From 2b6605102d0a34665778c41f99ed7301950c096b Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Wed, 31 Aug 2022 22:43:50 +0900
Subject: [PATCH] dissect-image: add environment variable to control timeout
 for waiting devlink to be configured

---
 docs/ENVIRONMENT.md        |  3 +++
 src/shared/dissect-image.c | 21 ++++++++++++++++++++-
 2 files changed, 23 insertions(+), 1 deletion(-)

diff --git a/docs/ENVIRONMENT.md b/docs/ENVIRONMENT.md
index e5afafbe102..62e064e12bc 100644
--- a/docs/ENVIRONMENT.md
+++ b/docs/ENVIRONMENT.md
@@ -384,6 +384,9 @@ disk images with `--image=` or similar:
   directories in `/usr/lib/`, `/run`, …) or passed to the kernel for validation
   against its built-in certificates.
 
+* `$SYSTEMD_DISSECT_VERITY_TIMEOUT_SEC=sec` — takes a timespan, which controls
+  the timeout waiting for the image to be configured. Defaults to 100 msec.
+
 * `$SYSTEMD_LOOP_DIRECT_IO` – takes a boolean, which controls whether to enable
   LO_FLAGS_DIRECT_IO (i.e. direct IO + asynchronous IO) on loopback block
   devices when opening them. Defaults to on, set this to "0" to disable this
diff --git a/src/shared/dissect-image.c b/src/shared/dissect-image.c
index 30a10f9239e..4782330a0c3 100644
--- a/src/shared/dissect-image.c
+++ b/src/shared/dissect-image.c
@@ -2055,9 +2055,28 @@ static int verity_partition(
                         if (!IN_SET(r, 0, -ENODEV, -ENOENT, -EBUSY))
                                 return log_debug_errno(r, "Checking whether existing verity device %s can be reused failed: %m", node);
                         if (r == 0) {
+                                usec_t timeout_usec = 100 * USEC_PER_MSEC;
+                                const char *e;
+
+                                /* On slower machines, like non-KVM vm, setting up device may take a long time.
+                                 * Let's make the timeout configurable. */
+                                e = getenv("SYSTEMD_DISSECT_VERITY_TIMEOUT_SEC");
+                                if (e) {
+                                        usec_t t;
+
+                                        r = parse_sec(e, &t);
+                                        if (r < 0)
+                                                log_debug_errno(r,
+                                                                "Failed to parse timeout specified in $SYSTEMD_DISSECT_VERITY_TIMEOUT_SEC, "
+                                                                "using the default timeout (%s).",
+                                                                FORMAT_TIMESPAN(timeout_usec, USEC_PER_MSEC));
+                                        else
+                                                timeout_usec = t;
+                                }
+
                                 /* devmapper might say that the device exists, but the devlink might not yet have been
                                  * created. Check and wait for the udev event in that case. */
-                                r = device_wait_for_devlink(node, "block", 100 * USEC_PER_MSEC, NULL);
+                                r = device_wait_for_devlink(node, "block", timeout_usec, NULL);
                                 /* Fallback to activation with a unique device if it's taking too long */
                                 if (r == -ETIMEDOUT)
                                         break;