diff --git a/apparmor.d/abstractions/disks-read b/apparmor.d/abstractions/disks-read
index bf46eea1a..ec356306b 100644
--- a/apparmor.d/abstractions/disks-read
+++ b/apparmor.d/abstractions/disks-read
@@ -20,6 +20,8 @@
   @{sys}/devices/@{pci}/host@{int}/** r,
   @{sys}/devices/@{pci}/usb@{int}/** r,
   @{sys}/devices/@{pci}/virtio@{int}/** r,
+  @{sys}/devices/**/host@{int}/**/block/{s,v}d[a-z]/ r,
+  @{sys}/devices/**/host@{int}/**/block/{s,v}d[a-z]/** r,
 
   # SSD Nvme devices
   /dev/nvme[0-9]* rk,
diff --git a/apparmor.d/abstractions/disks-write b/apparmor.d/abstractions/disks-write
index 844a4fbeb..8bf33882d 100644
--- a/apparmor.d/abstractions/disks-write
+++ b/apparmor.d/abstractions/disks-write
@@ -20,6 +20,8 @@
   @{sys}/devices/@{pci}/host@{int}/** r,
   @{sys}/devices/@{pci}/usb@{int}/** r,
   @{sys}/devices/@{pci}/virtio@{int}/** r,
+  @{sys}/devices/**/host@{int}/**/block/{s,v}d[a-z]/ r,
+  @{sys}/devices/**/host@{int}/**/block/{s,v}d[a-z]/** r,
 
   # SSD Nvme devices
   /dev/nvme[0-9]* rwk,
diff --git a/apparmor.d/profiles-a-f/aa-enforce b/apparmor.d/profiles-a-f/aa-enforce
index a5b18eb4e..da4d63460 100644
--- a/apparmor.d/profiles-a-f/aa-enforce
+++ b/apparmor.d/profiles-a-f/aa-enforce
@@ -6,7 +6,7 @@ abi <abi/4.0>,
 
 include <tunables/global>
 
-@{exec_path} = @{bin}/aa-enforce @{bin}/aa-complain @{bin}/aa-audit
+@{exec_path} = @{bin}/aa-enforce @{bin}/aa-complain @{bin}/aa-audit @{bin}/aa-disable
 profile aa-enforce @{exec_path} {
   include <abstractions/base>
   include <abstractions/consoles>
diff --git a/apparmor.d/profiles-a-f/blkid b/apparmor.d/profiles-a-f/blkid
index 282081330..4aea919b4 100644
--- a/apparmor.d/profiles-a-f/blkid
+++ b/apparmor.d/profiles-a-f/blkid
@@ -23,6 +23,8 @@ profile blkid @{exec_path} flags=(attach_disconnected) {
   @{etc_rw}/blkid.tab{,-@{rand6}} rw,
   @{etc_rw}/blkid.tab.old rwl -> /etc/blkid.tab,
 
+  /.ismount-test-file rw,
+
   # Image files
   @{user_img_dirs}/{,**} r,
 
@@ -34,8 +36,9 @@ profile blkid @{exec_path} flags=(attach_disconnected) {
 
   @{run}/cloud-init/ds-identify.log w, # file_inherit
 
-  # For the EVALUATE=scan method
+  @{PROC}/@{pid}/mounts r,
   @{PROC}/partitions r,
+  @{PROC}/swaps r,
 
   owner /dev/tty@{int} rw,
 
diff --git a/apparmor.d/profiles-g-l/lspci b/apparmor.d/profiles-g-l/lspci
index 0f3abf1dc..3f0fe5d95 100644
--- a/apparmor.d/profiles-g-l/lspci
+++ b/apparmor.d/profiles-g-l/lspci
@@ -30,10 +30,11 @@ profile lspci @{exec_path} flags=(attach_disconnected) {
 
   owner @{HOME}/.pciids-cache.tmp-*-@{pid} rw,
   owner @{HOME}/.pciids-cache rw,
+  owner @{user_cache_dirs}/pci-ids rw,
 
   @{sys}/bus/pci/devices/ r,
   @{sys}/bus/pci/slots/ r,
-  @{sys}/bus/pci/slots/@{int}/address r,
+  @{sys}/bus/pci/slots/@{int}-@{int}/address r,
   @{sys}/devices/@{pci}/** r,
   @{sys}/module/compression r,