Refactoring of the virt disk API to improve libguestfs support

Registered by Daniel Berrange on 2012-11-13

The current nova.virt.disk API contains code for file injection which assumes that the disk image can be mapped into the host filesystem. As a previous CVE has demonstrated, exposing the guest filesystem in the host is risky. By introducing a proper VFS abstraction, we can make use of the libguestfs API directly, instead of via its FUSE module. This isolates file injection from the host OS

Blueprint information

Status:
Complete
Approver:
Russell Bryant
Priority:
High
Drafter:
Daniel Berrange
Direction:
Approved
Assignee:
Daniel Berrange
Definition:
Approved
Series goal:
Accepted for grizzly
Implementation:
Implemented
Milestone target:
milestone icon 2013.1
Started by
Russell Bryant on 2012-11-16
Completed by
Mark McLoughlin on 2012-12-04

Related branches

Sprints

Whiteboard

Gerrit topic: https://review.openstack.org/#q,topic:bp/virt-disk-api-refactoring,n,z

Addressed by: https://review.openstack.org/16173
    Move all mount classes into a subdirectory

Addressed by: https://review.openstack.org/16174
    Introduce a VFS api abstraction for manipulating disk images

Addressed by: https://review.openstack.org/16175
    Introduce a VFS implementation mapped to the host filesystem

Addressed by: https://review.openstack.org/16176
    Introduce a VFS implementation backed by the libguestfs APIs

Addressed by: https://review.openstack.org/16177
    Convert file injection code to use the VFS APIs

Addressed by: https://review.openstack.org/16178
    Remove img_handlers config parameter usage

Addressed by: https://review.openstack.org/16179
    Remove the libguestfs disk mount API implementation

Addressed by: https://review.openstack.org/16180
    Add debug logging to disk mount modules

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.