diff --git a/tracking_denials/update_engine.te b/tracking_denials/update_engine.te
deleted file mode 100644
index 98e7b851..00000000
--- a/tracking_denials/update_engine.te
+++ /dev/null
@@ -1,2 +0,0 @@
-# b/187016910
-dontaudit update_engine mnt_vendor_file:dir search ;
diff --git a/whitechapel/vendor/google/update_engine.te b/whitechapel/vendor/google/update_engine.te
index a403d9e4..8342f126 100644
--- a/whitechapel/vendor/google/update_engine.te
+++ b/whitechapel/vendor/google/update_engine.te
@@ -1,3 +1,6 @@
 allow update_engine custom_ab_block_device:blk_file rw_file_perms;
 allow update_engine modem_block_device:blk_file rw_file_perms;
 allow update_engine proc_bootconfig:file r_file_perms;
+
+# update_engine probe mnt_vendor_file during OTA, which is a permission not required
+dontaudit update_engine mnt_vendor_file:dir search;