Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: "Matt Thode (prometheanfire)" <prometheanfire@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] gentoo-x86 commit in sys-cluster/nova/files: CVE-2013-7130-stable-grizzly.patch CVE-2013-7130-stable-havana.patch
Date: Thu, 23 Jan 2014 16:31:32
Message-Id: 20140123163128.E5DC62004E@flycatcher.gentoo.org
1 prometheanfire 14/01/23 16:31:28
2
3 Added: CVE-2013-7130-stable-grizzly.patch
4 CVE-2013-7130-stable-havana.patch
5 Log:
6 fixes for CVE-2013-7130, old badness removed
7
8 (Portage version: 2.2.7/cvs/Linux x86_64, signed Manifest commit with key 0x2471eb3e40ac5ac3)
9
10 Revision Changes Path
11 1.1 sys-cluster/nova/files/CVE-2013-7130-stable-grizzly.patch
12
13 file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-cluster/nova/files/CVE-2013-7130-stable-grizzly.patch?rev=1.1&view=markup
14 plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-cluster/nova/files/CVE-2013-7130-stable-grizzly.patch?rev=1.1&content-type=text/plain
15
16 Index: CVE-2013-7130-stable-grizzly.patch
17 ===================================================================
18 From 35e0ee309e040a95988a433120f1eba747f6f33c Mon Sep 17 00:00:00 2001
19 From: Nikola Dipanov <ndipanov@××××××.com>
20 Date: Tue, 10 Dec 2013 17:43:17 +0100
21 Subject: [PATCH] libvirt: Fix root disk leak in live mig
22
23 This patch makes sure that i_create_images_and_backing method of the
24 libvirt driver (called in several places, but most problematic one is
25 the call in the pre_live_migration method) creates all the files the
26 instance needs that are not present.
27
28 Prioir to this patch - the method would only attempt to download the
29 image, and if it did so with the path of the ephemeral drives, it could
30 expose the image to other users as an ephemeral devices. See the related
31 bug for more detaiis.
32
33 After this patch - we properly distinguish between image, ephemeral and
34 swap files, and make sure that the imagebackend does the correct thing.
35
36 Closes-bug: #1251590
37
38 Co-authored-by: Loganathan Parthipan <parthipan@××.com>
39
40 This patch also includes part of commit
41 65386c91910ee03d947c2b8bcc226a53c30e060a, not cherry-picked as a whole
42 due to the fact that it is a trivial change, and to avoud the
43 proliferation of patches needed to fix this bug.
44
45 Change-Id: I78aa2f4243899db4f4941e77014a7e18e27fc63e
46 (cherry picked from commit c69a619668b5f44e94a8fe1a23f3d887ba2834d7)
47
48 Conflicts:
49 nova/tests/test_libvirt.py
50 nova/virt/libvirt/driver.py
51 ---
52 nova/tests/test_libvirt.py | 63 +++++++++++++++++++++++++++++++++++++++++++++
53 nova/virt/libvirt/driver.py | 31 +++++++++++++++-------
54 2 files changed, 85 insertions(+), 9 deletions(-)
55
56 diff --git a/nova/tests/test_libvirt.py b/nova/tests/test_libvirt.py
57 index d2ac73b..d9c7405 100644
58 --- a/nova/tests/test_libvirt.py
59 +++ b/nova/tests/test_libvirt.py
60 @@ -2346,6 +2346,69 @@ class LibvirtConnTestCase(test.TestCase):
61
62 db.instance_destroy(self.context, instance_ref['uuid'])
63
