xref: /openbmc/qemu/net/tap.c (revision 0df750e9)
1 /*
2  * QEMU System Emulator
3  *
4  * Copyright (c) 2003-2008 Fabrice Bellard
5  * Copyright (c) 2009 Red Hat, Inc.
6  *
7  * Permission is hereby granted, free of charge, to any person obtaining a copy
8  * of this software and associated documentation files (the "Software"), to deal
9  * in the Software without restriction, including without limitation the rights
10  * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11  * copies of the Software, and to permit persons to whom the Software is
12  * furnished to do so, subject to the following conditions:
13  *
14  * The above copyright notice and this permission notice shall be included in
15  * all copies or substantial portions of the Software.
16  *
17  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20  * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23  * THE SOFTWARE.
24  */
25 
26 #include "qemu/osdep.h"
27 #include "tap_int.h"
28 
29 
30 #include <sys/ioctl.h>
31 #include <sys/wait.h>
32 #include <sys/socket.h>
33 #include <net/if.h>
34 
35 #include "net/net.h"
36 #include "clients.h"
37 #include "monitor/monitor.h"
38 #include "sysemu/sysemu.h"
39 #include "qapi/error.h"
40 #include "qemu-common.h"
41 #include "qemu/cutils.h"
42 #include "qemu/error-report.h"
43 #include "qemu/main-loop.h"
44 #include "qemu/sockets.h"
45 
46 #include "net/tap.h"
47 
48 #include "net/vhost_net.h"
49 
50 typedef struct TAPState {
51     NetClientState nc;
52     int fd;
53     char down_script[1024];
54     char down_script_arg[128];
55     uint8_t buf[NET_BUFSIZE];
56     bool read_poll;
57     bool write_poll;
58     bool using_vnet_hdr;
59     bool has_ufo;
60     bool enabled;
61     VHostNetState *vhost_net;
62     unsigned host_vnet_hdr_len;
63     Notifier exit;
64 } TAPState;
65 
66 static void launch_script(const char *setup_script, const char *ifname,
67                           int fd, Error **errp);
68 
69 static void tap_send(void *opaque);
70 static void tap_writable(void *opaque);
71 
72 static void tap_update_fd_handler(TAPState *s)
73 {
74     qemu_set_fd_handler(s->fd,
75                         s->read_poll && s->enabled ? tap_send : NULL,
76                         s->write_poll && s->enabled ? tap_writable : NULL,
77                         s);
78 }
79 
80 static void tap_read_poll(TAPState *s, bool enable)
81 {
82     s->read_poll = enable;
83     tap_update_fd_handler(s);
84 }
85 
86 static void tap_write_poll(TAPState *s, bool enable)
87 {
88     s->write_poll = enable;
89     tap_update_fd_handler(s);
90 }
91 
92 static void tap_writable(void *opaque)
93 {
94     TAPState *s = opaque;
95 
96     tap_write_poll(s, false);
97 
98     qemu_flush_queued_packets(&s->nc);
99 }
100 
101 static ssize_t tap_write_packet(TAPState *s, const struct iovec *iov, int iovcnt)
102 {
103     ssize_t len;
104 
105     do {
106         len = writev(s->fd, iov, iovcnt);
107     } while (len == -1 && errno == EINTR);
108 
109     if (len == -1 && errno == EAGAIN) {
110         tap_write_poll(s, true);
111         return 0;
112     }
113 
114     return len;
115 }
116 
117 static ssize_t tap_receive_iov(NetClientState *nc, const struct iovec *iov,
118                                int iovcnt)
119 {
120     TAPState *s = DO_UPCAST(TAPState, nc, nc);
121     const struct iovec *iovp = iov;
122     struct iovec iov_copy[iovcnt + 1];
123     struct virtio_net_hdr_mrg_rxbuf hdr = { };
124 
125     if (s->host_vnet_hdr_len && !s->using_vnet_hdr) {
126         iov_copy[0].iov_base = &hdr;
127         iov_copy[0].iov_len =  s->host_vnet_hdr_len;
128         memcpy(&iov_copy[1], iov, iovcnt * sizeof(*iov));
129         iovp = iov_copy;
130         iovcnt++;
131     }
132 
133     return tap_write_packet(s, iovp, iovcnt);
134 }
135 
136 static ssize_t tap_receive_raw(NetClientState *nc, const uint8_t *buf, size_t size)
137 {
138     TAPState *s = DO_UPCAST(TAPState, nc, nc);
139     struct iovec iov[2];
140     int iovcnt = 0;
141     struct virtio_net_hdr_mrg_rxbuf hdr = { };
142 
143     if (s->host_vnet_hdr_len) {
144         iov[iovcnt].iov_base = &hdr;
145         iov[iovcnt].iov_len  = s->host_vnet_hdr_len;
146         iovcnt++;
147     }
148 
149     iov[iovcnt].iov_base = (char *)buf;
150     iov[iovcnt].iov_len  = size;
151     iovcnt++;
152 
153     return tap_write_packet(s, iov, iovcnt);
154 }
155 
156 static ssize_t tap_receive(NetClientState *nc, const uint8_t *buf, size_t size)
157 {
158     TAPState *s = DO_UPCAST(TAPState, nc, nc);
159     struct iovec iov[1];
160 
161     if (s->host_vnet_hdr_len && !s->using_vnet_hdr) {
162         return tap_receive_raw(nc, buf, size);
163     }
164 
165     iov[0].iov_base = (char *)buf;
166     iov[0].iov_len  = size;
167 
168     return tap_write_packet(s, iov, 1);
169 }
170 
171 #ifndef __sun__
172 ssize_t tap_read_packet(int tapfd, uint8_t *buf, int maxlen)
173 {
174     return read(tapfd, buf, maxlen);
175 }
176 #endif
177 
178 static void tap_send_completed(NetClientState *nc, ssize_t len)
179 {
180     TAPState *s = DO_UPCAST(TAPState, nc, nc);
181     tap_read_poll(s, true);
182 }
183 
184 static void tap_send(void *opaque)
185 {
186     TAPState *s = opaque;
187     int size;
188     int packets = 0;
189 
190     while (true) {
191         uint8_t *buf = s->buf;
192 
193         size = tap_read_packet(s->fd, s->buf, sizeof(s->buf));
194         if (size <= 0) {
195             break;
196         }
197 
198         if (s->host_vnet_hdr_len && !s->using_vnet_hdr) {
199             buf  += s->host_vnet_hdr_len;
200             size -= s->host_vnet_hdr_len;
201         }
202 
203         size = qemu_send_packet_async(&s->nc, buf, size, tap_send_completed);
204         if (size == 0) {
205             tap_read_poll(s, false);
206             break;
207         } else if (size < 0) {
208             break;
209         }
210 
211         /*
212          * When the host keeps receiving more packets while tap_send() is
213          * running we can hog the QEMU global mutex.  Limit the number of
214          * packets that are processed per tap_send() callback to prevent
215          * stalling the guest.
216          */
217         packets++;
218         if (packets >= 50) {
219             break;
220         }
221     }
222 }
223 
224 static bool tap_has_ufo(NetClientState *nc)
225 {
226     TAPState *s = DO_UPCAST(TAPState, nc, nc);
227 
228     assert(nc->info->type == NET_CLIENT_DRIVER_TAP);
229 
230     return s->has_ufo;
231 }
232 
233 static bool tap_has_vnet_hdr(NetClientState *nc)
234 {
235     TAPState *s = DO_UPCAST(TAPState, nc, nc);
236 
237     assert(nc->info->type == NET_CLIENT_DRIVER_TAP);
238 
239     return !!s->host_vnet_hdr_len;
240 }
241 
242 static bool tap_has_vnet_hdr_len(NetClientState *nc, int len)
243 {
244     TAPState *s = DO_UPCAST(TAPState, nc, nc);
245 
246     assert(nc->info->type == NET_CLIENT_DRIVER_TAP);
247 
248     return !!tap_probe_vnet_hdr_len(s->fd, len);
249 }
250 
251 static void tap_set_vnet_hdr_len(NetClientState *nc, int len)
252 {
253     TAPState *s = DO_UPCAST(TAPState, nc, nc);
254 
255     assert(nc->info->type == NET_CLIENT_DRIVER_TAP);
256     assert(len == sizeof(struct virtio_net_hdr_mrg_rxbuf) ||
257            len == sizeof(struct virtio_net_hdr) ||
258            len == sizeof(struct virtio_net_hdr_v1_hash));
259 
260     tap_fd_set_vnet_hdr_len(s->fd, len);
261     s->host_vnet_hdr_len = len;
262 }
263 
