xref: /openbmc/qemu/net/net.c (revision f14eced5)
1 /*
2  * QEMU System Emulator
3  *
4  * Copyright (c) 2003-2008 Fabrice Bellard
5  *
6  * Permission is hereby granted, free of charge, to any person obtaining a copy
7  * of this software and associated documentation files (the "Software"), to deal
8  * in the Software without restriction, including without limitation the rights
9  * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10  * copies of the Software, and to permit persons to whom the Software is
11  * furnished to do so, subject to the following conditions:
12  *
13  * The above copyright notice and this permission notice shall be included in
14  * all copies or substantial portions of the Software.
15  *
16  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19  * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
22  * THE SOFTWARE.
23  */
24 
25 #include "qemu/osdep.h"
26 
27 #include "net/net.h"
28 #include "clients.h"
29 #include "hub.h"
30 #include "hw/qdev-properties.h"
31 #include "net/slirp.h"
32 #include "net/eth.h"
33 #include "util.h"
34 
35 #include "monitor/monitor.h"
36 #include "qemu/help_option.h"
37 #include "qapi/qapi-commands-net.h"
38 #include "qapi/qapi-visit-net.h"
39 #include "qapi/qmp/qdict.h"
40 #include "qapi/qmp/qerror.h"
41 #include "qemu/error-report.h"
42 #include "qemu/sockets.h"
43 #include "qemu/cutils.h"
44 #include "qemu/config-file.h"
45 #include "qemu/ctype.h"
46 #include "qemu/id.h"
47 #include "qemu/iov.h"
48 #include "qemu/qemu-print.h"
49 #include "qemu/main-loop.h"
50 #include "qemu/option.h"
51 #include "qemu/keyval.h"
52 #include "qapi/error.h"
53 #include "qapi/opts-visitor.h"
54 #include "sysemu/runstate.h"
55 #include "net/colo-compare.h"
56 #include "net/filter.h"
57 #include "qapi/string-output-visitor.h"
58 #include "qapi/qobject-input-visitor.h"
59 
60 /* Net bridge is currently not supported for W32. */
61 #if !defined(_WIN32)
62 # define CONFIG_NET_BRIDGE
63 #endif
64 
65 static VMChangeStateEntry *net_change_state_entry;
66 NetClientStateList net_clients;
67 
68 typedef struct NetdevQueueEntry {
69     Netdev *nd;
70     Location loc;
71     QSIMPLEQ_ENTRY(NetdevQueueEntry) entry;
72 } NetdevQueueEntry;
73 
74 typedef QSIMPLEQ_HEAD(, NetdevQueueEntry) NetdevQueue;
75 
76 static NetdevQueue nd_queue = QSIMPLEQ_HEAD_INITIALIZER(nd_queue);
77 
78 /***********************************************************/
79 /* network device redirectors */
80 
81 int convert_host_port(struct sockaddr_in *saddr, const char *host,
82                       const char *port, Error **errp)
83 {
84     struct hostent *he;
85     const char *r;
86     long p;
87 
88     memset(saddr, 0, sizeof(*saddr));
89 
90     saddr->sin_family = AF_INET;
91     if (host[0] == '\0') {
92         saddr->sin_addr.s_addr = 0;
93     } else {
94         if (qemu_isdigit(host[0])) {
95             if (!inet_aton(host, &saddr->sin_addr)) {
96                 error_setg(errp, "host address '%s' is not a valid "
97                            "IPv4 address", host);
98                 return -1;
99             }
100         } else {
101             he = gethostbyname(host);
102             if (he == NULL) {
103                 error_setg(errp, "can't resolve host address '%s'", host);
104                 return -1;
105             }
106             saddr->sin_addr = *(struct in_addr *)he->h_addr;
107         }
108     }
109     if (qemu_strtol(port, &r, 0, &p) != 0) {
110         error_setg(errp, "port number '%s' is invalid", port);
111         return -1;
112     }
113     saddr->sin_port = htons(p);
114     return 0;
115 }
116 
117 int parse_host_port(struct sockaddr_in *saddr, const char *str,
118                     Error **errp)
119 {
120     gchar **substrings;
121     int ret;
122 
123     substrings = g_strsplit(str, ":", 2);
124     if (!substrings || !substrings[0] || !substrings[1]) {
125         error_setg(errp, "host address '%s' doesn't contain ':' "
126                    "separating host from port", str);
127         ret = -1;
128         goto out;
129     }
130 
131     ret = convert_host_port(saddr, substrings[0], substrings[1], errp);
132 
133 out:
134     g_strfreev(substrings);
135     return ret;
136 }
137 
138 char *qemu_mac_strdup_printf(const uint8_t *macaddr)
139 {
140     return g_strdup_printf("%.2x:%.2x:%.2x:%.2x:%.2x:%.2x",
141                            macaddr[0], macaddr[1], macaddr[2],
142                            macaddr[3], macaddr[4], macaddr[5]);
143 }
144 
145 void qemu_set_info_str(NetClientState *nc, const char *fmt, ...)
146 {
147     va_list ap;
148 
149     va_start(ap, fmt);
150     vsnprintf(nc->info_str, sizeof(nc->info_str), fmt, ap);
151     va_end(ap);
152 }
153 
154 void qemu_format_nic_info_str(NetClientState *nc, uint8_t macaddr[6])
155 {
156     qemu_set_info_str(nc, "model=%s,macaddr=%02x:%02x:%02x:%02x:%02x:%02x",
157                       nc->model, macaddr[0], macaddr[1], macaddr[2],
158                       macaddr[3], macaddr[4], macaddr[5]);
159 }
160 
161 static int mac_table[256] = {0};
162 
163 static void qemu_macaddr_set_used(MACAddr *macaddr)
164 {
165     int index;
166 
167     for (index = 0x56; index < 0xFF; index++) {
168         if (macaddr->a[5] == index) {
169             mac_table[index]++;
170         }
171     }
172 }
173 
174 static void qemu_macaddr_set_free(MACAddr *macaddr)
175 {
176     int index;
177     static const MACAddr base = { .a = { 0x52, 0x54, 0x00, 0x12, 0x34, 0 } };
178 
179     if (memcmp(macaddr->a, &base.a, (sizeof(base.a) - 1)) != 0) {
180         return;
181     }
182     for (index = 0x56; index < 0xFF; index++) {
183         if (macaddr->a[5] == index) {
184             mac_table[index]--;
185         }
186     }
187 }
188 
189 static int qemu_macaddr_get_free(void)
190 {
191     int index;
192 
193     for (index = 0x56; index < 0xFF; index++) {
194         if (mac_table[index] == 0) {
195             return index;
196         }
197     }
198 
199     return -1;
200 }
201 
202 void qemu_macaddr_default_if_unset(MACAddr *macaddr)
203 {
204     static const MACAddr zero = { .a = { 0,0,0,0,0,0 } };
205     static const MACAddr base = { .a = { 0x52, 0x54, 0x00, 0x12, 0x34, 0 } };
206 
207     if (memcmp(macaddr, &zero, sizeof(zero)) != 0) {
208         if (memcmp(macaddr->a, &base.a, (sizeof(base.a) - 1)) != 0) {
209             return;
210         } else {
211             qemu_macaddr_set_used(macaddr);
212             return;
213         }
214     }
215 
216     macaddr->a[0] = 0x52;
217     macaddr->a[1] = 0x54;
218     macaddr->a[2] = 0x00;
219     macaddr->a[3] = 0x12;
220     macaddr->a[4] = 0x34;
221     macaddr->a[5] = qemu_macaddr_get_free();
222     qemu_macaddr_set_used(macaddr);
223 }
224 
225 /**
226  * Generate a name for net client
227  *
228  * Only net clients created with the legacy -net option and NICs need this.
