diff --git a/device.te b/device.te
index a44b31ef21ece4573d6d4f5d3e26f3b649eb57af..d55258ad8956e99e386f4e694f45530df69109d3 100644
--- a/device.te
+++ b/device.te
@@ -10,9 +10,6 @@ type binder_device, dev_type, mlstrustedobject;
 type block_device, dev_type;
 type camera_device, dev_type;
 type dm_device, dev_type;
-# XXX may be specific for mako
-type dss_device, dev_type;
-type knvmap_device, dev_type;
 type loop_device, dev_type;
 type radio_device, dev_type;
 type ram_device, dev_type;
@@ -23,7 +20,6 @@ type graphics_device, dev_type;
 type input_device, dev_type;
 type kmem_device, dev_type;
 type log_device, dev_type, mlstrustedobject;
-type msm_rotator_device, dev_type;
 type mtd_device, dev_type;
 type mtp_device, dev_type, mlstrustedobject;
 type nfc_device, dev_type;
@@ -31,7 +27,6 @@ type nv_device, dev_type, mlstrustedobject;
 type powervr_device, dev_type, mlstrustedobject;
 type ptmx_device, dev_type, mlstrustedobject;
 type qemu_device, dev_type;
-type sysfs_devices_system_cpu, dev_type;
 type kmsg_device, dev_type;
 type null_device, dev_type, mlstrustedobject;
 type random_device, dev_type;
diff --git a/file_contexts b/file_contexts
index fef8fb2279173b1c2ccbfac021e8d6089213102c..8906e389ed7c892266250dfb5fcc5ed7a7fa0eaf 100644
--- a/file_contexts
+++ b/file_contexts
@@ -46,7 +46,6 @@
 /dev/console		u:object_r:console_device:s0
 /dev/cpuctl(/.*)?	u:object_r:cpuctl_device:s0
 /dev/device-mapper	u:object_r:dm_device:s0
-/dev/dsscomp        u:object_r:dss_device:s0
 /dev/eac		u:object_r:audio_device:s0
 /dev/full		u:object_r:full_device:s0
 /dev/fuse		u:object_r:fuse_device:s0
@@ -54,16 +53,12 @@
 /dev/input(/.*)		u:object_r:input_device:s0
 /dev/iio:device[0-9]+   u:object_r:iio_device:s0
 /dev/ion		u:object_r:ion_device:s0
-/dev/kgsl-3d0       u:object_r:graphics_device:s0
 /dev/kmem		u:object_r:kmem_device:s0
-/dev/knvmap     u:object_r:knvmap_device:s0
 /dev/log(/.*)?		u:object_r:log_device:s0
 /dev/mem		u:object_r:kmem_device:s0
 /dev/modem.*		u:object_r:radio_device:s0
 /dev/mpu		u:object_r:gps_device:s0
 /dev/mpuirq		u:object_r:gps_device:s0
-# XXX move to device-specific
-/dev/msm_rotator    u:object_r:msm_rotator_device:s0
 /dev/mtd(/.*)?		u:object_r:mtd_device:s0
 /dev/mtd/mtd5		u:object_r:radio_device:s0
 /dev/mtd/mtd5ro		u:object_r:radio_device:s0
diff --git a/surfaceflinger.te b/surfaceflinger.te
index 3a4b4b749a74425cde3d180af49f79f75f04e156..a383ec11e38e14f0b4ae95197ff089b4cfcacea7 100644
--- a/surfaceflinger.te
+++ b/surfaceflinger.te
@@ -32,9 +32,3 @@ allow surfaceflinger ctl_default_prop:property_service set;
 allow surfaceflinger appdomain:fd use;
 allow surfaceflinger platform_app_data_file:file { read write };
 allow surfaceflinger app_data_file:file { read write };
-
-# Allow access to special-purpose devices
-# XXX may be device-specific
-allow surfaceflinger dss_device:chr_file { read write };
-allow surfaceflinger knvmap_device:chr_file { ioctl };
-allow surfaceflinger msm_rotator_device:chr_file { open };
\ No newline at end of file
diff --git a/system.te b/system.te
index 4086d60093738a06636902ecdfcf62d4b984bea7..9d6d4c148de3cf30e45e4196d5ee1203957f54f3 100644
--- a/system.te
+++ b/system.te
@@ -122,7 +122,6 @@ selinux_check_access(system)
 
 # XXX Label sysfs files with a specific type?
 allow system sysfs:file rw_file_perms;
-allow system sysfs_devices_system_cpu:dir search;
 allow system sysfs_nfc_power_writable:file rw_file_perms;
 
 # Access devices.