Commit Graph

269 Commits

Author SHA1 Message Date
Jan Kiszka
79e7e937bd slirp: Clean up ifs_init
Remove duplicate ifs_init macros, reimplement the logic as static inline
in mbuf.h.

CC: Zhi Yong Wu <wuzhy@linux.vnet.ibm.com>
CC: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-02-27 14:54:49 +01:00
Alon Levy
f293d8b1f2 slirp/misc: fix gcc __warn_memset_zero_len warnings
By removing memset altogether (Patch from Stefan Hajnoczi, tested
compile only by me).

Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-02-24 13:24:42 +00:00
Jan Kiszka
6612db12d5 slirp: Prevent sending ICMP error replies to source-only addresses
This triggered the related assert in arp_table_search.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-02-08 10:07:54 +01:00
Stefan Weil
9f1134d4aa slirp: Remove unused variable and unused code
9634d9031c disabled unused code.
This patch removes what was left.

If do_pty is 2, the function returns immediately, so any later checks
for do_pty == 2 will always fail and can be removed together with
the code which is never executed. Then variable master is unused and
can be removed, too.

This issue was detected by coverity.

Cc: Blue Swirl <blauwirbel@gmail.com>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-02-08 10:07:54 +01:00
Paolo Bonzini
d3b12f5dec main-loop: create main-loop.c
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2011-10-21 18:14:30 +02:00
Thomas Huth
2b44043265 slirp: Fix packet expiration
The two new variables "arp_requested" and "expiration_date" in the mbuf
structure have been added after the variable-sized "m_dat_" array. The
variables have to be added before the m_dat_ array instead.
Without this patch, the expiration_date gets clobbered by code that
accesses the m_dat_ array.
I experienced this problem with the code in slirp/tftp.c: The
tftp_send_data() function created a new packet with the m_get()
function (which fills-in a default expiration_date value). Then the
TFTP code cleared the data section of the packet, which accidentially
also cleared the expiration_date. This zeroed expiration_date then
finally causes the packet to be discarded during if_start(), so that
TFTP packets were not transmitted anymore.

[Jan: added comment as suggested by Fabien ]

CC: Fabien Chouteau <chouteau@adacore.com>
Signed-off-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2011-09-28 13:11:30 +02:00
Jan Kiszka
8d06d69bc4 slirp: Fix use after release on tcp_input
ti points into the m buffer. But the latter may already be released
right after the dodata: label. Move the test before the potential
release.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2011-09-28 13:10:22 +02:00
Anthony Liguori
39ba59c21b Merge remote-tracking branch 'kiszka/queues/slirp' into staging 2011-09-20 15:18:10 -05:00
Stefan Weil
b2bedb2144 Remove blanks before \n in output strings
Those blanks violate the coding conventions, see
scripts/checkpatch.pl.

Blanks missing after colons in the changed lines were added.

This patch does not try to fix tabs, long lines and other
problems in the changed lines, therefore checkpatch.pl reports
many violations.

Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-09-16 08:25:56 -05:00
Jan Kiszka
144d192d33 slirp: Fill TCP/IP header template after SYN reception
This ensures we can cleanly signal the drop in case the connection timer
fires. So far we sent those frames to nowhere (target IP 0.0.0.0).

Found by the new assertion on invalid IPs in arp_table_search.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2011-09-16 00:16:12 +02:00
Stefan Weil
5a61cb60d6 Fix include statements for qemu-common.h
* qemu-common.h is not a system include file, so it should be included
  with "" instead of <>. Otherwise incremental builds might fail
  because only local include files are checked for changes.

* linux-user/syscall.c included the file twice.

Cc: Riku Voipio <riku.voipio@iki.fi>
Cc: Jan Kiszka <jan.kiszka@siemens.com>
Acked-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2011-09-09 09:56:12 +01:00
Stefan Weil
541dc0d47f Use new macro QEMU_PACKED for packed structures
Most changes were made using these commands:

git grep -la '__attribute__((packed))'|xargs perl -pi -e 's/__attribute__\(\(packed\)\)/QEMU_PACKED/'
git grep -la '__attribute__ ((packed))'|xargs perl -pi -e 's/__attribute__ \(\(packed\)\)/QEMU_PACKED/'
git grep -la '__attribute__((__packed__))'|xargs perl -pi -e 's/__attribute__\(\(__packed__\)\)/QEMU_PACKED/'
git grep -la '__attribute__ ((__packed__))'|xargs perl -pi -e 's/__attribute__ \(\(__packed__\)\)/QEMU_PACKED/'
git grep -la '__attribute((packed))'|xargs perl -pi -e 's/__attribute\(\(packed\)\)/QEMU_PACKED/'

Whitespace in linux-user/syscall_defs.h was fixed manually
to avoid warnings from scripts/checkpatch.pl.

