Auto sync2gitlab import of autofs-5.1.4-91.el8.src.rpm

This commit is contained in:
CentOS Sources 2022-12-22 06:09:59 +00:00
parent 272397f6dc
commit f4af6a8abe
10 changed files with 1141 additions and 1 deletions

View File

@ -0,0 +1,120 @@
autofs-5.1.7 - fix concat_options() error handling
From: Ian Kent <raven@themaw.net>
There's a possibility of a memory leak in the mount options processing
when calling concat_options() in parse_mount() of the Sun format map
entry parsing.
There's also a case in do_init() of the Sun map format parsing where
a previously freed value is used in a logging statement without being
set to MULL.
So ensure concat_options() always frees it's arguments so that the
handling can be consistent in all places.
Signed-off-by: Ian Kent <raven@themaw.net>
---
CHANGELOG | 1 +
modules/parse_sun.c | 24 +++++++++++-------------
2 files changed, 12 insertions(+), 13 deletions(-)
--- autofs-5.1.4.orig/CHANGELOG
+++ autofs-5.1.4/CHANGELOG
@@ -102,6 +102,7 @@
- fix hosts map deadlock on restart.
- fix deadlock with hosts map reload.
- fix memory leak in update_hosts_mounts().
+- fix concat_options() error handling.
xx/xx/2018 autofs-5.1.5
- fix flag file permission.
--- autofs-5.1.4.orig/modules/parse_sun.c
+++ autofs-5.1.4/modules/parse_sun.c
@@ -380,7 +380,8 @@ static int do_init(int argc, const char
if (!tmp) {
char *estr = strerror_r(errno, buf, MAX_ERR_BUF);
logerr(MODPREFIX "concat_options: %s", estr);
- free(gbl_options);
+ /* freed in concat_options */
+ ctxt->optstr = NULL;
} else
ctxt->optstr = tmp;
} else {
@@ -492,12 +493,16 @@ static char *concat_options(char *left,
char *ret;
if (left == NULL || *left == '\0') {
+ if (!right || *right == '\0')
+ return NULL;
ret = strdup(right);
free(right);
return ret;
}
if (right == NULL || *right == '\0') {
+ if (left == NULL || *left == '\0')
+ return NULL;
ret = strdup(left);
free(left);
return ret;
@@ -508,6 +513,8 @@ static char *concat_options(char *left,
if (ret == NULL) {
char *estr = strerror_r(errno, buf, MAX_ERR_BUF);
logerr(MODPREFIX "malloc: %s", estr);
+ free(left);
+ free(right);
return NULL;
}
@@ -988,14 +995,13 @@ static int parse_mapent(const char *ent,
if (newopt && strstr(newopt, myoptions)) {
free(myoptions);
myoptions = newopt;
- } else {
+ } else if (newopt) {
tmp = concat_options(myoptions, newopt);
if (!tmp) {
char *estr;
estr = strerror_r(errno, buf, MAX_ERR_BUF);
error(logopt, MODPREFIX
"concat_options: %s", estr);
- free(myoptions);
return 0;
}
myoptions = tmp;
@@ -1363,16 +1369,12 @@ dont_expand:
if (mnt_options && noptions && strstr(noptions, mnt_options)) {
free(mnt_options);
mnt_options = noptions;
- } else {
+ } else if (noptions) {
tmp = concat_options(mnt_options, noptions);
if (!tmp) {
char *estr = strerror_r(errno, buf, MAX_ERR_BUF);
error(ap->logopt,
MODPREFIX "concat_options: %s", estr);
- if (noptions)
- free(noptions);
- if (mnt_options)
- free(mnt_options);
free(options);
free(pmapent);
return 1;
@@ -1392,15 +1394,11 @@ dont_expand:
if (options && mnt_options && strstr(mnt_options, options)) {
free(options);
options = mnt_options;
- } else {
+ } else if (mnt_options) {
tmp = concat_options(options, mnt_options);
if (!tmp) {
char *estr = strerror_r(errno, buf, MAX_ERR_BUF);
error(ap->logopt, MODPREFIX "concat_options: %s", estr);
- if (options)
- free(options);
- if (mnt_options)
- free(mnt_options);
free(pmapent);
return 1;
}

View File

@ -0,0 +1,32 @@
autofs-5.1.8 - coverity fix for invalid access
From: Ian Kent <raven@themaw.net>
Fix invalid access in modules/parse_amd.c:do_host_mount().
Signed-off-by: Ian Kent <raven@themaw.net>
---
CHANGELOG | 1 +
modules/parse_amd.c | 1 -
2 files changed, 1 insertion(+), 1 deletion(-)
--- autofs-5.1.4.orig/CHANGELOG
+++ autofs-5.1.4/CHANGELOG
@@ -98,6 +98,7 @@
- fix invalid tsv access.
- fix parse module instance mutex naming.
- serialise lookup module open and reinit.
+- coverity fix for invalid access.
xx/xx/2018 autofs-5.1.5
- fix flag file permission.
--- autofs-5.1.4.orig/modules/parse_amd.c
+++ autofs-5.1.4/modules/parse_amd.c
@@ -1366,7 +1366,6 @@ static int do_host_mount(struct autofs_p
if (!instance) {
error(ap->logopt, MODPREFIX
"failed to create source instance for hosts map");
- close_lookup(lookup);
goto out;
}
}

