diff --git a/private/compat/29.0/29.0.ignore.cil b/private/compat/29.0/29.0.ignore.cil
index a7a0af32f..88e6efd9a 100644
--- a/private/compat/29.0/29.0.ignore.cil
+++ b/private/compat/29.0/29.0.ignore.cil
@@ -42,5 +42,4 @@
     vendor_boringssl_self_test
     vendor_install_recovery
     vendor_install_recovery_exec
-    virtual_ab_prop
-    wifi_stack_service))
+    virtual_ab_prop))
diff --git a/private/logd.te b/private/logd.te
index f24cb80f7..ca92e2061 100644
--- a/private/logd.te
+++ b/private/logd.te
@@ -35,5 +35,4 @@ neverallow {
   -shell
   userdebug_or_eng(`-su')
   -system_app
-  -network_stack
 } runtime_event_log_tags_file:file no_rw_file_perms;
diff --git a/private/network_stack.te b/private/network_stack.te
index e13284032..a1d97b73d 100644
--- a/private/network_stack.te
+++ b/private/network_stack.te
@@ -1,4 +1,4 @@
-############### Networking service app - NetworkStack.apk ##############
+# Networking service app
 typeattribute network_stack coredomain;
 
 app_domain(network_stack);
@@ -29,45 +29,6 @@ allow network_stack radio_data_file:file create_file_perms;
 
 binder_call(network_stack, netd);
 
-############### Wifi Service app - WifiStack.apk ##############
-# Data file accesses.
-# Manage /data/misc/wifi & /data/misc_ce/<user_id>/wifi.
-allow network_stack wifi_data_file:dir create_dir_perms;
-allow network_stack wifi_data_file:file create_file_perms;
-
-# Property accesses
-userdebug_or_eng(`
-  set_prop(network_stack, wifi_log_prop)
-
-  # Allow network_stack to read dmesg
-  # TODO(b/137085509): Remove this.
-  allow network_stack kernel:system syslog_read;
-')
-
-# Binder IPC.
-allow network_stack audioserver_service:service_manager find;
-allow network_stack network_score_service:service_manager find;
-allow network_stack network_stack_service:service_manager find;
-allow network_stack radio_service:service_manager find;
-allow network_stack wificond_service:service_manager find;
-allow network_stack wifiscanner_service:service_manager find;
-binder_call(network_stack, system_server)
-binder_call(network_stack, wificond)
-
-# HwBinder IPC.
-hal_client_domain(network_stack, hal_wifi)
-hal_client_domain(network_stack, hal_wifi_hostapd)
-hal_client_domain(network_stack, hal_wifi_supplicant)
-
-# Allow WifiService to start, stop, and read wifi-specific trace events.
-allow network_stack debugfs_tracing_instances:dir search;
-allow network_stack debugfs_wifi_tracing:dir search;
-allow network_stack debugfs_wifi_tracing:file rw_file_perms;
-
-# dumpstate support
-allow network_stack dumpstate:fd use;
-allow network_stack dumpstate:fifo_file write;
-
 # Create/use netlink_tcpdiag_socket to get tcp info
 allow network_stack self:netlink_tcpdiag_socket { create_socket_perms_no_ioctl nlmsg_read nlmsg_write };
 ############### Tethering Service app - Tethering.apk ##############
diff --git a/private/seapp_contexts b/private/seapp_contexts
index 289327877..383857866 100644
--- a/private/seapp_contexts
+++ b/private/seapp_contexts
@@ -144,7 +144,7 @@ isSystemServer=true domain=system_server_startup
 user=_app seinfo=platform name=com.android.traceur domain=traceur_app type=app_data_file levelFrom=all
 user=system seinfo=platform domain=system_app type=system_app_data_file
 user=bluetooth seinfo=platform domain=bluetooth type=bluetooth_data_file
-user=network_stack seinfo=network_stack domain=network_stack type=radio_data_file
+user=network_stack seinfo=network_stack domain=network_stack levelFrom=all type=radio_data_file
 user=nfc seinfo=platform domain=nfc type=nfc_data_file
 user=secure_element seinfo=platform domain=secure_element levelFrom=all
 user=radio seinfo=platform domain=radio type=radio_data_file
diff --git a/private/service_contexts b/private/service_contexts
index dd7111113..fa52a05a2 100644
--- a/private/service_contexts
+++ b/private/service_contexts
@@ -226,6 +226,5 @@ wifi                                      u:object_r:wifi_service:s0
 wificond                                  u:object_r:wificond_service:s0
 wifiaware                                 u:object_r:wifiaware_service:s0
 wifirtt                                   u:object_r:rttmanager_service:s0
-wifi_stack                                u:object_r:wifi_stack_service:s0
 window                                    u:object_r:window_service:s0
 *                                         u:object_r:default_android_service:s0
diff --git a/private/vold_prepare_subdirs.te b/private/vold_prepare_subdirs.te
index e7f27b959..348d3ce32 100644
--- a/private/vold_prepare_subdirs.te
+++ b/private/vold_prepare_subdirs.te
@@ -21,7 +21,6 @@ allow vold_prepare_subdirs {
     rollback_data_file
     storaged_data_file
     vold_data_file
-    wifi_data_file
 }:dir { create_dir_perms relabelto };
 allow vold_prepare_subdirs {
     backup_data_file
@@ -32,7 +31,6 @@ allow vold_prepare_subdirs {
     storaged_data_file
     system_data_file
     vold_data_file
-    wifi_data_file
 }:file { getattr unlink };
 
