eliminate some anr_data_file permissions.

Init is now responsible for creating /data/anr, so it's
unnecessary to grant system_server and dumpstate permissions
to relabel this directory. Remove the excess permissions.

Leave system_data_file relabelfrom, since it's possible we're
still using it somewhere.

See commits:
  https://android-review.googlesource.com/161650
  https://android-review.googlesource.com/161477
  https://android-review.googlesource.com/161638

Bug: 22385254
Change-Id: I1fd226491f54d76ff51b03d4b91e7adc8d509df9

dumpstate.te

@@ -24,9 +24,8 @@ allow dumpstate system_file:file execute_no_trans;
 
 # Create and write into /data/anr/
 allow dumpstate self:capability { dac_override chown fowner fsetid };
-allow dumpstate anr_data_file:dir { rw_dir_perms relabelto };
+allow dumpstate anr_data_file:dir rw_dir_perms;
 allow dumpstate anr_data_file:file create_file_perms;
-allow dumpstate system_data_file:dir { create_dir_perms relabelfrom };
 
 # Allow reading /data/system/uiderrors.txt
 # TODO: scope this down.

system_server.te

@@ -269,9 +269,10 @@ allow system_server system_data_file:file relabelfrom;
 allow system_server wallpaper_file:file relabelto;
 allow system_server wallpaper_file:file { rw_file_perms unlink };
 
-# Relabel /data/anr.
+# This was originally required for relabeling /data/anr,
+# but should not be used anymore. TODO: remove it.
 allow system_server system_data_file:dir relabelfrom;
-allow system_server anr_data_file:dir relabelto;
+auditallow system_server system_data_file:dir relabelfrom;
 
 # Property Service write
 set_prop(system_server, system_prop)