229  */
230 static char *assign_name(NetClientState *nc1, const char *model)
231 {
232     NetClientState *nc;
233     int id = 0;
234 
235     QTAILQ_FOREACH(nc, &net_clients, next) {
236         if (nc == nc1) {
237             continue;
238         }
239         if (strcmp(nc->model, model) == 0) {
240             id++;
241         }
242     }
243 
244     return g_strdup_printf("%s.%d", model, id);
245 }
246 
247 static void qemu_net_client_destructor(NetClientState *nc)
248 {
249     g_free(nc);
250 }
251 static ssize_t qemu_deliver_packet_iov(NetClientState *sender,
252                                        unsigned flags,
253                                        const struct iovec *iov,
254                                        int iovcnt,
255                                        void *opaque);
256 
257 static void qemu_net_client_setup(NetClientState *nc,
258                                   NetClientInfo *info,
259                                   NetClientState *peer,
260                                   const char *model,
261                                   const char *name,
262                                   NetClientDestructor *destructor,
263                                   bool is_datapath)
264 {
265     nc->info = info;
266     nc->model = g_strdup(model);
267     if (name) {
268         nc->name = g_strdup(name);
269     } else {
270         nc->name = assign_name(nc, model);
271     }
272 
273     if (peer) {
274         assert(!peer->peer);
275         nc->peer = peer;
276         peer->peer = nc;
277     }
278     QTAILQ_INSERT_TAIL(&net_clients, nc, next);
279 
280     nc->incoming_queue = qemu_new_net_queue(qemu_deliver_packet_iov, nc);
281     nc->destructor = destructor;
282     nc->is_datapath = is_datapath;
283     QTAILQ_INIT(&nc->filters);
284 }
285 
286 NetClientState *qemu_new_net_client(NetClientInfo *info,
287                                     NetClientState *peer,
288                                     const char *model,
289                                     const char *name)
290 {
291     NetClientState *nc;
292 
293     assert(info->size >= sizeof(NetClientState));
294 
295     nc = g_malloc0(info->size);
296     qemu_net_client_setup(nc, info, peer, model, name,
297                           qemu_net_client_destructor, true);
298 
299     return nc;
300 }
301 
302 NetClientState *qemu_new_net_control_client(NetClientInfo *info,
303                                             NetClientState *peer,
304                                             const char *model,
305                                             const char *name)
306 {
307     NetClientState *nc;
308 
309     assert(info->size >= sizeof(NetClientState));
310 
311     nc = g_malloc0(info->size);
312     qemu_net_client_setup(nc, info, peer, model, name,
313                           qemu_net_client_destructor, false);
314 
315     return nc;
316 }
317 
318 NICState *qemu_new_nic(NetClientInfo *info,
319                        NICConf *conf,
320                        const char *model,
321                        const char *name,
322                        void *opaque)
323 {
324     NetClientState **peers = conf->peers.ncs;
325     NICState *nic;
326     int i, queues = MAX(1, conf->peers.queues);
327 
328     assert(info->type == NET_CLIENT_DRIVER_NIC);
329     assert(info->size >= sizeof(NICState));
330 
331     nic = g_malloc0(info->size + sizeof(NetClientState) * queues);
332     nic->ncs = (void *)nic + info->size;
333     nic->conf = conf;
334     nic->opaque = opaque;
335 
336     for (i = 0; i < queues; i++) {
337         qemu_net_client_setup(&nic->ncs[i], info, peers[i], model, name,
338                               NULL, true);
339         nic->ncs[i].queue_index = i;
340     }
341 
342     return nic;
343 }
344 
345 NetClientState *qemu_get_subqueue(NICState *nic, int queue_index)
346 {
347     return nic->ncs + queue_index;
348 }
349 
350 NetClientState *qemu_get_queue(NICState *nic)
351 {
352     return qemu_get_subqueue(nic, 0);
353 }
354 
355 NICState *qemu_get_nic(NetClientState *nc)
356 {
357     NetClientState *nc0 = nc - nc->queue_index;
358 
359     return (NICState *)((void *)nc0 - nc->info->size);
360 }
361 
362 void *qemu_get_nic_opaque(NetClientState *nc)
363 {
364     NICState *nic = qemu_get_nic(nc);
365 
366     return nic->opaque;
367 }
368 
369 NetClientState *qemu_get_peer(NetClientState *nc, int queue_index)
370 {
371     assert(nc != NULL);
372     NetClientState *ncs = nc + queue_index;
373     return ncs->peer;
374 }
375 
376 static void qemu_cleanup_net_client(NetClientState *nc)
377 {
378     QTAILQ_REMOVE(&net_clients, nc, next);
379 
380     if (nc->info->cleanup) {
381         nc->info->cleanup(nc);
382     }
383 }
384 
385 static void qemu_free_net_client(NetClientState *nc)
386 {
387     if (nc->incoming_queue) {
388         qemu_del_net_queue(nc->incoming_queue);
389     }
390     if (nc->peer) {
391         nc->peer->peer = NULL;
392     }
393     g_free(nc->name);
394     g_free(nc->model);
395     if (nc->destructor) {
396         nc->destructor(nc);
397     }
398 }
399 
400 void qemu_del_net_client(NetClientState *nc)
401 {
402     NetClientState *ncs[MAX_QUEUE_NUM];
403     int queues, i;
404     NetFilterState *nf, *next;
405 
406     assert(nc->info->type != NET_CLIENT_DRIVER_NIC);
407 
408     /* If the NetClientState belongs to a multiqueue backend, we will change all
409      * other NetClientStates also.
410      */
411     queues = qemu_find_net_clients_except(nc->name, ncs,
412                                           NET_CLIENT_DRIVER_NIC,
413                                           MAX_QUEUE_NUM);
414     assert(queues != 0);
415 
416     QTAILQ_FOREACH_SAFE(nf, &nc->filters, next, next) {
417         object_unparent(OBJECT(nf));
418     }
419 
420     /* If there is a peer NIC, delete and cleanup client, but do not free. */
421     if (nc->peer && nc->peer->info->type == NET_CLIENT_DRIVER_NIC) {
422         NICState *nic = qemu_get_nic(nc->peer);
423         if (nic->peer_deleted) {
424             return;
425         }
426         nic->peer_deleted = true;
427 
428         for (i = 0; i < queues; i++) {
429             ncs[i]->peer->link_down = true;
430         }
431 
432         if (nc->peer->info->link_status_changed) {
433             nc->peer->info->link_status_changed(nc->peer);
434         }
435 
436         for (i = 0; i < queues; i++) {
437             qemu_cleanup_net_client(ncs[i]);
438         }
439 
440         return;
441     }
442 
443     for (i = 0; i < queues; i++) {
444         qemu_cleanup_net_client(ncs[i]);
445         qemu_free_net_client(ncs[i]);
446     }
447 }
448 
449 void qemu_del_nic(NICState *nic)