264 static void tap_using_vnet_hdr(NetClientState *nc, bool using_vnet_hdr)
265 {
266     TAPState *s = DO_UPCAST(TAPState, nc, nc);
267 
268     assert(nc->info->type == NET_CLIENT_DRIVER_TAP);
269     assert(!!s->host_vnet_hdr_len == using_vnet_hdr);
270 
271     s->using_vnet_hdr = using_vnet_hdr;
272 }
273 
274 static int tap_set_vnet_le(NetClientState *nc, bool is_le)
275 {
276     TAPState *s = DO_UPCAST(TAPState, nc, nc);
277 
278     return tap_fd_set_vnet_le(s->fd, is_le);
279 }
280 
281 static int tap_set_vnet_be(NetClientState *nc, bool is_be)
282 {
283     TAPState *s = DO_UPCAST(TAPState, nc, nc);
284 
285     return tap_fd_set_vnet_be(s->fd, is_be);
286 }
287 
288 static void tap_set_offload(NetClientState *nc, int csum, int tso4,
289                      int tso6, int ecn, int ufo)
290 {
291     TAPState *s = DO_UPCAST(TAPState, nc, nc);
292     if (s->fd < 0) {
293         return;
294     }
295 
296     tap_fd_set_offload(s->fd, csum, tso4, tso6, ecn, ufo);
297 }
298 
299 static void tap_exit_notify(Notifier *notifier, void *data)
300 {
301     TAPState *s = container_of(notifier, TAPState, exit);
302     Error *err = NULL;
303 
304     if (s->down_script[0]) {
305         launch_script(s->down_script, s->down_script_arg, s->fd, &err);
306         if (err) {
307             error_report_err(err);
308         }
309     }
310 }
311 
312 static void tap_cleanup(NetClientState *nc)
313 {
314     TAPState *s = DO_UPCAST(TAPState, nc, nc);
315 
316     if (s->vhost_net) {
317         vhost_net_cleanup(s->vhost_net);
318         g_free(s->vhost_net);
319         s->vhost_net = NULL;
320     }
321 
322     qemu_purge_queued_packets(nc);
323 
324     tap_exit_notify(&s->exit, NULL);
325     qemu_remove_exit_notifier(&s->exit);
326 
327     tap_read_poll(s, false);
328     tap_write_poll(s, false);
329     close(s->fd);
330     s->fd = -1;
331 }
332 
333 static void tap_poll(NetClientState *nc, bool enable)
334 {
335     TAPState *s = DO_UPCAST(TAPState, nc, nc);
336     tap_read_poll(s, enable);
337     tap_write_poll(s, enable);
338 }
339 
340 int tap_get_fd(NetClientState *nc)
341 {
342     TAPState *s = DO_UPCAST(TAPState, nc, nc);
343     assert(nc->info->type == NET_CLIENT_DRIVER_TAP);
344     return s->fd;
345 }
346 
347 /* fd support */
348 
349 static NetClientInfo net_tap_info = {
350     .type = NET_CLIENT_DRIVER_TAP,
351     .size = sizeof(TAPState),
352     .receive = tap_receive,
353     .receive_raw = tap_receive_raw,
354     .receive_iov = tap_receive_iov,
355     .poll = tap_poll,
356     .cleanup = tap_cleanup,
357     .has_ufo = tap_has_ufo,
358     .has_vnet_hdr = tap_has_vnet_hdr,
359     .has_vnet_hdr_len = tap_has_vnet_hdr_len,
360     .using_vnet_hdr = tap_using_vnet_hdr,
361     .set_offload = tap_set_offload,
362     .set_vnet_hdr_len = tap_set_vnet_hdr_len,
363     .set_vnet_le = tap_set_vnet_le,
364     .set_vnet_be = tap_set_vnet_be,
365 };
366 
367 static TAPState *net_tap_fd_init(NetClientState *peer,
368                                  const char *model,
369                                  const char *name,
370                                  int fd,
371                                  int vnet_hdr)
372 {
373     NetClientState *nc;
374     TAPState *s;
375 
376     nc = qemu_new_net_client(&net_tap_info, peer, model, name);
377 
378     s = DO_UPCAST(TAPState, nc, nc);
379 
380     s->fd = fd;
381     s->host_vnet_hdr_len = vnet_hdr ? sizeof(struct virtio_net_hdr) : 0;
382     s->using_vnet_hdr = false;
383     s->has_ufo = tap_probe_has_ufo(s->fd);
384     s->enabled = true;
385     tap_set_offload(&s->nc, 0, 0, 0, 0, 0);
386     /*
387      * Make sure host header length is set correctly in tap:
388      * it might have been modified by another instance of qemu.
