diff options
| author |   Matthew Thode <prometheanfire@gentoo.org> | 2014-06-16 03:35:39 +0000 |
|---|---|---|
| committer | Matthew Thode <prometheanfire@gentoo.org> | 2014-06-16 03:35:39 +0000 |
| commit | 872560a5fc1e9d5851564182df7af1e79b9d9288 (patch) | |
| tree | a8b2069c75c0cfba61ada3d37a96e6f5a7ffdf93 /sys-cluster/nova | |
| parent | 2014.1.1 bup (diff) | |
| download | gentoo-2-872560a5fc1e9d5851564182df7af1e79b9d9288.tar.gz gentoo-2-872560a5fc1e9d5851564182df7af1e79b9d9288.tar.bz2 gentoo-2-872560a5fc1e9d5851564182df7af1e79b9d9288.zip | |
2014.1.1 bup
(Portage version: 2.2.8-r1/cvs/Linux x86_64, signed Manifest commit with key 0x2471eb3e40ac5ac3)
Diffstat (limited to 'sys-cluster/nova')
| -rw-r--r-- | sys-cluster/nova/ChangeLog | 9 | ||||
| -rw-r--r-- | sys-cluster/nova/files/2014.1-CVE-2014-2573-1.patch | 103 | ||||
| -rw-r--r-- | sys-cluster/nova/files/2014.1-CVE-2014-2573-2.patch | 182 | ||||
| -rw-r--r-- | sys-cluster/nova/nova-2014.1.1.ebuild (renamed from sys-cluster/nova/nova-2014.1-r2.ebuild) | 4 |
4 files changed, 9 insertions, 289 deletions
diff --git a/sys-cluster/nova/ChangeLog b/sys-cluster/nova/ChangeLog index 34298843f9ca..50f84883f4fa 100644 --- a/sys-cluster/nova/ChangeLog +++ b/sys-cluster/nova/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for sys-cluster/nova # Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-cluster/nova/ChangeLog,v 1.66 2014/06/15 04:31:28 prometheanfire Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-cluster/nova/ChangeLog,v 1.67 2014/06/16 03:35:39 prometheanfire Exp $ + +*nova-2014.1.1 (16 Jun 2014) + + 16 Jun 2014; Matthew Thode <prometheanfire@gentoo.org> +nova-2014.1.1.ebuild, + -files/2014.1-CVE-2014-2573-1.patch, -files/2014.1-CVE-2014-2573-2.patch, + -nova-2014.1-r2.ebuild: + 2014.1.1 bup 15 Jun 2014; Matthew Thode <prometheanfire@gentoo.org> -files/CVE-2014-0167-2013.2.3.patch, -nova-2013.2.3-r1.ebuild, diff --git a/sys-cluster/nova/files/2014.1-CVE-2014-2573-1.patch b/sys-cluster/nova/files/2014.1-CVE-2014-2573-1.patch deleted file mode 100644 index 8fc53fa901ed..000000000000 --- a/sys-cluster/nova/files/2014.1-CVE-2014-2573-1.patch +++ /dev/null @@ -1,103 +0,0 @@ -From fb030283bed9e41a0343581fa21b81b2ebb07f15 Mon Sep 17 00:00:00 2001 -From: Xiaoyan Ding <xyding@cn.ibm.com> -Date: Mon, 24 Feb 2014 16:17:46 +0800 -Subject: [PATCH] VMWare: add power off vm before detach disk during unrescue - -Non Hot Plug type disk like IDE can only be detached when the VM is power off. - -Change-Id: Ib1f387a41abe2b52357854e90c2535ebb7b43f18 -Close-bug: #1279199 -(cherry picked from commit 1e1915aaaca38b5691794e0e052a42b9d95dd3c2) ---- - nova/tests/virt/vmwareapi/test_driver_api.py | 27 ++++++++++++++++++++++----- - nova/virt/vmwareapi/vmops.py | 21 ++++++++++++++++----- - 2 files changed, 38 insertions(+), 10 deletions(-) - -diff --git a/nova/tests/virt/vmwareapi/test_driver_api.py b/nova/tests/virt/vmwareapi/test_driver_api.py -index fb60335..c1481aa 100644 ---- a/nova/tests/virt/vmwareapi/test_driver_api.py -+++ b/nova/tests/virt/vmwareapi/test_driver_api.py -@@ -1273,14 +1273,31 @@ def test_rescue_with_config_drive(self): - - def test_unrescue(self): - self._rescue() -+ self.test_vm_ref = None -+ self.test_device_name = None - -- def fake_detach_disk_from_vm(*args, **kwargs): -- pass -+ def fake_power_off_vm_ref(vm_ref): -+ self.test_vm_ref = vm_ref -+ self.assertIsNotNone(vm_ref) - -- self.stubs.Set(self.conn._volumeops, "detach_disk_from_vm", -- fake_detach_disk_from_vm) -+ def