* [Qemu-devel] [PATCH v2 0/5] Marry slirp and qemu character device.
@ 2009-01-05 15:14 Gleb Natapov
2009-01-05 15:15 ` [Qemu-devel] [PATCH v2 1/5] Redirect slirp traffic to/from " Gleb Natapov
` (6 more replies)
0 siblings, 7 replies; 10+ messages in thread
From: Gleb Natapov @ 2009-01-05 15:14 UTC (permalink / raw)
To: qemu-devel
Trap TCP connection to special IP/port inside slirp and redirect its
traffic to a qemu character device. Add option to prevent connections
through slirp to outside world. Add migration support for "special"
sockets. This allow slirp to be used for secure communication between
host and guest management agents.
---
Gleb Natapov (5):
Add support for vmchannel socket migration.
Add "restrict" and "ip" option to "user" net option
Add slirp_restrict option.
Add vmchannel command line option.
Redirect slirp traffic to/from qemu character device.
net.c | 14 ++
slirp/bootp.c | 22 ++--
slirp/ip_input.c | 21 ++++
slirp/libslirp.h | 7 +
slirp/main.h | 3 +
slirp/misc.c | 2
slirp/sbuf.c | 2
slirp/slirp.c | 300 ++++++++++++++++++++++++++++++++++++++++++++++++++++-
slirp/socket.c | 99 ++++++++++++++---
slirp/socket.h | 2
slirp/tcp_input.c | 11 ++
slirp/tcp_subr.c | 5 +
slirp/udp.c | 3 +
vl.c | 75 +++++++++++++
14 files changed, 524 insertions(+), 42 deletions(-)
--
Gleb.
^ permalink raw reply [flat|nested] 10+ messages in thread
* [Qemu-devel] [PATCH v2 1/5] Redirect slirp traffic to/from qemu character device.
2009-01-05 15:14 [Qemu-devel] [PATCH v2 0/5] Marry slirp and qemu character device Gleb Natapov
@ 2009-01-05 15:15 ` Gleb Natapov
2009-01-07 16:52 ` Anthony Liguori
2009-01-05 15:15 ` [Qemu-devel] [PATCH v2 2/5] Add vmchannel command line option Gleb Natapov
` (5 subsequent siblings)
6 siblings, 1 reply; 10+ messages in thread
From: Gleb Natapov @ 2009-01-05 15:15 UTC (permalink / raw)
To: qemu-devel
Signed-off-by: Gleb Natapov <gleb@redhat.com>
---
slirp/libslirp.h | 5 ++-
slirp/main.h | 1 +
slirp/misc.c | 2 +
slirp/sbuf.c | 2 +
slirp/slirp.c | 62 +++++++++++++++++++++++++++++++++-
slirp/socket.c | 99 +++++++++++++++++++++++++++++++++++++++++++-----------
slirp/socket.h | 2 +
slirp/tcp_subr.c | 5 +++
8 files changed, 154 insertions(+), 24 deletions(-)
diff --git a/slirp/libslirp.h b/slirp/libslirp.h
index 7e4cfa9..16a817a 100644
--- a/slirp/libslirp.h
+++ b/slirp/libslirp.h
@@ -20,13 +20,16 @@ void slirp_output(const uint8_t *pkt, int pkt_len);
int slirp_redir(int is_udp, int host_port,
struct in_addr guest_addr, int guest_port);
-int slirp_add_exec(int do_pty, const char *args, int addr_low_byte,
+int slirp_add_exec(int do_pty, const void *args, int addr_low_byte,
int guest_port);
extern const char *tftp_prefix;
extern char slirp_hostname[33];
void slirp_stats(void);
+void slirp_socket_recv(int addr_low_byte, int guest_port, const uint8_t *buf,
+ int size);
+size_t slirp_socket_can_recv(int addr_low_byte, int guest_port);
#ifdef __cplusplus
}
diff --git a/slirp/main.h b/slirp/main.h
index c01adda..3ef2996 100644
--- a/slirp/main.h
+++ b/slirp/main.h
@@ -51,3 +51,4 @@ extern uint8_t client_ethaddr[6];
#endif
void if_encap(const uint8_t *ip_data, int ip_data_len);
+ssize_t slirp_send(struct socket *so, const void *buf, size_t len, int flags);
diff --git a/slirp/misc.c b/slirp/misc.c
index 9ff3176..1ec8b55 100644
--- a/slirp/misc.c
+++ b/slirp/misc.c
@@ -169,7 +169,7 @@ add_exec(ex_ptr, do_pty, exec, addr, port)
(*ex_ptr)->ex_fport = port;
(*ex_ptr)->ex_addr = addr;
(*ex_ptr)->ex_pty = do_pty;
- (*ex_ptr)->ex_exec = strdup(exec);
+ (*ex_ptr)->ex_exec = (do_pty == 3) ? exec : strdup(exec);
(*ex_ptr)->ex_next = tmp_ptr;
return 0;
}
diff --git a/slirp/sbuf.c b/slirp/sbuf.c
index b0e0838..2e6e2b2 100644
--- a/slirp/sbuf.c
+++ b/slirp/sbuf.c
@@ -108,7 +108,7 @@ sbappend(so, m)
* ottherwise it'll arrive out of order, and hence corrupt
*/
if (!so->so_rcv.sb_cc)
- ret = send(so->s, m->m_data, m->m_len, 0);
+ ret = slirp_send(so, m->m_data, m->m_len, 0);
if (ret <= 0) {
/*
diff --git a/slirp/slirp.c b/slirp/slirp.c
index 17b40e2..e3fe80b 100644
--- a/slirp/slirp.c
+++ b/slirp/slirp.c
@@ -736,9 +736,69 @@ int slirp_redir(int is_udp, int host_port,
return 0;
}
-int slirp_add_exec(int do_pty, const char *args, int addr_low_byte,
+int slirp_add_exec(int do_pty, const void *args, int addr_low_byte,
int guest_port)
{
return add_exec(&exec_list, do_pty, (char *)args,
addr_low_byte, htons(guest_port));
}
+
+ssize_t slirp_send(struct socket *so, const void *buf, size_t len, int flags)
+{
+ if (so->s == -1 && so->extra) {
+ qemu_chr_write(so->extra, buf, len);
+ return len;
+ }
+
+ return send(so->s, buf, len, flags);
+}
+
+static struct socket *slirp_find_ctl_socket(int addr_low_byte, int guest_port)
+{
+ struct socket *so;
+
+ for (so = tcb.so_next; so != &tcb; so = so->so_next) {
+ if ((so->so_faddr.s_addr & htonl(0xffffff00)) ==
+ special_addr.s_addr
+ && (ntohl(so->so_faddr.s_addr) & 0xff) ==
+ addr_low_byte
+ && htons(so->so_fport) == guest_port)
+ return so;
+ }
+
+ return NULL;
+}
+
+size_t slirp_socket_can_recv(int addr_low_byte, int guest_port)
+{
+ struct iovec iov[2];
+ struct socket *so;
+
+ if (!link_up)
+ return 0;
+
+ so = slirp_find_ctl_socket(addr_low_byte, guest_port);
+
+ if (!so || so->so_state & SS_NOFDREF)
+ return 0;
+
+ if (!CONN_CANFRCV(so) || so->so_snd.sb_cc >= (so->so_snd.sb_datalen/2))
+ return 0;
+
+ return sopreprbuf(so, iov, NULL);
+}
+
+void slirp_socket_recv(int addr_low_byte, int guest_port, const uint8_t *buf,
+ int size)
+{
+ int ret;
+ struct socket *so = slirp_find_ctl_socket(addr_low_byte, guest_port);
+
+ if (!so)
+ return;
+
+ ret = soreadbuf(so, buf, size);
+
+ if (ret > 0)
+ tcp_output(sototcpcb(so));
+}
diff --git a/slirp/socket.c b/slirp/socket.c
index 00694e2..a45be82 100644
--- a/slirp/socket.c
+++ b/slirp/socket.c
@@ -91,31 +91,21 @@ sofree(so)
free(so);
}
-/*
- * Read from so's socket into sb_snd, updating all relevant sbuf fields
- * NOTE: This will only be called if it is select()ed for reading, so
- * a read() of 0 (or less) means it's disconnected
- */
-int
-soread(so)
- struct socket *so;
+size_t sopreprbuf(struct socket *so, struct iovec *iov, int *np)
{
- int n, nn, lss, total;
+ int n, lss, total;
struct sbuf *sb = &so->so_snd;
int len = sb->sb_datalen - sb->sb_cc;
- struct iovec iov[2];
int mss = so->so_tcpcb->t_maxseg;
- DEBUG_CALL("soread");
+ DEBUG_CALL("sopreprbuf");
DEBUG_ARG("so = %lx", (long )so);
- /*
- * No need to check if there's enough room to read.
