xref: /openbmc/qemu/net/net.c (revision c1ddc18f37108498f45d57afd6bf33a23b703648)
1 /*
2  * QEMU System Emulator
3  *
4  * Copyright (c) 2003-2008 Fabrice Bellard
5  *
6  * Permission is hereby granted, free of charge, to any person obtaining a copy
7  * of this software and associated documentation files (the "Software"), to deal
8  * in the Software without restriction, including without limitation the rights
9  * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10  * copies of the Software, and to permit persons to whom the Software is
11  * furnished to do so, subject to the following conditions:
12  *
13  * The above copyright notice and this permission notice shall be included in
14  * all copies or substantial portions of the Software.
15  *
16  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19  * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
22  * THE SOFTWARE.
23  */
24 
25 #include "qemu/osdep.h"
26 
27 #include "net/net.h"
28 #include "clients.h"
29 #include "hub.h"
30 #include "hw/qdev-properties.h"
31 #include "net/slirp.h"
32 #include "net/eth.h"
33 #include "util.h"
34 
35 #include "monitor/monitor.h"
36 #include "qemu/help_option.h"
37 #include "qapi/qapi-commands-net.h"
38 #include "qapi/qapi-visit-net.h"
39 #include "qapi/qmp/qdict.h"
40 #include "qapi/qmp/qerror.h"
41 #include "qemu/error-report.h"
42 #include "qemu/sockets.h"
43 #include "qemu/cutils.h"
44 #include "qemu/config-file.h"
45 #include "qemu/ctype.h"
46 #include "qemu/id.h"
47 #include "qemu/iov.h"
48 #include "qemu/qemu-print.h"
49 #include "qemu/main-loop.h"
50 #include "qemu/option.h"
51 #include "qemu/keyval.h"
52 #include "qapi/error.h"
53 #include "qapi/opts-visitor.h"
54 #include "sysemu/runstate.h"
55 #include "net/colo-compare.h"
56 #include "net/filter.h"
57 #include "qapi/string-output-visitor.h"
58 #include "qapi/qobject-input-visitor.h"
59 
60 /* Net bridge is currently not supported for W32. */
61 #if !defined(_WIN32)
62 # define CONFIG_NET_BRIDGE
63 #endif
64 
65 static VMChangeStateEntry *net_change_state_entry;
66 NetClientStateList net_clients;
67 
68 typedef struct NetdevQueueEntry {
69     Netdev *nd;
70     Location loc;
71     QSIMPLEQ_ENTRY(NetdevQueueEntry) entry;
72 } NetdevQueueEntry;
73 
74 typedef QSIMPLEQ_HEAD(, NetdevQueueEntry) NetdevQueue;
75 
76 static NetdevQueue nd_queue = QSIMPLEQ_HEAD_INITIALIZER(nd_queue);
77 
78 /***********************************************************/
79 /* network device redirectors */
80 
81 int convert_host_port(struct sockaddr_in *saddr, const char *host,
82                       const char *port, Error **errp)
83 {
84     struct hostent *he;
85     const char *r;
86     long p;
87 
88     memset(saddr, 0, sizeof(*saddr));
89 
90     saddr->sin_family = AF_INET;
91     if (host[0] == '\0') {
92         saddr->sin_addr.s_addr = 0;
93     } else {
94         if (qemu_isdigit(host[0])) {
95             if (!inet_aton(host, &saddr->sin_addr)) {
96                 error_setg(errp, "host address '%s' is not a valid "
97                            "IPv4 address", host);
98                 return -1;
99             }
100         } else {
101             he = gethostbyname(host);
102             if (he == NULL) {
103                 error_setg(errp, "can't resolve host address '%s'", host);
104                 return -1;
105             }
106             saddr->sin_addr = *(struct in_addr *)he->h_addr;
107         }
108     }
109     if (qemu_strtol(port, &r, 0, &p) != 0) {
110         error_setg(errp, "port number '%s' is invalid", port);
111         return -1;
112     }
113     saddr->sin_port = htons(p);
114     return 0;
115 }
116 
117 int parse_host_port(struct sockaddr_in *saddr, const char *str,
118                     Error **errp)
119 {
120     gchar **substrings;
121     int ret;
122 
123     substrings = g_strsplit(str, ":", 2);
124     if (!substrings || !substrings[0] || !substrings[1]) {
125         error_setg(errp, "host address '%s' doesn't contain ':' "
126                    "separating host from port", str);
127         ret = -1;
128         goto out;
129     }
130 
131     ret = convert_host_port(saddr, substrings[0], substrings[1], errp);
132 
133 out:
134     g_strfreev(substrings);
135     return ret;
136 }
137 
138 char *qemu_mac_strdup_printf(const uint8_t *macaddr)
139 {
140     return g_strdup_printf("%.2x:%.2x:%.2x:%.2x:%.2x:%.2x",
141                            macaddr[0], macaddr[1], macaddr[2],
142                            macaddr[3], macaddr[4], macaddr[5]);
143 }
144 
145 void qemu_set_info_str(NetClientState *nc, const char *fmt, ...)
146 {
147     va_list ap;
148 
149     va_start(ap, fmt);
150     vsnprintf(nc->info_str, sizeof(nc->info_str), fmt, ap);
151     va_end(ap);
152 }
153 
154 void qemu_format_nic_info_str(NetClientState *nc, uint8_t macaddr[6])
155 {
156     qemu_set_info_str(nc, "model=%s,macaddr=%02x:%02x:%02x:%02x:%02x:%02x",
157                       nc->model, macaddr[0], macaddr[1], macaddr[2],
158                       macaddr[3], macaddr[4], macaddr[5]);
159 }
160 
161 static int mac_table[256] = {0};
162 
163 static void qemu_macaddr_set_used(MACAddr *macaddr)
164 {
165     int index;
166 
167     for (index = 0x56; index < 0xFF; index++) {
168         if (macaddr->a[5] == index) {
169             mac_table[index]++;
170         }
171     }
172 }
173 
174 static void qemu_macaddr_set_free(MACAddr *macaddr)
175 {
176     int index;
177     static const MACAddr base = { .a = { 0x52, 0x54, 0x00, 0x12, 0x34, 0 } };
178 
179     if (memcmp(macaddr->a, &base.a, (sizeof(base.a) - 1)) != 0) {
180         return;
181     }
182     for (index = 0x56; index < 0xFF; index++) {
183         if (macaddr->a[5] == index) {
184             mac_table[index]--;
185         }
186     }
187 }
188 
189 static int qemu_macaddr_get_free(void)
190 {
191     int index;
192 
193     for (index = 0x56; index < 0xFF; index++) {
194         if (mac_table[index] == 0) {
195             return index;
196         }
197     }
198 
199     return -1;
200 }
201 
202 void qemu_macaddr_default_if_unset(MACAddr *macaddr)
203 {
204     static const MACAddr zero = { .a = { 0,0,0,0,0,0 } };
205     static const MACAddr base = { .a = { 0x52, 0x54, 0x00, 0x12, 0x34, 0 } };
206 
207     if (memcmp(macaddr, &zero, sizeof(zero)) != 0) {
208         if (memcmp(macaddr->a, &base.a, (sizeof(base.a) - 1)) != 0) {
209             return;
210         } else {
211             qemu_macaddr_set_used(macaddr);
212             return;
213         }
214     }
215 
216     macaddr->a[0] = 0x52;
217     macaddr->a[1] = 0x54;
218     macaddr->a[2] = 0x00;
219     macaddr->a[3] = 0x12;
220     macaddr->a[4] = 0x34;
221     macaddr->a[5] = qemu_macaddr_get_free();
222     qemu_macaddr_set_used(macaddr);
223 }
224 
225 /**
226  * Generate a name for net client
227  *
228  * Only net clients created with the legacy -net option and NICs need this.