450 {
451     int i, queues = MAX(nic->conf->peers.queues, 1);
452 
453     qemu_macaddr_set_free(&nic->conf->macaddr);
454 
455     for (i = 0; i < queues; i++) {
456         NetClientState *nc = qemu_get_subqueue(nic, i);
457         /* If this is a peer NIC and peer has already been deleted, free it now. */
458         if (nic->peer_deleted) {
459             qemu_free_net_client(nc->peer);
460         } else if (nc->peer) {
461             /* if there are RX packets pending, complete them */
462             qemu_purge_queued_packets(nc->peer);
463         }
464     }
465 
466     for (i = queues - 1; i >= 0; i--) {
467         NetClientState *nc = qemu_get_subqueue(nic, i);
468 
469         qemu_cleanup_net_client(nc);
470         qemu_free_net_client(nc);
471     }
472 
473     g_free(nic);
474 }
475 
476 void qemu_foreach_nic(qemu_nic_foreach func, void *opaque)
477 {
478     NetClientState *nc;
479 
480     QTAILQ_FOREACH(nc, &net_clients, next) {
481         if (nc->info->type == NET_CLIENT_DRIVER_NIC) {
482             if (nc->queue_index == 0) {
483                 func(qemu_get_nic(nc), opaque);
484             }
485         }
486     }
487 }
488 
489 bool qemu_has_ufo(NetClientState *nc)
490 {
491     if (!nc || !nc->info->has_ufo) {
492         return false;
493     }
494 
495     return nc->info->has_ufo(nc);
496 }
497 
498 bool qemu_has_uso(NetClientState *nc)
499 {
500     if (!nc || !nc->info->has_uso) {
501         return false;
502     }
503 
504     return nc->info->has_uso(nc);
505 }
506 
507 bool qemu_has_vnet_hdr(NetClientState *nc)
508 {
509     if (!nc || !nc->info->has_vnet_hdr) {
510         return false;
511     }
512 
513     return nc->info->has_vnet_hdr(nc);
514 }
515 
516 bool qemu_has_vnet_hdr_len(NetClientState *nc, int len)
517 {
518     if (!nc || !nc->info->has_vnet_hdr_len) {
519         return false;
520     }
521 
522     return nc->info->has_vnet_hdr_len(nc, len);
523 }
524 
525 bool qemu_get_using_vnet_hdr(NetClientState *nc)
526 {
527     if (!nc || !nc->info->get_using_vnet_hdr) {
528         return false;
529     }
530 
531     return nc->info->get_using_vnet_hdr(nc);
532 }
533 
534 void qemu_using_vnet_hdr(NetClientState *nc, bool enable)
535 {
536     if (!nc || !nc->info->using_vnet_hdr) {
537         return;
538     }
539 
540     nc->info->using_vnet_hdr(nc, enable);
541 }
542 
543 void qemu_set_offload(NetClientState *nc, int csum, int tso4, int tso6,
544                           int ecn, int ufo, int uso4, int uso6)
545 {
546     if (!nc || !nc->info->set_offload) {
547         return;
548     }
549 
550     nc->info->set_offload(nc, csum, tso4, tso6, ecn, ufo, uso4, uso6);
551 }
552 
553 int qemu_get_vnet_hdr_len(NetClientState *nc)
554 {
555     if (!nc || !nc->info->get_vnet_hdr_len) {
556         return 0;
557     }
558 
559     return nc->info->get_vnet_hdr_len(nc);
560 }
561 
562 void qemu_set_vnet_hdr_len(NetClientState *nc, int len)
563 {
564     if (!nc || !nc->info->set_vnet_hdr_len) {
565         return;
566     }
567 
568     nc->vnet_hdr_len = len;
569     nc->info->set_vnet_hdr_len(nc, len);
570 }
571 
572 int qemu_set_vnet_le(NetClientState *nc, bool is_le)
573 {
574 #if HOST_BIG_ENDIAN
575     if (!nc || !nc->info->set_vnet_le) {
576         return -ENOSYS;
577     }
578 
579     return nc->info->set_vnet_le(nc, is_le);
580 #else
581     return 0;
582 #endif
583 }
584 
585 int qemu_set_vnet_be(NetClientState *nc, bool is_be)
586 {
587 #if HOST_BIG_ENDIAN
588     return 0;
589 #else
590     if (!nc || !nc->info->set_vnet_be) {
591         return -ENOSYS;
592     }
593 
594     return nc->info->set_vnet_be(nc, is_be);
595 #endif
596 }
597 
598 int qemu_can_receive_packet(NetClientState *nc)
599 {
600     if (nc->receive_disabled) {
601         return 0;
602     } else if (nc->info->can_receive &&
603                !nc->info->can_receive(nc)) {
604         return 0;
605     }
606     return 1;
607 }
608 
609 int qemu_can_send_packet(NetClientState *sender)
610 {
611     int vm_running = runstate_is_running();
612 
613     if (!vm_running) {
614         return 0;
615     }
616 
617     if (!sender->peer) {
618         return 1;
619     }
620 
621     return qemu_can_receive_packet(sender->peer);
622 }
623 
624 static ssize_t filter_receive_iov(NetClientState *nc,
625                                   NetFilterDirection direction,
626                                   NetClientState *sender,
627                                   unsigned flags,
628                                   const struct iovec *iov,
629                                   int iovcnt,
630                                   NetPacketSent *sent_cb)
631 {
632     ssize_t ret = 0;
633     NetFilterState *nf = NULL;
634 
635     if (direction == NET_FILTER_DIRECTION_TX) {
636         QTAILQ_FOREACH(nf, &nc->filters, next) {
637             ret = qemu_netfilter_receive(nf, direction, sender, flags, iov,
638                                          iovcnt, sent_cb);
639             if (ret) {
640                 return ret;
641             }
642         }
643     } else {
644         QTAILQ_FOREACH_REVERSE(nf, &nc->filters, next) {
645             ret = qemu_netfilter_receive(nf, direction, sender, flags, iov,
646                                          iovcnt, sent_cb);
647             if (ret) {
648                 return ret;
649             }
650         }
651     }
652 
653     return ret;
654 }
655 
656 static ssize_t filter_receive(NetClientState *nc,
657                               NetFilterDirection direction,
658                               NetClientState *sender,
659                               unsigned flags,
660                               const uint8_t *data,
661                               size_t size,
662                               NetPacketSent *sent_cb)
663 {
664     struct iovec iov = {
665         .iov_base = (void *)data,
666         .iov_len = size
667     };
668 
669     return filter_receive_iov(nc, direction, sender, flags, &iov, 1, sent_cb);
670 }
671 
672 void qemu_purge_queued_packets(NetClientState *nc)
673 {
674     if (!nc->peer) {
675         return;
676     }
677 
678     qemu_net_queue_purge(nc->peer->incoming_queue, nc);
679 }
680 
681 void qemu_flush_or_purge_queued_packets(NetClientState *nc, bool purge)
682 {
683     nc->receive_disabled = 0;
684 
685     if (nc->peer && nc->peer->info->type == NET_CLIENT_DRIVER_HUBPORT) {
686         if (net_hub_flush(nc->peer)) {
687             qemu_notify_event();
688         }
689     }
690     if (qemu_net_queue_flush(nc->incoming_queue)) {
691         /* We emptied the queue successfully, signal to the IO thread to repoll
692          * the file descriptor (for tap, for example).
