xref: /openbmc/qemu/net/tap.c (revision fe7f9b8e)
1 /*
2  * QEMU System Emulator
3  *
4  * Copyright (c) 2003-2008 Fabrice Bellard
5  * Copyright (c) 2009 Red Hat, Inc.
6  *
7  * Permission is hereby granted, free of charge, to any person obtaining a copy
8  * of this software and associated documentation files (the "Software"), to deal
9  * in the Software without restriction, including without limitation the rights
10  * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11  * copies of the Software, and to permit persons to whom the Software is
12  * furnished to do so, subject to the following conditions:
13  *
14  * The above copyright notice and this permission notice shall be included in
15  * all copies or substantial portions of the Software.
16  *
17  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20  * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23  * THE SOFTWARE.
24  */
25 
26 #include "qemu/osdep.h"
27 #include "tap_int.h"
28 
29 
30 #include <sys/ioctl.h>
31 #include <sys/wait.h>
32 #include <sys/socket.h>
33 #include <net/if.h>
34 
35 #include "net/net.h"
36 #include "clients.h"
37 #include "monitor/monitor.h"
38 #include "sysemu/sysemu.h"
39 #include "qapi/error.h"
40 #include "qemu-common.h"
41 #include "qemu/cutils.h"
42 #include "qemu/error-report.h"
43 
44 #include "net/tap.h"
45 
46 #include "net/vhost_net.h"
47 
48 typedef struct TAPState {
49     NetClientState nc;
50     int fd;
51     char down_script[1024];
52     char down_script_arg[128];
53     uint8_t buf[NET_BUFSIZE];
54     bool read_poll;
55     bool write_poll;
56     bool using_vnet_hdr;
57     bool has_ufo;
58     bool enabled;
59     VHostNetState *vhost_net;
60     unsigned host_vnet_hdr_len;
61     Notifier exit;
62 } TAPState;
63 
64 static void launch_script(const char *setup_script, const char *ifname,
65                           int fd, Error **errp);
66 
67 static void tap_send(void *opaque);
68 static void tap_writable(void *opaque);
69 
70 static void tap_update_fd_handler(TAPState *s)
71 {
72     qemu_set_fd_handler(s->fd,
73                         s->read_poll && s->enabled ? tap_send : NULL,
74                         s->write_poll && s->enabled ? tap_writable : NULL,
75                         s);
76 }
77 
78 static void tap_read_poll(TAPState *s, bool enable)
79 {
80     s->read_poll = enable;
81     tap_update_fd_handler(s);
82 }
83 
84 static void tap_write_poll(TAPState *s, bool enable)
85 {
86     s->write_poll = enable;
87     tap_update_fd_handler(s);
88 }
89 
90 static void tap_writable(void *opaque)
91 {
92     TAPState *s = opaque;
93 
94     tap_write_poll(s, false);
95 
96     qemu_flush_queued_packets(&s->nc);
97 }
98 
99 static ssize_t tap_write_packet(TAPState *s, const struct iovec *iov, int iovcnt)
100 {
101     ssize_t len;
102 
103     do {
104         len = writev(s->fd, iov, iovcnt);
105     } while (len == -1 && errno == EINTR);
106 
107     if (len == -1 && errno == EAGAIN) {
108         tap_write_poll(s, true);
109         return 0;
110     }
111 
112     return len;
