[
https://issues.apache.org/jira/browse/CLOUDSTACK-10230?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16422532#comment-16422532
]
ASF GitHub Bot commented on CLOUDSTACK-10230:
---------------------------------------------
DaanHoogland commented on a change in pull request #2404: [CLOUDSTACK-10230]
User should not be able to use removed “Guest OS type”
URL: https://github.com/apache/cloudstack/pull/2404#discussion_r178548793
##########
File path: server/src/main/java/com/cloud/vm/UserVmManagerImpl.java
##########
@@ -306,8 +306,14 @@
public class UserVmManagerImpl extends ManagerBase implements UserVmManager,
VirtualMachineGuru, UserVmService, Configurable {
private static final Logger s_logger =
Logger.getLogger(UserVmManagerImpl.class);
+ /**
+ * The number of seconds to wait before timing out when trying to acquire
a global lock.
+ */
private static final int ACQUIRE_GLOBAL_LOCK_TIMEOUT_FOR_COOPERATION = 3;
- private static final long GB_TO_BYTES = 1024 * 1024 * 1024;
+ /**
+ * The number of bytes in a GiB.
+ */
+ private static final long GiB_TO_BYTES = 1024 * 1024 * 1024;
Review comment:
yes, my remark was about the self documenting quality of the constant name;
it is not GiB_TO_BYTES, as it cannot push all information contained in a GiB
into a small number of bytes as anyone as ignorant as myself might think. The
contant is and can only be used as a factor to convert from GiB to a number of
B so it should be called GiB_TO_B_FACTOR or some such name. having said that,
another implementator would choose to have a MetricUtil.convertGiBtoB() method.
/me is not a bigot on that difference.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
> User is able to change to “Guest OS type” that has been removed
> ----------------------------------------------------------------
>
> Key: CLOUDSTACK-10230
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10230
> Project: CloudStack
> Issue Type: Bug
> Security Level: Public(Anyone can view this level - this is the
> default.)
> Reporter: Rafael Weingärtner
> Assignee: Rafael Weingärtner
> Priority: Critical
>
> Users are able to change the OS type of VMs to “Guest OS type” that has been
> removed. This becomes a security issue when we try to force users to use HVM
> VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable
> by any users in the cloud.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
