net.c 79.3 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
/*
 * QEMU System Emulator
 *
 * Copyright (c) 2003-2008 Fabrice Bellard
 *
 * Permission is hereby granted, free of charge, to any person obtaining a copy
 * of this software and associated documentation files (the "Software"), to deal
 * in the Software without restriction, including without limitation the rights
 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 * copies of the Software, and to permit persons to whom the Software is
 * furnished to do so, subject to the following conditions:
 *
 * The above copyright notice and this permission notice shall be included in
 * all copies or substantial portions of the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 * THE SOFTWARE.
 */
#include <unistd.h>
#include <fcntl.h>
#include <signal.h>
#include <time.h>
#include <errno.h>
#include <sys/time.h>
#include <zlib.h>

32
/* Needed early for HOST_BSD etc. */
blueswir1's avatar
blueswir1 committed
33 34
#include "config-host.h"

35 36 37 38 39 40
#ifndef _WIN32
#include <sys/times.h>
#include <sys/wait.h>
#include <termios.h>
#include <sys/mman.h>
#include <sys/ioctl.h>
blueswir1's avatar
blueswir1 committed
41
#include <sys/resource.h>
42 43
#include <sys/socket.h>
#include <netinet/in.h>
blueswir1's avatar
blueswir1 committed
44 45 46 47 48 49 50 51
#include <net/if.h>
#ifdef __NetBSD__
#include <net/if_tap.h>
#endif
#ifdef __linux__
#include <linux/if_tun.h>
#endif
#include <arpa/inet.h>
52 53 54
#include <dirent.h>
#include <netdb.h>
#include <sys/select.h>
55
#ifdef HOST_BSD
56
#include <sys/stat.h>
57
#if defined(__FreeBSD__) || defined(__DragonFly__)
58
#include <libutil.h>
blueswir1's avatar
blueswir1 committed
59 60
#else
#include <util.h>
61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104
#endif
#elif defined (__GLIBC__) && defined (__FreeBSD_kernel__)
#include <freebsd/stdlib.h>
#else
#ifdef __linux__
#include <pty.h>
#include <malloc.h>
#include <linux/rtc.h>

/* For the benefit of older linux systems which don't supply it,
   we use a local copy of hpet.h. */
/* #include <linux/hpet.h> */
#include "hpet.h"

#include <linux/ppdev.h>
#include <linux/parport.h>
#endif
#ifdef __sun__
#include <sys/stat.h>
#include <sys/ethernet.h>
#include <sys/sockio.h>
#include <netinet/arp.h>
#include <netinet/in.h>
#include <netinet/in_systm.h>
#include <netinet/ip.h>
#include <netinet/ip_icmp.h> // must come after ip.h
#include <netinet/udp.h>
#include <netinet/tcp.h>
#include <net/if.h>
#include <syslog.h>
#include <stropts.h>
#endif
#endif
#endif

#if defined(__OpenBSD__)
#include <util.h>
#endif

#if defined(CONFIG_VDE)
#include <libvdeplug.h>
#endif

#ifdef _WIN32
105
#include <windows.h>
106 107 108 109 110 111 112
#include <malloc.h>
#include <sys/timeb.h>
#include <mmsystem.h>
#define getopt_long_only getopt_long
#define memalign(align, size) malloc(size)
#endif

113 114 115 116 117 118 119 120
#include "qemu-common.h"
#include "net.h"
#include "monitor.h"
#include "sysemu.h"
#include "qemu-timer.h"
#include "qemu-char.h"
#include "audio/audio.h"
#include "qemu_socket.h"
121
#include "qemu-log.h"
122

Jan Kiszka's avatar
Jan Kiszka committed
123
#include "slirp/libslirp.h"
124 125


126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265
static VLANState *first_vlan;

/***********************************************************/
/* network device redirectors */

#if defined(DEBUG_NET) || defined(DEBUG_SLIRP)
static void hex_dump(FILE *f, const uint8_t *buf, int size)
{
    int len, i, j, c;

    for(i=0;i<size;i+=16) {
        len = size - i;
        if (len > 16)
            len = 16;
        fprintf(f, "%08x ", i);
        for(j=0;j<16;j++) {
            if (j < len)
                fprintf(f, " %02x", buf[i+j]);
            else
                fprintf(f, "   ");
        }
        fprintf(f, " ");
        for(j=0;j<len;j++) {
            c = buf[i+j];
            if (c < ' ' || c > '~')
                c = '.';
            fprintf(f, "%c", c);
        }
        fprintf(f, "\n");
    }
}
#endif

static int parse_macaddr(uint8_t *macaddr, const char *p)
{
    int i;
    char *last_char;
    long int offset;

    errno = 0;
    offset = strtol(p, &last_char, 0);    
    if (0 == errno && '\0' == *last_char &&
            offset >= 0 && offset <= 0xFFFFFF) {
        macaddr[3] = (offset & 0xFF0000) >> 16;
        macaddr[4] = (offset & 0xFF00) >> 8;
        macaddr[5] = offset & 0xFF;
        return 0;
    } else {
        for(i = 0; i < 6; i++) {
            macaddr[i] = strtol(p, (char **)&p, 16);
            if (i == 5) {
                if (*p != '\0')
                    return -1;
            } else {
                if (*p != ':' && *p != '-')
                    return -1;
                p++;
            }
        }
        return 0;    
    }

    return -1;
}

static int get_str_sep(char *buf, int buf_size, const char **pp, int sep)
{
    const char *p, *p1;
    int len;
    p = *pp;
    p1 = strchr(p, sep);
    if (!p1)
        return -1;
    len = p1 - p;
    p1++;
    if (buf_size > 0) {
        if (len > buf_size - 1)
            len = buf_size - 1;
        memcpy(buf, p, len);
        buf[len] = '\0';
    }
    *pp = p1;
    return 0;
}

int parse_host_src_port(struct sockaddr_in *haddr,
                        struct sockaddr_in *saddr,
                        const char *input_str)
{
    char *str = strdup(input_str);
    char *host_str = str;
    char *src_str;
    const char *src_str2;
    char *ptr;

