1. Patchew
  2. QEMU
  3. [PATCH v7 0/4] virtio_net: Add the check for vdpa's mac address
  4. View patch

[PATCH v7 1/4] vhost_vdpa : Add a new parameter to enable check mac address

Cindy Lu posted 4 patches 8 months ago
Maintainers: "Michael S. Tsirkin" <mst@redhat.com>, Jason Wang <jasowang@redhat.com>, Eric Blake <eblake@redhat.com>, Markus Armbruster <armbru@redhat.com>
[PATCH v7 1/4] vhost_vdpa : Add a new parameter to enable check mac address
Posted by Cindy Lu 8 months ago 
When using a VDPA device, it's important to ensure that the MAC
address is correctly set.
This patch adds a new QEMU command line parameter to enable MAC
address verification,  which is enabled by default.

Usage example:
....
-netdev type=vhost-vdpa,vhostdev=/dev/vhost-vdpa-0,id=vhost-vdpa0,check-mac=true\
-device virtio-net-pci,netdev=vhost-vdpa0\
....
To disable this check:
....
-netdev type=vhost-vdpa,vhostdev=/dev/vhost-vdpa-0,id=vhost-vdpa0,check-mac=false\
-device virtio-net-pci,netdev=vhost-vdpa0\
....

Signed-off-by: Cindy Lu <lulu@redhat.com>
---
 include/net/net.h | 1 +
 net/vhost-vdpa.c  | 5 +++++
 qapi/net.json     | 5 +++++
 3 files changed, 11 insertions(+)

diff --git a/include/net/net.h b/include/net/net.h
index cdd5b109b0..fac1951b6e 100644
--- a/include/net/net.h
+++ b/include/net/net.h
@@ -112,6 +112,7 @@ struct NetClientState {
     bool is_netdev;
     bool do_not_pad; /* do not pad to the minimum ethernet frame length */
     bool is_datapath;
+    bool check_mac;
     QTAILQ_HEAD(, NetFilterState) filters;
 };
 
diff --git a/net/vhost-vdpa.c b/net/vhost-vdpa.c
index 7ca8b46eee..7dbe6cf65c 100644
--- a/net/vhost-vdpa.c
+++ b/net/vhost-vdpa.c
@@ -1871,6 +1871,11 @@ int net_init_vhost_vdpa(const Netdev *netdev, const char *name,
         if (!ncs[i])
             goto err;
     }
+    /* Enable the mac check by default */
+    if (opts->has_check_mac)
+        ncs[0]->check_mac = opts->check_mac;
+    else
+        ncs[0]->check_mac = true;
 
     if (has_cvq) {
         VhostVDPAState *s0 = DO_UPCAST(VhostVDPAState, nc, ncs[0]);
diff --git a/qapi/net.json b/qapi/net.json
index 310cc4fd19..0607c83833 100644
--- a/qapi/net.json
+++ b/qapi/net.json
@@ -510,6 +510,10 @@
 # @queues: number of queues to be created for multiqueue vhost-vdpa
 #     (default: 1)
 #
+# @check-mac: Enable the check for whether the device's MAC address
+#     and the MAC in QEMU command line are acceptable for booting.
+#     (default: true)
+#
 # @x-svq: Start device with (experimental) shadow virtqueue.  (Since
 #     7.1) (default: false)
 #
@@ -524,6 +528,7 @@
     '*vhostdev':     'str',
     '*vhostfd':      'str',
     '*queues':       'int',
+    '*check-mac':    'bool',
     '*x-svq':        {'type': 'bool', 'features' : [ 'unstable'] } } }
 
 ##
-- 
2.45.0
Re: [PATCH v7 1/4] vhost_vdpa : Add a new parameter to enable check mac address
Posted by Jason Wang 8 months ago 
On Thu, Apr 17, 2025 at 6:25 PM Cindy Lu <lulu@redhat.com> wrote:
>
> When using a VDPA device, it's important to ensure that the MAC
> address is correctly set.
> This patch adds a new QEMU command line parameter to enable MAC
> address verification,  which is enabled by default.
>
> Usage example:
> ....
> -netdev type=vhost-vdpa,vhostdev=/dev/vhost-vdpa-0,id=vhost-vdpa0,check-mac=true\
> -device virtio-net-pci,netdev=vhost-vdpa0\
> ....
> To disable this check:
> ....
> -netdev type=vhost-vdpa,vhostdev=/dev/vhost-vdpa-0,id=vhost-vdpa0,check-mac=false\
> -device virtio-net-pci,netdev=vhost-vdpa0\
> ....
>
> Signed-off-by: Cindy Lu <lulu@redhat.com>

This patch needs to be squashed to the patch that implements the real
logic of the checking.