229  */
230 static char *assign_name(NetClientState *nc1, const char *model)
231 {
232     NetClientState *nc;
233     int id = 0;
234 
235     QTAILQ_FOREACH(nc, &net_clients, next) {
236         if (nc == nc1) {
237             continue;
238         }
239         if (strcmp(nc->model, model) == 0) {
240             id++;
241         }
242     }
243 
244     return g_strdup_printf("%s.%d", model, id);
245 }
246 
247 static void qemu_net_client_destructor(NetClientState *nc)
248 {
249     g_free(nc);
250 }
251 static ssize_t qemu_deliver_packet_iov(NetClientState *sender,
252                                        unsigned flags,
253                                        const struct iovec *iov,
254                                        int iovcnt,
255                                        void *opaque);
256 
257 static void qemu_net_client_setup(NetClientState *nc,
258                                   NetClientInfo *info,
259                                   NetClientState *peer,
260                                   const char *model,
261                                   const char *name,
262                                   NetClientDestructor *destructor,
263                                   bool is_datapath)
264 {
265     nc->info = info;
266     nc->model = g_strdup(model);
267     if (name) {
268         nc->name = g_strdup(name);
269     } else {
270         nc->name = assign_name(nc, model);
271     }
272 
273     if (peer) {
274         assert(!peer->peer);
275         nc->peer = peer;
276         peer->peer = nc;
277     }
278     QTAILQ_INSERT_TAIL(&net_clients, nc, next);
279 
280     nc->incoming_queue = qemu_new_net_queue(qemu_deliver_packet_iov, nc);
281     nc->destructor = destructor;
282     nc->is_datapath = is_datapath;
283     QTAILQ_INIT(&nc->filters);
284 }
285 
286 NetClientState *qemu_new_net_client(NetClientInfo *info,
287                                     NetClientState *peer,
288                                     const char *model,
289                                     const char *name)
290 {
291     NetClientState *nc;
292 
293     assert(info->size >= sizeof(NetClientState));
294 
295     nc = g_malloc0(info->size);
296     qemu_net_client_setup(nc, info, peer, model, name,
297                           qemu_net_client_destructor, true);
298 
299     return nc;
300 }
301 
302 NetClientState *qemu_new_net_control_client(NetClientInfo *info,
303                                             NetClientState *peer,
304                                             const char *model,
305                                             const char *name)
306 {
307     NetClientState *nc;
308 
309     assert(info->size >= sizeof(NetClientState));
310 
311     nc = g_malloc0(info->size);
312     qemu_net_client_setup(nc, info, peer, model, name,
313                           qemu_net_client_destructor, false);
314 
315     return nc;
316 }
317 
318 NICState *qemu_new_nic(NetClientInfo *info,
319                        NICConf *conf,
320                        const char *model,
321                        const char *name,
322                        MemReentrancyGuard *reentrancy_guard,
323                        void *opaque)
324 {
325     NetClientState **peers = conf->peers.ncs;
326     NICState *nic;
327     int i, queues = MAX(1, conf->peers.queues);
328 
329     assert(info->type == NET_CLIENT_DRIVER_NIC);
330     assert(info->size >= sizeof(NICState));
331 
332     nic = g_malloc0(info->size + sizeof(NetClientState) * queues);
333     nic->ncs = (void *)nic + info->size;
334     nic->conf = conf;
335     nic->reentrancy_guard = reentrancy_guard,
336     nic->opaque = opaque;
337 
338     for (i = 0; i < queues; i++) {
339         qemu_net_client_setup(&nic->ncs[i], info, peers[i], model, name,
340                               NULL, true);
341         nic->ncs[i].queue_index = i;
342     }
343 
344     return nic;
345 }
346 
347 NetClientState *qemu_get_subqueue(NICState *nic, int queue_index)
348 {
349     return nic->ncs + queue_index;
350 }
351 
352 NetClientState *qemu_get_queue(NICState *nic)
353 {
354     return qemu_get_subqueue(nic, 0);
355 }
356 
357 NICState *qemu_get_nic(NetClientState *nc)
358 {
359     NetClientState *nc0 = nc - nc->queue_index;
360 
361     return (NICState *)((void *)nc0 - nc->info->size);
362 }
363 
364 void *qemu_get_nic_opaque(NetClientState *nc)
365 {
366     NICState *nic = qemu_get_nic(nc);
367 
368     return nic->opaque;
369 }
370 
371 NetClientState *qemu_get_peer(NetClientState *nc, int queue_index)
372 {
373     assert(nc != NULL);
374     NetClientState *ncs = nc + queue_index;
375     return ncs->peer;
376 }
377 
378 static void qemu_cleanup_net_client(NetClientState *nc)
379 {
380     QTAILQ_REMOVE(&net_clients, nc, next);
381 
382     if (nc->info->cleanup) {
383         nc->info->cleanup(nc);
384     }
385 }
386 
387 static void qemu_free_net_client(NetClientState *nc)
388 {
389     if (nc->incoming_queue) {
390         qemu_del_net_queue(nc->incoming_queue);
391     }
392     if (nc->peer) {
393         nc->peer->peer = NULL;
394     }
395     g_free(nc->name);
396     g_free(nc->model);
397     if (nc->destructor) {
398         nc->destructor(nc);
399     }
400 }
401 
402 void qemu_del_net_client(NetClientState *nc)
403 {
404     NetClientState *ncs[MAX_QUEUE_NUM];
405     int queues, i;
406     NetFilterState *nf, *next;
407 
408     assert(nc->info->type != NET_CLIENT_DRIVER_NIC);
409 
410     /* If the NetClientState belongs to a multiqueue backend, we will change all
411      * other NetClientStates also.
412      */
413     queues = qemu_find_net_clients_except(nc->name, ncs,
414                                           NET_CLIENT_DRIVER_NIC,
415                                           MAX_QUEUE_NUM);
416     assert(queues != 0);
417 
418     QTAILQ_FOREACH_SAFE(nf, &nc->filters, next, next) {
419         object_unparent(OBJECT(nf));
420     }
421 
422     /* If there is a peer NIC, delete and cleanup client, but do not free. */
423     if (nc->peer && nc->peer->info->type == NET_CLIENT_DRIVER_NIC) {
424         NICState *nic = qemu_get_nic(nc->peer);
425         if (nic->peer_deleted) {
426             return;
427         }
428         nic->peer_deleted = true;
429 
430         for (i = 0; i < queues; i++) {
431             ncs[i]->peer->link_down = true;
432         }
433 
434         if (nc->peer->info->link_status_changed) {
435             nc->peer->info->link_status_changed(nc->peer);
436         }
437 
438         for (i = 0; i < queues; i++) {
439             qemu_cleanup_net_client(ncs[i]);
440         }
441 
442         return;
443     }
444 
445     for (i = 0; i < queues; i++) {
446         qemu_cleanup_net_client(ncs[i]);
447         qemu_free_net_client(ncs[i]);
448     }
449 }
450 
451 void qemu_del_nic(NICState *nic)
452 {
453     int i, queues = MAX(nic->conf->peers.queues, 1);
454 
455     qemu_macaddr_set_free(&nic->conf->macaddr);
456 
457     for (i = 0; i < queues; i++) {
458         NetClientState *nc = qemu_get_subqueue(nic, i);
459         /* If this is a peer NIC and peer has already been deleted, free it now. */
460         if (nic->peer_deleted) {
461             qemu_free_net_client(nc->peer);
462         } else if (nc->peer) {
463             /* if there are RX packets pending, complete them */
