[gentoo-commits] repo/gentoo:master commit in: sys-cluster/nova/files/, sys-cluster/nova/

Tue, 25 Aug 2020 09:54:11 -0700 

commit:     440c9286ac4b1d2e10c25cb883250bc497611159
Author:     Matthew Thode <prometheanfire <AT> gentoo <DOT> org>
AuthorDate: Tue Aug 25 16:53:37 2020 +0000
Commit:     Matthew Thode <prometheanfire <AT> gentoo <DOT> org>
CommitDate: Tue Aug 25 16:53:53 2020 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=440c9286

sys-cluster/nova: fix CVE-2020-17376 (live migration data leak)

Package-Manager: Portage-3.0.4, Repoman-2.3.23
RepoMan-Options: --force
Signed-off-by: Matthew Thode <prometheanfire <AT> gentoo.org>

 sys-cluster/nova/files/CVE-2020-17376.patch        | 141 +++++++++++++++++++++
 .../{nova-21.0.0.ebuild => nova-21.0.0-r1.ebuild}  |   5 +-
 2 files changed, 144 insertions(+), 2 deletions(-)

diff --git a/sys-cluster/nova/files/CVE-2020-17376.patch 
b/sys-cluster/nova/files/CVE-2020-17376.patch
new file mode 100644
index 00000000000..8cb2d4423f7
--- /dev/null
+++ b/sys-cluster/nova/files/CVE-2020-17376.patch
@@ -0,0 +1,141 @@
+From bbf9d1de06e9991acd968fceee899a8df3776d60 Mon Sep 17 00:00:00 2001
+From: Lee Yarwood <[email protected]>
+Date: Wed, 5 Aug 2020 23:00:06 +0100
+Subject: [PATCH] libvirt: Provide VIR_MIGRATE_PARAM_PERSIST_XML during live
+ migration
+
+The VIR_MIGRATE_PARAM_PERSIST_XML parameter was introduced in libvirt
+v1.3.4 and is used to provide the new persistent configuration for the
+destination during a live migration:
+
+https://libvirt.org/html/libvirt-libvirt-domain.html#VIR_MIGRATE_PARAM_PERSIST_XML
+
+Without this parameter the persistent configuration on the destination
+will be the same as the original persistent configuration on the source
+when the VIR_MIGRATE_PERSIST_DEST flag is provided.
+
+As Nova does not currently provide the VIR_MIGRATE_PARAM_PERSIST_XML
+param but does provide the VIR_MIGRATE_PERSIST_DEST flag this means that
+a soft reboot by Nova of the instance after a live migration can revert
+the domain back to the original persistent configuration from the
+source.
+
+Note that this is only possible in Nova as a soft reboot actually
+results in the virDomainShutdown and virDomainLaunch libvirt APIs being
+called that recreate the domain using the persistent configuration.
+virDomainReboot does not result in this but is not called at this time.
+
+The impact of this on the instance after the soft reboot is pretty
+severe, host devices referenced in the original persistent configuration
+on the source may not exist or could even be used by other users on the
+destination. CPU and NUMA affinity could also differ drastically between
+the two hosts resulting in the instance being unable to start etc.
+
+As MIN_LIBVIRT_VERSION is now > v1.3.4 this change simply includes the
+VIR_MIGRATE_PARAM_PERSIST_XML param using the same updated XML for the
+destination as is already provided to VIR_MIGRATE_PARAM_DEST_XML.
+
+NOTE(lyarwood): A simple change to test_migrate_v3_unicode is included
+as Iccce0ab50eee515e533ab36c8e7adc10cb3f7019 had removed this from
+master.
+
+Co-authored-by: Tadayoshi Hosoya <[email protected]>
+Closes-Bug: #1890501
+Change-Id: Ia3f1d8e83cbc574ce5cb440032e12bbcb1e10e98
+(cherry picked from commit 1bb8ee95d4c3ddc3f607ac57526b75af1b7fbcff)
+Signed-off-by: Matthew Thode <[email protected]>
+---
+ nova/tests/unit/virt/libvirt/test_driver.py | 8 +++++++-
+ nova/tests/unit/virt/libvirt/test_guest.py  | 2 ++
+ nova/virt/libvirt/guest.py                  | 1 +
+ 3 files changed, 10 insertions(+), 1 deletion(-)
+
+diff --git a/nova/tests/unit/virt/libvirt/test_driver.py 
b/nova/tests/unit/virt/libvirt/test_driver.py
+index b416641d362..99ce85a870b 100644
+--- a/nova/tests/unit/virt/libvirt/test_driver.py
++++ b/nova/tests/unit/virt/libvirt/test_driver.py
+@@ -11196,6 +11196,7 @@ class LibvirtConnTestCase(test.NoDBTestCase,
+             'migrate_disks': disk_paths,
+             'bandwidth': _bandwidth,
+             'destination_xml': target_xml,