Manual changes were also applied to hw/pc.c.

I did not fix indentation with tabs in block/vvfat.c.
The patch will show 4 errors with scripts/checkpatch.pl.

Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2011-09-03 10:45:59 +00:00
Anthony Liguori
2cc6e0a142 char: rename qemu_chr_write() -> qemu_chr_fe_write()
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-08-22 10:17:15 -05:00
Blue Swirl
aec7c6dc68 Merge branch 'queues/slirp' of git://git.kiszka.org/qemu
* 'queues/slirp' of git://git.kiszka.org/qemu:
  slirp: Fix bit field types in IP header structs
2011-08-21 19:19:29 +00:00
Anthony Liguori
7267c0947d Use glib memory allocation and free functions
qemu_malloc/qemu_free no longer exist after this commit.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-08-20 23:01:08 -05:00
Jan Kiszka
1b930bfa09 slirp: Fix bit field types in IP header structs
-mms-bitfields prevents that the bitfields in current IP header structs
are packed into a single byte as it is required. Fix this by using
uint8_t as backing type.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2011-08-14 23:34:44 -07:00
Jan Kiszka
e3a110b527 slirp: Only start packet expiration for delayed ones
The expiration timeout must only affect packets that are queued due to
pending ARP resolutions. The old version broke ping e.g.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2011-08-05 14:05:53 +02:00
Jan Kiszka
fd5938799d slirp: Read current time only once per if_start call
No need to update the current time for each packet we send from the
queue. Processing time is comparably short.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2011-08-05 14:04:00 +02:00
Jan Kiszka
5a371a2e52 slirp: Fix types of IP address parameters
Should be uint32_t for IPv4, not int. Also avoid in_addr_t without
proper includes. Fixes build regression on mingw32.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2011-08-05 12:51:11 +02:00
Fabien Chouteau
1ab74cea06 Delayed IP packets
In the current implementation, if Slirp tries to send an IP packet to a client
with an unknown hardware address, the packet is simply dropped and an ARP
request is sent (if_encap in slirp/slirp.c).

With this patch, Slirp will send the ARP request, re-queue the packet and try
to send it later. The packet is dropped after one second if the ARP reply is
not received.

Signed-off-by: Fabien Chouteau <chouteau@adacore.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2011-08-03 12:57:11 +02:00
Fabien Chouteau
1a0ca1e1f6 Simple ARP table
This patch adds a simple ARP table in Slirp and also adds handling of
gratuitous ARP requests.

Signed-off-by: Fabien Chouteau <chouteau@adacore.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2011-08-03 12:57:06 +02:00
Stefan Weil
cf2846b5fa slirp: Fix unusual "comments" in unused code
cppcheck detected two rather strange comments which were not
correctly written as C comments.

They did not cause any harm because they were framed by
#ifdef notdef ... #endif, so they were never compiled.

Fix them nevertheless (we could also remove the unused code).

Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2011-07-27 10:10:17 +01:00
Blue Swirl
00aa0040e8 Wrap recv to avoid warnings
Avoid warnings like these by wrapping recv():
  CC    slirp/ip_icmp.o
/src/qemu/slirp/ip_icmp.c: In function 'icmp_receive':
/src/qemu/slirp/ip_icmp.c:418:5: error: passing argument 2 of 'recv' from incompatible pointer type [-Werror]
/usr/local/lib/gcc/i686-mingw32msvc/4.6.0/../../../../i686-mingw32msvc/include/winsock2.h:547:32: note: expected 'char *' but argument is of type 'struct icmp *'

Remove also casts used to avoid warnings.

Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2011-07-25 14:38:56 +00:00
Jan Kiszka
e6d43cfb1f slirp: Forward ICMP echo requests via unprivileged sockets
Linux 3.0 gained support for unprivileged ICMP ping sockets. Use this
feature to forward guest pings to the outer world. The host admin has to
set the ping_group_range in order to grant access to those sockets. To
allow ping for the users group (GID 100):