693          */
694         qemu_notify_event();
695     } else if (purge) {
696         /* Unable to empty the queue, purge remaining packets */
697         qemu_net_queue_purge(nc->incoming_queue, nc->peer);
698     }
699 }
700 
701 void qemu_flush_queued_packets(NetClientState *nc)
702 {
703     qemu_flush_or_purge_queued_packets(nc, false);
704 }
705 
706 static ssize_t qemu_send_packet_async_with_flags(NetClientState *sender,
707                                                  unsigned flags,
708                                                  const uint8_t *buf, int size,
709                                                  NetPacketSent *sent_cb)
710 {
711     NetQueue *queue;
712     int ret;
713 
714 #ifdef DEBUG_NET
715     printf("qemu_send_packet_async:\n");
716     qemu_hexdump(stdout, "net", buf, size);
717 #endif
718 
719     if (sender->link_down || !sender->peer) {
720         return size;
721     }
722 
723     /* Let filters handle the packet first */
724     ret = filter_receive(sender, NET_FILTER_DIRECTION_TX,
725                          sender, flags, buf, size, sent_cb);
726     if (ret) {
727         return ret;
728     }
729 
730     ret = filter_receive(sender->peer, NET_FILTER_DIRECTION_RX,
731                          sender, flags, buf, size, sent_cb);
732     if (ret) {
733         return ret;
734     }
735 
736     queue = sender->peer->incoming_queue;
737 
738     return qemu_net_queue_send(queue, sender, flags, buf, size, sent_cb);
739 }
740 
741 ssize_t qemu_send_packet_async(NetClientState *sender,
742                                const uint8_t *buf, int size,
743                                NetPacketSent *sent_cb)
744 {
745     return qemu_send_packet_async_with_flags(sender, QEMU_NET_PACKET_FLAG_NONE,
746                                              buf, size, sent_cb);
747 }
748 
749 ssize_t qemu_send_packet(NetClientState *nc, const uint8_t *buf, int size)
750 {
751     return qemu_send_packet_async(nc, buf, size, NULL);
752 }
753 
754 ssize_t qemu_receive_packet(NetClientState *nc, const uint8_t *buf, int size)
755 {
756     if (!qemu_can_receive_packet(nc)) {
757         return 0;
758     }
759 
760     return qemu_net_queue_receive(nc->incoming_queue, buf, size);
761 }
762 
763 ssize_t qemu_receive_packet_iov(NetClientState *nc, const struct iovec *iov,
764                                 int iovcnt)
765 {
766     if (!qemu_can_receive_packet(nc)) {
767         return 0;
768     }
769 
770     return qemu_net_queue_receive_iov(nc->incoming_queue, iov, iovcnt);
771 }
772 
773 ssize_t qemu_send_packet_raw(NetClientState *nc, const uint8_t *buf, int size)
774 {
775     return qemu_send_packet_async_with_flags(nc, QEMU_NET_PACKET_FLAG_RAW,
776                                              buf, size, NULL);
777 }
778 
779 static ssize_t nc_sendv_compat(NetClientState *nc, const struct iovec *iov,
780                                int iovcnt, unsigned flags)
781 {
782     uint8_t *buf = NULL;
783     uint8_t *buffer;
784     size_t offset;
785     ssize_t ret;
786 
787     if (iovcnt == 1) {
788         buffer = iov[0].iov_base;
789         offset = iov[0].iov_len;
790     } else {
791         offset = iov_size(iov, iovcnt);
792         if (offset > NET_BUFSIZE) {
793             return -1;
794         }
795         buf = g_malloc(offset);
796         buffer = buf;
797         offset = iov_to_buf(iov, iovcnt, 0, buf, offset);
798     }
799 
800     if (flags & QEMU_NET_PACKET_FLAG_RAW && nc->info->receive_raw) {
801         ret = nc->info->receive_raw(nc, buffer, offset);
802     } else {
803         ret = nc->info->receive(nc, buffer, offset);
804     }
805 
806     g_free(buf);
807     return ret;
808 }
809 
810 static ssize_t qemu_deliver_packet_iov(NetClientState *sender,
811                                        unsigned flags,
812                                        const struct iovec *iov,
813                                        int iovcnt,
814                                        void *opaque)
815 {
816     NetClientState *nc = opaque;
817     int ret;
818 
819 
820     if (nc->link_down) {
821         return iov_size(iov, iovcnt);
822     }
823 
824     if (nc->receive_disabled) {
825         return 0;
826     }
827 
828     if (nc->info->receive_iov && !(flags & QEMU_NET_PACKET_FLAG_RAW)) {
829         ret = nc->info->receive_iov(nc, iov, iovcnt);
830     } else {
831         ret = nc_sendv_compat(nc, iov, iovcnt, flags);
832     }
833 
834     if (ret == 0) {
835         nc->receive_disabled = 1;
836     }
837 
838     return ret;
839 }
840 
841 ssize_t qemu_sendv_packet_async(NetClientState *sender,
842                                 const struct iovec *iov, int iovcnt,
843                                 NetPacketSent *sent_cb)
844 {
845     NetQueue *queue;
846     size_t size = iov_size(iov, iovcnt);
847     int ret;
848 
849     if (size > NET_BUFSIZE) {
850         return size;
851     }
852 
853     if (sender->link_down || !sender->peer) {
854         return size;
855     }
856 
857     /* Let filters handle the packet first */
858     ret = filter_receive_iov(sender, NET_FILTER_DIRECTION_TX, sender,
859                              QEMU_NET_PACKET_FLAG_NONE, iov, iovcnt, sent_cb);
860     if (ret) {
861         return ret;
862     }
863 
864     ret = filter_receive_iov(sender->peer, NET_FILTER_DIRECTION_RX, sender,
865                              QEMU_NET_PACKET_FLAG_NONE, iov, iovcnt, sent_cb);
866     if (ret) {
867         return ret;
868     }
869 
870     queue = sender->peer->incoming_queue;
871 
872     return qemu_net_queue_send_iov(queue, sender,
873                                    QEMU_NET_PACKET_FLAG_NONE,
874                                    iov, iovcnt, sent_cb);
875 }
876 
877 ssize_t
878 qemu_sendv_packet(NetClientState *nc, const struct iovec *iov, int iovcnt)
879 {
880     return qemu_sendv_packet_async(nc, iov, iovcnt, NULL);
881 }
882 
883 NetClientState *qemu_find_netdev(const char *id)
884 {
885     NetClientState *nc;
886 
887     QTAILQ_FOREACH(nc, &net_clients, next) {
888         if (nc->info->type == NET_CLIENT_DRIVER_NIC)
889             continue;
890         if (!strcmp(nc->name, id)) {
891             return nc;
892         }
893     }
894 
895     return NULL;
896 }
897 
898 int qemu_find_net_clients_except(const char *id, NetClientState **ncs,
899                                  NetClientDriver type, int max)
900 {
901     NetClientState *nc;
902     int ret = 0;
903 
904     QTAILQ_FOREACH(nc, &net_clients, next) {
905         if (nc->info->type == type) {
906             continue;
907         }
908         if (!id || !strcmp(nc->name, id)) {
909             if (ret < max) {
910                 ncs[ret] = nc;
911             }
912             ret++;
913         }
914     }
915 
916     return ret;
917 }
918 
919 static int nic_get_free_idx(void)
920 {
921     int index;
922 
923     for (index = 0; index < MAX_NICS; index++)
924         if (!nd_table[index].used)
925             return index;
926     return -1;
927 }
928 
929 GPtrArray *qemu_get_nic_models(const char *device_type)
930 {
931     GPtrArray *nic_models = g_ptr_array_new();
932     GSList *list = object_class_get_list_sorted(device_type, false);
933 
934     while (list) {
935         DeviceClass *dc = OBJECT_CLASS_CHECK(DeviceClass, list->data,
936                                              TYPE_DEVICE);
937         GSList *next;
938         if (test_bit(DEVICE_CATEGORY_NETWORK, dc->categories) &&
939             dc->user_creatable) {
940             const char *name = object_class_get_name(list->data);
941             /*
942              * A network device might also be something else than a NIC, see
943              * e.g. the "rocker" device. Thus we have to look for the "netdev"
944              * property, too. Unfortunately, some devices like virtio-net only
945              * create this property during instance_init, so we have to create
946              * a temporary instance here to be able to check it.
