[openstack-dev] [OSSN-0084] Data retained after deletion of a ScaleIO volume

Luke Hinds lhinds at redhat.com
Wed Jul 11 06:20:00 UTC 2018


On Tue, Jul 10, 2018 at 9:08 PM, Jim Rollenhagen <jim at jimrollenhagen.com>
wrote:

> On Tue, Jul 10, 2018 at 3:28 PM, Martin Chlumsky <
> martin.chlumsky at gmail.com> wrote:
>
>> It is the workaround that is right and the discussion part that is wrong.
>>
>> I am familiar with this bug. Using thin volumes *and/or* enabling zero
>> padding DOES ensure data contained
>> in a volume is actually deleted.
>>
>
> Great, that's super helpful. Thanks!
>
> Is there someone (Luke?) on the list that can send a correction for this
> OSSN to all the lists it needs to go to?
>
> // jim
>

It can, but I would want to be sure we get an agreed consensus. The note
has already gone through a review cycle where a cinder core approved the
contents:

https://review.openstack.org/#/c/579094/

If someone wants to put forward a patch with the needed amendments , I can
send out a correction to the lists.


>
>
>>
>> On Tue, Jul 10, 2018 at 10:41 AM Jim Rollenhagen <jim at jimrollenhagen.com>
>> wrote:
>>
>>> On Tue, Jul 10, 2018 at 4:20 AM, Luke Hinds <lhinds at redhat.com> wrote:
>>>
>>>> Data retained after deletion of a ScaleIO volume
>>>> ---
>>>>
>>>> ### Summary ###
>>>> Certain storage volume configurations allow newly created volumes to
>>>> contain previous data. This could lead to leakage of sensitive
>>>> information between tenants.
>>>>
>>>> ### Affected Services / Software ###
>>>> Cinder releases up to and including Queens with ScaleIO volumes
>>>> using thin volumes and zero padding.
>>>>
>>>
>>> According to discussion in the bug, this bug occurs with ScaleIO volumes
>>> using thick volumes and with zero padding disabled.
>>>
>>> If the bug is with thin volumes and zero padding, then the workaround
>>> seems quite wrong. :)
>>>
>>> I'm not super familiar with Cinder, so could some Cinder folks check
>>> this out and re-issue a more accurate OSSN, please?
>>>
>>> // jim
>>>
>>>
>>>>
>>>> ### Discussion ###
>>>> Using both thin volumes and zero padding does not ensure data contained
>>>> in a volume is actually deleted. The default volume provisioning rule is
>>>> set to thick so most installations are likely not affected. Operators
>>>> can check their configuration in `cinder.conf` or check for zero padding
>>>> with this command `scli --query_all`.
>>>>
>>>> #### Recommended Actions ####
>>>>
>>>> Operators can use the following two workarounds, until the release of
>>>> Rocky (planned 30th August 2018) which resolves the issue.
>>>>
>>>> 1. Swap to thin volumes
>>>>
>>>> 2. Ensure ScaleIO storage pools use zero-padding with:
>>>>
>>>> `scli --modify_zero_padding_policy
>>>>     (((--protection_domain_id <ID> |
>>>>     --protection_domain_name <NAME>)
>>>>     --storage_pool_name <NAME>) | --storage_pool_id <ID>)
>>>>     (--enable_zero_padding | --disable_zero_padding)`
>>>>
>>>> ### Contacts / References ###
>>>> Author: Nick Tait
>>>> This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0084
>>>> Original LaunchPad Bug : https://bugs.launchpad.net/ossn/+bug/1699573
>>>> Mailing List : [Security] tag on openstack-dev at lists.openstack.org
>>>> OpenStack Security Project : https://launchpad.net/~openstack-ossg
>>>>
>>>>
>>>> ____________________________________________________________
>>>> ______________
>>>> OpenStack Development Mailing List (not for usage questions)
>>>> Unsubscribe: OpenStack-dev-request at lists.op
>>>> enstack.org?subject:unsubscribe
>>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>>>
>>>> ____________________________________________________________
>>> ______________
>>> OpenStack Development Mailing List (not for usage questions)
>>> Unsubscribe: OpenStack-dev-request at lists.op
>>> enstack.org?subject:unsubscribe
>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>>
>>
>> ____________________________________________________________
>> ______________
>> OpenStack Development Mailing List (not for usage questions)
>> Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscrib
>> e
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>
>>
>
> __________________________________________________________________________
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
>


-- 
Luke Hinds | NFV Partner Engineering | CTO Office | Red Hat
e: lhinds at redhat.com | irc: lhinds @freenode | t: +44 12 52 36 2483
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20180711/4b05ce7a/attachment.html>


More information about the OpenStack-dev mailing list