From nobody Fri May 3 08:34:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1566956817; cv=none; d=zoho.com; s=zohoarc; b=ReQ72bUBBf3v51iWDhYltq4FJvOTkzfSd2JYjp6Wiks+2vL9PhQRI4WVCMo043c+OHaMpN1u8ObQvwMwpv49U7NiWmJQzzJ8tW8SqijKWkmfaI0xZAMMP7Mz4iFwhGt5M4hhkhmbggX5cd8XGZhelKN2zmCdhlLUo5GrGDzm1sY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1566956817; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=lNHp7zBOmKO6NYQxjzGrP8aEv5Qw0X7gdALENNYoL+0=; b=NoKLMdDalzxZlAoYcQgALYZNw0RK7DTL6DT58x1UkI8WbF3Hd0wW/pBjVeFKdgqIpijp0M+z2W2y5JylTSQ2NQxZo1de742h0LTnJrJM6vCxKsd/HrPQJV8MhJPU1hn2oo2hm/v6Cx/7eUbTVOUnDuJ3jGAUp0Pm1HEryRNWuY4= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1566956817060278.9876055333269; Tue, 27 Aug 2019 18:46:57 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id DCD1A8BA2D8; Wed, 28 Aug 2019 01:46:54 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 9903219D7A; Wed, 28 Aug 2019 01:46:54 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id C9FC63CBF; Wed, 28 Aug 2019 01:46:52 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x7S1kpQd014341 for ; Tue, 27 Aug 2019 21:46:51 -0400 Received: by smtp.corp.redhat.com (Postfix) id 43D355C207; Wed, 28 Aug 2019 01:46:51 +0000 (UTC) Received: from vhost2.laine.org (ovpn-116-137.phx2.redhat.com [10.3.116.137]) by smtp.corp.redhat.com (Postfix) with ESMTP id E019E5C221; Wed, 28 Aug 2019 01:46:48 +0000 (UTC) From: Laine Stump To: libvir-list@redhat.com Date: Tue, 27 Aug 2019 21:46:31 -0400 Message-Id: <20190828014640.27582-2-laine@redhat.com> In-Reply-To: <20190828014640.27582-1-laine@redhat.com> References: <20190828014640.27582-1-laine@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 1/9] util: new function virNetDevMacVLanIsMacvtap() X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.6.2 (mx1.redhat.com [10.5.110.68]); Wed, 28 Aug 2019 01:46:55 +0000 (UTC) Content-Type: text/plain; charset="utf-8" This function returns T if the given name is a macvtap device. This is determined by 1) getting the ifindex of the device with that name (if there is one), and 2) checking for existence of /dev/tapXX, where "XX" is the ifindex learned in (1). It's also possible to learn this by getting a netlink dump of the interface and parsing through it to look for some attributes, but that is complicated to figure out, takes longer to execute, and I'm lazy. Signed-off-by: Laine Stump Reviewed-by: Daniel P. Berrang=C3=A9 --- src/libvirt_private.syms | 3 +++ src/util/virnetdevmacvlan.c | 23 +++++++++++++++++++++++ src/util/virnetdevmacvlan.h | 3 +++ 3 files changed, 29 insertions(+) diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index a34d92f5ef..afea00b629 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -2523,10 +2523,13 @@ virNetDevMacVLanCreate; virNetDevMacVLanCreateWithVPortProfile; virNetDevMacVLanDelete; virNetDevMacVLanDeleteWithVPortProfile; +virNetDevMacVLanIsMacvtap; virNetDevMacVLanModeTypeFromString; virNetDevMacVLanReleaseName; virNetDevMacVLanReserveName; virNetDevMacVLanRestartWithVPortProfile; +virNetDevMacVLanTapOpen; +virNetDevMacVLanTapSetup; virNetDevMacVLanVPortProfileRegisterCallback; =20 =20 diff --git a/src/util/virnetdevmacvlan.c b/src/util/virnetdevmacvlan.c index 3302522289..79aa7ed5ac 100644 --- a/src/util/virnetdevmacvlan.c +++ b/src/util/virnetdevmacvlan.c @@ -278,6 +278,29 @@ virNetDevMacVLanReleaseName(const char *name) } =20 =20 +/** + * virNetDevMacVLanIsMacvtap: + * @ifname: Name of the interface + * + * Return T if the named netdev exists and is a macvtap device + * F in all other cases. + */ +bool +virNetDevMacVLanIsMacvtap(const char *ifname) +{ + int ifindex; + VIR_AUTOFREE(char *) tapname =3D NULL; + + if (virNetDevGetIndex(ifname, &ifindex) < 0) + return false; + + if (virAsprintf(&tapname, "/dev/tap%d", ifindex) < 0) + return false; + + return virFileExists(tapname); +} + + /** * virNetDevMacVLanCreate: * diff --git a/src/util/virnetdevmacvlan.h b/src/util/virnetdevmacvlan.h index d1b479ed9f..8ac7643e49 100644 --- a/src/util/virnetdevmacvlan.h +++ b/src/util/virnetdevmacvlan.h @@ -57,6 +57,9 @@ typedef enum { int virNetDevMacVLanReserveName(const char *name, bool quietfail); int virNetDevMacVLanReleaseName(const char *name); =20 +bool virNetDevMacVLanIsMacvtap(const char *ifname) + ATTRIBUTE_NONNULL(1) ATTRIBUTE_RETURN_CHECK ATTRIBUTE_NOINLINE; + int virNetDevMacVLanCreate(const char *ifname, const char *type, const virMacAddr *macaddress, --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Fri May 3 08:34:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1566956817; cv=none; d=zoho.com; s=zohoarc; b=KetmNgvpOxJyxHcqu4q+GwCzCC/noFsoI4h0fF+UitS7aCykp6lhP0ABi8gpF+nd2BI4IDAqjyna+9gybZfFlzk3V/PdG8kfRWV8DJWTGFWgL56c7ktz03QjwBB06myevWoeNj8Wpeew0dym1bpEAD0sYnflEyvK1+wAGnnNw0M= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1566956817; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=gLoCegjySdxETIFUwmGkjrvXRrDt+D6dUxrBIS73r9M=; b=ZqtDMI/ZGPZoLigTwvTt9Q4wZXGd63Lux5abO03aYYxWiX1sD2vm+m30c7lNd8b8JBhdJ+LCZljiGXzsVBYOfYgWlY7fvhxdbX472hwO7JLXPJZ+v/qxWxa1B3/38NHThj2KAL82HC4rOy4X7asMzVuCbjG2TDUFqXHrCmFQj4E= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1566956817146775.1729163292913; Tue, 27 Aug 2019 18:46:57 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 60C186468A; Wed, 28 Aug 2019 01:46:55 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 381DF100197A; Wed, 28 Aug 2019 01:46:55 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 232C2C592; Wed, 28 Aug 2019 01:46:53 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x7S1kpfs014347 for ; Tue, 27 Aug 2019 21:46:51 -0400 Received: by smtp.corp.redhat.com (Postfix) id C2C415C207; Wed, 28 Aug 2019 01:46:51 +0000 (UTC) Received: from vhost2.laine.org (ovpn-116-137.phx2.redhat.com [10.3.116.137]) by smtp.corp.redhat.com (Postfix) with ESMTP id 6CF385C258; Wed, 28 Aug 2019 01:46:51 +0000 (UTC) From: Laine Stump To: libvir-list@redhat.com Date: Tue, 27 Aug 