- * soread wouldn't have been called if there weren't
- */
-
len = sb->sb_datalen - sb->sb_cc;
+ if (len <= 0)
+ return 0;
+
iov[0].iov_base = sb->sb_wptr;
iov[1].iov_base = NULL;
iov[1].iov_len = 0;
@@ -156,6 +146,33 @@ soread(so)
n = 1;
}
}
+ if (np)
+ *np = n;
+
+ return iov[0].iov_len + (n - 1) * iov[1].iov_len;
+}
+
+/*
+ * Read from so's socket into sb_snd, updating all relevant sbuf fields
+ * NOTE: This will only be called if it is select()ed for reading, so
+ * a read() of 0 (or less) means it's disconnected
+ */
+int
+soread(so)
+ struct socket *so;
+{
+ int n, nn;
+ struct sbuf *sb = &so->so_snd;
+ struct iovec iov[2];
+
+ DEBUG_CALL("soread");
+ DEBUG_ARG("so = %lx", (long )so);
+
+ /*
+ * No need to check if there's enough room to read.
+ * soread wouldn't have been called if there weren't
+ */
+ sopreprbuf(so, iov, &n);
#ifdef HAVE_READV
nn = readv(so->s, (struct iovec *)iov, n);
@@ -202,6 +219,48 @@ soread(so)
return nn;
}
+int soreadbuf(struct socket *so, const char *buf, int size)
+{
+ int n, nn, copy = size;
+ struct sbuf *sb = &so->so_snd;
+ struct iovec iov[2];
+
+ DEBUG_CALL("soreadbuf");
+ DEBUG_ARG("so = %lx", (long )so);
+
+ /*
+ * No need to check if there's enough room to read.
+ * soread wouldn't have been called if there weren't
+ */
+ if (sopreprbuf(so, iov, &n) < size)
+ goto err;
+
+ nn = MIN(iov[0].iov_len, copy);
+ memcpy(iov[0].iov_base, buf, nn);
+
+ copy -= nn;
+ buf += nn;
+
+ if (copy == 0)
+ goto done;
+
+ memcpy(iov[1].iov_base, buf, copy);
+
+done:
+ /* Update fields */
+ sb->sb_cc += size;
+ sb->sb_wptr += size;
+ if (sb->sb_wptr >= (sb->sb_data + sb->sb_datalen))
+ sb->sb_wptr -= sb->sb_datalen;
+ return size;
+err:
+
+ sofcantrcvmore(so);
+ tcp_sockclosed(sototcpcb(so));
+ fprintf(stderr, "soreadbuf buffer to small");
+ return -1;
+}
+
/*
* Get urgent data
*
@@ -255,7 +314,7 @@ sosendoob(so)
if (sb->sb_rptr < sb->sb_wptr) {
/* We can send it directly */
- n = send(so->s, sb->sb_rptr, so->so_urgc, (MSG_OOB)); /* |MSG_DONTWAIT)); */
+ n = slirp_send(so, sb->sb_rptr, so->so_urgc, (MSG_OOB)); /* |MSG_DONTWAIT)); */
so->so_urgc -= n;
DEBUG_MISC((dfd, " --- sent %d bytes urgent data, %d urgent bytes left\n", n, so->so_urgc));
@@ -276,7 +335,7 @@ sosendoob(so)
so->so_urgc -= n;
len += n;
}
- n = send(so->s, buff, len, (MSG_OOB)); /* |MSG_DONTWAIT)); */
+ n = slirp_send(so, buff, len, (MSG_OOB)); /* |MSG_DONTWAIT)); */
#ifdef DEBUG
if (n != len)
DEBUG_ERROR((dfd, "Didn't send all data urgently XXXXX\n"));
@@ -348,7 +407,7 @@ sowrite(so)
DEBUG_MISC((dfd, " ... wrote nn = %d bytes\n", nn));
#else
- nn = send(so->s, iov[0].iov_base, iov[0].iov_len,0);
+ nn = slirp_send(so, iov[0].iov_base, iov[0].iov_len,0);
#endif
/* This should never happen, but people tell me it does *shrug* */
if (nn < 0 && (errno == EAGAIN || errno == EINTR))
@@ -365,7 +424,7 @@ sowrite(so)
#ifndef HAVE_READV
if (n == 2 && nn == iov[0].iov_len) {
int ret;
- ret = send(so->s, iov[1].iov_base, iov[1].iov_len,0);
+ ret = slirp_send(so, iov[1].iov_base, iov[1].iov_len,0);
if (ret > 0)
nn += ret;
}
diff --git a/slirp/socket.h b/slirp/socket.h
index 5edea90..72b473d 100644
--- a/slirp/socket.h
+++ b/slirp/socket.h
@@ -87,5 +87,7 @@ void soisfconnecting _P((register struct socket *));
void soisfconnected _P((register struct socket *));
void soisfdisconnected _P((struct socket *));
void sofwdrain _P((struct socket *));
+size_t sopreprbuf(struct socket *so, struct iovec *iov, int *np);
+int soreadbuf(struct socket *so, const char *buf, int size);
#endif /* _SOCKET_H_ */
diff --git a/slirp/tcp_subr.c b/slirp/tcp_subr.c
index bce07a6..12abebe 100644
--- a/slirp/tcp_subr.c
+++ b/slirp/tcp_subr.c
@@ -1281,6 +1281,11 @@ tcp_ctl(so)
for (ex_ptr = exec_list; ex_ptr; ex_ptr = ex_ptr->ex_next) {
if (ex_ptr->ex_fport == so->so_fport &&
command == ex_ptr->ex_addr) {
+ if (ex_ptr->ex_pty == 3) {
+ so->s = -1;
+ so->extra = ex_ptr->ex_exec;
+ return 1;
+ }
do_pty = ex_ptr->ex_pty;
goto do_exec;
}
^ permalink raw reply related [flat|nested] 10+ messages in thread
* [Qemu-devel] [PATCH v2 2/5] Add vmchannel command line option.
