aboutsummaryrefslogtreecommitdiff
path: root/net/tap.c
AgeCommit message (Collapse)Author
2015-05-27tap: Finish conversion of tap_open() to ErrorMarkus Armbruster
Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Message-id: 1431691143-1015-15-git-send-email-armbru@redhat.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-05-27tap: Permit incremental conversion of tap_open() to ErrorMarkus Armbruster
Convert the trivial ones immediately: tap-aix and tap-haiku. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Message-id: 1431691143-1015-11-git-send-email-armbru@redhat.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-05-27tap: Convert launch_script() to ErrorMarkus Armbruster
Fixes inappropriate use of stderr in monitor command handler. While there, improve the messages some. [Fixed Error **err -> Error *err local variable that broke the build. --Stefan] Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Message-id: 1431691143-1015-10-git-send-email-armbru@redhat.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-05-27tap: Convert net_init_tap_one() to ErrorMarkus Armbruster
[Dropped %s from "tap: open vhost char device failed: %s" since error_setg_errno() already prints a human-readable error string and there is no format string argument. --Stefan] Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Message-id: 1431691143-1015-9-git-send-email-armbru@redhat.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-05-27tap: Convert tap_set_sndbuf() to ErrorMarkus Armbruster
Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Message-id: 1431691143-1015-8-git-send-email-armbru@redhat.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-05-27tap: Improve -netdev/netdev_add/-net/... bridge error reportingMarkus Armbruster
When -netdev bridge fails, it first reports a specific error, then a generic one, like this: $ qemu-system-x86_64 -netdev bridge,id=foo failed to launch bridge helper qemu-system-x86_64: -netdev bridge,id=foo: Device 'bridge' could not be initialized The first message goes to stderr. Wrong for HMP, because errors need to go to the monitor there. The second message goes to stderr for -netdev, to the monitor for HMP netdev_add, and becomes the error reply for QMP netdev_add. Convert net_bridge_run_helper() to Error, and propagate its errors through net_init_bridge(). This ensures the error gets reported where the user is, and suppresses the unwanted second message. While there, improve the error messages a bit. The above example becomes: $ qemu-system-x86_64 -netdev bridge,id=foo qemu-system-x86_64: -netdev bridge,id=foo: bridge helper failed net_init_tap() also uses net_bridge_run_helper(). Propagate its errors there as well. Improves reporting these errors with -netdev tap & friends. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Message-id: 1431691143-1015-7-git-send-email-armbru@redhat.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-05-27tap: net_tap_fd_init() can't fail, drop dead error handlingMarkus Armbruster
Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Message-id: 1431691143-1015-6-git-send-email-armbru@redhat.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-05-27net: Permit incremental conversion of init functions to ErrorMarkus Armbruster
Error reporting for netdev_add is broken: the net_client_init_fun[] report the actual errors with (at best) error_report(), and their caller net_client_init1() makes up a generic error on top. For command line and HMP, this produces an mildly ugly error cascade. In QMP, the actual errors go to stderr, and the generic error becomes the command's error reply. To fix this, we need to convert the net_client_init_fun[] to Error. To permit fixing them one by one, add an Error ** parameter to the net_client_init_fun[]. If the call fails without returning an Error, make up the same generic Error as before. But if it returns one, use that instead. Since none of them does so far, no functional change. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Message-id: 1431691143-1015-3-git-send-email-armbru@redhat.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-02-18monitor: Clean up around monitor_handle_fd_param()Markus Armbruster
monitor_handle_fd_param() is a wrapper around monitor_handle_fd_param2() that feeds errors to qerror_report_err() instead of returning them. qerror_report_err() is inappropriate in many contexts. monitor_handle_fd_param() looks simpler than monitor_handle_fd_param2(), which tempts use. Remove the temptation: drop the wrapper and open-code the (trivial) error handling instead. Replace the open-coded qerror_report_err() by error_report_err() in places that already use error_report(). Turns out that's everywhere. While there, rename monitor_handle_fd_param2() to monitor_fd_param(). Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com>
2014-12-19tap: fix vcpu long time io blocking on tapWangkai (Kevin,C)
[Adjusted doc comment for grammar. --Stefan] Signed-off-by: Wangkai <wangkai86@huawei.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-11-02tap: fix possible fd leak in net_init_tapGonglei