2019 21:46:32 -0400 Message-Id: <20190828014640.27582-3-laine@redhat.com> In-Reply-To: <20190828014640.27582-1-laine@redhat.com> References: <20190828014640.27582-1-laine@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 2/9] util: make a couple virNetDevMacVlan*() functions public X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.6.2 (mx1.redhat.com [10.5.110.71]); Wed, 28 Aug 2019 01:46:55 +0000 (UTC) Content-Type: text/plain; charset="utf-8" In virNetDevMacVLanOpen(), The "retries" arg has been removed and the value hardcoded as 10, since previously the function was only called from one place, so it was always 10. Signed-off-by: Laine Stump Reviewed-by: Daniel P. Berrang=C3=A9 --- src/util/virnetdevmacvlan.c | 12 +++++------- src/util/virnetdevmacvlan.h | 9 +++++++++ 2 files changed, 14 insertions(+), 7 deletions(-) diff --git a/src/util/virnetdevmacvlan.c b/src/util/virnetdevmacvlan.c index 79aa7ed5ac..9a9750f24a 100644 --- a/src/util/virnetdevmacvlan.c +++ b/src/util/virnetdevmacvlan.c @@ -374,19 +374,17 @@ int virNetDevMacVLanDelete(const char *ifname) * @ifname: Name of the macvtap interface * @tapfd: array of file descriptor return value for the new macvtap device * @tapfdSize: number of file descriptors in @tapfd - * @retries : Number of retries in case udev for example may need to be - * waited for to create the tap chardev * * Open the macvtap's tap device, possibly multiple times if @tapfdSize > = 1. * * Returns 0 on success, -1 otherwise. */ -static int +int virNetDevMacVLanTapOpen(const char *ifname, int *tapfd, - size_t tapfdSize, - int retries) + size_t tapfdSize) { + int retries =3D 10; int ret =3D -1; int ifindex; size_t i =3D 0; @@ -446,7 +444,7 @@ virNetDevMacVLanTapOpen(const char *ifname, * * Returns 0 on success, -1 in case of fatal error. */ -static int +int virNetDevMacVLanTapSetup(int *tapfd, size_t tapfdSize, bool vnet_hdr) { unsigned int features; @@ -1040,7 +1038,7 @@ virNetDevMacVLanCreateWithVPortProfile(const char *if= nameRequested, } =20 if (flags & VIR_NETDEV_MACVLAN_CREATE_WITH_TAP) { - if (virNetDevMacVLanTapOpen(ifnameCreated, tapfd, tapfdSize, 10) <= 0) + if (virNetDevMacVLanTapOpen(ifnameCreated, tapfd, tapfdSize) < 0) goto disassociate_exit; =20 if (virNetDevMacVLanTapSetup(tapfd, tapfdSize, vnet_hdr) < 0) diff --git a/src/util/virnetdevmacvlan.h b/src/util/virnetdevmacvlan.h index 8ac7643e49..24b17b4bd0 100644 --- a/src/util/virnetdevmacvlan.h +++ b/src/util/virnetdevmacvlan.h @@ -88,6 +88,15 @@ int virNetDevMacVLanCreateWithVPortProfile(const char *i= fname, ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3) ATTRIBUTE_NONNULL(6) ATTRIBUTE_NONNULL(8) ATTRIBUTE_NONNULL(10) ATTRIBUTE_RETURN_CHECK; =20 +int virNetDevMacVLanTapOpen(const char *ifname, + int *tapfd, + size_t tapfdSize) + ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) + ATTRIBUTE_RETURN_CHECK; + +int virNetDevMacVLanTapSetup(int *tapfd, size_t tapfdSize, bool vnet_hdr) + ATTRIBUTE_NONNULL(1) ATTRIBUTE_RETURN_CHECK; + int virNetDevMacVLanDeleteWithVPortProfile(const char *ifname, const virMacAddr *macaddress, const char *linkdev, --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Fri May 3 08:34:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1566956832; cv=none; d=zoho.com; s=zohoarc; b=MC1heIXnWWKGIc0A2bcEqsS+j96vXMRwqFMoZT5GBhyUjH9HaemzTxVC4Ka+hJJK9G5vjFXL3cBxnFyMse0kRuSpEnltRybtaYW/ydyYH9NMFvVbwN8nmadnefYWv62/8WpgTd5AJhuLT8N94lyp5ppyYtqopZFWBi8Pth/10oA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1566956832; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=L8S65dnURkp67xu3OnubpyaUOPADlI7lFmO6pW4icPQ=; b=VtGa6eTOnSLVGa+4prLfmt7ZBRUQbJTjOouZF4MvkI+J15eJ1ylDFll5N9weX/6QxGpQtDi4neElsu9RS/gckTHgpCsh/Rxv0v0DxrLAltZFKfPeeB3pod0f/AlgYViUsi9qn6DmpMYE3+WFhpjvKAE/m+KLYOebubvUZlj4L50= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1566956832582954.4597883007077; Tue, 27 Aug 2019 18:47:12 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 28E138980EF; Wed, 28 Aug 2019 01:47:11 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 01F7C4D6F1; Wed, 28 Aug 2019 01:47:11 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 6EE7B1802218; Wed, 28 Aug 2019 01:47:10 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x7S1kqBY014352 for ; Tue, 27 Aug 2019 21:46:52 -0400 Received: by smtp.corp.redhat.com (Postfix) id 4E44A5C221; Wed, 28 Aug 2019 01:46:52 +0000 (UTC) Received: from vhost2.laine.org (ovpn-116-137.phx2.redhat.com [10.3.116.137]) by smtp.corp.redhat.com (Postfix) with ESMTP id EB0F15C207; Wed, 28 Aug 2019 01:46:51 +0000 (UTC) From: Laine Stump To: libvir-list@redhat.com Date: Tue, 27 Aug 2019 21:46:33 -0400 Message-Id: <20190828014640.27582-4-laine@redhat.com> In-Reply-To: <20190828014640.27582-1-laine@redhat.com> References: <20190828014640.27582-1-laine@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 3/9] qemu: reorganize qemuInterfaceEthernetConnect() X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.6.2 (mx1.redhat.com [10.5.110.67]); Wed, 28 Aug 2019 01:47:11 +0000 (UTC) Content-Type: text/plain; charset="utf-8" This just moves around a few things in qemuInterfaceConnect() with no functional difference (except that a few failures that would have previously resulted in a "success" audit log will now properly produce a "fail" audit). The change is so that adding support for unmanaged tap/macvtap devices will be more easily reviewable. Signed-off-by: Laine Stump --- src/qemu/qemu_interface.c | 69 ++++++++++++++++++++------------------- 1 file changed, 35 insertions(+), 34 deletions(-) diff --git a/src/qemu/qemu_interface.c b/src/qemu/qemu_interface.c index 72ed51cb1f..1e3b7f0d06 100644 --- a/src/qemu/qemu_interface.c +++ b/src/qemu/qemu_interface.c @@ -414,6 +414,7 @@ qemuInterfaceEthernetConnect(virDomainDefPtr def, bool template_ifname =3D false; virQEMUDriverConfigPtr cfg =3D virQEMUDriverGetConfig(driver); const char *tunpath =3D "/dev/net/tun"; + const char *auditdev =3D