diff --git a/private/file.te b/private/file.te
index 83261daac..1c07416f7 100644
--- a/private/file.te
+++ b/private/file.te
@@ -25,6 +25,9 @@ type perfetto_traces_data_file, file_type, data_file_type, core_data_file_type;
 # /data/misc/perfetto-traces/bugreport for perfetto traces for bugreports.
 type perfetto_traces_bugreport_data_file, file_type, data_file_type, core_data_file_type;
 
+# /data/misc/perfetto-traces/profiling for perfetto traces from profiling apis.
+type perfetto_traces_profiling_data_file, file_type, data_file_type, core_data_file_type;
+
 # /data/misc/perfetto-configs for perfetto configs
 type perfetto_configs_data_file, file_type, data_file_type, core_data_file_type;
 
diff --git a/private/file_contexts b/private/file_contexts
index 32f576dc3..4659ba38c 100644
--- a/private/file_contexts
+++ b/private/file_contexts
@@ -644,9 +644,11 @@
 /data/misc/odrefresh(/.*)?      u:object_r:odrefresh_data_file:s0
 /data/misc/odsign(/.*)?         u:object_r:odsign_data_file:s0
 /data/misc/odsign/metrics(/.*)? u:object_r:odsign_metrics_file:s0
-/data/misc/perfetto-traces/bugreport(.*)? u:object_r:perfetto_traces_bugreport_data_file:s0
-/data/misc/perfetto-traces(/.*)?          u:object_r:perfetto_traces_data_file:s0
-/data/misc/perfetto-configs(/.*)?         u:object_r:perfetto_configs_data_file:s0
+/data/misc/perfetto-traces(/.*)?           u:object_r:perfetto_traces_data_file:s0
+/data/misc/perfetto-traces/bugreport(.*)?  u:object_r:perfetto_traces_bugreport_data_file:s0
+/data/misc/perfetto-traces/profiling(/.*)? u:object_r:perfetto_traces_profiling_data_file:s0
+/data/misc/perfetto-configs(/.*)?          u:object_r:perfetto_configs_data_file:s0
+/data/misc/uprobestats-configs(/.*)?      u:object_r:uprobestats_configs_data_file:s0
 /data/misc/prereboot(/.*)?      u:object_r:prereboot_data_file:s0
 /data/misc/profcollectd(/.*)?   u:object_r:profcollectd_data_file:s0
 /data/misc/radio(/.*)?          u:object_r:radio_core_data_file:s0
diff --git a/private/perfetto.te b/private/perfetto.te
index aae61a60e..d0088efdc 100644
--- a/private/perfetto.te
+++ b/private/perfetto.te
@@ -26,6 +26,10 @@ allow perfetto perfetto_traces_data_file:file create_file_perms;
 allow perfetto perfetto_traces_bugreport_data_file:file create_file_perms;
 allow perfetto perfetto_traces_bugreport_data_file:dir rw_dir_perms;
 
+# Allow to write and unlink traces into /data/misc/perfetto-traces/profiling.
+allow perfetto perfetto_traces_profiling_data_file:dir rw_dir_perms;
+allow perfetto perfetto_traces_profiling_data_file:file create_file_perms;
+
 # Allow perfetto to access the proxy service for reporting traces.
 allow perfetto tracingproxy_service:service_manager find;
 binder_use(perfetto)
@@ -86,6 +90,7 @@ neverallow {
   -dumpstate # For attaching traces to bugreports.
   -incidentd # For receiving reported traces. TODO(lalitm): remove this.
   -priv_app  # For stating traces for bug-report UI.
+  -system_server # For accessing traces started by profiling apis.
 } perfetto_traces_data_file:dir *;
 neverallow {
   domain
@@ -122,14 +127,20 @@ neverallow perfetto {
   -vendor_data_file
   -perfetto_traces_data_file
   -perfetto_traces_bugreport_data_file
+  -perfetto_traces_profiling_data_file
   -perfetto_configs_data_file
   with_native_coverage(`-method_trace_data_file')
 }:dir *;
-neverallow perfetto { system_data_file -perfetto_traces_data_file }:dir ~{ getattr search };
+neverallow perfetto {
+  system_data_file
+  -perfetto_traces_data_file
+  -perfetto_traces_profiling_data_file
+}:dir ~{ getattr search };
 neverallow perfetto {
   data_file_type
   -perfetto_traces_data_file
   -perfetto_traces_bugreport_data_file
+  -perfetto_traces_profiling_data_file
   -perfetto_configs_data_file
   with_native_coverage(`-method_trace_data_file')
 }:file ~write;
diff --git a/private/system_server.te b/private/system_server.te
index d63268ea3..1bad4af0f 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -575,6 +575,11 @@ allow system_server perfetto:fd use;
 domain_auto_trans(system_server, perfetto_exec, perfetto);
 allow system_server perfetto:fifo_file { read write };
 
+# Allow system server to manage perfetto traces for ProfilingService.
+allow system_server perfetto_traces_profiling_data_file:dir rw_dir_perms;
+allow system_server perfetto_traces_profiling_data_file:file { rw_file_perms unlink };
+allow system_server perfetto_traces_data_file:dir search;
+
 # Manage /data/backup.
 allow system_server backup_data_file:dir create_dir_perms;
 allow system_server backup_data_file:file create_file_perms;
@@ -1291,6 +1296,9 @@ neverallow system_server {
 neverallow system_server { domain -clatd -crash_dump -perfetto }:process transition;
 neverallow system_server *:process dyntransition;
 
+# Ensure that system_server doesn't access anything but search in perfetto_traces_data_file:dir.
+neverallow system_server perfetto_traces_data_file:dir ~search;
+
 # Only allow crash_dump to connect to system_ndebug_socket.
 neverallow { domain -init -system_server -crash_dump } system_ndebug_socket:sock_file { open write };