 dontaudit vold_prepare_subdirs { proc unlabeled }:file r_file_perms;
diff --git a/public/app.te b/public/app.te
index 030aba582..b771b5fae 100644
--- a/public/app.te
+++ b/public/app.te
@@ -364,7 +364,7 @@ allow appdomain zygote_tmpfs:file { map read };
 ###
 
 # Superuser capabilities.
-# bluetooth/wifi requires net_admin and wake_alarm. network stack app requires net_admin.
+# bluetooth requires net_admin and wake_alarm. network stack app requires net_admin.
 neverallow { appdomain -bluetooth -network_stack } self:capability_class_set *;
 
 # Block device access.
@@ -488,8 +488,9 @@ neverallow appdomain
 neverallow appdomain
     systemkeys_data_file:dir_file_class_set
     { create write setattr relabelfrom relabelto append unlink link rename };
-neverallow { appdomain -network_stack }
-    wifi_data_file:dir_file_class_set *;
+neverallow appdomain
+    wifi_data_file:dir_file_class_set
+    { create write setattr relabelfrom relabelto append unlink link rename };
 neverallow appdomain
     dhcp_data_file:dir_file_class_set
     { create write setattr relabelfrom relabelto append unlink link rename };
@@ -512,7 +513,7 @@ neverallow appdomain
     proc:dir_file_class_set write;
 
 # Access to syslog(2) or /proc/kmsg.
-neverallow { appdomain userdebug_or_eng(`-network_stack') } kernel:system { syslog_read syslog_mod syslog_console };
+neverallow appdomain kernel:system { syslog_read syslog_mod syslog_console };
 
 # SELinux is not an API for apps to use
 neverallow { appdomain -shell } *:security { compute_av check_context };
diff --git a/public/service.te b/public/service.te
index c025530fe..f746727db 100644
--- a/public/service.te
+++ b/public/service.te
@@ -186,7 +186,6 @@ type webviewupdate_service, app_api_service, ephemeral_app_api_service, system_s
 type wifip2p_service, app_api_service, system_server_service, service_manager_type;
 type wifiscanner_service, system_api_service, system_server_service, service_manager_type;
 type wifi_service, app_api_service, system_server_service, service_manager_type;
-type wifi_stack_service, system_server_service, service_manager_type;
 type wificond_service, service_manager_type;
 type wifiaware_service, app_api_service, system_server_service, service_manager_type;
 type window_service, system_api_service, system_server_service, service_manager_type;
diff --git a/public/wificond.te b/public/wificond.te
index a55872abb..cfca60e3d 100644
--- a/public/wificond.te
+++ b/public/wificond.te
@@ -4,7 +4,6 @@ type wificond_exec, system_file_type, exec_type, file_type;
 
 binder_use(wificond)
 binder_call(wificond, system_server)
-binder_call(wificond, network_stack)
 
 add_service(wificond, wificond_service)