diff --git a/private/compat/28.0/28.0.ignore.cil b/private/compat/28.0/28.0.ignore.cil
index 3404dd5e637680f975fa4022629a546fdbd329cb..ee5e3ce0920f3b22ea40dd66c5b81e4233e69945 100644
--- a/private/compat/28.0/28.0.ignore.cil
+++ b/private/compat/28.0/28.0.ignore.cil
@@ -49,5 +49,8 @@
     timedetector_service
     timezonedetector_service
     uri_grants_service
+    vendor_idc_file
+    vendor_keychars_file
+    vendor_keylayout_file
     vrflinger_vsync_service
     watchdogd_tmpfs))
diff --git a/private/file_contexts b/private/file_contexts
index a70f61bcb0e2a2f9ed51dfbaebbeccc90c8b3686..9046ee1c09a9b27cae145fb3e043460643b61611 100644
--- a/private/file_contexts
+++ b/private/file_contexts
@@ -349,6 +349,11 @@
 /(odm|vendor/odm)/overlay(/.*)?               u:object_r:vendor_overlay_file:s0
 /(odm|vendor/odm)/framework(/.*)?             u:object_r:vendor_framework_file:s0
 
+# Input configuration
+/(odm|vendor)/usr/keylayout(/.*)?.kl           u:object_r:vendor_keylayout_file:s0
+/(odm|vendor)/usr/keychars(/.*)?.kcm            u:object_r:vendor_keychars_file:s0
+/(odm|vendor)/usr/idc(/.*)?.idc                 u:object_r:vendor_idc_file:s0
+
 /oem(/.*)?              u:object_r:oemfs:s0
 
 # The precompiled monolithic sepolicy will be under /odm only when
diff --git a/private/system_server.te b/private/system_server.te
index e916415539678659d8251e3384bd3df902f7b577..048e5b2b6bc9cf25917004b92c9f3de0cee2b323 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -352,6 +352,11 @@ allow system_server apk_data_file:{ file lnk_file } { create_file_perms link };
 allow system_server apk_tmp_file:dir create_dir_perms;
 allow system_server apk_tmp_file:file create_file_perms;
 
+# Access input configuration files in the /vendor directory
+r_dir_file(system_server, vendor_keylayout_file)
+r_dir_file(system_server, vendor_keychars_file)
+r_dir_file(system_server, vendor_idc_file)
+
 # Access /vendor/{app,framework,overlay}
 r_dir_file(system_server, vendor_app_file)
 r_dir_file(system_server, vendor_framework_file)
diff --git a/public/file.te b/public/file.te
index 48c2a693d7e855c2707b5bd8c624d590571ef88e..9bf910ee778c14e16dd20ef79304152afae8e07c 100644
--- a/public/file.te
+++ b/public/file.te
@@ -171,6 +171,11 @@ type vendor_overlay_file, vendor_file_type, file_type;
 # apps. ABI stability of these libs is vendor's responsibility.
 type vendor_public_lib_file, vendor_file_type, file_type;
 
+# Input configuration
+type vendor_keylayout_file, vendor_file_type, file_type;
+type vendor_keychars_file, vendor_file_type, file_type;
+type vendor_idc_file, vendor_file_type, file_type;
+
 # /metadata partition itself
 type metadata_file, file_type;
 # Vold files within /metadata