diff --git a/app.te b/app.te
index ffaae238603c994baa0fd029118d3a40eab46936..ba39ff4fffb47cfe20caf45620d03893d5d80641 100644
--- a/app.te
+++ b/app.te
@@ -106,7 +106,7 @@ allow appdomain qtaguid_device:chr_file r_file_perms;
 
 # Grant GPU access to all processes started by Zygote.
 # They need that to render the standard UI.
-allow appdomain gpu_device:chr_file { rw_file_perms execute };
+allow { appdomain -isolated_app } gpu_device:chr_file { rw_file_perms execute };
 
 # Use the Binder.
 binder_use(appdomain)
diff --git a/isolated_app.te b/isolated_app.te
index c3685279f3a3c0586af4e70580482da756753b82..1cede96cbe3dab9e0cf83cba31549e5031ab15e6 100644
--- a/isolated_app.te
+++ b/isolated_app.te
@@ -35,3 +35,6 @@ neverallow isolated_app {
     -activity_service
     -display_service
 }:service_manager find;
+
+# Isolated apps shouldn't be able to access the driver directly.
+neverallow isolated_app gpu_device:chr_file { rw_file_perms execute };