464             qemu_purge_queued_packets(nc->peer);
465         }
466     }
467 
468     for (i = queues - 1; i >= 0; i--) {
469         NetClientState *nc = qemu_get_subqueue(nic, i);
470 
471         qemu_cleanup_net_client(nc);
472         qemu_free_net_client(nc);
473     }
474 
475     g_free(nic);
476 }
477 
478 void qemu_foreach_nic(qemu_nic_foreach func, void *opaque)
479 {
480     NetClientState *nc;
481 
482     QTAILQ_FOREACH(nc, &net_clients, next) {
483         if (nc->info->type == NET_CLIENT_DRIVER_NIC) {
484             if (nc->queue_index == 0) {
485                 func(qemu_get_nic(nc), opaque);
486             }
487         }
488     }
489 }
490 
491 bool qemu_has_ufo(NetClientState *nc)
492 {
493     if (!nc || !nc->info->has_ufo) {
494         return false;
495     }
496 
497     return nc->info->has_ufo(nc);
498 }
499 
500 bool qemu_has_uso(NetClientState *nc)
501 {
502     if (!nc || !nc->info->has_uso) {
503         return false;
504     }
505 
506     return nc->info->has_uso(nc);
507 }
508 
509 bool qemu_has_vnet_hdr(NetClientState *nc)
510 {
511     if (!nc || !nc->info->has_vnet_hdr) {
512         return false;
513     }
514 
515     return nc->info->has_vnet_hdr(nc);
516 }
517 
518 bool qemu_has_vnet_hdr_len(NetClientState *nc, int len)
519 {
520     if (!nc || !nc->info->has_vnet_hdr_len) {
521         return false;
522     }
523 
524     return nc->info->has_vnet_hdr_len(nc, len);
525 }
526 
527 bool qemu_get_using_vnet_hdr(NetClientState *nc)
528 {
529     if (!nc || !nc->info->get_using_vnet_hdr) {
530         return false;
531     }
532 
533     return nc->info->get_using_vnet_hdr(nc);
534 }
535 
536 void qemu_using_vnet_hdr(NetClientState *nc, bool enable)
537 {
538     if (!nc || !nc->info->using_vnet_hdr) {
539         return;
540     }
541 
542     nc->info->using_vnet_hdr(nc, enable);
543 }
544 
545 void qemu_set_offload(NetClientState *nc, int csum, int tso4, int tso6,
546                           int ecn, int ufo, int uso4, int uso6)
547 {
548     if (!nc || !nc->info->set_offload) {
549         return;
550     }
551 
552     nc->info->set_offload(nc, csum, tso4, tso6, ecn, ufo, uso4, uso6);
553 }
554 
555 int qemu_get_vnet_hdr_len(NetClientState *nc)
556 {
557     if (!nc || !nc->info->get_vnet_hdr_len) {
558         return 0;
559     }
560 
561     return nc->info->get_vnet_hdr_len(nc);
562 }
563 
564 void qemu_set_vnet_hdr_len(NetClientState *nc, int len)
565 {
566     if (!nc || !nc->info->set_vnet_hdr_len) {
567         return;
568     }
569 
570     nc->vnet_hdr_len = len;
571     nc->info->set_vnet_hdr_len(nc, len);
572 }
573 
574 int qemu_set_vnet_le(NetClientState *nc, bool is_le)
575 {
576 #if HOST_BIG_ENDIAN
577     if (!nc || !nc->info->set_vnet_le) {
578         return -ENOSYS;
579     }
580 
581     return nc->info->set_vnet_le(nc, is_le);
582 #else
583     return 0;
584 #endif
585 }
586 
587 int qemu_set_vnet_be(NetClientState *nc, bool is_be)
588 {
589 #if HOST_BIG_ENDIAN
590     return 0;
591 #else
592     if (!nc || !nc->info->set_vnet_be) {
593         return -ENOSYS;
594     }
595 
596     return nc->info->set_vnet_be(nc, is_be);
597 #endif
598 }
599 
600 int qemu_can_receive_packet(NetClientState *nc)
601 {
602     if (nc->receive_disabled) {
603         return 0;
604     } else if (nc->info->can_receive &&
605                !nc->info->can_receive(nc)) {
606         return 0;
607     }
608     return 1;
609 }
610 
611 int qemu_can_send_packet(NetClientState *sender)
612 {
613     int vm_running = runstate_is_running();
614 
615     if (!vm_running) {
616         return 0;
617     }
618 
619     if (!sender->peer) {
620         return 1;
621     }
622 
623     return qemu_can_receive_packet(sender->peer);
624 }
625 
626 static ssize_t filter_receive_iov(NetClientState *nc,
627                                   NetFilterDirection direction,
628                                   NetClientState *sender,
629                                   unsigned flags,
630                                   const struct iovec *iov,
631                                   int iovcnt,
632                                   NetPacketSent *sent_cb)
633 {
634     ssize_t ret = 0;
635     NetFilterState *nf = NULL;
636 
637     if (direction == NET_FILTER_DIRECTION_TX) {
638         QTAILQ_FOREACH(nf, &nc->filters, next) {
639             ret = qemu_netfilter_receive(nf, direction, sender, flags, iov,
640                                          iovcnt, sent_cb);
641             if (ret) {
642                 return ret;
643             }
644         }
645     } else {
646         QTAILQ_FOREACH_REVERSE(nf, &nc->filters, next) {
647             ret = qemu_netfilter_receive(nf, direction, sender, flags, iov,
648                                          iovcnt, sent_cb);
649             if (ret) {
650                 return ret;
651             }
652         }
653     }
654 
655     return ret;
656 }
657 
658 static ssize_t filter_receive(NetClientState *nc,
659                               NetFilterDirection direction,
660                               NetClientState *sender,
661                               unsigned flags,
662                               const uint8_t *data,
663                               size_t size,
664                               NetPacketSent *sent_cb)
665 {
666     struct iovec iov = {
667         .iov_base = (void *)data,
668         .iov_len = size
669     };
670 
671     return filter_receive_iov(nc, direction, sender, flags, &iov, 1, sent_cb);
672 }
673 
674 void qemu_purge_queued_packets(NetClientState *nc)
675 {
676     if (!nc->peer) {
677         return;
678     }
679 
680     qemu_net_queue_purge(nc->peer->incoming_queue, nc);
681 }
682 
683 void qemu_flush_or_purge_queued_packets(NetClientState *nc, bool purge)
684 {
685     nc->receive_disabled = 0;
686 
687     if (nc->peer && nc->peer->info->type == NET_CLIENT_DRIVER_HUBPORT) {
688         if (net_hub_flush(nc->peer)) {
689             qemu_notify_event();
690         }
691     }
692     if (qemu_net_queue_flush(nc->incoming_queue)) {
693         /* We emptied the queue successfully, signal to the IO thread to repoll
694          * the file descriptor (for tap, for example).
695          */
696         qemu_notify_event();
697     } else if (purge) {
698         /* Unable to empty the queue, purge remaining packets */
699         qemu_net_queue_purge(nc->incoming_queue, nc->peer);
700     }
701 }
702 
703 void qemu_flush_queued_packets(NetClientState *nc)
704 {
705     qemu_flush_or_purge_queued_packets(nc, false);
706 }
707 
708 static ssize_t qemu_send_packet_async_with_flags(NetClientState *sender,
709                                                  unsigned flags,
710                                                  const uint8_t *buf, int size,
711                                                  NetPacketSent *sent_cb)
712 {
713     NetQueue *queue;
714     int ret;
715 
716 #ifdef DEBUG_NET
717     printf("qemu_send_packet_async:\n");
718     qemu_hexdump(stdout, "net", buf, size);
719 #endif
720 
721     if (sender->link_down || !sender->peer) {
722         return size;
723     }
724 
725     /* Let filters handle the packet first */
726     ret = filter_receive(sender, NET_FILTER_DIRECTION_TX,
727                          sender, flags, buf, size, sent_cb);
728     if (ret) {
729         return ret;
730     }
