On 09/24/2014 05:50 AM, Laine Stump wrote:
These patches set up an event handler for qemu's NIC_RX_FILTER_CHANGED
event, which is sent whenever a guest makes a change to a network
device's unicast/multicast filter, vlan table, or MAC address.
The handler checks if it is appropriate to respond to the
NIC_RX_FILTER_CHANGED event (based on device type and configuration)
and takes appropriate action. Currently it checks if the guest
interface has been configured with trustGuestRxFilters='yes' (defaults
to 'no' for security reasons), and if the host side device is
macvtap. If so, and the MAC address on the guest has changed, the MAC
address of the macvtap device is changed to match.
The result of this is that networking from the guest will continue to
work if the mac address of a macvtap-connected network device is
changed from within the guest, as long as trustGuestRxFilters='yes'
(previously changing the MAC address in the guest would break
networking).
I still need to add code to compare the old and new unicast and
multicast lists and program the filters in the macvtap to match the
guest, and to check for a non-empty vlan table and handle that
(currently that means just setting promiscuous mode on the macvtap),
but that can come in a followup series.
I was very interested in this patch set because I developed a set of
patches to respond to the NIC_RX_FILTER_CHANGED event. I completed
the patch set several weeks ago and have been awaiting completion of
our internal review before submitting them to this mailing list.
Apparently you beat me to the punch. I have code that compares
the old and new multicast lists and synchronizes the macvtap filters
with the guest's. I can modify my patches to integrate this function
into what you have provided with this patch set. Would that be
agreeable?
Laine Stump (6):
conf: add trustGuestRxFilters attribute to network and domain
interface
network: set interface actual trustGuestRxFilters from
network/portgroup
util: define virNetDevRxFilter and basic utility functions
qemu: qemuMonitorQueryRxFilter - retrieve guest netdev rx-filter
qemu: setup infrastructure to handle NIC_RX_FILTER_CHANGED event
qemu: change macvtap device MAC address in response to
NIC_RX_FILTER_CHANGED
docs/formatdomain.html.in | 38 +++-
docs/formatnetwork.html.in | 28 ++-
docs/schemas/domaincommon.rng | 5 +
docs/schemas/network.rng | 10 +
src/conf/domain_conf.c | 42 ++++
src/conf/domain_conf.h | 3 +
src/conf/network_conf.c | 35 ++++
src/conf/network_conf.h | 2 +
src/libvirt_private.syms | 9 +
src/network/bridge_driver.c | 11 +
src/qemu/qemu_domain.h | 1 +
src/qemu/qemu_driver.c | 105 ++++++++++
src/qemu/qemu_monitor.c | 39 ++++
src/qemu/qemu_monitor.h | 11 +
src/qemu/qemu_monitor_json.c | 232 +++++++++++++++++++++
src/qemu/qemu_monitor_json.h | 3 +
src/qemu/qemu_process.c | 42 ++++
src/util/virnetdev.c | 40 ++++
src/util/virnetdev.h | 57 ++++-
tests/Makefile.am | 3 +
tests/networkxml2xmlin/vepa-net.xml | 4 +-
tests/networkxml2xmlout/vepa-net.xml | 4 +-
.../qemuxml2argv-net-virtio-network-portgroup.xml | 4 +-
23 files changed, 711 insertions(+), 17 deletions(-)
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list