389      */
390     if (tap_probe_vnet_hdr_len(s->fd, s->host_vnet_hdr_len)) {
391         tap_fd_set_vnet_hdr_len(s->fd, s->host_vnet_hdr_len);
392     }
393     tap_read_poll(s, true);
394     s->vhost_net = NULL;
395 
396     s->exit.notify = tap_exit_notify;
397     qemu_add_exit_notifier(&s->exit);
398 
399     return s;
400 }
401 
402 static void launch_script(const char *setup_script, const char *ifname,
403                           int fd, Error **errp)
404 {
405     int pid, status;
406     char *args[3];
407     char **parg;
408 
409     /* try to launch network script */
410     pid = fork();
411     if (pid < 0) {
412         error_setg_errno(errp, errno, "could not launch network script %s",
413                          setup_script);
414         return;
415     }
416     if (pid == 0) {
417         int open_max = sysconf(_SC_OPEN_MAX), i;
418 
419         for (i = 3; i < open_max; i++) {
420             if (i != fd) {
421                 close(i);
422             }
423         }
424         parg = args;
425         *parg++ = (char *)setup_script;
426         *parg++ = (char *)ifname;
427         *parg = NULL;
428         execv(setup_script, args);
429         _exit(1);
430     } else {
431         while (waitpid(pid, &status, 0) != pid) {
432             /* loop */
433         }
434 
435         if (WIFEXITED(status) && WEXITSTATUS(status) == 0) {
436             return;
437         }
438         error_setg(errp, "network script %s failed with status %d",
439                    setup_script, status);
440     }
441 }
442 
443 static int recv_fd(int c)
444 {
445     int fd;
446     uint8_t msgbuf[CMSG_SPACE(sizeof(fd))];
447     struct msghdr msg = {
448         .msg_control = msgbuf,
449         .msg_controllen = sizeof(msgbuf),
450     };
451     struct cmsghdr *cmsg;
452     struct iovec iov;
453     uint8_t req[1];
454     ssize_t len;
455 
456     cmsg = CMSG_FIRSTHDR(&msg);
457     cmsg->cmsg_level = SOL_SOCKET;
458     cmsg->cmsg_type = SCM_RIGHTS;
459     cmsg->cmsg_len = CMSG_LEN(sizeof(fd));
460     msg.msg_controllen = cmsg->cmsg_len;
461 
462     iov.iov_base = req;
463     iov.iov_len = sizeof(req);
464 
465     msg.msg_iov = &iov;
466     msg.msg_iovlen = 1;
467 
468     len = recvmsg(c, &msg, 0);
469     if (len > 0) {
470         memcpy(&fd, CMSG_DATA(cmsg), sizeof(fd));
471         return fd;
472     }
473 
474     return len;
475 }
476 
477 static int net_bridge_run_helper(const char *helper, const char *bridge,
478                                  Error **errp)
479 {
480     sigset_t oldmask, mask;
481     g_autofree char *default_helper = NULL;
482     int pid, status;
483     char *args[5];
484     char **parg;
485     int sv[2];
486 
487     sigemptyset(&mask);
488     sigaddset(&mask, SIGCHLD);
489     sigprocmask(SIG_BLOCK, &mask, &oldmask);
490 
491     if (!helper) {
492         helper = default_helper = get_relocated_path(DEFAULT_BRIDGE_HELPER);
493     }
494 
495     if (socketpair(PF_UNIX, SOCK_STREAM, 0, sv) == -1) {
496         error_setg_errno(errp, errno, "socketpair() failed");
497         return -1;
498     }
499 
500     /* try to launch bridge helper */
501     pid = fork();
502     if (pid < 0) {
503         error_setg_errno(errp, errno, "Can't fork bridge helper");
504         return -1;
505     }
506     if (pid == 0) {
507         int open_max = sysconf(_SC_OPEN_MAX), i;
508         char *fd_buf = NULL;
509         char *br_buf = NULL;
510         char *helper_cmd = NULL;
511 
512         for (i = 3; i < open_max; i++) {
513             if (i != sv[1]) {
514                 close(i);
515             }
516         }
517 
518         fd_buf = g_strdup_printf("%s%d", "--fd=", sv[1]);
519 
520         if (strrchr(helper, ' ') || strrchr(helper, '\t')) {
521             /* assume helper is a command */
522 
523             if (strstr(helper, "--br=") == NULL) {
524                 br_buf = g_strdup_printf("%s%s", "--br=", bridge);
525             }
526 
527             helper_cmd = g_strdup_printf("%s %s %s %s", helper,
528                             "--use-vnet", fd_buf, br_buf ? br_buf : "");
529 
530             parg = args;
531             *parg++ = (char *)"sh";
532             *parg++ = (char *)"-c";
533             *parg++ = helper_cmd;
