OpenStack Compute (nova)

duplicate detach volume in nova

Bug #1461734 reported by jazeltq on 2015-06-04

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	OpenStack Compute (nova)	Expired	Undecided	Unassigned

Bug Description

right now, there are risk that nova will process duplicate detach request. To recur this problem. You can
1) create a server
2) attach a volume
3) detach multi-times
    you can use the bash downside:
    for i in {1..20}
   do
        nova volume-detach server-id volume-id &
   done

probably you will see the volume is in detaching for ever.

See original description

Tags:

zlh (68653106-3) on 2015-06-04

description:	updated
information type:	Public → Public Security

Revision history for this message

Tristan Cacqueray (tristan-cacqueray) wrote on 2015-06-04:

Is there a reason why you switch this bug to security ?

What's the impact of this bug report ?

Gary Kotton (garyk) on 2015-06-04

tags:

added: cinder

Revision history for this message

Jeremy Stanley (fungi) wrote on 2015-06-04:

Since this report concerns a possible security risk, an incomplete security advisory task has been added while the core security reviewers for the affected project or projects confirm the bug and discuss the scope of any vulnerability along with potential solutions.

Changed in ossa:
status:	New → Incomplete

jazeltq (jazeltq-k) on 2015-06-09

Changed in nova:
assignee:	nobody → jazeltq (jazeltq-k)

Revision history for this message

Markus Zoeller (markus_z) (mzoeller) wrote on 2015-06-11:

@jazeltq (jazeltq-k):

Since you are set as assignee, I switch the status of the bug to "In Progress".

Changed in nova:
status:	New → In Progress

Revision history for this message

Grant Murphy (gmurphy) wrote on 2015-07-07:

I was unable to reproduce this my test environment.. Can you please give some details of the OpenStack version, and volume driver you are using for this?

Additionally can you please confirm that you think this needs to be treated as a security vulnerability?

Revision history for this message

Grant Murphy (gmurphy) wrote on 2015-07-27:

Unless any updates are posted to this bug within the next week I'm opening this bug and removing the OSSA task.

Grant Murphy (gmurphy) on 2015-08-03

information type:	Public Security → Public
no longer affects:	ossa

Davanum Srinivas (DIMS) (dims-v) on 2016-03-04

Changed in nova:
status:	In Progress → Confirmed

Revision history for this message

John Garbutt (johngarbutt) wrote on 2016-07-12:

So I think cinder has fixed this now they have improved state handling. It moves into the detaching state, which causes the duplicates to fail.

We need to double check this again on master, so marking as invalid for now, while we wait for a valid repo steps and logs capturing the error that occurs.

It's possible this is backend specific (cinder and nova) so please give more details on the repo environment.

Changed in nova:
status:	Confirmed → Invalid
status:	Invalid → Incomplete

Sean Dague (sdague) on 2017-06-23

Changed in nova:
assignee:	jazeltq (jazeltq-k) → nobody

Revision history for this message

Launchpad Janitor (janitor) wrote on 2017-08-23:

[Expired for OpenStack Compute (nova) because there has been no activity for 60 days.]

Changed in nova:
status:	Incomplete → Expired

Report a bug

This report contains Public information

Everyone can see this information.

Duplicates of this bug

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.