tunpath; =20 if (net->backend.tap) { tunpath =3D net->backend.tap; @@ -424,43 +425,39 @@ qemuInterfaceEthernetConnect(virDomainDefPtr def, } } =20 - if (!net->ifname || - STRPREFIX(net->ifname, VIR_NET_GENERATED_TAP_PREFIX) || - strchr(net->ifname, '%')) { - VIR_FREE(net->ifname); - if (VIR_STRDUP(net->ifname, VIR_NET_GENERATED_TAP_PREFIX "%d") < 0) - goto cleanup; - /* avoid exposing vnet%d in getXMLDesc or error outputs */ - template_ifname =3D true; - } - if (virDomainNetIsVirtioModel(net)) tap_create_flags |=3D VIR_NETDEV_TAP_CREATE_VNET_HDR; =20 - if (virNetDevTapCreate(&net->ifname, tunpath, tapfd, tapfdSize, - tap_create_flags) < 0) { - virDomainAuditNetDevice(def, net, tunpath, false); - goto cleanup; - } - - virDomainAuditNetDevice(def, net, tunpath, true); - - /* The tap device's MAC address cannot match the MAC address - * used by the guest. This results in "received packet on - * vnetX with own address as source address" error logs from - * the kernel. - */ - virMacAddrSet(&tapmac, &net->mac); - if (tapmac.addr[0] =3D=3D 0xFE) - tapmac.addr[0] =3D 0xFA; - else - tapmac.addr[0] =3D 0xFE; - - if (virNetDevSetMAC(net->ifname, &tapmac) < 0) - goto cleanup; - - if (virNetDevSetOnline(net->ifname, true) < 0) - goto cleanup; + if (!net->ifname || + STRPREFIX(net->ifname, VIR_NET_GENERATED_TAP_PREFIX) || + strchr(net->ifname, '%')) { + VIR_FREE(net->ifname); + if (VIR_STRDUP(net->ifname, VIR_NET_GENERATED_TAP_PREFIX "%d") < 0) + goto cleanup; + /* avoid exposing vnet%d in getXMLDesc or error outputs */ + template_ifname =3D true; + } + if (virNetDevTapCreate(&net->ifname, tunpath, tapfd, tapfdSize, + tap_create_flags) < 0) { + goto cleanup; + } + + /* The tap device's MAC address cannot match the MAC address + * used by the guest. This results in "received packet on + * vnetX with own address as source address" error logs from + * the kernel. + */ + virMacAddrSet(&tapmac, &net->mac); + if (tapmac.addr[0] =3D=3D 0xFE) + tapmac.addr[0] =3D 0xFA; + else + tapmac.addr[0] =3D 0xFE; + + if (virNetDevSetMAC(net->ifname, &tapmac) < 0) + goto cleanup; + + if (virNetDevSetOnline(net->ifname, true) < 0) + goto cleanup; =20 if (net->script && virNetDevRunEthernetScript(net->ifname, net->script) < 0) @@ -477,11 +474,15 @@ qemuInterfaceEthernetConnect(virDomainDefPtr def, goto cleanup; } =20 + virDomainAuditNetDevice(def, net, auditdev, true); + ret =3D 0; =20 cleanup: if (ret < 0) { size_t i; + + virDomainAuditNetDevice(def, net, auditdev, false); for (i =3D 0; i < tapfdSize && tapfd[i] >=3D 0; i++) VIR_FORCE_CLOSE(tapfd[i]); if (template_ifname) --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Fri May 3 08:34:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1566956835; cv=none; d=zoho.com; s=zohoarc; b=GGp+Hr+XFUz/PdAZenUglwo4gszQbFk9OG4d+fEDoNvCKh4HGWY3nAGMjvu3M1Cby0vcYG9w7yD3Xdn8fF8HoK+ofZ2uY2w+odG40ido1u4ZUiWyGjWpJDZ4q23HEyuwb0H8P9tQI07+B9716N9bMWqz4OqAPTLr7ihAIHSfRd4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1566956835; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=MGOs7MqeTLF6RZKw5AGpqX/o3B+CNsVLD/2qWNXrB3A=; b=ZDMrO0k1yqbmA5CO8E0ALQEZGUormW7eYXUQxRvYjG/5jtpxldJI1HZtF2PiMbaia72yeLXX7VdfKs1cMY7HF3yMpnxBZju/Gp4qG4bCQHZeeUkWYXnWkcbrjSGSYNcLfj+h19XqmNreitDlC1WLI2pzHpghMVqaUiGA3bD5yfE= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 156695683589788.62934359272913; Tue, 27 Aug 2019 18:47:15 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 53ED910576E3; Wed, 28 Aug 2019 01:47:14 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 28CE3179F8; Wed, 28 Aug 2019 01:47:14 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id D393124F31; Wed, 28 Aug 2019 01:47:13 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x7S1kq99014358 for ; Tue, 27 Aug 2019 21:46:52 -0400 Received: by smtp.corp.redhat.com (Postfix) id CD65B5C207; Wed, 28 Aug 2019 01:46:52 +0000 (UTC) Received: from vhost2.laine.org (ovpn-116-137.phx2.redhat.com [10.3.116.137]) by smtp.corp.redhat.com (Postfix) with ESMTP id 7727F5C258; Wed, 28 Aug 2019 01:46:52 +0000 (UTC) From: Laine Stump To: libvir-list@redhat.com Date: Tue, 27 Aug 2019 21:46:34 -0400 Message-Id: <20190828014640.27582-5-laine@redhat.com> In-Reply-To: <20190828014640.27582-1-laine@redhat.com> References: <20190828014640.27582-1-laine@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 4/9] conf: use virXMLFormatElement for interface X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.6.2 (mx1.redhat.com [10.5.110.64]); Wed, 28 Aug 2019 01:47:15 +0000 (UTC) Content-Type: text/plain; charset="utf-8" This will simplify addition of another attribute to the element Signed-off-by: Laine Stump Reviewed-by: Daniel P. Berrang=C3=A9 --- src/conf/domain_conf.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index b7a342bb91..f21731b5f6 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -25316,6 +25316,7 @@ virDomainNetDefFormat(virBufferPtr buf, const char *typeStr; virDomainHostdevDefPtr hostdef =3D NULL; char macstr[VIR_MAC_STRING_BUFLEN]; + VIR_AUTOCLEAN(virBuffer) attrBuf =3D VIR_BUFFER_INITIALIZER; =20 /* publicActual is true if we should report the current state in * def->data.network.actual *instead of* the config (*not* in @@ -25530,9 +25531,12 @@ virDomainNetDefFormat(virBufferPtr buf, (STRPREFIX(def->ifname, VIR_NET_GENERATED_TAP_PREFIX) || (prefix && STRPREFIX(def->ifname, prefix))))) { /* Skip auto-generated target names for inactive config. */ - virBufferEscapeString(buf, "\n", def->ifname); + virBufferEscapeString(&attrBuf, " dev=3D'%s'", def->ifname); } =20 + if (virXMLFormatElement(buf, "target", &attrBuf, NULL) < 0) + return -1; + =20 if (def->ifname_guest || def->ifname_guest_actual) { virBufferAddLit(buf, " (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1566956832428527.8619175940569; Tue, 27 Aug 2019 18:47:12 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id D78EB8667D; Wed, 28 Aug 2019 01:47:10 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id ADD6B6060D; Wed, 