From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1Np1Bv-0006pZ-7L
	for qemu-devel@nongnu.org; Tue, 09 Mar 2010 10:17:51 -0500
Received: from [199.232.76.173] (port=36941 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1Np1Bt-0006p5-IC
	for qemu-devel@nongnu.org; Tue, 09 Mar 2010 10:17:49 -0500
Received: from Debian-exim by monty-python.gnu.org with spam-scanned (Exim
	4.60) (envelope-from <mst@redhat.com>) id 1Np1Bq-0002dW-A9
	for qemu-devel@nongnu.org; Tue, 09 Mar 2010 10:17:49 -0500
Received: from mx20.gnu.org ([199.232.41.8]:7736)
	by monty-python.gnu.org with esmtps (TLS-1.0:RSA_AES_256_CBC_SHA1:32)
	(Exim 4.60) (envelope-from <mst@redhat.com>) id 1Np1Bq-0002dS-0k
	for qemu-devel@nongnu.org; Tue, 09 Mar 2010 10:17:46 -0500
Received: from mx1.redhat.com ([209.132.183.28])
	by mx20.gnu.org with esmtp (Exim 4.60)
	(envelope-from <mst@redhat.com>) id 1Np1Bp-0003kW-9J
	for qemu-devel@nongnu.org; Tue, 09 Mar 2010 10:17:45 -0500
Date: Tue, 9 Mar 2010 17:10:21 +0200
From: "Michael S. Tsirkin" <mst@redhat.com>
Subject: Re: [Qemu-devel] [PATCH RFC] net: add a flag to disable mac/vlan
	filtering
Message-ID: <20100309151021.GB15457@redhat.com>
References: <20100309131544.GA15319@redhat.com>
	<4B965E80.3020902@codemonkey.ws>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <4B965E80.3020902@codemonkey.ws>
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Anthony Liguori <anthony@codemonkey.ws>
Cc: qemu-devel@nongnu.org, Alex Williamson <alex.williamson@hp.com>, Andreas Plesner Jacobsen <apj@mutt.dk>

On Tue, Mar 09, 2010 at 08:43:12AM -0600, Anthony Liguori wrote:
> On 03/09/2010 07:15 AM, Michael S. Tsirkin wrote:
>> New bridge in linux 2.6.34 adds IGMP snooping support,
>> after which bridge should not normally flood any packets.
>> While we still need mac table to arm forwarding tables
>> after migration, we can thus ignore it for rx datapath.
>>
>> For vlan, it's possible to do filtering down the
>> stack simply by using bridge per guest and binding said bridge
>> to vlan device, which some people do.
>>
>> Since qemu has no easy way to check IGMP snooping
>> support in bridge or how it's connected, add options
>> to disable rx filtering, so that management can set it
>> as appropriate.
>> Use these options to optimise virtio-net rx path.
>> We still ask guest for the list of vlans/macs for
>> migration.
>>
>> Signed-off-by: Michael S. Tsirkin<mst@redhat.com>
>>    
>
> Can't this be achieved by just disabling the feature bits?  IOW,
>
> ctrl_vq=0,ctrl_vlan=0?
>
> Regards,
>
> Anthony Liguori

It can, but then we won't be able to migrate to a host
that does not do the filtering in host kernel.

>> Cc: Alex Williamson<alex.williamson@hp.com>
>> Cc: Andreas Plesner Jacobsen<apj@mutt.dk>
>> ---
>>   hw/virtio-net.c |   10 +++++++++-
>>   net.h           |   12 +++++++++++-
>>   2 files changed, 20 insertions(+), 2 deletions(-)
>>
>> diff --git a/hw/virtio-net.c b/hw/virtio-net.c
>> index 5c0093e..01b45ed 100644
>> --- a/hw/virtio-net.c
>> +++ b/hw/virtio-net.c
>> @@ -47,6 +47,7 @@ typedef struct VirtIONet
>>       uint8_t nomulti;
>>       uint8_t nouni;
>>       uint8_t nobcast;
>> +    uint32_t filtering;
>>       struct {
>>           int in_use;
>>           int first_multi;
>> @@ -475,12 +476,17 @@ static int receive_filter(VirtIONet *n, const uint8_t *buf, int size)
>>           ptr += sizeof(struct virtio_net_hdr);
>>       }
>>
>> -    if (!memcmp(&ptr[12], vlan, sizeof(vlan))) {
>> +    if ((n->filtering&  (0x1<<  NICCONF_F_VLAN_FILTERING))&&
>> +        !memcmp(&ptr[12], vlan, sizeof(vlan))) {
>>           int vid = be16_to_cpup((uint16_t *)(ptr + 14))&  0xfff;
>>           if (!(n->vlans[vid>>  5]&  (1U<<  (vid&  0x1f))))
>>               return 0;
>>       }
>>
>> +    if (!(n->filtering&  (0x1<<  NICCONF_F_MAC_FILTERING))) {
>> +            return 1;
>> +    }
>> +
>>       if (ptr[0]&  1) { // multicast
>>           if (!memcmp(ptr, bcast, sizeof(bcast))) {
>>               return !n->nobcast;
>> @@ -863,6 +869,8 @@ VirtIODevice *virtio_net_init(DeviceState *dev, NICConf *conf)
>>
>>       n->mac_table.macs = qemu_mallocz(MAC_TABLE_ENTRIES * ETH_ALEN);
>>
>> +    n->filtering = conf->filtering;
>> +
>>       n->vlans = qemu_mallocz(MAX_VLAN>>  3);
>>
>>       register_savevm("virtio-net", virtio_net_id++, VIRTIO_NET_VM_VERSION,
>> diff --git a/net.h b/net.h
>> index 33a1eaf..459ede5 100644
>> --- a/net.h
>> +++ b/net.h
>> @@ -18,12 +18,22 @@ typedef struct NICConf {
>>       MACAddr macaddr;
>>       VLANState *vlan;
>>       VLANClientState *peer;
>> +    uint32_t filtering;
>>   } NICConf;
>>
>> +enum {
>> +    NICCONF_F_MAC_FILTERING = 0,
>> +    NICCONF_F_VLAN_FILTERING = 1
>> +};
>> +
>>   #define DEFINE_NIC_PROPERTIES(_state, _conf)                            \
>>       DEFINE_PROP_MACADDR("mac",   _state, _conf.macaddr),                \
>>       DEFINE_PROP_VLAN("vlan",     _state, _conf.vlan),                   \
>> -    DEFINE_PROP_NETDEV("netdev", _state, _conf.peer)
>> +    DEFINE_PROP_NETDEV("netdev", _state, _conf.peer),                    \
>> +    DEFINE_PROP_BIT("mac_filtering", _state, _conf.filtering,           \
>> +                     NICCONF_F_MAC_FILTERING, true)                     \
>> +    DEFINE_PROP_BIT("vlan_filtering", _state, _conf.filtering,          \
>> +                     NICCONF_F_VLAN_FILTERING, true)                    \
>>
>>   /* VLANs support */
>>
>>