113 }
114 
115 static ssize_t tap_receive_iov(NetClientState *nc, const struct iovec *iov,
116                                int iovcnt)
117 {
118     TAPState *s = DO_UPCAST(TAPState, nc, nc);
119     const struct iovec *iovp = iov;
120     struct iovec iov_copy[iovcnt + 1];
121     struct virtio_net_hdr_mrg_rxbuf hdr = { };
122 
123     if (s->host_vnet_hdr_len && !s->using_vnet_hdr) {
124         iov_copy[0].iov_base = &hdr;
125         iov_copy[0].iov_len =  s->host_vnet_hdr_len;
126         memcpy(&iov_copy[1], iov, iovcnt * sizeof(*iov));
127         iovp = iov_copy;
128         iovcnt++;
129     }
130 
131     return tap_write_packet(s, iovp, iovcnt);
132 }
133 
134 static ssize_t tap_receive_raw(NetClientState *nc, const uint8_t *buf, size_t size)
135 {
136     TAPState *s = DO_UPCAST(TAPState, nc, nc);
137     struct iovec iov[2];
138     int iovcnt = 0;
139     struct virtio_net_hdr_mrg_rxbuf hdr = { };
140 
141     if (s->host_vnet_hdr_len) {
142         iov[iovcnt].iov_base = &hdr;
143         iov[iovcnt].iov_len  = s->host_vnet_hdr_len;
144         iovcnt++;
145     }
146 
147     iov[iovcnt].iov_base = (char *)buf;
148     iov[iovcnt].iov_len  = size;
149     iovcnt++;
150 
151     return tap_write_packet(s, iov, iovcnt);
152 }
153 
154 static ssize_t tap_receive(NetClientState *nc, const uint8_t *buf, size_t size)
155 {
156     TAPState *s = DO_UPCAST(TAPState, nc, nc);
157     struct iovec iov[1];
158 
159     if (s->host_vnet_hdr_len && !s->using_vnet_hdr) {
160         return tap_receive_raw(nc, buf, size);
161     }
162 
163     iov[0].iov_base = (char *)buf;
164     iov[0].iov_len  = size;
165 
166     return tap_write_packet(s, iov, 1);
167 }
168 
169 #ifndef __sun__
170 ssize_t tap_read_packet(int tapfd, uint8_t *buf, int maxlen)
171 {
172     return read(tapfd, buf, maxlen);
173 }
174 #endif
175 
176 static void tap_send_completed(NetClientState *nc, ssize_t len)
177 {
178     TAPState *s = DO_UPCAST(TAPState, nc, nc);
179     tap_read_poll(s, true);
180 }
181 
182 static void tap_send(void *opaque)
183 {
184     TAPState *s = opaque;
185     int size;
186     int packets = 0;
187 
188     while (true) {
189         uint8_t *buf = s->buf;
190 
191         size = tap_read_packet(s->fd, s->buf, sizeof(s->buf));
192         if (size <= 0) {
193             break;
194         }
195 
196         if (s->host_vnet_hdr_len && !s->using_vnet_hdr) {
197             buf  += s->host_vnet_hdr_len;
198             size -= s->host_vnet_hdr_len;
199         }
200 
201         size = qemu_send_packet_async(&s->nc, buf, size, tap_send_completed);
202         if (size == 0) {
203             tap_read_poll(s, false);
204             break;
205         } else if (size < 0) {
206             break;
207         }
208 
209         /*
210          * When the host keeps receiving more packets while tap_send() is
211          * running we can hog the QEMU global mutex.  Limit the number of
212          * packets that are processed per tap_send() callback to prevent
213          * stalling the guest.
