diff --git a/device.te b/device.te
index 20e95a5dab8bdcbc519264b7be4c019212a725bb..9ff30d5bc043f6ba52037fb88496fed41f37f091 100644
--- a/device.te
+++ b/device.te
@@ -9,6 +9,7 @@ type block_device, dev_type;
 type camera_device, dev_type;
 type dm_device, dev_type;
 type loop_device, dev_type;
+type pmsg_device, dev_type, mlstrustedobject;
 type radio_device, dev_type;
 type ram_device, dev_type;
 type vold_device, dev_type;
diff --git a/file_contexts b/file_contexts
index a7337593c41f9ab047c85cf9a886422db82ad972..04fa4c729d93deb43607cfc8b4220191fd322893 100644
--- a/file_contexts
+++ b/file_contexts
@@ -66,6 +66,7 @@
 /dev/mpuirq		u:object_r:gps_device:s0
 /dev/mtd(/.*)?		u:object_r:mtd_device:s0
 /dev/mtp_usb		u:object_r:mtp_device:s0
+/dev/pmsg0		u:object_r:pmsg_device:s0
 /dev/pn544		u:object_r:nfc_device:s0
 /dev/ppp		u:object_r:ppp_device:s0
 /dev/ptmx		u:object_r:ptmx_device:s0
diff --git a/shell.te b/shell.te
index 3e30adc85953ffde6a3c548e69d5d732ff236a06..a69d47561362d2360234bf530c26c4109fd9579d 100644
--- a/shell.te
+++ b/shell.te
@@ -9,9 +9,12 @@ net_domain(shell)
 # XXX Transition into its own domain?
 app_domain(shell)
 
-# logd access
+# logcat
 read_logd(shell)
 control_logd(shell)
+# logcat -L (directly, or via dumpstate)
+allow shell pstorefs:dir search;
+allow shell pstorefs:file r_file_perms;
 
 # read files in /data/anr
 allow shell anr_data_file:dir r_dir_perms;
diff --git a/te_macros b/te_macros
index 016333eba142944fe8d900609972590a3d614cfe..b665f3ff00dacbef2ac6d8281df4c3bc711abd08 100644
--- a/te_macros
+++ b/te_macros
@@ -328,6 +328,7 @@ userdebug_or_eng(`
   allow $1 logd_debug:file w_file_perms;
 ')
 unix_socket_send($1, logdw, logd)
+allow $1 pmsg_device:chr_file w_file_perms;
 ')
 
 #####################################