diff --git a/private/adbd.te b/private/adbd.te
index eb6ae3268c6988cafd2e713d8601f9a055b31513..b402335a28aadf89da885916d066d60466b435ab 100644
--- a/private/adbd.te
+++ b/private/adbd.te
@@ -103,6 +103,8 @@ allow adbd kernel:security read_policy;
 allow adbd service_contexts_file:file r_file_perms;
 allow adbd file_contexts_file:file r_file_perms;
 allow adbd seapp_contexts_file:file r_file_perms;
+allow adbd property_contexts_file:file r_file_perms;
+allow adbd sepolicy_file:file r_file_perms;
 
 allow adbd surfaceflinger_service:service_manager find;
 allow adbd bootchart_data_file:dir search;
diff --git a/public/shell.te b/public/shell.te
index caf93ca63670f4fba77b1b56815109cb9e1f17ad..7c3d8a1195dbe30cf442c3dc48cec35c6385c77f 100644
--- a/public/shell.te
+++ b/public/shell.te
@@ -147,6 +147,13 @@ allow shell proc:lnk_file getattr;
 #
 allow shell dev_type:blk_file getattr;
 
+# read selinux policy files
+allow shell file_contexts_file:file r_file_perms;
+allow shell property_contexts_file:file r_file_perms;
+allow shell seapp_contexts_file:file r_file_perms;
+allow shell service_contexts_file:file r_file_perms;
+allow shell sepolicy_file:file r_file_perms;
+
 ###
 ### Neverallow rules
 ###