diff --git a/private/app.te b/private/app.te
index b2c1be334bccfe713ef84eafabbb68c39e7e4134..ffe6598d6544004dbbb39d8aae994bea55a803fc 100644
--- a/private/app.te
+++ b/private/app.te
@@ -16,8 +16,10 @@ neverallow appdomain system_server:udp_socket {
 
 # Transition to a non-app domain.
 # Exception for the shell and su domains, can transition to runas, etc.
-# Exception for crash_dump.
-neverallow { appdomain -shell userdebug_or_eng(`-su') } { domain -appdomain -crash_dump }:process
-    { transition };
-neverallow { appdomain -shell userdebug_or_eng(`-su') } { domain -appdomain }:process
-    { dyntransition };
+# Exception for crash_dump to allow for app crash reporting.
+# Exception for renderscript binaries (/system/bin/bcc, /system/bin/ld.mc)
+# to allow renderscript to create privileged executable files.
+neverallow { appdomain -shell userdebug_or_eng(`-su') }
+    { domain -appdomain -crash_dump -rs }:process { transition };
+neverallow { appdomain -shell userdebug_or_eng(`-su') }
+    { domain -appdomain }:process { dyntransition };
diff --git a/private/app_neverallows.te b/private/app_neverallows.te
index 7e14dd42dd265c619ac9c44b30e31a97eb55b3a6..6ebbd436a51976d9b19a8507f44bdfa0bda80b6b 100644
--- a/private/app_neverallows.te
+++ b/private/app_neverallows.te
@@ -41,6 +41,12 @@ neverallow { all_untrusted_apps -mediaprovider } property_type:property_service
 # but otherwise disallow untrusted apps from reading this property.
 neverallow { all_untrusted_apps -untrusted_app_25 } net_dns_prop:file read;
 
+# Renderscript created files within an app home directory can be
+# dlopen()ed. To maintain the W^X property, these files
+# must never be writable to the app.
+neverallow all_untrusted_apps rs_data_file:file
+  { append create link relabelfrom relabelto rename setattr write };
+
 # Block calling execve() on files in an apps home directory.
 # This is a W^X violation (loading executable code from a writable
 # home directory). For compatibility, allow for targetApi <= 28.
@@ -121,6 +127,7 @@ neverallow { all_untrusted_apps -mediaprovider } {
   file_type
   -app_data_file            # The apps sandbox itself
   -privapp_data_file
+  -rs_data_file             # stored within the app sandbox directory
   -media_rw_data_file       # Internal storage. Known that apps can
                             # leave artfacts here after uninstall.
   -user_profile_data_file   # Access to profile files
diff --git a/private/coredomain.te b/private/coredomain.te
index 04f7a46266c924ba05672b354ea2669a26965f7f..741351531afe6a9d0b2abb10204766247847130b 100644
--- a/private/coredomain.te
+++ b/private/coredomain.te
@@ -28,6 +28,7 @@ full_treble_only(`
         userdebug_or_eng(`-perfprofd')
         userdebug_or_eng(`-heapprofd')
         -postinstall_dexopt
+        -rs # spawned by appdomain, so carryover the exception above
         -system_server
     } vendor_app_file:dir { open read getattr search };
 ')
@@ -43,6 +44,7 @@ full_treble_only(`
         userdebug_or_eng(`-perfprofd')
         userdebug_or_eng(`-heapprofd')
         -postinstall_dexopt
+        -rs # spawned by appdomain, so carryover the exception above
         -system_server
         -mediaserver
     } vendor_app_file:file r_file_perms;
@@ -56,6 +58,7 @@ full_treble_only(`
         -idmap
         -init
         -installd
+        -rs # spawned by appdomain, so carryover the exception above
         -system_server
         -webview_zygote
         -zygote
@@ -70,6 +73,7 @@ full_treble_only(`
         -idmap
         -init
         -installd
+        -rs # spawned by appdomain, so carryover the exception above
         -system_server
         -webview_zygote
         -zygote
diff --git a/private/domain.te b/private/domain.te
index 7a41ab21300044bba6d753362c63e53a93d8433b..15179e23b12f43a8b43e856776d1d43f1cefe1fb 100644
--- a/private/domain.te
+++ b/private/domain.te
@@ -25,8 +25,8 @@ userdebug_or_eng(`can_profile_heap({
 
