From 10098986772edb381698da9111e867b4357bb5f9 Mon Sep 17 00:00:00 2001 From: Kevin Wang Date: Wed, 25 Mar 2026 02:18:53 +0000 Subject: [PATCH] tdx-attest: add timeout when waiting for configfs generation --- tdx-attest/src/linux.rs | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/tdx-attest/src/linux.rs b/tdx-attest/src/linux.rs index 89e2e06b..92d0d7f7 100644 --- a/tdx-attest/src/linux.rs +++ b/tdx-attest/src/linux.rs @@ -18,7 +18,7 @@ use std::os::unix::io::AsRawFd; use std::path::Path; use std::sync::Mutex; use std::thread; -use std::time::Duration; +use std::time::{Duration, Instant}; use thiserror::Error; @@ -53,6 +53,10 @@ const QGS_MSG_GET_QUOTE_RESP: u32 = 1; const QGS_MSG_VERSION_MAJOR: u16 = 1; const QGS_MSG_VERSION_MINOR: u16 = 0; +// ConfigFS generation wait parameters +const CONFIGFS_GEN_WAIT_TIMEOUT_SECS: u64 = 5; +const CONFIGFS_GEN_POLL_INTERVAL_MS: u64 = 10; + // ============================================================================ // ioctl definitions for /dev/tdx_guest // ============================================================================ @@ -431,12 +435,19 @@ fn write_inblob_with_retry(path: &str, data: &TdxReportData) -> Result<()> { } fn wait_for_generation_change(path: &str, current: i64) -> Result { + let deadline = Instant::now() + Duration::from_secs(CONFIGFS_GEN_WAIT_TIMEOUT_SECS); + loop { let gen = read_generation(path)?; if gen != current { return Ok(gen); } - thread::sleep(Duration::from_micros(1)); + if Instant::now() >= deadline { + return Err(TdxAttestError::QuoteFailure( + "timed out waiting for configfs generation to advance".to_string(), + )); + } + thread::sleep(Duration::from_millis(CONFIGFS_GEN_POLL_INTERVAL_MS)); } }