← Back to team overview

yahoo-eng-team team mailing list archive

[Bug 1346191] [NEW] libvirt _live_snapshot & _swap_volume functions re-define guest with wrong XML document

 

Public bug reported:

In the nova/virt/libvirt/driver.py file, the '_live_snapshot' and
'_swap_volume' methods have the following code flow


  xml = dom.XMLDesc(0)

  dom.undefine()

  dom.blockRebase()

  dom.defineXML(xml)


The reason for this is that 'blockRebase' requires the guest to be transient, so we must temporarily delete the persistent config and then re-create it later.

Unfortunately this code is using the wrong XML document when re-creating
the persistent config.  'dom.XMLDesc(0)' will return the guest XML
document based on the current guest state. Since the guest is running in
both these cases, it will get getting the *live* XML instead of the
persistent XML.

So these methods are deleting the persistent XML and replacing it with
the live XML. These two different XML documents are not guaranteed to
contain the same information.

As a second problem, it is not requesting inclusion of security
information, so any SPICE/VNC password set in the persistent XML is
getting lost

The fix is to replace

  dom.XMLDesc(0)

with

  dom.XMLDesc(libvirt.VIR_DOMAIN_XML_INACTIVE |
                               libvirt.VIR_DOMAIN_XML_SECURE)

in the _live_snapshot and _swap_volume functions.

** Affects: nova
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1346191

Title:
  libvirt _live_snapshot & _swap_volume functions re-define guest with
  wrong XML document

Status in OpenStack Compute (Nova):
  New

Bug description:
  In the nova/virt/libvirt/driver.py file, the '_live_snapshot' and
  '_swap_volume' methods have the following code flow

  
    xml = dom.XMLDesc(0)

    dom.undefine()

    dom.blockRebase()

    dom.defineXML(xml)

  
  The reason for this is that 'blockRebase' requires the guest to be transient, so we must temporarily delete the persistent config and then re-create it later.

  Unfortunately this code is using the wrong XML document when re-
  creating the persistent config.  'dom.XMLDesc(0)' will return the
  guest XML document based on the current guest state. Since the guest
  is running in both these cases, it will get getting the *live* XML
  instead of the persistent XML.

  So these methods are deleting the persistent XML and replacing it with
  the live XML. These two different XML documents are not guaranteed to
  contain the same information.

  As a second problem, it is not requesting inclusion of security
  information, so any SPICE/VNC password set in the persistent XML is
  getting lost

  The fix is to replace

    dom.XMLDesc(0)

  with

    dom.XMLDesc(libvirt.VIR_DOMAIN_XML_INACTIVE |
                                 libvirt.VIR_DOMAIN_XML_SECURE)

  in the _live_snapshot and _swap_volume functions.

To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1346191/+subscriptions


Follow ups

References