commit f0cef07bef5ea8ed29179ee3774df5f4a634ba86
Author: Eric Young <email address hidden>
Date: Thu Mar 22 20:24:01 2018 -0400
ScaleIO: Prevent usage of unsafe volumes
It is possible for volumes, created from storage pools
which have zero-padding disabled, to contain previous data. This
change prevents these volumes from being created by default. A
user can override this behavior by acknowleding the possibility
with a configuration option.
This is a squash of the four commits that led to the final state in
rocky to not allow the creation of any type of non-zero-padded volumes
to be created. This adds a config option that defaults to the safe
behavior. It is backporting a new config option, and a change in default
behavior, but it should be acceptable in this case so that the security
vulnerability can be addressed.
Closes-Bug: #1784871
Change-Id: I62f8f48b1624fc9abb7427bd4ca51f7873d35b96
Closes-bug: #1699573
(cherry picked from commit 7feb62197d371ab7253dc86a34af6ff8b484b4df)
(cherry picked from commit 949cc46e162e00092aa85a7be921649c8dbf2bf8)
(cherry picked from commit 8d0dea694a366cb3797748d389ca76b7864af16f)
(cherry picked from commit 13a6689ccb7751c9f9b5c37ce0a3f75eb7665a95)
Reviewed: https:/ /review. openstack. org/596879 /git.openstack. org/cgit/ openstack/ cinder/ commit/ ?id=f0cef07bef5 ea8ed29179ee377 4df5f4a634ba86
Committed: https:/
Submitter: Zuul
Branch: stable/queens
commit f0cef07bef5ea8e d29179ee3774df5 f4a634ba86
Author: Eric Young <email address hidden>
Date: Thu Mar 22 20:24:01 2018 -0400
ScaleIO: Prevent usage of unsafe volumes
It is possible for volumes, created from storage pools
which have zero-padding disabled, to contain previous data. This
change prevents these volumes from being created by default. A
user can override this behavior by acknowleding the possibility
with a configuration option.
This is a squash of the four commits that led to the final state in
rocky to not allow the creation of any type of non-zero-padded volumes
to be created. This adds a config option that defaults to the safe
behavior. It is backporting a new config option, and a change in default
behavior, but it should be acceptable in this case so that the security
vulnerability can be addressed.
Closes-Bug: #1784871
Change-Id: I62f8f48b1624fc 9abb7427bd4ca51 f7873d35b96 7253dc86a34af6f f8b484b4df) 92aa85a7be92164 9c8dbf2bf8) 3797748d389ca76 b7864af16f) 9f9b5c37ce0a3f7 5eb7665a95)
Closes-bug: #1699573
(cherry picked from commit 7feb62197d371ab
(cherry picked from commit 949cc46e162e000
(cherry picked from commit 8d0dea694a366cb
(cherry picked from commit 13a6689ccb7751c