diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts
index ad1c4045..7ca945a9 100644
--- a/sepolicy/file_contexts
+++ b/sepolicy/file_contexts
@@ -9,6 +9,8 @@
 
 /system/bin/sysinit       u:object_r:sysinit_exec:s0
 
+/system/etc/init.d/90userinit           u:object_r:userinit_exec:s0
+
 # For minivold in recovery
 /sbin/minivold            u:object_r:vold_exec:s0
 
diff --git a/sepolicy/property.te b/sepolicy/property.te
index fe7d9b2d..1e6b2203 100644
--- a/sepolicy/property.te
+++ b/sepolicy/property.te
@@ -1,2 +1,3 @@
 type adbtcp_prop, property_type;
 type recovery_prop, property_type;
+type userinit_prop, property_type;
diff --git a/sepolicy/property_contexts b/sepolicy/property_contexts
index b3a3540e..d6beeb22 100644
--- a/sepolicy/property_contexts
+++ b/sepolicy/property_contexts
@@ -1,3 +1,4 @@
 service.adb.tcp.port          u:object_r:adbtcp_prop:s0
 recovery.perf.mode            u:object_r:recovery_prop:s0
 adb.secure                    u:object_r:recovery_prop:s0
+cm.userinit.active            u:object_r:userinit_prop:s0
diff --git a/sepolicy/sepolicy.mk b/sepolicy/sepolicy.mk
index 6cd50645..194fd9a9 100644
--- a/sepolicy/sepolicy.mk
+++ b/sepolicy/sepolicy.mk
@@ -32,6 +32,7 @@ BOARD_SEPOLICY_UNION += \
     system_app.te \
     ueventd.te \
     uncrypt.te \
+    userinit.te \
     vold.te \
     zygote.te \
     mac_permissions.xml
diff --git a/sepolicy/userinit.te b/sepolicy/userinit.te
new file mode 100644
index 00000000..caddb086
--- /dev/null
+++ b/sepolicy/userinit.te
@@ -0,0 +1,3 @@
+type userinit_exec, exec_type, file_type;
+
+allow userinit_exec userinit_prop:property_service set;