Previously, one could update a port's device_id in neutron to be
that of another tenant's instance_id and then be able to retrieve
that instance's metadata. This patch prevents this from occurring by
checking that X-Tenant-ID received from the metadata request matches
the tenant_id in the nova database.
DocImpact - This patch is dependent on another patch in neutron
which adds X-Tenant-ID to the request. Therefore to
minimize downtime one should upgrade Neutron first (then
restart neutron-metadata-agent) and lastly update nova.