534             *parg++ = NULL;
535 
536             execv("/bin/sh", args);
537             g_free(helper_cmd);
538         } else {
539             /* assume helper is just the executable path name */
540 
541             br_buf = g_strdup_printf("%s%s", "--br=", bridge);
542 
543             parg = args;
544             *parg++ = (char *)helper;
545             *parg++ = (char *)"--use-vnet";
546             *parg++ = fd_buf;
547             *parg++ = br_buf;
548             *parg++ = NULL;
549 
550             execv(helper, args);
551         }
552         g_free(fd_buf);
553         g_free(br_buf);
554         _exit(1);
555 
556     } else {
557         int fd;
558         int saved_errno;
559 
560         close(sv[1]);
561 
562         do {
563             fd = recv_fd(sv[0]);
564         } while (fd == -1 && errno == EINTR);
565         saved_errno = errno;
566 
567         close(sv[0]);
568 
569         while (waitpid(pid, &status, 0) != pid) {
570             /* loop */
571         }
572         sigprocmask(SIG_SETMASK, &oldmask, NULL);
573         if (fd < 0) {
574             error_setg_errno(errp, saved_errno,
575                              "failed to recv file descriptor");
576             return -1;
577         }
578         if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) {
579             error_setg(errp, "bridge helper failed");
580             return -1;
581         }
582         return fd;
583     }
584 }
585 
586 int net_init_bridge(const Netdev *netdev, const char *name,
587                     NetClientState *peer, Error **errp)
588 {
589     const NetdevBridgeOptions *bridge;
590     const char *helper, *br;
591     TAPState *s;
592     int fd, vnet_hdr;
593 
594     assert(netdev->type == NET_CLIENT_DRIVER_BRIDGE);
595     bridge = &netdev->u.bridge;
596     helper = bridge->has_helper ? bridge->helper : NULL;
597     br     = bridge->has_br     ? bridge->br     : DEFAULT_BRIDGE_INTERFACE;
598 
599     fd = net_bridge_run_helper(helper, br, errp);
600     if (fd == -1) {
601         return -1;
602     }
603 
604     qemu_set_nonblock(fd);
605     vnet_hdr = tap_probe_vnet_hdr(fd, errp);
606     if (vnet_hdr < 0) {
607         close(fd);
608         return -1;
609     }
610     s = net_tap_fd_init(peer, "bridge", name, fd, vnet_hdr);
611 
612     snprintf(s->nc.info_str, sizeof(s->nc.info_str), "helper=%s,br=%s", helper,
613              br);
614 
615     return 0;
616 }
617 
618 static int net_tap_init(const NetdevTapOptions *tap, int *vnet_hdr,
619                         const char *setup_script, char *ifname,
620                         size_t ifname_sz, int mq_required, Error **errp)
621 {
622     Error *err = NULL;
623     int fd, vnet_hdr_required;
624 
625     if (tap->has_vnet_hdr) {
626         *vnet_hdr = tap->vnet_hdr;
627         vnet_hdr_required = *vnet_hdr;
628     } else {
629         *vnet_hdr = 1;
630         vnet_hdr_required = 0;
631     }
632 
633     TFR(fd = tap_open(ifname, ifname_sz, vnet_hdr, vnet_hdr_required,
634                       mq_required, errp));
635     if (fd < 0) {
636         return -1;
637     }
638 
639     if (setup_script &&
640         setup_script[0] != '\0' &&
641         strcmp(setup_script, "no") != 0) {
642         launch_script(setup_script, ifname, fd, &err);
643         if (err) {
644             error_propagate(errp, err);
645             close(fd);
646             return -1;
647         }
648     }
649 
650     return fd;
651 }
652 
653 #define MAX_TAP_QUEUES 1024
654 
655 static void net_init_tap_one(const NetdevTapOptions *tap, NetClientState *peer,
656                              const char *model, const char *name,
657                              const char *ifname, const char *script,
658                              const char *downscript, const char *vhostfdname,
659                              int vnet_hdr, int fd, Error **errp)
660 {
661     Error *err = NULL;
662     TAPState *s = net_tap_fd_init(peer, model, name, fd, vnet_hdr);
663     int vhostfd;
664 
665     tap_set_sndbuf(s->fd, tap, &err);
666     if (err) {
667         error_propagate(errp, err);
668         return;
669     }
670 
671     if (tap->has_fd || tap->has_fds) {
672         snprintf(s->nc.info_str, sizeof(s->nc.info_str), "fd=%d", fd);
