diff --git a/policy/modules/services/matrixd.te b/policy/modules/services/matrixd.te
index d3950cda0..394969cbc 100644
--- a/policy/modules/services/matrixd.te
+++ b/policy/modules/services/matrixd.te
@@ -49,7 +49,7 @@ allow matrixd_t self:udp_socket create_socket_perms;
 allow matrixd_t self:unix_dgram_socket create_socket_perms;
 # execmem is needed for Python callbacks
 # https://cffi.readthedocs.io/en/latest/using.html#callbacks
-allow matrixd_t self:process execmem;
+allow matrixd_t self:process { getsched execmem };
 
 allow matrixd_t matrixd_tmp_t:file { manage_file_perms map };
 files_tmp_filetrans(matrixd_t, matrixd_tmp_t, file)
@@ -104,8 +104,7 @@ sysnet_read_config(matrixd_t)
 userdom_search_user_runtime_root(matrixd_t)
 
 tunable_policy(`matrix_allow_federation',`
-	corenet_tcp_connect_all_unreserved_ports(matrixd_t)
-	corenet_tcp_connect_generic_port(matrixd_t)
+	corenet_tcp_connect_all_ports(matrixd_t)
 	corenet_udp_bind_all_ports(matrixd_t)
 ', `
 	corenet_dontaudit_tcp_connect_all_ports(matrixd_t)
@@ -120,4 +119,4 @@ tunable_policy(`matrix_postgresql_connect',`
 optional_policy(`
 	apache_search_config(matrixd_t)
 ')
- 
\ No newline at end of file
+