731 
732     ret = filter_receive(sender->peer, NET_FILTER_DIRECTION_RX,
733                          sender, flags, buf, size, sent_cb);
734     if (ret) {
735         return ret;
736     }
737 
738     queue = sender->peer->incoming_queue;
739 
740     return qemu_net_queue_send(queue, sender, flags, buf, size, sent_cb);
741 }
742 
743 ssize_t qemu_send_packet_async(NetClientState *sender,
744                                const uint8_t *buf, int size,
745                                NetPacketSent *sent_cb)
746 {
747     return qemu_send_packet_async_with_flags(sender, QEMU_NET_PACKET_FLAG_NONE,
748                                              buf, size, sent_cb);
749 }
750 
751 ssize_t qemu_send_packet(NetClientState *nc, const uint8_t *buf, int size)
752 {
753     return qemu_send_packet_async(nc, buf, size, NULL);
754 }
755 
756 ssize_t qemu_receive_packet(NetClientState *nc, const uint8_t *buf, int size)
757 {
758     if (!qemu_can_receive_packet(nc)) {
759         return 0;
760     }
761 
762     return qemu_net_queue_receive(nc->incoming_queue, buf, size);
763 }
764 
765 ssize_t qemu_receive_packet_iov(NetClientState *nc, const struct iovec *iov,
766                                 int iovcnt)
767 {
768     if (!qemu_can_receive_packet(nc)) {
769         return 0;
770     }
771 
772     return qemu_net_queue_receive_iov(nc->incoming_queue, iov, iovcnt);
773 }
774 
775 ssize_t qemu_send_packet_raw(NetClientState *nc, const uint8_t *buf, int size)
776 {
777     return qemu_send_packet_async_with_flags(nc, QEMU_NET_PACKET_FLAG_RAW,
778                                              buf, size, NULL);
779 }
780 
781 static ssize_t nc_sendv_compat(NetClientState *nc, const struct iovec *iov,
782                                int iovcnt, unsigned flags)
783 {
784     uint8_t *buf = NULL;
785     uint8_t *buffer;
786     size_t offset;
787     ssize_t ret;
788 
789     if (iovcnt == 1) {
790         buffer = iov[0].iov_base;
791         offset = iov[0].iov_len;
792     } else {
793         offset = iov_size(iov, iovcnt);
794         if (offset > NET_BUFSIZE) {
795             return -1;
796         }
797         buf = g_malloc(offset);
798         buffer = buf;
799         offset = iov_to_buf(iov, iovcnt, 0, buf, offset);
800     }
801 
802     if (flags & QEMU_NET_PACKET_FLAG_RAW && nc->info->receive_raw) {
803         ret = nc->info->receive_raw(nc, buffer, offset);
804     } else {
805         ret = nc->info->receive(nc, buffer, offset);
806     }
807 
808     g_free(buf);
809     return ret;
810 }
811 
812 static ssize_t qemu_deliver_packet_iov(NetClientState *sender,
813                                        unsigned flags,
814                                        const struct iovec *iov,
815                                        int iovcnt,
816                                        void *opaque)
817 {
818     MemReentrancyGuard *owned_reentrancy_guard;
819     NetClientState *nc = opaque;
820     int ret;
821 
822 
823     if (nc->link_down) {
824         return iov_size(iov, iovcnt);
825     }
826 
827     if (nc->receive_disabled) {
828         return 0;
829     }
830 
831     if (nc->info->type != NET_CLIENT_DRIVER_NIC ||
832         qemu_get_nic(nc)->reentrancy_guard->engaged_in_io) {
833         owned_reentrancy_guard = NULL;
834     } else {
835         owned_reentrancy_guard = qemu_get_nic(nc)->reentrancy_guard;
836         owned_reentrancy_guard->engaged_in_io = true;
837     }
838 
839     if (nc->info->receive_iov && !(flags & QEMU_NET_PACKET_FLAG_RAW)) {
840         ret = nc->info->receive_iov(nc, iov, iovcnt);
841     } else {
842         ret = nc_sendv_compat(nc, iov, iovcnt, flags);
843     }
844 
845     if (owned_reentrancy_guard) {
846         owned_reentrancy_guard->engaged_in_io = false;
847     }
848 
849     if (ret == 0) {
850         nc->receive_disabled = 1;
851     }
852 
853     return ret;
854 }
855 
856 ssize_t qemu_sendv_packet_async(NetClientState *sender,
857                                 const struct iovec *iov, int iovcnt,
858                                 NetPacketSent *sent_cb)
859 {
860     NetQueue *queue;
861     size_t size = iov_size(iov, iovcnt);
862     int ret;
863 
864     if (size > NET_BUFSIZE) {
865         return size;
866     }
867 
868     if (sender->link_down || !sender->peer) {
869         return size;
870     }
871 
872     /* Let filters handle the packet first */
873     ret = filter_receive_iov(sender, NET_FILTER_DIRECTION_TX, sender,
874                              QEMU_NET_PACKET_FLAG_NONE, iov, iovcnt, sent_cb);
875     if (ret) {
876         return ret;
877     }
878 
879     ret = filter_receive_iov(sender->peer, NET_FILTER_DIRECTION_RX, sender,
880                              QEMU_NET_PACKET_FLAG_NONE, iov, iovcnt, sent_cb);
881     if (ret) {
882         return ret;
883     }
884 
885     queue = sender->peer->incoming_queue;
886 
887     return qemu_net_queue_send_iov(queue, sender,
888                                    QEMU_NET_PACKET_FLAG_NONE,
889                                    iov, iovcnt, sent_cb);
890 }
891 
892 ssize_t
893 qemu_sendv_packet(NetClientState *nc, const struct iovec *iov, int iovcnt)
894 {
895     return qemu_sendv_packet_async(nc, iov, iovcnt, NULL);
896 }
897 
898 NetClientState *qemu_find_netdev(const char *id)
899 {
900     NetClientState *nc;
901 
902     QTAILQ_FOREACH(nc, &net_clients, next) {
903         if (nc->info->type == NET_CLIENT_DRIVER_NIC)
904             continue;
905         if (!strcmp(nc->name, id)) {
906             return nc;
907         }
908     }
909 
910     return NULL;
911 }
912 
913 int qemu_find_net_clients_except(const char *id, NetClientState **ncs,
914                                  NetClientDriver type, int max)
915 {
916     NetClientState *nc;
917     int ret = 0;
918 
919     QTAILQ_FOREACH(nc, &net_clients, next) {
920         if (nc->info->type == type) {
921             continue;
922         }
923         if (!id || !strcmp(nc->name, id)) {
924             if (ret < max) {
925                 ncs[ret] = nc;
926             }
927             ret++;
928         }
929     }
930 
931     return ret;
932 }
933 
934 static int nic_get_free_idx(void)
935 {
936     int index;
937 
938     for (index = 0; index < MAX_NICS; index++)
939         if (!nd_table[index].used)
940             return index;
941     return -1;
942 }
943 
944 GPtrArray *qemu_get_nic_models(const char *device_type)
945 {
946     GPtrArray *nic_models = g_ptr_array_new();
947     GSList *list = object_class_get_list_sorted(device_type, false);
948 
949     while (list) {
950         DeviceClass *dc = OBJECT_CLASS_CHECK(DeviceClass, list->data,
951                                              TYPE_DEVICE);
952         GSList *next;
953         if (test_bit(DEVICE_CATEGORY_NETWORK, dc->categories) &&
954             dc->user_creatable) {
955             const char *name = object_class_get_name(list->data);
956             /*
957              * A network device might also be something else than a NIC, see
958              * e.g. the "rocker" device. Thus we have to look for the "netdev"
959              * property, too. Unfortunately, some devices like virtio-net only
960              * create this property during instance_init, so we have to create
961              * a temporary instance here to be able to check it.