28 Aug 2019 01:47:10 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 6E55024FDF; Wed, 28 Aug 2019 01:47:10 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x7S1krxY014365 for ; Tue, 27 Aug 2019 21:46:53 -0400 Received: by smtp.corp.redhat.com (Postfix) id 5A4C95C221; Wed, 28 Aug 2019 01:46:53 +0000 (UTC) Received: from vhost2.laine.org (ovpn-116-137.phx2.redhat.com [10.3.116.137]) by smtp.corp.redhat.com (Postfix) with ESMTP id 0324F5C207; Wed, 28 Aug 2019 01:46:52 +0000 (UTC) From: Laine Stump To: libvir-list@redhat.com Date: Tue, 27 Aug 2019 21:46:35 -0400 Message-Id: <20190828014640.27582-6-laine@redhat.com> In-Reply-To: <20190828014640.27582-1-laine@redhat.com> References: <20190828014640.27582-1-laine@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 5/9] conf: new "managed" attribute for target dev of X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.26]); Wed, 28 Aug 2019 01:47:11 +0000 (UTC) Content-Type: text/plain; charset="utf-8" Although has always been able to use an existing tap device, this is just a coincidence due to the fact that the same ioctl is used to create a new tap device or get a handle to an existing device. Even then, once we have the handle to the device, we still insist on doing extra setup to it (setting the MAC address and IFF_UP). That *might* be okay if libvirtd is running as a privileged process, but if libvirtd is running as an unprivileged user, those attempted modifications to the tap device will fail (yes, even if the tap is set to be owned by the user running libvirtd). We could avoid this if we knew that the device already existed, but as stated above, an existing device and new device are both accessed in the same manner, and anyway, we need to preserve existing behavior for those who are already using pre-existing devices with privileged libvirtd (and allowing/expecting libvirt to configure the pre-existing device). In order to cleanly support the idea of using a pre-existing and pre-configured tap device, this patch introduces a new optional attribute "managed" for the interface element. This attribute is only valid for (since all other interface types have mandatory config that doesn't apply in the case where we expect the tap device to be setup before we get it). The syntax would look something like this: ... This patch just adds managed to the grammar and parser for , but has no functionality behind it. (NB: when managed=3D'no' (the default when not specified is 'yes'), the target dev is always a name explicitly provided, so we don't auto-remove it from the config just because it starts with "vnet" (VIR_NET_GENERATED_TAP_PREFIX); this makes it possible to use the same pattern of names that libvirt itself uses when it automatically creates the tap devices.) Signed-off-by: Laine Stump Reviewed-by: Daniel P. Berrang=C3=A9 --- docs/formatdomain.html.in | 48 +++++++++++++---- docs/schemas/domaincommon.rng | 5 ++ src/conf/domain_conf.c | 51 +++++++++++++++---- src/conf/domain_conf.h | 1 + .../net-eth-unmanaged-tap.xml | 35 +++++++++++++ .../net-eth-unmanaged-tap.xml | 40 +++++++++++++++ tests/qemuxml2xmltest.c | 1 + 7 files changed, 160 insertions(+), 21 deletions(-) create mode 100644 tests/qemuxml2argvdata/net-eth-unmanaged-tap.xml create mode 100644 tests/qemuxml2xmloutdata/net-eth-unmanaged-tap.xml diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in index fcb7c59c00..86a5261e47 100644 --- a/docs/formatdomain.html.in +++ b/docs/formatdomain.html.in @@ -5511,24 +5511,52 @@
Generic ethernet connection
=20

- Provides a means for the administrator to execute an arbitrary script - to connect the guest's network to the LAN. The guest will have a tun - device created with a name of vnetN, which can also be overridden wi= th the - <target> element. After creating the tun device a shell script= will - be run which is expected to do whatever host network integration is - required. By default this script is called /etc/qemu-ifup but can be - overridden. + Provides a means to use a new or existing tap device (or veth + device pair, depening on the needs of the hypervisor driver) + that is partially or wholly setup external to libvirt (either + prior to the guest starting, or while the guest is being started + via an optional script specified in the config). +

+

+ The name of the tap device can optionally be specified with + the dev attribute of the + <target> element. If no target dev is + specified, libvirt will create a new standard tap device with a + name of the pattern "vnetN", where "N" is replaced with a + number. If a target dev is specified and that device doesn't + exist, then a new standard tap device will be created with the + exact dev name given. If the specified target dev does exist, + then that existing device will be used. Usually some basic setup + of the device is done by libvirt, including setting a MAC + address, and the IFF_UP flag, but if the dev is a + pre-existing device, and the managed attribute of + the target element is also set to "no" (the default + value is "yes"), even this basic setup will not be performed - + libvirt will simply pass the device on to the hypervisor with no + setup at all. Since 5.7.0 Using + managed=3D'no' with a pre-created tap device is useful because + it permits a virtual machine managed by an unprivileged libvirtd + to have emulated network devices based on tap devices. +

+

+ After creating/opening the tap device, an optional shell script + (given in the path attribute of + the <script> element) will be run; this can + be used to do whatever extra host network integration is + required.

=20 
 ...
 <devices>
-  <interface type=3D'ethernet'/>
-  ...
   <interface type=3D'ethernet'>
-    <target dev=3D'vnet7'/>
     <script path=3D'/etc/qemu-ifup-mynet'/>
   </interface>
+  ...
+  <interface type=3D'ethernet'>
+    <target dev=3D'mytap1' managed=3D'no'/>
+    <model type=3D'virtio'/>
+  </interface>
 </devices>
 ...