    /*
     * Chop off any extra arguments at the end of the string which
     * would start with a comma, then fill in the src port information
     * if it was provided else use the "any address" and "any port".
     */
    if ((ptr = strchr(str,',')))
        *ptr = '\0';

    if ((src_str = strchr(input_str,'@'))) {
        *src_str = '\0';
        src_str++;
    }

    if (parse_host_port(haddr, host_str) < 0)
        goto fail;

    src_str2 = src_str;
    if (!src_str || *src_str == '\0')
        src_str2 = ":0";

    if (parse_host_port(saddr, src_str2) < 0)
        goto fail;

    free(str);
    return(0);

fail:
    free(str);
    return -1;
}

int parse_host_port(struct sockaddr_in *saddr, const char *str)
{
    char buf[512];
    struct hostent *he;
    const char *p, *r;
    int port;

    p = str;
    if (get_str_sep(buf, sizeof(buf), &p, ':') < 0)
        return -1;
    saddr->sin_family = AF_INET;
    if (buf[0] == '\0') {
        saddr->sin_addr.s_addr = 0;
    } else {
266
        if (qemu_isdigit(buf[0])) {
267 268 269 270 271 272 273 274 275 276 277 278 279 280 281
            if (!inet_aton(buf, &saddr->sin_addr))
                return -1;
        } else {
            if ((he = gethostbyname(buf)) == NULL)
                return - 1;
            saddr->sin_addr = *(struct in_addr *)he->h_addr;
        }
    }
    port = strtol(p, (char **)&r, 0);
    if (r == p)
        return -1;
    saddr->sin_port = htons(port);
    return 0;
}

282 283
#if !defined(_WIN32) && 0
static int parse_unix_path(struct sockaddr_un *uaddr, const char *str)
284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301
{
    const char *p;
    int len;

    len = MIN(108, strlen(str));
    p = strchr(str, ',');
    if (p)
	len = MIN(len, p - str);

    memset(uaddr, 0, sizeof(*uaddr));

    uaddr->sun_family = AF_UNIX;
    memcpy(uaddr->sun_path, str, len);

    return 0;
}
#endif

302 303 304
void qemu_format_nic_info_str(VLANClientState *vc, uint8_t macaddr[6])
{
    snprintf(vc->info_str, sizeof(vc->info_str),
305 306
             "model=%s,macaddr=%02x:%02x:%02x:%02x:%02x:%02x",
             vc->model,
307 308 309 310
             macaddr[0], macaddr[1], macaddr[2],
             macaddr[3], macaddr[4], macaddr[5]);
}

311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329
static char *assign_name(VLANClientState *vc1, const char *model)
{
    VLANState *vlan;
    char buf[256];
    int id = 0;

    for (vlan = first_vlan; vlan; vlan = vlan->next) {
        VLANClientState *vc;

        for (vc = vlan->first_client; vc; vc = vc->next)
            if (vc != vc1 && strcmp(vc->model, model) == 0)
                id++;
    }

    snprintf(buf, sizeof(buf), "%s.%d", model, id);

    return strdup(buf);
}

330
VLANClientState *qemu_new_vlan_client(VLANState *vlan,
331
                                      const char *model,
332
                                      const char *name,
333 334 335
                                      NetCanReceive *can_receive,
                                      NetReceive *receive,
                                      NetReceiveIOV *receive_iov,
336
                                      NetCleanup *cleanup,
337 338 339 340
                                      void *opaque)
{
    VLANClientState *vc, **pvc;
    vc = qemu_mallocz(sizeof(VLANClientState));
341
    vc->model = strdup(model);
342 343 344 345
    if (name)
        vc->name = strdup(name);
    else
        vc->name = assign_name(vc, model);
346 347 348
    vc->can_receive = can_receive;
    vc->receive = receive;
    vc->receive_iov = receive_iov;
349
    vc->cleanup = cleanup;
350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367
    vc->opaque = opaque;
    vc->vlan = vlan;

    vc->next = NULL;
    pvc = &vlan->first_client;
    while (*pvc != NULL)
        pvc = &(*pvc)->next;
    *pvc = vc;
    return vc;
}

void qemu_del_vlan_client(VLANClientState *vc)
{
    VLANClientState **pvc = &vc->vlan->first_client;

    while (*pvc != NULL)
        if (*pvc == vc) {
            *pvc = vc->next;
368 369 370
            if (vc->cleanup) {
                vc->cleanup(vc);
            }
371
            free(vc->name);
372
            free(vc->model);
373
            qemu_free(vc);
374 375 376 377 378
            break;
        } else
            pvc = &(*pvc)->next;
}

379 380 381 382 383 384 385 386 387 388 389 390 391
VLANClientState *qemu_find_vlan_client(VLANState *vlan, void *opaque)
{
    VLANClientState **pvc = &vlan->first_client;

    while (*pvc != NULL)
        if ((*pvc)->opaque == opaque)
            return *pvc;
        else
            pvc = &(*pvc)->next;

    return NULL;
}

392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417
static VLANClientState *
qemu_find_vlan_client_by_name(Monitor *mon, int vlan_id,
                              const char *client_str)
{
    VLANState *vlan;
    VLANClientState *vc;

    vlan = qemu_find_vlan(vlan_id, 0);
    if (!vlan) {
        monitor_printf(mon, "unknown VLAN %d\n", vlan_id);
        return NULL;
    }

    for (vc = vlan->first_client; vc != NULL; vc = vc->next) {
        if (!strcmp(vc->name, client_str)) {
            break;
        }
    }
    if (!vc) {
        monitor_printf(mon, "can't find device %s on VLAN %d\n",
                       client_str, vlan_id);
    }

    return vc;
}

418
int qemu_can_send_packet(VLANClientState *sender)
419
{
420
    VLANState *vlan = sender->vlan;
421 422
    VLANClientState *vc;

