diff --git a/domain.te b/domain.te
index 6e5e83cc6..f90d80276 100644
--- a/domain.te
+++ b/domain.te
@@ -106,6 +106,7 @@ allow domain sysfs_writable:file rw_file_perms;
 # Read access to pseudo filesystems.
 r_dir_file(domain, proc)
 r_dir_file(domain, sysfs)
+r_dir_file(domain, sysfs_devices_system_cpu)
 r_dir_file(domain, inotify)
 r_dir_file(domain, cgroup)
 
diff --git a/file_contexts b/file_contexts
index be61f9ca9..5a9f1e209 100644
--- a/file_contexts
+++ b/file_contexts
@@ -204,6 +204,7 @@
 /sys/devices/platform/nfc-power/nfc_power -- u:object_r:sysfs_nfc_power_writable:s0
 /sys/class/rfkill/rfkill[0-9]*/state -- u:object_r:sysfs_bluetooth_writable:s0
 /sys/class/rfkill/rfkill[0-9]*/type -- u:object_r:sysfs_bluetooth_writable:s0
+/sys/devices/system/cpu(/.*)?    u:object_r:sysfs_devices_system_cpu:s0
 /sys/power/wake_lock -- u:object_r:sysfs_wake_lock:s0
 /sys/power/wake_unlock -- u:object_r:sysfs_wake_lock:s0
 #############################
diff --git a/ueventd.te b/ueventd.te
index 1562c0e88..275286bd5 100644
--- a/ueventd.te
+++ b/ueventd.te
@@ -14,6 +14,7 @@ allow ueventd device:chr_file rw_file_perms;
 allow ueventd sysfs:file rw_file_perms;
 allow ueventd sysfs:file setattr;
 allow ueventd sysfs_type:file { relabelfrom relabelto };
+allow ueventd sysfs_devices_system_cpu:file rw_file_perms;
 allow ueventd tmpfs:chr_file rw_file_perms;
 allow ueventd dev_type:dir create_dir_perms;
 allow ueventd dev_type:lnk_file { create unlink };