View File

@ -0,0 +1,169 @@
autofs-5.1.8 - fix deadlock with hosts map reload
From: Ian Kent <raven@themaw.net>
When reloading maps the hosts map calls lookup method ->parse_mount()
for each multi-mount root entry in the map (each host) while holding
the cache read lock which leads to a cache lock deadlock.
Remove the need to hold the cache read lock by creating an independent
list of entries for the update so the lock doesn't need to be taken.
Signed-off-by: Ian Kent <raven@themaw.net>
---
CHANGELOG | 1
modules/lookup_hosts.c | 100 ++++++++++++++++++++++++++++++++++++++++---------
2 files changed, 83 insertions(+), 18 deletions(-)
--- autofs-5.1.4.orig/CHANGELOG
+++ autofs-5.1.4/CHANGELOG
@@ -100,6 +100,7 @@
- serialise lookup module open and reinit.
- coverity fix for invalid access.
- fix hosts map deadlock on restart.
+- fix deadlock with hosts map reload.
xx/xx/2018 autofs-5.1.5
- fix flag file permission.
--- autofs-5.1.4.orig/modules/lookup_hosts.c
+++ autofs-5.1.4/modules/lookup_hosts.c
@@ -201,10 +201,72 @@ static int do_parse_mount(struct autofs_
return NSS_STATUS_SUCCESS;
}
+struct update_context {
+ char *key;
+ int key_len;
+ char *entry;
+ struct update_context *next;
+};
+
+static int add_update_entry(struct update_context **entries, struct mapent *me)
+{
+ struct update_context *upd;
+ char *key, *ent;
+
+ key = strdup(me->key);
+ if (!key)
+ return 0;
+
+ ent = strdup(me->mapent);
+ if (!ent) {
+ free(key);
+ return 0;
+ }
+
+ upd = malloc(sizeof(struct update_context));
+ if (!upd) {
+ free(ent);
+ free(key);
+ return 0;
+ }
+
+ upd->key = key;
+ upd->key_len = me->len;
+ upd->entry = ent;
+ upd->next = NULL;
+ if (*entries)
+ (*entries)->next = upd;
+ *entries = upd;
+
+ return 1;
+}
+
+static void free_update_entries(struct update_context *entries)
+{
+ struct update_context *this = entries;
+
+ while (this) {
+ struct update_context *next = this->next;
+ free(this->key);
+ free(this->entry);
+ free(this);
+ this = next;
+ }
+}
+
+void entries_cleanup(void *arg)
+{
+ struct update_context *entries = arg;
+
+ free_update_entries(entries);
+}
+
static void update_hosts_mounts(struct autofs_point *ap,
struct map_source *source, time_t age,
struct lookup_context *ctxt)
{
+ struct update_context *head = NULL;
+ struct update_context *entries = NULL;
struct mapent_cache *mc;
struct mapent *me;
char *mapent;
@@ -212,6 +274,8 @@ static void update_hosts_mounts(struct a
mc = source->mc;
+ pthread_cleanup_push(entries_cleanup, head);
+
pthread_cleanup_push(cache_lock_cleanup, mc);
cache_writelock(mc);
me = cache_lookup_first(mc);
@@ -224,39 +288,39 @@ static void update_hosts_mounts(struct a
mapent = get_exports(ap, me->key);
if (mapent) {
- cache_update(mc, source, me->key, mapent, age);
+ int ret;
+
+ ret = cache_update(mc, source, me->key, mapent, age);
free(mapent);
+ if (!IS_MM_ROOT(me))
+ goto next;
+ if (ret != CHE_FAIL) {
+ if (!add_update_entry(&entries, me))
+ warn(ap->logopt, MODPREFIX
+ "failed to add update entry for %s", me->key);
+ else if (!head)
+ head = entries;
+ }
}
next:
me = cache_lookup_next(mc, me);
}
pthread_cleanup_pop(1);
- pthread_cleanup_push(cache_lock_cleanup, mc);
- cache_readlock(mc);
- me = cache_lookup_first(mc);
- while (me) {
- /*
- * Hosts map entry not yet expanded, already expired
- * or not the base of the tree
- */
- if (!IS_MM(me) || !IS_MM_ROOT(me))
- goto cont;
-
+ while (head) {
debug(ap->logopt, MODPREFIX
- "attempt to update exports for %s", me->key);
+ "attempt to update exports for %s", head->key);
master_source_current_wait(ap->entry);
ap->entry->current = source;
ap->flags |= MOUNT_FLAG_REMOUNT;
- ret = ctxt->parse->parse_mount(ap, me->key, strlen(me->key),
- me->mapent, ctxt->parse->context);
+ ret = ctxt->parse->parse_mount(ap, head->key, strlen(head->key),
+ head->entry, ctxt->parse->context);
if (ret)
warn(ap->logopt, MODPREFIX
- "failed to parse mount %s", me->mapent);
+ "failed to parse mount %s", head->entry);
ap->flags &= ~MOUNT_FLAG_REMOUNT;
-cont:
- me = cache_lookup_next(mc, me);
+ head = head->next;
}
pthread_cleanup_pop(1);
}

