Commit Graph

391 Commits

Author SHA1 Message Date
Stefan Weil
ecc804cac3 slirp: Fix type casts and format strings in debug code
Casting pointers to long won't work on 64 bit Windows.
It is not needed with the right format strings.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2015-11-12 13:48:36 +08:00
Stefan Weil
a246a01631 slirp: Fix non blocking connect for w32
Signed-off-by: Stefan Weil <sw@weilnetz.de>
2015-09-24 20:52:28 +02:00
Markus Armbruster
d49b683644 qerror: Move #include out of qerror.h
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Luiz Capitulino <lcapitulino@redhat.com>
2015-06-22 18:20:40 +02:00
Petr Matousek
01f7cecf00 slirp: udp: fix NULL pointer dereference because of uninitialized socket
When guest sends udp packet with source port and source addr 0,
uninitialized socket is picked up when looking for matching and already
created udp sockets, and later passed to sosendto() where NULL pointer
dereference is hit during so->slirp->vnetwork_mask.s_addr access.

Fix this by checking that the socket is not just a socket stub.

This is CVE-2014-3640.

Signed-off-by: Petr Matousek <pmatouse@redhat.com>
Reported-by: Xavier Mehrenberger <xavier.mehrenberger@airbus.com>
Reported-by: Stephane Duverger <stephane.duverger@eads.net>
Reviewed-by: Jan Kiszka <jan.kiszka@siemens.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Michael Tokarev <mjt@tls.msk.ru>
Message-id: 20140918063537.GX9321@dhcp-25-225.brq.redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-09-23 19:15:05 +01:00
zhanghailiang
2fd5d86409 slirp/misc: Use the GLib memory allocation APIs
Here we don't check the return value of malloc() which may fail.
Use the g_new() instead, which will abort the program when
there is not enough memory.

Also, use g_strdup instead of strdup and remove the unnecessary
strdup function.

Signed-off-by: zhanghailiang <zhang.zhanghailiang@huawei.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Benoît Canet <benoit.canet@nodalink.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-08-24 13:16:32 +04:00
Bernhard Übelacker
5f22b054f2 Increase maximum number of session of the internal TFTP server.
Grub fails to boot from internal TFTP server when loading more than
3 initrd files.

Grub first opens a session to the TFTP server for every initrd file and
retrieves only the file size for all.
Then it wants to download the content using the old sessions which are
already expired.

Increasing the maximum number of session of the internal TFTP
server avoids this issue.

The error message reads as following:
error: timeout reading
`/boot/ISO.ROOT/BOOTMGR'.

Press any key to continue...

Signed-off-by: Bernhard Übelacker <bernhardu@vr-web.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-06-24 20:01:24 +04:00
Peter Maydell
49bba868df slirp: Remove unused zero_ethaddr[] variable
The zero_ethaddr[] array is never used; delete it.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-06-10 19:39:34 +04:00
Samuel Thibault
959e41473f slirp/arp: do not special-case bogus IP addresses
Do not special-case addresses with zero host part, as we do not
necessarily know how big it is, and the guest can fake them anyway.
Silently avoid having 0.0.0.0 as a destination, however.

Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
[Edgar: Minor change to subject]
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2014-06-09 01:49:28 +02:00
Cole Robinson
02d1608980 slirp: Remove default_mon usage
These errors don't seem user initiated, so forcibly printing to the
monitor doesn't seem right. Just use error_report.

Drop lprint since it's now unused.

Cc: Jan Kiszka <jan.kiszka@siemens.com>

Signed-off-by: Cole Robinson <crobinso@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
2014-04-25 09:19:58 -04:00
Deepak Kathayat
dc6fb73d21 Fixed various typos
Signed-off-by: Deepak Kathayat <deepak.mk17@gmail.com>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-03-25 14:09:50 +01:00
Stefan Weil
59b0096213 misc: Spelling and grammar fixes in comments
* it's -> its
* grammar fix in ui/vnc-enc-zywrle.h

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Don Koch <dkoch@verizon.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-10-26 13:06:45 +04:00
Sebastian Ottlik
aad1239a7e slirp: call socket_set_fast_reuse instead of setting SO_REUSEADDR
SO_REUSEADDR should be avoided on Windows but is desired on other operating
systems. So instead of setting it we call socket_set_fast_reuse that will result
in the appropriate behaviour on all operating systems.

Signed-off-by: Sebastian Ottlik <ottlik@fzi.de>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
2013-10-02 19:20:31 +02:00
Jan Kiszka
426e3e6ce1 slirp: clean up slirp_update_timeout
No need to write out the timeout early, keep it local until we are done.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2013-09-17 12:26:05 +02:00
Liu Ping Fan
a42e9c4188 slirp: set mainloop timeout with more precise value
If slirp needs to emulate tcp timeout, then the timeout value
for mainloop should be more precise, which is determined by
slirp's fasttimo or slowtimo. Achieve this by swap the logic
sequence of slirp_pollfds_fill and slirp_update_timeout.

Signed-off-by: Liu Ping Fan <pingfank@linux.vnet.ibm.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2013-09-17 12:26:05 +02:00
Liu Ping Fan
9b0ca6cc64 slirp: define timeout as macro
Signed-off-by: Liu Ping Fan <pingfank@linux.vnet.ibm.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2013-09-17 12:26:04 +02:00
Liu Ping Fan
fe0ff43c9d slirp: make timeout local
Each slirp has its own time to caculate timeout.

Signed-off-by: Liu Ping Fan <pingfank@linux.vnet.ibm.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2013-09-17 12:26:04 +02:00
Peter Maydell
ed6bc28e8a slirp/arp_table.c: Avoid shifting into sign bit of signed integers
"0xf << 28" shifts right into the sign bit, since 0xf is a signed
integer. Use the 'U' suffix to force an unsigned shift to avoid
this undefined behaviour and a clang sanitizer warning.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Eric Blake <eblake@redhat.com>
Acked-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-09-01 19:09:09 +04:00
Taimoor Mirza
efcb7e4529 slirp: Port redirection option behave differently on Linux and Windows
port redirection code uses SO_REUSEADDR socket option before binding to
host port. Behavior of SO_REUSEADDR is different on Windows and Linux.
Relaunching QEMU with same host and guest port redirection values on Linux
throws error but on Windows it does not throw any error.
Problem is discussed in http://lists.gnu.org/archive/html/qemu-devel/2013-04/msg03089.html

Signed-off-by: Taimoor Mirza <tmirza@codesourcery.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-09-01 18:52:30 +04:00
Alex Bligh
bc72ad6754 aio / timers: Switch entire codebase to the new timer API
This is an autogenerated patch using scripts/switch-timer-api.

Switch the entire code base to using the new timer API.

Note this patch may introduce some line length issues.