947              */
948             Object *obj = object_new_with_class(OBJECT_CLASS(dc));
949             if (object_property_find(obj, "netdev")) {
950                 g_ptr_array_add(nic_models, (gpointer)name);
951             }
952             object_unref(obj);
953         }
954         next = list->next;
955         g_slist_free_1(list);
956         list = next;
957     }
958     g_ptr_array_add(nic_models, NULL);
959 
960     return nic_models;
961 }
962 
963 int qemu_show_nic_models(const char *arg, const char *const *models)
964 {
965     int i;
966 
967     if (!arg || !is_help_option(arg)) {
968         return 0;
969     }
970 
971     printf("Available NIC models:\n");
972     for (i = 0 ; models[i]; i++) {
973         printf("%s\n", models[i]);
974     }
975     return 1;
976 }
977 
978 void qemu_check_nic_model(NICInfo *nd, const char *model)
979 {
980     const char *models[2];
981 
982     models[0] = model;
983     models[1] = NULL;
984 
985     if (qemu_show_nic_models(nd->model, models))
986         exit(0);
987     if (qemu_find_nic_model(nd, models, model) < 0)
988         exit(1);
989 }
990 
991 int qemu_find_nic_model(NICInfo *nd, const char * const *models,
992                         const char *default_model)
993 {
994     int i;
995 
996     if (!nd->model)
997         nd->model = g_strdup(default_model);
998 
999     for (i = 0 ; models[i]; i++) {
1000         if (strcmp(nd->model, models[i]) == 0)
1001             return i;
1002     }
1003 
1004     error_report("Unsupported NIC model: %s", nd->model);
1005     return -1;
1006 }
1007 
1008 static int net_init_nic(const Netdev *netdev, const char *name,
1009                         NetClientState *peer, Error **errp)
1010 {
1011     int idx;
1012     NICInfo *nd;
1013     const NetLegacyNicOptions *nic;
1014 
1015     assert(netdev->type == NET_CLIENT_DRIVER_NIC);
1016     nic = &netdev->u.nic;
1017 
1018     idx = nic_get_free_idx();
1019     if (idx == -1 || nb_nics >= MAX_NICS) {
1020         error_setg(errp, "too many NICs");
1021         return -1;
1022     }
1023 
1024     nd = &nd_table[idx];
1025 
1026     memset(nd, 0, sizeof(*nd));
1027 
1028     if (nic->netdev) {
1029         nd->netdev = qemu_find_netdev(nic->netdev);
1030         if (!nd->netdev) {
1031             error_setg(errp, "netdev '%s' not found", nic->netdev);
1032             return -1;
1033         }
1034     } else {
1035         assert(peer);
1036         nd->netdev = peer;
1037     }
1038     nd->name = g_strdup(name);
1039     if (nic->model) {
1040         nd->model = g_strdup(nic->model);
1041     }
1042     if (nic->addr) {
1043         nd->devaddr = g_strdup(nic->addr);
1044     }
1045 
1046     if (nic->macaddr &&
1047         net_parse_macaddr(nd->macaddr.a, nic->macaddr) < 0) {
1048         error_setg(errp, "invalid syntax for ethernet address");
1049         return -1;
1050     }
1051     if (nic->macaddr &&
1052         is_multicast_ether_addr(nd->macaddr.a)) {
1053         error_setg(errp,
1054                    "NIC cannot have multicast MAC address (odd 1st byte)");
1055         return -1;
1056     }
1057     qemu_macaddr_default_if_unset(&nd->macaddr);
1058 
1059     if (nic->has_vectors) {
1060         if (nic->vectors > 0x7ffffff) {
1061             error_setg(errp, "invalid # of vectors: %"PRIu32, nic->vectors);
1062             return -1;
1063         }
1064         nd->nvectors = nic->vectors;
1065     } else {
1066         nd->nvectors = DEV_NVECTORS_UNSPECIFIED;
1067     }
1068 
1069     nd->used = 1;
1070     nb_nics++;
1071 
1072     return idx;
1073 }
1074 
1075 
1076 static int (* const net_client_init_fun[NET_CLIENT_DRIVER__MAX])(
1077     const Netdev *netdev,
1078     const char *name,
1079     NetClientState *peer, Error **errp) = {
1080         [NET_CLIENT_DRIVER_NIC]       = net_init_nic,
1081 #ifdef CONFIG_SLIRP
1082         [NET_CLIENT_DRIVER_USER]      = net_init_slirp,
1083 #endif
1084         [NET_CLIENT_DRIVER_TAP]       = net_init_tap,
1085         [NET_CLIENT_DRIVER_SOCKET]    = net_init_socket,
1086         [NET_CLIENT_DRIVER_STREAM]    = net_init_stream,
1087         [NET_CLIENT_DRIVER_DGRAM]     = net_init_dgram,
1088 #ifdef CONFIG_VDE
1089         [NET_CLIENT_DRIVER_VDE]       = net_init_vde,
1090 #endif
1091 #ifdef CONFIG_NETMAP
1092         [NET_CLIENT_DRIVER_NETMAP]    = net_init_netmap,
1093 #endif
1094 #ifdef CONFIG_AF_XDP
1095         [NET_CLIENT_DRIVER_AF_XDP]    = net_init_af_xdp,
1096 #endif
1097 #ifdef CONFIG_NET_BRIDGE
1098         [NET_CLIENT_DRIVER_BRIDGE]    = net_init_bridge,
1099 #endif
1100         [NET_CLIENT_DRIVER_HUBPORT]   = net_init_hubport,
1101 #ifdef CONFIG_VHOST_NET_USER
1102         [NET_CLIENT_DRIVER_VHOST_USER] = net_init_vhost_user,
1103 #endif
1104 #ifdef CONFIG_VHOST_NET_VDPA
1105         [NET_CLIENT_DRIVER_VHOST_VDPA] = net_init_vhost_vdpa,
1106 #endif
1107 #ifdef CONFIG_L2TPV3
1108         [NET_CLIENT_DRIVER_L2TPV3]    = net_init_l2tpv3,
1109 #endif
1110 #ifdef CONFIG_VMNET
1111         [NET_CLIENT_DRIVER_VMNET_HOST] = net_init_vmnet_host,
1112         [NET_CLIENT_DRIVER_VMNET_SHARED] = net_init_vmnet_shared,
1113         [NET_CLIENT_DRIVER_VMNET_BRIDGED] = net_init_vmnet_bridged,
1114 #endif /* CONFIG_VMNET */
1115 };
1116 
1117 
1118 static int net_client_init1(const Netdev *netdev, bool is_netdev, Error **errp)
1119 {
1120     NetClientState *peer = NULL;
1121     NetClientState *nc;
1122 
1123     if (is_netdev) {
1124         if (netdev->type == NET_CLIENT_DRIVER_NIC ||
1125             !net_client_init_fun[netdev->type]) {
1126             error_setg(errp, "network backend '%s' is not compiled into this binary",
1127                        NetClientDriver_str(netdev->type));
1128             return -1;
1129         }
1130     } else {
1131         if (netdev->type == NET_CLIENT_DRIVER_NONE) {
1132             return 0; /* nothing to do */
1133         }
1134         if (netdev->type == NET_CLIENT_DRIVER_HUBPORT) {
1135             error_setg(errp, "network backend '%s' is only supported with -netdev/-nic",
1136                        NetClientDriver_str(netdev->type));
1137             return -1;
1138         }
1139 
1140         if (!net_client_init_fun[netdev->type]) {
1141             error_setg(errp, "network backend '%s' is not compiled into this binary",
1142                        NetClientDriver_str(netdev->type));
1143             return -1;
1144         }
1145 
1146         /* Do not add to a hub if it's a nic with a netdev= parameter. */
1147         if (netdev->type != NET_CLIENT_DRIVER_NIC ||
1148             !netdev->u.nic.netdev) {
1149             peer = net_hub_add_port(0, NULL, NULL);
1150         }
1151     }
1152 
1153     nc = qemu_find_netdev(netdev->id);
1154     if (nc) {
1155         error_setg(errp, "Duplicate ID '%s'", netdev->id);
1156         return -1;
1157     }
1158 
1159     if (net_client_init_fun[netdev->type](netdev, netdev->id, peer, errp) < 0) {
1160         /* FIXME drop when all init functions store an Error */
1161         if (errp && !*errp) {
1162             error_setg(errp, "Device '%s' could not be initialized",
1163                        NetClientDriver_str(netdev->type));
1164         }
1165         return -1;
1166     }
1167 
1168     if (is_netdev) {
1169         nc = qemu_find_netdev(netdev->id);
1170         assert(nc);
1171         nc->is_netdev = true;
1172     }
1173 
1174     return 0;
1175 }
1176 
1177 void show_netdevs(void)
1178 {
1179     int idx;
1180     const char *available_netdevs[] = {
1181         "socket",
1182         "stream",
1183         "dgram",
1184         "hubport",
1185         "tap",
1186 #ifdef CONFIG_SLIRP
1187         "user",
1188 #endif
1189 #ifdef CONFIG_L2TPV3
1190         "l2tpv3",
1191 #endif
1192 #ifdef CONFIG_VDE
1193         "vde",
1194 #endif
1195 #ifdef CONFIG_NET_BRIDGE
1196         "bridge",
1197 #endif
1198 #ifdef CONFIG_NETMAP
1199         "netmap",
1200 #endif
1201 #ifdef CONFIG_AF_XDP
1202         "af-xdp",
1203 #endif
1204 #ifdef CONFIG_POSIX
1205         "vhost-user",
1206 #endif
1207 #ifdef CONFIG_VHOST_VDPA