423 424 425 426 427
    for (vc = vlan->first_client; vc != NULL; vc = vc->next) {
        if (vc == sender) {
            continue;
        }

428
        /* no can_receive() handler, they can always receive */
429
        if (!vc->can_receive || vc->can_receive(vc)) {
430
            return 1;
431 432 433 434 435
        }
    }
    return 0;
}

436
static int
437
qemu_deliver_packet(VLANClientState *sender, const uint8_t *buf, int size)
438 439
{
    VLANClientState *vc;
440
    int ret = -1;
441

442 443
    sender->vlan->delivering = 1;

444
    for (vc = sender->vlan->first_client; vc != NULL; vc = vc->next) {
445 446 447 448
        ssize_t len;

        if (vc == sender) {
            continue;
449
        }
450 451 452 453 454 455 456 457 458

        if (vc->link_down) {
            ret = size;
            continue;
        }

        len = vc->receive(vc, buf, size);

        ret = (ret >= 0) ? ret : len;
459
    }
460

461 462
    sender->vlan->delivering = 0;

463
    return ret;
464 465
}

466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481
void qemu_purge_queued_packets(VLANClientState *vc)
{
    VLANPacket **pp = &vc->vlan->send_queue;

    while (*pp != NULL) {
        VLANPacket *packet = *pp;

        if (packet->sender == vc) {
            *pp = packet->next;
            qemu_free(packet);
        } else {
            pp = &packet->next;
        }
    }
}

482
void qemu_flush_queued_packets(VLANClientState *vc)
483 484 485 486
{
    VLANPacket *packet;

    while ((packet = vc->vlan->send_queue) != NULL) {
487 488
        int ret;

489
        vc->vlan->send_queue = packet->next;
490 491 492 493 494 495 496 497 498

        ret = qemu_deliver_packet(packet->sender, packet->data, packet->size);
        if (ret == 0 && packet->sent_cb != NULL) {
            packet->next = vc->vlan->send_queue;
            vc->vlan->send_queue = packet;
            break;
        }

        if (packet->sent_cb)
499
            packet->sent_cb(packet->sender, ret);
500

501 502 503 504
        qemu_free(packet);
    }
}

505 506 507
static void qemu_enqueue_packet(VLANClientState *sender,
                                const uint8_t *buf, int size,
                                NetPacketSent *sent_cb)
508 509 510 511 512 513 514
{
    VLANPacket *packet;

    packet = qemu_malloc(sizeof(VLANPacket) + size);
    packet->next = sender->vlan->send_queue;
    packet->sender = sender;
    packet->size = size;
515
    packet->sent_cb = sent_cb;
516 517 518 519
    memcpy(packet->data, buf, size);
    sender->vlan->send_queue = packet;
}

520 521 522
ssize_t qemu_send_packet_async(VLANClientState *sender,
                               const uint8_t *buf, int size,
                               NetPacketSent *sent_cb)
523
{
524
    int ret;
525

526 527 528
    if (sender->link_down) {
        return size;
    }
529

530
#ifdef DEBUG_NET
531
    printf("vlan %d send:\n", sender->vlan->id);
532 533
    hex_dump(stdout, buf, size);
#endif
534 535 536 537 538 539 540 541 542 543

    if (sender->vlan->delivering) {
        qemu_enqueue_packet(sender, buf, size, NULL);
        return size;
    }

    ret = qemu_deliver_packet(sender, buf, size);
    if (ret == 0 && sent_cb != NULL) {
        qemu_enqueue_packet(sender, buf, size, sent_cb);
        return 0;
544
    }
545

546 547 548 549 550 551 552 553
    qemu_flush_queued_packets(sender);

    return ret;
}

void qemu_send_packet(VLANClientState *vc, const uint8_t *buf, int size)
{
    qemu_send_packet_async(vc, buf, size, NULL);
554 555
}

aliguori's avatar
aliguori committed
556 557 558 559 560 561 562 563 564 565 566 567 568 569 570
static ssize_t vc_sendv_compat(VLANClientState *vc, const struct iovec *iov,
                               int iovcnt)
{
    uint8_t buffer[4096];
    size_t offset = 0;
    int i;

    for (i = 0; i < iovcnt; i++) {
        size_t len;

        len = MIN(sizeof(buffer) - offset, iov[i].iov_len);
        memcpy(buffer + offset, iov[i].iov_base, len);
        offset += len;
    }

571
    return vc->receive(vc, buffer, offset);
aliguori's avatar
aliguori committed
572 573
}

574 575 576 577 578 579 580 581 582 583
static ssize_t calc_iov_length(const struct iovec *iov, int iovcnt)
{
    size_t offset = 0;
    int i;

    for (i = 0; i < iovcnt; i++)
        offset += iov[i].iov_len;
    return offset;
}

