_t pid, SecCompEnhanceDataParcel& enhanceParcel) override;
-    int32_t GetSpecialSecCompEnhance(const std::string& bundleName,
-        std::vector<SecCompEnhanceDataParcel>& enhanceParcelList) override;
-#endif
-    bool IsAllowedUsingPermission(AccessTokenID tokenId, const std::string& permissionName, int32_t pid) override;
+    int32_t IsAllowedUsingPermission(
+        AccessTokenID tokenId, const std::string& permissionName, int32_t pid, bool& isAllowed) override;
     int32_t GetPermissionUsedTypeInfos(const AccessTokenID tokenId, const std::string& permissionName,
         std::vector<PermissionUsedTypeInfoParcel>& resultsParcel) override;
     int32_t Dump(int32_t fd, const std::vector<std::u16string>& args) override;
@@ -77,6 +72,14 @@ private:
     void ProcessProxyDeathStub(const sptr<IRemoteObject>& anonyStub, int32_t callerPid);
     void ReleaseDeathStub(int32_t callerPid);
 
+    bool IsPrivilegedCalling() const;
+    bool IsAccessTokenCalling() const;
+    bool IsSystemAppCalling() const;
+    bool VerifyPermission(const std::string& permission) const;
+    static const int32_t ACCESSTOKEN_UID = 3020;
+    AccessTokenID secCompTokenId_ = 0;
+    static const int32_t ROOT_UID = 0;
+
     ServiceRunningState state_;
 
 #ifdef EVENTHANDLER_ENABLE
diff --git a/services/privacymanager/include/service/privacy_manager_stub.h b/services/privacymanager/include/service/privacy_manager_stub.h
deleted file mode 100644
index a79b423c7270a4911afabe0c34fa873a06f2c606..0000000000000000000000000000000000000000
--- a/services/privacymanager/include/service/privacy_manager_stub.h
+++ /dev/null
@@ -1,77 +0,0 @@
-/*
- * Copyright (c) 2022-2024 Huawei Device Co., Ltd.
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef PRIVACY_MANAGER_STUB_H
-#define PRIVACY_MANAGER_STUB_H
-
-#include <map>
-
-#include "i_privacy_manager.h"
-#include "iremote_stub.h"
-#include "nocopyable.h"
-
-namespace OHOS {
-namespace Security {
-namespace AccessToken {
-class PrivacyManagerStub : public IRemoteStub<IPrivacyManager> {
-public:
-    PrivacyManagerStub();
-    virtual ~PrivacyManagerStub() = default;
-
-    int32_t OnRemoteRequest(uint32_t code, MessageParcel& data, MessageParcel& reply, MessageOption& option) override;
-
-private:
-    void AddPermissionUsedRecordInner(MessageParcel& data, MessageParcel& reply);
-    void SetPermissionUsedRecordToggleStatusInner(MessageParcel& data, MessageParcel& reply);
-    void GetPermissionUsedRecordToggleStatusInner(MessageParcel& data, MessageParcel& reply);
-    void StartUsingPermissionInner(MessageParcel& data, MessageParcel& reply);
-    void StartUsingPermissionCallbackInner(MessageParcel& data, MessageParcel& reply);
-    void StopUsingPermissionInner(MessageParcel& data, MessageParcel& reply);
-    void RemovePermissionUsedRecordsInner(MessageParcel& data, MessageParcel& reply);
-    void GetPermissionUsedRecordsInner(MessageParcel& data, MessageParcel& reply);
-    void GetPermissionUsedRecordsAsyncInner(MessageParcel& data, MessageParcel& reply);
-    void RegisterPermActiveStatusCallbackInner(MessageParcel& data, MessageParcel& reply);
-    void UnRegisterPermActiveStatusCallbackInner(MessageParcel& data, MessageParcel& reply);
-    void IsAllowedUsingPermissionInner(MessageParcel& data, MessageParcel& reply);
-#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE
-    void RegisterSecCompEnhanceInner(MessageParcel& data, MessageParcel& reply);
-    void UpdateSecCompEnhanceInner(MessageParcel& data, MessageParcel& reply);
-    void GetSecCompEnhanceInner(MessageParcel& data, MessageParcel& reply);
-    void GetSpecialSecCompEnhanceInner(MessageParcel& data, MessageParcel& reply);
-    bool IsSecCompServiceCalling();
-#endif
-    void GetPermissionUsedTypeInfosInner(MessageParcel& data, MessageParcel& reply);
-    void SetMutePolicyInner(MessageParcel& data, MessageParcel& reply);
-    void SetHapWithFGReminderInner(MessageParcel& data, MessageParcel& reply);
-    bool IsPrivilegedCalling() const;
-    bool IsAccessTokenCalling() const;
-    bool IsSystemAppCalling() const;
-    bool VerifyPermission(const std::string& permission) const;
-    static const int32_t ACCESSTOKEN_UID = 3020;
-#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE
-    AccessTokenID secCompTokenId_ = 0;
-#endif
-    void SetPrivacyFuncInMap();
-#ifndef ATM_BUILD_VARIANT_USER_ENABLE
-    static const int32_t ROOT_UID = 0;
-#endif
-
-    using RequestType = void (PrivacyManagerStub::*)(MessageParcel &data, MessageParcel &reply);
-    std::map<uint32_t, RequestType> requestMap_;
-};
-} // namespace AccessToken
-} // namespace Security
-} // namespace OHOS
-#endif // PRIVACY_MANAGER_STUB_H
diff --git a/services/privacymanager/src/active/active_status_callback_manager.cpp b/services/privacymanager/src/active/active_status_callback_manager.cpp
index d5e926725a7d423c482cbb29bafa7516126ab0ac..3c1a8ac984003a33701123d52a6ceaceed1d9407 100644
--- a/services/privacymanager/src/active/active_status_callback_manager.cpp
+++ b/services/privacymanager/src/active/active_status_callback_manager.cpp
@@ -154,12 +154,6 @@ void ActiveStatusCallbackManager::ActiveStatusChange(ActiveChangeResponse& info)
 
 void ActiveStatusCallbackManager::ExecuteCallbackAsync(ActiveChangeResponse& info)
 {
-    if (info.type == PERM_ACTIVE_IN_BACKGROUND) {
-        HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "PERMISSION_CHECK_EVENT",
-            HiviewDFX::HiSysEvent::EventType::BEHAVIOR, "CODE", BACKGROUND_CALL_EVENT,
-            "CALLER_TOKENID", info.tokenID, "PERMISSION_NAME", info.permissionName, "REASON", "background call");
-    }
-
 #ifdef EVENTHANDLER_ENABLE
     if (eventHandler_ == nullptr) {
         LOGE(PRI_DOMAIN, PRI_TAG, "Fail to get EventHandler");
diff --git a/services/privacymanager/src/record/permission_record_manager.cpp b/services/privacymanager/src/record/permission_record_manager.cpp
index c4ab4f4851c412a1c8d8097e4d2928aef740c888..9dfd852a01548233fb30863b5cfdede8c8e5da2d 100644
--- a/services/privacymanager/src/record/permission_record_manager.cpp
+++ b/services/privacymanager/src/record/permission_record_manager.cpp
@@ -649,6 +649,9 @@ int32_t PermissionRecordManager::GetPermissionUsedRecords(
 int32_t PermissionRecordManager::GetPermissionUsedRecordsAsync(
     const PermissionUsedRequest& request, const sptr<OnPermissionUsedRecordCallback>& callback)
 {
+    if (callback == nullptr) {
+        return PrivacyError::ERR_PARAM_INVALID;
+    }
     auto task = [request, callback]() {
         LOGI(PRI_DOMAIN, PRI_TAG, "GetPermissionUsedRecordsAsync task called");
         PermissionUsedResult result;
diff --git a/services/privacymanager/src/service/privacy_manager_service.cpp b/services/privacymanager/src/service/privacy_manager_service.cpp
index 1eb81c9e76e835f8a8103157c5a89143f30cf2ef..046b6b4c880a18ba7e63df881a25a2b13d43dcdc 100644
--- a/services/privacymanager/src/service/privacy_manager_service.cpp
+++ b/services/privacymanager/src/service/privacy_manager_service.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2022-2024 Huawei Device Co., Ltd.
+ * Copyright (c) 2022-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -19,6 +19,7 @@
 #include <cstring>
 
 #include "access_token.h"
+#include "accesstoken_kit.h"
 #include "accesstoken_common_log.h"
 #include "active_status_callback_manager.h"
 #include "ipc_skeleton.h"
@@ -29,16 +30,24 @@
 #include "constant.h"
 #include "ipc_skeleton.h"
 #include "permission_record_manager.h"
+#include "privacy_error.h"
 #include "privacy_manager_proxy_death_param.h"
-#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE
-#include "privacy_sec_comp_enhance_agent.h"
-#endif
 #include "system_ability_definition.h"
 #include "string_ex.h"
+#include "tokenid_kit.h"
 
 namespace OHOS {
 namespace Security {
 namespace AccessToken {
+namespace {
+constexpr const char* PERMISSION_USED_STATS = "ohos.permission.PERMISSION_USED_STATS";
+constexpr const char* PERMISSION_RECORD_TOGGLE = "ohos.permission.PERMISSION_RECORD_TOGGLE";
+constexpr const char* SET_FOREGROUND_HAP_REMINDER = "ohos.permission.SET_FOREGROUND_HAP_REMINDER";
+constexpr const char* SET_MUTE_POLICY = "ohos.permission.SET_MUTE_POLICY";
+static const int32_t SA_ID_PRIVACY_MANAGER_SERVICE = 3505;
+static const uint32_t MAX_PERMISSION_USED_TYPE_SIZE = 2000;
+static const uint32_t PERM_LIST_SIZE_MAX = 1024;
+}
 
 const bool REGISTER_RESULT =
     SystemAbility::MakeAndRegisterAbility(DelayedSingleton<PrivacyManagerService>::GetInstance().get());
@@ -87,9 +96,16 @@ void PrivacyManagerService::OnStop()
     state_ = ServiceRunningState::STATE_NOT_START;
 }
 
-int32_t PrivacyManagerService::AddPermissionUsedRecord(const AddPermParamInfoParcel& infoParcel,
-    bool asyncMode)
+int32_t PrivacyManagerService::AddPermissionUsedRecord(const AddPermParamInfoParcel& infoParcel)
 {
+    uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID();
+    if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) {
+        return PrivacyError::ERR_NOT_SYSTEM_APP;
+    }
+    if (!VerifyPermission(PERMISSION_USED_STATS)) {
+        return PrivacyError::ERR_PERMISSION_DENIED;
+    }
+
     LOGD(PRI_DOMAIN, PRI_TAG, "id: %{public}d, perm: %{public}s, succCnt: %{public}d,"
         " failCnt: %{public}d, type: %{public}d", infoParcel.info.tokenId, infoParcel.info.permissionName.c_str(),
         infoParcel.info.successCount, infoParcel.info.failCount, infoParcel.info.type);
@@ -97,14 +113,43 @@ int32_t PrivacyManagerService::AddPermissionUsedRecord(const AddPermParamInfoPar
     return PermissionRecordManager::GetInstance().AddPermissionUsedRecord(info);
 }
 
+int32_t PrivacyManagerService::AddPermissionUsedRecordAsync(const AddPermParamInfoParcel& infoParcel)
+{
+    return AddPermissionUsedRecord(infoParcel);
+}
+
 int32_t PrivacyManagerService::SetPermissionUsedRecordToggleStatus(int32_t userID, bool status)
 {
+    uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID();
+    if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) {
+        return PrivacyError::ERR_NOT_SYSTEM_APP;
+    }
+    if (!IsPrivilegedCalling() && !VerifyPermission(PERMISSION_RECORD_TOGGLE)) {
+        return PrivacyError::ERR_PERMISSION_DENIED;
+    }
+    if (userID != 0 && !IsPrivilegedCalling()) {
+        LOGE(PRI_DOMAIN, PRI_TAG, "User version only get calling userID.");
+        return PrivacyError::ERR_PERMISSION_DENIED;
+    }
+
     LOGI(PRI_DOMAIN, PRI_TAG, "userID: %{public}d, status: %{public}d", userID, status ? 1 : 0);
     return PermissionRecordManager::GetInstance().SetPermissionUsedRecordToggleStatus(userID, status);
 }
 
 int32_t PrivacyManagerService::GetPermissionUsedRecordToggleStatus(int32_t userID, bool& status)
 {
+    uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID();
+    if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) {
+        return PrivacyError::ERR_NOT_SYSTEM_APP;
+    }
+    if (!IsPrivilegedCalling() && !VerifyPermission(PERMISSION_USED_STATS)) {
+        return PrivacyError::ERR_PERMISSION_DENIED;
+    }
+    if (userID != 0 && !IsPrivilegedCalling()) {
+        LOGE(PRI_DOMAIN, PRI_TAG, "User version only get calling userID.");
+        return PrivacyError::ERR_PERMISSION_DENIED;
+    }
+
     LOGD(PRI_DOMAIN, PRI_TAG, "userID: %{public}d, status: %{public}d", userID, status ? 1 : 0);
     return PermissionRecordManager::GetInstance().GetPermissionUsedRecordToggleStatus(userID, status);
 }
@@ -155,15 +200,31 @@ void PrivacyManagerService::ReleaseDeathStub(int32_t callerPid)
 int32_t PrivacyManagerService::StartUsingPermission(
     const PermissionUsedTypeInfoParcel &infoParcel, const sptr<IRemoteObject>& anonyStub)
 {
+    uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID();
+    if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) {
+        return PrivacyError::ERR_NOT_SYSTEM_APP;
+    }
+    if (!VerifyPermission(PERMISSION_USED_STATS)) {
+        return PrivacyError::ERR_PERMISSION_DENIED;
+    }
+
     int32_t callerPid = IPCSkeleton::GetCallingPid();
     LOGI(PRI_DOMAIN, PRI_TAG, "Caller pid = %{public}d.", callerPid);
     ProcessProxyDeathStub(anonyStub, callerPid);
     return PermissionRecordManager::GetInstance().StartUsingPermission(infoParcel.info, callerPid);
 }
 
-int32_t PrivacyManagerService::StartUsingPermission(const PermissionUsedTypeInfoParcel &infoParcel,
+int32_t PrivacyManagerService::StartUsingPermissionCallback(const PermissionUsedTypeInfoParcel &infoParcel,
     const sptr<IRemoteObject>& callback, const sptr<IRemoteObject>& anonyStub)
 {
+    uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID();
+    if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) {
+        return PrivacyError::ERR_NOT_SYSTEM_APP;
+    }
+    if (!VerifyPermission(PERMISSION_USED_STATS)) {
+        return PrivacyError::ERR_PERMISSION_DENIED;
+    }
+
     int32_t callerPid = IPCSkeleton::GetCallingPid();
     LOGI(PRI_DOMAIN, PRI_TAG, "Caller pid = %{public}d.", callerPid);
     ProcessProxyDeathStub(anonyStub, callerPid);
@@ -173,6 +234,14 @@ int32_t PrivacyManagerService::StartUsingPermission(const PermissionUsedTypeInfo
 int32_t PrivacyManagerService::StopUsingPermission(
     AccessTokenID tokenId, int32_t pid, const std::string& permissionName)
 {
+    uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID();
+    if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) {
+        return PrivacyError::ERR_NOT_SYSTEM_APP;
+    }
+    if (!VerifyPermission(PERMISSION_USED_STATS)) {
+        return PrivacyError::ERR_PERMISSION_DENIED;
+    }
+
     LOGI(PRI_DOMAIN, PRI_TAG, "id: %{public}u, pid: %{public}d, perm: %{public}s",
         tokenId, pid, permissionName.c_str());
     int32_t callerPid = IPCSkeleton::GetCallingPid();
@@ -189,14 +258,30 @@ int32_t PrivacyManagerService::StopUsingPermission(
 
 int32_t PrivacyManagerService::RemovePermissionUsedRecords(AccessTokenID tokenId)
 {
+    uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID();
+    if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) {
+        return PrivacyError::ERR_NOT_SYSTEM_APP;
+    }
+    if (!IsAccessTokenCalling() && !VerifyPermission(PERMISSION_USED_STATS)) {
+        return PrivacyError::ERR_PERMISSION_DENIED;
+    }
+
     LOGI(PRI_DOMAIN, PRI_TAG, "id: %{public}u", tokenId);
     PermissionRecordManager::GetInstance().RemovePermissionUsedRecords(tokenId);
     return Constant::SUCCESS;
 }
 
 int32_t PrivacyManagerService::GetPermissionUsedRecords(
-    const PermissionUsedRequestParcel& request, PermissionUsedResultParcel& result)
+    const PermissionUsedRequestParcel& request, PermissionUsedResultParcel& resultParcel)
 {
+    uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID();
+    if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) {
+        return PrivacyError::ERR_NOT_SYSTEM_APP;
+    }
+    if (!VerifyPermission(PERMISSION_USED_STATS)) {
+        return PrivacyError::ERR_PERMISSION_DENIED;
+    }
+
     std::string permissionList;
     for (const auto& perm : request.request.permissionList) {
         permissionList.append(perm);
@@ -208,62 +293,44 @@ int32_t PrivacyManagerService::GetPermissionUsedRecords(
 
     PermissionUsedResult permissionRecord;
     int32_t ret =  PermissionRecordManager::GetInstance().GetPermissionUsedRecords(request.request, permissionRecord);
-    result.result = permissionRecord;
+    resultParcel.result = permissionRecord;
     return ret;
 }
 
-int32_t PrivacyManagerService::GetPermissionUsedRecords(
+int32_t PrivacyManagerService::GetPermissionUsedRecordsAsync(
     const PermissionUsedRequestParcel& request, const sptr<OnPermissionUsedRecordCallback>& callback)
 {
+    uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID();
+    if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) {
+        return PrivacyError::ERR_NOT_SYSTEM_APP;
+    }
+    if (!VerifyPermission(PERMISSION_USED_STATS)) {
+        return PrivacyError::ERR_PERMISSION_DENIED;
+    }
+
     LOGD(PRI_DOMAIN, PRI_TAG, "id: %{public}d", request.request.tokenId);
     return PermissionRecordManager::GetInstance().GetPermissionUsedRecordsAsync(request.request, callback);
 }
 
 int32_t PrivacyManagerService::RegisterPermActiveStatusCallback(
-    std::vector<std::string>& permList, const sptr<IRemoteObject>& callback)
+    const std::vector<std::string>& permList, const sptr<IRemoteObject>& callback)
 {
-    return PermissionRecordManager::GetInstance().RegisterPermActiveStatusCallback(
-        IPCSkeleton::GetCallingTokenID(), permList, callback);
-}
-
-#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE
-int32_t PrivacyManagerService::RegisterSecCompEnhance(const SecCompEnhanceDataParcel& enhanceParcel)
-{
-    LOGI(PRI_DOMAIN, PRI_TAG, "Pid: %{public}d", enhanceParcel.enhanceData.pid);
-    return PrivacySecCompEnhanceAgent::GetInstance().RegisterSecCompEnhance(enhanceParcel.enhanceData);
-}
-
-int32_t PrivacyManagerService::UpdateSecCompEnhance(int32_t pid, uint32_t seqNum)
-{
-    return PrivacySecCompEnhanceAgent::GetInstance().UpdateSecCompEnhance(pid, seqNum);
-}
-
-int32_t PrivacyManagerService::GetSecCompEnhance(int32_t pid, SecCompEnhanceDataParcel& enhanceParcel)
-{
-    SecCompEnhanceData enhanceData;
-    int32_t res = PrivacySecCompEnhanceAgent::GetInstance().GetSecCompEnhance(pid, enhanceData);
-    if (res != RET_SUCCESS) {
-        LOGW(PRI_DOMAIN, PRI_TAG, "Pid: %{public}d get enhance failed ", pid);
-        return res;
+    uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID();
+    if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) {
+        return PrivacyError::ERR_NOT_SYSTEM_APP;
+    }
+    if (!VerifyPermission(PERMISSION_USED_STATS)) {
+        return PrivacyError::ERR_PERMISSION_DENIED;
     }
 
-    enhanceParcel.enhanceData = enhanceData;
-    return RET_SUCCESS;
-}
-
-int32_t PrivacyManagerService::GetSpecialSecCompEnhance(const std::string& bundleName,
-    std::vector<SecCompEnhanceDataParcel>& enhanceParcelList)
-{
-    std::vector<SecCompEnhanceData> enhanceList;
-    PrivacySecCompEnhanceAgent::GetInstance().GetSpecialSecCompEnhance(bundleName, enhanceList);
-    for (const auto& enhance : enhanceList) {
-        SecCompEnhanceDataParcel parcel;
-        parcel.enhanceData = enhance;
-        enhanceParcelList.emplace_back(parcel);
+    if (permList.size() > PERM_LIST_SIZE_MAX) {
+        LOGE(PRI_DOMAIN, PRI_TAG, "permList oversize");
+        return PrivacyError::ERR_OVERSIZE;
     }
-    return RET_SUCCESS;
+
+    return PermissionRecordManager::GetInstance().RegisterPermActiveStatusCallback(
+        IPCSkeleton::GetCallingTokenID(), permList, callback);
 }
-#endif
 
 int32_t PrivacyManagerService::ResponseDumpCommand(int32_t fd, const std::vector<std::u16string>& args)
 {
@@ -334,20 +401,48 @@ int32_t PrivacyManagerService::Dump(int32_t fd, const std::vector<std::u16string
 
 int32_t PrivacyManagerService::UnRegisterPermActiveStatusCallback(const sptr<IRemoteObject>& callback)
 {
+    uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID();
+    if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) {
+        return PrivacyError::ERR_NOT_SYSTEM_APP;
+    }
+    if (!VerifyPermission(PERMISSION_USED_STATS)) {
+        return PrivacyError::ERR_PERMISSION_DENIED;
+    }
+
     return PermissionRecordManager::GetInstance().UnRegisterPermActiveStatusCallback(callback);
 }
 
-bool PrivacyManagerService::IsAllowedUsingPermission(AccessTokenID tokenId, const std::string& permissionName,
-    int32_t pid)
+int32_t PrivacyManagerService::IsAllowedUsingPermission(AccessTokenID tokenId, const std::string& permissionName,
+    int32_t pid, bool& isAllowed)
 {
+    uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID();
+    if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) {
+        LOGE(PRI_DOMAIN, PRI_TAG, "Permission denied(tokenID=%{public}d)", callingTokenID);
+        return PrivacyError::ERR_NOT_SYSTEM_APP;
+    }
+    if (!VerifyPermission(PERMISSION_USED_STATS)) {
+        return PrivacyError::ERR_PERMISSION_DENIED;
+    }
+
     LOGI(PRI_DOMAIN, PRI_TAG, "Id: %{public}d, perm: %{public}s, pid: %{public}d.",
         tokenId, permissionName.c_str(), pid);
-    return PermissionRecordManager::GetInstance().IsAllowedUsingPermission(tokenId, permissionName, pid);
+    isAllowed = PermissionRecordManager::GetInstance().IsAllowedUsingPermission(tokenId, permissionName, pid);
+    return ERR_OK;
 }
 
 int32_t PrivacyManagerService::SetMutePolicy(uint32_t policyType, uint32_t callerType, bool isMute,
     AccessTokenID tokenID)
 {
+    AccessTokenID callingTokenID = IPCSkeleton::GetCallingTokenID();
+    if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) != TOKEN_NATIVE) &&
+        (AccessTokenKit::GetTokenTypeFlag(callingTokenID) != TOKEN_SHELL)) {
+        return PrivacyError::ERR_PERMISSION_DENIED;
+    }
+
+    if (!VerifyPermission(SET_MUTE_POLICY)) {
+        return PrivacyError::ERR_PERMISSION_DENIED;
+    }
+
     LOGI(PRI_DOMAIN, PRI_TAG, "PolicyType %{public}d, callerType %{public}d, isMute %{public}d, tokenId %{public}u",
         policyType, callerType, isMute, tokenID);
     return PermissionRecordManager::GetInstance().SetMutePolicy(
@@ -356,6 +451,10 @@ int32_t PrivacyManagerService::SetMutePolicy(uint32_t policyType, uint32_t calle
 
 int32_t PrivacyManagerService::SetHapWithFGReminder(uint32_t tokenId, bool isAllowed)
 {
+    if (!VerifyPermission(SET_FOREGROUND_HAP_REMINDER)) {
+        return PrivacyError::ERR_PERMISSION_DENIED;
+    }
+
     LOGI(PRI_DOMAIN, PRI_TAG, "id: %{public}d, isAllowed: %{public}d", tokenId, isAllowed);
     return PermissionRecordManager::GetInstance().SetHapWithFGReminder(tokenId, isAllowed);
 }
@@ -363,14 +462,25 @@ int32_t PrivacyManagerService::SetHapWithFGReminder(uint32_t tokenId, bool isAll
 int32_t PrivacyManagerService::GetPermissionUsedTypeInfos(const AccessTokenID tokenId,
     const std::string& permissionName, std::vector<PermissionUsedTypeInfoParcel>& resultsParcel)
 {
-    LOGD(PRI_DOMAIN, PRI_TAG, "id: %{public}d, perm: %{public}s", tokenId, permissionName.c_str());
+    uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID();
+    if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) {
+        return PrivacyError::ERR_NOT_SYSTEM_APP;
+    }
+    if (!VerifyPermission(PERMISSION_USED_STATS)) {
+        return PrivacyError::ERR_PERMISSION_DENIED;
+    }
 
+    LOGD(PRI_DOMAIN, PRI_TAG, "id: %{public}d, perm: %{public}s", tokenId, permissionName.c_str());
     std::vector<PermissionUsedTypeInfo> results;
     int32_t res = PermissionRecordManager::GetInstance().GetPermissionUsedTypeInfos(tokenId, permissionName, results);
     if (res != RET_SUCCESS) {
         return res;
     }
 
+    if (results.size() > MAX_PERMISSION_USED_TYPE_SIZE) {
+        return PrivacyError::ERR_OVERSIZE;
+    }
+
     for (const auto& result : results) {
         PermissionUsedTypeInfoParcel parcel;
         parcel.info = result;
@@ -411,6 +521,39 @@ bool PrivacyManagerService::Initialize()
 #endif
     return true;
 }
+
+bool PrivacyManagerService::IsPrivilegedCalling() const
+{
+    // shell process is root in debug mode.
+#ifndef ATM_BUILD_VARIANT_USER_ENABLE
+    int32_t callingUid = IPCSkeleton::GetCallingUid();
+    return callingUid == ROOT_UID;
+#else
+    return false;
+#endif
+}
+
+bool PrivacyManagerService::IsAccessTokenCalling() const
+{
+    int32_t callingUid = IPCSkeleton::GetCallingUid();
+    return callingUid == ACCESSTOKEN_UID;
+}
+
+bool PrivacyManagerService::IsSystemAppCalling() const
+{
+    uint64_t fullTokenId = IPCSkeleton::GetCallingFullTokenID();
+    return TokenIdKit::IsSystemAppByFullTokenID(fullTokenId);
+}
+
+bool PrivacyManagerService::VerifyPermission(const std::string& permission) const
+{
+    uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID();
+    if (AccessTokenKit::VerifyAccessToken(callingTokenID, permission) == PERMISSION_DENIED) {
+        LOGE(PRI_DOMAIN, PRI_TAG, "Permission denied(callingTokenID=%{public}d)", callingTokenID);
+        return false;
+    }
+    return true;
+}
 } // namespace AccessToken
 } // namespace Security
 } // namespace OHOS
diff --git a/services/privacymanager/src/service/privacy_manager_stub.cpp b/services/privacymanager/src/service/privacy_manager_stub.cpp
deleted file mode 100644
index 2f16edfa53afbd245c261dfeb513d26bebe25d75..0000000000000000000000000000000000000000
--- a/services/privacymanager/src/service/privacy_manager_stub.cpp
+++ /dev/null
@@ -1,605 +0,0 @@
-/*
- * Copyright (c) 2022-2023 Huawei Device Co., Ltd.
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include "privacy_manager_stub.h"
-
-#include "accesstoken_kit.h"
-#include "accesstoken_common_log.h"
-#include "ipc_skeleton.h"
-#include "memory_guard.h"
-#include "on_permission_used_record_callback_proxy.h"
-#include "privacy_error.h"
-#include "privacy_manager_proxy_death_param.h"
-#include "string_ex.h"
-#include "tokenid_kit.h"
-
-namespace OHOS {
-namespace Security {
-namespace AccessToken {
-namespace {
-static const uint32_t PERM_LIST_SIZE_MAX = 1024;
-constexpr const char* PERMISSION_USED_STATS = "ohos.permission.PERMISSION_USED_STATS";
-constexpr const char* PERMISSION_RECORD_TOGGLE = "ohos.permission.PERMISSION_RECORD_TOGGLE";
-constexpr const char* SET_FOREGROUND_HAP_REMINDER = "ohos.permission.SET_FOREGROUND_HAP_REMINDER";
-constexpr const char* SET_MUTE_POLICY = "ohos.permission.SET_MUTE_POLICY";
-}
-
-PrivacyManagerStub::PrivacyManagerStub()
-{
-    SetPrivacyFuncInMap();
-}
-
-void PrivacyManagerStub::SetPrivacyFuncInMap()
-{
-    requestMap_[static_cast<uint32_t>(PrivacyInterfaceCode::ADD_PERMISSION_USED_RECORD)] =
-        &PrivacyManagerStub::AddPermissionUsedRecordInner;
-    requestMap_[static_cast<uint32_t>(PrivacyInterfaceCode::START_USING_PERMISSION)] =
-        &PrivacyManagerStub::StartUsingPermissionInner;
-    requestMap_[static_cast<uint32_t>(PrivacyInterfaceCode::START_USING_PERMISSION_CALLBACK)] =
-        &PrivacyManagerStub::StartUsingPermissionCallbackInner;
-    requestMap_[static_cast<uint32_t>(PrivacyInterfaceCode::STOP_USING_PERMISSION)] =
-        &PrivacyManagerStub::StopUsingPermissionInner;
-    requestMap_[static_cast<uint32_t>(PrivacyInterfaceCode::DELETE_PERMISSION_USED_RECORDS)] =
-        &PrivacyManagerStub::RemovePermissionUsedRecordsInner;
-    requestMap_[static_cast<uint32_t>(PrivacyInterfaceCode::GET_PERMISSION_USED_RECORDS)] =
-        &PrivacyManagerStub::GetPermissionUsedRecordsInner;
-    requestMap_[static_cast<uint32_t>(PrivacyInterfaceCode::GET_PERMISSION_USED_RECORDS_ASYNC)] =
-        &PrivacyManagerStub::GetPermissionUsedRecordsAsyncInner;
-    requestMap_[static_cast<uint32_t>(PrivacyInterfaceCode::REGISTER_PERM_ACTIVE_STATUS_CHANGE_CALLBACK)] =
-        &PrivacyManagerStub::RegisterPermActiveStatusCallbackInner;
-    requestMap_[static_cast<uint32_t>(PrivacyInterfaceCode::UNREGISTER_PERM_ACTIVE_STATUS_CHANGE_CALLBACK)] =
-        &PrivacyManagerStub::UnRegisterPermActiveStatusCallbackInner;
-    requestMap_[static_cast<uint32_t>(PrivacyInterfaceCode::IS_ALLOWED_USING_PERMISSION)] =
-        &PrivacyManagerStub::IsAllowedUsingPermissionInner;
-#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE
-    requestMap_[static_cast<uint32_t>(PrivacyInterfaceCode::REGISTER_SEC_COMP_ENHANCE)] =
-        &PrivacyManagerStub::RegisterSecCompEnhanceInner;
-    requestMap_[static_cast<uint32_t>(PrivacyInterfaceCode::UPDATE_SEC_COMP_ENHANCE)] =
-        &PrivacyManagerStub::UpdateSecCompEnhanceInner;
-    requestMap_[static_cast<uint32_t>(PrivacyInterfaceCode::GET_SEC_COMP_ENHANCE)] =
-        &PrivacyManagerStub::GetSecCompEnhanceInner;
-    requestMap_[static_cast<uint32_t>(PrivacyInterfaceCode::GET_SPECIAL_SEC_COMP_ENHANCE)] =
-        &PrivacyManagerStub::GetSpecialSecCompEnhanceInner;
-#endif
-    requestMap_[static_cast<uint32_t>(PrivacyInterfaceCode::GET_PERMISSION_USED_TYPE_INFOS)] =
-        &PrivacyManagerStub::GetPermissionUsedTypeInfosInner;
-    requestMap_[static_cast<uint32_t>(PrivacyInterfaceCode::SET_MUTE_POLICY)] =
-        &PrivacyManagerStub::SetMutePolicyInner;
-    requestMap_[static_cast<uint32_t>(PrivacyInterfaceCode::SET_HAP_WITH_FOREGROUND_REMINDER)] =
-        &PrivacyManagerStub::SetHapWithFGReminderInner;
-    requestMap_[static_cast<uint32_t>(PrivacyInterfaceCode::SET_PERMISSION_USED_RECORD_TOGGLE_STATUS)] =
-        &PrivacyManagerStub::SetPermissionUsedRecordToggleStatusInner;
-    requestMap_[static_cast<uint32_t>(PrivacyInterfaceCode::GET_PERMISSION_USED_RECORD_TOGGLE_STATUS)] =
-        &PrivacyManagerStub::GetPermissionUsedRecordToggleStatusInner;
-}
-int32_t PrivacyManagerStub::OnRemoteRequest(
-    uint32_t code, MessageParcel& data, MessageParcel& reply, MessageOption& option)
-{
-    MemoryGuard cacheGuard;
-    std::u16string descriptor = data.ReadInterfaceToken();
-    if (descriptor != IPrivacyManager::GetDescriptor()) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Get unexpect descriptor: %{public}s", Str16ToStr8(descriptor).c_str());
-        return ERROR_IPC_REQUEST_FAIL;
-    }
-
-    auto itFunc = requestMap_.find(code);
-    if (itFunc != requestMap_.end()) {
-        auto requestFunc = itFunc->second;
-        if (requestFunc != nullptr) {
-            (this->*requestFunc)(data, reply);
-            return NO_ERROR;
-        }
-    }
-
-    return IPCObjectStub::OnRemoteRequest(code, data, reply, option);
-}
-
-void PrivacyManagerStub::AddPermissionUsedRecordInner(MessageParcel& data, MessageParcel& reply)
-{
-    uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID();
-    if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) {
-        reply.WriteInt32(PrivacyError::ERR_NOT_SYSTEM_APP);
-        return;
-    }
-    if (!VerifyPermission(PERMISSION_USED_STATS)) {
-        reply.WriteInt32(PrivacyError::ERR_PERMISSION_DENIED);
-        return;
-    }
-    sptr<AddPermParamInfoParcel> infoParcel = data.ReadParcelable<AddPermParamInfoParcel>();
-    if (infoParcel == nullptr) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "ReadParcelable faild");
-        reply.WriteInt32(PrivacyError::ERR_READ_PARCEL_FAILED);
-        return;
-    }
-    reply.WriteInt32(this->AddPermissionUsedRecord(*infoParcel));
-}
-
-void PrivacyManagerStub::SetPermissionUsedRecordToggleStatusInner(MessageParcel& data, MessageParcel& reply)
-{
-    uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID();
-    if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) {
-        reply.WriteInt32(PrivacyError::ERR_NOT_SYSTEM_APP);
-        return;
-    }
-    if (!IsPrivilegedCalling() && !VerifyPermission(PERMISSION_RECORD_TOGGLE)) {
-        reply.WriteInt32(PrivacyError::ERR_PERMISSION_DENIED);
-        return;
-    }
-    int32_t userID = 0;
-    if (!data.ReadInt32(userID)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to read userId.");
-        reply.WriteInt32(PrivacyError::ERR_READ_PARCEL_FAILED);
-        return;
-    }
-    if (userID != 0 && !IsPrivilegedCalling()) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "User version only get calling userID.");
-        reply.WriteInt32(PrivacyError::ERR_PERMISSION_DENIED);
-        return;
-    }
-    bool status = true;
-    if (!data.ReadBool(status)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to read status.");
-        reply.WriteInt32(PrivacyError::ERR_READ_PARCEL_FAILED);
-        return;
-    }
-    reply.WriteInt32(this->SetPermissionUsedRecordToggleStatus(userID, status));
-}
-
-void PrivacyManagerStub::GetPermissionUsedRecordToggleStatusInner(MessageParcel& data, MessageParcel& reply)
-{
-    uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID();
-    if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) {
-        reply.WriteInt32(PrivacyError::ERR_NOT_SYSTEM_APP);
-        return;
-    }
-    if (!IsPrivilegedCalling() && !VerifyPermission(PERMISSION_USED_STATS)) {
-        reply.WriteInt32(PrivacyError::ERR_PERMISSION_DENIED);
-        return;
-    }
-    int32_t userID = 0;
-    if (!data.ReadInt32(userID)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to read userId.");
-        reply.WriteInt32(PrivacyError::ERR_READ_PARCEL_FAILED);
-        return;
-    }
-    if (userID != 0 && !IsPrivilegedCalling()) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "User version only get calling userID.");
-        reply.WriteInt32(PrivacyError::ERR_PERMISSION_DENIED);
-        return;
-    }
-    bool status = true;
-    reply.WriteInt32(this->GetPermissionUsedRecordToggleStatus(userID, status));
-    reply.WriteBool(status);
-}
-
-void PrivacyManagerStub::StartUsingPermissionInner(MessageParcel& data, MessageParcel& reply)
-{
-    uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID();
-    if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) {
-        reply.WriteInt32(PrivacyError::ERR_NOT_SYSTEM_APP);
-        return;
-    }
-    if (!VerifyPermission(PERMISSION_USED_STATS)) {
-        reply.WriteInt32(PrivacyError::ERR_PERMISSION_DENIED);
-        return;
-    }
-    sptr<PermissionUsedTypeInfoParcel> info = data.ReadParcelable<PermissionUsedTypeInfoParcel>();
-    if (info == nullptr) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Read parcel fail.");
-        reply.WriteInt32(PrivacyError::ERR_READ_PARCEL_FAILED);
-        return;
-    }
-    sptr<IRemoteObject> anonyStub = data.ReadRemoteObject();
-    if (anonyStub == nullptr) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Read ReadRemoteObject fail.");
-        reply.WriteInt32(PrivacyError::ERR_READ_PARCEL_FAILED);
-        return;
-    }
-    reply.WriteInt32(this->StartUsingPermission(*info, anonyStub));
-}
-
-void PrivacyManagerStub::StartUsingPermissionCallbackInner(MessageParcel& data, MessageParcel& reply)
-{
-    uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID();
-    if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) {
-        reply.WriteInt32(PrivacyError::ERR_NOT_SYSTEM_APP);
-        return;
-    }
-
-    if (!VerifyPermission(PERMISSION_USED_STATS)) {
-        reply.WriteInt32(PrivacyError::ERR_PERMISSION_DENIED);
-        return;
-    }
-    sptr<PermissionUsedTypeInfoParcel> info = data.ReadParcelable<PermissionUsedTypeInfoParcel>();
-    if (info == nullptr) {
-        reply.WriteInt32(PrivacyError::ERR_READ_PARCEL_FAILED);
-        return;
-    }
-    sptr<IRemoteObject> callback = data.ReadRemoteObject();
-    if (callback == nullptr) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Read ReadRemoteObject fail");
-        reply.WriteInt32(PrivacyError::ERR_READ_PARCEL_FAILED);
-        return;
-    }
-    sptr<IRemoteObject> anonyStub = data.ReadRemoteObject();
-    if (anonyStub == nullptr) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Read ReadRemoteObject fail.");
-        reply.WriteInt32(PrivacyError::ERR_READ_PARCEL_FAILED);
-        return;
-    }
-    reply.WriteInt32(this->StartUsingPermission(*info, callback, anonyStub));
-}
-
-void PrivacyManagerStub::StopUsingPermissionInner(MessageParcel& data, MessageParcel& reply)
-{
-    uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID();
-    if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) {
-        reply.WriteInt32(PrivacyError::ERR_NOT_SYSTEM_APP);
-        return;
-    }
-    if (!VerifyPermission(PERMISSION_USED_STATS)) {
-        reply.WriteInt32(PrivacyError::ERR_PERMISSION_DENIED);
-        return;
-    }
-    AccessTokenID tokenId = data.ReadUint32();
-    int32_t pid = data.ReadInt32();
-    std::string permissionName = data.ReadString();
-    reply.WriteInt32(this->StopUsingPermission(tokenId, pid, permissionName));
-}
-
-void PrivacyManagerStub::RemovePermissionUsedRecordsInner(MessageParcel& data, MessageParcel& reply)
-{
-    uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID();
-    if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) {
-        reply.WriteInt32(PrivacyError::ERR_NOT_SYSTEM_APP);
-        return;
-    }
-
-    if (!IsAccessTokenCalling() && !VerifyPermission(PERMISSION_USED_STATS)) {
-        reply.WriteInt32(PrivacyError::ERR_PERMISSION_DENIED);
-        return;
-    }
-
-    AccessTokenID tokenId = data.ReadUint32();
-    reply.WriteInt32(this->RemovePermissionUsedRecords(tokenId));
-}
-
-void PrivacyManagerStub::GetPermissionUsedRecordsInner(MessageParcel& data, MessageParcel& reply)
-{
-    uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID();
-    if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) {
-        reply.WriteInt32(PrivacyError::ERR_NOT_SYSTEM_APP);
-        return;
-    }
-    PermissionUsedResultParcel responseParcel;
-    if (!VerifyPermission(PERMISSION_USED_STATS)) {
-        reply.WriteInt32(PrivacyError::ERR_PERMISSION_DENIED);
-        return;
-    }
-    sptr<PermissionUsedRequestParcel> requestParcel = data.ReadParcelable<PermissionUsedRequestParcel>();
-    if (requestParcel == nullptr) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "ReadParcelable faild");
-        reply.WriteInt32(PrivacyError::ERR_READ_PARCEL_FAILED);
-        return;
-    }
-    int32_t result = this->GetPermissionUsedRecords(*requestParcel, responseParcel);
-    reply.WriteInt32(result);
-    if (result != RET_SUCCESS) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "WriteInt32 faild");
-        return;
-    }
-    reply.WriteParcelable(&responseParcel);
-}
-
-void PrivacyManagerStub::GetPermissionUsedRecordsAsyncInner(MessageParcel& data, MessageParcel& reply)
-{
-    uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID();
-    if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) {
-        reply.WriteInt32(PrivacyError::ERR_NOT_SYSTEM_APP);
-        return;
-    }
-
-    if (!VerifyPermission(PERMISSION_USED_STATS)) {
-        reply.WriteInt32(PrivacyError::ERR_PERMISSION_DENIED);
-        return;
-    }
-    sptr<PermissionUsedRequestParcel> requestParcel = data.ReadParcelable<PermissionUsedRequestParcel>();
-    if (requestParcel == nullptr) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "ReadParcelable failed");
-        reply.WriteInt32(PrivacyError::ERR_READ_PARCEL_FAILED);
-        return;
-    }
-    sptr<OnPermissionUsedRecordCallback> callback = new OnPermissionUsedRecordCallbackProxy(data.ReadRemoteObject());
-    if (callback == nullptr) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Callback is null");
-        reply.WriteInt32(PrivacyError::ERR_READ_PARCEL_FAILED);
-        return;
-    }
-    reply.WriteInt32(this->GetPermissionUsedRecords(*requestParcel, callback));
-}
-
-void PrivacyManagerStub::RegisterPermActiveStatusCallbackInner(MessageParcel& data, MessageParcel& reply)
-{
-    uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID();
-    if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) {
-        reply.WriteInt32(PrivacyError::ERR_NOT_SYSTEM_APP);
-        return;
-    }
-    if (!VerifyPermission(PERMISSION_USED_STATS)) {
-        reply.WriteInt32(PrivacyError::ERR_PERMISSION_DENIED);
-        return;
-    }
-    uint32_t permListSize = data.ReadUint32();
-    if (permListSize > PERM_LIST_SIZE_MAX) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Read permListSize fail");
-        reply.WriteInt32(PrivacyError::ERR_OVERSIZE);
-        return;
-    }
-    std::vector<std::string> permList;
-    for (uint32_t i = 0; i < permListSize; i++) {
-        std::string perm = data.ReadString();
-        permList.emplace_back(perm);
-    }
-    sptr<IRemoteObject> callback = data.ReadRemoteObject();
-    if (callback == nullptr) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Read ReadRemoteObject fail");
-        reply.WriteInt32(PrivacyError::ERR_READ_PARCEL_FAILED);
-        return;
-    }
-    reply.WriteInt32(this->RegisterPermActiveStatusCallback(permList, callback));
-}
-
-void PrivacyManagerStub::UnRegisterPermActiveStatusCallbackInner(MessageParcel& data, MessageParcel& reply)
-{
-    uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID();
-    if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) {
-        reply.WriteInt32(PrivacyError::ERR_NOT_SYSTEM_APP);
-        return;
-    }
-    if (!VerifyPermission(PERMISSION_USED_STATS)) {
-        reply.WriteInt32(PrivacyError::ERR_PERMISSION_DENIED);
-        return;
-    }
-    sptr<IRemoteObject> callback = data.ReadRemoteObject();
-    if (callback == nullptr) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Read scopeParcel fail");
-        reply.WriteInt32(PrivacyError::ERR_READ_PARCEL_FAILED);
-        return;
-    }
-    reply.WriteInt32(this->UnRegisterPermActiveStatusCallback(callback));
-}
-
-void PrivacyManagerStub::IsAllowedUsingPermissionInner(MessageParcel& data, MessageParcel& reply)
-{
-    uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID();
-    if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Permission denied(tokenID=%{public}d)", callingTokenID);
-        reply.WriteBool(false);
-        return;
-    }
-
-    if (!VerifyPermission(PERMISSION_USED_STATS)) {
-        reply.WriteBool(false);
-        return;
-    }
-
-    AccessTokenID tokenId = data.ReadUint32();
-    std::string permissionName = data.ReadString();
-    int32_t pid = data.ReadInt32();
-
-    bool result = this->IsAllowedUsingPermission(tokenId, permissionName, pid);
-    if (!reply.WriteBool(result)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to WriteBool(%{public}s)", permissionName.c_str());
-        reply.WriteBool(false);
-        return;
-    }
-}
-
-#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE
-void PrivacyManagerStub::RegisterSecCompEnhanceInner(MessageParcel& data, MessageParcel& reply)
-{
-    sptr<SecCompEnhanceDataParcel> requestParcel = data.ReadParcelable<SecCompEnhanceDataParcel>();
-    if (requestParcel == nullptr) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "ReadParcelable faild");
-        reply.WriteInt32(PrivacyError::ERR_READ_PARCEL_FAILED);
-        return;
-    }
-    reply.WriteInt32(this->RegisterSecCompEnhance(*requestParcel));
-}
-
-void PrivacyManagerStub::UpdateSecCompEnhanceInner(MessageParcel& data, MessageParcel& reply)
-{
-    if (!IsSecCompServiceCalling()) {
-        reply.WriteInt32(PrivacyError::ERR_PERMISSION_DENIED);
-        return;
-    }
-
-    int32_t pid = data.ReadInt32();
-    uint32_t seqNum = data.ReadUint32();
-    reply.WriteInt32(this->UpdateSecCompEnhance(pid, seqNum));
-}
-
-void PrivacyManagerStub::GetSecCompEnhanceInner(MessageParcel& data, MessageParcel& reply)
-{
-    if (!IsSecCompServiceCalling()) {
-        reply.WriteInt32(PrivacyError::ERR_PERMISSION_DENIED);
-        return;
-    }
-
-    int32_t pid = data.ReadInt32();
-    SecCompEnhanceDataParcel parcel;
-    int32_t result = this->GetSecCompEnhance(pid, parcel);
-    reply.WriteInt32(result);
-    if (result != RET_SUCCESS) {
-        return;
-    }
-
-    reply.WriteParcelable(&parcel);
-}
-
-void PrivacyManagerStub::GetSpecialSecCompEnhanceInner(MessageParcel& data, MessageParcel& reply)
-{
-    if (!IsSecCompServiceCalling()) {
-        reply.WriteInt32(PrivacyError::ERR_PERMISSION_DENIED);
-        return;
-    }
-
-    std::string bundleName = data.ReadString();
-    std::vector<SecCompEnhanceDataParcel> parcelList;
-    int32_t result = this->GetSpecialSecCompEnhance(bundleName, parcelList);
-    reply.WriteInt32(result);
-    if (result != RET_SUCCESS) {
-        return;
-    }
-    reply.WriteUint32(parcelList.size());
-    for (const auto& parcel : parcelList) {
-        reply.WriteParcelable(&parcel);
-    }
-}
-
-bool PrivacyManagerStub::IsSecCompServiceCalling()
-{
-    uint32_t tokenCaller = IPCSkeleton::GetCallingTokenID();
-    if (secCompTokenId_ == 0) {
-        secCompTokenId_ = AccessTokenKit::GetNativeTokenId("security_component_service");
-    }
-    return tokenCaller == secCompTokenId_;
-}
-#endif
-
-void PrivacyManagerStub::GetPermissionUsedTypeInfosInner(MessageParcel& data, MessageParcel& reply)
-{
-    uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID();
-    if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) {
-        reply.WriteInt32(PrivacyError::ERR_NOT_SYSTEM_APP);
-        return;
-    }
-    if (!VerifyPermission(PERMISSION_USED_STATS)) {
-        reply.WriteInt32(PrivacyError::ERR_PERMISSION_DENIED);
-        return;
-    }
-    AccessTokenID tokenId = data.ReadUint32();
-    std::string permissionName = data.ReadString();
-    std::vector<PermissionUsedTypeInfoParcel> resultsParcel;
-    int32_t result = this->GetPermissionUsedTypeInfos(tokenId, permissionName, resultsParcel);
-    if (!reply.WriteInt32(result)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to WriteInt32(%{public}d-%{public}s)", tokenId, permissionName.c_str());
-        return;
-    }
-    reply.WriteUint32(resultsParcel.size());
-    for (const auto& parcel : resultsParcel) {
-        reply.WriteParcelable(&parcel);
-    }
-}
-
-void PrivacyManagerStub::SetMutePolicyInner(MessageParcel& data, MessageParcel& reply)
-{
-    if (!VerifyPermission(SET_MUTE_POLICY)) {
-        reply.WriteInt32(PrivacyError::ERR_PERMISSION_DENIED);
-        return;
-    }
-    uint32_t policyType;
-    if (!data.ReadUint32(policyType)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to read policyType.");
-        reply.WriteInt32(PrivacyError::ERR_READ_PARCEL_FAILED);
-        return;
-    }
-    uint32_t callerType;
-    if (!data.ReadUint32(callerType)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to read callerType.");
-        reply.WriteInt32(PrivacyError::ERR_READ_PARCEL_FAILED);
-        return;
-    }
-    bool isMute;
-    if (!data.ReadBool(isMute)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to read isMute.");
-        reply.WriteInt32(PrivacyError::ERR_READ_PARCEL_FAILED);
-        return;
-    }
-    uint32_t tokenID;
-    if (!data.ReadUint32(tokenID)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to read tokenID.");
-        reply.WriteInt32(PrivacyError::ERR_READ_PARCEL_FAILED);
-        return;
-    }
-
-    int32_t result = this->SetMutePolicy(policyType, callerType, isMute, tokenID);
-    if (!reply.WriteInt32(result)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to WriteInt32.");
-        return;
-    }
-}
-
-void PrivacyManagerStub::SetHapWithFGReminderInner(MessageParcel& data, MessageParcel& reply)
-{
-    if (!VerifyPermission(SET_FOREGROUND_HAP_REMINDER)) {
-        reply.WriteInt32(PrivacyError::ERR_PERMISSION_DENIED);
-        return;
-    }
-    uint32_t tokenId;
-    if (!data.ReadUint32(tokenId)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to read tokenId.");
-        reply.WriteInt32(PrivacyError::ERR_READ_PARCEL_FAILED);
-        return;
-    }
-    bool isAllowed;
-    if (!data.ReadBool(isAllowed)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to read isAllowed.");
-        reply.WriteInt32(PrivacyError::ERR_READ_PARCEL_FAILED);
-        return;
-    }
-
-    int32_t result = this->SetHapWithFGReminder(tokenId, isAllowed);
-    if (!reply.WriteInt32(result)) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Failed to WriteInt32.");
-        return;
-    }
-}
-
-bool PrivacyManagerStub::IsPrivilegedCalling() const
-{
-    // shell process is root in debug mode.
-#ifndef ATM_BUILD_VARIANT_USER_ENABLE
-    int32_t callingUid = IPCSkeleton::GetCallingUid();
-    return callingUid == ROOT_UID;
-#else
-    return false;
-#endif
-}
-
-bool PrivacyManagerStub::IsAccessTokenCalling() const
-{
-    int32_t callingUid = IPCSkeleton::GetCallingUid();
-    return callingUid == ACCESSTOKEN_UID;
-}
-
-bool PrivacyManagerStub::IsSystemAppCalling() const
-{
-    uint64_t fullTokenId = IPCSkeleton::GetCallingFullTokenID();
-    return TokenIdKit::IsSystemAppByFullTokenID(fullTokenId);
-}
-
-bool PrivacyManagerStub::VerifyPermission(const std::string& permission) const
-{
-    uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID();
-    if (AccessTokenKit::VerifyAccessToken(callingTokenID, permission) == PERMISSION_DENIED) {
-        LOGE(PRI_DOMAIN, PRI_TAG, "Permission denied(callingTokenID=%{public}d)", callingTokenID);
-        return false;
-    }
-    return true;
-}
-} // namespace AccessToken
-} // namespace Security
-} // namespace OHOS
diff --git a/services/privacymanager/test/coverage/BUILD.gn b/services/privacymanager/test/coverage/BUILD.gn
index 36d7efa6bf57a7d21d4bf0ee83f7690bcff45f7a..76b78de9710f3fa122cacb7d249516943986e046 100644
--- a/services/privacymanager/test/coverage/BUILD.gn
+++ b/services/privacymanager/test/coverage/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2024 Huawei Device Co., Ltd.
+# Copyright (c) 2024-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -16,9 +16,8 @@ import("../../../../access_token.gni")
 
 if (is_standard_system && ability_base_enable == true) {
   ohos_unittest("libprivacy_manager_service_coverage_test") {
-    subsystem_name = "security"
-    part_name = "access_token"
-    module_out_path = part_name + "/" + part_name
+    subsystem_name = "accesscontrol"
+  module_out_path = module_output_path_unittest_privacy
     sanitize = {
       cfi = true
       cfi_cross_dso = true
@@ -28,6 +27,8 @@ if (is_standard_system && ability_base_enable == true) {
 
     include_dirs = [
       "${access_token_path}/frameworks/common/include",
+      "${access_token_path}/interfaces/innerkits/nativetoken/include",
+      "${access_token_path}/interfaces/innerkits/privacy/test/unittest/src",
       "${access_token_path}/frameworks/privacy/include",
       "${access_token_path}/interfaces/innerkits/accesstoken/include",
       "${access_token_path}/interfaces/innerkits/privacy/include",
@@ -51,6 +52,7 @@ if (is_standard_system && ability_base_enable == true) {
     ]
 
     sources = [
+      "${access_token_path}/interfaces/innerkits/privacy/test/unittest/src/privacy_test_common.cpp",
       "../../src/active/active_status_callback_manager.cpp",
       "../../src/active/perm_active_status_callback_death_recipient.cpp",
       "../../src/active/perm_active_status_change_callback_proxy.cpp",
@@ -67,25 +69,29 @@ if (is_standard_system && ability_base_enable == true) {
       "../../src/sensitive/audio_manager/audio_manager_adapter.cpp",
       "../../src/sensitive/camera_manager/camera_manager_adapter.cpp",
       "../../src/service/privacy_manager_service.cpp",
-      "../../src/service/privacy_manager_stub.cpp",
       "permission_record_manager_coverage_test.cpp",
       "sensitive_manager_coverage_test.cpp",
     ]
 
     cflags_cc = [ "-DHILOG_ENABLE" ]
 
-    configs = [ "${access_token_path}/config:coverage_flags" ]
+    configs = [
+      "${access_token_path}/config:coverage_flags",
+      "${access_token_path}/services/privacymanager:privacy_manager_gen_config",
+    ]
 
     deps = [
       "${access_token_path}/frameworks/common:accesstoken_common_cxx",
       "${access_token_path}/frameworks/privacy:privacy_communication_adapter_cxx",
       "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk",
       "${access_token_path}/interfaces/innerkits/accesstoken:libtokenid_sdk",
+      "${access_token_path}/interfaces/innerkits/nativetoken:libnativetoken_shared",
       "${access_token_path}/interfaces/innerkits/privacy:libprivacy_sdk",
       "${access_token_path}/interfaces/innerkits/token_setproc:libtoken_setproc",
       "${access_token_path}/services/common:accesstoken_service_common",
       "${access_token_path}/services/common/proxy_death:proxy_death_handler",
       "${access_token_path}/services/privacymanager:privacy_manager_service",
+      "${access_token_path}/services/privacymanager:privacy_manager_stub",
     ]
 
     external_deps = [
diff --git a/services/privacymanager/test/coverage/permission_record_manager_coverage_test.cpp b/services/privacymanager/test/coverage/permission_record_manager_coverage_test.cpp
index 93eb24742653a37cd06d62504468e3d35e03edde..f6797bc939ffb3b62e2d0d7afaeeed4bcf8e5bb3 100644
--- a/services/privacymanager/test/coverage/permission_record_manager_coverage_test.cpp
+++ b/services/privacymanager/test/coverage/permission_record_manager_coverage_test.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2022-2024 Huawei Device Co., Ltd.
+ * Copyright (c) 2022-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -31,9 +31,11 @@
 #include "privacy_error.h"
 #include "privacy_field_const.h"
 #include "privacy_kit.h"
+#include "privacy_test_common.h"
 #include "state_change_callback.h"
 #include "time_util.h"
 #include "token_setproc.h"
+#include "on_permission_used_record_callback_stub.h"
 
 using namespace testing;
 using namespace testing::ext;
@@ -55,6 +57,7 @@ static constexpr int32_t PERMISSION_USED_TYPE_VALUE = 1;
 static constexpr int32_t PERMISSION_USED_TYPE_WITH_PICKER_TYPE_VALUE = 3;
 static constexpr uint32_t RANDOM_TOKENID = 123;
 static constexpr int32_t TEST_USER_ID_11 = 11;
+static constexpr int32_t INVALID_CODE = 9999;
 static PermissionStateFull g_testState1 = {
     .permissionName = "ohos.permission.CAMERA",
     .isGeneral = true,
@@ -113,28 +116,32 @@ public:
 void PermissionRecordManagerTest::SetUpTestCase()
 {
     g_selfTokenId = GetSelfTokenID();
-    g_nativeToken = AccessTokenKit::GetNativeTokenId("privacy_service");
+    PrivacyTestCommon::SetTestEvironment(g_selfTokenId);
+
+    g_nativeToken = PrivacyTestCommon::GetNativeTokenIdFromProcess("privacy_service");
 }
 
-void PermissionRecordManagerTest::TearDownTestCase() {}
+void PermissionRecordManagerTest::TearDownTestCase()
+{
+    PrivacyTestCommon::ResetTestEvironment();
+}
 
 void PermissionRecordManagerTest::SetUp()
 {
     PermissionRecordManager::GetInstance().Register();
 
