xref: /openbmc/qemu/net/tap.c (revision 52f2b8961409be834abaee5189bff2cc9e372851)
1 /*
2  * QEMU System Emulator
3  *
4  * Copyright (c) 2003-2008 Fabrice Bellard
5  * Copyright (c) 2009 Red Hat, Inc.
6  *
7  * Permission is hereby granted, free of charge, to any person obtaining a copy
8  * of this software and associated documentation files (the "Software"), to deal
9  * in the Software without restriction, including without limitation the rights
10  * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11  * copies of the Software, and to permit persons to whom the Software is
12  * furnished to do so, subject to the following conditions:
13  *
14  * The above copyright notice and this permission notice shall be included in
15  * all copies or substantial portions of the Software.
16  *
17  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20  * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23  * THE SOFTWARE.
24  */
25 
26 #include "qemu/osdep.h"
27 #include "tap_int.h"
28 
29 
30 #include <sys/ioctl.h>
31 #include <sys/wait.h>
32 #include <sys/socket.h>
33 #include <net/if.h>
34 
35 #include "net/net.h"
36 #include "clients.h"
37 #include "monitor/monitor.h"
38 #include "sysemu/sysemu.h"
39 #include "qapi/error.h"
40 #include "qemu-common.h"
41 #include "qemu/cutils.h"
42 #include "qemu/error-report.h"
43 #include "qemu/sockets.h"
44 
45 #include "net/tap.h"
46 
47 #include "net/vhost_net.h"
48 
49 typedef struct TAPState {
50     NetClientState nc;
51     int fd;
52     char down_script[1024];
53     char down_script_arg[128];
54     uint8_t buf[NET_BUFSIZE];
55     bool read_poll;
56     bool write_poll;
57     bool using_vnet_hdr;
58     bool has_ufo;
59     bool enabled;
60     VHostNetState *vhost_net;
61     unsigned host_vnet_hdr_len;
62     Notifier exit;
63 } TAPState;
64 
65 static void launch_script(const char *setup_script, const char *ifname,
66                           int fd, Error **errp);
67 
68 static void tap_send(void *opaque);
69 static void tap_writable(void *opaque);
70 
71 static void tap_update_fd_handler(TAPState *s)
72 {
73     qemu_set_fd_handler(s->fd,
74                         s->read_poll && s->enabled ? tap_send : NULL,
75                         s->write_poll && s->enabled ? tap_writable : NULL,
76                         s);
77 }
78 
79 static void tap_read_poll(TAPState *s, bool enable)
80 {
81     s->read_poll = enable;
82     tap_update_fd_handler(s);
83 }
84 
85 static void tap_write_poll(TAPState *s, bool enable)
86 {
87     s->write_poll = enable;
88     tap_update_fd_handler(s);
89 }
90 
91 static void tap_writable(void *opaque)
92 {
93     TAPState *s = opaque;
94 
95     tap_write_poll(s, false);
96 
97     qemu_flush_queued_packets(&s->nc);
98 }
99 
100 static ssize_t tap_write_packet(TAPState *s, const struct iovec *iov, int iovcnt)
101 {
102     ssize_t len;
103 
104     do {
105         len = writev(s->fd, iov, iovcnt);
106     } while (len == -1 && errno == EINTR);
107 
108     if (len == -1 && errno == EAGAIN) {
109         tap_write_poll(s, true);
110         return 0;
111     }
112 
113     return len;
114 }
115 
116 static ssize_t tap_receive_iov(NetClientState *nc, const struct iovec *iov,
117                                int iovcnt)
118 {
119     TAPState *s = DO_UPCAST(TAPState, nc, nc);
120     const struct iovec *iovp = iov;
121     struct iovec iov_copy[iovcnt + 1];
122     struct virtio_net_hdr_mrg_rxbuf hdr = { };
123 
124     if (s->host_vnet_hdr_len && !s->using_vnet_hdr) {
125         iov_copy[0].iov_base = &hdr;
126         iov_copy[0].iov_len =  s->host_vnet_hdr_len;
127         memcpy(&iov_copy[1], iov, iovcnt * sizeof(*iov));
128         iovp = iov_copy;
129         iovcnt++;
