[DO NOT MERGE] Don't drop restricted permissions on upgrade
Restricted permissions cannot be held until whitelisted. In
a P -> Q upgrade we grandfather all restricted permissions.
However, the whitelisting code runs after the internal update
of permission happens for the first time resulting in a
revocation of the restricted permissions we were about to
grandfather.
The fix is to not deal with restricted permission when updating
the permissions state until the permission controller has run
the grandfathering logic and once the latter happens we do run
the permission update logic again to properly handle the
restricted permissions.
Bug: 138263882
Test: atest CtsPermissionTestCases
atest CtsPermission2TestCases
atest CtsAppSecurityHostTestCases:android.appsecurity.cts.PermissionsHostTest
P -> Q upgrade preserves grandfathered restricted permissions
P -> Bad Q build -> Q fixes up broken fixed restricted permissions
Change-Id: Iaef80426bf50181df93d1380af1d0855340def8e
(cherry picked from commit 0b41c8940a44a9eff4b277ce019a1ffdb3a44b7e)
6 files changed