-    AccessTokenKit::AllocHapToken(g_InfoParms1, g_PolicyPrams1);
-    AccessTokenKit::AllocHapToken(g_InfoParms2, g_PolicyPrams2);
+    PrivacyTestCommon::AllocTestHapToken(g_InfoParms1, g_PolicyPrams1);
+    PrivacyTestCommon::AllocTestHapToken(g_InfoParms2, g_PolicyPrams2);
 }
 
 void PermissionRecordManagerTest::TearDown()
 {
-    AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
-        g_InfoParms1.instIndex);
-    AccessTokenKit::DeleteToken(tokenId);
-    tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms2.userID, g_InfoParms2.bundleName,
-        g_InfoParms2.instIndex);
-    AccessTokenKit::DeleteToken(tokenId);
-    EXPECT_EQ(0, SetSelfTokenID(g_selfTokenId));
+    AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(
+        g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex);
+    PrivacyTestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID);
+    tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(
+        g_InfoParms2.userID, g_InfoParms2.bundleName, g_InfoParms2.instIndex);
+    PrivacyTestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID);
 }
 
 class PermissionRecordManagerCoverTestCb1 : public StateCustomizedCbk {
@@ -179,7 +186,7 @@ static PermissionUsedTypeInfo MakeInfo(AccessTokenID tokenId, int32_t pid, const
  * @tc.type: FUNC
  * @tc.require: issueI5RWX8
  */
-HWTEST_F(PermissionRecordManagerTest, OnAppStateChanged001, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, OnAppStateChanged001, TestSize.Level4)
 {
     PrivacyAppStateObserver observer;
     AppStateData appStateData;
@@ -196,13 +203,16 @@ HWTEST_F(PermissionRecordManagerTest, OnAppStateChanged001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5SZHG
  */
-HWTEST_F(PermissionRecordManagerTest, AppStatusListener001, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, AppStatusListener001, TestSize.Level4)
 {
-    AccessTokenID tokenId1 = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
-        g_InfoParms1.instIndex);
+    AccessTokenIDEx tokenIdEx1 = PrivacyTestCommon::GetHapTokenIdFromBundle(
+        g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex);
+    AccessTokenID tokenId1 = tokenIdEx1.tokenIdExStruct.tokenID;
     ASSERT_NE(static_cast<AccessTokenID>(0), tokenId1);
-    AccessTokenID tokenId2 = AccessTokenKit::GetHapTokenID(g_InfoParms2.userID, g_InfoParms2.bundleName,
-        g_InfoParms2.instIndex);
+
+    AccessTokenIDEx tokenIdEx2 = PrivacyTestCommon::GetHapTokenIdFromBundle(
+        g_InfoParms2.userID, g_InfoParms2.bundleName, g_InfoParms2.instIndex);
+    AccessTokenID tokenId2 = tokenIdEx2.tokenIdExStruct.tokenID;
     ASSERT_NE(static_cast<AccessTokenID>(0), tokenId2);
 
     ContinusPermissionRecord recordA1 = {
@@ -250,13 +260,15 @@ HWTEST_F(PermissionRecordManagerTest, AppStatusListener001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5RWX5 issueI5RWX3 issueI5RWXA
  */
-HWTEST_F(PermissionRecordManagerTest, FindRecordsToUpdateAndExecutedTest001, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, FindRecordsToUpdateAndExecutedTest001, TestSize.Level4)
 {
-    AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
-        g_InfoParms1.instIndex);
-    ASSERT_NE(INVALID_TOKENID, tokenId);
+    std::vector<std::string> reqPerm;
+    reqPerm.emplace_back("ohos.permission.CAMERA");
+    reqPerm.emplace_back("ohos.permission.MANAGE_CAMERA_CONFIG");
+    MockHapToken mock("FindRecordsToUpdateAndExecutedTest001", reqPerm, false);
 
-    EXPECT_EQ(0, SetSelfTokenID(tokenId));
+    AccessTokenID tokenId = GetSelfTokenID();;
+    ASSERT_NE(INVALID_TOKENID, tokenId);
 
     ActiveChangeType status = PERM_ACTIVE_IN_BACKGROUND;
     std::string permission = "ohos.permission.CAMERA";
@@ -280,10 +292,11 @@ HWTEST_F(PermissionRecordManagerTest, FindRecordsToUpdateAndExecutedTest001, Tes
  * @tc.type: FUNC
  * @tc.require: issueI5RWX5 issueI5RWX3 issueI5RWXA
  */
-HWTEST_F(PermissionRecordManagerTest, FindRecordsToUpdateAndExecutedTest002, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, FindRecordsToUpdateAndExecutedTest002, TestSize.Level4)
 {
-    AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
-        g_InfoParms1.instIndex);
+    AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(
+        g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex);
+    AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
     ASSERT_NE(INVALID_TOKENID, tokenId);
     ActiveChangeType status = PERM_ACTIVE_IN_BACKGROUND;
     std::string permission = "ohos.permission.MICROPHONE";
@@ -305,10 +318,11 @@ HWTEST_F(PermissionRecordManagerTest, FindRecordsToUpdateAndExecutedTest002, Tes
  * @tc.type: FUNC
  * @tc.require: issueI5RWX5 issueI5RWX3 issueI5RWXA
  */
-HWTEST_F(PermissionRecordManagerTest, FindRecordsToUpdateAndExecutedTest003, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, FindRecordsToUpdateAndExecutedTest003, TestSize.Level4)
 {
-    AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
-        g_InfoParms1.instIndex);
+    AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(
+        g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex);
+    AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
     ASSERT_NE(INVALID_TOKENID, tokenId);
     ActiveChangeType status = PERM_ACTIVE_IN_FOREGROUND;
     std::string permission = "ohos.permission.CAMERA";
@@ -329,10 +343,11 @@ HWTEST_F(PermissionRecordManagerTest, FindRecordsToUpdateAndExecutedTest003, Tes
  * @tc.type: FUNC
  * @tc.require: issueI5RWX5 issueI5RWX3 issueI5RWXA
  */
-HWTEST_F(PermissionRecordManagerTest, FindRecordsToUpdateAndExecutedTest004, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, FindRecordsToUpdateAndExecutedTest004, TestSize.Level4)
 {
-    AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
-        g_InfoParms1.instIndex);
+    AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(
+        g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex);
+    AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
     ASSERT_NE(INVALID_TOKENID, tokenId);
     ActiveChangeType status = PERM_ACTIVE_IN_BACKGROUND;
     std::string permission = "ohos.permission.CAMERA";
@@ -353,10 +368,11 @@ HWTEST_F(PermissionRecordManagerTest, FindRecordsToUpdateAndExecutedTest004, Tes
  * @tc.type: FUNC
  * @tc.require: issueI5RWX5 issueI5RWX3 issueI5RWXA
  */
-HWTEST_F(PermissionRecordManagerTest, ExecuteCameraCallbackAsyncTest001, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, ExecuteCameraCallbackAsyncTest001, TestSize.Level4)
 {
-    AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
-        g_InfoParms1.instIndex);
+    AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(
+        g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex);
+    AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
     ASSERT_NE(INVALID_TOKENID, tokenId);
 
     auto callbackPtr = std::make_shared<PermissionRecordManagerCoverTestCb1>();
@@ -411,7 +427,7 @@ public:
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, OnRemoteDied001, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, OnRemoteDied001, TestSize.Level4)
 {
     auto recipient = std::make_shared<PermActiveStatusCallbackDeathRecipient>();
     ASSERT_NE(nullptr, recipient);
@@ -442,10 +458,11 @@ HWTEST_F(PermissionRecordManagerTest, OnRemoteDied001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, OnApplicationStateChanged001, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, OnApplicationStateChanged001, TestSize.Level4)
 {
-    AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
-        g_InfoParms1.instIndex);
+    AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(
+        g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex);
+    AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
     ASSERT_NE(INVALID_TOKENID, tokenId);
 
     PrivacyAppStateObserver observer;
@@ -461,6 +478,9 @@ HWTEST_F(PermissionRecordManagerTest, OnApplicationStateChanged001, TestSize.Lev
     appStateData.accessTokenId = tokenId;
     observer.OnAppStopped(appStateData);
 
+    appStateData.state = INVALID_CODE;
+    observer.OnAppStopped(appStateData);
+
     usleep(500000); // 500000us = 0.5s
     ASSERT_EQ(PERM_ACTIVE_IN_BACKGROUND, callbackPtr->type_);
 
@@ -473,7 +493,7 @@ HWTEST_F(PermissionRecordManagerTest, OnApplicationStateChanged001, TestSize.Lev
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, RemoveCallback001, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, RemoveCallback001, TestSize.Level4)
 {
     std::vector<std::string> permList;
     sptr<IRemoteObject> callback;
@@ -515,11 +535,12 @@ HWTEST_F(PermissionRecordManagerTest, RemoveCallback001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, UpdateRecords001, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, UpdateRecords001, TestSize.Level4)
 {
-    AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
-        g_InfoParms1.instIndex);
-    ASSERT_NE(static_cast<AccessTokenID>(0), tokenId);
+    AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(
+        g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex);
+    AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
+    ASSERT_NE(INVALID_TOKENID, tokenId);
 
     PermissionUsageFlag flag = FLAG_PERMISSION_USAGE_SUMMARY;
     PermissionUsedRecord inBundleRecord;
@@ -562,11 +583,12 @@ HWTEST_F(PermissionRecordManagerTest, UpdateRecords001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, RemoveRecordFromStartList001, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, RemoveRecordFromStartList001, TestSize.Level4)
 {
-    AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
-        g_InfoParms1.instIndex);
-    ASSERT_NE(static_cast<AccessTokenID>(0), tokenId);
+    AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(
+        g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex);
+    AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
+    ASSERT_NE(INVALID_TOKENID, tokenId);
 
     std::string permission = "ohos.permission.READ_MEDIA";
     ASSERT_EQ(Constant::SUCCESS,
@@ -598,7 +620,7 @@ HWTEST_F(PermissionRecordManagerTest, RemoveRecordFromStartList001, TestSize.Lev
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, PermissionListFilter001, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, PermissionListFilter001, TestSize.Level4)
 {
     std::vector<std::string> listSrc;
     std::vector<std::string> listRes;
@@ -624,11 +646,12 @@ HWTEST_F(PermissionRecordManagerTest, PermissionListFilter001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, Unregister001, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, Unregister001, TestSize.Level4)
 {
-    AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
-        g_InfoParms1.instIndex);
-    ASSERT_NE(static_cast<AccessTokenID>(0), tokenId);
+    AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(
+        g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex);
+    AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
+    ASSERT_NE(INVALID_TOKENID, tokenId);
 
     ASSERT_EQ(Constant::SUCCESS, PermissionRecordManager::GetInstance().StartUsingPermission(
         MakeInfo(tokenId, PID, "ohos.permission.READ_MEDIA"), CALLER_PID));
@@ -646,7 +669,7 @@ HWTEST_F(PermissionRecordManagerTest, Unregister001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, TranslationIntoPermissionRecord001, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, TranslationIntoPermissionRecord001, TestSize.Level4)
 {
     GenericValues values;
     values.Put(PrivacyFiledConst::FIELD_TOKEN_ID, static_cast<int32_t>(10086));
@@ -695,7 +718,7 @@ void AddRecord(int32_t num, std::vector<GenericValues>& values)
  * @tc.type: FUNC
  * @tc.require: issueI5P4IU
  */
-HWTEST_F(PermissionRecordManagerTest, GetRecords002, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, GetRecords002, TestSize.Level4)
 {
     std::vector<GenericValues> values;
     int32_t num = MAX_DETAIL_NUM + 1;
@@ -766,11 +789,13 @@ static void GeneratePermissionRecord(AccessTokenID tokenID)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, GetRecords003, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, GetRecords003, TestSize.Level4)
 {
-    AccessTokenID tokenID = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
-        g_InfoParms1.instIndex);
-    ASSERT_NE(static_cast<AccessTokenID>(0), tokenID);
+    MockNativeToken mock("privacy_service");
+    AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(
+        g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex);
+    AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
+    ASSERT_NE(INVALID_TOKENID, tokenID);
 
     GeneratePermissionRecord(tokenID);
     PermissionRecordManager::GetInstance().SetDefaultConfigValue();
@@ -818,11 +843,12 @@ HWTEST_F(PermissionRecordManagerTest, GetRecords003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, GetRecords004, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, GetRecords004, TestSize.Level4)
 {
-    AccessTokenID tokenID = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
-        g_InfoParms1.instIndex);
-    ASSERT_NE(static_cast<AccessTokenID>(0), tokenID);
+    AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(
+        g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex);
+    AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
+    ASSERT_NE(INVALID_TOKENID, tokenID);
 
     GeneratePermissionRecord(tokenID);
     PermissionRecordManager::GetInstance().SetDefaultConfigValue();
@@ -836,13 +862,137 @@ HWTEST_F(PermissionRecordManagerTest, GetRecords004, TestSize.Level1)
     EXPECT_EQ(ERR_PARAM_INVALID, PermissionRecordManager::GetInstance().GetPermissionUsedRecords(request, result));
 }
 
+/**
+ * @tc.name: GetRecords005
+ * @tc.desc: test ERR_PARAM_INVALID
+ * @tc.type: FUNC
+ * @tc.require:
+ */
+HWTEST_F(PermissionRecordManagerTest, GetRecords005, TestSize.Level4)
+{
+    PermissionRecordManager::GetInstance().UpdatePermRecImmediately();
+
+    AddPermParamInfo info;
+
+    PermissionRecord result;
+    EXPECT_EQ(ERR_PARAM_INVALID, PermissionRecordManager::GetInstance().GetPermissionRecord(info, result));
+
+    PermissionRecordManager::GetInstance().ExecuteDeletePermissionRecordTask();
+}
+
+/**
+ * @tc.name: SetPermissionUsedRecordToggleStatus001
+ * @tc.desc: test ERR_PARAM_INVALID
+ * @tc.type: FUNC
+ * @tc.require:
+ */
+HWTEST_F(PermissionRecordManagerTest, SetPermissionUsedRecordToggleStatus001, TestSize.Level4)
+{
+    MockNativeToken mock("privacy_service");
+
+    EXPECT_EQ(Constant::SUCCESS, PermissionRecordManager::GetInstance().SetPermissionUsedRecordToggleStatus(0, false));
+    EXPECT_EQ(Constant::SUCCESS, PermissionRecordManager::GetInstance().SetPermissionUsedRecordToggleStatus(0, true));
+    EXPECT_EQ(Constant::SUCCESS, PermissionRecordManager::GetInstance().SetPermissionUsedRecordToggleStatus(0, true));
+
+    AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(
+        g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex);
+    AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
+    ASSERT_NE(INVALID_TOKENID, tokenID);
+
+    GeneratePermissionRecord(tokenID);
+
+    EXPECT_EQ(Constant::SUCCESS, PermissionRecordManager::GetInstance().SetPermissionUsedRecordToggleStatus(1, false));
+    EXPECT_EQ(Constant::SUCCESS, PermissionRecordManager::GetInstance().SetPermissionUsedRecordToggleStatus(1, true));
+    EXPECT_EQ(Constant::SUCCESS,
+        PermissionRecordManager::GetInstance().SetPermissionUsedRecordToggleStatus(105, false));
+    EXPECT_EQ(Constant::SUCCESS, PermissionRecordManager::GetInstance().SetPermissionUsedRecordToggleStatus(105, true));
+}
+
+/**
+ * @tc.name: GetPermissionUsedRecordToggleStatus001
+ * @tc.desc: test ERR_PARAM_INVALID
+ * @tc.type: FUNC
+ * @tc.require:
+ */
+HWTEST_F(PermissionRecordManagerTest, GetPermissionUsedRecordToggleStatus001, TestSize.Level4)
+{
+    bool res = true;
+    EXPECT_EQ(Constant::SUCCESS, PermissionRecordManager::GetInstance().GetPermissionUsedRecordToggleStatus(0, res));
+    EXPECT_EQ(Constant::SUCCESS, PermissionRecordManager::GetInstance().GetPermissionUsedRecordToggleStatus(0, res));
+    EXPECT_EQ(Constant::SUCCESS, PermissionRecordManager::GetInstance().SetPermissionUsedRecordToggleStatus(106, res));
+    EXPECT_EQ(Constant::SUCCESS, PermissionRecordManager::GetInstance().SetPermissionUsedRecordToggleStatus(106, res));
+
+    PermissionRecordManager::GetInstance().UpdatePermUsedRecToggleStatusMapFromDb();
+}
+
+class TestUsedRecordCallback : public OnPermissionUsedRecordCallbackStub {
+public:
+    TestUsedRecordCallback() = default;
+    virtual ~TestUsedRecordCallback() = default;
+    void OnQueried(ErrCode code, PermissionUsedResult& result) {}
+};
+
+/**
+ * @tc.name: GetPermissionUsedRecordsAsync001
+ * @tc.desc: test
+ * @tc.type: FUNC
+ * @tc.require:
+ */
+HWTEST_F(PermissionRecordManagerTest, GetPermissionUsedRecordsAsync001, TestSize.Level4)
+{
+    AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(
+        g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex);
+    AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
+    ASSERT_NE(INVALID_TOKENID, tokenID);
+
+    PermissionUsedRequest request;
+    request.tokenId = tokenID;
+    request.isRemote = false;
+    request.flag = PermissionUsageFlag::FLAG_PERMISSION_USAGE_SUMMARY_IN_SCREEN_LOCKED;
+
+    OHOS::sptr<TestUsedRecordCallback> cb(new TestUsedRecordCallback());
+    EXPECT_EQ(Constant::SUCCESS, PermissionRecordManager::GetInstance().GetPermissionUsedRecordsAsync(request, cb));
+}
+
+/**
+ * @tc.name: GetLockScreenStatus001
+ * @tc.desc: test
+ * @tc.type: FUNC
+ * @tc.require:
+ */
+HWTEST_F(PermissionRecordManagerTest, GetLockScreenStatus001, TestSize.Level4)
+{
+    EXPECT_NE(PrivacyError::ERR_PARAM_INVALID, PermissionRecordManager::GetInstance().GetLockScreenStatus(true));
+}
+
+/**
+ * @tc.name: SetHapWithFGReminder001
+ * @tc.desc: test
+ * @tc.type: FUNC
+ * @tc.require:
+ */
+HWTEST_F(PermissionRecordManagerTest, SetHapWithFGReminder001, TestSize.Level4)
+{
+    EXPECT_NE(PrivacyError::ERR_PARAM_INVALID, PermissionRecordManager::GetInstance().SetHapWithFGReminder(123, true));
+
+    AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(
+        g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex);
+    AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
+    ASSERT_NE(INVALID_TOKENID, tokenID);
+
+    EXPECT_NE(PrivacyError::ERR_PARAM_INVALID,
+        PermissionRecordManager::GetInstance().SetHapWithFGReminder(tokenID, true));
+    EXPECT_NE(PrivacyError::ERR_PARAM_INVALID,
+        PermissionRecordManager::GetInstance().SetHapWithFGReminder(tokenID, false));
+}
+
 /**
  * @tc.name: GetRecordsFromLocalDBTest001
  * @tc.desc: test GetRecordsFromLocalDB: token = 0
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, GetRecordsFromLocalDBTest001, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, GetRecordsFromLocalDBTest001, TestSize.Level4)
 {
     PermissionUsedRequest request;
     request.tokenId = 0;
@@ -858,7 +1008,7 @@ HWTEST_F(PermissionRecordManagerTest, GetRecordsFromLocalDBTest001, TestSize.Lev
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, GetRecordsFromLocalDBTest002, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, GetRecordsFromLocalDBTest002, TestSize.Level4)
 {
     PermissionUsedRequest request;
     request.tokenId = g_selfTokenId;
@@ -875,7 +1025,7 @@ HWTEST_F(PermissionRecordManagerTest, GetRecordsFromLocalDBTest002, TestSize.Lev
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, AddOrUpdateUsedStatusIfNeeded001, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, AddOrUpdateUsedStatusIfNeeded001, TestSize.Level4)
 {
     PermissionUsedRecordDb::DataType type = PermissionUsedRecordDb::DataType::PERMISSION_USED_RECORD_TOGGLE_STATUS;
     bool ret = PermissionRecordManager::GetInstance().AddOrUpdateUsedStatusIfNeeded(TEST_USER_ID_11, false);
@@ -912,7 +1062,7 @@ HWTEST_F(PermissionRecordManagerTest, AddOrUpdateUsedStatusIfNeeded001, TestSize
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, AddOrUpdateUsedTypeIfNeeded001, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, AddOrUpdateUsedTypeIfNeeded001, TestSize.Level4)
 {
     int32_t tokenId = static_cast<int32_t>(RANDOM_TOKENID);
     int32_t opCode = static_cast<int32_t>(Constant::OpCode::OP_ANSWER_CALL);
@@ -975,7 +1125,7 @@ HWTEST_F(PermissionRecordManagerTest, AddOrUpdateUsedTypeIfNeeded001, TestSize.L
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, DeletePermissionRecord001, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, DeletePermissionRecord001, TestSize.Level4)
 {
     int32_t recordSize = PermissionRecordManager::GetInstance().recordSizeMaximum_;
     PermissionRecordManager::GetInstance().recordSizeMaximum_ = MAX_DETAIL_NUM;
@@ -998,15 +1148,16 @@ HWTEST_F(PermissionRecordManagerTest, DeletePermissionRecord001, TestSize.Level1
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, RemoveRecordFromStartListTest001, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, RemoveRecordFromStartListTest001, TestSize.Level4)
 {
     std::set<ContinusPermissionRecord> startRecordList = PermissionRecordManager::GetInstance().startRecordList_;
     PermissionRecordManager::GetInstance().startRecordList_.clear();
-    AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
-        g_InfoParms1.instIndex);
-    ASSERT_NE(INVALID_TOKENID, tokenId);
+    std::vector<std::string> reqPerm;
+    reqPerm.emplace_back("ohos.permission.CAMERA");
+    reqPerm.emplace_back("ohos.permission.MANAGE_CAMERA_CONFIG");
+    MockHapToken mock("RemoveRecordFromStartListTest001", reqPerm, false);
 
-    EXPECT_EQ(0, SetSelfTokenID(tokenId));
+    AccessTokenID tokenId = GetSelfTokenID();;
 
     ActiveChangeType status = PERM_ACTIVE_IN_FOREGROUND;
     PermissionRecordManager::GetInstance().AddRecordToStartList(
@@ -1024,10 +1175,11 @@ HWTEST_F(PermissionRecordManagerTest, RemoveRecordFromStartListTest001, TestSize
  * @tc.type: FUNC
  * @tc.require: issueI5RWXF
  */
-HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest001, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest001, TestSize.Level4)
 {
     EXPECT_EQ(0, SetSelfTokenID(g_nativeToken));
 
+    bool isMuteCamera = CameraManagerAdapter::GetInstance().IsCameraMuted();
     // true means close
     PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::PRIVACY, CallerType::CAMERA, true, RANDOM_TOKENID);
 
@@ -1043,6 +1195,8 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest001, TestSize.Leve
     sleep(3); // wait for dialog disappear
     ASSERT_EQ(0, PermissionRecordManager::GetInstance().StopUsingPermission(
         tokenId, PID, "ohos.permission.CAMERA", CALLER_PID));
+    PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::PRIVACY, CallerType::CAMERA, isMuteCamera,
+        RANDOM_TOKENID);
 }
 
 /*
@@ -1051,7 +1205,7 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest001, TestSize.Leve
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, CreatePermissionUsedTypeTable001, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, CreatePermissionUsedTypeTable001, TestSize.Level4)
 {
     ASSERT_EQ(0, PermissionUsedRecordDb::GetInstance().CreatePermissionUsedTypeTable());
 
@@ -1069,7 +1223,7 @@ HWTEST_F(PermissionRecordManagerTest, CreatePermissionUsedTypeTable001, TestSize
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, InsertPermissionUsedTypeColumn001, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, InsertPermissionUsedTypeColumn001, TestSize.Level4)
 {
     ASSERT_EQ(Constant::SUCCESS, PermissionUsedRecordDb::GetInstance().InsertPermissionUsedTypeColumn());
 
diff --git a/services/privacymanager/test/coverage/sensitive_manager_coverage_test.cpp b/services/privacymanager/test/coverage/sensitive_manager_coverage_test.cpp
index 392eea355270287e2c08e5db1a6ce7971a12a6f4..cac6ec22d1dc46be6806eac5985edc614885e2d0 100644
--- a/services/privacymanager/test/coverage/sensitive_manager_coverage_test.cpp
+++ b/services/privacymanager/test/coverage/sensitive_manager_coverage_test.cpp
@@ -70,7 +70,7 @@ public:
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(SensitiveManagerCoverageTest, OnRemoteRequest001, TestSize.Level1)
+HWTEST_F(SensitiveManagerCoverageTest, OnRemoteRequest001, TestSize.Level4)
 {
     AppStateData appData;
     SensitiveManagerCoverageTestCb1 callback;
@@ -91,7 +91,7 @@ HWTEST_F(SensitiveManagerCoverageTest, OnRemoteRequest001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(SensitiveManagerCoverageTest, OnRemoteRequest002, TestSize.Level1)
+HWTEST_F(SensitiveManagerCoverageTest, OnRemoteRequest002, TestSize.Level4)
 {
     AppStateData appData;
     SensitiveManagerCoverageTestCb1 callback;
@@ -146,7 +146,7 @@ HWTEST_F(SensitiveManagerCoverageTest, OnRemoteRequest002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(SensitiveManagerCoverageTest, OnRemoteRequest003, TestSize.Level1)
+HWTEST_F(SensitiveManagerCoverageTest, OnRemoteRequest003, TestSize.Level4)
 {
     AppStateData appData;
     SensitiveManagerCoverageTestCb1 callback;
@@ -169,7 +169,7 @@ HWTEST_F(SensitiveManagerCoverageTest, OnRemoteRequest003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(SensitiveManagerCoverageTest, OnRemoteRequest004, TestSize.Level1)
+HWTEST_F(SensitiveManagerCoverageTest, OnRemoteRequest004, TestSize.Level4)
 {
     SensitiveManagerCoverageTestCb1 callback;
 
diff --git a/services/privacymanager/test/tool/BUILD.gn b/services/privacymanager/test/tool/BUILD.gn
index 9c31d167c1eb217b37c32137be9107da1dbd5248..8f3fecb5ef23f80e1320ca22c13f378bbe4159c0 100644
--- a/services/privacymanager/test/tool/BUILD.gn
+++ b/services/privacymanager/test/tool/BUILD.gn
@@ -15,9 +15,8 @@ import("//base/security/access_token/access_token.gni")
 import("//build/test.gni")
 
 ohos_unittest("CreateCameraWindowTest") {
-  subsystem_name = "security"
-  part_name = "access_token"
-  module_out_path = part_name + "/" + part_name
+  subsystem_name = "accesscontrol"
+  module_out_path = module_output_path_unittest_privacy
   sanitize = {
     cfi = true
     cfi_cross_dso = true
diff --git a/services/privacymanager/test/tool/camera_window_create.cpp b/services/privacymanager/test/tool/camera_window_create.cpp
index 6a48703d66d0ead59bb860d0670bcb63c8e0b1b3..ff01ea73011560b5b7ebfad502ef5cd5852cca01 100644
--- a/services/privacymanager/test/tool/camera_window_create.cpp
+++ b/services/privacymanager/test/tool/camera_window_create.cpp
@@ -83,7 +83,7 @@ static inline Rosen::Rect GetRectWithVpr(int32_t x, int32_t y, uint32_t w, uint3
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(CreateCameraWindowTest, CreateCameraFloatWindowTest, TestSize.Level1)
+HWTEST_F(CreateCameraWindowTest, CreateCameraFloatWindowTest, TestSize.Level0)
 {
     uint32_t tokenId = GetSelfTokenID();
     GTEST_LOG_(INFO) << "CreateCameraFloatWindowTest begin, tokenId: " << tokenId << std::endl;
diff --git a/services/privacymanager/test/unittest/BUILD.gn b/services/privacymanager/test/unittest/BUILD.gn
index 1520b904c6f86e5268a0809d2e973308862d5f49..dadd68779b5e59bc7b5554b4b4c0a5fac3ae8f75 100644
--- a/services/privacymanager/test/unittest/BUILD.gn
+++ b/services/privacymanager/test/unittest/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2022-2024 Huawei Device Co., Ltd.
+# Copyright (c) 2022-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -16,9 +16,8 @@ import("../../../../access_token.gni")
 
 if (is_standard_system && ability_base_enable == true) {
   ohos_unittest("libprivacy_manager_service_standard_test") {
-    subsystem_name = "security"
-    part_name = "access_token"
-    module_out_path = part_name + "/" + part_name
+    subsystem_name = "accesscontrol"
+    module_out_path = module_output_path_unittest_privacy
     sanitize = {
       cfi = true
       cfi_cross_dso = true
@@ -31,6 +30,8 @@ if (is_standard_system && ability_base_enable == true) {
       "${access_token_path}/frameworks/privacy/include",
       "${access_token_path}/interfaces/innerkits/accesstoken/include",
       "${access_token_path}/interfaces/innerkits/privacy/include",
+      "${access_token_path}/interfaces/innerkits/nativetoken/include",
+      "${access_token_path}/interfaces/innerkits/privacy/test/unittest/src",
       "${access_token_path}/interfaces/innerkits/privacy/src",
       "${access_token_path}/services/common/app_manager/include",
       "${access_token_path}/services/common/json_parse/include",
@@ -51,6 +52,7 @@ if (is_standard_system && ability_base_enable == true) {
     ]
 
     sources = [
+      "${access_token_path}/interfaces/innerkits/privacy/test/unittest/src/privacy_test_common.cpp",
       "${access_token_path}/services/common/libraryloader/src/libraryloader.cpp",
       "../../src/active/active_status_callback_manager.cpp",
       "../../src/active/perm_active_status_callback_death_recipient.cpp",
@@ -68,7 +70,6 @@ if (is_standard_system && ability_base_enable == true) {
       "../../src/sensitive/audio_manager/audio_manager_adapter.cpp",
       "../../src/sensitive/camera_manager/camera_manager_adapter.cpp",
       "../../src/service/privacy_manager_service.cpp",
-      "../../src/service/privacy_manager_stub.cpp",
       "permission_record_db_test.cpp",
       "permission_record_manager_test.cpp",
       "permission_record_set_test.cpp",
@@ -79,19 +80,24 @@ if (is_standard_system && ability_base_enable == true) {
 
     cflags_cc = [ "-DHILOG_ENABLE" ]
 
-    configs = [ "${access_token_path}/config:coverage_flags" ]
+    configs = [
+      "${access_token_path}/config:coverage_flags",
+      "${access_token_path}/services/privacymanager:privacy_manager_gen_config",
+    ]
 
     deps = [
       "${access_token_path}/frameworks/common:accesstoken_common_cxx",
       "${access_token_path}/frameworks/privacy:privacy_communication_adapter_cxx",
       "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk",
       "${access_token_path}/interfaces/innerkits/accesstoken:libtokenid_sdk",
+      "${access_token_path}/interfaces/innerkits/nativetoken:libnativetoken_shared",
       "${access_token_path}/interfaces/innerkits/privacy:libprivacy_sdk",
       "${access_token_path}/interfaces/innerkits/token_setproc:libtokensetproc_shared",
       "${access_token_path}/services/common:accesstoken_service_common",
       "${access_token_path}/services/common/proxy_death:proxy_death_handler",
       "${access_token_path}/services/common/proxy_death:proxy_death_stub",
       "${access_token_path}/services/privacymanager:privacy_manager_service",
+      "${access_token_path}/services/privacymanager:privacy_manager_stub",
     ]
 
     external_deps = [
diff --git a/services/privacymanager/test/unittest/permission_record_db_test.cpp b/services/privacymanager/test/unittest/permission_record_db_test.cpp
index dd740989856297f5b960b28139fd752373ca7795..97dbb5383ea204c215dc7d8f45760b5a738760e8 100644
--- a/services/privacymanager/test/unittest/permission_record_db_test.cpp
+++ b/services/privacymanager/test/unittest/permission_record_db_test.cpp
@@ -65,7 +65,7 @@ void PermissionRecordDBTest::TearDown()
  * @tc.type: FUNC
  * @tc.require: issueI5YL6H
  */
-HWTEST_F(PermissionRecordDBTest, CreateInsertPrepareSqlCmd001, TestSize.Level1)
+HWTEST_F(PermissionRecordDBTest, CreateInsertPrepareSqlCmd001, TestSize.Level0)
 {
     PermissionUsedRecordDb::DataType type = static_cast<PermissionUsedRecordDb::DataType>(100);
     ASSERT_EQ("", PermissionUsedRecordDb::GetInstance().CreateInsertPrepareSqlCmd(type));
@@ -77,7 +77,7 @@ HWTEST_F(PermissionRecordDBTest, CreateInsertPrepareSqlCmd001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5YL6H
  */
-HWTEST_F(PermissionRecordDBTest, CreateInsertPrepareSqlCmd002, TestSize.Level1)
+HWTEST_F(PermissionRecordDBTest, CreateInsertPrepareSqlCmd002, TestSize.Level0)
 {
     PermissionUsedRecordDb::DataType type = PermissionUsedRecordDb::PERMISSION_RECORD;
     ASSERT_NE("", PermissionUsedRecordDb::GetInstance().CreateInsertPrepareSqlCmd(type));
@@ -89,7 +89,7 @@ HWTEST_F(PermissionRecordDBTest, CreateInsertPrepareSqlCmd002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5YL6H
  */
-HWTEST_F(PermissionRecordDBTest, CreateDeletePrepareSqlCmd001, TestSize.Level1)
+HWTEST_F(PermissionRecordDBTest, CreateDeletePrepareSqlCmd001, TestSize.Level0)
 {
     PermissionUsedRecordDb::DataType type = static_cast<PermissionUsedRecordDb::DataType>(100);
     std::vector<std::string> columnNames;
@@ -102,7 +102,7 @@ HWTEST_F(PermissionRecordDBTest, CreateDeletePrepareSqlCmd001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5YL6H
  */
-HWTEST_F(PermissionRecordDBTest, CreateUpdatePrepareSqlCmd001, TestSize.Level1)
+HWTEST_F(PermissionRecordDBTest, CreateUpdatePrepareSqlCmd001, TestSize.Level0)
 {
     PermissionUsedRecordDb::DataType type = PermissionUsedRecordDb::PERMISSION_RECORD;
     std::vector<std::string> modifyColumns;
@@ -117,7 +117,7 @@ HWTEST_F(PermissionRecordDBTest, CreateUpdatePrepareSqlCmd001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5YL6H
  */
-HWTEST_F(PermissionRecordDBTest, CreateUpdatePrepareSqlCmd002, TestSize.Level1)
+HWTEST_F(PermissionRecordDBTest, CreateUpdatePrepareSqlCmd002, TestSize.Level0)
 {
     PermissionUsedRecordDb::DataType type = static_cast<PermissionUsedRecordDb::DataType>(100);
     std::vector<std::string> modifyColumns;
@@ -133,7 +133,7 @@ HWTEST_F(PermissionRecordDBTest, CreateUpdatePrepareSqlCmd002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5YL6H
  */
-HWTEST_F(PermissionRecordDBTest, CreateUpdatePrepareSqlCmd003, TestSize.Level1)
+HWTEST_F(PermissionRecordDBTest, CreateUpdatePrepareSqlCmd003, TestSize.Level0)
 {
     PermissionUsedRecordDb::DataType type = PermissionUsedRecordDb::PERMISSION_RECORD;
     std::vector<std::string> modifyColumns;
@@ -150,7 +150,7 @@ HWTEST_F(PermissionRecordDBTest, CreateUpdatePrepareSqlCmd003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5YL6H
  */
-HWTEST_F(PermissionRecordDBTest, CreateUpdatePrepareSqlCmd004, TestSize.Level1)
+HWTEST_F(PermissionRecordDBTest, CreateUpdatePrepareSqlCmd004, TestSize.Level0)
 {
     PermissionUsedRecordDb::DataType type = PermissionUsedRecordDb::PERMISSION_RECORD;
     std::vector<std::string> modifyColumns;
@@ -167,7 +167,7 @@ HWTEST_F(PermissionRecordDBTest, CreateUpdatePrepareSqlCmd004, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5YL6H
  */
-HWTEST_F(PermissionRecordDBTest, CreateUpdatePrepareSqlCmd005, TestSize.Level1)
+HWTEST_F(PermissionRecordDBTest, CreateUpdatePrepareSqlCmd005, TestSize.Level0)
 {
     PermissionUsedRecordDb::DataType type = PermissionUsedRecordDb::PERMISSION_RECORD;
     std::vector<std::string> modifyColumns;
@@ -185,7 +185,7 @@ HWTEST_F(PermissionRecordDBTest, CreateUpdatePrepareSqlCmd005, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5YL6H
  */
-HWTEST_F(PermissionRecordDBTest, CreateSelectByConditionPrepareSqlCmd001, TestSize.Level1)
+HWTEST_F(PermissionRecordDBTest, CreateSelectByConditionPrepareSqlCmd001, TestSize.Level0)
 {
     PermissionUsedRecordDb::DataType type = static_cast<PermissionUsedRecordDb::DataType>(100);
     std::set<int32_t> opCodeList;
@@ -200,7 +200,7 @@ HWTEST_F(PermissionRecordDBTest, CreateSelectByConditionPrepareSqlCmd001, TestSi
  * @tc.type: FUNC
  * @tc.require: issueI5YL6H
  */
-HWTEST_F(PermissionRecordDBTest, CreateSelectByConditionPrepareSqlCmd002, TestSize.Level1)
+HWTEST_F(PermissionRecordDBTest, CreateSelectByConditionPrepareSqlCmd002, TestSize.Level0)
 {
     PermissionUsedRecordDb::DataType type = PermissionUsedRecordDb::PERMISSION_RECORD;
     std::set<int32_t> opCodeList;
@@ -219,7 +219,7 @@ HWTEST_F(PermissionRecordDBTest, CreateSelectByConditionPrepareSqlCmd002, TestSi
  * @tc.type: FUNC
  * @tc.require: issueI5YL6H
  */
-HWTEST_F(PermissionRecordDBTest, CreateCountPrepareSqlCmd001, TestSize.Level1)
+HWTEST_F(PermissionRecordDBTest, CreateCountPrepareSqlCmd001, TestSize.Level0)
 {
     PermissionUsedRecordDb::DataType type = static_cast<PermissionUsedRecordDb::DataType>(100);
     ASSERT_EQ("", PermissionUsedRecordDb::GetInstance().CreateCountPrepareSqlCmd(type));
@@ -231,7 +231,7 @@ HWTEST_F(PermissionRecordDBTest, CreateCountPrepareSqlCmd001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5YL6H
  */
-HWTEST_F(PermissionRecordDBTest, CreateDeleteExpireRecordsPrepareSqlCmd001, TestSize.Level1)
+HWTEST_F(PermissionRecordDBTest, CreateDeleteExpireRecordsPrepareSqlCmd001, TestSize.Level0)
 {
     PermissionUsedRecordDb::DataType type = static_cast<PermissionUsedRecordDb::DataType>(100); // type not found
     std::vector<std::string> andColumns;
@@ -249,7 +249,7 @@ HWTEST_F(PermissionRecordDBTest, CreateDeleteExpireRecordsPrepareSqlCmd001, Test
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordDBTest, DeleteHistoryRecordsInTables001, TestSize.Level1)
+HWTEST_F(PermissionRecordDBTest, DeleteHistoryRecordsInTables001, TestSize.Level0)
 {
     std::vector<PermissionUsedRecordDb::DataType> dataTypes;
     dataTypes.emplace_back(PermissionUsedRecordDb::DataType::PERMISSION_RECORD);
@@ -265,7 +265,7 @@ HWTEST_F(PermissionRecordDBTest, DeleteHistoryRecordsInTables001, TestSize.Level
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordDBTest, CreateDeleteHistoryRecordsPrepareSqlCmd001, TestSize.Level1)
+HWTEST_F(PermissionRecordDBTest, CreateDeleteHistoryRecordsPrepareSqlCmd001, TestSize.Level0)
 {
     PermissionUsedRecordDb::DataType type = static_cast<PermissionUsedRecordDb::DataType>(100); // type not found
     std::unordered_set<AccessTokenID> tokenIDList;
@@ -282,7 +282,7 @@ HWTEST_F(PermissionRecordDBTest, CreateDeleteHistoryRecordsPrepareSqlCmd001, Tes
  * @tc.type: FUNC
  * @tc.require: issueI5YL6H
  */
-HWTEST_F(PermissionRecordDBTest, CreateDeleteExcessiveRecordsPrepareSqlCmd001, TestSize.Level1)
+HWTEST_F(PermissionRecordDBTest, CreateDeleteExcessiveRecordsPrepareSqlCmd001, TestSize.Level0)
 {
     PermissionUsedRecordDb::DataType type = static_cast<PermissionUsedRecordDb::DataType>(100);
     uint32_t excessiveSize = 10;
@@ -295,7 +295,7 @@ HWTEST_F(PermissionRecordDBTest, CreateDeleteExcessiveRecordsPrepareSqlCmd001, T
  * @tc.type: FUNC
  * @tc.require: issueI5YL6H
  */
-HWTEST_F(PermissionRecordDBTest, CreateDeleteExcessiveRecordsPrepareSqlCmd002, TestSize.Level1)
+HWTEST_F(PermissionRecordDBTest, CreateDeleteExcessiveRecordsPrepareSqlCmd002, TestSize.Level0)
 {
     PermissionUsedRecordDb::DataType type = PermissionUsedRecordDb::PERMISSION_RECORD;
     uint32_t excessiveSize = 10;
@@ -308,7 +308,7 @@ HWTEST_F(PermissionRecordDBTest, CreateDeleteExcessiveRecordsPrepareSqlCmd002, T
  * @tc.type: FUNC
  * @tc.require: issueI5YL6H
  */
-HWTEST_F(PermissionRecordDBTest, CreatePermissionRecordTable001, TestSize.Level1)
+HWTEST_F(PermissionRecordDBTest, CreatePermissionRecordTable001, TestSize.Level0)
 {
     ASSERT_EQ(0, PermissionUsedRecordDb::GetInstance().CreatePermissionRecordTable());
 
@@ -326,7 +326,7 @@ HWTEST_F(PermissionRecordDBTest, CreatePermissionRecordTable001, TestSize.Level1
  * @tc.type: FUNC
  * @tc.require: issueI5YL6H
  */
-HWTEST_F(PermissionRecordDBTest, InsertLockScreenStatusColumn001, TestSize.Level1)
+HWTEST_F(PermissionRecordDBTest, InsertLockScreenStatusColumn001, TestSize.Level0)
 {
     ASSERT_EQ(Constant::SUCCESS, PermissionUsedRecordDb::GetInstance().InsertLockScreenStatusColumn());
 
@@ -344,7 +344,7 @@ HWTEST_F(PermissionRecordDBTest, InsertLockScreenStatusColumn001, TestSize.Level
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordDBTest, TranslationIntoGenericValues001, TestSize.Level1)
+HWTEST_F(PermissionRecordDBTest, TranslationIntoGenericValues001, TestSize.Level0)
 {
     PermissionUsedRequest request;
     GenericValues andGenericValues;
@@ -385,7 +385,7 @@ HWTEST_F(PermissionRecordDBTest, TranslationIntoGenericValues001, TestSize.Level
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordDBTest, TranslationGenericValuesIntoPermissionUsedRecord001, TestSize.Level1)
+HWTEST_F(PermissionRecordDBTest, TranslationGenericValuesIntoPermissionUsedRecord001, TestSize.Level0)
 {
     GenericValues inGenericValues;
     PermissionUsedRecord permissionRecord;
@@ -413,7 +413,7 @@ HWTEST_F(PermissionRecordDBTest, TranslationGenericValuesIntoPermissionUsedRecor
  * @tc.type: FUNC
  * @tc.require: issueI5YL6H
  */
-HWTEST_F(PermissionRecordDBTest, Add001, TestSize.Level1)
+HWTEST_F(PermissionRecordDBTest, Add001, TestSize.Level0)
 {
     GenericValues value1;
     value1.Put(PrivacyFiledConst::FIELD_TOKEN_ID, 0);
@@ -446,7 +446,7 @@ HWTEST_F(PermissionRecordDBTest, Add001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5YL6H
  */
-HWTEST_F(PermissionRecordDBTest, Add002, TestSize.Level1)
+HWTEST_F(PermissionRecordDBTest, Add002, TestSize.Level0)
 {
     GenericValues value1;
     value1.Put(PrivacyFiledConst::FIELD_TOKEN_ID, 0);
@@ -485,7 +485,7 @@ HWTEST_F(PermissionRecordDBTest, Add002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5RWXF
  */
-HWTEST_F(PermissionRecordDBTest, Add003, TestSize.Level1)
+HWTEST_F(PermissionRecordDBTest, Add003, TestSize.Level0)
 {
     std::vector<GenericValues> values;
     PermissionUsedRecordDb::DataType type = PermissionUsedRecordDb::PERMISSION_RECORD;
@@ -498,7 +498,7 @@ HWTEST_F(PermissionRecordDBTest, Add003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5RWXF
  */
-HWTEST_F(PermissionRecordDBTest, Add004, TestSize.Level1)
+HWTEST_F(PermissionRecordDBTest, Add004, TestSize.Level0)
 {
     GenericValues value1;
     value1.Put(PrivacyFiledConst::FIELD_TOKEN_ID, 0);
@@ -539,7 +539,7 @@ HWTEST_F(PermissionRecordDBTest, Add004, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5YL6H
  */
-HWTEST_F(PermissionRecordDBTest, FindByConditions001, TestSize.Level1)
+HWTEST_F(PermissionRecordDBTest, FindByConditions001, TestSize.Level0)
 {
     GenericValues value;
     std::set<int32_t> opCodeList;
@@ -590,7 +590,7 @@ HWTEST_F(PermissionRecordDBTest, FindByConditions001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5YL6H
  */
-HWTEST_F(PermissionRecordDBTest, FindByConditions002, TestSize.Level1)
+HWTEST_F(PermissionRecordDBTest, FindByConditions002, TestSize.Level0)
 {
     GenericValues value1;
     value1.Put(PrivacyFiledConst::FIELD_TOKEN_ID, 1);
@@ -651,7 +651,7 @@ HWTEST_F(PermissionRecordDBTest, FindByConditions002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5YL6H
  */
-HWTEST_F(PermissionRecordDBTest, DeleteExpireRecords001, TestSize.Level1)
+HWTEST_F(PermissionRecordDBTest, DeleteExpireRecords001, TestSize.Level0)
 {
     PermissionUsedRecordDb::DataType type = PermissionUsedRecordDb::PERMISSION_RECORD;
     GenericValues andConditions;
@@ -664,7 +664,7 @@ HWTEST_F(PermissionRecordDBTest, DeleteExpireRecords001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5YL6H
  */
-HWTEST_F(PermissionRecordDBTest, DeleteExcessiveRecords001, TestSize.Level1)
+HWTEST_F(PermissionRecordDBTest, DeleteExcessiveRecords001, TestSize.Level0)
 {
     PermissionUsedRecordDb::DataType type = PermissionUsedRecordDb::PERMISSION_RECORD;
     uint32_t excessiveSize = 10;
@@ -677,7 +677,7 @@ HWTEST_F(PermissionRecordDBTest, DeleteExcessiveRecords001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordDBTest, CreateQueryPrepareSqlCmd001, TestSize.Level1)
+HWTEST_F(PermissionRecordDBTest, CreateQueryPrepareSqlCmd001, TestSize.Level0)
 {
     PermissionUsedRecordDb::DataType type = PermissionUsedRecordDb::PERMISSION_USED_TYPE;
     std::vector<std::string> conditionColumns;
@@ -695,7 +695,7 @@ HWTEST_F(PermissionRecordDBTest, CreateQueryPrepareSqlCmd001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordDBTest, Query001, TestSize.Level1)
+HWTEST_F(PermissionRecordDBTest, Query001, TestSize.Level0)
 {
     PermissionUsedRecordDb::DataType type = PermissionUsedRecordDb::PERMISSION_USED_TYPE;
     GenericValues conditionValue;
@@ -743,7 +743,7 @@ HWTEST_F(PermissionRecordDBTest, Query001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordDBTest, Update001, TestSize.Level1)
+HWTEST_F(PermissionRecordDBTest, Update001, TestSize.Level0)
 {
     PermissionUsedRecordDb::DataType type = PermissionUsedRecordDb::PERMISSION_USED_TYPE;
     GenericValues conditionValue;
diff --git a/services/privacymanager/test/unittest/permission_record_manager_test.cpp b/services/privacymanager/test/unittest/permission_record_manager_test.cpp
index ad105ad9ee852f08b9dda0cf2bebd4700896b3ff..c720cfd50e963d39953c0f4ea1019b959dcfd351 100644
--- a/services/privacymanager/test/unittest/permission_record_manager_test.cpp
+++ b/services/privacymanager/test/unittest/permission_record_manager_test.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2022-2024 Huawei Device Co., Ltd.
+ * Copyright (c) 2022-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -38,6 +38,7 @@
 #include "privacy_error.h"
 #include "privacy_field_const.h"
 #include "privacy_kit.h"
+#include "privacy_test_common.h"
 #include "state_change_callback.h"
 #include "time_util.h"
 #include "token_setproc.h"
@@ -60,6 +61,7 @@ static AccessTokenID g_selfTokenId = 0;
 static AccessTokenID g_nativeToken = 0;
 static bool g_isMicEdmMute = false;
 static bool g_isMicMixMute = false;
+static bool g_isMicMute = false;
 static constexpr int32_t TEST_USER_ID_10 = 10;
 static constexpr int32_t TEST_INVALID_USER_ID = -1;
 static constexpr int32_t TEST_INVALID_USER_ID_20000 = 20000;
@@ -71,6 +73,7 @@ static const int32_t PICKER_TYPE_ADD_VALUE = 2;
 static const int32_t SEC_COMPONENT_TYPE_ADD_VALUE = 4;
 static const int32_t VALUE_MAX_LEN = 32;
 static const char* EDM_MIC_MUTE_KEY = "persist.edm.mic_disable";
+static MockNativeToken* g_mock = nullptr;
 static PermissionStateFull g_testState1 = {
     .permissionName = "ohos.permission.CAMERA",
     .isGeneral = true,
@@ -138,21 +141,30 @@ public:
 
 void PermissionRecordManagerTest::SetUpTestCase()
 {
+    g_selfTokenId = GetSelfTokenID();
+    PrivacyTestCommon::SetTestEvironment(g_selfTokenId);
+    g_mock = new (std::nothrow) MockNativeToken("privacy_service");
+
     DelayedSingleton<PrivacyManagerService>::GetInstance()->Initialize();
     PermissionRecordManager::GetInstance().Init();
 
-    g_selfTokenId = GetSelfTokenID();
-    g_nativeToken = AccessTokenKit::GetNativeTokenId("privacy_service");
+    g_nativeToken = PrivacyTestCommon::GetNativeTokenIdFromProcess("privacy_service");
     g_isMicEdmMute = PermissionRecordManager::GetInstance().isMicEdmMute_;
     g_isMicMixMute = PermissionRecordManager::GetInstance().isMicMixMute_;
     PermissionRecordManager::GetInstance().isMicEdmMute_ = false;
     PermissionRecordManager::GetInstance().isMicMixMute_ = false;
+    g_isMicMute = AudioManagerAdapter::GetInstance().GetPersistentMicMuteState();
 }
 
 void PermissionRecordManagerTest::TearDownTestCase()
 {
     PermissionRecordManager::GetInstance().isMicEdmMute_ = g_isMicEdmMute;
     PermissionRecordManager::GetInstance().isMicMixMute_ = g_isMicMixMute;
+    PrivacyTestCommon::ResetTestEvironment();
+    if (g_mock != nullptr) {
+        delete g_mock;
+        g_mock = nullptr;
+    }
 }
 
 void PermissionRecordManagerTest::SetUp()
@@ -160,8 +172,10 @@ void PermissionRecordManagerTest::SetUp()
     PermissionRecordManager::GetInstance().Init();
     PermissionRecordManager::GetInstance().Register();
 
-    AccessTokenKit::AllocHapToken(g_InfoParms1, g_PolicyPrams1);
-    AccessTokenKit::AllocHapToken(g_InfoParms2, g_PolicyPrams2);
+    AccessTokenIDEx tokenIdEx = PrivacyTestCommon::AllocTestHapToken(g_InfoParms1, g_PolicyPrams1);
+    ASSERT_NE(tokenIdEx.tokenIdExStruct.tokenID, INVALID_TOKENID);
+    tokenIdEx = PrivacyTestCommon::AllocTestHapToken(g_InfoParms2, g_PolicyPrams2);
+    ASSERT_NE(tokenIdEx.tokenIdExStruct.tokenID, INVALID_TOKENID);
     PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::PRIVACY, CallerType::MICROPHONE, false,
         RANDOM_TOKENID);
     if (appStateObserver_ != nullptr) {
@@ -172,16 +186,17 @@ void PermissionRecordManagerTest::SetUp()
 
 void PermissionRecordManagerTest::TearDown()
 {
-    AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
+    PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::PRIVACY, CallerType::MICROPHONE, g_isMicMute,
+        RANDOM_TOKENID);
+    AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName,
         g_InfoParms1.instIndex);
-    AccessTokenKit::DeleteToken(tokenId);
-    PrivacyKit::RemovePermissionUsedRecords(tokenId);
-    tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms2.userID, g_InfoParms2.bundleName,
+    PrivacyTestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID);
+    PrivacyKit::RemovePermissionUsedRecords(tokenIdEx.tokenIdExStruct.tokenID);
+    tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms2.userID, g_InfoParms2.bundleName,
         g_InfoParms2.instIndex);
-    AccessTokenKit::DeleteToken(tokenId);
-    PrivacyKit::RemovePermissionUsedRecords(tokenId);
+    PrivacyTestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID);
+    PrivacyKit::RemovePermissionUsedRecords(tokenIdEx.tokenIdExStruct.tokenID);
     appStateObserver_ = nullptr;
-    EXPECT_EQ(0, SetSelfTokenID(g_selfTokenId));
 }
 
 class PermissionRecordManagerTestCb1 : public StateCustomizedCbk {
@@ -222,7 +237,7 @@ static PermissionUsedTypeInfo MakeInfo(AccessTokenID tokenId, int32_t pid, const
  * @tc.type: FUNC
  * @tc.require: issueI5RWX8
  */
-HWTEST_F(PermissionRecordManagerTest, RegisterPermActiveStatusCallback001, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, RegisterPermActiveStatusCallback001, TestSize.Level0)
 {
     std::vector<std::string> permList = {"ohos.permission.CAMERA"};
     ASSERT_EQ(PrivacyError::ERR_PARAM_INVALID, PermissionRecordManager::GetInstance().RegisterPermActiveStatusCallback(
@@ -256,7 +271,7 @@ public:
  * @tc.type: FUNC
  * @tc.require: issueI5RWX8
  */
-HWTEST_F(PermissionRecordManagerTest, RegisterPermActiveStatusCallback002, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, RegisterPermActiveStatusCallback002, TestSize.Level0)
 {
     std::vector<std::string> permList = {"ohos.permission.CAMERA"};
     std::vector<sptr<PermActiveStatusChangeCallback>> callbacks;
@@ -287,7 +302,7 @@ HWTEST_F(PermissionRecordManagerTest, RegisterPermActiveStatusCallback002, TestS
  * @tc.type: FUNC
  * @tc.require: issueI5RWX8
  */
-HWTEST_F(PermissionRecordManagerTest, UnRegisterPermActiveStatusCallback001, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, UnRegisterPermActiveStatusCallback001, TestSize.Level0)
 {
     std::vector<std::string> permList = {"ohos.permission.CAMERA"};
     ASSERT_EQ(PrivacyError::ERR_PARAM_INVALID, PermissionRecordManager::GetInstance().RegisterPermActiveStatusCallback(
@@ -300,16 +315,13 @@ HWTEST_F(PermissionRecordManagerTest, UnRegisterPermActiveStatusCallback001, Tes
  * @tc.type: FUNC
  * @tc.require: issueI5RWX5 issueI5RWX3 issueI5RWXA
  */
-HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest001, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest001, TestSize.Level0)
 {
     std::string permissionName = "ohos.permission.CAMERA";
     auto callbackPtr = std::make_shared<PermissionRecordManagerTestCb1>();
     auto callbackWrap = new (std::nothrow) StateChangeCallback(callbackPtr);
     ASSERT_NE(nullptr, callbackPtr);
     ASSERT_NE(nullptr, callbackWrap);
-    AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
-        g_InfoParms1.instIndex);
-    ASSERT_NE(INVALID_TOKENID, tokenId);
     ASSERT_EQ(ERR_PARAM_INVALID, PermissionRecordManager::GetInstance().StartUsingPermission(
         MakeInfo(0, PID, permissionName), callbackWrap->AsObject(), CALLER_PID));
 }
@@ -320,16 +332,15 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest001, TestSize.Leve
  * @tc.type: FUNC
  * @tc.require: issueI5RWXF
  */
-HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest002, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest002, TestSize.Level0)
 {
-    EXPECT_EQ(0, SetSelfTokenID(g_nativeToken));
-
     auto callbackPtr = std::make_shared<PermissionRecordManagerTestCb1>();
     auto callbackWrap = new (std::nothrow) StateChangeCallback(callbackPtr);
     ASSERT_NE(nullptr, callbackPtr);
     ASSERT_NE(nullptr, callbackWrap);
-    AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
+    AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName,
         g_InfoParms1.instIndex);
+    AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
     ASSERT_NE(INVALID_TOKENID, tokenId);
     ASSERT_EQ(ERR_PARAM_INVALID, PermissionRecordManager::GetInstance().StartUsingPermission(
         MakeInfo(tokenId, PID, "ohos.permission.LOCATION"), callbackWrap->AsObject(), CALLER_PID));
@@ -354,10 +365,8 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest002, TestSize.Leve
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest003, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest003, TestSize.Level0)
 {
-    EXPECT_EQ(0, SetSelfTokenID(g_nativeToken));
-
     char value[VALUE_MAX_LEN] = {0};
     GetParameter(EDM_MIC_MUTE_KEY, "", value, VALUE_MAX_LEN - 1);
     GTEST_LOG_(INFO) << "value:" << value;
@@ -365,9 +374,10 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest003, TestSize.Leve
     bool isMute = strncmp(value, "true", VALUE_MAX_LEN) == 0;
     SetParameter(EDM_MIC_MUTE_KEY, "true");
 
-    AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
+    AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName,
         g_InfoParms1.instIndex);
-    ASSERT_NE(static_cast<AccessTokenID>(0), tokenId);
+    AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
+    ASSERT_NE(INVALID_TOKENID, tokenId);
     std::string permissionName = "ohos.permission.MICROPHONE";
     ASSERT_EQ(PrivacyError::ERR_EDM_POLICY_CHECK_FAILED,
         PermissionRecordManager::GetInstance().StartUsingPermission(
@@ -382,10 +392,8 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest003, TestSize.Leve
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest004, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest004, TestSize.Level0)
 {
-    EXPECT_EQ(0, SetSelfTokenID(g_nativeToken));
-
     char value[VALUE_MAX_LEN] = {0};
     GetParameter(EDM_MIC_MUTE_KEY, "", value, VALUE_MAX_LEN - 1);
     GTEST_LOG_(INFO) << "value:" << value;
@@ -402,9 +410,10 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest004, TestSize.Leve
     ASSERT_EQ(RET_SUCCESS, PermissionRecordManager::GetInstance().RegisterPermActiveStatusCallback(
         GetSelfTokenID(), permList, callback->AsObject()));
 
-    AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
+    AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName,
         g_InfoParms1.instIndex);
-    ASSERT_NE(static_cast<AccessTokenID>(0), tokenId);
+    AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
+    ASSERT_NE(INVALID_TOKENID, tokenId);
     std::string permissionName = "ohos.permission.READ_MEDIA";
     ASSERT_EQ(RET_SUCCESS,
         PermissionRecordManager::GetInstance().StartUsingPermission(
@@ -424,10 +433,8 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest004, TestSize.Leve
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest005, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest005, TestSize.Level0)
 {
-    EXPECT_EQ(0, SetSelfTokenID(g_nativeToken));
-
     char value[VALUE_MAX_LEN] = {0};
     GetParameter(EDM_MIC_MUTE_KEY, "", value, VALUE_MAX_LEN - 1);
     GTEST_LOG_(INFO) << "value:" << value;
@@ -443,9 +450,10 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest005, TestSize.Leve
     ASSERT_EQ(RET_SUCCESS, PermissionRecordManager::GetInstance().RegisterPermActiveStatusCallback(
         GetSelfTokenID(), permList, callback->AsObject()));
 
