From: Gleb Natapov <gleb@redhat.com>
To: qemu-devel@nongnu.org
Subject: [Qemu-devel] [PATCH v2] mark nic as trusted
Date: Sun, 18 Jan 2009 18:04:25 +0200 [thread overview]
Message-ID: <20090118160425.GH11299@redhat.com> (raw)
This patch pass trusted nic mac to a guest through fw config interface.
"Trusted" means that it is used for communication between host and guest
and no malicious entity can inject traffic to the nic.
Signed-off-by: Gleb Natapov <gleb@redhat.com>
diff --git a/hw/fw_cfg.c b/hw/fw_cfg.c
index 4333ed9..9065413 100644
--- a/hw/fw_cfg.c
+++ b/hw/fw_cfg.c
@@ -287,7 +287,9 @@ void *fw_cfg_init(uint32_t ctl_port, uint32_t data_port,
fw_cfg_add_bytes(s, FW_CFG_UUID, qemu_uuid, 16);
fw_cfg_add_i16(s, FW_CFG_NOGRAPHIC, (uint16_t)nographic);
fw_cfg_add_i16(s, FW_CFG_NB_CPUS, (uint16_t)smp_cpus);
-
+ if (trusted_nic)
+ fw_cfg_add_bytes(s, FW_CFG_TRUSTED_NIC, trusted_nic,
+ strlen(trusted_nic));
register_savevm("fw_cfg", -1, 1, fw_cfg_save, fw_cfg_load, s);
qemu_register_reset(fw_cfg_reset, s);
fw_cfg_reset(s);
diff --git a/hw/fw_cfg.h b/hw/fw_cfg.h
index ef8f378..332356b 100644
--- a/hw/fw_cfg.h
+++ b/hw/fw_cfg.h
@@ -8,6 +8,7 @@
#define FW_CFG_NOGRAPHIC 0x04
#define FW_CFG_NB_CPUS 0x05
#define FW_CFG_MACHINE_ID 0x06
+#define FW_CFG_TRUSTED_NIC 0x07
#define FW_CFG_MAX_ENTRY 0x10
#define FW_CFG_WRITE_CHANNEL 0x4000
diff --git a/net.c b/net.c
index 35728dd..901e05b 100644
--- a/net.c
+++ b/net.c
@@ -120,6 +120,7 @@
#define memalign(align, size) malloc(size)
#endif
+char *trusted_nic;
static VLANState *first_vlan;
/***********************************************************/
@@ -1596,6 +1597,18 @@ int net_client_init(const char *device, const char *p)
if (get_param_value(buf, sizeof(buf), "model", p)) {
nd->model = strdup(buf);
}
+ if (get_param_value(buf, sizeof(buf), "trusted", p)) {
+ int tlen;
+ buf[64] = '\0';
+ tlen = strlen(buf) + 21;
+ trusted_nic = malloc(tlen);
+ if (!trusted_nic)
+ return -1;
+ snprintf(trusted_nic, tlen,
+ "%02x:%02x:%02x:%02x:%02x:%02x [%s]",
+ macaddr[0], macaddr[1], macaddr[2], macaddr[3], macaddr[4],
+ macaddr[5], buf);
+ }
nd->vlan = vlan;
nd->name = name;
name = NULL;
diff --git a/sysemu.h b/sysemu.h
index 56eb9b3..70c210a 100644
--- a/sysemu.h
+++ b/sysemu.h
@@ -101,6 +101,7 @@ extern int no_quit;
extern int semihosting_enabled;
extern int old_param;
extern const char *bootp_filename;
+extern char *trusted_nic;
#ifdef USE_KQEMU
extern int kqemu_allowed;
--
Gleb.
next reply other threads:[~2009-01-18 16:06 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-01-18 16:04 Gleb Natapov [this message]
-- strict thread matches above, loose matches on Subject: below --
2009-01-07 16:38 [Qemu-devel] [PATCH v2] mark nic as trusted Gleb Natapov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20090118160425.GH11299@redhat.com \
--to=gleb@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).