diff --git a/sepolicy/base/te/appspawn.te b/sepolicy/base/te/appspawn.te
index a64c40ed9d3eccfe8df3f5569de0e95c35285f85..93c2d52644ab4dcf8e09101bdbc76a190b1220a6 100644
--- a/sepolicy/base/te/appspawn.te
+++ b/sepolicy/base/te/appspawn.te
@@ -86,5 +86,4 @@ allow appspawn sys_usb_param:file { map open read };
 allow appspawn tmpfs:dir { add_name create mounton write };
 allow appspawn tmpfs:lnk_file { create };
 allow appspawn vendor_lib_file:dir { mounton };
-allow appspawn self:process execmem;
 allowxperm appspawn dev_at_file:chr_file ioctl { 0x4102 };
diff --git a/sepolicy/base/te/bootanimation.te b/sepolicy/base/te/bootanimation.te
index 927cfd2f1a780fb50b3a314936be1c4b31e62e95..76d5aeab102405b45aed5a3b7e31cae7f6457e80 100644
--- a/sepolicy/base/te/bootanimation.te
+++ b/sepolicy/base/te/bootanimation.te
@@ -72,7 +72,7 @@ allow bootanimation system_usr_file:file { getattr map open read };
 allow bootanimation sys_usb_param:file { map open read };
 allow bootanimation tracefs:dir { search };
 allow bootanimation tracefs_trace_marker_file:file { open write };
-allowxperm bootanimation dev_mali:chr_file ioctl { 0x8000 0x8001 0x8002 0x8003 0x8004 0x8005 0x8006 0x8007 0x800e 0x8011 0x8016 0x8018 0x8019 0x801d 0x801e 0x8024 0x8025 0x8026 0x8027 0x800f 0x8029 0x802a 0x8031 0x802b 0x802c 0x802d 0x802e 0x802f 0x8030 0x8033 0x8034 0x8036};
+allowxperm bootanimation dev_mali:chr_file ioctl { 0x8000 0x8001 0x8002 0x8003 0x8004 0x8005 0x8006 0x8007 0x800e 0x8011 0x8016 0x8018 0x8019 0x801d 0x801e 0x8026 0x800f };
 allow bootanimation chip_prod_file:dir { search };
 allow bootanimation sys_prod_file:dir { search };
 allow bootanimation vendor_bin_file:dir { search };
diff --git a/sepolicy/base/te/ispserver.te b/sepolicy/base/te/ispserver.te
index 015bc8fac4a27c00819520443fed99497da1f5d3..946b2a0fa6715561325e54fb03f700b1709850af 100644
--- a/sepolicy/base/te/ispserver.te
+++ b/sepolicy/base/te/ispserver.te
@@ -51,5 +51,5 @@ allow ispserver vendor_bin_file:file { entrypoint execute map read };
 allow ispserver vendor_etc_file:dir { search };
 allow ispserver vendor_etc_file:file { getattr open read };
 allowxperm ispserver dev_media_file:chr_file ioctl { 0x7c00 0x7c01 0x7c02 0x7c03 };
-allowxperm ispserver dev_v_file:chr_file ioctl { 0x5604 0x5605 0x5615 0x561c 0x5624 0x563d 0x563e 0x5659 0x565a 0x565b 0x56c0 0x56c5 0x56c8 0x56c9 0x56d4 0x56d6 0x564b 0x56c3 };
-allowxperm ispserver dev_video_file:chr_file ioctl { 0x5600 0x5604 0x5605 0x5608 0x5609 0x560f 0x5610 0x5611 0x5612 0x5613 0x5659 0x565a 0x5611 0x565b };
+allowxperm ispserver dev_v_file:chr_file ioctl { 0x5604 0x5605 0x5615 0x561c 0x5624 0x563d 0x563e 0x5659 0x565a 0x565b 0x56c0 0x56c5 0x56c8 0x56c9 };
+allowxperm ispserver dev_video_file:chr_file ioctl { 0x5600 0x5604 0x5605 0x5608 0x5609 0x560f 0x5610 0x5611 0x5612 0x5613 0x5659 0x565a };
diff --git a/sepolicy/base/te/normal_hap.te b/sepolicy/base/te/normal_hap.te
index 442fac09d095d5f91cd57e4219974f4081ae66fb..dea003384eeaa634498acdac2c270bb6dd9f2372 100644
--- a/sepolicy/base/te/normal_hap.te
+++ b/sepolicy/base/te/normal_hap.te
@@ -117,7 +117,7 @@ allow normal_hap_attr telephony_sa:binder { call };
 allow normal_hap_attr tmpfs:lnk_file { create };
 allow normal_hap_attr tracefs:dir { search };
 allow normal_hap_attr tracefs_trace_marker_file:file { open write };
-allowxperm normal_hap_attr dev_mali:chr_file ioctl { 0x8000 0x8001 0x8002 0x8003 0x8005 0x8006 0x8007 0x800c 0x800e 0x8011 0x8016 0x8018 0x8019 0x801d 0x801e 0x8026 0x8024 0x8025 0x8027 0x8030 0x8033 0x8034 0x8036 0x802a 0x802c 0x802d 0x802f 0x8014 };