Signed-off-by: Alex Bligh <alex@alex.org.uk>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-08-22 19:14:24 +02:00
Alex Bligh
6a1751b7aa aio / timers: Untangle include files
include/qemu/timer.h has no need to include main-loop.h and
doing so causes an issue for the next patch. Unfortunately
various files assume including timers.h will pull in main-loop.h.
Untangle this mess.

Signed-off-by: Alex Bligh <alex@alex.org.uk>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-08-22 19:10:27 +02:00
Michael Tokarev
0e44486cdc slirp: remove mbuf(m_hdr,m_dat) indirection 2013-07-19 12:52:03 +04:00
Gertjan Halkes
b5a87d26e8 make user networking hostfwd work with restrict=y
This patch allows the hostfwd option to override the restrict=y setting in
the user network stack, as explicitly stated in the documentation on the
restrict option:

     restrict=on|off
         If this option is enabled, the guest will be isolated, i.e. it
         will not be able to contact the host and no guest IP packets
         will be routed over the host to the outside. This option does
         not affect any explicitly set forwarding rules.

Qemu bug tracker:
https://bugs.launchpad.net/qemu/+bug/829455

Signed-off-by: Gertjan Halkes <qemu@ghalkes.nl>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2013-06-19 12:44:38 +02:00
Michael Tokarev
a9c34e4485 slirp: cleanup leftovers from misc.h
There are quite a few leftover declarations in slirp/misc.h.
Remove them.

Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-06-01 14:25:39 +04:00
Michael Tokarev
997aba8e25 remove some double-includes
Some source files #include the same header more than
once for no good reason.  Remove second #includes in
such cases.

Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-05-18 16:35:12 +04:00
Paolo Bonzini
dccfcd0e5f sysemu: avoid proliferation of include/ subdirectories
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-04-15 18:19:25 +02:00
Stefan Hajnoczi
f9e8cacc55 oslib-posix: rename socket_set_nonblock() to qemu_set_nonblock()
The fcntl(fd, F_SETFL, O_NONBLOCK) flag is not specific to sockets.
Rename to qemu_set_nonblock() just like qemu_set_cloexec().

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
2013-04-02 11:47:37 -04:00
Stefan Weil
9957fc7f1e MinGW: Replace setsockopt by qemu_setsocketopt
Instead of adding missing type casts which are needed by MinGW for the
4th argument, the patch uses qemu_setsockopt which was invented for this
purpose.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-03-22 13:14:48 +01:00
MORITA Kazutaka
bf1c852aa9 move socket_set_nodelay to osdep.c
Signed-off-by: MORITA Kazutaka <morita.kazutaka@lab.ntt.co.jp>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-03-04 09:54:17 +01:00
MORITA Kazutaka
4ef7b8944c slirp/tcp_subr.c: fix coding style in tcp_connect
Fix coding style in tcp_connect before the next patch.

Signed-off-by: MORITA Kazutaka <morita.kazutaka@lab.ntt.co.jp>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-03-04 09:54:17 +01:00
Jan Kiszka
7bd43ec2dd slirp: Properly initialize pollfds_idx of new sockets
Otherwise we may start processing sockets in slirp_pollfds_poll that
were created past slirp_pollfds_fill.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-02-26 12:10:21 +01:00
Stefan Hajnoczi
8917c3bdba slirp: switch to GPollFD
Slirp uses rfds/wfds/xfds more extensively than other QEMU components.

The rarely-used out-of-band TCP data feature is used.  That means we
need the full table of select(2) to g_poll(3) events:

  rfds -> G_IO_IN | G_IO_HUP | G_IO_ERR
  wfds -> G_IO_OUT | G_IO_ERR
  xfds -> G_IO_PRI

I came up with this table by looking at Linux fs/select.c which maps
select(2) to poll(2) internally.

Another detail to watch out for are the global variables that reference
rfds/wfds/xfds during slirp_select_poll().  sofcantrcvmore() and
sofcantsendmore() use these globals to clear fd_set bits.  When
sofcantrcvmore() is called, the wfds bit is cleared so that the write
handler will no longer be run for this iteration of the event loop.

This actually seems buggy to me since TCP connections can be half-closed
and we'd still want to handle data in half-duplex fashion.  I think the
real intention is to avoid running the read/write handler when the
socket has been fully closed.  This is indicated with the SS_NOFDREF
state bit so we now check for it before invoking the TCP write handler.
Note that UDP/ICMP code paths don't care because they are
connectionless.

Note that slirp/ has a lot of tabs and sometimes mixed tabs with spaces.
I followed the style of the surrounding code.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Message-id: 1361356113-11049-6-git-send-email-stefanha@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-21 16:17:31 -06:00
Stefan Hajnoczi
cf1d078e4e slirp: slirp/slirp.c coding style cleanup
The slirp glue code uses tabs in some places.  Since the next patch will
modify the file, convert tabs to spaces and fix checkpatch.pl issues.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Message-id: 1361356113-11049-5-git-send-email-stefanha@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-21 16:17:30 -06:00
Markus Armbruster
c64f50d1e2 g_strdup(NULL) returns NULL; simplify
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-01-30 11:14:46 +01:00
Blue Swirl
b6d9439c0d slirp: remove unused field tt
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-01-12 12:26:16 +00:00
Paolo Bonzini
927d4878b0 softmmu: move remaining include files to include/ subdirectories
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-12-19 08:32:46 +01:00
Paolo Bonzini
1de7afc984 misc: move include files to include/qemu/
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-12-19 08:32:39 +01:00
Paolo Bonzini
83c9089e73 monitor: move include files to include/monitor/
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-12-19 08:31:32 +01:00
Paolo Bonzini
cb9c377f54 janitor: add guards to headers
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-12-19 08:31:31 +01:00
Stefan Weil
a93cf9dfba Fix comments (adress -> address, layed -> laid, wierd -> weird)
Remove also a duplicated 'the'.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2012-12-07 12:34:11 +01:00
Klaus Stengel
63d2960bc4 slirp: Add domain-search option to slirp's DHCP server
This patch will allow the user to include the domain-search option in
replies from the built-in DHCP server. The domain suffixes can be
specified by adding dnssearch= entries to the "-net user" parameter.

[Jan: tiny style adjustments]

Signed-off-by: Klaus Stengel <Klaus.Stengel@asamnet.de>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-11-15 10:27:14 +01:00
Nickolai Zeldovich
1a89b60885 slirp: Don't crash on packets from 0.0.0.0/8.
LWIP can generate packets with a source of 0.0.0.0, which triggers an
assertion failure in arp_table_add().  Instead of crashing, simply return
to avoid adding an invalid ARP table entry.

Signed-off-by: Nickolai Zeldovich <nickolai@csail.mit.edu>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-11-15 10:27:14 +01:00
Blue Swirl
036208c9ab slirp: remove unused function u_sleep
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-11-10 13:49:20 +00:00
Amos Kong
4d5b97da35 cleanup useless return sentence
This patch cleans up return sentences in the end of void functions.

