diff --git a/public/init.te b/public/init.te
index ad8ced9498d29c140ced5077d3572ed129931dbb..c2938ad1589c5b8170f9492044144823a6d8df38 100644
--- a/public/init.te
+++ b/public/init.te
@@ -251,36 +251,24 @@ allow init {
 }:file { open read setattr };
 allow init { fs_type -contextmount_type -sdcard_type -rootfs }:dir  { open read setattr search };
 
-# init should not be able to read or open generic devices
-# TODO: auditing to see if this can be deleted entirely
 allow init {
-  dev_type
-  -keychord_device
-  -kmem_device
-  -port_device
-  -device
-  -vndbinder_device
-}:chr_file { read open };
-auditallow init {
-  dev_type
-  -alarm_device
-  -ashmem_device
-  -binder_device
-  -console_device
-  -device
-  -devpts
-  -dm_device
-  -hwbinder_device
-  -hw_random_device
-  -input_device
-  -kmem_device
-  -kmsg_device
-  -null_device
-  -owntty_device
-  -port_device
-  -ptmx_device
-  -random_device
-  -zero_device
+  alarm_device
+  ashmem_device
+  binder_device
+  console_device
+  devpts
+  dm_device
+  hwbinder_device
+  hw_random_device
+  input_device
+  kmsg_device
+  null_device
+  owntty_device
+  pmsg_device
+  ptmx_device
+  random_device
+  tty_device
+  zero_device
 }:chr_file { read open };
 
 # chown/chmod on devices.