Reviewed: https://review.openstack.org/258614 Committed: https://git.openstack.org/cgit/openstack/nova/commit/?id=82bf282dd599d9c1528a34a032513e6721ae9876 Submitter: Jenkins Branch: master
commit 82bf282dd599d9c1528a34a032513e6721ae9876 Author: Lucian Petrut <[email protected]> Date: Mon Dec 7 12:09:22 2015 +0200 HyperV: Set disk serial number for attached volumes Setting the disk serial number allows us to easily map volumes with the according virtual disk resources. This is required for the Fibre Channel support implementation, as well for the patch fixing the swapped VM disks after host reboot. Co-Authored-By: Alin Balutoiu <[email protected]> Partial-Bug: #1526831 Depends-On: I7faf798aa7c1c306ac641f4364b1407b80b40b09 Change-Id: I5a91c12eb54d8539e30598e617eb9f036fbba843 ** Changed in: nova Status: In Progress => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Compute (nova). https://bugs.launchpad.net/bugs/1526831 Title: Hyper-V: swapped disks after host reboot Status in OpenStack Compute (nova): Fix Released Status in OpenStack Security Advisory: Won't Fix Bug description: This issue is being treated as a potential security risk under embargo. Please do not make any public mention of embargoed (private) security vulnerabilities before their coordinated publication by the OpenStack Vulnerability Management Team in the form of an official OpenStack Security Advisory. This includes discussion of the bug or associated fixes in public forums such as mailing lists, code review systems and bug trackers. Please also avoid private disclosure to other individuals not already approved for access to this information, and provide this same reminder to those who are made aware of the issue prior to publication. All discussion should remain confined to this private bug report, and any proposed fixes should be added to the bug as attachments. -- As the disk number of iSCSI attached disks can change after host reboot, passthrough attached volumes can get attached in this case. This bug was partially fixed during Icehouse by this patch: https://review.openstack.org/95356 One of the issues with this patch is that it only handles SCSI attached disks, for which reason this issue continues to occur when having generation 1 VMs booted from volume, in which case the disk will be placed on the IDE controller. In this case, one instance may end up booting from another tenant's volume, which is a critical security issue. Also, it assumes that the block device info volume order matches the according disk controller slot order, which is wrong. Related bug: https://bugs.launchpad.net/nova/+bug/1322926 To manage notifications about this bug go to: https://bugs.launchpad.net/nova/+bug/1526831/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : [email protected] Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
