diff --git a/private/genfs_contexts b/private/genfs_contexts
index e84b49433d05cf94be8d03c296b388e6474fb93c..7873367142314d65eab627a7dbebb56ba6d33737 100644
--- a/private/genfs_contexts
+++ b/private/genfs_contexts
@@ -22,6 +22,7 @@ genfscon proc /sys/kernel/hotplug u:object_r:usermodehelper:s0
 genfscon proc /sys/kernel/kptr_restrict u:object_r:proc_security:s0
 genfscon proc /sys/kernel/modprobe u:object_r:usermodehelper:s0
 genfscon proc /sys/kernel/modules_disabled u:object_r:proc_security:s0
+genfscon proc /sys/kernel/perf_event_max_sample_rate u:object_r:proc_perf:s0
 genfscon proc /sys/kernel/poweroff_cmd u:object_r:usermodehelper:s0
 genfscon proc /sys/kernel/randomize_va_space u:object_r:proc_security:s0
 genfscon proc /sys/kernel/usermodehelper u:object_r:usermodehelper:s0
diff --git a/public/domain.te b/public/domain.te
index b8004ac945c1d8b3516bc4faf9656b76ae1aaa80..19243a698e7c5ba3db3507238149e4b668a6ceeb 100644
--- a/public/domain.te
+++ b/public/domain.te
@@ -118,6 +118,9 @@ allow domain proc_cpuinfo:file r_file_perms;
 # jemalloc needs to read /proc/sys/vm/overcommit_memory
 allow domain proc_overcommit_memory:file r_file_perms;
 
+# profiling needs to read /proc/sys/kernel/perf_event_max_sample_rate
+allow domain proc_perf:file r_file_perms;
+
 # toybox loads libselinux which stats /sys/fs/selinux/
 allow domain selinuxfs:dir search;
 allow domain selinuxfs:file getattr;
diff --git a/public/file.te b/public/file.te
index 72f30f463d406865eef0a085674cd994885a496b..2936d65155d4d5017c8daf378ba7588691350aab 100644
--- a/public/file.te
+++ b/public/file.te
@@ -18,6 +18,7 @@ type proc_iomem, fs_type;
 type proc_meminfo, fs_type;
 type proc_misc, fs_type;
 type proc_net, fs_type;
+type proc_perf, fs_type;
 type proc_stat, fs_type;
 type proc_sysrq, fs_type;
 type proc_timer, fs_type;