diff --git a/non_plat/hal_graphics_allocator.te b/non_plat/hal_graphics_allocator.te
index a084d1d..310c04a 100644
--- a/non_plat/hal_graphics_allocator.te
+++ b/non_plat/hal_graphics_allocator.te
@@ -3,5 +3,3 @@
 # Purpose : Add policy for gralloc HIDL
 
 allow hal_graphics_allocator proc_ged:file { read ioctl open };
-
-allowxperm hal_graphics_allocator_default proc_ged:file ioctl { GED_BRIDGE_IO_GE_ALLOC GED_BRIDGE_IO_GE_GET };
diff --git a/non_plat/hal_graphics_allocator_default.te b/non_plat/hal_graphics_allocator_default.te
index 573d2be..921aaac 100644
--- a/non_plat/hal_graphics_allocator_default.te
+++ b/non_plat/hal_graphics_allocator_default.te
@@ -15,4 +15,13 @@ allow hal_graphics_allocator_default debugfs_ion:dir search;
 allow hal_graphics_allocator_default debugfs_tracing:file write;
 
 #============= hal_graphics_allocator_default ==============
-allow hal_graphics_allocator_default debugfs_tracing:file open;
\ No newline at end of file
+allow hal_graphics_allocator_default debugfs_tracing:file open;
+
+#============= hal_graphics_allocator_default ==============
+allow hal_graphics_allocator_default proc_ged:file r_file_perms;
+allowxperm hal_graphics_allocator_default proc_ged:file ioctl {
+GED_BRIDGE_IO_GE_ALLOC
+GED_BRIDGE_IO_GE_GET
+GED_BRIDGE_IO_GE_SET
+};
+