diff --git a/private/screencap.te b/private/screencap.te
index 579373aa6a3b41a20edfa24d477c3723bbcf9c9d..764880f55273a21dc452d7bca95d22a1e7e56ed1 100644
--- a/private/screencap.te
+++ b/private/screencap.te
@@ -8,7 +8,7 @@ allow screencap ion_device:chr_file rw_file_perms;
 
 allow screencap adbd:fifo_file write;
 allow screencap adbd:fd use;
-allow screencap adbd:unix_stream_socket { read write };
+allow screencap adbd:unix_stream_socket { read write getattr ioctl };
 
 allow screencap shell_data_file:file write;
 allow screencap shell:fd use;
@@ -20,7 +20,21 @@ allow screencap dumpstate:unix_stream_socket { read write };
 binder_use(screencap)
 binder_call(screencap, surfaceflinger)
 allow screencap surfaceflinger_service:service_manager find;
-allow screencap surfaceflinger:fd use;
+binder_call(screencap, system_server)
+allow screencap activity_service:service_manager find;
 
 hwbinder_use(screencap)
 hal_client_domain(screencap, hal_graphics_allocator)
+
+allow screencap shell_exec:file rx_file_perms;
+allow screencap system_file:file execute_no_trans;
+
+allow screencap media_rw_data_file:dir rw_dir_perms;
+allow screencap media_rw_data_file:file rw_file_perms;
+allow screencap mnt_user_file:dir search;
+allow screencap mnt_user_file:lnk_file read;
+allow screencap sdcardfs:dir { search write };
+allow screencap sdcardfs:file { open write };
+allow screencap storage_file:dir search;
+allow screencap storage_file:lnk_file read;
+allow screencap tmpfs:dir search;
diff --git a/private/system_server.te b/private/system_server.te
index 1bf28b6b36b9f0ae29327f6c41a05e568a8ab5d3..89eb1d5dc9e49d15e07966ab03e06149bdf4c0a9 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -178,6 +178,7 @@ binder_call(system_server, gatekeeperd)
 binder_call(system_server, installd)
 binder_call(system_server, incidentd)
 binder_call(system_server, netd)
+binder_call(system_server, screencap)
 binder_call(system_server, wificond)
 binder_service(system_server)