echo 100 100 > /proc/sys/net/ipv4/ping_group_range

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-07-23 10:19:50 -05:00
Jan Kiszka
565465fcae slirp: Put forked exec into separate process group
Recent smb daemons tend to terminate themselves via a process group
SIGTERM. If the daemon is still in qemu's group by that time, qemu will
die as well. Avoid this by always pushing fork_exec processes into a
group of their own, not just (unused) type 2 execs.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-07-23 10:19:49 -05:00
Jan Kiszka
3acccfc67d slirp: Replace m_freem with m_free
Remove this pointless wrapping.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-07-23 10:19:49 -05:00
Jan Kiszka
5a82362ad0 slirp: Strictly associate DHCP/BOOTP and TFTP with virtual host
Instead of accepting every DHCP/BOOTP and TFTP packet, only invoke the
built-in servers if the target is the virtual host.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-07-23 10:19:49 -05:00
Jan Kiszka
12b513d837 slirp: Fix restricted mode
This aligns the code to what the documentation claims: Allow everything
but requests that would have to be routed outside of the virtual LAN.

So we need to drop the unneeded IP-level filter, allow TFTP requests,
and add the missing protocol-level filter to ICMP.

CC: Gleb Natapov <gleb@redhat.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-07-23 10:19:49 -05:00
Paolo Bonzini
4d54ec7898 add a service to reap zombies, use it in SLIRP
SLIRP -smb support wants to fork a process and forget about reaping it.
To please it, add a generic service to register a process id and let
QEMU reap it.  In the future it could be enhanced to pass a status,
but this would be unused.

With this in place, the SIGCHLD signal handler would not stomp on pclose
anymore.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-03-29 08:14:11 -05:00
Paolo Bonzini
7bd427d801 change all rt_clock references to use millisecond resolution accessors
This was done with:

    sed -i '/get_clock\>.*rt_clock/s/get_clock\>/get_clock_ms/' \
        $(git grep -l 'get_clock\>.*rt_clock' )
    sed -i '/new_timer\>.*rt_clock/s/new_timer\>/new_timer_ms/' \
        $(git grep -l 'new_timer\>.*rt_clock' )

after checking that get_clock and new_timer never occur twice
on the same line.  There were no missed occurrences; however, even
if there had been, they would have been caught by the compiler.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2011-03-21 09:23:23 +01:00
Vincent Palatin
24ac3a7d4e net: fix trace when debug is activated in slirp
make the code compile correctly when DEBUG is activated.

Signed-off-by: Vincent Palatin <vpalatin@chromium.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2011-03-05 12:00:51 +00:00
Stefan Weil
89d2d3af51 slirp: Remove some type casts caused by bad declaration of x.tp_buf
x.tp_buf was declared as a uint8_t array, but always used as
a char array (which needed a lot of type casts).

The patch includes these changes:

* Fix declaration of x.tp_buf and remove all type casts.

* Use offsetof() to get the offset of x.tp_buf.

Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2011-02-25 15:58:59 +00:00
Anthony Liguori
8fe3046f17 Fix build from previous commit
I unfortunately got on an unnamed branch and pushed the wrong bits

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-02-14 14:24:24 -06:00
Bruce Rogers
53fae6d27f PATCH] slirp: fix buffer overrun
Since the addition of the slirp member to struct mbuf, the value of
SLIRP_MSIZE and the initialization of m_size have not been correct,
resulting in overrunning the end of the malloc'd buffer in some cases.

Signed-off-by: Bruce Rogers <brogers@novell.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-02-14 13:23:00 -06:00
Blue Swirl
64b85a8f23 Delete useless 'extern' qualifiers for functions
'extern' qualifier is useless for function declarations. Delete
them.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2011-01-23 16:21:20 +00:00
Sergei Gavrikov
facf1a60f2 slirp: Use strcasecmp() to check tftp mode, tsize
According to RFC 1350 (TFTP Revision 2) the mode field can contain any
combination of upper and lower case; also RFC 2349 propagates that the
transfer size option ("tsize") is case in-sensitive too.

Current implementation of embedded TFTP server missed that what does
mess some TFTP clients. Fixed by using STRCASECMP(3) in the required
places.

Signed-off-by: Sergei Gavrikov <sergei.gavrikov@gmail.com>
Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Edgar E. Iglesias <edgar@axis.com>
2011-01-13 11:38:44 +01:00
Aurelien Jarno
8aaf42ed0f slirp: fix unaligned access in bootp code
Slirp code tries to be smart an avoid data copy by using pointer to
the data. This solution leads to unaligned access, in this case
preq_addr, which is a 32-bit long structure. There is no real point
of avoiding data copy in a such case, as the value itself is smaller
or the same size as a pointer.

The patch replaces pointers to the preq_addr structure by the strcture
itself, and use the address 0.0.0.0 if no address has been requested
(this is not a valid address in such a request). It compares it with
htonl(0L) for correctness reasons, in case a code checker look for such
mistakes. It also uses memcpy() for copying the data, which takes care
of alignement issues.