2009-01-05 15:14 [Qemu-devel] [PATCH v2 0/5] Marry slirp and qemu character device Gleb Natapov
2009-01-05 15:15 ` [Qemu-devel] [PATCH v2 1/5] Redirect slirp traffic to/from " Gleb Natapov
@ 2009-01-05 15:15 ` Gleb Natapov
2009-01-05 15:15 ` [Qemu-devel] [PATCH v2 3/5] Add slirp_restrict option Gleb Natapov
` (4 subsequent siblings)
6 siblings, 0 replies; 10+ messages in thread
From: Gleb Natapov @ 2009-01-05 15:15 UTC (permalink / raw)
To: qemu-devel
Signed-off-by: Gleb Natapov <gleb@redhat.com>
---
vl.c | 75 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
1 files changed, 74 insertions(+), 1 deletions(-)
diff --git a/vl.c b/vl.c
index 07740f5..f9dc31a 100644
--- a/vl.c
+++ b/vl.c
@@ -207,6 +207,13 @@ static int full_screen = 0;
static int no_frame = 0;
#endif
int no_quit = 0;
+#if defined(CONFIG_SLIRP)
+#define MAX_VMCHANNEL_DEVICES 4
+struct VMChannel {
+ CharDriverState *hd;
+ int port;
+} vmchannel_hds[MAX_VMCHANNEL_DEVICES];
+#endif
CharDriverState *serial_hds[MAX_SERIAL_PORTS];
CharDriverState *parallel_hds[MAX_PARALLEL_PORTS];
#ifdef TARGET_I386
@@ -3932,6 +3939,9 @@ static void help(int exitcode)
"-monitor dev redirect the monitor to char device 'dev'\n"
"-serial dev redirect the serial port to char device 'dev'\n"
"-parallel dev redirect the parallel port to char device 'dev'\n"
+#if defined(CONFIG_SLIRP)
+ "-vmchannel di:DI,dev redirect the vmchannel device with device id DI, to char device 'dev'\n"
+#endif
"-pidfile file Write PID to 'file'\n"
"-S freeze CPU at startup (use 'c' to start execution)\n"
"-s wait gdb connection to port\n"
@@ -4046,6 +4056,9 @@ enum {
QEMU_OPTION_monitor,
QEMU_OPTION_serial,
QEMU_OPTION_parallel,
+#if defined(CONFIG_SLIRP)
+ QEMU_OPTION_vmchannel,
+#endif
QEMU_OPTION_loadvm,
QEMU_OPTION_full_screen,
QEMU_OPTION_no_frame,
@@ -4155,6 +4168,9 @@ static const QEMUOption qemu_options[] = {
{ "monitor", HAS_ARG, QEMU_OPTION_monitor },
{ "serial", HAS_ARG, QEMU_OPTION_serial },
{ "parallel", HAS_ARG, QEMU_OPTION_parallel },
+#if defined(CONFIG_SLIRP)
+ { "vmchannel", 1, QEMU_OPTION_vmchannel },
+#endif
{ "loadvm", HAS_ARG, QEMU_OPTION_loadvm },
{ "full-screen", 0, QEMU_OPTION_full_screen },
#ifdef CONFIG_SDL
@@ -4453,6 +4469,20 @@ static void termsig_setup(void)
#endif
+#if defined(CONFIG_SLIRP)
+static int vmchannel_can_read(void *opaque)
+{
+ struct VMChannel *vmc = (struct VMChannel*)opaque;
+ return slirp_socket_can_recv(4, vmc->port);
+}
+
+static void vmchannel_read(void *opaque, const uint8_t *buf, int size)
+{
+ struct VMChannel *vmc = (struct VMChannel*)opaque;
+ slirp_socket_recv(4, vmc->port, buf, size);
+}
+#endif
+
int main(int argc, char **argv, char **envp)
{
#ifdef CONFIG_GDBSTUB
@@ -4480,6 +4510,8 @@ int main(int argc, char **argv, char **envp)
int serial_device_index;
const char *parallel_devices[MAX_PARALLEL_PORTS];
int parallel_device_index;
+ char *vmchannel_devices[MAX_VMCHANNEL_DEVICES];
+ int vmchannel_device_index;
const char *loadvm = NULL;
QEMUMachine *machine;
const char *cpu_model;
@@ -4553,6 +4585,10 @@ int main(int argc, char **argv, char **envp)
parallel_devices[i] = NULL;
parallel_device_index = 0;
+ for(i = 0; i < MAX_VMCHANNEL_DEVICES; i++)
+ vmchannel_devices[i] = NULL;
+ vmchannel_device_index = 0;
+
usb_devices_index = 0;
nb_net_clients = 0;
@@ -4947,7 +4983,15 @@ int main(int argc, char **argv, char **envp)
parallel_devices[parallel_device_index] = optarg;
parallel_device_index++;
break;
- case QEMU_OPTION_loadvm:
+#if defined(CONFIG_SLIRP)
+ case QEMU_OPTION_vmchannel:
+ if (vmchannel_device_index >= MAX_VMCHANNEL_DEVICES) {
+ fprintf(stderr, "qemu: too many vmchannel devices\n");
+ exit(1);
+ }
+ vmchannel_devices[vmchannel_device_index++] = optarg;
+#endif
+ case QEMU_OPTION_loadvm:
loadvm = optarg;
break;
case QEMU_OPTION_full_screen:
@@ -5452,6 +5496,35 @@ int main(int argc, char **argv, char **envp)
}
}
+#if defined(CONFIG_SLIRP)
+ for(i = 0; i < vmchannel_device_index; i++) {
+ char *devname = vmchannel_devices[i];
+ long port;
+ char name[20];
+
+ if (!devname)
+ continue;
+
+ port = strtol(devname, &devname, 10);
+ devname++;
+ if (port < 1 || port > 65535) {
+ fprintf(stderr, "vmchannel: wrong port number\n");
+ exit(1);
+ }
+ snprintf(name, 20, "vmchannel%ld\n", port);
+ vmchannel_hds[i].hd = qemu_chr_open(name, devname);
+ if (!vmchannel_hds[i].hd) {
+ fprintf(stderr, "qemu: could not open vmchannel device '%s'\n",
+ devname);
+ exit(1);
+ }
+ vmchannel_hds[i].port = port;
+ slirp_add_exec(3, vmchannel_hds[i].hd, 4, port);
+ qemu_chr_add_handlers(vmchannel_hds[i].hd, vmchannel_can_read,
+ vmchannel_read, NULL, &vmchannel_hds[i]);
+ }
+#endif
+
machine->init(ram_size, vga_ram_size, boot_devices, ds,
kernel_filename, kernel_cmdline, initrd_filename, cpu_model);
^ permalink raw reply related [flat|nested] 10+ messages in thread
* [Qemu-devel] [PATCH v2 3/5] Add slirp_restrict option.