> ---
>  include/net/net.h | 1 +
>  net/vhost-vdpa.c  | 5 +++++
>  qapi/net.json     | 5 +++++
>  3 files changed, 11 insertions(+)
>
> diff --git a/include/net/net.h b/include/net/net.h
> index cdd5b109b0..fac1951b6e 100644
> --- a/include/net/net.h
> +++ b/include/net/net.h
> @@ -112,6 +112,7 @@ struct NetClientState {
>      bool is_netdev;
>      bool do_not_pad; /* do not pad to the minimum ethernet frame length */
>      bool is_datapath;
> +    bool check_mac;
>      QTAILQ_HEAD(, NetFilterState) filters;
>  };
>
> diff --git a/net/vhost-vdpa.c b/net/vhost-vdpa.c
> index 7ca8b46eee..7dbe6cf65c 100644
> --- a/net/vhost-vdpa.c
> +++ b/net/vhost-vdpa.c
> @@ -1871,6 +1871,11 @@ int net_init_vhost_vdpa(const Netdev *netdev, const char *name,
>          if (!ncs[i])
>              goto err;
>      }
> +    /* Enable the mac check by default */
> +    if (opts->has_check_mac)
> +        ncs[0]->check_mac = opts->check_mac;
> +    else
> +        ncs[0]->check_mac = true;

How could we maintain the migration compatibility here?

>
>      if (has_cvq) {
>          VhostVDPAState *s0 = DO_UPCAST(VhostVDPAState, nc, ncs[0]);
> diff --git a/qapi/net.json b/qapi/net.json
> index 310cc4fd19..0607c83833 100644
> --- a/qapi/net.json
> +++ b/qapi/net.json
> @@ -510,6 +510,10 @@
>  # @queues: number of queues to be created for multiqueue vhost-vdpa
>  #     (default: 1)
>  #
> +# @check-mac: Enable the check for whether the device's MAC address
> +#     and the MAC in QEMU command line are acceptable for booting.
> +#     (default: true)
> +#
>  # @x-svq: Start device with (experimental) shadow virtqueue.  (Since
>  #     7.1) (default: false)
>  #
> @@ -524,6 +528,7 @@
>      '*vhostdev':     'str',
>      '*vhostfd':      'str',
>      '*queues':       'int',
> +    '*check-mac':    'bool',
>      '*x-svq':        {'type': 'bool', 'features' : [ 'unstable'] } } }
>
>  ##
> --
> 2.45.0
>

Thanks
Re: [PATCH v7 1/4] vhost_vdpa : Add a new parameter to enable check mac address
Posted by Jason Wang 8 months ago 
On Mon, Apr 21, 2025 at 11:14 AM Jason Wang <jasowang@redhat.com> wrote:
>
> On Thu, Apr 17, 2025 at 6:25 PM Cindy Lu <lulu@redhat.com> wrote:
> >
> > When using a VDPA device, it's important to ensure that the MAC
> > address is correctly set.
> > This patch adds a new QEMU command line parameter to enable MAC
> > address verification,  which is enabled by default.
> >
> > Usage example:
> > ....
> > -netdev type=vhost-vdpa,vhostdev=/dev/vhost-vdpa-0,id=vhost-vdpa0,check-mac=true\
> > -device virtio-net-pci,netdev=vhost-vdpa0\
> > ....
> > To disable this check:
> > ....
> > -netdev type=vhost-vdpa,vhostdev=/dev/vhost-vdpa-0,id=vhost-vdpa0,check-mac=false\
> > -device virtio-net-pci,netdev=vhost-vdpa0\
> > ....
> >
> > Signed-off-by: Cindy Lu <lulu@redhat.com>
>
> This patch needs to be squashed to the patch that implements the real
> logic of the checking.
>
> > ---
> >  include/net/net.h | 1 +
> >  net/vhost-vdpa.c  | 5 +++++
> >  qapi/net.json     | 5 +++++
> >  3 files changed, 11 insertions(+)
> >
> > diff --git a/include/net/net.h b/include/net/net.h
> > index cdd5b109b0..fac1951b6e 100644
> > --- a/include/net/net.h
> > +++ b/include/net/net.h
> > @@ -112,6 +112,7 @@ struct NetClientState {
> >      bool is_netdev;
> >      bool do_not_pad; /* do not pad to the minimum ethernet frame length */
> >      bool is_datapath;
> > +    bool check_mac;