214          */
215         packets++;
216         if (packets >= 50) {
217             break;
218         }
219     }
220 }
221 
222 static bool tap_has_ufo(NetClientState *nc)
223 {
224     TAPState *s = DO_UPCAST(TAPState, nc, nc);
225 
226     assert(nc->info->type == NET_CLIENT_DRIVER_TAP);
227 
228     return s->has_ufo;
229 }
230 
231 static bool tap_has_vnet_hdr(NetClientState *nc)
232 {
233     TAPState *s = DO_UPCAST(TAPState, nc, nc);
234 
235     assert(nc->info->type == NET_CLIENT_DRIVER_TAP);
236 
237     return !!s->host_vnet_hdr_len;
238 }
239 
240 static bool tap_has_vnet_hdr_len(NetClientState *nc, int len)
241 {
242     TAPState *s = DO_UPCAST(TAPState, nc, nc);
243 
244     assert(nc->info->type == NET_CLIENT_DRIVER_TAP);
245 
246     return !!tap_probe_vnet_hdr_len(s->fd, len);
247 }
248 
249 static void tap_set_vnet_hdr_len(NetClientState *nc, int len)
250 {
251     TAPState *s = DO_UPCAST(TAPState, nc, nc);
252 
253     assert(nc->info->type == NET_CLIENT_DRIVER_TAP);
254     assert(len == sizeof(struct virtio_net_hdr_mrg_rxbuf) ||
255            len == sizeof(struct virtio_net_hdr));
256 
257     tap_fd_set_vnet_hdr_len(s->fd, len);
258     s->host_vnet_hdr_len = len;
259 }
260 
261 static void tap_using_vnet_hdr(NetClientState *nc, bool using_vnet_hdr)
262 {
263     TAPState *s = DO_UPCAST(TAPState, nc, nc);
264 
265     assert(nc->info->type == NET_CLIENT_DRIVER_TAP);
266     assert(!!s->host_vnet_hdr_len == using_vnet_hdr);
267 
268     s->using_vnet_hdr = using_vnet_hdr;
269 }
270 
271 static int tap_set_vnet_le(NetClientState *nc, bool is_le)
272 {
273     TAPState *s = DO_UPCAST(TAPState, nc, nc);
274 
275     return tap_fd_set_vnet_le(s->fd, is_le);
276 }
277 
278 static int tap_set_vnet_be(NetClientState *nc, bool is_be)
279 {
280     TAPState *s = DO_UPCAST(TAPState, nc, nc);
281 
282     return tap_fd_set_vnet_be(s->fd, is_be);
283 }
284 
285 static void tap_set_offload(NetClientState *nc, int csum, int tso4,
286                      int tso6, int ecn, int ufo)
287 {
288     TAPState *s = DO_UPCAST(TAPState, nc, nc);
289     if (s->fd < 0) {
290         return;
291     }
292 
293     tap_fd_set_offload(s->fd, csum, tso4, tso6, ecn, ufo);
294 }
295 
296 static void tap_exit_notify(Notifier *notifier, void *data)
297 {
298     TAPState *s = container_of(notifier, TAPState, exit);
299     Error *err = NULL;
300 
301     if (s->down_script[0]) {
302         launch_script(s->down_script, s->down_script_arg, s->fd, &err);
303         if (err) {
304             error_report_err(err);
305         }
306     }
307 }
308 
309 static void tap_cleanup(NetClientState *nc)
310 {
311     TAPState *s = DO_UPCAST(TAPState, nc, nc);
312 
313     if (s->vhost_net) {
314         vhost_net_cleanup(s->vhost_net);
315         g_free(s->vhost_net);
316         s->vhost_net = NULL;
317     }
318 
319     qemu_purge_queued_packets(nc);
320 
321     tap_exit_notify(&s->exit, NULL);
322     qemu_remove_exit_notifier(&s->exit);
323 
324     tap_read_poll(s, false);
325     tap_write_poll(s, false);
326     close(s->fd);
327     s->fd = -1;
328 }
329 
330 static void tap_poll(NetClientState *nc, bool enable)
331 {
332     TAPState *s = DO_UPCAST(TAPState, nc, nc);
333     tap_read_poll(s, enable);
334     tap_write_poll(s, enable);
335 }
336 
337 int tap_get_fd(NetClientState *nc)
338 {
339     TAPState *s = DO_UPCAST(TAPState, nc, nc);
340     assert(nc->info->type == NET_CLIENT_DRIVER_TAP);
341     return s->fd;
342 }
343 
344 /* fd support */
345 
346 static NetClientInfo net_tap_info = {
347     .type = NET_CLIENT_DRIVER_TAP,
348     .size = sizeof(TAPState),
349     .receive = tap_receive,
350     .receive_raw = tap_receive_raw,
351     .receive_iov = tap_receive_iov,
352     .poll = tap_poll,
353     .cleanup = tap_cleanup,
354     .has_ufo = tap_has_ufo,
355     .has_vnet_hdr = tap_has_vnet_hdr,
356     .has_vnet_hdr_len = tap_has_vnet_hdr_len,
357     .using_vnet_hdr = tap_using_vnet_hdr,
358     .set_offload = tap_set_offload,
359     .set_vnet_hdr_len = tap_set_vnet_hdr_len,
360     .set_vnet_le = tap_set_vnet_le,
361     .set_vnet_be = tap_set_vnet_be,
362 };
363 
364 static TAPState *net_tap_fd_init(NetClientState *peer,
365                                  const char *model,
366                                  const char *name,
367                                  int fd,
368                                  int vnet_hdr)
369 {
370     NetClientState *nc;
371     TAPState *s;
372 
373     nc = qemu_new_net_client(&net_tap_info, peer, model, name);
374 
375     s = DO_UPCAST(TAPState, nc, nc);
376 
377     s->fd = fd;
378     s->host_vnet_hdr_len = vnet_hdr ? sizeof(struct virtio_net_hdr) : 0;
379     s->using_vnet_hdr = false;
380     s->has_ufo = tap_probe_has_ufo(s->fd);
381     s->enabled = true;
382     tap_set_offload(&s->nc, 0, 0, 0, 0, 0);
383     /*
384      * Make sure host header length is set correctly in tap:
385      * it might have been modified by another instance of qemu.