2009-01-05 15:14 [Qemu-devel] [PATCH v2 0/5] Marry slirp and qemu character device Gleb Natapov
2009-01-05 15:15 ` [Qemu-devel] [PATCH v2 1/5] Redirect slirp traffic to/from " Gleb Natapov
2009-01-05 15:15 ` [Qemu-devel] [PATCH v2 2/5] Add vmchannel command line option Gleb Natapov
@ 2009-01-05 15:15 ` Gleb Natapov
2009-01-05 15:15 ` [Qemu-devel] [PATCH v2 4/5] Add "restrict" and "ip" option to "user" net option Gleb Natapov
` (3 subsequent siblings)
6 siblings, 0 replies; 10+ messages in thread
From: Gleb Natapov @ 2009-01-05 15:15 UTC (permalink / raw)
To: qemu-devel
Add "slirp firewall" to permit connection only to vmchannel addresses.
Signed-off-by: Gleb Natapov <gleb@redhat.com>
---
net.c | 6 +++---
slirp/bootp.c | 22 ++++++++++++----------
slirp/ip_input.c | 21 +++++++++++++++++++++
slirp/libslirp.h | 2 +-
slirp/main.h | 2 ++
slirp/slirp.c | 10 ++++++++--
slirp/tcp_input.c | 11 ++++++++++-
slirp/udp.c | 3 +++
8 files changed, 60 insertions(+), 17 deletions(-)
diff --git a/net.c b/net.c
index c49abef..3fa8776 100644
--- a/net.c
+++ b/net.c
@@ -446,7 +446,7 @@ static int net_slirp_init(VLANState *vlan)
{
if (!slirp_inited) {
slirp_inited = 1;
- slirp_init();
+ slirp_init(0, NULL);
}
slirp_vc = qemu_new_vlan_client(vlan,
slirp_receive, NULL, NULL);
@@ -464,7 +464,7 @@ void net_slirp_redir(const char *redir_str)
if (!slirp_inited) {
slirp_inited = 1;
- slirp_init();
+ slirp_init(0, NULL);
}
p = redir_str;
@@ -550,7 +550,7 @@ void net_slirp_smb(const char *exported_dir)
if (!slirp_inited) {
slirp_inited = 1;
- slirp_init();
+ slirp_init(0, NULL);
}
/* XXX: better tmp dir construction */
diff --git a/slirp/bootp.c b/slirp/bootp.c
index 750fae3..bf704ab 100644
--- a/slirp/bootp.c
+++ b/slirp/bootp.c
@@ -219,16 +219,18 @@ static void bootp_reply(struct bootp_t *bp)
*q++ = 0xff;
*q++ = 0x00;
- *q++ = RFC1533_GATEWAY;
- *q++ = 4;
- memcpy(q, &saddr.sin_addr, 4);
- q += 4;
-
- *q++ = RFC1533_DNS;
- *q++ = 4;
- dns_addr.s_addr = htonl(ntohl(special_addr.s_addr) | CTL_DNS);
- memcpy(q, &dns_addr, 4);
- q += 4;
+ if (!slirp_restrict) {
+ *q++ = RFC1533_GATEWAY;
+ *q++ = 4;
+ memcpy(q, &saddr.sin_addr, 4);
+ q += 4;
+
+ *q++ = RFC1533_DNS;
+ *q++ = 4;
+ dns_addr.s_addr = htonl(ntohl(special_addr.s_addr) | CTL_DNS);
+ memcpy(q, &dns_addr, 4);
+ q += 4;
+ }
*q++ = RFC2132_LEASE_TIME;
*q++ = 4;
diff --git a/slirp/ip_input.c b/slirp/ip_input.c
index b046840..73cb00e 100644
--- a/slirp/ip_input.c
+++ b/slirp/ip_input.c
@@ -136,6 +136,27 @@ ip_input(m)
STAT(ipstat.ips_tooshort++);
goto bad;
}
+
+ if (slirp_restrict) {
+ if (memcmp(&ip->ip_dst.s_addr, &special_addr, 3)) {
+ if (ip->ip_dst.s_addr == 0xffffffff && ip->ip_p != IPPROTO_UDP)
+ goto bad;
+ } else {
+ int host = ntohl(ip->ip_dst.s_addr) & 0xff;
+ struct ex_list *ex_ptr;
+
+ if (host == 0xff)
+ goto bad;
+
+ for (ex_ptr = exec_list; ex_ptr; ex_ptr = ex_ptr->ex_next)
+ if (ex_ptr->ex_addr == host)
+ break;
+
+ if (!ex_ptr)
+ goto bad;
+ }
+ }
+
/* Should drop packet if mbuf too long? hmmm... */
if (m->m_len > ip->ip_len)
m_adj(m, ip->ip_len - m->m_len);
diff --git a/slirp/libslirp.h b/slirp/libslirp.h
index 16a817a..6c5db54 100644
--- a/slirp/libslirp.h
+++ b/slirp/libslirp.h
@@ -5,7 +5,7 @@
extern "C" {
#endif
-void slirp_init(void);
+void slirp_init(int restrict, char *special_ip);
void slirp_select_fill(int *pnfds,
fd_set *readfds, fd_set *writefds, fd_set *xfds);
diff --git a/slirp/main.h b/slirp/main.h
index 3ef2996..b492614 100644
--- a/slirp/main.h
+++ b/slirp/main.h
@@ -44,6 +44,8 @@ extern int towrite_max;
extern int ppp_exit;
extern int tcp_keepintvl;
extern uint8_t client_ethaddr[6];
+extern char *slirp_special_ip;
+extern int slirp_restrict;
#define PROTO_SLIP 0x1
#ifdef USE_PPP
diff --git a/slirp/slirp.c b/slirp/slirp.c
index e3fe80b..8304151 100644
--- a/slirp/slirp.c
+++ b/slirp/slirp.c
@@ -45,6 +45,8 @@ static struct in_addr client_ipaddr;
static const uint8_t zero_ethaddr[6] = { 0, 0, 0, 0, 0, 0 };
+char *slirp_special_ip = CTL_SPECIAL;
+int slirp_restrict;
int do_slowtimo;
int link_up;
struct timeval tt;
@@ -163,7 +165,7 @@ static void slirp_cleanup(void)
}
#endif
-void slirp_init(void)
+void slirp_init(int restrict, char *special_ip)
{
