[Openstack-security] [openstack/cinder] SecurityImpact review request change I164290e761a9922919a70f22f99af70dac213b61

gerrit2 at review.openstack.org gerrit2 at review.openstack.org
Mon Aug 12 15:12:38 UTC 2013


Hi, I'd like you to take a look at this patch for potential
SecurityImpact.
https://review.openstack.org/30974

Log:
commit 04d98a4db9398e071ee27eb9217694286473dc34
Author: Joel Coffman <joel.coffman at jhuapl.edu>
Date:   Mon Aug 12 09:41:41 2013 -0400

    Add support for encrypted volumes
    
    This modification adds an encryption key UUID field to the volume
    table, which is sufficient to make Cinder "aware" of encrypted volumes
    as designated by predefined volume types. Integration with a key
    manager is necessary to obtain an actual encryption key UUID (the
    current implementation generates a random UUID when an encrypted
    volumes is created). Cinder should *not* presume that it necessarily
    will have access to the key itself -- this decision depends upon the
    design, implementation, and policy for encrypted volumes. The key's
    UUID is stored in Cinder because it is metadata about the volume.
    
    Implements: blueprint encrypt-cinder-volumes
    Change-Id: I164290e761a9922919a70f22f99af70dac213b61
    SecurityImpact





More information about the Openstack-security mailing list