++            'persistent_xml': target_xml,
+         }
+ 
+         # start test
+@@ -11303,7 +11304,8 @@ class LibvirtConnTestCase(test.NoDBTestCase,
+             'migrate_disks': disk_paths,
+             'migrate_uri': 'tcp://127.0.0.2',
+             'bandwidth': CONF.libvirt.live_migration_bandwidth,
+-            'destination_xml': target_xml
++            'destination_xml': target_xml,
++            'persistent_xml': target_xml,
+         }
+ 
+         # Start test
+@@ -11462,6 +11464,7 @@ class LibvirtConnTestCase(test.NoDBTestCase,
+             'migrate_uri': 'tcp://127.0.0.2',
+             'bandwidth': CONF.libvirt.live_migration_bandwidth,
+             'destination_xml': target_xml,
++            'persistent_xml': target_xml,
+         }
+ 
+         # start test
+@@ -11813,6 +11816,7 @@ class LibvirtConnTestCase(test.NoDBTestCase,
+             'migrate_disks': ['vda', 'vdb'],
+             'bandwidth': CONF.libvirt.live_migration_bandwidth,
+             'destination_xml': target_xml,
++            'persistent_xml': target_xml,
+         }
+ 
+         # start test
+@@ -11939,6 +11943,7 @@ class LibvirtConnTestCase(test.NoDBTestCase,
+             'migrate_disks': device_names,
+             'bandwidth': CONF.libvirt.live_migration_bandwidth,
+             'destination_xml': '<xml/>',
++            'persistent_xml': '<xml/>',
+         }
+         if not params['migrate_disks']:
+             del params['migrate_disks']
+@@ -12078,6 +12083,7 @@ class LibvirtConnTestCase(test.NoDBTestCase,
+             'migrate_disks': disk_paths,
+             'bandwidth': CONF.libvirt.live_migration_bandwidth,
+             'destination_xml': '<xml/>',
++            'persistent_xml': '<xml/>',
+         }
+ 
+         # Prepare mocks
+diff --git a/nova/tests/unit/virt/libvirt/test_guest.py 
b/nova/tests/unit/virt/libvirt/test_guest.py
+index 55642c66f66..51899b730b3 100644
+--- a/nova/tests/unit/virt/libvirt/test_guest.py
++++ b/nova/tests/unit/virt/libvirt/test_guest.py
+@@ -682,6 +682,7 @@ class GuestTestCase(test.NoDBTestCase):
+                 'an-uri', flags=1, params={'migrate_uri': 'dest-uri',
+                                            'migrate_disks': 'disk1',
+                                            'destination_xml': '</xml>',
++                                           'persistent_xml': '</xml>',
+                                            'bandwidth': 2})
+ 
+     @testtools.skipIf(not six.PY2, 'libvirt python3 bindings accept unicode')
+@@ -699,6 +700,7 @@ class GuestTestCase(test.NoDBTestCase):
+                                            'migrate_disks': ['disk1',
+                                                              'disk2'],
+                                            'destination_xml': expect_dest_xml,
++                                           'persistent_xml': expect_dest_xml,
+                                            'bandwidth': 2})
+ 
+     def test_abort_job(self):
+diff --git a/nova/virt/libvirt/guest.py b/nova/virt/libvirt/guest.py
+index 0d485eb86d9..46593247303 100644
+--- a/nova/virt/libvirt/guest.py
++++ b/nova/virt/libvirt/guest.py
+@@ -638,6 +638,7 @@ class Guest(object):
+ 
+         if destination_xml:
+             params['destination_xml'] = destination_xml
++            params['persistent_xml'] = destination_xml
+         if migrate_disks:
+             params['migrate_disks'] = migrate_disks
+         if migrate_uri:
+-- 
+2.26.2
+

diff --git a/sys-cluster/nova/nova-21.0.0.ebuild 
b/sys-cluster/nova/nova-21.0.0-r1.ebuild
similarity index 99%
rename from sys-cluster/nova/nova-21.0.0.ebuild
rename to sys-cluster/nova/nova-21.0.0-r1.ebuild
index 8601ad73fd1..e96174c2c99 100644
--- a/sys-cluster/nova/nova-21.0.0.ebuild
+++ b/sys-cluster/nova/nova-21.0.0-r1.ebuild
@@ -148,8 +148,9 @@ RDEPEND="
        acct-user/nova
        acct-group/nova"
 
-#PATCHES=(
-#)
+PATCHES=(
+       "${FILESDIR}/CVE-2020-17376.patch"
+)
 
 pkg_setup() {
        linux-info_pkg_setup

Reply via email to