64 + def test_create_images_and_backing(self):
65 + conn = libvirt_driver.LibvirtDriver(fake.FakeVirtAPI(), False)
66 + self.mox.StubOutWithMock(conn, '_fetch_instance_kernel_ramdisk')
67 + self.mox.StubOutWithMock(libvirt_driver.libvirt_utils, 'create_image')
68 +
69 + libvirt_driver.libvirt_utils.create_image(mox.IgnoreArg(),
70 + mox.IgnoreArg(),
71 + mox.IgnoreArg())
72 + conn._fetch_instance_kernel_ramdisk(self.context, self.test_instance)
73 + self.mox.ReplayAll()
74 +
75 + self.stubs.Set(os.path, 'exists', lambda *args: False)
76 + disk_info_json = jsonutils.dumps([{'path': 'foo', 'type': None,
77 + 'disk_size': 0,
78 + 'backing_file': None}])
79 + conn._create_images_and_backing(self.context, self.test_instance,
80 + "/fake/instance/dir", disk_info_json)
81 +
82 + def test_create_images_and_backing_ephemeral_gets_created(self):
83 + conn = libvirt_driver.LibvirtDriver(fake.FakeVirtAPI(), False)
84 + disk_info_json = jsonutils.dumps(
85 + [{u'backing_file': u'fake_image_backing_file',
86 + u'disk_size': 10747904,
87 + u'path': u'disk_path',
88 + u'type': u'qcow2',
89 + u'virt_disk_size': 25165824},
90 + {u'backing_file': u'ephemeral_1_default',
91 + u'disk_size': 393216,
92 + u'over_committed_disk_size': 1073348608,
93 + u'path': u'disk_eph_path',
94 + u'type': u'qcow2',
95 + u'virt_disk_size': 1073741824}])
96 +
97 + base_dir = os.path.join(CONF.instances_path, '_base')
98 + ephemeral_target = os.path.join(base_dir, 'ephemeral_1_default')
99 + image_target = os.path.join(base_dir, 'fake_image_backing_file')
100 + self.test_instance.update({'name': 'fake_instance',
101 + 'user_id': 'fake-user',
102 + 'os_type': None,
103 + 'project_id': 'fake-project'})
104 +
105 + self.mox.StubOutWithMock(libvirt_driver.libvirt_utils, 'fetch_image')
106 + self.mox.StubOutWithMock(conn, '_create_ephemeral')
107 + self.mox.StubOutWithMock(conn, '_fetch_instance_kernel_ramdisk')
108 +
109 + conn._create_ephemeral(
110 + target=ephemeral_target,
111 + ephemeral_size=self.test_instance['ephemeral_gb'],
112 + max_size=mox.IgnoreArg(), os_type=mox.IgnoreArg(),
113 + fs_label=mox.IgnoreArg())
114 + libvirt_driver.libvirt_utils.fetch_image(context=self.context,
115 + image_id=mox.IgnoreArg(),
116 + user_id=mox.IgnoreArg(), project_id=mox.IgnoreArg(),
117 + max_size=mox.IgnoreArg(), target=image_target)
118 + conn._fetch_instance_kernel_ramdisk(
119 + self.context, self.test_instance).AndReturn(None)
120 +
121 + self.mox.ReplayAll()
122 +
123 + conn._create_images_and_backing(self.context, self.test_instance,
124 + "/fake/instance/dir",
125 + disk_info_json)
126 +
127 def test_pre_live_migration_works_correctly_mocked(self):
128 # Creating testdata
129 vol = {'block_device_mapping': [
130 diff --git a/nova/virt/libvirt/driver.py b/nova/virt/libvirt/driver.py
131 index 0f0ea46..39191af 100755
132 --- a/nova/virt/libvirt/driver.py
133 +++ b/nova/virt/libvirt/driver.py
134 @@ -3304,19 +3304,32 @@ class LibvirtDriver(driver.ComputeDriver):
135 elif info['backing_file']:
136 # Creating backing file follows same way as spawning instances.
