diff --git a/init.hardware.diag.rc.userdebug b/init.hardware.diag.rc.userdebug
index 38118cad..968af10b 100644
--- a/init.hardware.diag.rc.userdebug
+++ b/init.hardware.diag.rc.userdebug
@@ -19,7 +19,8 @@ on post-fs-data
     mkdir /data/vendor/radio 0775 radio radio
     mkdir /data/vendor/radio/diag_logs 0777 system system
     # WLAN logging collection
-    mkdir /data/cnss_diag 0777 system system
+    mkdir /data/vendor/wifi 0777 system system
+    mkdir /data/vendor/wifi/cnss_diag 0777 system system
 
 on boot
     chmod 666 /dev/diag
diff --git a/init.hardware.rc b/init.hardware.rc
index b88dbabf..cccfb1c7 100644
--- a/init.hardware.rc
+++ b/init.hardware.rc
@@ -458,7 +458,7 @@ service ss_ramdump /vendor/bin/subsystem_ramdump
 
 on property:persist.sys.ssr.enable_ramdumps=1
     write /sys/module/subsystem_restart/parameters/enable_ramdumps 1
-    mkdir /data/ramdump 761 root system
+    mkdir /data/vendor/ramdump 761 root system
     start ss_ramdump
 
 on property:persist.sys.ssr.enable_ramdumps=0
diff --git a/sepolicy/file.te b/sepolicy/file.te
index 29add9db..8af09c37 100644
--- a/sepolicy/file.te
+++ b/sepolicy/file.te
@@ -39,7 +39,8 @@ type persist_sensors_file, file_type;
 type netmgr_data_file, file_type, data_file_type;
 
 type nfc_vendor_data_file, file_type, data_file_type;
-
 type radio_vendor_data_file, file_type, data_file_type, mlstrustedobject;
+type cnss_vendor_data_file, file_type, data_file_type, mlstrustedobject;
+type ramdump_vendor_data_file, file_type, data_file_type, mlstrustedobject;
 
 type ramdump_data_file, file_type, data_file_type, mlstrustedobject;
diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts
index ca5ea648..1c949c3e 100644
--- a/sepolicy/file_contexts
+++ b/sepolicy/file_contexts
@@ -150,7 +150,7 @@
 /system/bin/init\.radio\.sh            u:object_r:init_radio_exec:s0
 /system/bin/location-mq-s              u:object_r:location_exec:s0
 /system/bin/lowi-server                u:object_r:location_exec:s0
-/system/bin/ramdump                    u:object_r:ramdump_exec:s0
+/vendor/bin/ramdump                    u:object_r:ramdump_exec:s0
 
 # files in /vendor
 /vendor/bin/hw/android\.hardware\.dumpstate@1\.0-service.wahoo      u:object_r:hal_dumpstate_impl_exec:s0
@@ -195,12 +195,14 @@
 
 # data files
 /data/misc/radio(/.*)?                 u:object_r:radio_data_file:s0
-/data/vendor/radio(/.*)?               u:object_r:radio_vendor_data_file:s0
 /data/misc/netmgr(/.*)?                u:object_r:netmgr_data_file:s0
 /data/misc/location(/.*)?              u:object_r:location_data_file:s0
 /data/ramdump(/.*)?                    u:object_r:ramdump_data_file:s0
 /data/nfc(/.*)?                        u:object_r:nfc_data_file:s0
 /data/vendor/nfc(/.*)?                 u:object_r:nfc_vendor_data_file:s0
+/data/vendor/radio(/.*)?               u:object_r:radio_vendor_data_file:s0
+/data/vendor/wifi(/.*)?                u:object_r:cnss_vendor_data_file:s0
+/data/vendor/ramdump(/.*)?             u:object_r:ramdump_vendor_data_file:s0
 
 # /
 /tombstones             u:object_r:rootfs:s0
diff --git a/sepolicy/logger_app.te b/sepolicy/logger_app.te
index a172a07e..70607dfc 100644
--- a/sepolicy/logger_app.te
+++ b/sepolicy/logger_app.te
@@ -7,6 +7,11 @@ userdebug_or_eng(`
   allow logger_app app_api_service:service_manager find;
   allow logger_app surfaceflinger_service:service_manager find;
 
-  allow logger_app radio_vendor_data_file:file { create open unlink getattr setattr read write };
-  allow logger_app radio_vendor_data_file:dir { create open rmdir add_name remove_name getattr setattr search read write };
+  allow logger_app diag_device:chr_file rw_file_perms;
+
+  allow logger_app radio_vendor_data_file:file create_file_perms;
+  allow logger_app radio_vendor_data_file:dir create_dir_perms;
+
+  allow logger_app cnss_vendor_data_file:dir create_dir_perms;
+  allow logger_app cnss_vendor_data_file:file create_file_perms;
 ')
diff --git a/sepolicy/platform_app.te b/sepolicy/platform_app.te
index e9d7f1e3..e69de29b 100644
--- a/sepolicy/platform_app.te
+++ b/sepolicy/platform_app.te
@@ -1,3 +0,0 @@
-userdebug_or_eng(`
-  get_prop(platform_app, ramdump_prop)
-')
diff --git a/sepolicy/ramdump.te b/sepolicy/ramdump.te
index 226a6f33..6c19fd39 100644
--- a/sepolicy/ramdump.te
+++ b/sepolicy/ramdump.te
@@ -8,8 +8,8 @@ userdebug_or_eng(`
 
   allow ramdump self:capability sys_rawio;
 
-  allow ramdump ramdump_data_file:dir w_dir_perms;
-  allow ramdump ramdump_data_file:file create_file_perms;
+  allow ramdump ramdump_vendor_data_file:dir create_dir_perms;
+  allow ramdump ramdump_vendor_data_file:file create_file_perms;
   allow ramdump proc:file r_file_perms;
 
   allow ramdump misc_block_device:blk_file rw_file_perms;
diff --git a/sepolicy/ramdump_app.te b/sepolicy/ramdump_app.te
new file mode 100644
index 00000000..c32a3609
--- /dev/null
+++ b/sepolicy/ramdump_app.te
@@ -0,0 +1,13 @@
+type ramdump_app, domain;
+
+userdebug_or_eng(`
+  app_domain(ramdump_app)
+
+  allow ramdump_app app_api_service:service_manager find;
+
+  allow ramdump_app ramdump_vendor_data_file:file create_file_perms;
+  allow ramdump_app ramdump_vendor_data_file:dir create_dir_perms;
+
+  set_prop(ramdump_app, ramdump_prop);
+  get_prop(system_app, ssr_prop)
+')
diff --git a/sepolicy/seapp_contexts b/sepolicy/seapp_contexts
index 2c42fc3e..6a66f6de 100644
--- a/sepolicy/seapp_contexts
+++ b/sepolicy/seapp_contexts
@@ -1 +1,3 @@
+user=system seinfo=platform name=com.google.SSRestartDetector domain=ssr_detector_app type=system_app_data_file
 user=_app seinfo=platform name=com.android.nexuslogger domain=logger_app type=app_data_file levelFrom=all
+user=_app seinfo=platform name=com.android.ramdump domain=ramdump_app type=app_data_file levelFrom=all
diff --git a/sepolicy/ssr_detector.te b/sepolicy/ssr_detector.te
new file mode 100644
index 00000000..b586b9d1
--- /dev/null
+++ b/sepolicy/ssr_detector.te
@@ -0,0 +1,16 @@
+# SSRestartDetector app
+type ssr_detector_app, domain;
+
+userdebug_or_eng(`
+  app_domain(ssr_detector_app)
+
+  allow ssr_detector_app ramdump_vendor_data_file:dir r_dir_perms;
+  allow ssr_detector_app ramdump_vendor_data_file:file r_file_perms;
+  get_prop(ssr_detector_app, ssr_prop)
+
+  allow ssr_detector_app { app_api_service }:service_manager find;
+
+  # Read and write /data/data subdirectory.
+  allow ssr_detector_app system_app_data_file:dir create_dir_perms;
+  allow ssr_detector_app system_app_data_file:{ file lnk_file } create_file_perms;
+')
diff --git a/sepolicy/subsystem_ramdump.te b/sepolicy/subsystem_ramdump.te
index 13918aad..654133bd 100644
--- a/sepolicy/subsystem_ramdump.te
+++ b/sepolicy/subsystem_ramdump.te
@@ -1,18 +1,17 @@
-type subsystem_ramdump, domain;
 type subsystem_ramdump_exec, exec_type, file_type;
 