Reported-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Amos Kong <akong@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@gmail.com>
2012-10-05 15:10:21 +02:00
Stefan Weil
30daca5f77 slirp: Fix spelling in comment (enought -> enough, insure -> ensure)
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@gmail.com>
2012-10-05 14:24:37 +02:00
Hervé Poussineau
95b1ad7ad8 slirp: Implement TFTP Blocksize option
This option is described in RFC 1783. As this is only an optional field,
we may ignore it in some situations and handle it in some others.

However, MS Windows 2003 PXE boot client requests a block size of the MTU
(most of the times 1472 bytes), and doesn't work if the option is not
acknowledged (with whatever value).

According to the RFC 1783, we cannot acknowledge the option with a bigger
value than the requested one.

As current implementation is using 512 bytes by block, accept the option
with a value of 512 if the option was specified, and don't acknowledge it
if it is not present or less than 512 bytes.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-09-14 00:26:55 +02:00
Jan Kiszka
eb7faf0e3a slirp: Remove unused return value of tftp_send_next_block
No caller actually makes use of this value, so let's simplify the code.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-09-13 12:44:27 +02:00
Hervé Poussineau
4aa401f39e slirp: Handle more than 65535 blocks in TFTP transfers
RFC 1350 does not mention block count roll-over. However, a lot of TFTP servers
implement it to be able to transmit big files, so do it also.

Current block size is 512 bytes, so TFTP files were limited to 32 MB.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-09-13 12:39:36 +02:00
Hervé Poussineau
78be056628 slirp: improve TFTP performance
When transferring a file, keep it open during the whole transfer,
instead of opening/closing it for each block.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-09-13 12:38:14 +02:00
Stefan Weil
e56afbc54a slirp: Fix error reported by static code analysis
Report from smatch:

slirp/tcp_subr.c:127 tcp_respond(17) error:
 we previously assumed 'tp' could be null (see line 124)

Return if 'tp' is NULL.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-09-13 12:38:14 +02:00
Stefan Weil
c4d12a743c slirp: Remove wrong type casts ins debug statements
The type casts of pointers to long are not allowed
when sizeof(pointer) != sizeof(long).

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-09-13 12:38:14 +02:00
Anthony Liguori
0b8db8fe15 slirp: fix build on mingw32
in_addr_t isn't available on mingw32.  Just use an unsigned long instead.  I
considered typedef'ing in_addr_t on mingw32 but this would potentially be
brittle if mingw32 did introduce the type.

Cc: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-08-06 19:31:55 -05:00
Anders Waldenborg
648cd33e73 slirp: Handle whole 127.0.0.0/8 network as local addresses.
Changes so translation of remote address to the host's ip address in
the virtual network happens for all addresses in the 127.0.0.0/8
network, not just 127.0.0.1.

This fixes so that hostfwd bound to addresses such as 127.0.0.2 works.

Signed-off-by: Anders Waldenborg <anders@0x63.nu>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-08-03 23:31:52 +02:00
Zhi Yong Wu
691a4f3a95 net: determine if packets can be sent before net queue deliver packets
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Zhi Yong Wu <wuzhy@linux.vnet.ibm.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2012-08-01 13:32:11 +01:00
Paolo Bonzini
4c69605472 build: move slirp/ objects to nested Makefile.objs
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-06-07 09:21:15 +02:00
Andreas Färber
917cfc1f26 slirp: Avoid redefining MAX_TCPOPTLEN
MAX_TCPOPTLEN is being defined as 32. Darwin already has it as 40,
causing a warning. The value is only used to declare an array,
into which currently 4 bytes are written at most.

Therefore always override MAX_TCPOPTLEN for now.

Suggested-by: Jan Kiszka <jan.kiszka@web.de>
Reviewed-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-05-28 22:44:27 +02:00
Andreas Färber
9b24d8e987 slirp: Avoid statements without effect on Big Endian host
Darwin has HTON*/NTOH* macros that on BE simply return the argument.
This is incompatible with SLIRP's use of these macros as a statement.

Undefine the macros in the HOST_WORDS_BIGENDIAN code path to redefine
these macros as no-op, as already done when they were undefined.

Suggested-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-05-28 22:31:07 +02:00
Andreas Färber
e20e48a802 slirp: Untangle TCPOLEN_* from TCPOPT_*
Commit b72210568e (slirp: clean up
conflicts with system headers) enclosed TCPOLEN_MAXSEG with an #ifdef
TCPOPT_EOL. This broke the build on illumos, which has TCPOPT_*
but not TCPOLEN_*.

Move them to their own #ifdef TCPOLEN_MAXSEG section to remedy this.

Cc: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-05-28 13:45:33 +02:00
Stefano Stabellini
7c7db75576 main_loop_wait: block indefinitely
- remove qemu_calculate_timeout;

- explicitly size timeout to uint32_t;

- introduce slirp_update_timeout;

- pass NULL as timeout argument to select in case timeout is the maximum
value;

Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Acked-by: Paul Brook <paul@codesourcery.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-04-26 13:14:58 -05:00
Stefan Weil
acf126ba58 w32: Move defines for socket specific errors to qemu-os-win32.h
As those defines are only used for w32,
they should be in the header file for w32.

All files which include slirp.h or qemu_socket.h also
include qemu-os-win32.h.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
2012-04-15 21:25:16 +02:00
Jan Kiszka
86073017e3 slirp: Signal free input buffer space to io-thread
This massively accelerates slirp reception speed: If data arrives
faster than the guest can read it from the input buffer, the file
descriptor for the corresponding socket was taken out of the fdset for
select. However, the event of the guest reading enough data from the
buffer was not signaled. Thus, the io-thread only noticed this change
on the next time-driven poll. Fix this by kicking the io-thread as
required.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-03-30 19:43:00 +02:00
Jan Kiszka
5668896163 w32/slirp: Undefine error constants before their redefinition
Less warnings for your console.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-03-28 21:03:42 +02:00
Paolo Bonzini
1c5970a8b8 slirp: use socket_set_nonblock
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-03-28 20:33:26 +02:00
Paolo Bonzini
b72210568e slirp: clean up conflicts with system headers
Right now, slirp/slirp.h cannot include some system headers and,
indirectly, qemu_socket.h.  Clean this up, and remove a duplicate
prototype that was introduced because of that.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-03-28 20:33:16 +02:00
Stefan Weil
2d26512b45 slirp: Fix compiler warning for w64
Casting a pointer to an integer value must use uintptr_t or intptr_t
(not long) for portable code. MinGW-w64 requires this because
sizeof(long) != sizeof(void *) for w64 hosts, so casting to long
raises a compiler warning.

I use uintptr_t instead of intptr_t because changing the sign does not
matter here and casting pointers to unsigned values seems more
reasonable (the unsigned value is a non negative offset.

