diff --git a/private/compat/26.0/26.0.ignore.cil b/private/compat/26.0/26.0.ignore.cil
index e359935debc77d9af458a2479256413b35f90894..50d4ee7be7c680ad8d92d6f70ad023eaa4bea580 100644
--- a/private/compat/26.0/26.0.ignore.cil
+++ b/private/compat/26.0/26.0.ignore.cil
@@ -25,6 +25,7 @@
     lowpan_service
     mediaprovider_tmpfs
     netd_stable_secret_prop
+    network_watchlist_data_file
     network_watchlist_service
     package_native_service
     perfprofd_service
diff --git a/private/file_contexts b/private/file_contexts
index 7d1457ae7642d2a7143be776dbc4ebcdea0880bc..992bdc3491ceb1f24b291352c3fde7b6b4b10cb2 100644
--- a/private/file_contexts
+++ b/private/file_contexts
@@ -384,6 +384,7 @@
 /data/misc/logd(/.*)?           u:object_r:misc_logd_file:s0
 /data/misc/media(/.*)?          u:object_r:media_data_file:s0
 /data/misc/net(/.*)?            u:object_r:net_data_file:s0
+/data/misc/network_watchlist(/.*)? u:object_r:network_watchlist_data_file:s0
 /data/misc/recovery(/.*)?       u:object_r:recovery_data_file:s0
 /data/misc/shared_relro(/.*)?   u:object_r:shared_relro_file:s0
 /data/misc/sms(/.*)?            u:object_r:radio_data_file:s0
diff --git a/private/system_server.te b/private/system_server.te
index 6fb6142bf05c05797ca8fd3a5b7aef7b9bbfc611..eff8e8f31f9c6bc574601770061f5d0dd2ef1cb1 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -381,6 +381,10 @@ allow system_server heapdump_data_file:file create_file_perms;
 allow system_server adb_keys_file:dir create_dir_perms;
 allow system_server adb_keys_file:file create_file_perms;
 
+# Manage /data/misc/network_watchlist
+allow system_server network_watchlist_data_file:dir create_dir_perms;
+allow system_server network_watchlist_data_file:file create_file_perms;
+
 # Manage /data/misc/sms.
 # TODO:  Split into a separate type?
 allow system_server radio_data_file:dir create_dir_perms;
diff --git a/public/file.te b/public/file.te
index 81bb1f1e1259a7bc6d961bff3a2885701f2a5a76..e3ffa34e571eea50e390986d51172a0864a67790 100644
--- a/public/file.te
+++ b/public/file.te
@@ -234,6 +234,7 @@ type media_data_file, file_type, data_file_type, core_data_file_type;
 type media_rw_data_file, file_type, data_file_type, core_data_file_type, mlstrustedobject;
 type misc_user_data_file, file_type, data_file_type, core_data_file_type;
 type net_data_file, file_type, data_file_type, core_data_file_type;
+type network_watchlist_data_file, file_type, data_file_type, core_data_file_type;
 type nfc_data_file, file_type, data_file_type, core_data_file_type;
 type radio_data_file, file_type, data_file_type, core_data_file_type, mlstrustedobject;
 type recovery_data_file, file_type, data_file_type, core_data_file_type;
diff --git a/public/vendor_init.te b/public/vendor_init.te
index ace58abe7b83ae505ad668e67404606910bed1e6..9aaa5384667d2c11a204f8918ea02a2cded1dad4 100644
--- a/public/vendor_init.te
+++ b/public/vendor_init.te
@@ -40,6 +40,7 @@ allow vendor_init {
   -incident_data_file
   -keystore_data_file
   -misc_logd_file
+  -network_watchlist_data_file
   -nfc_data_file
   -property_data_file
   -radio_data_file
@@ -62,6 +63,7 @@ allow vendor_init {
   -incident_data_file
   -keystore_data_file
   -misc_logd_file
+  -network_watchlist_data_file
   -nfc_data_file
   -property_data_file
   -radio_data_file
@@ -85,6 +87,7 @@ allow vendor_init {
   -incident_data_file
   -keystore_data_file
   -misc_logd_file
+  -network_watchlist_data_file
   -nfc_data_file
   -property_data_file
   -radio_data_file
@@ -107,6 +110,7 @@ allow vendor_init {
   -incident_data_file
   -keystore_data_file
   -misc_logd_file
+  -network_watchlist_data_file
   -nfc_data_file
   -property_data_file
   -radio_data_file
@@ -129,6 +133,7 @@ allow vendor_init {
   -incident_data_file
   -keystore_data_file
   -misc_logd_file
+  -network_watchlist_data_file
   -nfc_data_file
   -property_data_file
   -radio_data_file