This small series enables virtio-net device type in VDUSE. With it, basic operation have been tested, both with virtio-vdpa and vhost-vdpa using DPDK Vhost library series adding VDUSE support using split rings layout (merged in DPDK v23.07-rc1). Control queue support (and so multiqueue) has also been tested, but requires a Kernel series from Jason Wang relaxing control queue polling [1] to function reliably, so while Jason rework is done, a patch is added to disable CVQ and features that depend on it (tested also with DPDK v23.07-rc1). In this v4, LSM hooks are added to allow/deny application to create/destroy/open devices based on their type (Net, Block). [1]: https://lore.kernel.org/lkml/CACGkMEtgrxN3PPwsDo4oOsnsSLJfEmBEZ0WvjGRr3whU+QasUg@xxxxxxxxxxxxxx/T/ v3->v4 changes: =============== - Add LSM hooks (Michael) - Rebase v2 -> v3 changes: ================= - Use allow list instead of deny list (Michael) v1 -> v2 changes: ================= - Add a patch to disable CVQ (Michael) RFC -> v1 changes: ================== - Fail device init if it does not support VERSION_1 (Jason) Maxime Coquelin (4): vduse: validate block features only with block devices vduse: enable Virtio-net device type vduse: Temporarily disable control queue features vduse: Add LSM hooks to check Virtio device type drivers/vdpa/vdpa_user/vduse_dev.c | 64 +++++++++++++++++++++++++++-- include/linux/lsm_hook_defs.h | 4 ++ include/linux/security.h | 15 +++++++ security/security.c | 42 +++++++++++++++++++ security/selinux/hooks.c | 55 +++++++++++++++++++++++++ security/selinux/include/classmap.h | 2 + 6 files changed, 178 insertions(+), 4 deletions(-) -- 2.41.0