130     }
131 
132     return tap_write_packet(s, iovp, iovcnt);
133 }
134 
135 static ssize_t tap_receive_raw(NetClientState *nc, const uint8_t *buf, size_t size)
136 {
137     TAPState *s = DO_UPCAST(TAPState, nc, nc);
138     struct iovec iov[2];
139     int iovcnt = 0;
140     struct virtio_net_hdr_mrg_rxbuf hdr = { };
141 
142     if (s->host_vnet_hdr_len) {
143         iov[iovcnt].iov_base = &hdr;
144         iov[iovcnt].iov_len  = s->host_vnet_hdr_len;
145         iovcnt++;
146     }
147 
148     iov[iovcnt].iov_base = (char *)buf;
149     iov[iovcnt].iov_len  = size;
150     iovcnt++;
151 
152     return tap_write_packet(s, iov, iovcnt);
153 }
154 
155 static ssize_t tap_receive(NetClientState *nc, const uint8_t *buf, size_t size)
156 {
157     TAPState *s = DO_UPCAST(TAPState, nc, nc);
158     struct iovec iov[1];
159 
160     if (s->host_vnet_hdr_len && !s->using_vnet_hdr) {
161         return tap_receive_raw(nc, buf, size);
162     }
163 
164     iov[0].iov_base = (char *)buf;
165     iov[0].iov_len  = size;
166 
167     return tap_write_packet(s, iov, 1);
168 }
169 
170 #ifndef __sun__
171 ssize_t tap_read_packet(int tapfd, uint8_t *buf, int maxlen)
172 {
173     return read(tapfd, buf, maxlen);
174 }
175 #endif
176 
177 static void tap_send_completed(NetClientState *nc, ssize_t len)
178 {
179     TAPState *s = DO_UPCAST(TAPState, nc, nc);
180     tap_read_poll(s, true);
181 }
182 
183 static void tap_send(void *opaque)
184 {
185     TAPState *s = opaque;
186     int size;
187     int packets = 0;
188 
189     while (true) {
190         uint8_t *buf = s->buf;
191 
192         size = tap_read_packet(s->fd, s->buf, sizeof(s->buf));
193         if (size <= 0) {
194             break;
195         }
196 
197         if (s->host_vnet_hdr_len && !s->using_vnet_hdr) {
198             buf  += s->host_vnet_hdr_len;
199             size -= s->host_vnet_hdr_len;
200         }
201 
202         size = qemu_send_packet_async(&s->nc, buf, size, tap_send_completed);
203         if (size == 0) {
204             tap_read_poll(s, false);
205             break;
206         } else if (size < 0) {
207             break;
208         }
209 
210         /*
211          * When the host keeps receiving more packets while tap_send() is
212          * running we can hog the QEMU global mutex.  Limit the number of
213          * packets that are processed per tap_send() callback to prevent
214          * stalling the guest.
215          */
216         packets++;
217         if (packets >= 50) {
218             break;
219         }
220     }
221 }
222 
223 static bool tap_has_ufo(NetClientState *nc)
224 {
225     TAPState *s = DO_UPCAST(TAPState, nc, nc);
226 
227     assert(nc->info->type == NET_CLIENT_DRIVER_TAP);
228 
229     return s->has_ufo;
230 }
231 
232 static bool tap_has_vnet_hdr(NetClientState *nc)
233 {
234     TAPState *s = DO_UPCAST(TAPState, nc, nc);
235 
236     assert(nc->info->type == NET_CLIENT_DRIVER_TAP);
237 
238     return !!s->host_vnet_hdr_len;
239 }
240 
241 static bool tap_has_vnet_hdr_len(NetClientState *nc, int len)
242 {
243     TAPState *s = DO_UPCAST(TAPState, nc, nc);
244 
245     assert(nc->info->type == NET_CLIENT_DRIVER_TAP);
246 
247     return !!tap_probe_vnet_hdr_len(s->fd, len);
248 }
249 
250 static void tap_set_vnet_hdr_len(NetClientState *nc, int len)
251 {
252     TAPState *s = DO_UPCAST(TAPState, nc, nc);
253 
254     assert(nc->info->type == NET_CLIENT_DRIVER_TAP);
255     assert(len == sizeof(struct virtio_net_hdr_mrg_rxbuf) ||
256            len == sizeof(struct virtio_net_hdr));
257 
258     tap_fd_set_vnet_hdr_len(s->fd, len);
259     s->host_vnet_hdr_len = len;
260 }
261 
262 static void tap_using_vnet_hdr(NetClientState *nc, bool using_vnet_hdr)
