diff --git a/bootanim.te b/bootanim.te
index 550c6dc2aece0d0856f5ea89183142b9405198e2..fa0e4dca19f63f741e8da4824a733eaee9f872ca 100644
--- a/bootanim.te
+++ b/bootanim.te
@@ -18,10 +18,6 @@ allow bootanim audio_device:chr_file rw_file_perms;
 
 allow bootanim surfaceflinger_service:service_manager find;
 
-# For /acct/uid/*/tasks.
-allow bootanim cgroup:dir { search write };
-allow bootanim cgroup:file w_file_perms;
-
 # Allow access to ion memory allocation device
 allow bootanim ion_device:chr_file rw_file_perms;
 
diff --git a/domain.te b/domain.te
index 6d2eadc9cd4611f78c64ef7574bdac4feff5fe62..2a63c82e471461145c4e63ace4a9ae7d2f16b132 100644
--- a/domain.te
+++ b/domain.te
@@ -121,6 +121,10 @@ allow domain selinuxfs:file getattr;
 allow domain sysfs:dir search;
 allow domain selinuxfs:filesystem getattr;
 
+# For /acct/uid/*/tasks.
+allow domain cgroup:dir { search write };
+allow domain cgroup:file w_file_perms;
+
 # Almost all processes log tracing information to
 # /sys/kernel/debug/tracing/trace_marker
 # The reason behind this is documented in b/6513400
diff --git a/domain_deprecated.te b/domain_deprecated.te
index 0db79da54a982c4b868d8e7dfe877b4ccfaea811..ed88cca9957845cc6f23e4a46bf2979fc37366a3 100644
--- a/domain_deprecated.te
+++ b/domain_deprecated.te
@@ -49,10 +49,6 @@ allow domain_deprecated cache_file:dir r_dir_perms;
 allow domain_deprecated cache_file:file { getattr read };
 allow domain_deprecated cache_file:lnk_file r_file_perms;
 
-# For /acct/uid/*/tasks.
-allow domain_deprecated cgroup:dir { search write };
-allow domain_deprecated cgroup:file w_file_perms;
-
 #Allow access to ion memory allocation device
 allow domain_deprecated ion_device:chr_file rw_file_perms;