This fixes an unaligned access on IA64 host while requesting a DHCP
address.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2011-01-10 10:56:25 +01:00
Stefan Weil
9eca6cc643 slirp: Remove unused code for bad sprintf
Neither DECLARE_SPRINTF nor BAD_SPRINTF are needed for QEMU.

QEMU won't support systems with missing or bad declarations
for sprintf. The unused code was detected while looking for
functions with missing format checking. Instead of adding
GCC_FMT_ATTR, the unused code was removed.

Cc: Blue Swirl <blauwirbel@gmail.com>
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-11-21 09:16:57 -06:00
Stefan Weil
8b7968f7c4 Use GCC_FMT_ATTR (format checking)
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2010-10-03 06:34:51 +00:00
Andreas Färber
4a2b39d323 slirp: Silence warning on Haiku
Haiku has O_BINARY in fcntl.h.

Signed-off-by: Andreas Färber <andreas.faerber@web.de>
Cc: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2010-10-03 06:31:49 +00:00
Hervé Poussineau
dbf3c4b4ba Make ARP replies at least 64 bytes long
IEEE 802.3 standard requires Ethernet frames to be at least 64 bytes long.
If it is not the case, they will be considered as runt frames, and may be ignored by netcard and/or OS

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2010-09-17 12:46:27 +02:00
Hervé Poussineau
0d491754d0 Accept packets with TTL=1
Packets with TTL=1 may be directed to local network (DHCP/DNS servers for example), so don't discard them
This is required by old versions of NetBSD which send DHCP DISCOVER packets with TTL=1

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2010-09-17 12:46:27 +02:00
Jes Sorensen
7390cdfbf7 Change DPRINTF() to do{}while(0) to avoid compiler warning
Signed-off-by: Jes Sorensen <Jes.Sorensen@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2010-09-04 09:45:54 +00:00
Stefan Weil
08dc07a32b slirp: Remove declarations which are no longer needed
The previous patches replaced u_int8_t, u_int16_t, u_int32_t, u_int64_t
by standard int types from stdint.h,
so we can now remove their declarations which are no longer needed.

Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2010-07-25 16:59:41 +02:00
Stefan Weil
b6dce92e89 slirp: Replace u_int8_t, u_int16_t, u_int32_t, u_int64_t by standard int types
There is no need to have a second set of integral types.
Replace them by the standard types from stdint.h.

Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2010-07-25 16:59:41 +02:00
Alex Williamson
0be71e324f savevm: Add DeviceState param
When available, we'd like to be able to access the DeviceState
when registering a savevm.  For buses with a get_dev_path()
function, this will allow us to create more unique savevm
id strings.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-07-06 10:36:28 -05:00
Blue Swirl
9678d9501b Remove dead assignments in various common files, spotted by clang analyzer
Value stored is never read.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2010-04-25 18:35:52 +00:00
Juha Riihimäki
ab07b980c4 slirp: fix structure initialization in tcp_listen()
A data structure of type sockaddr_in is allocated from stack but not
properly initialized. This may lead to a failure in the bind() call
later on. Fixed by filling the contents of the structure with zeroes
before using it.

Signed-off-by: Juha Riihimäki <juha.riihimaki@nokia.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2010-04-20 16:42:38 +00:00
Blue Swirl
7107944a7b slirp: fix unused return value, spotted by clang
Fix clang errors like:
  CC    slirp/cksum.o
/src/qemu/slirp/cksum.c:78:3: error: expression result unused [-Wunused-value]
                REDUCE;
/src/qemu/slirp/cksum.c:45:66: note: instantiated from:

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2010-04-18 14:27:46 +00:00
Markus Armbruster
8631b6084a monitor: Separate "default monitor" and "current monitor" cleanly
Commits 376253ec..731b0364 introduced global variable cur_mon, which
points to the "default monitor" (if any), except during execution of
monitor_read() or monitor_control_read() it points to the monitor from
which we're reading instead (the "current monitor").  Monitor command
handlers run within monitor_read() or monitor_control_read().

Default monitor and current monitor are really separate things, and
squashing them together is confusing and error-prone.

For instance, usb_host_scan() can run both in "info usbhost" and
periodically via usb_host_auto_check().  It prints to cur_mon, which
is what we want in the former case: the monitor executing "info
usbhost".  But since that's the default monitor in the latter case, it
periodically spams the default monitor there.