-    AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
+    AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName,
         g_InfoParms1.instIndex);
-    ASSERT_NE(static_cast<AccessTokenID>(0), tokenId);
+    AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
+    ASSERT_NE(INVALID_TOKENID, tokenId);
     std::string permissionName = "ohos.permission.READ_MEDIA";
     ASSERT_EQ(RET_SUCCESS,
         PermissionRecordManager::GetInstance().StartUsingPermission(
@@ -466,10 +474,8 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest005, TestSize.Leve
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest006, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest006, TestSize.Level0)
 {
-    EXPECT_EQ(0, SetSelfTokenID(g_nativeToken));
-
     char value[VALUE_MAX_LEN] = {0};
     GetParameter(EDM_MIC_MUTE_KEY, "", value, VALUE_MAX_LEN - 1);
     GTEST_LOG_(INFO) << "value:" << value;
@@ -485,9 +491,10 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest006, TestSize.Leve
     ASSERT_EQ(RET_SUCCESS, PermissionRecordManager::GetInstance().RegisterPermActiveStatusCallback(
         GetSelfTokenID(), permList, callback->AsObject()));
 
-    AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
+    AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName,
         g_InfoParms1.instIndex);
-    ASSERT_NE(static_cast<AccessTokenID>(0), tokenId);
+    AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
+    ASSERT_NE(INVALID_TOKENID, tokenId);
     std::string permissionName = "ohos.permission.LOCATION";
     ASSERT_EQ(RET_SUCCESS,
         PermissionRecordManager::GetInstance().StartUsingPermission(
@@ -508,11 +515,12 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest006, TestSize.Leve
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest007, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest007, TestSize.Level0)
 {
-    AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
+    AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName,
         g_InfoParms1.instIndex);
-    ASSERT_NE(static_cast<AccessTokenID>(0), tokenId);
+    AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
+    ASSERT_NE(INVALID_TOKENID, tokenId);
 
     // tokenId invaild
     ASSERT_EQ(PrivacyError::ERR_PARAM_INVALID, PermissionRecordManager::GetInstance().StartUsingPermission(
@@ -535,19 +543,18 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest007, TestSize.Leve
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest008, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest008, TestSize.Level0)
 {
-    EXPECT_EQ(0, SetSelfTokenID(g_nativeToken));
-
     std::vector<std::string> permList = {"ohos.permission.CAMERA"};
     sptr<PermActiveStatusChangeCallback> callback = new (std::nothrow) PermActiveStatusChangeCallback();
     ASSERT_NE(nullptr, callback);
     ASSERT_EQ(RET_SUCCESS, PermissionRecordManager::GetInstance().RegisterPermActiveStatusCallback(
         GetSelfTokenID(), permList, callback->AsObject()));
 
-    AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
+    AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName,
         g_InfoParms1.instIndex);
-    ASSERT_NE(static_cast<AccessTokenID>(0), tokenId);
+    AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
+    ASSERT_NE(INVALID_TOKENID, tokenId);
     std::string permissionName = "ohos.permission.CAMERA";
     ASSERT_EQ(RET_SUCCESS,
         PermissionRecordManager::GetInstance().StartUsingPermission(
@@ -579,10 +586,8 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest008, TestSize.Leve
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest009, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest009, TestSize.Level0)
 {
-    EXPECT_EQ(0, SetSelfTokenID(g_nativeToken));
-
     auto callbackPtr1 = std::make_shared<PermissionRecordManagerTestCb1>();
     auto callbackWrap1 = new (std::nothrow) StateChangeCallback(callbackPtr1);
     ASSERT_NE(nullptr, callbackPtr1);
@@ -593,9 +598,10 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest009, TestSize.Leve
     ASSERT_NE(nullptr, callbackPtr2);
     ASSERT_NE(nullptr, callbackWrap2);
 
-    AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
+    AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName,
         g_InfoParms1.instIndex);
-    ASSERT_NE(static_cast<AccessTokenID>(0), tokenId);
+    AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
+    ASSERT_NE(INVALID_TOKENID, tokenId);
     std::string permissionName = "ohos.permission.CAMERA";
 
     ASSERT_EQ(RET_SUCCESS, PermissionRecordManager::GetInstance().StartUsingPermission(
@@ -630,19 +636,18 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest009, TestSize.Leve
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest010, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest010, TestSize.Level0)
 {
-    EXPECT_EQ(0, SetSelfTokenID(g_nativeToken));
-
     std::vector<std::string> permList = {"ohos.permission.CAMERA"};
     sptr<PermActiveStatusChangeCallback> callback = new (std::nothrow) PermActiveStatusChangeCallback();
     ASSERT_NE(nullptr, callback);
     ASSERT_EQ(RET_SUCCESS, PermissionRecordManager::GetInstance().RegisterPermActiveStatusCallback(
         GetSelfTokenID(), permList, callback->AsObject()));
 
-    AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
+    AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName,
         g_InfoParms1.instIndex);
-    ASSERT_NE(static_cast<AccessTokenID>(0), tokenId);
+    AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
+    ASSERT_NE(INVALID_TOKENID, tokenId);
     std::string permissionName = "ohos.permission.CAMERA";
     ASSERT_EQ(RET_SUCCESS,
         PermissionRecordManager::GetInstance().StartUsingPermission(
@@ -670,18 +675,17 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest010, TestSize.Leve
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest011, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest011, TestSize.Level0)
 {
-    EXPECT_EQ(0, SetSelfTokenID(g_nativeToken));
-
     std::vector<std::string> permList = {"ohos.permission.CAMERA"};
     sptr<PermActiveStatusChangeCallback> callback = new (std::nothrow) PermActiveStatusChangeCallback();
     ASSERT_NE(nullptr, callback);
     ASSERT_EQ(RET_SUCCESS, PermissionRecordManager::GetInstance().RegisterPermActiveStatusCallback(
         GetSelfTokenID(), permList, callback->AsObject()));
-    AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
+    AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName,
         g_InfoParms1.instIndex);
-    ASSERT_NE(static_cast<AccessTokenID>(0), tokenId);
+    AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
+    ASSERT_NE(INVALID_TOKENID, tokenId);
     std::string permissionName = "ohos.permission.CAMERA";
     ASSERT_EQ(RET_SUCCESS,
         PermissionRecordManager::GetInstance().StartUsingPermission(
@@ -708,10 +712,8 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest011, TestSize.Leve
  * @tc.type: FUNC
  * @tc.require: issueI5RWXF
  */
-HWTEST_F(PermissionRecordManagerTest, ShowGlobalDialog001, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, ShowGlobalDialog001, TestSize.Level0)
 {
-    EXPECT_EQ(0, SetSelfTokenID(g_nativeToken));
-
     ASSERT_EQ(true, PermissionRecordManager::GetInstance().ShowGlobalDialog("ohos.permission.CAMERA"));
     sleep(3); // wait for dialog disappear
     ASSERT_EQ(true, PermissionRecordManager::GetInstance().ShowGlobalDialog("ohos.permission.MICROPHONE"));
@@ -726,10 +728,8 @@ HWTEST_F(PermissionRecordManagerTest, ShowGlobalDialog001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5RWXF
  */
-HWTEST_F(PermissionRecordManagerTest, AppStateChangeListener001, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, AppStateChangeListener001, TestSize.Level0)
 {
-    EXPECT_EQ(0, SetSelfTokenID(g_nativeToken));
-    
     char value[VALUE_MAX_LEN] = {0};
     GetParameter(EDM_MIC_MUTE_KEY, "", value, VALUE_MAX_LEN - 1);
     GTEST_LOG_(INFO) << "value:" << value;
@@ -739,8 +739,10 @@ HWTEST_F(PermissionRecordManagerTest, AppStateChangeListener001, TestSize.Level1
 
     PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::PRIVACY, CallerType::MICROPHONE, true,
         RANDOM_TOKENID);
-    AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
+    AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName,
         g_InfoParms1.instIndex);
+    AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
+    ASSERT_NE(INVALID_TOKENID, tokenId);
     // status is inactive
     ASSERT_EQ(RET_SUCCESS,
         PermissionRecordManager::GetInstance().StartUsingPermission(
@@ -760,7 +762,7 @@ HWTEST_F(PermissionRecordManagerTest, AppStateChangeListener001, TestSize.Level1
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, TransferOpcodeToPermission001, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, TransferOpcodeToPermission001, TestSize.Level0)
 {
     int32_t opCode = static_cast<int32_t>(Constant::OpCode::OP_INVALID);
     std::string permissionName;
@@ -773,11 +775,13 @@ HWTEST_F(PermissionRecordManagerTest, TransferOpcodeToPermission001, TestSize.Le
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, AddPermissionUsedRecord001, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, AddPermissionUsedRecord001, TestSize.Level0)
 {
-    AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
+    MockNativeToken mock("camera_service"); // native process with have add permission
+    AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName,
         g_InfoParms1.instIndex);
-    ASSERT_NE(static_cast<AccessTokenID>(0), tokenId);
+    AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
+    ASSERT_NE(INVALID_TOKENID, tokenId);
 
     AddPermParamInfo info;
     info.tokenId = tokenId;
@@ -803,11 +807,13 @@ HWTEST_F(PermissionRecordManagerTest, AddPermissionUsedRecord001, TestSize.Level
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, AddPermissionUsedRecord002, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, AddPermissionUsedRecord002, TestSize.Level0)
 {
-    AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
+    MockNativeToken mock("camera_service"); // native process with have permission
+    AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName,
         g_InfoParms1.instIndex);
-    ASSERT_NE(static_cast<AccessTokenID>(0), tokenId);
+    AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
+    ASSERT_NE(INVALID_TOKENID, tokenId);
 
     AddPermParamInfo info;
     info.tokenId = tokenId;
@@ -817,26 +823,13 @@ HWTEST_F(PermissionRecordManagerTest, AddPermissionUsedRecord002, TestSize.Level
     ASSERT_EQ(PrivacyError::ERR_PARAM_INVALID, PermissionRecordManager::GetInstance().AddPermissionUsedRecord(info));
 }
 
-/*
- * @tc.name: RemovePermissionUsedRecords001
- * @tc.desc: PermissionRecordManager::RemovePermissionUsedRecords function test
- * @tc.type: FUNC
- * @tc.require:
- */
-HWTEST_F(PermissionRecordManagerTest, RemovePermissionUsedRecords001, TestSize.Level1)
-{
-    AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
-        g_InfoParms1.instIndex);
-    ASSERT_NE(static_cast<AccessTokenID>(0), tokenId);
-}
-
 /*
  * @tc.name:SetPermissionUsedRecordToggleStatus001
  * @tc.desc: PermissionRecordManager::SetPermissionUsedRecordToggleStatus function test
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, SetPermissionUsedRecordToggleStatus001, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, SetPermissionUsedRecordToggleStatus001, TestSize.Level0)
 {
     int32_t ret = PermissionRecordManager::GetInstance().SetPermissionUsedRecordToggleStatus(
         TEST_INVALID_USER_ID, true);
@@ -853,7 +846,7 @@ HWTEST_F(PermissionRecordManagerTest, SetPermissionUsedRecordToggleStatus001, Te
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, GetPermissionUsedRecordToggleStatus001, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, GetPermissionUsedRecordToggleStatus001, TestSize.Level0)
 {
     bool status = true;
     int32_t ret = PermissionRecordManager::GetInstance().GetPermissionUsedRecordToggleStatus(
@@ -871,7 +864,7 @@ HWTEST_F(PermissionRecordManagerTest, GetPermissionUsedRecordToggleStatus001, Te
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, UpdatePermUsedRecToggleStatusMap001, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, UpdatePermUsedRecToggleStatusMap001, TestSize.Level0)
 {
     bool checkStatus = PermissionRecordManager::GetInstance().CheckPermissionUsedRecordToggleStatus(TEST_USER_ID_10);
     EXPECT_TRUE(checkStatus);
@@ -896,11 +889,12 @@ HWTEST_F(PermissionRecordManagerTest, UpdatePermUsedRecToggleStatusMap001, TestS
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, StopUsingPermission001, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, StopUsingPermission001, TestSize.Level0)
 {
-    AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
+    AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName,
         g_InfoParms1.instIndex);
-    ASSERT_NE(static_cast<AccessTokenID>(0), tokenId);
+    AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
+    ASSERT_NE(INVALID_TOKENID, tokenId);
 
     // tokenId invaild
     ASSERT_EQ(PrivacyError::ERR_PARAM_INVALID, PermissionRecordManager::GetInstance().StopUsingPermission(
@@ -922,7 +916,7 @@ HWTEST_F(PermissionRecordManagerTest, StopUsingPermission001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, RegisterPermActiveStatusCallback003, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, RegisterPermActiveStatusCallback003, TestSize.Level0)
 {
     std::vector<std::string> permList;
 
@@ -938,7 +932,7 @@ HWTEST_F(PermissionRecordManagerTest, RegisterPermActiveStatusCallback003, TestS
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, GetPermissionUsedType001, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, GetPermissionUsedType001, TestSize.Level0)
 {
     uint32_t tokenId = RANDOM_TOKENID;
     std::string permissionName = "ohos.permission.PERMISSION_RECORD_MANAGER_TEST";
@@ -962,7 +956,7 @@ HWTEST_F(PermissionRecordManagerTest, GetPermissionUsedType001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, Dlopen001, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, Dlopen001, TestSize.Level0)
 {
     LibraryLoader loader1("libnotexist.z.so"); // is a not exist path
     EXPECT_EQ(nullptr, loader1.handle_);
@@ -978,7 +972,7 @@ HWTEST_F(PermissionRecordManagerTest, Dlopen001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, AddDataValueToResults001, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, AddDataValueToResults001, TestSize.Level0)
 {
     GenericValues value;
     value.Put(PrivacyFiledConst::FIELD_TOKEN_ID, static_cast<int32_t>(RANDOM_TOKENID));
@@ -995,7 +989,7 @@ HWTEST_F(PermissionRecordManagerTest, AddDataValueToResults001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, AddDataValueToResults002, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, AddDataValueToResults002, TestSize.Level0)
 {
     GenericValues value;
     value.Put(PrivacyFiledConst::FIELD_TOKEN_ID, static_cast<int32_t>(RANDOM_TOKENID));
@@ -1012,7 +1006,7 @@ HWTEST_F(PermissionRecordManagerTest, AddDataValueToResults002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, AddDataValueToResults003, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, AddDataValueToResults003, TestSize.Level0)
 {
     GenericValues value;
     value.Put(PrivacyFiledConst::FIELD_TOKEN_ID, static_cast<int32_t>(RANDOM_TOKENID));
@@ -1030,9 +1024,9 @@ HWTEST_F(PermissionRecordManagerTest, AddDataValueToResults003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest001, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest001, TestSize.Level0)
 {
-    uint32_t tokenID = AccessTokenKit::GetNativeTokenId("edm");
+    uint32_t tokenID = PrivacyTestCommon::GetNativeTokenIdFromProcess("edm");
     PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::EDM, CallerType::MICROPHONE, true, tokenID);
     PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::PRIVACY, CallerType::MICROPHONE, true,
         RANDOM_TOKENID);
@@ -1052,9 +1046,9 @@ HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest002, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest002, TestSize.Level0)
 {
-    uint32_t tokenID = AccessTokenKit::GetNativeTokenId("edm");
+    uint32_t tokenID = PrivacyTestCommon::GetNativeTokenIdFromProcess("edm");
     PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::EDM, CallerType::MICROPHONE, false, tokenID);
     PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::PRIVACY, CallerType::MICROPHONE, true,
         RANDOM_TOKENID);
@@ -1074,9 +1068,9 @@ HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest003, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest003, TestSize.Level0)
 {
-    uint32_t tokenID = AccessTokenKit::GetNativeTokenId("edm");
+    uint32_t tokenID = PrivacyTestCommon::GetNativeTokenIdFromProcess("edm");
     PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::EDM, CallerType::MICROPHONE, false, tokenID);
     PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::PRIVACY, CallerType::MICROPHONE, false,
         RANDOM_TOKENID);
@@ -1096,9 +1090,9 @@ HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest004, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest004, TestSize.Level0)
 {
-    uint32_t tokenID = AccessTokenKit::GetNativeTokenId("edm");
+    uint32_t tokenID = PrivacyTestCommon::GetNativeTokenIdFromProcess("edm");
     PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::EDM, CallerType::MICROPHONE, true, tokenID);
     PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::PRIVACY, CallerType::MICROPHONE, true,
         RANDOM_TOKENID);
@@ -1119,9 +1113,9 @@ HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest004, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest005, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest005, TestSize.Level0)
 {
-    uint32_t tokenID = AccessTokenKit::GetNativeTokenId("edm");
+    uint32_t tokenID = PrivacyTestCommon::GetNativeTokenIdFromProcess("edm");
     PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::EDM, CallerType::MICROPHONE, false, tokenID);
     PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::PRIVACY, CallerType::MICROPHONE, true,
         RANDOM_TOKENID);
@@ -1141,9 +1135,9 @@ HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest005, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest006, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest006, TestSize.Level0)
 {
-    uint32_t tokenID = AccessTokenKit::GetNativeTokenId("edm");
+    uint32_t tokenID = PrivacyTestCommon::GetNativeTokenIdFromProcess("edm");
     PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::EDM, CallerType::MICROPHONE, false, tokenID);
     PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::PRIVACY, CallerType::MICROPHONE, false,
         RANDOM_TOKENID);
@@ -1163,9 +1157,9 @@ HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest006, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest007, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest007, TestSize.Level0)
 {
-    uint32_t tokenID = AccessTokenKit::GetNativeTokenId("edm");
+    uint32_t tokenID = PrivacyTestCommon::GetNativeTokenIdFromProcess("edm");
     PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::EDM, CallerType::MICROPHONE, true, tokenID);
     PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::PRIVACY, CallerType::MICROPHONE, true,
         RANDOM_TOKENID);
@@ -1186,10 +1180,9 @@ HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest007, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest008, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest008, TestSize.Level0)
 {
-    EXPECT_EQ(0, SetSelfTokenID(g_nativeToken));
-    uint32_t tokenID = AccessTokenKit::GetNativeTokenId("edm");
+    uint32_t tokenID = PrivacyTestCommon::GetNativeTokenIdFromProcess("edm");
     PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::EDM, CallerType::MICROPHONE, false, tokenID);
     PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::PRIVACY, CallerType::MICROPHONE, true,
         RANDOM_TOKENID);
@@ -1210,9 +1203,9 @@ HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest008, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest009, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest009, TestSize.Level0)
 {
-    uint32_t tokenID = AccessTokenKit::GetNativeTokenId("edm");
+    uint32_t tokenID = PrivacyTestCommon::GetNativeTokenIdFromProcess("edm");
     PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::EDM, CallerType::MICROPHONE, false, tokenID);
     PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::PRIVACY, CallerType::MICROPHONE, false,
         RANDOM_TOKENID);
@@ -1260,24 +1253,26 @@ public:
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, ProxyDeathTest001, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, ProxyDeathTest001, TestSize.Level0)
 {
     DiedProxyMaker init;
     init.AddRecipient(CALLER_PID);
     init.TestDie(CALLER_PID);
     ASSERT_EQ(0, PermissionRecordManager::GetInstance().startRecordList_.size());
 
-    AccessTokenID tokenId1 = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
+    AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName,
         g_InfoParms1.instIndex);
-    ASSERT_NE(static_cast<AccessTokenID>(0), tokenId1);
+    AccessTokenID tokenId1 = tokenIdEx.tokenIdExStruct.tokenID;
+    ASSERT_NE(INVALID_TOKENID, tokenId1);
     std::string permissionName = "ohos.permission.CAMERA";
     ASSERT_EQ(RET_SUCCESS,
         PermissionRecordManager::GetInstance().StartUsingPermission(
         MakeInfo(tokenId1, TEST_PID_1, permissionName), CALLER_PID));
 
-    AccessTokenID tokenId2 = AccessTokenKit::GetHapTokenID(g_InfoParms2.userID, g_InfoParms2.bundleName,
-        g_InfoParms2.instIndex);
-    ASSERT_NE(static_cast<AccessTokenID>(0), tokenId2);
+    tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName,
+        g_InfoParms1.instIndex);
+    AccessTokenID tokenId2 = tokenIdEx.tokenIdExStruct.tokenID;
+    ASSERT_NE(INVALID_TOKENID, tokenId2);
     ASSERT_EQ(RET_SUCCESS,
         PermissionRecordManager::GetInstance().StartUsingPermission(
         MakeInfo(tokenId2, TEST_PID_2, permissionName), CALLER_PID));
@@ -1295,22 +1290,24 @@ HWTEST_F(PermissionRecordManagerTest, ProxyDeathTest001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, ProxyDeathTest002, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, ProxyDeathTest002, TestSize.Level0)
 {
     DiedProxyMaker init;
     init.AddRecipient(CALLER_PID);
     init.TestDie(CALLER_PID);
-    AccessTokenID tokenId1 = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
+    AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName,
         g_InfoParms1.instIndex);
-    ASSERT_NE(static_cast<AccessTokenID>(0), tokenId1);
+    AccessTokenID tokenId1 = tokenIdEx.tokenIdExStruct.tokenID;
+    ASSERT_NE(INVALID_TOKENID, tokenId1);
     std::string permissionName = "ohos.permission.CAMERA";
     ASSERT_EQ(RET_SUCCESS,
         PermissionRecordManager::GetInstance().StartUsingPermission(
         MakeInfo(tokenId1, TEST_PID_1, permissionName), CALLER_PID));
 
-    AccessTokenID tokenId2 = AccessTokenKit::GetHapTokenID(g_InfoParms2.userID, g_InfoParms2.bundleName,
-        g_InfoParms2.instIndex);
-    ASSERT_NE(static_cast<AccessTokenID>(0), tokenId2);
+    tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName,
+        g_InfoParms1.instIndex);
+    AccessTokenID tokenId2 = tokenIdEx.tokenIdExStruct.tokenID;
+    ASSERT_NE(INVALID_TOKENID, tokenId2);
     ASSERT_EQ(RET_SUCCESS,
         PermissionRecordManager::GetInstance().StartUsingPermission(
         MakeInfo(tokenId2, TEST_PID_2, permissionName), CALLER_PID2));
@@ -1331,14 +1328,15 @@ HWTEST_F(PermissionRecordManagerTest, ProxyDeathTest002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordManagerTest, HasCallerInStartList001, TestSize.Level1)
+HWTEST_F(PermissionRecordManagerTest, HasCallerInStartList001, TestSize.Level0)
 {
     DiedProxyMaker init;
     init.AddRecipient(CALLER_PID);
     init.TestDie(CALLER_PID);
-    AccessTokenID tokenId1 = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
+    AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName,
         g_InfoParms1.instIndex);
-    ASSERT_NE(static_cast<AccessTokenID>(0), tokenId1);
+    AccessTokenID tokenId1 = tokenIdEx.tokenIdExStruct.tokenID;
+    ASSERT_NE(INVALID_TOKENID, tokenId1);
     std::string permissionName = "ohos.permission.CAMERA";
     ASSERT_EQ(RET_SUCCESS,
         PermissionRecordManager::GetInstance().StartUsingPermission(
diff --git a/services/privacymanager/test/unittest/permission_record_set_test.cpp b/services/privacymanager/test/unittest/permission_record_set_test.cpp
index 0bd2e7d2a32e7fb01194957c89a304398df68118..6cbbe76c833d296537a78791b7059de6ba93136c 100644
--- a/services/privacymanager/test/unittest/permission_record_set_test.cpp
+++ b/services/privacymanager/test/unittest/permission_record_set_test.cpp
@@ -125,7 +125,7 @@ void PermissionRecordSetTest::TearDown()
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0001, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0001, TestSize.Level0)
 {
     int32_t recordList[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[0],   OPCODE[0],    ACTIVE,   HAP_PID[0], CALLER_PID[0] },
@@ -143,7 +143,7 @@ HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0002, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0002, TestSize.Level0)
 {
     int32_t recordList[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[0],   OPCODE[0],    ACTIVE,   HAP_PID[0], CALLER_PID[0] },
@@ -161,7 +161,7 @@ HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0003, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0003, TestSize.Level0)
 {
     int32_t recordList[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[0],   OPCODE[0],    ACTIVE,   HAP_PID[0], CALLER_PID[0] },
@@ -179,7 +179,7 @@ HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0004, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0004, TestSize.Level0)
 {
     int32_t recordList[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[0],   OPCODE[0],    ACTIVE,   HAP_PID[0], CALLER_PID[0] },
@@ -197,7 +197,7 @@ HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0004, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0005, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0005, TestSize.Level0)
 {
     int32_t recordList[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[0],   OPCODE[0],    ACTIVE,   HAP_PID[0], CALLER_PID[0] },
@@ -215,7 +215,7 @@ HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0005, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0006, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0006, TestSize.Level0)
 {
     int32_t recordList[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[0],   OPCODE[0],    ACTIVE,   HAP_PID[0], CALLER_PID[0] },
@@ -233,7 +233,7 @@ HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0006, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0007, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0007, TestSize.Level0)
 {
     int32_t recordList[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[0],   OPCODE[0],    ACTIVE,   HAP_PID[0], CALLER_PID[0] },
@@ -251,7 +251,7 @@ HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0007, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0008, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0008, TestSize.Level0)
 {
     int32_t recordList[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[1],   OPCODE[0],    ACTIVE,   HAP_PID[0], CALLER_PID[0] }, // 0-3
@@ -288,7 +288,7 @@ HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0008, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0009, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0009, TestSize.Level0)
 {
     int32_t recordList[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[0],   OPCODE[0],    ACTIVE,   HAP_PID[0], CALLER_PID[0] }, // 0-0
@@ -321,7 +321,7 @@ HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0009, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0010, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0010, TestSize.Level0)
 {
     int32_t recordList[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[1],   OPCODE[0],    ACTIVE,   HAP_PID[0], CALLER_PID[0] }, // 0-4
@@ -354,7 +354,7 @@ HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0010, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, RemoveRecord0001, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, RemoveRecord0001, TestSize.Level0)
 {
     int32_t recordList[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[0],   OPCODE[0],    ACTIVE,   HAP_PID[0], CALLER_PID[0] },
@@ -386,7 +386,7 @@ HWTEST_F(PermissionRecordSetTest, RemoveRecord0001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, RemoveRecord0002, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, RemoveRecord0002, TestSize.Level0)
 {
     int32_t recordList[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[0],   OPCODE[0],    ACTIVE,   HAP_PID[1], CALLER_PID[0] },
@@ -418,7 +418,7 @@ HWTEST_F(PermissionRecordSetTest, RemoveRecord0002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, RemoveRecord0003, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, RemoveRecord0003, TestSize.Level0)
 {
     int32_t recordList[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[0],   OPCODE[1],    ACTIVE,   HAP_PID[0], CALLER_PID[0] },
@@ -450,7 +450,7 @@ HWTEST_F(PermissionRecordSetTest, RemoveRecord0003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, RemoveRecord0005, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, RemoveRecord0005, TestSize.Level0)
 {
     int32_t recordList[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[0],   OPCODE[0],    ACTIVE,   HAP_PID[0], CALLER_PID[0] },
@@ -482,7 +482,7 @@ HWTEST_F(PermissionRecordSetTest, RemoveRecord0005, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, RemoveTokenId0001, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, RemoveTokenId0001, TestSize.Level0)
 {
     int32_t recordList[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[0],   OPCODE[0],    ACTIVE,   HAP_PID[0], CALLER_PID[0] },
@@ -514,7 +514,7 @@ HWTEST_F(PermissionRecordSetTest, RemoveTokenId0001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, RemoveTokenId0002, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, RemoveTokenId0002, TestSize.Level0)
 {
     int32_t recordList[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[0],   OPCODE[0],    ACTIVE,   HAP_PID[0], CALLER_PID[0] },
@@ -546,7 +546,7 @@ HWTEST_F(PermissionRecordSetTest, RemoveTokenId0002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, RemoveTokenId0003, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, RemoveTokenId0003, TestSize.Level0)
 {
     int32_t recordList[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[1],   OPCODE[0],    ACTIVE,   HAP_PID[0], CALLER_PID[0] },
@@ -578,7 +578,7 @@ HWTEST_F(PermissionRecordSetTest, RemoveTokenId0003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, RemoveTokenIdAndPid0001, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, RemoveTokenIdAndPid0001, TestSize.Level0)
 {
     int32_t recordList[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[0],   OPCODE[0],    ACTIVE,   HAP_PID[0], CALLER_PID[0] },
@@ -610,7 +610,7 @@ HWTEST_F(PermissionRecordSetTest, RemoveTokenIdAndPid0001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, RemoveTokenIdAndPid0002, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, RemoveTokenIdAndPid0002, TestSize.Level0)
 {
     int32_t recordList[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[0],   OPCODE[0],    ACTIVE,   HAP_PID[0], CALLER_PID[0] },
@@ -642,7 +642,7 @@ HWTEST_F(PermissionRecordSetTest, RemoveTokenIdAndPid0002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, RemoveTokenIdAndPid0003, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, RemoveTokenIdAndPid0003, TestSize.Level0)
 {
     int32_t recordList[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[1],   OPCODE[0],    ACTIVE,   HAP_PID[0], CALLER_PID[0] },
@@ -674,7 +674,7 @@ HWTEST_F(PermissionRecordSetTest, RemoveTokenIdAndPid0003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, RemoveTokenIdAndPid0004, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, RemoveTokenIdAndPid0004, TestSize.Level0)
 {
     int32_t recordList[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[0],   OPCODE[0],    ACTIVE,   HAP_PID[0], CALLER_PID[0] },
@@ -706,7 +706,7 @@ HWTEST_F(PermissionRecordSetTest, RemoveTokenIdAndPid0004, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, RemoveTokenIdAndPid0005, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, RemoveTokenIdAndPid0005, TestSize.Level0)
 {
     int32_t recordList[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[0],   OPCODE[0],    ACTIVE,   HAP_PID[0], CALLER_PID[0] },
@@ -738,7 +738,7 @@ HWTEST_F(PermissionRecordSetTest, RemoveTokenIdAndPid0005, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, RemovePermCode0001, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, RemovePermCode0001, TestSize.Level0)
 {
     int32_t recordList[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[0],   OPCODE[0],    ACTIVE,   HAP_PID[0], CALLER_PID[0] },
@@ -770,7 +770,7 @@ HWTEST_F(PermissionRecordSetTest, RemovePermCode0001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, RemovePermCode0002, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, RemovePermCode0002, TestSize.Level0)
 {
     int32_t recordList[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[0],   OPCODE[0],    ACTIVE,   HAP_PID[0], CALLER_PID[0] },
@@ -802,7 +802,7 @@ HWTEST_F(PermissionRecordSetTest, RemovePermCode0002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, RemovePermCode0003, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, RemovePermCode0003, TestSize.Level0)
 {
     int32_t recordList[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[0],   OPCODE[1],    ACTIVE,   HAP_PID[0], CALLER_PID[0] },
@@ -834,7 +834,7 @@ HWTEST_F(PermissionRecordSetTest, RemovePermCode0003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, RemovePermCode0004, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, RemovePermCode0004, TestSize.Level0)
 {
     int32_t recordList[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[0],   OPCODE[0],    INACTIVE,   HAP_PID[0], CALLER_PID[0] },
@@ -866,7 +866,7 @@ HWTEST_F(PermissionRecordSetTest, RemovePermCode0004, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, RemoveCallerPid0001, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, RemoveCallerPid0001, TestSize.Level0)
 {
     int32_t recordList[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[0],   OPCODE[1],    ACTIVE,   HAP_PID[0], CALLER_PID[0] },
@@ -898,7 +898,7 @@ HWTEST_F(PermissionRecordSetTest, RemoveCallerPid0001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, RemoveCallerPid0002, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, RemoveCallerPid0002, TestSize.Level0)
 {
     int32_t recordList[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[0],   OPCODE[0],    ACTIVE,   HAP_PID[0], CALLER_PID[0] },
@@ -930,7 +930,7 @@ HWTEST_F(PermissionRecordSetTest, RemoveCallerPid0002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, RemoveCallerPid0003, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, RemoveCallerPid0003, TestSize.Level0)
 {
     int32_t recordList[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[0],   OPCODE[0],    ACTIVE,   HAP_PID[0], CALLER_PID[0] },
@@ -962,7 +962,7 @@ HWTEST_F(PermissionRecordSetTest, RemoveCallerPid0003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, RemoveCallerPid0004, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, RemoveCallerPid0004, TestSize.Level0)
 {
     int32_t recordList[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[0],   OPCODE[0],    ACTIVE,   HAP_PID[0], CALLER_PID[1] },
@@ -994,7 +994,7 @@ HWTEST_F(PermissionRecordSetTest, RemoveCallerPid0004, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0001, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0001, TestSize.Level0)
 {
     int32_t recordArray1[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[1],   OPCODE[0],    ACTIVE,   HAP_PID[1], CALLER_PID[0] },
@@ -1021,7 +1021,7 @@ HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0002, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0002, TestSize.Level0)
 {
     int32_t recordArray1[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[1],   OPCODE[0],    ACTIVE,   HAP_PID[1], CALLER_PID[0] },
@@ -1048,7 +1048,7 @@ HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0003, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0003, TestSize.Level0)
 {
     int32_t recordArray1[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[1],   OPCODE[0],    ACTIVE,   HAP_PID[1], CALLER_PID[0] },
@@ -1075,7 +1075,7 @@ HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0004, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0004, TestSize.Level0)
 {
     int32_t recordArray1[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[1],   OPCODE[0],    ACTIVE,   HAP_PID[1], CALLER_PID[0] },
@@ -1102,7 +1102,7 @@ HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0004, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0005, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0005, TestSize.Level0)
 {
     int32_t recordArray1[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[1],   OPCODE[1],    ACTIVE,   HAP_PID[0], CALLER_PID[0] },
@@ -1127,7 +1127,7 @@ HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0005, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0006, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0006, TestSize.Level0)
 {
     int32_t recordArray1[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[0],   OPCODE[0],    ACTIVE,   HAP_PID[0], CALLER_PID[0] },
@@ -1153,7 +1153,7 @@ HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0006, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0007, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0007, TestSize.Level0)
 {
     int32_t recordArray1[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[0],   OPCODE[0],    ACTIVE,   HAP_PID[0], CALLER_PID[0] },
@@ -1179,7 +1179,7 @@ HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0007, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0008, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0008, TestSize.Level0)
 {
     int32_t recordArray1[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[0],   OPCODE[1],    ACTIVE,   HAP_PID[1], CALLER_PID[0] },
@@ -1205,7 +1205,7 @@ HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0008, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0009, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0009, TestSize.Level0)
 {
     int32_t recordArray1[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[0],   OPCODE[1],    ACTIVE,   -1, CALLER_PID[0] },
@@ -1231,7 +1231,7 @@ HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0009, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, GetInActiveUniqueRecord0001, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, GetInActiveUniqueRecord0001, TestSize.Level0)
 {
     int32_t recordArray1[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[0],   OPCODE[1],    INACTIVE,   HAP_PID[0], CALLER_PID[0] },
@@ -1258,7 +1258,7 @@ HWTEST_F(PermissionRecordSetTest, GetInActiveUniqueRecord0001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, GetInActiveUniqueRecord0002, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, GetInActiveUniqueRecord0002, TestSize.Level0)
 {
     int32_t recordArray1[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[0],   OPCODE[0],    ACTIVE,   HAP_PID[1], CALLER_PID[0] },
@@ -1284,7 +1284,7 @@ HWTEST_F(PermissionRecordSetTest, GetInActiveUniqueRecord0002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, GetInActiveUniqueRecord0003, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, GetInActiveUniqueRecord0003, TestSize.Level0)
 {
     int32_t recordArray1[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[1],   OPCODE[0],    ACTIVE,   HAP_PID[1], CALLER_PID[0] },
@@ -1310,7 +1310,7 @@ HWTEST_F(PermissionRecordSetTest, GetInActiveUniqueRecord0003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, GetInActiveUniqueRecord0004, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, GetInActiveUniqueRecord0004, TestSize.Level0)
 {
     int32_t recordArray1[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[0],   OPCODE[1],   INACTIVE,   HAP_PID[1], CALLER_PID[0] },
@@ -1335,7 +1335,7 @@ HWTEST_F(PermissionRecordSetTest, GetInActiveUniqueRecord0004, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, GetInActiveUniqueRecord0005, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, GetInActiveUniqueRecord0005, TestSize.Level0)
 {
     int32_t recordArray1[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[0],   OPCODE[1],   ACTIVE,   HAP_PID[1], CALLER_PID[0] },
@@ -1360,7 +1360,7 @@ HWTEST_F(PermissionRecordSetTest, GetInActiveUniqueRecord0005, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PermissionRecordSetTest, GetInActiveUniqueRecord0006, TestSize.Level1)
+HWTEST_F(PermissionRecordSetTest, GetInActiveUniqueRecord0006, TestSize.Level0)
 {
     int32_t recordArray1[][RECORD_ITEM_SIZE] = {
         { HAP_TOKEN_ID[0],   OPCODE[1],   INACTIVE,   HAP_PID[1], CALLER_PID[0] },
diff --git a/services/privacymanager/test/unittest/privacy_manager_proxy_death_test.cpp b/services/privacymanager/test/unittest/privacy_manager_proxy_death_test.cpp
index f33d24075051908c57514c0c13a2695a9a9a5d5c..c5b70f05c707438e9ba2827358f47eee60a867c8 100644
--- a/services/privacymanager/test/unittest/privacy_manager_proxy_death_test.cpp
+++ b/services/privacymanager/test/unittest/privacy_manager_proxy_death_test.cpp
@@ -58,7 +58,7 @@ void PrivacyManagerProxyDeathTest::TearDown()
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyManagerProxyDeathTest, PrivacyManagerProxyDeathTest001, TestSize.Level1)
+HWTEST_F(PrivacyManagerProxyDeathTest, PrivacyManagerProxyDeathTest001, TestSize.Level0)
 {
     auto handler = std::make_shared<ProxyDeathHandler>();
     auto anonyStub = new (std::nothrow) ProxyDeathCallBackStub();
@@ -81,7 +81,7 @@ HWTEST_F(PrivacyManagerProxyDeathTest, PrivacyManagerProxyDeathTest001, TestSize
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyManagerProxyDeathTest, PrivacyManagerProxyDeathTest002, TestSize.Level1)
+HWTEST_F(PrivacyManagerProxyDeathTest, PrivacyManagerProxyDeathTest002, TestSize.Level0)
 {
     auto handler = std::make_shared<ProxyDeathHandler>();
     auto anonyStub = new (std::nothrow) ProxyDeathCallBackStub();
@@ -118,7 +118,7 @@ public:
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyManagerProxyDeathTest, PrivacyManagerProxyDeathTest003, TestSize.Level1)
+HWTEST_F(PrivacyManagerProxyDeathTest, PrivacyManagerProxyDeathTest003, TestSize.Level0)
 {
     auto handler = std::make_shared<ProxyDeathHandler>();
     auto anonyStub = new (std::nothrow) ProxyDeathCallBackStub();
@@ -137,7 +137,7 @@ HWTEST_F(PrivacyManagerProxyDeathTest, PrivacyManagerProxyDeathTest003, TestSize
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyManagerProxyDeathTest, PrivacyManagerProxyDeathTest004, TestSize.Level1)
+HWTEST_F(PrivacyManagerProxyDeathTest, PrivacyManagerProxyDeathTest004, TestSize.Level0)
 {
     auto handler = std::make_shared<ProxyDeathHandler>();
     auto anonyStub = new (std::nothrow) ProxyDeathCallBackStub();
diff --git a/services/privacymanager/test/unittest/privacy_manager_service_test.cpp b/services/privacymanager/test/unittest/privacy_manager_service_test.cpp
index 4c656c9eb8f4b303d4c91d3eb56fe2bb63a687cd..10599d3b19bd5d7f5ca9ff567cd3dabefd9063ec 100644
--- a/services/privacymanager/test/unittest/privacy_manager_service_test.cpp
+++ b/services/privacymanager/test/unittest/privacy_manager_service_test.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Copyright (c) 2022-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -18,15 +18,17 @@
 
 #include "accesstoken_kit.h"
 #include "constant.h"
+#include "iprivacy_manager.h"
 #include "on_permission_used_record_callback_stub.h"
 #define private public
 #include "permission_record_manager.h"
+#include "privacy_manager_service.h"
 #undef private
 #include "perm_active_status_change_callback_stub.h"
 #include "perm_active_status_change_callback.h"
 #include "privacy_error.h"
 #include "privacy_field_const.h"
-#include "privacy_manager_service.h"
+#include "privacy_test_common.h"
 #include "proxy_death_callback_stub.h"
 #include "state_change_callback.h"
 #include "string_ex.h"
@@ -38,11 +40,15 @@ namespace OHOS {
 namespace Security {
 namespace AccessToken {
 namespace {
+static AccessTokenID g_selfTokenId = 0;
 static constexpr int32_t PERMISSION_USAGE_RECORDS_MAX_NUM = 10;
 constexpr const char* CAMERA_PERMISSION_NAME = "ohos.permission.CAMERA";
 constexpr const char* MICROPHONE_PERMISSION_NAME = "ohos.permission.MICROPHONE";
 constexpr const char* LOCATION_PERMISSION_NAME = "ohos.permission.LOCATION";
-static AccessTokenIDEx g_tokenID = {0};
+static const uint32_t PERM_LIST_SIZE_MAX = 1024;
+static constexpr int32_t COMMON_EVENT_SERVICE_ID = 3299;
+static constexpr int32_t SCREENLOCK_SERVICE_ID = 3704;
+static constexpr int32_t INVALID_CODE = 999;
 static PermissionStateFull g_testState = {
     .permissionName = "ohos.permission.CAMERA",
     .isGeneral = true,
@@ -65,20 +71,6 @@ static HapInfoParams g_InfoParms1 = {
     .appIDDesc = "privacy_test.bundleA",
     .isSystemApp = true
 };
-
-static HapPolicyParams g_PolicyPrams2 = {
-    .apl = APL_NORMAL,
-    .domain = "test.domain.B",
-    .permList = {},
-    .permStateList = {g_testState}
-};
-
-static HapInfoParams g_InfoParms2 = {
-    .userID = 1,
-    .bundleName = "ohos.privacy_test.bundleB",
-    .instIndex = 0,
-    .appIDDesc = "privacy_test.bundleB"
-};
 }
 
 class PrivacyManagerServiceTest : public testing::Test {
@@ -91,15 +83,17 @@ public:
 
     void TearDown();
     std::shared_ptr<PrivacyManagerService> privacyManagerService_;
-    uint64_t selfTokenId_;
 };
 
 void PrivacyManagerServiceTest::SetUpTestCase()
 {
+    g_selfTokenId = GetSelfTokenID();
+    PrivacyTestCommon::SetTestEvironment(g_selfTokenId);
 }
 
 void PrivacyManagerServiceTest::TearDownTestCase()
 {
+    PrivacyTestCommon::ResetTestEvironment();
 }
 
 void PrivacyManagerServiceTest::SetUp()
@@ -107,23 +101,18 @@ void PrivacyManagerServiceTest::SetUp()
     privacyManagerService_ = DelayedSingleton<PrivacyManagerService>::GetInstance();
     PermissionRecordManager::GetInstance().Register();
     EXPECT_NE(nullptr, privacyManagerService_);
-    g_tokenID = AccessTokenKit::AllocHapToken(g_InfoParms1, g_PolicyPrams1);
-    AccessTokenKit::AllocHapToken(g_InfoParms2, g_PolicyPrams2);
-    selfTokenId_ = GetSelfTokenID();
+
+    PrivacyTestCommon::AllocTestHapToken(g_InfoParms1, g_PolicyPrams1);
 }
 
 void PrivacyManagerServiceTest::TearDown()
 {
-    AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
+    AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName,
         g_InfoParms1.instIndex);
-    AccessTokenKit::DeleteToken(tokenId);
-    privacyManagerService_->RemovePermissionUsedRecords(tokenId);
-    tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms2.userID, g_InfoParms2.bundleName,
-        g_InfoParms2.instIndex);
-    AccessTokenKit::DeleteToken(tokenId);
-    privacyManagerService_->RemovePermissionUsedRecords(tokenId);
+    PrivacyTestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID);
+    privacyManagerService_->RemovePermissionUsedRecords(tokenIdEx.tokenIdExStruct.tokenID);
+
     privacyManagerService_ = nullptr;
-    EXPECT_EQ(0, SetSelfTokenID(selfTokenId_));
 }
 
 /**
@@ -132,7 +121,7 @@ void PrivacyManagerServiceTest::TearDown()
  * @tc.type: FUNC
  * @tc.require: issueI4V02P
  */
-HWTEST_F(PrivacyManagerServiceTest, Dump001, TestSize.Level1)
+HWTEST_F(PrivacyManagerServiceTest, Dump001, TestSize.Level0)
 {
     int32_t fd = -1;
     std::vector<std::u16string> args;
@@ -178,12 +167,13 @@ HWTEST_F(PrivacyManagerServiceTest, Dump001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI4V02P
  */
-HWTEST_F(PrivacyManagerServiceTest, Dump002, TestSize.Level1)
+HWTEST_F(PrivacyManagerServiceTest, Dump002, TestSize.Level0)
 {
     int32_t fd = 1; // 1: std output
     std::vector<std::u16string> args;
-    AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
-        g_InfoParms1.instIndex);
+    AccessTokenIDEx tokenIdEx = PrivacyTestCommon::AllocTestHapToken(g_InfoParms1, g_PolicyPrams1);
+
+    AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
     args.emplace_back(Str8ToStr16("-t"));
     std::string tokenIdStr = std::to_string(tokenId);
     args.emplace_back(Str8ToStr16(tokenIdStr));
@@ -212,26 +202,33 @@ HWTEST_F(PrivacyManagerServiceTest, Dump002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5UPRK
  */
-HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermission001, TestSize.Level1)
+HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermission001, TestSize.Level0)
 {
-    AccessTokenID tokenId = AccessTokenKit::GetNativeTokenId("privacy_service");
-    ASSERT_NE(INVALID_TOKENID, tokenId);
-    EXPECT_EQ(0, SetSelfTokenID(tokenId));
-    tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
-        g_InfoParms1.instIndex);
+    MockNativeToken mock("privacy_service");
+
+    AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(
+        g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex);
+
+    AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
     ASSERT_NE(INVALID_TOKENID, tokenId);
-    ASSERT_EQ(false, privacyManagerService_->IsAllowedUsingPermission(tokenId, MICROPHONE_PERMISSION_NAME, -1));
-    ASSERT_EQ(false, privacyManagerService_->IsAllowedUsingPermission(tokenId, LOCATION_PERMISSION_NAME, -1));
-    ASSERT_EQ(false, privacyManagerService_->IsAllowedUsingPermission(tokenId, CAMERA_PERMISSION_NAME, -1));
+    bool isAllowed = false;
+    privacyManagerService_->IsAllowedUsingPermission(tokenId, MICROPHONE_PERMISSION_NAME, -1, isAllowed);
+    ASSERT_EQ(false, isAllowed);
+    privacyManagerService_->IsAllowedUsingPermission(tokenId, LOCATION_PERMISSION_NAME, -1, isAllowed);
+    ASSERT_EQ(false, isAllowed);
+    privacyManagerService_->IsAllowedUsingPermission(tokenId, CAMERA_PERMISSION_NAME, -1, isAllowed);
+    ASSERT_EQ(false, isAllowed);
 #ifdef CAMERA_FLOAT_WINDOW_ENABLE
     // not pip
     PermissionRecordManager::GetInstance().NotifyCameraWindowChange(false, tokenId, false);
-    ASSERT_EQ(false, privacyManagerService_->IsAllowedUsingPermission(tokenId, CAMERA_PERMISSION_NAME, -1));
+    privacyManagerService_->IsAllowedUsingPermission(tokenId, CAMERA_PERMISSION_NAME, -1, isAllowed);
+    ASSERT_EQ(false, isAllowed);
 
     PermissionRecordManager::GetInstance().NotifyCameraWindowChange(false, tokenId, false);
     // pip
     PermissionRecordManager::GetInstance().NotifyCameraWindowChange(true, tokenId, false);
-    ASSERT_EQ(false, privacyManagerService_->IsAllowedUsingPermission(tokenId, CAMERA_PERMISSION_NAME, -1));
+    privacyManagerService_->IsAllowedUsingPermission(tokenId, CAMERA_PERMISSION_NAME, -1, isAllowed);
+    ASSERT_EQ(false, isAllowed);
 #endif
 }
 
@@ -241,20 +238,25 @@ HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermission001, TestSize.Level1
  * @tc.type: FUNC
  * @tc.require: issueI5UPRK
  */
-HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermission002, TestSize.Level1)
+HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermission002, TestSize.Level0)
 {
-    AccessTokenID tokenId = AccessTokenKit::GetNativeTokenId("privacy_service");
+    AccessTokenID tokenId = PrivacyTestCommon::GetNativeTokenIdFromProcess("privacy_service");
     // invalid tokenId
-    ASSERT_EQ(false, privacyManagerService_->IsAllowedUsingPermission(0, CAMERA_PERMISSION_NAME, -1));
+    bool isAllowed = false;
+    privacyManagerService_->IsAllowedUsingPermission(0, CAMERA_PERMISSION_NAME, -1, isAllowed);
+    ASSERT_EQ(false, isAllowed);
 
     // native tokenId
-    ASSERT_EQ(false, privacyManagerService_->IsAllowedUsingPermission(tokenId, CAMERA_PERMISSION_NAME, -1));
+    privacyManagerService_->IsAllowedUsingPermission(tokenId, CAMERA_PERMISSION_NAME, -1, isAllowed);
+    ASSERT_EQ(false, isAllowed);
 
     // invalid permission
-    tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
-        g_InfoParms1.instIndex);
+    AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(
+        g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex);
+    tokenId = tokenIdEx.tokenIdExStruct.tokenID;
     ASSERT_NE(INVALID_TOKENID, tokenId);
-    ASSERT_EQ(false, privacyManagerService_->IsAllowedUsingPermission(tokenId, "test", -1));
+    privacyManagerService_->IsAllowedUsingPermission(tokenId, "test", -1, isAllowed);
+    ASSERT_EQ(false, isAllowed);
 }
 
 /*
@@ -263,225 +265,180 @@ HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermission002, TestSize.Level1
  * @tc.type: FUNC
  * @tc.require: issueI5UPRK
  */
-HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermission003, TestSize.Level1)
+HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermission003, TestSize.Level0)
 {
-    AccessTokenID tokenId = AccessTokenKit::GetNativeTokenId("privacy_service");
+    AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(
+        g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex);
 
-    tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
-        g_InfoParms1.instIndex);
+    AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
     ASSERT_NE(INVALID_TOKENID, tokenId);
-    ASSERT_EQ(false, privacyManagerService_->IsAllowedUsingPermission(tokenId, CAMERA_PERMISSION_NAME, -1));
+    bool isAllowed = false;
+    privacyManagerService_->IsAllowedUsingPermission(tokenId, CAMERA_PERMISSION_NAME, -1, isAllowed);
+    ASSERT_EQ(false, isAllowed);
 }
 
-class TestPrivacyManagerStub : public PrivacyManagerStub {
-public:
-    TestPrivacyManagerStub() = default;
-    virtual ~TestPrivacyManagerStub() = default;
+/**
+ * @tc.name: AddPermissionUsedRecordInner001
+ * @tc.desc: AddPermissionUsedRecordInner test.
+ * @tc.type: FUNC
+ * @tc.require:
+ */
+HWTEST_F(PrivacyManagerServiceTest, AddPermissionUsedRecordInner001, TestSize.Level0)
+{
+    AccessTokenID tokenID = 123; // 123 is invalid tokenID
+    std::string permissionName = "ohos.permission.test"; // is invalid permission
+    int32_t successCount = 1; // number 1
+    int32_t failCount = 1; // number 1
 
-    int32_t AddPermissionUsedRecord(const AddPermParamInfoParcel& infoParcel, bool asyncMode = false)
-    {
-        return RET_SUCCESS;
-    }
-    int32_t SetPermissionUsedRecordToggleStatus(int32_t userID, bool status)
-    {
-        return RET_SUCCESS;
-    }
-    int32_t GetPermissionUsedRecordToggleStatus(int32_t userID, bool& status)
-    {
-        return RET_SUCCESS;
-    }
-    int32_t StartUsingPermission(const PermissionUsedTypeInfoParcel& info, const sptr<IRemoteObject>& anonyStub)
-    {
-        return RET_SUCCESS;
-    }
-    int32_t StartUsingPermission(const PermissionUsedTypeInfoParcel& info,
-        const sptr<IRemoteObject>& callback, const sptr<IRemoteObject>& anonyStub)
-    {
-        return RET_SUCCESS;
-    }
-    int32_t StopUsingPermission(AccessTokenID tokenID, int32_t pid,  const std::string& permissionName)
-    {
-        return RET_SUCCESS;
-    }
-    int32_t RemovePermissionUsedRecords(AccessTokenID tokenID)
-    {
-        return RET_SUCCESS;
-    }
-    int32_t GetPermissionUsedRecords(
-        const PermissionUsedRequestParcel& request, PermissionUsedResultParcel& result)
-    {
-        return RET_SUCCESS;
-    }
-    int32_t GetPermissionUsedRecords(
-        const PermissionUsedRequestParcel& request, const sptr<OnPermissionUsedRecordCallback>& callback)
-    {
-        return RET_SUCCESS;
-    }
-    int32_t RegisterPermActiveStatusCallback(
-        std::vector<std::string>& permList, const sptr<IRemoteObject>& callback)
-    {
-        return RET_SUCCESS;
-    }
-    int32_t UnRegisterPermActiveStatusCallback(const sptr<IRemoteObject>& callback)
-    {
-        return RET_SUCCESS;
-    }
-    bool IsAllowedUsingPermission(AccessTokenID tokenID, const std::string& permissionName, int32_t pid)
-    {
-        return true;
-    }
-    int32_t GetPermissionUsedTypeInfos(const AccessTokenID tokenId, const std::string& permissionName,
-        std::vector<PermissionUsedTypeInfoParcel>& resultsParcel)
-    {
-        return RET_SUCCESS;
-    }
-    int32_t SetMutePolicy(uint32_t policyType, uint32_t callerType, bool isMute, uint32_t tokenID)
-    {
-        return RET_SUCCESS;
-    }
-    int32_t SetHapWithFGReminder(uint32_t tokenId, bool isAllowed)
-    {
-        return RET_SUCCESS;
-    }
-#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE
-    int32_t RegisterSecCompEnhance(const SecCompEnhanceDataParcel& enhanceParcel)
-    {
-        return RET_SUCCESS;
-    }
-    int32_t DepositSecCompEnhance(const std::vector<SecCompEnhanceDataParcel>& enhanceParcelList)
-    {
-        return RET_SUCCESS;
-    }
-    int32_t RecoverSecCompEnhance(std::vector<SecCompEnhanceDataParcel>& enhanceParcelList)
-    {
-        return RET_SUCCESS;
-    }
-#endif
-};
+    AddPermParamInfoParcel infoParcel;
+    infoParcel.info.tokenId = tokenID;
+    infoParcel.info.permissionName = permissionName;
+    infoParcel.info.successCount = successCount;
+    infoParcel.info.failCount = failCount;
+
+    // callingTokenID is native token hdcd with need permission, but input tokenID is not a real hap
+    int32_t ret = privacyManagerService_->AddPermissionUsedRecord(infoParcel);
+
+    EXPECT_NE(PrivacyError::ERR_NOT_SYSTEM_APP, ret);
+    EXPECT_NE(PrivacyError::ERR_PERMISSION_DENIED, ret);
+}
 
 /**
- * @tc.name: OnRemoteRequest001
- * @tc.desc: OnRemoteRequest test.
+ * @tc.name: AddPermissionUsedRecordInner002
+ * @tc.desc: AddPermissionUsedRecordInner test.
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyManagerServiceTest, OnRemoteRequest001, TestSize.Level1)
+HWTEST_F(PrivacyManagerServiceTest, AddPermissionUsedRecordInner002, TestSize.Level0)
 {
-    TestPrivacyManagerStub testSub;
-    MessageParcel data;
-    std::string descriptor = "I don't know";
-    data.WriteInterfaceToken(OHOS::Str8ToStr16(descriptor));
-
-    MessageParcel reply;
-    MessageOption option(MessageOption::TF_SYNC);
-    // descriptor error
-    ASSERT_EQ(PrivacyError::ERROR_IPC_REQUEST_FAIL, testSub.OnRemoteRequest(
-        static_cast<uint32_t>(PrivacyInterfaceCode::ADD_PERMISSION_USED_RECORD), data, reply, option));
-
-    uint32_t code = 99999999; // code not exsit
-    ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()));
-    ASSERT_NE(RET_SUCCESS, testSub.OnRemoteRequest(code, data, reply, option)); // descriptor true + error msgCode
+    AccessTokenID tokenID = 123; // 123 is invalid tokenID
+    std::string permissionName = "ohos.permission.test"; // is invalid permission
+    int32_t successCount = 1; // number 1
+    int32_t failCount = 1; // number 1
+
+    std::vector<std::string> reqPerm;
+    MockHapToken mock("AddPermissionUsedRecordInner002", reqPerm, false); // set self tokenID to normal app
+
+    AddPermParamInfoParcel infoParcel;
+    infoParcel.info.tokenId = tokenID;
+    infoParcel.info.permissionName = permissionName;
+    infoParcel.info.successCount = successCount;
+    infoParcel.info.failCount = failCount;
+
+    // callingTokenID is normal hap without need permission
+    int32_t ret = privacyManagerService_->AddPermissionUsedRecord(infoParcel);
+    
+    ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, ret);
 }
 
 /**
- * @tc.name: AddPermissionUsedRecordInner001
+ * @tc.name: AddPermissionUsedRecordInner003
  * @tc.desc: AddPermissionUsedRecordInner test.
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyManagerServiceTest, AddPermissionUsedRecordInner001, TestSize.Level1)
+HWTEST_F(PrivacyManagerServiceTest, AddPermissionUsedRecordInner003, TestSize.Level0)
 {
-    AccessTokenID tokenID = 123; // 123 is random input
-    std::string permissionName = "ohos.permission.test";
+    AccessTokenID tokenID = 123; // 123 is invalid tokenID
+    std::string permissionName = "ohos.permission.test"; // is invalid permission
     int32_t successCount = 1; // number 1
     int32_t failCount = 1; // number 1
 
-    TestPrivacyManagerStub testSub;
-    MessageParcel data;
-    MessageParcel reply;
-    MessageOption option(MessageOption::TF_SYNC);
+    std::vector<std::string> reqPerm;
+    MockHapToken mock("AddPermissionUsedRecordInner003", reqPerm, true); // set self tokenID to system app
 
-    ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()));
     AddPermParamInfoParcel infoParcel;
     infoParcel.info.tokenId = tokenID;
     infoParcel.info.permissionName = permissionName;
     infoParcel.info.successCount = successCount;
     infoParcel.info.failCount = failCount;
-    ASSERT_EQ(true, data.WriteParcelable(&infoParcel));
-    ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest(
-        static_cast<uint32_t>(PrivacyInterfaceCode::ADD_PERMISSION_USED_RECORD), data, reply, option));
-    // callingTokenID is native token hdcd with need permission, but input tokenID is not a real hap
-    ASSERT_EQ(RET_SUCCESS, reply.ReadInt32());
+
+    // callingTokenID is normal hap without need permission
+    int32_t ret = privacyManagerService_->AddPermissionUsedRecord(infoParcel);
+
+    ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, ret);
 }
 
 /**
- * @tc.name: AddPermissionUsedRecordInner002
- * @tc.desc: AddPermissionUsedRecordInner test.
+ * @tc.name: AddPermissionUsedRecordAsyncInner001
+ * @tc.desc: AddPermissionUsedRecordAsyncInner test.
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyManagerServiceTest, AddPermissionUsedRecordInner002, TestSize.Level1)
+HWTEST_F(PrivacyManagerServiceTest, AddPermissionUsedRecordAsyncInner001, TestSize.Level0)
 {
-    AccessTokenID tokenID = 123; // 123 is random input
-    std::string permissionName = "ohos.permission.test";
+    AccessTokenID tokenID = 123; // 123 is invalid tokenID
+    std::string permissionName = "ohos.permission.test"; // is invalid permission
     int32_t successCount = 1; // number 1
     int32_t failCount = 1; // number 1
 
-    TestPrivacyManagerStub testSub;
-    MessageParcel data;
-    MessageParcel reply;
-    MessageOption option(MessageOption::TF_SYNC);
+    AddPermParamInfoParcel infoParcel;
+    infoParcel.info.tokenId = tokenID;
+    infoParcel.info.permissionName = permissionName;
+    infoParcel.info.successCount = successCount;
+    infoParcel.info.failCount = failCount;
+
+    // callingTokenID is native token hdcd with need permission, but input tokenID is not a real hap
+    int32_t ret = privacyManagerService_->AddPermissionUsedRecordAsync(infoParcel);
 
