[Openstack-security] [openstack/nova] SecurityImpact review request change Ie03acc00a7c904aec13c90ae6a53938d08e5e0c9
gerrit2 at review.openstack.org
gerrit2 at review.openstack.org
Wed Jul 29 09:02:14 UTC 2015
Hi, I'd like you to take a look at this patch for potential
SecurityImpact.
https://review.openstack.org/192986
Log:
commit 7ab75d5b0b75fc3426323bef19bf436a258b9707
Author: abhishekkekane <abhishek.kekane at nttdata.com>
Date: Mon Jul 6 01:51:26 2015 -0700
libvirt: Kill rsync/scp processes before deleting instance
In the resize operation, during copying files from source to
destination compute node scp/rsync processes are not aborted after
the instance is deleted because linux kernel doesn't delete instance
files physically until all processes using the file handle is closed
completely. Hence rsync/scp process keeps on running until it
transfers 100% of file data.
Added new module instancejobtracker to libvirt driver which will add,
remove or terminate the processes running against particular instances.
Added callback methods to execute call which will store the pid of
scp/rsync process in cache as a key: value pair and to remove the
pid from the cache after process completion. Process id will be used to
kill the process if it is running while deleting the instance. Instance
uuid is used as a key in the cache and pid will be the value.
SecurityImpact
Closes-bug: #1387543
Change-Id: Ie03acc00a7c904aec13c90ae6a53938d08e5e0c9
More information about the Openstack-security
mailing list