1208         "vhost-vdpa",
1209 #endif
1210 #ifdef CONFIG_VMNET
1211         "vmnet-host",
1212         "vmnet-shared",
1213         "vmnet-bridged",
1214 #endif
1215     };
1216 
1217     qemu_printf("Available netdev backend types:\n");
1218     for (idx = 0; idx < ARRAY_SIZE(available_netdevs); idx++) {
1219         qemu_printf("%s\n", available_netdevs[idx]);
1220     }
1221 }
1222 
1223 static int net_client_init(QemuOpts *opts, bool is_netdev, Error **errp)
1224 {
1225     gchar **substrings = NULL;
1226     Netdev *object = NULL;
1227     int ret = -1;
1228     Visitor *v = opts_visitor_new(opts);
1229 
1230     /* Parse convenience option format ip6-net=fec0::0[/64] */
1231     const char *ip6_net = qemu_opt_get(opts, "ipv6-net");
1232 
1233     if (ip6_net) {
1234         char *prefix_addr;
1235         unsigned long prefix_len = 64; /* Default 64bit prefix length. */
1236 
1237         substrings = g_strsplit(ip6_net, "/", 2);
1238         if (!substrings || !substrings[0]) {
1239             error_setg(errp, QERR_INVALID_PARAMETER_VALUE, "ipv6-net",
1240                        "a valid IPv6 prefix");
1241             goto out;
1242         }
1243 
1244         prefix_addr = substrings[0];
1245 
1246         /* Handle user-specified prefix length. */
1247         if (substrings[1] &&
1248             qemu_strtoul(substrings[1], NULL, 10, &prefix_len))
1249         {
1250             error_setg(errp, QERR_INVALID_PARAMETER_VALUE,
1251                        "ipv6-prefixlen", "a number");
1252             goto out;
1253         }
1254 
1255         qemu_opt_set(opts, "ipv6-prefix", prefix_addr, &error_abort);
1256         qemu_opt_set_number(opts, "ipv6-prefixlen", prefix_len,
1257                             &error_abort);
1258         qemu_opt_unset(opts, "ipv6-net");
1259     }
1260 
1261     /* Create an ID for -net if the user did not specify one */
1262     if (!is_netdev && !qemu_opts_id(opts)) {
1263         qemu_opts_set_id(opts, id_generate(ID_NET));
1264     }
1265 
1266     if (visit_type_Netdev(v, NULL, &object, errp)) {
1267         ret = net_client_init1(object, is_netdev, errp);
1268     }
1269 
1270     qapi_free_Netdev(object);
1271 
1272 out:
1273     g_strfreev(substrings);
1274     visit_free(v);
1275     return ret;
1276 }
1277 
1278 void netdev_add(QemuOpts *opts, Error **errp)
1279 {
1280     net_client_init(opts, true, errp);
1281 }
1282 
1283 void qmp_netdev_add(Netdev *netdev, Error **errp)
1284 {
1285     if (!id_wellformed(netdev->id)) {
1286         error_setg(errp, QERR_INVALID_PARAMETER_VALUE, "id", "an identifier");
1287         return;
1288     }
1289 
1290     net_client_init1(netdev, true, errp);
1291 }
1292 
1293 void qmp_netdev_del(const char *id, Error **errp)
1294 {
1295     NetClientState *nc;
1296     QemuOpts *opts;
1297 
1298     nc = qemu_find_netdev(id);
1299     if (!nc) {
1300         error_set(errp, ERROR_CLASS_DEVICE_NOT_FOUND,
1301                   "Device '%s' not found", id);
1302         return;
1303     }
1304 
1305     if (!nc->is_netdev) {
1306         error_setg(errp, "Device '%s' is not a netdev", id);
1307         return;
1308     }
1309 
1310     qemu_del_net_client(nc);
1311 
1312     /*
1313      * Wart: we need to delete the QemuOpts associated with netdevs
1314      * created via CLI or HMP, to avoid bogus "Duplicate ID" errors in
1315      * HMP netdev_add.
1316      */
1317     opts = qemu_opts_find(qemu_find_opts("netdev"), id);
1318     if (opts) {
1319         qemu_opts_del(opts);
1320     }
1321 }
1322 
1323 static void netfilter_print_info(Monitor *mon, NetFilterState *nf)
1324 {
1325     char *str;
1326     ObjectProperty *prop;
1327     ObjectPropertyIterator iter;
1328     Visitor *v;
1329 
1330     /* generate info str */
1331     object_property_iter_init(&iter, OBJECT(nf));
1332     while ((prop = object_property_iter_next(&iter))) {
1333         if (!strcmp(prop->name, "type")) {
1334             continue;
1335         }
1336         v = string_output_visitor_new(false, &str);
1337         object_property_get(OBJECT(nf), prop->name, v, NULL);
1338         visit_complete(v, &str);
1339         visit_free(v);
1340         monitor_printf(mon, ",%s=%s", prop->name, str);
1341         g_free(str);
1342     }
1343     monitor_printf(mon, "\n");
1344 }
1345 
1346 void print_net_client(Monitor *mon, NetClientState *nc)
1347 {
1348     NetFilterState *nf;
1349 
1350     monitor_printf(mon, "%s: index=%d,type=%s,%s\n", nc->name,
1351                    nc->queue_index,
1352                    NetClientDriver_str(nc->info->type),
1353                    nc->info_str);
1354     if (!QTAILQ_EMPTY(&nc->filters)) {
1355         monitor_printf(mon, "filters:\n");
1356     }
1357     QTAILQ_FOREACH(nf, &nc->filters, next) {
1358         monitor_printf(mon, "  - %s: type=%s",
1359                        object_get_canonical_path_component(OBJECT(nf)),
1360                        object_get_typename(OBJECT(nf)));
1361         netfilter_print_info(mon, nf);
1362     }
1363 }
1364 
1365 RxFilterInfoList *qmp_query_rx_filter(const char *name, Error **errp)
1366 {
1367     NetClientState *nc;
1368     RxFilterInfoList *filter_list = NULL, **tail = &filter_list;
1369 
1370     QTAILQ_FOREACH(nc, &net_clients, next) {
1371         RxFilterInfo *info;
1372 
1373         if (name && strcmp(nc->name, name) != 0) {
1374             continue;
1375         }
1376 
1377         /* only query rx-filter information of NIC */
1378         if (nc->info->type != NET_CLIENT_DRIVER_NIC) {
1379             if (name) {
1380                 error_setg(errp, "net client(%s) isn't a NIC", name);
1381                 assert(!filter_list);
1382                 return NULL;
1383             }
1384             continue;
1385         }
1386 
1387         /* only query information on queue 0 since the info is per nic,
1388          * not per queue
1389          */
1390         if (nc->queue_index != 0)
1391             continue;
1392 
1393         if (nc->info->query_rx_filter) {
1394             info = nc->info->query_rx_filter(nc);
1395             QAPI_LIST_APPEND(tail, info);
1396         } else if (name) {
1397             error_setg(errp, "net client(%s) doesn't support"
1398                        " rx-filter querying", name);
1399             assert(!filter_list);
1400             return NULL;
1401         }
1402 
1403         if (name) {
1404             break;
1405         }
1406     }
1407 
1408     if (filter_list == NULL && name) {
1409         error_setg(errp, "invalid net client name: %s", name);
1410     }
1411 
1412     return filter_list;
1413 }
1414 
1415 void colo_notify_filters_event(int event, Error **errp)
1416 {
1417     NetClientState *nc;
1418     NetFilterState *nf;
1419     NetFilterClass *nfc = NULL;
1420     Error *local_err = NULL;
1421 
1422     QTAILQ_FOREACH(nc, &net_clients, next) {
1423         QTAILQ_FOREACH(nf, &nc->filters, next) {
1424             nfc = NETFILTER_GET_CLASS(OBJECT(nf));
1425             nfc->handle_event(nf, event, &local_err);
1426             if (local_err) {
1427                 error_propagate(errp, local_err);
1428                 return;
1429             }
1430         }
1431     }
1432 }
1433 
1434 void qmp_set_link(const char *name, bool up, Error **errp)
1435 {
1436     NetClientState *ncs[MAX_QUEUE_NUM];
1437     NetClientState *nc;
1438     int queues, i;
1439 
1440     queues = qemu_find_net_clients_except(name, ncs,
1441                                           NET_CLIENT_DRIVER__MAX,
1442                                           MAX_QUEUE_NUM);
1443 
1444     if (queues == 0) {
1445         error_set(errp, ERROR_CLASS_DEVICE_NOT_FOUND,
1446                   "Device '%s' not found", name);
1447         return;
1448     }
1449     nc = ncs[0];
1450 
1451     for (i = 0; i < queues; i++) {
1452         ncs[i]->link_down = !up;
1453     }
1454 
1455     if (nc->info->link_status_changed) {
1456         nc->info->link_status_changed(nc);
1457     }
1458 
1459     if (nc->peer) {
1460         /* Change peer link only if the peer is NIC and then notify peer.