-    AccessTokenID hapTokenID = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
-        g_InfoParms1.instIndex);
-    ASSERT_NE(hapTokenID, static_cast<AccessTokenID>(0));
-    SetSelfTokenID(hapTokenID); // set self tokenID to hapTokenID
+    EXPECT_NE(PrivacyError::ERR_NOT_SYSTEM_APP, ret);
+    EXPECT_NE(PrivacyError::ERR_PERMISSION_DENIED, ret);
+}
+
+/**
+ * @tc.name: AddPermissionUsedRecordAsyncInner002
+ * @tc.desc: AddPermissionUsedRecordAsyncInner test.
+ * @tc.type: FUNC
+ * @tc.require:
+ */
+HWTEST_F(PrivacyManagerServiceTest, AddPermissionUsedRecordAsyncInner002, TestSize.Level0)
+{
+    AccessTokenID tokenID = 123; // 123 is invalid tokenID
+    std::string permissionName = "ohos.permission.test"; // is invalid permission
+    int32_t successCount = 1; // number 1
+    int32_t failCount = 1; // number 1
+
+    std::vector<std::string> reqPerm;
+    MockHapToken mock("AddPermissionUsedRecordAsyncInner002", reqPerm, false); // set self tokenID to normal app
 
-    ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()));
     AddPermParamInfoParcel infoParcel;
     infoParcel.info.tokenId = tokenID;
     infoParcel.info.permissionName = permissionName;
     infoParcel.info.successCount = successCount;
     infoParcel.info.failCount = failCount;
-    ASSERT_EQ(true, data.WriteParcelable(&infoParcel));
-    ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest(
-        static_cast<uint32_t>(PrivacyInterfaceCode::ADD_PERMISSION_USED_RECORD), data, reply, option));
+
     // callingTokenID is normal hap without need permission
-    ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, reply.ReadInt32());
+    int32_t ret = privacyManagerService_->AddPermissionUsedRecordAsync(infoParcel);
+    
+    ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, ret);
 }
 
 /**
- * @tc.name: AddPermissionUsedRecordInner003
- * @tc.desc: AddPermissionUsedRecordInner test.
+ * @tc.name: AddPermissionUsedRecordAsyncInner003
+ * @tc.desc: AddPermissionUsedRecordAsyncInner test.
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyManagerServiceTest, AddPermissionUsedRecordInner003, TestSize.Level1)
+HWTEST_F(PrivacyManagerServiceTest, AddPermissionUsedRecordAsyncInner003, TestSize.Level0)
 {
-    AccessTokenID tokenID = 123; // 123 is random input
-    std::string permissionName = "ohos.permission.test";
+    AccessTokenID tokenID = 123; // 123 is invalid tokenID
+    std::string permissionName = "ohos.permission.test"; // is invalid permission
     int32_t successCount = 1; // number 1
     int32_t failCount = 1; // number 1
 
-    TestPrivacyManagerStub testSub;
-    MessageParcel data;
-    MessageParcel reply;
-    MessageOption option(MessageOption::TF_SYNC);
-
-    ASSERT_NE(g_tokenID.tokenIDEx, static_cast<AccessTokenID>(0));
-    SetSelfTokenID(g_tokenID.tokenIDEx); // set self tokenID to system app
+    std::vector<std::string> reqPerm;
+    MockHapToken mock("AddPermissionUsedRecordAsyncInner003", reqPerm, true); // set self tokenID to system app
 
-    ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()));
     AddPermParamInfoParcel infoParcel;
     infoParcel.info.tokenId = tokenID;
     infoParcel.info.permissionName = permissionName;
     infoParcel.info.successCount = successCount;
     infoParcel.info.failCount = failCount;
-    ASSERT_EQ(true, data.WriteParcelable(&infoParcel));
-    ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest(
-        static_cast<uint32_t>(PrivacyInterfaceCode::ADD_PERMISSION_USED_RECORD), data, reply, option));
-    // callingTokenID is system hap without need permission
-    ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, reply.ReadInt32());
+
+    // callingTokenID is normal hap without need permission
+    int32_t ret = privacyManagerService_->AddPermissionUsedRecordAsync(infoParcel);
+
+    ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, ret);
 }
 
 /**
@@ -490,22 +447,13 @@ HWTEST_F(PrivacyManagerServiceTest, AddPermissionUsedRecordInner003, TestSize.Le
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyManagerServiceTest, SetPermissionUsedRecordToggleStatusInner001, TestSize.Level1)
+HWTEST_F(PrivacyManagerServiceTest, SetPermissionUsedRecordToggleStatusInner001, TestSize.Level0)
 {
     int32_t userID = 1;
     bool status = true;
 
-    TestPrivacyManagerStub testStub;
-    MessageParcel data;
-    MessageParcel reply;
-    MessageOption option(MessageOption::TF_SYNC);
-
-    ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()));
-    ASSERT_EQ(true, data.WriteInt32(userID));
-    ASSERT_EQ(true, data.WriteBool(status));
-    ASSERT_EQ(RET_SUCCESS, testStub.OnRemoteRequest(
-        static_cast<uint32_t>(PrivacyInterfaceCode::SET_PERMISSION_USED_RECORD_TOGGLE_STATUS), data, reply, option));
-    ASSERT_EQ(RET_SUCCESS, reply.ReadInt32());
+    int32_t ret = privacyManagerService_->SetPermissionUsedRecordToggleStatus(userID, status);
+    ASSERT_EQ(RET_SUCCESS, ret);
 }
 
 /**
@@ -514,27 +462,34 @@ HWTEST_F(PrivacyManagerServiceTest, SetPermissionUsedRecordToggleStatusInner001,
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyManagerServiceTest, SetPermissionUsedRecordToggleStatusInner002, TestSize.Level1)
+HWTEST_F(PrivacyManagerServiceTest, SetPermissionUsedRecordToggleStatusInner002, TestSize.Level0)
 {
     int32_t userID = 1;
     bool status = true;
 
-    TestPrivacyManagerStub testStub;
-    MessageParcel data;
-    MessageParcel reply;
-    MessageOption option(MessageOption::TF_SYNC);
+    std::vector<std::string> reqPerm;
+    MockHapToken mock("SetPermissionUsedRecordToggleStatusInner002", reqPerm, false); // set self tokenID to normal app
 
-    AccessTokenID hapTokenID = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
-        g_InfoParms1.instIndex);
-    ASSERT_NE(hapTokenID, static_cast<AccessTokenID>(0));
-    SetSelfTokenID(hapTokenID); // set self tokenID to hapTokenID
-
-    ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()));
-    ASSERT_EQ(true, data.WriteInt32(userID));
-    ASSERT_EQ(true, data.WriteBool(status));
-    ASSERT_EQ(RET_SUCCESS, testStub.OnRemoteRequest(
-        static_cast<uint32_t>(PrivacyInterfaceCode::SET_PERMISSION_USED_RECORD_TOGGLE_STATUS), data, reply, option));
-    ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, reply.ReadInt32());
+    int32_t ret = privacyManagerService_->SetPermissionUsedRecordToggleStatus(userID, status);
+    ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, ret);
+}
+
+/**
+ * @tc.name: SetPermissionUsedRecordToggleStatusInner003
+ * @tc.desc: SetPermissionUsedRecordToggleStatusInner test.
+ * @tc.type: FUNC
+ * @tc.require:
+ */
+HWTEST_F(PrivacyManagerServiceTest, SetPermissionUsedRecordToggleStatusInner003, TestSize.Level0)
+{
+    int32_t userID = 1;
+    bool status = true;
+
+    std::vector<std::string> reqPerm;
+    MockHapToken mock("SetPermissionUsedRecordToggleStatusInner003", reqPerm, true); // set self tokenID to system app
+
+    int32_t ret = privacyManagerService_->SetPermissionUsedRecordToggleStatus(userID, status);
+    ASSERT_EQ(RET_SUCCESS, ret);
 }
 
 /**
@@ -543,22 +498,13 @@ HWTEST_F(PrivacyManagerServiceTest, SetPermissionUsedRecordToggleStatusInner002,
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordToggleStatusInner001, TestSize.Level1)
+HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordToggleStatusInner001, TestSize.Level0)
 {
     int32_t userID = 1;
     bool status = true;
 
-    TestPrivacyManagerStub testStub;
-    MessageParcel data;
-    MessageParcel reply;
-    MessageOption option(MessageOption::TF_SYNC);
-
-    ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()));
-    ASSERT_EQ(true, data.WriteInt32(userID));
-    ASSERT_EQ(true, data.WriteBool(status));
-    ASSERT_EQ(RET_SUCCESS, testStub.OnRemoteRequest(
-        static_cast<uint32_t>(PrivacyInterfaceCode::GET_PERMISSION_USED_RECORD_TOGGLE_STATUS), data, reply, option));
-    ASSERT_EQ(RET_SUCCESS, reply.ReadInt32());
+    int32_t ret = privacyManagerService_->GetPermissionUsedRecordToggleStatus(userID, status);
+    ASSERT_EQ(RET_SUCCESS, ret);
 }
 
 /**
@@ -567,27 +513,34 @@ HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordToggleStatusInner001,
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordToggleStatusInner002, TestSize.Level1)
+HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordToggleStatusInner002, TestSize.Level0)
 {
     int32_t userID = 1;
     bool status = true;
 
-    TestPrivacyManagerStub testStub;
-    MessageParcel data;
-    MessageParcel reply;
-    MessageOption option(MessageOption::TF_SYNC);
+    std::vector<std::string> reqPerm;
+    MockHapToken mock("GetPermissionUsedRecordToggleStatusInner002", reqPerm, false); // set self tokenID to normal app
 
-    AccessTokenID hapTokenID = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
-        g_InfoParms1.instIndex);
-    ASSERT_NE(hapTokenID, static_cast<AccessTokenID>(0));
-    SetSelfTokenID(hapTokenID); // set self tokenID to hapTokenID
-
-    ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()));
-    ASSERT_EQ(true, data.WriteInt32(userID));
-    ASSERT_EQ(true, data.WriteBool(status));
-    ASSERT_EQ(RET_SUCCESS, testStub.OnRemoteRequest(
-        static_cast<uint32_t>(PrivacyInterfaceCode::GET_PERMISSION_USED_RECORD_TOGGLE_STATUS), data, reply, option));
-    ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, reply.ReadInt32());
+    int32_t ret = privacyManagerService_->GetPermissionUsedRecordToggleStatus(userID, status);
+    ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, ret);
+}
+
+/**
+ * @tc.name: GetPermissionUsedRecordToggleStatusInner003
+ * @tc.desc: GetPermissionUsedRecordToggleStatusInner test.
+ * @tc.type: FUNC
+ * @tc.require:
+ */
+HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordToggleStatusInner003, TestSize.Level0)
+{
+    int32_t userID = 1;
+    bool status = true;
+
+    std::vector<std::string> reqPerm;
+    MockHapToken mock("GetPermissionUsedRecordToggleStatusInner003", reqPerm, true); // set self tokenID to system app
+
+    int32_t ret = privacyManagerService_->GetPermissionUsedRecordToggleStatus(userID, status);
+    ASSERT_EQ(RET_SUCCESS, ret);
 }
 
 /**
@@ -596,29 +549,21 @@ HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordToggleStatusInner002,
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionInner001, TestSize.Level1)
+HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionInner001, TestSize.Level0)
 {
-    AccessTokenID tokenID = 123; // 123 is random input
-    std::string permissionName = "ohos.permission.test";
+    AccessTokenID tokenID = 123; // 123 is invalid tokenID
+    std::string permissionName = "ohos.permission.test"; // is invalid permission
     int32_t pid = 456; // 456 is random input
-    auto anonystub = new (std::nothrow) ProxyDeathCallBackStub();
-
-    TestPrivacyManagerStub testSub;
-    MessageParcel data;
-    MessageParcel reply;
-    MessageOption option(MessageOption::TF_SYNC);
 
-    ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()));
     PermissionUsedTypeInfoParcel parcel;
     parcel.info.tokenId = tokenID;
     parcel.info.pid = pid;
     parcel.info.permissionName = permissionName;
-    ASSERT_EQ(true, data.WriteParcelable(&parcel));
-    ASSERT_EQ(true, data.WriteRemoteObject(anonystub->AsObject()));
-    ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest(
-        static_cast<uint32_t>(PrivacyInterfaceCode::START_USING_PERMISSION), data, reply, option));
-    // callingTokenID is native token hdcd with need permission, but input tokenID is not a real hap
-    ASSERT_EQ(RET_SUCCESS, reply.ReadInt32());
+
+    // callingTokenID is native token hdcd with need permission, but input tokenID & perm are invalid
+    int32_t ret = privacyManagerService_->StartUsingPermission(parcel, nullptr);
+    EXPECT_NE(PrivacyError::ERR_NOT_SYSTEM_APP, ret);
+    EXPECT_NE(PrivacyError::ERR_PERMISSION_DENIED, ret);
 }
 
 /**
@@ -627,31 +572,20 @@ HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionInner001, TestSize.Level
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionInner002, TestSize.Level1)
+HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionInner002, TestSize.Level0)
 {
-    AccessTokenID tokenID = 123; // 123 is random input
-    std::string permissionName = "ohos.permission.test";
-
-    TestPrivacyManagerStub testSub;
-    MessageParcel data;
-    MessageParcel reply;
-    MessageOption option(MessageOption::TF_SYNC);
+    AccessTokenID tokenID = 123; // 123 is invalid tokenID
+    std::string permissionName = "ohos.permission.test"; // is invalid permission
 
-    AccessTokenID hapTokenID = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
-        g_InfoParms1.instIndex);
-    ASSERT_NE(hapTokenID, static_cast<AccessTokenID>(0));
-    SetSelfTokenID(hapTokenID); // set self tokenID to hapTokenID
+    std::vector<std::string> reqPerm;
+    MockHapToken mock("StartUsingPermissionInner002", reqPerm, false); // set self tokenID to normal app
 
-    ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()));
     PermissionUsedTypeInfoParcel parcel;
     parcel.info.tokenId = tokenID;
     parcel.info.pid = -1;
     parcel.info.permissionName = permissionName;
-    ASSERT_EQ(true, data.WriteParcelable(&parcel));
-    ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest(
-        static_cast<uint32_t>(PrivacyInterfaceCode::START_USING_PERMISSION), data, reply, option));
     // callingTokenID is normal hap without need permission
-    ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, reply.ReadInt32());
+    ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, privacyManagerService_->StartUsingPermission(parcel, nullptr));
 }
 
 /**
@@ -660,78 +594,44 @@ HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionInner002, TestSize.Level
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionInner003, TestSize.Level1)
+HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionInner003, TestSize.Level0)
 {
-    AccessTokenID tokenID = 123; // 123 is random input
-    std::string permissionName = "ohos.permission.test";
+    AccessTokenID tokenID = 123; // 123 is invalid tokenID
+    std::string permissionName = "ohos.permission.test"; // is invalid permission
 
-    TestPrivacyManagerStub testSub;
-    MessageParcel data;
-    MessageParcel reply;
-    MessageOption option(MessageOption::TF_SYNC);
+    std::vector<std::string> reqPerm;
+    MockHapToken mock("StartUsingPermissionInner003", reqPerm, true); // set self tokenID to system app
 
-    ASSERT_NE(g_tokenID.tokenIDEx, static_cast<AccessTokenID>(0));
-    SetSelfTokenID(g_tokenID.tokenIDEx); // set self tokenID to system app
-
-    ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()));
     PermissionUsedTypeInfoParcel parcel;
     parcel.info.tokenId = tokenID;
     parcel.info.pid = -1;
     parcel.info.permissionName = permissionName;
-    ASSERT_EQ(true, data.WriteParcelable(&parcel));
-    ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest(
-        static_cast<uint32_t>(PrivacyInterfaceCode::START_USING_PERMISSION), data, reply, option));
     // callingTokenID is system hap without need permission
-    ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, reply.ReadInt32());
+    ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, privacyManagerService_->StartUsingPermission(parcel, nullptr));
 }
 
-class PrivacyManagerServiceTestCb1 : public StateCustomizedCbk {
-public:
-    PrivacyManagerServiceTestCb1()
-    {}
-
-    ~PrivacyManagerServiceTestCb1()
-    {}
-
-    virtual void StateChangeNotify(AccessTokenID tokenId, bool isShow)
-    {}
-};
-
 /**
  * @tc.name: StartUsingPermissionCallbackInner001
  * @tc.desc: StartUsingPermissionCallbackInner test.
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionCallbackInner001, TestSize.Level1)
+HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionCallbackInner001, TestSize.Level0)
 {
-    AccessTokenID tokenID = 123; // 123 is random input
+    AccessTokenID tokenID = 123; // 123 is invalid tokenID
+    std::string permissionName = "ohos.permission.test"; // is invalid permission
     int32_t pid = 111;
-    std::string permissionName = "ohos.permission.test";
-    auto callbackPtr = std::make_shared<PrivacyManagerServiceTestCb1>();
-    ASSERT_NE(nullptr, callbackPtr);
-    auto callbackWrap = new (std::nothrow) StateChangeCallback(callbackPtr);
-    ASSERT_NE(nullptr, callbackWrap);
-
-    TestPrivacyManagerStub testSub;
-    MessageParcel data;
-    MessageParcel reply;
-    MessageOption option(MessageOption::TF_SYNC);
 
-    ASSERT_NE(g_tokenID.tokenIDEx, static_cast<AccessTokenID>(0));
-    SetSelfTokenID(g_tokenID.tokenIDEx); // set self tokenID to system app
+    std::vector<std::string> reqPerm;
+    MockHapToken mock("StartUsingPermissionCallbackInner001", reqPerm, true); // set self tokenID to system app
 
-    ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()));
     PermissionUsedTypeInfoParcel parcel;
     parcel.info.tokenId = tokenID;
     parcel.info.pid = pid;
     parcel.info.permissionName = permissionName;
-    ASSERT_EQ(true, data.WriteParcelable(&parcel));
-    ASSERT_EQ(true, data.WriteRemoteObject(callbackWrap->AsObject()));
-    ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest(static_cast<uint32_t>(
-        PrivacyInterfaceCode::START_USING_PERMISSION_CALLBACK), data, reply, option));
     // callingTokenID has no request permission
-    ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, reply.ReadInt32());
+    ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED,
+        privacyManagerService_->StartUsingPermissionCallback(parcel, nullptr, nullptr));
 }
 
 /**
@@ -740,34 +640,45 @@ HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionCallbackInner001, TestSi
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionCallbackInner002, TestSize.Level1)
+HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionCallbackInner002, TestSize.Level0)
 {
-    AccessTokenID tokenID = 123; // 123 is random input
+    AccessTokenID tokenID = 123; // 123 is invalid tokenID
+    std::string permissionName = "ohos.permission.test"; // is invalid permission
     int32_t pid = 11;
-    std::string permissionName = "ohos.permission.test";
-    auto callbackPtr = std::make_shared<PrivacyManagerServiceTestCb1>();
-    ASSERT_NE(nullptr, callbackPtr);
-    auto callbackWrap = new (std::nothrow) StateChangeCallback(callbackPtr);
-    ASSERT_NE(nullptr, callbackWrap);
-    auto anonystub = new (std::nothrow) ProxyDeathCallBackStub();
-
-    TestPrivacyManagerStub testSub;
-    MessageParcel data;
-    MessageParcel reply;
-    MessageOption option(MessageOption::TF_SYNC);
-
-    ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()));
+
     PermissionUsedTypeInfoParcel parcel;
     parcel.info.tokenId = tokenID;
     parcel.info.pid = pid;
     parcel.info.permissionName = permissionName;
-    ASSERT_EQ(true, data.WriteParcelable(&parcel));
-    ASSERT_EQ(true, data.WriteRemoteObject(callbackWrap->AsObject()));
-    ASSERT_EQ(true, data.WriteRemoteObject(anonystub->AsObject()));
-    ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest(static_cast<uint32_t>(
-        PrivacyInterfaceCode::START_USING_PERMISSION_CALLBACK), data, reply, option));
+
     // callingTokenID is native token hdcd with request permission
-    ASSERT_EQ(RET_SUCCESS, reply.ReadInt32());
+    int32_t ret = privacyManagerService_->StartUsingPermissionCallback(parcel, nullptr, nullptr);
+    EXPECT_NE(PrivacyError::ERR_NOT_SYSTEM_APP, ret);
+    EXPECT_NE(PrivacyError::ERR_PERMISSION_DENIED, ret);
+}
+
+/**
+ * @tc.name: StartUsingPermissionCallbackInner003
+ * @tc.desc: StartUsingPermissionCallbackInner test.
+ * @tc.type: FUNC
+ * @tc.require:
+ */
+HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionCallbackInner003, TestSize.Level0)
+{
+    AccessTokenID tokenID = 123; // 123 is invalid tokenID
+    std::string permissionName = "ohos.permission.test"; // is invalid permission
+    int32_t pid = 11;
+
+    std::vector<std::string> reqPerm;
+    MockHapToken mock("StartUsingPermissionCallbackInner003", reqPerm, false); // set self tokenID to normal app
+
+    PermissionUsedTypeInfoParcel parcel;
+    parcel.info.tokenId = tokenID;
+    parcel.info.pid = pid;
+    parcel.info.permissionName = permissionName;
+
+    ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP,
+        privacyManagerService_->StartUsingPermissionCallback(parcel, nullptr, nullptr));
 }
 
 /**
@@ -776,25 +687,16 @@ HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionCallbackInner002, TestSi
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyManagerServiceTest, StopUsingPermissionInner001, TestSize.Level1)
+HWTEST_F(PrivacyManagerServiceTest, StopUsingPermissionInner001, TestSize.Level0)
 {
-    AccessTokenID tokenID = 123; // 123 is random input
+    AccessTokenID tokenID = 123; // 123 is invalid tokenID
+    std::string permissionName = "ohos.permission.test"; // is invalid permission
     int32_t pid = 11;
-    std::string permissionName = "ohos.permission.test";
-
-    TestPrivacyManagerStub testSub;
-    MessageParcel data;
-    MessageParcel reply;
-    MessageOption option(MessageOption::TF_SYNC);
-
-    ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()));
-    ASSERT_EQ(true, data.WriteUint32(tokenID));
-    ASSERT_EQ(true, data.WriteInt32(pid));
-    ASSERT_EQ(true, data.WriteString(permissionName));
-    ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest(
-        static_cast<uint32_t>(PrivacyInterfaceCode::STOP_USING_PERMISSION), data, reply, option));
+
     // callingTokenID is native token hdcd with need permission, but input tokenID is not a real hap
-    ASSERT_EQ(RET_SUCCESS, reply.ReadInt32());
+    int32_t ret = privacyManagerService_->StopUsingPermission(tokenID, pid, permissionName);
+    EXPECT_NE(PrivacyError::ERR_NOT_SYSTEM_APP, ret);
+    EXPECT_NE(PrivacyError::ERR_PERMISSION_DENIED, ret);
 }
 
 /**
@@ -803,28 +705,18 @@ HWTEST_F(PrivacyManagerServiceTest, StopUsingPermissionInner001, TestSize.Level1
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyManagerServiceTest, StopUsingPermissionInner002, TestSize.Level1)
+HWTEST_F(PrivacyManagerServiceTest, StopUsingPermissionInner002, TestSize.Level0)
 {
-    AccessTokenID tokenID = 123; // 123 is random input
-    std::string permissionName = "ohos.permission.test";
+    AccessTokenID tokenID = 123; // 123 is invalid tokenID
+    std::string permissionName = "ohos.permission.test"; // is invalid permission
+    int32_t pid = 11;
 
-    TestPrivacyManagerStub testSub;
-    MessageParcel data;
-    MessageParcel reply;
-    MessageOption option(MessageOption::TF_SYNC);
+    std::vector<std::string> reqPerm;
+    MockHapToken mock("StopUsingPermissionInner002", reqPerm, false); // set self tokenID to normal app
 
-    AccessTokenID hapTokenID = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
-        g_InfoParms1.instIndex);
-    ASSERT_NE(hapTokenID, static_cast<AccessTokenID>(0));
-    SetSelfTokenID(hapTokenID); // set self tokenID to hapTokenID
-
-    ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()));
-    ASSERT_EQ(true, data.WriteUint32(tokenID));
-    ASSERT_EQ(true, data.WriteString(permissionName));
-    ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest(
-        static_cast<uint32_t>(PrivacyInterfaceCode::STOP_USING_PERMISSION), data, reply, option));
     // callingTokenID is normal hap without need permission
-    ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, reply.ReadInt32());
+    int32_t ret = privacyManagerService_->StopUsingPermission(tokenID, pid, permissionName);
+    ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, ret);
 }
 
 /**
@@ -833,26 +725,18 @@ HWTEST_F(PrivacyManagerServiceTest, StopUsingPermissionInner002, TestSize.Level1
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyManagerServiceTest, StopUsingPermissionInner003, TestSize.Level1)
+HWTEST_F(PrivacyManagerServiceTest, StopUsingPermissionInner003, TestSize.Level0)
 {
-    AccessTokenID tokenID = 123; // 123 is random input
-    std::string permissionName = "ohos.permission.test";
-
-    TestPrivacyManagerStub testSub;
-    MessageParcel data;
-    MessageParcel reply;
-    MessageOption option(MessageOption::TF_SYNC);
-
-    ASSERT_NE(g_tokenID.tokenIDEx, static_cast<AccessTokenID>(0));
-    SetSelfTokenID(g_tokenID.tokenIDEx); // set self tokenID to system app
-
-    ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()));
-    ASSERT_EQ(true, data.WriteUint32(tokenID));
-    ASSERT_EQ(true, data.WriteString(permissionName));
-    ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest(
-        static_cast<uint32_t>(PrivacyInterfaceCode::STOP_USING_PERMISSION), data, reply, option));
+    AccessTokenID tokenID = 123; // 123 is invalid tokenID
+    std::string permissionName = "ohos.permission.test"; // is invalid permission
+    int32_t pid = 11;
+
+    std::vector<std::string> reqPerm;
+    MockHapToken mock("StopUsingPermissionInner003", reqPerm, true); // set self tokenID to system app
+
     // callingTokenID is system hap without need permission
-    ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, reply.ReadInt32());
+    int32_t ret = privacyManagerService_->StopUsingPermission(tokenID, pid, permissionName);
+    ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, ret);
 }
 
 /**
@@ -861,21 +745,12 @@ HWTEST_F(PrivacyManagerServiceTest, StopUsingPermissionInner003, TestSize.Level1
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyManagerServiceTest, RemovePermissionUsedRecordsInner001, TestSize.Level1)
+HWTEST_F(PrivacyManagerServiceTest, RemovePermissionUsedRecordsInner001, TestSize.Level0)
 {
-    AccessTokenID tokenID = 123; // 123 is random input
-
-    TestPrivacyManagerStub testSub;
-    MessageParcel data;
-    MessageParcel reply;
-    MessageOption option(MessageOption::TF_SYNC);
+    AccessTokenID tokenID = 123; // 123 is invalid tokenID
 
-    ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()));
-    ASSERT_EQ(true, data.WriteUint32(tokenID));
-    ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest(static_cast<uint32_t>(
-        PrivacyInterfaceCode::DELETE_PERMISSION_USED_RECORDS), data, reply, option));
     // callingTokenID is native token hdcd with need permission, but input tokenID is not a real hap
-    ASSERT_EQ(RET_SUCCESS, reply.ReadInt32());
+    ASSERT_EQ(RET_SUCCESS, privacyManagerService_->RemovePermissionUsedRecords(tokenID));
 }
 
 /**
@@ -884,25 +759,48 @@ HWTEST_F(PrivacyManagerServiceTest, RemovePermissionUsedRecordsInner001, TestSiz
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyManagerServiceTest, RemovePermissionUsedRecordsInner002, TestSize.Level1)
+HWTEST_F(PrivacyManagerServiceTest, RemovePermissionUsedRecordsInner002, TestSize.Level0)
 {
-    AccessTokenID tokenID = 123; // 123 is random input
+    AccessTokenID tokenID = 123; // 123 is invalid tokenID
 
-    TestPrivacyManagerStub testSub;
-    MessageParcel data;
-    MessageParcel reply;
-    MessageOption option(MessageOption::TF_SYNC);
-
-    AccessTokenID nativeTokenID = AccessTokenKit::GetNativeTokenId("device_manager");
+    MockNativeToken mock("device_manager"); // set self tokenID to native device_manager
+    AccessTokenID nativeTokenID = GetSelfTokenID();
     ASSERT_NE(nativeTokenID, static_cast<AccessTokenID>(0));
-    SetSelfTokenID(nativeTokenID); // set self tokenID to native device_manager
 
-    ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()));
-    ASSERT_EQ(true, data.WriteUint32(tokenID));
-    ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest(static_cast<uint32_t>(
-        PrivacyInterfaceCode::DELETE_PERMISSION_USED_RECORDS), data, reply, option));
     // native token device_manager don't have request permission
-    ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, reply.ReadInt32());
+    ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, privacyManagerService_->RemovePermissionUsedRecords(tokenID));
+}
+
+/**
+ * @tc.name: RemovePermissionUsedRecordsInner003
+ * @tc.desc: RemovePermissionUsedRecordsInner test.
+ * @tc.type: FUNC
+ * @tc.require:
+ */
+HWTEST_F(PrivacyManagerServiceTest, RemovePermissionUsedRecordsInner003, TestSize.Level0)
+{
+    AccessTokenID tokenID = 123; // 123 is invalid tokenID
+
+    std::vector<std::string> reqPerm;
+    MockHapToken mock("RemovePermissionUsedRecordsInner003", reqPerm, false); // set self tokenID to normal app
+
+    // native token device_manager don't have request permission
+    ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, privacyManagerService_->RemovePermissionUsedRecords(tokenID));
+}
+
+/**
+ * @tc.name: RemovePermissionUsedRecordsInner004
+ * @tc.desc: RemovePermissionUsedRecordsInner test.
+ * @tc.type: FUNC
+ * @tc.require:
+ */
+HWTEST_F(PrivacyManagerServiceTest, RemovePermissionUsedRecordsInner004, TestSize.Level0)
+{
+    AccessTokenID tokenID = 123; // 123 is invalid tokenID
+
+    std::vector<std::string> reqPerm = {"ohos.permission.PERMISSION_USED_STATS"};
+    MockHapToken mock("RemovePermissionUsedRecordsInner004", reqPerm, true); // set self tokenID to system app
+    ASSERT_EQ(RET_SUCCESS, privacyManagerService_->RemovePermissionUsedRecords(tokenID));
 }
 
 /**
@@ -911,22 +809,14 @@ HWTEST_F(PrivacyManagerServiceTest, RemovePermissionUsedRecordsInner002, TestSiz
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordsInner001, TestSize.Level1)
+HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordsInner001, TestSize.Level0)
 {
     PermissionUsedRequestParcel request;
     request.request.isRemote = true;
+    PermissionUsedResultParcel resultParcel;
 
-    TestPrivacyManagerStub testSub;
-    MessageParcel data;
-    MessageParcel reply;
-    MessageOption option(MessageOption::TF_SYNC);
-
-    ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()));
-    ASSERT_EQ(true, data.WriteParcelable(&request));
-    ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest(static_cast<uint32_t>(
-        PrivacyInterfaceCode::GET_PERMISSION_USED_RECORDS), data, reply, option));
-    // callingTokenID is native token hdcd with need permission, remote is true return ERR_PARAM_INVALID
-    ASSERT_EQ(RET_SUCCESS, reply.ReadInt32());
+    // callingTokenID is native token hdcd with need permission
+    ASSERT_EQ(RET_SUCCESS, privacyManagerService_->GetPermissionUsedRecords(request, resultParcel));
 }
 
 /**
@@ -935,27 +825,18 @@ HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordsInner001, TestSize.L
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordsInner002, TestSize.Level1)
+HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordsInner002, TestSize.Level0)
 {
     PermissionUsedRequestParcel request;
     request.request.isRemote = true;
+    PermissionUsedResultParcel resultParcel;
 
-    TestPrivacyManagerStub testSub;
-    MessageParcel data;
-    MessageParcel reply;
-    MessageOption option(MessageOption::TF_SYNC);
-
-    AccessTokenID hapTokenID = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
-        g_InfoParms1.instIndex);
-    ASSERT_NE(hapTokenID, static_cast<AccessTokenID>(0));
-    SetSelfTokenID(hapTokenID); // set self tokenID to hapTokenID
+    std::vector<std::string> reqPerm;
+    MockHapToken mock("GetPermissionUsedRecordsInner002", reqPerm, false); // set self tokenID to normal app
 
-    ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()));
-    ASSERT_EQ(true, data.WriteParcelable(&request));
-    ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest(static_cast<uint32_t>(
-        PrivacyInterfaceCode::GET_PERMISSION_USED_RECORDS), data, reply, option));
     // callingTokenID is normal hap without need permission
-    ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, reply.ReadInt32());
+    ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP,
+        privacyManagerService_->GetPermissionUsedRecords(request, resultParcel));
 }
 
 /**
@@ -964,37 +845,74 @@ HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordsInner002, TestSize.L
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordsInner003, TestSize.Level1)
+HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordsInner003, TestSize.Level0)
 {
     PermissionUsedRequestParcel request;
     request.request.isRemote = true;
+    PermissionUsedResultParcel resultParcel;
 
-    TestPrivacyManagerStub testSub;
-    MessageParcel data;
-    MessageParcel reply;
-    MessageOption option(MessageOption::TF_SYNC);
+    std::vector<std::string> reqPerm;
+    MockHapToken mock("GetPermissionUsedRecordsInner003", reqPerm, true); // set self tokenID to system app
 
-    ASSERT_NE(g_tokenID.tokenIDEx, static_cast<AccessTokenID>(0));
-    SetSelfTokenID(g_tokenID.tokenIDEx); // set self tokenID to system app
-
-    ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()));
-    ASSERT_EQ(true, data.WriteParcelable(&request));
-    ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest(static_cast<uint32_t>(
-        PrivacyInterfaceCode::GET_PERMISSION_USED_RECORDS), data, reply, option));
     // callingTokenID is system hap without need permission
-    ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, reply.ReadInt32());
+    ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED,
+        privacyManagerService_->GetPermissionUsedRecords(request, resultParcel));
 }
 
-class TestCallBack : public OnPermissionUsedRecordCallbackStub {
-public:
-    TestCallBack() = default;
-    virtual ~TestCallBack() = default;
+/**
+ * @tc.name: GetPermissionUsedRecordsAsyncInner001
+ * @tc.desc: GetPermissionUsedRecordsAsyncInner test.
+ * @tc.type: FUNC
+ * @tc.require:
+ */
+HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordsAsyncInner001, TestSize.Level0)
+{
+    PermissionUsedRequestParcel request;
+    request.request.isRemote = true;
 
-    void OnQueried(ErrCode code, PermissionUsedResult& result)
-    {
-        GTEST_LOG_(INFO) << "TestCallBack, code :" << code << ", bundleSize :" << result.bundleRecords.size();
-    }
-};
+    int32_t ret = privacyManagerService_->GetPermissionUsedRecordsAsync(request, nullptr);
+    // callingTokenID is native token hdcd with need permission
+    EXPECT_NE(PrivacyError::ERR_NOT_SYSTEM_APP, ret);
+    EXPECT_NE(PrivacyError::ERR_PERMISSION_DENIED, ret);
+}
+
+/**
+ * @tc.name: GetPermissionUsedRecordsAsyncInner002
+ * @tc.desc: GetPermissionUsedRecordsAsyncInner test.
+ * @tc.type: FUNC
+ * @tc.require:
+ */
+HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordsAsyncInner002, TestSize.Level0)
+{
+    PermissionUsedRequestParcel request;
+    request.request.isRemote = true;
+
+    std::vector<std::string> reqPerm;
+    MockHapToken mock("GetPermissionUsedRecordsAsyncInner002", reqPerm, false); // set self tokenID to normal app
+
+    int32_t ret = privacyManagerService_->GetPermissionUsedRecordsAsync(request, nullptr);
+    // callingTokenID is normal hap without need permission
+    ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, ret);
+}
+
+/**
+ * @tc.name: GetPermissionUsedRecordsAsyncInner003
+ * @tc.desc: GetPermissionUsedRecordsAsyncInner test.
+ * @tc.type: FUNC
+ * @tc.require:
+ */
+HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordsAsyncInner003, TestSize.Level0)
+{
+    PermissionUsedRequestParcel request;
+    request.request.isRemote = true;
+
+    std::vector<std::string> reqPerm;
+    MockHapToken mock("GetPermissionUsedRecordsAsyncInner003", reqPerm, true); // set self tokenID to system app
+
+    int32_t ret = privacyManagerService_->GetPermissionUsedRecordsAsync(request, nullptr);
+    // callingTokenID is system hap without need permission
+    ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, ret);
+}
 
 /**
  * @tc.name: RegisterPermActiveStatusCallbackInner001
@@ -1002,21 +920,13 @@ public:
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyManagerServiceTest, RegisterPermActiveStatusCallbackInner001, TestSize.Level1)
+HWTEST_F(PrivacyManagerServiceTest, RegisterPermActiveStatusCallbackInner001, TestSize.Level0)
 {
-    std::vector<std::string> permList = {};
+    std::vector<std::string> permList(PERM_LIST_SIZE_MAX + 1);
 
-    TestPrivacyManagerStub testSub;
-    MessageParcel data;
-    MessageParcel reply;
-    MessageOption option(MessageOption::TF_SYNC);
-
-    ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()));
-    ASSERT_EQ(true, data.WriteUint32(permList.size()));
-    ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest(static_cast<uint32_t>(
-        PrivacyInterfaceCode::REGISTER_PERM_ACTIVE_STATUS_CHANGE_CALLBACK), data, reply, option));
-    // callingTokenID is native token hdcd with need permission
-    ASSERT_EQ(PrivacyError::ERR_READ_PARCEL_FAILED, reply.ReadInt32());
+    // permList size oversize
+    ASSERT_EQ(PrivacyError::ERR_OVERSIZE,
+        privacyManagerService_->RegisterPermActiveStatusCallback(permList, nullptr));
 }
 
 /**
@@ -1025,25 +935,16 @@ HWTEST_F(PrivacyManagerServiceTest, RegisterPermActiveStatusCallbackInner001, Te
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyManagerServiceTest, RegisterPermActiveStatusCallbackInner002, TestSize.Level1)
+HWTEST_F(PrivacyManagerServiceTest, RegisterPermActiveStatusCallbackInner002, TestSize.Level0)
 {
     std::vector<std::string> permList = {};
-    TestPrivacyManagerStub testSub;
-    MessageParcel data;
-    MessageParcel reply;
-    MessageOption option(MessageOption::TF_SYNC);
 
-    AccessTokenID hapTokenID = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
-        g_InfoParms1.instIndex);
-    ASSERT_NE(hapTokenID, static_cast<AccessTokenID>(0));
-    SetSelfTokenID(hapTokenID); // set self tokenID to hapTokenID
+    std::vector<std::string> reqPerm;
+    MockHapToken mock("RegisterPermActiveStatusCallbackInner002", reqPerm, false); // set self tokenID to normal app
 
-    ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()));
-    ASSERT_EQ(true, data.WriteUint32(permList.size()));
-    ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest(static_cast<uint32_t>(
-        PrivacyInterfaceCode::REGISTER_PERM_ACTIVE_STATUS_CHANGE_CALLBACK), data, reply, option));
     // callingTokenID is normal hap without need permission
-    ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, reply.ReadInt32());
+    ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP,
+        privacyManagerService_->RegisterPermActiveStatusCallback(permList, nullptr));
 }
 
 /**
@@ -1052,22 +953,32 @@ HWTEST_F(PrivacyManagerServiceTest, RegisterPermActiveStatusCallbackInner002, Te
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyManagerServiceTest, RegisterPermActiveStatusCallbackInner003, TestSize.Level1)
+HWTEST_F(PrivacyManagerServiceTest, RegisterPermActiveStatusCallbackInner003, TestSize.Level0)
 {
-    TestPrivacyManagerStub testSub;
-    MessageParcel data;
-    MessageParcel reply;
-    MessageOption option(MessageOption::TF_SYNC);
-
-    ASSERT_NE(g_tokenID.tokenIDEx, static_cast<AccessTokenID>(0));
-    SetSelfTokenID(g_tokenID.tokenIDEx); // set self tokenID to system app
-
-    ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()));
-    ASSERT_EQ(true, data.WriteUint32(0));
-    ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest(static_cast<uint32_t>(
-        PrivacyInterfaceCode::REGISTER_PERM_ACTIVE_STATUS_CHANGE_CALLBACK), data, reply, option));
+    std::vector<std::string> permList = {};
+
+    std::vector<std::string> reqPerm;
+    MockHapToken mock("RegisterPermActiveStatusCallbackInner003", reqPerm, true); // set self tokenID to system app
+
     // callingTokenID is system hap without need permission
-    ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, reply.ReadInt32());
+    ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED,
+        privacyManagerService_->RegisterPermActiveStatusCallback(permList, nullptr));
+}
+
+/**
+ * @tc.name: RegisterPermActiveStatusCallbackInner004
+ * @tc.desc: RegisterPermActiveStatusCallbackInner test.
+ * @tc.type: FUNC
+ * @tc.require:
+ */
+HWTEST_F(PrivacyManagerServiceTest, RegisterPermActiveStatusCallbackInner004, TestSize.Level0)
+{
+    std::vector<std::string> permList;
+
+    // systemapp with need permission
+    int32_t ret = privacyManagerService_->RegisterPermActiveStatusCallback(permList, nullptr);
+    EXPECT_NE(PrivacyError::ERR_NOT_SYSTEM_APP, ret);
+    EXPECT_NE(PrivacyError::ERR_PERMISSION_DENIED, ret);
 }
 
 /**
@@ -1076,17 +987,12 @@ HWTEST_F(PrivacyManagerServiceTest, RegisterPermActiveStatusCallbackInner003, Te
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyManagerServiceTest, UnRegisterPermActiveStatusCallbackInner001, TestSize.Level1)
+HWTEST_F(PrivacyManagerServiceTest, UnRegisterPermActiveStatusCallbackInner001, TestSize.Level0)
 {
-    TestPrivacyManagerStub testSub;
-    MessageParcel data;
-    MessageParcel reply;
-    MessageOption option(MessageOption::TF_SYNC);
-    ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()));
-    ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest(static_cast<uint32_t>(
-        PrivacyInterfaceCode::UNREGISTER_PERM_ACTIVE_STATUS_CHANGE_CALLBACK), data, reply, option));
-    // callingTokenID is native token hdcd with need permission
-    ASSERT_EQ(PrivacyError::ERR_READ_PARCEL_FAILED, reply.ReadInt32());
+    // systemapp with need permission
+    int32_t ret = privacyManagerService_->UnRegisterPermActiveStatusCallback(nullptr);
+    EXPECT_NE(PrivacyError::ERR_NOT_SYSTEM_APP, ret);
+    EXPECT_NE(PrivacyError::ERR_PERMISSION_DENIED, ret);
 }
 
 /**
@@ -1095,23 +1001,14 @@ HWTEST_F(PrivacyManagerServiceTest, UnRegisterPermActiveStatusCallbackInner001,
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyManagerServiceTest, UnRegisterPermActiveStatusCallbackInner002, TestSize.Level1)
+HWTEST_F(PrivacyManagerServiceTest, UnRegisterPermActiveStatusCallbackInner002, TestSize.Level0)
 {
-    TestPrivacyManagerStub testSub;
-    MessageParcel data;
-    MessageParcel reply;
-    MessageOption option(MessageOption::TF_SYNC);
+    std::vector<std::string> reqPerm;
+    MockHapToken mock("UnRegisterPermActiveStatusCallbackInner002", reqPerm, false); // set self tokenID to normal app
 
-    AccessTokenID hapTokenID = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
-        g_InfoParms1.instIndex);
-    ASSERT_NE(hapTokenID, static_cast<AccessTokenID>(0));
-    SetSelfTokenID(hapTokenID); // set self tokenID to hapTokenID
-
-    ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()));
-    ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest(static_cast<uint32_t>(
-        PrivacyInterfaceCode::UNREGISTER_PERM_ACTIVE_STATUS_CHANGE_CALLBACK), data, reply, option));
     // callingTokenID is normal hap without need permission
-    ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, reply.ReadInt32());
+    ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP,
+        privacyManagerService_->UnRegisterPermActiveStatusCallback(nullptr));
 }
 
 /**
@@ -1120,21 +1017,14 @@ HWTEST_F(PrivacyManagerServiceTest, UnRegisterPermActiveStatusCallbackInner002,
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyManagerServiceTest, UnRegisterPermActiveStatusCallbackInner003, TestSize.Level1)
+HWTEST_F(PrivacyManagerServiceTest, UnRegisterPermActiveStatusCallbackInner003, TestSize.Level0)
 {
-    TestPrivacyManagerStub testSub;
-    MessageParcel data;
-    MessageParcel reply;
-    MessageOption option(MessageOption::TF_SYNC);
-
-    ASSERT_NE(g_tokenID.tokenIDEx, static_cast<AccessTokenID>(0));
-    SetSelfTokenID(g_tokenID.tokenIDEx); // set self tokenID to system app
+    std::vector<std::string> reqPerm;
+    MockHapToken mock("UnRegisterPermActiveStatusCallbackInner003", reqPerm, true); // set self tokenID to system app
 
-    ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()));
-    ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest(static_cast<uint32_t>(
-        PrivacyInterfaceCode::UNREGISTER_PERM_ACTIVE_STATUS_CHANGE_CALLBACK), data, reply, option));
     // callingTokenID is system hap without need permission
-    ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, reply.ReadInt32());
+    ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED,
+        privacyManagerService_->UnRegisterPermActiveStatusCallback(nullptr));
 }
 
 /**
@@ -1143,23 +1033,17 @@ HWTEST_F(PrivacyManagerServiceTest, UnRegisterPermActiveStatusCallbackInner003,
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermissionInner001, TestSize.Level1)
+HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermissionInner001, TestSize.Level0)
 {
-    AccessTokenID tokenID = 123; // 123 is random input
-    std::string permissionName = "ohos.permission.test";
-
-    TestPrivacyManagerStub testSub;
-    MessageParcel data;
-    MessageParcel reply;
-    MessageOption option(MessageOption::TF_SYNC);
-
-    ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()));
-    ASSERT_EQ(true, data.WriteUint32(tokenID));
-    ASSERT_EQ(true, data.WriteString(permissionName));
-    ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest(static_cast<uint32_t>(
-        PrivacyInterfaceCode::IS_ALLOWED_USING_PERMISSION), data, reply, option));
-    // callingTokenID is native token hdcd with need permission, remote is true return ERR_PARAM_INVALID
-    ASSERT_EQ(true, reply.ReadBool());
+    AccessTokenID tokenID = 123; // 123 is invalid tokenID
+    std::string permissionName = "ohos.permission.test"; // is invalid permission
+    int32_t pid = 11;
+    bool isAllowed = false;
+
+    // callingTokenID is native token hdcd with need permission, but tokenID is invalid
+    int32_t result = privacyManagerService_->IsAllowedUsingPermission(tokenID, permissionName, pid, isAllowed);
+    ASSERT_EQ(result, RET_SUCCESS);
+    ASSERT_EQ(false, isAllowed);
 }
 
 /**
@@ -1168,28 +1052,210 @@ HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermissionInner001, TestSize.L
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermissionInner002, TestSize.Level1)
+HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermissionInner002, TestSize.Level0)
 {
-    AccessTokenID tokenID = 123; // 123 is random input
-    std::string permissionName = "ohos.permission.test";
+    AccessTokenID tokenID = 123; // 123 is invalid tokenID
+    std::string permissionName = "ohos.permission.test"; // is invalid permission
+    int32_t pid = 11;
+    bool isAllowed = false;
 
-    TestPrivacyManagerStub testSub;
-    MessageParcel data;
-    MessageParcel reply;
-    MessageOption option(MessageOption::TF_SYNC);
+    std::vector<std::string> reqPerm;
+    MockHapToken mock("IsAllowedUsingPermissionInner002", reqPerm, false); // set self tokenID to normal app
+
+    // callingTokenID is normal hap without need permission
+    int32_t result = privacyManagerService_->IsAllowedUsingPermission(tokenID, permissionName, pid, isAllowed);
+    ASSERT_EQ(result, PrivacyError::ERR_NOT_SYSTEM_APP);
+}
+
+/**
+ * @tc.name: IsAllowedUsingPermissionInner003
+ * @tc.desc: IsAllowedUsingPermissionInner test.
+ * @tc.type: FUNC
+ * @tc.require:
+ */
+HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermissionInner003, TestSize.Level0)
+{
+    AccessTokenID tokenID = 123; // 123 is invalid tokenID
+    std::string permissionName = "ohos.permission.test"; // is invalid permission
+    int32_t pid = 11;
+    bool isAllowed = false;
+
+    std::vector<std::string> reqPerm;
+    MockHapToken mock("IsAllowedUsingPermissionInner003", reqPerm, true); // set self tokenID to system app
 
-    AccessTokenID hapTokenID = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName,
-        g_InfoParms1.instIndex);
-    ASSERT_NE(hapTokenID, static_cast<AccessTokenID>(0));
-    SetSelfTokenID(hapTokenID); // set self tokenID to hapTokenID
-
-    ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()));
-    ASSERT_EQ(true, data.WriteUint32(tokenID));
-    ASSERT_EQ(true, data.WriteString(permissionName));
-    ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest(static_cast<uint32_t>(
-        PrivacyInterfaceCode::IS_ALLOWED_USING_PERMISSION), data, reply, option));
     // callingTokenID is normal hap without need permission
-    ASSERT_EQ(false, reply.ReadBool());
+    int32_t result = privacyManagerService_->IsAllowedUsingPermission(tokenID, permissionName, pid, isAllowed);
+    ASSERT_EQ(result, PrivacyError::ERR_PERMISSION_DENIED);
+}
+
+/**
+ * @tc.name: GetPermissionUsedTypeInfosInner001
+ * @tc.desc: GetPermissionUsedTypeInfosInner test.
+ * @tc.type: FUNC
+ * @tc.require:
+ */
+HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedTypeInfosInner001, TestSize.Level0)
+{
+    AccessTokenID tokenID = 123; // 123 is invalid tokenID
+    std::string permissionName = "ohos.permission.test"; // is invalid permission
+    std::vector<PermissionUsedTypeInfoParcel> resultsParcel;
+
+    // systemapp with need permission
+    int32_t ret = privacyManagerService_->GetPermissionUsedTypeInfos(tokenID, permissionName, resultsParcel);
+    EXPECT_NE(PrivacyError::ERR_NOT_SYSTEM_APP, ret);
+    EXPECT_NE(PrivacyError::ERR_PERMISSION_DENIED, ret);
+}
+
+/**
+ * @tc.name: GetPermissionUsedTypeInfosInner002
+ * @tc.desc: GetPermissionUsedTypeInfosInner test.
+ * @tc.type: FUNC
+ * @tc.require:
+ */
+HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedTypeInfosInner002, TestSize.Level0)
+{
+    AccessTokenID tokenID = 123; // 123 is invalid tokenID
+    std::string permissionName = "ohos.permission.test"; // is invalid permission
+    std::vector<PermissionUsedTypeInfoParcel> resultsParcel;
+
+    std::vector<std::string> reqPerm;
+    MockHapToken mock("GetPermissionUsedTypeInfosInner002", reqPerm, false); // set self tokenID to normal app
+
+    int32_t ret = privacyManagerService_->GetPermissionUsedTypeInfos(tokenID, permissionName, resultsParcel);
+    EXPECT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, ret);
+}
+
+/**
+ * @tc.name: GetPermissionUsedTypeInfosInner003
+ * @tc.desc: GetPermissionUsedTypeInfosInner test.
+ * @tc.type: FUNC
+ * @tc.require:
+ */
+HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedTypeInfosInner003, TestSize.Level0)
+{
+    AccessTokenID tokenID = 123; // 123 is invalid tokenID
+    std::string permissionName = "ohos.permission.test"; // is invalid permission
+    std::vector<PermissionUsedTypeInfoParcel> resultsParcel;
+
+    std::vector<std::string> reqPerm;
+    MockHapToken mock("GetPermissionUsedTypeInfosInner003", reqPerm, true); // set self tokenID to system app
+
+    int32_t ret = privacyManagerService_->GetPermissionUsedTypeInfos(tokenID, permissionName, resultsParcel);
+    EXPECT_EQ(PrivacyError::ERR_PERMISSION_DENIED, ret);
+}
+
+/**
+ * @tc.name: SetMutePolicyInner001
+ * @tc.desc: SetMutePolicyInner test.
+ * @tc.type: FUNC
+ * @tc.require:
+ */
+HWTEST_F(PrivacyManagerServiceTest, SetMutePolicyInner001, TestSize.Level0)
+{
+    AccessTokenID tokenID = 123; // 123 is invalid tokenID
+    uint32_t policyType = 0;
+    uint32_t callerType = 0;
+    bool isMute = false;
+
+    std::vector<std::string> reqPerm;
+    MockHapToken mock("SetMutePolicyInner001", reqPerm, true); // set self tokenID to system app
+
+    int32_t ret = privacyManagerService_->SetMutePolicy(policyType, callerType, isMute, tokenID);
+    EXPECT_EQ(PrivacyError::ERR_PERMISSION_DENIED, ret);
+}
+
+/**
+ * @tc.name: SetMutePolicyInner002
+ * @tc.desc: SetMutePolicyInner test.
+ * @tc.type: FUNC
+ * @tc.require:
+ */
+HWTEST_F(PrivacyManagerServiceTest, SetMutePolicyInner002, TestSize.Level0)
+{
+    AccessTokenID tokenID = 123; // 123 is invalid tokenID
+    uint32_t policyType = 0;
+    uint32_t callerType = 0;
+    bool isMute = false;
+
+    MockNativeToken mock("camera_service");
+
+    int32_t ret = privacyManagerService_->SetMutePolicy(policyType, callerType, isMute, tokenID);
+    EXPECT_NE(PrivacyError::ERR_PERMISSION_DENIED, ret);
+}
+
+/**
+ * @tc.name: SetMutePolicyInner003
+ * @tc.desc: SetMutePolicyInner test.
+ * @tc.type: FUNC
+ * @tc.require:
+ */
+HWTEST_F(PrivacyManagerServiceTest, SetMutePolicyInner003, TestSize.Level0)
+{
+    AccessTokenID tokenID = 123; // 123 is invalid tokenID
+    uint32_t policyType = 0;
+    uint32_t callerType = 0;
+    bool isMute = false;
+
+    MockNativeToken mock("accesstoken_service");
+
+    int32_t ret = privacyManagerService_->SetMutePolicy(policyType, callerType, isMute, tokenID);
+    EXPECT_EQ(PrivacyError::ERR_PERMISSION_DENIED, ret);
+}
+
+/**
+ * @tc.name: SetMutePolicyInner004
+ * @tc.desc: SetMutePolicyInner test.
+ * @tc.type: FUNC
+ * @tc.require:
+ */
+HWTEST_F(PrivacyManagerServiceTest, SetMutePolicyInner004, TestSize.Level0)
+{
+    AccessTokenID tokenID = 123; // 123 is invalid tokenID
+    uint32_t policyType = 0;
+    uint32_t callerType = 0;
+    bool isMute = false;
+
+    MockNativeToken mock("hdcd");
+
+    int32_t ret = privacyManagerService_->SetMutePolicy(policyType, callerType, isMute, tokenID);
+    EXPECT_EQ(PrivacyError::ERR_PERMISSION_DENIED, ret);
+}
+
+/**
+ * @tc.name: SetHapWithFGReminderInner001
+ * @tc.desc: SetHapWithFGReminderInner test.
+ * @tc.type: FUNC
+ * @tc.require:
+ */
+HWTEST_F(PrivacyManagerServiceTest, SetHapWithFGReminderInner001, TestSize.Level0)
+{
+    AccessTokenID tokenID = 123; // 123 is invalid tokenID
+    bool isAllowed = true;
+
+    std::vector<std::string> reqPerm;
+    MockHapToken mock("SetHapWithFGReminderInner001", reqPerm, true); // set self tokenID to system app
+
+    // systemapp with need permission
+    int32_t ret = privacyManagerService_->SetHapWithFGReminder(tokenID, isAllowed);
+    EXPECT_EQ(PrivacyError::ERR_PERMISSION_DENIED, ret);
+}
+
+/**
+ * @tc.name: GetProxyDeathHandle001
+ * @tc.desc: GetProxyDeathHandle test.
+ * @tc.type: FUNC
+ * @tc.require:
+ */
+HWTEST_F(PrivacyManagerServiceTest, GetProxyDeathHandle001, TestSize.Level0)
+{
+    auto handler1 = privacyManagerService_->GetProxyDeathHandler();
+    ASSERT_NE(nullptr, handler1);
+    auto handler2 = privacyManagerService_->GetProxyDeathHandler();
+    ASSERT_NE(nullptr, handler2);
+
+    privacyManagerService_->OnAddSystemAbility(COMMON_EVENT_SERVICE_ID, "123");
+    privacyManagerService_->OnAddSystemAbility(SCREENLOCK_SERVICE_ID, "123");
+    privacyManagerService_->OnAddSystemAbility(INVALID_CODE, "123");
 }
 } // namespace AccessToken
 } // namespace Security
diff --git a/services/privacymanager/test/unittest/sensitive_manager_test.cpp b/services/privacymanager/test/unittest/sensitive_manager_test.cpp
index cf5010c4202242e69f4f721de02679392f3a01c0..b388e55c35c646143ed5e52ebdad4208365f3ad3 100644
--- a/services/privacymanager/test/unittest/sensitive_manager_test.cpp
+++ b/services/privacymanager/test/unittest/sensitive_manager_test.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2022-2024 Huawei Device Co., Ltd.
+ * Copyright (c) 2022-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -27,6 +27,7 @@
 #endif
 #include "camera_manager_adapter.h"
 #include "permission_record_manager.h"
+#include "privacy_test_common.h"
 #include "token_setproc.h"
 
 using namespace testing::ext;
@@ -41,6 +42,7 @@ public:
     void SetUp();
     void TearDown();
 };
+static MockHapToken* g_mock = nullptr;
 static AccessTokenID g_selfTokenId = 0;
 static PermissionStateFull g_testState1 = {
     .permissionName = "ohos.permission.RUNNING_STATE_OBSERVER",
@@ -106,28 +108,32 @@ static HapInfoParams g_infoManagerTestSystemInfoParms = {
 void SensitiveManagerServiceTest::SetUpTestCase()
 {
     g_selfTokenId = GetSelfTokenID();
+    PrivacyTestCommon::SetTestEvironment(g_selfTokenId);
+
+    std::vector<std::string> reqPerm;
+    reqPerm.emplace_back("ohos.permission.RUNNING_STATE_OBSERVER");
+    reqPerm.emplace_back("ohos.permission.MANAGE_CAMERA_CONFIG");
+    reqPerm.emplace_back("ohos.permission.GET_RUNNING_INFO");
+    reqPerm.emplace_back("ohos.permission.MANAGE_AUDIO_CONFIG");
+    reqPerm.emplace_back("ohos.permission.MICROPHONE_CONTROL");
+    g_mock = new (std::nothrow) MockHapToken("SensitiveManagerServiceTest", reqPerm);
 }
 
 void SensitiveManagerServiceTest::TearDownTestCase()
 {
+    if (g_mock != nullptr) {
+        delete g_mock;
+        g_mock = nullptr;
+    }
+    PrivacyTestCommon::ResetTestEvironment();
 }
 
 void SensitiveManagerServiceTest::SetUp()
 {
-    AccessTokenKit::AllocHapToken(g_InfoParms1, g_PolicyPrams1);
-    AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID,
-                                                          g_InfoParms1.bundleName,
-                                                          g_InfoParms1.instIndex);
-    EXPECT_EQ(0, SetSelfTokenID(tokenId));
 }
 
 void SensitiveManagerServiceTest::TearDown()
 {
-    AccessTokenID tokenID = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID,
-                                                          g_InfoParms1.bundleName,
-                                                          g_InfoParms1.instIndex);
-    AccessTokenKit::DeleteToken(tokenID);
-    EXPECT_EQ(0, SetSelfTokenID(g_selfTokenId));
 }
 