Cc: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-03-13 16:15:19 +01:00
Jan Kiszka
a68adc2206 slirp: Cleanup resources on instance removal
Close & free sockets when shutting down a slirp instance, also release
all buffers.

CC: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-03-13 14:05:49 +01:00
Jan Kiszka
f373431977 slirp: Remove unneeded if_queued
There is now a trivial check on entry of if_start for pending packets,
so we can drop the additional tracking via if_queued.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-03-13 14:05:49 +01:00
Jan Kiszka
e3078bf40a slirp: Fix queue walking in if_start
Another attempt to get this right: We need to carefully walk both the
fastq and the batchq in if_start while trying to send packets to
possibly not yet resolved hosts on the virtual network.

So far we just requeued a delayed packet where it was and then started
walking the queues from the top again - that couldn't work. Now we pre-
calculate the next packet in the queue so that the current one can
safely be removed if it was sent successfully. We also need to take into
account that the next packet can be from the same session if the current
one was sent and there are no other sessions.

CC: Fabien Chouteau <chouteau@adacore.com>
CC: Zhi Yong Wu <wuzhy@linux.vnet.ibm.com>
CC: Stefan Weil <sw@weilnetz.de>
Tested-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-03-13 14:05:48 +01:00
Jan Kiszka
953e7f54e6 slirp: Prevent recursion of if_start
if_start can be called recursively via if_encap. Avoid this as our
scheme of dequeuing packets is not compatible with this.

CC: Fabien Chouteau <chouteau@adacore.com>
CC: Zhi Yong Wu <wuzhy@linux.vnet.ibm.com>
CC: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-03-13 14:05:48 +01:00
Jan Kiszka
d6536b2c97 slirp: Keep next_m always valid
Make sure that next_m always points to a packet if batchq is non-empty.
This will simplify walking the queues in if_start.

CC: Fabien Chouteau <chouteau@adacore.com>
CC: Zhi Yong Wu <wuzhy@linux.vnet.ibm.com>
CC: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-03-13 14:05:48 +01:00
David Gibson
90d7416ab1 slirp: Fix assertion failure on rejected DHCP requests
The guest network stack might DHCPREQUEST an address that the slirp built
in dhcp server can't let it have - for example if the guest has an old
leases file from another network configuration.  In this case the dhcp
server should and does reject the request and prepares to send a DHCPNAK
to the client.

However, in this case the daddr variable in bootp_reply() is set to
0.0.0.0.  Shortly afterwards, it unconditionally attempts to pre-insert the
new client address into the ARP table.  This causes an assertion failure in
arp_address_add() because of the 0.0.0.0 address.

According to RFC2131, DHCPNAK messages for clients on the same subnet
must be sent to the broadcast address (S3.2, subpoint 2).

Cc: Jan Kiszka <jan.kiszka@siemens.com>

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-02-27 14:55:07 +01:00
Jan Kiszka
b87ffa1631 slirp: Refactor if_start
Replace gotos with a while loop, fix coding style.

CC: Zhi Yong Wu <wuzhy@linux.vnet.ibm.com>
CC: Fabien Chouteau <chouteau@adacore.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-02-27 14:54:49 +01:00
Jan Kiszka
b248ede2ef slirp: Fix requeuing of batchq packets in if_start
In case we requeued a packet that was the head of a longer session
queue, we failed to restore this ordering. Also, we did not properly
deal with changes to Slirp::next_m.

Instead of a cumbersome roll back, this fix simply avoids any changes
until we know if the packet was actually sent. Both fixes crashes due
to inconsistent queues and simplifies the logic.

Thanks to Zhi Yong Wu who found the reason for these crashes.

CC: Zhi Yong Wu <wuzhy@linux.vnet.ibm.com>
CC: Fabien Chouteau <chouteau@adacore.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-02-27 14:54:49 +01:00
Jan Kiszka
79e7e937bd slirp: Clean up ifs_init
Remove duplicate ifs_init macros, reimplement the logic as static inline
in mbuf.h.

CC: Zhi Yong Wu <wuzhy@linux.vnet.ibm.com>
CC: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-02-27 14:54:49 +01:00
Alon Levy
f293d8b1f2 slirp/misc: fix gcc __warn_memset_zero_len warnings
By removing memset altogether (Patch from Stefan Hajnoczi, tested
compile only by me).

Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-02-24 13:24:42 +00:00
Jan Kiszka
6612db12d5 slirp: Prevent sending ICMP error replies to source-only addresses
This triggered the related assert in arp_table_search.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-02-08 10:07:54 +01:00
Stefan Weil
9f1134d4aa slirp: Remove unused variable and unused code
9634d9031c disabled unused code.
This patch removes what was left.

If do_pty is 2, the function returns immediately, so any later checks
for do_pty == 2 will always fail and can be removed together with
the code which is never executed. Then variable master is unused and
can be removed, too.

This issue was detected by coverity.

Cc: Blue Swirl <blauwirbel@gmail.com>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-02-08 10:07:54 +01:00
Paolo Bonzini
d3b12f5dec main-loop: create main-loop.c
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2011-10-21 18:14:30 +02:00
Thomas Huth
2b44043265 slirp: Fix packet expiration
The two new variables "arp_requested" and "expiration_date" in the mbuf
structure have been added after the variable-sized "m_dat_" array. The
variables have to be added before the m_dat_ array instead.
Without this patch, the expiration_date gets clobbered by code that
accesses the m_dat_ array.
I experienced this problem with the code in slirp/tftp.c: The
tftp_send_data() function created a new packet with the m_get()
function (which fills-in a default expiration_date value). Then the
TFTP code cleared the data section of the packet, which accidentially
also cleared the expiration_date. This zeroed expiration_date then
finally causes the packet to be discarded during if_start(), so that
TFTP packets were not transmitted anymore.

[Jan: added comment as suggested by Fabien ]

CC: Fabien Chouteau <chouteau@adacore.com>
Signed-off-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2011-09-28 13:11:30 +02:00
Jan Kiszka
8d06d69bc4 slirp: Fix use after release on tcp_input
ti points into the m buffer. But the latter may already be released
right after the dodata: label. Move the test before the potential
release.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2011-09-28 13:10:22 +02:00
Anthony Liguori
39ba59c21b Merge remote-tracking branch 'kiszka/queues/slirp' into staging 2011-09-20 15:18:10 -05:00
Stefan Weil
b2bedb2144 Remove blanks before \n in output strings
Those blanks violate the coding conventions, see
scripts/checkpatch.pl.

Blanks missing after colons in the changed lines were added.

This patch does not try to fix tabs, long lines and other
problems in the changed lines, therefore checkpatch.pl reports
many violations.

Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-09-16 08:25:56 -05:00
Jan Kiszka
144d192d33 slirp: Fill TCP/IP header template after SYN reception
This ensures we can cleanly signal the drop in case the connection timer
fires. So far we sent those frames to nowhere (target IP 0.0.0.0).

Found by the new assertion on invalid IPs in arp_table_search.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2011-09-16 00:16:12 +02:00
Stefan Weil
5a61cb60d6 Fix include statements for qemu-common.h
* qemu-common.h is not a system include file, so it should be included
  with "" instead of <>. Otherwise incremental builds might fail
  because only local include files are checked for changes.

* linux-user/syscall.c included the file twice.

Cc: Riku Voipio <riku.voipio@iki.fi>
Cc: Jan Kiszka <jan.kiszka@siemens.com>
Acked-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2011-09-09 09:56:12 +01:00
Stefan Weil
541dc0d47f Use new macro QEMU_PACKED for packed structures
Most changes were made using these commands:

git grep -la '__attribute__((packed))'|xargs perl -pi -e 's/__attribute__\(\(packed\)\)/QEMU_PACKED/'
git grep -la '__attribute__ ((packed))'|xargs perl -pi -e 's/__attribute__ \(\(packed\)\)/QEMU_PACKED/'
git grep -la '__attribute__((__packed__))'|xargs perl -pi -e 's/__attribute__\(\(__packed__\)\)/QEMU_PACKED/'
git grep -la '__attribute__ ((__packed__))'|xargs perl -pi -e 's/__attribute__ \(\(__packed__\)\)/QEMU_PACKED/'
git grep -la '__attribute((packed))'|xargs perl -pi -e 's/__attribute\(\(packed\)\)/QEMU_PACKED/'

Whitespace in linux-user/syscall_defs.h was fixed manually
to avoid warnings from scripts/checkpatch.pl.

Manual changes were also applied to hw/pc.c.

I did not fix indentation with tabs in block/vvfat.c.
The patch will show 4 errors with scripts/checkpatch.pl.

Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2011-09-03 10:45:59 +00:00
Anthony Liguori
2cc6e0a142 char: rename qemu_chr_write() -> qemu_chr_fe_write()
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-08-22 10:17:15 -05:00
Blue Swirl
aec7c6dc68 Merge branch 'queues/slirp' of git://git.kiszka.org/qemu
* 'queues/slirp' of git://git.kiszka.org/qemu:
  slirp: Fix bit field types in IP header structs
2011-08-21 19:19:29 +00:00
Anthony Liguori
7267c0947d Use glib memory allocation and free functions
qemu_malloc/qemu_free no longer exist after this commit.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-08-20 23:01:08 -05:00
Jan Kiszka
1b930bfa09 slirp: Fix bit field types in IP header structs
-mms-bitfields prevents that the bitfields in current IP header structs
are packed into a single byte as it is required. Fix this by using
uint8_t as backing type.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2011-08-14 23:34:44 -07:00
Jan Kiszka
e3a110b527 slirp: Only start packet expiration for delayed ones
The expiration timeout must only affect packets that are queued due to
pending ARP resolutions. The old version broke ping e.g.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2011-08-05 14:05:53 +02:00
Jan Kiszka
fd5938799d slirp: Read current time only once per if_start call
No need to update the current time for each packet we send from the
queue. Processing time is comparably short.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2011-08-05 14:04:00 +02:00
Jan Kiszka
5a371a2e52 slirp: Fix types of IP address parameters
Should be uint32_t for IPv4, not int. Also avoid in_addr_t without
proper includes. Fixes build regression on mingw32.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2011-08-05 12:51:11 +02:00
Fabien Chouteau
1ab74cea06 Delayed IP packets
In the current implementation, if Slirp tries to send an IP packet to a client
with an unknown hardware address, the packet is simply dropped and an ARP
request is sent (if_encap in slirp/slirp.c).

With this patch, Slirp will send the ARP request, re-queue the packet and try
to send it later. The packet is dropped after one second if the ARP reply is
not received.

Signed-off-by: Fabien Chouteau <chouteau@adacore.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2011-08-03 12:57:11 +02:00
Fabien Chouteau
1a0ca1e1f6 Simple ARP table
This patch adds a simple ARP table in Slirp and also adds handling of
gratuitous ARP requests.

Signed-off-by: Fabien Chouteau <chouteau@adacore.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2011-08-03 12:57:06 +02:00
Stefan Weil
cf2846b5fa slirp: Fix unusual "comments" in unused code
cppcheck detected two rather strange comments which were not
correctly written as C comments.

They did not cause any harm because they were framed by
#ifdef notdef ... #endif, so they were never compiled.

Fix them nevertheless (we could also remove the unused code).

Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2011-07-27 10:10:17 +01:00
Blue Swirl
00aa0040e8 Wrap recv to avoid warnings
Avoid warnings like these by wrapping recv():
  CC    slirp/ip_icmp.o
/src/qemu/slirp/ip_icmp.c: In function 'icmp_receive':
/src/qemu/slirp/ip_icmp.c:418:5: error: passing argument 2 of 'recv' from incompatible pointer type [-Werror]
/usr/local/lib/gcc/i686-mingw32msvc/4.6.0/../../../../i686-mingw32msvc/include/winsock2.h:547:32: note: expected 'char *' but argument is of type 'struct icmp *'

Remove also casts used to avoid warnings.

Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2011-07-25 14:38:56 +00:00
Jan Kiszka
e6d43cfb1f slirp: Forward ICMP echo requests via unprivileged sockets
Linux 3.0 gained support for unprivileged ICMP ping sockets. Use this
feature to forward guest pings to the outer world. The host admin has to
set the ping_group_range in order to grant access to those sockets. To
allow ping for the users group (GID 100):

echo 100 100 > /proc/sys/net/ipv4/ping_group_range

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-07-23 10:19:50 -05:00
Jan Kiszka
565465fcae slirp: Put forked exec into separate process group
Recent smb daemons tend to terminate themselves via a process group
SIGTERM. If the daemon is still in qemu's group by that time, qemu will
die as well. Avoid this by always pushing fork_exec processes into a
group of their own, not just (unused) type 2 execs.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-07-23 10:19:49 -05:00
Jan Kiszka
3acccfc67d slirp: Replace m_freem with m_free
Remove this pointless wrapping.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-07-23 10:19:49 -05:00
Jan Kiszka
5a82362ad0 slirp: Strictly associate DHCP/BOOTP and TFTP with virtual host
Instead of accepting every DHCP/BOOTP and TFTP packet, only invoke the
built-in servers if the target is the virtual host.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-07-23 10:19:49 -05:00
Jan Kiszka
12b513d837 slirp: Fix restricted mode
This aligns the code to what the documentation claims: Allow everything
but requests that would have to be routed outside of the virtual LAN.

So we need to drop the unneeded IP-level filter, allow TFTP requests,
and add the missing protocol-level filter to ICMP.

CC: Gleb Natapov <gleb@redhat.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-07-23 10:19:49 -05:00
Paolo Bonzini
4d54ec7898 add a service to reap zombies, use it in SLIRP
SLIRP -smb support wants to fork a process and forget about reaping it.
To please it, add a generic service to register a process id and let
QEMU reap it.  In the future it could be enhanced to pass a status,
but this would be unused.

