summaryrefslogtreecommitdiffstats
path: root/net
Commit message (Collapse)AuthorAgeFilesLines
...
* slirp: Mark pieces missing IPv6 supportSamuel Thibault2019-03-061-0/+1
| | | | Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
* qmp: Add announce-self commandDr. David Alan Gilbert2019-03-051-0/+7
| | | | | | | | | | | | | | | | | Add a qmp command that can trigger guest announcements. It uses its own announce-timer instance, and parameters passed to it explicitly in the command. Like most qmp commands, it's in the main thread/bql, so there's no racing with any outstanding timer. Based on work of Germano Veit Michel <germano@redhat.com> and Vladislav Yasevich <vyasevic@redhat.com> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
* net: Add a network device specific self-announcement abilityDr. David Alan Gilbert2019-03-051-0/+5
| | | | | | | | | | | Some network devices have a capability to do self announcements (ex: virtio-net). Add infrastructure that would allow devices to expose this ability. Signed-off-by: Vladislav Yasevich <vyasevic@redhat.com> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
* migration: Switch to using announce timerDr. David Alan Gilbert2019-03-052-0/+71
| | | | | | | | | | | | | | Switch the announcements to using the new announce timer. Move the code that does it to announce.c rather than savevm because it really has nothing to do with the actual migration. Migration starts the announce from bh's and so they're all in the main thread/bql, and so there's never any racing with the timers themselves. Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
* net: Introduce announce timerDr. David Alan Gilbert2019-03-052-0/+61
| | | | | | | | | | | | The 'announce timer' will be used by migration, and explicit requests for qemu to perform network announces. Based on the work by Germano Veit Michel <germano@redhat.com> and Vlad Yasevich <vyasevic@redhat.com> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
* net: netmap: improve netmap_receive_iov()Vincenzo Maffione2019-03-051-12/+17
| | | | | | | | | | | | | | | | Changes: - Save CPU cycles by computing the return value while scanning the input iovec, rather than calling iov_size() at the end. - Remove check for s->tx != NULL, because it cannot happen. - Cache ring->tail in a local variable and use it to check for space in the TX ring. The use of nm_ring_empty() was invalid, because nobody is updating ring->cur and ring->head at that point. - In case we run out of netmap slots in the middle of a packet, move the wake-up point by advancing ring->cur, but do not expose the incomplete packet (i.e., by updating also ring->head). Signed-off-by: Vincenzo Maffione <v.maffione@gmail.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
* net: netmap: simplify netmap_receive()Vincenzo Maffione2019-03-051-39/+11Star
| | | | | | | | Improve code reuse by implementing netmap_receive() with a call to netmap_receive_iov(). Signed-off-by: Vincenzo Maffione <v.maffione@gmail.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
* net: netmap: small improvements netmap_send()Vincenzo Maffione2019-03-051-12/+19
| | | | | | | | | | | | This change improves the handling of incomplete multi-slot packets (e.g. with the NS_MOREFRAG set), by advancing ring->head only on complete packets. The ring->cur pointer is advanced in any case in order to acknowledge the kernel and move the wake-up point (thus avoiding repeated wake-ups). Also don't be verbose when incomplete packets are found. Signed-off-by: Vincenzo Maffione <v.maffione@gmail.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
* net/colo-compare.c: Remove duplicated codeZhang Chen2019-03-051-8/+0Star
| | | | | | | | | | Fix duplicated code: https://bugs.launchpad.net/qemu/+bug/1811499 Reviewed-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Zhang Chen <chen.zhang@intel.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
* vhost-user: support cross-endian vnet headersPaolo Bonzini2019-02-211-0/+13
| | | | | | | | | | | | | | vhost-user already has a way to communicate the endianness of the guest via the vring endianness messages. The vring endianness always matches the vnet header endianness so there is no need to do anything else in the backend. Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Message-Id: <1543851204-41186-9-git-send-email-pbonzini@redhat.com> Message-Id: <1550165756-21617-5-git-send-email-pbonzini@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
* vhost-net-user: add stubs for when no virtio-net device is presentPaolo Bonzini2019-02-213-2/+27
