Don't remove SYSTEM_FIXED for intentional fixed grants to critical apps. See b/208785537#comment11. Bug: 208785537 Bug: 206556385 Bug: 183537857 Fixes: 203175819 Fixes: 229913295 Test: presubmit Change-Id: Iaf5e2a0d86259805a9ef03f8f1baa14dd8c58da0 Merged-In: Iaf5e2a0d86259805a9ef03f8f1baa14dd8c58da0 (cherry picked from commit e6f07a4fb2b5f17aefb17df8e7d04dcc57fd0be9) (cherry picked from commit b0b2863467a3a88087bc1d866067f5f62ba70238) (cherry picked from commit 751b86257688210328f300bc3268b99f14ed1a73)

commit: 74a6adb8e03af6e5c258eb3c55bf2fb49276b9d6 [log] [tgz]
author: Hai Zhang <zhanghai@google.com> Tue Dec 14 12:36:36 2021 +0000
committer: Roman Kiryanov <rkir@google.com> Wed Jun 15 05:31:44 2022 +0000
tree: ed9c18bb21c76784d7fae31e457626fe60d7c0a3
parent: a132abb4ca358cf581e3755f22f87d2e907f7105 [diff]
diff --git a/services/core/java/com/android/server/pm/permission/DefaultPermissionGrantPolicy.java b/services/core/java/com/android/server/pm/permission/DefaultPermissionGrantPolicy.java
index 3019146..c2c5d91 100644
--- a/services/core/java/com/android/server/pm/permission/DefaultPermissionGrantPolicy.java
+++ b/services/core/java/com/android/server/pm/permission/DefaultPermissionGrantPolicy.java

@@ -434,7 +434,8 @@
                     || !pm.isGranted(Manifest.permission.READ_PRIVILEGED_PHONE_STATE,
                             pkg, UserHandle.of(userId))
                     || !pm.isGranted(Manifest.permission.READ_PHONE_STATE, pkg,
-                            UserHandle.of(userId))) {
+                            UserHandle.of(userId))
+                    || pm.isSysComponentOrPersistentPlatformSignedPrivApp(pkg)) {
                 continue;
             }
commit	74a6adb8e03af6e5c258eb3c55bf2fb49276b9d6	[log] [tgz]
author	Hai Zhang <zhanghai@google.com>	Tue Dec 14 12:36:36 2021 +0000
committer	Roman Kiryanov <rkir@google.com>	Wed Jun 15 05:31:44 2022 +0000
tree	ed9c18bb21c76784d7fae31e457626fe60d7c0a3
parent	a132abb4ca358cf581e3755f22f87d2e907f7105 [diff]