137 cache_name = os.path.basename(info['backing_file'])
138 - # Remove any size tags which the cache manages
139 - cache_name = cache_name.split('_')[0]
140
141 image = self.image_backend.image(instance,
142 instance_disk,
143 CONF.libvirt_images_type)
144 - image.cache(fetch_func=libvirt_utils.fetch_image,
145 - context=ctxt,
146 - filename=cache_name,
147 - image_id=instance['image_ref'],
148 - user_id=instance['user_id'],
149 - project_id=instance['project_id'],
150 - size=info['virt_disk_size'])
151 + if cache_name.startswith('ephemeral'):
152 + image.cache(fetch_func=self._create_ephemeral,
153 + fs_label=cache_name,
154 + os_type=instance["os_type"],
155 + filename=cache_name,
156 + size=info['virt_disk_size'],
157 + ephemeral_size=instance['ephemeral_gb'])
158 + elif cache_name.startswith('swap'):
159 + inst_type = flavors.extract_flavor(instance)
160 + swap_mb = inst_type['swap']
161 + image.cache(fetch_func=self._create_swap,
162 + filename="swap_%s" % swap_mb,
163 + size=swap_mb * unit.Mi,
164 + swap_mb=swap_mb)
165 + else:
166 + image.cache(fetch_func=libvirt_utils.fetch_image,
167 + context=ctxt,
168 + filename=cache_name,
169 + image_id=instance['image_ref'],
170 + user_id=instance['user_id'],
171 + project_id=instance['project_id'],
172 + size=info['virt_disk_size'])
173
174 # if image has kernel and ramdisk, just download
175 # following normal way.
176 --
177 1.8.3.1
178
179
180
181
182 1.1 sys-cluster/nova/files/CVE-2013-7130-stable-havana.patch
183
184 file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-cluster/nova/files/CVE-2013-7130-stable-havana.patch?rev=1.1&view=markup
185 plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-cluster/nova/files/CVE-2013-7130-stable-havana.patch?rev=1.1&content-type=text/plain
186
187 Index: CVE-2013-7130-stable-havana.patch
188 ===================================================================
189 From c8423d648d578397e2742f9d0b21c90171e2efc3 Mon Sep 17 00:00:00 2001
190 From: Nikola Dipanov <ndipanov@××××××.com>
191 Date: Tue, 10 Dec 2013 17:43:17 +0100
192 Subject: [PATCH] libvirt: Fix root disk leak in live mig
193
194 This patch makes sure that i_create_images_and_backing method of the
195 libvirt driver (called in several places, but most problematic one is
196 the call in the pre_live_migration method) creates all the files the
197 instance needs that are not present.
198
199 Prioir to this patch - the method would only attempt to download the
200 image, and if it did so with the path of the ephemeral drives, it could
201 expose the image to other users as an ephemeral devices. See the related
202 bug for more detaiis.
203
204 After this patch - we properly distinguish between image, ephemeral and
205 swap files, and make sure that the imagebackend does the correct thing.
206
207 Closes-bug: #1251590
208
209 Co-authored-by: Loganathan Parthipan <parthipan@××.com>
210
211 Change-Id: I78aa2f4243899db4f4941e77014a7e18e27fc63e
212 (cherry picked from commit c69a619668b5f44e94a8fe1a23f3d887ba2834d7)
213
214 Conflicts:
215 nova/virt/libvirt/driver.py
216 ---
217 nova/tests/virt/libvirt/test_libvirt.py | 42 +++++++++++++++++++++++++++++++++
218 nova/virt/libvirt/driver.py | 31 +++++++++++++++++-------
219 2 files changed, 65 insertions(+), 8 deletions(-)
220
221 diff --git a/nova/tests/virt/libvirt/test_libvirt.py b/nova/tests/virt/libvirt/test_libvirt.py
222 index c176985..191b3f8 100644
223 --- a/nova/tests/virt/libvirt/test_libvirt.py
224 +++ b/nova/tests/virt/libvirt/test_libvirt.py
225 @@ -3047,6 +3047,48 @@ class LibvirtConnTestCase(test.TestCase):
