This patch allows the hostfwd option to override the restrict=y setting in
the user network stack, as explicitly stated in the documentation on the
restrict option:
restrict=on|off
If this option is enabled, the guest will be isolated, i.e. it
will not be able to contact the host and no guest IP packets
will be routed over the host to the outside. This option does
not affect any explicitly set forwarding rules.
Qemu bug tracker:
https://bugs.launchpad.net/qemu/+bug/829455
Signed-off-by: Gertjan Halkes <qemu@ghalkes.nl>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Some source files #include the same header more than
once for no good reason. Remove second #includes in
such cases.
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
The fcntl(fd, F_SETFL, O_NONBLOCK) flag is not specific to sockets.
Rename to qemu_set_nonblock() just like qemu_set_cloexec().
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Instead of adding missing type casts which are needed by MinGW for the
4th argument, the patch uses qemu_setsockopt which was invented for this
purpose.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Fix coding style in tcp_connect before the next patch.
Signed-off-by: MORITA Kazutaka <morita.kazutaka@lab.ntt.co.jp>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Otherwise we may start processing sockets in slirp_pollfds_poll that
were created past slirp_pollfds_fill.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Slirp uses rfds/wfds/xfds more extensively than other QEMU components.
The rarely-used out-of-band TCP data feature is used. That means we
need the full table of select(2) to g_poll(3) events:
rfds -> G_IO_IN | G_IO_HUP | G_IO_ERR
wfds -> G_IO_OUT | G_IO_ERR
xfds -> G_IO_PRI
I came up with this table by looking at Linux fs/select.c which maps
select(2) to poll(2) internally.
Another detail to watch out for are the global variables that reference
rfds/wfds/xfds during slirp_select_poll(). sofcantrcvmore() and
sofcantsendmore() use these globals to clear fd_set bits. When
sofcantrcvmore() is called, the wfds bit is cleared so that the write
handler will no longer be run for this iteration of the event loop.
This actually seems buggy to me since TCP connections can be half-closed
and we'd still want to handle data in half-duplex fashion. I think the
real intention is to avoid running the read/write handler when the
socket has been fully closed. This is indicated with the SS_NOFDREF
state bit so we now check for it before invoking the TCP write handler.
Note that UDP/ICMP code paths don't care because they are
connectionless.
Note that slirp/ has a lot of tabs and sometimes mixed tabs with spaces.
I followed the style of the surrounding code.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Message-id: 1361356113-11049-6-git-send-email-stefanha@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The slirp glue code uses tabs in some places. Since the next patch will
modify the file, convert tabs to spaces and fix checkpatch.pl issues.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Message-id: 1361356113-11049-5-git-send-email-stefanha@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This patch will allow the user to include the domain-search option in
replies from the built-in DHCP server. The domain suffixes can be
specified by adding dnssearch= entries to the "-net user" parameter.
[Jan: tiny style adjustments]
Signed-off-by: Klaus Stengel <Klaus.Stengel@asamnet.de>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
LWIP can generate packets with a source of 0.0.0.0, which triggers an
assertion failure in arp_table_add(). Instead of crashing, simply return
to avoid adding an invalid ARP table entry.
Signed-off-by: Nickolai Zeldovich <nickolai@csail.mit.edu>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
This patch cleans up return sentences in the end of void functions.
Reported-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Amos Kong <akong@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@gmail.com>
This option is described in RFC 1783. As this is only an optional field,
we may ignore it in some situations and handle it in some others.
However, MS Windows 2003 PXE boot client requests a block size of the MTU
(most of the times 1472 bytes), and doesn't work if the option is not
acknowledged (with whatever value).
According to the RFC 1783, we cannot acknowledge the option with a bigger
value than the requested one.
As current implementation is using 512 bytes by block, accept the option
with a value of 512 if the option was specified, and don't acknowledge it
if it is not present or less than 512 bytes.
Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
RFC 1350 does not mention block count roll-over. However, a lot of TFTP servers
implement it to be able to transmit big files, so do it also.
Current block size is 512 bytes, so TFTP files were limited to 32 MB.
Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
When transferring a file, keep it open during the whole transfer,
instead of opening/closing it for each block.
Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Report from smatch:
slirp/tcp_subr.c:127 tcp_respond(17) error:
we previously assumed 'tp' could be null (see line 124)
Return if 'tp' is NULL.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
The type casts of pointers to long are not allowed
when sizeof(pointer) != sizeof(long).
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
in_addr_t isn't available on mingw32. Just use an unsigned long instead. I
considered typedef'ing in_addr_t on mingw32 but this would potentially be
brittle if mingw32 did introduce the type.