386      */
387     if (tap_probe_vnet_hdr_len(s->fd, s->host_vnet_hdr_len)) {
388         tap_fd_set_vnet_hdr_len(s->fd, s->host_vnet_hdr_len);
389     }
390     tap_read_poll(s, true);
391     s->vhost_net = NULL;
392 
393     s->exit.notify = tap_exit_notify;
394     qemu_add_exit_notifier(&s->exit);
395 
396     return s;
397 }
398 
399 static void launch_script(const char *setup_script, const char *ifname,
400                           int fd, Error **errp)
401 {
402     int pid, status;
403     char *args[3];
404     char **parg;
405 
406     /* try to launch network script */
407     pid = fork();
408     if (pid < 0) {
409         error_setg_errno(errp, errno, "could not launch network script %s",
410                          setup_script);
411         return;
412     }
413     if (pid == 0) {
414         int open_max = sysconf(_SC_OPEN_MAX), i;
415 
416         for (i = 3; i < open_max; i++) {
417             if (i != fd) {
418                 close(i);
419             }
420         }
421         parg = args;
422         *parg++ = (char *)setup_script;
423         *parg++ = (char *)ifname;
424         *parg = NULL;
425         execv(setup_script, args);
426         _exit(1);
427     } else {
428         while (waitpid(pid, &status, 0) != pid) {
429             /* loop */
430         }
431 
432         if (WIFEXITED(status) && WEXITSTATUS(status) == 0) {
433             return;
434         }
435         error_setg(errp, "network script %s failed with status %d",
436                    setup_script, status);
437     }
438 }
439 
440 static int recv_fd(int c)
441 {
442     int fd;
443     uint8_t msgbuf[CMSG_SPACE(sizeof(fd))];
444     struct msghdr msg = {
445         .msg_control = msgbuf,
446         .msg_controllen = sizeof(msgbuf),
447     };
448     struct cmsghdr *cmsg;
449     struct iovec iov;
450     uint8_t req[1];
451     ssize_t len;
452 
453     cmsg = CMSG_FIRSTHDR(&msg);
454     cmsg->cmsg_level = SOL_SOCKET;
455     cmsg->cmsg_type = SCM_RIGHTS;
456     cmsg->cmsg_len = CMSG_LEN(sizeof(fd));
457     msg.msg_controllen = cmsg->cmsg_len;
458 
459     iov.iov_base = req;
460     iov.iov_len = sizeof(req);
461 
462     msg.msg_iov = &iov;
463     msg.msg_iovlen = 1;
464 
465     len = recvmsg(c, &msg, 0);
466     if (len > 0) {
467         memcpy(&fd, CMSG_DATA(cmsg), sizeof(fd));
468         return fd;
469     }
470 
471     return len;
472 }
473 
474 static int net_bridge_run_helper(const char *helper, const char *bridge,
475                                  Error **errp)
476 {
477     sigset_t oldmask, mask;
478     int pid, status;
479     char *args[5];
480     char **parg;
481     int sv[2];
482 
483     sigemptyset(&mask);
484     sigaddset(&mask, SIGCHLD);
485     sigprocmask(SIG_BLOCK, &mask, &oldmask);
486 
487     if (socketpair(PF_UNIX, SOCK_STREAM, 0, sv) == -1) {
488         error_setg_errno(errp, errno, "socketpair() failed");
489         return -1;
490     }
491 
492     /* try to launch bridge helper */
493     pid = fork();
494     if (pid < 0) {
495         error_setg_errno(errp, errno, "Can't fork bridge helper");
496         return -1;
497     }
498     if (pid == 0) {
499         int open_max = sysconf(_SC_OPEN_MAX), i;
500         char fd_buf[6+10];
501         char br_buf[6+IFNAMSIZ] = {0};
502         char helper_cmd[PATH_MAX + sizeof(fd_buf) + sizeof(br_buf) + 15];
503 
504         for (i = 3; i < open_max; i++) {
505             if (i != sv[1]) {
506                 close(i);
507             }
508         }
509 
510         snprintf(fd_buf, sizeof(fd_buf), "%s%d", "--fd=", sv[1]);
511 
512         if (strrchr(helper, ' ') || strrchr(helper, '\t')) {
