diff --git a/sepolicy/device.te b/sepolicy/device.te
index fc205528..d5e6d7e0 100644
--- a/sepolicy/device.te
+++ b/sepolicy/device.te
@@ -1,3 +1,4 @@
+type ab_block_device, dev_type;
 type at_device, dev_type;
 type avtimer_device, dev_type;
 type bt_device, dev_type;
@@ -6,18 +7,18 @@ type dsp_device, dev_type;
 type easel_device, dev_type;
 type hbtp_device, dev_type;
 type ipa_dev, dev_type;
+type modem_block_device, dev_type;
 type qsee_ipc_irq_spss_device, dev_type;
 type qdsp_device, dev_type, mlstrustedobject;
 type ramdump_device, dev_type;
 type rmnet_device, dev_type;
-type sda_block_device, dev_type;
-type sdd_block_device, dev_type;
-type sdf_block_device, dev_type;
 type gpt_block_device, dev_type;
-type xbl_block_device, dev_type;
+type ramdump_block_device, dev_type;
 type seemplog_device, dev_type;
 type sg_device, dev_type;
 type smd_device, dev_type;
 type spcom_device, dev_type;
+type ssd_block_device, dev_type;
 type ssr_device, dev_type;
 type wlan_device, dev_type;
+type xbl_block_device, dev_type;
diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts
index 36f88144..4cc7c49c 100644
--- a/sepolicy/file_contexts
+++ b/sepolicy/file_contexts
@@ -54,11 +54,45 @@
 /dev/wlan                                       u:object_r:wlan_device:s0
 
 # dev block nodes
-/dev/block/sdd[0-9]+                            u:object_r:sdd_block_device:s0
-/dev/block/sdf[0-9]+                            u:object_r:sdf_block_device:s0
+/dev/block/platform/soc/1da4000\.ufshc/by-name/abl_[ab]        u:object_r:ab_block_device:s0
+/dev/block/platform/soc/1da4000\.ufshc/by-name/apdp_[ab]       u:object_r:ab_block_device:s0
+/dev/block/platform/soc/1da4000\.ufshc/by-name/cmnlib64_[ab]   u:object_r:ab_block_device:s0
+/dev/block/platform/soc/1da4000\.ufshc/by-name/cmnlib_[ab]     u:object_r:ab_block_device:s0
+/dev/block/platform/soc/1da4000\.ufshc/by-name/dbto_[ab]       u:object_r:ab_block_device:s0
+/dev/block/platform/soc/1da4000\.ufshc/by-name/devcfg_[ab]     u:object_r:ab_block_device:s0
+/dev/block/platform/soc/1da4000\.ufshc/by-name/hosd_[ab]       u:object_r:ab_block_device:s0
+/dev/block/platform/soc/1da4000\.ufshc/by-name/hyp_[ab]        u:object_r:ab_block_device:s0
+/dev/block/platform/soc/1da4000\.ufshc/by-name/keymaster_[ab]  u:object_r:ab_block_device:s0
+/dev/block/platform/soc/1da4000\.ufshc/by-name/lockbooter_[ab] u:object_r:ab_block_device:s0
+/dev/block/platform/soc/1da4000\.ufshc/by-name/msadp_[ab]      u:object_r:ab_block_device:s0
+/dev/block/platform/soc/1da4000\.ufshc/by-name/pmic_[ab]       u:object_r:ab_block_device:s0
+/dev/block/platform/soc/1da4000\.ufshc/by-name/rpm_[ab]        u:object_r:ab_block_device:s0
+/dev/block/platform/soc/1da4000\.ufshc/by-name/storsec_[ab]    u:object_r:ab_block_device:s0
+/dev/block/platform/soc/1da4000\.ufshc/by-name/trusty_[ab]     u:object_r:ab_block_device:s0
+/dev/block/platform/soc/1da4000\.ufshc/by-name/tz_[ab]         u:object_r:ab_block_device:s0
+/dev/block/platform/soc/1da4000\.ufshc/by-name/vbmeta_[ab]     u:object_r:ab_block_device:s0
 
