diff --git a/sepolicy/private/priv_app.te b/sepolicy/private/priv_app.te
new file mode 100644
index 00000000..43f9fd43
--- /dev/null
+++ b/sepolicy/private/priv_app.te
@@ -0,0 +1,3 @@
+dontaudit priv_app device:dir read;
+dontaudit priv_app proc_interrupts:file read;
+dontaudit priv_app proc_modules:file read;
diff --git a/sepolicy/private/untrusted_app_all.te b/sepolicy/private/untrusted_app_all.te
new file mode 100644
index 00000000..99bb3001
--- /dev/null
+++ b/sepolicy/private/untrusted_app_all.te
@@ -0,0 +1,2 @@
+# suppress spurious denials
+dontaudit untrusted_app_all sysfs_zram:dir search;