A setback for fs-verity

The hashes of the blocks need to be verified too. The information on the disk isn't trusted. The hashes/signatures aren't generated locally but rather are shipped with the updates for those components. The fs-verity code is only used for dynamically updated components outside the base OS partitions, which are verified via a signature (vbmeta), hashes in vbmeta (boot/dtbo) and dm-verity (bootstrapped from vbmeta). Their fs-verity approach lets them extend the verification to components in the userdata partition.