 /*
@@ -150,8 +156,8 @@ HWTEST_F(SensitiveManagerServiceTest, RegisterAppObserverTest001, TestSize.Level
  */
 HWTEST_F(SensitiveManagerServiceTest, RegisterAppObserverTest002, TestSize.Level1)
 {
-    AccessTokenID tokenId = AccessTokenKit::GetNativeTokenId("privacy_service");
-    EXPECT_EQ(0, SetSelfTokenID(tokenId));
+    MockNativeToken("privacy_service");
+    AccessTokenID tokenId = GetSelfTokenID();
 
     sptr<ApplicationStateObserverStub> listener = new(std::nothrow) ApplicationStateObserverStub();
     ASSERT_NE(listener, nullptr);
diff --git a/services/tokensyncmanager/src/remote/soft_bus_manager.cpp b/services/tokensyncmanager/src/remote/soft_bus_manager.cpp
index c89da2c5ec1e9bb5fd874a310462e6a452b229f5..82cf5470aab0610135c2d5b9b427c33dfce03e78 100644
--- a/services/tokensyncmanager/src/remote/soft_bus_manager.cpp
+++ b/services/tokensyncmanager/src/remote/soft_bus_manager.cpp
@@ -525,6 +525,8 @@ int SoftBusManager::FulfillLocalDeviceInfo()
     }
     std::string networkId = std::string(deviceInfo.networkId);
 
+    LOGD(ATM_DOMAIN, ATM_TAG, "Call softbus finished, type:%{public}d", deviceInfo.deviceTypeId);
+
     std::string uuid;
     std::string udid;
 
diff --git a/services/tokensyncmanager/test/coverage/BUILD.gn b/services/tokensyncmanager/test/coverage/BUILD.gn
index 5ddfb2d6f65e75f7571edd5316615e6ff6099d97..89e3219e24510d32b4684ddb81b1fb52b0b9aa0f 100644
--- a/services/tokensyncmanager/test/coverage/BUILD.gn
+++ b/services/tokensyncmanager/test/coverage/BUILD.gn
@@ -15,9 +15,8 @@ import("//build/test.gni")
 import("../../../../access_token.gni")
 
 ohos_unittest("libtoken_sync_service_coverage_test") {
-  subsystem_name = "security"
-  part_name = "access_token"
-  module_out_path = part_name + "/" + part_name
+  subsystem_name = "accesscontrol"
+  module_out_path = module_output_path_unittest_accesstoken
   sanitize = {
     cfi = true
     cfi_cross_dso = true
@@ -26,6 +25,7 @@ ohos_unittest("libtoken_sync_service_coverage_test") {
   branch_protector_ret = "pac_ret"
 
   sources = [
+    "${access_token_path}/interfaces/innerkits/accesstoken/test/unittest/common/test_common.cpp",
     "../../src/command/base_remote_command.cpp",
     "../../src/command/delete_remote_token_command.cpp",
     "../../src/command/sync_remote_hap_token_command.cpp",
@@ -63,6 +63,7 @@ ohos_unittest("libtoken_sync_service_coverage_test") {
     "${access_token_path}/services/accesstokenmanager/main/cpp/include/token",
     "${access_token_path}/services/common/json_parse/include",
     "${access_token_path}/services/common/handler/include",
+    "${access_token_path}/interfaces/innerkits/accesstoken/test/unittest/common/",
   ]
 
   deps = [
@@ -85,6 +86,7 @@ ohos_unittest("libtoken_sync_service_coverage_test") {
     "hilog:libhilog",
     "ipc:ipc_single",
     "safwk:system_ability_fwk",
+    "samgr:samgr_proxy",
     "zlib:libz",
   ]
 
diff --git a/services/tokensyncmanager/test/coverage/token_sync_service_coverage_test.cpp b/services/tokensyncmanager/test/coverage/token_sync_service_coverage_test.cpp
index 057c63a00289c9f74c60f2a17f3a0ca2d2c9dc7c..4e8f3079be76beee5497714f071f8f3afd9ebd61 100644
--- a/services/tokensyncmanager/test/coverage/token_sync_service_coverage_test.cpp
+++ b/services/tokensyncmanager/test/coverage/token_sync_service_coverage_test.cpp
@@ -45,6 +45,7 @@
 #include "socket.h"
 #include "soft_bus_device_connection_listener.h"
 #include "soft_bus_socket_listener.h"
+#include "test_common.h"
 #include "token_setproc.h"
 #include "token_sync_manager_stub.h"
 
@@ -93,7 +94,7 @@ TokenSyncServiceTest::~TokenSyncServiceTest()
 void NativeTokenGet()
 {
     uint64_t tokenId = 0;
-    tokenId = AccessTokenKit::GetNativeTokenId("token_sync_service");
+    tokenId = TestCommon::GetNativeTokenIdFromProcess("token_sync_service");
     ASSERT_NE(tokenId, static_cast<AccessTokenID>(0));
     EXPECT_EQ(0, SetSelfTokenID(tokenId));
 }
@@ -102,10 +103,14 @@ void TokenSyncServiceTest::SetUpTestCase()
 {
     g_selfUid = getuid();
     g_selfTokenId = GetSelfTokenID();
+    TestCommon::SetTestEvironment(g_selfTokenId);
     NativeTokenGet();
 }
 void TokenSyncServiceTest::TearDownTestCase()
-{}
+{
+    SetSelfTokenID(g_selfTokenId);
+    TestCommon::ResetTestEvironment();
+}
 void TokenSyncServiceTest::SetUp()
 {
     tokenSyncManagerService_ = DelayedSingleton<TokenSyncManagerService>::GetInstance();
@@ -153,7 +158,7 @@ void TokenSyncServiceTest::OnDeviceOffline(const DistributedHardware::DmDeviceIn
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenSyncServiceTest, CheckAndCopyStr001, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, CheckAndCopyStr001, TestSize.Level4)
 {
     std::string test_src = "testSrc";
     ASSERT_FALSE(SoftBusManager::GetInstance().CheckAndCopyStr(nullptr, test_src.length(), test_src));
@@ -165,7 +170,7 @@ HWTEST_F(TokenSyncServiceTest, CheckAndCopyStr001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenSyncServiceTest, CloseSocket001, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, CloseSocket001, TestSize.Level4)
 {
     ASSERT_EQ(Constant::FAILURE, SoftBusManager::GetInstance().CloseSocket(-1));
     ASSERT_EQ(Constant::SUCCESS, SoftBusManager::GetInstance().CloseSocket(OUT_OF_MAP_SOCKET));
@@ -179,7 +184,7 @@ HWTEST_F(TokenSyncServiceTest, CloseSocket001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenSyncServiceTest, GetUniversallyUniqueIdByNodeId001, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, GetUniversallyUniqueIdByNodeId001, TestSize.Level4)
 {
     SoftBusManager::GetInstance().Initialize();
     SoftBusManager::GetInstance().SetDefaultConfigValue();
@@ -193,7 +198,7 @@ HWTEST_F(TokenSyncServiceTest, GetUniversallyUniqueIdByNodeId001, TestSize.Level
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenSyncServiceTest, InsertCallbackAndExcute001, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, InsertCallbackAndExcute001, TestSize.Level4)
 {
     SoftBusDeviceConnectionListener listener;
     listener.OnDeviceOffline(g_devInfo);
diff --git a/services/tokensyncmanager/test/unittest/BUILD.gn b/services/tokensyncmanager/test/unittest/BUILD.gn
index 7c224502045d6d3317806caf54dfa81dd849c2a9..07348bdf7b73aa26740df1d04b98318e51fb0fd0 100644
--- a/services/tokensyncmanager/test/unittest/BUILD.gn
+++ b/services/tokensyncmanager/test/unittest/BUILD.gn
@@ -15,9 +15,8 @@ import("//build/test.gni")
 import("../../../../access_token.gni")
 
 ohos_unittest("libtoken_sync_service_standard_test") {
-  subsystem_name = "security"
-  part_name = "access_token"
-  module_out_path = part_name + "/" + part_name
+  subsystem_name = "accesscontrol"
+  module_out_path = module_output_path_unittest_accesstoken
   sanitize = {
     cfi = true
     cfi_cross_dso = true
@@ -26,6 +25,7 @@ ohos_unittest("libtoken_sync_service_standard_test") {
   branch_protector_ret = "pac_ret"
 
   sources = [
+    "${access_token_path}/interfaces/innerkits/accesstoken/test/unittest/common/test_common.cpp",
     "../../src/command/base_remote_command.cpp",
     "../../src/command/delete_remote_token_command.cpp",
     "../../src/command/sync_remote_hap_token_command.cpp",
@@ -63,6 +63,7 @@ ohos_unittest("libtoken_sync_service_standard_test") {
     "${access_token_path}/services/accesstokenmanager/main/cpp/include/token",
     "${access_token_path}/services/common/json_parse/include",
     "${access_token_path}/services/common/handler/include",
+    "${access_token_path}/interfaces/innerkits/accesstoken/test/unittest/common/",
   ]
 
   deps = [
@@ -89,6 +90,7 @@ ohos_unittest("libtoken_sync_service_standard_test") {
     "hilog:libhilog",
     "ipc:ipc_single",
     "safwk:system_ability_fwk",
+    "samgr:samgr_proxy",
     "zlib:libz",
   ]
   if (eventhandler_enable == true) {
diff --git a/services/tokensyncmanager/test/unittest/token_sync_service_test.cpp b/services/tokensyncmanager/test/unittest/token_sync_service_test.cpp
index be54f37349f40a7bb3fb2e3cf4164699fe4dedf2..4e2f184654e74c644e68b1962f9d5fbdc7477139 100644
--- a/services/tokensyncmanager/test/unittest/token_sync_service_test.cpp
+++ b/services/tokensyncmanager/test/unittest/token_sync_service_test.cpp
@@ -46,6 +46,7 @@
 #include "socket.h"
 #include "soft_bus_device_connection_listener.h"
 #include "soft_bus_socket_listener.h"
+#include "test_common.h"
 #include "token_setproc.h"
 #include "token_sync_manager_stub.h"
 
@@ -98,7 +99,7 @@ TokenSyncServiceTest::~TokenSyncServiceTest()
 void NativeTokenGet()
 {
     uint64_t tokenId = 0;
-    tokenId = AccessTokenKit::GetNativeTokenId("token_sync_service");
+    tokenId = TestCommon::GetNativeTokenIdFromProcess("token_sync_service");
     ASSERT_NE(tokenId, static_cast<AccessTokenID>(0));
     EXPECT_EQ(0, SetSelfTokenID(tokenId));
 }
@@ -107,10 +108,15 @@ void TokenSyncServiceTest::SetUpTestCase()
 {
     g_selfUid = getuid();
     g_selfTokenId = GetSelfTokenID();
+    TestCommon::SetTestEvironment(g_selfTokenId);
+
     NativeTokenGet();
 }
 void TokenSyncServiceTest::TearDownTestCase()
-{}
+{
+    SetSelfTokenID(g_selfTokenId);
+    TestCommon::ResetTestEvironment();
+}
 void TokenSyncServiceTest::SetUp()
 {
     tokenSyncManagerService_ = DelayedSingleton<TokenSyncManagerService>::GetInstance();
@@ -253,15 +259,13 @@ public:
 static void DeleteAndAllocToken(AccessTokenID& tokenId)
 {
     // create local token
-    AccessTokenID tokenID = AccessTokenKit::GetHapTokenID(g_infoManagerTestInfoParms.userID,
+    AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(g_infoManagerTestInfoParms.userID,
         g_infoManagerTestInfoParms.bundleName, g_infoManagerTestInfoParms.instIndex);
-    AccessTokenKit::DeleteToken(tokenID);
-
-    AccessTokenIDEx tokenIdEx = {0};
-    tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
-    ASSERT_NE(static_cast<AccessTokenID>(0), tokenIdEx.tokenIdExStruct.tokenID);
+    TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID);
 
-    tokenId = tokenIdEx.tokenIdExStruct.tokenID;
+    AccessTokenIDEx tokenIdEx1 = {0};
+    TestCommon::AllocTestHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams, tokenIdEx1);
+    ASSERT_NE(static_cast<AccessTokenID>(0), tokenIdEx1.tokenIdExStruct.tokenID);
 }
 
 /**
@@ -270,7 +274,7 @@ static void DeleteAndAllocToken(AccessTokenID& tokenId)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenSyncServiceTest, ProcessOneCommand001, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, ProcessOneCommand001, TestSize.Level0)
 {
     std::string nodeId = "test_nodeId";
     auto executor = std::make_shared<RemoteCommandExecutor>(nodeId);
@@ -283,7 +287,7 @@ HWTEST_F(TokenSyncServiceTest, ProcessOneCommand001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenSyncServiceTest, ProcessOneCommand002, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, ProcessOneCommand002, TestSize.Level0)
 {
     std::string nodeId = "test_nodeId";
     auto executor = std::make_shared<RemoteCommandExecutor>(nodeId);
@@ -298,7 +302,7 @@ HWTEST_F(TokenSyncServiceTest, ProcessOneCommand002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenSyncServiceTest, ProcessOneCommand003, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, ProcessOneCommand003, TestSize.Level0)
 {
     std::string nodeId = ConstantCommon::GetLocalDeviceId();
     auto executor = std::make_shared<RemoteCommandExecutor>(nodeId);
@@ -313,7 +317,7 @@ HWTEST_F(TokenSyncServiceTest, ProcessOneCommand003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenSyncServiceTest, AddCommand001, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, AddCommand001, TestSize.Level0)
 {
     std::string nodeId = "test_nodeId";
     auto executor = std::make_shared<RemoteCommandExecutor>(nodeId);
@@ -326,7 +330,7 @@ HWTEST_F(TokenSyncServiceTest, AddCommand001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenSyncServiceTest, AddCommand002, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, AddCommand002, TestSize.Level0)
 {
     std::string nodeId = "test_nodeId";
     auto executor = std::make_shared<RemoteCommandExecutor>(nodeId);
@@ -340,7 +344,7 @@ HWTEST_F(TokenSyncServiceTest, AddCommand002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenSyncServiceTest, ProcessBufferedCommands001, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, ProcessBufferedCommands001, TestSize.Level0)
 {
     std::string nodeId = "test_nodeId";
     auto executor = std::make_shared<RemoteCommandExecutor>(nodeId);
@@ -354,7 +358,7 @@ HWTEST_F(TokenSyncServiceTest, ProcessBufferedCommands001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenSyncServiceTest, ProcessBufferedCommands002, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, ProcessBufferedCommands002, TestSize.Level0)
 {
     std::string nodeId = "test_nodeId";
     auto executor = std::make_shared<RemoteCommandExecutor>(nodeId);
@@ -369,7 +373,7 @@ HWTEST_F(TokenSyncServiceTest, ProcessBufferedCommands002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenSyncServiceTest, ProcessBufferedCommands003, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, ProcessBufferedCommands003, TestSize.Level0)
 {
     std::string nodeId = "test_nodeId";
     auto executor = std::make_shared<RemoteCommandExecutor>(nodeId);
@@ -385,7 +389,7 @@ HWTEST_F(TokenSyncServiceTest, ProcessBufferedCommands003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenSyncServiceTest, ProcessBufferedCommands004, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, ProcessBufferedCommands004, TestSize.Level0)
 {
     std::string nodeId = "test_nodeId";
     auto executor = std::make_shared<RemoteCommandExecutor>(nodeId);
@@ -401,7 +405,7 @@ HWTEST_F(TokenSyncServiceTest, ProcessBufferedCommands004, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenSyncServiceTest, ClientProcessResult001, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, ClientProcessResult001, TestSize.Level0)
 {
     std::string nodeId = "test_nodeId";
     auto executor = std::make_shared<RemoteCommandExecutor>(nodeId);
@@ -416,7 +420,7 @@ HWTEST_F(TokenSyncServiceTest, ClientProcessResult001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenSyncServiceTest, ClientProcessResult002, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, ClientProcessResult002, TestSize.Level0)
 {
     std::string nodeId = ConstantCommon::GetLocalDeviceId();
     auto executor = std::make_shared<RemoteCommandExecutor>(nodeId);
@@ -433,7 +437,7 @@ HWTEST_F(TokenSyncServiceTest, ClientProcessResult002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenSyncServiceTest, ToNativeTokenInfoJson001, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, ToNativeTokenInfoJson001, TestSize.Level0)
 {
     NativeTokenInfoBase native1 = {
         .ver = 1,
@@ -453,7 +457,7 @@ HWTEST_F(TokenSyncServiceTest, ToNativeTokenInfoJson001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenSyncServiceTest, FromPermStateListJson001, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, FromPermStateListJson001, TestSize.Level0)
 {
     HapTokenInfo baseInfo = {
         .ver = 1,
@@ -505,7 +509,7 @@ HWTEST_F(TokenSyncServiceTest, FromPermStateListJson001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenSyncServiceTest, FromNativeTokenInfoJson001, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, FromNativeTokenInfoJson001, TestSize.Level0)
 {
     auto cmd = std::make_shared<TestBaseRemoteCommand>();
 
@@ -540,7 +544,7 @@ HWTEST_F(TokenSyncServiceTest, FromNativeTokenInfoJson001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenSyncServiceTest, FromPermStateListJson002, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, FromPermStateListJson002, TestSize.Level0)
 {
     auto cmd = std::make_shared<TestBaseRemoteCommand>();
 
@@ -579,7 +583,7 @@ HWTEST_F(TokenSyncServiceTest, FromPermStateListJson002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:AR000GK6T5 AR000GK6T9
  */
-HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo002, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo002, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GetRemoteHapTokenInfo002 start.");
 
@@ -634,7 +638,7 @@ HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:AR000GK6T5 AR000GK6T9
  */
-HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo003, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo003, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GetRemoteHapTokenInfo003 start.");
     g_jsonBefore = "{\"commandName\":\"SyncRemoteHapTokenCommand\", \"id\":\"";
@@ -666,7 +670,7 @@ HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:AR000GK6T5 AR000GK6T9
  */
-HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo004, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo004, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GetRemoteHapTokenInfo004 start.");
     g_jsonBefore = "{\"commandName\":\"SyncRemoteHapTokenCommand\", \"id\":\"";
@@ -698,7 +702,7 @@ HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo004, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:AR000GK6T5 AR000GK6T9
  */
-HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo005, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo005, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GetRemoteHapTokenInfo005 start.");
     g_jsonBefore = "{\"commandName\":\"SyncRemoteHapTokenCommand\", \"id\":\"";
@@ -731,7 +735,7 @@ HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo005, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:AR000GK6T5 AR000GK6T9
  */
-HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo006, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo006, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GetRemoteHapTokenInfo006 start.");
     g_jsonBefore = "{\"commandName\":\"SyncRemoteHapTokenCommand\", \"id\":\"";
@@ -765,7 +769,7 @@ HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo006, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:AR000GK6T5 AR000GK6T9
  */
-HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo007, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo007, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GetRemoteHapTokenInfo007 start.");
     g_jsonBefore = "{\"commandName\":\"SyncRemoteHapTokenCommand\", \"id\":\"";
@@ -798,14 +802,14 @@ HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo007, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:AR000GK6T5 AR000GK6T9
  */
-HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo008, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo008, TestSize.Level0)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "GetRemoteHapTokenInfo008 start.");
     // create local token
-    AccessTokenID tokenID = AccessTokenKit::GetHapTokenID(g_infoManagerTestInfoParms.userID,
-                                                          g_infoManagerTestInfoParms.bundleName,
-                                                          g_infoManagerTestInfoParms.instIndex);
-    AccessTokenKit::DeleteToken(tokenID);
+    AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(g_infoManagerTestInfoParms.userID,
+        g_infoManagerTestInfoParms.bundleName, g_infoManagerTestInfoParms.instIndex);
+    AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
+    TestCommon::DeleteTestHapToken(tokenID);
 
     // tokenID is not exist
     std::string jsonBefore =
@@ -847,7 +851,7 @@ HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo008, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(TokenSyncServiceTest, DeleteRemoteTokenCommand001, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, DeleteRemoteTokenCommand001, TestSize.Level0)
 {
     std::string srcDeviceId = "001";
     std::string dstDeviceId = "002";
@@ -876,7 +880,7 @@ HWTEST_F(TokenSyncServiceTest, DeleteRemoteTokenCommand001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: Issue Number
  */
-HWTEST_F(TokenSyncServiceTest, NewUpdateRemoteHapTokenCommand001, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, NewUpdateRemoteHapTokenCommand001, TestSize.Level0)
 {
     std::string srcDeviceId = "001";
     std::string dstDeviceId = "002";
@@ -896,7 +900,7 @@ HWTEST_F(TokenSyncServiceTest, NewUpdateRemoteHapTokenCommand001, TestSize.Level
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenSyncServiceTest, AddDeviceInfo001, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, AddDeviceInfo001, TestSize.Level0)
 {
     std::string networkId;
     std::string universallyUniqueId;
@@ -935,7 +939,7 @@ HWTEST_F(TokenSyncServiceTest, AddDeviceInfo001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenSyncServiceTest, RemoveAllRemoteDeviceInfo001, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, RemoveAllRemoteDeviceInfo001, TestSize.Level0)
 {
     DeviceInfoManager::GetInstance().RemoveAllRemoteDeviceInfo(); // FindDeviceInfo false
 
@@ -962,7 +966,7 @@ HWTEST_F(TokenSyncServiceTest, RemoveAllRemoteDeviceInfo001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenSyncServiceTest, RemoveRemoteDeviceInfo001, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, RemoveRemoteDeviceInfo001, TestSize.Level0)
 {
     std::string nodeId;
     DeviceIdType deviceIdType = DeviceIdType::UNKNOWN;
@@ -1009,7 +1013,7 @@ HWTEST_F(TokenSyncServiceTest, RemoveRemoteDeviceInfo001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenSyncServiceTest, ConvertToUniversallyUniqueIdOrFetch001, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, ConvertToUniversallyUniqueIdOrFetch001, TestSize.Level0)
 {
     std::string nodeId;
     ASSERT_EQ("", DeviceInfoManager::GetInstance().ConvertToUniversallyUniqueIdOrFetch(nodeId)); // nodeId invalid
@@ -1046,7 +1050,7 @@ HWTEST_F(TokenSyncServiceTest, ConvertToUniversallyUniqueIdOrFetch001, TestSize.
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenSyncServiceTest, ConvertToUniqueDeviceIdOrFetch001, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, ConvertToUniqueDeviceIdOrFetch001, TestSize.Level0)
 {
     std::string nodeId;
     ASSERT_EQ("", DeviceInfoManager::GetInstance().ConvertToUniqueDeviceIdOrFetch(nodeId)); // nodeId invalid
@@ -1083,7 +1087,7 @@ HWTEST_F(TokenSyncServiceTest, ConvertToUniqueDeviceIdOrFetch001, TestSize.Level
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenSyncServiceTest, IsDeviceUniversallyUniqueId001, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, IsDeviceUniversallyUniqueId001, TestSize.Level0)
 {
     std::string nodeId;
     ASSERT_EQ(false, DeviceInfoManager::GetInstance().IsDeviceUniversallyUniqueId(nodeId)); // nodeId invalid
@@ -1112,7 +1116,7 @@ HWTEST_F(TokenSyncServiceTest, IsDeviceUniversallyUniqueId001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenSyncServiceTest, FindDeviceInfo001, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, FindDeviceInfo001, TestSize.Level0)
 {
     std::string networkId = "123";
     std::string universallyUniqueId = "123";
@@ -1159,7 +1163,7 @@ HWTEST_F(TokenSyncServiceTest, FindDeviceInfo001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo001, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo001, TestSize.Level0)
 {
     std::string deviceID = "dev-001";
     AccessTokenID tokenID = 123; // 123 is random input
@@ -1175,7 +1179,7 @@ HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenSyncServiceTest, DeleteRemoteHapTokenInfo001, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, DeleteRemoteHapTokenInfo001, TestSize.Level0)
 {
     AccessTokenID tokenId;
 
@@ -1212,7 +1216,7 @@ HWTEST_F(TokenSyncServiceTest, DeleteRemoteHapTokenInfo001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenSyncServiceTest, ExistDeviceInfo001, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, ExistDeviceInfo001, TestSize.Level0)
 {
     std::string nodeId = "111";
     DeviceIdType type = DeviceIdType::NETWORK_ID;
@@ -1246,7 +1250,7 @@ public:
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenSyncServiceTest, OnRemoteRequest001, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, OnRemoteRequest001, TestSize.Level0)
 {
     OHOS::MessageParcel data;
     OHOS::MessageParcel reply;
@@ -1279,7 +1283,7 @@ HWTEST_F(TokenSyncServiceTest, OnRemoteRequest001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenSyncServiceTest, OnRemoteRequest002, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, OnRemoteRequest002, TestSize.Level0)
 {
     OHOS::MessageParcel data;
     OHOS::MessageParcel reply;
@@ -1315,7 +1319,7 @@ HWTEST_F(TokenSyncServiceTest, OnRemoteRequest002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenSyncServiceTest, OnStart001, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, OnStart001, TestSize.Level0)
 {
     tokenSyncManagerService_->OnStop();
     ASSERT_EQ(ServiceRunningState::STATE_NOT_START, tokenSyncManagerService_->state_);
@@ -1330,7 +1334,7 @@ HWTEST_F(TokenSyncServiceTest, OnStart001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenSyncServiceTest, RemoteCommandManager001, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, RemoteCommandManager001, TestSize.Level0)
 {
     RemoteCommandManager::GetInstance().Init();
     std::string udid = "test_udId";
@@ -1361,7 +1365,7 @@ HWTEST_F(TokenSyncServiceTest, RemoteCommandManager001, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenSyncServiceTest, RemoteCommandManager002, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, RemoteCommandManager002, TestSize.Level0)
 {
     RemoteCommandManager::GetInstance().Init();
     std::string udid = "test_udId_1";
@@ -1378,7 +1382,7 @@ HWTEST_F(TokenSyncServiceTest, RemoteCommandManager002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenSyncServiceTest, RemoteCommandManager003, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, RemoteCommandManager003, TestSize.Level0)
 {
     RemoteCommandManager::GetInstance().Init();
     std::string nodeId = "test_udId";
@@ -1395,7 +1399,7 @@ HWTEST_F(TokenSyncServiceTest, RemoteCommandManager003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenSyncServiceTest, ProcessDeviceCommandImmediately001, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, ProcessDeviceCommandImmediately001, TestSize.Level0)
 {
     std::string udid = "test_udId_1";
     RemoteCommandManager::GetInstance().executors_[udid] = nullptr;
@@ -1410,7 +1414,7 @@ HWTEST_F(TokenSyncServiceTest, ProcessDeviceCommandImmediately001, TestSize.Leve
  * @tc.type: FUNC
  * @tc.require:
  */
-HWTEST_F(TokenSyncServiceTest, ProcessBufferedCommandsWithThread001, TestSize.Level1)
+HWTEST_F(TokenSyncServiceTest, ProcessBufferedCommandsWithThread001, TestSize.Level0)
 {
     std::string nodeId = "test_nodeId";
     auto executor = std::make_shared<RemoteCommandExecutor>(nodeId);
diff --git a/test/fuzztest/innerkits/accesstoken/BUILD.gn b/test/fuzztest/innerkits/accesstoken/BUILD.gn
index 8b1334097bcf3cbf52c7894cda6ffa3d741faee8..e7e49c309e607e8177aadb5e37ccef43f44bdc5f 100644
--- a/test/fuzztest/innerkits/accesstoken/BUILD.gn
+++ b/test/fuzztest/innerkits/accesstoken/BUILD.gn
@@ -40,24 +40,31 @@ group("fuzztest") {
     "getrendertokenid_fuzzer:GetRenderTokenIdFuzzTest",
     "getreqpermissions_fuzzer:GetReqPermissionsFuzzTest",
     "getselfpermissionsstate_fuzzer:GetSelfPermissionsStateFuzzTest",
+    "getselfpermissionstatus_fuzzer:GetSelfPermissionStatusFuzzTest",
     "gettokenidbyuserid_fuzzer:GetTokenIDByUserIDFuzzTest",
     "gettokentype_fuzzer:GetTokenTypeFuzzTest",
     "gettokentypeflag_fuzzer:GetTokenTypeFlagFuzzTest",
     "grantpermission_fuzzer:GrantPermissionFuzzTest",
     "grantpermissionforspecifiedtime_fuzzer:GrantPermissionForSpecifiedTimeFuzzTest",
     "inithaptoken_fuzzer:InitHapTokenFuzzTest",
+    "istoastshownneeded_fuzzer:IsToastShownNeededFuzzTest",
     "registerpermstatechangecallback_fuzzer:RegisterPermStateChangeCallbackFuzzTest",
-    "registertokensynccallback_fuzzer:RegisterTokenSyncCallbackFuzzTest",
     "requestapppermonsetting_fuzzer:RequestAppPermOnSettingFuzzTest",
     "revokeusergrantedpermission_fuzzer:RevokeUserGrantedPermissionFuzzTest",
     "setpermdialogcap_fuzzer:SetPermDialogCapFuzzTest",
     "setpermissionrequesttogglestatus_fuzzer:SetPermissionRequestToggleStatusFuzzTest",
     "setremotehaptokeninfo_fuzzer:SetRemoteHapTokenInfoFuzzTest",
     "unregisterpermstatechangecallback_fuzzer:UnRegisterPermStateChangeCallbackFuzzTest",
-    "unregistertokensynccallback_fuzzer:UnRegisterTokenSyncCallbackFuzzTest",
     "updatehaptoken_fuzzer:UpdateHapTokenFuzzTest",
     "verifyaccesstoken001_fuzzer:VerifyAccessToken001FuzzTest",
     "verifyaccesstoken_fuzzer:VerifyAccessTokenFuzzTest",
     "verifyaccesstokenwithlist_fuzzer:VerifyAccessTokenWithListFuzzTest",
   ]
+  if (security_component_enhance_enable) {
+    deps += [
+      "getseccompenhance_fuzzer:GetSecCompEnhanceFuzzTest",
+      "registerseccompenhance_fuzzer:RegisterSecCompEnhanceFuzzTest",
+      "updateseccompenhance_fuzzer:UpdateSecCompEnhanceFuzzTest",
+    ]
+  }
 }
diff --git a/test/fuzztest/innerkits/privacy/getseccompenhance_fuzzer/BUILD.gn b/test/fuzztest/innerkits/accesstoken/getseccompenhance_fuzzer/BUILD.gn
similarity index 88%
rename from test/fuzztest/innerkits/privacy/getseccompenhance_fuzzer/BUILD.gn
rename to test/fuzztest/innerkits/accesstoken/getseccompenhance_fuzzer/BUILD.gn
index e3d12b3ac9971e54fcd362fe7b76d79a173cf6b6..d5bd56875c1ec7f346c1b718e49c1872fd0e0a05 100644
--- a/test/fuzztest/innerkits/privacy/getseccompenhance_fuzzer/BUILD.gn
+++ b/test/fuzztest/innerkits/accesstoken/getseccompenhance_fuzzer/BUILD.gn
@@ -16,7 +16,7 @@ import("//build/test.gni")
 import("../../../../../access_token.gni")
 
 ohos_fuzztest("GetSecCompEnhanceFuzzTest") {
-  module_out_path = module_output_path_interface_privacy
+  module_out_path = module_output_path_interface_access_token
   fuzz_config_file = "."
   include_dirs = [
     "${access_token_path}/interfaces/innerkits/accesstoken/include",
@@ -30,7 +30,9 @@ ohos_fuzztest("GetSecCompEnhanceFuzzTest") {
   ]
   sources = [ "getseccompenhance_fuzzer.cpp" ]
 
-  deps = [ "${access_token_path}/interfaces/innerkits/privacy:libprivacy_sdk" ]
+  deps = [
+    "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk",
+  ]
 
   configs = [ "${access_token_path}/config:coverage_flags" ]
 
diff --git a/test/fuzztest/innerkits/privacy/getseccompenhance_fuzzer/corpus/init b/test/fuzztest/innerkits/accesstoken/getseccompenhance_fuzzer/corpus/init
similarity index 100%
rename from test/fuzztest/innerkits/privacy/getseccompenhance_fuzzer/corpus/init
rename to test/fuzztest/innerkits/accesstoken/getseccompenhance_fuzzer/corpus/init
diff --git a/test/fuzztest/innerkits/privacy/getseccompenhance_fuzzer/getseccompenhance_fuzzer.cpp b/test/fuzztest/innerkits/accesstoken/getseccompenhance_fuzzer/getseccompenhance_fuzzer.cpp
similarity index 91%
rename from test/fuzztest/innerkits/privacy/getseccompenhance_fuzzer/getseccompenhance_fuzzer.cpp
rename to test/fuzztest/innerkits/accesstoken/getseccompenhance_fuzzer/getseccompenhance_fuzzer.cpp
index e8722acb792b302e0eb7ada991b0015084fb878b..50a3f7dfe3a69926699d15c39a3a69c272ea42b4 100644
--- a/test/fuzztest/innerkits/privacy/getseccompenhance_fuzzer/getseccompenhance_fuzzer.cpp
+++ b/test/fuzztest/innerkits/accesstoken/getseccompenhance_fuzzer/getseccompenhance_fuzzer.cpp
@@ -22,7 +22,7 @@
 
 #include "accesstoken_fuzzdata.h"
 #undef private
-#include "privacy_kit.h"
+#include "accesstoken_kit.h"
 
 using namespace std;
 using namespace OHOS::Security::AccessToken;
@@ -38,7 +38,7 @@ namespace OHOS {
 
         SecCompEnhanceData secData;
 
-        return PrivacyKit::GetSecCompEnhance(fuzzData.GetData<int32_t>(), secData) == 0;
+        return AccessTokenKit::GetSecCompEnhance(fuzzData.GetData<int32_t>(), secData) == 0;
     }
 }
 
diff --git a/test/fuzztest/innerkits/privacy/getseccompenhance_fuzzer/getseccompenhance_fuzzer.h b/test/fuzztest/innerkits/accesstoken/getseccompenhance_fuzzer/getseccompenhance_fuzzer.h
similarity index 100%
rename from test/fuzztest/innerkits/privacy/getseccompenhance_fuzzer/getseccompenhance_fuzzer.h
rename to test/fuzztest/innerkits/accesstoken/getseccompenhance_fuzzer/getseccompenhance_fuzzer.h
diff --git a/test/fuzztest/innerkits/accesstoken/registertokensynccallback_fuzzer/project.xml b/test/fuzztest/innerkits/accesstoken/getseccompenhance_fuzzer/project.xml
similarity index 100%
rename from test/fuzztest/innerkits/accesstoken/registertokensynccallback_fuzzer/project.xml
rename to test/fuzztest/innerkits/accesstoken/getseccompenhance_fuzzer/project.xml
diff --git a/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/BUILD.gn b/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/BUILD.gn
new file mode 100644
index 0000000000000000000000000000000000000000..2968c428b3267f517ad03b977414b4e8eb61401b
--- /dev/null
+++ b/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/BUILD.gn
@@ -0,0 +1,42 @@
+# Copyright (c) 2025 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import("//build/config/features.gni")
+import("//build/test.gni")
+import("../../../../../access_token.gni")
+
+ohos_fuzztest("GetSelfPermissionStatusFuzzTest") {
+  module_out_path = module_output_path_interface_access_token
+  fuzz_config_file = "."
+  include_dirs = [
+    "${access_token_path}/interfaces/innerkits/accesstoken/include",
+    "${access_token_path}/test/fuzztest/common",
+  ]
+  cflags = [
+    "-g",
+    "-O0",
+    "-Wno-unused-variable",
+    "-fno-omit-frame-pointer",
+  ]
+  sources = [ "getselfpermissionstatus_fuzzer.cpp" ]
+  deps = [
+    "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk",
+  ]
+
+  configs = [ "${access_token_path}/config:coverage_flags" ]
+
+  external_deps = [
+    "c_utils:utils",
+    "hilog:libhilog",
+  ]
+}
diff --git a/test/fuzztest/innerkits/accesstoken/unregistertokensynccallback_fuzzer/corpus/init b/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/corpus/init
similarity index 92%
rename from test/fuzztest/innerkits/accesstoken/unregistertokensynccallback_fuzzer/corpus/init
rename to test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/corpus/init
index f7880ef1a502193121ec4b74e27bfc616e66cd26..8f37f09254457133cae0f828d0a5faee7dcbd779 100644
--- a/test/fuzztest/innerkits/accesstoken/unregistertokensynccallback_fuzzer/corpus/init
+++ b/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/corpus/init
@@ -1,4 +1,4 @@
-# Copyright (c) 2024 Huawei Device Co., Ltd.
+# Copyright (c) 2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
diff --git a/test/fuzztest/innerkits/accesstoken/unregistertokensynccallback_fuzzer/unregistertokensynccallback_fuzzer.cpp b/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/getselfpermissionstatus_fuzzer.cpp
similarity index 54%
rename from test/fuzztest/innerkits/accesstoken/unregistertokensynccallback_fuzzer/unregistertokensynccallback_fuzzer.cpp
rename to test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/getselfpermissionstatus_fuzzer.cpp
index 69d1dc55adf02b52f65f219f524d4e01017505f5..a9b21bd237bce727e93954607d9d7945095fc4a7 100644
--- a/test/fuzztest/innerkits/accesstoken/unregistertokensynccallback_fuzzer/unregistertokensynccallback_fuzzer.cpp
+++ b/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/getselfpermissionstatus_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Copyright (c) 2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -13,46 +13,38 @@
  * limitations under the License.
  */
 
-#include "unregistertokensynccallback_fuzzer.h"
+#include "getselfpermissionstatus_fuzzer.h"
 
+#include <string>
+#include <vector>
+#include <thread>
+#include "accesstoken_fuzzdata.h"
+#undef private
 #include "accesstoken_kit.h"
-#include "token_setproc.h"
-#include "token_sync_kit_interface.h"
 
 using namespace std;
 using namespace OHOS::Security::AccessToken;
 
 namespace OHOS {
-    bool NativeTokenGet()
-    {
-        AccessTokenID token = AccessTokenKit::GetNativeTokenId("token_sync_service");
-        if (token == 0) {
-            return false;
-        }
-        SetSelfTokenID(token);
-        return true;
-    }
-    bool RegisterTokenSyncCallbackFuzzTest(const uint8_t* data, size_t size)
+    bool GetSelfPermissionStatusFuzzTest(const uint8_t* data, size_t size)
     {
         if ((data == nullptr) || (size == 0)) {
             return false;
         }
-    #ifdef TOKEN_SYNC_ENABLE
-        int32_t result = AccessTokenKit::UnRegisterTokenSyncCallback();
-        return result == RET_SUCCESS;
-    #else
+
+        AccessTokenFuzzData fuzzData(data, size);
+        std::string permissionName = fuzzData.GenerateStochasticString();
+        PermissionOper status;
+
+        AccessTokenKit::GetSelfPermissionStatus(permissionName, status);
         return true;
-    #endif // TOKEN_SYNC_ENABLE
     }
 }
 
 /* Fuzzer entry point */
 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
 {
-#ifdef TOKEN_SYNC_ENABLE
-    OHOS::NativeTokenGet();
-#endif
     /* Run your code on data */
-    OHOS::RegisterTokenSyncCallbackFuzzTest(data, size);
+    OHOS::GetSelfPermissionStatusFuzzTest(data, size);
     return 0;
-}
\ No newline at end of file
+}
diff --git a/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/getselfpermissionstatus_fuzzer.h b/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/getselfpermissionstatus_fuzzer.h
new file mode 100644
index 0000000000000000000000000000000000000000..46854bbce527c0bc6b6ab0d3821b49da4ac6a465
--- /dev/null
+++ b/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/getselfpermissionstatus_fuzzer.h
@@ -0,0 +1,28 @@
+/*
+ * Copyright (c) 2025 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef TEST_FUZZTEST_GETSELFPERMISSIONSTATUS_FUZZER_H
+#define TEST_FUZZTEST_GETSELFPERMISSIONSTATUS_FUZZER_H
+
+#define FUZZ_PROJECT_NAME "getselfpermissionstatus_fuzzer"
+
+#include <climits>
+#include <cstdlib>
+#include <cstdint>
+#include <cstdio>
+#include <fcntl.h>
+#include <unistd.h>
+
+#endif // TEST_FUZZTEST_GETSELFPERMISSIONSTATUS_FUZZER_H
\ No newline at end of file
diff --git a/test/fuzztest/services/privacy/getspecialseccompenhancestub_fuzzer/project.xml b/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/project.xml
similarity index 95%
rename from test/fuzztest/services/privacy/getspecialseccompenhancestub_fuzzer/project.xml
rename to test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/project.xml
index 7133b2b92440904a5ed04b838733acea0f97486a..66e1dcac475475fb101b6f8670ec699e6e9696aa 100644
--- a/test/fuzztest/services/privacy/getspecialseccompenhancestub_fuzzer/project.xml
+++ b/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/project.xml
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="utf-8"?>
-<!-- Copyright (c) 2024 Huawei Device Co., Ltd.
+<!-- Copyright (c) 2025 Huawei Device Co., Ltd.
 
      Licensed under the Apache License, Version 2.0 (the "License");
      you may not use this file except in compliance with the License.
diff --git a/test/fuzztest/innerkits/accesstoken/istoastshownneeded_fuzzer/BUILD.gn b/test/fuzztest/innerkits/accesstoken/istoastshownneeded_fuzzer/BUILD.gn
new file mode 100644
index 0000000000000000000000000000000000000000..57774825a2179f4a7bd496742d9fd8c7ddab2a2f
--- /dev/null
+++ b/test/fuzztest/innerkits/accesstoken/istoastshownneeded_fuzzer/BUILD.gn
@@ -0,0 +1,44 @@
+# Copyright (c) 2025 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import("//build/config/features.gni")
+import("//build/test.gni")
+import("../../../../../access_token.gni")
+
+ohos_fuzztest("IsToastShownNeededFuzzTest") {
+  module_out_path = module_output_path_interface_access_token
+  fuzz_config_file = "."
+  include_dirs = [
+    "${access_token_path}/interfaces/innerkits/accesstoken/include",
+    "${access_token_path}/test/fuzztest/common",
+  ]
+  cflags = [
+    "-g",
+    "-O0",
+    "-Wno-unused-variable",
+    "-fno-omit-frame-pointer",
+  ]
+  sources = [ "istoastshownneeded_fuzzer.cpp" ]
+
+  deps = [
+    "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk",
+  ]
+
+  configs = [ "${access_token_path}/config:coverage_flags" ]
+
+  external_deps = [
+    "c_utils:utils",
+    "hilog:libhilog",
+    "ipc:ipc_core",
+  ]
+}
diff --git a/test/fuzztest/innerkits/accesstoken/istoastshownneeded_fuzzer/corpus/init b/test/fuzztest/innerkits/accesstoken/istoastshownneeded_fuzzer/corpus/init
new file mode 100644
index 0000000000000000000000000000000000000000..2aea1356e3c3b3ee6e12ad3f72640897d769d02e
--- /dev/null
+++ b/test/fuzztest/innerkits/accesstoken/istoastshownneeded_fuzzer/corpus/init
@@ -0,0 +1,14 @@
+# Copyright (c) 2025 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+FUZZ
diff --git a/test/fuzztest/innerkits/privacy/getspecialseccompenhance_fuzzer/getspecialseccompenhance_fuzzer.cpp b/test/fuzztest/innerkits/accesstoken/istoastshownneeded_fuzzer/istoastshownneeded_fuzzer.cpp
similarity index 72%
rename from test/fuzztest/innerkits/privacy/getspecialseccompenhance_fuzzer/getspecialseccompenhance_fuzzer.cpp
rename to test/fuzztest/innerkits/accesstoken/istoastshownneeded_fuzzer/istoastshownneeded_fuzzer.cpp
index 85bea67be61dfb87fdeb19f60990289d2329e6de..5dd6fa8565ce8e6358ff4d1665c163a618e3b3fb 100644
--- a/test/fuzztest/innerkits/privacy/getspecialseccompenhance_fuzzer/getspecialseccompenhance_fuzzer.cpp
+++ b/test/fuzztest/innerkits/accesstoken/istoastshownneeded_fuzzer/istoastshownneeded_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Copyright (c) 2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -13,7 +13,7 @@
  * limitations under the License.
  */
 
-#include "getspecialseccompenhance_fuzzer.h"
+#include "istoastshownneeded_fuzzer.h"
 
 #include <iostream>
 #include <thread>
@@ -22,13 +22,13 @@
 
 #include "accesstoken_fuzzdata.h"
 #undef private
-#include "privacy_kit.h"
+#include "accesstoken_kit.h"
 
 using namespace std;
 using namespace OHOS::Security::AccessToken;
 
 namespace OHOS {
-    bool GetSpecialSecCompEnhanceFuzzTest(const uint8_t* data, size_t size)
+    bool IsToastShownNeededFuzzTest(const uint8_t* data, size_t size)
     {
         if ((data == nullptr) || (size == 0)) {
             return false;
@@ -36,9 +36,7 @@ namespace OHOS {
 
         AccessTokenFuzzData fuzzData(data, size);
 
-        std::vector<SecCompEnhanceData> enhanceList;
-
-        return PrivacyKit::GetSpecialSecCompEnhance(fuzzData.GenerateStochasticString(), enhanceList) == 0;
+        return AccessTokenKit::IsToastShownNeeded(fuzzData.GetData<int32_t>());
     }
 }
 
@@ -46,6 +44,6 @@ namespace OHOS {
 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
 {
     /* Run your code on data */
-    OHOS::GetSpecialSecCompEnhanceFuzzTest(data, size);
+    OHOS::IsToastShownNeededFuzzTest(data, size);
     return 0;
 }
diff --git a/test/fuzztest/innerkits/privacy/getspecialseccompenhance_fuzzer/getspecialseccompenhance_fuzzer.h b/test/fuzztest/innerkits/accesstoken/istoastshownneeded_fuzzer/istoastshownneeded_fuzzer.h
similarity index 67%
rename from test/fuzztest/innerkits/privacy/getspecialseccompenhance_fuzzer/getspecialseccompenhance_fuzzer.h
rename to test/fuzztest/innerkits/accesstoken/istoastshownneeded_fuzzer/istoastshownneeded_fuzzer.h
index adb87a6ee06ef5e254cc53290213ef8f3d3bf594..f17b40fc97a2449ce7a42d9a56b4d5f522b085a6 100644
--- a/test/fuzztest/innerkits/privacy/getspecialseccompenhance_fuzzer/getspecialseccompenhance_fuzzer.h
+++ b/test/fuzztest/innerkits/accesstoken/istoastshownneeded_fuzzer/istoastshownneeded_fuzzer.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Copyright (c) 2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -13,9 +13,9 @@
  * limitations under the License.
  */
 
-#ifndef TEST_FUZZTEST_GETSPECIALSECCOMPENHANCE_FUZZER_H
-#define TEST_FUZZTEST_GETSPECIALSECCOMPENHANCE_FUZZER_H
+#ifndef TEST_FUZZTEST_ISTOASTSHOWNNEEDED_FUZZER_H
+#define TEST_FUZZTEST_ISTOASTSHOWNNEEDED_FUZZER_H
 
-#define FUZZ_PROJECT_NAME "getspecialseccompenhance_fuzzer"
+#define FUZZ_PROJECT_NAME "istoastshownneeded_fuzzer"
 
-#endif // TEST_FUZZTEST_GETSPECIALSECCOMPENHANCE_FUZZER_H
+#endif // TEST_FUZZTEST_ISTOASTSHOWNNEEDED_FUZZER_H
diff --git a/test/fuzztest/services/privacy/registerseccompenhancestub_fuzzer/project.xml b/test/fuzztest/innerkits/accesstoken/istoastshownneeded_fuzzer/project.xml
similarity index 95%
rename from test/fuzztest/services/privacy/registerseccompenhancestub_fuzzer/project.xml
rename to test/fuzztest/innerkits/accesstoken/istoastshownneeded_fuzzer/project.xml
index 7133b2b92440904a5ed04b838733acea0f97486a..66e1dcac475475fb101b6f8670ec699e6e9696aa 100644
--- a/test/fuzztest/services/privacy/registerseccompenhancestub_fuzzer/project.xml
+++ b/test/fuzztest/innerkits/accesstoken/istoastshownneeded_fuzzer/project.xml
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="utf-8"?>
-<!-- Copyright (c) 2024 Huawei Device Co., Ltd.
+<!-- Copyright (c) 2025 Huawei Device Co., Ltd.
 
      Licensed under the Apache License, Version 2.0 (the "License");
      you may not use this file except in compliance with the License.
diff --git a/test/fuzztest/innerkits/privacy/registerseccompenhance_fuzzer/BUILD.gn b/test/fuzztest/innerkits/accesstoken/registerseccompenhance_fuzzer/BUILD.gn
similarity index 89%
rename from test/fuzztest/innerkits/privacy/registerseccompenhance_fuzzer/BUILD.gn
rename to test/fuzztest/innerkits/accesstoken/registerseccompenhance_fuzzer/BUILD.gn
index d63a7d3a77ace5d9b0dc71e59a06bd36d784e38a..37949c4d73e8d3f3c6c3c7800ce2071c87f922cc 100644
--- a/test/fuzztest/innerkits/privacy/registerseccompenhance_fuzzer/BUILD.gn
+++ b/test/fuzztest/innerkits/accesstoken/registerseccompenhance_fuzzer/BUILD.gn
@@ -16,7 +16,7 @@ import("//build/test.gni")
 import("../../../../../access_token.gni")
 
 ohos_fuzztest("RegisterSecCompEnhanceFuzzTest") {
-  module_out_path = module_output_path_interface_privacy
+  module_out_path = module_output_path_interface_access_token
   fuzz_config_file = "."
   include_dirs = [
     "${access_token_path}/interfaces/innerkits/accesstoken/include",
@@ -30,7 +30,9 @@ ohos_fuzztest("RegisterSecCompEnhanceFuzzTest") {
   ]
   sources = [ "registerseccompenhance_fuzzer.cpp" ]
 
-  deps = [ "${access_token_path}/interfaces/innerkits/privacy:libprivacy_sdk" ]
+  deps = [
+    "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk",
+  ]
 
   configs = [ "${access_token_path}/config:coverage_flags" ]
 
diff --git a/test/fuzztest/innerkits/privacy/getspecialseccompenhance_fuzzer/corpus/init b/test/fuzztest/innerkits/accesstoken/registerseccompenhance_fuzzer/corpus/init
similarity index 100%
rename from test/fuzztest/innerkits/privacy/getspecialseccompenhance_fuzzer/corpus/init
rename to test/fuzztest/innerkits/accesstoken/registerseccompenhance_fuzzer/corpus/init
diff --git a/test/fuzztest/innerkits/accesstoken/unregistertokensynccallback_fuzzer/project.xml b/test/fuzztest/innerkits/accesstoken/registerseccompenhance_fuzzer/project.xml
similarity index 100%
rename from test/fuzztest/innerkits/accesstoken/unregistertokensynccallback_fuzzer/project.xml
rename to test/fuzztest/innerkits/accesstoken/registerseccompenhance_fuzzer/project.xml
diff --git a/test/fuzztest/innerkits/privacy/registerseccompenhance_fuzzer/registerseccompenhance_fuzzer.cpp b/test/fuzztest/innerkits/accesstoken/registerseccompenhance_fuzzer/registerseccompenhance_fuzzer.cpp
similarity index 94%
rename from test/fuzztest/innerkits/privacy/registerseccompenhance_fuzzer/registerseccompenhance_fuzzer.cpp
rename to test/fuzztest/innerkits/accesstoken/registerseccompenhance_fuzzer/registerseccompenhance_fuzzer.cpp
index dbd328e0994e540c6efdba24ac31fcdd769c3222..b18d9fa5127f3dcec333e3894101eb09f5ca62d4 100644
--- a/test/fuzztest/innerkits/privacy/registerseccompenhance_fuzzer/registerseccompenhance_fuzzer.cpp
+++ b/test/fuzztest/innerkits/accesstoken/registerseccompenhance_fuzzer/registerseccompenhance_fuzzer.cpp
@@ -22,7 +22,7 @@
 
 #include "accesstoken_fuzzdata.h"
 #undef private
-#include "privacy_kit.h"
+#include "accesstoken_kit.h"
 
 using namespace std;
 using namespace OHOS::Security::AccessToken;
@@ -44,7 +44,7 @@ namespace OHOS {
         secData.sessionId = fuzzData.GetData<uint32_t>();
         secData.seqNum = fuzzData.GetData<uint32_t>();
 
-        return PrivacyKit::RegisterSecCompEnhance(secData) == 0;
+        return AccessTokenKit::RegisterSecCompEnhance(secData) == 0;
     }
 }
 
diff --git a/test/fuzztest/innerkits/privacy/registerseccompenhance_fuzzer/registerseccompenhance_fuzzer.h b/test/fuzztest/innerkits/accesstoken/registerseccompenhance_fuzzer/registerseccompenhance_fuzzer.h
similarity index 100%
rename from test/fuzztest/innerkits/privacy/registerseccompenhance_fuzzer/registerseccompenhance_fuzzer.h
rename to test/fuzztest/innerkits/accesstoken/registerseccompenhance_fuzzer/registerseccompenhance_fuzzer.h
diff --git a/test/fuzztest/innerkits/accesstoken/registertokensynccallback_fuzzer/BUILD.gn b/test/fuzztest/innerkits/accesstoken/registertokensynccallback_fuzzer/BUILD.gn
deleted file mode 100644
index 836076e0484b2442b697f736e973383a354157f2..0000000000000000000000000000000000000000
--- a/test/fuzztest/innerkits/accesstoken/registertokensynccallback_fuzzer/BUILD.gn
+++ /dev/null
@@ -1,45 +0,0 @@
-# Copyright (c) 2024 Huawei Device Co., Ltd.
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-import("//build/config/features.gni")
-import("//build/test.gni")
-import("../../../../../access_token.gni")
-
-ohos_fuzztest("RegisterTokenSyncCallbackFuzzTest") {
-  module_out_path = module_output_path_interface_access_token
-  fuzz_config_file = "."
-  include_dirs =
-      [ "${access_token_path}/interfaces/innerkits/accesstoken/include" ]
-  cflags = [
-    "-g",
-    "-O0",
-    "-Wno-unused-variable",
-    "-fno-omit-frame-pointer",
-  ]
-  sources = [ "registertokensynccallback_fuzzer.cpp" ]
-  deps = [
-    "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk",
-    "${access_token_path}/interfaces/innerkits/token_setproc:libtoken_setproc",
-  ]
-
-  configs = [ "${access_token_path}/config:coverage_flags" ]
-
-  external_deps = [
-    "c_utils:utils",
-    "hilog:libhilog",
-  ]
-
-  if (token_sync_enable == true) {
-    cflags_cc = [ "-DTOKEN_SYNC_ENABLE" ]
-  }
-}
diff --git a/test/fuzztest/innerkits/accesstoken/unregistertokensynccallback_fuzzer/BUILD.gn b/test/fuzztest/innerkits/accesstoken/unregistertokensynccallback_fuzzer/BUILD.gn
deleted file mode 100644
index d55da6283a5fea6d8713f545e955b645cd4db0e2..0000000000000000000000000000000000000000
--- a/test/fuzztest/innerkits/accesstoken/unregistertokensynccallback_fuzzer/BUILD.gn
+++ /dev/null
@@ -1,45 +0,0 @@
-# Copyright (c) 2024 Huawei Device Co., Ltd.
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-import("//build/config/features.gni")
-import("//build/test.gni")
-import("../../../../../access_token.gni")
-
-ohos_fuzztest("UnRegisterTokenSyncCallbackFuzzTest") {
-  module_out_path = module_output_path_interface_access_token
-  fuzz_config_file = "."
-  include_dirs =
-      [ "${access_token_path}/interfaces/innerkits/accesstoken/include" ]
-  cflags = [
-    "-g",
-    "-O0",
-    "-Wno-unused-variable",
-    "-fno-omit-frame-pointer",
-  ]
-  sources = [ "unregistertokensynccallback_fuzzer.cpp" ]
-  deps = [
-    "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk",
-    "${access_token_path}/interfaces/innerkits/token_setproc:libtoken_setproc",
-  ]
-
-  configs = [ "${access_token_path}/config:coverage_flags" ]
-
-  external_deps = [
-    "c_utils:utils",
-    "hilog:libhilog",
-  ]
-
-  if (token_sync_enable == true) {
-    cflags_cc = [ "-DTOKEN_SYNC_ENABLE" ]
-  }
-}
diff --git a/test/fuzztest/innerkits/privacy/updateseccompenhance_fuzzer/BUILD.gn b/test/fuzztest/innerkits/accesstoken/updateseccompenhance_fuzzer/BUILD.gn
similarity index 88%
rename from test/fuzztest/innerkits/privacy/updateseccompenhance_fuzzer/BUILD.gn
rename to test/fuzztest/innerkits/accesstoken/updateseccompenhance_fuzzer/BUILD.gn
index 8793950f824742961efd0c12505ae6903c1107fb..2c7dfa6a5c40522fabbf836233393bd6aa5d531d 100644
--- a/test/fuzztest/innerkits/privacy/updateseccompenhance_fuzzer/BUILD.gn
+++ b/test/fuzztest/innerkits/accesstoken/updateseccompenhance_fuzzer/BUILD.gn
@@ -16,7 +16,7 @@ import("//build/test.gni")
 import("../../../../../access_token.gni")
 
 ohos_fuzztest("UpdateSecCompEnhanceFuzzTest") {
-  module_out_path = module_output_path_interface_privacy
+  module_out_path = module_output_path_interface_access_token
   fuzz_config_file = "."
   include_dirs = [
     "${access_token_path}/interfaces/innerkits/accesstoken/include",
@@ -30,7 +30,9 @@ ohos_fuzztest("UpdateSecCompEnhanceFuzzTest") {
   ]
   sources = [ "updateseccompenhance_fuzzer.cpp" ]
 
-  deps = [ "${access_token_path}/interfaces/innerkits/privacy:libprivacy_sdk" ]
+  deps = [
+    "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk",
+  ]
 
   configs = [ "${access_token_path}/config:coverage_flags" ]
 
diff --git a/test/fuzztest/innerkits/privacy/registerseccompenhance_fuzzer/corpus/init b/test/fuzztest/innerkits/accesstoken/updateseccompenhance_fuzzer/corpus/init
similarity index 100%
rename from test/fuzztest/innerkits/privacy/registerseccompenhance_fuzzer/corpus/init
rename to test/fuzztest/innerkits/accesstoken/updateseccompenhance_fuzzer/corpus/init
diff --git a/test/fuzztest/innerkits/privacy/getseccompenhance_fuzzer/project.xml b/test/fuzztest/innerkits/accesstoken/updateseccompenhance_fuzzer/project.xml
similarity index 100%
rename from test/fuzztest/innerkits/privacy/getseccompenhance_fuzzer/project.xml
rename to test/fuzztest/innerkits/accesstoken/updateseccompenhance_fuzzer/project.xml
diff --git a/test/fuzztest/innerkits/privacy/updateseccompenhance_fuzzer/updateseccompenhance_fuzzer.cpp b/test/fuzztest/innerkits/accesstoken/updateseccompenhance_fuzzer/updateseccompenhance_fuzzer.cpp
similarity index 89%
rename from test/fuzztest/innerkits/privacy/updateseccompenhance_fuzzer/updateseccompenhance_fuzzer.cpp
rename to test/fuzztest/innerkits/accesstoken/updateseccompenhance_fuzzer/updateseccompenhance_fuzzer.cpp
index 8dcf3b3762969e8c044ae8373e0b626bd053cc08..ae4fcaf3fc779ded9c682bec5eb1444258a8eea0 100644
--- a/test/fuzztest/innerkits/privacy/updateseccompenhance_fuzzer/updateseccompenhance_fuzzer.cpp
+++ b/test/fuzztest/innerkits/accesstoken/updateseccompenhance_fuzzer/updateseccompenhance_fuzzer.cpp
@@ -22,7 +22,7 @@
 
 #include "accesstoken_fuzzdata.h"
 #undef private
-#include "privacy_kit.h"
+#include "accesstoken_kit.h"
 
 using namespace std;
 using namespace OHOS::Security::AccessToken;
@@ -36,7 +36,7 @@ namespace OHOS {
 
         AccessTokenFuzzData fuzzData(data, size);
 