263 {
264     TAPState *s = DO_UPCAST(TAPState, nc, nc);
265 
266     assert(nc->info->type == NET_CLIENT_DRIVER_TAP);
267     assert(!!s->host_vnet_hdr_len == using_vnet_hdr);
268 
269     s->using_vnet_hdr = using_vnet_hdr;
270 }
271 
272 static int tap_set_vnet_le(NetClientState *nc, bool is_le)
273 {
274     TAPState *s = DO_UPCAST(TAPState, nc, nc);
275 
276     return tap_fd_set_vnet_le(s->fd, is_le);
277 }
278 
279 static int tap_set_vnet_be(NetClientState *nc, bool is_be)
280 {
281     TAPState *s = DO_UPCAST(TAPState, nc, nc);
282 
283     return tap_fd_set_vnet_be(s->fd, is_be);
284 }
285 
286 static void tap_set_offload(NetClientState *nc, int csum, int tso4,
287                      int tso6, int ecn, int ufo)
288 {
289     TAPState *s = DO_UPCAST(TAPState, nc, nc);
290     if (s->fd < 0) {
291         return;
292     }
293 
294     tap_fd_set_offload(s->fd, csum, tso4, tso6, ecn, ufo);
295 }
296 
297 static void tap_exit_notify(Notifier *notifier, void *data)
298 {
299     TAPState *s = container_of(notifier, TAPState, exit);
300     Error *err = NULL;
301 
302     if (s->down_script[0]) {
303         launch_script(s->down_script, s->down_script_arg, s->fd, &err);
304         if (err) {
305             error_report_err(err);
306         }
307     }
308 }
309 
310 static void tap_cleanup(NetClientState *nc)
311 {
312     TAPState *s = DO_UPCAST(TAPState, nc, nc);
313 
314     if (s->vhost_net) {
315         vhost_net_cleanup(s->vhost_net);
316         g_free(s->vhost_net);
317         s->vhost_net = NULL;
318     }
319 
320     qemu_purge_queued_packets(nc);
321 
322     tap_exit_notify(&s->exit, NULL);
323     qemu_remove_exit_notifier(&s->exit);
324 
325     tap_read_poll(s, false);
326     tap_write_poll(s, false);
327     close(s->fd);
328     s->fd = -1;
329 }
330 
331 static void tap_poll(NetClientState *nc, bool enable)
332 {
333     TAPState *s = DO_UPCAST(TAPState, nc, nc);
334     tap_read_poll(s, enable);
335     tap_write_poll(s, enable);
336 }
337 
338 int tap_get_fd(NetClientState *nc)
339 {
340     TAPState *s = DO_UPCAST(TAPState, nc, nc);
341     assert(nc->info->type == NET_CLIENT_DRIVER_TAP);
342     return s->fd;
343 }
344 
345 /* fd support */
346 
347 static NetClientInfo net_tap_info = {
348     .type = NET_CLIENT_DRIVER_TAP,
349     .size = sizeof(TAPState),
350     .receive = tap_receive,
351     .receive_raw = tap_receive_raw,
352     .receive_iov = tap_receive_iov,
353     .poll = tap_poll,
354     .cleanup = tap_cleanup,
355     .has_ufo = tap_has_ufo,
356     .has_vnet_hdr = tap_has_vnet_hdr,
357     .has_vnet_hdr_len = tap_has_vnet_hdr_len,
358     .using_vnet_hdr = tap_using_vnet_hdr,
359     .set_offload = tap_set_offload,
360     .set_vnet_hdr_len = tap_set_vnet_hdr_len,
361     .set_vnet_le = tap_set_vnet_le,
362     .set_vnet_be = tap_set_vnet_be,
363 };
364 
365 static TAPState *net_tap_fd_init(NetClientState *peer,
366                                  const char *model,
367                                  const char *name,
368                                  int fd,
369                                  int vnet_hdr)
370 {
371     NetClientState *nc;
372     TAPState *s;
373 
374     nc = qemu_new_net_client(&net_tap_info, peer, model, name);
375 
376     s = DO_UPCAST(TAPState, nc, nc);
377 
378     s->fd = fd;
379     s->host_vnet_hdr_len = vnet_hdr ? sizeof(struct virtio_net_hdr) : 0;
380     s->using_vnet_hdr = false;
381     s->has_ufo = tap_probe_has_ufo(s->fd);
382     s->enabled = true;
383     tap_set_offload(&s->nc, 0, 0, 0, 0, 0);
384     /*
385      * Make sure host header length is set correctly in tap:
386      * it might have been modified by another instance of qemu.