// debug_init("/tmp/slirp.log", DEBUG_DEFAULT);
@@ -176,6 +178,7 @@ void slirp_init(void)
#endif
link_up = 1;
+ slirp_restrict = restrict;
if_init();
ip_init();
@@ -191,7 +194,10 @@ void slirp_init(void)
fprintf (stderr, "Warning: No DNS servers found\n");
}
- inet_aton(CTL_SPECIAL, &special_addr);
+ if (special_ip)
+ slirp_special_ip = special_ip;
+
+ inet_aton(slirp_special_ip, &special_addr);
alias_addr.s_addr = special_addr.s_addr | htonl(CTL_ALIAS);
getouraddr();
}
diff --git a/slirp/tcp_input.c b/slirp/tcp_input.c
index 17a9387..408875e 100644
--- a/slirp/tcp_input.c
+++ b/slirp/tcp_input.c
@@ -253,6 +253,7 @@ tcp_input(m, iphlen, inso)
u_long tiwin;
int ret;
/* int ts_present = 0; */
+ struct ex_list *ex_ptr;
DEBUG_CALL("tcp_input");
DEBUG_ARGS((dfd," m = %8lx iphlen = %2d inso = %lx\n",
@@ -363,6 +364,15 @@ tcp_input(m, iphlen, inso)
m->m_data += sizeof(struct tcpiphdr)+off-sizeof(struct tcphdr);
m->m_len -= sizeof(struct tcpiphdr)+off-sizeof(struct tcphdr);
+ if (slirp_restrict) {
+ for (ex_ptr = exec_list; ex_ptr; ex_ptr = ex_ptr->ex_next)
+ if (ex_ptr->ex_fport == ti->ti_dport &&
+ (ntohl(ti->ti_dst.s_addr) & 0xff) == ex_ptr->ex_addr)
+ break;
+
+ if (!ex_ptr)
+ goto drop;
+ }
/*
* Locate pcb for segment.
*/
@@ -646,7 +656,6 @@ findso:
#endif
{
/* May be an add exec */
- struct ex_list *ex_ptr;
for(ex_ptr = exec_list; ex_ptr; ex_ptr = ex_ptr->ex_next) {
if(ex_ptr->ex_fport == so->so_fport &&
lastbyte == ex_ptr->ex_addr) {
diff --git a/slirp/udp.c b/slirp/udp.c
index 8030326..ca353b7 100644
--- a/slirp/udp.c
+++ b/slirp/udp.c
@@ -158,6 +158,9 @@ udp_input(m, iphlen)
goto bad;
}
+ if (slirp_restrict)
+ goto bad;
+
/*
* handle TFTP
*/
^ permalink raw reply related [flat|nested] 10+ messages in thread
* [Qemu-devel] [PATCH v2 4/5] Add "restrict" and "ip" option to "user" net option
2009-01-05 15:14 [Qemu-devel] [PATCH v2 0/5] Marry slirp and qemu character device Gleb Natapov
` (2 preceding siblings ...)
2009-01-05 15:15 ` [Qemu-devel] [PATCH v2 3/5] Add slirp_restrict option Gleb Natapov
@ 2009-01-05 15:15 ` Gleb Natapov
2009-01-05 15:15 ` [Qemu-devel] [PATCH v2 5/5] Add support for vmchannel socket migration Gleb Natapov
` (2 subsequent siblings)
6 siblings, 0 replies; 10+ messages in thread
From: Gleb Natapov @ 2009-01-05 15:15 UTC (permalink / raw)
To: qemu-devel
Expose new slirp capabilities to user through a command line options.
Signed-off-by: Gleb Natapov <gleb@redhat.com>
---
net.c | 14 +++++++++++---
1 files changed, 11 insertions(+), 3 deletions(-)
diff --git a/net.c b/net.c
index 3fa8776..6af4255 100644
--- a/net.c
+++ b/net.c
@@ -410,6 +410,8 @@ ssize_t qemu_sendv_packet(VLANClientState *vc1, const struct iovec *iov,
/* slirp network adapter */
static int slirp_inited;
+static int slirp_restrict;
+static char *slirp_ip;
static VLANClientState *slirp_vc;
int slirp_can_output(void)
@@ -446,7 +448,7 @@ static int net_slirp_init(VLANState *vlan)
{
if (!slirp_inited) {
slirp_inited = 1;
- slirp_init(0, NULL);
+ slirp_init(slirp_restrict, slirp_ip);
}
slirp_vc = qemu_new_vlan_client(vlan,
slirp_receive, NULL, NULL);
@@ -464,7 +466,7 @@ void net_slirp_redir(const char *redir_str)
if (!slirp_inited) {
slirp_inited = 1;
- slirp_init(0, NULL);
+ slirp_init(slirp_restrict, slirp_ip);
}
p = redir_str;
@@ -550,7 +552,7 @@ void net_slirp_smb(const char *exported_dir)
if (!slirp_inited) {
slirp_inited = 1;
- slirp_init(0, NULL);
+ slirp_init(slirp_restrict, slirp_ip);
}
/* XXX: better tmp dir construction */
@@ -1487,6 +1489,12 @@ int net_client_init(const char *device, const char *p)
if (get_param_value(buf, sizeof(buf), "hostname", p)) {
pstrcpy(slirp_hostname, sizeof(slirp_hostname), buf);
}
+ if (get_param_value(buf, sizeof(buf), "restrict", p)) {
+ slirp_restrict = (buf[0] == 'y') ? 1 : 0;
+ }
+ if (get_param_value(buf, sizeof(buf), "ip", p)) {
+ slirp_ip = strdup(buf);
+ }
vlan->nb_host_devs++;
ret = net_slirp_init(vlan);
} else
^ permalink raw reply related [flat|nested] 10+ messages in thread
* [Qemu-devel] [PATCH v2 5/5] Add support for vmchannel socket migration.
2009-01-05 15:14 [Qemu-devel] [PATCH v2 0/5] Marry slirp and qemu character device Gleb Natapov
` (3 preceding siblings ...)
