diff --git a/adbd.te b/adbd.te
index 1344fdb81b4bd6ef3710f0229d7f47c95fc1a77b..33e0d55618bd427176827f13a681c32029bf456c 100644
--- a/adbd.te
+++ b/adbd.te
@@ -74,9 +74,9 @@ userdebug_or_eng(`
 ')
 
 # ndk-gdb invokes adb forward to forward the gdbserver socket.
-allow adbd app_data_file:dir search;
-allow adbd app_data_file:sock_file write;
-allow adbd appdomain:unix_stream_socket connectto;
+allow adbd { app_data_file autoplay_data_file }:dir search;
+allow adbd { app_data_file autoplay_data_file }:sock_file write;
+allow adbd { appdomain autoplay_app }:unix_stream_socket connectto;
 
 # ndk-gdb invokes adb pull of app_process, linker, and libc.so.
 allow adbd zygote_exec:file r_file_perms;
diff --git a/autoplay_app.te b/autoplay_app.te
index c34207c15f9b03ba631efbaeb669004f72530c46..19e337b029f6e7a3a11b2359bf61bc1afa05695c 100644
--- a/autoplay_app.te
+++ b/autoplay_app.te
@@ -11,3 +11,89 @@
 ###
 ### PackageManager flags an app as autoplay at install time.
 type autoplay_app, domain;
+
+# allow JITing
+allow autoplay_app self:process execmem;
+allow autoplay_app ashmem_device:chr_file execute;
+
+# Define and allow access to our own type for ashmem regions.
+# Label ashmem objects with our own unique type.
+tmpfs_domain(autoplay_app)
+# Map with PROT_EXEC.
+allow autoplay_app autoplay_app_tmpfs:file execute;
+
+# Send logcat messages to logd.
+write_logd(autoplay_app)
+
+# Receive and use open file descriptors inherited from zygote.
+allow autoplay_app zygote:fd use;
+
+# Notify zygote of death;
+allow autoplay_app zygote:process sigchld;
+
+# application inherit logd write socket (urge is to deprecate this long term)
+allow autoplay_app zygote:unix_dgram_socket write;
+
+# App sandbox file accesses.
+allow autoplay_app autoplay_data_file:dir create_dir_perms;
+allow autoplay_app autoplay_data_file:{ file sock_file fifo_file } create_file_perms;
+
+# For /acct/uid/*/tasks.
+allow autoplay_app cgroup:dir { search write };
+allow autoplay_app cgroup:file w_file_perms;
+
+# For art.
+allow autoplay_app dalvikcache_data_file:file { execute r_file_perms };
+allow autoplay_app dalvikcache_data_file:lnk_file r_file_perms;
+allow autoplay_app dalvikcache_data_file:dir getattr;
+
+# debugfs access
+allow autoplay_app debugfs:dir r_dir_perms;
+allow autoplay_app debugfs:file w_file_perms;
+
+# Grant GPU access. autoplay_app needs that to render the standard UI.
+allow autoplay_app gpu_device:chr_file rw_file_perms;
+
+# Use the Binder.
+binder_use(autoplay_app)
+# Perform binder IPC to binder services.
+binder_call(autoplay_app, surfaceflinger)
+binder_call(autoplay_app, system_server)
+
+# Allow read access to ion memory allocation device
+allow autoplay_app ion_device:chr_file { read open };
+
+# Use pipes and sockets provided by system_server via binder or local socket.
+allow autoplay_app system_server:fifo_file rw_file_perms;
+allow autoplay_app system_server:unix_stream_socket { read write setopt getattr getopt shutdown };
+allow autoplay_app system_server:tcp_socket { read write getattr getopt shutdown };
+
+# Inherit or receive open files from system_server.
+allow autoplay_app system_server:fd use;
+
+# Communicate with surfaceflinger.
+allow autoplay_app surfaceflinger:unix_stream_socket { read write setopt getattr getopt shutdown };
+
+# Read files already opened under /data.
+allow autoplay_app system_data_file:file { getattr read };
+allow autoplay_app system_data_file:lnk_file read;
+
+# System file accesses. Check for libraries
+allow autoplay_app system_file:dir getattr;
+
+###
+### neverallow rules
+###
+
+# Receive or send uevent messages.
+neverallow autoplay_app domain:netlink_kobject_uevent_socket *;
+
+# Receive or send generic netlink messages
+neverallow autoplay_app domain:netlink_socket *;
+
+# Too much leaky information in debugfs. It's a security
+# best practice to ensure these files aren't readable.
+neverallow autoplay_app debugfs:file read;
+
+# execute gpu_device
+neverallow autoplay_app gpu_device:chr_file execute;
diff --git a/domain.te b/domain.te
index 7fb223e861187c453373728b5a57319de8700b19..823901fb05d67b8b78ce3013cad7864c1c19ff0f 100644
--- a/domain.te
+++ b/domain.te
@@ -220,6 +220,7 @@ neverallow { domain -kernel -init -recovery -vold -zygote } { fs_type -sdcard_ty
 neverallow {
     domain
     -appdomain
+    -autoplay_app
     -dumpstate
     -shell
     userdebug_or_eng(`-su')
diff --git a/drmserver.te b/drmserver.te
index 3b654cc4f4f87fa76cff5b39d897b91564f92981..9a9cfc0981dbd828c8ed07206fc21f30c3f14cdb 100644
--- a/drmserver.te
+++ b/drmserver.te
@@ -10,7 +10,7 @@ net_domain(drmserver)
 # Perform Binder IPC to system server.
 binder_use(drmserver)
 binder_call(drmserver, system_server)
-binder_call(drmserver, appdomain)
+binder_call(drmserver, { appdomain autoplay_app })
 binder_service(drmserver)
 
