diff --git a/private/isolated_app.te b/private/isolated_app.te
index 30253af60be10eecd8ba1fcac0e2448b9ddbb9ac..951a0df2553419a8e23a957d4155e64f25212456 100644
--- a/private/isolated_app.te
+++ b/private/isolated_app.te
@@ -103,11 +103,3 @@ neverallow isolated_app { usb_device usbaccessory_device }:chr_file *;
 
 # Restrict the webview_zygote control socket.
 neverallow isolated_app webview_zygote_socket:sock_file write;
-
-# Limit the /sys files which isolated_app can access. This is important
-# for controlling isolated_app attack surface.
-neverallow isolated_app {
-  sysfs_type
-  -sysfs_devices_system_cpu
-  -sysfs_usb # TODO: check with audio team if needed for isolated_app (b/28417852)
-}:file no_rw_file_perms;