Add secure setting for package verification
Framework changes to store and read a secure setting for package verification.
Default is on/true.
This setting will be turned on/off via the Settings app.
Bug: 7082362
Change-Id: I6f93d3136add8af0dbbdc664f0473c5f5b7e3fee
diff --git a/core/java/android/provider/Settings.java b/core/java/android/provider/Settings.java
index b4841b1..1b0c775 100644
--- a/core/java/android/provider/Settings.java
+++ b/core/java/android/provider/Settings.java
@@ -4322,8 +4322,15 @@
public static final String WEB_AUTOFILL_QUERY_URL =
"web_autofill_query_url";
- /** Whether package verification is enabled. {@hide} */
- public static final String PACKAGE_VERIFIER_ENABLE = "verifier_enable";
+ /**
+ * Whether the package manager should send package verification broadcasts for verifiers to
+ * review apps prior to installation.
+ *
+ * 1 = request apps to be verified prior to installation, if a verifier exists.
+ * 0 = do not verify apps before installation
+ * {@hide}
+ */
+ public static final String PACKAGE_VERIFIER_ENABLE = "package_verifier_enable";
/** Timeout for package verification. {@hide} */
public static final String PACKAGE_VERIFIER_TIMEOUT = "verifier_timeout";
diff --git a/packages/SettingsProvider/res/values/defaults.xml b/packages/SettingsProvider/res/values/defaults.xml
index b3d9ea3..565d2f86 100644
--- a/packages/SettingsProvider/res/values/defaults.xml
+++ b/packages/SettingsProvider/res/values/defaults.xml
@@ -35,6 +35,7 @@
<bool name="def_bluetooth_on">false</bool>
<bool name="def_install_non_market_apps">false</bool>
+ <bool name="def_package_verifier_enable">true</bool>
<!-- Comma-separated list of location providers.
Network location is off by default because it requires
user opt-in via Setup Wizard or Settings.
diff --git a/packages/SettingsProvider/src/com/android/providers/settings/DatabaseHelper.java b/packages/SettingsProvider/src/com/android/providers/settings/DatabaseHelper.java
index 2785991..9c41119 100644
--- a/packages/SettingsProvider/src/com/android/providers/settings/DatabaseHelper.java
+++ b/packages/SettingsProvider/src/com/android/providers/settings/DatabaseHelper.java
@@ -64,7 +64,7 @@
// database gets upgraded properly. At a minimum, please confirm that 'upgradeVersion'
// is properly propagated through your change. Not doing so will result in a loss of user
// settings.
- private static final int DATABASE_VERSION = 81;
+ private static final int DATABASE_VERSION = 82;
private Context mContext;
@@ -1145,6 +1145,23 @@
upgradeVersion = 81;
}
+ if (upgradeVersion == 81) {
+ // Add package verification setting
+ db.beginTransaction();
+ SQLiteStatement stmt = null;
+ try {
+ stmt = db.compileStatement("INSERT OR REPLACE INTO secure(name,value)"
+ + " VALUES(?,?);");
+ loadBooleanSetting(stmt, Settings.Secure.PACKAGE_VERIFIER_ENABLE,
+ R.bool.def_package_verifier_enable);
+ db.setTransactionSuccessful();
+ } finally {
+ db.endTransaction();
+ if (stmt != null) stmt.close();
+ }
+ upgradeVersion = 82;
+ }
+
// *** Remember to update DATABASE_VERSION above!
if (upgradeVersion != currentVersion) {
@@ -1642,6 +1659,9 @@
loadBooleanSetting(stmt, Settings.Secure.INSTALL_NON_MARKET_APPS,
R.bool.def_install_non_market_apps);
+ loadBooleanSetting(stmt, Settings.Secure.PACKAGE_VERIFIER_ENABLE,
+ R.bool.def_package_verifier_enable);
+
loadStringSetting(stmt, Settings.Secure.LOCATION_PROVIDERS_ALLOWED,
R.string.def_location_providers_allowed);