mirror of
https://github.com/cloud-hypervisor/cloud-hypervisor.git
synced 2024-10-02 11:35:46 +00:00
net: Give the user the ability to set MTU
Add a new "mtu" parameter to the NetConfig structure and therefore to the --net option. This allows Cloud Hypervisor's users to define the Maximum Transmission Unit (MTU) they want to use for the network interface that they create. In details, there are two main aspects. On the one hand, the TAP interface is created with the proper MTU if it is provided. And on the other hand the guest is made aware of the MTU through the VIRTIO configuration. That means the MTU is properly set on both the TAP on the host and the network interface in the guest. Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
This commit is contained in:
parent
d95220108a
commit
76dbf85b79
@ -131,17 +131,19 @@ pub fn build_net_config_space(
|
|||||||
config: &mut VirtioNetConfig,
|
config: &mut VirtioNetConfig,
|
||||||
mac: MacAddr,
|
mac: MacAddr,
|
||||||
num_queues: usize,
|
num_queues: usize,
|
||||||
|
mtu: Option<u16>,
|
||||||
avail_features: &mut u64,
|
avail_features: &mut u64,
|
||||||
) {
|
) {
|
||||||
config.mac.copy_from_slice(mac.get_bytes());
|
config.mac.copy_from_slice(mac.get_bytes());
|
||||||
*avail_features |= 1 << VIRTIO_NET_F_MAC;
|
*avail_features |= 1 << VIRTIO_NET_F_MAC;
|
||||||
|
|
||||||
build_net_config_space_with_mq(config, num_queues, avail_features);
|
build_net_config_space_with_mq(config, num_queues, mtu, avail_features);
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn build_net_config_space_with_mq(
|
pub fn build_net_config_space_with_mq(
|
||||||
config: &mut VirtioNetConfig,
|
config: &mut VirtioNetConfig,
|
||||||
num_queues: usize,
|
num_queues: usize,
|
||||||
|
mtu: Option<u16>,
|
||||||
avail_features: &mut u64,
|
avail_features: &mut u64,
|
||||||
) {
|
) {
|
||||||
let num_queue_pairs = (num_queues / 2) as u16;
|
let num_queue_pairs = (num_queues / 2) as u16;
|
||||||
@ -151,6 +153,9 @@ pub fn build_net_config_space_with_mq(
|
|||||||
config.max_virtqueue_pairs = num_queue_pairs;
|
config.max_virtqueue_pairs = num_queue_pairs;
|
||||||
*avail_features |= 1 << VIRTIO_NET_F_MQ;
|
*avail_features |= 1 << VIRTIO_NET_F_MQ;
|
||||||
}
|
}
|
||||||
|
if let Some(mtu) = mtu {
|
||||||
|
config.mtu = mtu;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn virtio_features_to_tap_offload(features: u64) -> c_uint {
|
pub fn virtio_features_to_tap_offload(features: u64) -> c_uint {
|
||||||
|
@ -30,6 +30,8 @@ pub enum Error {
|
|||||||
TapGetMac(TapError),
|
TapGetMac(TapError),
|
||||||
#[error("Setting vnet header size failed: {0}")]
|
#[error("Setting vnet header size failed: {0}")]
|
||||||
TapSetVnetHdrSize(TapError),
|
TapSetVnetHdrSize(TapError),
|
||||||
|
#[error("Setting MTU failed: {0}")]
|
||||||
|
TapSetMtu(TapError),
|
||||||
#[error("Enabling tap interface failed: {0}")]
|
#[error("Enabling tap interface failed: {0}")]
|
||||||
TapEnable(TapError),
|
TapEnable(TapError),
|
||||||
}
|
}
|
||||||
@ -63,6 +65,7 @@ pub fn open_tap(
|
|||||||
ip_addr: Option<Ipv4Addr>,
|
ip_addr: Option<Ipv4Addr>,
|
||||||
netmask: Option<Ipv4Addr>,
|
netmask: Option<Ipv4Addr>,
|
||||||
host_mac: &mut Option<MacAddr>,
|
host_mac: &mut Option<MacAddr>,
|
||||||
|
mtu: Option<u16>,
|
||||||
num_rx_q: usize,
|
num_rx_q: usize,
|
||||||
flags: Option<i32>,
|
flags: Option<i32>,
|
||||||
) -> Result<Vec<Tap>> {
|
) -> Result<Vec<Tap>> {
|
||||||
@ -95,6 +98,9 @@ pub fn open_tap(
|
|||||||
} else {
|
} else {
|
||||||
*host_mac = Some(tap.get_mac_addr().map_err(Error::TapGetMac)?)