With this in place, the SIGCHLD signal handler would not stomp on pclose
anymore.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-03-29 08:14:11 -05:00
Paolo Bonzini
7bd427d801 change all rt_clock references to use millisecond resolution accessors
This was done with:

    sed -i '/get_clock\>.*rt_clock/s/get_clock\>/get_clock_ms/' \
        $(git grep -l 'get_clock\>.*rt_clock' )
    sed -i '/new_timer\>.*rt_clock/s/new_timer\>/new_timer_ms/' \
        $(git grep -l 'new_timer\>.*rt_clock' )

after checking that get_clock and new_timer never occur twice
on the same line.  There were no missed occurrences; however, even
if there had been, they would have been caught by the compiler.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2011-03-21 09:23:23 +01:00
Vincent Palatin
24ac3a7d4e net: fix trace when debug is activated in slirp
make the code compile correctly when DEBUG is activated.

Signed-off-by: Vincent Palatin <vpalatin@chromium.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2011-03-05 12:00:51 +00:00
Stefan Weil
89d2d3af51 slirp: Remove some type casts caused by bad declaration of x.tp_buf
x.tp_buf was declared as a uint8_t array, but always used as
a char array (which needed a lot of type casts).

The patch includes these changes:

* Fix declaration of x.tp_buf and remove all type casts.

* Use offsetof() to get the offset of x.tp_buf.

Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2011-02-25 15:58:59 +00:00
Anthony Liguori
8fe3046f17 Fix build from previous commit
I unfortunately got on an unnamed branch and pushed the wrong bits

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-02-14 14:24:24 -06:00
Bruce Rogers
53fae6d27f PATCH] slirp: fix buffer overrun
Since the addition of the slirp member to struct mbuf, the value of
SLIRP_MSIZE and the initialization of m_size have not been correct,
resulting in overrunning the end of the malloc'd buffer in some cases.

Signed-off-by: Bruce Rogers <brogers@novell.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-02-14 13:23:00 -06:00
Blue Swirl
64b85a8f23 Delete useless 'extern' qualifiers for functions
'extern' qualifier is useless for function declarations. Delete
them.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2011-01-23 16:21:20 +00:00
Sergei Gavrikov
facf1a60f2 slirp: Use strcasecmp() to check tftp mode, tsize
According to RFC 1350 (TFTP Revision 2) the mode field can contain any
combination of upper and lower case; also RFC 2349 propagates that the
transfer size option ("tsize") is case in-sensitive too.

Current implementation of embedded TFTP server missed that what does
mess some TFTP clients. Fixed by using STRCASECMP(3) in the required
places.

Signed-off-by: Sergei Gavrikov <sergei.gavrikov@gmail.com>
Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Edgar E. Iglesias <edgar@axis.com>
2011-01-13 11:38:44 +01:00
Aurelien Jarno
8aaf42ed0f slirp: fix unaligned access in bootp code
Slirp code tries to be smart an avoid data copy by using pointer to
the data. This solution leads to unaligned access, in this case
preq_addr, which is a 32-bit long structure. There is no real point
of avoiding data copy in a such case, as the value itself is smaller
or the same size as a pointer.

The patch replaces pointers to the preq_addr structure by the strcture
itself, and use the address 0.0.0.0 if no address has been requested
(this is not a valid address in such a request). It compares it with
htonl(0L) for correctness reasons, in case a code checker look for such
mistakes. It also uses memcpy() for copying the data, which takes care
of alignement issues.

This fixes an unaligned access on IA64 host while requesting a DHCP
address.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2011-01-10 10:56:25 +01:00
Stefan Weil
9eca6cc643 slirp: Remove unused code for bad sprintf
Neither DECLARE_SPRINTF nor BAD_SPRINTF are needed for QEMU.

QEMU won't support systems with missing or bad declarations
for sprintf. The unused code was detected while looking for
functions with missing format checking. Instead of adding
GCC_FMT_ATTR, the unused code was removed.

Cc: Blue Swirl <blauwirbel@gmail.com>
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-11-21 09:16:57 -06:00
Stefan Weil
8b7968f7c4 Use GCC_FMT_ATTR (format checking)
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2010-10-03 06:34:51 +00:00
Andreas Färber
4a2b39d323 slirp: Silence warning on Haiku
Haiku has O_BINARY in fcntl.h.

Signed-off-by: Andreas Färber <andreas.faerber@web.de>
Cc: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2010-10-03 06:31:49 +00:00
Hervé Poussineau
dbf3c4b4ba Make ARP replies at least 64 bytes long
IEEE 802.3 standard requires Ethernet frames to be at least 64 bytes long.
If it is not the case, they will be considered as runt frames, and may be ignored by netcard and/or OS

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2010-09-17 12:46:27 +02:00
Hervé Poussineau
0d491754d0 Accept packets with TTL=1
Packets with TTL=1 may be directed to local network (DHCP/DNS servers for example), so don't discard them
This is required by old versions of NetBSD which send DHCP DISCOVER packets with TTL=1

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2010-09-17 12:46:27 +02:00
Jes Sorensen
7390cdfbf7 Change DPRINTF() to do{}while(0) to avoid compiler warning
Signed-off-by: Jes Sorensen <Jes.Sorensen@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2010-09-04 09:45:54 +00:00
Stefan Weil
08dc07a32b slirp: Remove declarations which are no longer needed
The previous patches replaced u_int8_t, u_int16_t, u_int32_t, u_int64_t
by standard int types from stdint.h,
so we can now remove their declarations which are no longer needed.

Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2010-07-25 16:59:41 +02:00
Stefan Weil
b6dce92e89 slirp: Replace u_int8_t, u_int16_t, u_int32_t, u_int64_t by standard int types
There is no need to have a second set of integral types.
Replace them by the standard types from stdint.h.

Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2010-07-25 16:59:41 +02:00
Alex Williamson
0be71e324f savevm: Add DeviceState param
When available, we'd like to be able to access the DeviceState
when registering a savevm.  For buses with a get_dev_path()
function, this will allow us to create more unique savevm
id strings.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-07-06 10:36:28 -05:00
Blue Swirl
9678d9501b Remove dead assignments in various common files, spotted by clang analyzer
Value stored is never read.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2010-04-25 18:35:52 +00:00
Juha Riihimäki
ab07b980c4 slirp: fix structure initialization in tcp_listen()
A data structure of type sockaddr_in is allocated from stack but not
properly initialized. This may lead to a failure in the bind() call
later on. Fixed by filling the contents of the structure with zeroes
before using it.

