Add a permission, INSTALL_DYNAMIC_SYSTEM

We already have a permission, MANAGE_DYNAMIC_SYSTEM, whose protection
level is signature. Only platform applications holding it can interact
directly with DynamicSystemService, a wrapper of native GsiService. In
our design, DynamicSystemInstallationService is the sole platform app
holding it.

Then we need another permission for non-platform but privileged apps.
This new permission doesn't give apps access to DynamicSystemService,
but only to system API DynamicSystemClient. DynamicSystemClient works
with underneath DynamicSystemInstallationService and allows privileged
apps to install DynamicSystem images and get status updates in our
designed manner.


Bug: 128982216
Test: verified using DynamicSystemClient.
Change-Id: I3e67322511e3ab08db87bfad40d8c3d3cf6fdfe5