diff --git a/legacy/whitechapel_pro/file_contexts b/legacy/whitechapel_pro/file_contexts
index 26e441ab..68f910fb 100644
--- a/legacy/whitechapel_pro/file_contexts
+++ b/legacy/whitechapel_pro/file_contexts
@@ -2,7 +2,6 @@
 /vendor/bin/chre                                                            u:object_r:chre_exec:s0
 /vendor/bin/storageproxyd                                                   u:object_r:tee_exec:s0
 /vendor/bin/tcpdump_logger                                                  u:object_r:tcpdump_logger_exec:s0
-/vendor/bin/init\.display\.sh                                               u:object_r:init-display-sh_exec:s0
 /vendor/bin/trusty_apploader                                                u:object_r:trusty_apploader_exec:s0
 /vendor/bin/trusty_metricsd                                                 u:object_r:trusty_metricsd_exec:s0
 /vendor/bin/dumpsys                                                         u:object_r:vendor_dumpsys:s0
@@ -10,8 +9,6 @@
 /vendor/bin/hw/android\.hardware\.gatekeeper@1\.0-service\.trusty           u:object_r:hal_gatekeeper_default_exec:s0
 /vendor/bin/hw/android\.hardware\.security\.keymint-service\.trusty         u:object_r:hal_keymint_default_exec:s0
 /vendor/bin/hw/android\.hardware\.contexthub-service\.generic               u:object_r:hal_contexthub_default_exec:s0
-/vendor/bin/hw/samsung\.hardware\.media\.c2@1\.2-service                    u:object_r:mediacodec_samsung_exec:s0
-/vendor/bin/hw/google\.hardware\.media\.c2@2\.0-service                     u:object_r:mediacodec_google_exec:s0
 /vendor/bin/hw/android\.hardware\.biometrics\.fingerprint@2\.1-service\.goodix  u:object_r:hal_fingerprint_default_exec:s0
 /vendor/bin/hw/android\.hardware\.biometrics\.fingerprint-service\.goodix   u:object_r:hal_fingerprint_default_exec:s0
 /vendor/bin/hw/android\.hardware\.nfc-service\.st                           u:object_r:hal_nfc_default_exec:s0
diff --git a/legacy/whitechapel_pro/init-display-sh.te b/legacy/whitechapel_pro/init-display-sh.te
deleted file mode 100644
index 54ff7d6e..00000000
--- a/legacy/whitechapel_pro/init-display-sh.te
+++ /dev/null
@@ -1,10 +0,0 @@
-type init-display-sh, domain;
-type init-display-sh_exec, vendor_file_type, exec_type, file_type;
-init_daemon_domain(init-display-sh)
-
-allow init-display-sh self:capability sys_module;
-allow init-display-sh vendor_kernel_modules:system module_load;
-allow init-display-sh vendor_toolbox_exec:file execute_no_trans;
-
-dontaudit init-display-sh proc_cmdline:file r_file_perms;
-
diff --git a/legacy/whitechapel_pro/init.te b/legacy/whitechapel_pro/init.te
deleted file mode 100644
index d987ac64..00000000
--- a/legacy/whitechapel_pro/init.te
+++ /dev/null
@@ -1,6 +0,0 @@
-allow init ram_device:blk_file w_file_perms;
-allow init sysfs_scsi_devices_0000:file w_file_perms;
-
-# Workaround for b/193113005 that modem_img unlabeled after disable-verity
-dontaudit init overlayfs_file:file rename;
-dontaudit init overlayfs_file:chr_file unlink;
diff --git a/legacy/whitechapel_pro/logd.te b/legacy/whitechapel_pro/logd.te
deleted file mode 100644
index cc55e204..00000000
--- a/legacy/whitechapel_pro/logd.te
+++ /dev/null
@@ -1,2 +0,0 @@
-r_dir_file(logd, logbuffer_device)
-allow logd logbuffer_device:chr_file r_file_perms;
diff --git a/tracking_denials/permissive.te b/tracking_denials/permissive.te
index e8f13da8..5a5e1176 100644
--- a/tracking_denials/permissive.te
+++ b/tracking_denials/permissive.te
@@ -31,4 +31,6 @@ userdebug_or_eng(`
   permissive uwb_vendor_app;
   permissive hal_wifi_ext;
   permissive hal_wlc;
+  permissive init;
+  permissive logd;
 ')
diff --git a/vendor/file_contexts b/vendor/file_contexts
index 31211f82..5c1fef83 100644
--- a/vendor/file_contexts
+++ b/vendor/file_contexts
@@ -11,6 +11,8 @@
 /vendor/bin/hw/android\.hardware\.qorvo\.uwb\.service                       u:object_r:hal_uwb_vendor_default_exec:s0
 /vendor/bin/hw/android\.hardware\.composer\.hwc3-service\.pixel             u:object_r:hal_graphics_composer_default_exec:s0
 /vendor/bin/hw/vendor\.google\.wireless_charger@1\.3-service-vendor         u:object_r:hal_wlc_exec:s0
+/vendor/bin/hw/samsung\.hardware\.media\.c2@1\.2-service                    u:object_r:mediacodec_samsung_exec:s0
+/vendor/bin/hw/google\.hardware\.media\.c2@2\.0-service                     u:object_r:mediacodec_google_exec:s0
 