View File

@ -0,0 +1,97 @@
autofs-5.1.8 - fix hosts map deadlock on restart
From: Ian Kent <raven@themaw.net>
When starting automount(8) with a hosts map that has mounts that were
in use at the last exit a deadlock can occur.
In this case automount(8) will perform the same steps but not actually
perform the mount to re-construct the context of each mount. But, with
the hosts map, that leads to calling back into the sun parse module
while holding the map module read lock which will again try and take
the write lock.
Fix this by only taking the write lock in the mount code path if the
module handle has not already been opened.
Signed-off-by: Ian Kent <raven@themaw.net>
---
CHANGELOG | 1 +
daemon/lookup.c | 22 ++++++++++++----------
modules/parse_amd.c | 18 ++++++++++--------
3 files changed, 23 insertions(+), 18 deletions(-)
--- autofs-5.1.4.orig/CHANGELOG
+++ autofs-5.1.4/CHANGELOG
@@ -99,6 +99,7 @@
- fix parse module instance mutex naming.
- serialise lookup module open and reinit.
- coverity fix for invalid access.
+- fix hosts map deadlock on restart.
xx/xx/2018 autofs-5.1.5
- fix flag file permission.
--- autofs-5.1.4.orig/daemon/lookup.c
+++ autofs-5.1.4/daemon/lookup.c
@@ -815,19 +815,21 @@ int do_lookup_mount(struct autofs_point
struct lookup_mod *lookup;
int status;
- map_module_writelock(map);
if (!map->lookup) {
- status = open_lookup(map->type, "",
- map->format, map->argc, map->argv, &lookup);
- if (status != NSS_STATUS_SUCCESS) {
- map_module_unlock(map);
- debug(ap->logopt,
- "lookup module %s open failed", map->type);
- return status;
+ map_module_writelock(map);
+ if (!map->lookup) {
+ status = open_lookup(map->type, "",
+ map->format, map->argc, map->argv, &lookup);
+ if (status != NSS_STATUS_SUCCESS) {
+ map_module_unlock(map);
+ debug(ap->logopt,
+ "lookup module %s open failed", map->type);
+ return status;
+ }
+ map->lookup = lookup;
}
- map->lookup = lookup;
+ map_module_unlock(map);
}
- map_module_unlock(map);
master_source_current_wait(ap->entry);
ap->entry->current = map;
--- autofs-5.1.4.orig/modules/parse_amd.c
+++ autofs-5.1.4/modules/parse_amd.c
@@ -1370,17 +1370,19 @@ static int do_host_mount(struct autofs_p
}
}
- map_module_writelock(instance);
if (!instance->lookup) {
- status = open_lookup("hosts", MODPREFIX, NULL, argc, pargv, &lookup);
- if (status != NSS_STATUS_SUCCESS) {
- map_module_unlock(instance);
- debug(ap->logopt, "open lookup module hosts failed");
- goto out;
+ map_module_writelock(instance);
+ if (!instance->lookup) {
+ status = open_lookup("hosts", MODPREFIX, NULL, argc, pargv, &lookup);
+ if (status != NSS_STATUS_SUCCESS) {
+ map_module_unlock(instance);
+ debug(ap->logopt, "open lookup module hosts failed");
+ goto out;
+ }
+ instance->lookup = lookup;
}
- instance->lookup = lookup;
+ map_module_unlock(instance);
}
- map_module_unlock(instance);
cache_writelock(source->mc);
me = cache_lookup_distinct(source->mc, name);

View File

@ -0,0 +1,63 @@
autofs-5.1.8 - fix incorrect path for is_mounted() in try_remount()
From: Ian Kent <raven@themaw.net>
A regression was introduced when the offset mount handling was rewritten.
It resulted in an incorrect path sometimes being used in an is_mounted()
check.
Signed-off-by: Ian Kent <raven@themaw.net>
---
CHANGELOG | 1 +
lib/mounts.c | 26 +++++++++++++++++++++-----
2 files changed, 22 insertions(+), 5 deletions(-)
--- autofs-5.1.4.orig/CHANGELOG
+++ autofs-5.1.4/CHANGELOG
@@ -104,6 +104,7 @@
- fix memory leak in update_hosts_mounts().
- fix concat_options() error handling.
- fix minus only option handling in concat_options().
+- fix incorrect path for is_mounted() in try_remount().
xx/xx/2018 autofs-5.1.5
- fix flag file permission.
--- autofs-5.1.4.orig/lib/mounts.c
+++ autofs-5.1.4/lib/mounts.c
@@ -2803,14 +2803,30 @@ int try_remount(struct autofs_point *ap,
ap->flags &= ~MOUNT_FLAG_DIR_CREATED;
else
ap->flags |= MOUNT_FLAG_DIR_CREATED;
+ goto done;
+ }
+
+ me->flags &= ~MOUNT_FLAG_DIR_CREATED;
+ /* Direct or offset mount, key is full path */
+ if (MM_PARENT(me)->key[0] == '/') {
+ if (!is_mounted(MM_PARENT(me)->key, MNTS_REAL))
+ me->flags |= MOUNT_FLAG_DIR_CREATED;
} else {
- me->flags &= ~MOUNT_FLAG_DIR_CREATED;
- if (type == t_offset) {
- if (!is_mounted(MM_PARENT(me)->key, MNTS_REAL))
- me->flags |= MOUNT_FLAG_DIR_CREATED;
+ char *p_key = MM_PARENT(me)->key;
+ char mp[PATH_MAX + 1];
+ int len;
+
+ len = mount_fullpath(mp, PATH_MAX, ap->path, ap->len, p_key);
+ if (len > PATH_MAX) {
+ /* This should never happen due to earlier checks */
+ error(ap->logopt, "mountpoint path too long");
+ return 0;
}
- }
+ if (!is_mounted(mp, MNTS_REAL))
+ me->flags |= MOUNT_FLAG_DIR_CREATED;
+ }
+done:
/*
* Either we opened the mount or we're re-reading the map.
* If we opened the mount and ioctlfd is not -1 we have

