diff --git a/init/init.oplus.camera.rc b/init/init.oplus.camera.rc
index 7cbfd7e..703c03a 100644
--- a/init/init.oplus.camera.rc
+++ b/init/init.oplus.camera.rc
@@ -4,6 +4,14 @@
 # SPDX-License-Identifier: Apache-2.0
 #
 
+on post-fs-data
+
+    # Bind mount fastrpc_shell_3 for labelling
+    mkdir /mnt/vendor/dsp 0770 root root
+    copy /vendor/dsp/cdsp/fastrpc_shell_3 /mnt/vendor/dsp/fastrpc_shell_3
+    chmod 0644 /mnt/vendor/dsp/fastrpc_shell_3
+    mount none /mnt/vendor/dsp/fastrpc_shell_3 /vendor/dsp/cdsp/fastrpc_shell_3 bind
+
 on boot
     # OIS
     chown cameraserver cameraserver /sys/kernel/ois_control/dump_registers
diff --git a/sepolicy/vendor/adsprpcd.te b/sepolicy/vendor/adsprpcd.te
new file mode 100644
index 0000000..71945f2
--- /dev/null
+++ b/sepolicy/vendor/adsprpcd.te
@@ -0,0 +1 @@
+r_dir_file(vendor_adsprpcd, public_adsprpcd_file)
diff --git a/sepolicy/vendor/app.te b/sepolicy/vendor/app.te
new file mode 100644
index 0000000..bb8de86
--- /dev/null
+++ b/sepolicy/vendor/app.te
@@ -0,0 +1,2 @@
+allow { appdomain -isolated_app } adsprpcd_file:dir r_dir_perms;
+allow { appdomain -isolated_app } public_adsprpcd_file:file r_file_perms;
diff --git a/sepolicy/vendor/cdsprpcd.te b/sepolicy/vendor/cdsprpcd.te
new file mode 100644
index 0000000..cead8a9
--- /dev/null
+++ b/sepolicy/vendor/cdsprpcd.te
@@ -0,0 +1 @@
+r_dir_file(vendor_cdsprpcd, public_adsprpcd_file)
diff --git a/sepolicy/vendor/file.te b/sepolicy/vendor/file.te
new file mode 100644
index 0000000..7631599
--- /dev/null
+++ b/sepolicy/vendor/file.te
@@ -0,0 +1 @@
+type public_adsprpcd_file, file_type;
diff --git a/sepolicy/vendor/file_contexts b/sepolicy/vendor/file_contexts
index caed2e7..60bf3e3 100644
--- a/sepolicy/vendor/file_contexts
+++ b/sepolicy/vendor/file_contexts
@@ -125,3 +125,8 @@
 /vendor/lib64/android\.hardware\.graphics\.allocator@[2-4]\.0\.so                       u:object_r:same_process_hal_file:s0
 /vendor/lib64/android\.hardware\.graphics\.common-V[1-2]-ndk_platform\.so               u:object_r:same_process_hal_file:s0
 /vendor/lib64/android\.hardware\.graphics\.common-V[1-3]-ndk\.so                        u:object_r:same_process_hal_file:s0
+
+# Hexagon DSP-side executable needed for Halide operation
+# This is labeled as public_adsprpcd_file as it needs to be read by apps
+# (e.g. Google Camera App)
+/mnt/vendor/dsp/fastrpc_shell_3							        u:object_r:public_adsprpcd_file:s0
diff --git a/sepolicy/vendor/hal_camera_default.te b/sepolicy/vendor/hal_camera_default.te
new file mode 100644
index 0000000..6907001
--- /dev/null
+++ b/sepolicy/vendor/hal_camera_default.te
@@ -0,0 +1 @@
+allow hal_camera_default public_adsprpcd_file:file r_file_perms;
diff --git a/sepolicy/vendor/hal_neuralnetworks_default.te b/sepolicy/vendor/hal_neuralnetworks_default.te
new file mode 100644
index 0000000..7763c49
--- /dev/null
+++ b/sepolicy/vendor/hal_neuralnetworks_default.te
@@ -0,0 +1 @@
+r_dir_file(vendor_hal_neuralnetworks_default, public_adsprpcd_file)
diff --git a/sepolicy/vendor/init.te b/sepolicy/vendor/init.te
index 6d9b469..c4da25e 100644
--- a/sepolicy/vendor/init.te
+++ b/sepolicy/vendor/init.te
@@ -1 +1,3 @@
+allow init adsprpcd_file:file mounton;
+
 set_prop(vendor_init, vendor_camera_prop)
diff --git a/sepolicy/vendor/vppservice.te b/sepolicy/vendor/vppservice.te
new file mode 100644
index 0000000..e9e1809
--- /dev/null
+++ b/sepolicy/vendor/vppservice.te
@@ -0,0 +1 @@
+r_dir_file(vendor_vppservice, public_adsprpcd_file)