diff --git a/public/domain_deprecated.te b/public/domain_deprecated.te
index f989ea1e7a0ec608a5308d192f7f2dfbb84f5be2..4d1f2d0e321274ee0074ad5f38d2ff204084aaa5 100644
--- a/public/domain_deprecated.te
+++ b/public/domain_deprecated.te
@@ -159,6 +159,7 @@ allow domain_deprecated proc_meminfo:file r_file_perms;
 userdebug_or_eng(`
 auditallow {
   domain_deprecated
+  -dumpstate
   -fsck
   -fsck_untrusted
   -rild
@@ -169,6 +170,7 @@ auditallow {
 } proc:file r_file_perms;
 auditallow {
   domain_deprecated
+  -dumpstate
   -fsck
   -fsck_untrusted
   -rild
@@ -177,6 +179,7 @@ auditallow {
 } proc:lnk_file { open ioctl lock }; # getattr read granted in domain
 auditallow {
   domain_deprecated
+  -dumpstate
   -fingerprintd
   -healthd
   -netd
diff --git a/public/dumpstate.te b/public/dumpstate.te
index 66eaa1f2c2c22ef6bd8641255f1001e69434943c..d8801ea3d4e3c2034a8edd48367542dd13cbd125 100644
--- a/public/dumpstate.te
+++ b/public/dumpstate.te
@@ -136,8 +136,9 @@ read_logd(dumpstate)
 control_logd(dumpstate)
 read_runtime_log_tags(dumpstate)
 
-# Read /proc/net
+# Read /proc and /proc/net
 allow dumpstate proc_net:file r_file_perms;
+r_dir_file(dumpstate, proc)
 
 # Read network state info files.
 allow dumpstate net_data_file:dir search;