Data retained after deletion of a ScaleIO volume
---
### Summary ###
Certain storage volume configurations allow newly created volumes to
contain previous data. This could lead to leakage of sensitive
information between tenants.
### Affected Services / Software ###
Cinder releases up to and including Queens with ScaleIO volumes
using thin volumes and zero padding.
### Discussion ###
Using both thin volumes and zero padding does not ensure data contained
in a volume is actually deleted. The default volume provisioning rule is
set to thick so most installations are likely not affected. Operators
can check their configuration in `cinder.conf` or check for zero padding
with this command `scli --query_all`.
#### Recommended Actions ####
Operators can use the following two workarounds, until the release of
Rocky (planned 30th August 2018) which resolves the issue.
1. Swap to thin volumes
2. Ensure ScaleIO storage pools use zero-padding with:
`scli --modify_zero_padding_policy
(((--protection_domain_id <ID> |
--protection_domain_name <NAME>)
--storage_pool_name <NAME>) | --storage_pool_id <ID>)
(--enable_zero_padding | --disable_zero_padding)`
### Contacts / References ###
Author: Nick Tait
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0084
Original LaunchPad Bug : https://bugs.launchpad.net/ossn/+bug/1699573
Mailing List : [Security] tag on openstack-dev@lists.openstack.org
OpenStack Security Project : https://launchpad.net/~openstack-ossg
---
### Summary ###
Certain storage volume configurations allow newly created volumes to
contain previous data. This could lead to leakage of sensitive
information between tenants.
### Affected Services / Software ###
Cinder releases up to and including Queens with ScaleIO volumes
using thin volumes and zero padding.
### Discussion ###
Using both thin volumes and zero padding does not ensure data contained
in a volume is actually deleted. The default volume provisioning rule is
set to thick so most installations are likely not affected. Operators
can check their configuration in `cinder.conf` or check for zero padding
with this command `scli --query_all`.
#### Recommended Actions ####
Operators can use the following two workarounds, until the release of
Rocky (planned 30th August 2018) which resolves the issue.
1. Swap to thin volumes
2. Ensure ScaleIO storage pools use zero-padding with:
`scli --modify_zero_padding_policy
(((--protection_domain_id <ID> |
--protection_domain_name <NAME>)
--storage_pool_name <NAME>) | --storage_pool_id <ID>)
(--enable_zero_padding | --disable_zero_padding)`
### Contacts / References ###
Author: Nick Tait
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0084
Original LaunchPad Bug : https://bugs.launchpad.net/ossn/+bug/1699573
Mailing List : [Security] tag on openstack-dev@lists.openstack.org
OpenStack Security Project : https://launchpad.net/~openstack-ossg
Attached Files:
-
signature.asc (0.48 KB)