|
*host_mac = Some(tap.get_mac_addr().map_err(Error::TapGetMac)?)
|
||||||
}
|
}
|
||||||
|
if let Some(mtu) = mtu {
|
||||||
|
tap.set_mtu(mtu as i32).map_err(Error::TapSetMtu)?;
|
||||||
|
}
|
||||||
tap.enable().map_err(Error::TapEnable)?;
|
tap.enable().map_err(Error::TapEnable)?;
|
||||||
|
|
||||||
tap.set_vnet_hdr_size(vnet_hdr_size)
|
tap.set_vnet_hdr_size(vnet_hdr_size)
|
||||||
|
@ -297,6 +297,37 @@ impl Tap {
|
|||||||
Ok(())
|
Ok(())
|
||||||
}
|
}
|
||||||
|
|
||||||
|
pub fn mtu(&self) -> Result<i32> {
|
||||||
|
let sock = create_unix_socket().map_err(Error::NetUtil)?;
|
||||||
|
|
||||||
|
let ifreq = self.get_ifreq();
|
||||||
|
|
||||||
|
// ioctl is safe. Called with a valid sock fd, and we check the return.
|
||||||
|
let ret = unsafe { ioctl_with_ref(&sock, net_gen::sockios::SIOCGIFMTU as c_ulong, &ifreq) };
|
||||||
|
if ret < 0 {
|
||||||
|
return Err(Error::IoctlError(IoError::last_os_error()));
|
||||||
|
}
|
||||||
|
|
||||||
|
let mtu = unsafe { ifreq.ifr_ifru.ifru_mtu };
|
||||||
|
|
||||||
|
Ok(mtu)
|
||||||
|
}
|
||||||
|
|
||||||
|
pub fn set_mtu(&self, mtu: i32) -> Result<()> {
|
||||||
|
let sock = create_unix_socket().map_err(Error::NetUtil)?;
|
||||||
|
|
||||||
|
let mut ifreq = self.get_ifreq();
|
||||||
|
ifreq.ifr_ifru.ifru_mtu = mtu;
|
||||||
|
|
||||||
|
// ioctl is safe. Called with a valid sock fd, and we check the return.
|
||||||
|
let ret = unsafe { ioctl_with_ref(&sock, net_gen::sockios::SIOCSIFMTU as c_ulong, &ifreq) };
|
||||||
|
if ret < 0 {
|
||||||
|
return Err(Error::IoctlError(IoError::last_os_error()));
|
||||||
|
}
|
||||||
|
|
||||||
|
Ok(())
|
||||||
|
}
|
||||||
|
|
||||||
/// Set the offload flags for the tap interface.
|
/// Set the offload flags for the tap interface.
|
||||||
pub fn set_offload(&self, flags: c_uint) -> Result<()> {
|
pub fn set_offload(&self, flags: c_uint) -> Result<()> {
|
||||||
// ioctl is safe. Called with a valid tap fd, and we check the return.
|
// ioctl is safe. Called with a valid tap fd, and we check the return.