387      */
388     if (tap_probe_vnet_hdr_len(s->fd, s->host_vnet_hdr_len)) {
389         tap_fd_set_vnet_hdr_len(s->fd, s->host_vnet_hdr_len);
390     }
391     tap_read_poll(s, true);
392     s->vhost_net = NULL;
393 
394     s->exit.notify = tap_exit_notify;
395     qemu_add_exit_notifier(&s->exit);
396 
397     return s;
398 }
399 
400 static void launch_script(const char *setup_script, const char *ifname,
401                           int fd, Error **errp)
402 {
403     int pid, status;
404     char *args[3];
405     char **parg;
406 
407     /* try to launch network script */
408     pid = fork();
409     if (pid < 0) {
410         error_setg_errno(errp, errno, "could not launch network script %s",
411                          setup_script);
412         return;
413     }
414     if (pid == 0) {
415         int open_max = sysconf(_SC_OPEN_MAX), i;
416 
417         for (i = 3; i < open_max; i++) {
418             if (i != fd) {
419                 close(i);
420             }
421         }
422         parg = args;
423         *parg++ = (char *)setup_script;
424         *parg++ = (char *)ifname;
425         *parg = NULL;
426         execv(setup_script, args);
427         _exit(1);
428     } else {
429         while (waitpid(pid, &status, 0) != pid) {
430             /* loop */
431         }
432 
433         if (WIFEXITED(status) && WEXITSTATUS(status) == 0) {
434             return;
435         }
436         error_setg(errp, "network script %s failed with status %d",
437                    setup_script, status);
438     }
439 }
440 
441 static int recv_fd(int c)
442 {
443     int fd;
444     uint8_t msgbuf[CMSG_SPACE(sizeof(fd))];
445     struct msghdr msg = {
446         .msg_control = msgbuf,
447         .msg_controllen = sizeof(msgbuf),
448     };
449     struct cmsghdr *cmsg;
450     struct iovec iov;
451     uint8_t req[1];
452     ssize_t len;
453 
454     cmsg = CMSG_FIRSTHDR(&msg);
455     cmsg->cmsg_level = SOL_SOCKET;
456     cmsg->cmsg_type = SCM_RIGHTS;
457     cmsg->cmsg_len = CMSG_LEN(sizeof(fd));
458     msg.msg_controllen = cmsg->cmsg_len;
459 
460     iov.iov_base = req;
461     iov.iov_len = sizeof(req);
462 
463     msg.msg_iov = &iov;
464     msg.msg_iovlen = 1;
465 
466     len = recvmsg(c, &msg, 0);
467     if (len > 0) {
468         memcpy(&fd, CMSG_DATA(cmsg), sizeof(fd));
469         return fd;
470     }
471 
472     return len;
473 }
474 
475 static int net_bridge_run_helper(const char *helper, const char *bridge,
476                                  Error **errp)
477 {
478     sigset_t oldmask, mask;
479     int pid, status;
480     char *args[5];
481     char **parg;
482     int sv[2];
483 
484     sigemptyset(&mask);
485     sigaddset(&mask, SIGCHLD);
486     sigprocmask(SIG_BLOCK, &mask, &oldmask);
487 
488     if (socketpair(PF_UNIX, SOCK_STREAM, 0, sv) == -1) {
489         error_setg_errno(errp, errno, "socketpair() failed");
490         return -1;
491     }
492 
493     /* try to launch bridge helper */
494     pid = fork();
495     if (pid < 0) {
496         error_setg_errno(errp, errno, "Can't fork bridge helper");
497         return -1;
498     }
499     if (pid == 0) {
500         int open_max = sysconf(_SC_OPEN_MAX), i;
501         char fd_buf[6+10];
502         char br_buf[6+IFNAMSIZ] = {0};
503         char helper_cmd[PATH_MAX + sizeof(fd_buf) + sizeof(br_buf) + 15];
504 
505         for (i = 3; i < open_max; i++) {
506             if (i != sv[1]) {
507                 close(i);
508             }
509         }
510 
511         snprintf(fd_buf, sizeof(fd_buf), "%s%d", "--fd=", sv[1]);
512 
513         if (strrchr(helper, ' ') || strrchr(helper, '\t')) {
514             /* assume helper is a command */
515 
516             if (strstr(helper, "--br=") == NULL) {
517                 snprintf(br_buf, sizeof(br_buf), "%s%s", "--br=", bridge);
518             }
519 
520             snprintf(helper_cmd, sizeof(helper_cmd), "%s %s %s %s",
521                      helper, "--use-vnet", fd_buf, br_buf);
522 
523             parg = args;
524             *parg++ = (char *)"sh";
525             *parg++ = (char *)"-c";
526             *parg++ = helper_cmd;
527             *parg++ = NULL;
528 
529             execv("/bin/sh", args);
530         } else {
531             /* assume helper is just the executable path name */
532 
533             snprintf(br_buf, sizeof(br_buf), "%s%s", "--br=", bridge);
534 
535             parg = args;
536             *parg++ = (char *)helper;
537             *parg++ = (char *)"--use-vnet";
538             *parg++ = fd_buf;
539             *parg++ = br_buf;
540             *parg++ = NULL;
541 
542             execv(helper, args);
543         }
544         _exit(1);
545 
546     } else {
547         int fd;
548         int saved_errno;
549 
550         close(sv[1]);
551 
552         do {
553             fd = recv_fd(sv[0]);
554         } while (fd == -1 && errno == EINTR);
555         saved_errno = errno;
556 
557         close(sv[0]);
558 
559         while (waitpid(pid, &status, 0) != pid) {
560             /* loop */
561         }
562         sigprocmask(SIG_SETMASK, &oldmask, NULL);
563         if (fd < 0) {
564             error_setg_errno(errp, saved_errno,
565                              "failed to recv file descriptor");
566             return -1;
567         }
568         if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) {
569             error_setg(errp, "bridge helper failed");
570             return -1;
571         }
572         return fd;
573     }
574 }
575 
576 int net_init_bridge(const Netdev *netdev, const char *name,
577                     NetClientState *peer, Error **errp)
578 {
579     const NetdevBridgeOptions *bridge;
580     const char *helper, *br;
581     TAPState *s;
582     int fd, vnet_hdr;
583 
584     assert(netdev->type == NET_CLIENT_DRIVER_BRIDGE);
585     bridge = &netdev->u.bridge;
586 
587     helper = bridge->has_helper ? bridge->helper : DEFAULT_BRIDGE_HELPER;
588     br     = bridge->has_br     ? bridge->br     : DEFAULT_BRIDGE_INTERFACE;
589 
590     fd = net_bridge_run_helper(helper, br, errp);
591     if (fd == -1) {
592         return -1;
593     }
594 
595     qemu_set_nonblock(fd);
596     vnet_hdr = tap_probe_vnet_hdr(fd);
597     s = net_tap_fd_init(peer, "bridge", name, fd, vnet_hdr);
598 
599     snprintf(s->nc.info_str, sizeof(s->nc.info_str), "helper=%s,br=%s", helper,
600              br);
601 
602     return 0;
603 }
604 
605 static int net_tap_init(const NetdevTapOptions *tap, int *vnet_hdr,
606                         const char *setup_script, char *ifname,
607                         size_t ifname_sz, int mq_required, Error **errp)
608 {
609     Error *err = NULL;
610     int fd, vnet_hdr_required;
611 
612     if (tap->has_vnet_hdr) {
613         *vnet_hdr = tap->vnet_hdr;
614         vnet_hdr_required = *vnet_hdr;
615     } else {
616         *vnet_hdr = 1;
617         vnet_hdr_required = 0;
618     }
619 
620     TFR(fd = tap_open(ifname, ifname_sz, vnet_hdr, vnet_hdr_required,
621                       mq_required, errp));
622     if (fd < 0) {
623         return -1;
624     }
625 
626     if (setup_script &&
627         setup_script[0] != '\0' &&
628         strcmp(setup_script, "no") != 0) {
629         launch_script(setup_script, ifname, fd, &err);
630         if (err) {
631             error_propagate(errp, err);
632             close(fd);
633             return -1;
634         }
635     }
636 
637     return fd;
638 }
639 
640 #define MAX_TAP_QUEUES 1024
641 
642 static void net_init_tap_one(const NetdevTapOptions *tap, NetClientState *peer,
643                              const char *model, const char *name,
644                              const char *ifname, const char *script,
645                              const char *downscript, const char *vhostfdname,
646                              int vnet_hdr, int fd, Error **errp)
647 {
648     Error *err = NULL;
649     TAPState *s = net_tap_fd_init(peer, model, name, fd, vnet_hdr);
650     int vhostfd;
651 
652     tap_set_sndbuf(s->fd, tap, &err);
653     if (err) {
654         error_propagate(errp, err);
655         return;
656     }