584 585
static int qemu_deliver_packet_iov(VLANClientState *sender,
                                   const struct iovec *iov, int iovcnt)
aliguori's avatar
aliguori committed
586 587
{
    VLANClientState *vc;
588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618
    int ret = -1;

    sender->vlan->delivering = 1;

    for (vc = sender->vlan->first_client; vc != NULL; vc = vc->next) {
        ssize_t len;

        if (vc == sender) {
            continue;
        }

        if (vc->link_down) {
            ret = calc_iov_length(iov, iovcnt);
            continue;
        }

        if (vc->receive_iov) {
            len = vc->receive_iov(vc, iov, iovcnt);
        } else {
            len = vc_sendv_compat(vc, iov, iovcnt);
        }

        ret = (ret >= 0) ? ret : len;
    }

    sender->vlan->delivering = 0;

    return ret;
}

static ssize_t qemu_enqueue_packet_iov(VLANClientState *sender,
619 620
                                       const struct iovec *iov, int iovcnt,
                                       NetPacketSent *sent_cb)
621
{
622
    VLANPacket *packet;
623
    size_t max_len = 0;
624
    int i;
aliguori's avatar
aliguori committed
625

626
    max_len = calc_iov_length(iov, iovcnt);
627

628 629 630
    packet = qemu_malloc(sizeof(VLANPacket) + max_len);
    packet->next = sender->vlan->send_queue;
    packet->sender = sender;
631
    packet->sent_cb = sent_cb;
632
    packet->size = 0;
633

634 635
    for (i = 0; i < iovcnt; i++) {
        size_t len = iov[i].iov_len;
636

637 638 639
        memcpy(packet->data + packet->size, iov[i].iov_base, len);
        packet->size += len;
    }
aliguori's avatar
aliguori committed
640

641
    sender->vlan->send_queue = packet;
aliguori's avatar
aliguori committed
642

643 644
    return packet->size;
}
aliguori's avatar
aliguori committed
645

646 647 648
ssize_t qemu_sendv_packet_async(VLANClientState *sender,
                                const struct iovec *iov, int iovcnt,
                                NetPacketSent *sent_cb)
649 650 651 652 653 654 655 656
{
    int ret;

    if (sender->link_down) {
        return calc_iov_length(iov, iovcnt);
    }

    if (sender->vlan->delivering) {
657
        return qemu_enqueue_packet_iov(sender, iov, iovcnt, NULL);
aliguori's avatar
aliguori committed
658 659
    }

660
    ret = qemu_deliver_packet_iov(sender, iov, iovcnt);
661 662 663 664
    if (ret == 0 && sent_cb != NULL) {
        qemu_enqueue_packet_iov(sender, iov, iovcnt, sent_cb);
        return 0;
    }
665 666 667 668

    qemu_flush_queued_packets(sender);

    return ret;
aliguori's avatar
aliguori committed
669 670
}

671 672 673 674 675 676
ssize_t
qemu_sendv_packet(VLANClientState *vc, const struct iovec *iov, int iovcnt)
{
    return qemu_sendv_packet_async(vc, iov, iovcnt, NULL);
}

677 678 679 680 681 682 683 684 685 686 687 688 689 690 691
static void config_error(Monitor *mon, const char *fmt, ...)
{
    va_list ap;

    va_start(ap, fmt);
    if (mon) {
        monitor_vprintf(mon, fmt, ap);
    } else {
        fprintf(stderr, "qemu: ");
        vfprintf(stderr, fmt, ap);
        exit(1);
    }
    va_end(ap);
}

692 693 694 695
#if defined(CONFIG_SLIRP)

/* slirp network adapter */

696 697
#define SLIRP_CFG_HOSTFWD 1
#define SLIRP_CFG_LEGACY  2
698

Jan Kiszka's avatar
Jan Kiszka committed
699 700
struct slirp_config_str {
    struct slirp_config_str *next;
701 702
    int flags;
    char str[1024];
703
    int legacy_format;
Jan Kiszka's avatar
Jan Kiszka committed
704 705
};

706
typedef struct SlirpState {
707
    TAILQ_ENTRY(SlirpState) entry;
708 709
    VLANClientState *vc;
    Slirp *slirp;
710 711 712
#ifndef _WIN32
    char smb_dir[128];
#endif
713 714
} SlirpState;

715 716 717
static struct slirp_config_str *slirp_configs;
const char *legacy_tftp_prefix;
const char *legacy_bootp_filename;
718 719
static TAILQ_HEAD(slirp_stacks, SlirpState) slirp_stacks =
    TAILQ_HEAD_INITIALIZER(slirp_stacks);
720

721
static void slirp_hostfwd(SlirpState *s, Monitor *mon, const char *redir_str,
722
                          int legacy_format);
723
static void slirp_guestfwd(SlirpState *s, Monitor *mon, const char *config_str,
724
                           int legacy_format);
725

Blue Swirl's avatar
Blue Swirl committed
726
#ifndef _WIN32
727 728
static const char *legacy_smb_export;

729
static void slirp_smb(SlirpState *s, Monitor *mon, const char *exported_dir,
730
                      struct in_addr vserver_addr);
731 732 733
static void slirp_smb_cleanup(SlirpState *s);
#else
static inline void slirp_smb_cleanup(SlirpState *s) { }
Blue Swirl's avatar
Blue Swirl committed
734
#endif
Jan Kiszka's avatar
Jan Kiszka committed
735

736
int slirp_can_output(void *opaque)
737
{
738 739 740
    SlirpState *s = opaque;

    return qemu_can_send_packet(s->vc);
741 742
}

743
void slirp_output(void *opaque, const uint8_t *pkt, int pkt_len)
744
{
745 746
    SlirpState *s = opaque;

747 748 749 750
#ifdef DEBUG_SLIRP
    printf("slirp output:\n");
    hex_dump(stdout, pkt, pkt_len);
#endif
751
    qemu_send_packet(s->vc, pkt, pkt_len);
752 753
}

754
static ssize_t slirp_receive(VLANClientState *vc, const uint8_t *buf, size_t size)
755
{
756 757
    SlirpState *s = vc->opaque;

758 759 760 761
#ifdef DEBUG_SLIRP
    printf("slirp input:\n");
    hex_dump(stdout, buf, size);
#endif
762
    slirp_input(s->slirp, buf, size);
763
    return size;
764 765
}