|
||||||
|
@ -796,6 +796,13 @@ impl Guest {
|
|||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
pub fn default_net_string_w_mtu(&self, mtu: u16) -> String {
|
||||||
|
format!(
|
||||||
|
"tap=,mac={},ip={},mask=255.255.255.0,mtu={}",
|
||||||
|
self.network.guest_mac, self.network.host_ip, mtu
|
||||||
|
)
|
||||||
|
}
|
||||||
|
|
||||||
pub fn ssh_command(&self, command: &str) -> Result<String, SshCommandError> {
|
pub fn ssh_command(&self, command: &str) -> Result<String, SshCommandError> {
|
||||||
ssh_command_ip(
|
ssh_command_ip(
|
||||||
command,
|
command,
|
||||||
|
@ -2411,9 +2411,9 @@ mod common_parallel {
|
|||||||
.args(["--memory", "size=512M"])
|
.args(["--memory", "size=512M"])
|
||||||
.args(["--kernel", direct_kernel_boot_path().to_str().unwrap()])
|
.args(["--kernel", direct_kernel_boot_path().to_str().unwrap()])
|
||||||
.args(["--cmdline", DIRECT_KERNEL_BOOT_CMDLINE])
|
.args(["--cmdline", DIRECT_KERNEL_BOOT_CMDLINE])
|
||||||
|
.args(["--net", guest.default_net_string_w_mtu(3000).as_str()])
|
||||||
.capture_output()
|
.capture_output()
|
||||||
.default_disks()
|
.default_disks();
|
||||||
.default_net();
|
|
||||||
|
|
||||||
let mut child = cmd.spawn().unwrap();
|
let mut child = cmd.spawn().unwrap();
|
||||||
|
|
||||||
@ -2434,6 +2434,13 @@ mod common_parallel {
|
|||||||
.trim(),
|
.trim(),
|
||||||
"success"
|
"success"
|
||||||
);
|
);
|
||||||
|
assert_eq!(
|
||||||
|
guest
|
||||||
|
.ssh_command(format!("cat /sys/class/net/{}/mtu", iface).as_str())
|
||||||
|
.unwrap()
|
||||||
|
.trim(),
|
||||||
|
"3000"
|
||||||
|
);
|
||||||
});
|
});
|
||||||
|
|
||||||
let _ = child.kill();
|
let _ = child.kill();
|
||||||
@ -6098,6 +6105,7 @@ mod common_parallel {
|
|||||||
Some(std::net::Ipv4Addr::from_str(&guest.network.host_ip).unwrap()),
|
Some(std::net::Ipv4Addr::from_str(&guest.network.host_ip).unwrap()),
|
||||||
None,
|
None,
|
||||||
&mut None,
|
&mut None,
|
||||||
|
None,
|
||||||
num_queue_pairs,
|
num_queue_pairs,
|
||||||
Some(libc::O_RDWR | libc::O_NONBLOCK),
|
Some(libc::O_RDWR | libc::O_NONBLOCK),
|
||||||
)
|
)
|
||||||
|
@ -133,6 +133,7 @@ impl VhostUserNetBackend {
|
|||||||
Some(ip_addr),
|
Some(ip_addr),
|
||||||
Some(netmask),
|
Some(netmask),
|
||||||
&mut Some(host_mac),
|
&mut Some(host_mac),
|
||||||
|
None,
|
||||||
num_queues / 2,
|
num_queues / 2,
|
||||||
None,
|
None,
|
||||||
)
|
)
|
||||||
|
@ -49,6 +49,9 @@ use vmm_sys_util::eventfd::EventFd;
|
|||||||
// Event available on the control queue.
|
// Event available on the control queue.
|
||||||
const CTRL_QUEUE_EVENT: u16 = EPOLL_HELPER_EVENT_LAST + 1;
|
const CTRL_QUEUE_EVENT: u16 = EPOLL_HELPER_EVENT_LAST + 1;
|
||||||
|
|
||||||
|
// Following the VIRTIO specification, the MTU should be at least 1280.
|
||||||
|
pub const MIN_MTU: u16 = 1280;
|
||||||
|
|
||||||
pub struct NetCtrlEpollHandler {
|
pub struct NetCtrlEpollHandler {
|
||||||
pub mem: GuestMemoryAtomic<GuestMemoryMmap>,
|
pub mem: GuestMemoryAtomic<GuestMemoryMmap>,
|
||||||
pub kill_evt: EventFd,
|
pub kill_evt: EventFd,
|
||||||
@ -428,7 +431,7 @@ impl VersionMapped for NetState {}
|
|||||||
impl Net {
|
impl Net {
|
||||||
/// Create a new virtio network device with the given TAP interface.
