diff --git a/app.te b/app.te
index b03355f9e..01de57fd2 100644
--- a/app.te
+++ b/app.te
@@ -204,6 +204,8 @@ use_keystore({ appdomain -isolated_app })
 
 allow appdomain console_device:chr_file { read write };
 
+allow { appdomain -isolated_app } ion_device:chr_file rw_file_perms;
+
 ###
 ### CTS-specific rules
 ###
diff --git a/domain.te b/domain.te
index 2aba7e31d..c5296c4f2 100644
--- a/domain.te
+++ b/domain.te
@@ -23,6 +23,7 @@ allow domain self:process {
 };
 allow domain self:fd use;
 allow domain proc:dir search;
+allow domain proc_net:dir search;
 allow domain self:dir r_dir_perms;
 allow domain self:lnk_file r_file_perms;
 allow domain self:{ fifo_file file } rw_file_perms;