513             /* assume helper is a command */
514 
515             if (strstr(helper, "--br=") == NULL) {
516                 snprintf(br_buf, sizeof(br_buf), "%s%s", "--br=", bridge);
517             }
518 
519             snprintf(helper_cmd, sizeof(helper_cmd), "%s %s %s %s",
520                      helper, "--use-vnet", fd_buf, br_buf);
521 
522             parg = args;
523             *parg++ = (char *)"sh";
524             *parg++ = (char *)"-c";
525             *parg++ = helper_cmd;
526             *parg++ = NULL;
527 
528             execv("/bin/sh", args);
529         } else {
530             /* assume helper is just the executable path name */
531 
532             snprintf(br_buf, sizeof(br_buf), "%s%s", "--br=", bridge);
533 
534             parg = args;
535             *parg++ = (char *)helper;
536             *parg++ = (char *)"--use-vnet";
537             *parg++ = fd_buf;
538             *parg++ = br_buf;
539             *parg++ = NULL;
540 
541             execv(helper, args);
542         }
543         _exit(1);
544 
545     } else {
546         int fd;
547         int saved_errno;
548 
549         close(sv[1]);
550 
551         do {
552             fd = recv_fd(sv[0]);
553         } while (fd == -1 && errno == EINTR);
554         saved_errno = errno;
555 
556         close(sv[0]);
557 
558         while (waitpid(pid, &status, 0) != pid) {
559             /* loop */
560         }
561         sigprocmask(SIG_SETMASK, &oldmask, NULL);
562         if (fd < 0) {
563             error_setg_errno(errp, saved_errno,
564                              "failed to recv file descriptor");
565             return -1;
566         }
567         if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) {
568             error_setg(errp, "bridge helper failed");
569             return -1;
570         }
571         return fd;
572     }
573 }
574 
575 int net_init_bridge(const Netdev *netdev, const char *name,
576                     NetClientState *peer, Error **errp)
577 {
578     const NetdevBridgeOptions *bridge;
579     const char *helper, *br;
580     TAPState *s;
581     int fd, vnet_hdr;
582 
583     assert(netdev->type == NET_CLIENT_DRIVER_BRIDGE);
584     bridge = &netdev->u.bridge;
585 
586     helper = bridge->has_helper ? bridge->helper : DEFAULT_BRIDGE_HELPER;
587     br     = bridge->has_br     ? bridge->br     : DEFAULT_BRIDGE_INTERFACE;
588 
589     fd = net_bridge_run_helper(helper, br, errp);
590     if (fd == -1) {
591         return -1;
592     }
593 
594     fcntl(fd, F_SETFL, O_NONBLOCK);
595     vnet_hdr = tap_probe_vnet_hdr(fd);
596     s = net_tap_fd_init(peer, "bridge", name, fd, vnet_hdr);
597 
598     snprintf(s->nc.info_str, sizeof(s->nc.info_str), "helper=%s,br=%s", helper,
599              br);
600 
601     return 0;
602 }
603 
604 static int net_tap_init(const NetdevTapOptions *tap, int *vnet_hdr,
605                         const char *setup_script, char *ifname,
606                         size_t ifname_sz, int mq_required, Error **errp)
607 {
608     Error *err = NULL;
609     int fd, vnet_hdr_required;
610 
611     if (tap->has_vnet_hdr) {
612         *vnet_hdr = tap->vnet_hdr;
613         vnet_hdr_required = *vnet_hdr;
614     } else {
615         *vnet_hdr = 1;
616         vnet_hdr_required = 0;
617     }
618 
619     TFR(fd = tap_open(ifname, ifname_sz, vnet_hdr, vnet_hdr_required,
620                       mq_required, errp));
621     if (fd < 0) {
622         return -1;
623     }
624 
625     if (setup_script &&
626         setup_script[0] != '\0' &&
627         strcmp(setup_script, "no") != 0) {
628         launch_script(setup_script, ifname, fd, &err);
