From b08c5dd518e491f4e64de5208fd2870216042bd4 Mon Sep 17 00:00:00 2001 From: Ian Kent Date: Thu, 6 Feb 2025 09:40:29 +0800 Subject: [PATCH] - add fix for Jira RHEL-77321. --- ...x-deadlock-in-master_notify_submount.patch | 66 +++++++++++++++++++ autofs.spec | 12 +++- 2 files changed, 77 insertions(+), 1 deletion(-) create mode 100644 autofs-5.1.9-fix-deadlock-in-master_notify_submount.patch diff --git a/autofs-5.1.9-fix-deadlock-in-master_notify_submount.patch b/autofs-5.1.9-fix-deadlock-in-master_notify_submount.patch new file mode 100644 index 0000000..88802ae --- /dev/null +++ b/autofs-5.1.9-fix-deadlock-in-master_notify_submount.patch @@ -0,0 +1,66 @@ +autofs-5.1.9 - fix deadlock in master_notify_submount() + +From: Ian Kent + +A deadlock between mnts_remove_submount() and master_notify_submount() +can occur because master_notify_submount() holds the state mutex over +a call to mnts_find_submount() which then needs to take mnts_hash_mutex. +But mnts_remove_submount() takes mnts_hash_mutex and then needs to take +the state mutex to clear the ->ap field so deadlock cann occur. + +But it isn't necessary for master_notify_submount() to take the state +mutex before calling mnts_find_submount() because if the submount is' +found a reference is taken on the entry so it won't go away while it's +being used. All that's needed is to ensure that the ->ap field doesn't +get set to NULL by mnts_remove_submount() while it's being used to check +if the submount has shutdown. + +Fixes: 81ac572466e3 ("autofs-5.1.9 - fix submount shutdown race") +Signed-off-by: Ian Kent +--- + CHANGELOG | 1 + + daemon/master.c | 7 +++---- + 2 files changed, 4 insertions(+), 4 deletions(-) + +--- autofs-5.1.7.orig/CHANGELOG ++++ autofs-5.1.7/CHANGELOG +@@ -178,6 +178,7 @@ + - log when setting amd per-mount timeout. + - update per-mount expire timeout on readmap. + - clear per-mount timeout if not set. ++- fix deadlock in master_notify_submount(). + + 25/01/2021 autofs-5.1.7 + - make bind mounts propagation slave by default. +--- autofs-5.1.7.orig/daemon/master.c ++++ autofs-5.1.7/daemon/master.c +@@ -1237,26 +1237,25 @@ int master_notify_submount(struct autofs + * ST_SHUTDOWN_FORCE we need to wait until it goes away + * or changes to state ST_SHUTDOWN or ST_READY. + */ +- st_mutex_lock(); + while ((sbmnt = mnts_find_submount(path))) { + struct timespec t = { 0, 300000000 }; + struct timespec r; + ++ st_mutex_lock(); + if (!sbmnt->ap || + (sbmnt->ap->state != ST_SHUTDOWN_PENDING && + sbmnt->ap->state != ST_SHUTDOWN_FORCE)) { + ret = 0; ++ st_mutex_unlock(); + mnts_put_mount(sbmnt); + break; + } ++ st_mutex_unlock(); + mnts_put_mount(sbmnt); + +- st_mutex_unlock(); + while (nanosleep(&t, &r) == -1 && errno == EINTR) + memcpy(&t, &r, sizeof(struct timespec)); +- st_mutex_lock(); + } +- st_mutex_unlock(); + done: + mnts_put_mount(this); + } diff --git a/autofs.spec b/autofs.spec index 9408518..02740d0 100644 --- a/autofs.spec +++ b/autofs.spec @@ -12,7 +12,7 @@ Summary: A tool for automatically mounting and unmounting filesystems Name: autofs Version: 5.1.7 -Release: 59%{?dist} +Release: 60%{?dist} Epoch: 1 License: GPLv2+ Source: https://www.kernel.org/pub/linux/daemons/autofs/v5/autofs-%{version}-2.tar.gz @@ -217,6 +217,9 @@ Patch203: autofs-5.1.9-log-when-setting-amd-per-mount-timeout.patch Patch204: autofs-5.1.9-update-per-mount-expire-timeout-on-readmap.patch Patch205: autofs-5.1.7-clear-per-mount-timeout-if-not-set.patch +# JIRA: RHEL-77321 +Patch206: autofs-5.1.9-fix-deadlock-in-master_notify_submount.patch + %if %{with_systemd} BuildRequires: systemd-units BuildRequires: systemd-devel @@ -473,6 +476,8 @@ echo %{version}-%{release} > .version %patch204 -p1 %patch205 -p1 +%patch206 -p1 + %build LDFLAGS=-Wl,-z,now %configure \ @@ -580,6 +585,11 @@ fi %dir /etc/auto.master.d %changelog +* Thu Feb 06 2025 Ian Kent - 1:5.1.7-60 +- RHEL-77321 - autofs: deadlock between mnts_lookup_mount and mnts_remove_mount + - fix deadlock in master_notify_submount(). +- Resolves: RHEL-77321 + * Mon Dec 16 2024 Ian Kent - 1:5.1.7-59 - RHEL-69485 - Sporadic mount failures with amd program maps on RHEL8 - fix amd external mount error handling.