-# A/B partitions
-/dev/block/sda[0-9]+                            u:object_r:sda_block_device:s0
+/dev/block/platform/soc/1da4000\.ufshc/by-name/boot_[ab]       u:object_r:boot_block_device:s0
+
+/dev/block/platform/soc/1da4000\.ufshc/by-name/metadata        u:object_r:metadata_block_device:s0
+
+/dev/block/platform/soc/1da4000\.ufshc/by-name/misc            u:object_r:misc_block_device:s0
+
+/dev/block/platform/soc/1da4000\.ufshc/by-name/fsc             u:object_r:modem_block_device:s0
+/dev/block/platform/soc/1da4000\.ufshc/by-name/fsg             u:object_r:modem_block_device:s0
+/dev/block/platform/soc/1da4000\.ufshc/by-name/modem_[ab]      u:object_r:modem_block_device:s0
+/dev/block/platform/soc/1da4000\.ufshc/by-name/modemst[12]     u:object_r:modem_block_device:s0
+
+/dev/block/platform/soc/1da4000\.ufshc/by-name/ramdump         u:object_r:ramdump_block_device:s0
+
+/dev/block/platform/soc/1da4000\.ufshc/by-name/ssd             u:object_r:ssd_block_device:s0
+
+/dev/block/platform/soc/1da4000\.ufshc/by-name/system_[ab]     u:object_r:system_block_device:s0
+/dev/block/platform/soc/1da4000\.ufshc/by-name/vendor_[ab]     u:object_r:system_block_device:s0
+
+/dev/block/platform/soc/1da4000\.ufshc/by-name/userdata        u:object_r:userdata_block_device:s0
+
+/dev/block/platform/soc/1da4000\.ufshc/by-name/xbl_[ab]        u:object_r:xbl_block_device:s0
 
 # Block device holding the GPT, where the A/B attributes are stored.
 /dev/block/sda                                  u:object_r:gpt_block_device:s0
diff --git a/sepolicy/folio_daemon.te b/sepolicy/folio_daemon.te
index dfe4832e..99b7f780 100644
--- a/sepolicy/folio_daemon.te
+++ b/sepolicy/folio_daemon.te
@@ -4,6 +4,7 @@ type folio_daemon_exec, exec_type, file_type;
 init_daemon_domain(folio_daemon)
 
 allow folio_daemon binder_device:chr_file rw_file_perms;
+allow folio_daemon uhid_device:chr_file rw_file_perms;
 
 # TODO(b/35870313): Remove this attribute when the corresponding bug is fixed and the treble
 # violations are handled
diff --git a/sepolicy/fsck.te b/sepolicy/fsck.te
deleted file mode 100644
index 34d49016..00000000
--- a/sepolicy/fsck.te
+++ /dev/null
@@ -1 +0,0 @@
-allow fsck sda_block_device:blk_file rw_file_perms;
diff --git a/sepolicy/hal_bootctl.te b/sepolicy/hal_bootctl.te
index bd98962d..0e59b66f 100644
--- a/sepolicy/hal_bootctl.te
+++ b/sepolicy/hal_bootctl.te
@@ -5,11 +5,12 @@
 # partition names in the block_device directory /dev/block/.../by-name
 allow hal_bootctl block_device:dir r_dir_perms;
 
-# Get attributes on all the A/B partitions.
-allow hal_bootctl sda_block_device:blk_file getattr;
-
 # Edit the attributes stored in the GPT.
 allow hal_bootctl gpt_block_device:blk_file rw_file_perms;
+allow hal_bootctl ab_block_device:blk_file getattr;
+allow hal_bootctl boot_block_device:blk_file getattr;
+allow hal_bootctl modem_block_device:blk_file getattr;
+allow hal_bootctl system_block_device:blk_file getattr;
 
 # Access /dev/sgN devices (generic SCSI) to write the
 # A/B slot selection for the XBL partition. Allow also to issue a
diff --git a/sepolicy/init.te b/sepolicy/init.te
index 88dff8ff..b112c15c 100644
--- a/sepolicy/init.te
+++ b/sepolicy/init.te
@@ -2,7 +2,6 @@
 allow init tmpfs:lnk_file create;
 allow init configfs:lnk_file create;
 
