Re: [PATCH 1/1] virt: tdx-guest: Optimize the get-quote polling interval time

[Kuppuswamy Sathyanarayanan]

Hi Jun,

On 2/21/2026 6:17 PM, Miao, Jun wrote:
>> On 2/11/2026 12:58 AM, Jun Miao wrote:
>>> The TD guest sends TDREPORT to the TD Quoting Enclave via a vsock or a
>>> tdvmcall. In general, vsock is indeed much faster than tdvmcall, and
>>> Quote requests usually take a few millisecond to complete rather than
>>> seconds based on actual measurements.
>>>
>>> The following get quote time via tdvmcall were obtained on the GNR:
>>>
>>> | msleep_interruptible(time)     | 1s       | 5ms      | 1ms        |
>>> | ------------------------------ | -------- | -------- | ---------- |
>>> | Duration                       | 1.004 s  | 1.005 s  | 1.036 s    |
>>> | Total(Get Quote)               | 167      | 142      | 167        |
>>> | Success:                       | 167      | 142      | 167        |
>>> | Failure:                       | 0        | 0        | 0          |
>>> | Avg total / 1s                 | 0.97     | 141.31   | 166.35     |
>>> | Avg success / 1s               | 0.97     | 141.31   | 166.35     |
>>> | Avg total / 1s / thread        | 0.97     | 141.31   | 166.35     |
>>> | Avg success / 1s / thread      | 0.97     | 141.31   | 166.35     |
>>> | Min elapsed_time               | 1025.95ms| 6.85 ms  | 2.99 ms    |
>>> | Max elapsed_time               | 1025.95ms| 10.93 ms | 10.76 ms   |
>>>
>>
>> Thanks for sharing the data!
>>
>>> According to trace analysis, the typical execution tdvmcall get the
>>> quote time is 4 ms. Therefore, 5 ms is a reasonable balance between
>>> performance efficiency and CPU overhead.
>>
>> Since the average is 4 ms, why choose 5ms?
>>
>>>
>>> And compared to the previous throughput of one request per second, the
>>> current 5ms can get 142 requests per second delivers a 142×
>>> performance improvement, which is critical for high-frequency use
>>> cases without vsock.
>>
>> Is this addressing a real customer issue or a theoretical improvement?
> 
> Hi Kuppuswamy,
> 
> From the customer issue, the more detail "Test Report"
> [PATCH 0/1] [Test Report] get qutoe time via tdvmcall
> [Background]
> Currently, many mobile device vendors (such as OPPO and Xiaomi) use TDVM for security management.
> Each mobile terminal must perform remote attestation before it can access the TDVM confidential container.
> As a result, there are a large number of remote attestation get-quote requests, especially in cases where vsock 
> is not configured or misconfigured and cannot be used.
> 

Thanks for the details.

Since it's a real issue, I'm fine with updating the polling interval to 5ms. 
Given that deployed QEs respond fast, we should also reduce the maximum wait 
time to 2 seconds (from 30 seconds) to fail faster on errors.

You can use read_poll_timeout() from <linux/iopoll.h> to simplify the 
timeout handling instead of manual loop counters.

That said, polling with fixed intervals doesn't scale well since QE response 
times vary by implementation. The proper long-term solution is still an 
interrupt-based approach to eliminate the polling overhead entirely.

-- 
Sathyanarayanan Kuppuswamy
Linux Kernel Developer