diff --git a/sepolicy/private/ramoops.te b/sepolicy/private/ramoops.te
index c7cea81d..534fa656 100644
--- a/sepolicy/private/ramoops.te
+++ b/sepolicy/private/ramoops.te
@@ -11,6 +11,7 @@ allow ramoops shell_exec:file rx_file_perms;
 allow ramoops toolbox_exec:file rx_file_perms;
 
 # Set the sys.ramoops.decrypted property
+typeattribute ramoops system_writes_vendor_properties_violators;
 set_prop(ramoops, ramoops_prop);
 
 allow ramoops sysfs_pstore:file rw_file_perms;
diff --git a/sepolicy/vendor/bluetooth.te b/sepolicy/vendor/bluetooth.te
index 6d70fab6..a71c1450 100644
--- a/sepolicy/vendor/bluetooth.te
+++ b/sepolicy/vendor/bluetooth.te
@@ -1,3 +1,4 @@
+typeattribute bluetooth system_writes_vendor_properties_violators;
 set_prop(bluetooth, vendor_bluetooth_prop)
 set_prop(bluetooth, wc_prop)
 
diff --git a/sepolicy/vendor/cameraserver.te b/sepolicy/vendor/cameraserver.te
index d29d473d..594f22a9 100644
--- a/sepolicy/vendor/cameraserver.te
+++ b/sepolicy/vendor/cameraserver.te
@@ -1,5 +1,6 @@
 allow cameraserver gpu_device:chr_file rw_file_perms;
 
+typeattribute cameraserver system_writes_vendor_properties_violators;
 set_prop(cameraserver, camera_prop)
 
 allow cameraserver sysfs_camera:file r_file_perms;
diff --git a/sepolicy/vendor/charger.te b/sepolicy/vendor/charger.te
index 3f30f35d..e8472810 100644
--- a/sepolicy/vendor/charger.te
+++ b/sepolicy/vendor/charger.te
@@ -1 +1,2 @@
+typeattribute charger system_writes_vendor_properties_violators;
 set_prop(charger, public_vendor_system_prop)
diff --git a/sepolicy/vendor/gatekeeperd.te b/sepolicy/vendor/gatekeeperd.te
index 647ede2a..e4bef11b 100644
--- a/sepolicy/vendor/gatekeeperd.te
+++ b/sepolicy/vendor/gatekeeperd.te
@@ -1 +1,2 @@
+typeattribute gatekeeperd system_writes_vendor_properties_violators;
 set_prop(gatekeeperd, keymaster_prop)
diff --git a/sepolicy/vendor/healthd.te b/sepolicy/vendor/healthd.te
index 5032bba8..6b22ced3 100644
--- a/sepolicy/vendor/healthd.te
+++ b/sepolicy/vendor/healthd.te
@@ -1 +1,2 @@
+typeattribute healthd system_writes_vendor_properties_violators;
 set_prop(healthd, public_vendor_system_prop)
diff --git a/sepolicy/vendor/radio.te b/sepolicy/vendor/radio.te
index 0868a3d9..b287bbbb 100644
--- a/sepolicy/vendor/radio.te
+++ b/sepolicy/vendor/radio.te
@@ -1,4 +1,5 @@
 get_prop(radio, ims_prop)
+typeattribute radio system_writes_vendor_properties_violators;
 userdebug_or_eng(`set_prop(radio, tel_mon_prop)')
 
 allow radio qmuxd_socket:dir search;
diff --git a/sepolicy/vendor/surfaceflinger.te b/sepolicy/vendor/surfaceflinger.te
index 349151b6..636d98b4 100644
--- a/sepolicy/vendor/surfaceflinger.te
+++ b/sepolicy/vendor/surfaceflinger.te
@@ -3,4 +3,5 @@ dontaudit surfaceflinger vendor_file:file read;
 dontaudit surfaceflinger kernel:system module_request;
 allow surfaceflinger debugfs_ion:dir search;
 
+typeattribute surfaceflinger system_writes_vendor_properties_violators;
 set_prop(surfaceflinger, public_vendor_system_prop)
diff --git a/sepolicy/vendor/system_app.te b/sepolicy/vendor/system_app.te
index ac4ef9b6..c1ede120 100644
--- a/sepolicy/vendor/system_app.te
+++ b/sepolicy/vendor/system_app.te
@@ -3,6 +3,7 @@
 userdebug_or_eng(`set_prop(system_app, tel_mon_prop)')
 
 # Needed by Settings app's CameraHalHdrplusPreferenceController
+typeattribute system_app system_writes_vendor_properties_violators;
 set_prop(system_app, camera_prop)
 
 # read regulatory info
diff --git a/sepolicy/vendor/system_server.te b/sepolicy/vendor/system_server.te
index 8e38725d..bcba87c3 100644
--- a/sepolicy/vendor/system_server.te
+++ b/sepolicy/vendor/system_server.te
@@ -23,6 +23,7 @@ dontaudit system_server untrusted_app:file write;
 dontaudit system_server hal_audio_default:file write;
 dontaudit system_server appdomain:file write;
 
+typeattribute system_server system_writes_vendor_properties_violators;
 set_prop(system_server, public_vendor_system_prop)
 
 dontaudit system_server self:capability sys_module;