View File

@ -0,0 +1,53 @@
autofs-5.1.8 - fix memory leak in update_hosts_mounts()
From: Ian Kent <raven@themaw.net>
Coverity has reported a memory leak in update_hosts_mounts() introduced
by the map reload deadlock fix.
Signed-off-by: Ian Kent <raven@themaw.net>
---
CHANGELOG | 1 +
modules/lookup_hosts.c | 13 +++++++------
2 files changed, 8 insertions(+), 6 deletions(-)
--- autofs-5.1.4.orig/CHANGELOG
+++ autofs-5.1.4/CHANGELOG
@@ -101,6 +101,7 @@
- coverity fix for invalid access.
- fix hosts map deadlock on restart.
- fix deadlock with hosts map reload.
+- fix memory leak in update_hosts_mounts().
xx/xx/2018 autofs-5.1.5
- fix flag file permission.
--- autofs-5.1.4.orig/modules/lookup_hosts.c
+++ autofs-5.1.4/modules/lookup_hosts.c
@@ -307,20 +307,21 @@ next:
}
pthread_cleanup_pop(1);
- while (head) {
+ entries = head;
+ while (entries) {
debug(ap->logopt, MODPREFIX
- "attempt to update exports for %s", head->key);
+ "attempt to update exports for %s", entries->key);
master_source_current_wait(ap->entry);
ap->entry->current = source;
ap->flags |= MOUNT_FLAG_REMOUNT;
- ret = ctxt->parse->parse_mount(ap, head->key, strlen(head->key),
- head->entry, ctxt->parse->context);
+ ret = ctxt->parse->parse_mount(ap, entries->key, strlen(entries->key),
+ entries->entry, ctxt->parse->context);
if (ret)
warn(ap->logopt, MODPREFIX
- "failed to parse mount %s", head->entry);
+ "failed to parse mount %s", entries->entry);
ap->flags &= ~MOUNT_FLAG_REMOUNT;
- head = head->next;
+ entries = entries->next;
}
pthread_cleanup_pop(1);
}

View File

@ -0,0 +1,88 @@
autofs-5.1.8 - fix minus only option handling in concat_options()
From: Ian Kent <raven@themaw.net>
While a '-' alone isn't strictly valid it hadn't previously cuased a
parse error. So commit 9047e91ffa69 (autofs-5.1.7 - fix concat_options()
error handling) introduced a regression by no longer allowing this.
Fix this regression by only failing if errno is set to a non-zero value
on return from concat_options() as well as returning NULL.
Fixes: 9047e91ffa69 (autofs-5.1.7 - fix concat_options() error handling)
Signed-off-by: Ian Kent <raven@themaw.net>
---
CHANGELOG | 1 +
modules/parse_sun.c | 25 +++++++++++++++++++------
2 files changed, 20 insertions(+), 6 deletions(-)
--- autofs-5.1.4.orig/CHANGELOG
+++ autofs-5.1.4/CHANGELOG
@@ -103,6 +103,7 @@
- fix deadlock with hosts map reload.
- fix memory leak in update_hosts_mounts().
- fix concat_options() error handling.
+- fix minus only option handling in concat_options().
xx/xx/2018 autofs-5.1.5
- fix flag file permission.
--- autofs-5.1.4.orig/modules/parse_sun.c
+++ autofs-5.1.4/modules/parse_sun.c
@@ -376,10 +376,16 @@ static int do_init(int argc, const char
if (gbl_options) {
append_options = defaults_get_append_options();
if (append_options) {
- char *tmp = concat_options(gbl_options, ctxt->optstr);
+ char *tmp;
+
+ errno = 0;
+ tmp = concat_options(gbl_options, ctxt->optstr);
if (!tmp) {
- char *estr = strerror_r(errno, buf, MAX_ERR_BUF);
- logerr(MODPREFIX "concat_options: %s", estr);
+ /* Ignore non-error NULL return */
+ if (errno) {
+ char *estr = strerror_r(errno, buf, MAX_ERR_BUF);
+ logerr(MODPREFIX "concat_options: %s", estr);
+ }
/* freed in concat_options */
ctxt->optstr = NULL;
} else
@@ -996,9 +1002,12 @@ static int parse_mapent(const char *ent,
free(myoptions);
myoptions = newopt;
} else if (newopt) {
+ errno = 0;
tmp = concat_options(myoptions, newopt);
- if (!tmp) {
+ /* Ignore non-error NULL return */
+ if (!tmp && errno) {
char *estr;
+
estr = strerror_r(errno, buf, MAX_ERR_BUF);
error(logopt, MODPREFIX
"concat_options: %s", estr);
@@ -1370,8 +1379,10 @@ dont_expand:
free(mnt_options);
mnt_options = noptions;
} else if (noptions) {
+ errno = 0;
tmp = concat_options(mnt_options, noptions);
- if (!tmp) {
+ /* Ignore non-error NULL return */
+ if (!tmp && errno) {
char *estr = strerror_r(errno, buf, MAX_ERR_BUF);
error(ap->logopt,
MODPREFIX "concat_options: %s", estr);
@@ -1395,8 +1406,10 @@ dont_expand:
free(options);
options = mnt_options;
} else if (mnt_options) {
+ errno = 0;
tmp = concat_options(options, mnt_options);
- if (!tmp) {
+ /* Ignore non-error NULL return */
+ if (!tmp && errno) {
char *estr = strerror_r(errno, buf, MAX_ERR_BUF);
error(ap->logopt, MODPREFIX "concat_options: %s", estr);
free(pmapent);