962              */
963             Object *obj = object_new_with_class(OBJECT_CLASS(dc));
964             if (object_property_find(obj, "netdev")) {
965                 g_ptr_array_add(nic_models, (gpointer)name);
966             }
967             object_unref(obj);
968         }
969         next = list->next;
970         g_slist_free_1(list);
971         list = next;
972     }
973     g_ptr_array_add(nic_models, NULL);
974 
975     return nic_models;
976 }
977 
978 int qemu_show_nic_models(const char *arg, const char *const *models)
979 {
980     int i;
981 
982     if (!arg || !is_help_option(arg)) {
983         return 0;
984     }
985 
986     printf("Available NIC models:\n");
987     for (i = 0 ; models[i]; i++) {
988         printf("%s\n", models[i]);
989     }
990     return 1;
991 }
992 
993 void qemu_check_nic_model(NICInfo *nd, const char *model)
994 {
995     const char *models[2];
996 
997     models[0] = model;
998     models[1] = NULL;
999 
1000     if (qemu_show_nic_models(nd->model, models))
1001         exit(0);
1002     if (qemu_find_nic_model(nd, models, model) < 0)
1003         exit(1);
1004 }
1005 
1006 int qemu_find_nic_model(NICInfo *nd, const char * const *models,
1007                         const char *default_model)
1008 {
1009     int i;
1010 
1011     if (!nd->model)
1012         nd->model = g_strdup(default_model);
1013 
1014     for (i = 0 ; models[i]; i++) {
1015         if (strcmp(nd->model, models[i]) == 0)
1016             return i;
1017     }
1018 
1019     error_report("Unsupported NIC model: %s", nd->model);
1020     return -1;
1021 }
1022 
1023 static int net_init_nic(const Netdev *netdev, const char *name,
1024                         NetClientState *peer, Error **errp)
1025 {
1026     int idx;
1027     NICInfo *nd;
1028     const NetLegacyNicOptions *nic;
1029 
1030     assert(netdev->type == NET_CLIENT_DRIVER_NIC);
1031     nic = &netdev->u.nic;
1032 
1033     idx = nic_get_free_idx();
1034     if (idx == -1 || nb_nics >= MAX_NICS) {
1035         error_setg(errp, "too many NICs");
1036         return -1;
1037     }
1038 
1039     nd = &nd_table[idx];
1040 
1041     memset(nd, 0, sizeof(*nd));
1042 
1043     if (nic->netdev) {
1044         nd->netdev = qemu_find_netdev(nic->netdev);
1045         if (!nd->netdev) {
1046             error_setg(errp, "netdev '%s' not found", nic->netdev);
1047             return -1;
1048         }
1049     } else {
1050         assert(peer);
1051         nd->netdev = peer;
1052     }
1053     nd->name = g_strdup(name);
1054     if (nic->model) {
1055         nd->model = g_strdup(nic->model);
1056     }
1057     if (nic->addr) {
1058         nd->devaddr = g_strdup(nic->addr);
1059     }
1060 
1061     if (nic->macaddr &&
1062         net_parse_macaddr(nd->macaddr.a, nic->macaddr) < 0) {
1063         error_setg(errp, "invalid syntax for ethernet address");
1064         return -1;
1065     }
1066     if (nic->macaddr &&
1067         is_multicast_ether_addr(nd->macaddr.a)) {
1068         error_setg(errp,
1069                    "NIC cannot have multicast MAC address (odd 1st byte)");
1070         return -1;
1071     }
1072     qemu_macaddr_default_if_unset(&nd->macaddr);
1073 
1074     if (nic->has_vectors) {
1075         if (nic->vectors > 0x7ffffff) {
1076             error_setg(errp, "invalid # of vectors: %"PRIu32, nic->vectors);
1077             return -1;
1078         }
1079         nd->nvectors = nic->vectors;
1080     } else {
1081         nd->nvectors = DEV_NVECTORS_UNSPECIFIED;
1082     }
1083 
1084     nd->used = 1;
1085     nb_nics++;
1086 
1087     return idx;
1088 }
1089 
1090 
1091 static int (* const net_client_init_fun[NET_CLIENT_DRIVER__MAX])(
1092     const Netdev *netdev,
1093     const char *name,
1094     NetClientState *peer, Error **errp) = {
1095         [NET_CLIENT_DRIVER_NIC]       = net_init_nic,
1096 #ifdef CONFIG_SLIRP
1097         [NET_CLIENT_DRIVER_USER]      = net_init_slirp,
1098 #endif
1099         [NET_CLIENT_DRIVER_TAP]       = net_init_tap,
1100         [NET_CLIENT_DRIVER_SOCKET]    = net_init_socket,
1101         [NET_CLIENT_DRIVER_STREAM]    = net_init_stream,
1102         [NET_CLIENT_DRIVER_DGRAM]     = net_init_dgram,
1103 #ifdef CONFIG_VDE
1104         [NET_CLIENT_DRIVER_VDE]       = net_init_vde,
1105 #endif
1106 #ifdef CONFIG_NETMAP
1107         [NET_CLIENT_DRIVER_NETMAP]    = net_init_netmap,
1108 #endif
1109 #ifdef CONFIG_AF_XDP
1110         [NET_CLIENT_DRIVER_AF_XDP]    = net_init_af_xdp,
1111 #endif
1112 #ifdef CONFIG_NET_BRIDGE
1113         [NET_CLIENT_DRIVER_BRIDGE]    = net_init_bridge,
1114 #endif
1115         [NET_CLIENT_DRIVER_HUBPORT]   = net_init_hubport,
1116 #ifdef CONFIG_VHOST_NET_USER
1117         [NET_CLIENT_DRIVER_VHOST_USER] = net_init_vhost_user,
1118 #endif
1119 #ifdef CONFIG_VHOST_NET_VDPA
1120         [NET_CLIENT_DRIVER_VHOST_VDPA] = net_init_vhost_vdpa,
1121 #endif
1122 #ifdef CONFIG_L2TPV3
1123         [NET_CLIENT_DRIVER_L2TPV3]    = net_init_l2tpv3,
1124 #endif
1125 #ifdef CONFIG_VMNET
1126         [NET_CLIENT_DRIVER_VMNET_HOST] = net_init_vmnet_host,
1127         [NET_CLIENT_DRIVER_VMNET_SHARED] = net_init_vmnet_shared,
1128         [NET_CLIENT_DRIVER_VMNET_BRIDGED] = net_init_vmnet_bridged,
1129 #endif /* CONFIG_VMNET */
1130 };
1131 
1132 
1133 static int net_client_init1(const Netdev *netdev, bool is_netdev, Error **errp)
1134 {
1135     NetClientState *peer = NULL;
1136     NetClientState *nc;
1137 
1138     if (is_netdev) {
1139         if (netdev->type == NET_CLIENT_DRIVER_NIC ||
1140             !net_client_init_fun[netdev->type]) {
1141             error_setg(errp, "network backend '%s' is not compiled into this binary",
1142                        NetClientDriver_str(netdev->type));
1143             return -1;
1144         }
1145     } else {
1146         if (netdev->type == NET_CLIENT_DRIVER_NONE) {
1147             return 0; /* nothing to do */
1148         }
1149         if (netdev->type == NET_CLIENT_DRIVER_HUBPORT) {
1150             error_setg(errp, "network backend '%s' is only supported with -netdev/-nic",
1151                        NetClientDriver_str(netdev->type));
1152             return -1;
1153         }
1154 
1155         if (!net_client_init_fun[netdev->type]) {
1156             error_setg(errp, "network backend '%s' is not compiled into this binary",
1157                        NetClientDriver_str(netdev->type));
1158             return -1;
1159         }
1160 
1161         /* Do not add to a hub if it's a nic with a netdev= parameter. */
1162         if (netdev->type != NET_CLIENT_DRIVER_NIC ||
1163             !netdev->u.nic.netdev) {
1164             peer = net_hub_add_port(0, NULL, NULL);
1165         }
1166     }
1167 
1168     nc = qemu_find_netdev(netdev->id);
1169     if (nc) {
1170         error_setg(errp, "Duplicate ID '%s'", netdev->id);
1171         return -1;
1172     }
1173 
1174     if (net_client_init_fun[netdev->type](netdev, netdev->id, peer, errp) < 0) {
1175         /* FIXME drop when all init functions store an Error */
1176         if (errp && !*errp) {
1177             error_setg(errp, "Device '%s' could not be initialized",
1178                        NetClientDriver_str(netdev->type));
1179         }
1180         return -1;
1181     }
1182 
1183     if (is_netdev) {
1184         nc = qemu_find_netdev(netdev->id);
1185         assert(nc);
1186         nc->is_netdev = true;
1187     }
1188 
1189     return 0;
1190 }
1191 
1192 void show_netdevs(void)
1193 {
1194     int idx;
1195     const char *available_netdevs[] = {
1196         "socket",
1197         "stream",
1198         "dgram",
1199         "hubport",
1200         "tap",
1201 #ifdef CONFIG_SLIRP
1202         "user",
1203 #endif
1204 #ifdef CONFIG_L2TPV3
1205         "l2tpv3",
1206 #endif
1207 #ifdef CONFIG_VDE
1208         "vde",
1209 #endif
1210 #ifdef CONFIG_NET_BRIDGE
1211         "bridge",
1212 #endif
1213 #ifdef CONFIG_NETMAP
1214         "netmap",
1215 #endif
1216 #ifdef CONFIG_AF_XDP
1217         "af-xdp",
1218 #endif
1219 #ifdef CONFIG_POSIX
1220         "vhost-user",
1221 #endif
1222 #ifdef CONFIG_VHOST_VDPA