-init_daemon_domain(subsystem_ramdump);
-
 userdebug_or_eng(`
-permissive subsystem_ramdump;
+  type subsystem_ramdump, domain;
 
-allow subsystem_ramdump device:dir r_dir_perms;
-allow subsystem_ramdump ramdump_device:chr_file r_file_perms;
+  init_daemon_domain(subsystem_ramdump);
 
-r_dir_file(subsystem_ramdump, sysfs_type);
+  allow subsystem_ramdump device:dir r_dir_perms;
+  allow subsystem_ramdump ramdump_device:chr_file r_file_perms;
 
-allow subsystem_ramdump ramdump_data_file:dir rw_dir_perms;
-allow subsystem_ramdump ramdump_data_file:file create_file_perms;
+  r_dir_file(subsystem_ramdump, sysfs_type);
 
-set_prop(subsystem_ramdump, ssr_prop);
+  allow subsystem_ramdump ramdump_vendor_data_file:dir rw_dir_perms;
+  allow subsystem_ramdump ramdump_vendor_data_file:file create_file_perms;
+
+  set_prop(subsystem_ramdump, ssr_prop);
 ')
diff --git a/sepolicy/system_app.te b/sepolicy/system_app.te
index e9ea0953..e37eb3dc 100644
--- a/sepolicy/system_app.te
+++ b/sepolicy/system_app.te
@@ -4,12 +4,3 @@ unix_socket_connect(system_app, cnd, cnd)
 
 get_prop(system_app, cnd_prop)
 allow system_app cne_service:service_manager add;
-
-userdebug_or_eng(`
-  # TODO(b/36734870): Remove this once system_app no longer directly
-  # accesses data owned by vendor components
-  typeattribute system_app vendordata_in_core_violators;
-  allow system_app ramdump_data_file:dir r_dir_perms;
-  allow system_app ramdump_data_file:file r_file_perms;
-  get_prop(system_app, ssr_prop)
-')
diff --git a/sepolicy/wcnss_service.te b/sepolicy/wcnss_service.te
index cb92b512..78e49273 100644
--- a/sepolicy/wcnss_service.te
+++ b/sepolicy/wcnss_service.te
@@ -22,12 +22,8 @@ allowxperm wcnss_service self:udp_socket ioctl { SIOCIWFIRSTPRIV_05 SIOCSIFFLAGS
 allow wcnss_service self:netlink_generic_socket create_socket_perms_no_ioctl;
 allow wcnss_service self:netlink_socket create_socket_perms_no_ioctl;
 
-# TODO(b/36683225): Remove this once wcnss_service stops accessing data
-# outside /data/vendor.
-typeattribute wcnss_service coredata_in_vendor_violators;
-
-allow wcnss_service wifi_data_file:dir rw_dir_perms;
-allow wcnss_service wifi_data_file:file create_file_perms;
+allow wcnss_service cnss_vendor_data_file:dir rw_dir_perms;
+allow wcnss_service cnss_vendor_data_file:file create_file_perms;
 
 allow wcnss_service proc_net:file getattr;