Skip to content

security: Mythos AI-scan fixes batch 2 (KUBE-34, KUBE-32)#589

Merged
spraveenio merged 2 commits into
ROCm:mainfrom
bhatnitish:mythos-batch-2
Jul 1, 2026
Merged

security: Mythos AI-scan fixes batch 2 (KUBE-34, KUBE-32)#589
spraveenio merged 2 commits into
ROCm:mainfrom
bhatnitish:mythos-batch-2

Conversation

@bhatnitish

Copy link
Copy Markdown
Contributor

Summary

Second batch of fixes for the Mythos AI security-scan findings against this repo. Two self-contained commits.

  • KUBE-34 — the RHEL KMM driver-build template passed the Red Hat subscription password via subscription-manager --password inside a RUN layer (exposed in the build ConfigMap, process table, image history, and logs; ; exit 0 masked failures). The path was already dead: the "rhel" case in resolveDockerfile was commented out, DockerfileTemplate.rhel was not embedded or referenced, and the RedhatSubscription* CRD fields it read no longer exist, so osDistro == "rhel" already fell through to "not supported OS". Per team confirmation RHEL support is not being revived, so the dead template and commented block are removed rather than hardening an unreachable path.

  • KUBE-32 — the KMM driver-build templates fetch the apt/dnf GPG trust root from a URL that can be supplied via DeviceConfig (gpgKeyURL/packageRepoURL/amdgpuInstallerRepoURL). This is by design: these are optional fields for custom-mirror / air-gapped installs, and the only actor who can set them already controls the driver's package source via DeviceConfig write access. The scan's suggested fix (reject a CR-supplied key URL) would break air-gapped support. Rather than change behavior, the trust model is now documented on the three fields, and the CRD / helm CRD / CSV descriptors are regenerated to match.

Test plan

  • go build ./..., go vet ./internal/kmmmodule/, and go test ./internal/kmmmodule/ pass (KUBE-34)
  • Generated artifacts produced by make manifests + make bundle-build; operator-sdk bundle validate ./bundle passes (KUBE-32)
  • No behavior change for KUBE-32 (docs-only on live fields; dead-code-only removal for KUBE-34)

The RHEL KMM driver-build template passed the Red Hat subscription
password via subscription-manager --password inside a RUN layer, which
would expose the credential in the build ConfigMap, process table, image
history, and logs (and the ; exit 0 suffix masked registration
failures).

The path was already disabled: the "rhel" case in resolveDockerfile was
commented out, DockerfileTemplate.rhel was not go:embed'd or referenced,
and the RedhatSubscription* CRD fields it read no longer exist, so
osDistro == "rhel" already falls through to "not supported OS". No live
code path could leak the credential.

Per team confirmation RHEL support is not being revived, so remove the
dead template file and the stale commented-out block rather than
hardening an unreachable path.
…UBE-32)

The KMM driver-build templates fetch the apt/dnf GPG trust root from a
URL that can be supplied via DeviceConfig (spec.driver.imageBuild.gpgKeyURL,
packageRepoURL, amdgpuInstallerRepoURL). Since that key verifies the
amdgpu packages for a ring-0 kernel module on every node, controlling it
is high impact.

This is by design, not a defect: these are optional fields added for
custom-mirror / air-gapped installs (ROCm#540), and the only actor who can
set them is someone with write access to DeviceConfig, who already
controls the driver's package source. The scan's recommended fix
(reject a CR-supplied key URL) would break the air-gapped feature.

Rather than change behavior, document the trust model on the three URL
fields: they are trusted, privileged build inputs; DeviceConfig write
access should be treated as control over the driver's package source /
trust root and granted only to trusted admins; prefer https URLs you
control. Regenerated the CRD, helm CRD, and CSV descriptors to match.
@bhatnitish bhatnitish marked this pull request as ready for review July 1, 2026 20:49

@yansun1996 yansun1996 left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@spraveenio spraveenio merged commit 92fb9f3 into ROCm:main Jul 1, 2026
4 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants