OpenStack Compute (nova)

[kilo] libvirt block migrations fail due to disk_info being an encoded JSON string

Bug #1558697 reported by Lee Yarwood
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Compute (nova)
Invalid
Undecided
Unassigned
Kilo
Fix Released
High
Matt Riedemann
OpenStack Compute (nova) 2015.1.4
OpenStack Security Advisory
Fix Released
Undecided
Unassigned

Bug Description

The fix for OSSA 2016-007 / CVE-2016-2140 in f302bf04 assumed that disk_info is always a plain, decoded list. However prior to Liberty when preforming a live block migration the compute manager populates disk_info with an encoded JSON string when calling self.driver.get_instance_disk_info. In the live migration case without block migration disk_info remains a plain decoded list.

More details with an example trace downstream in the following bug :

live migration without shared storage fails in pre_live_migration after upgrade to 2015.1.2-18.2
https://bugzilla.redhat.com/show_bug.cgi?id=1318722

CVE References

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to nova (stable/kilo)

Fix proposed to branch: stable/kilo
Review: https://review.openstack.org/294205

Matt Riedemann (mriedem)
Changed in nova:
status: New → Invalid
Revision history for this message
Tristan Cacqueray (tristan-cacqueray) wrote :

Since f302bf04 was referenced in the advisory, we may have to send another ERRATA to include the additional patch. I've added an OSSA task to keep track of that effort.

Changed in ossa:
status: New → Incomplete
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to nova (stable/kilo)

Reviewed: https://review.openstack.org/294205
Committed: https://git.openstack.org/cgit/openstack/nova/commit/?id=a0b86d806ee10bead7da7b0987362d9b6e31889e
Submitter: Jenkins
Branch: stable/kilo

commit a0b86d806ee10bead7da7b0987362d9b6e31889e
Author: Lee Yarwood <email address hidden>
Date: Thu Mar 17 16:36:08 2016 +0000

    libvirt: Decode disk_info before use

    The fix for OSSA 2016-007 / CVE-2016-2140 in f302bf04 assumed that
    disk_info is always a plain, decoded list. However prior to Liberty
    when preforming a live block migration the compute manager populates
    disk_info with an encoded JSON string when calling
    self.driver.get_instance_disk_info. In the live migration case without
    block migration disk_info is None.

    As a result we should always decode disk_info when a block migration
    is called for to ensure that we can iterate over the disks and rebuild
    the disk.info file.

    The following change removed the JSON encoding from
    get_instance_disk_info and other methods within the libvirt driver for
    Liberty.

    libvirt: Remove unnecessary JSON conversions
    https://review.openstack.org/#/c/177437/6

    Closes-Bug: #1558697
    Change-Id: Icfe1f23cc3af2d0166dac82109111e341623fc4a

Tristan Cacqueray (tristan-cacqueray)
Changed in ossa:
status: Incomplete → Confirmed
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix proposed to ossa (master)

Related fix proposed to branch: master
Review: https://review.openstack.org/298973

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix merged to ossa (master)

Reviewed: https://review.openstack.org/298973
Committed: https://git.openstack.org/cgit/openstack/ossa/commit/?id=ffcfc1a6fc7acd6c4e718c98ae705a65079f7a4e
Submitter: Jenkins
Branch: master

commit ffcfc1a6fc7acd6c4e718c98ae705a65079f7a4e
Author: Tristan Cacqueray <email address hidden>
Date: Tue Mar 29 16:39:52 2016 -0400

    Updates OSSA 2016-007 with ERRATA#2

    Change-Id: Icbf47637ac9d5afa17afb0656d8374b4bf2562fb
    Related-Bug: #1558697

Tristan Cacqueray (tristan-cacqueray)
Changed in ossa:
status: Confirmed → Fix Released
Revision history for this message
Doug Hellmann (doug-hellmann) wrote : Fix included in openstack/nova 2015.1.4

This issue was fixed in the openstack/nova 2015.1.4 release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote :

This issue was fixed in the openstack/nova 2015.1.4 release.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.