diff --git a/refpolicy/Changelog b/refpolicy/Changelog
index 4fca63c..35ef9b1 100644
--- a/refpolicy/Changelog
+++ b/refpolicy/Changelog
@@ -1,3 +1,4 @@
+- Remove unused lvm_vg_t.
- Many interface renames to improve naming consistency.
- Merge xdm into xserver.
- Remove kernel module reversed interfaces.
diff --git a/refpolicy/policy/modules/kernel/storage.if b/refpolicy/policy/modules/kernel/storage.if
index 395cd8f..2fd6bf0 100644
--- a/refpolicy/policy/modules/kernel/storage.if
+++ b/refpolicy/policy/modules/kernel/storage.if
@@ -244,50 +244,6 @@ interface(`storage_swapon_fixed_disk',`
########################################
##
-## Allow the caller to directly read from a logical volume.
-## This is extremly dangerous as it can bypass the
-## SELinux protections for filesystem objects, and
-## should only be used by trusted domains.
-##
-##
-## The type of the process performing this action.
-##
-#
-interface(`storage_raw_read_lvm_volume',`
- gen_require(`
- attribute fixed_disk_raw_read;
- type lvm_vg_t;
- ')
-
- dev_list_all_dev_nodes($1)
- allow $1 lvm_vg_t:blk_file r_file_perms;
- typeattribute $1 fixed_disk_raw_read;
-')
-
-########################################
-##
-## Allow the caller to directly read from a logical volume.
-## This is extremly dangerous as it can bypass the
-## SELinux protections for filesystem objects, and
-## should only be used by trusted domains.
-##
-##
-## The type of the process performing this action.
-##
-#
-interface(`storage_raw_write_lvm_volume',`
- gen_require(`
- attribute fixed_disk_raw_write;
- type lvm_vg_t;
- ')
-
- dev_list_all_dev_nodes($1)
- allow $1 lvm_vg_t:blk_file { getattr write ioctl };
- typeattribute $1 fixed_disk_raw_write;
-')
-
-########################################
-##
## Allow the caller to get the attributes of
## the generic SCSI interface device nodes.
##
@@ -648,12 +604,12 @@ interface(`storage_setattr_tape_dev',`
interface(`storage_unconfined',`
gen_require(`
type fixed_disk_device_t, removable_device_t;
- type lvm_vg_t, scsi_generic_device_t, tape_device_t;
+ type scsi_generic_device_t, tape_device_t;
attribute fixed_disk_raw_read, fixed_disk_raw_write;
attribute scsi_generic_read, scsi_generic_write;
')
- allow $1 { fixed_disk_device_t removable_device_t lvm_vg_t }:blk_file *;
+ allow $1 { fixed_disk_device_t removable_device_t }:blk_file *;
allow $1 { scsi_generic_device_t tape_device_t }:chr_file *;
typeattribute $1 fixed_disk_raw_read, fixed_disk_raw_write;
diff --git a/refpolicy/policy/modules/kernel/storage.te b/refpolicy/policy/modules/kernel/storage.te
index 0f1b9e1..f4bf61d 100644
--- a/refpolicy/policy/modules/kernel/storage.te
+++ b/refpolicy/policy/modules/kernel/storage.te
@@ -15,24 +15,13 @@ attribute scsi_generic_write;
# fixed_disk_device_t is the type of
# /dev/hd* and /dev/sd*.
#
-type fixed_disk_device_t;
+type fixed_disk_device_t alias lvm_vg_t;
dev_node(fixed_disk_device_t)
neverallow ~fixed_disk_raw_read fixed_disk_device_t:{ chr_file blk_file } read;
neverallow ~fixed_disk_raw_write fixed_disk_device_t:{ chr_file blk_file } { append write };
#
-# lvm_vg_t is the type of logical volume groups
-#
-type lvm_vg_t;
-dev_node(lvm_vg_t)
-
-# from the subject's point of view, same as read/writing a regular
-# fixed disk, so use the same assertions as above
-neverallow ~fixed_disk_raw_read lvm_vg_t:{ chr_file blk_file } read;
-neverallow ~fixed_disk_raw_write lvm_vg_t:{ chr_file blk_file } { append write };
-
-#
# scsi_generic_device_t is the type of /dev/sg*
# it gives access to ALL SCSI devices (both fixed and removable)
#