diff options
author | Matthew Thode <prometheanfire@gentoo.org> | 2020-08-25 11:53:37 -0500 |
---|---|---|
committer | Matthew Thode <prometheanfire@gentoo.org> | 2020-08-25 11:53:53 -0500 |
commit | 440c9286ac4b1d2e10c25cb883250bc497611159 (patch) | |
tree | efd136f7ad4bd67db9003f9ba49b8aad39200e33 | |
parent | app-emulation/distrobuilder: fix metadata (diff) | |
download | gentoo-440c9286ac4b1d2e10c25cb883250bc497611159.tar.gz gentoo-440c9286ac4b1d2e10c25cb883250bc497611159.tar.bz2 gentoo-440c9286ac4b1d2e10c25cb883250bc497611159.zip |
sys-cluster/nova: fix CVE-2020-17376 (live migration data leak)
Package-Manager: Portage-3.0.4, Repoman-2.3.23
RepoMan-Options: --force
Signed-off-by: Matthew Thode <prometheanfire@gentoo.org>
-rw-r--r-- | sys-cluster/nova/files/CVE-2020-17376.patch | 141 | ||||
-rw-r--r-- | sys-cluster/nova/nova-21.0.0-r1.ebuild (renamed from sys-cluster/nova/nova-21.0.0.ebuild) | 5 |
2 files changed, 144 insertions, 2 deletions
diff --git a/sys-cluster/nova/files/CVE-2020-17376.patch b/sys-cluster/nova/files/CVE-2020-17376.patch new file mode 100644 index 000000000000..8cb2d4423f72 --- /dev/null +++ b/sys-cluster/nova/files/CVE-2020-17376.patch @@ -0,0 +1,141 @@ +From bbf9d1de06e9991acd968fceee899a8df3776d60 Mon Sep 17 00:00:00 2001 +From: Lee Yarwood <lyarwood@redhat.com> +Date: Wed, 5 Aug 2020 23:00:06 +0100 +Subject: [PATCH] libvirt: Provide VIR_MIGRATE_PARAM_PERSIST_XML during live + migration + +The VIR_MIGRATE_PARAM_PERSIST_XML parameter was introduced in libvirt +v1.3.4 and is used to provide the new persistent configuration for the +destination during a live migration: + +https://libvirt.org/html/libvirt-libvirt-domain.html#VIR_MIGRATE_PARAM_PERSIST_XML + +Without this parameter the persistent configuration on the destination +will be the same as the original persistent configuration on the source +when the VIR_MIGRATE_PERSIST_DEST flag is provided. + +As Nova does not currently provide the VIR_MIGRATE_PARAM_PERSIST_XML +param but does provide the VIR_MIGRATE_PERSIST_DEST flag this means that +a soft reboot by Nova of the instance after a live migration can revert +the domain back to the original persistent configuration from the +source. + +Note that this is only possible in Nova as a soft reboot actually +results in the virDomainShutdown and virDomainLaunch libvirt APIs being +called that recreate the domain using the persistent configuration. +virDomainReboot does not result in this but is not called at this time. + +The impact of this on the instance after the soft reboot is pretty +severe, host devices referenced in the original persistent configuration +on the source may not exist or could even be used by other users on the +destination. CPU and NUMA affinity could also differ drastically between +the two hosts resulting in the instance being unable to start etc. + +As MIN_LIBVIRT_VERSION is now > v1.3.4 this change simply includes the +VIR_MIGRATE_PARAM_PERSIST_XML param using the same updated XML for the +destination as is already provided to VIR_MIGRATE_PARAM_DEST_XML. + +NOTE(lyarwood): A simple change to test_migrate_v3_unicode is included +as Iccce0ab50eee515e533ab36c8e7adc10cb3f7019 had removed this from +master. + +Co-authored-by: Tadayoshi Hosoya <tad-hosoya@wr.jp.nec.com> +Closes-Bug: #1890501 +Change-Id: Ia3f1d8e83cbc574ce5cb440032e12bbcb1e10e98 +(cherry picked from commit 1bb8ee95d4c3ddc3f607ac57526b75af1b7fbcff) +Signed-off-by: Matthew Thode <prometheanfire@gentoo.org> +--- + nova/tests/unit/virt/libvirt/test_driver.py | 8 +++++++- + nova/tests/unit/virt/libvirt/test_guest.py | 2 ++ + nova/virt/libvirt/guest.py | 1 + + 3 files changed, 10 insertions(+), 1 deletion(-) + +diff --git a/nova/tests/unit/virt/libvirt/test_driver.py b/nova/tests/unit/virt/libvirt/test_driver.py +index b416641d362..99ce85a870b 100644 +--- a/nova/tests/unit/virt/libvirt/test_driver.py ++++ b/nova/tests/unit/virt/libvirt/test_driver.py +@@ -11196,6 +11196,7 @@ class LibvirtConnTestCase(test.NoDBTestCase, + 'migrate_disks': disk_paths, + 'bandwidth': _bandwidth, + 'destination_xml': target_xml, ++ 'persistent_xml': target_xml, + } + + # start test +@@ -11303,7 +11304,8 @@ class LibvirtConnTestCase(test.NoDBTestCase, + 'migrate_disks': disk_paths, + 'migrate_uri': 'tcp://127.0.0.2', + 'bandwidth': CONF.libvirt.live_migration_bandwidth, +- 'destination_xml': target_xml ++ 'destination_xml': target_xml, ++ 'persistent_xml': target_xml, + } + + # Start test +@@ -11462,6 +11464,7 @@ class LibvirtConnTestCase(test.NoDBTestCase, + 'migrate_uri': 'tcp://127.0.0.2', + 'bandwidth': CONF.libvirt.live_migration_bandwidth, + 'destination_xml': target_xml, ++ 'persistent_xml': target_xml, + } + + # start test +@@ -11813,6 +11816,7 @@ class LibvirtConnTestCase(test.NoDBTestCase, + 'migrate_disks': ['vda', 'vdb'], + 'bandwidth': CONF.libvirt.live_migration_bandwidth, + 'destination_xml': target_xml, ++ 'persistent_xml': target_xml, + } + + # start test +@@ -11939,6 +11943,7 @@ class LibvirtConnTestCase(test.NoDBTestCase, + 'migrate_disks': device_names, + 'bandwidth': CONF.libvirt.live_migration_bandwidth, + 'destination_xml': '<xml/>', ++ 'persistent_xml': '<xml/>', + } + if not params['migrate_disks']: + del params['migrate_disks'] +@@ -12078,6 +12083,7 @@ class LibvirtConnTestCase(test.NoDBTestCase, + 'migrate_disks': disk_paths, + 'bandwidth': CONF.libvirt.live_migration_bandwidth, + 'destination_xml': '<xml/>', ++ 'persistent_xml': '<xml/>', + } + + # Prepare mocks +diff --git a/nova/tests/unit/virt/libvirt/test_guest.py b/nova/tests/unit/virt/libvirt/test_guest.py +index 55642c66f66..51899b730b3 100644 +--- a/nova/tests/unit/virt/libvirt/test_guest.py ++++ b/nova/tests/unit/virt/libvirt/test_guest.py +@@ -682,6 +682,7 @@ class GuestTestCase(test.NoDBTestCase): + 'an-uri', flags=1, params={'migrate_uri': 'dest-uri', + 'migrate_disks': 'disk1', + 'destination_xml': '</xml>', ++ 'persistent_xml': '</xml>', + 'bandwidth': 2}) + + @testtools.skipIf(not six.PY2, 'libvirt python3 bindings accept unicode') +@@ -699,6 +700,7 @@ class GuestTestCase(test.NoDBTestCase): + 'migrate_disks': ['disk1', + 'disk2'], + 'destination_xml': expect_dest_xml, ++ 'persistent_xml': expect_dest_xml, + 'bandwidth': 2}) + + def test_abort_job(self): +diff --git a/nova/virt/libvirt/guest.py b/nova/virt/libvirt/guest.py +index 0d485eb86d9..46593247303 100644 +--- a/nova/virt/libvirt/guest.py ++++ b/nova/virt/libvirt/guest.py +@@ -638,6 +638,7 @@ class Guest(object): + + if destination_xml: + params['destination_xml'] = destination_xml ++ params['persistent_xml'] = destination_xml + if migrate_disks: + params['migrate_disks'] = migrate_disks + if migrate_uri: +-- +2.26.2 + diff --git a/sys-cluster/nova/nova-21.0.0.ebuild b/sys-cluster/nova/nova-21.0.0-r1.ebuild index 8601ad73fd10..e96174c2c999 100644 --- a/sys-cluster/nova/nova-21.0.0.ebuild +++ b/sys-cluster/nova/nova-21.0.0-r1.ebuild @@ -148,8 +148,9 @@ RDEPEND=" acct-user/nova acct-group/nova" -#PATCHES=( -#) +PATCHES=( + "${FILESDIR}/CVE-2020-17376.patch" +) pkg_setup() { linux-info_pkg_setup |