766 767
static void net_slirp_cleanup(VLANClientState *vc)
{
768 769 770
    SlirpState *s = vc->opaque;

    slirp_cleanup(s->slirp);
771
    slirp_smb_cleanup(s);
772
    TAILQ_REMOVE(&slirp_stacks, s, entry);
773
    qemu_free(s);
774 775
}

776
static int net_slirp_init(Monitor *mon, VLANState *vlan, const char *model,
777 778 779 780 781 782
                          const char *name, int restricted,
                          const char *vnetwork, const char *vhost,
                          const char *vhostname, const char *tftp_export,
                          const char *bootfile, const char *vdhcp_start,
                          const char *vnameserver, const char *smb_export,
                          const char *vsmbserver)
783
{
784
    /* default settings according to historic slirp */
785 786
    struct in_addr net  = { .s_addr = htonl(0x0a000200) }; /* 10.0.2.0 */
    struct in_addr mask = { .s_addr = htonl(0xffffff00) }; /* 255.255.255.0 */
787 788 789
    struct in_addr host = { .s_addr = htonl(0x0a000202) }; /* 10.0.2.2 */
    struct in_addr dhcp = { .s_addr = htonl(0x0a00020f) }; /* 10.0.2.15 */
    struct in_addr dns  = { .s_addr = htonl(0x0a000203) }; /* 10.0.2.3 */
790
#ifndef _WIN32
791
    struct in_addr smbsrv = { .s_addr = 0 };
792
#endif
793 794 795 796 797 798 799 800 801 802 803 804
    SlirpState *s;
    char buf[20];
    uint32_t addr;
    int shift;
    char *end;

    if (!tftp_export) {
        tftp_export = legacy_tftp_prefix;
    }
    if (!bootfile) {
        bootfile = legacy_bootp_filename;
    }
805

806 807 808 809 810 811 812 813 814 815 816 817 818 819 820 821 822 823
    if (vnetwork) {
        if (get_str_sep(buf, sizeof(buf), &vnetwork, '/') < 0) {
            if (!inet_aton(vnetwork, &net)) {
                return -1;
            }
            addr = ntohl(net.s_addr);
            if (!(addr & 0x80000000)) {
                mask.s_addr = htonl(0xff000000); /* class A */
            } else if ((addr & 0xfff00000) == 0xac100000) {
                mask.s_addr = htonl(0xfff00000); /* priv. 172.16.0.0/12 */
            } else if ((addr & 0xc0000000) == 0x80000000) {
                mask.s_addr = htonl(0xffff0000); /* class B */
            } else if ((addr & 0xffff0000) == 0xc0a80000) {
                mask.s_addr = htonl(0xffff0000); /* priv. 192.168.0.0/16 */
            } else if ((addr & 0xffff0000) == 0xc6120000) {
                mask.s_addr = htonl(0xfffe0000); /* tests 198.18.0.0/15 */
            } else if ((addr & 0xe0000000) == 0xe0000000) {
                mask.s_addr = htonl(0xffffff00); /* class C */
824
            } else {
825 826 827 828 829 830 831 832 833
                mask.s_addr = htonl(0xfffffff0); /* multicast/reserved */
            }
        } else {
            if (!inet_aton(buf, &net)) {
                return -1;
            }
            shift = strtol(vnetwork, &end, 10);
            if (*end != '\0') {
                if (!inet_aton(vnetwork, &mask)) {
834 835
                    return -1;
                }
836 837 838 839
            } else if (shift < 4 || shift > 32) {
                return -1;
            } else {
                mask.s_addr = htonl(0xffffffff << (32 - shift));
840 841
            }
        }
842 843 844 845 846
        net.s_addr &= mask.s_addr;
        host.s_addr = net.s_addr | (htonl(0x0202) & ~mask.s_addr);
        dhcp.s_addr = net.s_addr | (htonl(0x020f) & ~mask.s_addr);
        dns.s_addr  = net.s_addr | (htonl(0x0203) & ~mask.s_addr);
    }
847

848 849 850 851 852 853
    if (vhost && !inet_aton(vhost, &host)) {
        return -1;
    }
    if ((host.s_addr & mask.s_addr) != net.s_addr) {
        return -1;
    }
854

855 856 857 858 859 860 861
    if (vdhcp_start && !inet_aton(vdhcp_start, &dhcp)) {
        return -1;
    }
    if ((dhcp.s_addr & mask.s_addr) != net.s_addr ||
        dhcp.s_addr == host.s_addr || dhcp.s_addr == dns.s_addr) {
        return -1;
    }
862

863 864 865 866 867 868 869
    if (vnameserver && !inet_aton(vnameserver, &dns)) {
        return -1;
    }
    if ((dns.s_addr & mask.s_addr) != net.s_addr ||
        dns.s_addr == host.s_addr) {
        return -1;
    }
870 871

#ifndef _WIN32
872 873 874
    if (vsmbserver && !inet_aton(vsmbserver, &smbsrv)) {
        return -1;
    }
875 876
#endif

877 878 879
    s = qemu_mallocz(sizeof(SlirpState));
    s->slirp = slirp_init(restricted, net, mask, host, vhostname,
                          tftp_export, bootfile, dhcp, dns, s);
880
    TAILQ_INSERT_TAIL(&slirp_stacks, s, entry);
Jan Kiszka's avatar
Jan Kiszka committed
881

882 883
    while (slirp_configs) {
        struct slirp_config_str *config = slirp_configs;
Jan Kiszka's avatar
Jan Kiszka committed
884

