diff --git a/domain.te b/domain.te
index 1224c6522d248e1faaace11b201aacc8bd8f8fb8..0a819c2650889a7562e5d9e6824fcce4d85ea61c 100644
--- a/domain.te
+++ b/domain.te
@@ -110,6 +110,8 @@ r_dir_file(domain, zoneinfo_data_file)
 # Lots of processes access current CPU information
 r_dir_file(domain, sysfs_devices_system_cpu)
 
+r_dir_file(domain, sysfs_usb);
+
 # files under /data.
 allow domain system_data_file:dir { search getattr };
 allow domain system_data_file:lnk_file read;
diff --git a/file.te b/file.te
index 3982a8d25e2ddf74a8c57470643e049ea77c25af..95415d31f19a06ecbd267566da979eba56809ab9 100644
--- a/file.te
+++ b/file.te
@@ -29,6 +29,7 @@ type sysfs_hwrandom, fs_type, sysfs_type;
 type sysfs_nfc_power_writable, fs_type, sysfs_type, mlstrustedobject;
 type sysfs_wake_lock, fs_type, sysfs_type;
 type sysfs_mac_address, fs_type, sysfs_type;
+type sysfs_usb, sysfs_type, file_type, mlstrustedobject;
 type configfs, fs_type;
 # /sys/devices/system/cpu
 type sysfs_devices_system_cpu, fs_type, sysfs_type;