| | | | | | | | | | | | | | | | | | | | | hw/net/vhost_net.c needs functions that are declared in net/vhost-user.c: the vhost-user code is always compiled into QEMU, only the constructor net_init_vhost_user is unreachable. Also, net/vhost-user.c needs functions declared in hw/virtio/vhost-stub.c even if no virtio device exists. Break this dependency. First, add a minimal version of net/vhost-user.c, with no functionality and no dependency on vhost code. Second, #ifdef out the calls back to net/vhost-user.c from hw/net/vhost_net.c. While at it, this patch fixes the CONFIG_VHOST_NET_USE*D* typo. Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <1543851204-41186-3-git-send-email-pbonzini@redhat.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Message-Id: <1550165756-21617-3-git-send-email-pbonzini@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
* char: allow specifying a GMainContext at opening timePaolo Bonzini2019-02-131-1/+1
| | | | | | | | | | | | This will be needed by vhost-user-test, when each test switches to its own GMainLoop and GMainContext. Otherwise, for a reconnecting socket the initial connection will happen on the default GMainContext, and no one will be listening on it. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20190202110834.24880-1-pbonzini@redhat.com> Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
* slirp: pass opaque to all callbacksMarc-André Lureau2019-02-071-9/+16
| | | | | | | This is friendlier for FFI bindings. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
* slirp: use polling callbacks, drop glib requirementMarc-André Lureau2019-02-071-3/+69
| | | | | | | | | It would be legitimate to use libslirp without glib. Let's add_poll/get_revents pair of callbacks to provide the same functionality. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
* slirp: replace global polling with per-instance & notifierMarc-André Lureau2019-02-071-0/+24
| | | | | | | | Remove hard-coded dependency on slirp in main-loop, and use a "poll" notifier instead. The notifier is registered per slirp instance. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
* slirp: improve send_packet() callbackMarc-André Lureau2019-02-072-6/+7
| | | | | | | | | | | Use a more descriptive name for the callback. Reuse the SlirpWriteCb type. Wrap it to check that all data has been written. Return a ssize_t for potential error handling and data-loss reporting. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
* slirp: replace qemu_notify_event() with a callbackMarc-André Lureau2019-02-071-0/+1
| | | | | | | | | | Introduce a SlirpCb callback to kick the main io-thread. Add an intermediary sodrop() function that will call SlirpCb.notify callback when sbdrop() returns true. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
* slirp: add unregister_poll_fd() callbackMarc-André Lureau2019-02-071-0/+6
| | | | | | | | | | Add a counter-part to register_poll_fd() for completeness. (so far, register_poll_fd() is called only on struct socket fd) Suggested-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
* slirp: replace qemu_set_nonblock()Marc-André Lureau2019-02-071-0/+6
| | | | | | | | | | | | Replace qemu_set_nonblock() with slirp_set_nonblock() qemu_set_nonblock() does some event registration with the main loop. Add a new callback register_poll_fd() for that reason. Always build the fd-register stub, to avoid #if WIN32. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
* slirp: add callbacks for timerMarc-André Lureau2019-02-071-0/+21
| | | | | Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
* net/slirp: fix leaks on forwarding rule registration errorMarc-André Lureau2019-02-071-0/+2
| | | | | Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
* net/slirp: free forwarding rules on cleanupMarc-André Lureau2019-02-071-7/+18
| | | | | Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
* net/slirp: simplify checking for cmd: prefixMarc-André Lureau2019-02-071-1/+1
| | | | | Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
* slirp: generalize guestfwd with a callback based approachMarc-André Lureau2019-02-071-4/+10
| | | | | | | | | Instead of calling into QEMU chardev directly, and mixing it with slirp_add_exec() handling, add a new function slirp_add_guestfwd() which takes a write callback. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
* slirp: add clock_get_ns() callbackMarc-André Lureau2019-01-141-0/+6
| | | | | Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
* slirp: drop <Vista compatibilityMarc-André Lureau2019-01-141-22/+0Star