673     } else if (tap->has_helper) {
674         snprintf(s->nc.info_str, sizeof(s->nc.info_str), "helper=%s",
675                  tap->helper);
676     } else {
677         snprintf(s->nc.info_str, sizeof(s->nc.info_str),
678                  "ifname=%s,script=%s,downscript=%s", ifname, script,
679                  downscript);
680 
681         if (strcmp(downscript, "no") != 0) {
682             snprintf(s->down_script, sizeof(s->down_script), "%s", downscript);
683             snprintf(s->down_script_arg, sizeof(s->down_script_arg),
684                      "%s", ifname);
685         }
686     }
687 
688     if (tap->has_vhost ? tap->vhost :
689         vhostfdname || (tap->has_vhostforce && tap->vhostforce)) {
690         VhostNetOptions options;
691 
692         options.backend_type = VHOST_BACKEND_TYPE_KERNEL;
693         options.net_backend = &s->nc;
694         if (tap->has_poll_us) {
695             options.busyloop_timeout = tap->poll_us;
696         } else {
697             options.busyloop_timeout = 0;
698         }
699 
700         if (vhostfdname) {
701             int ret;
702 
703             vhostfd = monitor_fd_param(monitor_cur(), vhostfdname, &err);
704             if (vhostfd == -1) {
705                 if (tap->has_vhostforce && tap->vhostforce) {
706                     error_propagate(errp, err);
707                 } else {
708                     warn_report_err(err);
709                 }
710                 return;
711             }
712             ret = qemu_try_set_nonblock(vhostfd);
713             if (ret < 0) {
714                 error_setg_errno(errp, -ret, "%s: Can't use file descriptor %d",
715                                  name, fd);
716                 return;
717             }
718         } else {
719             vhostfd = open("/dev/vhost-net", O_RDWR);
720             if (vhostfd < 0) {
721                 if (tap->has_vhostforce && tap->vhostforce) {
722                     error_setg_errno(errp, errno,
723                                      "tap: open vhost char device failed");
724                 } else {
725                     warn_report("tap: open vhost char device failed: %s",
726                                 strerror(errno));
727                 }
728                 return;
729             }
730             qemu_set_nonblock(vhostfd);
731         }
732         options.opaque = (void *)(uintptr_t)vhostfd;
733 
734         s->vhost_net = vhost_net_init(&options);
735         if (!s->vhost_net) {
736             if (tap->has_vhostforce && tap->vhostforce) {
737                 error_setg(errp, VHOST_NET_INIT_FAILED);
738             } else {
739                 warn_report(VHOST_NET_INIT_FAILED);
740             }
741             return;
742         }
743     } else if (vhostfdname) {
744         error_setg(errp, "vhostfd(s)= is not valid without vhost");
745     }
746 }
747 
748 static int get_fds(char *str, char *fds[], int max)
749 {
750     char *ptr = str, *this;
751     size_t len = strlen(str);
752     int i = 0;
753 
754     while (i < max && ptr < str + len) {
755         this = strchr(ptr, ':');
756 
757         if (this == NULL) {
758             fds[i] = g_strdup(ptr);
759         } else {
760             fds[i] = g_strndup(ptr, this - ptr);
761         }
762 
763         i++;
764         if (this == NULL) {
765             break;
766         } else {
767             ptr = this + 1;
768         }
769     }
770 
771     return i;
772 }
773 
774 int net_init_tap(const Netdev *netdev, const char *name,
775                  NetClientState *peer, Error **errp)
776 {
777     const NetdevTapOptions *tap;
778     int fd, vnet_hdr = 0, i = 0, queues;
779     /* for the no-fd, no-helper case */
780     const char *script;
781     const char *downscript;
782     Error *err = NULL;
783     const char *vhostfdname;
784     char ifname[128];
785     int ret = 0;
786 
787     assert(netdev->type == NET_CLIENT_DRIVER_TAP);
788     tap = &netdev->u.tap;
789     queues = tap->has_queues ? tap->queues : 1;
790     vhostfdname = tap->has_vhostfd ? tap->vhostfd : NULL;
791     script = tap->has_script ? tap->script : NULL;
792     downscript = tap->has_downscript ? tap->downscript : NULL;
793 
794     /* QEMU hubs do not support multiqueue tap, in this case peer is set.
