diff --git a/file.te b/file.te
index 1eb323e47b858bad9b774fe9f9f0b7f8d0c9e325..39b3d07ac7474765f73d3e8abe1f25b6f08a23a1 100644
--- a/file.te
+++ b/file.te
@@ -43,6 +43,8 @@ type usbfs, fs_type;
 type unlabeled, file_type;
 # Default type for anything under /system.
 type system_file, file_type;
+# Type for /system/bin/logcat.
+type logcat_exec, exec_type, file_type;
 # Default type for anything under /data.
 type system_data_file, file_type, data_file_type;
 # /data/.layout_version or other installd-created files that
diff --git a/file_contexts b/file_contexts
index 33ac8a3f675bfa6d97c0bb1a5aa475bfaa7157a0..aa1cee07983250ad9d90c4f7edef2e6050807c52 100644
--- a/file_contexts
+++ b/file_contexts
@@ -123,6 +123,7 @@
 # System files
 #
 /system(/.*)?		u:object_r:system_file:s0
+/system/bin/logcat	--	u:object_r:logcat_exec:s0
 /system/bin/sh		--	u:object_r:shell_exec:s0
 /system/bin/run-as	--	u:object_r:runas_exec:s0
 /system/bin/bootanimation u:object_r:bootanim_exec:s0
diff --git a/property.te b/property.te
index cfa3ec9687b2a089492ee7121dc34cc301775291..1a209e9a485bb3844cbb1c70098d43938a9041db 100644
--- a/property.te
+++ b/property.te
@@ -23,3 +23,5 @@ type bluetooth_prop, property_type;
 type pan_result_prop, property_type;
 type powerctl_prop, property_type;
 type nfc_prop, property_type;
+type dalvik_prop, property_type;
+type config_prop, property_type;
diff --git a/property_contexts b/property_contexts
index f89c43282271bd428151fa48b3a3f63b8afbec10..8403d382d6e7d96f0c0cc9647cbc025860277653 100644
--- a/property_contexts
+++ b/property_contexts
@@ -61,3 +61,9 @@ ctl.                    u:object_r:ctl_default_prop:s0
 
 # NFC properties
 nfc.                    u:object_r:nfc_prop:s0
+
+# These properties are not normally set by processes other than init.
+# They are only distinguished here for setting by qemu-props on the
+# emulator/goldfish.
+config.                 u:object_r:config_prop:s0
+dalvik.                 u:object_r:dalvik_prop:s0
diff --git a/te_macros b/te_macros
index e211a179417d3512188adcdf4bc8e1eecd26ce7d..016333eba142944fe8d900609972590a3d614cfe 100644
--- a/te_macros
+++ b/te_macros
@@ -332,9 +332,10 @@ unix_socket_send($1, logdw, logd)
 
 #####################################
 # read_logd(domain)
-# Ability to read from android
+# Ability to run logcat and read from android
 # log daemon via sockets
 define(`read_logd', `
+allow $1 logcat_exec:file rx_file_perms;
 unix_socket_connect($1, logdr, logd)
 ')