dumpstate: remove JIT and /data execute

Not needed for modern Android versions. These rules are really, really
old.

Test: "adb bugreport" continues to work
Test: Generating a bugreport via key combo continues to work.
Change-Id: Ibc1157fb36abd7fc701db3819474f25210a3cb5f

private/dumpstate.te

@@ -8,9 +8,6 @@ domain_auto_trans(dumpstate, vdc_exec, vdc)
 # Acquire advisory lock on /system/etc/xtables.lock from ip[6]tables
 allow dumpstate system_file:file lock;
 
-# TODO: deal with tmpfs_domain pub/priv split properly
-allow dumpstate dumpstate_tmpfs:file execute;
-
 # systrace support - allow atrace to run
 allow dumpstate debugfs_tracing:dir r_dir_perms;
 allow dumpstate debugfs_tracing:file rw_file_perms;

public/domain.te

@@ -428,7 +428,6 @@ neverallow {
     domain
     -appdomain
     with_asan(`-asan_extract')
-    -dumpstate
     -shell
     userdebug_or_eng(`-su')
     -webview_zygote

public/dumpstate.te

@@ -137,13 +137,6 @@ allow dumpstate shell_exec:file rx_file_perms;
 # For running am and similar framework commands.
 # Run /system/bin/app_process.
 allow dumpstate zygote_exec:file rx_file_perms;
-# Dalvik Compiler JIT.
-allow dumpstate ashmem_device:chr_file execute;
-allow dumpstate self:process execmem;
-# For art.
-allow dumpstate dalvikcache_data_file:dir { search getattr };
-allow dumpstate dalvikcache_data_file:file { r_file_perms execute };
-allow dumpstate dalvikcache_data_file:lnk_file r_file_perms;
 
 # For Bluetooth
 allow dumpstate bluetooth_data_file:dir search;