diff --git a/private/app_neverallows.te b/private/app_neverallows.te
index beee4f7fb568245aee0c789abd07843ebe556a04..8b53ff57ab0d723be3387ca2f34464d482cfcf12 100644
--- a/private/app_neverallows.te
+++ b/private/app_neverallows.te
@@ -107,3 +107,55 @@ neverallow all_untrusted_apps preloads_data_file:file no_rw_file_perms;
 # Locking of files on /system could lead to denial of service attacks
 # against privileged system components
 neverallow all_untrusted_apps system_file:file lock;
+
+# Do not permit access from apps which host arbitrary code to HwBinder services,
+# except those considered sufficiently safe for access from such apps.
+# The two main reasons for this are:
+# 1. HwBinder servers do not perform client authentication because HIDL
+#    currently does not expose caller UID information and, even if it did, many
+#    HwBinder services either operate at a level below that of apps (e.g., HALs)
+#    or must not rely on app identity for authorization. Thus, to be safe, the
+#    default assumption is that every HwBinder service treats all its clients as
+#    equally authorized to perform operations offered by the service.
+# 2. HAL servers (a subset of HwBinder services) contain code with higher
+#    incidence rate of security issues than system/core components and have
+#    access to lower layes of the stack (all the way down to hardware) thus
+#    increasing opportunities for bypassing the Android security model.
+neverallow all_untrusted_apps {
+  hwservice_manager_type
+  # Same process services are safe because they by definition run in the process
+  # of the client and thus have the same access as the client domain in which
+  # the process runs
+  -same_process_hwservice
+  -coredomain_hwservice # neverallows for coredomain HwBinder services are below
+  -hal_configstore_ISurfaceFlingerConfigs # Designed for use by any domain
+  # These operations are also offered by surfaceflinger Binder service which
+  # apps are permitted to access
+  -hal_graphics_allocator_hwservice
+  # HwBinder version of mediacodec Binder service which apps were permitted to
+  # access
+  -hal_omx_hwservice
+}:hwservice_manager find;
+# HwBinder services offered by core components (as opposed to vendor components)
+# are considered somewhat safer due to point #2 above.
+neverallow all_untrusted_apps {
+  coredomain_hwservice
+  -same_process_hwservice
+  -hidl_allocator_hwservice # Designed for use by any domain
+  -hidl_manager_hwservice # Designed for use by any domain
+  -hidl_memory_hwservice # Designed for use by any domain
+  -hidl_token_hwservice # Designed for use by any domain
+}:hwservice_manager find;
+
+# Restrict *Binder access from apps to HAL domains. We can only do this on full
+# Treble devices where *Binder communications between apps and HALs are tightly
+# restricted.
+full_treble_only(`
+  neverallow all_untrusted_apps {
+    halserverdomain
+    -coredomain
+    -hal_configstore_server
+    -hal_graphics_allocator_server
+    -binder_in_vendor_violators # TODO(b/35870313): Remove once all violations are gone
+  }:binder { call transfer };
+')
diff --git a/public/attributes b/public/attributes
index adad87ff63177e2d556933c347970eba9b44ad28..f2ae06f98055b638d0eeba79b5315e2245b27175 100644
--- a/public/attributes
+++ b/public/attributes
@@ -94,6 +94,14 @@ attribute service_manager_type;
 # All types used for services managed by hwservicemanager
 attribute hwservice_manager_type;
 
+# All HwBinder services guaranteed to be passthrough. These services always run
+# in the process of their clients, and thus operate with the same access as
+# their clients.
+attribute same_process_hwservice;
+
+# All HwBinder services guaranteed to be offered only by core domain components
+attribute coredomain_hwservice;
+
 # All types used for services managed by vndservicemanager
 attribute vndservice_manager_type;
 
diff --git a/public/domain.te b/public/domain.te
index 50243c05a66f0a9f5241468f2ad156801bab553b..f6343362456803241a036369fed881e70881d7fb 100644
--- a/public/domain.te
+++ b/public/domain.te
@@ -1007,3 +1007,12 @@ neverallow {
 
