The flavor hide_hypervisor_id value can be overridden by the image img_hide_hypervisor_id
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Compute (nova) |
In Progress
|
Undecided
|
Stephen Finucane |
Bug Description
During the implementation of enabling hypervisor hiding for windows guests
it became apparent that a latent bug exits that allows non privaldges users
to override the policy set by the admin in the flavor by uploading a custom image.
by convention back in the havan/icehouse days we used to allow the flavor to take precendece
over the image if there was a conflcit and log a warning. sometime aound liberty/mitaka we decided
that was a bad user experence for endusers as they did not recive what they asked for and started to convert all confict into a hard error. The only case where we intentionally allow the image to take prescedece over the flavor is hw:mem_page_size where it is allows if an only if the adming has set hw:mem_p[age_size to large or any expcltly. in other words unless the admin has opted in to allowing ther image to take precendece by not setting a value in the flavor or setint it to a value that allows the image to refine the choice we do not support image overriding flavors.
the current code does exactly that by the use of a logical or
flavor_hide_kvm = strutils.
if (virt_type in ("qemu", "kvm") and
and the new code
hide_hypervisor_id = (strutils.
exibits the same behavior.
in both cases if img_hide_
hypervior hiding will be enabled.
in this specific case the side-effects of this are safe but it may not be in all
cases of this pattern.
Changed in nova: | |
assignee: | Eric Fried (efried) → Stephen Finucane (stephenfinucane) |
Fix proposed to branch: master /review. opendev. org/663365
Review: https:/