| | | | | | | | | | | | | | | | Since commit 12f8def0e02232d7c6416ad9b66640f973c531d1 (v2.9), qemu requires Vista. Let's remove some conditional code. Note that this introduces a missing declaration warning with mingw. warning: implicit declaration of function 'inet_ntop' See also: https://sourceforge.net/p/mingw-w64/mailman/message/36473782/ We could workaround it by declaring it ourself depending on __MINGW64_VERSION_*: WINSOCK_API_LINKAGE INT WSAAPI inet_pton(int Family, PCTSTR pszAddrString, PVOID pAddrBuf); Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
* net: do not depend on slirp internalsMarc-André Lureau2019-01-146-14/+71
| | | | | | | | | | | | Only slirp/libslirp.h should be included. Instead of using some slirp declarations and utility functions directly, let's copy them in net/util.h. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
* slirp: add a callback to log guest errorsMarc-André Lureau2019-01-141-0/+7
| | | | | Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
* slirp: use a callback structure to interface with qemuMarc-André Lureau2019-01-141-1/+5
| | | | | | | | | This will bring slirp a bit forward to the state of an independent project. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
* slirp: remove Monitor dependency, return a string for infoMarc-André Lureau2019-01-141-3/+4
| | | | | | | | There is nothing performance-sensitive in returning an allocated string for info, and handling the monitor_printf() on the caller side. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
* slirp: use a dedicated field for chardev pointerMarc-André Lureau2019-01-141-4/+4
| | | | | | | Let's not mix command line and chardev pointers. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
* slirp: associate slirp_output callback with the Slirp contextMarc-André Lureau2019-01-141-2/+3
| | | | | | | | Let's make the slirp interface a bit more library-like. Associate the slirp_output() with a Slirp context. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
* avoid TABs in files that only contain a fewPaolo Bonzini2019-01-111-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Most files that have TABs only contain a handful of them. Change them to spaces so that we don't confuse people. disas, standard-headers, linux-headers and libdecnumber are imported from other projects and probably should be exempted from the check. Outside those, after this patch the following files still contain both 8-space and TAB sequences at the beginning of the line. Many of them have a majority of TABs, or were initially committed with all tabs. bsd-user/i386/target_syscall.h bsd-user/x86_64/target_syscall.h crypto/aes.c hw/audio/fmopl.c hw/audio/fmopl.h hw/block/tc58128.c hw/display/cirrus_vga.c hw/display/xenfb.c hw/dma/etraxfs_dma.c hw/intc/sh_intc.c hw/misc/mst_fpga.c hw/net/pcnet.c hw/sh4/sh7750.c hw/timer/m48t59.c hw/timer/sh_timer.c include/crypto/aes.h include/disas/bfd.h include/hw/sh4/sh.h libdecnumber/decNumber.c linux-headers/asm-generic/unistd.h linux-headers/linux/kvm.h linux-user/alpha/target_syscall.h linux-user/arm/nwfpe/double_cpdo.c linux-user/arm/nwfpe/fpa11_cpdt.c linux-user/arm/nwfpe/fpa11_cprt.c linux-user/arm/nwfpe/fpa11.h linux-user/flat.h linux-user/flatload.c linux-user/i386/target_syscall.h linux-user/ppc/target_syscall.h linux-user/sparc/target_syscall.h linux-user/syscall.c linux-user/syscall_defs.h linux-user/x86_64/target_syscall.h slirp/cksum.c slirp/if.c slirp/ip.h slirp/ip_icmp.c slirp/ip_icmp.h slirp/ip_input.c slirp/ip_output.c slirp/mbuf.c slirp/misc.c slirp/sbuf.c slirp/socket.c slirp/socket.h slirp/tcp_input.c slirp/tcpip.h slirp/tcp_output.c slirp/tcp_subr.c slirp/tcp_timer.c slirp/tftp.c slirp/udp.c slirp/udp.h target/cris/cpu.h target/cris/mmu.c target/cris/op_helper.c target/sh4/helper.c target/sh4/op_helper.c target/sh4/translate.c tcg/sparc/tcg-target.inc.c tests/tcg/cris/check_addo.c tests/tcg/cris/check_moveq.c tests/tcg/cris/check_swap.c tests/tcg/multiarch/test-mmap.c ui/vnc-enc-hextile-template.h ui/vnc-enc-zywrle.h util/envlist.c util/readline.c The following have only TABs: bsd-user/i386/target_signal.h bsd-user/sparc64/target_signal.h bsd-user/sparc64/target_syscall.h bsd-user/sparc/target_signal.h bsd-user/sparc/target_syscall.h bsd-user/x86_64/target_signal.h crypto/desrfb.c hw/audio/intel-hda-defs.h hw/core/uboot_image.h hw/sh4/sh7750_regnames.c hw/sh4/sh7750_regs.h include/hw/cris/etraxfs_dma.h linux-user/alpha/termbits.h linux-user/arm/nwfpe/fpopcode.h linux-user/arm/nwfpe/fpsr.h linux-user/arm/syscall_nr.h linux-user/arm/target_signal.h linux-user/cris/target_signal.h linux-user/i386/target_signal.h linux-user/linux_loop.h linux-user/m68k/target_signal.h