 # Perform Binder IPC to mediaserver
@@ -20,7 +20,7 @@ allow drmserver sdcard_type:dir search;
 allow drmserver drm_data_file:dir create_dir_perms;
 allow drmserver drm_data_file:file create_file_perms;
 allow drmserver tee_device:chr_file rw_file_perms;
-allow drmserver app_data_file:file { read write getattr };
+allow drmserver { app_data_file autoplay_data_file}:file { read write getattr };
 allow drmserver sdcard_type:file { read write getattr };
 r_dir_file(drmserver, efs_file)
 
diff --git a/dumpstate.te b/dumpstate.te
index 036fdf77932b5b2745ffcb07465fd75520ac0ca6..cc38b1d2596bd305f65d945fba63eba45e58801f 100644
--- a/dumpstate.te
+++ b/dumpstate.te
@@ -44,7 +44,7 @@ allow dumpstate pstorefs:file r_file_perms;
 allow dumpstate domain:process getattr;
 
 # Signal java processes to dump their stack
-allow dumpstate { appdomain system_server }:process signal;
+allow dumpstate { appdomain autoplay_app system_server }:process signal;
 
 # Signal native processes to dump their stack.
 # This list comes from native_processes_to_dump in dumpstate/utils.c
@@ -68,7 +68,7 @@ allow dumpstate storage_file:dir search;
 
 # Allow dumpstate to make binder calls to any binder service
 binder_call(dumpstate, binderservicedomain)
-binder_call(dumpstate, appdomain)
+binder_call(dumpstate, { appdomain autoplay_app })
 
 # Reading /proc/PID/maps of other processes
 allow dumpstate self:capability sys_ptrace;
diff --git a/installd.te b/installd.te
index 21cd4f0b3212f72d3cc0d22d66b7d5d9628c90c5..379e0745c0f71cd87ff853cd1f872f36be10e8e4 100644
--- a/installd.te
+++ b/installd.te
@@ -86,8 +86,25 @@ allow installd system_data_file:notdevfile_class_set { getattr relabelfrom unlin
 # setting owner/mode, creating symlinks within them, and deleting them
 # upon package uninstall.
 # Types extracted from seapp_contexts type= fields.
-allow installd { system_app_data_file bluetooth_data_file nfc_data_file radio_data_file shell_data_file app_data_file }:dir { create_dir_perms relabelfrom relabelto };
-allow installd { system_app_data_file bluetooth_data_file nfc_data_file radio_data_file shell_data_file app_data_file }:notdevfile_class_set { create_file_perms relabelfrom relabelto };
+allow installd {
+    system_app_data_file
+    bluetooth_data_file
+    nfc_data_file
+    radio_data_file
+    shell_data_file
+    app_data_file
+    autoplay_data_file
+}:dir { create_dir_perms relabelfrom relabelto };
+
+allow installd {
+    system_app_data_file
+    bluetooth_data_file
+    nfc_data_file
+    radio_data_file
+    shell_data_file
+    app_data_file
+    autoplay_data_file
+}:notdevfile_class_set { create_file_perms relabelfrom relabelto };
 
 # Create and use pty created by android_fork_execvp().
 allow installd devpts:chr_file rw_file_perms;
diff --git a/lmkd.te b/lmkd.te
index 0d641ca7c810261a413d6bd19657cd448baa9681..a3b8bfcc14aff1a90fddf4b1e131e7d8f18fa205 100644
--- a/lmkd.te
+++ b/lmkd.te
@@ -16,6 +16,8 @@ allow lmkd self:capability ipc_lock;
 ## TODO: maybe scope this down?
 r_dir_file(lmkd, appdomain)
 allow lmkd appdomain:file write;
+r_dir_file(lmkd, autoplay_app)
+allow lmkd autoplay_app:file write;
 r_dir_file(lmkd, system_server)
 allow lmkd system_server:file write;
 
diff --git a/mediaserver.te b/mediaserver.te
index 714e55d42dba642acb32b312e2ace9b22175239a..d924b021d148658b392f11b2df61811c2d5cafda 100644
--- a/mediaserver.te
+++ b/mediaserver.te
@@ -11,7 +11,7 @@ r_dir_file(mediaserver, sdcard_type)
 
 binder_use(mediaserver)
 binder_call(mediaserver, binderservicedomain)
-binder_call(mediaserver, appdomain)
+binder_call(mediaserver, { appdomain autoplay_app })
 binder_service(mediaserver)
 
 # Required by Widevine DRM (b/22990512)
@@ -45,7 +45,7 @@ allow mediaserver asec_apk_file:file { read getattr };
 allow mediaserver radio_data_file:file { read getattr };
 
 # Use pipes passed over Binder from app domains.
-allow mediaserver appdomain:fifo_file { getattr read write };
+allow mediaserver { appdomain autoplay_app }:fifo_file { getattr read write };
 
 # Access camera device.
 allow mediaserver camera_device:chr_file rw_file_perms;
diff --git a/surfaceflinger.te b/surfaceflinger.te
index 5d1199dd63c66c5b8a55ec4bc11e43fb4444fe2c..7a30a4776b78511ed0c5041ec98e48c6149da5b1 100644
--- a/surfaceflinger.te
+++ b/surfaceflinger.te
@@ -8,7 +8,7 @@ typeattribute surfaceflinger mlstrustedsubject;
 # Perform Binder IPC.
 binder_use(surfaceflinger)
 binder_call(surfaceflinger, binderservicedomain)
-binder_call(surfaceflinger, appdomain)
+binder_call(surfaceflinger, { appdomain autoplay_app })
 binder_call(surfaceflinger, bootanim)
 binder_service(surfaceflinger)
 
@@ -17,7 +17,7 @@ binder_call(surfaceflinger, adbd)
 
 # Read /proc/pid files for Binder clients.
 r_dir_file(surfaceflinger, binderservicedomain)
-r_dir_file(surfaceflinger, appdomain)
+r_dir_file(surfaceflinger, { appdomain autoplay_app })
 
 # Access the GPU.
 allow surfaceflinger gpu_device:chr_file rw_file_perms;
@@ -38,7 +38,7 @@ set_prop(surfaceflinger, system_prop)
 set_prop(surfaceflinger, ctl_bootanim_prop)
 
 # Use open files supplied by an app.
-allow surfaceflinger appdomain:fd use;
+allow surfaceflinger { appdomain autoplay_app }:fd use;
 allow surfaceflinger app_data_file:file { read write };
 
 # Use open file provided by bootanim.
diff --git a/system_server.te b/system_server.te
index c4b7376bf68a0bfd74a550f871b6de7cbd45bece..be4b33224cc91d6aa23603a9f436ddc5163818d0 100644
--- a/system_server.te
+++ b/system_server.te
@@ -69,10 +69,10 @@ allow system_server self:netlink_socket create_socket_perms;
 allow system_server self:netlink_route_socket nlmsg_write;
 