-allow init sda_block_device:blk_file relabelto;
 allow init firmware_file:dir mounton;
 allow init configfs:file w_file_perms;
 
diff --git a/sepolicy/ramdump.te b/sepolicy/ramdump.te
index 893279b6..54a16b5c 100644
--- a/sepolicy/ramdump.te
+++ b/sepolicy/ramdump.te
@@ -8,8 +8,6 @@ userdebug_or_eng(`
 
   allow ramdump self:capability sys_rawio;
 
-  allow ramdump sda_block_device:blk_file rw_file_perms;
-  allow ramdump sdd_block_device:blk_file rw_file_perms;
   allow ramdump ramdump_data_file:dir w_dir_perms;
   allow ramdump ramdump_data_file:file create_file_perms;
   allow ramdump proc:file r_file_perms;
diff --git a/sepolicy/rild.te b/sepolicy/rild.te
index 33b6167b..ce0ec2e9 100644
--- a/sepolicy/rild.te
+++ b/sepolicy/rild.te
@@ -7,6 +7,7 @@ binder_call(rild, audioserver)
 allow rild qmuxd_socket:dir w_dir_perms;
 allow rild qmuxd_socket:sock_file create;
 
+allow rild netmgrd_socket:dir search;
 unix_socket_connect(rild, netmgrd, netmgrd)
 
 allow rild vendor_file:file { execute_no_trans lock };
diff --git a/sepolicy/rmt_storage.te b/sepolicy/rmt_storage.te
index ad7dc991..249d853a 100644
--- a/sepolicy/rmt_storage.te
+++ b/sepolicy/rmt_storage.te
@@ -7,8 +7,7 @@ wakelock_use(rmt_storage)
 
 allow rmt_storage self:capability { net_bind_service setgid setpcap setuid };
 
-allow rmt_storage sdd_block_device:blk_file rw_file_perms;
-allow rmt_storage sdf_block_device:blk_file rw_file_perms;
+allow rmt_storage modem_block_device:blk_file rw_file_perms;
 allow rmt_storage uio_device:chr_file rw_file_perms;
 
 allow rmt_storage sysfs_uio:dir r_dir_perms;
diff --git a/sepolicy/tee.te b/sepolicy/tee.te
index 7b08b708..404052dc 100644
--- a/sepolicy/tee.te
+++ b/sepolicy/tee.te
@@ -6,8 +6,7 @@ set_prop(tee, tee_listener_prop)
 set_prop(tee, keymaster_prop)
 
 allow tee block_device:dir { getattr search };
-allow tee sda_block_device:blk_file rw_file_perms;
-allow tee sdd_block_device:blk_file rw_file_perms;
+allow tee ssd_block_device:blk_file rw_file_perms;
 allow tee sg_device:chr_file { rw_file_perms setattr };
 
 allow tee system_data_file:dir r_dir_perms;
diff --git a/sepolicy/update_engine_common.te b/sepolicy/update_engine_common.te
index 16ae6d9c..c90607ec 100644
--- a/sepolicy/update_engine_common.te
+++ b/sepolicy/update_engine_common.te
@@ -1,6 +1,3 @@
 # Allow update_engine and update_engine_sideload (recovery) read/write on the
 # device-specific partitions it should update.
-allow update_engine_common {
-  sda_block_device
-  xbl_block_device
-}:blk_file rw_file_perms;
+allow update_engine_common xbl_block_device:blk_file rw_file_perms;
diff --git a/sepolicy/update_verifier.te b/sepolicy/update_verifier.te
index b7021a99..de8bd583 100644
--- a/sepolicy/update_verifier.te
+++ b/sepolicy/update_verifier.te
@@ -1,2 +1 @@
 allow update_verifier block_device:dir r_dir_perms;
-allow update_verifier sda_block_device:blk_file rw_file_perms;
diff --git a/sepolicy/vold.te b/sepolicy/vold.te
deleted file mode 100644
index 1f16d091..00000000
--- a/sepolicy/vold.te
+++ /dev/null
@@ -1 +0,0 @@
-allow vold sda_block_device:blk_file r_file_perms;