diff --git a/dumpstate.te b/dumpstate.te
index be9542fbeec2aaa9da5c7ff9ec6950a8b8840e07..d31d45f18a7b8d779517621e58527af491e774bf 100644
--- a/dumpstate.te
+++ b/dumpstate.te
@@ -117,6 +117,12 @@ allow dumpstate cache_recovery_file:file r_file_perms;
 allow dumpstate recovery_data_file:dir r_dir_perms;
 allow dumpstate recovery_data_file:file r_file_perms;
 
+# Access /data/misc/logd
+userdebug_or_eng(`
+  allow dumpstate misc_logd_file:dir r_dir_perms;
+  allow dumpstate misc_logd_file:file r_file_perms;
+')
+
 allow dumpstate { service_manager_type -gatekeeper_service }:service_manager find;
 allow dumpstate servicemanager:service_manager list;
 
diff --git a/logd.te b/logd.te
index 7254e53c736b6b7cef46bebc3693b909c50eeb49..97bbd8be3093b264d2cf5f24bec54d47fc0e39ed 100644
--- a/logd.te
+++ b/logd.te
@@ -62,6 +62,6 @@ neverallow logd { app_data_file system_data_file }:dir_file_class_set write;
 neverallow logd { file_type -logd_tmpfs userdebug_or_eng(` -misc_logd_file -coredump_file ') }:file { create write append };
 
 # logpersist is only allowed on userdebug/eng builds
-neverallow { domain userdebug_or_eng(`-logd -shell') } misc_logd_file:file no_rw_file_perms;
+neverallow { domain userdebug_or_eng(`-logd -shell -dumpstate') } misc_logd_file:file no_rw_file_perms;
 neverallow { domain userdebug_or_eng(`-logd') } misc_logd_file:dir { add_name link relabelfrom remove_name rename reparent rmdir write };
 neverallow { domain -init } misc_logd_file:dir create;