diff --git a/debuggerd.te b/debuggerd.te
index 738dac2b5ed4816af7522d10f60e51a4dee39b09..32bc185f0a38a24546c5babb5f5edddcb1df397d 100644
--- a/debuggerd.te
+++ b/debuggerd.te
@@ -24,5 +24,10 @@ allow debuggerd system_data_file:file open;
 # Connect to system_server via /data/system/ndebugsocket.
 unix_socket_connect(debuggerd, system_ndebug, system_server)
 
+userdebug_or_eng(`
+  allow debuggerd input_device:dir r_dir_perms;
+  allow debuggerd input_device:chr_file rw_file_perms;
+')
+
 # logd access
 read_logd(debuggerd)
diff --git a/property.te b/property.te
index 55888d1151f4d844f54b8a1f845486c8177c0bef..9c6233c9eeaf418b4612e866195ac913d32f6ef3 100644
--- a/property.te
+++ b/property.te
@@ -1,6 +1,7 @@
 type default_prop, property_type;
 type shell_prop, property_type;
 type debug_prop, property_type;
+type debuggerd_prop, property_type;
 type radio_prop, property_type;
 type system_prop, property_type;
 type vold_prop, property_type;
diff --git a/property_contexts b/property_contexts
index 75c927f58b641427c5c13787792790455c83983e..eb23a6d27eb4d00ee90d23cb4edac1e1d3053fbd 100644
--- a/property_contexts
+++ b/property_contexts
@@ -27,6 +27,7 @@ dhcp.                   u:object_r:system_prop:s0
 bluetooth.              u:object_r:bluetooth_prop:s0
 
 debug.                  u:object_r:debug_prop:s0
+debug.db.               u:object_r:debuggerd_prop:s0
 log.                    u:object_r:shell_prop:s0
 service.adb.root        u:object_r:shell_prop:s0
 service.adb.tcp.port    u:object_r:shell_prop:s0
diff --git a/su.te b/su.te
index 7b6899a21af6906298570347144d71215eaf630f..1317fb2a2ec78301adaf5ae1545701a010c45d77 100644
--- a/su.te
+++ b/su.te
@@ -16,6 +16,7 @@ userdebug_or_eng(`
   allow su self:process execmem;
   tmpfs_domain(su)
   allow su su_tmpfs:file execute;
+  allow su debuggerd_prop:property_service set;
 
   # su is also permissive to permit setenforce.
   permissive su;