diff --git a/legacy/zuma/vendor/tee.te b/legacy/zuma/vendor/tee.te
index c99a02d..8551b24 100644
--- a/legacy/zuma/vendor/tee.te
+++ b/legacy/zuma/vendor/tee.te
@@ -7,7 +7,6 @@ allow tee persist_file:dir r_dir_perms;
 allow tee mnt_vendor_file:dir r_dir_perms;
 allow tee tee_data_file:dir rw_dir_perms;
 allow tee tee_data_file:lnk_file r_file_perms;
-allow tee tee_persist_block_device:blk_file rw_file_perms;
 allow tee block_device:dir search;
 
 # Allow storageproxyd access to gsi_public_metadata_file
diff --git a/tracking_denials/tee.te b/tracking_denials/tee.te
deleted file mode 100644
index 267a291..0000000
--- a/tracking_denials/tee.te
+++ /dev/null
@@ -1,2 +0,0 @@
-# b/312894027
-dontaudit tee tee_userdata_block_device:blk_file { read write };
diff --git a/vendor/device.te b/vendor/device.te
index cef6cd1..b5f1575 100644
--- a/vendor/device.te
+++ b/vendor/device.te
@@ -1 +1,3 @@
 type lwis_device, dev_type;
+type tee_persist_block_device, dev_type;
+type tee_userdata_block_device, dev_type;
diff --git a/vendor/tee.te b/vendor/tee.te
index 9fd01ec..ba5ee08 100644
--- a/vendor/tee.te
+++ b/vendor/tee.te
@@ -1,2 +1,2 @@
-type tee_persist_block_device, dev_type;
-type tee_userdata_block_device, dev_type;
+allow tee tee_persist_block_device:blk_file rw_file_perms;
+allow tee tee_userdata_block_device:blk_file rw_file_perms;