A few places use cur_mon to log stuff to the default monitor.  If we
ever log something while cur_mon points to current monitor instead of
default monitor, the log temporarily "jumps" to another monitor.
Whether that can or cannot happen isn't always obvious.

Maybe logging to the default monitor (which may not even exist) is a
bad idea, and we should log to stderr or a logfile instead.  But
that's outside the scope of this commit.

Change cur_mon to point to the current monitor.  Create new
default_mon to point to the default monitor.  Update users of cur_mon
accordingly.

This fixes the periodical spamming of the default monitor by
usb_host_scan().  It also stops "log jumping", should that problem
exist.
2010-03-16 16:55:05 +01:00
Blue Swirl
b0e0486730 slirp: remove dead nested assignment, spotted by clang
Although the value stored to 'r' is used in the enclosing expression,
the value is never actually read from 'r'.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2010-03-07 13:45:38 +00:00
Blue Swirl
7071ff3288 slirp: remove dead initialization, spotted by clang
Value stored during initialization is never read.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2010-03-07 13:45:38 +00:00
Blue Swirl
369c86e788 slirp: remove dead increments, spotted by clang
Value stored is never read.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2010-03-07 13:45:37 +00:00
Blue Swirl
aca9fcd28e slirp: remove dead assignments, spotted by clang
Value stored is never read.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2010-03-07 13:13:05 +00:00
Jim Meyering
6265eb26a3 don't dereference NULL after failed strdup
Most of these are obvious NULL-deref bug fixes, for example,
the ones in these files:

  block/curl.c
  net.c
  slirp/misc.c

and the first one in block/vvfat.c.
The others in block/vvfat.c may not lead to an immediate segfault, but I
traced the two schedule_rename(..., strdup(path)) uses, and a failed
strdup would appear to trigger this assertion in handle_renames_and_mkdirs:

	    assert(commit->path);

The conversion to use qemu_strdup in envlist_to_environ is not technically
needed, but does avoid a theoretical leak in the caller when strdup fails
for one value, but later succeeds in allocating another buffer(plausible,
if one string length is much larger than the others).  The caller does
not know the length of the returned list, and as such can only free
pointers until it hits the first NULL.  If there are non-NULL pointers
beyond the first, their buffers would be leaked.  This one is admittedly
far-fetched.

The two in linux-user/main.c are worth fixing to ensure that an
OOM error is diagnosed up front, rather than letting it provoke some
harder-to-diagnose secondary error, in case of exec failure, or worse, in
case the exec succeeds but with an invalid list of command line options.
However, considering how unlikely it is to encounter a failed strdup early
in main, this isn't a big deal.  Note that adding the required uses of
qemu_strdup here and in envlist.c induce link failures because qemu_strdup
is not currently in any library they're linked with.  So for now, I've
omitted those changes, as well as the fixes in target-i386/helper.c
and target-sparc/helper.c.

If you'd like to see the above discussion (or anything else)
in the commit log, just let me know and I'll be happy to adjust.

>From 9af42864fd1ea666bd25e2cecfdfae74c20aa8c7 Mon Sep 17 00:00:00 2001
From: Jim Meyering <meyering@redhat.com>
Date: Mon, 8 Feb 2010 18:29:29 +0100
Subject: [PATCH] don't dereference NULL after failed strdup

Handle failing strdup by replacing each use with qemu_strdup,
so as not to dereference NULL or trigger a failing assertion.
* block/curl.c (curl_open): s/\bstrdup\b/qemu_strdup/
* block/vvfat.c (init_directories): Likewise.
(get_cluster_count_for_direntry, check_directory_consistency): Likewise.
* net.c (parse_host_src_port): Likewise.
* slirp/misc.c (fork_exec): Likewise.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-02-10 14:00:53 -06:00
malc
d0f2c4c602 Do not use dprintf
dprintf is already claimed by POSIX[1], and on at least one system
is implemented as a macro

[1] http://www.opengroup.org/onlinepubs/9699919799/functions/dprintf.html

Signed-off-by: malc <av1474@comtv.ru>
2010-02-07 02:03:50 +03:00
Milan Plzik
1cb1a66aed Qemu's internal TFTP server breaks lock-step-iness of TFTP
According to RFC 1350 and RFC 2347, TFTP server should answer RRQ by
either OACK or DATA packet. Qemu's internal TFTP server answers RRQ with
additional options by sending both OACK and DATA packet, thus breaking
the "lock-step" feature of the protocol, and also confuses client.

  Proposed solution would be to, in case of OACK packet, wait for ACK
from client and just then start sending data. Attached patch implements
this.

Signed-off-by: Thomas Horsten <thomas@horsten.com>
Signed-off-by: Milan Plzik <milan.plzik@gmail.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-13 17:14:16 -06:00
Thomas Horsten
bfe4e17242 Handle TFTP ERROR from client
If a PXE client only wants to find out the size of a file, it will
open the file and then abort the transfer by sending a TFTP ERROR packet.

The ERROR packet should cause qemu to terminate the session. If not,
the sessions will soon run out and cause timeouts in the client.

Also, if a TFTP session already exists with same IP/UDP port, it
should be terminated when a new RRQ is received, instead of creating a
duplicate (which will never be used).

A patch for gPXE to send the ERROR packet is also being submitted to
gPXE. Together they resolve slowness/hanging when booting pxegrub from
qemu's internal TFTP server. The patch from Milan Plzik to return
after sending OACK is also required for a complete fix.

Signed-off-by: Thomas Horsten <thomas@horsten.com>
Signed-off-by: Milan Plzik <milan.plzik@gmail.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-11 13:41:00 -06:00
Kirill A. Shutemov
f0d98b0517 slirp/misc.c: fix warning with _FORTIFY_SOURCE
CC    slirp/misc.o
cc1: warnings being treated as errors
slirp/misc.c: In function 'fork_exec':
slirp/misc.c:209: error: ignoring return value of 'write', declared with attribute warn_unused_result
make: *** [slirp/misc.o] Error 1

Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2009-12-25 18:19:18 +00:00
Juha Riihimäki
9a0c6a3373 fix networking on win32 host
At least under some mingw compilers slirp networking fails without declaring
these fields packed.

From: Juha Riihimäki <juha.riihimaki@nokia.com>
Signed-off-by: Juha Riihimäki <juha.riihimaki@nokia.com>
Signed-off-by: Riku Voipio <riku.voipio@nokia.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2009-12-18 23:23:56 +01:00
Kevin Wolf
40ff6d7e8d Don't leak file descriptors
We're leaking file descriptors to child processes. Set FD_CLOEXEC on file
descriptors that don't need to be passed to children to stop this misbehaviour.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-12-03 11:45:50 -06:00
Mark McLoughlin
e0cf6d15e3 slirp: fix use-after-free
460fec67ee introduced a use-after free in slirp.

Cc: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2009-11-21 00:34:04 +01:00
Michael S. Tsirkin
65528b19a6 slirp: fix unmatched bracket in if 0
Fix unmatched bracket in commented out code

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2009-09-30 18:56:44 +00:00
Blue Swirl
72cf2d4f0e Fix sys-queue.h conflict for good
Problem: Our file sys-queue.h is a copy of the BSD file, but there are
some additions and it's not entirely compatible. Because of that, there have
been conflicts with system headers on BSD systems. Some hacks have been
introduced in the commits 15cc923584,
f40d753718,
96555a96d7 and
3990d09adf but the fixes were fragile.

Solution: Avoid the conflict entirely by renaming the functions and the
file. Revert the previous hacks.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2009-09-12 07:36:22 +00:00
Blue Swirl
1e6eec8b33 Fix Sparse warnings: add "static"
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2009-09-05 10:14:07 +00:00
Stefan Weil
9e3a95ef47 Fix compiler warnings
Starting with commit df7a86ed73,
mingw32 builds result in a compiler warning for dns_addr:

  CC    slirp/slirp.o
/home/stefan/src/qemu/savannah/qemu/slirp/slirp.c:50: warning: missing braces around initializer
/home/stefan/src/qemu/savannah/qemu/slirp/slirp.c:50: warning: (near initialization for ‘dns_addr.S_un’)

Removing the assignment fixes the warning without the need of special code
for mingw32 (and also saves some bytes in the resulting binary).

To fix another potential compiler warning, the missing 'static'
attribute was added.

The same changes were applied to dns_addr_time.

Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2009-08-31 15:41:53 +00:00
Ed Swierk
df7a86ed73 slirp: Read host DNS config on demand
Currently the qemu user-mode networking stack reads the host DNS
configuration (/etc/resolv.conf or the Windows equivalent) only once
when qemu starts.  This causes name lookups in the guest to fail if the
host is moved to a different network from which the original DNS servers
are unreachable, a common occurrence when the host is a laptop.

This patch changes the slirp code to read the host DNS configuration on
demand, caching the results for at most 1 second to avoid unnecessary
overhead if name lookups occur in rapid succession.  On non-Windows
hosts, /etc/resolv.conf is re-read only if the file has been replaced or
if its size or mtime has changed.