1223         "vhost-vdpa",
1224 #endif
1225 #ifdef CONFIG_VMNET
1226         "vmnet-host",
1227         "vmnet-shared",
1228         "vmnet-bridged",
1229 #endif
1230     };
1231 
1232     qemu_printf("Available netdev backend types:\n");
1233     for (idx = 0; idx < ARRAY_SIZE(available_netdevs); idx++) {
1234         qemu_printf("%s\n", available_netdevs[idx]);
1235     }
1236 }
1237 
1238 static int net_client_init(QemuOpts *opts, bool is_netdev, Error **errp)
1239 {
1240     gchar **substrings = NULL;
1241     Netdev *object = NULL;
1242     int ret = -1;
1243     Visitor *v = opts_visitor_new(opts);
1244 
1245     /* Parse convenience option format ipv6-net=fec0::0[/64] */
1246     const char *ip6_net = qemu_opt_get(opts, "ipv6-net");
1247 
1248     if (ip6_net) {
1249         char *prefix_addr;
1250         unsigned long prefix_len = 64; /* Default 64bit prefix length. */
1251 
1252         substrings = g_strsplit(ip6_net, "/", 2);
1253         if (!substrings || !substrings[0]) {
1254             error_setg(errp, QERR_INVALID_PARAMETER_VALUE, "ipv6-net",
1255                        "a valid IPv6 prefix");
1256             goto out;
1257         }
1258 
1259         prefix_addr = substrings[0];
1260 
1261         /* Handle user-specified prefix length. */
1262         if (substrings[1] &&
1263             qemu_strtoul(substrings[1], NULL, 10, &prefix_len))
1264         {
1265             error_setg(errp,
1266                        "parameter 'ipv6-net' expects a number after '/'");
1267             goto out;
1268         }
1269 
1270         qemu_opt_set(opts, "ipv6-prefix", prefix_addr, &error_abort);
1271         qemu_opt_set_number(opts, "ipv6-prefixlen", prefix_len,
1272                             &error_abort);
1273         qemu_opt_unset(opts, "ipv6-net");
1274     }
1275 
1276     /* Create an ID for -net if the user did not specify one */
1277     if (!is_netdev && !qemu_opts_id(opts)) {
1278         qemu_opts_set_id(opts, id_generate(ID_NET));
1279     }
1280 
1281     if (visit_type_Netdev(v, NULL, &object, errp)) {
1282         ret = net_client_init1(object, is_netdev, errp);
1283     }
1284 
1285     qapi_free_Netdev(object);
1286 
1287 out:
1288     g_strfreev(substrings);
1289     visit_free(v);
1290     return ret;
1291 }
1292 
1293 void netdev_add(QemuOpts *opts, Error **errp)
1294 {
1295     net_client_init(opts, true, errp);
1296 }
1297 
1298 void qmp_netdev_add(Netdev *netdev, Error **errp)
1299 {
1300     if (!id_wellformed(netdev->id)) {
1301         error_setg(errp, QERR_INVALID_PARAMETER_VALUE, "id", "an identifier");
1302         return;
1303     }
1304 
1305     net_client_init1(netdev, true, errp);
1306 }
1307 
1308 void qmp_netdev_del(const char *id, Error **errp)
1309 {
1310     NetClientState *nc;
1311     QemuOpts *opts;
1312 
1313     nc = qemu_find_netdev(id);
1314     if (!nc) {
1315         error_set(errp, ERROR_CLASS_DEVICE_NOT_FOUND,
1316                   "Device '%s' not found", id);
1317         return;
1318     }
1319 
1320     if (!nc->is_netdev) {
1321         error_setg(errp, "Device '%s' is not a netdev", id);
1322         return;
1323     }
1324 
1325     qemu_del_net_client(nc);
1326 
1327     /*
1328      * Wart: we need to delete the QemuOpts associated with netdevs
1329      * created via CLI or HMP, to avoid bogus "Duplicate ID" errors in
1330      * HMP netdev_add.
1331      */
1332     opts = qemu_opts_find(qemu_find_opts("netdev"), id);
1333     if (opts) {
1334         qemu_opts_del(opts);
1335     }
1336 }
1337 
1338 static void netfilter_print_info(Monitor *mon, NetFilterState *nf)
1339 {
1340     char *str;
1341     ObjectProperty *prop;
1342     ObjectPropertyIterator iter;
1343     Visitor *v;
1344 
1345     /* generate info str */
1346     object_property_iter_init(&iter, OBJECT(nf));
1347     while ((prop = object_property_iter_next(&iter))) {
1348         if (!strcmp(prop->name, "type")) {
1349             continue;
1350         }
1351         v = string_output_visitor_new(false, &str);
1352         object_property_get(OBJECT(nf), prop->name, v, NULL);
1353         visit_complete(v, &str);
1354         visit_free(v);
1355         monitor_printf(mon, ",%s=%s", prop->name, str);
1356         g_free(str);
1357     }
1358     monitor_printf(mon, "\n");
1359 }
1360 
1361 void print_net_client(Monitor *mon, NetClientState *nc)
1362 {
1363     NetFilterState *nf;
1364 
1365     monitor_printf(mon, "%s: index=%d,type=%s,%s\n", nc->name,
1366                    nc->queue_index,
1367                    NetClientDriver_str(nc->info->type),
1368                    nc->info_str);
1369     if (!QTAILQ_EMPTY(&nc->filters)) {
1370         monitor_printf(mon, "filters:\n");
1371     }
1372     QTAILQ_FOREACH(nf, &nc->filters, next) {
1373         monitor_printf(mon, "  - %s: type=%s",
1374                        object_get_canonical_path_component(OBJECT(nf)),
1375                        object_get_typename(OBJECT(nf)));
1376         netfilter_print_info(mon, nf);
1377     }
1378 }
1379 
1380 RxFilterInfoList *qmp_query_rx_filter(const char *name, Error **errp)
1381 {
1382     NetClientState *nc;
1383     RxFilterInfoList *filter_list = NULL, **tail = &filter_list;
1384 
1385     QTAILQ_FOREACH(nc, &net_clients, next) {
1386         RxFilterInfo *info;
1387 
1388         if (name && strcmp(nc->name, name) != 0) {
1389             continue;
1390         }
1391 
1392         /* only query rx-filter information of NIC */
1393         if (nc->info->type != NET_CLIENT_DRIVER_NIC) {
1394             if (name) {
1395                 error_setg(errp, "net client(%s) isn't a NIC", name);
1396                 assert(!filter_list);
1397                 return NULL;
1398             }
1399             continue;
1400         }
1401 
1402         /* only query information on queue 0 since the info is per nic,
1403          * not per queue
1404          */
1405         if (nc->queue_index != 0)
1406             continue;
1407 
1408         if (nc->info->query_rx_filter) {
1409             info = nc->info->query_rx_filter(nc);
1410             QAPI_LIST_APPEND(tail, info);
1411         } else if (name) {
1412             error_setg(errp, "net client(%s) doesn't support"
1413                        " rx-filter querying", name);
1414             assert(!filter_list);
1415             return NULL;
1416         }
1417 
1418         if (name) {
1419             break;
1420         }
1421     }
1422 
1423     if (filter_list == NULL && name) {
1424         error_setg(errp, "invalid net client name: %s", name);
1425     }
1426 
1427     return filter_list;
1428 }
1429 
1430 void colo_notify_filters_event(int event, Error **errp)
1431 {
1432     NetClientState *nc;
1433     NetFilterState *nf;
1434     NetFilterClass *nfc = NULL;
1435     Error *local_err = NULL;
1436 
1437     QTAILQ_FOREACH(nc, &net_clients, next) {
1438         QTAILQ_FOREACH(nf, &nc->filters, next) {
1439             nfc = NETFILTER_GET_CLASS(OBJECT(nf));
1440             nfc->handle_event(nf, event, &local_err);
1441             if (local_err) {
1442                 error_propagate(errp, local_err);
1443                 return;
1444             }
1445         }
1446     }
1447 }
1448 
1449 void qmp_set_link(const char *name, bool up, Error **errp)
1450 {
1451     NetClientState *ncs[MAX_QUEUE_NUM];
1452     NetClientState *nc;
1453     int queues, i;
1454 
1455     queues = qemu_find_net_clients_except(name, ncs,
1456                                           NET_CLIENT_DRIVER__MAX,
1457                                           MAX_QUEUE_NUM);
1458 
1459     if (queues == 0) {
1460         error_set(errp, ERROR_CLASS_DEVICE_NOT_FOUND,
1461                   "Device '%s' not found", name);
1462         return;
1463     }
1464     nc = ncs[0];
1465 
1466     for (i = 0; i < queues; i++) {
1467         ncs[i]->link_down = !up;
1468     }
1469 
1470     if (nc->info->link_status_changed) {
1471         nc->info->link_status_changed(nc);
1472     }
1473 
1474     if (nc->peer) {
1475         /* Change peer link only if the peer is NIC and then notify peer.