|
/// Create a new virtio network device with the given TAP interface.
|
||||||
#[allow(clippy::too_many_arguments)]
|
#[allow(clippy::too_many_arguments)]
|
||||||
pub fn new_with_tap(
|
fn new_with_tap(
|
||||||
id: String,
|
id: String,
|
||||||
taps: Vec<Tap>,
|
taps: Vec<Tap>,
|
||||||
guest_mac: Option<MacAddr>,
|
guest_mac: Option<MacAddr>,
|
||||||
@ -439,6 +442,11 @@ impl Net {
|
|||||||
rate_limiter_config: Option<RateLimiterConfig>,
|
rate_limiter_config: Option<RateLimiterConfig>,
|
||||||
exit_evt: EventFd,
|
exit_evt: EventFd,
|
||||||
) -> Result<Self> {
|
) -> Result<Self> {
|
||||||
|
let mut mtu = None;
|
||||||
|
if !taps.is_empty() {
|
||||||
|
mtu = Some(taps[0].mtu().map_err(Error::TapError)? as u16);
|
||||||
|
}
|
||||||
|
|
||||||
let mut avail_features = 1 << VIRTIO_NET_F_CSUM
|
let mut avail_features = 1 << VIRTIO_NET_F_CSUM
|
||||||
| 1 << VIRTIO_NET_F_CTRL_GUEST_OFFLOADS
|
| 1 << VIRTIO_NET_F_CTRL_GUEST_OFFLOADS
|
||||||
| 1 << VIRTIO_NET_F_GUEST_CSUM
|
| 1 << VIRTIO_NET_F_GUEST_CSUM
|
||||||
@ -453,6 +461,9 @@ impl Net {
|
|||||||
| 1 << VIRTIO_RING_F_EVENT_IDX
|
| 1 << VIRTIO_RING_F_EVENT_IDX
|
||||||
| 1 << VIRTIO_F_VERSION_1;
|
| 1 << VIRTIO_F_VERSION_1;
|
||||||
|
|
||||||
|
if mtu.is_some() {
|
||||||
|
avail_features |= 1u64 << VIRTIO_NET_F_MTU;
|
||||||
|
}
|
||||||
if iommu {
|
if iommu {
|
||||||
avail_features |= 1u64 << VIRTIO_F_IOMMU_PLATFORM;
|
avail_features |= 1u64 << VIRTIO_F_IOMMU_PLATFORM;
|
||||||
}
|
}
|
||||||
@ -462,9 +473,9 @@ impl Net {
|
|||||||
|
|
||||||
let mut config = VirtioNetConfig::default();
|
let mut config = VirtioNetConfig::default();
|
||||||
if let Some(mac) = guest_mac {
|
if let Some(mac) = guest_mac {
|
||||||
build_net_config_space(&mut config, mac, num_queues, &mut avail_features);
|
build_net_config_space(&mut config, mac, num_queues, mtu, &mut avail_features);
|
||||||
} else {
|
} else {
|
||||||
build_net_config_space_with_mq(&mut config, num_queues, &mut avail_features);
|
build_net_config_space_with_mq(&mut config, num_queues, mtu, &mut avail_features);
|
||||||
}
|
}
|
||||||
|
|
||||||
Ok(Net {
|
Ok(Net {
|
||||||
@ -497,6 +508,7 @@ impl Net {
|
|||||||
netmask: Option<Ipv4Addr>,
|
netmask: Option<Ipv4Addr>,
|
||||||
guest_mac: Option<MacAddr>,
|
guest_mac: Option<MacAddr>,
|
||||||
host_mac: &mut Option<MacAddr>,
|
host_mac: &mut Option<MacAddr>,
|
||||||
|
mtu: Option<u16>,
|
||||||
iommu: bool,
|
iommu: bool,
|
||||||
num_queues: usize,
|
num_queues: usize,
|
||||||
queue_size: u16,
|
queue_size: u16,
|
||||||
@ -504,8 +516,16 @@ impl Net {
|
|||||||
rate_limiter_config: Option<RateLimiterConfig>,
|
rate_limiter_config: Option<RateLimiterConfig>,
|
||||||
exit_evt: EventFd,
|
exit_evt: EventFd,
|
||||||
) -> Result<Self> {
|
) -> Result<Self> {
|
||||||
let taps = open_tap(if_name, ip_addr, netmask, host_mac, num_queues / 2, None)
|
let taps = open_tap(
|
||||||
.map_err(Error::OpenTap)?;
|
if_name,
|
||||||
|
ip_addr,
|
||||||
|
netmask,
|
||||||
|
host_mac,
|
||||||
|
mtu,
|
||||||
|
num_queues / 2,
|
||||||
|
None,
|
||||||
|
)
|
||||||
|
.map_err(Error::OpenTap)?;
|
||||||
|
|
||||||
Self::new_with_tap(
|
Self::new_with_tap(
|
||||||
id,
|
id,
|
||||||
|
@ -24,7 +24,7 @@ use virtio_bindings::bindings::virtio_net::{
|
|||||||
VIRTIO_NET_F_CSUM, VIRTIO_NET_F_CTRL_VQ, VIRTIO_NET_F_GUEST_CSUM, VIRTIO_NET_F_GUEST_ECN,
|
VIRTIO_NET_F_CSUM, VIRTIO_NET_F_CTRL_VQ, VIRTIO_NET_F_GUEST_CSUM, VIRTIO_NET_F_GUEST_ECN,
|
||||||
VIRTIO_NET_F_GUEST_TSO4, VIRTIO_NET_F_GUEST_TSO6, VIRTIO_NET_F_GUEST_UFO,
|
VIRTIO_NET_F_GUEST_TSO4, VIRTIO_NET_F_GUEST_TSO6, VIRTIO_NET_F_GUEST_UFO,
|
||||||
VIRTIO_NET_F_HOST_ECN, VIRTIO_NET_F_HOST_TSO4, VIRTIO_NET_F_HOST_TSO6, VIRTIO_NET_F_HOST_UFO,
|
VIRTIO_NET_F_HOST_ECN, VIRTIO_NET_F_HOST_TSO4, VIRTIO_NET_F_HOST_TSO6, VIRTIO_NET_F_HOST_UFO,
|
||||||
VIRTIO_NET_F_MAC, VIRTIO_NET_F_MRG_RXBUF,
|
VIRTIO_NET_F_MAC, VIRTIO_NET_F_MRG_RXBUF, VIRTIO_NET_F_MTU,
|
||||||
};
|
};
|
||||||
use virtio_bindings::bindings::virtio_ring::VIRTIO_RING_F_EVENT_IDX;
|
use virtio_bindings::bindings::virtio_ring::VIRTIO_RING_F_EVENT_IDX;
|
||||||
use virtio_queue::{Queue, QueueT};
|
use virtio_queue::{Queue, QueueT};
|
||||||
@ -70,6 +70,7 @@ impl Net {
|
|||||||
pub fn new(
|
pub fn new(
|
||||||
id: String,
|
id: String,
|
||||||
mac_addr: MacAddr,
|
mac_addr: MacAddr,
|
||||||
|
mtu: Option<u16>,
|
||||||
vu_cfg: VhostUserConfig,
|
vu_cfg: VhostUserConfig,
|
||||||
server: bool,
|
server: bool,
|
||||||
seccomp_action: SeccompAction,
|
seccomp_action: SeccompAction,
|
||||||
@ -126,8 +127,12 @@ impl Net {
|
|||||||
| 1 << VIRTIO_F_VERSION_1
|
| 1 << VIRTIO_F_VERSION_1
|
||||||
| VhostUserVirtioFeatures::PROTOCOL_FEATURES.bits();
|
| VhostUserVirtioFeatures::PROTOCOL_FEATURES.bits();
|
||||||
|
|
||||||
|
if mtu.is_some() {
|
||||||
|
avail_features |= 1u64 << VIRTIO_NET_F_MTU;
|
||||||
|
}
|
||||||
|
|
||||||
let mut config = VirtioNetConfig::default();
|
let mut config = VirtioNetConfig::default();
|
||||||
build_net_config_space(&mut config, mac_addr, num_queues, &mut avail_features);
|
build_net_config_space(&mut config, mac_addr, num_queues, mtu, &mut avail_features);
|
||||||
|
|
||||||
let mut vu =
|
let mut vu =
|
||||||
