diff --git a/core/config_sanitizers.mk b/core/config_sanitizers.mk
index 9ea1ff41e..a4c103c4a 100644
--- a/core/config_sanitizers.mk
+++ b/core/config_sanitizers.mk
@@ -98,13 +98,17 @@ endif
 
 # Enable CFI in included paths.
 ifeq ($(filter cfi, $(my_sanitize)),)
-  combined_include_paths := $(CFI_INCLUDE_PATHS) \
-                            $(PRODUCT_CFI_INCLUDE_PATHS)
+# Do not rely on include paths for anything other than ARM64.
+# TODO: Relax this constraint for 2019.
+  ifneq ($(filter arm64,$(TARGET_$(LOCAL_2ND_ARCH_VAR_PREFIX)ARCH)),)
+    combined_include_paths := $(CFI_INCLUDE_PATHS) \
+                              $(PRODUCT_CFI_INCLUDE_PATHS)
 
-  ifneq ($(strip $(foreach dir,$(subst $(comma),$(space),$(combined_include_paths)),\
-         $(filter $(dir)%,$(LOCAL_PATH)))),)
-    my_sanitize := cfi $(my_sanitize)
-    my_sanitize_diag := cfi $(my_sanitize_diag)
+    ifneq ($(strip $(foreach dir,$(subst $(comma),$(space),$(combined_include_paths)),\
+           $(filter $(dir)%,$(LOCAL_PATH)))),)
+      my_sanitize := cfi $(my_sanitize)
+      my_sanitize_diag := cfi $(my_sanitize_diag)
+    endif
   endif
 endif
 
diff --git a/target/product/embedded.mk b/target/product/embedded.mk
index 3f1d6dfb1..58258169f 100644
--- a/target/product/embedded.mk
+++ b/target/product/embedded.mk
@@ -121,3 +121,27 @@ PRODUCT_COPY_FILES += \
     system/core/rootdir/init.usb.configfs.rc:root/init.usb.configfs.rc \
     system/core/rootdir/ueventd.rc:root/ueventd.rc \
     system/core/rootdir/etc/hosts:system/etc/hosts
+
+# This is a set of common components to enable CFI for (across
+# compatible product configs)
+PRODUCT_CFI_INCLUDE_PATHS :=  \
+    device/google/cuttlefish_common/guest/libs/wpa_supplicant_8_lib \
+    device/google/wahoo/wifi_offload \
+    external/tinyxml2 \
+    external/wpa_supplicant_8 \
+    frameworks/av/camera \
+    frameworks/av/media \
+    frameworks/av/services \
+    frameworks/minikin \
+    hardware/broadcom/wlan/bcmdhd/wpa_supplicant_8_lib \
+    hardware/interfaces/nfc \
+    hardware/qcom/wlan/qcwcn/wpa_supplicant_8_lib \
+    harware/interfaces/keymaster \
+    system/bt \
+    system/chre \
+    system/core/libnetutils \
+    system/core/libziparchive \
+    system/gatekeeper \
+    system/keymaster \
+    system/nfc \
+    system/security \