View File

@ -0,0 +1,183 @@
autofs-5.1.8 - fix parse module instance mutex naming
From: Ian Kent <raven@themaw.net>
The naming used for parse module instance locks is the same as that
used for map lookup instances. Rename these to make it clear they
are being used in the parse modules.
Signed-off-by: Ian Kent <raven@themaw.net>
---
CHANGELOG | 1 +
modules/parse_amd.c | 28 ++++++++++++++--------------
modules/parse_sun.c | 20 ++++++++++----------
3 files changed, 25 insertions(+), 24 deletions(-)
--- autofs-5.1.4.orig/CHANGELOG
+++ autofs-5.1.4/CHANGELOG
@@ -96,6 +96,7 @@
- fix handling of incorrect return from umount_ent().
- dont use initgroups() at spawn.
- fix invalid tsv access.
+- fix parse module instance mutex naming.
xx/xx/2018 autofs-5.1.5
- fix flag file permission.
--- autofs-5.1.4.orig/modules/parse_amd.c
+++ autofs-5.1.4/modules/parse_amd.c
@@ -39,18 +39,18 @@ int parse_version = AUTOFS_PARSE_VERSION
static struct mount_mod *mount_nfs = NULL;
static int init_ctr = 0;
-static pthread_mutex_t instance_mutex = PTHREAD_MUTEX_INITIALIZER;
+static pthread_mutex_t parse_instance_mutex = PTHREAD_MUTEX_INITIALIZER;
-static void instance_mutex_lock(void)
+static void parse_instance_mutex_lock(void)
{
- int status = pthread_mutex_lock(&instance_mutex);
+ int status = pthread_mutex_lock(&parse_instance_mutex);
if (status)
fatal(status);
}
-static void instance_mutex_unlock(void)
+static void parse_instance_mutex_unlock(void)
{
- int status = pthread_mutex_unlock(&instance_mutex);
+ int status = pthread_mutex_unlock(&parse_instance_mutex);
if (status)
fatal(status);
}
@@ -112,7 +112,7 @@ int parse_init(int argc, const char *con
/* We only need this once. NFS mounts are so common that we cache
this module. */
- instance_mutex_lock();
+ parse_instance_mutex_lock();
if (mount_nfs)
init_ctr++;
else {
@@ -121,11 +121,11 @@ int parse_init(int argc, const char *con
} else {
kill_context(ctxt);
*context = NULL;
- instance_mutex_unlock();
+ parse_instance_mutex_unlock();
return 1;
}
}
- instance_mutex_unlock();
+ parse_instance_mutex_unlock();
return 0;
}
@@ -1358,11 +1358,11 @@ static int do_host_mount(struct autofs_p
argc = 1;
}
- instance_mutex_lock();
+ parse_instance_mutex_lock();
status = open_lookup("hosts", MODPREFIX, NULL, argc, pargv, &lookup);
if (status != NSS_STATUS_SUCCESS) {
debug(ap->logopt, "open lookup module hosts failed");
- instance_mutex_unlock();
+ parse_instance_mutex_unlock();
goto out;
}
@@ -1374,13 +1374,13 @@ static int do_host_mount(struct autofs_p
if (!instance) {
error(ap->logopt, MODPREFIX
"failed to create source instance for hosts map");
- instance_mutex_unlock();
+ parse_instance_mutex_unlock();
close_lookup(lookup);
goto out;
}
}
instance->lookup = lookup;
- instance_mutex_unlock();
+ parse_instance_mutex_unlock();
cache_writelock(source->mc);
me = cache_lookup_distinct(source->mc, name);
@@ -2373,12 +2373,12 @@ int parse_done(void *context)
int rv = 0;
struct parse_context *ctxt = (struct parse_context *) context;
- instance_mutex_lock();
+ parse_instance_mutex_lock();
if (--init_ctr == 0) {
rv = close_mount(mount_nfs);
mount_nfs = NULL;
}
- instance_mutex_unlock();
+ parse_instance_mutex_unlock();
if (ctxt)
kill_context(ctxt);
--- autofs-5.1.4.orig/modules/parse_sun.c
+++ autofs-5.1.4/modules/parse_sun.c
@@ -41,18 +41,18 @@ int parse_version = AUTOFS_PARSE_VERSION
static struct mount_mod *mount_nfs = NULL;
static int init_ctr = 0;
-static pthread_mutex_t instance_mutex = PTHREAD_MUTEX_INITIALIZER;
+static pthread_mutex_t parse_instance_mutex = PTHREAD_MUTEX_INITIALIZER;
-static void instance_mutex_lock(void)
+static void parse_instance_mutex_lock(void)
{
- int status = pthread_mutex_lock(&instance_mutex);
+ int status = pthread_mutex_lock(&parse_instance_mutex);
if (status)
fatal(status);
}
-static void instance_mutex_unlock(void)
+static void parse_instance_mutex_unlock(void)
{
- int status = pthread_mutex_unlock(&instance_mutex);
+ int status = pthread_mutex_unlock(&parse_instance_mutex);
if (status)
fatal(status);
}
@@ -423,7 +423,7 @@ int parse_init(int argc, const char *con
/* We only need this once. NFS mounts are so common that we cache
this module. */
- instance_mutex_lock();
+ parse_instance_mutex_lock();
if (mount_nfs)
init_ctr++;
else {
@@ -431,11 +431,11 @@ int parse_init(int argc, const char *con
init_ctr++;
} else {
kill_context(ctxt);
- instance_mutex_unlock();
+ parse_instance_mutex_unlock();
return 1;
}
}
- instance_mutex_unlock();
+ parse_instance_mutex_unlock();
*context = (void *) ctxt;
@@ -1719,12 +1719,12 @@ int parse_done(void *context)
int rv = 0;
struct parse_context *ctxt = (struct parse_context *) context;
- instance_mutex_lock();
+ parse_instance_mutex_lock();
if (--init_ctr == 0) {
rv = close_mount(mount_nfs);
mount_nfs = NULL;
}
- instance_mutex_unlock();
+ parse_instance_mutex_unlock();
if (ctxt)
kill_context(ctxt);

