yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #34169
[Bug 1456228] Re: Trusted vm can be powered on untrusted host
Sylvain, if the trusted computing feature of Nova doesn't prevent an
instance to spawn on a compromised node, then maybe the feature should
be removed, or at least have a clear mention about that behavior.
According to vulnerability taxonomy, this issue falls in the B2 class (
https://security.openstack.org/vmt-process.html#incident-report-taxonomy
), I've set the OSSA tasks to won't fix and added a new OSSN tasks.
** Also affects: ossn
Importance: Undecided
Status: New
** Changed in: ossa
Status: Incomplete => Won't Fix
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1456228
Title:
Trusted vm can be powered on untrusted host
Status in OpenStack Compute (Nova):
Invalid
Status in OpenStack Security Advisories:
Won't Fix
Status in OpenStack Security Notes:
New
Bug description:
This is related to the trusted compute.
I recently setup trusted compute pool in my company and have observed
that although new trusted vm is not able to be launched from an
untrusted host, but if an trusted vm that have launched earlier on a
trusted host which is compromised later on, that VM can still be
powered on.
1. Exact version of Nova/Openstack:
[root@grunt2 ~]# rpm -qa | grep nova
python-nova-2014.1.2-100+45c2cbc.fc20.noarch
openstack-nova-network-2014.1.2-100+45c2cbc.fc20.noarch
openstack-nova-compute-2014.1.2-100+45c2cbc.fc20.noarch
openstack-nova-conductor-2014.1.2-100+45c2cbc.fc20.noarch
openstack-nova-2014.1.2-100+45c2cbc.fc20.noarch
openstack-nova-cells-2014.1.2-100+45c2cbc.fc20.noarch
openstack-nova-api-2014.1.2-100+45c2cbc.fc20.noarch
openstack-nova-console-2014.1.2-100+45c2cbc.fc20.noarch
python-novaclient-2.17.0-2.fc21.noarch
openstack-nova-cert-2014.1.2-100+45c2cbc.fc20.noarch
openstack-nova-scheduler-2014.1.2-100+45c2cbc.fc20.noarch
openstack-nova-objectstore-2014.1.2-100+45c2cbc.fc20.noarch
openstack-nova-common-2014.1.2-100+45c2cbc.fc20.noarch
openstack-nova-novncproxy-2014.1.2-100+45c2cbc.fc20.noarch
openstack-nova-doc-2014.1.2-100+45c2cbc.fc20.noarch
2. Relevant log files:
this is not a error, don't think logs will help..
3. Reproduce steps:
* create trusted compute pool with only one compute node
* create an trusted VM on that compute node
* compromise the trusted compute node by changing the boot order
* power on the trusted Vm created earlier.
To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1456228/+subscriptions