diff --git a/private/compat/26.0/26.0.ignore.cil b/private/compat/26.0/26.0.ignore.cil
index 351ed54ebadae7f52d7735661b22e27d9a9b02e0..ee9a99e2c2eebb57e41292f0a720425b561d0cac 100644
--- a/private/compat/26.0/26.0.ignore.cil
+++ b/private/compat/26.0/26.0.ignore.cil
@@ -39,6 +39,7 @@
     device_config_boot_count_prop
     device_config_reset_performed_prop
     device_config_flags_health_check_prop
+    device_config_netd_native_prop
     e2fs
     e2fs_exec
     exfat
diff --git a/private/compat/27.0/27.0.ignore.cil b/private/compat/27.0/27.0.ignore.cil
index da1eaa9deaedf0339c8b009d155f11a50f15eca5..bf273f34cde40b4496acc72fa6f976ac0c8cc572 100644
--- a/private/compat/27.0/27.0.ignore.cil
+++ b/private/compat/27.0/27.0.ignore.cil
@@ -37,6 +37,7 @@
     device_config_boot_count_prop
     device_config_reset_performed_prop
     device_config_flags_health_check_prop
+    device_config_netd_native_prop
     exfat
     exported2_config_prop
     exported2_default_prop
diff --git a/private/compat/28.0/28.0.ignore.cil b/private/compat/28.0/28.0.ignore.cil
index 57e6876c46d91c91d4b6af7617c32ed1c3aec05d..960d5fc7ff2f0604e5c83cbef9bbd90d076fb87c 100644
--- a/private/compat/28.0/28.0.ignore.cil
+++ b/private/compat/28.0/28.0.ignore.cil
@@ -25,6 +25,7 @@
     dev_cpu_variant
     device_config_boot_count_prop
     device_config_flags_health_check_prop
+    device_config_netd_native_prop
     device_config_reset_performed_prop
     device_config_service
     face_service
diff --git a/private/property_contexts b/private/property_contexts
index 06c28220d3a4dd3cf79adbcab44f96f6fa4d2d50..8d8726201313e9d212c2e42317684a8f6529c843 100644
--- a/private/property_contexts
+++ b/private/property_contexts
@@ -170,6 +170,7 @@ persist.time.           u:object_r:time_prop:s0
 device_config.reset_performed           u:object_r:device_config_reset_performed_prop:s0
 persist.device_config.attempted_boot_count        u:object_r:device_config_boot_count_prop:s0
 persist.device_config.global_settings.native_flags_health_check_enabled u:object_r:device_config_flags_health_check_prop:s0
+persist.device_config.netd_native.           u:object_r:device_config_netd_native_prop:s0
 
 apexd.                  u:object_r:apexd_prop:s0
 persist.apexd.          u:object_r:apexd_prop:s0
diff --git a/private/system_server.te b/private/system_server.te
index 46fb5918246788ab695ff4ce40d3725d3958e600..0baf4d6f82c29741a446e37f39859279c9afd334 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -581,6 +581,7 @@ set_prop(system_server, cppreopt_prop)
 # STOPSHIP: Remove the ability for system_server to set property
 # device_config_flags_health_check_prop before release. (b/119627143)
 set_prop(system_server, device_config_flags_health_check_prop)
+set_prop(system_server, device_config_netd_native_prop)
 
 # BootReceiver to read ro.boot.bootreason
 get_prop(system_server, bootloader_boot_reason_prop)
@@ -931,6 +932,7 @@ neverallow {
   -flags_health_check
 } {
   device_config_flags_health_check_prop
+  device_config_netd_native_prop
 }:property_service set;
 
 # system_server should never be executing dex2oat. This is either
diff --git a/public/flags_heatlh_check.te b/public/flags_heatlh_check.te
index a62689523e03d8bbca211599055a8dc923a24046..bcae192e0a5e348bf4f9f390ab1430a2d316675d 100644
--- a/public/flags_heatlh_check.te
+++ b/public/flags_heatlh_check.te
@@ -8,6 +8,7 @@ set_prop(flags_health_check, device_config_reset_performed_prop)
 # STOPSHIP: Remove the ability for flags_health_check to set property
 # device_config_flags_health_check_prop before release. (b/119627143)
 set_prop(flags_health_check, device_config_flags_health_check_prop)
+set_prop(flags_health_check, device_config_netd_native_prop)
 
 allow flags_health_check server_configurable_flags_data_file:dir rw_dir_perms;
 allow flags_health_check server_configurable_flags_data_file:file create_file_perms;
diff --git a/public/netd.te b/public/netd.te
index 39864f69d0bdc8b009d3162a1a31ae61099d50da..72d8483e62c15620f7390089481901a87f51adac 100644
--- a/public/netd.te
+++ b/public/netd.te
@@ -111,6 +111,7 @@ allow netd self:netlink_xfrm_socket { create_socket_perms_no_ioctl nlmsg_write n
 add_hwservice(netd, system_net_netd_hwservice)
 hwbinder_use(netd)
 get_prop(netd, hwservicemanager_prop)
+get_prop(netd, device_config_netd_native_prop)
 
 ###
 ### Neverallow rules
diff --git a/public/property.te b/public/property.te
index 5a22340cd7617ade3526ad8ce5dc18dcafd17312..f67a50664c40416c413f43b481934674b7d4883a 100644
--- a/public/property.te
+++ b/public/property.te
@@ -31,6 +31,7 @@ type default_prop, property_type, core_property_type;
 type device_config_boot_count_prop, property_type;
 type device_config_reset_performed_prop, property_type;
 type device_config_flags_health_check_prop, property_type;
+type device_config_netd_native_prop, property_type;
 type device_logging_prop, property_type;
 type dhcp_prop, property_type, core_property_type;
 type dumpstate_options_prop, property_type;
@@ -400,6 +401,7 @@ compatible_property_only(`
     -device_config_reset_performed_prop
     -device_config_boot_count_prop
     -device_config_flags_health_check_prop
+    -device_config_netd_native_prop
     -heapprofd_enabled_prop
     -heapprofd_prop
     -hwservicemanager_prop
diff --git a/public/vendor_init.te b/public/vendor_init.te
index 9aa1194c6e20c9819e1f08090ebc9305fb06258a..9f0dab238475d8b288c54f569da467c3345c1b43 100644
--- a/public/vendor_init.te
+++ b/public/vendor_init.te
@@ -177,6 +177,7 @@ not_compatible_property(`
       -device_config_boot_count_prop
       -device_config_reset_performed_prop
       -device_config_flags_health_check_prop
+      -device_config_netd_native_prop
       -restorecon_prop
       -netd_stable_secret_prop
       -firstboot_prop