[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH v2] mark nic as trusted
From: |
Gleb Natapov |
Subject: |
[Qemu-devel] [PATCH v2] mark nic as trusted |
Date: |
Sun, 18 Jan 2009 18:04:25 +0200 |
This patch pass trusted nic mac to a guest through fw config interface.
"Trusted" means that it is used for communication between host and guest
and no malicious entity can inject traffic to the nic.
Signed-off-by: Gleb Natapov <address@hidden>
diff --git a/hw/fw_cfg.c b/hw/fw_cfg.c
index 4333ed9..9065413 100644
--- a/hw/fw_cfg.c
+++ b/hw/fw_cfg.c
@@ -287,7 +287,9 @@ void *fw_cfg_init(uint32_t ctl_port, uint32_t data_port,
fw_cfg_add_bytes(s, FW_CFG_UUID, qemu_uuid, 16);
fw_cfg_add_i16(s, FW_CFG_NOGRAPHIC, (uint16_t)nographic);
fw_cfg_add_i16(s, FW_CFG_NB_CPUS, (uint16_t)smp_cpus);
-
+ if (trusted_nic)
+ fw_cfg_add_bytes(s, FW_CFG_TRUSTED_NIC, trusted_nic,
+ strlen(trusted_nic));
register_savevm("fw_cfg", -1, 1, fw_cfg_save, fw_cfg_load, s);
qemu_register_reset(fw_cfg_reset, s);
fw_cfg_reset(s);
diff --git a/hw/fw_cfg.h b/hw/fw_cfg.h
index ef8f378..332356b 100644
--- a/hw/fw_cfg.h
+++ b/hw/fw_cfg.h
@@ -8,6 +8,7 @@
#define FW_CFG_NOGRAPHIC 0x04
#define FW_CFG_NB_CPUS 0x05
#define FW_CFG_MACHINE_ID 0x06
+#define FW_CFG_TRUSTED_NIC 0x07
#define FW_CFG_MAX_ENTRY 0x10
#define FW_CFG_WRITE_CHANNEL 0x4000
diff --git a/net.c b/net.c
index 35728dd..901e05b 100644
--- a/net.c
+++ b/net.c
@@ -120,6 +120,7 @@
#define memalign(align, size) malloc(size)
#endif
+char *trusted_nic;
static VLANState *first_vlan;
/***********************************************************/
@@ -1596,6 +1597,18 @@ int net_client_init(const char *device, const char *p)
if (get_param_value(buf, sizeof(buf), "model", p)) {
nd->model = strdup(buf);
}
+ if (get_param_value(buf, sizeof(buf), "trusted", p)) {
+ int tlen;
+ buf[64] = '\0';
+ tlen = strlen(buf) + 21;
+ trusted_nic = malloc(tlen);
+ if (!trusted_nic)
+ return -1;
+ snprintf(trusted_nic, tlen,
+ "%02x:%02x:%02x:%02x:%02x:%02x [%s]",
+ macaddr[0], macaddr[1], macaddr[2], macaddr[3], macaddr[4],
+ macaddr[5], buf);
+ }
nd->vlan = vlan;
nd->name = name;
name = NULL;
diff --git a/sysemu.h b/sysemu.h
index 56eb9b3..70c210a 100644
--- a/sysemu.h
+++ b/sysemu.h
@@ -101,6 +101,7 @@ extern int no_quit;
extern int semihosting_enabled;
extern int old_param;
extern const char *bootp_filename;
+extern char *trusted_nic;
#ifdef USE_KQEMU
extern int kqemu_allowed;
--
Gleb.