Signed-off-by: Juha Riihimäki <juha.riihimaki@nokia.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2010-04-20 16:42:38 +00:00
Blue Swirl
7107944a7b slirp: fix unused return value, spotted by clang
Fix clang errors like:
  CC    slirp/cksum.o
/src/qemu/slirp/cksum.c:78:3: error: expression result unused [-Wunused-value]
                REDUCE;
/src/qemu/slirp/cksum.c:45:66: note: instantiated from:

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2010-04-18 14:27:46 +00:00
Markus Armbruster
8631b6084a monitor: Separate "default monitor" and "current monitor" cleanly
Commits 376253ec..731b0364 introduced global variable cur_mon, which
points to the "default monitor" (if any), except during execution of
monitor_read() or monitor_control_read() it points to the monitor from
which we're reading instead (the "current monitor").  Monitor command
handlers run within monitor_read() or monitor_control_read().

Default monitor and current monitor are really separate things, and
squashing them together is confusing and error-prone.

For instance, usb_host_scan() can run both in "info usbhost" and
periodically via usb_host_auto_check().  It prints to cur_mon, which
is what we want in the former case: the monitor executing "info
usbhost".  But since that's the default monitor in the latter case, it
periodically spams the default monitor there.

A few places use cur_mon to log stuff to the default monitor.  If we
ever log something while cur_mon points to current monitor instead of
default monitor, the log temporarily "jumps" to another monitor.
Whether that can or cannot happen isn't always obvious.

Maybe logging to the default monitor (which may not even exist) is a
bad idea, and we should log to stderr or a logfile instead.  But
that's outside the scope of this commit.

Change cur_mon to point to the current monitor.  Create new
default_mon to point to the default monitor.  Update users of cur_mon
accordingly.

This fixes the periodical spamming of the default monitor by
usb_host_scan().  It also stops "log jumping", should that problem
exist.
2010-03-16 16:55:05 +01:00
Blue Swirl
b0e0486730 slirp: remove dead nested assignment, spotted by clang
Although the value stored to 'r' is used in the enclosing expression,
the value is never actually read from 'r'.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2010-03-07 13:45:38 +00:00
Blue Swirl
7071ff3288 slirp: remove dead initialization, spotted by clang
Value stored during initialization is never read.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2010-03-07 13:45:38 +00:00
Blue Swirl
369c86e788 slirp: remove dead increments, spotted by clang
Value stored is never read.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2010-03-07 13:45:37 +00:00
Blue Swirl
aca9fcd28e slirp: remove dead assignments, spotted by clang
Value stored is never read.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2010-03-07 13:13:05 +00:00
Jim Meyering
6265eb26a3 don't dereference NULL after failed strdup
Most of these are obvious NULL-deref bug fixes, for example,
the ones in these files:

  block/curl.c
  net.c
  slirp/misc.c

and the first one in block/vvfat.c.
The others in block/vvfat.c may not lead to an immediate segfault, but I
traced the two schedule_rename(..., strdup(path)) uses, and a failed
strdup would appear to trigger this assertion in handle_renames_and_mkdirs:

	    assert(commit->path);

The conversion to use qemu_strdup in envlist_to_environ is not technically
needed, but does avoid a theoretical leak in the caller when strdup fails
for one value, but later succeeds in allocating another buffer(plausible,
if one string length is much larger than the others).  The caller does
not know the length of the returned list, and as such can only free
pointers until it hits the first NULL.  If there are non-NULL pointers
beyond the first, their buffers would be leaked.  This one is admittedly
far-fetched.

The two in linux-user/main.c are worth fixing to ensure that an
OOM error is diagnosed up front, rather than letting it provoke some
harder-to-diagnose secondary error, in case of exec failure, or worse, in
case the exec succeeds but with an invalid list of command line options.
However, considering how unlikely it is to encounter a failed strdup early
in main, this isn't a big deal.  Note that adding the required uses of
qemu_strdup here and in envlist.c induce link failures because qemu_strdup
is not currently in any library they're linked with.  So for now, I've
omitted those changes, as well as the fixes in target-i386/helper.c
and target-sparc/helper.c.

If you'd like to see the above discussion (or anything else)
in the commit log, just let me know and I'll be happy to adjust.

>From 9af42864fd1ea666bd25e2cecfdfae74c20aa8c7 Mon Sep 17 00:00:00 2001
From: Jim Meyering <meyering@redhat.com>
Date: Mon, 8 Feb 2010 18:29:29 +0100
Subject: [PATCH] don't dereference NULL after failed strdup

Handle failing strdup by replacing each use with qemu_strdup,
so as not to dereference NULL or trigger a failing assertion.
* block/curl.c (curl_open): s/\bstrdup\b/qemu_strdup/
* block/vvfat.c (init_directories): Likewise.
(get_cluster_count_for_direntry, check_directory_consistency): Likewise.
* net.c (parse_host_src_port): Likewise.
* slirp/misc.c (fork_exec): Likewise.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-02-10 14:00:53 -06:00
malc
d0f2c4c602 Do not use dprintf
dprintf is already claimed by POSIX[1], and on at least one system
is implemented as a macro

[1] http://www.opengroup.org/onlinepubs/9699919799/functions/dprintf.html

Signed-off-by: malc <av1474@comtv.ru>
2010-02-07 02:03:50 +03:00
Milan Plzik
1cb1a66aed Qemu's internal TFTP server breaks lock-step-iness of TFTP
According to RFC 1350 and RFC 2347, TFTP server should answer RRQ by
either OACK or DATA packet. Qemu's internal TFTP server answers RRQ with
additional options by sending both OACK and DATA packet, thus breaking
the "lock-step" feature of the protocol, and also confuses client.

  Proposed solution would be to, in case of OACK packet, wait for ACK
from client and just then start sending data. Attached patch implements
this.

Signed-off-by: Thomas Horsten <thomas@horsten.com>
Signed-off-by: Milan Plzik <milan.plzik@gmail.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-13 17:14:16 -06:00
Thomas Horsten
bfe4e17242 Handle TFTP ERROR from client
If a PXE client only wants to find out the size of a file, it will
open the file and then abort the transfer by sending a TFTP ERROR packet.

The ERROR packet should cause qemu to terminate the session. If not,
the sessions will soon run out and cause timeouts in the client.

Also, if a TFTP session already exists with same IP/UDP port, it
should be terminated when a new RRQ is received, instead of creating a
duplicate (which will never be used).

A patch for gPXE to send the ERROR packet is also being submitted to
gPXE. Together they resolve slowness/hanging when booting pxegrub from
qemu's internal TFTP server. The patch from Milan Plzik to return
after sending OACK is also required for a complete fix.

Signed-off-by: Thomas Horsten <thomas@horsten.com>
Signed-off-by: Milan Plzik <milan.plzik@gmail.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-11 13:41:00 -06:00
Kirill A. Shutemov
f0d98b0517 slirp/misc.c: fix warning with _FORTIFY_SOURCE
CC    slirp/misc.o
cc1: warnings being treated as errors
slirp/misc.c: In function 'fork_exec':
slirp/misc.c:209: error: ignoring return value of 'write', declared with attribute warn_unused_result
make: *** [slirp/misc.o] Error 1

Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2009-12-25 18:19:18 +00:00
Juha Riihimäki
9a0c6a3373 fix networking on win32 host
At least under some mingw compilers slirp networking fails without declaring
these fields packed.