In hotplugging scenario, taking those true branch, the file handler do not be closed. Let's close them before return. Signed-off-by: Gonglei <arei.gonglei@huawei.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-11-02tap: do not close(fd) in net_init_tap_oneGonglei
commit 5193e5fb (tap: factor out common tap initialization) introduce net_init_tap_one(). But it's inappropriate that we close fd in net_init_tap_one(), we should lay it in the caller, becuase some callers needn't to close it if we get the fd by monitor_handle_fd_param(). On the other hand, in other exceptional branches fd isn't closed, so that's incomplete anyway. Signed-off-by: Gonglei <arei.gonglei@huawei.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-06-19Add vhost-backend and VhostBackendTypeNikolay Nikolaev
Use vhost_set_backend_type to initialise a proper vhost_ops structure. In vhost_net_init and vhost_net_start_one call conditionally TAP related initialisation depending on the vhost backend type. Signed-off-by: Antonios Motakis <a.motakis@virtualopensystems.com> Signed-off-by: Nikolay Nikolaev <n.nikolaev@virtualopensystems.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2014-06-19vhost_net_init will use VhostNetOptions to get all its argumentsNikolay Nikolaev
vhost_dev_init will replace devfd and devpath with a single opaque argument. This is initialised with a file descriptor. When TAP is used (through vhost_net), open /dev/vhost-net and pass the fd as an opaque parameter in VhostNetOptions. The same applies to vhost-scsi - open /dev/vhost-scsi and pass the fd. Signed-off-by: Antonios Motakis <a.motakis@virtualopensystems.com> Signed-off-by: Nikolay Nikolaev <n.nikolaev@virtualopensystems.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2014-04-25tap: Avoid extra iterations while closing file fdPankaj Gupta
Avoid iterations for fd 0, 1 & 2 when we are closing file fds in child process. Signed-off-by: Pankaj Gupta <pagupta@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-03-12tap: avoid deadlocking rxStefan Hajnoczi
The net subsystem has a control flow mechanism so peer NetClientStates can tell each other to stop sending packets. This is used to stop monitoring the tap file descriptor for incoming packets if the guest rx ring has no spare buffers. There is a corner case when tap_can_send() is true at the beginning of an event loop iteration but becomes false before the tap_send() fd handler is invoked. tap_send() will read the packet from the tap file descriptor and attempt to send it. The net queue will hold on to the packet and return 0, indicating that further I/O is not possible. tap then stops monitoring the file descriptor for reads. This is unlike the normal case where tap_can_send() is the same before and during the event loop iteration. The event loop would simply not monitor the file descriptor if tap_can_send() returns true. Upon next iteration it would check tap_can_send() again and begin monitoring if we can send. The deadlock happens because tap_send() explicitly disabled read_poll. This is done with the expectation that the peer will call qemu_net_queue_flush(). But hw/net/virtio-net.c does not monitor vm_running transitions and issue the flush. Hence we're left with a broken tap device. Cc: qemu-stable@nongnu.org Reported-by: Neil Skrypuch <neil@tembosocial.com> Tested-by: Neil Skrypuch <neil@tembosocial.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-02-25net: make tap offloading callbacks staticVincenzo Maffione
Since TAP offloadings are manipulated through a new API, it's not necessary to export them in include/net/tap.h anymore. Signed-off-by: Vincenzo Maffione <v.maffione@gmail.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-02-25net: TAP uses NetClientInfo offloading callbacksVincenzo Maffione
The TAP NetClientInfo structure is inizialized with the TAP-specific functions that manipulates offloading features. Signed-off-by: Vincenzo Maffione <v.maffione@gmail.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-02-25net: change vnet-hdr TAP prototypesVincenzo Maffione
The tap_has_vnet_hdr() and tap_has_vnet_hdr_len() functions used to return int, even though they only return true/false values. This patch changes the prototypes to return bool. Signed-off-by: Vincenzo Maffione <v.maffione@gmail.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-06-07tap: fix NULL dereference when passing invalid parameters to tapJason Wang
This patch forbid the following invalid parameters to tap: 1) fd and vhostfds were specified but vhostfd were not specified 2) vhostfds were specified but fds were not specified 3) fds and vhostfd were specified For 1 and 2, net_init_tap_one() will still pass NULL as vhostfdname to monitor_handle_fd_param(), which may crash the qemu. Also remove the unnecessary has_fd check. Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Stefan Hajnoczi <shajnocz@redhat.com> Cc: Laszlo Ersek <lersek@redhat.com> Cc: qemu-stable@nongnu.org Signed-off-by: Jason Wang <jasowang@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-05-03tap: properly initialize vhostfdsJason Wang
