diff --git a/private/app_neverallows.te b/private/app_neverallows.te
index 23594b82638bf33d9c264614c057cbcdc399ee9d..c2ef14ccedd43eefab41f39b2824efb318a843c7 100644
--- a/private/app_neverallows.te
+++ b/private/app_neverallows.te
@@ -189,7 +189,7 @@ neverallow all_untrusted_apps {
   -hal_omx_hwservice
   -hal_cas_hwservice
   -hal_neuralnetworks_hwservice
-  -untrusted_app_visible_hwservice
+  -untrusted_app_visible_hwservice_violators
 }:hwservice_manager find;
 
 # Make sure that the following services are never accessible by untrusted_apps
@@ -259,7 +259,7 @@ full_treble_only(`
     -hal_neuralnetworks_server
     -hal_omx_server
     -binder_in_vendor_violators # TODO(b/35870313): Remove once all violations are gone
-    -untrusted_app_visible_halserver
+    -untrusted_app_visible_halserver_violators
   }:binder { call transfer };
 ')
 
diff --git a/private/technical_debt.cil b/private/technical_debt.cil
index b04e5e076435f85f0c9277e4d4893546caf47db7..35db2b3f2f36ecd189779c114073908deb071aab 100644
--- a/private/technical_debt.cil
+++ b/private/technical_debt.cil
@@ -40,3 +40,13 @@
 ; Unfortunately, we can't currently express this in module policy language:
 ;     typeattribute { appdomain -isolated_app } hal_neuralnetworks_client;
 (typeattributeset hal_neuralnetworks_client ((and (appdomain) ((not (isolated_app))))))
+
+; TODO(b/112056006): move these to mapping files when/if we implement 'versioned' attributes.
+; Rename untrusted_app_visible_* to untrusted_app_visible_*_violators.
+; Unfortunately, we can't currently express this in module policy language:
+;     typeattribute untrusted_app_visible_hwservice untrusted_app_visible_hwservice_violators;
+;     typeattribute untrusted_app_visible_halserver untrusted_app_visible_halserver_violators;
+(typeattribute untrusted_app_visible_hwservice)
+(typeattributeset untrusted_app_visible_hwservice_violators (untrusted_app_visible_hwservice))
+(typeattribute untrusted_app_visible_halserver)
+(typeattributeset untrusted_app_visible_halserver_violators (untrusted_app_visible_halserver))
diff --git a/public/attributes b/public/attributes
index 738512887c95d9b377532b11111a88c9be514515..c8db1fdd6465c07abf144a314c1cf791f42e7266 100644
--- a/public/attributes
+++ b/public/attributes
@@ -191,19 +191,19 @@ expandattribute system_writes_vendor_properties_violators false;
 # version, requiring all hwservices that are labeled with this
 # attribute to be submitted to AOSP in order to maintain their
 # app-visibility.
-attribute untrusted_app_visible_hwservice;
-expandattribute untrusted_app_visible_hwservice false;
+attribute untrusted_app_visible_hwservice_violators;
+expandattribute untrusted_app_visible_hwservice_violators false;
 
 # halserver domains that are accessible to untrusted applications.  These
 # domains are typically those hosting  hwservices attributed by the
-# untrusted_app_visible_hwservice.
+# untrusted_app_visible_hwservice_violators.
 # WARNING: Use of this attribute should be avoided unless absolutely necessary.
 # It is a temporary allowance to aid the transition to treble and will be
 # removed in the future platform version, requiring all halserver domains that
 # are labeled with this attribute to be submitted to AOSP in order to maintain
 # their app-visibility.
-attribute untrusted_app_visible_halserver;
-expandattribute untrusted_app_visible_halserver false;
+attribute untrusted_app_visible_halserver_violators;
+expandattribute untrusted_app_visible_halserver_violators false;
 
 # PDX services
 attribute pdx_endpoint_dir_type;