View File

@ -0,0 +1,272 @@
autofs-5.1.8 - serialise lookup module open and reinit
From: Ian Kent <raven@themaw.net>
Add a map source lock to serialise map setting and use of module
structure fields such as the context.
Signed-off-by: Ian Kent <raven@themaw.net>
---
CHANGELOG | 1 +
daemon/lookup.c | 35 +++++++++++++++++++++--------------
daemon/master.c | 43 +++++++++++++++++++++++++++++++++++++++++++
include/master.h | 5 +++++
modules/parse_amd.c | 26 +++++++++++++++-----------
5 files changed, 85 insertions(+), 25 deletions(-)
--- autofs-5.1.4.orig/CHANGELOG
+++ autofs-5.1.4/CHANGELOG
@@ -97,6 +97,7 @@
- dont use initgroups() at spawn.
- fix invalid tsv access.
- fix parse module instance mutex naming.
+- serialise lookup module open and reinit.
xx/xx/2018 autofs-5.1.5
- fix flag file permission.
--- autofs-5.1.4.orig/daemon/lookup.c
+++ autofs-5.1.4/daemon/lookup.c
@@ -318,28 +318,27 @@ static int do_read_map(struct autofs_poi
struct lookup_mod *lookup;
int status;
- lookup = NULL;
- master_source_writelock(ap->entry);
+ pthread_cleanup_push(map_module_lock_cleanup, map);
+ map_module_writelock(map);
if (!map->lookup) {
status = open_lookup(map->type, "", map->format,
map->argc, map->argv, &lookup);
- if (status != NSS_STATUS_SUCCESS) {
- master_source_unlock(ap->entry);
+ if (status == NSS_STATUS_SUCCESS)
+ map->lookup = lookup;
+ else
debug(ap->logopt,
"lookup module %s open failed", map->type);
- return status;
- }
- map->lookup = lookup;
} else {
- lookup = map->lookup;
- status = lookup->lookup_reinit(map->format,
- map->argc, map->argv,
- &lookup->context);
+ status = map->lookup->lookup_reinit(map->format,
+ map->argc, map->argv,
+ &map->lookup->context);
if (status)
warn(ap->logopt,
"lookup module %s reinit failed", map->type);
}
- master_source_unlock(ap->entry);
+ pthread_cleanup_pop(1);
+ if (status != NSS_STATUS_SUCCESS)
+ return status;
if (!map->stale)
return NSS_STATUS_SUCCESS;
@@ -347,7 +346,11 @@ static int do_read_map(struct autofs_poi
master_source_current_wait(ap->entry);
ap->entry->current = map;
+ pthread_cleanup_push(map_module_lock_cleanup, map);
+ map_module_readlock(map);
+ lookup = map->lookup;
status = lookup->lookup_read_map(ap, age, lookup->context);
+ pthread_cleanup_pop(1);
if (status != NSS_STATUS_SUCCESS)
map->stale = 0;
@@ -812,23 +815,27 @@ int do_lookup_mount(struct autofs_point
struct lookup_mod *lookup;
int status;
+ map_module_writelock(map);
if (!map->lookup) {
status = open_lookup(map->type, "",
map->format, map->argc, map->argv, &lookup);
if (status != NSS_STATUS_SUCCESS) {
+ map_module_unlock(map);
debug(ap->logopt,
"lookup module %s open failed", map->type);
return status;
}
map->lookup = lookup;
}
-
- lookup = map->lookup;
+ map_module_unlock(map);
master_source_current_wait(ap->entry);
ap->entry->current = map;
+ map_module_readlock(map);
+ lookup = map->lookup;
status = lookup->lookup_mount(ap, name, name_len, lookup->context);
+ map_module_unlock(map);
return status;
}
--- autofs-5.1.4.orig/daemon/master.c
+++ autofs-5.1.4/daemon/master.c
@@ -65,6 +65,34 @@ void master_mutex_lock_cleanup(void *arg
return;
}
+void map_module_writelock(struct map_source *map)
+{
+ int status = pthread_rwlock_wrlock(&map->module_lock);
+ if (status)
+ fatal(status);
+}
+
+void map_module_readlock(struct map_source *map)
+{
+ int status = pthread_rwlock_rdlock(&map->module_lock);
+ if (status)
+ fatal(status);
+}
+
+void map_module_unlock(struct map_source *map)
+{
+ int status = pthread_rwlock_unlock(&map->module_lock);