fake_detach_disk_from_vm(vm_ref, instance, -+ device_name, destroy_disk=False): -+ self.test_device_name = device_name -+ info = self.conn.get_info(instance) -+ self._check_vm_info(info, power_state.SHUTDOWN) - -- self.conn.unrescue(self.instance, None) -+ with contextlib.nested( -+ mock.patch.object(self.conn._vmops, "_power_off_vm_ref", -+ side_effect=fake_power_off_vm_ref), -+ mock.patch.object(self.conn._volumeops, "detach_disk_from_vm", -+ side_effect=fake_detach_disk_from_vm), -+ ) as (poweroff, detach): -+ self.conn.unrescue(self.instance, None) -+ poweroff.assert_called_once_with(self.test_vm_ref) -+ detach.assert_called_once_with(self.test_vm_ref, mock.ANY, -+ self.test_device_name) -+ self.test_vm_ref = None -+ self.test_device_name = None - info = self.conn.get_info({'name': 1, 'uuid': self.uuid, - 'node': self.instance_node}) - self._check_vm_info(info, power_state.RUNNING) -diff --git a/nova/virt/vmwareapi/vmops.py b/nova/virt/vmwareapi/vmops.py -index 0c28a29..30f8373 100644 ---- a/nova/virt/vmwareapi/vmops.py -+++ b/nova/virt/vmwareapi/vmops.py -@@ -1159,12 +1159,26 @@ def unrescue(self, instance): - "get_dynamic_property", vm_rescue_ref, - "VirtualMachine", "config.hardware.device") - device = vm_util.get_vmdk_volume_disk(hardware_devices, path=vmdk_path) -+ self._power_off_vm_ref(vm_rescue_ref) - self._volumeops.detach_disk_from_vm(vm_rescue_ref, r_instance, device) - self.destroy(r_instance, None, instance_name=instance_name) - self._power_on(instance) - -+ def _power_off_vm_ref(self, vm_ref): -+ """Power off the specifed vm. -+ -+ :param vm_ref: a reference object to the VM. -+ """ -+ poweroff_task = self._session._call_method( -+ self._session._get_vim(), -+ "PowerOffVM_Task", vm_ref) -+ self._session._wait_for_task(poweroff_task) -+ - def power_off(self, instance): -- """Power off the specified instance.""" -+ """Power off the specified instance. -+ -+ :param instance: nova.objects.instance.Instance -+ """ - vm_ref = vm_util.get_vm_ref(self._session, instance) - - pwr_state = self._session._call_method(vim_util, -@@ -1173,10 +1187,7 @@ def power_off(self, instance): - # Only PoweredOn VMs can be powered off. - if pwr_state == "poweredOn": - LOG.debug(_("Powering off the VM"), instance=instance) -- poweroff_task = self._session._call_method( -- self._session._get_vim(), -- "PowerOffVM_Task", vm_ref) -- self._session._wait_for_task(poweroff_task) -+ self._power_off_vm_ref(vm_ref) - LOG.debug(_("Powered off the VM"), instance=instance) - # Raise Exception if VM is suspended - elif pwr_state == "suspended": --- -1.9.3 - diff --git a/sys-cluster/nova/files/2014.1-CVE-2014-2573-2.patch b/sys-cluster/nova/files/2014.1-CVE-2014-2573-2.patch deleted file mode 100644 index 990b6a8899d4..000000000000 --- a/sys-cluster/nova/files/2014.1-CVE-2014-2573-2.patch +++ /dev/null @@ -1,182 +0,0 @@ -From ffcb17678c7e5409a1f12a09945b18e8879a677d Mon Sep 17 00:00:00 2001 -From: Gary Kotton <gkotton@vmware.com> -Date: Thu, 13 Mar 2014 06:53:58 -0700 -Subject: [PATCH] VMware: ensure rescue instance is deleted when instance is - deleted - -If the user creates a rescue instance and then proceeded to delete -the original instance then the rescue instance would still be up -and running on the backend. - -This patch ensures that the rescue instance is cleaned up if -necessary. - -The vmops unrescue method has a new parameter indicating if -the original VM should be powered on. - -Closes-bug: 1269418 -(cherry picked from commit efb66531bc37ee416778a70d46c657608ca767af) - -Conflicts: - - nova/virt/vmwareapi/vmops.py - -Change-Id: I3c1d0b1d003392b306094b80ea1ac99377441fbf ---- - nova/tests/virt/vmwareapi/test_driver_api.py | 26 +++++++++++++ - nova/virt/vmwareapi/vmops.py | 55 ++++++++++++++++++++-------- - 2 files changed, 65 insertions(+), 16 deletions(-) - -diff --git a/nova/tests/virt/vmwareapi/test_driver_api.py b/nova/tests/virt/vmwareapi/test_driver_api.py -index c1481aa..63f0c59 100644 ---- a/nova/tests/virt/vmwareapi/test_driver_api.py -+++ b/nova/tests/virt/vmwareapi/test_driver_api.py -@@ -34,6 +34,7 @@ - from nova.compute import api as compute_api - from nova.compute import power_state - from nova.compute import task_states -+from nova.compute import vm_states - from nova import context - from nova import exception - from nova.openstack.common import jsonutils -@@ -1191,6 +1192,31 @@ def test_get_info(self): - 'node': self.instance_node}) - self._check_vm_info(info, power_state.RUNNING) - -+ def destroy_rescued(self, fake_method): -+ self._rescue() -+ with ( -+ mock.patch.object(self.conn._volumeops, "detach_disk_from_vm", -+ fake_method) -+ ): -+ self.instance['vm_state'] = vm_states.RESCUED -+ self.conn.destroy(self.context, self.instance, self.network_info) -+ inst_path = '[%s] %s/%s.vmdk' % (self.ds, self.uuid, self.uuid) -+ self.assertFalse(vmwareapi_fake.get_file(inst_path)) -+ rescue_file_path = '[%s] %s-rescue/%s-rescue.vmdk' % (self.ds, -+ self.uuid, -+ self.uuid) -+ self.assertFalse(vmwareapi_fake.get_file(rescue_file_path)) -+ -+ def test_destroy_rescued(self): -+ def fake_detach_disk_from_vm(*args, **kwargs): -+ pass -+ self.destroy_rescued(fake_detach_disk_from_vm) -+ -+ def test_destroy_rescued_with_exception(self): -+ def fake_detach_disk_from_vm(*args, **kwargs): -+ raise exception.NovaException('Here is my fake exception') -+ self.destroy_rescued(fake_detach_disk_from_vm) -+ - def test_destroy(self): - self._create_vm() - info = self.conn.get_info({'uuid': self.uuid, -diff --git a/nova/virt/vmwareapi/vmops.py b/nova/virt/vmwareapi/vmops.py -index 30f8373..831da48 100644 ---- a/nova/virt/vmwareapi/vmops.py -+++ b/nova/virt/vmwareapi/vmops.py -@@ -29,6 +29,7 @@ - from nova import compute - from nova.compute import power_state - from nova.compute import task_states -+from nova.compute import vm_states - from nova import context as nova_context - from nova import exception - from nova.openstack.common import excutils -@@ -985,13 +986,9 @@ def _delete(self, instance, network_info): - except Exception as exc: - LOG.exception(exc, instance=instance) - -- def destroy(self, instance, network_info, destroy_disks=True, -- instance_name=None): -- """Destroy a VM instance. Steps followed are: -- 1. Power off the VM, if it is in poweredOn state. -- 2. Un-register a VM. -- 3. Delete the contents of the folder holding the VM related data. -- """ -+ def _destroy_instance(self, instance, network_info, destroy_disks=True, -+ instance_name=None): -+ # Destroy a VM instance - # Get the instance name. In some cases this may differ from the 'uuid', - # for example when the spawn of a rescue instance takes place. - if not instance_name: -@@ -1029,8 +1026,9 @@ def destroy(self, instance, network_info, destroy_disks=True, - "UnregisterVM", vm_ref) - LOG.debug(_("Unregistered the VM"), instance=instance) - except Exception as excep: -- LOG.warn(_("In vmwareapi:vmops:destroy, got this exception" -- " while un-registering the VM: %s") % str(excep)) -+ LOG.warn(_("In vmwareapi:vmops:_destroy_instance, got this " -+ "exception while