From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1LOaAB-000357-Pj for qemu-devel@nongnu.org; Sun, 18 Jan 2009 11:06:15 -0500 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1LOaA9-00034v-AS for qemu-devel@nongnu.org; Sun, 18 Jan 2009 11:06:14 -0500 Received: from [199.232.76.173] (port=53696 helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1LOaA9-00034s-7y for qemu-devel@nongnu.org; Sun, 18 Jan 2009 11:06:13 -0500 Received: from mx2.redhat.com ([66.187.237.31]:34793) by monty-python.gnu.org with esmtp (Exim 4.60) (envelope-from ) id 1LOaA8-0007He-ND for qemu-devel@nongnu.org; Sun, 18 Jan 2009 11:06:12 -0500 Received: from int-mx2.corp.redhat.com (int-mx2.corp.redhat.com [172.16.27.26]) by mx2.redhat.com (8.13.8/8.13.8) with ESMTP id n0IG6B4x021737 for ; Sun, 18 Jan 2009 11:06:11 -0500 Received: from ns3.rdu.redhat.com (ns3.rdu.redhat.com [10.11.255.199]) by int-mx2.corp.redhat.com (8.13.1/8.13.1) with ESMTP id n0IG66oZ026370 for ; Sun, 18 Jan 2009 11:06:07 -0500 Received: from dhcp-1-237.tlv.redhat.com (dhcp-1-237.tlv.redhat.com [10.35.1.237]) by ns3.rdu.redhat.com (8.13.8/8.13.8) with ESMTP id n0IG65EC012557 for ; Sun, 18 Jan 2009 11:06:06 -0500 Date: Sun, 18 Jan 2009 18:04:25 +0200 From: Gleb Natapov Message-ID: <20090118160425.GH11299@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Subject: [Qemu-devel] [PATCH v2] mark nic as trusted Reply-To: qemu-devel@nongnu.org List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org This patch pass trusted nic mac to a guest through fw config interface. "Trusted" means that it is used for communication between host and guest and no malicious entity can inject traffic to the nic. Signed-off-by: Gleb Natapov diff --git a/hw/fw_cfg.c b/hw/fw_cfg.c index 4333ed9..9065413 100644 --- a/hw/fw_cfg.c +++ b/hw/fw_cfg.c @@ -287,7 +287,9 @@ void *fw_cfg_init(uint32_t ctl_port, uint32_t data_port, fw_cfg_add_bytes(s, FW_CFG_UUID, qemu_uuid, 16); fw_cfg_add_i16(s, FW_CFG_NOGRAPHIC, (uint16_t)nographic); fw_cfg_add_i16(s, FW_CFG_NB_CPUS, (uint16_t)smp_cpus); - + if (trusted_nic) + fw_cfg_add_bytes(s, FW_CFG_TRUSTED_NIC, trusted_nic, + strlen(trusted_nic)); register_savevm("fw_cfg", -1, 1, fw_cfg_save, fw_cfg_load, s); qemu_register_reset(fw_cfg_reset, s); fw_cfg_reset(s); diff --git a/hw/fw_cfg.h b/hw/fw_cfg.h index ef8f378..332356b 100644 --- a/hw/fw_cfg.h +++ b/hw/fw_cfg.h @@ -8,6 +8,7 @@ #define FW_CFG_NOGRAPHIC 0x04 #define FW_CFG_NB_CPUS 0x05 #define FW_CFG_MACHINE_ID 0x06 +#define FW_CFG_TRUSTED_NIC 0x07 #define FW_CFG_MAX_ENTRY 0x10 #define FW_CFG_WRITE_CHANNEL 0x4000 diff --git a/net.c b/net.c index 35728dd..901e05b 100644 --- a/net.c +++ b/net.c @@ -120,6 +120,7 @@ #define memalign(align, size) malloc(size) #endif +char *trusted_nic; static VLANState *first_vlan; /***********************************************************/ @@ -1596,6 +1597,18 @@ int net_client_init(const char *device, const char *p) if (get_param_value(buf, sizeof(buf), "model", p)) { nd->model = strdup(buf); } + if (get_param_value(buf, sizeof(buf), "trusted", p)) { + int tlen; + buf[64] = '\0'; + tlen = strlen(buf) + 21; + trusted_nic = malloc(tlen); + if (!trusted_nic) + return -1; + snprintf(trusted_nic, tlen, + "%02x:%02x:%02x:%02x:%02x:%02x [%s]", + macaddr[0], macaddr[1], macaddr[2], macaddr[3], macaddr[4], + macaddr[5], buf); + } nd->vlan = vlan; nd->name = name; name = NULL; diff --git a/sysemu.h b/sysemu.h index 56eb9b3..70c210a 100644 --- a/sysemu.h +++ b/sysemu.h @@ -101,6 +101,7 @@ extern int no_quit; extern int semihosting_enabled; extern int old_param; extern const char *bootp_filename; +extern char *trusted_nic; #ifdef USE_KQEMU extern int kqemu_allowed; -- Gleb.