1461          * If the peer is a HUBPORT or a backend, we do not change the
1462          * link status.
1463          *
1464          * This behavior is compatible with qemu hubs where there could be
1465          * multiple clients that can still communicate with each other in
1466          * disconnected mode. For now maintain this compatibility.
1467          */
1468         if (nc->peer->info->type == NET_CLIENT_DRIVER_NIC) {
1469             for (i = 0; i < queues; i++) {
1470                 ncs[i]->peer->link_down = !up;
1471             }
1472         }
1473         if (nc->peer->info->link_status_changed) {
1474             nc->peer->info->link_status_changed(nc->peer);
1475         }
1476     }
1477 }
1478 
1479 static void net_vm_change_state_handler(void *opaque, bool running,
1480                                         RunState state)
1481 {
1482     NetClientState *nc;
1483     NetClientState *tmp;
1484 
1485     QTAILQ_FOREACH_SAFE(nc, &net_clients, next, tmp) {
1486         if (running) {
1487             /* Flush queued packets and wake up backends. */
1488             if (nc->peer && qemu_can_send_packet(nc)) {
1489                 qemu_flush_queued_packets(nc->peer);
1490             }
1491         } else {
1492             /* Complete all queued packets, to guarantee we don't modify
1493              * state later when VM is not running.
1494              */
1495             qemu_flush_or_purge_queued_packets(nc, true);
1496         }
1497     }
1498 }
1499 
1500 void net_cleanup(void)
1501 {
1502     NetClientState *nc;
1503 
1504     /*cleanup colo compare module for COLO*/
1505     colo_compare_cleanup();
1506 
1507     /* We may del multiple entries during qemu_del_net_client(),
1508      * so QTAILQ_FOREACH_SAFE() is also not safe here.
1509      */
1510     while (!QTAILQ_EMPTY(&net_clients)) {
1511         nc = QTAILQ_FIRST(&net_clients);
1512         if (nc->info->type == NET_CLIENT_DRIVER_NIC) {
1513             qemu_del_nic(qemu_get_nic(nc));
1514         } else {
1515             qemu_del_net_client(nc);
1516         }
1517     }
1518 
1519     qemu_del_vm_change_state_handler(net_change_state_entry);
1520 }
1521 
1522 void net_check_clients(void)
1523 {
1524     NetClientState *nc;
1525     int i;
1526 
1527     net_hub_check_clients();
1528 
1529     QTAILQ_FOREACH(nc, &net_clients, next) {
1530         if (!nc->peer) {
1531             warn_report("%s %s has no peer",
1532                         nc->info->type == NET_CLIENT_DRIVER_NIC
1533                         ? "nic" : "netdev",
1534                         nc->name);
1535         }
1536     }
1537 
1538     /* Check that all NICs requested via -net nic actually got created.
1539      * NICs created via -device don't need to be checked here because
1540      * they are always instantiated.
1541      */
1542     for (i = 0; i < MAX_NICS; i++) {
1543         NICInfo *nd = &nd_table[i];
1544         if (nd->used && !nd->instantiated) {
1545             warn_report("requested NIC (%s, model %s) "
1546                         "was not created (not supported by this machine?)",
1547                         nd->name ? nd->name : "anonymous",
1548                         nd->model ? nd->model : "unspecified");
1549         }
1550     }
1551 }
1552 
1553 static int net_init_client(void *dummy, QemuOpts *opts, Error **errp)
1554 {
1555     return net_client_init(opts, false, errp);
1556 }
1557 
1558 static int net_init_netdev(void *dummy, QemuOpts *opts, Error **errp)
1559 {
1560     const char *type = qemu_opt_get(opts, "type");
1561 
1562     if (type && is_help_option(type)) {
1563         show_netdevs();
1564         exit(0);
1565     }
1566     return net_client_init(opts, true, errp);
1567 }
1568 
1569 /* For the convenience "--nic" parameter */
1570 static int net_param_nic(void *dummy, QemuOpts *opts, Error **errp)
1571 {
1572     char *mac, *nd_id;
1573     int idx, ret;
1574     NICInfo *ni;
1575     const char *type;
1576 
1577     type = qemu_opt_get(opts, "type");
1578     if (type) {
1579         if (g_str_equal(type, "none")) {
1580             return 0;    /* Nothing to do, default_net is cleared in vl.c */
1581         }
1582         if (is_help_option(type)) {
1583             GPtrArray *nic_models = qemu_get_nic_models(TYPE_DEVICE);
1584             show_netdevs();
1585             printf("\n");
1586             qemu_show_nic_models(type, (const char **)nic_models->pdata);
1587             g_ptr_array_free(nic_models, true);
1588             exit(0);
1589         }
1590     }
1591 
1592     idx = nic_get_free_idx();
1593     if (idx == -1 || nb_nics >= MAX_NICS) {
1594         error_setg(errp, "no more on-board/default NIC slots available");
1595         return -1;
1596     }
1597 
1598     if (!type) {
1599         qemu_opt_set(opts, "type", "user", &error_abort);
1600     }
1601 
1602     ni = &nd_table[idx];
1603     memset(ni, 0, sizeof(*ni));
1604     ni->model = qemu_opt_get_del(opts, "model");
1605 
1606     /* Create an ID if the user did not specify one */
1607     nd_id = g_strdup(qemu_opts_id(opts));
1608     if (!nd_id) {
1609         nd_id = id_generate(ID_NET);
1610         qemu_opts_set_id(opts, nd_id);
1611     }
1612 
1613     /* Handle MAC address */
1614     mac = qemu_opt_get_del(opts, "mac");
1615     if (mac) {
1616         ret = net_parse_macaddr(ni->macaddr.a, mac);
1617         g_free(mac);
1618         if (ret) {
1619             error_setg(errp, "invalid syntax for ethernet address");
1620             goto out;
1621         }
1622         if (is_multicast_ether_addr(ni->macaddr.a)) {
1623             error_setg(errp, "NIC cannot have multicast MAC address");
1624             ret = -1;
1625             goto out;
1626         }
1627     }
1628     qemu_macaddr_default_if_unset(&ni->macaddr);
1629 
1630     ret = net_client_init(opts, true, errp);
1631     if (ret == 0) {
1632         ni->netdev = qemu_find_netdev(nd_id);
1633         ni->used = true;
1634         nb_nics++;
1635     }
1636 
1637 out:
1638     g_free(nd_id);
1639     return ret;
1640 }
1641 
1642 static void netdev_init_modern(void)
1643 {
1644     while (!QSIMPLEQ_EMPTY(&nd_queue)) {
1645         NetdevQueueEntry *nd = QSIMPLEQ_FIRST(&nd_queue);
1646 
1647         QSIMPLEQ_REMOVE_HEAD(&nd_queue, entry);
1648         loc_push_restore(&nd->loc);
1649         net_client_init1(nd->nd, true, &error_fatal);
1650         loc_pop(&nd->loc);
1651         qapi_free_Netdev(nd->nd);
1652         g_free(nd);
1653     }
1654 }
1655 
1656 void net_init_clients(void)
1657 {
1658     net_change_state_entry =
1659         qemu_add_vm_change_state_handler(net_vm_change_state_handler, NULL);
1660 
1661     QTAILQ_INIT(&net_clients);
1662 
1663     netdev_init_modern();
1664 
1665     qemu_opts_foreach(qemu_find_opts("netdev"), net_init_netdev, NULL,
1666                       &error_fatal);
1667 
1668     qemu_opts_foreach(qemu_find_opts("nic"), net_param_nic, NULL,
1669                       &error_fatal);
1670 
1671     qemu_opts_foreach(qemu_find_opts("net"), net_init_client, NULL,
1672                       &error_fatal);
1673 }
1674 
1675 /*
1676  * Does this -netdev argument use modern rather than traditional syntax?