657 
658     if (tap->has_fd || tap->has_fds) {
659         snprintf(s->nc.info_str, sizeof(s->nc.info_str), "fd=%d", fd);
660     } else if (tap->has_helper) {
661         snprintf(s->nc.info_str, sizeof(s->nc.info_str), "helper=%s",
662                  tap->helper);
663     } else {
664         snprintf(s->nc.info_str, sizeof(s->nc.info_str),
665                  "ifname=%s,script=%s,downscript=%s", ifname, script,
666                  downscript);
667 
668         if (strcmp(downscript, "no") != 0) {
669             snprintf(s->down_script, sizeof(s->down_script), "%s", downscript);
670             snprintf(s->down_script_arg, sizeof(s->down_script_arg),
671                      "%s", ifname);
672         }
673     }
674 
675     if (tap->has_vhost ? tap->vhost :
676         vhostfdname || (tap->has_vhostforce && tap->vhostforce)) {
677         VhostNetOptions options;
678 
679         options.backend_type = VHOST_BACKEND_TYPE_KERNEL;
680         options.net_backend = &s->nc;
681         if (tap->has_poll_us) {
682             options.busyloop_timeout = tap->poll_us;
683         } else {
684             options.busyloop_timeout = 0;
685         }
686 
687         if (vhostfdname) {
688             vhostfd = monitor_fd_param(cur_mon, vhostfdname, &err);
689             if (vhostfd == -1) {
690                 if (tap->has_vhostforce && tap->vhostforce) {
691                     error_propagate(errp, err);
692                 } else {
693                     warn_report_err(err);
694                 }
695                 return;
696             }
697             qemu_set_nonblock(vhostfd);
698         } else {
699             vhostfd = open("/dev/vhost-net", O_RDWR);
700             if (vhostfd < 0) {
701                 if (tap->has_vhostforce && tap->vhostforce) {
702                     error_setg_errno(errp, errno,
703                                      "tap: open vhost char device failed");
704                 } else {
705                     warn_report("tap: open vhost char device failed: %s",
706                                 strerror(errno));
707                 }
708                 return;
709             }
710             qemu_set_nonblock(vhostfd);
711         }
712         options.opaque = (void *)(uintptr_t)vhostfd;
713 
714         s->vhost_net = vhost_net_init(&options);
715         if (!s->vhost_net) {
716             if (tap->has_vhostforce && tap->vhostforce) {
717                 error_setg(errp, VHOST_NET_INIT_FAILED);
718             } else {
719                 warn_report(VHOST_NET_INIT_FAILED);
720             }
721             return;
722         }
723     } else if (vhostfdname) {
724         error_setg(errp, "vhostfd(s)= is not valid without vhost");
725     }
726 }
727 
728 static int get_fds(char *str, char *fds[], int max)
729 {
730     char *ptr = str, *this;
731     size_t len = strlen(str);
732     int i = 0;
733 
734     while (i < max && ptr < str + len) {
735         this = strchr(ptr, ':');
736 
737         if (this == NULL) {
738             fds[i] = g_strdup(ptr);
739         } else {
740             fds[i] = g_strndup(ptr, this - ptr);
741         }
742 
743         i++;
744         if (this == NULL) {
745             break;
746         } else {
747             ptr = this + 1;
748         }
749     }
750 
751     return i;
752 }
753 
754 int net_init_tap(const Netdev *netdev, const char *name,
755                  NetClientState *peer, Error **errp)
756 {
757     const NetdevTapOptions *tap;
758     int fd, vnet_hdr = 0, i = 0, queues;
759     /* for the no-fd, no-helper case */
760     const char *script = NULL; /* suppress wrong "uninit'd use" gcc warning */
761     const char *downscript = NULL;
762     Error *err = NULL;
763     const char *vhostfdname;
764     char ifname[128];
765 
766     assert(netdev->type == NET_CLIENT_DRIVER_TAP);
767     tap = &netdev->u.tap;
768     queues = tap->has_queues ? tap->queues : 1;
769     vhostfdname = tap->has_vhostfd ? tap->vhostfd : NULL;
770 
771     /* QEMU hubs do not support multiqueue tap, in this case peer is set.
