Volumes aren't zeroed out
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Compute (nova) |
Fix Released
|
High
|
Jesse Andrews |
Bug Description
In LVM implementation, users can potentially access data from other users after volumes are destroyed.
Steps to reproduce:
1) Setup a new install of Nova with Volumes
2) Run a single nova-volume worker using a single 1G volume group
3) Project A:
* create an instance
* create a 1G volume
* attach to instance
* format & mount volume to /dev/vdb
* put content onto volume
* unmount volume
* detach volume
* destroy volume
4) Project B:
* create an instance
* create 1 1G volume
* attach to instance at /dev/vdb
* dd if=/dev/vdb of=/root/data
Expected: project B has a file full of zeros
Actual: project B has a file with information from project A
-----
Simplified Nova is doing the following:
# create a volume group against a file
truncate -s 1G volumes
DEV=`sudo losetup -f --show volumes`
sudo vgcreate nova-volumes $DEV
# manually zero out nova-volumes
lvcreate --size 1000M --name snap nova-volumes
dd if=/dev/zero of=/dev/
od /dev/mapper/
# verify everything is still zeros
lvremove nova-volumes
lvcreate --size 1000M --name snap nova-volumes
od /dev/mapper/
# put some randomness in
dd if=/dev/urandom of=/dev/
lvremove nova-volumes
# and you can still see the randomness
lvcreate --size 1000M --name snap nova-volumes
od /dev/mapper/
Related branches
- Devin Carlen (community): Approve
- Soren Hansen (community): Needs Fixing
- Jesse Andrews (community): Approve
- Sandy Walsh (community): Needs Information
-
Diff: 28 lines (+7/-0)2 files modified.mailmap (+1/-0)
nova/volume/driver.py (+6/-0)
visibility: | private → public |
Changed in nova: | |
importance: | Undecided → High |
milestone: | none → cactus-rc |
status: | New → Confirmed |
Changed in nova: | |
assignee: | nobody → anotherjesse (anotherjesse) |
status: | Confirmed → In Progress |
Changed in nova: | |
status: | In Progress → Fix Committed |
Changed in nova: | |
milestone: | cactus-rc → 2011.2 |
status: | Fix Committed → Fix Released |
@Jesse: do you have someone working on this ? Would be good to fix before Cactus release...