1476          * If the peer is a HUBPORT or a backend, we do not change the
1477          * link status.
1478          *
1479          * This behavior is compatible with qemu hubs where there could be
1480          * multiple clients that can still communicate with each other in
1481          * disconnected mode. For now maintain this compatibility.
1482          */
1483         if (nc->peer->info->type == NET_CLIENT_DRIVER_NIC) {
1484             for (i = 0; i < queues; i++) {
1485                 ncs[i]->peer->link_down = !up;
1486             }
1487         }
1488         if (nc->peer->info->link_status_changed) {
1489             nc->peer->info->link_status_changed(nc->peer);
1490         }
1491     }
1492 }
1493 
1494 static void net_vm_change_state_handler(void *opaque, bool running,
1495                                         RunState state)
1496 {
1497     NetClientState *nc;
1498     NetClientState *tmp;
1499 
1500     QTAILQ_FOREACH_SAFE(nc, &net_clients, next, tmp) {
1501         if (running) {
1502             /* Flush queued packets and wake up backends. */
1503             if (nc->peer && qemu_can_send_packet(nc)) {
1504                 qemu_flush_queued_packets(nc->peer);
1505             }
1506         } else {
1507             /* Complete all queued packets, to guarantee we don't modify
1508              * state later when VM is not running.
1509              */
1510             qemu_flush_or_purge_queued_packets(nc, true);
1511         }
1512     }
1513 }
1514 
1515 void net_cleanup(void)
1516 {
1517     NetClientState *nc, **p = &QTAILQ_FIRST(&net_clients);
1518 
1519     /*cleanup colo compare module for COLO*/
1520     colo_compare_cleanup();
1521 
1522     /*
1523      * Walk the net_clients list and remove the netdevs but *not* any
1524      * NET_CLIENT_DRIVER_NIC entries. The latter are owned by the device
1525      * model which created them, and in some cases (e.g. xen-net-device)
1526      * the device itself may do cleanup at exit and will be upset if we
1527      * just delete its NIC from underneath it.
1528      *
1529      * Since qemu_del_net_client() may delete multiple entries, using
1530      * QTAILQ_FOREACH_SAFE() is not safe here. The only safe pointer
1531      * to keep as a bookmark is a NET_CLIENT_DRIVER_NIC entry, so keep
1532      * 'p' pointing to either the head of the list, or the 'next' field
1533      * of the latest NET_CLIENT_DRIVER_NIC, and operate on *p as we walk
1534      * the list.
1535      *
1536      * The 'nc' variable isn't part of the list traversal; it's purely
1537      * for convenience as too much '(*p)->' has a tendency to make the
1538      * readers' eyes bleed.
1539      */
1540     while (*p) {
1541         nc = *p;
1542         if (nc->info->type == NET_CLIENT_DRIVER_NIC) {
1543             /* Skip NET_CLIENT_DRIVER_NIC entries */
1544             p = &QTAILQ_NEXT(nc, next);
1545         } else {
1546             qemu_del_net_client(nc);
1547         }
1548     }
1549 
1550     qemu_del_vm_change_state_handler(net_change_state_entry);
1551 }
1552 
1553 void net_check_clients(void)
1554 {
1555     NetClientState *nc;
1556     int i;
1557 
1558     net_hub_check_clients();
1559 
1560     QTAILQ_FOREACH(nc, &net_clients, next) {
1561         if (!nc->peer) {
1562             warn_report("%s %s has no peer",
1563                         nc->info->type == NET_CLIENT_DRIVER_NIC
1564                         ? "nic" : "netdev",
1565                         nc->name);
1566         }
1567     }
1568 
1569     /* Check that all NICs requested via -net nic actually got created.
1570      * NICs created via -device don't need to be checked here because
1571      * they are always instantiated.
1572      */
1573     for (i = 0; i < MAX_NICS; i++) {
1574         NICInfo *nd = &nd_table[i];
1575         if (nd->used && !nd->instantiated) {
1576             warn_report("requested NIC (%s, model %s) "
1577                         "was not created (not supported by this machine?)",
1578                         nd->name ? nd->name : "anonymous",
1579                         nd->model ? nd->model : "unspecified");
1580         }
1581     }
1582 }
1583 
1584 static int net_init_client(void *dummy, QemuOpts *opts, Error **errp)
1585 {
1586     return net_client_init(opts, false, errp);
1587 }
1588 
1589 static int net_init_netdev(void *dummy, QemuOpts *opts, Error **errp)
1590 {
1591     const char *type = qemu_opt_get(opts, "type");
1592 
1593     if (type && is_help_option(type)) {
1594         show_netdevs();
1595         exit(0);
1596     }
1597     return net_client_init(opts, true, errp);
1598 }
1599 
1600 /* For the convenience "--nic" parameter */
1601 static int net_param_nic(void *dummy, QemuOpts *opts, Error **errp)
1602 {
1603     char *mac, *nd_id;
1604     int idx, ret;
1605     NICInfo *ni;
1606     const char *type;
1607 
1608     type = qemu_opt_get(opts, "type");
1609     if (type) {
1610         if (g_str_equal(type, "none")) {
1611             return 0;    /* Nothing to do, default_net is cleared in vl.c */
1612         }
1613         if (is_help_option(type)) {
1614             GPtrArray *nic_models = qemu_get_nic_models(TYPE_DEVICE);
1615             show_netdevs();
1616             printf("\n");
1617             qemu_show_nic_models(type, (const char **)nic_models->pdata);
1618             g_ptr_array_free(nic_models, true);
1619             exit(0);
1620         }
1621     }
1622 
1623     idx = nic_get_free_idx();
1624     if (idx == -1 || nb_nics >= MAX_NICS) {
1625         error_setg(errp, "no more on-board/default NIC slots available");
1626         return -1;
1627     }
1628 
1629     if (!type) {
1630         qemu_opt_set(opts, "type", "user", &error_abort);
1631     }
1632 
1633     ni = &nd_table[idx];
1634     memset(ni, 0, sizeof(*ni));
1635     ni->model = qemu_opt_get_del(opts, "model");
1636 
1637     /* Create an ID if the user did not specify one */
1638     nd_id = g_strdup(qemu_opts_id(opts));
1639     if (!nd_id) {
1640         nd_id = id_generate(ID_NET);
1641         qemu_opts_set_id(opts, nd_id);
1642     }
1643 
1644     /* Handle MAC address */
1645     mac = qemu_opt_get_del(opts, "mac");
1646     if (mac) {
1647         ret = net_parse_macaddr(ni->macaddr.a, mac);
1648         g_free(mac);
1649         if (ret) {
1650             error_setg(errp, "invalid syntax for ethernet address");
1651             goto out;
1652         }
1653         if (is_multicast_ether_addr(ni->macaddr.a)) {
1654             error_setg(errp, "NIC cannot have multicast MAC address");
1655             ret = -1;
1656             goto out;
1657         }
1658     }
1659     qemu_macaddr_default_if_unset(&ni->macaddr);
1660 
1661     ret = net_client_init(opts, true, errp);
1662     if (ret == 0) {
1663         ni->netdev = qemu_find_netdev(nd_id);
1664         ni->used = true;
1665         nb_nics++;
1666     }
1667 
1668 out:
1669     g_free(nd_id);
1670     return ret;
1671 }
1672 
1673 static void netdev_init_modern(void)
1674 {
1675     while (!QSIMPLEQ_EMPTY(&nd_queue)) {
1676         NetdevQueueEntry *nd = QSIMPLEQ_FIRST(&nd_queue);
1677 
1678         QSIMPLEQ_REMOVE_HEAD(&nd_queue, entry);
1679         loc_push_restore(&nd->loc);
1680         net_client_init1(nd->nd, true, &error_fatal);
1681         loc_pop(&nd->loc);
1682         qapi_free_Netdev(nd->nd);
1683         g_free(nd);
1684     }
1685 }
1686 
1687 void net_init_clients(void)
1688 {
1689     net_change_state_entry =
1690         qemu_add_vm_change_state_handler(net_vm_change_state_handler, NULL);
1691 
1692     QTAILQ_INIT(&net_clients);
1693 
1694     netdev_init_modern();
1695 
1696     qemu_opts_foreach(qemu_find_opts("netdev"), net_init_netdev, NULL,
1697                       &error_fatal);
1698 
1699     qemu_opts_foreach(qemu_find_opts("nic"), net_param_nic, NULL,
1700                       &error_fatal);
1701 
1702     qemu_opts_foreach(qemu_find_opts("net"), net_init_client, NULL,
1703                       &error_fatal);
1704 }
1705 
1706 /*
1707  * Does this -netdev argument use modern rather than traditional syntax?