1677  * Modern syntax is to be parsed with netdev_parse_modern().
1678  * Traditional syntax is to be parsed with net_client_parse().
1679  */
1680 bool netdev_is_modern(const char *optarg)
1681 {
1682     QemuOpts *opts;
1683     bool is_modern;
1684     const char *type;
1685     static QemuOptsList dummy_opts = {
1686         .name = "netdev",
1687         .implied_opt_name = "type",
1688         .head = QTAILQ_HEAD_INITIALIZER(dummy_opts.head),
1689         .desc = { { } },
1690     };
1691 
1692     if (optarg[0] == '{') {
1693         /* This is JSON, which means it's modern syntax */
1694         return true;
1695     }
1696 
1697     opts = qemu_opts_create(&dummy_opts, NULL, false, &error_abort);
1698     qemu_opts_do_parse(opts, optarg, dummy_opts.implied_opt_name,
1699                        &error_abort);
1700     type = qemu_opt_get(opts, "type");
1701     is_modern = !g_strcmp0(type, "stream") || !g_strcmp0(type, "dgram");
1702 
1703     qemu_opts_reset(&dummy_opts);
1704 
1705     return is_modern;
1706 }
1707 
1708 /*
1709  * netdev_parse_modern() uses modern, more expressive syntax than
1710  * net_client_parse(), but supports only the -netdev option.
1711  * netdev_parse_modern() appends to @nd_queue, whereas net_client_parse()
1712  * appends to @qemu_netdev_opts.
1713  */
1714 void netdev_parse_modern(const char *optarg)
1715 {
1716     Visitor *v;
1717     NetdevQueueEntry *nd;
1718 
1719     v = qobject_input_visitor_new_str(optarg, "type", &error_fatal);
1720     nd = g_new(NetdevQueueEntry, 1);
1721     visit_type_Netdev(v, NULL, &nd->nd, &error_fatal);
1722     visit_free(v);
1723     loc_save(&nd->loc);
1724 
1725     QSIMPLEQ_INSERT_TAIL(&nd_queue, nd, entry);
1726 }
1727 
1728 void net_client_parse(QemuOptsList *opts_list, const char *optarg)
1729 {
1730     if (!qemu_opts_parse_noisily(opts_list, optarg, true)) {
1731         exit(1);
1732     }
1733 }
1734 
1735 /* From FreeBSD */
1736 /* XXX: optimize */
1737 uint32_t net_crc32(const uint8_t *p, int len)
1738 {
1739     uint32_t crc;
1740     int carry, i, j;
1741     uint8_t b;
1742 
1743     crc = 0xffffffff;
1744     for (i = 0; i < len; i++) {
1745         b = *p++;
1746         for (j = 0; j < 8; j++) {
1747             carry = ((crc & 0x80000000L) ? 1 : 0) ^ (b & 0x01);
1748             crc <<= 1;
1749             b >>= 1;
1750             if (carry) {
1751                 crc = ((crc ^ POLYNOMIAL_BE) | carry);
1752             }
1753         }
1754     }
1755 
1756     return crc;
1757 }
1758 
1759 uint32_t net_crc32_le(const uint8_t *p, int len)
1760 {
1761     uint32_t crc;
1762     int carry, i, j;
1763     uint8_t b;
1764 
1765     crc = 0xffffffff;
1766     for (i = 0; i < len; i++) {
1767         b = *p++;
1768         for (j = 0; j < 8; j++) {
1769             carry = (crc & 0x1) ^ (b & 0x01);
1770             crc >>= 1;
1771             b >>= 1;
1772             if (carry) {
1773                 crc ^= POLYNOMIAL_LE;
1774             }
1775         }
1776     }
1777 
1778     return crc;
1779 }
1780 
1781 QemuOptsList qemu_netdev_opts = {
1782     .name = "netdev",
1783     .implied_opt_name = "type",
1784     .head = QTAILQ_HEAD_INITIALIZER(qemu_netdev_opts.head),
1785     .desc = {
1786         /*
1787          * no elements => accept any params
1788          * validation will happen later
1789          */
1790         { /* end of list */ }
1791     },
1792 };
1793 
1794 QemuOptsList qemu_nic_opts = {
1795     .name = "nic",
1796     .implied_opt_name = "type",
1797     .head = QTAILQ_HEAD_INITIALIZER(qemu_nic_opts.head),
1798     .desc = {
1799         /*
1800          * no elements => accept any params
1801          * validation will happen later
1802          */
1803         { /* end of list */ }
1804     },
1805 };
1806 
1807 QemuOptsList qemu_net_opts = {
1808     .name = "net",
1809     .implied_opt_name = "type",
1810     .head = QTAILQ_HEAD_INITIALIZER(qemu_net_opts.head),
1811     .desc = {
1812         /*
1813          * no elements => accept any params
1814          * validation will happen later
1815          */
1816         { /* end of list */ }
1817     },
1818 };
1819 
1820 void net_socket_rs_init(SocketReadState *rs,
1821                         SocketReadStateFinalize *finalize,
1822                         bool vnet_hdr)
1823 {
1824     rs->state = 0;
1825     rs->vnet_hdr = vnet_hdr;
1826     rs->index = 0;
1827     rs->packet_len = 0;
1828     rs->vnet_hdr_len = 0;
1829     memset(rs->buf, 0, sizeof(rs->buf));
1830     rs->finalize = finalize;
1831 }
1832 
1833 /*
1834  * Returns
1835  * 0: success
1836  * -1: error occurs
1837  */
1838 int net_fill_rstate(SocketReadState *rs, const uint8_t *buf, int size)
1839 {
1840     unsigned int l;
1841 
1842     while (size > 0) {
1843         /* Reassemble a packet from the network.
1844          * 0 = getting length.
1845          * 1 = getting vnet header length.
1846          * 2 = getting data.
1847          */
1848         switch (rs->state) {
1849         case 0:
1850             l = 4 - rs->index;
1851             if (l > size) {
1852                 l = size;
1853             }
1854             memcpy(rs->buf + rs->index, buf, l);
1855             buf += l;
1856             size -= l;
1857             rs->index += l;
1858             if (rs->index == 4) {
1859                 /* got length */
1860                 rs->packet_len = ntohl(*(uint32_t *)rs->buf);
1861                 rs->index = 0;
1862                 if (rs->vnet_hdr) {
1863                     rs->state = 1;
1864                 } else {
1865                     rs->state = 2;
1866                     rs->vnet_hdr_len = 0;
1867                 }
1868             }
1869             break;
1870         case 1:
1871             l = 4 - rs->index;
1872             if (l > size) {
1873                 l = size;
1874             }
1875             memcpy(rs->buf + rs->index, buf, l);
1876             buf += l;
1877             size -= l;
1878             rs->index += l;
1879             if (rs->index == 4) {
1880                 /* got vnet header length */
1881                 rs->vnet_hdr_len = ntohl(*(uint32_t *)rs->buf);
1882                 rs->index = 0;
1883                 rs->state = 2;
1884             }
1885             break;
1886         case 2:
1887             l = rs->packet_len - rs->index;
1888             if (l > size) {
1889                 l = size;
1890             }
1891             if (rs->index + l <= sizeof(rs->buf)) {
1892                 memcpy(rs->buf + rs->index, buf, l);
1893             } else {
1894                 fprintf(stderr, "serious error: oversized packet received,"
1895                     "connection terminated.\n");
1896                 rs->index = rs->state = 0;
1897                 return -1;
1898             }
1899 
1900             rs->index += l;
1901             buf += l;
1902             size -= l;
1903             if (rs->index >= rs->packet_len) {
1904                 rs->index = 0;
1905                 rs->state = 0;
1906                 assert(rs->finalize);
1907                 rs->finalize(rs);
1908             }
1909             break;
1910         }
1911     }
1912 
1913     assert(size == 0);
1914     return 0;
1915 }
1916