629         if (err) {
630             error_propagate(errp, err);
631             close(fd);
632             return -1;
633         }
634     }
635 
636     return fd;
637 }
638 
639 #define MAX_TAP_QUEUES 1024
640 
641 static void net_init_tap_one(const NetdevTapOptions *tap, NetClientState *peer,
642                              const char *model, const char *name,
643                              const char *ifname, const char *script,
644                              const char *downscript, const char *vhostfdname,
645                              int vnet_hdr, int fd, Error **errp)
646 {
647     Error *err = NULL;
648     TAPState *s = net_tap_fd_init(peer, model, name, fd, vnet_hdr);
649     int vhostfd;
650 
651     tap_set_sndbuf(s->fd, tap, &err);
652     if (err) {
653         error_propagate(errp, err);
654         return;
655     }
656 
657     if (tap->has_fd || tap->has_fds) {
658         snprintf(s->nc.info_str, sizeof(s->nc.info_str), "fd=%d", fd);
659     } else if (tap->has_helper) {
660         snprintf(s->nc.info_str, sizeof(s->nc.info_str), "helper=%s",
661                  tap->helper);
662     } else {
663         snprintf(s->nc.info_str, sizeof(s->nc.info_str),
664                  "ifname=%s,script=%s,downscript=%s", ifname, script,
665                  downscript);
666 
667         if (strcmp(downscript, "no") != 0) {
668             snprintf(s->down_script, sizeof(s->down_script), "%s", downscript);
669             snprintf(s->down_script_arg, sizeof(s->down_script_arg),
670                      "%s", ifname);
671         }
672     }
673 
674     if (tap->has_vhost ? tap->vhost :
675         vhostfdname || (tap->has_vhostforce && tap->vhostforce)) {
676         VhostNetOptions options;
677 
678         options.backend_type = VHOST_BACKEND_TYPE_KERNEL;
679         options.net_backend = &s->nc;
680         if (tap->has_poll_us) {
681             options.busyloop_timeout = tap->poll_us;
682         } else {
683             options.busyloop_timeout = 0;
684         }
685 
686         if (vhostfdname) {
687             vhostfd = monitor_fd_param(cur_mon, vhostfdname, &err);
688             if (vhostfd == -1) {
689                 if (tap->has_vhostforce && tap->vhostforce) {
690                     error_propagate(errp, err);
691                 } else {
692                     warn_report_err(err);
693                 }
694                 return;
695             }
696         } else {
697             vhostfd = open("/dev/vhost-net", O_RDWR);
698             if (vhostfd < 0) {
699                 if (tap->has_vhostforce && tap->vhostforce) {
700                     error_setg_errno(errp, errno,
701                                      "tap: open vhost char device failed");
702                 } else {
703                     warn_report("tap: open vhost char device failed: %s",
704                                 strerror(errno));
705                 }
706                 return;
707             }
708             fcntl(vhostfd, F_SETFL, O_NONBLOCK);
709         }
710         options.opaque = (void *)(uintptr_t)vhostfd;
711 
712         s->vhost_net = vhost_net_init(&options);
713         if (!s->vhost_net) {
714             if (tap->has_vhostforce && tap->vhostforce) {
715                 error_setg(errp, VHOST_NET_INIT_FAILED);
716             } else {
717                 warn_report(VHOST_NET_INIT_FAILED);
718             }
719             return;
720         }
721     } else if (vhostfdname) {
722         error_setg(errp, "vhostfd(s)= is not valid without vhost");
723     }
724 }
725 
726 static int get_fds(char *str, char *fds[], int max)
727 {
728     char *ptr = str, *this;