772      * For -netdev, peer is always NULL. */
773     if (peer && (tap->has_queues || tap->has_fds || tap->has_vhostfds)) {
774         error_setg(errp, "Multiqueue tap cannot be used with hubs");
775         return -1;
776     }
777 
778     if (tap->has_fd) {
779         if (tap->has_ifname || tap->has_script || tap->has_downscript ||
780             tap->has_vnet_hdr || tap->has_helper || tap->has_queues ||
781             tap->has_fds || tap->has_vhostfds) {
782             error_setg(errp, "ifname=, script=, downscript=, vnet_hdr=, "
783                        "helper=, queues=, fds=, and vhostfds= "
784                        "are invalid with fd=");
785             return -1;
786         }
787 
788         fd = monitor_fd_param(cur_mon, tap->fd, &err);
789         if (fd == -1) {
790             error_propagate(errp, err);
791             return -1;
792         }
793 
794         qemu_set_nonblock(fd);
795 
796         vnet_hdr = tap_probe_vnet_hdr(fd);
797 
798         net_init_tap_one(tap, peer, "tap", name, NULL,
799                          script, downscript,
800                          vhostfdname, vnet_hdr, fd, &err);
801         if (err) {
802             error_propagate(errp, err);
803             return -1;
804         }
805     } else if (tap->has_fds) {
806         char **fds;
807         char **vhost_fds;
808         int nfds = 0, nvhosts = 0;
809         int ret = 0;
810 
811         if (tap->has_ifname || tap->has_script || tap->has_downscript ||
812             tap->has_vnet_hdr || tap->has_helper || tap->has_queues ||
813             tap->has_vhostfd) {
814             error_setg(errp, "ifname=, script=, downscript=, vnet_hdr=, "
815                        "helper=, queues=, and vhostfd= "
816                        "are invalid with fds=");
817             return -1;
818         }
819 
820         fds = g_new0(char *, MAX_TAP_QUEUES);
821         vhost_fds = g_new0(char *, MAX_TAP_QUEUES);
822 
823         nfds = get_fds(tap->fds, fds, MAX_TAP_QUEUES);
824         if (tap->has_vhostfds) {
825             nvhosts = get_fds(tap->vhostfds, vhost_fds, MAX_TAP_QUEUES);
826             if (nfds != nvhosts) {
827                 error_setg(errp, "The number of fds passed does not match "
828                            "the number of vhostfds passed");
829                 ret = -1;
830                 goto free_fail;
831             }
832         }
833 
834         for (i = 0; i < nfds; i++) {
835             fd = monitor_fd_param(cur_mon, fds[i], &err);
836             if (fd == -1) {
837                 error_propagate(errp, err);
838                 ret = -1;
839                 goto free_fail;
840             }
841 
842             qemu_set_nonblock(fd);
843 
844             if (i == 0) {
845                 vnet_hdr = tap_probe_vnet_hdr(fd);
846             } else if (vnet_hdr != tap_probe_vnet_hdr(fd)) {
847                 error_setg(errp,
848                            "vnet_hdr not consistent across given tap fds");
849                 ret = -1;
850                 goto free_fail;
851             }
852 
853             net_init_tap_one(tap, peer, "tap", name, ifname,
854                              script, downscript,
855                              tap->has_vhostfds ? vhost_fds[i] : NULL,
856                              vnet_hdr, fd, &err);
857             if (err) {
858                 error_propagate(errp, err);
859                 ret = -1;
860                 goto free_fail;
861             }
862         }
863 
864 free_fail:
865         for (i = 0; i < nvhosts; i++) {
866             g_free(vhost_fds[i]);
867         }
868         for (i = 0; i < nfds; i++) {
869             g_free(fds[i]);
870         }
871         g_free(fds);
872         g_free(vhost_fds);
873         return ret;
874     } else if (tap->has_helper) {
875         if (tap->has_ifname || tap->has_script || tap->has_downscript ||
876             tap->has_vnet_hdr || tap->has_queues || tap->has_vhostfds) {
877             error_setg(errp, "ifname=, script=, downscript=, vnet_hdr=, "
878                        "queues=, and vhostfds= are invalid with helper=");
879             return -1;
880         }
881 
882         fd = net_bridge_run_helper(tap->helper,
883                                    tap->has_br ?