=20 diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng index c48f8c4f56..cae3be639e 100644 --- a/docs/schemas/domaincommon.rng +++ b/docs/schemas/domaincommon.rng @@ -2885,6 +2885,11 @@ + + + + + diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index f21731b5f6..d473853f0e 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -6107,6 +6107,14 @@ virDomainNetDefValidate(const virDomainNetDef *net) virDomainNetTypeToString(net->type)); return -1; } + if (net->managed_tap =3D=3D VIR_TRISTATE_BOOL_NO && + net->type !=3D VIR_DOMAIN_NET_TYPE_ETHERNET) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("unmanaged target dev is not supported on " + "interfaces of type '%s'"), + virDomainNetTypeToString(net->type)); + return -1; + } return 0; } =20 @@ -11416,6 +11424,7 @@ virDomainNetDefParseXML(virDomainXMLOptionPtr xmlop= t, VIR_AUTOFREE(char *) bridge =3D NULL; VIR_AUTOFREE(char *) dev =3D NULL; VIR_AUTOFREE(char *) ifname =3D NULL; + VIR_AUTOFREE(char *) managed_tap =3D NULL; VIR_AUTOFREE(char *) ifname_guest =3D NULL; VIR_AUTOFREE(char *) ifname_guest_actual =3D NULL; VIR_AUTOFREE(char *) script =3D NULL; @@ -11578,13 +11587,7 @@ virDomainNetDefParseXML(virDomainXMLOptionPtr xmlo= pt, } else if (!ifname && virXMLNodeNameEqual(cur, "target")) { ifname =3D virXMLPropString(cur, "dev"); - if (ifname && - (flags & VIR_DOMAIN_DEF_PARSE_INACTIVE) && - (STRPREFIX(ifname, VIR_NET_GENERATED_TAP_PREFIX) || - (prefix && STRPREFIX(ifname, prefix)))) { - /* An auto-generated target name, blank it out */ - VIR_FREE(ifname); - } + managed_tap =3D virXMLPropString(cur, "managed"); } else if ((!ifname_guest || !ifname_guest_actual) && virXMLNodeNameEqual(cur, "guest")) { ifname_guest =3D virXMLPropString(cur, "dev"); @@ -11918,6 +11921,27 @@ virDomainNetDefParseXML(virDomainXMLOptionPtr xmlo= pt, ctxt, &def->guestIP) < 0) goto error; =20 + if (managed_tap) { + if (STREQ(managed_tap, "no")) { + def->managed_tap =3D VIR_TRISTATE_BOOL_NO; + } else if (STREQ(managed_tap, "yes")) { + def->managed_tap =3D VIR_TRISTATE_BOOL_YES; + } else { + virReportError(VIR_ERR_XML_ERROR, + _("invalid 'managed' value '%s'"), + managed_tap); + goto error; + } + } + + if (def->managed_tap !=3D VIR_TRISTATE_BOOL_NO && ifname && + (flags & VIR_DOMAIN_DEF_PARSE_INACTIVE) && + (STRPREFIX(ifname, VIR_NET_GENERATED_TAP_PREFIX) || + (prefix && STRPREFIX(ifname, prefix)))) { + /* An auto-generated target name, blank it out */ + VIR_FREE(ifname); + } + if (script !=3D NULL) VIR_STEAL_PTR(def->script, script); if (domain_name !=3D NULL) @@ -25527,16 +25551,21 @@ virDomainNetDefFormat(virBufferPtr buf, virBufferEscapeString(buf, "\n", def->doma= in_name); =20 if (def->ifname && - !((flags & VIR_DOMAIN_DEF_FORMAT_INACTIVE) && - (STRPREFIX(def->ifname, VIR_NET_GENERATED_TAP_PREFIX) || - (prefix && STRPREFIX(def->ifname, prefix))))) { + (def->managed_tap =3D=3D VIR_TRISTATE_BOOL_NO || + !((flags & VIR_DOMAIN_DEF_FORMAT_INACTIVE) && + (STRPREFIX(def->ifname, VIR_NET_GENERATED_TAP_PREFIX) || + (prefix && STRPREFIX(def->ifname, prefix)))))) { /* Skip auto-generated target names for inactive config. */ virBufferEscapeString(&attrBuf, " dev=3D'%s'", def->ifname); } + if (def->managed_tap !=3D VIR_TRISTATE_BOOL_ABSENT) { + virBufferAsprintf(&attrBuf, " managed=3D'%s'", + virTristateBoolTypeToString(def->managed_tap)); + } =20 if (virXMLFormatElement(buf, "target", &attrBuf, NULL) < 0) return -1; - =20 + if (def->ifname_guest || def->ifname_guest_actual) { virBufferAddLit(buf, ") */ + int managed_tap; /* enum virTristateBool - ABSENT =3D=3D YES */ virNetDevIPInfo hostIP; char *ifname_guest_actual; char *ifname_guest; diff --git a/tests/qemuxml2argvdata/net-eth-unmanaged-tap.xml b/tests/qemux= ml2argvdata/net-eth-unmanaged-tap.xml new file mode 100644 index 0000000000..7f5a0c217b --- /dev/null +++ b/tests/qemuxml2argvdata/net-eth-unmanaged-tap.xml @@ -0,0 +1,35 @@ + + QEMUGuest1 + c7a5fdbd-edaf-9455-926a-d65c16db1809 + 219100 + 219100 + 1 + + hvm + + + + destroy + restart + destroy + + /usr/bin/qemu-system-i686 + + + + +
+ + + + + + + + + + + + + + diff --git a/tests/qemuxml2xmloutdata/net-eth-unmanaged-tap.xml b/tests/qem= uxml2xmloutdata/net-eth-unmanaged-tap.xml new file mode 100644 index 0000000000..cdff179932 --- /dev/null +++ b/tests/qemuxml2xmloutdata/net-eth-unmanaged-tap.xml @@ -0,0 +1,40 @@ + + QEMUGuest1 + c7a5fdbd-edaf-9455-926a-d65c16db1809 + 219100 + 219100 + 1 + + hvm + + + + destroy + restart + destroy + + /usr/bin/qemu-system-i686 + + + + +
+ + +
+ + +
+ + + + + + +
+ + + + + + diff --git a/tests/qemuxml2xmltest.c b/tests/qemuxml2xmltest.c index 0ea4ae0342..a286d6a5e1 100644 --- a/tests/qemuxml2xmltest.c +++ b/tests/qemuxml2xmltest.c @@ -408,6 +408,7 @@ mymain(void) DO_TEST("net-eth", NONE); DO_TEST("net-eth-ifname", NONE); DO_TEST("net-eth-hostip", NONE); + DO_TEST("net-eth-unmanaged-tap", NONE); DO_TEST("net-virtio-network-portgroup", NONE); DO_TEST("net-virtio-rxtxqueuesize", NONE); DO_TEST("net-hostdev", NONE); --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Fri May 3 08:34:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1566956832; cv=none; d=zoho.com; s=zohoarc; b=Q6GlW/dN76atPM/yGcLvIKlyOhj8F+HWoYXJGqZuz0hwsNEiS9uowYKO9o1bo3hxQ9P1WVZcuJsjTyMpYBo2oMQjX0NmRcBbp/LYb3EwyGbfKBfsz9kOUTb08PfP48X8aHAnvxzW+EF5JswLW6xLoap4G4qE5J4xqEEjY8VDjQ8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1566956832; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=3IsW369DbV05a0aLm6l+uoOVgH1fIeCj4tdgHzNie+8=; b=SAj5blf9eI5tsDrHEA5tbSXng7tQmAn+Lmp+zfnoHdXra8XUVck1mhrAxsyA0TsiKiMAkKGXXcKRWfkvKmIQpcEvZQEmDlt3I2aGpqfxHgi6Cc2PrCjy9sgH13xfyEgHeNfWPJcZzMJHcMQTpwB+zv1pWeUoAW0ImiAFwAhVF44= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 156695683256132.24636850059676; Tue, 27 Aug 2019 18:47:12 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 0401AC028320; Wed, 28 Aug 2019 01:47:11 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id CDA276CE55; Wed, 28 Aug 2019 01:47:10 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 8AF0018089C8; Wed, 28 Aug 2019 01:47:10 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x7S1krPq014375 for ; Tue, 27 Aug 2019 21:46:53 -0400 Received: by smtp.corp.redhat.com (Postfix) id DBEF05C221; Wed, 28 Aug 2019 01:46:53 +0000 (UTC) Received: from vhost2.laine.org (ovpn-116-137.phx2.redhat.com [10.3.116.137]) by smtp.corp.redhat.com (Postfix) with ESMTP id 83A0D5C207; Wed, 28 Aug 2019 01:46:53 +0000 (UTC) From: Laine Stump To: libvir-list@redhat.com Date: Tue, 27 Aug 2019 21:46:36 -0400 Message-Id: <20190828014640.27582-7-laine@redhat.com> In-Reply-To: <20190828014640.27582-1-laine@redhat.com> References: <20190828014640.27582-1-laine@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 6/9] qemu: support unmanaged target tap dev for X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.31]); Wed, 28 Aug 2019 01:47:11 +0000 (UTC) Content-Type: text/plain; charset="utf-8" If managed=3D'no', then the tap device must already exist, and setting of MAC address and online status (IFF_UP) is skipped. NB: we still set IFF_VNET_HDR and IFF_MULTI_QUEUE as appropriate, because those bits must be properly set in the TUNSETIFF we use to set the tap device name of the handle we've opened - if IFF_VNET_HDR has not been set and we set it the request will be honored even when running libvirtd unprivileged; if IFF_MULTI_QUEUE is requested to be different than how it was created, that will result in an error from the kernel. This means that you don't need to pay attention to IFF_VNET_HDR when creating the tap devices, but you *do* need to set IFF_MULTI_QUEUE if you're going to use multiple queues for your tap device. NB2: /dev/vhost-net normally has permissions 600, so it can't be opened by an unprivileged process. This would normally cause a warning message when using a virtio net device from an unprivileged libvirtd. I've found that setting the permissions for /dev/vhost-net permits unprivileged libvirtd to use vhost-net for virtio devices, but have no idea what sort of security implications that has. I haven't changed libvrit's code to avoid *attempting* to open /dev/vhost-net - if you are concerned about the security of opening up permissions of /dev/vhost-net (probably a good idea at least until we ask someone who knows about the code) then add to the interface definition and you'll avoid the warning message. Note that virNetDevTapCreate() is the correct function to call in the case of an existing device, because the same ioctl() that creates a new tap device will also open an existing tap device. Resolves: https://bugzilla.redhat.com/1723367 (partially) Signed-off-by: Laine Stump Reviewed-by: Daniel P. Berrang=C3=A9 --- src/qemu/qemu_interface.c | 77 +++++++++++-------- src/qemu/qemu_process.c | 2 +- src/util/virnetdev.h | 2 +- .../net-eth-unmanaged-tap.args | 32 ++++++++ tests/qemuxml2argvmock.c | 16 +++- tests/qemuxml2argvtest.c | 1 + 6 files changed, 96 insertions(+), 34 deletions(-) create mode 100644 tests/qemuxml2argvdata/net-eth-unmanaged-tap.args diff --git a/src/qemu/qemu_interface.c b/src/qemu/qemu_interface.c index 1e3b7f0d06..446f43c364 100644 --- a/src/qemu/qemu_interface.c +++ b/src/qemu/qemu_interface.c @@ -428,36 +428,53 @@ qemuInterfaceEthernetConnect(virDomainDefPtr def, if (virDomainNetIsVirtioModel(net)) tap_create_flags |=3D VIR_NETDEV_TAP_CREATE_VNET_HDR; =20 - if (!net->ifname || - STRPREFIX(net->ifname, VIR_NET_GENERATED_TAP_PREFIX) || - strchr(net->ifname, '%')) { - VIR_FREE(net->ifname); - if (VIR_STRDUP(net->ifname, VIR_NET_GENERATED_TAP_PREFIX "%d") < 0) - goto cleanup; - /* avoid exposing vnet%d in getXMLDesc or error outputs */ - template_ifname =3D true; - } - if (virNetDevTapCreate(&net->ifname, tunpath, tapfd, tapfdSize, - tap_create_flags) < 0) { - goto cleanup; - } - - /* The tap device's MAC address cannot match the MAC address - * used by the guest. This results in "received packet on - * vnetX with own address as source address" error logs from - * the kernel. - */ - virMacAddrSet(&tapmac, &net->mac); - if (tapmac.addr[0] =3D=3D 0xFE) - tapmac.addr[0] =3D 0xFA; - else - tapmac.addr[0] =3D 0xFE; - - if (virNetDevSetMAC(net->ifname, &tapmac) < 0) - goto cleanup; - - if (virNetDevSetOnline(net->ifname, true) < 0) - goto cleanup; + if (net->managed_tap =3D=3D VIR_TRISTATE_BOOL_NO) { + if (!net->ifname) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("target dev must be supplied when managed=3D'= no'")); + goto cleanup; + } + if (virNetDevExists(net->ifname) !=3D 1) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("target managed=3D'no' but specified dev does= n't exist")); + goto cleanup; + } + if (virNetDevTapCreate(&net->ifname, tunpath, tapfd, tapfdSize, + tap_create_flags) < 0) { + goto cleanup; + } + } else { + if (!net->ifname || + STRPREFIX(net->ifname, VIR_NET_GENERATED_TAP_PREFIX) || + strchr(net->ifname, '%')) { + VIR_FREE(net->ifname); + if (VIR_STRDUP(net->ifname, VIR_NET_GENERATED_TAP_PREFIX "%d")= < 0) + goto cleanup; + /* avoid exposing vnet%d in getXMLDesc or error outputs */ + template_ifname =3D true; + } + if (virNetDevTapCreate(&net->ifname, tunpath, tapfd, tapfdSize, + tap_create_flags) < 0) { + goto cleanup; + } + + /* The tap device's MAC address cannot match the MAC address + * used by the guest. This results in "received packet on + * vnetX with own address as source address" error logs from + * the kernel. + */ + virMacAddrSet(&tapmac, &net->mac); + if (tapmac.addr[0] =3D=3D 0xFE) + tapmac.addr[0] =3D 0xFA; + else + tapmac.addr[0] =3D 0xFE; + + if (virNetDevSetMAC(net->ifname, &tapmac) < 0) + goto cleanup; + + if (virNetDevSetOnline(net->ifname, true) < 0) + goto cleanup; + } =20 if (net->script && virNetDevRunEthernetScript(net->ifname, net->script) < 0) diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index c9921646e9..11c1ba8fb9 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -7548,7 +7548,7 @@ void qemuProcessStop(virQEMUDriverPtr driver, cfg->stateDir)); break; case VIR_DOMAIN_NET_TYPE_ETHERNET: - if (net->ifname) { + if (net->managed_tap !=3D VIR_TRISTATE_BOOL_NO && net->ifname)= { ignore_value(virNetDevTapDelete(net->ifname, net->backend.