privapp-permissions: add all privileged permissions for GmsCore and FakeStore

The previous whitelist only granted FAKE_PACKAGE_SIGNATURE. With
ro.control_privapp_permissions=enforce, PKMS throws a fatal exception
for each missing privileged permission, killing system_server before
ActivityManagerService can register — causing the bootloop.

Added all android.permission.* entries with protectionLevel including
"privileged" that GmsCore and FakeStore declare in their manifests.
This commit is contained in:
2026-06-16 09:38:56 +00:00
parent 324ee3a29a
commit c86c7f2f08
@@ -15,15 +15,35 @@
limitations under the License.
-->
<permissions>
<!-- Grant signature spoofing to MicroG packages only.
FAKE_PACKAGE_SIGNATURE is signature|privileged so it cannot be
requested by arbitrary apps; this file is the only grant path. -->
<!-- MicroG GmsCore (com.google.android.gms) — privileged product app -->
<privapp-permissions package="com.google.android.gms">
<permission name="android.permission.FAKE_PACKAGE_SIGNATURE"/>
<permission name="android.permission.CHANGE_DEVICE_IDLE_TEMP_WHITELIST"/>
<permission name="android.permission.DUMP"/>
<permission name="android.permission.INSTALL_LOCATION_PROVIDER"/>
<permission name="android.permission.INTERACT_ACROSS_USERS"/>
<permission name="android.permission.LOCATION_HARDWARE"/>
<permission name="android.permission.MANAGE_USB"/>
<permission name="android.permission.MODIFY_PHONE_STATE"/>
<permission name="android.permission.NETWORK_SCAN"/>
<permission name="android.permission.PROVIDE_DEFAULT_ENABLED_CREDENTIAL_SERVICE"/>
<permission name="android.permission.PROVIDE_REMOTE_CREDENTIALS"/>
<permission name="android.permission.START_ACTIVITIES_FROM_BACKGROUND"/>
<permission name="android.permission.UPDATE_APP_OPS_STATS"/>
<permission name="android.permission.WATCH_APPOPS"/>
<permission name="android.permission.WRITE_SECURE_SETTINGS"/>
</privapp-permissions>
<!-- MicroG FakeStore (com.android.vending) — privileged product app -->
<privapp-permissions package="com.android.vending">
<permission name="android.permission.FAKE_PACKAGE_SIGNATURE"/>
<permission name="android.permission.DELETE_PACKAGES"/>
<permission name="android.permission.DUMP"/>
<permission name="android.permission.INSTALL_PACKAGES"/>
<permission name="android.permission.INTERACT_ACROSS_USERS"/>
</privapp-permissions>
<!-- MicroG GsfProxy (com.google.android.gsf) — privileged product app -->
<privapp-permissions package="com.google.android.gsf">
<permission name="android.permission.FAKE_PACKAGE_SIGNATURE"/>
</privapp-permissions>