un-registering the VM: %s"), -+ excep) - # Delete the folder holding the VM related content on - # the datastore. - if destroy_disks and datastore_name: -@@ -1053,15 +1051,39 @@ def destroy(self, instance, network_info, destroy_disks=True, - {'datastore_name': datastore_name}, - instance=instance) - except Exception as excep: -- LOG.warn(_("In vmwareapi:vmops:destroy, " -- "got this exception while deleting" -- " the VM contents from the disk: %s") -- % str(excep)) -+ LOG.warn(_("In vmwareapi:vmops:_destroy_instance, " -+ "got this exception while deleting " -+ "the VM contents from the disk: %s"), -+ excep) - except Exception as exc: - LOG.exception(exc, instance=instance) - finally: - vm_util.vm_ref_cache_delete(instance_name) - -+ def destroy(self, instance, network_info, destroy_disks=True): -+ """Destroy a VM instance. -+ -+ Steps followed for each VM are: -+ 1. Power off, if it is in poweredOn state. -+ 2. Un-register. -+ 3. Delete the contents of the folder holding the VM related data. -+ """ -+ # If there is a rescue VM then we need to destroy that one too. -+ LOG.debug(_("Destroying instance"), instance=instance) -+ if instance['vm_state'] == vm_states.RESCUED: -+ LOG.debug(_("Rescue VM configured"), instance=instance) -+ try: -+ self.unrescue(instance, power_on=False) -+ LOG.debug(_("Rescue VM destroyed"), instance=instance) -+ except Exception: -+ rescue_name = instance['uuid'] + self._rescue_suffix -+ self._destroy_instance(instance, network_info, -+ destroy_disks=destroy_disks, -+ instance_name=rescue_name) -+ self._destroy_instance(instance, network_info, -+ destroy_disks=destroy_disks) -+ LOG.debug(_("Instance destroyed"), instance=instance) -+ - def pause(self, instance): - msg = _("pause not supported for vmwareapi") - raise NotImplementedError(msg) -@@ -1139,7 +1161,7 @@ def rescue(self, context, instance, network_info, image_meta): - adapter_type, disk_type, vmdk_path) - self._power_on(instance, vm_ref=rescue_vm_ref) - -- def unrescue(self, instance): -+ def unrescue(self, instance, power_on=True): - """Unrescue the specified instance.""" - # Get the original vmdk_path - vm_ref = vm_util.get_vm_ref(self._session, instance) -@@ -1161,8 +1183,9 @@ def unrescue(self, instance): - device = vm_util.get_vmdk_volume_disk(hardware_devices, path=vmdk_path) - self._power_off_vm_ref(vm_rescue_ref) - self._volumeops.detach_disk_from_vm(vm_rescue_ref, r_instance, device) -- self.destroy(r_instance, None, instance_name=instance_name) -- self._power_on(instance) -+ self._destroy_instance(r_instance, None, instance_name=instance_name) -+ if power_on: -+ self._power_on(instance) - - def _power_off_vm_ref(self, vm_ref): - """Power off the specifed vm. --- -1.9.3 - diff --git a/sys-cluster/nova/nova-2014.1-r2.ebuild b/sys-cluster/nova/nova-2014.1.1.ebuild index d9891d234a2d..7e9ea7d9d0c3 100644 --- a/sys-cluster/nova/nova-2014.1-r2.ebuild +++ b/sys-cluster/nova/nova-2014.1.1.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2014 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-cluster/nova/nova-2014.1-r2.ebuild,v 1.3 2014/06/09 04:56:40 prometheanfire Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-cluster/nova/nova-2014.1.1.ebuild,v 1.1 2014/06/16 03:35:39 prometheanfire Exp $ EAPI=5 PYTHON_COMPAT=( python2_7 ) @@ -76,8 +76,6 @@ RDEPEND="sqlite? ( >=dev-python/sqlalchemy-0.7.8[sqlite,${PYTHON_USEDEP}] app-emulation/xen-tools )" PATCHES=( - "${FILESDIR}/2014.1-CVE-2014-2573-1.patch" - "${FILESDIR}/2014.1-CVE-2014-2573-2.patch" ) pkg_setup() { |