diff --git a/property.te b/property.te
index 6fedfa7a53a47cad3b439b24b546123022724ef4..8faa4724adca5fc3e7435c5100582e04bcdb8559 100644
--- a/property.te
+++ b/property.te
@@ -8,6 +8,7 @@ type radio_prop, property_type;
 type net_radio_prop, property_type;
 type system_radio_prop, property_type;
 type system_prop, property_type;
+type verity_prop, property_type;
 type vold_prop, property_type;
 type ctl_bootanim_prop, property_type;
 type ctl_default_prop, property_type;
diff --git a/property_contexts b/property_contexts
index 06f6c174b986a2a0d83b9cecb703364f34cc0486..47e544a4e4b035315ceacbc4027da761ca6467b9 100644
--- a/property_contexts
+++ b/property_contexts
@@ -49,6 +49,9 @@ selinux.                u:object_r:security_prop:s0
 vold.                   u:object_r:vold_prop:s0
 crypto.                 u:object_r:vold_prop:s0
 
+# dm-verity properties
+verity.                 u:object_r:verity_prop:s0
+
 # ro.build.fingerprint is either set in /system/build.prop, or is
 # set at runtime by system_server.
 build.fingerprint       u:object_r:fingerprint_prop:s0
diff --git a/ueventd.te b/ueventd.te
index 2e61e8852ece2af9b648c3c2cf4bb654e67a0d63..0f2809d842484be431c6c50ae68cc7e67bc041ab 100644
--- a/ueventd.te
+++ b/ueventd.te
@@ -23,3 +23,9 @@ allow ueventd efs_file:file r_file_perms;
 
 # Use setfscreatecon() to label /dev directories and files.
 allow ueventd self:process setfscreate;
+
+# Set property.
+unix_socket_connect(ueventd, property, init)
+
+# Property service
+allow ueventd verity_prop:property_service set;