diff --git a/domain_deprecated.te b/domain_deprecated.te
index ed88cca9957845cc6f23e4a46bf2979fc37366a3..4da7a31906ea9b2082847eb23395208338565ca4 100644
--- a/domain_deprecated.te
+++ b/domain_deprecated.te
@@ -57,6 +57,7 @@ r_dir_file(domain_deprecated, proc)
 r_dir_file(domain_deprecated, sysfs)
 r_dir_file(domain_deprecated, inotify)
 r_dir_file(domain_deprecated, cgroup)
+r_dir_file(domain_deprecated, proc_meminfo)
 r_dir_file(domain_deprecated, proc_net)
 
 # Get SELinux enforcing status.
diff --git a/file.te b/file.te
index 7efa324e245395f144bb3ea388522e78bdb80170..2378883ce93f6fe55562365cfbd957ed402781cc 100644
--- a/file.te
+++ b/file.te
@@ -14,6 +14,7 @@ type qtaguid_proc, fs_type, mlstrustedobject;
 type proc_bluetooth_writable, fs_type;
 type proc_cpuinfo, fs_type;
 type proc_iomem, fs_type;
+type proc_meminfo, fs_type;
 type proc_net, fs_type;
 type proc_sysrq, fs_type;
 type proc_uid_cputime_showstat, fs_type;
diff --git a/genfs_contexts b/genfs_contexts
index 3f865c4e4b7ed8203b34a924890cf96aa14f4f05..2700a945895ef4526fcc2a458732205e6ff66b41 100644
--- a/genfs_contexts
+++ b/genfs_contexts
@@ -3,6 +3,7 @@ genfscon rootfs / u:object_r:rootfs:s0
 # proc labeling can be further refined (longest matching prefix).
 genfscon proc / u:object_r:proc:s0
 genfscon proc /iomem u:object_r:proc_iomem:s0
+genfscon proc /meminfo u:object_r:proc_meminfo:s0
 genfscon proc /net u:object_r:proc_net:s0
 genfscon proc /net/xt_qtaguid/ctrl u:object_r:qtaguid_proc:s0
 genfscon proc /cpuinfo u:object_r:proc_cpuinfo:s0
diff --git a/untrusted_app.te b/untrusted_app.te
index 189f3c50980908435862ddd312681d6553a9a5b5..d5abe17e509e8d8f803850e2529215b5c2e20e84 100644
--- a/untrusted_app.te
+++ b/untrusted_app.te
@@ -94,10 +94,11 @@ allow untrusted_app self:process ptrace;
 # for files. Suppress the denials when they occur.
 dontaudit untrusted_app exec_type:file getattr;
 
-# TODO: access of /proc/meminfo, give specific label or switch to
-# using meminfo service
-allow untrusted_app proc:file r_file_perms;
+# TODO: switch to meminfo service
+allow untrusted_app proc_meminfo:file r_file_perms;
+
 # https://code.google.com/p/chromium/issues/detail?id=586021
+allow untrusted_app proc:file r_file_perms;
 auditallow untrusted_app proc:file r_file_perms;
 # access /proc/net/xt_qtguid/stats
 r_dir_file(untrusted_app, proc_net)