 # Path resolution access in cgroups.
 allow domain cgroup:dir search;
-allow { domain -appdomain } cgroup:dir w_dir_perms;
-allow { domain -appdomain } cgroup:file w_file_perms;
+allow { domain -appdomain -rs } cgroup:dir w_dir_perms;
+allow { domain -appdomain -rs } cgroup:file w_file_perms;
 
 # For now, everyone can access core property files
 # Device specific properties are not granted by default
@@ -105,6 +105,7 @@ neverallow {
   -installd
   userdebug_or_eng(`-perfprofd')
   -profman
+  -rs # spawned by appdomain, so carryover the exception above
   -runas
   -system_server
 } { privapp_data_file app_data_file }:dir *;
@@ -115,6 +116,7 @@ neverallow {
   domain
   -appdomain
   -installd
+  -rs # spawned by appdomain, so carryover the exception above
 } { privapp_data_file app_data_file }:dir ~r_dir_perms;
 
 neverallow {
@@ -122,6 +124,7 @@ neverallow {
   -appdomain
   -installd
   userdebug_or_eng(`-perfprofd')
+  -rs # spawned by appdomain, so carryover the exception above
 } { privapp_data_file app_data_file }:file_class_set open;
 
 neverallow {
diff --git a/private/ephemeral_app.te b/private/ephemeral_app.te
index f28d28f04b4ea1bc939d29b48850c3a2d36eadab..4935f3340fe53f9f57d577e098252ff6f45bd129 100644
--- a/private/ephemeral_app.te
+++ b/private/ephemeral_app.te
@@ -21,7 +21,15 @@ allow ephemeral_app { sdcard_type media_rw_data_file }:file {read write getattr
 
 # Some apps ship with shared libraries and binaries that they write out
 # to their sandbox directory and then execute.
-allow ephemeral_app { app_data_file privapp_data_file }:file {r_file_perms execute};
+allow ephemeral_app privapp_data_file:file { r_file_perms execute };
+allow ephemeral_app app_data_file:file     { r_file_perms execute };
+
+# Allow the renderscript compiler to be run.
+domain_auto_trans(ephemeral_app, rs_exec, rs)
+
+# Allow loading and deleting renderscript created shared libraries
+# within an application home directory.
+allow ephemeral_app rs_data_file:file { r_file_perms execute unlink };
 
 # services
 allow ephemeral_app audioserver_service:service_manager find;
diff --git a/private/file.te b/private/file.te
index fd1c2eec5d6953354945de48b158f2d795f43cd3..884374397c1fa4265ea388a37852c11372a551fe 100644
--- a/private/file.te
+++ b/private/file.te
@@ -13,3 +13,5 @@ type perfetto_traces_data_file, file_type, data_file_type, core_data_file_type;
 # /sys/kernel/debug/kcov for coverage guided kernel fuzzing in userdebug builds.
 type debugfs_kcov, fs_type, debugfs_type;
 
