cinder/releasenotes/notes/bug-1996188-vmdk-subformat-allow-list-93e6943d9a486d11.yaml
Brian Rosmaita 930fc93e9f Check VMDK subformat against an allowed list
Also add a more general check to convert_image that the image format
reported by qemu-img matches what the caller says it is.

Change-Id: I3c60ee4c0795aadf03108ed9b5a46ecd116894af
Partial-bug: #1996188
2022-12-10 17:05:25 -05:00

34 lines
1.6 KiB
YAML

---
upgrade:
- |
This release introduces a new configuration option,
``vmdk_allowed_types``, that specifies the list of VMDK image
subformats that Cinder will allow. The default setting allows
only the 'streamOptimized' and 'monolithicSparse' subformats,
which do not use named extents.
security:
- |
This release introduces a new configuration option,
``vmdk_allowed_types``, that specifies the list of VMDK image
subformats that Cinder will allow in order to prevent exposure
of host information by modifying the named extents in a VMDK
image. The default setting allows only the 'streamOptimized'
and 'monolithicSparse' subformats, which do not use named extents.
- |
As part of the fix for `Bug #1996188
<https://bugs.launchpad.net/cinder/+bug/1996188>`_, cinder is now more
strict in checking that the ``disk_format`` recorded for an image (as
revealed by the Image Service API image-show response) matches what
cinder detects when it downloads the image. Thus, some requests to
create a volume from a source image that had previously succeeded may
fail with an ``ImageUnacceptable`` error.
fixes:
- |
`Bug #1996188 <https://bugs.launchpad.net/cinder/+bug/1996188>`_:
Fixed issue where a VMDK image file whose createType allowed named
extents could expose host information. This change introduces a new
configuration option, ``vmdk_allowed_types``, that specifies the list
of VMDK image subformats that Cinder will allow. The default
setting allows only the 'streamOptimized' and 'monolithicSparse'
subformats.