[Openstack-security] [Bug 1372375] Re: Attaching LVM encrypted volumes (with LUKS) could cause data loss if LUKS headers get corrupted
Joel Coffman
1372375 at bugs.launchpad.net
Mon Sep 29 16:47:21 UTC 2014
> [...] I think that Cinder should ask luksFormat to nova at the moment
of volume creation [...]
I agree that approach would be cleaner, but it also forces Cinder to
delegate a significant amount of work to Nova -- it's basically
comparable to attaching a volume to a VM. I'm also not really sure that
(encrypted) volume creation should couple Cinder to Nova. It would
certainly be a significant change from the creation of non-encrypted
volumes.
While it's not optimal, the existing approach is simple -- much simpler
than the alternatives in my opinion.
--
You received this bug notification because you are a member of OpenStack
Security Group, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1372375
Title:
Attaching LVM encrypted volumes (with LUKS) could cause data loss if
LUKS headers get corrupted
Status in Cinder:
New
Status in OpenStack Compute (Nova):
Incomplete
Status in OpenStack Security Advisories:
Won't Fix
Bug description:
I have doubts about the flow of the volume attaching operation, as
defined in /usr/lib/python2.6/site-
packages/nova/volume/encryptors/luks.py.
If the device is not recognized to be a valid luks device, the script is luks formatting it! So if for some reason the luks header get corrupted, it erases the whole data.
To manage corrupted headers there are the
cryptsetup luksHeaderBackup
and
cryptsetup luksHeaderRestore
commands that respectively do the backup and the restore of the
headers.
I think that the process has to be reviewed, and the luksFormat
operation has to be performed during the volume creation.
To manage notifications about this bug go to:
https://bugs.launchpad.net/cinder/+bug/1372375/+subscriptions
More information about the Openstack-security
mailing list