diff --git a/private/file_contexts b/private/file_contexts
index 4a392f1c2395fe60066a6e8c28ac42b9c0e9c14c..adae7dcfdc1bda143f05ec4fcf952ee60b76e2b6 100644
--- a/private/file_contexts
+++ b/private/file_contexts
@@ -104,6 +104,7 @@
 /dev/ptmx		u:object_r:ptmx_device:s0
 /dev/pvrsrvkm		u:object_r:gpu_device:s0
 /dev/kmsg		u:object_r:kmsg_device:s0
+/dev/kmsg_debug	u:object_r:kmsg_debug_device:s0
 /dev/null		u:object_r:null_device:s0
 /dev/nvhdcp1		u:object_r:video_device:s0
 /dev/random		u:object_r:random_device:s0
diff --git a/public/crash_dump.te b/public/crash_dump.te
index a0e278a1347ba1d78265222228df4465e097f5be..0bab782f1f2b7b3dc9a14934c9cfa89743c66625 100644
--- a/public/crash_dump.te
+++ b/public/crash_dump.te
@@ -15,6 +15,9 @@ dontaudit crash_dump self:capability { sys_ptrace };
 
 userdebug_or_eng(`
   allow crash_dump logd:process { ptrace signal sigchld sigstop sigkill };
+
+  # Let crash_dump write to /dev/kmsg_debug crashes that happen before logd comes up.
+  allow crash_dump kmsg_debug_device:chr_file { open append };
 ')
 
 # Use inherited file descriptors
diff --git a/public/device.te b/public/device.te
index 4a3bec91f0bd14a6fd2bce9b5c2d05ca06d23833..0f64bfabbfb16611e1bf5f91a7def6cb9e4b530d 100644
--- a/public/device.te
+++ b/public/device.te
@@ -36,6 +36,7 @@ type mtp_device, dev_type, mlstrustedobject;
 type nfc_device, dev_type;
 type ptmx_device, dev_type, mlstrustedobject;
 type kmsg_device, dev_type;
+type kmsg_debug_device, dev_type;
 type null_device, dev_type, mlstrustedobject;
 type random_device, dev_type, mlstrustedobject;
 type sensors_device, dev_type;
diff --git a/public/init.te b/public/init.te
index 4b080464b99e86e29b986f0ed1e50891cc0f9df9..b36a00201b26b74e074cd4ce75d230670d0c0d35 100644
--- a/public/init.te
+++ b/public/init.te
@@ -13,6 +13,10 @@ allow init tmpfs:chr_file { create setattr unlink rw_file_perms };
 # /dev/kmsg
 allow init tmpfs:chr_file relabelfrom;
 allow init kmsg_device:chr_file { write relabelto };
+# /dev/kmsg_debug
+userdebug_or_eng(`
+  allow init kmsg_debug_device:chr_file { write relabelto };
+')
 # /dev/__properties__
 allow init properties_device:dir relabelto;
 allow init properties_serial:file { write relabelto };