linux-user/microblaze/target_signal.h linux-user/mips64/target_signal.h linux-user/mips/target_signal.h linux-user/mips/target_syscall.h linux-user/mips/termbits.h linux-user/ppc/target_signal.h linux-user/sh4/target_signal.h linux-user/sh4/termbits.h linux-user/sparc64/target_syscall.h linux-user/sparc/target_signal.h linux-user/x86_64/target_signal.h linux-user/x86_64/termbits.h pc-bios/optionrom/optionrom.h slirp/mbuf.h slirp/misc.h slirp/sbuf.h slirp/tcp.h slirp/tcp_timer.h slirp/tcp_var.h target/i386/svm.h target/sparc/asi.h target/xtensa/core-dc232b/xtensa-modules.inc.c target/xtensa/core-dc233c/xtensa-modules.inc.c target/xtensa/core-de212/core-isa.h target/xtensa/core-de212/xtensa-modules.inc.c target/xtensa/core-fsf/xtensa-modules.inc.c target/xtensa/core-sample_controller/core-isa.h target/xtensa/core-sample_controller/xtensa-modules.inc.c target/xtensa/core-test_kc705_be/core-isa.h target/xtensa/core-test_kc705_be/xtensa-modules.inc.c tests/tcg/cris/check_abs.c tests/tcg/cris/check_addc.c tests/tcg/cris/check_addcm.c tests/tcg/cris/check_addoq.c tests/tcg/cris/check_bound.c tests/tcg/cris/check_ftag.c tests/tcg/cris/check_int64.c tests/tcg/cris/check_lz.c tests/tcg/cris/check_openpf5.c tests/tcg/cris/check_sigalrm.c tests/tcg/cris/crisutils.h tests/tcg/cris/sys.c tests/tcg/i386/test-i386-ssse3.c ui/vgafont.h Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Message-Id: <20181213223737.11793-3-pbonzini@redhat.com> Reviewed-by: Aleksandar Markovic <amarkovic@wavecomp.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Wainer dos Santos Moschetta <wainersm@redhat.com> Acked-by: Richard Henderson <richard.henderson@linaro.org> Acked-by: Eric Blake <eblake@redhat.com> Acked-by: David Gibson <david@gibson.dropbear.id.au> Reviewed-by: Stefan Markovic <smarkovic@wavecomp.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* qemu/queue.h: simplify reverse access to QTAILQPaolo Bonzini2019-01-112-2/+2
| | | | | | | The new definition of QTAILQ does not require passing the headname, remove it. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* qemu/queue.h: leave head structs anonymous unless necessaryPaolo Bonzini2019-01-112-2/+2
| | | | | | | | | | | | Most list head structs need not be given a name. In most cases the name is given just in case one is going to use QTAILQ_LAST, QTAILQ_PREV or reverse iteration, but this does not apply to lists of other kinds, and even for QTAILQ in practice this is only rarely needed. In addition, we will soon reimplement those macros completely so that they do not need a name for the head struct. So clean up everything, not giving a name except in the rare case where it is necessary. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* colo: check chardev can switch contextMarc-André Lureau2018-12-121-0/+6
| | | | | | | | | | | | COLO uses a worker context (iothread) to drive the chardev. All backends are not able to switch the context, let's report an error in this case. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20181205203737.9011-6-marcandre.lureau@redhat.com> Reviewed-by: Li Zhijian <lizhiian@cn.fujitsu.com> Reviewed-by: Zhang Chen <zhangckid@gmail.com> Signed-off-by: Markus Armbruster <armbru@redhat.com>
* net: hub: suppress warnings of no host network for qtestJason Wang2018-12-041-1/+2
| | | | | | | | | | | If we want to qtest through hub, it would be much more simpler and safer to configure the hub without host network. So silent this warnings for qtest. Signed-off-by: Jason Wang <jasowang@redhat.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Message-id: 20181204035347.6148-3-jasowang@redhat.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
* net: drop too large packet earlyJason Wang2018-12-041-11/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We try to detect and drop too large packet (>INT_MAX) in 1592a9947036 ("net: ignore packet size greater than INT_MAX") during packet delivering. Unfortunately, this is not sufficient as we may hit another integer overflow when trying to queue such large packet in qemu_net_queue_append_iov(): - size of the allocation may overflow on 32bit - packet->size is integer which may overflow even on 64bit Fixing this by moving the check to qemu_sendv_packet_async() which is the entrance of all networking codes and reduce the limit to NET_BUFSIZE to be more conservative. This works since: - For the callers that call qemu_sendv_packet_async() directly, they only care about if zero is returned to determine whether to prevent the source from producing more packets. A callback will be triggered if peer can accept more then source could be enabled. This is