Refactoring of the virt disk API to improve libguestfs support
The current nova.virt.disk API contains code for file injection which assumes that the disk image can be mapped into the host filesystem. As a previous CVE has demonstrated, exposing the guest filesystem in the host is risky. By introducing a proper VFS abstraction, we can make use of the libguestfs API directly, instead of via its FUSE module. This isolates file injection from the host OS
Blueprint information
- Status:
- Complete
- Approver:
- Russell Bryant
- Priority:
- High
- Drafter:
- Daniel Berrange
- Direction:
- Approved
- Assignee:
- Daniel Berrange
- Definition:
- Approved
- Series goal:
- Accepted for grizzly
- Implementation:
- Implemented
- Milestone target:
- 2013.1
- Started by
- Russell Bryant
- Completed by
- Mark McLoughlin
Related branches
Related bugs
Sprints
Whiteboard
Gerrit topic: https:/
Addressed by: https:/
Move all mount classes into a subdirectory
Addressed by: https:/
Introduce a VFS api abstraction for manipulating disk images
Addressed by: https:/
Introduce a VFS implementation mapped to the host filesystem
Addressed by: https:/
Introduce a VFS implementation backed by the libguestfs APIs
Addressed by: https:/
Convert file injection code to use the VFS APIs
Addressed by: https:/
Remove img_handlers config parameter usage
Addressed by: https:/
Remove the libguestfs disk mount API implementation
Addressed by: https:/
Add debug logging to disk mount modules