+ if (status)
+ fatal(status);
+}
+
+void map_module_lock_cleanup(void *arg)
+{
+ struct map_source *map = (struct map_source *) arg;
+
+ map_module_unlock(map);
+}
+
int master_add_autofs_point(struct master_mapent *entry, unsigned logopt,
unsigned nobind, unsigned ghost, int submount)
{
@@ -155,6 +183,7 @@ master_add_map_source(struct master_mape
struct map_source *source;
char *ntype, *nformat;
const char **tmpargv;
+ int status;
source = malloc(sizeof(struct map_source));
if (!source)
@@ -241,6 +270,10 @@ master_add_map_source(struct master_mape
master_source_unlock(entry);
+ status = pthread_rwlock_init(&source->module_lock, NULL);
+ if (status)
+ fatal(status);
+
return source;
}
@@ -330,6 +363,8 @@ master_get_map_source(struct master_mape
static void __master_free_map_source(struct map_source *source, unsigned int free_cache)
{
+ int status;
+
/* instance map sources are not ref counted */
if (source->ref && --source->ref)
return;
@@ -365,6 +400,10 @@ static void __master_free_map_source(str
}
}
+ status = pthread_rwlock_destroy(&source->module_lock);
+ if (status)
+ fatal(status);
+
free(source);
return;
@@ -496,6 +535,10 @@ master_add_source_instance(struct map_so
if (status)
fatal(status);
+ status = pthread_rwlock_init(&new->module_lock, NULL);
+ if (status)
+ fatal(status);
+
return new;
}
--- autofs-5.1.4.orig/include/master.h
+++ autofs-5.1.4/include/master.h
@@ -35,6 +35,7 @@ struct map_source {
unsigned int stale;
unsigned int recurse;
unsigned int depth;
+ pthread_rwlock_t module_lock;
struct lookup_mod *lookup;
int argc;
const char **argv;
@@ -126,5 +127,9 @@ int __master_list_empty(struct master *)
int master_list_empty(struct master *);
int master_done(struct master *);
int master_kill(struct master *);
+void map_module_writelock(struct map_source *map);
+void map_module_readlock(struct map_source *map);
+void map_module_unlock(struct map_source *map);
+void map_module_lock_cleanup(void *arg);
#endif
--- autofs-5.1.4.orig/modules/parse_amd.c
+++ autofs-5.1.4/modules/parse_amd.c
@@ -1358,14 +1358,6 @@ static int do_host_mount(struct autofs_p
argc = 1;
}
- parse_instance_mutex_lock();
- status = open_lookup("hosts", MODPREFIX, NULL, argc, pargv, &lookup);
- if (status != NSS_STATUS_SUCCESS) {
- debug(ap->logopt, "open lookup module hosts failed");
- parse_instance_mutex_unlock();
- goto out;
- }
-
instance = master_find_source_instance(source,
"hosts", "sun", argc, pargv);
if (!instance) {
@@ -1374,13 +1366,22 @@ static int do_host_mount(struct autofs_p
if (!instance) {
error(ap->logopt, MODPREFIX
"failed to create source instance for hosts map");
- parse_instance_mutex_unlock();
close_lookup(lookup);
goto out;
}
}
- instance->lookup = lookup;
- parse_instance_mutex_unlock();
+
+ map_module_writelock(instance);
+ if (!instance->lookup) {
+ status = open_lookup("hosts", MODPREFIX, NULL, argc, pargv, &lookup);
+ if (status != NSS_STATUS_SUCCESS) {
+ map_module_unlock(instance);
+ debug(ap->logopt, "open lookup module hosts failed");
+ goto out;
+ }
+ instance->lookup = lookup;
+ }
+ map_module_unlock(instance);
cache_writelock(source->mc);
me = cache_lookup_distinct(source->mc, name);
@@ -1391,8 +1392,11 @@ static int do_host_mount(struct autofs_p
master_source_current_wait(ap->entry);
ap->entry->current = source;
+ map_module_readlock(instance);
+ lookup = instance->lookup;
ret = lookup->lookup_mount(ap, entry->rhost,
strlen(entry->rhost), lookup->context);
+ map_module_unlock(instance);
if (!strcmp(name, entry->rhost))
goto out;

