# Grant GPU access to SurfaceFlinger
allow surfaceflinger gpu_device:chr_file rw_file_perms;

allow surfaceflinger sysfs:file rw_file_perms;

# Read from /data/local/tmp
allow surfaceflinger shell_data_file:dir search;
allow surfaceflinger shell_data_file:file { open getattr read };
allow surfaceflinger shell_data_file:lnk_file read;