-        return PrivacyKit::UpdateSecCompEnhance(fuzzData.GetData<int32_t>(), fuzzData.GetData<uint32_t>()) == 0;
+        return AccessTokenKit::UpdateSecCompEnhance(fuzzData.GetData<int32_t>(), fuzzData.GetData<uint32_t>()) == 0;
     }
 }
 
diff --git a/test/fuzztest/innerkits/privacy/updateseccompenhance_fuzzer/updateseccompenhance_fuzzer.h b/test/fuzztest/innerkits/accesstoken/updateseccompenhance_fuzzer/updateseccompenhance_fuzzer.h
similarity index 100%
rename from test/fuzztest/innerkits/privacy/updateseccompenhance_fuzzer/updateseccompenhance_fuzzer.h
rename to test/fuzztest/innerkits/accesstoken/updateseccompenhance_fuzzer/updateseccompenhance_fuzzer.h
diff --git a/test/fuzztest/innerkits/privacy/BUILD.gn b/test/fuzztest/innerkits/privacy/BUILD.gn
index 6c9eb2ded8c10e6cc504d7cc9b251700c3b37a39..8d25a97a46d812eb9fb41fcb2b75e70d915b8d49 100644
--- a/test/fuzztest/innerkits/privacy/BUILD.gn
+++ b/test/fuzztest/innerkits/privacy/BUILD.gn
@@ -18,6 +18,7 @@ group("fuzztest") {
   if (is_standard_system && ability_base_enable == true) {
     deps += [
       "addpermissionusedrecord_fuzzer:AddPermissionUsedRecordFuzzTest",
+      "addpermissionusedrecordasync_fuzzer:AddPermissionUsedRecordAsyncFuzzTest",
       "getpermissionusedrecords_fuzzer:GetPermissionUsedRecordsFuzzTest",
       "getpermissionusedrecordtogglestatus_fuzzer:GetPermissionUsedRecordToggleStatusFuzzTest",
       "getpermissionusedtypeinfos_fuzzer:GetPermissionUsedTypeInfosFuzzTest",
@@ -31,13 +32,5 @@ group("fuzztest") {
       "stopusingpermission_fuzzer:StopUsingPermissionFuzzTest",
       "unregisterpermactivestatuscallback_fuzzer:UnRegisterPermActiveStatusCallbackFuzzTest",
     ]
-    if (security_component_enhance_enable) {
-      deps += [
-        "getseccompenhance_fuzzer:GetSecCompEnhanceFuzzTest",
-        "getspecialseccompenhance_fuzzer:GetSpecialSecCompEnhanceFuzzTest",
-        "registerseccompenhance_fuzzer:RegisterSecCompEnhanceFuzzTest",
-        "updateseccompenhance_fuzzer:UpdateSecCompEnhanceFuzzTest",
-      ]
-    }
   }
 }
diff --git a/test/fuzztest/innerkits/privacy/getspecialseccompenhance_fuzzer/BUILD.gn b/test/fuzztest/innerkits/privacy/addpermissionusedrecordasync_fuzzer/BUILD.gn
similarity index 85%
rename from test/fuzztest/innerkits/privacy/getspecialseccompenhance_fuzzer/BUILD.gn
rename to test/fuzztest/innerkits/privacy/addpermissionusedrecordasync_fuzzer/BUILD.gn
index 96844110a9914ffc69e5109ceeeac7506425f1df..da27010f055cfdf08e603e1026313d1d7d58af30 100644
--- a/test/fuzztest/innerkits/privacy/getspecialseccompenhance_fuzzer/BUILD.gn
+++ b/test/fuzztest/innerkits/privacy/addpermissionusedrecordasync_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2024 Huawei Device Co., Ltd.
+# Copyright (c) 2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -15,7 +15,7 @@ import("//build/config/features.gni")
 import("//build/test.gni")
 import("../../../../../access_token.gni")
 
-ohos_fuzztest("GetSpecialSecCompEnhanceFuzzTest") {
+ohos_fuzztest("AddPermissionUsedRecordAsyncFuzzTest") {
   module_out_path = module_output_path_interface_privacy
   fuzz_config_file = "."
   include_dirs = [
@@ -28,14 +28,12 @@ ohos_fuzztest("GetSpecialSecCompEnhanceFuzzTest") {
     "-Wno-unused-variable",
     "-fno-omit-frame-pointer",
   ]
-  sources = [ "getspecialseccompenhance_fuzzer.cpp" ]
+  sources = [ "addpermissionusedrecordasync_fuzzer.cpp" ]
 
   deps = [ "${access_token_path}/interfaces/innerkits/privacy:libprivacy_sdk" ]
 
   configs = [ "${access_token_path}/config:coverage_flags" ]
 
-  cflags_cc = [ "-DSECURITY_COMPONENT_ENHANCE_ENABLE" ]
-
   external_deps = [
     "c_utils:utils",
     "hilog:libhilog",
diff --git a/test/fuzztest/innerkits/privacy/addpermissionusedrecordasync_fuzzer/addpermissionusedrecordasync_fuzzer.cpp b/test/fuzztest/innerkits/privacy/addpermissionusedrecordasync_fuzzer/addpermissionusedrecordasync_fuzzer.cpp
new file mode 100644
index 0000000000000000000000000000000000000000..16d20756b5ca986e89197c27e0395926182231c5
--- /dev/null
+++ b/test/fuzztest/innerkits/privacy/addpermissionusedrecordasync_fuzzer/addpermissionusedrecordasync_fuzzer.cpp
@@ -0,0 +1,56 @@
+/*
+ * Copyright (c) 2025 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "addpermissionusedrecordasync_fuzzer.h"
+
+#include <iostream>
+#include <thread>
+#include <string>
+#include <vector>
+
+#include "accesstoken_fuzzdata.h"
+#undef private
+#include "privacy_kit.h"
+
+using namespace std;
+using namespace OHOS::Security::AccessToken;
+
+namespace OHOS {
+    bool AddPermissionUsedRecordAsyncFuzzTest(const uint8_t* data, size_t size)
+    {
+        if ((data == nullptr) || (size == 0)) {
+            return false;
+        }
+
+        AccessTokenFuzzData fuzzData(data, size);
+
+        AddPermParamInfo info;
+        info.tokenId = static_cast<AccessTokenID>(fuzzData.GetData<uint32_t>());
+        info.permissionName = fuzzData.GenerateStochasticString();
+        info.successCount = fuzzData.GetData<int32_t>();
+        info.failCount = fuzzData.GetData<int32_t>();
+        info.type = fuzzData.GenerateStochasticEnmu<PermissionUsedType>(PERM_USED_TYPE_BUTT);
+
+        return PrivacyKit::AddPermissionUsedRecord(info, true) == 0;
+    }
+}
+
+/* Fuzzer entry point */
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
+{
+    /* Run your code on data */
+    OHOS::AddPermissionUsedRecordAsyncFuzzTest(data, size);
+    return 0;
+}
diff --git a/test/fuzztest/services/privacy/getspecialseccompenhancestub_fuzzer/getspecialseccompenhancestub_fuzzer.h b/test/fuzztest/innerkits/privacy/addpermissionusedrecordasync_fuzzer/addpermissionusedrecordasync_fuzzer.h
similarity index 65%
rename from test/fuzztest/services/privacy/getspecialseccompenhancestub_fuzzer/getspecialseccompenhancestub_fuzzer.h
rename to test/fuzztest/innerkits/privacy/addpermissionusedrecordasync_fuzzer/addpermissionusedrecordasync_fuzzer.h
index 5b4a35f82afce03fc0bdc3c2a2a6fa8d83195cd9..a63800093a0de7ea884aae027764d10508f73893 100644
--- a/test/fuzztest/services/privacy/getspecialseccompenhancestub_fuzzer/getspecialseccompenhancestub_fuzzer.h
+++ b/test/fuzztest/innerkits/privacy/addpermissionusedrecordasync_fuzzer/addpermissionusedrecordasync_fuzzer.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Copyright (c) 2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -13,9 +13,9 @@
  * limitations under the License.
  */
 
-#ifndef TEST_FUZZTEST_GETSPECIALSECCOMPENHANCESTUB_FUZZER_H
-#define TEST_FUZZTEST_GETSPECIALSECCOMPENHANCESTUB_FUZZER_H
+#ifndef TEST_FUZZTEST_ADDPERMISSIONUSEDRECORDASYNC_FUZZER_H
+#define TEST_FUZZTEST_ADDPERMISSIONUSEDRECORDASYNC_FUZZER_H
 
-#define FUZZ_PROJECT_NAME "getspecialseccompenhancestub_fuzzer"
+#define FUZZ_PROJECT_NAME "addpermissionusedrecordasync_fuzzer"
 
-#endif // TEST_FUZZTEST_GETSPECIALSECCOMPENHANCESTUB_FUZZER_H
+#endif // TEST_FUZZTEST_ADDPERMISSIONUSEDRECORDASYNC_FUZZER_H
diff --git a/test/fuzztest/services/privacy/registerseccompenhancestub_fuzzer/corpus/init b/test/fuzztest/innerkits/privacy/addpermissionusedrecordasync_fuzzer/corpus/init
similarity index 92%
rename from test/fuzztest/services/privacy/registerseccompenhancestub_fuzzer/corpus/init
rename to test/fuzztest/innerkits/privacy/addpermissionusedrecordasync_fuzzer/corpus/init
index e7c3fecd8d4d4816e40088113a2316bb9eb2e13f..65af8ee8d11bf23407ea34d4de49f7cbb6a2b791 100644
--- a/test/fuzztest/services/privacy/registerseccompenhancestub_fuzzer/corpus/init
+++ b/test/fuzztest/innerkits/privacy/addpermissionusedrecordasync_fuzzer/corpus/init
@@ -1,4 +1,4 @@
-# Copyright (c) 2024 Huawei Device Co., Ltd.
+# Copyright (c) 2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
diff --git a/test/fuzztest/services/privacy/getseccompenhancestub_fuzzer/project.xml b/test/fuzztest/innerkits/privacy/addpermissionusedrecordasync_fuzzer/project.xml
similarity index 95%
rename from test/fuzztest/services/privacy/getseccompenhancestub_fuzzer/project.xml
rename to test/fuzztest/innerkits/privacy/addpermissionusedrecordasync_fuzzer/project.xml
index 7133b2b92440904a5ed04b838733acea0f97486a..66e1dcac475475fb101b6f8670ec699e6e9696aa 100644
--- a/test/fuzztest/services/privacy/getseccompenhancestub_fuzzer/project.xml
+++ b/test/fuzztest/innerkits/privacy/addpermissionusedrecordasync_fuzzer/project.xml
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="utf-8"?>
-<!-- Copyright (c) 2024 Huawei Device Co., Ltd.
+<!-- Copyright (c) 2025 Huawei Device Co., Ltd.
 
      Licensed under the Apache License, Version 2.0 (the "License");
      you may not use this file except in compliance with the License.
diff --git a/test/fuzztest/services/accesstoken/BUILD.gn b/test/fuzztest/services/accesstoken/BUILD.gn
index 99767dcd121b6ef2222e50f44a1aa95c9658ebed..af89fb3ed827d58ef57469dd1dd020308ab001ef 100644
--- a/test/fuzztest/services/accesstoken/BUILD.gn
+++ b/test/fuzztest/services/accesstoken/BUILD.gn
@@ -39,6 +39,7 @@ group("fuzztest") {
     "getreqpermissionbynamestub_fuzzer:GetReqPermissionByNameStubFuzzTest",
     "getreqpermissionsstub_fuzzer:GetReqPermissionsStubFuzzTest",
     "getselfpermissionsstatestub_fuzzer:GetSelfPermissionsStateStubFuzzTest",
+    "getselfpermissionstatusstub_fuzzer:GetSelfPermissionStatusStubFuzzTest",
     "gettokenidbyuseridstub_fuzzer:GetTokenIDByUserIDStubFuzzTest",
     "gettokentypestub_fuzzer:GetTokenTypeStubFuzzTest",
     "grantpermissionforspecifiedtimestub_fuzzer:GrantPermissionForSpecifiedTimeStubFuzzTest",
@@ -70,4 +71,11 @@ group("fuzztest") {
       "setfirstcallertokenid_fuzzer:SetFirstCallerTokenIDFuzzTest",
     ]
   }
+  if (security_component_enhance_enable) {
+    deps += [
+      "getseccompenhancestub_fuzzer:GetSecCompEnhanceStubFuzzTest",
+      "registerseccompenhancestub_fuzzer:RegisterSecCompEnhanceStubFuzzTest",
+      "updateseccompenhancestub_fuzzer:UpdateSecCompEnhanceStubFuzzTest",
+    ]
+  }
 }
diff --git a/test/fuzztest/services/accesstoken/access_token_service_fuzz.gni b/test/fuzztest/services/accesstoken/access_token_service_fuzz.gni
index e48ac73d97a4ec3ac926316416cea23a4cbb56cf..9e61ae9cc940cd1b11124b9a4e25af6a51715443 100644
--- a/test/fuzztest/services/accesstoken/access_token_service_fuzz.gni
+++ b/test/fuzztest/services/accesstoken/access_token_service_fuzz.gni
@@ -1,4 +1,4 @@
-# Copyright (c) 2024 Huawei Device Co., Ltd.
+# Copyright (c) 2024-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -17,8 +17,9 @@ import("../../../../access_token.gni")
 access_token_include_dirs = [
   "${access_token_path}/services/accesstokenmanager/main/cpp/include",
   "${access_token_path}/services/accesstokenmanager/main/cpp/include/callback",
-  "${access_token_path}/services/accesstokenmanager/main/cpp/include/service",
   "${access_token_path}/services/accesstokenmanager/main/cpp/include/form_manager",
+  "${access_token_path}/services/accesstokenmanager/main/cpp/include/seccomp",
+  "${access_token_path}/services/accesstokenmanager/main/cpp/include/service",
   "${access_token_path}/services/accesstokenmanager/main/cpp/include/token",
   "${access_token_path}/services/accesstokenmanager/main/cpp/include/permission",
   "${access_token_path}/services/accesstokenmanager/main/cpp/include/database",
@@ -31,7 +32,9 @@ access_token_include_dirs = [
   "${access_token_path}/services/tokensyncmanager/include/protocol",
   "${access_token_path}/frameworks/common/include",
   "${access_token_path}/frameworks/accesstoken/include",
+  "${access_token_path}/frameworks/privacy/include",
   "${access_token_path}/interfaces/innerkits/privacy/include",
+  "${access_token_path}/interfaces/innerkits/privacy/src",
   "${access_token_path}/interfaces/innerkits/tokensync/src",
   "${access_token_path}/services/common/ability_manager/include",
   "${access_token_path}/services/common/app_manager/include",
@@ -56,6 +59,7 @@ access_token_deps = [
   "${access_token_path}/interfaces/innerkits/token_setproc:libtokensetproc_shared",
   "${access_token_path}/services/accesstokenmanager:access_token.rc",
   "${access_token_path}/services/accesstokenmanager/etc:param_files",
+  "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_stub",
   "${access_token_path}/services/common:accesstoken_service_common",
   "${access_token_path}/services/common/json_parse:accesstoken_cjson_utils",
 ]
@@ -99,8 +103,8 @@ access_token_sources = [
   "${access_token_path}/services/accesstokenmanager/main/cpp/src/permission/permission_validator.cpp",
   "${access_token_path}/services/accesstokenmanager/main/cpp/src/permission/short_grant_manager.cpp",
   "${access_token_path}/services/accesstokenmanager/main/cpp/src/permission/temp_permission_observer.cpp",
+  "${access_token_path}/services/accesstokenmanager/main/cpp/src/seccomp/sec_comp_monitor.cpp",
   "${access_token_path}/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp",
-  "${access_token_path}/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp",
   "${access_token_path}/services/accesstokenmanager/main/cpp/src/token/accesstoken_id_manager.cpp",
   "${access_token_path}/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp",
   "${access_token_path}/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp",
diff --git a/test/fuzztest/services/accesstoken/allochaptokenstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/allochaptokenstub_fuzzer/BUILD.gn
index 72c33dd1538932bc77bf79c8deb6faa49be13624..0f649acb5c9e19b4c98db0dc279b6e28cb662d7b 100644
--- a/test/fuzztest/services/accesstoken/allochaptokenstub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/accesstoken/allochaptokenstub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2023 Huawei Device Co., Ltd.
+# Copyright (c) 2023-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -33,7 +33,10 @@ ohos_fuzztest("AllocHapTokenStubFuzzTest") {
 
   deps = access_token_deps
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
   external_deps = access_token_external_deps
 
diff --git a/test/fuzztest/services/accesstoken/allochaptokenstub_fuzzer/allochaptokenstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/allochaptokenstub_fuzzer/allochaptokenstub_fuzzer.cpp
index 15da22d9aecf7f7a433a461a56de1e9006523ed7..0125f79fb1d158a15da7929bc589f23abbb4f50e 100644
--- a/test/fuzztest/services/accesstoken/allochaptokenstub_fuzzer/allochaptokenstub_fuzzer.cpp
+++ b/test/fuzztest/services/accesstoken/allochaptokenstub_fuzzer/allochaptokenstub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023-2024 Huawei Device Co., Ltd.
+ * Copyright (c) 2023-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -24,7 +24,7 @@
 #undef private
 #include "accesstoken_manager_service.h"
 #include "hap_info_parcel.h"
-#include "i_accesstoken_manager.h"
+#include "iaccess_token_manager.h"
 
 using namespace std;
 using namespace OHOS::Security::AccessToken;
@@ -93,7 +93,7 @@ namespace OHOS {
         }
 
         uint32_t code = static_cast<uint32_t>(
-            AccessTokenInterfaceCode::ALLOC_TOKEN_HAP);
+            IAccessTokenManagerIpcCode::COMMAND_ALLOC_HAP_TOKEN);
 
         MessageParcel reply;
         MessageOption option;
diff --git a/test/fuzztest/services/accesstoken/alloclocaltokenidstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/alloclocaltokenidstub_fuzzer/BUILD.gn
index 16c34223efd86b6027ff11074f406a92569c2954..935dc5a39606ca631a3716f353ebc32913b7c118 100644
--- a/test/fuzztest/services/accesstoken/alloclocaltokenidstub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/accesstoken/alloclocaltokenidstub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2023 Huawei Device Co., Ltd.
+# Copyright (c) 2023-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -33,7 +33,10 @@ ohos_fuzztest("AllocLocalTokenIDStubFuzzTest") {
 
   deps = access_token_deps
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
   external_deps = access_token_external_deps
 
diff --git a/test/fuzztest/services/accesstoken/alloclocaltokenidstub_fuzzer/alloclocaltokenidstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/alloclocaltokenidstub_fuzzer/alloclocaltokenidstub_fuzzer.cpp
index afca023e194c3574d01d56261c9f14892046d9df..79e4f2c43b9424d965a4d07ac95dc9167365a4b9 100644
--- a/test/fuzztest/services/accesstoken/alloclocaltokenidstub_fuzzer/alloclocaltokenidstub_fuzzer.cpp
+++ b/test/fuzztest/services/accesstoken/alloclocaltokenidstub_fuzzer/alloclocaltokenidstub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023 Huawei Device Co., Ltd.
+ * Copyright (c) 2023-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -23,7 +23,7 @@
 #include "accesstoken_fuzzdata.h"
 #undef private
 #include "accesstoken_manager_service.h"
-#include "i_accesstoken_manager.h"
+#include "iaccess_token_manager.h"
 
 using namespace std;
 using namespace OHOS::Security::AccessToken;
@@ -48,7 +48,7 @@ namespace OHOS {
         }
 
         uint32_t code = static_cast<uint32_t>(
-            AccessTokenInterfaceCode::ALLOC_LOCAL_TOKEN_ID);
+            IAccessTokenManagerIpcCode::COMMAND_ALLOC_LOCAL_TOKEN_I_D);
 
         MessageParcel reply;
         MessageOption option;
diff --git a/test/fuzztest/services/accesstoken/clearusergrantedpermissionstatestub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/clearusergrantedpermissionstatestub_fuzzer/BUILD.gn
index 8e0863d3bf64db66ec16a10a40eb6b2257c0dedc..c7a63b3a1d1ead416bf7288452a1c9d350b16412 100644
--- a/test/fuzztest/services/accesstoken/clearusergrantedpermissionstatestub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/accesstoken/clearusergrantedpermissionstatestub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2023 Huawei Device Co., Ltd.
+# Copyright (c) 2023-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -33,7 +33,10 @@ ohos_fuzztest("ClearUserGrantedPermissionStateStubFuzzTest") {
 
   deps = access_token_deps
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
   external_deps = access_token_external_deps
 
diff --git a/test/fuzztest/services/accesstoken/clearusergrantedpermissionstatestub_fuzzer/clearusergrantedpermissionstatestub_fuzzer.cpp b/test/fuzztest/services/accesstoken/clearusergrantedpermissionstatestub_fuzzer/clearusergrantedpermissionstatestub_fuzzer.cpp
index 74b20b9536af374e0a4de7d7428984ef9c8230c2..6d0865fe8d009e5896b11b9a8a8a706c9898094f 100644
--- a/test/fuzztest/services/accesstoken/clearusergrantedpermissionstatestub_fuzzer/clearusergrantedpermissionstatestub_fuzzer.cpp
+++ b/test/fuzztest/services/accesstoken/clearusergrantedpermissionstatestub_fuzzer/clearusergrantedpermissionstatestub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023 Huawei Device Co., Ltd.
+ * Copyright (c) 2023-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -23,7 +23,7 @@
 #include "accesstoken_fuzzdata.h"
 #undef private
 #include "accesstoken_manager_service.h"
-#include "i_accesstoken_manager.h"
+#include "iaccess_token_manager.h"
 
 using namespace std;
 using namespace OHOS::Security::AccessToken;
@@ -46,7 +46,7 @@ namespace OHOS {
         }
 
         uint32_t code = static_cast<uint32_t>(
-            AccessTokenInterfaceCode::CLEAR_USER_GRANT_PERMISSION);
+            IAccessTokenManagerIpcCode::COMMAND_CLEAR_USER_GRANTED_PERMISSION_STATE);
 
         MessageParcel reply;
         MessageOption option;
diff --git a/test/fuzztest/services/accesstoken/deleteremotedevicetokensstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/deleteremotedevicetokensstub_fuzzer/BUILD.gn
index 03a4a1ceb2f7a5dec93427e71b6f6dd1e4d34019..8c7329171e7197f47def039be140259abd259991 100644
--- a/test/fuzztest/services/accesstoken/deleteremotedevicetokensstub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/accesstoken/deleteremotedevicetokensstub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2023 Huawei Device Co., Ltd.
+# Copyright (c) 2023-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -33,7 +33,10 @@ ohos_fuzztest("DeleteRemoteDeviceTokensStubFuzzTest") {
 
   deps = access_token_deps
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
   external_deps = access_token_external_deps
 
diff --git a/test/fuzztest/services/accesstoken/deleteremotedevicetokensstub_fuzzer/deleteremotedevicetokensstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/deleteremotedevicetokensstub_fuzzer/deleteremotedevicetokensstub_fuzzer.cpp
index cd02f2da0bcae6cb5ea89da5fee57793b417bc00..fd45b2931a8cc8ef825600cff1b82ab88679c85b 100644
--- a/test/fuzztest/services/accesstoken/deleteremotedevicetokensstub_fuzzer/deleteremotedevicetokensstub_fuzzer.cpp
+++ b/test/fuzztest/services/accesstoken/deleteremotedevicetokensstub_fuzzer/deleteremotedevicetokensstub_fuzzer.cpp
@@ -23,7 +23,7 @@
 #include "accesstoken_info_manager.h"
 #include "accesstoken_kit.h"
 #include "accesstoken_manager_service.h"
-#include "i_accesstoken_manager.h"
+#include "iaccess_token_manager.h"
 #include "token_setproc.h"
 
 using namespace std;
@@ -50,7 +50,7 @@ namespace OHOS {
         }
 
         uint32_t code = static_cast<uint32_t>(
-            AccessTokenInterfaceCode::DELETE_REMOTE_DEVICE_TOKEN);
+            IAccessTokenManagerIpcCode::COMMAND_DELETE_REMOTE_DEVICE_TOKENS);
 
         MessageParcel reply;
         MessageOption option;
@@ -58,7 +58,11 @@ namespace OHOS {
         if (enable) {
             AccessTokenID accesstoken = AccessTokenKit::GetNativeTokenId("token_sync_service");
             SetSelfTokenID(accesstoken);
-            AccessTokenInfoManager::GetInstance().Init();
+            uint32_t hapSize = 0;
+            uint32_t nativeSize = 0;
+            uint32_t pefDefSize = 0;
+            uint32_t dlpSize = 0;
+            AccessTokenInfoManager::GetInstance().Init(hapSize, nativeSize, pefDefSize, dlpSize);
         }
         DelayedSingleton<AccessTokenManagerService>::GetInstance()->OnRemoteRequest(code, datas, reply, option);
         AccessTokenID hdcd = AccessTokenKit::GetNativeTokenId("hdcd");
diff --git a/test/fuzztest/services/accesstoken/deleteremotetokenstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/deleteremotetokenstub_fuzzer/BUILD.gn
index 9985da7f89581a0ef03509da721cabb08c22780e..f3b5fd118d49782ed36d1b841dbdbc3ec3221a8a 100644
--- a/test/fuzztest/services/accesstoken/deleteremotetokenstub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/accesstoken/deleteremotetokenstub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2023 Huawei Device Co., Ltd.
+# Copyright (c) 2023-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -33,7 +33,10 @@ ohos_fuzztest("DeleteRemoteTokenStubFuzzTest") {
 
   deps = access_token_deps
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
   external_deps = access_token_external_deps
 
diff --git a/test/fuzztest/services/accesstoken/deleteremotetokenstub_fuzzer/deleteremotetokenstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/deleteremotetokenstub_fuzzer/deleteremotetokenstub_fuzzer.cpp
index 86ef252ac2bf449ecb1906e048655decae7fee26..cc7f7dca3e2c2c7ad4edfd3150862b6654b65043 100644
--- a/test/fuzztest/services/accesstoken/deleteremotetokenstub_fuzzer/deleteremotetokenstub_fuzzer.cpp
+++ b/test/fuzztest/services/accesstoken/deleteremotetokenstub_fuzzer/deleteremotetokenstub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023 Huawei Device Co., Ltd.
+ * Copyright (c) 2023-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -23,7 +23,7 @@
 #include "accesstoken_info_manager.h"
 #include "accesstoken_kit.h"
 #include "accesstoken_manager_service.h"
-#include "i_accesstoken_manager.h"
+#include "iaccess_token_manager.h"
 #include "token_setproc.h"
 
 using namespace std;
@@ -54,7 +54,7 @@ namespace OHOS {
         }
        
         uint32_t code = static_cast<uint32_t>(
-            AccessTokenInterfaceCode::DELETE_REMOTE_TOKEN_INFO);
+            IAccessTokenManagerIpcCode::COMMAND_DELETE_REMOTE_TOKEN);
 
         MessageParcel reply;
         MessageOption option;
@@ -62,7 +62,11 @@ namespace OHOS {
         if (enable) {
             AccessTokenID accesstoken = AccessTokenKit::GetNativeTokenId("token_sync_service");
             SetSelfTokenID(accesstoken);
-            AccessTokenInfoManager::GetInstance().Init();
+            uint32_t hapSize = 0;
+            uint32_t nativeSize = 0;
+            uint32_t pefDefSize = 0;
+            uint32_t dlpSize = 0;
+            AccessTokenInfoManager::GetInstance().Init(hapSize, nativeSize, pefDefSize, dlpSize);
         }
         DelayedSingleton<AccessTokenManagerService>::GetInstance()->OnRemoteRequest(code, datas, reply, option);
         AccessTokenID hdcd = AccessTokenKit::GetNativeTokenId("hdcd");
diff --git a/test/fuzztest/services/accesstoken/deletetokenstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/deletetokenstub_fuzzer/BUILD.gn
index f64cc370ef3958938468e4e73bbb06c99088d2bf..5063db50f21b075c8f5163d3aad133a1b51cfe77 100644
--- a/test/fuzztest/services/accesstoken/deletetokenstub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/accesstoken/deletetokenstub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2023 Huawei Device Co., Ltd.
+# Copyright (c) 2023-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -33,7 +33,10 @@ ohos_fuzztest("DeleteTokenStubFuzzTest") {
 
   deps = access_token_deps
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
   external_deps = access_token_external_deps
 
diff --git a/test/fuzztest/services/accesstoken/deletetokenstub_fuzzer/deletetokenstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/deletetokenstub_fuzzer/deletetokenstub_fuzzer.cpp
index 2048eeedce20d301f1dd10de65d64c6b20ca7b0c..80d797a4f5d812ec739de3cf54d8769e99e42d0b 100644
--- a/test/fuzztest/services/accesstoken/deletetokenstub_fuzzer/deletetokenstub_fuzzer.cpp
+++ b/test/fuzztest/services/accesstoken/deletetokenstub_fuzzer/deletetokenstub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023 Huawei Device Co., Ltd.
+ * Copyright (c) 2023-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -23,7 +23,7 @@
 #include "accesstoken_fuzzdata.h"
 #undef private
 #include "accesstoken_manager_service.h"
-#include "i_accesstoken_manager.h"
+#include "iaccess_token_manager.h"
 
 using namespace std;
 using namespace OHOS::Security::AccessToken;
@@ -47,7 +47,7 @@ namespace OHOS {
         }
 
         uint32_t code = static_cast<uint32_t>(
-            AccessTokenInterfaceCode::TOKEN_DELETE);
+            IAccessTokenManagerIpcCode::COMMAND_DELETE_TOKEN);
 
         MessageParcel reply;
         MessageOption option;
diff --git a/test/fuzztest/services/accesstoken/dumptokeninfostub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/dumptokeninfostub_fuzzer/BUILD.gn
index c2446867e34138d6eb6fc48e8fbb184294870bf9..b06825841e8c77a77abbd417998acf60393cd525 100644
--- a/test/fuzztest/services/accesstoken/dumptokeninfostub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/accesstoken/dumptokeninfostub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2023 Huawei Device Co., Ltd.
+# Copyright (c) 2023-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -33,7 +33,10 @@ ohos_fuzztest("DumpTokenInfoStubFuzzTest") {
 
   deps = access_token_deps
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
   external_deps = access_token_external_deps
 
diff --git a/test/fuzztest/services/accesstoken/dumptokeninfostub_fuzzer/dumptokeninfostub_fuzzer.cpp b/test/fuzztest/services/accesstoken/dumptokeninfostub_fuzzer/dumptokeninfostub_fuzzer.cpp
index b60d7399638346d48f1b66873d7a0a6afade1c57..03ff2eaa46c4fb2931c7ed70d7901fc96cb9d92c 100644
--- a/test/fuzztest/services/accesstoken/dumptokeninfostub_fuzzer/dumptokeninfostub_fuzzer.cpp
+++ b/test/fuzztest/services/accesstoken/dumptokeninfostub_fuzzer/dumptokeninfostub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023 Huawei Device Co., Ltd.
+ * Copyright (c) 2023-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -21,7 +21,7 @@
 #include "accesstoken_fuzzdata.h"
 #undef private
 #include "accesstoken_manager_service.h"
-#include "i_accesstoken_manager.h"
+#include "iaccess_token_manager.h"
 
 using namespace std;
 using namespace OHOS::Security::AccessToken;
@@ -38,12 +38,17 @@ namespace OHOS {
         
         MessageParcel datas;
         datas.WriteInterfaceToken(IAccessTokenManager::GetDescriptor());
-        if (!datas.WriteUint32(tokenId)) {
+
+        AtmToolsParamInfo info;
+        info.tokenId = tokenId;
+        AtmToolsParamInfoParcel infoParcel;
+        infoParcel.info = info;
+        if (!datas.WriteParcelable(&infoParcel)) {
             return false;
         }
        
         uint32_t code = static_cast<uint32_t>(
-            AccessTokenInterfaceCode::DUMP_TOKENINFO);
+            IAccessTokenManagerIpcCode::COMMAND_DUMP_TOKEN_INFO);
 
         MessageParcel reply;
         MessageOption option;
diff --git a/test/fuzztest/services/accesstoken/getdefpermissionstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/getdefpermissionstub_fuzzer/BUILD.gn
index ded95af835e952c36675ea146e57ae02bc33b4c6..3cd1c415b908766cf31bfaa293b719ca5f05ffae 100644
--- a/test/fuzztest/services/accesstoken/getdefpermissionstub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/accesstoken/getdefpermissionstub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2023 Huawei Device Co., Ltd.
+# Copyright (c) 2023-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -33,7 +33,10 @@ ohos_fuzztest("GetDefPermissionStubFuzzTest") {
 
   deps = access_token_deps
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
   external_deps = access_token_external_deps
 
diff --git a/test/fuzztest/services/accesstoken/getdefpermissionstub_fuzzer/getdefpermissionstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/getdefpermissionstub_fuzzer/getdefpermissionstub_fuzzer.cpp
index f16a5736629b4e13fc253191cea83f4c5321538f..5be9fb45eb812b030d74eca9c080bcc1f990f25f 100644
--- a/test/fuzztest/services/accesstoken/getdefpermissionstub_fuzzer/getdefpermissionstub_fuzzer.cpp
+++ b/test/fuzztest/services/accesstoken/getdefpermissionstub_fuzzer/getdefpermissionstub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023 Huawei Device Co., Ltd.
+ * Copyright (c) 2023-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -21,7 +21,7 @@
 #include "accesstoken_fuzzdata.h"
 #undef private
 #include "accesstoken_manager_service.h"
-#include "i_accesstoken_manager.h"
+#include "iaccess_token_manager.h"
 #include "permission_def_parcel.h"
 
 using namespace std;
@@ -45,7 +45,7 @@ namespace OHOS {
         }
 
         uint32_t code = static_cast<uint32_t>(
-            AccessTokenInterfaceCode::GET_DEF_PERMISSION);
+            IAccessTokenManagerIpcCode::COMMAND_GET_DEF_PERMISSION);
 
         MessageParcel reply;
         MessageOption option;
diff --git a/test/fuzztest/services/accesstoken/gethaptokenidstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/gethaptokenidstub_fuzzer/BUILD.gn
index feff7b531501d6976882ef0859152f37ac82cb72..5f964f2ef15d85c1780db1994c677c370c9a9cc5 100644
--- a/test/fuzztest/services/accesstoken/gethaptokenidstub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/accesstoken/gethaptokenidstub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2023 Huawei Device Co., Ltd.
+# Copyright (c) 2023-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -33,7 +33,10 @@ ohos_fuzztest("GetHapTokenIDStubFuzzTest") {
 
   deps = access_token_deps
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
   external_deps = access_token_external_deps
 
diff --git a/test/fuzztest/services/accesstoken/gethaptokenidstub_fuzzer/gethaptokenidstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/gethaptokenidstub_fuzzer/gethaptokenidstub_fuzzer.cpp
index c2e0560eee018d51665fa1917f963227e151de2d..39c8c5fff819fd9dc0cd8ea975b1f7438617f099 100644
--- a/test/fuzztest/services/accesstoken/gethaptokenidstub_fuzzer/gethaptokenidstub_fuzzer.cpp
+++ b/test/fuzztest/services/accesstoken/gethaptokenidstub_fuzzer/gethaptokenidstub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023 Huawei Device Co., Ltd.
+ * Copyright (c) 2023-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -23,7 +23,7 @@
 #include "accesstoken_fuzzdata.h"
 #undef private
 #include "accesstoken_manager_service.h"
-#include "i_accesstoken_manager.h"
+#include "iaccess_token_manager.h"
 
 using namespace std;
 using namespace OHOS::Security::AccessToken;
@@ -51,7 +51,7 @@ namespace OHOS {
         }
 
         uint32_t code = static_cast<uint32_t>(
-            AccessTokenInterfaceCode::GET_HAP_TOKEN_ID);
+            IAccessTokenManagerIpcCode::COMMAND_GET_HAP_TOKEN_I_D);
 
         MessageParcel reply;
         MessageOption option;
diff --git a/test/fuzztest/services/accesstoken/gethaptokeninfoextstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/gethaptokeninfoextstub_fuzzer/BUILD.gn
index 96c90b59db1084e3ffab3ae2ebb033a5cc00c9b7..1fb85c364cbf13fa35b7bc1a1a0443fe0c2288ed 100644
--- a/test/fuzztest/services/accesstoken/gethaptokeninfoextstub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/accesstoken/gethaptokeninfoextstub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2023 Huawei Device Co., Ltd.
+# Copyright (c) 2023-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -33,7 +33,10 @@ ohos_fuzztest("GetHapTokenInfoExtStubFuzzTest") {
 
   deps = access_token_deps
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
   external_deps = access_token_external_deps
 
diff --git a/test/fuzztest/services/accesstoken/gethaptokeninfoextstub_fuzzer/gethaptokeninfoextstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/gethaptokeninfoextstub_fuzzer/gethaptokeninfoextstub_fuzzer.cpp
index 2f2c8dfc706cb2d0e9cd194697181658af504c54..1f6b07eb3201176dc2e58833f051ddcd3f678ad1 100644
--- a/test/fuzztest/services/accesstoken/gethaptokeninfoextstub_fuzzer/gethaptokeninfoextstub_fuzzer.cpp
+++ b/test/fuzztest/services/accesstoken/gethaptokeninfoextstub_fuzzer/gethaptokeninfoextstub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023 Huawei Device Co., Ltd.
+ * Copyright (c) 2023-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -24,7 +24,7 @@
 #undef private
 #include "accesstoken_fuzzdata.h"
 #include "accesstoken_manager_service.h"
-#include "i_accesstoken_manager.h"
+#include "iaccess_token_manager.h"
 #include "permission_def_parcel.h"
 #include "accesstoken_kit.h"
 #include "access_token.h"
@@ -134,7 +134,7 @@ namespace OHOS {
         }
 
         uint32_t code = static_cast<uint32_t>(
-            AccessTokenInterfaceCode::GET_HAP_TOKENINFO_EXT);
+            IAccessTokenManagerIpcCode::COMMAND_GET_HAP_TOKEN_INFO_EXTENSION);
 
         MessageParcel reply;
         MessageOption option;
diff --git a/test/fuzztest/services/accesstoken/gethaptokeninfofromremotestub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/gethaptokeninfofromremotestub_fuzzer/BUILD.gn
index 6cebda6d47d62bdc158c0599ca974e0fa08375d7..534f9be569fd8eea0ba21433b485c33591a1c43f 100644
--- a/test/fuzztest/services/accesstoken/gethaptokeninfofromremotestub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/accesstoken/gethaptokeninfofromremotestub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2023 Huawei Device Co., Ltd.
+# Copyright (c) 2023-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -33,7 +33,10 @@ ohos_fuzztest("GetHapTokenInfoFromRemoteStubFuzzTest") {
 
   deps = access_token_deps
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
   external_deps = access_token_external_deps
 
diff --git a/test/fuzztest/services/accesstoken/gethaptokeninfofromremotestub_fuzzer/gethaptokeninfofromremotestub_fuzzer.cpp b/test/fuzztest/services/accesstoken/gethaptokeninfofromremotestub_fuzzer/gethaptokeninfofromremotestub_fuzzer.cpp
index 747adab6e8572712cb91c810f0b86561e5d6721b..63a282eb87a88f9bbcc29791cab7297b6d6fdec5 100644
--- a/test/fuzztest/services/accesstoken/gethaptokeninfofromremotestub_fuzzer/gethaptokeninfofromremotestub_fuzzer.cpp
+++ b/test/fuzztest/services/accesstoken/gethaptokeninfofromremotestub_fuzzer/gethaptokeninfofromremotestub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023 Huawei Device Co., Ltd.
+ * Copyright (c) 2023-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -23,7 +23,7 @@
 #include "accesstoken_info_manager.h"
 #include "accesstoken_kit.h"
 #include "accesstoken_manager_service.h"
-#include "i_accesstoken_manager.h"
+#include "iaccess_token_manager.h"
 #include "token_setproc.h"
 
 using namespace std;
@@ -49,7 +49,7 @@ namespace OHOS {
         }
 
         uint32_t code = static_cast<uint32_t>(
-            AccessTokenInterfaceCode::GET_HAP_TOKEN_FROM_REMOTE);
+            IAccessTokenManagerIpcCode::COMMAND_GET_HAP_TOKEN_INFO_FROM_REMOTE);
 
         MessageParcel reply;
         MessageOption option;
@@ -57,7 +57,11 @@ namespace OHOS {
         if (enable) {
             AccessTokenID accesstoken = AccessTokenKit::GetNativeTokenId("token_sync_service");
             SetSelfTokenID(accesstoken);
-            AccessTokenInfoManager::GetInstance().Init();
+            uint32_t hapSize = 0;
+            uint32_t nativeSize = 0;
+            uint32_t pefDefSize = 0;
+            uint32_t dlpSize = 0;
+            AccessTokenInfoManager::GetInstance().Init(hapSize, nativeSize, pefDefSize, dlpSize);
         }
         DelayedSingleton<AccessTokenManagerService>::GetInstance()->OnRemoteRequest(code, datas, reply, option);
         AccessTokenID hdcd = AccessTokenKit::GetNativeTokenId("hdcd");
diff --git a/test/fuzztest/services/accesstoken/gethaptokeninfostub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/gethaptokeninfostub_fuzzer/BUILD.gn
index 3780e4e29bb6abd2133078547cda3472a6e18020..5b17d73ebc2f3ef33f09bf47fc44614d617daf37 100644
--- a/test/fuzztest/services/accesstoken/gethaptokeninfostub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/accesstoken/gethaptokeninfostub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2023 Huawei Device Co., Ltd.
+# Copyright (c) 2023-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -33,7 +33,10 @@ ohos_fuzztest("GetHapTokenInfoStubFuzzTest") {
 
   deps = access_token_deps
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
   external_deps = access_token_external_deps
 
diff --git a/test/fuzztest/services/accesstoken/gethaptokeninfostub_fuzzer/gethaptokeninfostub_fuzzer.cpp b/test/fuzztest/services/accesstoken/gethaptokeninfostub_fuzzer/gethaptokeninfostub_fuzzer.cpp
index 234dcdd9ca48dec47939f94f7cc9e6d89b3aefef..9f05b60603508a28f111a8855b40febcb3687e85 100644
--- a/test/fuzztest/services/accesstoken/gethaptokeninfostub_fuzzer/gethaptokeninfostub_fuzzer.cpp
+++ b/test/fuzztest/services/accesstoken/gethaptokeninfostub_fuzzer/gethaptokeninfostub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023 Huawei Device Co., Ltd.
+ * Copyright (c) 2023-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -23,7 +23,7 @@
 #undef private
 #include "accesstoken_fuzzdata.h"
 #include "accesstoken_manager_service.h"
-#include "i_accesstoken_manager.h"
+#include "iaccess_token_manager.h"
 #include "permission_def_parcel.h"
 
 using namespace std;
@@ -48,7 +48,7 @@ namespace OHOS {
         }
 
         uint32_t code = static_cast<uint32_t>(
-            AccessTokenInterfaceCode::GET_HAP_TOKENINFO);
+            IAccessTokenManagerIpcCode::COMMAND_GET_HAP_TOKEN_INFO);
 
         MessageParcel reply;
         MessageOption option;
diff --git a/test/fuzztest/services/accesstoken/getkernelpermissionsstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/getkernelpermissionsstub_fuzzer/BUILD.gn
index 5a0763a72fb4c1d4acffd9960562d869281cd5fb..9bbe0f0104a70ec1c6bf1ad897c3c6c84986e277 100644
--- a/test/fuzztest/services/accesstoken/getkernelpermissionsstub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/accesstoken/getkernelpermissionsstub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2024 Huawei Device Co., Ltd.
+# Copyright (c) 2024-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -33,7 +33,10 @@ ohos_fuzztest("GetKernelPermissionsStubFuzzTest") {
 
   deps = access_token_deps
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
   external_deps = access_token_external_deps
 
diff --git a/test/fuzztest/services/accesstoken/getkernelpermissionsstub_fuzzer/getkernelpermissionsstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/getkernelpermissionsstub_fuzzer/getkernelpermissionsstub_fuzzer.cpp
index 5d18288f5acc58338dbd4d16f8a36df504c5bf72..06c8c603e96ab9c543c37e2dc3260192a545d3a7 100644
--- a/test/fuzztest/services/accesstoken/getkernelpermissionsstub_fuzzer/getkernelpermissionsstub_fuzzer.cpp
+++ b/test/fuzztest/services/accesstoken/getkernelpermissionsstub_fuzzer/getkernelpermissionsstub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Copyright (c) 2024-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -21,7 +21,7 @@
 #undef private
 #include "accesstoken_fuzzdata.h"
 #include "accesstoken_manager_service.h"
-#include "i_accesstoken_manager.h"
+#include "iaccess_token_manager.h"
 
 using namespace std;
 using namespace OHOS::Security::AccessToken;
@@ -42,7 +42,7 @@ namespace OHOS {
             return false;
         }
 
-        uint32_t code = static_cast<uint32_t>(AccessTokenInterfaceCode::GET_KERNEL_PERMISSIONS);
+        uint32_t code = static_cast<uint32_t>(IAccessTokenManagerIpcCode::COMMAND_GET_KERNEL_PERMISSIONS);
 
         MessageParcel reply;
         MessageOption option;
diff --git a/test/fuzztest/services/accesstoken/getnativetokenidstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/getnativetokenidstub_fuzzer/BUILD.gn
index 88f5a33e366d54da371b2d6ede1fe5de628803f0..e03846b15b5b6617b0ea7ded64481e10f3d47e24 100644
--- a/test/fuzztest/services/accesstoken/getnativetokenidstub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/accesstoken/getnativetokenidstub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2023 Huawei Device Co., Ltd.
+# Copyright (c) 2023-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -33,7 +33,10 @@ ohos_fuzztest("GetNativeTokenIdStubFuzzTest") {
 
   deps = access_token_deps
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
   external_deps = access_token_external_deps
 
diff --git a/test/fuzztest/services/accesstoken/getnativetokenidstub_fuzzer/getnativetokenidstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/getnativetokenidstub_fuzzer/getnativetokenidstub_fuzzer.cpp
index a6ba9c6ec197c2627fba158b5c8a20083369926b..96f13c6c98d1c6bb558712b1f20d18bbff36bca5 100644
--- a/test/fuzztest/services/accesstoken/getnativetokenidstub_fuzzer/getnativetokenidstub_fuzzer.cpp
+++ b/test/fuzztest/services/accesstoken/getnativetokenidstub_fuzzer/getnativetokenidstub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023 Huawei Device Co., Ltd.
+ * Copyright (c) 2023-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -23,7 +23,7 @@
 #undef private
 #include "accesstoken_fuzzdata.h"
 #include "accesstoken_manager_service.h"
-#include "i_accesstoken_manager.h"
+#include "iaccess_token_manager.h"
 #include "permission_def_parcel.h"
 
 using namespace std;
@@ -48,7 +48,7 @@ namespace OHOS {
         }
 
         uint32_t code = static_cast<uint32_t>(
-            AccessTokenInterfaceCode::GET_NATIVE_TOKEN_ID);
+            IAccessTokenManagerIpcCode::COMMAND_GET_NATIVE_TOKEN_ID);
 
         MessageParcel reply;
         MessageOption option;
diff --git a/test/fuzztest/services/accesstoken/getnativetokeninfostub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/getnativetokeninfostub_fuzzer/BUILD.gn
index bf1c570cd13430ae34a81819a02b5895ff5f8a84..69a27a830bad93fd9502559b1492bf4c8b528f81 100644
--- a/test/fuzztest/services/accesstoken/getnativetokeninfostub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/accesstoken/getnativetokeninfostub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2023 Huawei Device Co., Ltd.
+# Copyright (c) 2023-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -33,7 +33,10 @@ ohos_fuzztest("GetNativeTokenInfoStubFuzzTest") {
 
   deps = access_token_deps
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
   external_deps = access_token_external_deps
 
diff --git a/test/fuzztest/services/accesstoken/getnativetokeninfostub_fuzzer/getnativetokeninfostub_fuzzer.cpp b/test/fuzztest/services/accesstoken/getnativetokeninfostub_fuzzer/getnativetokeninfostub_fuzzer.cpp
index aae9deef479833fc0511507e9362bfdd32dd9ae0..505057e1ef907c8d37a4fc79e1d7f7161622fe55 100644
--- a/test/fuzztest/services/accesstoken/getnativetokeninfostub_fuzzer/getnativetokeninfostub_fuzzer.cpp
+++ b/test/fuzztest/services/accesstoken/getnativetokeninfostub_fuzzer/getnativetokeninfostub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023 Huawei Device Co., Ltd.
+ * Copyright (c) 2023-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -23,7 +23,7 @@
 #undef private
 #include "accesstoken_fuzzdata.h"
 #include "accesstoken_manager_service.h"
-#include "i_accesstoken_manager.h"
+#include "iaccess_token_manager.h"
 
 using namespace std;
 using namespace OHOS::Security::AccessToken;
@@ -45,7 +45,7 @@ namespace OHOS {
         }
 
         uint32_t code = static_cast<uint32_t>(
-            AccessTokenInterfaceCode::GET_NATIVE_TOKENINFO);
+            IAccessTokenManagerIpcCode::COMMAND_GET_NATIVE_TOKEN_INFO);
 
         MessageParcel reply;
         MessageOption option;
diff --git a/test/fuzztest/services/accesstoken/getpermissionflagstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/getpermissionflagstub_fuzzer/BUILD.gn
index bd20c6515a44dba36067fdd94b204d1bab9d2d06..c0950cccd2ebd578cddda407940eab648bacf698 100644
--- a/test/fuzztest/services/accesstoken/getpermissionflagstub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/accesstoken/getpermissionflagstub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2023 Huawei Device Co., Ltd.
+# Copyright (c) 2023-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -33,7 +33,10 @@ ohos_fuzztest("GetPermissionFlagStubFuzzTest") {
 
   deps = access_token_deps
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
   external_deps = access_token_external_deps
 
diff --git a/test/fuzztest/services/accesstoken/getpermissionflagstub_fuzzer/getpermissionflagstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/getpermissionflagstub_fuzzer/getpermissionflagstub_fuzzer.cpp
index 1a568a539a14ffbdaa1e67f1c2c2b2a5671138b7..cc4c7fc5d5da05821fa79fd6a78f9a7e3c94ab9b 100644
--- a/test/fuzztest/services/accesstoken/getpermissionflagstub_fuzzer/getpermissionflagstub_fuzzer.cpp
+++ b/test/fuzztest/services/accesstoken/getpermissionflagstub_fuzzer/getpermissionflagstub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023 Huawei Device Co., Ltd.
+ * Copyright (c) 2023-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -23,7 +23,7 @@
 #undef private
 #include "accesstoken_fuzzdata.h"
 #include "accesstoken_manager_service.h"
-#include "i_accesstoken_manager.h"
+#include "iaccess_token_manager.h"
 
 using namespace std;
 using namespace OHOS::Security::AccessToken;
@@ -46,7 +46,7 @@ namespace OHOS {
         }
 
         uint32_t code = static_cast<uint32_t>(
-            AccessTokenInterfaceCode::GET_PERMISSION_FLAG);
+            IAccessTokenManagerIpcCode::COMMAND_GET_PERMISSION_FLAG);
 
         MessageParcel reply;
         MessageOption option;
diff --git a/test/fuzztest/services/accesstoken/getpermissionrequesttogglestatusstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/getpermissionrequesttogglestatusstub_fuzzer/BUILD.gn
index 07a60bedb24857339047cf812e441c73096c1e09..ac30fc2f5003499c0f4f7836e6f359a33a47c654 100644
--- a/test/fuzztest/services/accesstoken/getpermissionrequesttogglestatusstub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/accesstoken/getpermissionrequesttogglestatusstub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2024 Huawei Device Co., Ltd.
+# Copyright (c) 2024-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -33,7 +33,10 @@ ohos_fuzztest("GetPermissionRequestToggleStatusStubFuzzTest") {
 
   deps = access_token_deps
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
   external_deps = access_token_external_deps
 
diff --git a/test/fuzztest/services/accesstoken/getpermissionrequesttogglestatusstub_fuzzer/getpermissionrequesttogglestatusstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/getpermissionrequesttogglestatusstub_fuzzer/getpermissionrequesttogglestatusstub_fuzzer.cpp
index 841934814bc644260af981c2a5d2e22021ce2767..10b12bce5775971c4fbd0df8a6b22830a3e5ea38 100644
--- a/test/fuzztest/services/accesstoken/getpermissionrequesttogglestatusstub_fuzzer/getpermissionrequesttogglestatusstub_fuzzer.cpp
+++ b/test/fuzztest/services/accesstoken/getpermissionrequesttogglestatusstub_fuzzer/getpermissionrequesttogglestatusstub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Copyright (c) 2024-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -23,7 +23,7 @@
 #undef private
 #include "accesstoken_fuzzdata.h"
 #include "accesstoken_manager_service.h"
-#include "i_accesstoken_manager.h"
+#include "iaccess_token_manager.h"
 
 using namespace std;
 using namespace OHOS::Security::AccessToken;
@@ -46,7 +46,7 @@ namespace OHOS {
         }
 
         uint32_t code = static_cast<uint32_t>(
-            AccessTokenInterfaceCode::GET_PERMISSION_REQUEST_TOGGLE_STATUS);
+            IAccessTokenManagerIpcCode::COMMAND_GET_PERMISSION_REQUEST_TOGGLE_STATUS);
 
         MessageParcel reply;
         MessageOption option;
diff --git a/test/fuzztest/services/accesstoken/getpermissionsstatusstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/getpermissionsstatusstub_fuzzer/BUILD.gn
index 389e032db381b0c39dfcaca7b3f2d345963dd3fa..efc48f2c8a5ba7a69ff6a5007c17a21d02503e96 100644
--- a/test/fuzztest/services/accesstoken/getpermissionsstatusstub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/accesstoken/getpermissionsstatusstub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2024 Huawei Device Co., Ltd.
+# Copyright (c) 2024-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -34,7 +34,10 @@ ohos_fuzztest("GetPermissionsStatusStubFuzzTest") {
   deps = access_token_deps
   deps += [ "${access_token_path}/interfaces/innerkits/nativetoken:libnativetoken_shared" ]
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
   external_deps = access_token_external_deps
 
diff --git a/test/fuzztest/services/accesstoken/getpermissionsstatusstub_fuzzer/getpermissionsstatusstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/getpermissionsstatusstub_fuzzer/getpermissionsstatusstub_fuzzer.cpp
index 472fcc4808d963d1e5cdd4936405f69cc2f16d20..3f61fc13f81f24480a2ce682bfeeb965c75043d2 100644
--- a/test/fuzztest/services/accesstoken/getpermissionsstatusstub_fuzzer/getpermissionsstatusstub_fuzzer.cpp
+++ b/test/fuzztest/services/accesstoken/getpermissionsstatusstub_fuzzer/getpermissionsstatusstub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023 Huawei Device Co., Ltd.
+ * Copyright (c) 2023-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -24,7 +24,7 @@
 #include "access_token.h"
 #include "accesstoken_kit.h"
 #include "accesstoken_manager_service.h"
-#include "i_accesstoken_manager.h"
+#include "iaccess_token_manager.h"
 #include "nativetoken_kit.h"
 #include "securec.h"
 #include "token_setproc.h"
@@ -120,7 +120,7 @@ size_t g_baseFuzzPos = 0;
             }
 
             uint32_t code = static_cast<uint32_t>(
-                AccessTokenInterfaceCode::GET_PERMISSIONS_STATUS);
+                IAccessTokenManagerIpcCode::COMMAND_GET_PERMISSIONS_STATUS);
             MessageParcel reply;
             MessageOption option;
             bool enable = ((size % CONSTANTS_NUMBER_TWO) == 0);
diff --git a/test/fuzztest/services/accesstoken/getpermissionusedtypestub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/getpermissionusedtypestub_fuzzer/BUILD.gn
index 81e50ab0ae6d39754ca54140d1456bbe76314d14..9e050c96110bd792d69326c5df2d098e53bbd8ac 100644
--- a/test/fuzztest/services/accesstoken/getpermissionusedtypestub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/accesstoken/getpermissionusedtypestub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2024 Huawei Device Co., Ltd.
+# Copyright (c) 2024-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -33,7 +33,10 @@ ohos_fuzztest("GetPermissionUsedTypeStubFuzzTest") {
 
   deps = access_token_deps
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
   external_deps = access_token_external_deps
 
diff --git a/test/fuzztest/services/accesstoken/getpermissionusedtypestub_fuzzer/getpermissionusedtypestub_fuzzer.cpp b/test/fuzztest/services/accesstoken/getpermissionusedtypestub_fuzzer/getpermissionusedtypestub_fuzzer.cpp
index 5c8a672deff002860635be02480145956391f1ba..46d92628166cf29214d58e045bfbcde4db83df14 100644
--- a/test/fuzztest/services/accesstoken/getpermissionusedtypestub_fuzzer/getpermissionusedtypestub_fuzzer.cpp
+++ b/test/fuzztest/services/accesstoken/getpermissionusedtypestub_fuzzer/getpermissionusedtypestub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Copyright (c) 2024-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -24,7 +24,7 @@
 #include "accesstoken_fuzzdata.h"
 #include "accesstoken_manager_service.h"
 #include "hap_info_parcel.h"
-#include "i_accesstoken_manager.h"
+#include "iaccess_token_manager.h"
 
 using namespace std;
 using namespace OHOS::Security::AccessToken;
@@ -52,7 +52,7 @@ bool GetPermissionUsedTypeStubFuzzTest(const uint8_t* data, size_t size)
     }
 
     uint32_t code = static_cast<uint32_t>(
-        AccessTokenInterfaceCode::GET_USER_GRANTED_PERMISSION_USED_TYPE);
+        IAccessTokenManagerIpcCode::COMMAND_GET_PERMISSION_USED_TYPE);
 
     MessageParcel reply;
     MessageOption option;
diff --git a/test/fuzztest/services/accesstoken/getremotenativetokenidstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/getremotenativetokenidstub_fuzzer/BUILD.gn
index d3ce3d6fc1078c32a209a1d62c83e62e35ac3287..0dfb959a6bf56435a8dd4a30f4842650a452989c 100644
--- a/test/fuzztest/services/accesstoken/getremotenativetokenidstub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/accesstoken/getremotenativetokenidstub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2023 Huawei Device Co., Ltd.
+# Copyright (c) 2023-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -33,7 +33,10 @@ ohos_fuzztest("GetRemoteNativeTokenIDStubFuzzTest") {
 
   deps = access_token_deps
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
   external_deps = access_token_external_deps
 
diff --git a/test/fuzztest/services/accesstoken/getremotenativetokenidstub_fuzzer/getremotenativetokenidstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/getremotenativetokenidstub_fuzzer/getremotenativetokenidstub_fuzzer.cpp
index 2b823907860ca6d8f828c08702053217b66fbcdb..d1aa64cfebc516663582e1e58d2bc3a099f222fe 100644
--- a/test/fuzztest/services/accesstoken/getremotenativetokenidstub_fuzzer/getremotenativetokenidstub_fuzzer.cpp
+++ b/test/fuzztest/services/accesstoken/getremotenativetokenidstub_fuzzer/getremotenativetokenidstub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023 Huawei Device Co., Ltd.
+ * Copyright (c) 2023-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -23,7 +23,7 @@
 #include "accesstoken_info_manager.h"
 #include "accesstoken_kit.h"
 #include "accesstoken_manager_service.h"
-#include "i_accesstoken_manager.h"
+#include "iaccess_token_manager.h"
 #include "token_setproc.h"
 
 using namespace std;
@@ -54,7 +54,7 @@ namespace OHOS {
         }
        
         uint32_t code = static_cast<uint32_t>(
-            AccessTokenInterfaceCode::GET_NATIVE_REMOTE_TOKEN);
+            IAccessTokenManagerIpcCode::COMMAND_GET_REMOTE_NATIVE_TOKEN_I_D);
 
         MessageParcel reply;
         MessageOption option;
@@ -62,7 +62,11 @@ namespace OHOS {
         if (enable) {
             AccessTokenID accesstoken = AccessTokenKit::GetNativeTokenId("token_sync_service");
             SetSelfTokenID(accesstoken);
-            AccessTokenInfoManager::GetInstance().Init();
+            uint32_t hapSize = 0;
+            uint32_t nativeSize = 0;
+            uint32_t pefDefSize = 0;
+            uint32_t dlpSize = 0;
+            AccessTokenInfoManager::GetInstance().Init(hapSize, nativeSize, pefDefSize, dlpSize);
         }
         DelayedSingleton<AccessTokenManagerService>::GetInstance()->OnRemoteRequest(code, datas, reply, option);
         AccessTokenID hdcd = AccessTokenKit::GetNativeTokenId("hdcd");
diff --git a/test/fuzztest/services/accesstoken/getreqpermissionbynamestub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/getreqpermissionbynamestub_fuzzer/BUILD.gn
index f2de773f08d93df3eeaef2b965bc0b52949d1224..197b8f6b246b46b59d844ec05cdf713370bf0b28 100644
--- a/test/fuzztest/services/accesstoken/getreqpermissionbynamestub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/accesstoken/getreqpermissionbynamestub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2024 Huawei Device Co., Ltd.
+# Copyright (c) 2024-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -33,7 +33,10 @@ ohos_fuzztest("GetReqPermissionByNameStubFuzzTest") {
 
   deps = access_token_deps
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
   external_deps = access_token_external_deps
 
diff --git a/test/fuzztest/services/accesstoken/getreqpermissionbynamestub_fuzzer/getreqpermissionbynamestub_fuzzer.cpp b/test/fuzztest/services/accesstoken/getreqpermissionbynamestub_fuzzer/getreqpermissionbynamestub_fuzzer.cpp
index d9f021801db41f5c66041eae2c9258f1d923dddf..e0da7247cd64e5f9aefed9d2a4fc1503364a3eb0 100644
--- a/test/fuzztest/services/accesstoken/getreqpermissionbynamestub_fuzzer/getreqpermissionbynamestub_fuzzer.cpp
+++ b/test/fuzztest/services/accesstoken/getreqpermissionbynamestub_fuzzer/getreqpermissionbynamestub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Copyright (c) 2024-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -21,7 +21,7 @@
 #undef private
 #include "accesstoken_fuzzdata.h"
 #include "accesstoken_manager_service.h"
-#include "i_accesstoken_manager.h"
+#include "iaccess_token_manager.h"
 
 using namespace std;
 using namespace OHOS::Security::AccessToken;
@@ -42,7 +42,7 @@ namespace OHOS {
             return false;
         }
 
-        uint32_t code = static_cast<uint32_t>(AccessTokenInterfaceCode::GET_PERMISSION_BY_NAME);
+        uint32_t code = static_cast<uint32_t>(IAccessTokenManagerIpcCode::COMMAND_GET_REQ_PERMISSION_BY_NAME);
 
         MessageParcel reply;
         MessageOption option;
diff --git a/test/fuzztest/services/accesstoken/getreqpermissionsstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/getreqpermissionsstub_fuzzer/BUILD.gn
index 225390f68a30b67d7e3832f902c3136659971b18..0c3f1c41f972650ffcb5bbc0fd98e72c99fa9c8f 100644
--- a/test/fuzztest/services/accesstoken/getreqpermissionsstub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/accesstoken/getreqpermissionsstub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2023 Huawei Device Co., Ltd.
+# Copyright (c) 2023-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -33,7 +33,10 @@ ohos_fuzztest("GetReqPermissionsStubFuzzTest") {
 
   deps = access_token_deps
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
   external_deps = access_token_external_deps
 
diff --git a/test/fuzztest/services/accesstoken/getreqpermissionsstub_fuzzer/getreqpermissionsstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/getreqpermissionsstub_fuzzer/getreqpermissionsstub_fuzzer.cpp
index d8db10cb1445a6f88461f731798dc3d11b90cd01..022a9113e235f1d04c2e222f21709d0f5ae18538 100644
--- a/test/fuzztest/services/accesstoken/getreqpermissionsstub_fuzzer/getreqpermissionsstub_fuzzer.cpp
+++ b/test/fuzztest/services/accesstoken/getreqpermissionsstub_fuzzer/getreqpermissionsstub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023 Huawei Device Co., Ltd.
+ * Copyright (c) 2023-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -21,7 +21,7 @@
 #undef private
 #include "accesstoken_fuzzdata.h"
 #include "accesstoken_manager_service.h"
-#include "i_accesstoken_manager.h"
+#include "iaccess_token_manager.h"
 #include "permission_def_parcel.h"
 
 using namespace std;
@@ -47,7 +47,7 @@ namespace OHOS {
         }
 
         uint32_t code = static_cast<uint32_t>(
-            AccessTokenInterfaceCode::GET_REQ_PERMISSIONS);
+            IAccessTokenManagerIpcCode::COMMAND_GET_REQ_PERMISSIONS);
 
         MessageParcel reply;
         MessageOption option;
diff --git a/test/fuzztest/services/privacy/getspecialseccompenhancestub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/getseccompenhancestub_fuzzer/BUILD.gn
similarity index 54%
rename from test/fuzztest/services/privacy/getspecialseccompenhancestub_fuzzer/BUILD.gn
rename to test/fuzztest/services/accesstoken/getseccompenhancestub_fuzzer/BUILD.gn
index f9454c81c1ccf81769147ae2304a7aa07e603d3a..f9f4a283bcd02323fe84dd6f83654ef57e79cb46 100644
--- a/test/fuzztest/services/privacy/getspecialseccompenhancestub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/accesstoken/getseccompenhancestub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2024 Huawei Device Co., Ltd.
+# Copyright (c) 2024-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -14,13 +14,13 @@
 import("//build/config/features.gni")
 import("//build/test.gni")
 import("../../../../../access_token.gni")
-import("../privacy_service_fuzz.gni")
+import("../access_token_service_fuzz.gni")
 
-ohos_fuzztest("GetSpecialSecCompEnhanceStubFuzzTest") {
-  module_out_path = module_output_path_service_privacy
+ohos_fuzztest("GetSecCompEnhanceStubFuzzTest") {
+  module_out_path = module_output_path_service_access_token
   fuzz_config_file = "."
 
