diff options
author | Dan Smith <dansmith@redhat.com> | 2022-11-10 09:55:48 -0800 |
---|---|---|
committer | Dan Smith <dansmith@redhat.com> | 2023-01-24 07:01:24 -0800 |
commit | d1d2375c474f74b636cf55efa72c7f86fbf6c156 (patch) | |
tree | 86805a88ce3ed950ad34f260ce1105105e9644b2 /nova/virt | |
parent | d8b4b7bebdc0f55353cd99f372044b9e30315a6d (diff) | |
download | nova-d1d2375c474f74b636cf55efa72c7f86fbf6c156.tar.gz |
Check VMDK create-type against an allowed list
Related-Bug: #1996188
Change-Id: I5a399f1d3d702bfb76c067893e9c924904c8c360
Diffstat (limited to 'nova/virt')
-rw-r--r-- | nova/virt/images.py | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/nova/virt/images.py b/nova/virt/images.py index 5358f3766a..f13c872290 100644 --- a/nova/virt/images.py +++ b/nova/virt/images.py @@ -110,6 +110,34 @@ def get_info(context, image_href): return IMAGE_API.get(context, image_href) +def check_vmdk_image(image_id, data): + # Check some rules about VMDK files. Specifically we want to make + # sure that the "create-type" of the image is one that we allow. + # Some types of VMDK files can reference files outside the disk + # image and we do not want to allow those for obvious reasons. + + types = CONF.compute.vmdk_allowed_types + + if not len(types): + LOG.warning('Refusing to allow VMDK image as vmdk_allowed_' + 'types is empty') + msg = _('Invalid VMDK create-type specified') + raise exception.ImageUnacceptable(image_id=image_id, reason=msg) + + try: + create_type = data.format_specific['data']['create-type'] + except KeyError: + msg = _('Unable to determine VMDK create-type') + raise exception.ImageUnacceptable(image_id=image_id, reason=msg) + + if create_type not in CONF.compute.vmdk_allowed_types: + LOG.warning('Refusing to process VMDK file with create-type of %r ' + 'which is not in allowed set of: %s', create_type, + ','.join(CONF.compute.vmdk_allowed_types)) + msg = _('Invalid VMDK create-type specified') + raise exception.ImageUnacceptable(image_id=image_id, reason=msg) + + def fetch_to_raw(context, image_href, path, trusted_certs=None): path_tmp = "%s.part" % path fetch(context, image_href, path_tmp, trusted_certs) @@ -129,6 +157,9 @@ def fetch_to_raw(context, image_href, path, trusted_certs=None): reason=(_("fmt=%(fmt)s backed by: %(backing_file)s") % {'fmt': fmt, 'backing_file': backing_file})) + if fmt == 'vmdk': + check_vmdk_image(image_href, data) + if fmt != "raw" and CONF.force_raw_images: staged = "%s.converted" % path LOG.debug("%s was %s, converting to raw", image_href, fmt) |