VhostUserHandle::connect_vhost_user(server, &vu_cfg.socket, num_queues as u64, false)?;
|
VhostUserHandle::connect_vhost_user(server, &vu_cfg.socket, num_queues as u64, false)?;
|
||||||
|
@ -819,6 +819,11 @@ components:
|
|||||||
default: "255.255.255.0"
|
default: "255.255.255.0"
|
||||||
mac:
|
mac:
|
||||||
type: string
|
type: string
|
||||||
|
host_mac:
|
||||||
|
type: string
|
||||||
|
mtu:
|
||||||
|
type: integer
|
||||||
|
default: 1280
|
||||||
iommu:
|
iommu:
|
||||||
type: boolean
|
type: boolean
|
||||||
default: false
|
default: false
|
||||||
|
@ -180,6 +180,8 @@ pub enum ValidationError {
|
|||||||
IommuNotSupported,
|
IommuNotSupported,
|
||||||
/// Duplicated device path (device added twice)
|
/// Duplicated device path (device added twice)
|
||||||
DuplicateDevicePath(String),
|
DuplicateDevicePath(String),
|
||||||
|
/// Provided MTU is lower than what the VIRTIO specification expects
|
||||||
|
InvalidMtu(u16),
|
||||||
}
|
}
|
||||||
|
|
||||||
type ValidationResult<T> = std::result::Result<T, ValidationError>;
|
type ValidationResult<T> = std::result::Result<T, ValidationError>;
|
||||||
@ -280,6 +282,13 @@ impl fmt::Display for ValidationError {
|
|||||||
write!(f, "Device does not support being placed behind IOMMU")
|
write!(f, "Device does not support being placed behind IOMMU")
|
||||||
}
|
}
|
||||||
DuplicateDevicePath(p) => write!(f, "Duplicated device path: {}", p),
|
DuplicateDevicePath(p) => write!(f, "Duplicated device path: {}", p),
|
||||||
|
&InvalidMtu(mtu) => {
|
||||||
|
write!(
|
||||||
|
f,
|
||||||
|
"Provided MTU {} is lower than 1280 (expected by VIRTIO specification)",
|
||||||
|
mtu
|
||||||
|
)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -1238,6 +1247,8 @@ pub struct NetConfig {
|
|||||||
pub mac: MacAddr,
|
pub mac: MacAddr,
|
||||||
#[serde(default)]
|
#[serde(default)]
|
||||||
pub host_mac: Option<MacAddr>,
|
pub host_mac: Option<MacAddr>,
|
||||||
|
#[serde(default = "default_netconfig_mtu")]
|
||||||
|
pub mtu: u16,
|
||||||
#[serde(default)]
|
#[serde(default)]
|
||||||
pub iommu: bool,
|
pub iommu: bool,
|
||||||
#[serde(default = "default_netconfig_num_queues")]
|
#[serde(default = "default_netconfig_num_queues")]
|
||||||
@ -1275,6 +1286,10 @@ fn default_netconfig_mac() -> MacAddr {
|
|||||||
MacAddr::local_random()
|
MacAddr::local_random()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
fn default_netconfig_mtu() -> u16 {
|
||||||
|
virtio_devices::net::MIN_MTU
|
||||||
|
}
|
||||||
|
|
||||||
fn default_netconfig_num_queues() -> usize {
|
fn default_netconfig_num_queues() -> usize {