795      * For -netdev, peer is always NULL. */
796     if (peer && (tap->has_queues || tap->has_fds || tap->has_vhostfds)) {
797         error_setg(errp, "Multiqueue tap cannot be used with hubs");
798         return -1;
799     }
800 
801     if (tap->has_fd) {
802         if (tap->has_ifname || tap->has_script || tap->has_downscript ||
803             tap->has_vnet_hdr || tap->has_helper || tap->has_queues ||
804             tap->has_fds || tap->has_vhostfds) {
805             error_setg(errp, "ifname=, script=, downscript=, vnet_hdr=, "
806                        "helper=, queues=, fds=, and vhostfds= "
807                        "are invalid with fd=");
808             return -1;
809         }
810 
811         fd = monitor_fd_param(monitor_cur(), tap->fd, errp);
812         if (fd == -1) {
813             return -1;
814         }
815 
816         ret = qemu_try_set_nonblock(fd);
817         if (ret < 0) {
818             error_setg_errno(errp, -ret, "%s: Can't use file descriptor %d",
819                              name, fd);
820             close(fd);
821             return -1;
822         }
823 
824         vnet_hdr = tap_probe_vnet_hdr(fd, errp);
825         if (vnet_hdr < 0) {
826             close(fd);
827             return -1;
828         }
829 
830         net_init_tap_one(tap, peer, "tap", name, NULL,
831                          script, downscript,
832                          vhostfdname, vnet_hdr, fd, &err);
833         if (err) {
834             error_propagate(errp, err);
835             close(fd);
836             return -1;
837         }
838     } else if (tap->has_fds) {
839         char **fds;
840         char **vhost_fds;
841         int nfds = 0, nvhosts = 0;
842 
843         if (tap->has_ifname || tap->has_script || tap->has_downscript ||
844             tap->has_vnet_hdr || tap->has_helper || tap->has_queues ||
845             tap->has_vhostfd) {
846             error_setg(errp, "ifname=, script=, downscript=, vnet_hdr=, "
847                        "helper=, queues=, and vhostfd= "
848                        "are invalid with fds=");
849             return -1;
850         }
851 
852         fds = g_new0(char *, MAX_TAP_QUEUES);
853         vhost_fds = g_new0(char *, MAX_TAP_QUEUES);
854 
855         nfds = get_fds(tap->fds, fds, MAX_TAP_QUEUES);
856         if (tap->has_vhostfds) {
857             nvhosts = get_fds(tap->vhostfds, vhost_fds, MAX_TAP_QUEUES);
858             if (nfds != nvhosts) {
859                 error_setg(errp, "The number of fds passed does not match "
860                            "the number of vhostfds passed");
861                 ret = -1;
862                 goto free_fail;
863             }
864         }
865 
866         for (i = 0; i < nfds; i++) {
867             fd = monitor_fd_param(monitor_cur(), fds[i], errp);
868             if (fd == -1) {
869                 ret = -1;
870                 goto free_fail;
871             }
872 
873             ret = qemu_try_set_nonblock(fd);
874             if (ret < 0) {
875                 error_setg_errno(errp, -ret, "%s: Can't use file descriptor %d",
876                                  name, fd);
877                 goto free_fail;
878             }
879 
880             if (i == 0) {
881                 vnet_hdr = tap_probe_vnet_hdr(fd, errp);
882                 if (vnet_hdr < 0) {
883                     goto free_fail;
884                 }
885             } else if (vnet_hdr != tap_probe_vnet_hdr(fd, NULL)) {
886                 error_setg(errp,
887                            "vnet_hdr not consistent across given tap fds");
888                 ret = -1;
889                 goto free_fail;
890             }
891 
892             net_init_tap_one(tap, peer, "tap", name, ifname,
893                              script, downscript,
894                              tap->has_vhostfds ? vhost_fds[i] : NULL,
895                              vnet_hdr, fd, &err);
896             if (err) {
897                 error_propagate(errp, err);
898                 ret = -1;
899                 goto free_fail;
900             }
901         }
902 
903 free_fail:
904         for (i = 0; i < nvhosts; i++) {
905             g_free(vhost_fds[i]);
906         }
907         for (i = 0; i < nfds; i++) {
908             g_free(fds[i]);
909         }
910         g_free(fds);
911         g_free(vhost_fds);
912         return ret;
913     } else if (tap->has_helper) {
914         if (tap->has_ifname || tap->has_script || tap->has_downscript ||
915             tap->has_vnet_hdr || tap->has_queues || tap->has_vhostfds) {
916             error_setg(errp, "ifname=, script=, downscript=, vnet_hdr=, "
917                        "queues=, and vhostfds= are invalid with helper=");
918             return -1;
919         }
920 
921         fd = net_bridge_run_helper(tap->helper,
922                                    tap->has_br ?