Only tap->vhostfd were checked net_init_tap_one(), but tap->vhostfds were forgot, this will lead qemu to ignore all fds passed by management through vhostfds, and tries to create vhost_net device itself. Fix by adding this check also. Reportyed-by: Michal Privoznik <mprivozn@redhat.com> Cc: Michal Privoznik <mprivozn@redhat.com> Cc: qemu-stable@nongnu.org Signed-off-by: Jason Wang <jasowang@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-04-08hw: move headers to include/Paolo Bonzini
Many of these should be cleaned up with proper qdev-/QOM-ification. Right now there are many catch-all headers in include/hw/ARCH depending on cpu.h, and this makes it necessary to compile these files per-target. However, fixing this does not belong in these patches. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-03-25net: increase buffer size to accommodate Jumbo frame pktsScott Feldman
Socket buffer sizes were hard-coded to 4K for VDE and socket netdevs. Bump this up to 68K (ala tap netdev) to handle maximum GSO packet size (64k) plus plenty of room for the ethernet and virtio_net headers. Originally, ran into this limitation when using -netdev UDP sockets to connect VM-to-VM, where VM interface is configure with MTU=9000. (Using virtio_net NIC model). Test is simple: ping -M do -s 8500 <target>. This test will attempt to ping with unfragmented packet of given size. Without patch, size is limited to < 4K (minus protocol hdrs). With patch, ping test works with pkt size up to 9000 (again, minus protocol hdrs). v2: per Stefan, increase buf size to (4096+65536) as done in tap and apply to vde and socket netdevs. v1: increase buf size to 12K just for -netdev UDP sockets Signed-off-by: Scott Feldman <sfeldma@cumulusnetworks.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-03-22Fix typos and misspellingsPeter Maydell
Fix various typos and misspellings. The bulk of these were found with codespell. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Stefan Weil <sw@weilnetz.de> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-02-27tap: forbid creating multiqueue tap when hub is usedJason Wang
Obviously, hub does not support multiqueue tap. So this patch forbids creating multiple queue tap when hub is used to prevent the crash when command line such as "-net tap,queues=2" is used. Cc: qemu-stable@nongnu.org Signed-off-by: Jason Wang <jasowang@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-02-01tap: unbreak -netdev tap,fd=XAnthony Liguori
The multiqueue patch series broke -netdev tap,fd=X which manifests as libvirt not being able to start a guest. This was because it passed NULL for the netdev name which results in an anonymous netdev device regardless of what the user specified. Cc: Jason Wang <jasowang@redhat.com> Cc: Bruce Rogers <brogers@suse.com> Reported-by: Bruce Rogers <brogers@suse.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01tap: multiqueue supportJason Wang
Recently, linux support multiqueue tap which could let userspace call TUNSETIFF for a signle device many times to create multiple file descriptors as independent queues. User could also enable/disabe a specific queue through TUNSETQUEUE. The patch adds the generic infrastructure to create multiqueue taps. To achieve this a new parameter "queues" were introduced to specify how many queues were expected to be created for tap by qemu itself. Alternatively, management could also pass multiple pre-created tap file descriptors separated with ':' through a new parameter fds like -netdev tap,id=hn0,fds="X:Y:..:Z". Multiple vhost file descriptors could also be passed in this way. Each TAPState were still associated to a tap fd, which mean multiple TAPStates were created when user needs multiqueue taps. Since each TAPState contains one NetClientState, with the multiqueue nic support, an N peers of NetClientState were built up. A new parameter, mq_required were introduce in tap_open() to create multiqueue tap fds. Signed-off-by: Jason Wang <jasowang@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01tap: support enabling or disabling a queueJason Wang
This patch introduce a new bit - enabled in TAPState which tracks whether a specific queue/fd is enabled. The tap/fd is enabled during initialization and could be enabled/disabled by tap_enalbe() and tap_disable() which calls platform specific helpers to do the real work. Polling of a tap fd can only done when the tap was enabled. Signed-off-by: Jason Wang <jasowang@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01tap: factor out common tap initializationJason Wang
This patch factors out the common initialization of tap into a new helper net_init_tap_one(). This will be used by multiqueue tap patches. Signed-off-by: Jason Wang <jasowang@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01net: tap: using bool instead of bitfieldJason Wang
Signed-off-by: Jason Wang <jasowang@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-12-19softmmu: move include files to include/sysemu/Paolo Bonzini