+# renderscript created files in /data/data directories
+type rs_data_file, file_type, data_file_type, core_data_file_type;
diff --git a/private/file_contexts b/private/file_contexts
index abef72b8fc81af5a539da424b79b5323c21f4c2b..fac31a0872418fa5bf325fea575fbd91111a2bdc 100644
--- a/private/file_contexts
+++ b/private/file_contexts
@@ -176,6 +176,7 @@
 /system(/.*)?		u:object_r:system_file:s0
 /system/lib(64)?(/.*)?		u:object_r:system_lib_file:s0
 /system/bin/atrace	u:object_r:atrace_exec:s0
+/system/bin/bcc                 u:object_r:rs_exec:s0
 /system/bin/blank_screen	u:object_r:blank_screen_exec:s0
 /system/bin/e2fsdroid		u:object_r:e2fs_exec:s0
 /system/bin/mke2fs		u:object_r:e2fs_exec:s0
@@ -189,6 +190,7 @@
 /system/bin/tune2fs	--	u:object_r:fsck_exec:s0
 /system/bin/toolbox	--	u:object_r:toolbox_exec:s0
 /system/bin/toybox	--	u:object_r:toolbox_exec:s0
+/system/bin/ld\.mc              u:object_r:rs_exec:s0
 /system/bin/logcat	--	u:object_r:logcat_exec:s0
 /system/bin/logcatd	--	u:object_r:logcat_exec:s0
 /system/bin/sh		--	u:object_r:shell_exec:s0
diff --git a/private/installd.te b/private/installd.te
index 055371631f70192590f8e0c4e47bd2599581d46d..fd3535c86a7b69d19805b987d4531aaa00888132 100644
--- a/private/installd.te
+++ b/private/installd.te
@@ -20,3 +20,6 @@ type_transition installd system_data_file:file install_data_file;
 # For collecting bugreports.
 allow installd dumpstate:fd use;
 allow installd dumpstate:fifo_file r_file_perms;
+
+# Delete /system/bin/bcc generated artifacts
+allow installd rs_data_file:file unlink;
diff --git a/private/rs.te b/private/rs.te
new file mode 100644
index 0000000000000000000000000000000000000000..94cf6b4e8aab97ba71dbe026f8dd0e0a32e573dc
--- /dev/null
+++ b/private/rs.te
@@ -0,0 +1,42 @@
+type rs, domain, coredomain;
+type rs_exec, system_file_type, exec_type, file_type;
+
+# Any files which would have been created as app_data_file
+# will be created as rs_data_file instead.
+allow rs app_data_file:dir ra_dir_perms;
+allow rs rs_data_file:file create_file_perms;
+type_transition rs app_data_file:file rs_data_file;
+
+# Read files from the app home directory.
+allow rs app_data_file:file r_file_perms;
+allow rs app_data_file:dir r_dir_perms;
+
+# Cleanup rs_data_file files in the app home directory.
+allow rs app_data_file:dir remove_name;
+
+# Use vendor resources
+allow rs vendor_file:dir r_dir_perms;
+r_dir_file(rs, vendor_overlay_file)
+r_dir_file(rs, vendor_app_file)
+
+# Read contents of app apks
+r_dir_file(rs, apk_data_file)
+
+allow rs gpu_device:chr_file rw_file_perms;
+allow rs ion_device:chr_file r_file_perms;
+allow rs same_process_hal_file:file { r_file_perms execute };
+
+# File descriptors passed from app to renderscript
+allow rs untrusted_app_all:fd use;
+
+# TODO: Explain why these dontaudits are needed. Most likely
+# these are file descriptors leaking across an exec() boundary
+# due to a missing O_CLOEXEC / SOCK_CLOEXEC
+dontaudit rs untrusted_app_all:unix_stream_socket { read write };
+dontaudit rs untrusted_app_all:fifo_file { read write };
+
+# TODO: Explain why this is necessary. I think this is a zygote
+# created logging socket and system server parceled file descriptor
+# which is not using the O_CLOEXEC flag.
+dontaudit rs zygote:fd use;
+dontaudit rs system_server:fd use;
diff --git a/private/untrusted_app_all.te b/private/untrusted_app_all.te
index 72e03e12fbc3c8ac5a7b2e80d99ff16d15067ed4..aebb7118aee60acc06342225acf4b76ca00987c9 100644
--- a/private/untrusted_app_all.te
+++ b/private/untrusted_app_all.te
@@ -22,7 +22,12 @@
 
 # Some apps ship with shared libraries and binaries that they write out
 # to their sandbox directory and then execute.
-allow untrusted_app_all { app_data_file privapp_data_file }:file { r_file_perms execute };
+allow untrusted_app_all privapp_data_file:file { r_file_perms execute };
+allow untrusted_app_all app_data_file:file     { r_file_perms execute };
+
+# Allow loading and deleting renderscript created shared libraries
+# within an application home directory.
+allow untrusted_app_all rs_data_file:file { r_file_perms execute unlink };
 
 # ASEC
 allow untrusted_app_all asec_apk_file:file r_file_perms;
@@ -122,6 +127,9 @@ unix_socket_connect(untrusted_app_all, traced_producer, traced)
 allow untrusted_app_all system_server:udp_socket {
         connect getattr read recvfrom sendto write getopt setopt };
 
+# Allow the renderscript compiler to be run.
+domain_auto_trans(untrusted_app_all, rs_exec, rs)
+
 # This is allowed for targetSdkVersion <= 25 but disallowed on newer versions.
 dontaudit untrusted_app_all net_dns_prop:file read;