-  sources = [ "getspecialseccompenhancestub_fuzzer.cpp" ]
+  sources = [ "getseccompenhancestub_fuzzer.cpp" ]
 
   cflags = [
     "-g",
@@ -29,21 +29,20 @@ ohos_fuzztest("GetSpecialSecCompEnhanceStubFuzzTest") {
     "-fno-omit-frame-pointer",
   ]
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
-
-  include_dirs = privacy_include_dirs
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
-  sources += privacy_sources
-  sources += [ "${access_token_path}/services/privacymanager/src/seccomp/privacy_sec_comp_enhance_agent.cpp" ]
+  include_dirs = access_token_include_dirs
 
-  defines = privacy_defines
+  sources += access_token_sources
+  sources += [ "${access_token_path}/services/accesstokenmanager/main/cpp/src/seccomp/sec_comp_enhance_agent.cpp" ]
 
-  cflags_cc = privacy_cflags_cc
+  cflags_cc = access_token_cflags_cc
   cflags_cc += [ "-DSECURITY_COMPONENT_ENHANCE_ENABLE" ]
 
-  deps = privacy_deps
-
-  deps += [ "${access_token_path}/interfaces/innerkits/privacy:libprivacy_sdk" ]
+  deps = access_token_deps
 
-  external_deps = privacy_external_deps
+  external_deps = access_token_external_deps
 }
diff --git a/test/fuzztest/innerkits/privacy/updateseccompenhance_fuzzer/corpus/init b/test/fuzztest/services/accesstoken/getseccompenhancestub_fuzzer/corpus/init
similarity index 100%
rename from test/fuzztest/innerkits/privacy/updateseccompenhance_fuzzer/corpus/init
rename to test/fuzztest/services/accesstoken/getseccompenhancestub_fuzzer/corpus/init
diff --git a/test/fuzztest/services/privacy/getseccompenhancestub_fuzzer/getseccompenhancestub_fuzzer.cpp b/test/fuzztest/services/accesstoken/getseccompenhancestub_fuzzer/getseccompenhancestub_fuzzer.cpp
similarity index 79%
rename from test/fuzztest/services/privacy/getseccompenhancestub_fuzzer/getseccompenhancestub_fuzzer.cpp
rename to test/fuzztest/services/accesstoken/getseccompenhancestub_fuzzer/getseccompenhancestub_fuzzer.cpp
index 3a5e4e063787ad25e39fe8faef328f33888bfb41..90b41c25de2acfd6a33b13a859068f69e07f471f 100644
--- a/test/fuzztest/services/privacy/getseccompenhancestub_fuzzer/getseccompenhancestub_fuzzer.cpp
+++ b/test/fuzztest/services/accesstoken/getseccompenhancestub_fuzzer/getseccompenhancestub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Copyright (c) 2024-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -20,13 +20,13 @@
 #include <vector>
 
 #include "accesstoken_fuzzdata.h"
+#include "accesstoken_manager_service.h"
 #undef private
 #include "errors.h"
-#include "i_privacy_manager.h"
+#include "iaccess_token_manager.h"
 #include "on_permission_used_record_callback_stub.h"
 #include "permission_used_request.h"
 #include "permission_used_request_parcel.h"
-#include "privacy_manager_service.h"
 
 using namespace std;
 using namespace OHOS::Security::AccessToken;
@@ -41,16 +41,16 @@ namespace OHOS {
         AccessTokenFuzzData fuzzData(data, size);
 
         MessageParcel datas;
-        datas.WriteInterfaceToken(IPrivacyManager::GetDescriptor());
+        datas.WriteInterfaceToken(IAccessTokenManager::GetDescriptor());
         if (!datas.WriteInt32(fuzzData.GetData<int32_t>())) {
             return false;
         }
 
-        uint32_t code = static_cast<uint32_t>(PrivacyInterfaceCode::GET_SEC_COMP_ENHANCE);
+        uint32_t code = static_cast<uint32_t>(IAccessTokenManagerIpcCode::COMMAND_GET_SEC_COMP_ENHANCE);
 
         MessageParcel reply;
         MessageOption option;
-        DelayedSingleton<PrivacyManagerService>::GetInstance()->OnRemoteRequest(code, datas, reply, option);
+        DelayedSingleton<AccessTokenManagerService>::GetInstance()->OnRemoteRequest(code, datas, reply, option);
 
         return true;
     }
diff --git a/test/fuzztest/services/privacy/getseccompenhancestub_fuzzer/getseccompenhancestub_fuzzer.h b/test/fuzztest/services/accesstoken/getseccompenhancestub_fuzzer/getseccompenhancestub_fuzzer.h
similarity index 100%
rename from test/fuzztest/services/privacy/getseccompenhancestub_fuzzer/getseccompenhancestub_fuzzer.h
rename to test/fuzztest/services/accesstoken/getseccompenhancestub_fuzzer/getseccompenhancestub_fuzzer.h
diff --git a/test/fuzztest/innerkits/privacy/getspecialseccompenhance_fuzzer/project.xml b/test/fuzztest/services/accesstoken/getseccompenhancestub_fuzzer/project.xml
similarity index 100%
rename from test/fuzztest/innerkits/privacy/getspecialseccompenhance_fuzzer/project.xml
rename to test/fuzztest/services/accesstoken/getseccompenhancestub_fuzzer/project.xml
diff --git a/test/fuzztest/services/accesstoken/getselfpermissionsstatestub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/getselfpermissionsstatestub_fuzzer/BUILD.gn
index 6e0b50f044ff59713ba3fa10696fbc639ea066c0..064c9261cd8d4db2c4dae7f7aa92f86381e5f8de 100644
--- a/test/fuzztest/services/accesstoken/getselfpermissionsstatestub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/accesstoken/getselfpermissionsstatestub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2023 Huawei Device Co., Ltd.
+# Copyright (c) 2023-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -33,7 +33,10 @@ ohos_fuzztest("GetSelfPermissionsStateStubFuzzTest") {
 
   deps = access_token_deps
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
   external_deps = access_token_external_deps
 
diff --git a/test/fuzztest/services/accesstoken/getselfpermissionsstatestub_fuzzer/getselfpermissionsstatestub_fuzzer.cpp b/test/fuzztest/services/accesstoken/getselfpermissionsstatestub_fuzzer/getselfpermissionsstatestub_fuzzer.cpp
index bb35c40c439a50bbb56aafd5a7adc7c3fb3b0dac..a767372a2dfd8e5786c1c22e4795dc347b1e2321 100644
--- a/test/fuzztest/services/accesstoken/getselfpermissionsstatestub_fuzzer/getselfpermissionsstatestub_fuzzer.cpp
+++ b/test/fuzztest/services/accesstoken/getselfpermissionsstatestub_fuzzer/getselfpermissionsstatestub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023 Huawei Device Co., Ltd.
+ * Copyright (c) 2023-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -21,7 +21,7 @@
 #undef private
 #include "accesstoken_fuzzdata.h"
 #include "accesstoken_manager_service.h"
-#include "i_accesstoken_manager.h"
+#include "iaccess_token_manager.h"
 
 using namespace std;
 using namespace OHOS;
@@ -51,7 +51,7 @@ namespace OHOS {
         }
 
         uint32_t code = static_cast<uint32_t>(
-            AccessTokenInterfaceCode::GET_PERMISSION_OPER_STATE);
+            IAccessTokenManagerIpcCode::COMMAND_GET_SELF_PERMISSIONS_STATE);
 
         MessageParcel reply;
         MessageOption option;
diff --git a/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/BUILD.gn
new file mode 100644
index 0000000000000000000000000000000000000000..4e1b33289c85ff733e6f55970d22be063026e58b
--- /dev/null
+++ b/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/BUILD.gn
@@ -0,0 +1,50 @@
+# Copyright (c) 2025 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import("//build/config/features.gni")
+import("//build/test.gni")
+import("../../../../../access_token.gni")
+import("../access_token_service_fuzz.gni")
+
+ohos_fuzztest("GetSelfPermissionStatusStubFuzzTest") {
+  module_out_path = module_output_path_service_access_token
+  fuzz_config_file = "."
+
+  sources = [ "getselfpermissionstatusstub_fuzzer.cpp" ]
+
+  cflags = [
+    "-g",
+    "-O0",
+    "-Wno-unused-variable",
+    "-fno-omit-frame-pointer",
+  ]
+
+  include_dirs = access_token_include_dirs
+
+  deps = access_token_deps
+
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
+
+  external_deps = access_token_external_deps
+
+  include_dirs += access_token_impl_include_dirs
+
+  cflags_cc = access_token_cflags_cc
+
+  sources += access_token_sources
+
+  sources += access_token_impl_sources
+}
diff --git a/test/fuzztest/services/privacy/updateseccompenhancestub_fuzzer/corpus/init b/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/corpus/init
similarity index 92%
rename from test/fuzztest/services/privacy/updateseccompenhancestub_fuzzer/corpus/init
rename to test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/corpus/init
index e7c3fecd8d4d4816e40088113a2316bb9eb2e13f..65af8ee8d11bf23407ea34d4de49f7cbb6a2b791 100644
--- a/test/fuzztest/services/privacy/updateseccompenhancestub_fuzzer/corpus/init
+++ b/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/corpus/init
@@ -1,4 +1,4 @@
-# Copyright (c) 2024 Huawei Device Co., Ltd.
+# Copyright (c) 2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
diff --git a/test/fuzztest/innerkits/accesstoken/registertokensynccallback_fuzzer/registertokensynccallback_fuzzer.cpp b/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/getselfpermissionstatusstub_fuzzer.cpp
similarity index 36%
rename from test/fuzztest/innerkits/accesstoken/registertokensynccallback_fuzzer/registertokensynccallback_fuzzer.cpp
rename to test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/getselfpermissionstatusstub_fuzzer.cpp
index 44e735b51876719fa320efdc56b3f7711aef4134..5587af8d23d54c7b71713a0063e57672b8ceb941 100644
--- a/test/fuzztest/innerkits/accesstoken/registertokensynccallback_fuzzer/registertokensynccallback_fuzzer.cpp
+++ b/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/getselfpermissionstatusstub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Copyright (c) 2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -13,60 +13,40 @@
  * limitations under the License.
  */
 
-#include "registertokensynccallback_fuzzer.h"
+#include "getselfpermissionstatusstub_fuzzer.h"
 
-#include "accesstoken_kit.h"
-#include "token_setproc.h"
-#include "token_sync_kit_interface.h"
+#include <string>
+#include <thread>
+#include <vector>
+#undef private
+#include "accesstoken_fuzzdata.h"
+#include "accesstoken_manager_service.h"
+#include "iaccess_token_manager.h"
 
 using namespace std;
+using namespace OHOS;
 using namespace OHOS::Security::AccessToken;
-namespace {
-class TokenSyncCallback : public TokenSyncKitInterface {
-public:
-    ~TokenSyncCallback() = default;
-    int32_t GetRemoteHapTokenInfo(const std::string& deviceID, AccessTokenID tokenID) const override
-    {
-        return TokenSyncError::TOKEN_SYNC_OPENSOURCE_DEVICE; // TOKEN_SYNC_OPENSOURCE_DEVICE is a test
-    };
-
-    int32_t DeleteRemoteHapTokenInfo(AccessTokenID tokenID) const override
-    {
-        return TokenSyncError::TOKEN_SYNC_SUCCESS; // TOKEN_SYNC_SUCCESS is a test
-    };
-
-    int32_t UpdateRemoteHapTokenInfo(const HapTokenInfoForSync& tokenInfo) const override
-    {
-        return TokenSyncError::TOKEN_SYNC_SUCCESS; // TOKEN_SYNC_SUCCESS is a test
-    };
-};
-
-#ifdef TOKEN_SYNC_ENABLE
-static bool NativeTokenGet()
-{
-    AccessTokenID token = AccessTokenKit::GetNativeTokenId("token_sync_service");
-    if (token == 0) {
-        return false;
-    }
-    SetSelfTokenID(token);
-    return true;
-}
-#endif
-};
 
 namespace OHOS {
-    bool RegisterTokenSyncCallbackFuzzTest(const uint8_t* data, size_t size)
+    bool GetSelfPermissionStatusStubFuzzTest(const uint8_t* data, size_t size)
     {
         if ((data == nullptr) || (size == 0)) {
             return false;
         }
-    #ifdef TOKEN_SYNC_ENABLE
-        std::shared_ptr<TokenSyncKitInterface> callback = std::make_shared<TokenSyncCallback>();
-        int32_t result = AccessTokenKit::RegisterTokenSyncCallback(callback);
-        return result == RET_SUCCESS;
-    #else
+        AccessTokenFuzzData fuzzData(data, size);
+        std::string permissionName = fuzzData.GenerateStochasticString();
+        MessageParcel datas;
+        datas.WriteInterfaceToken(IAccessTokenManager::GetDescriptor());
+        if (!datas.WriteString(permissionName)) {
+            return false;
+        }
+
+        uint32_t code = static_cast<uint32_t>(
+            IAccessTokenManagerIpcCode::COMMAND_GET_SELF_PERMISSION_STATUS);
+        MessageParcel reply;
+        MessageOption option;
+        DelayedSingleton<AccessTokenManagerService>::GetInstance()->OnRemoteRequest(code, datas, reply, option);
         return true;
-    #endif // TOKEN_SYNC_ENABLE
     }
 }
 
@@ -74,9 +54,7 @@ namespace OHOS {
 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
 {
     /* Run your code on data */
-#ifdef TOKEN_SYNC_ENABLE
-    NativeTokenGet();
-#endif
-    OHOS::RegisterTokenSyncCallbackFuzzTest(data, size);
+    OHOS::GetSelfPermissionStatusStubFuzzTest(data, size);
     return 0;
-}
\ No newline at end of file
+}
+ 
diff --git a/test/fuzztest/innerkits/accesstoken/registertokensynccallback_fuzzer/registertokensynccallback_fuzzer.h b/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/getselfpermissionstatusstub_fuzzer.h
similarity index 66%
rename from test/fuzztest/innerkits/accesstoken/registertokensynccallback_fuzzer/registertokensynccallback_fuzzer.h
rename to test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/getselfpermissionstatusstub_fuzzer.h
index 85e27d079c7d949a829e3b2dd6b543f4b71f9478..6c3de023ffd7666c123353d1b7b55aa5f20b4155 100644
--- a/test/fuzztest/innerkits/accesstoken/registertokensynccallback_fuzzer/registertokensynccallback_fuzzer.h
+++ b/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/getselfpermissionstatusstub_fuzzer.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Copyright (c) 2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -13,9 +13,9 @@
  * limitations under the License.
  */
 
-#ifndef TEST_FUZZTEST_REGISTERTOKENSYNCCALLBACK_FUZZER_H
-#define TEST_FUZZTEST_REGISTERTOKENSYNCCALLBACK_FUZZER_H
+#ifndef TEST_FUZZTEST_GETSELFPERMISSIONSTATUSSTUB_FUZZER_H
+#define TEST_FUZZTEST_GETSELFPERMISSIONSTATUSSTUB_FUZZER_H
 
-#define FUZZ_PROJECT_NAME "registertokensynccallback_fuzzer"
+#define FUZZ_PROJECT_NAME "getselfpermissionstatusstub_fuzzer"
 
-#endif // TEST_FUZZTEST_REGISTERTOKENSYNCCALLBACK_FUZZER_H
\ No newline at end of file
+#endif // TEST_FUZZTEST_GETSELFPERMISSIONSTATUSSTUB_FUZZER_H
diff --git a/test/fuzztest/services/privacy/updateseccompenhancestub_fuzzer/project.xml b/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/project.xml
similarity index 95%
rename from test/fuzztest/services/privacy/updateseccompenhancestub_fuzzer/project.xml
rename to test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/project.xml
index 7133b2b92440904a5ed04b838733acea0f97486a..66e1dcac475475fb101b6f8670ec699e6e9696aa 100644
--- a/test/fuzztest/services/privacy/updateseccompenhancestub_fuzzer/project.xml
+++ b/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/project.xml
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="utf-8"?>
-<!-- Copyright (c) 2024 Huawei Device Co., Ltd.
+<!-- Copyright (c) 2025 Huawei Device Co., Ltd.
 
      Licensed under the Apache License, Version 2.0 (the "License");
      you may not use this file except in compliance with the License.
diff --git a/test/fuzztest/services/accesstoken/gettokenidbyuseridstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/gettokenidbyuseridstub_fuzzer/BUILD.gn
index e3bcbfcedb7ec3732c562212b29fd84cbb7c576e..78d02583e92b8d2dc70e719ca7929c12fbed3f0e 100644
--- a/test/fuzztest/services/accesstoken/gettokenidbyuseridstub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/accesstoken/gettokenidbyuseridstub_fuzzer/BUILD.gn
@@ -32,7 +32,10 @@ ohos_fuzztest("GetTokenIDByUserIDStubFuzzTest") {
 
   deps = access_token_deps
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
   external_deps = access_token_external_deps
 
diff --git a/test/fuzztest/services/accesstoken/gettokenidbyuseridstub_fuzzer/gettokenidbyuseridstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/gettokenidbyuseridstub_fuzzer/gettokenidbyuseridstub_fuzzer.cpp
index 3345a3bd2c06071a6546bb784f8b86ea5c126cbe..a3b3cc411f9d3d21e72f872acd3f080d355c8f70 100644
--- a/test/fuzztest/services/accesstoken/gettokenidbyuseridstub_fuzzer/gettokenidbyuseridstub_fuzzer.cpp
+++ b/test/fuzztest/services/accesstoken/gettokenidbyuseridstub_fuzzer/gettokenidbyuseridstub_fuzzer.cpp
@@ -18,7 +18,7 @@
 #undef private
 #include "accesstoken_fuzzdata.h"
 #include "accesstoken_manager_service.h"
-#include "i_accesstoken_manager.h"
+#include "iaccess_token_manager.h"
 
 using namespace std;
 using namespace OHOS::Security::AccessToken;
@@ -41,7 +41,7 @@ namespace OHOS {
         }
 
         uint32_t code = static_cast<uint32_t>(
-            AccessTokenInterfaceCode::GET_TOKEN_ID_BY_USER_ID);
+            IAccessTokenManagerIpcCode::COMMAND_GET_TOKEN_I_D_BY_USER_I_D);
 
         MessageParcel reply;
         MessageOption option;
diff --git a/test/fuzztest/services/accesstoken/gettokentypestub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/gettokentypestub_fuzzer/BUILD.gn
index 1a167b063f285f4acb09e4c15d0dcf7efc564bec..e19e8f3d08f88f36eb7c0f1f2052987900e34f97 100644
--- a/test/fuzztest/services/accesstoken/gettokentypestub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/accesstoken/gettokentypestub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2023 Huawei Device Co., Ltd.
+# Copyright (c) 2023-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -33,7 +33,10 @@ ohos_fuzztest("GetTokenTypeStubFuzzTest") {
 
   deps = access_token_deps
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
   external_deps = access_token_external_deps
 
diff --git a/test/fuzztest/services/accesstoken/gettokentypestub_fuzzer/gettokentypestub_fuzzer.cpp b/test/fuzztest/services/accesstoken/gettokentypestub_fuzzer/gettokentypestub_fuzzer.cpp
index f98c2ddc8309e806233fef0e6ca4453a5eab9632..7a21b62ddb31286f56d9e16be5defb2455b2d7df 100644
--- a/test/fuzztest/services/accesstoken/gettokentypestub_fuzzer/gettokentypestub_fuzzer.cpp
+++ b/test/fuzztest/services/accesstoken/gettokentypestub_fuzzer/gettokentypestub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023 Huawei Device Co., Ltd.
+ * Copyright (c) 2023-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -21,7 +21,7 @@
 #undef private
 #include "accesstoken_fuzzdata.h"
 #include "accesstoken_manager_service.h"
-#include "i_accesstoken_manager.h"
+#include "iaccess_token_manager.h"
 
 using namespace std;
 using namespace OHOS::Security::AccessToken;
@@ -42,7 +42,7 @@ namespace OHOS {
         }
 
         uint32_t code = static_cast<uint32_t>(
-            AccessTokenInterfaceCode::GET_TOKEN_TYPE);
+            IAccessTokenManagerIpcCode::COMMAND_GET_TOKEN_TYPE);
 
         MessageParcel reply;
         MessageOption option;
diff --git a/test/fuzztest/services/accesstoken/grantpermissionforspecifiedtimestub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/grantpermissionforspecifiedtimestub_fuzzer/BUILD.gn
index 5416997fc165c653ee5a109fb8556e6b740e7c66..1f4268915ac8b11f993df82d52577f3cb1aa46b0 100644
--- a/test/fuzztest/services/accesstoken/grantpermissionforspecifiedtimestub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/accesstoken/grantpermissionforspecifiedtimestub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2024 Huawei Device Co., Ltd.
+# Copyright (c) 2024-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -33,7 +33,10 @@ ohos_fuzztest("GrantPermissionForSpecifiedTimeStubFuzzTest") {
 
   deps = access_token_deps
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
   external_deps = access_token_external_deps
 
diff --git a/test/fuzztest/services/accesstoken/grantpermissionforspecifiedtimestub_fuzzer/grantpermissionforspecifiedtimestub_fuzzer.cpp b/test/fuzztest/services/accesstoken/grantpermissionforspecifiedtimestub_fuzzer/grantpermissionforspecifiedtimestub_fuzzer.cpp
index 73e4bb6959a41afd8bef0e17cff40fda3cb114df..538cb8efc1566f540c87016d859745e7bf0df8a9 100644
--- a/test/fuzztest/services/accesstoken/grantpermissionforspecifiedtimestub_fuzzer/grantpermissionforspecifiedtimestub_fuzzer.cpp
+++ b/test/fuzztest/services/accesstoken/grantpermissionforspecifiedtimestub_fuzzer/grantpermissionforspecifiedtimestub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Copyright (c) 2024-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -24,7 +24,7 @@
 #undef private
 #include "accesstoken_manager_service.h"
 #include "hap_info_parcel.h"
-#include "i_accesstoken_manager.h"
+#include "iaccess_token_manager.h"
 
 using namespace std;
 using namespace OHOS::Security::AccessToken;
@@ -49,7 +49,7 @@ namespace OHOS {
             return false;
         }
         uint32_t code = static_cast<uint32_t>(
-            AccessTokenInterfaceCode::GRANT_PERMISSION_FOR_SPECIFIEDTIME);
+            IAccessTokenManagerIpcCode::COMMAND_GRANT_PERMISSION_FOR_SPECIFIED_TIME);
 
         MessageParcel reply;
         MessageOption option;
diff --git a/test/fuzztest/services/accesstoken/grantpermissionstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/grantpermissionstub_fuzzer/BUILD.gn
index c8b6142db311fd4fa683130129a54e02501a9e95..65dfeeeef516d2b22f5606ac364082098c94df08 100644
--- a/test/fuzztest/services/accesstoken/grantpermissionstub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/accesstoken/grantpermissionstub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2023 Huawei Device Co., Ltd.
+# Copyright (c) 2023-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -33,7 +33,10 @@ ohos_fuzztest("GrantPermissionStubFuzzTest") {
 
   deps = access_token_deps
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
   external_deps = access_token_external_deps
 
diff --git a/test/fuzztest/services/accesstoken/grantpermissionstub_fuzzer/grantpermissionstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/grantpermissionstub_fuzzer/grantpermissionstub_fuzzer.cpp
index f7f3dff303ea71bdadfe143fec73b69c93f55874..4aad6e7e318ed69134361ba14d3dfb5ccd493c80 100644
--- a/test/fuzztest/services/accesstoken/grantpermissionstub_fuzzer/grantpermissionstub_fuzzer.cpp
+++ b/test/fuzztest/services/accesstoken/grantpermissionstub_fuzzer/grantpermissionstub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023 Huawei Device Co., Ltd.
+ * Copyright (c) 2023-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -26,7 +26,7 @@
 #include "accesstoken_info_manager.h"
 #include "accesstoken_kit.h"
 #include "accesstoken_manager_service.h"
-#include "i_accesstoken_manager.h"
+#include "iaccess_token_manager.h"
 #include "token_setproc.h"
 
 using namespace std;
@@ -65,7 +65,7 @@ namespace OHOS {
         }
 
         uint32_t code = static_cast<uint32_t>(
-            AccessTokenInterfaceCode::GRANT_PERMISSION);
+            IAccessTokenManagerIpcCode::COMMAND_GRANT_PERMISSION);
 
         MessageParcel reply;
         MessageOption option;
@@ -75,7 +75,11 @@ namespace OHOS {
             AccessTokenIDEx tokenIdEx = AccessTokenKit::AllocHapToken(g_InfoParms, g_PolicyPrams);
             tokenIdHap = tokenIdEx.tokenIDEx;
             SetSelfTokenID(tokenIdHap);
-            AccessTokenInfoManager::GetInstance().Init();
+            uint32_t hapSize = 0;
+            uint32_t nativeSize = 0;
+            uint32_t pefDefSize = 0;
+            uint32_t dlpSize = 0;
+            AccessTokenInfoManager::GetInstance().Init(hapSize, nativeSize, pefDefSize, dlpSize);
         }
         bool enable = ((size % CONSTANTS_NUMBER_TWO) == 0);
         if (enable) {
diff --git a/test/fuzztest/services/accesstoken/inithaptokenstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/inithaptokenstub_fuzzer/BUILD.gn
index 5b707634a7b65fa386bc0b7478983a39480f73ed..4b1e8c6f26c9bdeda97fe3e99ca2c7d2ae84c454 100644
--- a/test/fuzztest/services/accesstoken/inithaptokenstub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/accesstoken/inithaptokenstub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2024 Huawei Device Co., Ltd.
+# Copyright (c) 2024-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -33,7 +33,10 @@ ohos_fuzztest("InitHapTokenStubFuzzTest") {
 
   deps = access_token_deps
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
   external_deps = access_token_external_deps
 
diff --git a/test/fuzztest/services/accesstoken/inithaptokenstub_fuzzer/inithaptokenstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/inithaptokenstub_fuzzer/inithaptokenstub_fuzzer.cpp
index 13fa49d2a6d74711f38502f802ef4fce46e935a8..ea023f93c3739ba0fdfd31329b32cebbf683f643 100644
--- a/test/fuzztest/services/accesstoken/inithaptokenstub_fuzzer/inithaptokenstub_fuzzer.cpp
+++ b/test/fuzztest/services/accesstoken/inithaptokenstub_fuzzer/inithaptokenstub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Copyright (c) 2024-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -24,7 +24,7 @@
 #undef private
 #include "accesstoken_manager_service.h"
 #include "hap_info_parcel.h"
-#include "i_accesstoken_manager.h"
+#include "iaccess_token_manager.h"
 
 using namespace std;
 using namespace OHOS::Security::AccessToken;
@@ -93,7 +93,7 @@ namespace OHOS {
         }
 
         uint32_t code = static_cast<uint32_t>(
-            AccessTokenInterfaceCode::INIT_TOKEN_HAP);
+            IAccessTokenManagerIpcCode::COMMAND_INIT_HAP_TOKEN);
 
         MessageParcel reply;
         MessageOption option;
diff --git a/test/fuzztest/services/accesstoken/inituserpolicystub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/inituserpolicystub_fuzzer/BUILD.gn
index ac370e1470d1cf836016e8874f98dd016eb1c678..33e4bf96f54927076b2ebcca6850d49e65a4b5fb 100644
--- a/test/fuzztest/services/accesstoken/inituserpolicystub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/accesstoken/inituserpolicystub_fuzzer/BUILD.gn
@@ -34,7 +34,10 @@ ohos_fuzztest("InitUserPolicyStubFuzzTest") {
   deps = access_token_deps
   deps += [ "${access_token_path}/interfaces/innerkits/nativetoken:libnativetoken_shared" ]
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
   external_deps = access_token_external_deps
 
diff --git a/test/fuzztest/services/accesstoken/inituserpolicystub_fuzzer/inituserpolicystub_fuzzer.cpp b/test/fuzztest/services/accesstoken/inituserpolicystub_fuzzer/inituserpolicystub_fuzzer.cpp
index 1184c309aad13fde07a8a13900a9de0c3e0b5778..f4b01a42cd6cf7178e6b414ab9cf69bfff3753a3 100644
--- a/test/fuzztest/services/accesstoken/inituserpolicystub_fuzzer/inituserpolicystub_fuzzer.cpp
+++ b/test/fuzztest/services/accesstoken/inituserpolicystub_fuzzer/inituserpolicystub_fuzzer.cpp
@@ -23,7 +23,7 @@
 #include "accesstoken_fuzzdata.h"
 #include "accesstoken_kit.h"
 #include "accesstoken_manager_service.h"
-#include "i_accesstoken_manager.h"
+#include "iaccess_token_manager.h"
 #include "nativetoken_kit.h"
 #include "token_setproc.h"
 
@@ -93,7 +93,7 @@ namespace OHOS {
         }
 
         uint32_t code = static_cast<uint32_t>(
-            AccessTokenInterfaceCode::INIT_USER_POLICY);
+            IAccessTokenManagerIpcCode::COMMAND_INIT_USER_POLICY);
 
         MessageParcel reply;
         MessageOption option;
diff --git a/test/fuzztest/services/accesstoken/registerpermstatechangecallbackstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/registerpermstatechangecallbackstub_fuzzer/BUILD.gn
index 155806b6908103192c78b4c3cc10cf00b66376ba..11a3e6545699a83398a14b237ef223877b2e9abb 100644
--- a/test/fuzztest/services/accesstoken/registerpermstatechangecallbackstub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/accesstoken/registerpermstatechangecallbackstub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2023 Huawei Device Co., Ltd.
+# Copyright (c) 2023-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -33,7 +33,10 @@ ohos_fuzztest("RegisterPermStateChangeCallbackStubFuzzTest") {
 
   deps = access_token_deps
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
   external_deps = access_token_external_deps
 
diff --git a/test/fuzztest/services/accesstoken/registerpermstatechangecallbackstub_fuzzer/registerpermstatechangecallbackstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/registerpermstatechangecallbackstub_fuzzer/registerpermstatechangecallbackstub_fuzzer.cpp
index 251cfd7d90fbb90a31252ad2ae1ce5ae917e2e98..b37d7b402981e33081c5d5a7da44f733814700d1 100644
--- a/test/fuzztest/services/accesstoken/registerpermstatechangecallbackstub_fuzzer/registerpermstatechangecallbackstub_fuzzer.cpp
+++ b/test/fuzztest/services/accesstoken/registerpermstatechangecallbackstub_fuzzer/registerpermstatechangecallbackstub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023 Huawei Device Co., Ltd.
+ * Copyright (c) 2023-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -22,7 +22,7 @@
 #include "accesstoken_fuzzdata.h"
 #include "accesstoken_manager_client.h"
 #include "accesstoken_manager_service.h"
-#include "i_accesstoken_manager.h"
+#include "iaccess_token_manager.h"
 
 using namespace std;
 using namespace OHOS::Security::AccessToken;
@@ -77,7 +77,7 @@ namespace OHOS {
             }
 
         uint32_t code = static_cast<uint32_t>(
-            AccessTokenInterfaceCode::REGISTER_PERM_STATE_CHANGE_CALLBACK);
+            IAccessTokenManagerIpcCode::COMMAND_REGISTER_PERM_STATE_CHANGE_CALLBACK);
 
         MessageParcel reply;
         MessageOption option;
diff --git a/test/fuzztest/services/privacy/registerseccompenhancestub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/registerseccompenhancestub_fuzzer/BUILD.gn
similarity index 61%
rename from test/fuzztest/services/privacy/registerseccompenhancestub_fuzzer/BUILD.gn
rename to test/fuzztest/services/accesstoken/registerseccompenhancestub_fuzzer/BUILD.gn
index 7e2be9f5b4a79c20ba34538909c52100eca32d42..dff5a98d700b8573508377536d56031e9cf364d6 100644
--- a/test/fuzztest/services/privacy/registerseccompenhancestub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/accesstoken/registerseccompenhancestub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2024 Huawei Device Co., Ltd.
+# Copyright (c) 2024-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -14,10 +14,10 @@
 import("//build/config/features.gni")
 import("//build/test.gni")
 import("../../../../../access_token.gni")
-import("../privacy_service_fuzz.gni")
+import("../access_token_service_fuzz.gni")
 
 ohos_fuzztest("RegisterSecCompEnhanceStubFuzzTest") {
-  module_out_path = module_output_path_service_privacy
+  module_out_path = module_output_path_service_access_token
   fuzz_config_file = "."
 
   sources = [ "registerseccompenhancestub_fuzzer.cpp" ]
@@ -29,24 +29,23 @@ ohos_fuzztest("RegisterSecCompEnhanceStubFuzzTest") {
     "-fno-omit-frame-pointer",
   ]
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
-
-  include_dirs = privacy_include_dirs
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
-  sources += privacy_sources
-  sources += [ "${access_token_path}/services/privacymanager/src/seccomp/privacy_sec_comp_enhance_agent.cpp" ]
+  include_dirs = access_token_include_dirs
 
-  defines = privacy_defines
+  sources += access_token_sources
+  sources += [ "${access_token_path}/services/accesstokenmanager/main/cpp/src/seccomp/sec_comp_enhance_agent.cpp" ]
 
-  cflags_cc = privacy_cflags_cc
+  cflags_cc = access_token_cflags_cc
   cflags_cc += [
     "-DSECURITY_COMPONENT_ENHANCE_ENABLE",
     "-DTOKEN_SYNC_ENABLE",
   ]
 
-  deps = privacy_deps
-
-  deps += [ "${access_token_path}/interfaces/innerkits/privacy:libprivacy_sdk" ]
+  deps = access_token_deps
 
-  external_deps = privacy_external_deps
+  external_deps = access_token_external_deps
 }
diff --git a/test/fuzztest/services/privacy/getseccompenhancestub_fuzzer/corpus/init b/test/fuzztest/services/accesstoken/registerseccompenhancestub_fuzzer/corpus/init
similarity index 100%
rename from test/fuzztest/services/privacy/getseccompenhancestub_fuzzer/corpus/init
rename to test/fuzztest/services/accesstoken/registerseccompenhancestub_fuzzer/corpus/init
diff --git a/test/fuzztest/innerkits/privacy/registerseccompenhance_fuzzer/project.xml b/test/fuzztest/services/accesstoken/registerseccompenhancestub_fuzzer/project.xml
similarity index 100%
rename from test/fuzztest/innerkits/privacy/registerseccompenhance_fuzzer/project.xml
rename to test/fuzztest/services/accesstoken/registerseccompenhancestub_fuzzer/project.xml
diff --git a/test/fuzztest/services/privacy/registerseccompenhancestub_fuzzer/registerseccompenhancestub_fuzzer.cpp b/test/fuzztest/services/accesstoken/registerseccompenhancestub_fuzzer/registerseccompenhancestub_fuzzer.cpp
similarity index 87%
rename from test/fuzztest/services/privacy/registerseccompenhancestub_fuzzer/registerseccompenhancestub_fuzzer.cpp
rename to test/fuzztest/services/accesstoken/registerseccompenhancestub_fuzzer/registerseccompenhancestub_fuzzer.cpp
index 79a248074ec8d9161823b57e50f1bea024249d65..fcc5821c9c7cf1cc7935275393fb80b6d8341fb6 100644
--- a/test/fuzztest/services/privacy/registerseccompenhancestub_fuzzer/registerseccompenhancestub_fuzzer.cpp
+++ b/test/fuzztest/services/accesstoken/registerseccompenhancestub_fuzzer/registerseccompenhancestub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Copyright (c) 2024-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -21,14 +21,14 @@
 
 #include "accesstoken_callbacks.h"
 #include "accesstoken_fuzzdata.h"
+#include "accesstoken_manager_service.h"
 #undef private
 #include "errors.h"
 #include "hap_token_info.h"
-#include "i_privacy_manager.h"
+#include "iaccess_token_manager.h"
 #include "on_permission_used_record_callback_stub.h"
 #include "permission_used_request.h"
 #include "permission_used_request_parcel.h"
-#include "privacy_manager_service.h"
 #include "securec.h"
 #include "token_sync_kit_interface.h"
 
@@ -86,16 +86,16 @@ public:
         enhance.enhanceData = secData;
 
         MessageParcel datas;
-        datas.WriteInterfaceToken(IPrivacyManager::GetDescriptor());
+        datas.WriteInterfaceToken(IAccessTokenManager::GetDescriptor());
         if (!datas.WriteParcelable(&enhance)) {
             return false;
         }
 
-        uint32_t code = static_cast<uint32_t>(PrivacyInterfaceCode::REGISTER_SEC_COMP_ENHANCE);
+        uint32_t code = static_cast<uint32_t>(IAccessTokenManagerIpcCode::COMMAND_REGISTER_SEC_COMP_ENHANCE);
 
         MessageParcel reply;
         MessageOption option;
-        DelayedSingleton<PrivacyManagerService>::GetInstance()->OnRemoteRequest(code, datas, reply, option);
+        DelayedSingleton<AccessTokenManagerService>::GetInstance()->OnRemoteRequest(code, datas, reply, option);
 
         return true;
     }
diff --git a/test/fuzztest/services/privacy/registerseccompenhancestub_fuzzer/registerseccompenhancestub_fuzzer.h b/test/fuzztest/services/accesstoken/registerseccompenhancestub_fuzzer/registerseccompenhancestub_fuzzer.h
similarity index 100%
rename from test/fuzztest/services/privacy/registerseccompenhancestub_fuzzer/registerseccompenhancestub_fuzzer.h
rename to test/fuzztest/services/accesstoken/registerseccompenhancestub_fuzzer/registerseccompenhancestub_fuzzer.h
diff --git a/test/fuzztest/services/accesstoken/registerselfpermstatechangecallbackstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/registerselfpermstatechangecallbackstub_fuzzer/BUILD.gn
index cdb19e0afb3eaa63eee042980cbc88ff762e4be1..63c5b686e807d24c43fbfdc147b81e70971647d4 100644
--- a/test/fuzztest/services/accesstoken/registerselfpermstatechangecallbackstub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/accesstoken/registerselfpermstatechangecallbackstub_fuzzer/BUILD.gn
@@ -34,7 +34,10 @@ ohos_fuzztest("RegisterSelfPermStateChangeCallbackStubFuzzTest") {
   deps = access_token_deps
   deps += [ "${access_token_path}/interfaces/innerkits/nativetoken:libnativetoken_shared" ]
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
   external_deps = access_token_external_deps
 
diff --git a/test/fuzztest/services/accesstoken/registerselfpermstatechangecallbackstub_fuzzer/registerselfpermstatechangecallbackstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/registerselfpermstatechangecallbackstub_fuzzer/registerselfpermstatechangecallbackstub_fuzzer.cpp
index 946e7fa59c3976efa2b6236405742a702ca7e315..4d35d90e5e6d883d56dee8e8e05a8b2d67d3a43c 100644
--- a/test/fuzztest/services/accesstoken/registerselfpermstatechangecallbackstub_fuzzer/registerselfpermstatechangecallbackstub_fuzzer.cpp
+++ b/test/fuzztest/services/accesstoken/registerselfpermstatechangecallbackstub_fuzzer/registerselfpermstatechangecallbackstub_fuzzer.cpp
@@ -26,7 +26,7 @@
 #include "accesstoken_kit.h"
 #include "accesstoken_manager_client.h"
 #include "accesstoken_manager_service.h"
-#include "i_accesstoken_manager.h"
+#include "iaccess_token_manager.h"
 #include "token_setproc.h"
 
 using namespace std;
@@ -110,7 +110,7 @@ namespace OHOS {
         }
 
         uint32_t code = static_cast<uint32_t>(
-            AccessTokenInterfaceCode::REGISTER_SELF_PERM_STATE_CHANGE_CALLBACK);
+            IAccessTokenManagerIpcCode::COMMAND_REGISTER_SELF_PERM_STATE_CHANGE_CALLBACK);
 
         MessageParcel reply;
         MessageOption option;
diff --git a/test/fuzztest/services/accesstoken/requestapppermonsettingstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/requestapppermonsettingstub_fuzzer/BUILD.gn
index 7972f3712181095e28fa4ef5e5d80b53663ff13a..9e06d8b295ffb4c1ad66c6c53aea1f0a1cb0a3b1 100644
--- a/test/fuzztest/services/accesstoken/requestapppermonsettingstub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/accesstoken/requestapppermonsettingstub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2024 Huawei Device Co., Ltd.
+# Copyright (c) 2024-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -33,7 +33,10 @@ ohos_fuzztest("RequestAppPermOnSettingStubFuzzTest") {
 
   deps = access_token_deps
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
   external_deps = access_token_external_deps
 
diff --git a/test/fuzztest/services/accesstoken/requestapppermonsettingstub_fuzzer/requestapppermonsettingstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/requestapppermonsettingstub_fuzzer/requestapppermonsettingstub_fuzzer.cpp
index 4c65417afa86030ece0cec5ba6ee0d4a04639713..bcd22753e8ff3743bb80bd3cb1f97a66ee4eb6f5 100644
--- a/test/fuzztest/services/accesstoken/requestapppermonsettingstub_fuzzer/requestapppermonsettingstub_fuzzer.cpp
+++ b/test/fuzztest/services/accesstoken/requestapppermonsettingstub_fuzzer/requestapppermonsettingstub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Copyright (c) 2024-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -21,7 +21,7 @@
 #undef private
 #include "accesstoken_fuzzdata.h"
 #include "accesstoken_manager_service.h"
-#include "i_accesstoken_manager.h"
+#include "iaccess_token_manager.h"
 
 using namespace std;
 using namespace OHOS::Security::AccessToken;
@@ -42,7 +42,7 @@ namespace OHOS {
             return false;
         }
 
-        uint32_t code = static_cast<uint32_t>(AccessTokenInterfaceCode::REQUEST_APP_PERM_ON_SETTING);
+        uint32_t code = static_cast<uint32_t>(IAccessTokenManagerIpcCode::COMMAND_REQUEST_APP_PERM_ON_SETTING);
 
         MessageParcel reply;
         MessageOption option;
diff --git a/test/fuzztest/services/accesstoken/revokepermissionstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/revokepermissionstub_fuzzer/BUILD.gn
index de933d784862cd1a9b3a940aad24f101b6644e99..5e81544fcf06101694bbdd1621e84e3ed6107b58 100644
--- a/test/fuzztest/services/accesstoken/revokepermissionstub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/accesstoken/revokepermissionstub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2023 Huawei Device Co., Ltd.
+# Copyright (c) 2023-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -33,7 +33,10 @@ ohos_fuzztest("RevokePermissionStubFuzzTest") {
 
   deps = access_token_deps
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
   external_deps = access_token_external_deps
 
diff --git a/test/fuzztest/services/accesstoken/revokepermissionstub_fuzzer/revokepermissionstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/revokepermissionstub_fuzzer/revokepermissionstub_fuzzer.cpp
index aab7e2a752c3a758ded5c089ec32d3c86892abeb..30d69e7df101d4003741b160ad494bdb20cfc6e6 100644
--- a/test/fuzztest/services/accesstoken/revokepermissionstub_fuzzer/revokepermissionstub_fuzzer.cpp
+++ b/test/fuzztest/services/accesstoken/revokepermissionstub_fuzzer/revokepermissionstub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023 Huawei Device Co., Ltd.
+ * Copyright (c) 2023-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -23,7 +23,7 @@
 #undef private
 #include "accesstoken_fuzzdata.h"
 #include "accesstoken_manager_service.h"
-#include "i_accesstoken_manager.h"
+#include "iaccess_token_manager.h"
 
 using namespace std;
 using namespace OHOS::Security::AccessToken;
@@ -48,7 +48,7 @@ namespace OHOS {
             return false;
         }
         uint32_t code = static_cast<uint32_t>(
-            AccessTokenInterfaceCode::REVOKE_PERMISSION);
+            IAccessTokenManagerIpcCode::COMMAND_REVOKE_PERMISSION);
 
         MessageParcel reply;
         MessageOption option;
diff --git a/test/fuzztest/services/accesstoken/setpermdialogcap_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/setpermdialogcap_fuzzer/BUILD.gn
index 81f75417dd0323cfded1a32ec707f5cd8c85d430..c240203ea66a076bdba65571806e29ae6073d35d 100644
--- a/test/fuzztest/services/accesstoken/setpermdialogcap_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/accesstoken/setpermdialogcap_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2023 Huawei Device Co., Ltd.
+# Copyright (c) 2023-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -33,7 +33,10 @@ ohos_fuzztest("SetPermDialogCapFuzzTest") {
   deps = access_token_deps
   deps += [ "${access_token_path}/interfaces/innerkits/nativetoken:libnativetoken_shared" ]
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
   external_deps = access_token_external_deps
 
diff --git a/test/fuzztest/services/accesstoken/setpermdialogcap_fuzzer/setpermdialogcap_fuzzer.cpp b/test/fuzztest/services/accesstoken/setpermdialogcap_fuzzer/setpermdialogcap_fuzzer.cpp
index 153e3bbd22af5ec34ce1b0757348a9fc8d87b288..994193a1a4edfcc3e4372b30611b7aced4385bdc 100644
--- a/test/fuzztest/services/accesstoken/setpermdialogcap_fuzzer/setpermdialogcap_fuzzer.cpp
+++ b/test/fuzztest/services/accesstoken/setpermdialogcap_fuzzer/setpermdialogcap_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023 Huawei Device Co., Ltd.
+ * Copyright (c) 2023-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -23,7 +23,7 @@
 #include "accesstoken_fuzzdata.h"
 #include "accesstoken_kit.h"
 #include "accesstoken_manager_service.h"
-#include "i_accesstoken_manager.h"
+#include "iaccess_token_manager.h"
 #include "nativetoken_kit.h"
 #include "securec.h"
 #include "token_setproc.h"
@@ -72,7 +72,7 @@ namespace OHOS {
         if (!datas.WriteParcelable(&baseInfoParcel)) {
             return false;
         }
-        uint32_t code = static_cast<uint32_t>(AccessTokenInterfaceCode::SET_PERM_DIALOG_CAPABILITY);
+        uint32_t code = static_cast<uint32_t>(IAccessTokenManagerIpcCode::COMMAND_SET_PERM_DIALOG_CAP);
 
         MessageParcel reply;
         MessageOption option;
diff --git a/test/fuzztest/services/accesstoken/setpermissionrequesttogglestatusstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/setpermissionrequesttogglestatusstub_fuzzer/BUILD.gn
index 7a7623c5f96775c1f17b978c742ac0d326785f22..2bf1efcd27a90b6e046fc4b8a38d502d56a17374 100644
--- a/test/fuzztest/services/accesstoken/setpermissionrequesttogglestatusstub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/accesstoken/setpermissionrequesttogglestatusstub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2024 Huawei Device Co., Ltd.
+# Copyright (c) 2024-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -33,7 +33,10 @@ ohos_fuzztest("SetPermissionRequestToggleStatusStubFuzzTest") {
 
   deps = access_token_deps
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
   external_deps = access_token_external_deps
 
diff --git a/test/fuzztest/services/accesstoken/setpermissionrequesttogglestatusstub_fuzzer/setpermissionrequesttogglestatusstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/setpermissionrequesttogglestatusstub_fuzzer/setpermissionrequesttogglestatusstub_fuzzer.cpp
index c2934d01648a974c8cb78b5da67847a07de8758b..7e98d58607a4accec0b6e026b687f7b7eb61db49 100644
--- a/test/fuzztest/services/accesstoken/setpermissionrequesttogglestatusstub_fuzzer/setpermissionrequesttogglestatusstub_fuzzer.cpp
+++ b/test/fuzztest/services/accesstoken/setpermissionrequesttogglestatusstub_fuzzer/setpermissionrequesttogglestatusstub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Copyright (c) 2024-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -23,7 +23,7 @@
 #undef private
 #include "accesstoken_fuzzdata.h"
 #include "accesstoken_manager_service.h"
-#include "i_accesstoken_manager.h"
+#include "iaccess_token_manager.h"
 
 using namespace std;
 using namespace OHOS::Security::AccessToken;
@@ -49,7 +49,7 @@ namespace OHOS {
         }
 
         uint32_t code = static_cast<uint32_t>(
-            AccessTokenInterfaceCode::SET_PERMISSION_REQUEST_TOGGLE_STATUS);
+            IAccessTokenManagerIpcCode::COMMAND_SET_PERMISSION_REQUEST_TOGGLE_STATUS);
 
         MessageParcel reply;
         MessageOption option;
diff --git a/test/fuzztest/services/accesstoken/setremotehaptokeninfostub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/setremotehaptokeninfostub_fuzzer/BUILD.gn
index 35fa2dfe5376b32b27024681bc8c20e8efe5b712..66b3dfb0455b7d72a2b0ddddb4e089c5700cba41 100644
--- a/test/fuzztest/services/accesstoken/setremotehaptokeninfostub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/accesstoken/setremotehaptokeninfostub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2023 Huawei Device Co., Ltd.
+# Copyright (c) 2023-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -33,7 +33,10 @@ ohos_fuzztest("SetRemoteHapTokenInfoStubFuzzTest") {
 
   deps = access_token_deps
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
   external_deps = access_token_external_deps
 
diff --git a/test/fuzztest/services/accesstoken/setremotehaptokeninfostub_fuzzer/setremotehaptokeninfostub_fuzzer.cpp b/test/fuzztest/services/accesstoken/setremotehaptokeninfostub_fuzzer/setremotehaptokeninfostub_fuzzer.cpp
index 8cda4c996b4890eaa1120f6087f36ebc238a9ad0..5e224d983bbf843c446ab28fbed83e72b0b8d91e 100644
--- a/test/fuzztest/services/accesstoken/setremotehaptokeninfostub_fuzzer/setremotehaptokeninfostub_fuzzer.cpp
+++ b/test/fuzztest/services/accesstoken/setremotehaptokeninfostub_fuzzer/setremotehaptokeninfostub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023 Huawei Device Co., Ltd.
+ * Copyright (c) 2023-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -24,7 +24,7 @@
 #include "accesstoken_info_manager.h"
 #include "accesstoken_kit.h"
 #include "accesstoken_manager_service.h"
-#include "i_accesstoken_manager.h"
+#include "iaccess_token_manager.h"
 #include "permission_state_full.h"
 #include "token_setproc.h"
 
@@ -88,7 +88,7 @@ namespace OHOS {
         }
 
         uint32_t code = static_cast<uint32_t>(
-            AccessTokenInterfaceCode::SET_REMOTE_HAP_TOKEN_INFO);
+            IAccessTokenManagerIpcCode::COMMAND_SET_REMOTE_HAP_TOKEN_INFO);
 
         MessageParcel reply;
         MessageOption option;
@@ -96,7 +96,11 @@ namespace OHOS {
         if (enable) {
             AccessTokenID accesstoken = AccessTokenKit::GetNativeTokenId("token_sync_service");
             SetSelfTokenID(accesstoken);
-            AccessTokenInfoManager::GetInstance().Init();
+            uint32_t hapSize = 0;
+            uint32_t nativeSize = 0;
+            uint32_t pefDefSize = 0;
+            uint32_t dlpSize = 0;
+            AccessTokenInfoManager::GetInstance().Init(hapSize, nativeSize, pefDefSize, dlpSize);
         }
         DelayedSingleton<AccessTokenManagerService>::GetInstance()->OnRemoteRequest(code, datas, reply, option);
         AccessTokenID hdcd = AccessTokenKit::GetNativeTokenId("hdcd");
diff --git a/test/fuzztest/services/accesstoken/updatehaptokenstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/updatehaptokenstub_fuzzer/BUILD.gn
index 7b73bb9b50bb9a01fedade3060f04f44139eb644..31a7c5de20aeb5c5481166411a5de2e43985f134 100644
--- a/test/fuzztest/services/accesstoken/updatehaptokenstub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/accesstoken/updatehaptokenstub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2023 Huawei Device Co., Ltd.
+# Copyright (c) 2023-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -33,7 +33,10 @@ ohos_fuzztest("UpdateHapTokenStubFuzzTest") {
 
   deps = access_token_deps
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
   external_deps = access_token_external_deps
 
diff --git a/test/fuzztest/services/accesstoken/updatehaptokenstub_fuzzer/updatehaptokenstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/updatehaptokenstub_fuzzer/updatehaptokenstub_fuzzer.cpp
index 939f5f390799ccbce13b60cb6b3fca280a81c7af..e9763360a32ce92624f6fa8f7668297115e2ad37 100644
--- a/test/fuzztest/services/accesstoken/updatehaptokenstub_fuzzer/updatehaptokenstub_fuzzer.cpp
+++ b/test/fuzztest/services/accesstoken/updatehaptokenstub_fuzzer/updatehaptokenstub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023 Huawei Device Co., Ltd.
+ * Copyright (c) 2023-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -80,7 +80,7 @@ namespace OHOS {
         if (!datas.WriteParcelable(&hapPolicyParcel)) {
             return false;
         }
-        uint32_t code = static_cast<uint32_t>(AccessTokenInterfaceCode::UPDATE_HAP_TOKEN);
+        uint32_t code = static_cast<uint32_t>(IAccessTokenManagerIpcCode::COMMAND_UPDATE_HAP_TOKEN);
         MessageParcel reply;
         MessageOption option;
         bool enable = ((size % CONSTANTS_NUMBER_TWO) == 0);
diff --git a/test/fuzztest/services/privacy/updateseccompenhancestub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/updateseccompenhancestub_fuzzer/BUILD.gn
similarity index 60%
rename from test/fuzztest/services/privacy/updateseccompenhancestub_fuzzer/BUILD.gn
rename to test/fuzztest/services/accesstoken/updateseccompenhancestub_fuzzer/BUILD.gn
index d97ec3ca21304560e79868572f02c836577e1003..e0a547359e2101fcfd916a4f76496b3ce5dd8157 100644
--- a/test/fuzztest/services/privacy/updateseccompenhancestub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/accesstoken/updateseccompenhancestub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2024 Huawei Device Co., Ltd.
+# Copyright (c) 2024-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -14,10 +14,10 @@
 import("//build/config/features.gni")
 import("//build/test.gni")
 import("../../../../../access_token.gni")
-import("../privacy_service_fuzz.gni")
+import("../access_token_service_fuzz.gni")
 
 ohos_fuzztest("UpdateSecCompEnhanceStubFuzzTest") {
-  module_out_path = module_output_path_service_privacy
+  module_out_path = module_output_path_service_access_token
   fuzz_config_file = "."
 
   sources = [ "updateseccompenhancestub_fuzzer.cpp" ]
@@ -29,21 +29,20 @@ ohos_fuzztest("UpdateSecCompEnhanceStubFuzzTest") {
     "-fno-omit-frame-pointer",
   ]
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
-
-  include_dirs = privacy_include_dirs
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
-  sources += privacy_sources
-  sources += [ "${access_token_path}/services/privacymanager/src/seccomp/privacy_sec_comp_enhance_agent.cpp" ]
+  include_dirs = access_token_include_dirs
 
