[PATCH 0/6] handle NIC_RX_FILTER_CHANGED events from qemu

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

These patches set up an event handler for qemu's NIC_RX_FILTER_CHANGED
event, which is sent whenever a guest makes a change to a network
device's unicast/multicast filter, vlan table, or MAC address.

The handler checks if it is appropriate to respond to the
NIC_RX_FILTER_CHANGED event (based on device type and configuration)
and takes appropriate action. Currently it checks if the guest
interface has been configured with trustGuestRxFilters='yes' (defaults
to 'no' for security reasons), and if the host side device is
macvtap. If so, and the MAC address on the guest has changed, the MAC
address of the macvtap device is changed to match.

The result of this is that networking from the guest will continue to
work if the mac address of a macvtap-connected network device is
changed from within the guest, as long as trustGuestRxFilters='yes'
(previously changing the MAC address in the guest would break
networking).

I still need to add code to compare the old and new unicast and
multicast lists and program the filters in the macvtap to match the
guest, and to check for a non-empty vlan table and handle that
(currently that means just setting promiscuous mode on the macvtap),
but that can come in a followup series.

Laine Stump (6):
  conf: add trustGuestRxFilters attribute to network and domain
    interface
  network: set interface actual trustGuestRxFilters from
    network/portgroup
  util: define virNetDevRxFilter and basic utility functions
  qemu: qemuMonitorQueryRxFilter - retrieve guest netdev rx-filter
  qemu: setup infrastructure to handle NIC_RX_FILTER_CHANGED event
  qemu: change macvtap device MAC address in response to
    NIC_RX_FILTER_CHANGED

 docs/formatdomain.html.in                          |  38 +++-
 docs/formatnetwork.html.in                         |  28 ++-
 docs/schemas/domaincommon.rng                      |   5 +
 docs/schemas/network.rng                           |  10 +
 src/conf/domain_conf.c                             |  42 ++++
 src/conf/domain_conf.h                             |   3 +
 src/conf/network_conf.c                            |  35 ++++
 src/conf/network_conf.h                            |   2 +
 src/libvirt_private.syms                           |   9 +
 src/network/bridge_driver.c                        |  11 +
 src/qemu/qemu_domain.h                             |   1 +
 src/qemu/qemu_driver.c                             | 105 ++++++++++
 src/qemu/qemu_monitor.c                            |  39 ++++
 src/qemu/qemu_monitor.h                            |  11 +
 src/qemu/qemu_monitor_json.c                       | 232 +++++++++++++++++++++
 src/qemu/qemu_monitor_json.h                       |   3 +
 src/qemu/qemu_process.c                            |  42 ++++
 src/util/virnetdev.c                               |  40 ++++
 src/util/virnetdev.h                               |  57 ++++-
 tests/Makefile.am                                  |   3 +
 tests/networkxml2xmlin/vepa-net.xml                |   4 +-
 tests/networkxml2xmlout/vepa-net.xml               |   4 +-
 .../qemuxml2argv-net-virtio-network-portgroup.xml  |   4 +-
 23 files changed, 711 insertions(+), 17 deletions(-)

-- 
1.9.3

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]