** Information type changed from Private Security to Public ** Tags added: security
** Changed in: ossa Status: New => Won't Fix -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Compute (nova). https://bugs.launchpad.net/bugs/1372375 Title: Attaching LVM encrypted volumes (with LUKS) could cause data loss if LUKS headers get corrupted Status in OpenStack Compute (Nova): Incomplete Status in OpenStack Security Advisories: Won't Fix Bug description: I have doubts about the flow of the volume attaching operation, as defined in /usr/lib/python2.6/site- packages/nova/volume/encryptors/luks.py. If the device is not recognized to be a valid luks device, the script is luks formatting it! So if for some reason the luks header get corrupted, it erases the whole data. To manage corrupted headers there are the cryptsetup luksHeaderBackup and cryptsetup luksHeaderRestore commands that respectively do the backup and the restore of the headers. I think that the process has to be reviewed, and the luksFormat operation has to be performed during the volume creation. To manage notifications about this bug go to: https://bugs.launchpad.net/nova/+bug/1372375/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp