misc: Bandit scan issue for lxml

This patch is to fix Bandit scan issue b313-b320 which is vulnerable to
XML attacks when parsing untrusted XML data.

I replace lxml.etree with the equivalent defusedxml package.

I confirm it works after making a Bandit scan, building the configurator
and compiling the acrn.

Signed-off-by: dongpingx <dongpingx.wu@intel.com>
Tracked-On: #8717

misc/config_tools/acpi_gen/asl_gen.py

@@ -9,7 +9,7 @@ import sys, os, re, argparse, shutil, ctypes
 from acpi_const import *
 import board_cfg_lib, acrn_config_utilities
 import collections
-import lxml.etree
+from defusedxml.lxml import parse
 from acrn_config_utilities import get_node
 
 sys.path.append(os.path.join(os.path.dirname(os.path.abspath(__file__)), '..', 'board_inspector'))
@@ -861,11 +861,11 @@ def main(args):
     scenario= params['--scenario']
     out = params['--out']
 
-    board_etree = lxml.etree.parse(board)
+    board_etree = parse(board)
     board_root = board_etree.getroot()
-    scenario_etree = lxml.etree.parse(scenario)
+    scenario_etree = parse(scenario)
     scenario_root = scenario_etree.getroot()
-    allocation_etree = lxml.etree.parse(os.path.join(os.path.dirname(board), "configs", "allocation.xml"))
+    allocation_etree = parse(os.path.join(os.path.dirname(board), "configs", "allocation.xml"))
     board_type = board_root.attrib['board']
     scenario_name = scenario_root.attrib['scenario']
     pcpu_list = board_root.find('CPU_PROCESSOR_INFO').text.strip().split(',')