Comment 29 for bug 1739593

Reviewed: https://review.openstack.org/543569
Committed: https://git.openstack.org/cgit/openstack/nova/commit/?id=5b64a1936122eeb35f37a09f9d38159e1a224c58
Submitter: Zuul
Branch: stable/pike

commit 5b64a1936122eeb35f37a09f9d38159e1a224c58
Author: Lee Yarwood <email address hidden>
Date: Mon Feb 12 18:07:14 2018 +0000

    libvirt: Block swap volume attempts with encrypted volumes prior to Queens

    Prior to Queens any attempt to swap between encrypted volumes would
    result in unencrypted data being written to the new volume. This
    unencrypted data would then be overwritten the next time the volume was
    attached to an instance as Nova no longer identified the volume as
    encrypted, resulting in the volume being reformatted.

    This stable only change uses limited parts of the following changes to
    block all swap_volume attempts with encrypted volumes prior to Queens
    where this was resolved by Ica323b87fa85a454fca9d46ada3677f18 and also
    blocked when using QEMU to decrypt LUKS volumes by
    Ibfa64f18bbd2fb70db7791330ed1a64fe61c1.

    Ica323b87fa85a454fca9d46ada3677f18fe50022

    The request context is provided to swap_volume in order to look up the
    encryption metadata of a volume.

    Ibfa64f18bbd2fb70db7791330ed1a64fe61c1355

    Attempts to swap from an encrypted volume are blocked with a
    NotImplementedError exception raised.

    I258127fdcd011ccec721d5ff62eb7f128f130336

    Attempts to swap from an unencrypted volume to an encrypted volume are
    also blocked with a NotImplementedError exception raised.

    Ie02d298cd92d5b5ebcbbcd2b0e8be01f197bfafb

    The serial of a volume is used as the id if connection_info for the
    volume doesn't contain the volume_id key. Required to avoid bug #1746609.

    Closes-bug: #1739593
    Change-Id: If12e7860baad2899380f06144a0270784a5466b8