Signed-off-by: Ed Swierk <eswierk@aristanetworks.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-08-27 20:46:58 -05:00
Ed Swierk
ce0bd027df slirp: Remove our_addr code
Three problems with our_addr:

- It's determined only once when qemu starts, but the address can change
(just like the DNS configuration can).

- It's supposed to be the IP address of a host network interface, but
there's no guarantee that gethostbyname(gethostname()) actually does
that: the host might be a laptop that has only a loopback interface up,
or the hostname might be localhost.localdomain, etc.

- It's useless at best: get_dns_addr() calls it, there's no reason to
send DNS requests to a different IP address if you're running a DNS
server on the host and resolv.conf points to 127.0.0.1.

These problems are easily solved by removing the code.

Signed-off-by: Ed Swierk <eswierk@aristanetworks.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-08-27 20:46:58 -05:00
Blue Swirl
2353422294 Add missing "static"
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2009-08-01 10:13:43 +00:00
Blue Swirl
7cba04f6de More NULL pointer fixes
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2009-08-01 10:13:20 +00:00
Juan Quintela
e2542fe2bc rename WORDS_BIGENDIAN to HOST_WORDS_BIGENDIAN
Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-07-27 14:09:21 -05:00
Ed Swierk
aaf10d9d2e slirp: Use monotonic clock if available (v2)
Calling gettimeofday() to compute a time interval can cause problems if
the system clock jumps forwards or backwards; replace updtime() with
qemu_get_clock(rt_clock), which calls clock_gettime(CLOCK_MONOTONIC) if
it is available.

Also remove some useless macros.

Signed-off-by: Ed Swierk <eswierk@aristanetworks.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-07-27 14:09:15 -05:00
Ed Swierk
97df1ee542 slirp: Remove UDP protocol emulation (talk, cuseeme)
The UDP emulation code for talk has been commented out since the
beginning of time, and unless someone who runs CU-SeeMe on qemu with
user-mode networking can vouch that the special magic (a) is necessary
and (b) works, let's get rid of the code.

Signed-off-by: Ed Swierk <eswierk@aristanetworks.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-07-27 14:09:15 -05:00
Jan Kiszka
bb53fc5394 slirp: Fix guestfwd for incoming data
Unless a virtual server address was explicitly defined (which is
impossible with the legacy -net channel format), guestfwd did not
properly forwarded host->guest packets. This patch fixes it.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-07-27 14:08:23 -05:00
Blue Swirl
6cb9c6d36f Fix breakage by obsolete _P() for good
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2009-07-01 19:11:17 +00:00
Jan Kiszka
74efd61a75 slirp: tftp: Relax filename format check
[ Applies on top of my recently posted slirp series. ]

Allow tftp requests with filenames that do not start with a slash.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-06-29 14:18:08 -05:00
Jan Kiszka
0a1f851eb7 slirp: Save/restore bootp client states
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-06-29 08:52:50 -05:00
Jan Kiszka
b1c99fcdf5 slirp: Enable multiple instances
Once again this was a long journey to reach the destination: Allow to
instantiate slirp multiple times. But as in the past, the journey was
worthwhile, cleaning up, fixing and enhancing various parts of the user
space network stack along the way.

What is this particular change good for? Multiple slirps instances
allow separated user space networks for guests with multiple NICs. This
is already possible, but without any slirp support for the second
network, ie. without a chance to talk to that network from the host via
IP. We have a legacy guest system here that benefits from this slirp
enhancement, allowing us to run both of its NICs purely over
unprivileged user space IP stacks.