View File

@ -8,7 +8,7 @@
Summary: A tool for automatically mounting and unmounting filesystems
Name: autofs
Version: 5.1.4
Release: 84%{?dist}
Release: 91%{?dist}
Epoch: 1
License: GPLv2+
Group: System Environment/Daemons
@ -268,6 +268,15 @@ Patch240: autofs-5.1.8-fix-handling-of-incorrect-return-from-umount_ent.patch
Patch241: autofs-5.1.8-dont-use-initgroups-at-spawn.patch
Patch242: autofs-5.1.8-fix-invalid-tsv-access.patch
Patch243: autofs-5.1.8-fix-parse-module-instance-mutex-naming.patch
Patch244: autofs-5.1.8-serialise-lookup-module-open-and-reinit.patch
Patch245: autofs-5.1.8-coverity-fix-for-invalid-access.patch
Patch246: autofs-5.1.8-fix-hosts-map-deadlock-on-restart.patch
Patch247: autofs-5.1.8-fix-deadlock-with-hosts-map-reload.patch
Patch248: autofs-5.1.8-fix-memory-leak-in-update_hosts_mounts.patch
Patch249: autofs-5.1.7-fix-concat_options-error-handling.patch
Patch250: autofs-5.1.8-fix-minus-only-option-handling-in-concat_options.patch
Patch251: autofs-5.1.8-fix-incorrect-path-for-is_mounted-in-try_remount.patch
%if %{with_systemd}
BuildRequires: systemd-units
@ -577,6 +586,15 @@ echo %{version}-%{release} > .version
%patch240 -p1
%patch241 -p1
%patch242 -p1
%patch243 -p1
%patch244 -p1
%patch245 -p1
%patch246 -p1
%patch247 -p1
%patch248 -p1
%patch249 -p1
%patch250 -p1
%patch251 -p1
%build
LDFLAGS=-Wl,-z,now
@ -672,6 +690,51 @@ fi
%dir /etc/auto.master.d
%changelog
* Mon Dec 05 2022 Ian Kent <ikent@redhat.com> - 5.1.4-91
- bz2148872 - autofs: errors in autofs-5.1.4-83.el8.x86_64 when restarting
autofs with busy directories
- fix incorrect path for is_mounted() in try_remount().
- Resolves: rhbz#2148872
* Mon Dec 05 2022 Ian Kent <ikent@redhat.com> - 5.1.4-90
- bz2149206 - RHEL9: automount does not handle null option string after
"-" anymore
- fix changelog entry.
- Related: rhbz#2149206
* Mon Dec 05 2022 Ian Kent <ikent@redhat.com> - 5.1.4-89
- bz2149206 - RHEL9: automount does not handle null option string after
"-" anymore
- fix concat_options() error handling.
- fix minus only option handling in concat_options().
- Resolves: rhbz#2149206
* Tue Nov 29 2022 Ian Kent <ikent@redhat.com> - 5.1.4-88
- bz2139504 - segfault due to lookup_mod->context address being freed
and reused while multiple threads were using it
- fix memory leak in update_hosts_mounts().
- Related: rhbz#2139504
* Sun Nov 27 2022 Ian Kent <ikent@redhat.com> - 5.1.4-87
- bz2139504 - segfault due to lookup_mod->context address being freed
and reused while multiple threads were using it
- fix hosts map deadlock on restart.
- fix deadlock with hosts map reload.
- Related: rhbz#2139504
* Wed Nov 23 2022 Ian Kent <ikent@redhat.com> - 5.1.4-86
- bz2139504 - segfault due to lookup_mod->context address being freed
and reused while multiple threads were using it
- coverity fix for invalid access.
- Related: rhbz#2139504
* Wed Nov 09 2022 Ian Kent <ikent@redhat.com> - 5.1.4-85
- bz2139504 - segfault due to lookup_mod->context address being freed
and reused while multiple threads were using it
- fix parse module instance mutex naming.
- serialise lookup module open and reinit.
- Resolves: rhbz#2139504
* Tue Oct 04 2022 Ian Kent <ikent@redhat.com> - 5.1.4-84
- bz2130034 - automount -m crashes with Segmentation fault (core dumped)
- fix invalid tsv access.