 # Kill apps.
-allow system_server appdomain:process { sigkill signal };
+allow system_server { appdomain autoplay_app }:process { sigkill signal };
 
 # Set scheduling info for apps.
-allow system_server appdomain:process { getsched setsched };
+allow system_server { appdomain autoplay_app }:process { getsched setsched };
 allow system_server mediaserver:process { getsched setsched };
 
 # Read /proc/pid data for all domains. This is used by ProcessCpuTracker
@@ -128,7 +128,7 @@ binder_use(system_server)
 binder_call(system_server, binderservicedomain)
 binder_call(system_server, gatekeeperd)
 binder_call(system_server, fingerprintd)
-binder_call(system_server, appdomain)
+binder_call(system_server, { appdomain autoplay_app })
 binder_call(system_server, dumpstate)
 binder_service(system_server)
 
@@ -244,7 +244,7 @@ allow system_server zoneinfo_data_file:file create_file_perms;
 
 # Walk /data/data subdirectories.
 # Types extracted from seapp_contexts type= fields.
-allow system_server { system_app_data_file bluetooth_data_file nfc_data_file radio_data_file shell_data_file app_data_file }:dir { getattr read search };
+allow system_server { system_app_data_file bluetooth_data_file nfc_data_file radio_data_file shell_data_file app_data_file autoplay_data_file }:dir { getattr read search };
 # Also permit for unlabeled /data/data subdirectories and
 # for unlabeled asec containers on upgrades from 4.2.
 allow system_server unlabeled:dir r_dir_perms;
@@ -318,8 +318,8 @@ allow system_server gps_device:chr_file rw_file_perms;
 allow system_server gps_control:file rw_file_perms;
 
 # Allow system_server to use app-created sockets and pipes.
-allow system_server appdomain:{ tcp_socket udp_socket } { getattr getopt setopt read write shutdown };
-allow system_server appdomain:{ fifo_file unix_stream_socket } { getattr read write };
+allow system_server { appdomain autoplay_app }:{ tcp_socket udp_socket } { getattr getopt setopt read write shutdown };
+allow system_server { appdomain autoplay_app }:{ fifo_file unix_stream_socket } { getattr read write };
 
 # Allow abstract socket connection
 allow system_server rild:unix_stream_socket connectto;
diff --git a/zygote.te b/zygote.te
index 30ac4edc9c7cb2222d33d4978c14951b8b77a838..f3a8853ba4459d027a507ecd0063b64ba72cc59e 100644
--- a/zygote.te
+++ b/zygote.te
@@ -11,13 +11,13 @@ allow zygote self:capability setpcap;
 # Switch SELinux context to app domains.
 allow zygote self:process setcurrent;
 allow zygote system_server:process dyntransition;
-allow zygote appdomain:process dyntransition;
+allow zygote { appdomain autoplay_app }:process dyntransition;
 # Allow zygote to read app /proc/pid dirs (b/10455872)
-allow zygote appdomain:dir { getattr search };
-allow zygote appdomain:file { r_file_perms };
+allow zygote { appdomain autoplay_app }:dir { getattr search };
+allow zygote { appdomain autoplay_app }:file { r_file_perms };
 # Move children into the peer process group.
 allow zygote system_server:process { getpgid setpgid };
-allow zygote appdomain:process { getpgid setpgid };
+allow zygote { appdomain autoplay_app }:process { getpgid setpgid };
 # Read system data.
 allow zygote system_data_file:dir r_dir_perms;
 allow zygote system_data_file:file r_file_perms;
@@ -80,7 +80,7 @@ userdebug_or_eng(`
 # This is achieved by ensuring that it is impossible for zygote to
 # setcon (dyntransition) to any types other than those associated
 # with appdomain plus system_server.
-neverallow zygote ~{ appdomain system_server }:process dyntransition;
+neverallow zygote ~{ appdomain autoplay_app system_server }:process dyntransition;
 
 # Zygote should never execute anything from /data except for /data/dalvik-cache files.
 neverallow zygote {