= tap)); VIR_FREE(net->ifname); } diff --git a/src/util/virnetdev.h b/src/util/virnetdev.h index 563b218227..6ff98487cb 100644 --- a/src/util/virnetdev.h +++ b/src/util/virnetdev.h @@ -150,7 +150,7 @@ int virNetDevSetupControl(const char *ifname, ATTRIBUTE_RETURN_CHECK; =20 int virNetDevExists(const char *brname) - ATTRIBUTE_NONNULL(1) ATTRIBUTE_RETURN_CHECK; + ATTRIBUTE_NONNULL(1) ATTRIBUTE_RETURN_CHECK ATTRIBUTE_NOINLINE; =20 int virNetDevSetOnline(const char *ifname, bool online) diff --git a/tests/qemuxml2argvdata/net-eth-unmanaged-tap.args b/tests/qemu= xml2argvdata/net-eth-unmanaged-tap.args new file mode 100644 index 0000000000..2bb99e96da --- /dev/null +++ b/tests/qemuxml2argvdata/net-eth-unmanaged-tap.args @@ -0,0 +1,32 @@ +LC_ALL=3DC \ +PATH=3D/bin \ +HOME=3D/tmp/lib/domain--1-QEMUGuest1 \ +USER=3Dtest \ +LOGNAME=3Dtest \ +XDG_DATA_HOME=3D/tmp/lib/domain--1-QEMUGuest1/.local/share \ +XDG_CACHE_HOME=3D/tmp/lib/domain--1-QEMUGuest1/.cache \ +XDG_CONFIG_HOME=3D/tmp/lib/domain--1-QEMUGuest1/.config \ +QEMU_AUDIO_DRV=3Dnone \ +/usr/bin/qemu-system-i686 \ +-name QEMUGuest1 \ +-S \ +-machine pc,accel=3Dtcg,usb=3Doff,dump-guest-core=3Doff \ +-m 214 \ +-realtime mlock=3Doff \ +-smp 1,sockets=3D1,cores=3D1,threads=3D1 \ +-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \ +-display none \ +-no-user-config \ +-nodefaults \ +-chardev socket,id=3Dcharmonitor,path=3D/tmp/lib/domain--1-QEMUGuest1/moni= tor.sock,\ +server,nowait \ +-mon chardev=3Dcharmonitor,id=3Dmonitor,mode=3Dcontrol \ +-rtc base=3Dutc \ +-no-shutdown \ +-no-acpi \ +-usb \ +-drive file=3D/dev/HostVG/QEMUGuest1,format=3Draw,if=3Dnone,id=3Ddrive-ide= 0-0-0 \ +-device ide-hd,bus=3Dide.0,unit=3D0,drive=3Ddrive-ide0-0-0,id=3Dide0-0-0,b= ootindex=3D1 \ +-netdev tap,fd=3D3,id=3Dhostnet0,vhost=3Don,vhostfd=3D44 \ +-device virtio-net-pci,netdev=3Dhostnet0,id=3Dnet0,mac=3Dfe:11:22:33:44:55= ,bus=3Dpci.0,\ +addr=3D0x3 diff --git a/tests/qemuxml2argvmock.c b/tests/qemuxml2argvmock.c index 3f0c1c3fef..a386dd17be 100644 --- a/tests/qemuxml2argvmock.c +++ b/tests/qemuxml2argvmock.c @@ -149,8 +149,12 @@ virNetDevTapCreate(char **ifname, for (i =3D 0; i < tapfdSize; i++) tapfd[i] =3D STDERR_FILENO + 1 + i; =20 - VIR_FREE(*ifname); - return VIR_STRDUP(*ifname, "vnet0"); + if (STREQ_NULLABLE(*ifname, "mytap0")) { + return 0; + } else { + VIR_FREE(*ifname); + return VIR_STRDUP(*ifname, "vnet0"); + } } =20 int @@ -160,6 +164,14 @@ virNetDevSetMAC(const char *ifname ATTRIBUTE_UNUSED, return 0; } =20 + +int +virNetDevExists(const char *ifname) +{ + return STREQ_NULLABLE(ifname, "mytap0"); +} + + int virNetDevIPAddrAdd(const char *ifname ATTRIBUTE_UNUSED, virSocketAddr *addr ATTRIBUTE_UNUSED, virSocketAddr *peer ATTRIBUTE_UNUSED, diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c index e9f45775e5..05060b2e9f 100644 --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -1302,6 +1302,7 @@ mymain(void) DO_TEST("net-eth-ifname", NONE); DO_TEST("net-eth-names", NONE); DO_TEST("net-eth-hostip", NONE); + DO_TEST("net-eth-unmanaged-tap", NONE); DO_TEST("net-client", NONE); DO_TEST("net-server", NONE); DO_TEST("net-many-models", NONE); --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Fri May 3 08:34:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1566956835; cv=none; d=zoho.com; s=zohoarc; b=Y7FvI5eQmubvH+/WqyM7St+L7ULAvbPOcPzY/MXWOmE0qGuPDEsRodEwngWqFBcrsPzP+BM7YBA9mABbcWe3TrymEXh0mPeOCLfTJZ1QKbpeijlNtGljzWUVQwWpGv49TKowU0fytLygImylbu/M2wXBucrNyyw6CbLn6HCyfv4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1566956835; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=VvMrDC3OIssDMoaHOtQuDsj51xodHlB0GMimC2oVMAE=; b=ZCFl/5lE7MdeXNqq5fGX7aYoKmejqz4vgy0lymFhD7sxsxuPcxK4fBuQXJGhfKtY9rCbeZg1DYihJdcGZBE2AFxNELmOdJkqHtbi0h89wMhZJa9Ii8PlpqLsPSv4BfKHYd7eI25zXuKrz4Vvn1YyiPfFrPC0KrP34XwTB62I/14= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1566956835913174.38812593085981; Tue, 27 Aug 2019 18:47:15 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 7E7CB10F23EA; Wed, 28 Aug 2019 01:47:14 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 55E9F5C72D; Wed, 28 Aug 2019 01:47:14 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 0779E24F2F; Wed, 28 Aug 2019 01:47:14 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x7S1kstG014380 for ; Tue, 27 Aug 2019 21:46:54 -0400 Received: by smtp.corp.redhat.com (Postfix) id 6B2B15C207; Wed, 28 Aug 2019 01:46:54 +0000 (UTC) Received: from vhost2.laine.org (ovpn-116-137.phx2.redhat.com [10.3.116.137]) by smtp.corp.redhat.com (Postfix) with ESMTP id 10D745C258; Wed, 28 Aug 2019 01:46:53 +0000 (UTC) From: Laine Stump To: libvir-list@redhat.com Date: Tue, 27 Aug 2019 21:46:37 -0400 Message-Id: <20190828014640.27582-8-laine@redhat.com> In-Reply-To: <20190828014640.27582-1-laine@redhat.com> References: <20190828014640.27582-1-laine@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 7/9] qemu: support unmanaged macvtap devices with X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.6.2 (mx1.redhat.com [10.5.110.66]); Wed, 28 Aug 2019 01:47:15 +0000 (UTC) Content-Type: text/plain; charset="utf-8" Traditionally, macvtap devices are supported using , but that type requires specifying a source device name and macvtap mode which can't be altered after the initial device creation (and may not even be available to the management software that's creating the XML config to feed to libvirt). But the attributes in the are essentially describing how the device will be connected to the network, and if libvirt is to be supplied with the name of a macvtap device that has already been created, that device will also already be connected to the network (and the connection can't be changed). Thus it seems more appropriate to use type=3D'ethernet', which was created explicitly for this purpose - for devices that have already been (or will be) connected to the external network by someone/something outside of libvirt. The fact that it is a *macv*tap rather than a contentional tap device is just a detail. This patch supports using an existing macvtap device with by checking the supplied target dev name to see if it is a macvtap device and, when this is the case, calling virNetDevMacVLanTapOpen() instead of virNetDevTapCreate(). For consistency, this is only done when target managed=3D'no'. Resolves: https://bugzilla.redhat.com/1723367 (partially) Signed-off-by: Laine Stump Reviewed-by: Daniel P. Berrang=C3=A9 --- src/qemu/qemu_interface.c | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/src/qemu/qemu_interface.c b/src/qemu/qemu_interface.c index 446f43c364..83580b1a82 100644 --- a/src/qemu/qemu_interface.c +++ b/src/qemu/qemu_interface.c @@ -439,9 +439,18 @@ qemuInterfaceEthernetConnect(virDomainDefPtr def, _("target managed=3D'no' but specified dev does= n't exist")); goto cleanup; } - if (virNetDevTapCreate(&net->ifname, tunpath, tapfd, tapfdSize, - tap_create_flags) < 0) { - goto cleanup; + if (virNetDevMacVLanIsMacvtap(net->ifname)) { + auditdev =3D net->ifname; + if (virNetDevMacVLanTapOpen(net->ifname, tapfd, tapfdSize) < 0) + goto cleanup; + if (virNetDevMacVLanTapSetup(tapfd, tapfdSize, + virDomainNetIsVirtioModel(net)) <= 