diff --git a/adbd.te b/adbd.te
index 07b64ac86e1aa390016d43d0e5229e170fc76389..92e7c21e56b65ed59f5c529c4b0812d049c4b217 100644
--- a/adbd.te
+++ b/adbd.te
@@ -62,7 +62,7 @@ binder_use(adbd)
 binder_call(adbd, surfaceflinger)
 # b/13188914
 allow adbd gpu_device:chr_file rw_file_perms;
-allow adbd ion_device:chr_file r_file_perms;
+allow adbd ion_device:chr_file rw_file_perms;
 r_dir_file(adbd, system_file)
 
 # Read /data/misc/adb/adb_keys.
diff --git a/shell.te b/shell.te
index 6eb7e562664d92620a58ccc18b3d1a723fa351e2..4b6acbc25f6de43cd85c2cac588591e14b09ee62 100644
--- a/shell.te
+++ b/shell.te
@@ -125,4 +125,4 @@ allow shell self:process ptrace;
 neverallow shell file_type:file link;
 
 # Allow access to ion memory allocation device.
-allow shell ion_device:chr_file { open read };
+allow shell ion_device:chr_file rw_file_perms;