diff --git a/sepolicy/private/ramoops.te b/sepolicy/private/ramoops.te
index c7cea81d..534fa656 100644
--- a/sepolicy/private/ramoops.te
+++ b/sepolicy/private/ramoops.te
@@ -11,6 +11,7 @@ allow ramoops shell_exec:file rx_file_perms;
 allow ramoops toolbox_exec:file rx_file_perms;
 
 # Set the sys.ramoops.decrypted property
+typeattribute ramoops system_writes_vendor_properties_violators;
 set_prop(ramoops, ramoops_prop);
 
 allow ramoops sysfs_pstore:file rw_file_perms;
diff --git a/sepolicy/vendor/bluetooth.te b/sepolicy/vendor/bluetooth.te
index 5a8371dd..0f5673a9 100644
--- a/sepolicy/vendor/bluetooth.te
+++ b/sepolicy/vendor/bluetooth.te
@@ -1,3 +1,4 @@
+typeattribute bluetooth system_writes_vendor_properties_violators;
 set_prop(bluetooth, wc_prop)
 
 # Allow access to net_admin ioctls
diff --git a/sepolicy/vendor/cameraserver.te b/sepolicy/vendor/cameraserver.te
index d29d473d..594f22a9 100644
--- a/sepolicy/vendor/cameraserver.te
+++ b/sepolicy/vendor/cameraserver.te
@@ -1,5 +1,6 @@
 allow cameraserver gpu_device:chr_file rw_file_perms;
 
+typeattribute cameraserver system_writes_vendor_properties_violators;
 set_prop(cameraserver, camera_prop)
 
 allow cameraserver sysfs_camera:file r_file_perms;
diff --git a/sepolicy/vendor/gatekeeperd.te b/sepolicy/vendor/gatekeeperd.te
index 647ede2a..e4bef11b 100644
--- a/sepolicy/vendor/gatekeeperd.te
+++ b/sepolicy/vendor/gatekeeperd.te
@@ -1 +1,2 @@
+typeattribute gatekeeperd system_writes_vendor_properties_violators;
 set_prop(gatekeeperd, keymaster_prop)
diff --git a/sepolicy/vendor/radio.te b/sepolicy/vendor/radio.te
index 162251f3..73d9b526 100644
--- a/sepolicy/vendor/radio.te
+++ b/sepolicy/vendor/radio.te
@@ -1,4 +1,5 @@
 get_prop(radio, ims_prop)
+typeattribute radio system_writes_vendor_properties_violators;
 userdebug_or_eng(`set_prop(radio, tel_mon_prop)')
 
 allow radio qmuxd_socket:dir search;
diff --git a/sepolicy/vendor/surfaceflinger.te b/sepolicy/vendor/surfaceflinger.te
index 287824bf..6437fb82 100644
--- a/sepolicy/vendor/surfaceflinger.te
+++ b/sepolicy/vendor/surfaceflinger.te
@@ -2,3 +2,4 @@ dontaudit surfaceflinger firmware_file:dir search;
 dontaudit surfaceflinger vendor_file:file read;
 dontaudit surfaceflinger kernel:system module_request;
 allow surfaceflinger debugfs_ion:dir search;
+
diff --git a/sepolicy/vendor/system_app.te b/sepolicy/vendor/system_app.te
index 72d8cf3b..6fbccc86 100644
--- a/sepolicy/vendor/system_app.te
+++ b/sepolicy/vendor/system_app.te
@@ -4,6 +4,7 @@ userdebug_or_eng(`set_prop(system_app, tel_mon_prop)')
 
 # Needed by Settings app's CameraHalHdrplusPreferenceController, available only on a subset of
 # userdebug and eng devices
+typeattribute system_app system_writes_vendor_properties_violators;
 userdebug_or_eng(`set_prop(system_app, camera_prop)')
 
 # read regulatory info