Comment 2 for bug 1558343

This is a bit messy. I think this would have regressed when this merged a few days ago:

https://review.openstack.org/#/c/288640/

Note that this has also been backported to liberty, so this bug almost certainly also now exists there. The problem is there were 2 bugs. The first, and most serious, is here:

https://github.com/openstack/nova/blob/master/nova/virt/libvirt/driver.py#L7387-L7388

This converts disks from raw to qcow2, including the config disk. As described in the comment above, though, we can't turn this off for all disks as this would open a severe security bug.

The second bug is here:

https://github.com/openstack/nova/blob/master/nova/virt/libvirt/driver.py#L3256-L3267

This unconditionally overwrites the config disk.

Until https://review.openstack.org/#/c/288640/ merged, the second bug cancelled out the effect of the first, because it unconditionally overwrote the erroneously converted qcow2 file with a new, raw file. However, after it merged, the order of these 2 bugs was reversed, so now it overwrites the old config disk and converts it to qcow2. The result is that we're presenting a qcow2 file as raw, which is obviously corrupt (but not a security bug).

The place to fix it is probably here:

https://github.com/openstack/nova/blob/master/nova/virt/libvirt/driver.py#L7345-L7347

Note that the comment is wrong, and only iterating over 'disk' and 'disk.local' would open the security bug described below if the instance has multiple ephemeral disks. Also note that the code is already broken if resizing an instance with multiple ephemeral disks, but not in a way which opens a security bug. It's probably going to be easiest just to filter out 'disk.config'. I'll look at this in more detail tomorrow.