885 886 887 888 889 890
        if (config->flags & SLIRP_CFG_HOSTFWD) {
            slirp_hostfwd(s, mon, config->str,
                          config->flags & SLIRP_CFG_LEGACY);
        } else {
            slirp_guestfwd(s, mon, config->str,
                           config->flags & SLIRP_CFG_LEGACY);
Jan Kiszka's avatar
Jan Kiszka committed
891
        }
892 893 894
        slirp_configs = config->next;
        qemu_free(config);
    }
Jan Kiszka's avatar
Jan Kiszka committed
895
#ifndef _WIN32
896 897 898 899
    if (!smb_export) {
        smb_export = legacy_smb_export;
    }
    if (smb_export) {
900
        slirp_smb(s, mon, smb_export, smbsrv);
901
    }
902
#endif
Jan Kiszka's avatar
Jan Kiszka committed
903

904 905
    s->vc = qemu_new_vlan_client(vlan, model, name, NULL, slirp_receive, NULL,
                                 net_slirp_cleanup, s);
906 907
    snprintf(s->vc->info_str, sizeof(s->vc->info_str),
             "net=%s, restricted=%c", inet_ntoa(net), restricted ? 'y' : 'n');
908 909 910
    return 0;
}

911 912 913 914 915 916 917 918 919 920 921 922 923 924 925 926 927 928 929 930 931 932 933 934 935 936
static SlirpState *slirp_lookup(Monitor *mon, const char *vlan,
                                const char *stack)
{
    VLANClientState *vc;

    if (vlan) {
        vc = qemu_find_vlan_client_by_name(mon, strtol(vlan, NULL, 0), stack);
        if (!vc) {
            return NULL;
        }
        if (strcmp(vc->model, "user")) {
            monitor_printf(mon, "invalid device specified\n");
            return NULL;
        }
        return vc->opaque;
    } else {
        if (TAILQ_EMPTY(&slirp_stacks)) {
            monitor_printf(mon, "user mode network stack not in use\n");
            return NULL;
        }
        return TAILQ_FIRST(&slirp_stacks);
    }
}

void net_slirp_hostfwd_remove(Monitor *mon, const char *arg1,
                              const char *arg2, const char *arg3)
937
{
938
    struct in_addr host_addr = { .s_addr = INADDR_ANY };
939 940
    int host_port;
    char buf[256] = "";
941 942
    const char *src_str, *p;
    SlirpState *s;
943
    int is_udp = 0;
944
    int err;
945

946 947 948 949 950 951 952 953
    if (arg2) {
        s = slirp_lookup(mon, arg1, arg2);
        src_str = arg3;
    } else {
        s = slirp_lookup(mon, NULL, NULL);
        src_str = arg1;
    }
    if (!s) {
954
        return;
955
    }
956

957
    if (!src_str || !src_str[0])
958 959
        goto fail_syntax;

960
    p = src_str;
961 962 963 964 965 966 967 968 969 970
    get_str_sep(buf, sizeof(buf), &p, ':');

    if (!strcmp(buf, "tcp") || buf[0] == '\0') {
        is_udp = 0;
    } else if (!strcmp(buf, "udp")) {
        is_udp = 1;
    } else {
        goto fail_syntax;
    }

971 972 973 974 975 976 977
    if (get_str_sep(buf, sizeof(buf), &p, ':') < 0) {
        goto fail_syntax;
    }
    if (buf[0] != '\0' && !inet_aton(buf, &host_addr)) {
        goto fail_syntax;
    }

978 979
    host_port = atoi(p);

980
    err = slirp_remove_hostfwd(TAILQ_FIRST(&slirp_stacks)->slirp, is_udp,
981
                               host_addr, host_port);
982

983 984
    monitor_printf(mon, "host forwarding rule for %s %s\n", src_str,
                   err ? "removed" : "not found");
985 986 987 988 989 990
    return;

 fail_syntax:
    monitor_printf(mon, "invalid format\n");
}

991
static void slirp_hostfwd(SlirpState *s, Monitor *mon, const char *redir_str,
992
                          int legacy_format)
993
{
994
    struct in_addr host_addr = { .s_addr = INADDR_ANY };
995
    struct in_addr guest_addr = { .s_addr = 0 };
996
    int host_port, guest_port;
Jan Kiszka's avatar
Jan Kiszka committed
997
    const char *p;
998
    char buf[256];
Jan Kiszka's avatar
Jan Kiszka committed
999
    int is_udp;
1000
    char *end;
1001

1002
    p = redir_str;
1003
    if (!p || get_str_sep(buf, sizeof(buf), &p, ':') < 0) {
1004
        goto fail_syntax;
Jan Kiszka's avatar
Jan Kiszka committed
1005
    }
1006
    if (!strcmp(buf, "tcp") || buf[0] == '\0') {
1007 1008 1009 1010
        is_udp = 0;
    } else if (!strcmp(buf, "udp")) {
        is_udp = 1;
    } else {
1011
        goto fail_syntax;
1012 1013
    }

1014 1015 1016 1017 1018 1019 1020 1021 1022 1023
    if (!legacy_format) {
        if (get_str_sep(buf, sizeof(buf), &p, ':') < 0) {
            goto fail_syntax;
        }
        if (buf[0] != '\0' && !inet_aton(buf, &host_addr)) {
            goto fail_syntax;
        }
    }

    if (get_str_sep(buf, sizeof(buf), &p, legacy_format ? ':' : '-') < 0) {
1024
        goto fail_syntax;
Jan Kiszka's avatar
Jan Kiszka committed
1025
    }
1026 1027
    host_port = strtol(buf, &end, 0);
    if (*end != '\0' || host_port < 1 || host_port > 65535) {
1028
        goto fail_syntax;
Jan Kiszka's avatar
Jan Kiszka committed
1029
    }
1030

