[Openstack-security] [openstack/nova] SecurityImpact review request change Ie03acc00a7c904aec13c90ae6a53938d08e5e0c9
gerrit2 at review.openstack.org
gerrit2 at review.openstack.org
Tue Jul 21 11:50:20 UTC 2015
Hi, I'd like you to take a look at this patch for potential
SecurityImpact.
https://review.openstack.org/192986
Log:
commit 9c06b898a7b5c56e9527a92fcb8f7cb6df15e67b
Author: abhishekkekane <abhishek.kekane at nttdata.com>
Date: Mon Jul 6 01:51:26 2015 -0700
libvirt: Kill rsync/scp processes before deleting instance
In the resize operation, during copying files from source to
destination compute node scp/rsync processes are not aborted after
the instance is deleted because linux kernel doesn't delete instance
files physically until all processes using the file handle is closed
completely. Hence rsync/scp process keeps on running until it
transfers 100% of file data.
Added new module instancejobtracker to libvirt driver which will add,
remove or terminate the processes running against particular instances.
Added callback methods to execute call which will store the pid of
scp/rsync process in cache as a key: value pair and to remove the
pid from the cache after process completion. Process id will be used to
kill the process if it is running while deleting the instance. Instance
uuid is used as a key in the cache and pid will be the value.
SecurityImpact
Depends-On: I8565ccb1572d3338eaf51fb3a439ce0b65f05065
Closes-bug: #1387543
Change-Id: Ie03acc00a7c904aec13c90ae6a53938d08e5e0c9
More information about the Openstack-security
mailing list