Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

yoga: Backport fixes for CVE-2024-40767 #88

Merged
merged 7 commits into from
Jul 24, 2024

Conversation

priteau
Copy link
Member

@priteau priteau commented Jul 23, 2024

This pull request includes commits already submitted in #87.

@priteau priteau self-assigned this Jul 23, 2024
@priteau priteau requested a review from a team as a code owner July 23, 2024 15:42
@priteau priteau requested a review from markgoddard July 23, 2024 17:13
markgoddard
markgoddard previously approved these changes Jul 24, 2024
@priteau priteau dismissed markgoddard’s stale review July 24, 2024 08:24

The merge-base changed after approval.

markgoddard
markgoddard previously approved these changes Jul 24, 2024
@priteau priteau marked this pull request as draft July 24, 2024 08:29
SeanMooney and others added 7 commits July 24, 2024 10:29
This commit is a direct port of the format inspector
unit tests from glance as of commit
0d8e79b713bc31a78f0f4eac14ee594ca8520999

the only changes to the test are as follows

"from glance.common import format_inspector" was updated to
"from nova.image import format_inspector"

"from glance.tests import utils as test_utils"
was replaced with "from nova import test"

"test_utils.BaseTestCase" was replaced with "test.NoDBTestCase"

"glance-unittest-formatinspector-" was replaced with
"nova-unittest-formatinspector-"

This makes the test funtional in nova.

TestFormatInspectors requries qemu-img to be installed on the
host which would be a new depency for executing unit tests.
to avoid that we skip TestFormatInspectors if qemu-img
is not installed.
TestFormatInspectorInfra and TestFormatInspectorsTargeted
do not have a qemu-img dependency so
no changes to the test assertions were required.

Change-Id: Ia34203f246f0bc574e11476287dfb33fda7954fe
(cherry picked from commit 838daa3)
(cherry picked from commit 66205be)
(cherry picked from commit 497abea)
(cherry picked from commit 58cd955)
(cherry picked from commit d7e3d72)
This change adds a reproducer for the regression in iso
file support when
workarounds.disable_deep_image_inspection = False

Change-Id: I56d8b9980b4871941ba5de91e60a7df6a40106a8
(cherry picked from commit b5a1d3b)
(cherry picked from commit 3a6d9a0)
(cherry picked from commit 000b435)
(cherry picked from commit 1233d7b)
(cherry picked from commit fb86ca6)
This change includes unit tests for the ISO
format inspector using mkisofs to generate
the iso files.

A test for stashing qcow content in the system_area
of an iso file is also included.

This change modifies format_inspector.detect_file_format
to evaluate all inspectors until they are complete and
raise an InvalidDiskInfo exception if multiple formats
match.

Related-Bug: #2059809
Change-Id: I7e12718fb3e1f77eb8d1cfcb9fa64e8ddeb9e712
(cherry picked from commit b1cc398)
(cherry picked from commit eeda7c3)
(cherry picked from commit 24628ec)
(cherry picked from commit 65f0789)
(cherry picked from commit e8f0061)
while backporting Ia34203f246f0bc574e11476287dfb33fda7954fe

We observed that several of the tests showed distro specific
behavior depending on if qemu was installed in the test env,
what version is installed and how it was compiled

This change ensures that if qemu is present that it
supprot the required formats otherwise it skips the test.

Change-Id: I131996cdd7aaf1f52d4caac33b153753ff6db869
(cherry picked from commit cc2514d)
(cherry picked from commit ae10fde)
(cherry picked from commit bb2645e)
(cherry picked from commit 673103f)
(cherry picked from commit dae4230)
Some version of mkisofs does not properly handle if both the input and
the output file of the command are the same. So this commit changes the
unit tests depending on that binary to use a different files.

Related-Bug: #2059809
Change-Id: I6924eb23ff5804c22a48ec6fabcec25f061906bb
(cherry picked from commit c6d8c69)
(cherry picked from commit a8783a7)
(cherry picked from commit 02147b3)
(cherry picked from commit 47428f6)
(cherry picked from commit 11613e7)
Change-Id: I3b38344a127764b4fa62fe062e825074d6deab60
When we moved the qemu-img command in fetch_to_raw() to force the
format to what we expect, we lost the ability to identify and react
to situations where qemu-img detected a file as a format that is not
supported by us (i.e. identfied and safety-checked by
format_inspector). In the case of some of the other VMDK variants
that we don't support, we need to be sure to catch any case where
qemu-img thinks it's something other than raw when we think it is,
which will be the case for those formats we don't support.

Note this also moves us from explicitly using the format_inspector
that we're told by glance is appropriate, to using our own detection.
We assert that we agree with glance and as above, qemu agrees with
us. This helps us avoid cases where the uploader lies about the
image format, causing us to not run the appropriate safety check.
AMI formats are a liability here since we have a very hard time
asserting what they are and what they will be detected as later in
the pipeline, so there is still special-casing for those.

Closes-Bug: #2071734
Change-Id: I4b792c5bc959a904854c21565682ed3a687baa1a
(cherry picked from commit 8b4c522)
(cherry picked from commit 8ef5ec9)
(cherry picked from commit 45d9489)
(cherry picked from commit fbe4290)
@priteau priteau force-pushed the yoga-ossa-2024-002 branch from 9b4478d to c6936bb Compare July 24, 2024 08:31
@priteau priteau marked this pull request as ready for review July 24, 2024 08:31
@priteau priteau requested a review from markgoddard July 24, 2024 08:44
@markgoddard markgoddard merged commit 4e0e9d1 into stackhpc/yoga Jul 24, 2024
3 checks passed
@markgoddard markgoddard deleted the yoga-ossa-2024-002 branch July 24, 2024 08:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants