diff --git a/private/app_neverallows.te b/private/app_neverallows.te
index 0a8172692..9c96f1984 100644
--- a/private/app_neverallows.te
+++ b/private/app_neverallows.te
@@ -294,6 +294,7 @@ neverallow all_untrusted_apps {
 neverallow all_untrusted_apps {
   coredomain_hwservice
   -same_process_hwservice
+  -fwk_bufferhub_hwservice # Designed for use by any domain
   -hidl_allocator_hwservice # Designed for use by any domain
   -hidl_manager_hwservice # Designed for use by any domain
   -hidl_memory_hwservice # Designed for use by any domain
diff --git a/private/technical_debt.cil b/private/technical_debt.cil
index 35db2b3f2..d1215fea8 100644
--- a/private/technical_debt.cil
+++ b/private/technical_debt.cil
@@ -50,3 +50,8 @@
 (typeattributeset untrusted_app_visible_hwservice_violators (untrusted_app_visible_hwservice))
 (typeattribute untrusted_app_visible_halserver)
 (typeattributeset untrusted_app_visible_halserver_violators (untrusted_app_visible_halserver))
+
+; Apps, except isolated apps, are clients of BufferHub HAL
+; Unfortunately, we can't currently express this in module policy language:
+;     typeattribute { appdomain -isolated_app } hal_cas_client;
+(typeattributeset hal_bufferhub_client ((and (appdomain) ((not (isolated_app))))))
diff --git a/public/fwk_bufferhub.te b/public/fwk_bufferhub.te
index 240f04b98..03486bd1e 100644
--- a/public/fwk_bufferhub.te
+++ b/public/fwk_bufferhub.te
@@ -1,4 +1,4 @@
 binder_call(hal_bufferhub_client, hal_bufferhub_server)
 binder_call(hal_bufferhub_server, hal_bufferhub_client)
 
-add_hwservice(hal_bufferhub_server, fwk_bufferhub_hwservice)
+hal_attribute_hwservice(hal_bufferhub, fwk_bufferhub_hwservice)