Cc: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Changes so translation of remote address to the host's ip address in
the virtual network happens for all addresses in the 127.0.0.0/8
network, not just 127.0.0.1.
This fixes so that hostfwd bound to addresses such as 127.0.0.2 works.
Signed-off-by: Anders Waldenborg <anders@0x63.nu>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
MAX_TCPOPTLEN is being defined as 32. Darwin already has it as 40,
causing a warning. The value is only used to declare an array,
into which currently 4 bytes are written at most.
Therefore always override MAX_TCPOPTLEN for now.
Suggested-by: Jan Kiszka <jan.kiszka@web.de>
Reviewed-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Darwin has HTON*/NTOH* macros that on BE simply return the argument.
This is incompatible with SLIRP's use of these macros as a statement.
Undefine the macros in the HOST_WORDS_BIGENDIAN code path to redefine
these macros as no-op, as already done when they were undefined.
Suggested-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Commit b72210568e (slirp: clean up
conflicts with system headers) enclosed TCPOLEN_MAXSEG with an #ifdef
TCPOPT_EOL. This broke the build on illumos, which has TCPOPT_*
but not TCPOLEN_*.
Move them to their own #ifdef TCPOLEN_MAXSEG section to remedy this.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
- remove qemu_calculate_timeout;
- explicitly size timeout to uint32_t;
- introduce slirp_update_timeout;
- pass NULL as timeout argument to select in case timeout is the maximum
value;
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Acked-by: Paul Brook <paul@codesourcery.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
As those defines are only used for w32,
they should be in the header file for w32.
All files which include slirp.h or qemu_socket.h also
include qemu-os-win32.h.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
This massively accelerates slirp reception speed: If data arrives
faster than the guest can read it from the input buffer, the file
descriptor for the corresponding socket was taken out of the fdset for
select. However, the event of the guest reading enough data from the
buffer was not signaled. Thus, the io-thread only noticed this change
on the next time-driven poll. Fix this by kicking the io-thread as
required.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Right now, slirp/slirp.h cannot include some system headers and,
indirectly, qemu_socket.h. Clean this up, and remove a duplicate
prototype that was introduced because of that.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Casting a pointer to an integer value must use uintptr_t or intptr_t
(not long) for portable code. MinGW-w64 requires this because
sizeof(long) != sizeof(void *) for w64 hosts, so casting to long
raises a compiler warning.
I use uintptr_t instead of intptr_t because changing the sign does not
matter here and casting pointers to unsigned values seems more
reasonable (the unsigned value is a non negative offset.
Cc: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Close & free sockets when shutting down a slirp instance, also release
all buffers.
CC: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
There is now a trivial check on entry of if_start for pending packets,
so we can drop the additional tracking via if_queued.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Another attempt to get this right: We need to carefully walk both the
fastq and the batchq in if_start while trying to send packets to
possibly not yet resolved hosts on the virtual network.
So far we just requeued a delayed packet where it was and then started
walking the queues from the top again - that couldn't work. Now we pre-
calculate the next packet in the queue so that the current one can
safely be removed if it was sent successfully. We also need to take into
account that the next packet can be from the same session if the current
one was sent and there are no other sessions.
CC: Fabien Chouteau <chouteau@adacore.com>
CC: Zhi Yong Wu <wuzhy@linux.vnet.ibm.com>
CC: Stefan Weil <sw@weilnetz.de>
Tested-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
if_start can be called recursively via if_encap. Avoid this as our
scheme of dequeuing packets is not compatible with this.
CC: Fabien Chouteau <chouteau@adacore.com>
CC: Zhi Yong Wu <wuzhy@linux.vnet.ibm.com>
CC: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Make sure that next_m always points to a packet if batchq is non-empty.
This will simplify walking the queues in if_start.
CC: Fabien Chouteau <chouteau@adacore.com>
CC: Zhi Yong Wu <wuzhy@linux.vnet.ibm.com>
CC: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
The guest network stack might DHCPREQUEST an address that the slirp built
in dhcp server can't let it have - for example if the guest has an old
leases file from another network configuration. In this case the dhcp
server should and does reject the request and prepares to send a DHCPNAK
to the client.
However, in this case the daddr variable in bootp_reply() is set to
0.0.0.0. Shortly afterwards, it unconditionally attempts to pre-insert the
new client address into the ARP table. This causes an assertion failure in
arp_address_add() because of the 0.0.0.0 address.
According to RFC2131, DHCPNAK messages for clients on the same subnet
must be sent to the broadcast address (S3.2, subpoint 2).
Cc: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>