diff --git a/public/domain.te b/public/domain.te
index f602d088472962ae823401c02e2af658cfa91a9e..869d94e8cddfa9cf48b4b89c12181fa22714d0ed 100644
--- a/public/domain.te
+++ b/public/domain.te
@@ -1319,14 +1319,3 @@ neverallow {
   -zygote
 } self:capability dac_override;
 neverallow domain self:capability dac_read_search;
-
-# If an already existing file is opened with O_CREATE, the kernel might generate
-# a false report of a create denial. Silence these denials and make sure that
-# inappropriate permissions are not granted.
-neverallow domain {
-  proc_type
-  sysfs_type
-}:dir { add_name create link remove_name rename reparent rmdir write };
-
-dontaudit domain proc_type:dir write;
-dontaudit domain sysfs_type:dir write;
diff --git a/public/file.te b/public/file.te
index 9301d8901190dae8bd1d0d231fc07bd2883f1bfd..0161bca4d486ce92212bed20a2a752b4d86f13e2 100644
--- a/public/file.te
+++ b/public/file.te
@@ -83,10 +83,10 @@ type sysfs_net, fs_type, sysfs_type;
 type sysfs_power, fs_type, sysfs_type;
 type sysfs_rtc, fs_type, sysfs_type;
 type sysfs_switch, fs_type, sysfs_type;
-type sysfs_usb, fs_type, sysfs_type;
+type sysfs_usb, sysfs_type, file_type, mlstrustedobject;
 type sysfs_wakeup_reasons, fs_type, sysfs_type;
 type sysfs_fs_ext4_features, sysfs_type, fs_type;
-type fs_bpf, fs_type;
+type fs_bpf, fs_type, sysfs_type;
 type configfs, fs_type;
 # /sys/devices/system/cpu
 type sysfs_devices_system_cpu, fs_type, sysfs_type;