diff --git a/refpolicy/policy/modules/kernel/devices.te b/refpolicy/policy/modules/kernel/devices.te
index 495a2e9..b9fd2f9 100644
--- a/refpolicy/policy/modules/kernel/devices.te
+++ b/refpolicy/policy/modules/kernel/devices.te
@@ -2,11 +2,9 @@
 
 policy_module(devices,1.0)
 
-#
-# Device types
-#
-
 attribute device_node;
+attribute memory_raw_read;
+attribute memory_raw_write;
 
 #
 # device_t is the type of /dev.
@@ -16,10 +14,6 @@ files_make_file(device_t)
 files_make_mountpoint(device_t)
 filesystem_tmpfs_associate(device_t)
 
-type cardmgr_dev_t, device_node;
-filesystem_associate(cardmgr_dev_t)
-filesystem_tmpfs_associate(cardmgr_dev_t)
-
 # Only directories and symlinks should be labeled device_t.
 # If there are other files with this type, it is wrong.
 # Relabelto is allowed for setfiles to function, in case
@@ -28,43 +22,9 @@ filesystem_tmpfs_associate(cardmgr_dev_t)
 #cjp: want this, but udev policy breaks this
 #neverallow * device_t:{ file fifo_file sock_file chr_file blk_file } ~{ getattr setattr relabelfrom relabelto };
 
-#
-# zero_device_t is the type of /dev/zero.
-#
-type zero_device_t, device_node;
-filesystem_associate(zero_device_t)
-filesystem_tmpfs_associate(zero_device_t)
-
-#
-# null_device_t is the type of /dev/null.
-#
-type null_device_t, device_node;
-filesystem_associate(null_device_t)
-filesystem_tmpfs_associate(null_device_t)
-
-#
-# memory_device_t is the type of /dev/kmem,
-# /dev/mem and /dev/port.
-#
-type memory_device_t, device_node;
-filesystem_associate(memory_device_t)
-filesystem_tmpfs_associate(memory_device_t)
-
-attribute memory_raw_read;
-attribute memory_raw_write;
-neverallow ~memory_raw_read memory_device_t:{ chr_file blk_file } read;
-neverallow ~memory_raw_write memory_device_t:{ chr_file blk_file } { append write };
-
-#
-# random_device_t is the type of /dev/random
-# urandom_device_t is the type of /dev/urandom
-#
-type random_device_t, device_node;
-type urandom_device_t, device_node;
-filesystem_associate(random_device_t)
-filesystem_associate(urandom_device_t)
-filesystem_tmpfs_associate(random_device_t)
-filesystem_tmpfs_associate(urandom_device_t)
+type cardmgr_dev_t, device_node;
+filesystem_associate(cardmgr_dev_t)
+filesystem_tmpfs_associate(cardmgr_dev_t)
 
 #
 # Type for /dev/agpgart
@@ -95,6 +55,14 @@ type cpu_device_t, device_node;
 filesystem_associate(cpu_device_t)
 filesystem_tmpfs_associate(cpu_device_t)
 
+type dri_device_t, device_node;
+filesystem_associate(dri_device_t)
+filesystem_tmpfs_associate(dri_device_t)
+
+type event_device_t, device_node;
+filesystem_associate(event_device_t)
+filesystem_tmpfs_associate(event_device_t)
+
 #
 # Type for framebuffer /dev/fb/*
 #
@@ -110,6 +78,24 @@ filesystem_associate(lvm_control_t)
 filesystem_tmpfs_associate(lvm_control_t)
 
 #
+# memory_device_t is the type of /dev/kmem,
+# /dev/mem and /dev/port.
+#
+type memory_device_t, device_node;
+filesystem_associate(memory_device_t)
+filesystem_tmpfs_associate(memory_device_t)
+
+neverallow ~memory_raw_read memory_device_t:{ chr_file blk_file } read;
+neverallow ~memory_raw_write memory_device_t:{ chr_file blk_file } { append write };
+
+#
+# A more general type for mouse devices.
+#
+type mouse_device_t, device_node;
+filesystem_associate(mouse_device_t)
+filesystem_tmpfs_associate(mouse_device_t)
+
+#
 # Type for /dev/cpu/mtrr and /proc/mtrr
 #
 type mtrr_device_t, device_node;
@@ -118,6 +104,13 @@ filesystem_tmpfs_associate(mtrr_device_t)
 genfscon proc /mtrr system_u:object_r:mtrr_device_t
 
 #
+# null_device_t is the type of /dev/null.
+#
+type null_device_t, device_node;
+filesystem_associate(null_device_t)
+filesystem_tmpfs_associate(null_device_t)
+
+#
 # Type for /dev/pmu 
 #
 type power_device_t, device_node;
@@ -129,12 +122,30 @@ filesystem_associate(printer_device_t)
 filesystem_tmpfs_associate(printer_device_t)
 
 #
+# random_device_t is the type of /dev/random
+#
+type random_device_t, device_node;
+filesystem_associate(random_device_t)
+filesystem_tmpfs_associate(random_device_t)
+
+type scanner_device_t, device_node;
+filesystem_associate(scanner_device_t)
+filesystem_tmpfs_associate(scanner_device_t)
+
+#
 # Type for sound devices and mixers
 #
 type sound_device_t, device_node;
 filesystem_associate(sound_device_t)
 filesystem_tmpfs_associate(sound_device_t)
 
+#
+# urandom_device_t is the type of /dev/urandom
+#
+type urandom_device_t, device_node;
+filesystem_associate(urandom_device_t)
+filesystem_tmpfs_associate(urandom_device_t)
+
 type v4l_device_t, device_node;
 filesystem_associate(v4l_device_t)
 filesystem_tmpfs_associate(v4l_device_t)
@@ -142,3 +153,10 @@ filesystem_tmpfs_associate(v4l_device_t)
 type xserver_misc_device_t, device_node;
 filesystem_associate(xserver_misc_device_t)
 filesystem_tmpfs_associate(xserver_misc_device_t)
+
+#
+# zero_device_t is the type of /dev/zero.
+#
+type zero_device_t, device_node;
+filesystem_associate(zero_device_t)
+filesystem_tmpfs_associate(zero_device_t)