diff --git a/prebuilts/api/28.0/public/attributes b/prebuilts/api/28.0/public/attributes
index 6a66c031aa85f5232b356cfa4c727e3edb2419e9..0c7ca2ed7df747f915ab8f0c1b7ab8e140876004 100644
--- a/prebuilts/api/28.0/public/attributes
+++ b/prebuilts/api/28.0/public/attributes
@@ -70,6 +70,11 @@ attribute core_property_type;
 # All properties used to configure log filtering.
 attribute log_property_type;
 
+# All properties that are not specific to device but are added from
+# outside of AOSP. (e.g. OEM-specific properties)
+# These properties are not accessible from device-specific domains
+attribute extended_core_property_type;
+
 # All service_manager types created by system_server
 attribute system_server_service;
 
diff --git a/prebuilts/api/28.0/public/property.te b/prebuilts/api/28.0/public/property.te
index e5ca578b6a630f2beee6a5a5d9c4bf35c72fbb05..afff2fa05a04ae09a205bd2c9db80425fb5853c8 100644
--- a/prebuilts/api/28.0/public/property.te
+++ b/prebuilts/api/28.0/public/property.te
@@ -160,6 +160,7 @@ compatible_property_only(`
     -vendor_init
   } {
     core_property_type
+    extended_core_property_type
     exported_config_prop
     exported_dalvik_prop
     exported_default_prop
@@ -256,6 +257,7 @@ compatible_property_only(`
     -vendor_init
   } {
     core_property_type
+    extended_core_property_type
     exported_dalvik_prop
     exported_ffs_prop
     exported_system_radio_prop
@@ -307,103 +309,3 @@ compatible_property_only(`
     wifi_prop
   }:file no_rw_file_perms;
 ')
-
-compatible_property_only(`
-  # Neverallow coredomain to set vendor properties
-  neverallow {
-    coredomain
-    -init
-    -system_writes_vendor_properties_violators
-  } {
-    property_type
-    -audio_prop
-    -bluetooth_a2dp_offload_prop
-    -bluetooth_prop
-    -bootloader_boot_reason_prop
-    -boottime_prop
-    -config_prop
-    -cppreopt_prop
-    -ctl_bootanim_prop
-    -ctl_bugreport_prop
-    -ctl_console_prop
-    -ctl_default_prop
-    -ctl_dumpstate_prop
-    -ctl_fuse_prop
-    -ctl_interface_restart_prop
-    -ctl_interface_start_prop
-    -ctl_interface_stop_prop
-    -ctl_mdnsd_prop
-    -ctl_restart_prop
-    -ctl_rildaemon_prop
-    -ctl_sigstop_prop
-    -ctl_start_prop
-    -ctl_stop_prop
-    -dalvik_prop
-    -debug_prop
-    -debuggerd_prop
-    -default_prop
-    -device_logging_prop
-    -dhcp_prop
-    -dumpstate_options_prop
-    -dumpstate_prop
-    -exported2_config_prop
-    -exported2_default_prop
-    -exported2_radio_prop
-    -exported2_system_prop
-    -exported2_vold_prop
-    -exported3_default_prop
-    -exported3_radio_prop
-    -exported3_system_prop
-    -exported_bluetooth_prop
-    -exported_config_prop
-    -exported_dalvik_prop
-    -exported_default_prop
-    -exported_dumpstate_prop
-    -exported_ffs_prop
-    -exported_fingerprint_prop
-    -exported_overlay_prop
-    -exported_pm_prop
-    -exported_radio_prop
-    -exported_secure_prop
-    -exported_system_prop
-    -exported_system_radio_prop
-    -exported_vold_prop
-    -exported_wifi_prop
-    -ffs_prop
-    -fingerprint_prop
-    -firstboot_prop
-    -hwservicemanager_prop
-    -last_boot_reason_prop
-    -log_prop
