devices: net: add control queue for enabling/disabling offloads

Add a control queue for virtio_net, and implement the command to set
available networking offloads.

Set offloads initially when acking features from the guest. We previously set
offloads on unconditionally.

Add TUNSETOFFLOAD to the allowed ioctls for virtio_net.

BUG=chromium:1031413
TEST=boot 5.4 guest, check vmtap offloads enabled with ethtool
TEST=enable ip_forward in guest, check vmtap offloads disabled with ethtool

Change-Id: I4129aa03419798906bd95cf65a6a4ab63069f50b
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1968200
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Stephen Barber <smbarber@chromium.org>
Tested-by: Stephen Barber <smbarber@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>

3 files changed, 9 insertions, 0 deletions

diff --git a/seccomp/aarch64/net_device.policy b/seccomp/aarch64/net_device.policy
index f9e98f0..1b8f2b6 100644
--- a/seccomp/aarch64/net_device.policy
+++ b/seccomp/aarch64/net_device.policy
@@ -3,3 +3,6 @@
 # found in the LICENSE file.
 
 @include /usr/share/policy/crosvm/common_device.policy
+
+# TUNSETOFFLOAD
+ioctl: arg1 == 0x400454d0
diff --git a/seccomp/arm/net_device.policy b/seccomp/arm/net_device.policy
index 4f7aafd..26770ab 100644
--- a/seccomp/arm/net_device.policy
+++ b/seccomp/arm/net_device.policy
@@ -3,3 +3,6 @@
 # found in the LICENSE file.
 
 @include /usr/share/policy/crosvm/common_device.policy
+
+# TUNSETOFFLOAD
+ioctl: arg1 == 0x400454d0
diff --git a/seccomp/x86_64/net_device.policy b/seccomp/x86_64/net_device.policy
index 72ecd5a..c7f17d9 100644
--- a/seccomp/x86_64/net_device.policy
+++ b/seccomp/x86_64/net_device.policy
@@ -3,3 +3,6 @@
 # found in the LICENSE file.
 
 @include /usr/share/policy/crosvm/common_device.policy
+
+# TUNSETOFFLOAD
+ioctl: arg1 == 0x400454d0