autofs-5.0.6 - fix submount shutdown race

From: Ian Kent <ikent@redhat.com>

Shutdown of submounts is problematic because the kernel doesn't
know when they are going away and so cannot block path walks
while they shut down. After aquiring the locks that cause mount
requests to wait, the daemon checks if the submount is active before
finally umounting it. If the mount is found to be busy the shutdown
is abandoned and the submount returned to a ready state.

But, if a mount request arrives at the same time as the daemon is
attempting to aquire these locks pthreads appears to become confused
and blocks. So change to using the try version of the lock call and
handling the return appropriately.
---

 CHANGELOG          |    1 +
 daemon/automount.c |   76 ++++++++++++++++++++++++++++++++++++++++------------
 2 files changed, 60 insertions(+), 17 deletions(-)


diff --git a/CHANGELOG b/CHANGELOG
index cac450f..cb9ac75 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -10,6 +10,7 @@
 - fix not bind mounting local filesystem.
 - add "dir" map-type.
 - fix wait for master source mutex.
+- fix submount shutdown race.
 
 28/06/2011 autofs-5.0.6
 -----------------------
diff --git a/daemon/automount.c b/daemon/automount.c
index 376e965..4f3151f 100644
--- a/daemon/automount.c
+++ b/daemon/automount.c
@@ -1495,6 +1495,41 @@ static void handle_mounts_cleanup(void *arg)
 	return;
 }
 
+static int submount_source_writelock_nested(struct autofs_point *ap)
+{
+	struct autofs_point *parent = ap->parent;
+	int status;
+
+	status = pthread_rwlock_trywrlock(&parent->entry->source_lock);
+	if (status)
+		goto done;
+
+	mounts_mutex_lock(parent);
+
+	status = pthread_rwlock_trywrlock(&ap->entry->source_lock);
+	if (status) {
+		mounts_mutex_unlock(parent);
+		master_source_unlock(parent->entry);
+	}
+
+done:
+	if (status && status != EBUSY) {
+		logmsg("submount nested master_mapent source write lock failed");
+		fatal(status);
+	}
+
+	return status;
+}
+
+static void submount_source_unlock_nested(struct autofs_point *ap)
+{
+	struct autofs_point *parent = ap->parent;
+
+	master_source_unlock(ap->entry);
+	mounts_mutex_unlock(parent);
+	master_source_unlock(parent->entry);
+}
+
 void *handle_mounts(void *arg)
 {
 	struct startup_cond *suc;
@@ -1565,23 +1600,32 @@ void *handle_mounts(void *arg)
 			master_mutex_lock();
 
 			if (ap->submount) {
-				master_source_writelock(ap->parent->entry);
-				mounts_mutex_lock(ap->parent);
-			}
-
-			master_source_writelock(ap->entry);
+				/*
+				 * If a mount request arrives before the locks are
+				 * aquired just return to ready state.
+				 */
+				ret = submount_source_writelock_nested(ap);
+				if (ret) {
+					warn(ap->logopt,
+					     "can't shutdown submount: mount in progress");
+					/* Return to ST_READY is done immediately */
+					st_add_task(ap, ST_READY);
+					master_mutex_unlock();
+					pthread_setcancelstate(cur_state, NULL);
+					continue;
+				}
+			} else
+				master_source_writelock(ap->entry);
 
 			if (ap->state != ST_SHUTDOWN) {
 				if (!ap->submount)
 					alarm_add(ap, ap->exp_runfreq);
 				/* Return to ST_READY is done immediately */
 				st_add_task(ap, ST_READY);
-				master_source_unlock(ap->entry);
-				if (ap->submount) {
-					mounts_mutex_unlock(ap->parent);
-					master_source_unlock(ap->parent->entry);
-				}
-
+				if (ap->submount)
+					submount_source_unlock_nested(ap);
+				else
+					master_source_unlock(ap->entry);
 				master_mutex_unlock();
 
 				pthread_setcancelstate(cur_state, NULL);
@@ -1621,12 +1665,10 @@ void *handle_mounts(void *arg)
 				alarm_add(ap, ap->exp_runfreq);
 			/* Return to ST_READY is done immediately */
 			st_add_task(ap, ST_READY);
-			master_source_unlock(ap->entry);
-			if (ap->submount) {
-				mounts_mutex_unlock(ap->parent);
-				master_source_unlock(ap->parent->entry);
-			}
-
+			if (ap->submount)
+				submount_source_unlock_nested(ap);
+			else
+				master_source_unlock(ap->entry);
 			master_mutex_unlock();
 
 			pthread_setcancelstate(cur_state, NULL);