Jan Kiszka's avatar
Jan Kiszka committed
1031
    if (get_str_sep(buf, sizeof(buf), &p, ':') < 0) {
1032
        goto fail_syntax;
Jan Kiszka's avatar
Jan Kiszka committed
1033
    }
1034
    if (buf[0] != '\0' && !inet_aton(buf, &guest_addr)) {
1035
        goto fail_syntax;
Jan Kiszka's avatar
Jan Kiszka committed
1036
    }
1037

1038 1039
    guest_port = strtol(p, &end, 0);
    if (*end != '\0' || guest_port < 1 || guest_port > 65535) {
1040
        goto fail_syntax;
Jan Kiszka's avatar
Jan Kiszka committed
1041
    }
1042

1043 1044
    if (slirp_add_hostfwd(s->slirp, is_udp, host_addr, host_port, guest_addr,
                          guest_port) < 0) {
1045 1046
        config_error(mon, "could not set up host forwarding rule '%s'\n",
                     redir_str);
1047 1048
    }
    return;
1049 1050

 fail_syntax:
1051
    config_error(mon, "invalid host forwarding rule '%s'\n", redir_str);
1052 1053
}

1054 1055
void net_slirp_hostfwd_add(Monitor *mon, const char *arg1,
                           const char *arg2, const char *arg3)
Jan Kiszka's avatar
Jan Kiszka committed
1056
{
1057 1058 1059 1060 1061 1062 1063 1064 1065 1066 1067 1068
    const char *redir_str;
    SlirpState *s;

    if (arg2) {
        s = slirp_lookup(mon, arg1, arg2);
        redir_str = arg3;
    } else {
        s = slirp_lookup(mon, NULL, NULL);
        redir_str = arg1;
    }
    if (s) {
        slirp_hostfwd(s, mon, redir_str, 0);
Jan Kiszka's avatar
Jan Kiszka committed
1069 1070
    }

1071 1072 1073 1074 1075 1076
}

void net_slirp_redir(const char *redir_str)
{
    struct slirp_config_str *config;

1077
    if (TAILQ_EMPTY(&slirp_stacks)) {
1078 1079
        config = qemu_malloc(sizeof(*config));
        pstrcpy(config->str, sizeof(config->str), redir_str);
1080
        config->flags = SLIRP_CFG_HOSTFWD | SLIRP_CFG_LEGACY;
1081 1082
        config->next = slirp_configs;
        slirp_configs = config;
Jan Kiszka's avatar
Jan Kiszka committed
1083 1084 1085
        return;
    }

1086
    slirp_hostfwd(TAILQ_FIRST(&slirp_stacks), NULL, redir_str, 1);
Jan Kiszka's avatar
Jan Kiszka committed
1087 1088
}

1089 1090 1091
#ifndef _WIN32

/* automatic user mode samba server configuration */
1092
static void slirp_smb_cleanup(SlirpState *s)
1093
{
1094
    char cmd[128];
1095

1096 1097 1098 1099 1100
    if (s->smb_dir[0] != '\0') {
        snprintf(cmd, sizeof(cmd), "rm -rf %s", s->smb_dir);
        system(cmd);
        s->smb_dir[0] = '\0';
    }
1101 1102
}

1103
static void slirp_smb(SlirpState* s, Monitor *mon, const char *exported_dir,
1104
                      struct in_addr vserver_addr)
1105
{
1106 1107 1108
    static int instance;
    char smb_conf[128];
    char smb_cmdline[128];
1109 1110
    FILE *f;

1111 1112 1113 1114 1115
    snprintf(s->smb_dir, sizeof(s->smb_dir), "/tmp/qemu-smb.%ld-%d",
             (long)getpid(), instance++);
    if (mkdir(s->smb_dir, 0700) < 0) {
        config_error(mon, "could not create samba server dir '%s'\n",
                     s->smb_dir);
1116
        return;
1117
    }
1118
    snprintf(smb_conf, sizeof(smb_conf), "%s/%s", s->smb_dir, "smb.conf");
1119 1120 1121

    f = fopen(smb_conf, "w");
    if (!f) {
1122
        slirp_smb_cleanup(s);
1123 1124 1125
        config_error(mon, "could not create samba server "
                     "configuration file '%s'\n", smb_conf);
        return;
1126 1127 1128 1129 1130 1131 1132 1133 1134 1135 1136 1137 1138 1139 1140
    }
    fprintf(f,
            "[global]\n"
            "private dir=%s\n"
            "smb ports=0\n"
            "socket address=127.0.0.1\n"
            "pid directory=%s\n"
            "lock directory=%s\n"
            "log file=%s/log.smbd\n"
            "smb passwd file=%s/smbpasswd\n"
            "security = share\n"
            "[qemu]\n"
            "path=%s\n"
            "read only=no\n"
            "guest ok=yes\n",
1141 1142 1143 1144 1145
            s->smb_dir,
            s->smb_dir,
            s->smb_dir,
            s->smb_dir,
            s->smb_dir,
1146 1147 1148 1149 1150 1151 1152
            exported_dir
            );
    fclose(f);

    snprintf(smb_cmdline, sizeof(smb_cmdline), "%s -s %s",
             SMBD_COMMAND, smb_conf);

1153
    if (slirp_add_exec(s->slirp, 0, smb_cmdline, vserver_addr, 139) < 0) {
1154
        slirp_smb_cleanup(s);
1155
        config_error(mon, "conflicting/invalid smbserver address\n");
1156
    }
1157 1158
}

1159
/* automatic user mode samba server configuration (legacy interface) */
Jan Kiszka's avatar
Jan Kiszka committed
1160 1161
void net_slirp_smb(const char *exported_dir)
{
1162 1163
    struct in_addr vserver_addr = { .s_addr = 0 };