729     size_t len = strlen(str);
730     int i = 0;
731 
732     while (i < max && ptr < str + len) {
733         this = strchr(ptr, ':');
734 
735         if (this == NULL) {
736             fds[i] = g_strdup(ptr);
737         } else {
738             fds[i] = g_strndup(ptr, this - ptr);
739         }
740 
741         i++;
742         if (this == NULL) {
743             break;
744         } else {
745             ptr = this + 1;
746         }
747     }
748 
749     return i;
750 }
751 
752 int net_init_tap(const Netdev *netdev, const char *name,
753                  NetClientState *peer, Error **errp)
754 {
755     const NetdevTapOptions *tap;
756     int fd, vnet_hdr = 0, i = 0, queues;
757     /* for the no-fd, no-helper case */
758     const char *script = NULL; /* suppress wrong "uninit'd use" gcc warning */
759     const char *downscript = NULL;
760     Error *err = NULL;
761     const char *vhostfdname;
762     char ifname[128];
763 
764     assert(netdev->type == NET_CLIENT_DRIVER_TAP);
765     tap = &netdev->u.tap;
766     queues = tap->has_queues ? tap->queues : 1;
767     vhostfdname = tap->has_vhostfd ? tap->vhostfd : NULL;
768 
769     /* QEMU hubs do not support multiqueue tap, in this case peer is set.
770      * For -netdev, peer is always NULL. */
771     if (peer && (tap->has_queues || tap->has_fds || tap->has_vhostfds)) {
772         error_setg(errp, "Multiqueue tap cannot be used with hubs");
773         return -1;
774     }
775 
776     if (tap->has_fd) {
777         if (tap->has_ifname || tap->has_script || tap->has_downscript ||
778             tap->has_vnet_hdr || tap->has_helper || tap->has_queues ||
779             tap->has_fds || tap->has_vhostfds) {
780             error_setg(errp, "ifname=, script=, downscript=, vnet_hdr=, "
781                        "helper=, queues=, fds=, and vhostfds= "
782                        "are invalid with fd=");
783             return -1;
784         }
785 
786         fd = monitor_fd_param(cur_mon, tap->fd, &err);
787         if (fd == -1) {
788             error_propagate(errp, err);
789             return -1;
790         }
791 
792         fcntl(fd, F_SETFL, O_NONBLOCK);
793 
794         vnet_hdr = tap_probe_vnet_hdr(fd);
795 
796         net_init_tap_one(tap, peer, "tap", name, NULL,
797                          script, downscript,
798                          vhostfdname, vnet_hdr, fd, &err);
799         if (err) {
800             error_propagate(errp, err);
801             return -1;
802         }
803     } else if (tap->has_fds) {
804         char **fds;
805         char **vhost_fds;
806         int nfds, nvhosts;
807 
808         if (tap->has_ifname || tap->has_script || tap->has_downscript ||
809             tap->has_vnet_hdr || tap->has_helper || tap->has_queues ||
810             tap->has_vhostfd) {
811             error_setg(errp, "ifname=, script=, downscript=, vnet_hdr=, "
812                        "helper=, queues=, and vhostfd= "
813                        "are invalid with fds=");
814             return -1;
815         }
816 
817         fds = g_new0(char *, MAX_TAP_QUEUES);
818         vhost_fds = g_new0(char *, MAX_TAP_QUEUES);
819 
820         nfds = get_fds(tap->fds, fds, MAX_TAP_QUEUES);
821         if (tap->has_vhostfds) {
822             nvhosts = get_fds(tap->vhostfds, vhost_fds, MAX_TAP_QUEUES);
823             if (nfds != nvhosts) {
824                 error_setg(errp, "The number of fds passed does not match "
825                            "the number of vhostfds passed");
826                 goto free_fail;
827             }
828         }
829 
830         for (i = 0; i < nfds; i++) {