usually used by high speed networking implementation like virtio-net or netmap. - For the callers that call qemu_sendv_packet() that calls qemu_sendv_packet_async() indirectly, they often ignore the return value. In this case qemu will just the drop packets if peer can't receive. Qemu will copy the packet if it was queued. So it was safe for both kinds of the callers to assume the packet was sent. Since we move the check from qemu_deliver_packet_iov() to qemu_sendv_packet_async(), it would be safer to make qemu_deliver_packet_iov() static to prevent any external user in the future. This is a revised patch of CVE-2018-17963. Cc: qemu-stable@nongnu.org Cc: Li Qiang <liq3ea@163.com> Fixes: 1592a9947036 ("net: ignore packet size greater than INT_MAX") Reported-by: Li Qiang <liq3ea@gmail.com> Reviewed-by: Li Qiang <liq3ea@gmail.com> Signed-off-by: Jason Wang <jasowang@redhat.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Message-id: 20181204035347.6148-2-jasowang@redhat.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
* net/filter-rewriter.c: Fix coverity static analysis issueZhang Chen2018-11-161-1/+2
| | | | | | | | | The original code just follow the TCP state diagram, but in this case, we can skip the TCPS_TIME_WAIT state to simplify the implementation. Signed-off-by: Zhang Chen <zhangckid@gmail.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
* Merge remote-tracking branch 'remotes/armbru/tags/pull-error-2018-10-22' ↵Peter Maydell2018-10-232-15/+14Star
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | into staging Error reporting patches for 2018-10-22 # gpg: Signature made Mon 22 Oct 2018 13:20:23 BST # gpg: using RSA key 3870B400EB918653 # gpg: Good signature from "Markus Armbruster <armbru@redhat.com>" # gpg: aka "Markus Armbruster <armbru@pond.sub.org>" # Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867 4E5F 3870 B400 EB91 8653 * remotes/armbru/tags/pull-error-2018-10-22: (40 commits) error: Drop bogus "use error_setg() instead" admonitions vpc: Fail open on bad header checksum block: Clean up bdrv_img_create()'s error reporting vl: Simplify call of parse_name() vl: Fix exit status for -drive format=help blockdev: Convert drive_new() to Error vl: Assert drive_new() does not fail in default_drive() fsdev: Clean up error reporting in qemu_fsdev_add() spice: Clean up error reporting in add_channel() tpm: Clean up error reporting in tpm_init_tpmdev() numa: Clean up error reporting in parse_numa() vnc: Clean up error reporting in vnc_init_func() ui: Convert vnc_display_init(), init_keyboard_layout() to Error ui/keymaps: Fix handling of erroneous include files vl: Clean up error reporting in device_init_func() vl: Clean up error reporting in parse_fw_cfg() vl: Clean up error reporting in mon_init_func() vl: Clean up error reporting in machine_set_property() vl: Clean up error reporting in chardev_init_func() qom: Clean up error reporting in user_creatable_add_opts_foreach() ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
| * net/socket: Fix invalid socket type error handlingMarkus Armbruster2018-10-191-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Calling error_report() in a function that takes an Error ** argument is suspicious. net_socket_fd_init() does that, and then fails without setting an error. Wrong. I didn't analyze how exactly this can break. A caller that reports the error on failure would crash. Broken when commit c37f0bb1d0d (v2.11.0) converted the function to Error. Fix by calling error_setg() instead of error_report(). Fixes: c37f0bb1d0d24e3a6b5f4659bb305913dcb798a6 Cc: Jason Wang <jasowang@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20181017082702.5581-15-armbru@redhat.com>
| * l2tpv3: Improve -netdev/netdev_add/-net/... error reportingMarkus Armbruster2018-10-191-13/+12Star
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When -netdev l2tpv3 fails, it first reports a specific error, then a generic one, like this: $ qemu-system-x86_64 -netdev l2tpv3,id=foo,src=,dst=,txsession=1 qemu-system-x86_64: -netdev l2tpv3,id=foo,src=,dst=,txsession=1: l2tpv3_open : could not resolve src, errno = Name or service not known qemu-system-x86_64: Device 'l2tpv3' could not be initialized With the command line, the messages go to stderr. In HMP, they go to the monitor. In QMP, the second one becomes the error reply, and the first one goes to stderr. Convert net_init_tap() to Error. This suppresses the unwanted second message, and makes the specific error the QMP error reply. Cc: Jason Wang <jasowang@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20181017082702.5581-14-armbru@redhat.com>
