Acquire ControlFileLock in relevant SQL functions.

Commit dc7d70ea added functions that read the control file, but didn't
acquire ControlFileLock.  With unlucky timing, file systems that have
weak interlocking like ext4 and ntfs could expose partially overwritten
contents, and the checksum would fail.

Back-patch to all supported releases.

Reviewed-by: David Steele <[email protected]>
Reviewed-by: Anton A. Melnikov <[email protected]>
Reviewed-by: Michael Paquier <[email protected]>
Discussion: https://postgr.es/m/20221123014224.xisi44byq3cf5psi%40awork3.anarazel.de

diff --git a/src/backend/utils/misc/pg_controldata.c b/src/backend/utils/misc/pg_controldata.c
index 209a20a8827d3223538be8befadfa2ccfec8a816..d84606bc9e9a40dd576501f5459b09759a53e013 100644 (file)
--- a/src/backend/utils/misc/pg_controldata.c
+++ b/src/backend/utils/misc/pg_controldata.c
@@ -24,6 +24,7 @@
 #include "common/controldata_utils.h"
 #include "funcapi.h"
 #include "miscadmin.h"
+#include "storage/lwlock.h"
 #include "utils/builtins.h"
 #include "utils/pg_lsn.h"
 #include "utils/timestamp.h"
@@ -54,7 +55,9 @@ pg_control_system(PG_FUNCTION_ARGS)
    tupdesc = BlessTupleDesc(tupdesc);
 
    /* read the control file */
+   LWLockAcquire(ControlFileLock, LW_SHARED);
    ControlFile = get_controlfile(DataDir, &crc_ok);
+   LWLockRelease(ControlFileLock);
    if (!crc_ok)
        ereport(ERROR,
                (errmsg("calculated CRC checksum does not match value stored in file")));
@@ -132,7 +135,9 @@ pg_control_checkpoint(PG_FUNCTION_ARGS)
    tupdesc = BlessTupleDesc(tupdesc);
 
    /* Read the control file. */
+   LWLockAcquire(ControlFileLock, LW_SHARED);
    ControlFile = get_controlfile(DataDir, &crc_ok);
+   LWLockRelease(ControlFileLock);
    if (!crc_ok)
        ereport(ERROR,
                (errmsg("calculated CRC checksum does not match value stored in file")));
@@ -235,7 +240,9 @@ pg_control_recovery(PG_FUNCTION_ARGS)
    tupdesc = BlessTupleDesc(tupdesc);
 
    /* read the control file */
+   LWLockAcquire(ControlFileLock, LW_SHARED);
    ControlFile = get_controlfile(DataDir, &crc_ok);
+   LWLockRelease(ControlFileLock);
    if (!crc_ok)
        ereport(ERROR,
                (errmsg("calculated CRC checksum does not match value stored in file")));
@@ -300,7 +307,9 @@ pg_control_init(PG_FUNCTION_ARGS)
    tupdesc = BlessTupleDesc(tupdesc);
 
    /* read the control file */
+   LWLockAcquire(ControlFileLock, LW_SHARED);
    ControlFile = get_controlfile(DataDir, &crc_ok);
+   LWLockRelease(ControlFileLock);
    if (!crc_ok)
        ereport(ERROR,
                (errmsg("calculated CRC checksum does not match value stored in file")));