diff --git a/private/logpersist.te b/private/logpersist.te
index 41876272a..6f6ab5056 100644
--- a/private/logpersist.te
+++ b/private/logpersist.te
@@ -24,5 +24,6 @@ neverallow logpersist {
   userdebug_or_eng(`-misc_logd_file -coredump_file')
   with_native_coverage(`-method_trace_data_file')
 }:file { create write append };
-neverallow { domain -init userdebug_or_eng(`-logpersist -logd -dumpstate') } misc_logd_file:file no_rw_file_perms;
+neverallow { domain -init -dumpstate userdebug_or_eng(`-logpersist -logd') } misc_logd_file:file no_rw_file_perms;
+neverallow { domain -init userdebug_or_eng(`-logpersist -logd') } misc_logd_file:file no_w_file_perms;
 neverallow { domain -init userdebug_or_eng(`-logpersist -logd') } misc_logd_file:dir { add_name link relabelfrom remove_name rename reparent rmdir write };
diff --git a/public/dumpstate.te b/public/dumpstate.te
index 6a50f8792..684637d02 100644
--- a/public/dumpstate.te
+++ b/public/dumpstate.te
@@ -214,10 +214,8 @@ userdebug_or_eng(`
 ')
 
 # Access /data/misc/logd
-userdebug_or_eng(`
-  allow dumpstate misc_logd_file:dir r_dir_perms;
-  allow dumpstate misc_logd_file:file r_file_perms;
-')
+allow dumpstate misc_logd_file:dir r_dir_perms;
+allow dumpstate misc_logd_file:file r_file_perms;
 
 allow dumpstate app_fuse_file:dir r_dir_perms;
 allow dumpstate overlayfs_file:dir r_dir_perms;