* | slirp: Implement RFC2132 TFTP server nameFam Zheng2018-10-211-2/+10
| | | | | | | | | | | | | | | | | | | | | | This new usernet option can be used to add data for option 66 (tftp server name) in the BOOTP reply, which is useful in PXE based automatic OS install such as OpenBSD. Signed-off-by: Fam Zheng <famz@redhat.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Tested-by: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
* | slirp: Add sanity check for str option lengthFam Zheng2018-10-211-0/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When user provides a long domainname or hostname that doesn't fit in the DHCP packet, we mustn't overflow the response packet buffer. Instead, report errors, following the g_warning() in the slirp->vdnssearch branch. Also check the strlen against 256 when initializing slirp, which limit is also from the protocol where one byte represents the string length. This gives an early error before the warning which is harder to notice or diagnose. Reported-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Cc: qemu-stable@nongnu.org Signed-off-by: Fam Zheng <famz@redhat.com> Tested-by: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
* | net: ignore packet size greater than INT_MAXJason Wang2018-10-191-1/+6
| | | | | | | | | | | | | | | | | | | | | | There should not be a reason for passing a packet size greater than INT_MAX. It's usually a hint of bug somewhere, so ignore packet size greater than INT_MAX in qemu_deliver_packet_iov() CC: qemu-stable@nongnu.org Reported-by: Daniel Shapira <daniel@twistlock.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
* | filter-rewriter: handle checkpoint and failover eventZhang Chen2018-10-194-6/+73
| | | | | | | | | | | | | | | | | | | | | | | | | | After one round of checkpoint, the states between PVM and SVM become consistent, so it is unnecessary to adjust the sequence of net packets for old connections, besides, while failover happens, filter-rewriter will into failover mode that needn't handle the new TCP connection. Signed-off-by: zhanghailiang <zhang.zhanghailiang@huawei.com> Signed-off-by: Zhang Chen <zhangckid@gmail.com> Signed-off-by: Zhang Chen <chen.zhang@intel.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
* | filter: Add handle_event method for NetFilterClassZhang Chen2018-10-192-0/+36
| | | | | | | | | | | | | | | | | | | | Filter needs to process the event of checkpoint/failover or other event passed by COLO frame. Signed-off-by: zhanghailiang <zhang.zhanghailiang@huawei.com> Signed-off-by: Zhang Chen <zhangckid@gmail.com> Signed-off-by: Zhang Chen <chen.zhang@intel.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
* | colo-compare: use notifier to notify packets comparing resultZhang Chen2018-10-192-11/+28
| | | | | | | | | | | | | | | | | | | | It's a good idea to use notifier to notify COLO frame of inconsistent packets comparing. Signed-off-by: Zhang Chen <zhangckid@gmail.com> Signed-off-by: Zhang Chen <chen.zhang@intel.com> Signed-off-by: zhanghailiang <zhang.zhanghailiang@huawei.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
* | colo-compare: implement the process of checkpointZhang Chen2018-10-192-0/+100
| | | | | | | | | | | | | | | | | | | | | | | | While do checkpoint, we need to flush all the unhandled packets, By using the filter notifier mechanism, we can easily to notify every compare object to do this process, which runs inside of compare threads as a coroutine. Signed-off-by: zhanghailiang <zhang.zhanghailiang@huawei.com> Signed-off-by: Zhang Chen <zhangckid@gmail.com> Signed-off-by: Zhang Chen <chen.zhang@intel.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
* | filter-rewriter: Add TCP state machine and fix memory leak in ↵Zhang Chen2018-10-193-16/+104
|/ | | | | | | | | | | | | | | | | | | | | connection_track_table We add almost full TCP state machine in filter-rewriter, except TCPS_LISTEN and some simplify in VM active close FIN states. The reason for this simplify job is because guest kernel will track the TCP status and wait 2MSL time too, if client resend the FIN packet, guest will resend the last ACK, so we needn't wait 2MSL time in filter-rewriter. After a net connection is closed, we didn't clear its related resources in connection_track_table, which will lead to memory leak. Let's track the state of net connection, if it is closed, its related resources will be cleared up. Signed-off-by: zhanghailiang <zhang.zhanghailiang@huawei.com> Signed-off-by: Zhang Chen <zhangckid@gmail.com> Signed-off-by: Zhang Chen <chen.zhang@intel.com> Signed-off-by: Jason Wang <jasowang@redhat.com>