diff --git a/sepolicy/cnss_diag.te b/sepolicy/cnss_diag.te
deleted file mode 100644
index faf164b8..00000000
--- a/sepolicy/cnss_diag.te
+++ /dev/null
@@ -1,19 +0,0 @@
-# Policy for /vendor/bin/cnss_diag
-type cnss_diag, domain;
-type cnss_diag_exec, exec_type, file_type;
-
-init_daemon_domain(cnss_diag)
-
-allow cnss_diag self:capability { setgid setuid };
-
-allow cnss_diag self:netlink_socket create_socket_perms_no_ioctl;
-allow cnss_diag sysfs:file r_file_perms;
-
-# b/35877764 suppress the udp_socket denial message temproarily
-dontaudit cnss_diag self:udp_socket create;
-
-userdebug_or_eng(`
-  allow cnss_diag diag_device:chr_file rw_file_perms;
-  allow cnss_diag cnss_vendor_data_file:dir create_dir_perms;
-  allow cnss_diag cnss_vendor_data_file:file create_file_perms;
-')
diff --git a/sepolicy/wcnss_service.te b/sepolicy/wcnss_service.te
index 78e49273..487f7350 100644
--- a/sepolicy/wcnss_service.te
+++ b/sepolicy/wcnss_service.te
@@ -22,7 +22,7 @@ allowxperm wcnss_service self:udp_socket ioctl { SIOCIWFIRSTPRIV_05 SIOCSIFFLAGS
 allow wcnss_service self:netlink_generic_socket create_socket_perms_no_ioctl;
 allow wcnss_service self:netlink_socket create_socket_perms_no_ioctl;
 
-allow wcnss_service cnss_vendor_data_file:dir rw_dir_perms;
+allow wcnss_service cnss_vendor_data_file:dir create_dir_perms;
 allow wcnss_service cnss_vendor_data_file:file create_file_perms;
 
 allow wcnss_service proc_net:file getattr;