1708  * Modern syntax is to be parsed with netdev_parse_modern().
1709  * Traditional syntax is to be parsed with net_client_parse().
1710  */
1711 bool netdev_is_modern(const char *optstr)
1712 {
1713     QemuOpts *opts;
1714     bool is_modern;
1715     const char *type;
1716     static QemuOptsList dummy_opts = {
1717         .name = "netdev",
1718         .implied_opt_name = "type",
1719         .head = QTAILQ_HEAD_INITIALIZER(dummy_opts.head),
1720         .desc = { { } },
1721     };
1722 
1723     if (optstr[0] == '{') {
1724         /* This is JSON, which means it's modern syntax */
1725         return true;
1726     }
1727 
1728     opts = qemu_opts_create(&dummy_opts, NULL, false, &error_abort);
1729     qemu_opts_do_parse(opts, optstr, dummy_opts.implied_opt_name,
1730                        &error_abort);
1731     type = qemu_opt_get(opts, "type");
1732     is_modern = !g_strcmp0(type, "stream") || !g_strcmp0(type, "dgram");
1733 
1734     qemu_opts_reset(&dummy_opts);
1735 
1736     return is_modern;
1737 }
1738 
1739 /*
1740  * netdev_parse_modern() uses modern, more expressive syntax than
1741  * net_client_parse(), but supports only the -netdev option.
1742  * netdev_parse_modern() appends to @nd_queue, whereas net_client_parse()
1743  * appends to @qemu_netdev_opts.
1744  */
1745 void netdev_parse_modern(const char *optstr)
1746 {
1747     Visitor *v;
1748     NetdevQueueEntry *nd;
1749 
1750     v = qobject_input_visitor_new_str(optstr, "type", &error_fatal);
1751     nd = g_new(NetdevQueueEntry, 1);
1752     visit_type_Netdev(v, NULL, &nd->nd, &error_fatal);
1753     visit_free(v);
1754     loc_save(&nd->loc);
1755 
1756     QSIMPLEQ_INSERT_TAIL(&nd_queue, nd, entry);
1757 }
1758 
1759 void net_client_parse(QemuOptsList *opts_list, const char *optstr)
1760 {
1761     if (!qemu_opts_parse_noisily(opts_list, optstr, true)) {
1762         exit(1);
1763     }
1764 }
1765 
1766 /* From FreeBSD */
1767 /* XXX: optimize */
1768 uint32_t net_crc32(const uint8_t *p, int len)
1769 {
1770     uint32_t crc;
1771     int carry, i, j;
1772     uint8_t b;
1773 
1774     crc = 0xffffffff;
1775     for (i = 0; i < len; i++) {
1776         b = *p++;
1777         for (j = 0; j < 8; j++) {
1778             carry = ((crc & 0x80000000L) ? 1 : 0) ^ (b & 0x01);
1779             crc <<= 1;
1780             b >>= 1;
1781             if (carry) {
1782                 crc = ((crc ^ POLYNOMIAL_BE) | carry);
1783             }
1784         }
1785     }
1786 
1787     return crc;
1788 }
1789 
1790 uint32_t net_crc32_le(const uint8_t *p, int len)
1791 {
1792     uint32_t crc;
1793     int carry, i, j;
1794     uint8_t b;
1795 
1796     crc = 0xffffffff;
1797     for (i = 0; i < len; i++) {
1798         b = *p++;
1799         for (j = 0; j < 8; j++) {
1800             carry = (crc & 0x1) ^ (b & 0x01);
1801             crc >>= 1;
1802             b >>= 1;
1803             if (carry) {
1804                 crc ^= POLYNOMIAL_LE;
1805             }
1806         }
1807     }
1808 
1809     return crc;
1810 }
1811 
1812 QemuOptsList qemu_netdev_opts = {
1813     .name = "netdev",
1814     .implied_opt_name = "type",
1815     .head = QTAILQ_HEAD_INITIALIZER(qemu_netdev_opts.head),
1816     .desc = {
1817         /*
1818          * no elements => accept any params
1819          * validation will happen later
1820          */
1821         { /* end of list */ }
1822     },
1823 };
1824 
1825 QemuOptsList qemu_nic_opts = {
1826     .name = "nic",
1827     .implied_opt_name = "type",
1828     .head = QTAILQ_HEAD_INITIALIZER(qemu_nic_opts.head),
1829     .desc = {
1830         /*
1831          * no elements => accept any params
1832          * validation will happen later
1833          */
1834         { /* end of list */ }
1835     },
1836 };
1837 
1838 QemuOptsList qemu_net_opts = {
1839     .name = "net",
1840     .implied_opt_name = "type",
1841     .head = QTAILQ_HEAD_INITIALIZER(qemu_net_opts.head),
1842     .desc = {
1843         /*
1844          * no elements => accept any params
1845          * validation will happen later
1846          */
1847         { /* end of list */ }
1848     },
1849 };
1850 
1851 void net_socket_rs_init(SocketReadState *rs,
1852                         SocketReadStateFinalize *finalize,
1853                         bool vnet_hdr)
1854 {
1855     rs->state = 0;
1856     rs->vnet_hdr = vnet_hdr;
1857     rs->index = 0;
1858     rs->packet_len = 0;
1859     rs->vnet_hdr_len = 0;
1860     memset(rs->buf, 0, sizeof(rs->buf));
1861     rs->finalize = finalize;
1862 }
1863 
1864 /*
1865  * Returns
1866  * 0: success
1867  * -1: error occurs
1868  */
1869 int net_fill_rstate(SocketReadState *rs, const uint8_t *buf, int size)
1870 {
1871     unsigned int l;
1872 
1873     while (size > 0) {
1874         /* Reassemble a packet from the network.
1875          * 0 = getting length.
1876          * 1 = getting vnet header length.
1877          * 2 = getting data.
1878          */
1879         switch (rs->state) {
1880         case 0:
1881             l = 4 - rs->index;
1882             if (l > size) {
1883                 l = size;
1884             }
1885             memcpy(rs->buf + rs->index, buf, l);
1886             buf += l;
1887             size -= l;
1888             rs->index += l;
1889             if (rs->index == 4) {
1890                 /* got length */
1891                 rs->packet_len = ntohl(*(uint32_t *)rs->buf);
1892                 rs->index = 0;
1893                 if (rs->vnet_hdr) {
1894                     rs->state = 1;
1895                 } else {
1896                     rs->state = 2;
1897                     rs->vnet_hdr_len = 0;
1898                 }
1899             }
1900             break;
1901         case 1:
1902             l = 4 - rs->index;
1903             if (l > size) {
1904                 l = size;
1905             }
1906             memcpy(rs->buf + rs->index, buf, l);
1907             buf += l;
1908             size -= l;
1909             rs->index += l;
1910             if (rs->index == 4) {
1911                 /* got vnet header length */
1912                 rs->vnet_hdr_len = ntohl(*(uint32_t *)rs->buf);
1913                 rs->index = 0;
1914                 rs->state = 2;
1915             }
1916             break;
1917         case 2:
1918             l = rs->packet_len - rs->index;
1919             if (l > size) {
1920                 l = size;
1921             }
1922             if (rs->index + l <= sizeof(rs->buf)) {
1923                 memcpy(rs->buf + rs->index, buf, l);
1924             } else {
1925                 fprintf(stderr, "serious error: oversized packet received,"
1926                     "connection terminated.\n");
1927                 rs->index = rs->state = 0;
1928                 return -1;
1929             }
1930 
1931             rs->index += l;
1932             buf += l;
1933             size -= l;
1934             if (rs->index >= rs->packet_len) {
1935                 rs->index = 0;
1936                 rs->state = 0;
1937                 assert(rs->finalize);
1938                 rs->finalize(rs);
1939             }
1940             break;
1941         }
1942     }
1943 
1944     assert(size == 0);
1945     return 0;
1946 }
1947