+allowxperm normal_hap_attr dev_mali:chr_file ioctl { 0x8000 0x8001 0x8002 0x8003 0x8005 0x8006 0x8007 0x800c 0x800e 0x8011 0x8016 0x8018 0x8019 0x801d 0x801e 0x8026 };
 allowxperm normal_hap_attr normal_hap_data_file_attr:file ioctl { 0x5413 0xf50c };
 binder_call(normal_hap_attr system_basic_hap);
 allow normal_hap_attr dev_asanlog_file:dir { rw_dir_perms };
diff --git a/sepolicy/base/te/render_service.te b/sepolicy/base/te/render_service.te
index 5a1e48d85a14a47c67429dbca70e55d690f27dd1..6de457330216efe5462f9508a850191b2026cb8f 100644
--- a/sepolicy/base/te/render_service.te
+++ b/sepolicy/base/te/render_service.te
@@ -66,5 +66,5 @@ allow render_service tracefs_trace_marker_file:file { open write };
 allow render_service ui_service:binder { call transfer };
 allow render_service ui_service:fd { use };
 allowxperm render_service dev_dri_file:chr_file ioctl { 0x640d 0x6411 0x641e 0x641f 0x642d 0x64a0 0x64a1 0x64a6 0x64a7 0x64aa 0x64b2 0x64b4 0x64b5 0x64b6 0x64b9 };
-allowxperm render_service dev_mali:chr_file ioctl { 0x8000 0x8001 0x8003 0x8005 0x800e 0x8011 0x8018 0x8024 0x8026 0x8027 0x8029 0x802a 0x802b 0x802c 0x802d 0x802e 0x800f 0x8030 0x8031 0x8033 0x8034 0x8036 };
+allowxperm render_service dev_mali:chr_file ioctl { 0x8000 0x8001 0x8003 0x8005 0x800e 0x8011 0x8026 0x800f };
 allowxperm render_service dev_rga:chr_file ioctl { 0x601b };
diff --git a/sepolicy/base/te/system_basic_hap.te b/sepolicy/base/te/system_basic_hap.te
index dfaccb60a2eed611713def5bf4e7ea77228bf6a6..377a60c4fdd2b5170f54933b3b5da5e267315fb1 100644
--- a/sepolicy/base/te/system_basic_hap.te
+++ b/sepolicy/base/te/system_basic_hap.te
@@ -127,7 +127,7 @@ allow system_basic_hap updater_sa:binder { call transfer };
 allow system_basic_hap useriam:binder { call transfer };
 allow system_basic_hap wallpaper_service:binder { call transfer };
 allow system_basic_hap wallpaper_service:fd { use };
-allowxperm system_basic_hap dev_mali:chr_file ioctl { 0x8000 0x8001 0x8002 0x8003 0x8005 0x8006 0x800e 0x8011 0x8014 0x8016 0x8018 0x8019 0x801d 0x801e 0x8024 0x8025 0x8026 0x8027 0x802a 0x802c 0x802d 0x802f 0x8030 0x8033 0x8034 0x8036 };
+allowxperm system_basic_hap dev_mali:chr_file ioctl { 0x8000 0x8001 0x8002 0x8003 0x8005 0x8006 0x800e 0x8011 0x8016 0x8018 0x8019 0x801d 0x801e 0x8026 };
 allowxperm system_basic_hap system_basic_hap_data_file:file ioctl { 0x5413 0xf50c };
 binder_call(system_basic_hap normal_hap_attr);
 allow system_basic_hap sa_locationhub_lbsservice_gnss:samgr_class { get };
diff --git a/sepolicy/base/te/system_core_hap.te b/sepolicy/base/te/system_core_hap.te
index bbe75b4e52d696f9677ef49f68351f8b049092e6..d460ba6d42f16ae16c93491c61b98e139f23e117 100644
--- a/sepolicy/base/te/system_core_hap.te
+++ b/sepolicy/base/te/system_core_hap.te
@@ -117,5 +117,5 @@ allow system_core_hap sys_usb_param:file { map open read };
 allow system_core_hap tracefs:dir { search };
 allow system_core_hap tracefs_trace_marker_file:file { open write };
 allowxperm system_core_hap dev_dri_file:chr_file ioctl { 0x641f };
-allowxperm system_core_hap dev_mali:chr_file ioctl { 0x8000 0x8001 0x8002 0x8003 0x8005 0x8006 0x800e 0x8011 0x8014 0x8016 0x8018 0x8019 0x801d 0x801e 0x8024 0x8025 0x8026 0x8027 0x802a 0x802c 0x802d 0x802f 0x8030 0x8033 0x8034 0x8036 };
+allowxperm system_core_hap dev_mali:chr_file ioctl { 0x8000 0x8001 0x8002 0x8003 0x8005 0x8006 0x8007 0x800e 0x800f 0x8011 0x8016 0x8018 0x8019 0x801d 0x801e 0x8026 };
 allowxperm system_core_hap system_core_hap_data_file:file ioctl { 0x5413 0xf50c };