Remove deprecated tagSocket() permissions am: 0d1e52a5

am: c1753b7a

Change-Id: I5ae0c1791c2e588e6cdd177a4f1a8758cb2de3ad

private/system_server.te

@@ -122,10 +122,6 @@ allow system_server hal_audio_server:file w_file_perms;
 # for dumping stack traces of native processes.
 r_dir_file(system_server, domain)
 
-# Read/Write to /proc/net/xt_qtaguid/ctrl and and /dev/xt_qtaguid.
-allow system_server qtaguid_proc:file rw_file_perms;
-allow system_server qtaguid_device:chr_file rw_file_perms;
-
 # Write /proc/uid_cputime/remove_uid_range.
 allow system_server proc_uid_cputime_removeuid:file { w_file_perms getattr };
 

public/mediaserver.te

@@ -60,10 +60,6 @@ r_dir_file(mediaserver, media_rw_data_file)
 # Grant access to read files on appfuse.
 allow mediaserver app_fuse_file:file { read getattr };
 
-# Read/[write] to /proc/net/xt_qtaguid/ctrl and /dev/xt_qtaguid
-allow mediaserver qtaguid_proc:file rw_file_perms;
-allow mediaserver qtaguid_device:chr_file r_file_perms;
-
 # Needed on some devices for playing DRM protected content,
 # but seems expected and appropriate for all devices.
 unix_socket_connect(mediaserver, drmserver, drmserver)

public/update_engine.te

@@ -4,11 +4,6 @@ type update_engine_exec, exec_type, file_type;
 
 net_domain(update_engine);
 
-# Read/[write] to /proc/net/xt_qtaguid/ctrl and /dev/xt_qtaguid to tag network
-# sockets.
-allow update_engine qtaguid_proc:file rw_file_perms;
-allow update_engine qtaguid_device:chr_file r_file_perms;
-
 # Following permissions are needed for update_engine.
 allow update_engine self:process { setsched };
 allow update_engine self:global_capability_class_set { fowner sys_admin };