From f273ba9e4c4d80fbd6769210f8e90731f1f5edd8 Mon Sep 17 00:00:00 2001
From: pawelpros <pawel.proskurnicki@intel.com>
Date: Fri, 6 Sep 2024 10:51:01 +0200
Subject: [PATCH] Added sleep time to avoid stale report after nvindex update
 (#59)

- Published changes as version 0.7.0

Signed-off-by: Pawel Proskurnicki <pawel.proskurnicki@intel.com>
---
 az-cvm-vtpm/Cargo.toml             | 2 +-
 az-cvm-vtpm/az-snp-vtpm/Cargo.toml | 4 ++--
 az-cvm-vtpm/az-tdx-vtpm/Cargo.toml | 4 ++--
 az-cvm-vtpm/src/vtpm/mod.rs        | 7 ++++++-
 4 files changed, 11 insertions(+), 6 deletions(-)

diff --git a/az-cvm-vtpm/Cargo.toml b/az-cvm-vtpm/Cargo.toml
index 63c6b56..a216902 100644
--- a/az-cvm-vtpm/Cargo.toml
+++ b/az-cvm-vtpm/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "az-cvm-vtpm"
-version = "0.6.0"
+version = "0.7.0"
 edition = "2021"
 repository = "https://github.com/kinvolk/azure-cvm-tooling/"
 license = "MIT"
diff --git a/az-cvm-vtpm/az-snp-vtpm/Cargo.toml b/az-cvm-vtpm/az-snp-vtpm/Cargo.toml
index 3f98afc..153687c 100644
--- a/az-cvm-vtpm/az-snp-vtpm/Cargo.toml
+++ b/az-cvm-vtpm/az-snp-vtpm/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "az-snp-vtpm"
-version = "0.6.0"
+version = "0.7.0"
 edition = "2021"
 repository = "https://github.com/kinvolk/azure-cvm-tooling/"
 license = "MIT"
@@ -17,7 +17,7 @@ path = "src/main.rs"
 required-features = ["attester", "verifier"]
 
 [dependencies]
-az-cvm-vtpm = { path = "..", version = "0.6.0" }
+az-cvm-vtpm = { path = "..", version = "0.7.0" }
 bincode.workspace = true
 clap.workspace = true
 openssl = { workspace = true, optional = true }
diff --git a/az-cvm-vtpm/az-tdx-vtpm/Cargo.toml b/az-cvm-vtpm/az-tdx-vtpm/Cargo.toml
index a499e26..5521a5d 100644
--- a/az-cvm-vtpm/az-tdx-vtpm/Cargo.toml
+++ b/az-cvm-vtpm/az-tdx-vtpm/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "az-tdx-vtpm"
-version = "0.6.0"
+version = "0.7.0"
 edition = "2021"
 repository = "https://github.com/kinvolk/azure-cvm-tooling/"
 license = "MIT"
@@ -16,7 +16,7 @@ name = "tdx-vtpm"
 path = "src/main.rs"
 
 [dependencies]
-az-cvm-vtpm = { path = "..", version = "0.6.0" }
+az-cvm-vtpm = { path = "..", version = "0.7.0" }
 base64-url = "3.0.0"
 bincode.workspace = true
 serde.workspace = true
diff --git a/az-cvm-vtpm/src/vtpm/mod.rs b/az-cvm-vtpm/src/vtpm/mod.rs
index f4baf63..49a8ad4 100644
--- a/az-cvm-vtpm/src/vtpm/mod.rs
+++ b/az-cvm-vtpm/src/vtpm/mod.rs
@@ -1,8 +1,10 @@
 // Copyright (c) Microsoft Corporation.
 // Licensed under the MIT License.
 
+use core::time::Duration;
 use serde::{Deserialize, Serialize};
 use std::io::Write;
+use std::thread;
 use thiserror::Error;
 use tss_esapi::abstraction::{nv, pcr, public::DecodedKey};
 use tss_esapi::attributes::NvIndexAttributesBuilder;
@@ -102,13 +104,16 @@ pub fn get_report() -> Result<Vec<u8>, ReportError> {
 }
 
 /// Retrieve a fresh HCL report from a nvindex. The specified report_data will be reflected
-/// in the HCL report in its user_data field and mixed into a hash in the TEE report's report_data
+/// in the HCL report in its user_data field and mixed into a hash in the TEE report's report_data.
+/// The Function contains a 3 seconds delay to avoid retrieving a stale report.
 pub fn get_report_with_report_data(report_data: &[u8]) -> Result<Vec<u8>, ReportError> {
     let (nv_index, mut context) = get_session_context()?;
 
     let nv_index_report_data = NvIndexTpmHandle::new(INDEX_REPORT_DATA)?;
     write_nv_index(&mut context, nv_index_report_data, report_data)?;
 
+    thread::sleep(Duration::new(3, 0));
+
     let report = nv::read_full(&mut context, NvAuth::Owner, nv_index)?;
     Ok(report)
 }