diff --git a/private/compat/30.0/30.0.ignore.cil b/private/compat/30.0/30.0.ignore.cil
index d4f2bc282..639f27827 100644
--- a/private/compat/30.0/30.0.ignore.cil
+++ b/private/compat/30.0/30.0.ignore.cil
@@ -82,6 +82,7 @@
     profcollectd_data_file
     profcollectd_exec
     profcollectd_service
+    qemu_hw_prop
     radio_core_data_file
     reboot_readiness_service
     remote_prov_app
diff --git a/private/platform_app.te b/private/platform_app.te
index 7bf14c892..a11208145 100644
--- a/private/platform_app.te
+++ b/private/platform_app.te
@@ -90,6 +90,9 @@ set_prop(platform_app, test_boot_reason_prop)
 # allow platform apps to read keyguard.no_require_sim
 get_prop(platform_app, keyguard_config_prop)
 
+# allow platform apps to read qemu.hw.mainkeys
+get_prop(platform_app, qemu_hw_prop)
+
 # allow platform apps to create symbolic link
 allow platform_app app_data_file:lnk_file create_file_perms;
 
diff --git a/private/property_contexts b/private/property_contexts
index 25e9d87ed..5933e30d2 100644
--- a/private/property_contexts
+++ b/private/property_contexts
@@ -186,6 +186,9 @@ ro.config.              u:object_r:config_prop:s0
 dalvik.                 u:object_r:dalvik_prop:s0
 ro.dalvik.              u:object_r:dalvik_prop:s0
 
+# qemu_hw_prop is read/written by both system and vendor.
+qemu.hw.mainkeys        u:object_r:qemu_hw_prop:s0
+
 # Shared between system server and wificond
 wifi.                   u:object_r:wifi_prop:s0
 wlan.                   u:object_r:wifi_prop:s0
diff --git a/private/system_server.te b/private/system_server.te
index 175eea17b..0001e458f 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -1332,3 +1332,6 @@ neverallowxperm { domain -system_server } binder_device:chr_file ioctl { BINDER_
 # Only system server can write the font files.
 neverallow { domain -init -system_server } font_data_file:file no_w_file_perms;
 neverallow { domain -init -system_server } font_data_file:dir no_w_dir_perms;
+
+# Read qemu.hw.mainkeys property
+get_prop(system_server, qemu_hw_prop)
diff --git a/public/property.te b/public/property.te
index 37884f050..3f3f148f6 100644
--- a/public/property.te
+++ b/public/property.te
@@ -191,6 +191,7 @@ system_public_prop(lowpan_prop)
 system_public_prop(nfc_prop)
 system_public_prop(ota_prop)
 system_public_prop(powerctl_prop)
+system_public_prop(qemu_hw_prop)
 system_public_prop(radio_control_prop)
 system_public_prop(radio_prop)
 system_public_prop(serialno_prop)
diff --git a/public/vendor_init.te b/public/vendor_init.te
index 8d436b9bb..97cbd0da6 100644
--- a/public/vendor_init.te
+++ b/public/vendor_init.te
@@ -235,6 +235,7 @@ set_prop(vendor_init, lmkd_prop)
 set_prop(vendor_init, logd_prop)
 set_prop(vendor_init, log_tag_prop)
 set_prop(vendor_init, log_prop)
+set_prop(vendor_init, qemu_hw_prop)
 set_prop(vendor_init, radio_control_prop)
 set_prop(vendor_init, rebootescrow_hal_prop)
 set_prop(vendor_init, serialno_prop)