2009-01-05 15:15 ` [Qemu-devel] [PATCH v2 4/5] Add "restrict" and "ip" option to "user" net option Gleb Natapov
@ 2009-01-05 15:15 ` Gleb Natapov
2009-01-05 15:35 ` [Qemu-devel] [PATCH v2 0/5] Marry slirp and qemu character device Anthony Liguori
2009-01-05 15:38 ` Anthony Liguori
6 siblings, 0 replies; 10+ messages in thread
From: Gleb Natapov @ 2009-01-05 15:15 UTC (permalink / raw)
To: qemu-devel
Signed-off-by: Gleb Natapov <gleb@redhat.com>
---
slirp/slirp.c | 228 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 228 insertions(+), 0 deletions(-)
diff --git a/slirp/slirp.c b/slirp/slirp.c
index 8304151..f9eff44 100644
--- a/slirp/slirp.c
+++ b/slirp/slirp.c
@@ -22,6 +22,8 @@
* THE SOFTWARE.
*/
#include "slirp.h"
+#include "qemu-common.h"
+#include "hw/hw.h"
/* host address */
struct in_addr our_addr;
@@ -165,6 +167,9 @@ static void slirp_cleanup(void)
}
#endif
+static void slirp_state_save(QEMUFile *f, void *opaque);
+static int slirp_state_load(QEMUFile *f, void *opaque, int version_id);
+
void slirp_init(int restrict, char *special_ip)
{
// debug_init("/tmp/slirp.log", DEBUG_DEFAULT);
@@ -200,6 +205,7 @@ void slirp_init(int restrict, char *special_ip)
inet_aton(slirp_special_ip, &special_addr);
alias_addr.s_addr = special_addr.s_addr | htonl(CTL_ALIAS);
getouraddr();
+ register_savevm("slirp", 0, 1, slirp_state_save, slirp_state_load, NULL);
}
#define CONN_CANFSEND(so) (((so)->so_state & (SS_FCANTSENDMORE|SS_ISFCONNECTED)) == SS_ISFCONNECTED)
@@ -808,3 +814,225 @@ void slirp_socket_recv(int addr_low_byte, int guest_port, const uint8_t *buf,
if (ret > 0)
tcp_output(sototcpcb(so));
}
+
+static void slirp_tcp_save(QEMUFile *f, struct tcpcb *tp)
+{
+ int i;
+
+ qemu_put_sbe16(f, tp->t_state);
+ for (i = 0; i < TCPT_NTIMERS; i++)
+ qemu_put_sbe16(f, tp->t_timer[i]);
+ qemu_put_sbe16(f, tp->t_rxtshift);
+ qemu_put_sbe16(f, tp->t_rxtcur);
+ qemu_put_sbe16(f, tp->t_dupacks);
+ qemu_put_be16(f, tp->t_maxseg);
+ qemu_put_sbyte(f, tp->t_force);
+ qemu_put_be16(f, tp->t_flags);
+ qemu_put_be32(f, tp->snd_una);
+ qemu_put_be32(f, tp->snd_nxt);
+ qemu_put_be32(f, tp->snd_up);
+ qemu_put_be32(f, tp->snd_wl1);
+ qemu_put_be32(f, tp->snd_wl2);
+ qemu_put_be32(f, tp->iss);
+ qemu_put_be32(f, tp->snd_wnd);
+ qemu_put_be32(f, tp->rcv_wnd);
+ qemu_put_be32(f, tp->rcv_nxt);
+ qemu_put_be32(f, tp->rcv_up);
+ qemu_put_be32(f, tp->irs);
+ qemu_put_be32(f, tp->rcv_adv);
+ qemu_put_be32(f, tp->snd_max);
+ qemu_put_be32(f, tp->snd_cwnd);
+ qemu_put_be32(f, tp->snd_ssthresh);
+ qemu_put_sbe16(f, tp->t_idle);
+ qemu_put_sbe16(f, tp->t_rtt);
+ qemu_put_be32(f, tp->t_rtseq);
+ qemu_put_sbe16(f, tp->t_srtt);
+ qemu_put_sbe16(f, tp->t_rttvar);
+ qemu_put_be16(f, tp->t_rttmin);
+ qemu_put_be32(f, tp->max_sndwnd);
+ qemu_put_byte(f, tp->t_oobflags);
+ qemu_put_byte(f, tp->t_iobc);
+ qemu_put_sbe16(f, tp->t_softerror);
+ qemu_put_byte(f, tp->snd_scale);
+ qemu_put_byte(f, tp->rcv_scale);
+ qemu_put_byte(f, tp->request_r_scale);
+ qemu_put_byte(f, tp->requested_s_scale);
+ qemu_put_be32(f, tp->ts_recent);
+ qemu_put_be32(f, tp->ts_recent_age);
+ qemu_put_be32(f, tp->last_ack_sent);
+}
+
+static void slirp_sbuf_save(QEMUFile *f, struct sbuf *sbuf)
+{
+ uint32_t off;
+
+ qemu_put_be32(f, sbuf->sb_cc);
+ qemu_put_be32(f, sbuf->sb_datalen);
+ off = (uint32_t)(sbuf->sb_wptr - sbuf->sb_data);
+ qemu_put_sbe32(f, off);
+ off = (uint32_t)(sbuf->sb_rptr - sbuf->sb_data);
+ qemu_put_sbe32(f, off);
+ qemu_put_buffer(f, (unsigned char*)sbuf->sb_data, sbuf->sb_datalen);
+}
+
+static void slirp_socket_save(QEMUFile *f, struct socket *so)
+{
+ qemu_put_be32(f, so->so_urgc);
+ qemu_put_be32(f, so->so_faddr.s_addr);
+ qemu_put_be32(f, so->so_laddr.s_addr);
+ qemu_put_be16(f, so->so_fport);
+ qemu_put_be16(f, so->so_lport);
+ qemu_put_byte(f, so->so_iptos);
+ qemu_put_byte(f, so->so_emu);
+ qemu_put_byte(f, so->so_type);
+ qemu_put_be32(f, so->so_state);
+ slirp_sbuf_save(f, &so->so_rcv);
+ slirp_sbuf_save(f, &so->so_snd);
+ slirp_tcp_save(f, so->so_tcpcb);
+}
+
+static void slirp_state_save(QEMUFile *f, void *opaque)
+{
+ struct ex_list *ex_ptr;
+
+ for (ex_ptr = exec_list; ex_ptr; ex_ptr = ex_ptr->ex_next)
+ if (ex_ptr->ex_pty == 3) {
+ struct socket *so;
+ so = slirp_find_ctl_socket(ex_ptr->ex_addr, ntohs(ex_ptr->ex_fport));
+ if (!so)
+ continue;
+
+ qemu_put_byte(f, 42);
+ slirp_socket_save(f, so);
+ }
+ qemu_put_byte(f, 0);
+}
+
+static void slirp_tcp_load(QEMUFile *f, struct tcpcb *tp)
+{
+ int i;
+
+ tp->t_state = qemu_get_sbe16(f);
+ for (i = 0; i < TCPT_NTIMERS; i++)
+ tp->t_timer[i] = qemu_get_sbe16(f);
+ tp->t_rxtshift = qemu_get_sbe16(f);
