diff --git a/sepolicy/OWNERS b/sepolicy/OWNERS
new file mode 100644
index 0000000..5232bc3
--- /dev/null
+++ b/sepolicy/OWNERS
@@ -0,0 +1,4 @@
+include device/google/gs-common:/sepolicy/OWNERS
+
+adamshih@google.com
+
diff --git a/sepolicy/bluejay-sepolicy.mk b/sepolicy/bluejay-sepolicy.mk
new file mode 100644
index 0000000..ab9ac22
--- /dev/null
+++ b/sepolicy/bluejay-sepolicy.mk
@@ -0,0 +1,2 @@
+BOARD_VENDOR_SEPOLICY_DIRS += device/google/bluejay-sepolicy/bluejay
+BOARD_VENDOR_SEPOLICY_DIRS += device/google/bluejay-sepolicy/tracking_denials
diff --git a/sepolicy/bluejay/device.te b/sepolicy/bluejay/device.te
new file mode 100644
index 0000000..d2a91db
--- /dev/null
+++ b/sepolicy/bluejay/device.te
@@ -0,0 +1,2 @@
+# Block Devices
+type fips_block_device, dev_type;
diff --git a/sepolicy/bluejay/file_contexts b/sepolicy/bluejay/file_contexts
new file mode 100644
index 0000000..a273c79
--- /dev/null
+++ b/sepolicy/bluejay/file_contexts
@@ -0,0 +1,5 @@
+# Binaries
+/vendor/bin/ufs_firmware_update\.sh                                         u:object_r:ufs_firmware_update_exec:s0
+
+# Devices
+/dev/block/platform/14700000\.ufs/by-name/fips                              u:object_r:fips_block_device:s0
diff --git a/sepolicy/bluejay/genfs_contexts b/sepolicy/bluejay/genfs_contexts
new file mode 100644
index 0000000..829c58d
--- /dev/null
+++ b/sepolicy/bluejay/genfs_contexts
@@ -0,0 +1,4 @@
+# Storage
+genfscon sysfs /devices/platform/14700000.ufs/vendor                    u:object_r:sysfs_scsi_devices_0000:s0
+genfscon sysfs /devices/platform/14700000.ufs/model                     u:object_r:sysfs_scsi_devices_0000:s0
+genfscon sysfs /devices/platform/14700000.ufs/rev                       u:object_r:sysfs_scsi_devices_0000:s0
diff --git a/sepolicy/bluejay/grilservice_app.te b/sepolicy/bluejay/grilservice_app.te
new file mode 100644
index 0000000..ad0a779
--- /dev/null
+++ b/sepolicy/bluejay/grilservice_app.te
@@ -0,0 +1 @@
+allow grilservice_app hal_bluetooth_coexistence_service:service_manager find;
diff --git a/sepolicy/bluejay/ufs_firmware_update.te b/sepolicy/bluejay/ufs_firmware_update.te
new file mode 100644
index 0000000..53ceba5
--- /dev/null
+++ b/sepolicy/bluejay/ufs_firmware_update.te
@@ -0,0 +1,10 @@
+type ufs_firmware_update, domain;
+type ufs_firmware_update_exec, vendor_file_type, exec_type, file_type;
+
+init_daemon_domain(ufs_firmware_update)
+
+allow ufs_firmware_update vendor_toolbox_exec:file execute_no_trans;
+allow ufs_firmware_update block_device:dir r_dir_perms;
+allow ufs_firmware_update fips_block_device:blk_file rw_file_perms;
+allow ufs_firmware_update sysfs:dir r_dir_perms;
+allow ufs_firmware_update sysfs_scsi_devices_0000:file r_file_perms;
diff --git a/sepolicy/tracking_denials/bug_map b/sepolicy/tracking_denials/bug_map
new file mode 100644
index 0000000..e69de29