Update the virtio-net device model with each guest's update of vlan
through control virtqueue, and accept creating a SVQ with a device
exposing vlan feature bit.
Done in the same commit since a malicious guest could send vlan
commands otherwise.
Signed-off-by: Eugenio Pérez <epere...@redhat.com>
---
net/vhost-vdpa.c | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/net/vhost-vdpa.c b/net/vhost-vdpa.c
index ecbfd08eb9..40f7c60399 100644
--- a/net/vhost-vdpa.c
+++ b/net/vhost-vdpa.c
@@ -94,6 +94,7 @@ static const uint64_t vdpa_svq_device_features =
BIT_ULL(VIRTIO_NET_F_MRG_RXBUF) |
BIT_ULL(VIRTIO_NET_F_STATUS) |
BIT_ULL(VIRTIO_NET_F_CTRL_VQ) |
+ BIT_ULL(VIRTIO_NET_F_CTRL_VLAN) |
BIT_ULL(VIRTIO_NET_F_MQ) |
BIT_ULL(VIRTIO_F_ANY_LAYOUT) |
BIT_ULL(VIRTIO_NET_F_CTRL_MAC_ADDR) |
@@ -538,6 +539,16 @@ static bool vhost_vdpa_net_cvq_validate_cmd(const void
*out_buf, size_t len)
__func__, ctrl.cmd);
};
break;
+ case VIRTIO_NET_CTRL_VLAN:
+ switch (ctrl->cmd) {
+ case VIRTIO_NET_CTRL_VLAN_ADD:
+ case VIRTIO_NET_CTRL_VLAN_DEL:
+ return true;
+ default:
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: invalid vlan cmd %u\n",
+ __func__, ctrl->cmd);
+ };
+ break;
default:
qemu_log_mask(LOG_GUEST_ERROR, "%s: invalid control class %u\n",
__func__, ctrl.class);
--
2.31.1