+ tp->t_rxtcur = qemu_get_sbe16(f);
+ tp->t_dupacks = qemu_get_sbe16(f);
+ tp->t_maxseg = qemu_get_be16(f);
+ tp->t_force = qemu_get_sbyte(f);
+ tp->t_flags = qemu_get_be16(f);
+ tp->snd_una = qemu_get_be32(f);
+ tp->snd_nxt = qemu_get_be32(f);
+ tp->snd_up = qemu_get_be32(f);
+ tp->snd_wl1 = qemu_get_be32(f);
+ tp->snd_wl2 = qemu_get_be32(f);
+ tp->iss = qemu_get_be32(f);
+ tp->snd_wnd = qemu_get_be32(f);
+ tp->rcv_wnd = qemu_get_be32(f);
+ tp->rcv_nxt = qemu_get_be32(f);
+ tp->rcv_up = qemu_get_be32(f);
+ tp->irs = qemu_get_be32(f);
+ tp->rcv_adv = qemu_get_be32(f);
+ tp->snd_max = qemu_get_be32(f);
+ tp->snd_cwnd = qemu_get_be32(f);
+ tp->snd_ssthresh = qemu_get_be32(f);
+ tp->t_idle = qemu_get_sbe16(f);
+ tp->t_rtt = qemu_get_sbe16(f);
+ tp->t_rtseq = qemu_get_be32(f);
+ tp->t_srtt = qemu_get_sbe16(f);
+ tp->t_rttvar = qemu_get_sbe16(f);
+ tp->t_rttmin = qemu_get_be16(f);
+ tp->max_sndwnd = qemu_get_be32(f);
+ tp->t_oobflags = qemu_get_byte(f);
+ tp->t_iobc = qemu_get_byte(f);
+ tp->t_softerror = qemu_get_sbe16(f);
+ tp->snd_scale = qemu_get_byte(f);
+ tp->rcv_scale = qemu_get_byte(f);
+ tp->request_r_scale = qemu_get_byte(f);
+ tp->requested_s_scale = qemu_get_byte(f);
+ tp->ts_recent = qemu_get_be32(f);
+ tp->ts_recent_age = qemu_get_be32(f);
+ tp->last_ack_sent = qemu_get_be32(f);
+ tcp_template(tp);
+}
+
+static int slirp_sbuf_load(QEMUFile *f, struct sbuf *sbuf)
+{
+ uint32_t off, sb_cc, sb_datalen;
+
+ sb_cc = qemu_get_be32(f);
+ sb_datalen = qemu_get_be32(f);
+
+ sbreserve(sbuf, sb_datalen);
+
+ if (sbuf->sb_datalen != sb_datalen)
+ return -ENOMEM;
+
+ sbuf->sb_cc = sb_cc;
+
+ off = qemu_get_sbe32(f);
+ sbuf->sb_wptr = sbuf->sb_data + off;
+ off = qemu_get_sbe32(f);
+ sbuf->sb_rptr = sbuf->sb_data + off;
+ qemu_get_buffer(f, (unsigned char*)sbuf->sb_data, sbuf->sb_datalen);
+
+ return 0;
+}
+
+static int slirp_socket_load(QEMUFile *f, struct socket *so)
+{
+ if (tcp_attach(so) < 0)
+ return -ENOMEM;
+
+ so->so_urgc = qemu_get_be32(f);
+ so->so_faddr.s_addr = qemu_get_be32(f);
+ so->so_laddr.s_addr = qemu_get_be32(f);
+ so->so_fport = qemu_get_be16(f);
+ so->so_lport = qemu_get_be16(f);
+ so->so_iptos = qemu_get_byte(f);
+ so->so_emu = qemu_get_byte(f);
+ so->so_type = qemu_get_byte(f);
+ so->so_state = qemu_get_be32(f);
+ if (slirp_sbuf_load(f, &so->so_rcv) < 0)
+ return -ENOMEM;
+ if (slirp_sbuf_load(f, &so->so_snd) < 0)
+ return -ENOMEM;
+ slirp_tcp_load(f, so->so_tcpcb);
+
+ return 0;
+}
+
+static int slirp_state_load(QEMUFile *f, void *opaque, int version_id)
+{
+ struct ex_list *ex_ptr;
+ int r;
+
+ while ((r = qemu_get_byte(f))) {
+ int ret;
+ struct socket *so = socreate();
+
+ if (!so)
+ return -ENOMEM;
+
+ ret = slirp_socket_load(f, so);
+
+ if (ret < 0)
+ return ret;
+
+ if ((so->so_faddr.s_addr & htonl(0xffffff00)) != special_addr.s_addr)
+ return -EINVAL;
+
+ for (ex_ptr = exec_list; ex_ptr; ex_ptr = ex_ptr->ex_next)
+ if (ex_ptr->ex_pty == 3 &&
+ (ntohl(so->so_faddr.s_addr) & 0xff) == ex_ptr->ex_addr &&
+ so->so_fport == ex_ptr->ex_fport)
+ break;
+
+ if (!ex_ptr)
+ return -EINVAL;
+
+ so->extra = ex_ptr->ex_exec;
+ }
+
+ return 0;
+}
^ permalink raw reply related [flat|nested] 10+ messages in thread
* Re: [Qemu-devel] [PATCH v2 0/5] Marry slirp and qemu character device.
2009-01-05 15:14 [Qemu-devel] [PATCH v2 0/5] Marry slirp and qemu character device Gleb Natapov
` (4 preceding siblings ...)
2009-01-05 15:15 ` [Qemu-devel] [PATCH v2 5/5] Add support for vmchannel socket migration Gleb Natapov
@ 2009-01-05 15:35 ` Anthony Liguori
2009-01-05 16:21 ` Gleb Natapov
2009-01-05 15:38 ` Anthony Liguori
6 siblings, 1 reply; 10+ messages in thread
From: Anthony Liguori @ 2009-01-05 15:35 UTC (permalink / raw)
To: qemu-devel
Gleb Natapov wrote:
> Trap TCP connection to special IP/port inside slirp and redirect its
> traffic to a qemu character device. Add option to prevent connections
> through slirp to outside world. Add migration support for "special"
> sockets. This allow slirp to be used for secure communication between
> host and guest management agents.
>
Do you have some simple client/server that you're using for testing?
The patches look good to me, I'd like to test them first though before
applying. I guess I could just use a combination of socat/md5sum but
I'm wondering if you have anything more sophisticated already.
Regards,
Anthony Liguori
> ---
>
> Gleb Natapov (5):
> Add support for vmchannel socket migration.
> Add "restrict" and "ip" option to "user" net option
> Add slirp_restrict option.
> Add vmchannel command line option.
> Redirect slirp traffic to/from qemu character device.
