diff --git a/dumpstate.te b/dumpstate.te
index 4a475d1b2bb094e8de1d15ed553edebdccf47696..08dcb4df444da821665aa568eda732ace2f6766c 100644
--- a/dumpstate.te
+++ b/dumpstate.te
@@ -142,3 +142,5 @@ allow dumpstate debugfs_tracing:dir r_dir_perms;
 allow dumpstate debugfs_tracing:file rw_file_perms;
 allow dumpstate debugfs_trace_marker:file getattr;
 allow dumpstate atrace_exec:file rx_file_perms;
+
+allow dumpstate proc_interrupts:file r_file_perms;
diff --git a/file.te b/file.te
index 7b6b4a9c0ab9796e53d2ead73a574021e4862493..628c2371793624b87bb6f1e39a4a0a19517f5885 100644
--- a/file.te
+++ b/file.te
@@ -13,10 +13,13 @@ type usermodehelper, fs_type, sysfs_type;
 type qtaguid_proc, fs_type, mlstrustedobject;
 type proc_bluetooth_writable, fs_type;
 type proc_cpuinfo, fs_type;
+type proc_interrupts, fs_type;
 type proc_iomem, fs_type;
 type proc_meminfo, fs_type;
 type proc_net, fs_type;
+type proc_stat, fs_type;
 type proc_sysrq, fs_type;
+type proc_timer, fs_type;
 type proc_uid_cputime_showstat, fs_type;
 type proc_uid_cputime_removeuid, fs_type;
 type selinuxfs, fs_type, mlstrustedobject;
diff --git a/genfs_contexts b/genfs_contexts
index 81749fd1c89e5ca44e48e45fd90a60ca22ac4eeb..57b967cbc17ea9af05a00c9694261e1faacc4b28 100644
--- a/genfs_contexts
+++ b/genfs_contexts
@@ -2,11 +2,14 @@
 genfscon rootfs / u:object_r:rootfs:s0
 # proc labeling can be further refined (longest matching prefix).
 genfscon proc / u:object_r:proc:s0
+genfscon proc /interrupts u:object_r:proc_interrupts:s0
 genfscon proc /iomem u:object_r:proc_iomem:s0
 genfscon proc /meminfo u:object_r:proc_meminfo:s0
 genfscon proc /net u:object_r:proc_net:s0
 genfscon proc /net/xt_qtaguid/ctrl u:object_r:qtaguid_proc:s0
 genfscon proc /cpuinfo u:object_r:proc_cpuinfo:s0
+genfscon proc /softirqs u:object_r:proc_timer:s0
+genfscon proc /stat u:object_r:proc_stat:s0
 genfscon proc /sysrq-trigger u:object_r:proc_sysrq:s0
 genfscon proc /sys/fs/protected_hardlinks u:object_r:proc_security:s0
 genfscon proc /sys/fs/protected_symlinks u:object_r:proc_security:s0
@@ -24,6 +27,8 @@ genfscon proc /sys/net u:object_r:proc_net:s0
 genfscon proc /sys/vm/mmap_min_addr u:object_r:proc_security:s0
 genfscon proc /sys/vm/drop_caches u:object_r:proc_drop_caches:s0
 genfscon proc /sys/vm/overcommit_memory u:object_r:proc_overcommit_memory:s0
+genfscon proc /timer_list u:object_r:proc_timer:s0
+genfscon proc /timer_stats u:object_r:proc_timer:s0
 genfscon proc /uid_cputime/show_uid_stat u:object_r:proc_uid_cputime_showstat:s0
 genfscon proc /uid_cputime/remove_uid_range u:object_r:proc_uid_cputime_removeuid:s0
 
diff --git a/init.te b/init.te
index 889598562f3e8c886e8912b2d55117a425d9008b..ff029ab7812851ffd611894983841bffd1aea038 100644
--- a/init.te
+++ b/init.te
@@ -198,6 +198,9 @@ allow init self:capability net_admin;
 # Write to /proc/sysrq-trigger.
 allow init proc_sysrq:file w_file_perms;
 
+# Read /proc/stat for bootchart.
+allow init proc_stat:file r_file_perms;
+
 # Reboot.
 allow init self:capability sys_boot;
 
diff --git a/shell.te b/shell.te
index c263f0ccdfc0e170ba9e74ef1e2e5a65683a4df0..afa4c91c84d5927ff9ff6954c65b5acfe278f2e6 100644
--- a/shell.te
+++ b/shell.te
@@ -89,7 +89,10 @@ allow shell { service_manager_type -gatekeeper_service }:service_manager find;
 # allow shell to look through /proc/ for ps, top, netstat
 r_dir_file(shell, proc)
 r_dir_file(shell, proc_net)
+allow shell proc_interrupts:file r_file_perms;
 allow shell proc_meminfo:file r_file_perms;
+allow shell proc_stat:file r_file_perms;
+allow shell proc_timer:file r_file_perms;
 r_dir_file(shell, cgroup)
 allow shell domain:dir { search open read getattr };
 allow shell domain:{ file lnk_file } { open read getattr };
diff --git a/system_server.te b/system_server.te
index 3bf6e4e784fb3382aedfed8cb797d5f2fc195010..cb06d6d66428be12f3fde8ad117da397a3500585 100644
--- a/system_server.te
+++ b/system_server.te
@@ -101,6 +101,9 @@ allow system_server proc_uid_cputime_removeuid:file { w_file_perms getattr };
 # Write to /proc/sysrq-trigger.
 allow system_server proc_sysrq:file rw_file_perms;
 
+# Read /proc/stat for CPU usage statistics
+allow system_server proc_stat:file r_file_perms;
+
 # Read /sys/kernel/debug/wakeup_sources.
 allow system_server debugfs:file r_file_perms;