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-12-19misc: move include files to include/qemu/Paolo Bonzini
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-12-19monitor: move include files to include/monitor/Paolo Bonzini
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-12-19net: reorganize headersPaolo Bonzini
Move public headers to include/net, and leave private headers in net/. Put the virtio headers in include/net/tap.h, removing the multiple copies that existed. Leave include/net/tap.h as the interface for NICs, and net/tap_int.h as the interface for OS-specific parts of the tap backend. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-12-19janitor: do not include qemu-char everywherePaolo Bonzini
Touching char/char.h basically causes the whole of QEMU to be rebuilt. Avoid this, it is usually unnecessary. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-11-20tap: reset vnet header size on openMichael S. Tsirkin
For tap, we currently assume the vnet header size is 10 (the default value) but that might not be the case if tap is persistent and has been used by qemu previously. To fix, set host header size in tap device on open. Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Tested-by: Alexander Graf <agraf@suse.de> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2012-10-08net: consolidate NetClientState header files into onePaolo Bonzini
This patch doesn't seem much useful alone, I must admit. However, it makes sense as part of the upcoming directory reorganization, where I want to have include/net/tap.h as the net<->hw interface for tap. Then having both net/tap.h and include/net/tap.h does not work. "Fixed" by moving all the init functions to a single header file net/clients.h. The patch also adopts a uniform style for including net/*.h files from net/*.c, without the net/ path. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@gmail.com>
2012-09-07monitor: Rename+move net_handle_fd_param -> monitor_handle_fd_paramNicholas Bellinger
This patch renames+moves the net_handle_fd_param() caller used to obtain a file descriptor from either qemu_parse_fd() (the normal case) or from monitor_get_fd() (migration case) into a generically prefixed monitor_handle_fd_param() to be used by vhost-scsi code. Also update net/[socket,tap].c consumers to use the new prefix. Reported-by: Michael S. Tsirkin <mst@redhat.com> Cc: Michael S. Tsirkin <mst@redhat.com> Cc: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com> Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Anthony Liguori <aliguori@us.ibm.com> Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2012-08-01net: Rename VLANClientState to NetClientStateStefan Hajnoczi
The vlan feature is no longer part of net core. Rename VLANClientState to NetClientState because net clients are not explicitly associated with a vlan at all, instead they have a peer net client to which they are connected. This patch is a mechanical search-and-replace except for a few whitespace fixups where changing VLANClientState to NetClientState misaligned whitespace. Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com> Signed-off-by: Zhi Yong Wu <wuzhy@linux.vnet.ibm.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2012-08-01net: Drop vlan argument to qemu_new_net_client()Stefan Hajnoczi
Since hubs are now used to implement the 'vlan' feature and the vlan argument is always NULL, remove the argument entirely and update all net clients that use qemu_new_net_client(). Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com> Signed-off-by: Zhi Yong Wu <wuzhy@linux.vnet.ibm.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2012-08-01net: Use hubs for the vlan featureStefan Hajnoczi
Stop using the special-case vlan code in net.c. Instead use the hub net client to implement the vlan feature. The next patch will remove vlan code from net.c completely. Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com> Signed-off-by: Zhi Yong Wu <wuzhy@linux.vnet.ibm.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2012-07-23remove unused QemuOpts parameter from net init functionsLaszlo Ersek
v1->v2: - unchanged v2->v3: - keep "qemu-option.h" included in "net/slirp.h" Signed-off-by: Laszlo Ersek <lersek@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-07-23convert net_init_bridge() to NetClientOptionsLaszlo Ersek
Signed-off-by: Laszlo Ersek <lersek@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-07-23convert net_init_tap() to NetClientOptionsLaszlo Ersek
Signed-off-by: Laszlo Ersek <lersek@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-07-23convert net_client_init() to OptsVisitorLaszlo Ersek