1164
    if (legacy_smb_export) {
Jan Kiszka's avatar
Jan Kiszka committed
1165 1166 1167
        fprintf(stderr, "-smb given twice\n");
        exit(1);
    }
1168
    legacy_smb_export = exported_dir;
1169
    if (!TAILQ_EMPTY(&slirp_stacks)) {
1170 1171
        slirp_smb(TAILQ_FIRST(&slirp_stacks), NULL, exported_dir,
                  vserver_addr);
Jan Kiszka's avatar
Jan Kiszka committed
1172 1173 1174
    }
}

1175
#endif /* !defined(_WIN32) */
Jan Kiszka's avatar
Jan Kiszka committed
1176

1177
struct GuestFwd {
1178
    CharDriverState *hd;
1179
    struct in_addr server;
1180
    int port;
1181
    Slirp *slirp;
1182
};
1183

1184
static int guestfwd_can_read(void *opaque)
1185
{
1186
    struct GuestFwd *fwd = opaque;
1187
    return slirp_socket_can_recv(fwd->slirp, fwd->server, fwd->port);
1188 1189
}

1190
static void guestfwd_read(void *opaque, const uint8_t *buf, int size)
1191
{
1192
    struct GuestFwd *fwd = opaque;
1193
    slirp_socket_recv(fwd->slirp, fwd->server, fwd->port, buf, size);
1194 1195
}

1196
static void slirp_guestfwd(SlirpState *s, Monitor *mon, const char *config_str,
1197
                           int legacy_format)
1198
{
1199 1200 1201 1202 1203
    struct in_addr server = { .s_addr = 0 };
    struct GuestFwd *fwd;
    const char *p;
    char buf[128];
    char *end;
1204 1205
    int port;

1206 1207 1208 1209 1210 1211 1212 1213 1214 1215 1216 1217 1218 1219 1220 1221 1222 1223 1224 1225 1226 1227 1228 1229 1230
    p = config_str;
    if (legacy_format) {
        if (get_str_sep(buf, sizeof(buf), &p, ':') < 0) {
            goto fail_syntax;
        }
    } else {
        if (get_str_sep(buf, sizeof(buf), &p, ':') < 0) {
            goto fail_syntax;
        }
        if (strcmp(buf, "tcp") && buf[0] != '\0') {
            goto fail_syntax;
        }
        if (get_str_sep(buf, sizeof(buf), &p, ':') < 0) {
            goto fail_syntax;
        }
        if (buf[0] != '\0' && !inet_aton(buf, &server)) {
            goto fail_syntax;
        }
        if (get_str_sep(buf, sizeof(buf), &p, '-') < 0) {
            goto fail_syntax;
        }
    }
    port = strtol(buf, &end, 10);
    if (*end != '\0' || port < 1 || port > 65535) {
        goto fail_syntax;
1231 1232
    }

1233 1234 1235 1236 1237 1238 1239
    fwd = qemu_malloc(sizeof(struct GuestFwd));
    snprintf(buf, sizeof(buf), "guestfwd.tcp:%d", port);
    fwd->hd = qemu_chr_open(buf, p, NULL);
    if (!fwd->hd) {
        config_error(mon, "could not open guest forwarding device '%s'\n",
                     buf);
        qemu_free(fwd);
1240 1241
        return;
    }
1242 1243
    fwd->server = server;
    fwd->port = port;
1244
    fwd->slirp = s->slirp;
1245

1246
    if (slirp_add_exec(s->slirp, 3, fwd->hd, server, port) < 0) {
1247 1248 1249 1250 1251 1252 1253
        config_error(mon, "conflicting/invalid host:port in guest forwarding "
                     "rule '%s'\n", config_str);
        qemu_free(fwd);
        return;
    }
    qemu_chr_add_handlers(fwd->hd, guestfwd_can_read, guestfwd_read,
                          NULL, fwd);
1254
    return;
1255 1256 1257

 fail_syntax:
    config_error(mon, "invalid guest forwarding rule '%s'\n", config_str);
1258 1259
}

1260 1261
void do_info_usernet(Monitor *mon)
{
1262
    SlirpState *s;
1263

1264 1265 1266
    TAILQ_FOREACH(s, &slirp_stacks, entry) {
        monitor_printf(mon, "VLAN %d (%s):\n", s->vc->vlan->id, s->vc->name);
        slirp_connection_info(s->slirp, mon);
1267
    }
1268 1269
}

1270 1271 1272 1273 1274 1275 1276 1277
#endif /* CONFIG_SLIRP */

#if !defined(_WIN32)

typedef struct TAPState {
    VLANClientState *vc;
    int fd;
    char down_script[1024];
1278
    char down_script_arg[128];
1279
    uint8_t buf[4096];
1280
    unsigned int read_poll : 1;
1281
    unsigned int write_poll : 1;
1282 1283
} TAPState;

1284 1285
static int launch_script(const char *setup_script, const char *ifname, int fd);

1286 1287
static int tap_can_send(void *opaque);
static void tap_send(void *opaque);
1288
static void tap_writable(void *opaque);
1289 1290 1291 1292 1293 1294

static void tap_update_fd_handler(TAPState *s)
{
    qemu_set_fd_handler2(s->fd,
                         s->read_poll  ? tap_can_send : NULL,
                         s->read_poll  ? tap_send     : NULL,
1295
                         s->write_poll ? tap_writable : NULL,
1296 1297 1298 1299 1300 1301 1302 1303 1304
                         s);
}

static void tap_read_poll(TAPState *s, int enable)
{
    s->read_poll = !!enable;
    tap_update_fd_handler(s);
}

1305 1306 1307 1308 1309 1310 1311 1312 1313 1314 1315 1316 1317 1318 1319
static void tap_write_poll(TAPState *s, int enable)
{
    s->write_poll = !!enable;
    tap_update_fd_handler(s);
}

static void tap_writable(void *opaque)<