diff --git a/blkid.te b/blkid.te
index 23ce3a9da6cb0579acab728b103f351d29c6e590..7a7e024574aa621866f6e140c676b701b0e4b827 100644
--- a/blkid.te
+++ b/blkid.te
@@ -1,5 +1,5 @@
 # blkid called from vold
-type blkid, domain, domain_deprecated;
+type blkid, domain;
 type blkid_exec, exec_type, file_type;
 
 # Allowed read-only access to encrypted devices to extract UUID/label
@@ -14,6 +14,9 @@ allow blkid vold:fifo_file { read write getattr };
 # For blkid launched through popen()
 allow blkid blkid_exec:file rx_file_perms;
 
+# access to /proc/filesystems
+allow blkid proc:file r_file_perms;
+
 # Only allow entry from vold
 neverallow { domain -vold } blkid:process transition;
 neverallow domain blkid:process dyntransition;
diff --git a/blkid_untrusted.te b/blkid_untrusted.te
index 7e53de7ad8522cadcf2424322accc05f3b76fe57..df8e447f93708c4b1eff880e261574b6a58f9fc7 100644
--- a/blkid_untrusted.te
+++ b/blkid_untrusted.te
@@ -1,5 +1,5 @@
 # blkid for untrusted block devices
-type blkid_untrusted, domain, domain_deprecated;
+type blkid_untrusted, domain;
 
 # Allowed read-only access to vold block devices to extract UUID/label
 allow blkid_untrusted block_device:dir search;
diff --git a/fsck.te b/fsck.te
index cdf1188aa8fb72a8d11af257f3b3765a2fe59f31..ebff968a29f8785a3dd356398d33bed1184ee1bf 100644
--- a/fsck.te
+++ b/fsck.te
@@ -1,5 +1,5 @@
 # Any fsck program run by init
-type fsck, domain, domain_deprecated;
+type fsck, domain;
 type fsck_exec, exec_type, file_type;
 
 init_daemon_domain(fsck)
@@ -24,6 +24,8 @@ allow fsck dm_device:blk_file rw_file_perms;
 # fsck performs a stat() on swap to verify that it is a valid
 # swap device before setting the EXT2_MF_SWAP mount flag.
 allow fsck swap_block_device:blk_file getattr;
+# access to /proc/swaps
+allow fsck proc:file r_file_perms;
 
 ###
 ### neverallow rules
diff --git a/fsck_untrusted.te b/fsck_untrusted.te
index 4f01db2150b2e434b3f8f14e1cc6d50801978c42..67c67b762705e863a5688d24b0000236c18e3d8c 100644
--- a/fsck_untrusted.te
+++ b/fsck_untrusted.te
@@ -1,5 +1,5 @@
 # Any fsck program run on untrusted block devices
-type fsck_untrusted, domain, domain_deprecated;
+type fsck_untrusted, domain;
 
 # Inherit and use pty created by android_fork_execvp_ext().
 allow fsck_untrusted devpts:chr_file { read write ioctl getattr };
diff --git a/sdcardd.te b/sdcardd.te
index 056e9f829877e896169b0c2f3c7f11c7da69b926..a6648200e7c7650d34ce2aca05a5418c0f8bca9f 100644
--- a/sdcardd.te
+++ b/sdcardd.te
@@ -1,4 +1,4 @@
-type sdcardd, domain, domain_deprecated;
+type sdcardd, domain;
 type sdcardd_exec, exec_type, file_type;
 
 allow sdcardd cgroup:dir create_dir_perms;
diff --git a/sgdisk.te b/sgdisk.te
index b8d6b3ffc321959567fb968631d74d2ca1585fff..8a689a1133d4398f3d3c362b4f069dff2539f3c3 100644
--- a/sgdisk.te
+++ b/sgdisk.te
@@ -1,5 +1,5 @@
 # sgdisk called from vold
-type sgdisk, domain, domain_deprecated;
+type sgdisk, domain;
 type sgdisk_exec, exec_type, file_type;
 
 # Allowed to read/write low-level partition tables