[kilo] libvirt block migrations fail due to disk_info being an encoded JSON string

Bug #1558697 reported by Lee Yarwood on 2016-03-17
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Compute (nova)
Undecided
Unassigned
Kilo
High
Matt Riedemann
OpenStack Security Advisory
Undecided
Unassigned

Bug Description

The fix for OSSA 2016-007 / CVE-2016-2140 in f302bf04 assumed that disk_info is always a plain, decoded list. However prior to Liberty when preforming a live block migration the compute manager populates disk_info with an encoded JSON string when calling self.driver.get_instance_disk_info. In the live migration case without block migration disk_info remains a plain decoded list.

More details with an example trace downstream in the following bug :

live migration without shared storage fails in pre_live_migration after upgrade to 2015.1.2-18.2
https://bugzilla.redhat.com/show_bug.cgi?id=1318722

CVE References

Matt Riedemann (mriedem) on 2016-03-17
Changed in nova:
status: New → Invalid

Since f302bf04 was referenced in the advisory, we may have to send another ERRATA to include the additional patch. I've added an OSSA task to keep track of that effort.

Changed in ossa:
status: New → Incomplete

Reviewed: https://review.openstack.org/294205
Committed: https://git.openstack.org/cgit/openstack/nova/commit/?id=a0b86d806ee10bead7da7b0987362d9b6e31889e
Submitter: Jenkins
Branch: stable/kilo

commit a0b86d806ee10bead7da7b0987362d9b6e31889e
Author: Lee Yarwood <email address hidden>
Date: Thu Mar 17 16:36:08 2016 +0000

    libvirt: Decode disk_info before use

    The fix for OSSA 2016-007 / CVE-2016-2140 in f302bf04 assumed that
    disk_info is always a plain, decoded list. However prior to Liberty
    when preforming a live block migration the compute manager populates
    disk_info with an encoded JSON string when calling
    self.driver.get_instance_disk_info. In the live migration case without
    block migration disk_info is None.

    As a result we should always decode disk_info when a block migration
    is called for to ensure that we can iterate over the disks and rebuild
    the disk.info file.

    The following change removed the JSON encoding from
    get_instance_disk_info and other methods within the libvirt driver for
    Liberty.

    libvirt: Remove unnecessary JSON conversions
    https://review.openstack.org/#/c/177437/6

    Closes-Bug: #1558697
    Change-Id: Icfe1f23cc3af2d0166dac82109111e341623fc4a

Changed in ossa:
status: Incomplete → Confirmed

Reviewed: https://review.openstack.org/298973
Committed: https://git.openstack.org/cgit/openstack/ossa/commit/?id=ffcfc1a6fc7acd6c4e718c98ae705a65079f7a4e
Submitter: Jenkins
Branch: master

commit ffcfc1a6fc7acd6c4e718c98ae705a65079f7a4e
Author: Tristan Cacqueray <email address hidden>
Date: Tue Mar 29 16:39:52 2016 -0400

    Updates OSSA 2016-007 with ERRATA#2

    Change-Id: Icbf47637ac9d5afa17afb0656d8374b4bf2562fb
    Related-Bug: #1558697

Changed in ossa:
status: Confirmed → Fix Released

This issue was fixed in the openstack/nova 2015.1.4 release.

This issue was fixed in the openstack/nova 2015.1.4 release.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers