diff --git a/sepolicy/vendor/update_verifier.te b/sepolicy/vendor/update_verifier.te
index de8bd583..cdc304f7 100644
--- a/sepolicy/vendor/update_verifier.te
+++ b/sepolicy/vendor/update_verifier.te
@@ -1 +1,4 @@
-allow update_verifier block_device:dir r_dir_perms;
+# update_verifier reads /sys/block/dm-X/dm/name to find the device-mapper
+# entries for system and vendor partitions.
+allow update_verifier sysfs:file r_file_perms;
+allow update_verifier sysfs:dir r_dir_perms;