Merge "Collect APK certificates after an OTA, rather than relying on timestamps"

                    + " better than this " + pkg.getLongVersionCode());

        }

        // Verify certificates against what was last scanned. If it is an updated priv app, we will

        // force re-collecting certificate.

        final boolean forceCollect = PackageManagerServiceUtils.isApkVerificationForced(

                disabledPkgSetting);

        // Verify certificates against what was last scanned. If there was an upgrade or this is an

        // updated priv app, we will force re-collecting certificate.

        final boolean forceCollect = mIsUpgrade ||

                PackageManagerServiceUtils.isApkVerificationForced(disabledPkgSetting);

        // Full APK verification can be skipped during certificate collection, only if the file is

        // in verified partition, or can be verified on access (when apk verity is enabled). In both

        // cases, only data in Signing Block is verified instead of the whole file.