diff --git a/private/compat/29.0/29.0.ignore.cil b/private/compat/29.0/29.0.ignore.cil
index e37372623..c1ea9496f 100644
--- a/private/compat/29.0/29.0.ignore.cil
+++ b/private/compat/29.0/29.0.ignore.cil
@@ -105,6 +105,7 @@
     userspace_reboot_config_prop
     userspace_reboot_exported_prop
     userspace_reboot_log_prop
+    userspace_reboot_test_prop
     vehicle_hal_prop
     tv_tuner_resource_mgr_service
     vendor_apex_file
diff --git a/private/domain.te b/private/domain.te
index 32b40c179..3f5bbaad5 100644
--- a/private/domain.te
+++ b/private/domain.te
@@ -101,6 +101,7 @@ compatible_property_only(`
     get_prop({coredomain appdomain shell}, userspace_reboot_config_prop)
     get_prop({coredomain shell}, userspace_reboot_exported_prop)
     get_prop({coredomain shell}, userspace_reboot_log_prop)
+    get_prop({coredomain shell}, userspace_reboot_test_prop)
     get_prop({domain -coredomain -appdomain}, vendor_default_prop)
 ')
 
diff --git a/private/property_contexts b/private/property_contexts
index 1977fff93..216531cec 100644
--- a/private/property_contexts
+++ b/private/property_contexts
@@ -91,6 +91,7 @@ sys.boot.reason         u:object_r:system_boot_reason_prop:s0
 sys.boot.reason.last    u:object_r:last_boot_reason_prop:s0
 pm.                     u:object_r:pm_prop:s0
 test.sys.boot.reason    u:object_r:test_boot_reason_prop:s0
+test.userspace_reboot.requested u:object_r:userspace_reboot_test_prop:s0
 sys.lmk.                u:object_r:system_lmk_prop:s0
 sys.trace.              u:object_r:system_trace_prop:s0
 
diff --git a/private/shell.te b/private/shell.te
index 2c69f95ee..76ff0734d 100644
--- a/private/shell.te
+++ b/private/shell.te
@@ -73,6 +73,10 @@ allow shell rs_exec:file rx_file_perms;
 set_prop(shell, lpdumpd_prop);
 binder_call(shell, lpdumpd)
 
+# Allow shell to set and read value of properties used for CTS tests of
+# userspace reboot
+set_prop(shell, userspace_reboot_test_prop)
+
 # Allow shell to get encryption policy of /data/local/tmp/, for CTS
 allowxperm shell shell_data_file:dir ioctl {
   FS_IOC_GET_ENCRYPTION_POLICY
diff --git a/public/property.te b/public/property.te
index cfaa1905f..67a1fbeac 100644
--- a/public/property.te
+++ b/public/property.te
@@ -21,6 +21,7 @@ system_internal_prop(last_boot_reason_prop)
 system_internal_prop(netd_stable_secret_prop)
 system_internal_prop(pm_prop)
 system_internal_prop(userspace_reboot_log_prop)
+system_internal_prop(userspace_reboot_test_prop)
 system_internal_prop(system_adbd_prop)
 system_internal_prop(adbd_prop)
 system_internal_prop(traced_perf_enabled_prop)
@@ -587,3 +588,11 @@ neverallow {
 } {
   adbd_prop
 }:property_service set;
+
+neverallow {
+  # Only allow init and shell to set userspace_reboot_test_prop
+  -init
+  -shell
+} {
+  userspace_reboot_test_prop
+}:property_service set;