[Openstack-security] [openstack/nova] SecurityImpact review request change Ie03acc00a7c904aec13c90ae6a53938d08e5e0c9
gerrit2 at review.openstack.org
gerrit2 at review.openstack.org
Wed Aug 19 10:16:09 UTC 2015
Hi, I'd like you to take a look at this patch for potential
SecurityImpact.
https://review.openstack.org/214528
Log:
commit 539693e40388c4729c99a2c133b573896296df2a
Author: abhishekkekane <abhishek.kekane at nttdata.com>
Date: Mon Jul 6 01:51:26 2015 -0700
libvirt: Kill rsync/scp processes before deleting instance
In the resize operation, during copying files from source to
destination compute node scp/rsync processes are not aborted after
the instance is deleted because linux kernel doesn't delete instance
files physically until all processes using the file handle is closed
completely. Hence rsync/scp process keeps on running until it
transfers 100% of file data.
Added new module instancejobtracker to libvirt driver which will add,
remove or terminate the processes running against particular instances.
Added callback methods to execute call which will store the pid of
scp/rsync process in cache as a key: value pair and to remove the
pid from the cache after process completion. Process id will be used to
kill the process if it is running while deleting the instance. Instance
uuid is used as a key in the cache and pid will be the value.
Conflicts:
nova/tests/unit/virt/libvirt/test_driver.py
nova/tests/unit/virt/libvirt/test_utils.py
nova/virt/libvirt/driver.py
nova/virt/libvirt/utils.py
Note: The required unit-tests are manually added to the below path,
as new path for unit-tests is not present in stable/juno release.
nova/tests/virt/libvirt/test_driver.py
nova/tests/virt/libvirt/test_utils.py
SecurityImpact
Closes-bug: #1387543
Change-Id: Ie03acc00a7c904aec13c90ae6a53938d08e5e0c9
(cherry picked from commit 7ab75d5b0b75fc3426323bef19bf436a258b9707)
(cherry picked from commit b5020a047fc487f35b76fc05f31e52665a1afda1)
More information about the Openstack-security
mailing list