From 737ea45a84536e35db976c09d5a5c7523edff4f1 Mon Sep 17 00:00:00 2001
From: Juhyung Park <qkrwngud825@gmail.com>
Date: Tue, 21 May 2024 20:39:48 +0900
Subject: [PATCH] fs_mgr: always use "check_at_most_once"

dm-verity's overhead is non-negligible.

As we're optimizing for performance over security, always use
"check_at_most_once".

This feature is available on kernels v4.17 and onwards and is
equivalent to CONFIG_DM_ANDROID_VERITY_AT_MOST_ONCE_DEFAULT_ENABLED
on older kernels.

Change-Id: Ib8b13d8429ac62bb1553ae81a7175d33fdb2e471
Signed-off-by: Juhyung Park <qkrwngud825@gmail.com>
---
 fs_mgr/libfs_avb/avb_util.cpp | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/fs_mgr/libfs_avb/avb_util.cpp b/fs_mgr/libfs_avb/avb_util.cpp
index 90b65ce4c..4883826c7 100644
--- a/fs_mgr/libfs_avb/avb_util.cpp
+++ b/fs_mgr/libfs_avb/avb_util.cpp
@@ -79,9 +79,8 @@ bool ConstructVerityTable(const FsAvbHashtreeDescriptor& hashtree_desc,
     // Always use ignore_zero_blocks.
     target.IgnoreZeroBlocks();
 
-    if (hashtree_desc.flags & AVB_HASHTREE_DESCRIPTOR_FLAGS_CHECK_AT_MOST_ONCE) {
-        target.CheckAtMostOnce();
-    }
+    // Always check only once
+    target.CheckAtMostOnce();
 
     LINFO << "Built verity table: '" << target.GetParameterString() << "'";