From 4208690f50bac75d9ef51fca838d8ec1ab69f8f8 Mon Sep 17 00:00:00 2001
From: Sonny Sasaka <sonnysasaka@gmail.com>
Date: Tue, 3 Jun 2025 14:01:47 -0700
Subject: [PATCH] [v5.2-rhel] Skip layer digests for podman system check
 --quick

podman system check --quick currently only skips layer contents, but
practically it's not much quicker than without the flag.

This changes the flag to also skip checking layer digests which speed up
the check significantly.

In some cases, it is useful to opt for a quicker check if we prioritize
detecting and fixing severe corruption and can tolerate minor damage.

The check option is derived from CRI-O's internal repair:
https://github.com/cri-o/cri-o/blob/9e4d86d82370ad44c14649f28ebdd8f94aaa28ca/internal/lib/container_server.go#L860

Fixes: https://issues.redhat.com/browse/OCPBUGS-57982

Cherry Picks: https://github.com/containers/podman/pull/26272

Signed-off-by: Sonny Sasaka <sonnysasaka@gmail.com>
Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
---
 docs/source/markdown/podman-system-check.1.md |  2 ++
 libpod/runtime.go                             | 13 ++++++++++++-
 2 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/docs/source/markdown/podman-system-check.1.md b/docs/source/markdown/podman-system-check.1.md
index 1abe83ce6c..e30a3be935 100644
--- a/docs/source/markdown/podman-system-check.1.md
+++ b/docs/source/markdown/podman-system-check.1.md
@@ -34,6 +34,8 @@ attempts to pull images, and should be treated as though they are damaged.
 Skip checks which are known to be time-consuming.  This will prevent some types
 of errors from being detected.
 
+The exact checks performed by this option are subject to change.
+
 #### **--repair**, **-r**
 
 Remove any images which are determined to have been damaged in some way, unless
diff --git a/libpod/runtime.go b/libpod/runtime.go
index 73c607ad48..422f45b340 100644
--- a/libpod/runtime.go
+++ b/libpod/runtime.go
@@ -1274,7 +1274,18 @@ func (r *Runtime) LockConflicts() (map[uint32][]string, []uint32, error) {
 func (r *Runtime) SystemCheck(ctx context.Context, options entities.SystemCheckOptions) (entities.SystemCheckReport, error) {
 	what := storage.CheckEverything()
 	if options.Quick {
-		what = storage.CheckMost()
+		// Turn off checking layer digests and layer contents to do quick check.
+		// This is not a complete check like storage.CheckEverything(), and may fail detecting
+		// whether a file is missing from the image or its content has changed.
+		// In some cases it's desirable to trade check thoroughness for speed.
+		what = &storage.CheckOptions{
+			LayerDigests:   false,
+			LayerMountable: true,
+			LayerContents:  false,
+			LayerData:      true,
+			ImageData:      true,
+			ContainerData:  true,
+		}
 	}
 	if options.UnreferencedLayerMaximumAge != nil {
 		tmp := *options.UnreferencedLayerMaximumAge