-    -log_tag_prop
-    -logd_prop
-    -logpersistd_logging_prop
-    -lowpan_prop
-    -mmc_prop
-    -net_dns_prop
-    -net_radio_prop
-    -netd_stable_secret_prop
-    -nfc_prop
-    -overlay_prop
-    -pan_result_prop
-    -persist_debug_prop
-    -persistent_properties_ready_prop
-    -pm_prop
-    -powerctl_prop
-    -radio_prop
-    -restorecon_prop
-    -safemode_prop
-    -serialno_prop
-    -shell_prop
-    -system_boot_reason_prop
-    -system_prop
-    -system_radio_prop
-    -test_boot_reason_prop
-    -traced_enabled_prop
-    -vendor_default_prop
-    -vendor_security_patch_level_prop
-    -vold_prop
-    -wifi_log_prop
-    -wifi_prop
-  }:property_service set;
-')
diff --git a/prebuilts/api/28.0/public/property_contexts b/prebuilts/api/28.0/public/property_contexts
index a61cc22953415e7cdcc96bd96f125ffbf94c9c34..a50534023d5f7799413fb4d02213d746c7ff10c6 100644
--- a/prebuilts/api/28.0/public/property_contexts
+++ b/prebuilts/api/28.0/public/property_contexts
@@ -271,7 +271,8 @@ ro.hardware.vibrator u:object_r:exported_default_prop:s0 exact string
 ro.hardware.virtual_device u:object_r:exported_default_prop:s0 exact string
 ro.hardware.vulkan u:object_r:exported_default_prop:s0 exact string
 ro.kernel.qemu u:object_r:exported_default_prop:s0 exact int
-ro.kernel.qemu.gles u:object_r:exported_default_prop:s0 exact int
+ro.kernel.qemu. u:object_r:exported_default_prop:s0
+ro.kernel.android.bootanim u:object_r:exported_default_prop:s0 exact int
 ro.odm.build.date u:object_r:exported_default_prop:s0 exact string
 ro.odm.build.date.utc u:object_r:exported_default_prop:s0 exact int
 ro.odm.build.fingerprint u:object_r:exported_default_prop:s0 exact string
diff --git a/public/attributes b/public/attributes
index 6a66c031aa85f5232b356cfa4c727e3edb2419e9..0c7ca2ed7df747f915ab8f0c1b7ab8e140876004 100644
--- a/public/attributes
+++ b/public/attributes
@@ -70,6 +70,11 @@ attribute core_property_type;
 # All properties used to configure log filtering.
 attribute log_property_type;
 
+# All properties that are not specific to device but are added from
+# outside of AOSP. (e.g. OEM-specific properties)
+# These properties are not accessible from device-specific domains
+attribute extended_core_property_type;
+
 # All service_manager types created by system_server
 attribute system_server_service;
 
diff --git a/public/property.te b/public/property.te
index e5ca578b6a630f2beee6a5a5d9c4bf35c72fbb05..afff2fa05a04ae09a205bd2c9db80425fb5853c8 100644
--- a/public/property.te
+++ b/public/property.te
@@ -160,6 +160,7 @@ compatible_property_only(`
     -vendor_init
   } {
     core_property_type
+    extended_core_property_type
     exported_config_prop
     exported_dalvik_prop
     exported_default_prop
@@ -256,6 +257,7 @@ compatible_property_only(`
     -vendor_init
   } {
     core_property_type
+    extended_core_property_type
     exported_dalvik_prop
     exported_ffs_prop
     exported_system_radio_prop
@@ -307,103 +309,3 @@ compatible_property_only(`
     wifi_prop
   }:file no_rw_file_perms;
 ')
-
-compatible_property_only(`
-  # Neverallow coredomain to set vendor properties
-  neverallow {
-    coredomain