 # Enforce AT_SECURE for executing crash_dump.
 neverallow domain crash_dump:process noatsecure;
+
+# Do not permit non-core domains to register HwBinder services which are
+# guaranteed to be provided by core domains only.
+neverallow ~coredomain coredomain_hwservice:hwservice_manager add;
+
+# Do not permit the registeration of HwBinder services which are guaranteed to
+# be passthrough only (i.e., run in the process of their clients instead of a
+# separate server process).
+neverallow * same_process_hwservice:hwservice_manager add;
diff --git a/public/hwservice.te b/public/hwservice.te
index 05baf4b2e648f913a88aaef92fe92e142cc68da7..2b1ffcfbd98edd959b871b7f22a3e74b96ffe9b4 100644
--- a/public/hwservice.te
+++ b/public/hwservice.te
@@ -1,6 +1,6 @@
 type default_android_hwservice, hwservice_manager_type;
-type fwk_scheduler_hwservice, hwservice_manager_type;
-type fwk_sensor_hwservice, hwservice_manager_type;
+type fwk_scheduler_hwservice, hwservice_manager_type, coredomain_hwservice;
+type fwk_sensor_hwservice, hwservice_manager_type, coredomain_hwservice;
 type hal_audio_hwservice, hwservice_manager_type;
 type hal_bluetooth_hwservice, hwservice_manager_type;
 type hal_bootctl_hwservice, hwservice_manager_type;
@@ -14,7 +14,7 @@ type hal_gatekeeper_hwservice, hwservice_manager_type;
 type hal_gnss_hwservice, hwservice_manager_type;
 type hal_graphics_allocator_hwservice, hwservice_manager_type;
 type hal_graphics_composer_hwservice, hwservice_manager_type;
-type hal_graphics_mapper_hwservice, hwservice_manager_type;
+type hal_graphics_mapper_hwservice, hwservice_manager_type, same_process_hwservice;
 type hal_health_hwservice, hwservice_manager_type;
 type hal_ir_hwservice, hwservice_manager_type;
 type hal_keymaster_hwservice, hwservice_manager_type;
@@ -23,7 +23,7 @@ type hal_memtrack_hwservice, hwservice_manager_type;
 type hal_nfc_hwservice, hwservice_manager_type;
 type hal_omx_hwservice, hwservice_manager_type;
 type hal_power_hwservice, hwservice_manager_type;
-type hal_renderscript_hwservice, hwservice_manager_type;
+type hal_renderscript_hwservice, hwservice_manager_type, same_process_hwservice;
 type hal_sensors_hwservice, hwservice_manager_type;
 type hal_telephony_hwservice, hwservice_manager_type;
 type hal_thermal_hwservice, hwservice_manager_type;
@@ -34,9 +34,9 @@ type hal_vibrator_hwservice, hwservice_manager_type;
 type hal_vr_hwservice, hwservice_manager_type;
 type hal_wifi_hwservice, hwservice_manager_type;
 type hal_wifi_supplicant_hwservice, hwservice_manager_type;
-type hidl_allocator_hwservice, hwservice_manager_type;
+type hidl_allocator_hwservice, hwservice_manager_type, coredomain_hwservice;
 type hidl_base_hwservice, hwservice_manager_type;
-type hidl_manager_hwservice, hwservice_manager_type;
-type hidl_memory_hwservice, hwservice_manager_type;
-type hidl_token_hwservice, hwservice_manager_type;
-type system_wifi_keystore_hwservice, hwservice_manager_type;
+type hidl_manager_hwservice, hwservice_manager_type, coredomain_hwservice;
+type hidl_memory_hwservice, hwservice_manager_type, coredomain_hwservice;
+type hidl_token_hwservice, hwservice_manager_type, coredomain_hwservice;
+type system_wifi_keystore_hwservice, hwservice_manager_type, coredomain_hwservice;