|
||||||
DEFAULT_NUM_QUEUES_VUNET
|
DEFAULT_NUM_QUEUES_VUNET
|
||||||
}
|
}
|
||||||
@ -1291,6 +1306,7 @@ impl Default for NetConfig {
|
|||||||
mask: default_netconfig_mask(),
|
mask: default_netconfig_mask(),
|
||||||
mac: default_netconfig_mac(),
|
mac: default_netconfig_mac(),
|
||||||
host_mac: None,
|
host_mac: None,
|
||||||
|
mtu: default_netconfig_mtu(),
|
||||||
iommu: false,
|
iommu: false,
|
||||||
num_queues: default_netconfig_num_queues(),
|
num_queues: default_netconfig_num_queues(),
|
||||||
queue_size: default_netconfig_queue_size(),
|
queue_size: default_netconfig_queue_size(),
|
||||||
@ -1322,6 +1338,7 @@ impl NetConfig {
|
|||||||
.add("mask")
|
.add("mask")
|
||||||
.add("mac")
|
.add("mac")
|
||||||
.add("host_mac")
|
.add("host_mac")
|
||||||
|
.add("mtu")
|
||||||
.add("iommu")
|
.add("iommu")
|
||||||
.add("queue_size")
|
.add("queue_size")
|
||||||
.add("num_queues")
|
.add("num_queues")
|
||||||
@ -1353,6 +1370,10 @@ impl NetConfig {
|
|||||||
.map_err(Error::ParseNetwork)?
|
.map_err(Error::ParseNetwork)?
|
||||||
.unwrap_or_else(default_netconfig_mac);
|
.unwrap_or_else(default_netconfig_mac);
|
||||||
let host_mac = parser.convert("host_mac").map_err(Error::ParseNetwork)?;
|
let host_mac = parser.convert("host_mac").map_err(Error::ParseNetwork)?;
|
||||||
|
let mtu = parser
|
||||||
|
.convert("mtu")
|
||||||
|
.map_err(Error::ParseNetwork)?
|
||||||
|
.unwrap_or_else(default_netconfig_mtu);
|
||||||
let iommu = parser
|
let iommu = parser
|
||||||
.convert::<Toggle>("iommu")
|
.convert::<Toggle>("iommu")
|
||||||
.map_err(Error::ParseNetwork)?
|
.map_err(Error::ParseNetwork)?
|
||||||
@ -1442,6 +1463,7 @@ impl NetConfig {
|
|||||||
mask,
|
mask,
|
||||||
mac,
|
mac,
|
||||||
host_mac,
|
host_mac,
|
||||||
|
mtu,
|
||||||
iommu,
|
iommu,
|
||||||
num_queues,
|
num_queues,
|
||||||
queue_size,
|
queue_size,
|
||||||
@ -1493,6 +1515,10 @@ impl NetConfig {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if self.mtu < virtio_devices::net::MIN_MTU {
|
||||||
|
return Err(ValidationError::InvalidMtu(self.mtu));
|
||||||
|
}
|
||||||
|
|
||||||
Ok(())
|
Ok(())
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -2241,6 +2241,7 @@ impl DeviceManager {
|
|||||||
match virtio_devices::vhost_user::Net::new(
|
match virtio_devices::vhost_user::Net::new(
|
||||||
id.clone(),
|
id.clone(),
|
||||||
net_cfg.mac,
|
net_cfg.mac,
|
||||||
|
Some(net_cfg.mtu),
|
||||||
vu_cfg,
|
vu_cfg,
|
||||||
server,
|
server,
|
||||||
self.seccomp_action.clone(),
|
self.seccomp_action.clone(),
|
||||||
@ -2271,6 +2272,7 @@ impl DeviceManager {
|