-    -init
-    -system_writes_vendor_properties_violators
-  } {
-    property_type
-    -audio_prop
-    -bluetooth_a2dp_offload_prop
-    -bluetooth_prop
-    -bootloader_boot_reason_prop
-    -boottime_prop
-    -config_prop
-    -cppreopt_prop
-    -ctl_bootanim_prop
-    -ctl_bugreport_prop
-    -ctl_console_prop
-    -ctl_default_prop
-    -ctl_dumpstate_prop
-    -ctl_fuse_prop
-    -ctl_interface_restart_prop
-    -ctl_interface_start_prop
-    -ctl_interface_stop_prop
-    -ctl_mdnsd_prop
-    -ctl_restart_prop
-    -ctl_rildaemon_prop
-    -ctl_sigstop_prop
-    -ctl_start_prop
-    -ctl_stop_prop
-    -dalvik_prop
-    -debug_prop
-    -debuggerd_prop
-    -default_prop
-    -device_logging_prop
-    -dhcp_prop
-    -dumpstate_options_prop
-    -dumpstate_prop
-    -exported2_config_prop
-    -exported2_default_prop
-    -exported2_radio_prop
-    -exported2_system_prop
-    -exported2_vold_prop
-    -exported3_default_prop
-    -exported3_radio_prop
-    -exported3_system_prop
-    -exported_bluetooth_prop
-    -exported_config_prop
-    -exported_dalvik_prop
-    -exported_default_prop
-    -exported_dumpstate_prop
-    -exported_ffs_prop
-    -exported_fingerprint_prop
-    -exported_overlay_prop
-    -exported_pm_prop
-    -exported_radio_prop
-    -exported_secure_prop
-    -exported_system_prop
-    -exported_system_radio_prop
-    -exported_vold_prop
-    -exported_wifi_prop
-    -ffs_prop
-    -fingerprint_prop
-    -firstboot_prop
-    -hwservicemanager_prop
-    -last_boot_reason_prop
-    -log_prop
-    -log_tag_prop
-    -logd_prop
-    -logpersistd_logging_prop
-    -lowpan_prop
-    -mmc_prop
-    -net_dns_prop
-    -net_radio_prop
-    -netd_stable_secret_prop
-    -nfc_prop
-    -overlay_prop
-    -pan_result_prop
-    -persist_debug_prop
-    -persistent_properties_ready_prop
-    -pm_prop
-    -powerctl_prop
-    -radio_prop
-    -restorecon_prop
-    -safemode_prop
-    -serialno_prop
-    -shell_prop
-    -system_boot_reason_prop
-    -system_prop
-    -system_radio_prop
-    -test_boot_reason_prop
-    -traced_enabled_prop
-    -vendor_default_prop
-    -vendor_security_patch_level_prop
-    -vold_prop
-    -wifi_log_prop
-    -wifi_prop
-  }:property_service set;
-')
diff --git a/public/property_contexts b/public/property_contexts
index a61cc22953415e7cdcc96bd96f125ffbf94c9c34..a50534023d5f7799413fb4d02213d746c7ff10c6 100644
--- a/public/property_contexts
+++ b/public/property_contexts
@@ -271,7 +271,8 @@ ro.hardware.vibrator u:object_r:exported_default_prop:s0 exact string
 ro.hardware.virtual_device u:object_r:exported_default_prop:s0 exact string
 ro.hardware.vulkan u:object_r:exported_default_prop:s0 exact string
 ro.kernel.qemu u:object_r:exported_default_prop:s0 exact int
-ro.kernel.qemu.gles u:object_r:exported_default_prop:s0 exact int
+ro.kernel.qemu. u:object_r:exported_default_prop:s0
+ro.kernel.android.bootanim u:object_r:exported_default_prop:s0 exact int
 ro.odm.build.date u:object_r:exported_default_prop:s0 exact string
 ro.odm.build.date.utc u:object_r:exported_default_prop:s0 exact int
 ro.odm.build.fingerprint u:object_r:exported_default_prop:s0 exact string