preserve secure information on xml changes

When setting parameters revolving around boot mode, options, firmware, it is necessary to extract and edit the XML document. Some details, however, are not automatically extracted and libvirt must be told to provide secure information. This change prevents us from accidently loosing such configuration parameters Story: 2010382 Task: 46652 Change-Id: I562e19a4290df64010ef59f6c5d9f49aeb09a693
2022-10-25 09:25:58 -07:00 · 2022-10-25 09:25:58 -07:00 · de5fad7368
parent 35c8b86fa3
commit de5fad7368
2 changed files with 27 additions and 4 deletions
--- a/releasenotes/notes/preserve-libvirt-domain-info-955410f570060241.yaml
+++ b/releasenotes/notes/preserve-libvirt-domain-info-955410f570060241.yaml
@ -0,0 +1,10 @@
+---
+security:
+  - |
+    Secure information in the Libvirt domain XML document is now preserved.
+    For more information, please see `story 2010382
+    <https://storyboard.openstack.org/#!/story/2010382>`_.
+fixes:
+  - |
+    Fixes an issue where secure fields were accidently lost in the Libvirt
+    domain XML document.
--- a/sushy_tools/emulator/resources/systems/libvirtdriver.py
+++ b/sushy_tools/emulator/resources/systems/libvirtdriver.py
@ -189,6 +189,20 @@ class LibvirtDriver(AbstractSystemsDriver):

            raise error.AliasAccessError(domain.UUIDString())

+    # Copied from nova/virt/libvirt/guest.py
+    def get_xml_desc(self, domain, dump_inactive=True,
+                     dump_sensitive=True):
+        """Returns xml description of guest.
+
+        :param dump_inactive: Dump inactive domain information
+        :param domain: The libvirt domain to call
+        :param dump_sensitive: Dump security sensitive information
+        :returns string: XML description of the guest
+        """
+        flags = dump_inactive and libvirt.VIR_DOMAIN_XML_INACTIVE or 0
+        flags |= dump_sensitive and libvirt.VIR_DOMAIN_XML_SECURE or 0
+        return domain.XMLDesc(flags=flags)
+
    @property
    def driver(self):
        """Return human-friendly driver information
@ -386,7 +400,7 @@ class LibvirtDriver(AbstractSystemsDriver):
        domain = self._get_domain(identity)

        # XML schema: https://libvirt.org/formatdomain.html#elementsOSBIOS
-        tree = ET.fromstring(domain.XMLDesc(libvirt.VIR_DOMAIN_XML_INACTIVE))
+        tree = ET.fromstring(self.get_xml_desc(domain))

        # Remove bootloader configuration

@ -492,7 +506,7 @@ class LibvirtDriver(AbstractSystemsDriver):
        domain = self._get_domain(identity, readonly=True)

        # XML schema: https://libvirt.org/formatdomain.html#elementsOSBIOS
-        tree = ET.fromstring(domain.XMLDesc(libvirt.VIR_DOMAIN_XML_INACTIVE))
+        tree = ET.fromstring(self.get_xml_desc(domain))

        try:
            loader_type = self.BOOT_MODE_MAP[boot_mode]
@ -1062,8 +1076,7 @@ class LibvirtDriver(AbstractSystemsDriver):
        """
        domain = self._get_domain(identity)

-        domain_tree = ET.fromstring(
-            domain.XMLDesc(libvirt.VIR_DOMAIN_XML_INACTIVE))
+        domain_tree = ET.fromstring(self.get_xml_desc(domain))

        self._remove_boot_images(domain, domain_tree, device)