Another benefit of this patch is that it simply removes an artificial
restriction of the configuration space qemu is providing, avoiding
another source of surprises that users may face when playing with
possible setups.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-06-29 08:52:50 -05:00
Jan Kiszka
ad0d8c4c32 slirp: Allocate/free stack instance dynamically
Allocate the internal slirp state dynamically and provide and call
slirp_cleanup to properly release it after use. This patch finally
unbreaks slirp release and re-instantiation via host_net_* monitor
commands.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-06-29 08:52:49 -05:00
Jan Kiszka
9f8bd0421d slirp: Use internal state in interface
This now also exports the internal state to the slirp users in qemu,
returning it from slirp_init and expecting it along with service
invocations. Additionally provide an opaque value interface for the
callbacks from slirp into the qemu core.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-06-29 08:52:49 -05:00
Jan Kiszka
460fec67ee slirp: Factor out internal state structure
The essence of this patch is to stuff (almost) all global variables of
the slirp stack into the structure Slirp. In this step, we still keep
the structure as global variable, directly accessible by the whole
stack. Changes to the external interface of slirp will be applied in
the following patches.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-06-29 08:52:49 -05:00
Jan Kiszka
b5302e1a9d slirp: Drop link_up checks from if_output and slirp_socket_can_recv
link_up is true once slirp is initialized, so these check are really not
required.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-06-29 08:52:49 -05:00
Jan Kiszka
f1d99bbdcd slirp: Clean up timeout handling around slirp_select_fill/poll
Again lot of dead code. Remove it.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-06-29 08:52:49 -05:00
Jan Kiszka
d918f23efa slirp: Kill slirp_is_inited
Avoid the need for slirp_is_inited by refactoring the protected
slirp_select_* functions. This also avoids the clearing of all fd sets
on select errors.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-06-29 08:52:49 -05:00
Jan Kiszka
8ec7f4edcf slirp: Clean up updtime
Drop redundant typecasts in both variants and remove the pointless
round-up in the UNIX version.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-06-29 08:52:49 -05:00
Jan Kiszka
285f7a62e4 slirp: Make IP packet ID consistent
Currently, ip_id is always initialized to 0 on slirp startup (despite
the broken attempt to derive it from the clock). This is good for
reproducibility. But it is not preserved across save/restore. This patch
therefore drops the dead initialization code from ip_init and introduces
ip_id to the persistent slirp state.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-06-29 08:52:48 -05:00
Jan Kiszka
df46189412 slirp: Factor out one-time initialization
In order to prepare re-initialization and multi-instance slirp, factor
out init code that is of global scope and (at least for now) only need
to be run once.

This also fixes the potentially uninitialized use of our_addr in
get_dns_addr.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-06-29 08:52:47 -05:00
Jan Kiszka
9367964ae2 slirp: tftp: Rework filename handling
This changes the filename handling from a static buffer in tftp_session
for the client-provided name + prefix to a dynamically allocated buffer
that keeps the combined path in one place.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-06-29 08:52:47 -05:00
Jan Kiszka
20c24bf24d slirp: tftp: Refactor tftp_handle_rrq
Specifically make the filename extraction more readable, and always
report errors back to the client.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-06-29 08:52:47 -05:00
Jan Kiszka
ef2d54d8df slirp: tftp: Clean up tftp_send_error
The return code of tftp_send_error is not used, drop it. And also make
sure to always terminate the session.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-06-29 08:52:47 -05:00
Jan Kiszka
f8e3cbd3b5 slirp: tftp: Cleanup tftp_prefix check
Perform check for set prefix early (if it's not given, tftp is disabled)
and drop redundant second check.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-06-29 08:52:47 -05:00
Jan Kiszka
ee9be58735 slirp: Drop unused icmp_var.h
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-06-29 08:52:47 -05:00
Jan Kiszka
9f349498af slirp: Cleanup and basic reanimation of debug code
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-06-29 08:52:46 -05:00
Jan Kiszka
0fe6a7f284 slirp: Drop statistic code
As agreed on the mailing list, there is no interest in keeping the
usually disabled slirp statistics in the tree. So this patch removes
them.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-06-29 08:52:46 -05:00
Jan Kiszka
0d62c4cfe2 slirp: Drop dead code
After all its years inside the qemu tree, there is no point in keeping
the dead code paths of slirp. This patch is a first round of removing
usually commented out code parts. More cleanups need to follow (and
maybe finally a proper reindention).

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-06-29 08:52:46 -05:00
Jan Kiszka
6dbe553fe9 slirp: Add info usernet for dumping connection states
Break out sockstats from the slirp statistics and present them under the
new info category "usernet". This patch also improves the current output
/wrt proper reporting connection source and destination.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-06-29 08:52:46 -05:00
Jan Kiszka
4a82347a47 slirp: Mark sockets of incoming TCP connections
Required for pretty-printing.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-06-29 08:52:46 -05:00
Jan Kiszka
9c12a6f24d slirp: Do not allow to remove non-hostfwd sockets
Prevent that the users accidentally shoots down dynamic sockets. This
allows to remove looping for removals as there can now only be one
match.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-06-29 08:52:46 -05:00
Jan Kiszka
6dd5ffb661 slirp: Explicitely mark host-forwarding sockets
Mark sockets that describe host forwardings. This is required for their
(and only their) proper deletion and for pretty-printing.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-06-29 08:52:45 -05:00
Jan Kiszka
f932b6ce71 slirp: Prepare for persistent socket state flags
This prepares for adding flags to socket.so_state that must not be
removed during the lifetime of a socket.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-06-29 08:52:45 -05:00