From 5e44286576e1d6ea6ce58f8b5d9ffb0ff06331f5 Mon Sep 17 00:00:00 2001 From: Steven Clark Date: Tue, 1 Oct 2024 18:21:17 -0400 Subject: [PATCH] Do not acquire a read lock twice on tidyStatusLock during tidy-status api call. --- builtin/logical/pki/backend.go | 2 ++ builtin/logical/pki/path_tidy.go | 8 +++++++- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/builtin/logical/pki/backend.go b/builtin/logical/pki/backend.go index 2b9044db4e16..615380a826fa 100644 --- a/builtin/logical/pki/backend.go +++ b/builtin/logical/pki/backend.go @@ -297,7 +297,9 @@ func Backend(conf *logical.BackendConfig) *backend { // Delay the first tidy until after we've started up, this will be reset within the initialize function now := time.Now() + b.tidyStatusLock.Lock() b.lastAutoTidy = now + b.tidyStatusLock.Unlock() // Keep track of when this mount was started up. b.mountStartup = now diff --git a/builtin/logical/pki/path_tidy.go b/builtin/logical/pki/path_tidy.go index a8971832c2b1..5e7a4b037681 100644 --- a/builtin/logical/pki/path_tidy.go +++ b/builtin/logical/pki/path_tidy.go @@ -1724,7 +1724,7 @@ func (b *backend) pathTidyStatusRead(_ context.Context, _ *logical.Request, _ *f "acme_account_safety_buffer": nil, "cert_metadata_deleted_count": nil, "cmpv2_nonce_deleted_count": nil, - "last_auto_tidy_finished": b.getLastAutoTidyTime(), + "last_auto_tidy_finished": b.getLastAutoTidyTimeWithoutLock(), // we acquired the tidyStatusLock above. }, } @@ -2126,6 +2126,12 @@ func (b *backend) updateLastAutoTidyTime(sc *storageContext, lastRunTime time.Ti func (b *backend) getLastAutoTidyTime() time.Time { b.tidyStatusLock.RLock() defer b.tidyStatusLock.RUnlock() + return b.getLastAutoTidyTimeWithoutLock() +} + +// getLastAutoTidyTimeWithoutLock should be used to read from b.lastAutoTidy with the +// b.tidyStatusLock being acquired, normally use getLastAutoTidyTime +func (b *backend) getLastAutoTidyTimeWithoutLock() time.Time { return b.lastAutoTidy }