RepoMirrors/netlink
1
0
Fork 0
mirror of https://github.com/vishvananda/netlink synced 2025-05-01 23:58:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add support for setting trust state of a VF

Browse Source 
Add support for setting trust state of a VF. This allows restricting
certain operations on VF when its untrusted such as disabling
promiscuous mode.

Signed-off-by: Parav Pandit <parav@mellanox.com>
This commit is contained in:
Parav Pandit 2017-08-01 22:48:50 -05:00 committed by Vish (Ishaya) Abrams
parent a956595377
commit 70cf3c74a8
2 changed files with 59 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
link_linux.go
View File

@ -413,6 +413,40 @@ func (h *Handle) LinkSetVfSpoofchk(link Link, vf int, check bool) error {
return err return err
} }
// LinkSetVfTrust enables/disables trust state on a vf for the link.
// Equivalent to: `ip link set $link vf $vf trust $state`
func LinkSetTrust(link Link, vf int, state bool) error {
return pkgHandle.LinkSetVfTrust(link, vf, state)
}
// LinkSetVfTrust enables/disables trust state on a vf for the link.
// Equivalent to: `ip link set $link vf $vf trust $state`
func (h *Handle) LinkSetVfTrust(link Link, vf int, state bool) error {
var setting uint32
base := link.Attrs()
h.ensureIndex(base)
req := h.newNetlinkRequest(syscall.RTM_SETLINK, syscall.NLM_F_ACK)
msg := nl.NewIfInfomsg(syscall.AF_UNSPEC)
msg.Index = int32(base.Index)
req.AddData(msg)
data := nl.NewRtAttr(nl.IFLA_VFINFO_LIST, nil)
info := nl.NewRtAttrChild(data, nl.IFLA_VF_INFO, nil)
if state {
setting = 1
}
vfmsg := nl.VfTrust{
Vf: uint32(vf),
Setting: setting,
}
nl.NewRtAttrChild(info, nl.IFLA_VF_TRUST, vfmsg.Serialize())
req.AddData(data)
_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
return err
}
// LinkSetMaster sets the master of the link device. // LinkSetMaster sets the master of the link device.
// Equivalent to: `ip link set $link master $master` // Equivalent to: `ip link set $link master $master`
func LinkSetMaster(link Link, master *Bridge) error { func LinkSetMaster(link Link, master *Bridge) error {

26
nl/link_linux.go
View File

@ -231,7 +231,8 @@ const (
* on/off switch * on/off switch
*/ */
IFLA_VF_STATS /* network device statistics */ IFLA_VF_STATS /* network device statistics */
IFLA_VF_MAX = IFLA_VF_STATS IFLA_VF_TRUST /* Trust state of VF */
IFLA_VF_MAX = IFLA_VF_TRUST
) )
const ( const (
@ -259,6 +260,7 @@ const (
SizeofVfSpoofchk = 0x08 SizeofVfSpoofchk = 0x08
SizeofVfLinkState = 0x08 SizeofVfLinkState = 0x08
SizeofVfRssQueryEn = 0x08 SizeofVfRssQueryEn = 0x08
SizeofVfTrust = 0x08
) )
// struct ifla_vf_mac { // struct ifla_vf_mac {
@ -419,6 +421,28 @@ func (msg *VfRssQueryEn) Serialize() []byte {
return (*(*[SizeofVfRssQueryEn]byte)(unsafe.Pointer(msg)))[:] return (*(*[SizeofVfRssQueryEn]byte)(unsafe.Pointer(msg)))[:]
} }
// struct ifla_vf_trust {
// __u32 vf;
// __u32 setting;
// };
type VfTrust struct {
Vf uint32
Setting uint32
}
func (msg *VfTrust) Len() int {
return SizeofVfTrust
}
func DeserializeVfTrust(b []byte) *VfTrust {
return (*VfTrust)(unsafe.Pointer(&b[0:SizeofVfTrust][0]))
}
func (msg *VfTrust) Serialize() []byte {
return (*(*[SizeofVfTrust]byte)(unsafe.Pointer(msg)))[:]
}
const ( const (
IFLA_XDP_UNSPEC = iota IFLA_XDP_UNSPEC = iota
IFLA_XDP_FD /* fd of xdp program to attach, or -1 to remove */ IFLA_XDP_FD /* fd of xdp program to attach, or -1 to remove */