diff --git a/private/incidentd.te b/private/incidentd.te
index ad6fbf3b3..6f1095569 100644
--- a/private/incidentd.te
+++ b/private/incidentd.te
@@ -151,6 +151,7 @@ neverallow {
   -dumpstate
   -incident
   -incidentd
+  -priv_app
   -statsd
   -system_app
   -system_server
diff --git a/private/priv_app.te b/private/priv_app.te
index 004908c8a..c5251a9b7 100644
--- a/private/priv_app.te
+++ b/private/priv_app.te
@@ -152,6 +152,12 @@ allow priv_app traced:fd use;
 allow priv_app traced_tmpfs:file { read write getattr map };
 unix_socket_connect(priv_app, traced_producer, traced)
 
+# Allow priv_apps to request and collect incident reports.
+# (Also requires DUMP and PACKAGE_USAGE_STATS permissions)
+allow priv_app incident_service:service_manager find;
+binder_call(priv_app, incidentd)
+allow priv_app incidentd:fifo_file { read write };
+
 # Allow heap profiling if the app opts in by being marked
 # profileable/debuggable.
 can_profile_heap(priv_app)
diff --git a/private/system_server.te b/private/system_server.te
index ab4a07cdd..8fff84832 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -412,6 +412,10 @@ userdebug_or_eng(`
   allow system_server su:fifo_file append;
 ')
 
+# Allow system_server to read pipes from incidentd (used to deliver incident reports
+# to dropbox)
+allow system_server incidentd:fifo_file read;
+
 # Read /data/misc/incidents - only read. The fd will be sent over binder,
 # with no DAC access to it, for dropbox to read.
 allow system_server incident_data_file:file read;