Remove incorrect use of TryLock for initial delay state in TUF autoupdater

ee/tuf/autoupdate.go

@@ -91,7 +91,8 @@ type TufAutoupdater struct {
 	updateChannel          string
 	pinnedVersions         map[autoupdatableBinary]string        // maps the binaries to their pinned versions
 	pinnedVersionGetters   map[autoupdatableBinary]func() string // maps the binaries to the knapsack function to retrieve updated pinned versions
-	initialDelayLock       *sync.Mutex
+	initialDelayLock       *sync.RWMutex                         // locks inInitialDelay value
+	inInitialDelay         bool
 	updateLock             *sync.Mutex
 	interrupt              chan struct{}
 	interrupted            bool
@@ -130,7 +131,8 @@ func NewTufAutoupdater(ctx context.Context, k types.Knapsack, metadataHttpClient
 			binaryLauncher: func() string { return k.PinnedLauncherVersion() },
 			binaryOsqueryd: func() string { return k.PinnedOsquerydVersion() },
 		},
-		initialDelayLock:       &sync.Mutex{},
+		initialDelayLock:       &sync.RWMutex{},
+		inInitialDelay:         false,
 		updateLock:             &sync.Mutex{},
 		osquerier:              osquerier,
 		osquerierRetryInterval: 30 * time.Second,
@@ -218,18 +220,17 @@ func DefaultLibraryDirectory(rootDirectory string) string {
 // we store them in.
 func (ta *TufAutoupdater) Execute() (err error) {
 	// Delay startup, if initial delay is set
-	ta.initialDelayLock.Lock() // prevent updates during delay
+	ta.setIsInInitialDelay(true)
 	select {
 	case <-ta.interrupt:
 		ta.slogger.Log(context.TODO(), slog.LevelDebug,
 			"received external interrupt during initial delay, stopping",
 		)
-		ta.initialDelayLock.Unlock()
 		return nil
 	case <-time.After(ta.knapsack.AutoupdateInitialDelay()):
 		break
 	}
-	ta.initialDelayLock.Unlock()
+	ta.setIsInInitialDelay(false)
 
 	// For now, tidy the library on startup. In the future, we will tidy the library
 	// earlier, after version selection.
@@ -278,10 +279,22 @@ func (ta *TufAutoupdater) Interrupt(_ error) {
 	ta.interrupt <- struct{}{}
 }
 
+func (ta *TufAutoupdater) setIsInInitialDelay(inInitialDelay bool) {
+	ta.initialDelayLock.Lock()
+	defer ta.initialDelayLock.Unlock()
+	ta.inInitialDelay = inInitialDelay
+}
+
+func (ta *TufAutoupdater) isInInitialDelay() bool {
+	ta.initialDelayLock.RLock()
+	defer ta.initialDelayLock.RUnlock()
+	return ta.inInitialDelay
+}
+
 // Do satisfies the actionqueue.actor interface; it allows the control server to send
 // requests down to autoupdate immediately.
 func (ta *TufAutoupdater) Do(data io.Reader) error {
-	if !ta.initialDelayLock.TryLock() {
+	if ta.isInInitialDelay() {
 		ta.slogger.Log(context.TODO(), slog.LevelWarn,
 			"received update request during initial delay, discarding",
 		)
@@ -377,7 +390,7 @@ func (ta *TufAutoupdater) FlagsChanged(flagKeys ...keys.FlagKey) {
 	}
 
 	// No updates, or we're in the initial delay
-	if len(binariesToCheckForUpdate) == 0 || !ta.initialDelayLock.TryLock() {
+	if len(binariesToCheckForUpdate) == 0 || ta.isInInitialDelay() {
 		return
 	}