>
>
> net.c | 14 ++
> slirp/bootp.c | 22 ++--
> slirp/ip_input.c | 21 ++++
> slirp/libslirp.h | 7 +
> slirp/main.h | 3 +
> slirp/misc.c | 2
> slirp/sbuf.c | 2
> slirp/slirp.c | 300 ++++++++++++++++++++++++++++++++++++++++++++++++++++-
> slirp/socket.c | 99 ++++++++++++++---
> slirp/socket.h | 2
> slirp/tcp_input.c | 11 ++
> slirp/tcp_subr.c | 5 +
> slirp/udp.c | 3 +
> vl.c | 75 +++++++++++++
> 14 files changed, 524 insertions(+), 42 deletions(-)
>
>
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [Qemu-devel] [PATCH v2 0/5] Marry slirp and qemu character device.
2009-01-05 15:14 [Qemu-devel] [PATCH v2 0/5] Marry slirp and qemu character device Gleb Natapov
` (5 preceding siblings ...)
2009-01-05 15:35 ` [Qemu-devel] [PATCH v2 0/5] Marry slirp and qemu character device Anthony Liguori
@ 2009-01-05 15:38 ` Anthony Liguori
6 siblings, 0 replies; 10+ messages in thread
From: Anthony Liguori @ 2009-01-05 15:38 UTC (permalink / raw)
To: qemu-devel
Gleb Natapov wrote:
> Trap TCP connection to special IP/port inside slirp and redirect its
> traffic to a qemu character device. Add option to prevent connections
> through slirp to outside world. Add migration support for "special"
> sockets. This allow slirp to be used for secure communication between
> host and guest management agents.
>
To catch-up the rest of the list. The overwhelming feeling on netdev
was that we should just use TCP to communicate from the guest to the
host instead of a special userspace transport. By using slirp to handle
TCP within QEMU, we can expose the traffic to elsewhere as just a stream.
Eventually, we'll add stuff to the distros and possibly to virtio-net to
make the guest visible network adapter that is connected to "vmchannel"
an isolated network from the rest of the guest networking stack,
bypassing iptables, etc. This will make it always reliable.
Regards,
Anthony Liguori
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [Qemu-devel] [PATCH v2 0/5] Marry slirp and qemu character device.
2009-01-05 15:35 ` [Qemu-devel] [PATCH v2 0/5] Marry slirp and qemu character device Anthony Liguori
@ 2009-01-05 16:21 ` Gleb Natapov
0 siblings, 0 replies; 10+ messages in thread
From: Gleb Natapov @ 2009-01-05 16:21 UTC (permalink / raw)
To: qemu-devel
On Mon, Jan 05, 2009 at 09:35:37AM -0600, Anthony Liguori wrote:
> Gleb Natapov wrote:
>> Trap TCP connection to special IP/port inside slirp and redirect its
>> traffic to a qemu character device. Add option to prevent connections
>> through slirp to outside world. Add migration support for "special"
>> sockets. This allow slirp to be used for secure communication between
>> host and guest management agents.
>>
>
> Do you have some simple client/server that you're using for testing?
> The patches look good to me, I'd like to test them first though before
> applying. I guess I could just use a combination of socat/md5sum but
> I'm wondering if you have anything more sophisticated already.
>
socat/md5sum exactly what I am using :)
--
Gleb.
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [Qemu-devel] [PATCH v2 1/5] Redirect slirp traffic to/from qemu character device.
2009-01-05 15:15 ` [Qemu-devel] [PATCH v2 1/5] Redirect slirp traffic to/from " Gleb Natapov
@ 2009-01-07 16:52 ` Anthony Liguori
0 siblings, 0 replies; 10+ messages in thread
From: Anthony Liguori @ 2009-01-07 16:52 UTC (permalink / raw)
To: qemu-devel
Gleb Natapov wrote:
> Signed-off-by: Gleb Natapov <gleb@redhat.com>
> ---
>
> slirp/libslirp.h | 5 ++-
> slirp/main.h | 1 +
> slirp/misc.c | 2 +
> slirp/sbuf.c | 2 +
> slirp/slirp.c | 62 +++++++++++++++++++++++++++++++++-
> slirp/socket.c | 99 +++++++++++++++++++++++++++++++++++++++++++-----------
> slirp/socket.h | 2 +
> slirp/tcp_subr.c | 5 +++
> 8 files changed, 154 insertions(+), 24 deletions(-)
>
>
This patch breaks the Windows build.
In file included from /home/anthony/svn/qemu/slirp/slirp.h:215,
from /home/anthony/svn/qemu/slirp/slirp.c:24:
/home/anthony/svn/qemu/slirp/socket.h:90: warning: 'struct iovec'
declared inside parameter list
/home/anthony/svn/qemu/slirp/socket.h:90: warning: its scope is only
this definition or declaration, which is probably not what you want
/home/anthony/svn/qemu/slirp/slirp.c: In function 'slirp_select_poll':
/home/anthony/svn/qemu/slirp/slirp.c:458: warning: passing argument 2 of
'send' from incompatible pointer type
/home/anthony/svn/qemu/slirp/slirp.c: In function 'slirp_send':
/home/anthony/svn/qemu/slirp/slirp.c:749: warning: implicit declaration
of function 'qemu_chr_write'
/home/anthony/svn/qemu/slirp/slirp.c: In function 'slirp_socket_can_recv':
/home/anthony/svn/qemu/slirp/slirp.c:774: error: array type has
incomplete element type
/home/anthony/svn/qemu/slirp/slirp.c:774: warning: unused variable 'iov'
/home/anthony/svn/qemu/slirp/slirp.c: In function 'slirp_socket_recv':
/home/anthony/svn/qemu/slirp/slirp.c:800: warning: pointer targets in
passing argument 2 of 'soreadbuf' differ in signedness
You probably need to add an #include to get our version of struct iovec
for Windows.
Regards,
Anthony Liguori
^ permalink raw reply [flat|nested] 10+ messages in thread
end of thread, other threads:[~2009-01-07 16:52 UTC | newest]
Thread overview: 10+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-01-05 15:14 [Qemu-devel] [PATCH v2 0/5] Marry slirp and qemu character device Gleb Natapov
2009-01-05 15:15 ` [Qemu-devel] [PATCH v2 1/5] Redirect slirp traffic to/from " Gleb Natapov
2009-01-07 16:52 ` Anthony Liguori
2009-01-05 15:15 ` [Qemu-devel] [PATCH v2 2/5] Add vmchannel command line option Gleb Natapov
2009-01-05 15:15 ` [Qemu-devel] [PATCH v2 3/5] Add slirp_restrict option Gleb Natapov
2009-01-05 15:15 ` [Qemu-devel] [PATCH v2 4/5] Add "restrict" and "ip" option to "user" net option Gleb Natapov
2009-01-05 15:15 ` [Qemu-devel] [PATCH v2 5/5] Add support for vmchannel socket migration Gleb Natapov
2009-01-05 15:35 ` [Qemu-devel] [PATCH v2 0/5] Marry slirp and qemu character device Anthony Liguori
2009-01-05 16:21 ` Gleb Natapov
2009-01-05 15:38 ` Anthony Liguori
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).