The net_client_init() prototype is kept intact. Based on "is_netdev", the QemuOpts-rooted QemuOpt-list is parsed as a Netdev or a NetLegacy. The original meat of net_client_init() is moved to and simplified in net_client_init1(): Fields not common between -net and -netdev are clearly separated. Getting the name for the init functions is cleaner: Netdev::id is mandatory, and all init functions handle a NULL NetLegacy::name. NetLegacy::vlan explicitly depends on -net (see below). Verifying the "type=" option for -netdev can be turned into a switch. Format validation with qemu_opts_validate() can be removed because the visitor covers it. Relatedly, the "net_client_types" array is reduced to an array of init functions that can be directly indexed by opts->kind. (Help text is available in the schema JSON.) The outermost negation in the condition around qemu_find_vlan() was flattened, because it expresses the dependent code's requirements more clearly. VLAN lookup is avoided if there's no init function to pass the VLAN to. Whenever the value of type=... is needed, we substitute NetClientOptionsKind_lookup[kind]. The individual init functions are not converted yet, thus the original QemuOpts instance is passed transparently. v1->v2: - NetLegacy::name is optional. Tracked it through all init functions: they all handle a NULL name. Updated commit message accordingly. v2->v3: - NetLegacy::id is allowed and takes precedence over NetLegacy::name. Signed-off-by: Laszlo Ersek <lersek@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-07-23hw, net: "net_client_type" -> "NetClientOptionsKind" (qapi-generated)Laszlo Ersek
NET_CLIENT_TYPE_ -> NET_CLIENT_OPTIONS_KIND_ Signed-off-by: Laszlo Ersek <lersek@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-06-15qmp: include monitor.h when neededPaolo Bonzini
This is needed to get file descriptors from SCM_RIGHTS. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
2012-06-04net: purge the monitor object from all init functionsLuiz Capitulino
The only backend that really uses it is the socket one, which calls monitor_get_fd(). But it can use 'cur_mon' instead. Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com> Reviewed-By: Laszlo Ersek <lersek@redhat.com>
2012-02-01Add support for net bridgeCorey Bryant
The most common use of -net tap is to connect a tap device to a bridge. This requires the use of a script and running qemu as root in order to allocate a tap device to pass to the script. This model is great for portability and flexibility but it's incredibly difficult to eliminate the need to run qemu as root. The only really viable mechanism is to use tunctl to create a tap device, attach it to a bridge as root, and then hand that tap device to qemu. The problem with this mechanism is that it requires administrator intervention whenever a user wants to create a guest. By essentially writing a helper that implements the most common qemu-ifup script that can be safely given cap_net_admin, we can dramatically simplify things for non-privileged users. We still support existing -net tap options as a mechanism for advanced users and backwards compatibility. Currently, this is very Linux centric but there's really no reason why it couldn't be extended for other Unixes. A typical invocation would be similar to one of the following: qemu linux.img -net bridge -net nic,model=virtio qemu linux.img -net tap,helper="/usr/local/libexec/qemu-bridge-helper" -net nic,model=virtio qemu linux.img -netdev bridge,id=hn0 -device virtio-net-pci,netdev=hn0,id=nic1 qemu linux.img -netdev tap,helper="/usr/local/libexec/qemu-bridge-helper",id=hn0 -device virtio-net-pci,netdev=hn0,id=nic1 The default bridge that we attach to is br0. The thinking is that a distro could preconfigure such an interface to allow out-of-the-box bridged networking. Alternatively, if a user wants to use a different bridge, a typical invocation would be simliar to one of the following: qemu linux.img -net bridge,br=qemubr0 -net nic,model=virtio qemu linux.img -net tap,helper="/usr/local/libexec/qemu-bridge-helper --br=qemubr0" -net nic,model=virtio qemu linux.img -netdev bridge,br=qemubr0,id=hn0 -device virtio-net-pci,netdev=hn0,id=nic1 qemu linux.img -netdev tap,helper="/usr/local/libexec/qemu-bridge-helper --br=qemubr0",id=hn0 -device virtio-net-pci,netdev=hn0,id=nic1 Signed-off-by: Anthony Liguori <aliguori@us.ibm.com> Signed-off-by: Richa Marwaha <rmarwah@linux.vnet.ibm.com> Signed-off-by: Corey Bryant <coreyb@linux.vnet.ibm.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-12-15network scripts: don't block SIGCHLD before forkingMichael Roth
This patch fixes a bug where child processes of launch_script() can misbehave due to SIGCHLD being blocked. In the case of `sudo`, this causes a permanent hang. Previously a SIGCHLD handler was added to reap fork_exec()'d zombie processes by calling waitpid(-1, ...). This required other fork()/waitpid() callers to temporarilly block SIGCHILD to avoid having the final wait status being intercepted by the SIGCHLD handler: 7c3370d4fe3fa6cda8655f109e4659afc8ca4269 Since then, the qemu_add_child_watch() interface was added to allow registration of such processes and reap only from that specific set of PIDs: 4d54ec7898bd951007cb6122d5315584bd41d0c4 As a result, we can now avoid blocking SIGCHLD in launch_script(), so drop that behavior. Reviewed-by: Jan Kiszka <jan.kiszka@siemens.com> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>