-  defines = privacy_defines
+  sources += access_token_sources
+  sources += [ "${access_token_path}/services/accesstokenmanager/main/cpp/src/seccomp/sec_comp_enhance_agent.cpp" ]
 
-  cflags_cc = privacy_cflags_cc
+  cflags_cc = access_token_cflags_cc
   cflags_cc += [ "-DSECURITY_COMPONENT_ENHANCE_ENABLE" ]
 
-  deps = privacy_deps
-
-  deps += [ "${access_token_path}/interfaces/innerkits/privacy:libprivacy_sdk" ]
+  deps = access_token_deps
 
-  external_deps = privacy_external_deps
+  external_deps = access_token_external_deps
 }
diff --git a/test/fuzztest/services/privacy/getspecialseccompenhancestub_fuzzer/corpus/init b/test/fuzztest/services/accesstoken/updateseccompenhancestub_fuzzer/corpus/init
similarity index 100%
rename from test/fuzztest/services/privacy/getspecialseccompenhancestub_fuzzer/corpus/init
rename to test/fuzztest/services/accesstoken/updateseccompenhancestub_fuzzer/corpus/init
diff --git a/test/fuzztest/innerkits/privacy/updateseccompenhance_fuzzer/project.xml b/test/fuzztest/services/accesstoken/updateseccompenhancestub_fuzzer/project.xml
similarity index 100%
rename from test/fuzztest/innerkits/privacy/updateseccompenhance_fuzzer/project.xml
rename to test/fuzztest/services/accesstoken/updateseccompenhancestub_fuzzer/project.xml
diff --git a/test/fuzztest/services/privacy/updateseccompenhancestub_fuzzer/updateseccompenhancestub_fuzzer.cpp b/test/fuzztest/services/accesstoken/updateseccompenhancestub_fuzzer/updateseccompenhancestub_fuzzer.cpp
similarity index 80%
rename from test/fuzztest/services/privacy/updateseccompenhancestub_fuzzer/updateseccompenhancestub_fuzzer.cpp
rename to test/fuzztest/services/accesstoken/updateseccompenhancestub_fuzzer/updateseccompenhancestub_fuzzer.cpp
index 28b4600067640545d551d64976c4d4042d17b57a..c8ecc626e985a5327a6617e7f60fee7f0abf19e1 100644
--- a/test/fuzztest/services/privacy/updateseccompenhancestub_fuzzer/updateseccompenhancestub_fuzzer.cpp
+++ b/test/fuzztest/services/accesstoken/updateseccompenhancestub_fuzzer/updateseccompenhancestub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Copyright (c) 2024-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -20,13 +20,13 @@
 #include <vector>
 
 #include "accesstoken_fuzzdata.h"
+#include "accesstoken_manager_service.h"
 #undef private
 #include "errors.h"
-#include "i_privacy_manager.h"
+#include "iaccess_token_manager.h"
 #include "on_permission_used_record_callback_stub.h"
 #include "permission_used_request.h"
 #include "permission_used_request_parcel.h"
-#include "privacy_manager_service.h"
 
 using namespace std;
 using namespace OHOS::Security::AccessToken;
@@ -41,7 +41,7 @@ namespace OHOS {
         AccessTokenFuzzData fuzzData(data, size);
 
         MessageParcel datas;
-        datas.WriteInterfaceToken(IPrivacyManager::GetDescriptor());
+        datas.WriteInterfaceToken(IAccessTokenManager::GetDescriptor());
         if (!datas.WriteInt32(fuzzData.GetData<int32_t>())) {
             return false;
         }
@@ -50,11 +50,11 @@ namespace OHOS {
             return false;
         }
 
-        uint32_t code = static_cast<uint32_t>(PrivacyInterfaceCode::UPDATE_SEC_COMP_ENHANCE);
+        uint32_t code = static_cast<uint32_t>(IAccessTokenManagerIpcCode::COMMAND_UPDATE_SEC_COMP_ENHANCE);
 
         MessageParcel reply;
         MessageOption option;
-        DelayedSingleton<PrivacyManagerService>::GetInstance()->OnRemoteRequest(code, datas, reply, option);
+        DelayedSingleton<AccessTokenManagerService>::GetInstance()->OnRemoteRequest(code, datas, reply, option);
 
         return true;
     }
diff --git a/test/fuzztest/services/privacy/updateseccompenhancestub_fuzzer/updateseccompenhancestub_fuzzer.h b/test/fuzztest/services/accesstoken/updateseccompenhancestub_fuzzer/updateseccompenhancestub_fuzzer.h
similarity index 100%
rename from test/fuzztest/services/privacy/updateseccompenhancestub_fuzzer/updateseccompenhancestub_fuzzer.h
rename to test/fuzztest/services/accesstoken/updateseccompenhancestub_fuzzer/updateseccompenhancestub_fuzzer.h
diff --git a/test/fuzztest/services/accesstoken/updateuserpolicystub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/updateuserpolicystub_fuzzer/BUILD.gn
index 3d21d687f7d335c0a2e445b1ce8a8cba0985a484..3a5c065745c952f69cb74e80886f65db8ee3b1f1 100644
--- a/test/fuzztest/services/accesstoken/updateuserpolicystub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/accesstoken/updateuserpolicystub_fuzzer/BUILD.gn
@@ -34,7 +34,10 @@ ohos_fuzztest("UpdateUserPolicyStubFuzzTest") {
   deps = access_token_deps
   deps += [ "${access_token_path}/interfaces/innerkits/nativetoken:libnativetoken_shared" ]
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
   external_deps = access_token_external_deps
 
diff --git a/test/fuzztest/services/accesstoken/updateuserpolicystub_fuzzer/updateuserpolicystub_fuzzer.cpp b/test/fuzztest/services/accesstoken/updateuserpolicystub_fuzzer/updateuserpolicystub_fuzzer.cpp
index c0a8edc5d11725c62c29741e9c52847ce803943f..0714eab49649697a9dfbec66f8633a73e780cc9c 100644
--- a/test/fuzztest/services/accesstoken/updateuserpolicystub_fuzzer/updateuserpolicystub_fuzzer.cpp
+++ b/test/fuzztest/services/accesstoken/updateuserpolicystub_fuzzer/updateuserpolicystub_fuzzer.cpp
@@ -23,7 +23,7 @@
 #include "accesstoken_fuzzdata.h"
 #include "accesstoken_kit.h"
 #include "accesstoken_manager_service.h"
-#include "i_accesstoken_manager.h"
+#include "iaccess_token_manager.h"
 #include "nativetoken_kit.h"
 #include "token_setproc.h"
 
@@ -85,7 +85,7 @@ namespace OHOS {
         }
 
         uint32_t code = static_cast<uint32_t>(
-            AccessTokenInterfaceCode::UPDATE_USER_POLICY);
+            IAccessTokenManagerIpcCode::COMMAND_UPDATE_USER_POLICY);
 
         MessageParcel reply;
         MessageOption option;
diff --git a/test/fuzztest/services/accesstoken/verifyaccesstokenstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/verifyaccesstokenstub_fuzzer/BUILD.gn
index 3187a41a1b91fa20f4e3087308557e6207a485c4..47672fbf17d91ed8b181def6382ca04a9c9abce6 100644
--- a/test/fuzztest/services/accesstoken/verifyaccesstokenstub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/accesstoken/verifyaccesstokenstub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2023 Huawei Device Co., Ltd.
+# Copyright (c) 2023-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -33,7 +33,10 @@ ohos_fuzztest("VerifyAccessTokenStubFuzzTest") {
 
   deps = access_token_deps
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
   external_deps = access_token_external_deps
 
diff --git a/test/fuzztest/services/accesstoken/verifyaccesstokenstub_fuzzer/verifyaccesstokenstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/verifyaccesstokenstub_fuzzer/verifyaccesstokenstub_fuzzer.cpp
index d0c51459545a6a64387e88e9f89c9db129c2e8f3..7575cc2379930bcbd49c8d2db6a50399e43ad62c 100644
--- a/test/fuzztest/services/accesstoken/verifyaccesstokenstub_fuzzer/verifyaccesstokenstub_fuzzer.cpp
+++ b/test/fuzztest/services/accesstoken/verifyaccesstokenstub_fuzzer/verifyaccesstokenstub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023 Huawei Device Co., Ltd.
+ * Copyright (c) 2023-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -21,7 +21,7 @@
 #undef private
 #include "accesstoken_fuzzdata.h"
 #include "accesstoken_manager_service.h"
-#include "i_accesstoken_manager.h"
+#include "iaccess_token_manager.h"
 
 using namespace std;
 using namespace OHOS::Security::AccessToken;
@@ -44,7 +44,7 @@ namespace OHOS {
         }
 
         uint32_t code = static_cast<uint32_t>(
-            AccessTokenInterfaceCode::VERIFY_ACCESSTOKEN);
+            IAccessTokenManagerIpcCode::COMMAND_VERIFY_ACCESS_TOKEN);
 
         MessageParcel reply;
         MessageOption option;
diff --git a/test/fuzztest/services/accesstoken/verifyaccesstokenwithliststub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/verifyaccesstokenwithliststub_fuzzer/BUILD.gn
index 1d6648b8f3d42ce858ead87907d451001ede81b2..c134bd8099341930b073cd73573615f1b81b57ee 100644
--- a/test/fuzztest/services/accesstoken/verifyaccesstokenwithliststub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/accesstoken/verifyaccesstokenwithliststub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2024 Huawei Device Co., Ltd.
+# Copyright (c) 2024-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -33,7 +33,10 @@ ohos_fuzztest("VerifyAccessTokenWithListStubFuzzTest") {
 
   deps = access_token_deps
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config",
+  ]
 
   external_deps = access_token_external_deps
 
diff --git a/test/fuzztest/services/accesstoken/verifyaccesstokenwithliststub_fuzzer/verifyaccesstokenwithliststub_fuzzer.cpp b/test/fuzztest/services/accesstoken/verifyaccesstokenwithliststub_fuzzer/verifyaccesstokenwithliststub_fuzzer.cpp
index af153efffd06dae2c5b37cfed1f0c2086787c84c..b6ddf690259bd902f4e45b7c2fcac9ab8fb4cedb 100644
--- a/test/fuzztest/services/accesstoken/verifyaccesstokenwithliststub_fuzzer/verifyaccesstokenwithliststub_fuzzer.cpp
+++ b/test/fuzztest/services/accesstoken/verifyaccesstokenwithliststub_fuzzer/verifyaccesstokenwithliststub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Copyright (c) 2024-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -21,7 +21,7 @@
 #undef private
 #include "accesstoken_fuzzdata.h"
 #include "accesstoken_manager_service.h"
-#include "i_accesstoken_manager.h"
+#include "iaccess_token_manager.h"
 
 using namespace std;
 using namespace OHOS::Security::AccessToken;
@@ -48,7 +48,8 @@ namespace OHOS {
             return false;
         }
 
-        uint32_t code = static_cast<uint32_t>(AccessTokenInterfaceCode::VERIFY_ACCESSTOKEN_WITH_LIST);
+        uint32_t code = static_cast<uint32_t>(
+            IAccessTokenManagerIpcCode::COMMAND_VERIFY_ACCESS_TOKEN_IN_UNSIGNED_INT_IN_LIST_STRING_OUT_LIST_INT);
 
         MessageParcel reply;
         MessageOption option;
diff --git a/test/fuzztest/services/privacy/BUILD.gn b/test/fuzztest/services/privacy/BUILD.gn
index c27efe960861af886aa2232d32c3447a9912e777..eca096db61180b7ed3a210f72534c335bc38b9c4 100644
--- a/test/fuzztest/services/privacy/BUILD.gn
+++ b/test/fuzztest/services/privacy/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2023-2024 Huawei Device Co., Ltd.
+# Copyright (c) 2023-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -18,6 +18,7 @@ group("fuzztest") {
 
   if (is_standard_system && ability_base_enable == true) {
     deps += [
+      "addpermissionusedrecordasyncstub_fuzzer:AddPermissionUsedRecordAsyncStubFuzzTest",
       "addpermissionusedrecordstub_fuzzer:AddPermissionUsedRecordStubFuzzTest",
       "getpermissionusedrecordsasyncstub_fuzzer:GetPermissionUsedRecordsAsyncStubFuzzTest",
       "getpermissionusedrecordsstub_fuzzer:GetPermissionUsedRecordsStubFuzzTest",
@@ -34,14 +35,5 @@ group("fuzztest") {
       "stopusingpermissionstub_fuzzer:StopUsingPermissionStubFuzzTest",
       "unregisterpermactivestatuscallbackstub_fuzzer:UnRegisterPermActiveStatusCallbackStubFuzzTest",
     ]
-
-    if (security_component_enhance_enable) {
-      deps += [
-        "getseccompenhancestub_fuzzer:GetSecCompEnhanceStubFuzzTest",
-        "getspecialseccompenhancestub_fuzzer:GetSpecialSecCompEnhanceStubFuzzTest",
-        "registerseccompenhancestub_fuzzer:RegisterSecCompEnhanceStubFuzzTest",
-        "updateseccompenhancestub_fuzzer:UpdateSecCompEnhanceStubFuzzTest",
-      ]
-    }
   }
 }
diff --git a/test/fuzztest/services/privacy/getseccompenhancestub_fuzzer/BUILD.gn b/test/fuzztest/services/privacy/addpermissionusedrecordasyncstub_fuzzer/BUILD.gn
similarity index 70%
rename from test/fuzztest/services/privacy/getseccompenhancestub_fuzzer/BUILD.gn
rename to test/fuzztest/services/privacy/addpermissionusedrecordasyncstub_fuzzer/BUILD.gn
index 058d96bbdd5af7b42bb89919ce64357dc832f2bb..d88ba72f27df9cbca806cc00f265f9af2275c26c 100644
--- a/test/fuzztest/services/privacy/getseccompenhancestub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/privacy/addpermissionusedrecordasyncstub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2024 Huawei Device Co., Ltd.
+# Copyright (c) 2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -16,11 +16,11 @@ import("//build/test.gni")
 import("../../../../../access_token.gni")
 import("../privacy_service_fuzz.gni")
 
-ohos_fuzztest("GetSecCompEnhanceStubFuzzTest") {
+ohos_fuzztest("AddPermissionUsedRecordAsyncStubFuzzTest") {
   module_out_path = module_output_path_service_privacy
   fuzz_config_file = "."
 
-  sources = [ "getseccompenhancestub_fuzzer.cpp" ]
+  sources = [ "addpermissionusedrecordasyncstub_fuzzer.cpp" ]
 
   cflags = [
     "-g",
@@ -29,21 +29,20 @@ ohos_fuzztest("GetSecCompEnhanceStubFuzzTest") {
     "-fno-omit-frame-pointer",
   ]
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/privacymanager:privacy_manager_gen_config",
+  ]
 
   include_dirs = privacy_include_dirs
 
   sources += privacy_sources
-  sources += [ "${access_token_path}/services/privacymanager/src/seccomp/privacy_sec_comp_enhance_agent.cpp" ]
 
   defines = privacy_defines
 
   cflags_cc = privacy_cflags_cc
-  cflags_cc += [ "-DSECURITY_COMPONENT_ENHANCE_ENABLE" ]
 
   deps = privacy_deps
 
-  deps += [ "${access_token_path}/interfaces/innerkits/privacy:libprivacy_sdk" ]
-
   external_deps = privacy_external_deps
 }
diff --git a/test/fuzztest/services/privacy/getspecialseccompenhancestub_fuzzer/getspecialseccompenhancestub_fuzzer.cpp b/test/fuzztest/services/privacy/addpermissionusedrecordasyncstub_fuzzer/addpermissionusedrecordasyncstub_fuzzer.cpp
similarity index 64%
rename from test/fuzztest/services/privacy/getspecialseccompenhancestub_fuzzer/getspecialseccompenhancestub_fuzzer.cpp
rename to test/fuzztest/services/privacy/addpermissionusedrecordasyncstub_fuzzer/addpermissionusedrecordasyncstub_fuzzer.cpp
index 542ab9e678068dc281e0a5bb956598ca8e2e433d..9e570a49380442b874f87566942df81c0639b90a 100644
--- a/test/fuzztest/services/privacy/getspecialseccompenhancestub_fuzzer/getspecialseccompenhancestub_fuzzer.cpp
+++ b/test/fuzztest/services/privacy/addpermissionusedrecordasyncstub_fuzzer/addpermissionusedrecordasyncstub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Copyright (c) 2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -13,7 +13,7 @@
  * limitations under the License.
  */
 
-#include "getspecialseccompenhancestub_fuzzer.h"
+#include "addpermissionusedrecordasyncstub_fuzzer.h"
 
 #include <string>
 #include <thread>
@@ -21,18 +21,14 @@
 
 #include "accesstoken_fuzzdata.h"
 #undef private
-#include "errors.h"
-#include "i_privacy_manager.h"
-#include "on_permission_used_record_callback_stub.h"
-#include "permission_used_request.h"
-#include "permission_used_request_parcel.h"
+#include "iprivacy_manager.h"
 #include "privacy_manager_service.h"
 
 using namespace std;
 using namespace OHOS::Security::AccessToken;
 
 namespace OHOS {
-    bool GetSpecialSecCompEnhanceStubFuzzTest(const uint8_t* data, size_t size)
+    bool AddPermissionUsedRecordAsyncStubFuzzTest(const uint8_t* data, size_t size)
     {
         if ((data == nullptr) || (size == 0)) {
             return false;
@@ -42,11 +38,17 @@ namespace OHOS {
 
         MessageParcel datas;
         datas.WriteInterfaceToken(IPrivacyManager::GetDescriptor());
-        if (!datas.WriteString(fuzzData.GenerateStochasticString())) {
+
+        AddPermParamInfoParcel infoParcel;
+        infoParcel.info.tokenId = static_cast<AccessTokenID>(fuzzData.GetData<uint32_t>());
+        infoParcel.info.permissionName = fuzzData.GenerateStochasticString();
+        infoParcel.info.successCount = fuzzData.GetData<int32_t>();
+        infoParcel.info.failCount = fuzzData.GetData<int32_t>();
+        if (!datas.WriteParcelable(&infoParcel)) {
             return false;
         }
 
-        uint32_t code = static_cast<uint32_t>(PrivacyInterfaceCode::GET_SPECIAL_SEC_COMP_ENHANCE);
+        uint32_t code = static_cast<uint32_t>(IPrivacyManagerIpcCode::COMMAND_ADD_PERMISSION_USED_RECORD_ASYNC);
 
         MessageParcel reply;
         MessageOption option;
@@ -60,6 +62,6 @@ namespace OHOS {
 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
 {
     /* Run your code on data */
-    OHOS::GetSpecialSecCompEnhanceStubFuzzTest(data, size);
+    OHOS::AddPermissionUsedRecordAsyncStubFuzzTest(data, size);
     return 0;
 }
diff --git a/test/fuzztest/innerkits/accesstoken/unregistertokensynccallback_fuzzer/unregistertokensynccallback_fuzzer.h b/test/fuzztest/services/privacy/addpermissionusedrecordasyncstub_fuzzer/addpermissionusedrecordasyncstub_fuzzer.h
similarity index 64%
rename from test/fuzztest/innerkits/accesstoken/unregistertokensynccallback_fuzzer/unregistertokensynccallback_fuzzer.h
rename to test/fuzztest/services/privacy/addpermissionusedrecordasyncstub_fuzzer/addpermissionusedrecordasyncstub_fuzzer.h
index 6ea07787a95dd6b9ad0a859d8ec4cd6a653adcae..1ca1b1bd1864b63551d0ffdcf268f05b5244816d 100644
--- a/test/fuzztest/innerkits/accesstoken/unregistertokensynccallback_fuzzer/unregistertokensynccallback_fuzzer.h
+++ b/test/fuzztest/services/privacy/addpermissionusedrecordasyncstub_fuzzer/addpermissionusedrecordasyncstub_fuzzer.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Copyright (c) 2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -13,9 +13,9 @@
  * limitations under the License.
  */
 
-#ifndef TEST_FUZZTEST_UNREGISTERTOKENSYNCCALLBACK_FUZZER_H
-#define TEST_FUZZTEST_UNREGISTERTOKENSYNCCALLBACK_FUZZER_H
+#ifndef TEST_FUZZTEST_ADDPERMISSIONUSEDRECORDASYNCSTUB_FUZZER_H
+#define TEST_FUZZTEST_ADDPERMISSIONUSEDRECORDASYNCSTUB_FUZZER_H
 
-#define FUZZ_PROJECT_NAME "unregistertokensynccallback_fuzzer"
+#define FUZZ_PROJECT_NAME "addpermissionusedrecordasyncstub_fuzzer"
 
-#endif // TEST_FUZZTEST_UNREGISTERTOKENSYNCCALLBACK_FUZZER_H
\ No newline at end of file
+#endif // TEST_FUZZTEST_ADDPERMISSIONUSEDRECORDASYNCSTUB_FUZZER_H
diff --git a/test/fuzztest/innerkits/accesstoken/registertokensynccallback_fuzzer/corpus/init b/test/fuzztest/services/privacy/addpermissionusedrecordasyncstub_fuzzer/corpus/init
similarity index 92%
rename from test/fuzztest/innerkits/accesstoken/registertokensynccallback_fuzzer/corpus/init
rename to test/fuzztest/services/privacy/addpermissionusedrecordasyncstub_fuzzer/corpus/init
index f7880ef1a502193121ec4b74e27bfc616e66cd26..65af8ee8d11bf23407ea34d4de49f7cbb6a2b791 100644
--- a/test/fuzztest/innerkits/accesstoken/registertokensynccallback_fuzzer/corpus/init
+++ b/test/fuzztest/services/privacy/addpermissionusedrecordasyncstub_fuzzer/corpus/init
@@ -1,4 +1,4 @@
-# Copyright (c) 2024 Huawei Device Co., Ltd.
+# Copyright (c) 2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -10,4 +10,5 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
+
 FUZZ
\ No newline at end of file
diff --git a/test/fuzztest/services/privacy/addpermissionusedrecordasyncstub_fuzzer/project.xml b/test/fuzztest/services/privacy/addpermissionusedrecordasyncstub_fuzzer/project.xml
new file mode 100644
index 0000000000000000000000000000000000000000..66e1dcac475475fb101b6f8670ec699e6e9696aa
--- /dev/null
+++ b/test/fuzztest/services/privacy/addpermissionusedrecordasyncstub_fuzzer/project.xml
@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Copyright (c) 2025 Huawei Device Co., Ltd.
+
+     Licensed under the Apache License, Version 2.0 (the "License");
+     you may not use this file except in compliance with the License.
+     You may obtain a copy of the License at
+
+          http://www.apache.org/licenses/LICENSE-2.0
+
+     Unless required by applicable law or agreed to in writing, software
+     distributed under the License is distributed on an "AS IS" BASIS,
+     WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+     See the License for the specific language governing permissions and
+     limitations under the License.
+-->
+<fuzz_config>
+  <fuzztest>
+    <!-- maximum length of a test input -->
+    <max_len>1000</max_len>
+    <!-- maximum total time in seconds to run the fuzzer -->
+    <max_total_time>300</max_total_time>
+    <!-- memory usage limit in Mb -->
+    <rss_limit_mb>4096</rss_limit_mb>
+  </fuzztest>
+</fuzz_config>
diff --git a/test/fuzztest/services/privacy/addpermissionusedrecordstub_fuzzer/BUILD.gn b/test/fuzztest/services/privacy/addpermissionusedrecordstub_fuzzer/BUILD.gn
index 66d310651ea8596bdaab418b7b69195d90929497..0c0e2b7ed513709ae3a0e08a7e690a9e2211a496 100644
--- a/test/fuzztest/services/privacy/addpermissionusedrecordstub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/privacy/addpermissionusedrecordstub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2023-2024 Huawei Device Co., Ltd.
+# Copyright (c) 2023-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -29,7 +29,10 @@ ohos_fuzztest("AddPermissionUsedRecordStubFuzzTest") {
     "-fno-omit-frame-pointer",
   ]
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/privacymanager:privacy_manager_gen_config",
+  ]
 
   include_dirs = privacy_include_dirs
 
diff --git a/test/fuzztest/services/privacy/addpermissionusedrecordstub_fuzzer/addpermissionusedrecordstub_fuzzer.cpp b/test/fuzztest/services/privacy/addpermissionusedrecordstub_fuzzer/addpermissionusedrecordstub_fuzzer.cpp
index 37db718d6c550ac6a8e9227a43df5b92e19fa559..046452e7e76612a832c3466689fd5f5a98b889dc 100644
--- a/test/fuzztest/services/privacy/addpermissionusedrecordstub_fuzzer/addpermissionusedrecordstub_fuzzer.cpp
+++ b/test/fuzztest/services/privacy/addpermissionusedrecordstub_fuzzer/addpermissionusedrecordstub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023 Huawei Device Co., Ltd.
+ * Copyright (c) 2023-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -21,7 +21,7 @@
 
 #include "accesstoken_fuzzdata.h"
 #undef private
-#include "i_privacy_manager.h"
+#include "iprivacy_manager.h"
 #include "privacy_manager_service.h"
 
 using namespace std;
@@ -48,7 +48,7 @@ namespace OHOS {
             return false;
         }
 
-        uint32_t code = static_cast<uint32_t>(PrivacyInterfaceCode::ADD_PERMISSION_USED_RECORD);
+        uint32_t code = static_cast<uint32_t>(IPrivacyManagerIpcCode::COMMAND_ADD_PERMISSION_USED_RECORD);
 
         MessageParcel reply;
         MessageOption option;
diff --git a/test/fuzztest/services/privacy/getpermissionusedrecordsasyncstub_fuzzer/BUILD.gn b/test/fuzztest/services/privacy/getpermissionusedrecordsasyncstub_fuzzer/BUILD.gn
index b9182bd33c7f4ed568d6b9dc39e6aaec94c75194..98d751a7770c316048ee42cc094407e074a0223d 100644
--- a/test/fuzztest/services/privacy/getpermissionusedrecordsasyncstub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/privacy/getpermissionusedrecordsasyncstub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2023-2024 Huawei Device Co., Ltd.
+# Copyright (c) 2023-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -29,7 +29,10 @@ ohos_fuzztest("GetPermissionUsedRecordsAsyncStubFuzzTest") {
     "-fno-omit-frame-pointer",
   ]
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/privacymanager:privacy_manager_gen_config",
+  ]
 
   include_dirs = privacy_include_dirs
 
diff --git a/test/fuzztest/services/privacy/getpermissionusedrecordsasyncstub_fuzzer/getpermissionusedrecordsasyncstub_fuzzer.cpp b/test/fuzztest/services/privacy/getpermissionusedrecordsasyncstub_fuzzer/getpermissionusedrecordsasyncstub_fuzzer.cpp
index 61b96f6480885dc831dac6a27fd9d287dd9a1f63..298f6418d3fa03612b8d587fc903847342dca12e 100644
--- a/test/fuzztest/services/privacy/getpermissionusedrecordsasyncstub_fuzzer/getpermissionusedrecordsasyncstub_fuzzer.cpp
+++ b/test/fuzztest/services/privacy/getpermissionusedrecordsasyncstub_fuzzer/getpermissionusedrecordsasyncstub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023 Huawei Device Co., Ltd.
+ * Copyright (c) 2023-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -22,7 +22,7 @@
 #include "accesstoken_fuzzdata.h"
 #undef private
 #include "errors.h"
-#include "i_privacy_manager.h"
+#include "iprivacy_manager.h"
 #include "on_permission_used_record_callback_stub.h"
 #include "permission_used_request.h"
 #include "permission_used_request_parcel.h"
@@ -75,7 +75,7 @@ namespace OHOS {
             return false;
         }
 
-        uint32_t code = static_cast<uint32_t>(PrivacyInterfaceCode::GET_PERMISSION_USED_RECORDS_ASYNC);
+        uint32_t code = static_cast<uint32_t>(IPrivacyManagerIpcCode::COMMAND_GET_PERMISSION_USED_RECORDS_ASYNC);
 
         MessageParcel reply;
         MessageOption option;
diff --git a/test/fuzztest/services/privacy/getpermissionusedrecordsstub_fuzzer/BUILD.gn b/test/fuzztest/services/privacy/getpermissionusedrecordsstub_fuzzer/BUILD.gn
index 1467b5e9fefef5c10bc6e6a9bb831c6651037155..709384a1874a5aa464d416d56933bdf191b8031f 100644
--- a/test/fuzztest/services/privacy/getpermissionusedrecordsstub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/privacy/getpermissionusedrecordsstub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2023-2024 Huawei Device Co., Ltd.
+# Copyright (c) 2023-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -29,7 +29,10 @@ ohos_fuzztest("GetPermissionUsedRecordsStubFuzzTest") {
     "-fno-omit-frame-pointer",
   ]
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/privacymanager:privacy_manager_gen_config",
+  ]
 
   include_dirs = privacy_include_dirs
 
diff --git a/test/fuzztest/services/privacy/getpermissionusedrecordsstub_fuzzer/getpermissionusedrecordsstub_fuzzer.cpp b/test/fuzztest/services/privacy/getpermissionusedrecordsstub_fuzzer/getpermissionusedrecordsstub_fuzzer.cpp
index 3565d7b1191544c7c9b6cc5750f05e26a9d5626a..74dfdf1d30c90ea943973861a8f832717e718271 100644
--- a/test/fuzztest/services/privacy/getpermissionusedrecordsstub_fuzzer/getpermissionusedrecordsstub_fuzzer.cpp
+++ b/test/fuzztest/services/privacy/getpermissionusedrecordsstub_fuzzer/getpermissionusedrecordsstub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023 Huawei Device Co., Ltd.
+ * Copyright (c) 2023-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -21,7 +21,7 @@
 
 #include "accesstoken_fuzzdata.h"
 #undef private
-#include "i_privacy_manager.h"
+#include "iprivacy_manager.h"
 #include "permission_used_request.h"
 #include "permission_used_request_parcel.h"
 #include "privacy_manager_service.h"
@@ -60,7 +60,7 @@ namespace OHOS {
             return false;
         }
 
-        uint32_t code = static_cast<uint32_t>(PrivacyInterfaceCode::GET_PERMISSION_USED_RECORDS);
+        uint32_t code = static_cast<uint32_t>(IPrivacyManagerIpcCode::COMMAND_GET_PERMISSION_USED_RECORDS);
 
         MessageParcel reply;
         MessageOption option;
diff --git a/test/fuzztest/services/privacy/getpermissionusedrecordtogglestatusstub_fuzzer/BUILD.gn b/test/fuzztest/services/privacy/getpermissionusedrecordtogglestatusstub_fuzzer/BUILD.gn
index 3990a43f59d092ff6393badf3d5c139275c2ae5b..774cdd8462e8d11c45fa78164be4a11fb135a580 100644
--- a/test/fuzztest/services/privacy/getpermissionusedrecordtogglestatusstub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/privacy/getpermissionusedrecordtogglestatusstub_fuzzer/BUILD.gn
@@ -28,7 +28,10 @@ ohos_fuzztest("GetPermissionUsedRecordToggleStatusStubFuzzTest") {
     "-fno-omit-frame-pointer",
   ]
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/privacymanager:privacy_manager_gen_config",
+  ]
 
   include_dirs = privacy_include_dirs
 
diff --git a/test/fuzztest/services/privacy/getpermissionusedrecordtogglestatusstub_fuzzer/getpermissionusedrecordtogglestatusstub_fuzzer.cpp b/test/fuzztest/services/privacy/getpermissionusedrecordtogglestatusstub_fuzzer/getpermissionusedrecordtogglestatusstub_fuzzer.cpp
index e9609ed9c825c7c88f7cfe183413cbd6b17ec23d..bd2846939ea65dc229e52c444162d9d0be845984 100644
--- a/test/fuzztest/services/privacy/getpermissionusedrecordtogglestatusstub_fuzzer/getpermissionusedrecordtogglestatusstub_fuzzer.cpp
+++ b/test/fuzztest/services/privacy/getpermissionusedrecordtogglestatusstub_fuzzer/getpermissionusedrecordtogglestatusstub_fuzzer.cpp
@@ -17,7 +17,7 @@
 
 #include "accesstoken_fuzzdata.h"
 #undef private
-#include "i_privacy_manager.h"
+#include "iprivacy_manager.h"
 #include "privacy_manager_service.h"
 
 using namespace std;
@@ -42,7 +42,7 @@ namespace OHOS {
             return false;
         }
 
-        uint32_t code = static_cast<uint32_t>(PrivacyInterfaceCode::GET_PERMISSION_USED_RECORD_TOGGLE_STATUS);
+        uint32_t code = static_cast<uint32_t>(IPrivacyManagerIpcCode::COMMAND_GET_PERMISSION_USED_RECORD_TOGGLE_STATUS);
 
         MessageParcel reply;
         MessageOption option;
diff --git a/test/fuzztest/services/privacy/getpermissionusedtypeinfosstub_fuzzer/BUILD.gn b/test/fuzztest/services/privacy/getpermissionusedtypeinfosstub_fuzzer/BUILD.gn
index e4361c0a2107dacf8bff6e9f5919d65f2d904e63..e91375f355beb8c1c28b919b476b003b7c9b4762 100644
--- a/test/fuzztest/services/privacy/getpermissionusedtypeinfosstub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/privacy/getpermissionusedtypeinfosstub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2024 Huawei Device Co., Ltd.
+# Copyright (c) 2024-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -29,7 +29,10 @@ ohos_fuzztest("GetPermissionUsedTypeInfosStubFuzzTest") {
     "-fno-omit-frame-pointer",
   ]
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/privacymanager:privacy_manager_gen_config",
+  ]
 
   include_dirs = privacy_include_dirs
 
diff --git a/test/fuzztest/services/privacy/getpermissionusedtypeinfosstub_fuzzer/getpermissionusedtypeinfosstub_fuzzer.cpp b/test/fuzztest/services/privacy/getpermissionusedtypeinfosstub_fuzzer/getpermissionusedtypeinfosstub_fuzzer.cpp
index 3b50ce6039ed539cfba82540e8f64a0dc54d7a4a..c243b50d461326ebff9464fcf1d3d6e608cbbeb2 100644
--- a/test/fuzztest/services/privacy/getpermissionusedtypeinfosstub_fuzzer/getpermissionusedtypeinfosstub_fuzzer.cpp
+++ b/test/fuzztest/services/privacy/getpermissionusedtypeinfosstub_fuzzer/getpermissionusedtypeinfosstub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Copyright (c) 2024-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -21,7 +21,7 @@
 
 #include "accesstoken_fuzzdata.h"
 #undef private
-#include "i_privacy_manager.h"
+#include "iprivacy_manager.h"
 #include "privacy_manager_service.h"
 
 using namespace std;
@@ -45,7 +45,7 @@ namespace OHOS {
             return false;
         }
 
-        uint32_t code = static_cast<uint32_t>(PrivacyInterfaceCode::GET_PERMISSION_USED_TYPE_INFOS);
+        uint32_t code = static_cast<uint32_t>(IPrivacyManagerIpcCode::COMMAND_GET_PERMISSION_USED_TYPE_INFOS);
 
         MessageParcel reply;
         MessageOption option;
diff --git a/test/fuzztest/services/privacy/isallowedusingpermissionstub_fuzzer/BUILD.gn b/test/fuzztest/services/privacy/isallowedusingpermissionstub_fuzzer/BUILD.gn
index 94e5f22c1ab860d7d093bdcb816f7fa229498705..7a2238e4c72b795dbfddc3585681f3db274c61bc 100644
--- a/test/fuzztest/services/privacy/isallowedusingpermissionstub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/privacy/isallowedusingpermissionstub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2023-2024 Huawei Device Co., Ltd.
+# Copyright (c) 2023-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -29,7 +29,10 @@ ohos_fuzztest("IsAllowedUsingPermissionStubFuzzTest") {
     "-fno-omit-frame-pointer",
   ]
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/privacymanager:privacy_manager_gen_config",
+  ]
 
   include_dirs = privacy_include_dirs
 
diff --git a/test/fuzztest/services/privacy/isallowedusingpermissionstub_fuzzer/isallowedusingpermissionstub_fuzzer.cpp b/test/fuzztest/services/privacy/isallowedusingpermissionstub_fuzzer/isallowedusingpermissionstub_fuzzer.cpp
index 1eca6c5a89e42e0df12a50fd95fb03900e5722e1..e26b26f1bffd070d2071dbc309ffb6b44fed2828 100644
--- a/test/fuzztest/services/privacy/isallowedusingpermissionstub_fuzzer/isallowedusingpermissionstub_fuzzer.cpp
+++ b/test/fuzztest/services/privacy/isallowedusingpermissionstub_fuzzer/isallowedusingpermissionstub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023 Huawei Device Co., Ltd.
+ * Copyright (c) 2023-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -21,7 +21,7 @@
 
 #include "accesstoken_fuzzdata.h"
 #undef private
-#include "i_privacy_manager.h"
+#include "iprivacy_manager.h"
 #include "privacy_manager_service.h"
 
 using namespace std;
@@ -49,7 +49,7 @@ namespace OHOS {
         }
 
         uint32_t code = static_cast<uint32_t>(
-            PrivacyInterfaceCode::IS_ALLOWED_USING_PERMISSION);
+            IPrivacyManagerIpcCode::COMMAND_IS_ALLOWED_USING_PERMISSION);
 
         MessageParcel reply;
         MessageOption option;
diff --git a/test/fuzztest/services/privacy/privacy_service_fuzz.gni b/test/fuzztest/services/privacy/privacy_service_fuzz.gni
index 1e574a97edba9a3a0b240834ea8ec59c5ae873cf..f833e86570a4e63666d1136821b757b948cf2307 100644
--- a/test/fuzztest/services/privacy/privacy_service_fuzz.gni
+++ b/test/fuzztest/services/privacy/privacy_service_fuzz.gni
@@ -1,4 +1,4 @@
-# Copyright (c) 2024 Huawei Device Co., Ltd.
+# Copyright (c) 2024-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -25,7 +25,6 @@ privacy_include_dirs = [
   "${access_token_path}/services/privacymanager/include/common",
   "${access_token_path}/services/privacymanager/include/database",
   "${access_token_path}/services/privacymanager/include/record",
-  "${access_token_path}/services/privacymanager/include/seccomp",
   "${access_token_path}/services/privacymanager/include/service",
   "${access_token_path}/services/privacymanager/include/proxy",
   "${access_token_path}/services/privacymanager/include/sensitive",
@@ -49,6 +48,7 @@ privacy_deps = [
   "${access_token_path}/interfaces/innerkits/token_setproc:libtokensetproc_shared",
   "${access_token_path}/services/common:accesstoken_service_common",
   "${access_token_path}/services/common/proxy_death:proxy_death_handler",
+  "${access_token_path}/services/privacymanager:privacy_manager_stub",
 ]
 
 privacy_external_deps = [
@@ -85,7 +85,6 @@ privacy_sources = [
   "${access_token_path}/services/privacymanager/src/sensitive/audio_manager/audio_manager_adapter.cpp",
   "${access_token_path}/services/privacymanager/src/sensitive/camera_manager/camera_manager_adapter.cpp",
   "${access_token_path}/services/privacymanager/src/service/privacy_manager_service.cpp",
-  "${access_token_path}/services/privacymanager/src/service/privacy_manager_stub.cpp",
 ]
 
 privacy_cflags_cc = [
diff --git a/test/fuzztest/services/privacy/registerpermactivestatuscallbackstub_fuzzer/BUILD.gn b/test/fuzztest/services/privacy/registerpermactivestatuscallbackstub_fuzzer/BUILD.gn
index e6457ef8ffc48aff687edab1d8787d17ad9e9a69..b4a541307e3a848f0e85edd9612ebf0dfdedf00b 100644
--- a/test/fuzztest/services/privacy/registerpermactivestatuscallbackstub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/privacy/registerpermactivestatuscallbackstub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2023-2024 Huawei Device Co., Ltd.
+# Copyright (c) 2023-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -29,7 +29,10 @@ ohos_fuzztest("RegisterPermActiveStatusCallbackStubFuzzTest") {
     "-fno-omit-frame-pointer",
   ]
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/privacymanager:privacy_manager_gen_config",
+  ]
 
   include_dirs = privacy_include_dirs
 
diff --git a/test/fuzztest/services/privacy/registerpermactivestatuscallbackstub_fuzzer/registerpermactivestatuscallbackstub_fuzzer.cpp b/test/fuzztest/services/privacy/registerpermactivestatuscallbackstub_fuzzer/registerpermactivestatuscallbackstub_fuzzer.cpp
index 47fc2f21d1fba91d808cdba817e5f17619547240..7ae82265a97b2f3d398fb38299921bbacaa474e9 100644
--- a/test/fuzztest/services/privacy/registerpermactivestatuscallbackstub_fuzzer/registerpermactivestatuscallbackstub_fuzzer.cpp
+++ b/test/fuzztest/services/privacy/registerpermactivestatuscallbackstub_fuzzer/registerpermactivestatuscallbackstub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023 Huawei Device Co., Ltd.
+ * Copyright (c) 2023-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -21,7 +21,7 @@
 
 #include "accesstoken_fuzzdata.h"
 #undef private
-#include "i_privacy_manager.h"
+#include "iprivacy_manager.h"
 #include "perm_active_status_change_callback.h"
 #include "perm_active_status_customized_cbk.h"
 #include "privacy_manager_service.h"
@@ -74,7 +74,7 @@ namespace OHOS {
             return false;
         }
 
-        uint32_t code = static_cast<uint32_t>(PrivacyInterfaceCode::REGISTER_PERM_ACTIVE_STATUS_CHANGE_CALLBACK);
+        uint32_t code = static_cast<uint32_t>(IPrivacyManagerIpcCode::COMMAND_REGISTER_PERM_ACTIVE_STATUS_CALLBACK);
 
         MessageParcel reply;
         MessageOption option;
diff --git a/test/fuzztest/services/privacy/removepermissionusedrecordsstub_fuzzer/BUILD.gn b/test/fuzztest/services/privacy/removepermissionusedrecordsstub_fuzzer/BUILD.gn
index f9e87ddda066cbd9a6ff1bddb1695d0e365360db..dc2bdf02feb4d5c6f111a3ce11807a504c1f0389 100644
--- a/test/fuzztest/services/privacy/removepermissionusedrecordsstub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/privacy/removepermissionusedrecordsstub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2023-2024 Huawei Device Co., Ltd.
+# Copyright (c) 2023-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -29,7 +29,10 @@ ohos_fuzztest("RemovePermissionUsedRecordsStubFuzzTest") {
     "-fno-omit-frame-pointer",
   ]
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/privacymanager:privacy_manager_gen_config",
+  ]
 
   include_dirs = privacy_include_dirs
 
diff --git a/test/fuzztest/services/privacy/removepermissionusedrecordsstub_fuzzer/removepermissionusedrecordsstub_fuzzer.cpp b/test/fuzztest/services/privacy/removepermissionusedrecordsstub_fuzzer/removepermissionusedrecordsstub_fuzzer.cpp
index d3c3b8510dfbacb74a3ae7c33373325bb3cb8f2e..67d6b854659320481a6173bea4c8f044df0e669a 100644
--- a/test/fuzztest/services/privacy/removepermissionusedrecordsstub_fuzzer/removepermissionusedrecordsstub_fuzzer.cpp
+++ b/test/fuzztest/services/privacy/removepermissionusedrecordsstub_fuzzer/removepermissionusedrecordsstub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023 Huawei Device Co., Ltd.
+ * Copyright (c) 2023-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -21,7 +21,7 @@
 
 #include "accesstoken_fuzzdata.h"
 #undef private
-#include "i_privacy_manager.h"
+#include "iprivacy_manager.h"
 #include "privacy_manager_service.h"
 
 using namespace std;
@@ -46,7 +46,7 @@ namespace OHOS {
         }
 
         uint32_t code = static_cast<uint32_t>(
-            PrivacyInterfaceCode::DELETE_PERMISSION_USED_RECORDS);
+            IPrivacyManagerIpcCode::COMMAND_REMOVE_PERMISSION_USED_RECORDS);
 
         MessageParcel reply;
         MessageOption option;
diff --git a/test/fuzztest/services/privacy/sethapwithfgreminderstub_fuzzer/BUILD.gn b/test/fuzztest/services/privacy/sethapwithfgreminderstub_fuzzer/BUILD.gn
index b6c38befc5450777429770c0add2a447f5258f2f..3c9a0ba270cf9c645f2577e6072c74bae059dc37 100644
--- a/test/fuzztest/services/privacy/sethapwithfgreminderstub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/privacy/sethapwithfgreminderstub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2024 Huawei Device Co., Ltd.
+# Copyright (c) 2024-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -29,7 +29,10 @@ ohos_fuzztest("SetHapWithFGReminderStubFuzzTest") {
     "-fno-omit-frame-pointer",
   ]
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/privacymanager:privacy_manager_gen_config",
+  ]
 
   include_dirs = privacy_include_dirs
 
diff --git a/test/fuzztest/services/privacy/sethapwithfgreminderstub_fuzzer/sethapwithfgreminderstub_fuzzer.cpp b/test/fuzztest/services/privacy/sethapwithfgreminderstub_fuzzer/sethapwithfgreminderstub_fuzzer.cpp
index 15847a65394644fd317849266f9a728fadaff18c..3640773158ca523b976ca1ada12436386d84b20d 100644
--- a/test/fuzztest/services/privacy/sethapwithfgreminderstub_fuzzer/sethapwithfgreminderstub_fuzzer.cpp
+++ b/test/fuzztest/services/privacy/sethapwithfgreminderstub_fuzzer/sethapwithfgreminderstub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Copyright (c) 2024-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -22,7 +22,7 @@
 #include "accesstoken_fuzzdata.h"
 #undef private
 #include "accesstoken_kit.h"
-#include "i_privacy_manager.h"
+#include "iprivacy_manager.h"
 #include "privacy_manager_service.h"
 #include "nativetoken_kit.h"
 #include "token_setproc.h"
@@ -78,7 +78,7 @@ namespace OHOS {
             }
 
             uint32_t code = static_cast<uint32_t>(
-                PrivacyInterfaceCode::SET_HAP_WITH_FOREGROUND_REMINDER);
+                IPrivacyManagerIpcCode::COMMAND_SET_HAP_WITH_F_G_REMINDER);
 
             MessageParcel reply;
             MessageOption option;
diff --git a/test/fuzztest/services/privacy/setmutepolicystub_fuzzer/BUILD.gn b/test/fuzztest/services/privacy/setmutepolicystub_fuzzer/BUILD.gn
index f278054a80628ffae6e8b23ae2897460922e3c2d..fe53ed0ffd7823247c8ce53170129f17f378250f 100644
--- a/test/fuzztest/services/privacy/setmutepolicystub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/privacy/setmutepolicystub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2023-2024 Huawei Device Co., Ltd.
+# Copyright (c) 2023-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -29,7 +29,10 @@ ohos_fuzztest("SetMutePolicyStubFuzzTest") {
     "-fno-omit-frame-pointer",
   ]
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/privacymanager:privacy_manager_gen_config",
+  ]
 
   include_dirs = privacy_include_dirs
 
diff --git a/test/fuzztest/services/privacy/setmutepolicystub_fuzzer/setmutepolicystub_fuzzer.cpp b/test/fuzztest/services/privacy/setmutepolicystub_fuzzer/setmutepolicystub_fuzzer.cpp
index 69c220f5580fa08f8496c1cf730584086b4b9179..56b6b8760498c7c2f2502209e09e44618a2fb8f9 100644
--- a/test/fuzztest/services/privacy/setmutepolicystub_fuzzer/setmutepolicystub_fuzzer.cpp
+++ b/test/fuzztest/services/privacy/setmutepolicystub_fuzzer/setmutepolicystub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023 Huawei Device Co., Ltd.
+ * Copyright (c) 2023-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -22,7 +22,7 @@
 #include "accesstoken_fuzzdata.h"
 #undef private
 #include "accesstoken_kit.h"
-#include "i_privacy_manager.h"
+#include "iprivacy_manager.h"
 #include "privacy_manager_service.h"
 #include "nativetoken_kit.h"
 #include "token_setproc.h"
@@ -89,7 +89,7 @@ size_t g_baseFuzzPos = 0;
             }
 
             uint32_t code = static_cast<uint32_t>(
-                PrivacyInterfaceCode::SET_MUTE_POLICY);
+                IPrivacyManagerIpcCode::COMMAND_SET_MUTE_POLICY);
 
             MessageParcel reply;
             MessageOption option;
diff --git a/test/fuzztest/services/privacy/setpermissionusedrecordtogglestatusstub_fuzzer/BUILD.gn b/test/fuzztest/services/privacy/setpermissionusedrecordtogglestatusstub_fuzzer/BUILD.gn
index 6feddd9aca4f4d86ea8a4d6644188b3bca891919..4b68e6395ff8fba90a1757897586f3c67626e46c 100644
--- a/test/fuzztest/services/privacy/setpermissionusedrecordtogglestatusstub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/privacy/setpermissionusedrecordtogglestatusstub_fuzzer/BUILD.gn
@@ -28,7 +28,10 @@ ohos_fuzztest("SetPermissionUsedRecordToggleStatusStubFuzzTest") {
     "-fno-omit-frame-pointer",
   ]
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/privacymanager:privacy_manager_gen_config",
+  ]
 
   include_dirs = privacy_include_dirs
 
diff --git a/test/fuzztest/services/privacy/setpermissionusedrecordtogglestatusstub_fuzzer/setpermissionusedrecordtogglestatusstub_fuzzer.cpp b/test/fuzztest/services/privacy/setpermissionusedrecordtogglestatusstub_fuzzer/setpermissionusedrecordtogglestatusstub_fuzzer.cpp
index 9b5c47a88ca8182ae4afc090af90b4b66d371fc7..25292163bca26377af5ace327a900f5c50ab200c 100644
--- a/test/fuzztest/services/privacy/setpermissionusedrecordtogglestatusstub_fuzzer/setpermissionusedrecordtogglestatusstub_fuzzer.cpp
+++ b/test/fuzztest/services/privacy/setpermissionusedrecordtogglestatusstub_fuzzer/setpermissionusedrecordtogglestatusstub_fuzzer.cpp
@@ -17,7 +17,7 @@
 
 #include "accesstoken_fuzzdata.h"
 #undef private
-#include "i_privacy_manager.h"
+#include "iprivacy_manager.h"
 #include "privacy_manager_service.h"
 
 using namespace std;
@@ -43,7 +43,7 @@ namespace OHOS {
             return false;
         }
 
-        uint32_t code = static_cast<uint32_t>(PrivacyInterfaceCode::SET_PERMISSION_USED_RECORD_TOGGLE_STATUS);
+        uint32_t code = static_cast<uint32_t>(IPrivacyManagerIpcCode::COMMAND_SET_PERMISSION_USED_RECORD_TOGGLE_STATUS);
 
         MessageParcel reply;
         MessageOption option;
diff --git a/test/fuzztest/services/privacy/startusingpermissioncallbackstub_fuzzer/BUILD.gn b/test/fuzztest/services/privacy/startusingpermissioncallbackstub_fuzzer/BUILD.gn
index bdbc691db803d8845a374e3682f7913766db19dc..e61cf194dc47605a6aaed5e473e225a11cec4f28 100644
--- a/test/fuzztest/services/privacy/startusingpermissioncallbackstub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/privacy/startusingpermissioncallbackstub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2023-2024 Huawei Device Co., Ltd.
+# Copyright (c) 2023-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -29,7 +29,10 @@ ohos_fuzztest("StartUsingPermissionCallbackStubFuzzTest") {
     "-fno-omit-frame-pointer",
   ]
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/privacymanager:privacy_manager_gen_config",
+  ]
 
   include_dirs = privacy_include_dirs
 
diff --git a/test/fuzztest/services/privacy/startusingpermissioncallbackstub_fuzzer/startusingpermissioncallbackstub_fuzzer.cpp b/test/fuzztest/services/privacy/startusingpermissioncallbackstub_fuzzer/startusingpermissioncallbackstub_fuzzer.cpp
index 85b7bfcf6288bdc97750b15417278a2edaacb1ec..66b6c2c7142d5e379d6cf60ebb0b4c8cd954a60b 100644
--- a/test/fuzztest/services/privacy/startusingpermissioncallbackstub_fuzzer/startusingpermissioncallbackstub_fuzzer.cpp
+++ b/test/fuzztest/services/privacy/startusingpermissioncallbackstub_fuzzer/startusingpermissioncallbackstub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023 Huawei Device Co., Ltd.
+ * Copyright (c) 2023-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -21,7 +21,7 @@
 
 #include "accesstoken_fuzzdata.h"
 #undef private
-#include "i_privacy_manager.h"
+#include "iprivacy_manager.h"
 #include "state_change_callback.h"
 #include "state_customized_cbk.h"
 #include "privacy_manager_service.h"
@@ -74,7 +74,7 @@ namespace OHOS {
             return false;
         }
 
-        uint32_t code = static_cast<uint32_t>(PrivacyInterfaceCode::START_USING_PERMISSION_CALLBACK);
+        uint32_t code = static_cast<uint32_t>(IPrivacyManagerIpcCode::COMMAND_START_USING_PERMISSION_CALLBACK);
 
         MessageParcel reply;
         MessageOption option;
diff --git a/test/fuzztest/services/privacy/startusingpermissionstub_fuzzer/BUILD.gn b/test/fuzztest/services/privacy/startusingpermissionstub_fuzzer/BUILD.gn
index 1b1ee0ad03f71035c4a759fafeba3afd7237c641..ed318f6e2f9c19e20b3a32088e6daad4b26b7116 100644
--- a/test/fuzztest/services/privacy/startusingpermissionstub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/privacy/startusingpermissionstub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2023-2024 Huawei Device Co., Ltd.
+# Copyright (c) 2023-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -29,7 +29,10 @@ ohos_fuzztest("StartUsingPermissionStubFuzzTest") {
     "-fno-omit-frame-pointer",
   ]
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/privacymanager:privacy_manager_gen_config",
+  ]
 
   include_dirs = privacy_include_dirs
 
diff --git a/test/fuzztest/services/privacy/startusingpermissionstub_fuzzer/startusingpermissionstub_fuzzer.cpp b/test/fuzztest/services/privacy/startusingpermissionstub_fuzzer/startusingpermissionstub_fuzzer.cpp
index e9fb147ffbb83f1da94865088d359b9be5bfe0d9..42181dd68987bc3be6d1fecc402ffff67a558f47 100644
--- a/test/fuzztest/services/privacy/startusingpermissionstub_fuzzer/startusingpermissionstub_fuzzer.cpp
+++ b/test/fuzztest/services/privacy/startusingpermissionstub_fuzzer/startusingpermissionstub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023 Huawei Device Co., Ltd.
+ * Copyright (c) 2023-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -21,7 +21,7 @@
 
 #include "accesstoken_fuzzdata.h"
 #undef private
-#include "i_privacy_manager.h"
+#include "iprivacy_manager.h"
 #include "privacy_manager_service.h"
 
 using namespace std;
@@ -48,7 +48,7 @@ namespace OHOS {
             return false;
         }
 
-        uint32_t code = static_cast<uint32_t>(PrivacyInterfaceCode::START_USING_PERMISSION);
+        uint32_t code = static_cast<uint32_t>(IPrivacyManagerIpcCode::COMMAND_START_USING_PERMISSION);
 
         MessageParcel reply;
         MessageOption option;
diff --git a/test/fuzztest/services/privacy/stopusingpermissionstub_fuzzer/BUILD.gn b/test/fuzztest/services/privacy/stopusingpermissionstub_fuzzer/BUILD.gn
index 982e603861072231a6cb245ff5d01f47edf8f052..44b6b699002278913e8cdce62fd9c6d723513878 100644
--- a/test/fuzztest/services/privacy/stopusingpermissionstub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/privacy/stopusingpermissionstub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2023-2024 Huawei Device Co., Ltd.
+# Copyright (c) 2023-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -29,7 +29,10 @@ ohos_fuzztest("StopUsingPermissionStubFuzzTest") {
     "-fno-omit-frame-pointer",
   ]
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/privacymanager:privacy_manager_gen_config",
+  ]
 
   include_dirs = privacy_include_dirs
 
diff --git a/test/fuzztest/services/privacy/stopusingpermissionstub_fuzzer/stopusingpermissionstub_fuzzer.cpp b/test/fuzztest/services/privacy/stopusingpermissionstub_fuzzer/stopusingpermissionstub_fuzzer.cpp
index afce9afa09bf85e59da19ea6d31b8e1fb67a9d1a..74183f9e319990ea2c86cd4b51984696a65b3f03 100644
--- a/test/fuzztest/services/privacy/stopusingpermissionstub_fuzzer/stopusingpermissionstub_fuzzer.cpp
+++ b/test/fuzztest/services/privacy/stopusingpermissionstub_fuzzer/stopusingpermissionstub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023 Huawei Device Co., Ltd.
+ * Copyright (c) 2023-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -21,7 +21,7 @@
 
 #include "accesstoken_fuzzdata.h"
 #undef private
-#include "i_privacy_manager.h"
+#include "iprivacy_manager.h"
 #include "privacy_manager_service.h"
 
 using namespace std;
@@ -48,7 +48,7 @@ namespace OHOS {
             return false;
         }
 
-        uint32_t code = static_cast<uint32_t>(PrivacyInterfaceCode::STOP_USING_PERMISSION);
+        uint32_t code = static_cast<uint32_t>(IPrivacyManagerIpcCode::COMMAND_STOP_USING_PERMISSION);
 
         MessageParcel reply;
         MessageOption option;
diff --git a/test/fuzztest/services/privacy/unregisterpermactivestatuscallbackstub_fuzzer/BUILD.gn b/test/fuzztest/services/privacy/unregisterpermactivestatuscallbackstub_fuzzer/BUILD.gn
index 4933d084e73a30ed08455c9281b027e8018c4687..585a8e2a7788beef46177b863c7585fa417317cf 100644
--- a/test/fuzztest/services/privacy/unregisterpermactivestatuscallbackstub_fuzzer/BUILD.gn
+++ b/test/fuzztest/services/privacy/unregisterpermactivestatuscallbackstub_fuzzer/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2023-2024 Huawei Device Co., Ltd.
+# Copyright (c) 2023-2025 Huawei Device Co., Ltd.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -29,7 +29,10 @@ ohos_fuzztest("UnRegisterPermActiveStatusCallbackStubFuzzTest") {
     "-fno-omit-frame-pointer",
   ]
 
-  configs = [ "${access_token_path}/config:coverage_flags" ]
+  configs = [
+    "${access_token_path}/config:coverage_flags",
+    "${access_token_path}/services/privacymanager:privacy_manager_gen_config",
+  ]
 
   include_dirs = privacy_include_dirs
 
diff --git a/test/fuzztest/services/privacy/unregisterpermactivestatuscallbackstub_fuzzer/unregisterpermactivestatuscallbackstub_fuzzer.cpp b/test/fuzztest/services/privacy/unregisterpermactivestatuscallbackstub_fuzzer/unregisterpermactivestatuscallbackstub_fuzzer.cpp
index 14d23c014771b01a1889e9c17098cc8666e9fab6..6e08e88623ae7676e5189048d04c0f11ed5b57fe 100644
--- a/test/fuzztest/services/privacy/unregisterpermactivestatuscallbackstub_fuzzer/unregisterpermactivestatuscallbackstub_fuzzer.cpp
+++ b/test/fuzztest/services/privacy/unregisterpermactivestatuscallbackstub_fuzzer/unregisterpermactivestatuscallbackstub_fuzzer.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023 Huawei Device Co., Ltd.
+ * Copyright (c) 2023-2025 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -21,7 +21,7 @@
 
 #include "accesstoken_fuzzdata.h"
 #undef private
-#include "i_privacy_manager.h"
+#include "iprivacy_manager.h"
 #include "perm_active_status_change_callback.h"
 #include "perm_active_status_customized_cbk.h"
 #include "privacy_manager_service.h"
@@ -69,7 +69,7 @@ namespace OHOS {
             return false;
         }
 
-        uint32_t code = static_cast<uint32_t>(PrivacyInterfaceCode::UNREGISTER_PERM_ACTIVE_STATUS_CHANGE_CALLBACK);
+        uint32_t code = static_cast<uint32_t>(IPrivacyManagerIpcCode::COMMAND_UN_REGISTER_PERM_ACTIVE_STATUS_CALLBACK);
 
         MessageParcel reply;
         MessageOption option;