884                                    tap->br : DEFAULT_BRIDGE_INTERFACE,
885                                    errp);
886         if (fd == -1) {
887             return -1;
888         }
889 
890         qemu_set_nonblock(fd);
891         vnet_hdr = tap_probe_vnet_hdr(fd);
892 
893         net_init_tap_one(tap, peer, "bridge", name, ifname,
894                          script, downscript, vhostfdname,
895                          vnet_hdr, fd, &err);
896         if (err) {
897             error_propagate(errp, err);
898             close(fd);
899             return -1;
900         }
901     } else {
902         if (tap->has_vhostfds) {
903             error_setg(errp, "vhostfds= is invalid if fds= wasn't specified");
904             return -1;
905         }
906         script = tap->has_script ? tap->script : DEFAULT_NETWORK_SCRIPT;
907         downscript = tap->has_downscript ? tap->downscript :
908             DEFAULT_NETWORK_DOWN_SCRIPT;
909 
910         if (tap->has_ifname) {
911             pstrcpy(ifname, sizeof ifname, tap->ifname);
912         } else {
913             ifname[0] = '\0';
914         }
915 
916         for (i = 0; i < queues; i++) {
917             fd = net_tap_init(tap, &vnet_hdr, i >= 1 ? "no" : script,
918                               ifname, sizeof ifname, queues > 1, errp);
919             if (fd == -1) {
920                 return -1;
921             }
922 
923             if (queues > 1 && i == 0 && !tap->has_ifname) {
924                 if (tap_fd_get_ifname(fd, ifname)) {
925                     error_setg(errp, "Fail to get ifname");
926                     close(fd);
927                     return -1;
928                 }
929             }
930 
931             net_init_tap_one(tap, peer, "tap", name, ifname,
932                              i >= 1 ? "no" : script,
933                              i >= 1 ? "no" : downscript,
934                              vhostfdname, vnet_hdr, fd, &err);
935             if (err) {
936                 error_propagate(errp, err);
937                 close(fd);
938                 return -1;
939             }
940         }
941     }
942 
943     return 0;
944 }
945 
946 VHostNetState *tap_get_vhost_net(NetClientState *nc)
947 {
948     TAPState *s = DO_UPCAST(TAPState, nc, nc);
949     assert(nc->info->type == NET_CLIENT_DRIVER_TAP);
950     return s->vhost_net;
951 }
952 
953 int tap_enable(NetClientState *nc)
954 {
955     TAPState *s = DO_UPCAST(TAPState, nc, nc);
956     int ret;
957 
958     if (s->enabled) {
959         return 0;
960     } else {
961         ret = tap_fd_enable(s->fd);
962         if (ret == 0) {
963             s->enabled = true;
964             tap_update_fd_handler(s);
965         }
966         return ret;
967     }
968 }
969 
970 int tap_disable(NetClientState *nc)
971 {
972     TAPState *s = DO_UPCAST(TAPState, nc, nc);
973     int ret;
974 
975     if (s->enabled == 0) {
976         return 0;
977     } else {
978         ret = tap_fd_disable(s->fd);
979         if (ret == 0) {
980             qemu_purge_queued_packets(nc);
981             s->enabled = false;
982             tap_update_fd_handler(s);
983         }
984         return ret;
985     }
986 }
987