diff --git a/attributes b/attributes
index 485b3e9a91ba9b2a14436ed534526e0ddd5473e3..30220297a1de3a85cdb043435d85d6f52be6f1d4 100644
--- a/attributes
+++ b/attributes
@@ -67,6 +67,9 @@ attribute property_type;
 # used by device specific properties
 attribute core_property_type;
 
+# All properties used to configure log filtering.
+attribute log_property_type;
+
 # All service_manager types created by system_server
 attribute system_server_service;
 
diff --git a/domain.te b/domain.te
index 67bcb56c862c182eb6b47a7274fbc15573eb3083..2400a8cad8e6d3e982d591dc60c5d982449c61ff 100644
--- a/domain.te
+++ b/domain.te
@@ -84,6 +84,9 @@ allow domain properties_serial:file r_file_perms;
 # For now, everyone can access core property files
 # Device specific properties are not granted by default
 get_prop(domain, core_property_type)
+# Let everyone read log properties, so that liblog can avoid sending unloggable
+# messages to logd.
+get_prop(domain, log_property_type)
 dontaudit domain property_type:file audit_access;
 allow domain property_contexts:file r_file_perms;
 
diff --git a/property.te b/property.te
index 16802457012922e9a0ba34aec75ed2247d163d1c..d2a238bc1dee1743410e45a132f5373fb646fb0d 100644
--- a/property.te
+++ b/property.te
@@ -12,6 +12,7 @@ type net_radio_prop, property_type, core_property_type;
 type system_radio_prop, property_type, core_property_type;
 type system_prop, property_type, core_property_type;
 type vold_prop, property_type, core_property_type;
+type wifi_log_prop, property_type, log_property_type;
 type ctl_bootanim_prop, property_type;
 type ctl_default_prop, property_type;
 type ctl_dumpstate_prop, property_type;
@@ -21,6 +22,7 @@ type ctl_rildaemon_prop, property_type;
 type ctl_bugreport_prop, property_type;
 type ctl_console_prop, property_type;
 type audio_prop, property_type, core_property_type;
+type log_prop, property_type, log_property_type;
 type logd_prop, property_type, core_property_type;
 type mmc_prop, property_type;
 type restorecon_prop, property_type, core_property_type;
diff --git a/property_contexts b/property_contexts
index 34cd6cc41e19a6368544419b738aecf0c6cc31f1..596a9fb549ae526ca314c5cbdfdd3515789eb2cc 100644
--- a/property_contexts
+++ b/property_contexts
@@ -32,7 +32,8 @@ bluetooth.              u:object_r:bluetooth_prop:s0
 debug.                  u:object_r:debug_prop:s0
 debug.db.               u:object_r:debuggerd_prop:s0
 dumpstate.              u:object_r:dumpstate_prop:s0
-log.                    u:object_r:shell_prop:s0
+log.                    u:object_r:log_prop:s0
+log.tag.WifiHAL         u:object_r:wifi_log_prop:s0
 service.adb.root        u:object_r:shell_prop:s0
 service.adb.tcp.port    u:object_r:shell_prop:s0
 
@@ -41,7 +42,7 @@ persist.bluetooth.      u:object_r:bluetooth_prop:s0
 persist.debug.          u:object_r:persist_debug_prop:s0
 persist.logd.           u:object_r:logd_prop:s0
 persist.logd.security   u:object_r:device_logging_prop:s0
-persist.log.tag         u:object_r:logd_prop:s0
+persist.log.tag         u:object_r:log_prop:s0
 persist.mmc.            u:object_r:mmc_prop:s0
 persist.sys.            u:object_r:system_prop:s0
 persist.sys.safemode    u:object_r:safemode_prop:s0
diff --git a/shell.te b/shell.te
index a314c612694e990af04d1a0db84c5a4dce32d414..d8c6dd49b74a0cc5f5b0beb869b21d23ad4b0154 100644
--- a/shell.te
+++ b/shell.te
@@ -63,6 +63,8 @@ set_prop(shell, ctl_dumpstate_prop)
 set_prop(shell, dumpstate_prop)
 set_prop(shell, debug_prop)
 set_prop(shell, powerctl_prop)
+userdebug_or_eng(`set_prop(shell, log_prop)')
+userdebug_or_eng(`set_prop(shell, wifi_log_prop)')
 
 # systrace support - allow atrace to run
 allow shell debugfs_tracing:dir r_dir_perms;
diff --git a/system_app.te b/system_app.te
index c8be7f3e9ca03e760912d72d2e4ed039ac3c0b88..3749644e2e28302af717f7236c45fc4d9e051b10 100644
--- a/system_app.te
+++ b/system_app.te
@@ -32,6 +32,7 @@ set_prop(system_app, system_prop)
 set_prop(system_app, logd_prop)
 set_prop(system_app, net_radio_prop)
 set_prop(system_app, system_radio_prop)
+set_prop(system_app, log_prop)
 auditallow system_app net_radio_prop:property_service set;
 auditallow system_app system_radio_prop:property_service set;
 
diff --git a/system_server.te b/system_server.te
index 526a0e9fd3fd8d22af41b3c2d4d4e1dd396b69e3..df26f09f221dcc0b4ff9f3a78dd5c9f36fdea69c 100644
--- a/system_server.te
+++ b/system_server.te
@@ -318,6 +318,7 @@ set_prop(system_server, debug_prop)
 set_prop(system_server, powerctl_prop)
 set_prop(system_server, fingerprint_prop)
 set_prop(system_server, device_logging_prop)
+userdebug_or_eng(`set_prop(system_server, wifi_log_prop)')
 
 # ctl interface
 set_prop(system_server, ctl_default_prop)