Rethink of this, it is vDPA specific, we probably need to move it to
VhostVDPAState instead.

Thanks
Re: [PATCH v7 1/4] vhost_vdpa : Add a new parameter to enable check mac address
Posted by Lei Yang 8 months ago 
I tested this series of patches v7 with virtio-net regression tests,
everything works fine.

Tested-by: Lei Yang <leiyang@redhat.com>

On Thu, Apr 17, 2025 at 6:26 PM Cindy Lu <lulu@redhat.com> wrote:
>
> When using a VDPA device, it's important to ensure that the MAC
> address is correctly set.
> This patch adds a new QEMU command line parameter to enable MAC
> address verification,  which is enabled by default.
>
> Usage example:
> ....
> -netdev type=vhost-vdpa,vhostdev=/dev/vhost-vdpa-0,id=vhost-vdpa0,check-mac=true\
> -device virtio-net-pci,netdev=vhost-vdpa0\
> ....
> To disable this check:
> ....
> -netdev type=vhost-vdpa,vhostdev=/dev/vhost-vdpa-0,id=vhost-vdpa0,check-mac=false\
> -device virtio-net-pci,netdev=vhost-vdpa0\
> ....
>
> Signed-off-by: Cindy Lu <lulu@redhat.com>
> ---
>  include/net/net.h | 1 +
>  net/vhost-vdpa.c  | 5 +++++
>  qapi/net.json     | 5 +++++
>  3 files changed, 11 insertions(+)
>
> diff --git a/include/net/net.h b/include/net/net.h
> index cdd5b109b0..fac1951b6e 100644
> --- a/include/net/net.h
> +++ b/include/net/net.h
> @@ -112,6 +112,7 @@ struct NetClientState {
>      bool is_netdev;
>      bool do_not_pad; /* do not pad to the minimum ethernet frame length */
>      bool is_datapath;
> +    bool check_mac;
>      QTAILQ_HEAD(, NetFilterState) filters;
>  };
>
> diff --git a/net/vhost-vdpa.c b/net/vhost-vdpa.c
> index 7ca8b46eee..7dbe6cf65c 100644
> --- a/net/vhost-vdpa.c
> +++ b/net/vhost-vdpa.c
> @@ -1871,6 +1871,11 @@ int net_init_vhost_vdpa(const Netdev *netdev, const char *name,
>          if (!ncs[i])
>              goto err;
>      }
> +    /* Enable the mac check by default */
> +    if (opts->has_check_mac)
> +        ncs[0]->check_mac = opts->check_mac;
> +    else
> +        ncs[0]->check_mac = true;
>
>      if (has_cvq) {
>          VhostVDPAState *s0 = DO_UPCAST(VhostVDPAState, nc, ncs[0]);
> diff --git a/qapi/net.json b/qapi/net.json
> index 310cc4fd19..0607c83833 100644
> --- a/qapi/net.json
> +++ b/qapi/net.json
> @@ -510,6 +510,10 @@
>  # @queues: number of queues to be created for multiqueue vhost-vdpa
>  #     (default: 1)
>  #
> +# @check-mac: Enable the check for whether the device's MAC address
> +#     and the MAC in QEMU command line are acceptable for booting.
> +#     (default: true)
> +#
>  # @x-svq: Start device with (experimental) shadow virtqueue.  (Since
>  #     7.1) (default: false)
>  #
> @@ -524,6 +528,7 @@
>      '*vhostdev':     'str',
>      '*vhostfd':      'str',
>      '*queues':       'int',
> +    '*check-mac':    'bool',
>      '*x-svq':        {'type': 'bool', 'features' : [ 'unstable'] } } }
>
>  ##
> --
> 2.45.0
>
>

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.