|||||||
None,
|
None,
|
||||||
Some(net_cfg.mac),
|
Some(net_cfg.mac),
|
||||||
&mut net_cfg.host_mac,
|
&mut net_cfg.host_mac,
|
||||||
|
None,
|
||||||
self.force_iommu | net_cfg.iommu,
|
self.force_iommu | net_cfg.iommu,
|
||||||
net_cfg.num_queues,
|
net_cfg.num_queues,
|
||||||
net_cfg.queue_size,
|
net_cfg.queue_size,
|
||||||
@ -2307,6 +2309,7 @@ impl DeviceManager {
|
|||||||
Some(net_cfg.mask),
|
Some(net_cfg.mask),
|
||||||
Some(net_cfg.mac),
|
Some(net_cfg.mac),
|
||||||
&mut net_cfg.host_mac,
|
&mut net_cfg.host_mac,
|
||||||
|
Some(net_cfg.mtu),
|
||||||
self.force_iommu | net_cfg.iommu,
|
self.force_iommu | net_cfg.iommu,
|
||||||
net_cfg.num_queues,
|
net_cfg.num_queues,
|
||||||
net_cfg.queue_size,
|
net_cfg.queue_size,
|
||||||
|
@ -66,6 +66,8 @@ const SIOCGIFFLAGS: u64 = 0x8913;
|
|||||||
const SIOCGIFHWADDR: u64 = 0x8927;
|
const SIOCGIFHWADDR: u64 = 0x8927;
|
||||||
const SIOCSIFFLAGS: u64 = 0x8914;
|
const SIOCSIFFLAGS: u64 = 0x8914;
|
||||||
const SIOCSIFADDR: u64 = 0x8916;
|
const SIOCSIFADDR: u64 = 0x8916;
|
||||||
|
const SIOCGIFMTU: u64 = 0x8921;
|
||||||
|
const SIOCSIFMTU: u64 = 0x8922;
|
||||||
const SIOCSIFHWADDR: u64 = 0x8924;
|
const SIOCSIFHWADDR: u64 = 0x8924;
|
||||||
const SIOCSIFNETMASK: u64 = 0x891c;
|
const SIOCSIFNETMASK: u64 = 0x891c;
|
||||||
|
|
||||||
@ -252,9 +254,11 @@ fn create_vmm_ioctl_seccomp_rule_common(
|
|||||||
and![Cond::new(1, ArgLen::Dword, Eq, FIONBIO)?],
|
and![Cond::new(1, ArgLen::Dword, Eq, FIONBIO)?],
|
||||||
and![Cond::new(1, ArgLen::Dword, Eq, SIOCGIFFLAGS)?],
|
and![Cond::new(1, ArgLen::Dword, Eq, SIOCGIFFLAGS)?],
|
||||||
and![Cond::new(1, ArgLen::Dword, Eq, SIOCGIFHWADDR)?],
|
and![Cond::new(1, ArgLen::Dword, Eq, SIOCGIFHWADDR)?],
|
||||||
|
and![Cond::new(1, ArgLen::Dword, Eq, SIOCGIFMTU)?],
|
||||||
and![Cond::new(1, ArgLen::Dword, Eq, SIOCSIFADDR)?],
|
and![Cond::new(1, ArgLen::Dword, Eq, SIOCSIFADDR)?],
|
||||||
and![Cond::new(1, ArgLen::Dword, Eq, SIOCSIFFLAGS)?],
|
and![Cond::new(1, ArgLen::Dword, Eq, SIOCSIFFLAGS)?],
|
||||||
and![Cond::new(1, ArgLen::Dword, Eq, SIOCSIFHWADDR)?],
|
and![Cond::new(1, ArgLen::Dword, Eq, SIOCSIFHWADDR)?],
|
||||||
|
and![Cond::new(1, ArgLen::Dword, Eq, SIOCSIFMTU)?],
|
||||||
and![Cond::new(1, ArgLen::Dword, Eq, SIOCSIFNETMASK)?],
|
and![Cond::new(1, ArgLen::Dword, Eq, SIOCSIFNETMASK)?],
|
||||||
and![Cond::new(1, ArgLen::Dword, Eq, TCSETS)?],
|
and![Cond::new(1, ArgLen::Dword, Eq, TCSETS)?],
|
||||||
and![Cond::new(1, ArgLen::Dword, Eq, TCGETS)?],
|
and![Cond::new(1, ArgLen::Dword, Eq, TCGETS)?],
|
||||||
|
Loading…
Reference in New Issue
Block a user