923                                    tap->br : DEFAULT_BRIDGE_INTERFACE,
924                                    errp);
925         if (fd == -1) {
926             return -1;
927         }
928 
929         qemu_set_nonblock(fd);
930         vnet_hdr = tap_probe_vnet_hdr(fd, errp);
931         if (vnet_hdr < 0) {
932             close(fd);
933             return -1;
934         }
935 
936         net_init_tap_one(tap, peer, "bridge", name, ifname,
937                          script, downscript, vhostfdname,
938                          vnet_hdr, fd, &err);
939         if (err) {
940             error_propagate(errp, err);
941             close(fd);
942             return -1;
943         }
944     } else {
945         g_autofree char *default_script = NULL;
946         g_autofree char *default_downscript = NULL;
947         if (tap->has_vhostfds) {
948             error_setg(errp, "vhostfds= is invalid if fds= wasn't specified");
949             return -1;
950         }
951 
952         if (!script) {
953             script = default_script = get_relocated_path(DEFAULT_NETWORK_SCRIPT);
954         }
955         if (!downscript) {
956             downscript = default_downscript =
957                                  get_relocated_path(DEFAULT_NETWORK_DOWN_SCRIPT);
958         }
959 
960         if (tap->has_ifname) {
961             pstrcpy(ifname, sizeof ifname, tap->ifname);
962         } else {
963             ifname[0] = '\0';
964         }
965 
966         for (i = 0; i < queues; i++) {
967             fd = net_tap_init(tap, &vnet_hdr, i >= 1 ? "no" : script,
968                               ifname, sizeof ifname, queues > 1, errp);
969             if (fd == -1) {
970                 return -1;
971             }
972 
973             if (queues > 1 && i == 0 && !tap->has_ifname) {
974                 if (tap_fd_get_ifname(fd, ifname)) {
975                     error_setg(errp, "Fail to get ifname");
976                     close(fd);
977                     return -1;
978                 }
979             }
980 
981             net_init_tap_one(tap, peer, "tap", name, ifname,
982                              i >= 1 ? "no" : script,
983                              i >= 1 ? "no" : downscript,
984                              vhostfdname, vnet_hdr, fd, &err);
985             if (err) {
986                 error_propagate(errp, err);
987                 close(fd);
988                 return -1;
989             }
990         }
991     }
992 
993     return 0;
994 }
995 
996 VHostNetState *tap_get_vhost_net(NetClientState *nc)
997 {
998     TAPState *s = DO_UPCAST(TAPState, nc, nc);
999     assert(nc->info->type == NET_CLIENT_DRIVER_TAP);
1000     return s->vhost_net;
1001 }
1002 
1003 int tap_enable(NetClientState *nc)
1004 {
1005     TAPState *s = DO_UPCAST(TAPState, nc, nc);
1006     int ret;
1007 
1008     if (s->enabled) {
1009         return 0;
1010     } else {
1011         ret = tap_fd_enable(s->fd);
1012         if (ret == 0) {
1013             s->enabled = true;
1014             tap_update_fd_handler(s);
1015         }
1016         return ret;
1017     }
1018 }
1019 
1020 int tap_disable(NetClientState *nc)
1021 {
1022     TAPState *s = DO_UPCAST(TAPState, nc, nc);
1023     int ret;
1024 
1025     if (s->enabled == 0) {
1026         return 0;
1027     } else {
1028         ret = tap_fd_disable(s->fd);
1029         if (ret == 0) {
1030             qemu_purge_queued_packets(nc);
1031             s->enabled = false;
1032             tap_update_fd_handler(s);
1033         }
1034         return ret;
1035     }
1036 }
1037