 # Vendor Firmwares
 /vendor/firmware(/.*)?                                                      u:object_r:vendor_fw_file:s0
diff --git a/legacy/whitechapel_pro/mediacodec_google.te b/vendor/mediacodec_google.te
similarity index 53%
rename from legacy/whitechapel_pro/mediacodec_google.te
rename to vendor/mediacodec_google.te
index 21aea333..a2009d64 100644
--- a/legacy/whitechapel_pro/mediacodec_google.te
+++ b/vendor/mediacodec_google.te
@@ -3,22 +3,6 @@ type mediacodec_google_exec, exec_type, vendor_file_type, file_type;
 
 init_daemon_domain(mediacodec_google)
 
-# can route /dev/binder traffic to /dev/vndbinder
-vndbinder_use(mediacodec_google)
-
-hal_server_domain(mediacodec_google, hal_codec2)
-
-# mediacodec_google may use an input surface from a different Codec2 service
-hal_client_domain(mediacodec_google, hal_codec2)
-
-hal_client_domain(mediacodec_google, hal_graphics_allocator)
-
-allow mediacodec_google dmabuf_system_heap_device:chr_file r_file_perms;
-allow mediacodec_google dmabuf_system_secure_heap_device:chr_file r_file_perms;
-allow mediacodec_google video_device:chr_file rw_file_perms;
-
-crash_dump_fallback(mediacodec_google)
-
 # mediacodec_google should never execute any executable without a domain transition
 neverallow mediacodec_google { file_type fs_type }:file execute_no_trans;
 
@@ -27,4 +11,4 @@ neverallow mediacodec_google { file_type fs_type }:file execute_no_trans;
 # Lengthier explanation here:
 # https://android-developers.googleblog.com/2016/05/hardening-media-stack.html
 neverallow mediacodec_google domain:{ udp_socket rawip_socket } *;
-neverallow mediacodec_google { domain userdebug_or_eng(`-su') }:tcp_socket *;
\ No newline at end of file
+neverallow mediacodec_google { domain userdebug_or_eng(`-su') }:tcp_socket *;
diff --git a/legacy/whitechapel_pro/mediacodec_samsung.te b/vendor/mediacodec_samsung.te
similarity index 51%
rename from legacy/whitechapel_pro/mediacodec_samsung.te
rename to vendor/mediacodec_samsung.te
index 2c5d7ede..8aec0da5 100644
--- a/legacy/whitechapel_pro/mediacodec_samsung.te
+++ b/vendor/mediacodec_samsung.te
@@ -2,26 +2,6 @@ type mediacodec_samsung, domain;
 type mediacodec_samsung_exec, vendor_file_type, exec_type, file_type;
 init_daemon_domain(mediacodec_samsung)
 
-hal_server_domain(mediacodec_samsung, hal_codec2)
-add_service(mediacodec_samsung, eco_service)
-
-# can route /dev/binder traffic to /dev/vndbinder
-vndbinder_use(mediacodec_samsung)
-
-allow mediacodec_samsung video_device:chr_file rw_file_perms;
-allow mediacodec_samsung dmabuf_system_heap_device:chr_file r_file_perms;
-allow mediacodec_samsung gpu_device:chr_file rw_file_perms;
-
-allow mediacodec_samsung sysfs_mfc:file r_file_perms;
-allow mediacodec_samsung sysfs_mfc:dir r_dir_perms;
-
-# can use graphics allocator
-hal_client_domain(mediacodec_samsung, hal_graphics_allocator)
-
-binder_call(mediacodec_samsung, hal_camera_default)
-
-crash_dump_fallback(mediacodec_samsung)
-
 # mediacodec_samsung should never execute any executable without a domain transition
 neverallow mediacodec_samsung { file_type fs_type }:file execute_no_trans;