226 conn._create_images_and_backing(self.context, self.test_instance,
227 "/fake/instance/dir", disk_info_json)
228
229 + def test_create_images_and_backing_ephemeral_gets_created(self):
230 + conn = libvirt_driver.LibvirtDriver(fake.FakeVirtAPI(), False)
231 + disk_info_json = jsonutils.dumps(
232 + [{u'backing_file': u'fake_image_backing_file',
233 + u'disk_size': 10747904,
234 + u'path': u'disk_path',
235 + u'type': u'qcow2',
236 + u'virt_disk_size': 25165824},
237 + {u'backing_file': u'ephemeral_1_default',
238 + u'disk_size': 393216,
239 + u'over_committed_disk_size': 1073348608,
240 + u'path': u'disk_eph_path',
241 + u'type': u'qcow2',
242 + u'virt_disk_size': 1073741824}])
243 +
244 + base_dir = os.path.join(CONF.instances_path,
245 + CONF.image_cache_subdirectory_name)
246 + self.test_instance.update({'name': 'fake_instance',
247 + 'user_id': 'fake-user',
248 + 'os_type': None,
249 + 'project_id': 'fake-project'})
250 +
251 + with contextlib.nested(
252 + mock.patch.object(conn, '_fetch_instance_kernel_ramdisk'),
253 + mock.patch.object(libvirt_driver.libvirt_utils, 'fetch_image'),
254 + mock.patch.object(conn, '_create_ephemeral')
255 + ) as (fetch_kernel_ramdisk_mock, fetch_image_mock,
256 + create_ephemeral_mock):
257 + conn._create_images_and_backing(self.context, self.test_instance,
258 + "/fake/instance/dir",
259 + disk_info_json)
260 + self.assertEqual(len(create_ephemeral_mock.call_args_list), 1)
261 + m_args, m_kwargs = create_ephemeral_mock.call_args_list[0]
262 + self.assertEqual(
263 + os.path.join(base_dir, 'ephemeral_1_default'),
264 + m_kwargs['target'])
265 + self.assertEqual(len(fetch_image_mock.call_args_list), 1)
266 + m_args, m_kwargs = fetch_image_mock.call_args_list[0]
267 + self.assertEqual(
268 + os.path.join(base_dir, 'fake_image_backing_file'),
269 + m_kwargs['target'])
270 +
271 def test_create_images_and_backing_disk_info_none(self):
272 conn = libvirt_driver.LibvirtDriver(fake.FakeVirtAPI(), False)
273 self.mox.StubOutWithMock(conn, '_fetch_instance_kernel_ramdisk')
274 diff --git a/nova/virt/libvirt/driver.py b/nova/virt/libvirt/driver.py
275 index 500ce51..c74b2ad 100644
276 --- a/nova/virt/libvirt/driver.py
277 +++ b/nova/virt/libvirt/driver.py
278 @@ -4209,14 +4209,29 @@ class LibvirtDriver(driver.ComputeDriver):
279
280 image = self.image_backend.image(instance,
281 instance_disk,
282 - CONF.libvirt_images_type)
283 - image.cache(fetch_func=libvirt_utils.fetch_image,
284 - context=context,
285 - filename=cache_name,
286 - image_id=instance['image_ref'],
287 - user_id=instance['user_id'],
288 - project_id=instance['project_id'],
289 - size=info['virt_disk_size'])
290 + CONF.libvirt.images_type)
291 + if cache_name.startswith('ephemeral'):
292 + image.cache(fetch_func=self._create_ephemeral,
293 + fs_label=cache_name,
294 + os_type=instance["os_type"],
295 + filename=cache_name,
296 + size=info['virt_disk_size'],
297 + ephemeral_size=instance['ephemeral_gb'])
298 + elif cache_name.startswith('swap'):
299 + inst_type = flavors.extract_flavor(instance)
300 + swap_mb = inst_type['swap']
301 + image.cache(fetch_func=self._create_swap,
302 + filename="swap_%s" % swap_mb,
303 + size=swap_mb * unit.Mi,
304 + swap_mb=swap_mb)
305 + else:
306 + image.cache(fetch_func=libvirt_utils.fetch_image,
307 + context=context,
308 + filename=cache_name,
309 + image_id=instance['image_ref'],
310 + user_id=instance['user_id'],
311 + project_id=instance['project_id'],
312 + size=info['virt_disk_size'])
313
314 # if image has kernel and ramdisk, just download
315 # following normal way.
316 --
317 1.8.3.1
Report Message
Find on MARC Find on Google Groups