0) { + goto cleanup; + } + } else { + if (virNetDevTapCreate(&net->ifname, tunpath, tapfd, tapfdSize, + tap_create_flags) < 0) + goto cleanup; } } else { if (!net->ifname || --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Fri May 3 08:34:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1566956839; cv=none; d=zoho.com; s=zohoarc; b=YHw0U/9++zmx6dT5Yxaz7+LYL/e/LuhwhneaJRX9Hey0TFzHe8SoeyHDJ+hK60conez9ENZncA/i5CtnRD1JUFanQsFuK3BHJb4MgZ5Ms43rCiQ+E34060UJTSinBzO71T7aWkojbNd3FP2vaE2gxTK9j7JENH+H33wlYvvG25I= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1566956839; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=dWAcByYcKtDN7olHoBOIueBPsnTVrtYBgp1hh7UfaFU=; b=A7UFHUKj3H+382JRNCKuh0x0yexHU14BE13VqLl/n2S0CDuLSSXk+iG1sbGXoTJ0Ep2FobN+imaEAD/6YDh1VzoXYvrv8S+8QbYONQ+CM7jXbCXVk+yvfKTBxA4E8cbZMhwWW/UTPLi6kzwub7dwWmvzmjR/OcQ8fnmY9UnP+WA= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1566956839336288.16332795138214; Tue, 27 Aug 2019 18:47:19 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id CEAF118C892D; Wed, 28 Aug 2019 01:47:17 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id A8A085D9E1; Wed, 28 Aug 2019 01:47:17 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 67CC0180BA9B; Wed, 28 Aug 2019 01:47:17 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x7S1ksKo014387 for ; Tue, 27 Aug 2019 21:46:54 -0400 Received: by smtp.corp.redhat.com (Postfix) id EB7C85C221; Wed, 28 Aug 2019 01:46:54 +0000 (UTC) Received: from vhost2.laine.org (ovpn-116-137.phx2.redhat.com [10.3.116.137]) by smtp.corp.redhat.com (Postfix) with ESMTP id 9360D5C207; Wed, 28 Aug 2019 01:46:54 +0000 (UTC) From: Laine Stump To: libvir-list@redhat.com Date: Tue, 27 Aug 2019 21:46:38 -0400 Message-Id: <20190828014640.27582-9-laine@redhat.com> In-Reply-To: <20190828014640.27582-1-laine@redhat.com> References: <20190828014640.27582-1-laine@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 8/9] qemu: explicitly delete standard tap devices only on platforms that require it X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.6.2 (mx1.redhat.com [10.5.110.70]); Wed, 28 Aug 2019 01:47:18 +0000 (UTC) Content-Type: text/plain; charset="utf-8" libvirt creates its tap devices without the IFF_PERSIST flag, so they will be automatically deleted when qemu is finished with them. In the case of tap devices created outside of libvirt, if the creating entity wants the devices to be deleted, it will also omit IFF_PERSIST, but if it wants them to remain (e.g. for re-use), then it will use IFF_PERSIST when creating the device. Back when support was added for autocreation by libvirt of tap devices for (commit 9c17d665), code was mistakenly put in qemuProcessStop to always delete tap devices for type=3D'ethernet'. This should only be done on platforms that have VIR_NETDEV_TAP_REQUIRE_MANUAL_CLEANUP #defined (which is only FreeBSD). This mistake has been corrected, along with the unnecessary check for non-null net->ifname (it must always be non-null), and erroneous VIR_FREE of net->ifname. Signed-off-by: Laine Stump --- src/qemu/qemu_process.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index 11c1ba8fb9..3449abf2ec 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -7548,10 +7548,10 @@ void qemuProcessStop(virQEMUDriverPtr driver, cfg->stateDir)); break; case VIR_DOMAIN_NET_TYPE_ETHERNET: - if (net->managed_tap !=3D VIR_TRISTATE_BOOL_NO && net->ifname)= { +#ifdef VIR_NETDEV_TAP_REQUIRE_MANUAL_CLEANUP + if (net->managed_tap !=3D VIR_TRISTATE_BOOL_NO) ignore_value(virNetDevTapDelete(net->ifname, net->backend.= tap)); - VIR_FREE(net->ifname); - } +#endif break; case VIR_DOMAIN_NET_TYPE_BRIDGE: case VIR_DOMAIN_NET_TYPE_NETWORK: --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Fri May 3 08:34:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1566956835; cv=none; d=zoho.com; s=zohoarc; b=P79tzl1YNk6elG12XnGbvpRlYC4e2aP4YskBTwKa/Ikv1oab/VmfGXsKbZUxy+U6icJtBVwXR4fumhx3AdRpnbur/hqvrEI0/R5UxauJhcFmldJ2MDp89qIx1aKNK4fLZJgmqF0pMBfZfQsxt6u4T+NtSZZcORVXA6bKW44TpM0= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1566956835; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=bWGIs3Sbq01ua6R0SjP6vllAf85bP/glMucwgkPxTSE=; b=Zh7JY4EV1y5o8eIwNkleUtchJMH9SmUnbkBlH159YigjEAhG9ZDRgfzihOfurJFX59VMzpkrr/Ua4sNRj4C86UQvay/F0EUz6Z+oQKfx55gytMr8dYPj+99J9WS0++v/7C7pcmG0diqS/aDF5j5RVZkuedJwwmNy4mIFo0zg/j4= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1566956835511652.0989996417288; Tue, 27 Aug 2019 18:47:15 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 63F6A18C8933; Wed, 28 Aug 2019 01:47:14 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 347EE60610; Wed, 28 Aug 2019 01:47:14 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id E7688180221F; Wed, 28 Aug 2019 01:47:13 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x7S1ktG8014393 for ; Tue, 27 Aug 2019 21:46:55 -0400 Received: by smtp.corp.redhat.com (Postfix) id 791725C221; Wed, 28 Aug 2019 01:46:55 +0000 (UTC) Received: from vhost2.laine.org (ovpn-116-137.phx2.redhat.com [10.3.116.137]) by smtp.corp.redhat.com (Postfix) with ESMTP id 229AD5C207; Wed, 28 Aug 2019 01:46:55 +0000 (UTC) From: Laine Stump To: libvir-list@redhat.com Date: Tue, 27 Aug 2019 21:46:39 -0400 Message-Id: <20190828014640.27582-10-laine@redhat.com> In-Reply-To: <20190828014640.27582-1-laine@redhat.com> References: <20190828014640.27582-1-laine@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 9/9] docs: update news file X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.6.2 (mx1.redhat.com [10.5.110.70]); Wed, 28 Aug 2019 01:47:14 +0000 (UTC) Content-Type: text/plain; charset="utf-8" with info about support for using precreated tap/macvtap devices in unprivileged libvirtd. Signed-off-by: Laine Stump --- docs/news.xml | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/docs/news.xml b/docs/news.xml index c6580e4e72..be51d6c953 100644 --- a/docs/news.xml +++ b/docs/news.xml @@ -50,6 +50,19 @@ for Hyper-V guests. + + + qemu: Support use of precreated tap/macvtap devices by unprivile= ged libvirtd + + + It is now possible for an unprivileged libvirtd to make use + of tap and macvtap devices that were previously created by + some other entity. Since is done by setting + managed=3D'no' along with the device name in the + target subelement of <interface + type=3D'ethernet'> + +
--=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list