From: Juha Riihimäki <juha.riihimaki@nokia.com>
Signed-off-by: Juha Riihimäki <juha.riihimaki@nokia.com>
Signed-off-by: Riku Voipio <riku.voipio@nokia.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2009-12-18 23:23:56 +01:00
Kevin Wolf
40ff6d7e8d Don't leak file descriptors
We're leaking file descriptors to child processes. Set FD_CLOEXEC on file
descriptors that don't need to be passed to children to stop this misbehaviour.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-12-03 11:45:50 -06:00
Mark McLoughlin
e0cf6d15e3 slirp: fix use-after-free
460fec67ee introduced a use-after free in slirp.

Cc: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2009-11-21 00:34:04 +01:00
Michael S. Tsirkin
65528b19a6 slirp: fix unmatched bracket in if 0
Fix unmatched bracket in commented out code

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2009-09-30 18:56:44 +00:00
Blue Swirl
72cf2d4f0e Fix sys-queue.h conflict for good
Problem: Our file sys-queue.h is a copy of the BSD file, but there are
some additions and it's not entirely compatible. Because of that, there have
been conflicts with system headers on BSD systems. Some hacks have been
introduced in the commits 15cc923584,
f40d753718,
96555a96d7 and
3990d09adf but the fixes were fragile.

Solution: Avoid the conflict entirely by renaming the functions and the
file. Revert the previous hacks.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2009-09-12 07:36:22 +00:00
Blue Swirl
1e6eec8b33 Fix Sparse warnings: add "static"
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2009-09-05 10:14:07 +00:00
Stefan Weil
9e3a95ef47 Fix compiler warnings
Starting with commit df7a86ed73,
mingw32 builds result in a compiler warning for dns_addr:

  CC    slirp/slirp.o
/home/stefan/src/qemu/savannah/qemu/slirp/slirp.c:50: warning: missing braces around initializer
/home/stefan/src/qemu/savannah/qemu/slirp/slirp.c:50: warning: (near initialization for ‘dns_addr.S_un’)

Removing the assignment fixes the warning without the need of special code
for mingw32 (and also saves some bytes in the resulting binary).

To fix another potential compiler warning, the missing 'static'
attribute was added.

The same changes were applied to dns_addr_time.

Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2009-08-31 15:41:53 +00:00
Ed Swierk
df7a86ed73 slirp: Read host DNS config on demand
Currently the qemu user-mode networking stack reads the host DNS
configuration (/etc/resolv.conf or the Windows equivalent) only once
when qemu starts.  This causes name lookups in the guest to fail if the
host is moved to a different network from which the original DNS servers
are unreachable, a common occurrence when the host is a laptop.

This patch changes the slirp code to read the host DNS configuration on
demand, caching the results for at most 1 second to avoid unnecessary
overhead if name lookups occur in rapid succession.  On non-Windows
hosts, /etc/resolv.conf is re-read only if the file has been replaced or
if its size or mtime has changed.

Signed-off-by: Ed Swierk <eswierk@aristanetworks.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-08-27 20:46:58 -05:00
Ed Swierk
ce0bd027df slirp: Remove our_addr code
Three problems with our_addr:

- It's determined only once when qemu starts, but the address can change
(just like the DNS configuration can).

- It's supposed to be the IP address of a host network interface, but
there's no guarantee that gethostbyname(gethostname()) actually does
that: the host might be a laptop that has only a loopback interface up,
or the hostname might be localhost.localdomain, etc.

- It's useless at best: get_dns_addr() calls it, there's no reason to
send DNS requests to a different IP address if you're running a DNS
server on the host and resolv.conf points to 127.0.0.1.

These problems are easily solved by removing the code.

Signed-off-by: Ed Swierk <eswierk@aristanetworks.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-08-27 20:46:58 -05:00
Blue Swirl
2353422294 Add missing "static"
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2009-08-01 10:13:43 +00:00
Blue Swirl
7cba04f6de More NULL pointer fixes
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2009-08-01 10:13:20 +00:00
Juan Quintela
e2542fe2bc rename WORDS_BIGENDIAN to HOST_WORDS_BIGENDIAN
Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-07-27 14:09:21 -05:00
Ed Swierk
aaf10d9d2e slirp: Use monotonic clock if available (v2)
Calling gettimeofday() to compute a time interval can cause problems if
the system clock jumps forwards or backwards; replace updtime() with
qemu_get_clock(rt_clock), which calls clock_gettime(CLOCK_MONOTONIC) if
it is available.

Also remove some useless macros.

Signed-off-by: Ed Swierk <eswierk@aristanetworks.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-07-27 14:09:15 -05:00
Ed Swierk
97df1ee542 slirp: Remove UDP protocol emulation (talk, cuseeme)
The UDP emulation code for talk has been commented out since the
beginning of time, and unless someone who runs CU-SeeMe on qemu with
user-mode networking can vouch that the special magic (a) is necessary
and (b) works, let's get rid of the code.

Signed-off-by: Ed Swierk <eswierk@aristanetworks.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-07-27 14:09:15 -05:00
Jan Kiszka
bb53fc5394 slirp: Fix guestfwd for incoming data
Unless a virtual server address was explicitly defined (which is
impossible with the legacy -net channel format), guestfwd did not
properly forwarded host->guest packets. This patch fixes it.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-07-27 14:08:23 -05:00
Blue Swirl
6cb9c6d36f Fix breakage by obsolete _P() for good
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2009-07-01 19:11:17 +00:00
Jan Kiszka
74efd61a75 slirp: tftp: Relax filename format check
[ Applies on top of my recently posted slirp series. ]

Allow tftp requests with filenames that do not start with a slash.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-06-29 14:18:08 -05:00
Jan Kiszka
0a1f851eb7 slirp: Save/restore bootp client states
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-06-29 08:52:50 -05:00
Jan Kiszka
b1c99fcdf5 slirp: Enable multiple instances
Once again this was a long journey to reach the destination: Allow to
instantiate slirp multiple times. But as in the past, the journey was
worthwhile, cleaning up, fixing and enhancing various parts of the user
space network stack along the way.

What is this particular change good for? Multiple slirps instances
allow separated user space networks for guests with multiple NICs. This
is already possible, but without any slirp support for the second
network, ie. without a chance to talk to that network from the host via
IP. We have a legacy guest system here that benefits from this slirp
enhancement, allowing us to run both of its NICs purely over
unprivileged user space IP stacks.

Another benefit of this patch is that it simply removes an artificial
restriction of the configuration space qemu is providing, avoiding
another source of surprises that users may face when playing with
possible setups.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-06-29 08:52:50 -05:00