831             fd = monitor_fd_param(cur_mon, fds[i], &err);
832             if (fd == -1) {
833                 error_propagate(errp, err);
834                 goto free_fail;
835             }
836 
837             fcntl(fd, F_SETFL, O_NONBLOCK);
838 
839             if (i == 0) {
840                 vnet_hdr = tap_probe_vnet_hdr(fd);
841             } else if (vnet_hdr != tap_probe_vnet_hdr(fd)) {
842                 error_setg(errp,
843                            "vnet_hdr not consistent across given tap fds");
844                 goto free_fail;
845             }
846 
847             net_init_tap_one(tap, peer, "tap", name, ifname,
848                              script, downscript,
849                              tap->has_vhostfds ? vhost_fds[i] : NULL,
850                              vnet_hdr, fd, &err);
851             if (err) {
852                 error_propagate(errp, err);
853                 goto free_fail;
854             }
855         }
856         g_free(fds);
857         g_free(vhost_fds);
858         return 0;
859 
860 free_fail:
861         for (i = 0; i < nfds; i++) {
862             g_free(fds[i]);
863             g_free(vhost_fds[i]);
864         }
865         g_free(fds);
866         g_free(vhost_fds);
867         return -1;
868     } else if (tap->has_helper) {
869         if (tap->has_ifname || tap->has_script || tap->has_downscript ||
870             tap->has_vnet_hdr || tap->has_queues || tap->has_vhostfds) {
871             error_setg(errp, "ifname=, script=, downscript=, vnet_hdr=, "
872                        "queues=, and vhostfds= are invalid with helper=");
873             return -1;
874         }
875 
876         fd = net_bridge_run_helper(tap->helper,
877                                    tap->has_br ?
878                                    tap->br : DEFAULT_BRIDGE_INTERFACE,
879                                    errp);
880         if (fd == -1) {
881             return -1;
882         }
883 
884         fcntl(fd, F_SETFL, O_NONBLOCK);
885         vnet_hdr = tap_probe_vnet_hdr(fd);
886 
887         net_init_tap_one(tap, peer, "bridge", name, ifname,
888                          script, downscript, vhostfdname,
889                          vnet_hdr, fd, &err);
890         if (err) {
891             error_propagate(errp, err);
892             close(fd);
893             return -1;
894         }
895     } else {
896         if (tap->has_vhostfds) {
897             error_setg(errp, "vhostfds= is invalid if fds= wasn't specified");
898             return -1;
899         }
900         script = tap->has_script ? tap->script : DEFAULT_NETWORK_SCRIPT;
901         downscript = tap->has_downscript ? tap->downscript :
902             DEFAULT_NETWORK_DOWN_SCRIPT;
903 
904         if (tap->has_ifname) {
905             pstrcpy(ifname, sizeof ifname, tap->ifname);
906         } else {
907             ifname[0] = '\0';
908         }
909 
910         for (i = 0; i < queues; i++) {
911             fd = net_tap_init(tap, &vnet_hdr, i >= 1 ? "no" : script,
912                               ifname, sizeof ifname, queues > 1, errp);
913             if (fd == -1) {
914                 return -1;
915             }
916 
917             if (queues > 1 && i == 0 && !tap->has_ifname) {
918                 if (tap_fd_get_ifname(fd, ifname)) {
919                     error_setg(errp, "Fail to get ifname");
920                     close(fd);
921                     return -1;
922                 }
923             }
924 
925             net_init_tap_one(tap, peer, "tap", name, ifname,
926                              i >= 1 ? "no" : script,
927                              i >= 1 ? "no" : downscript,
928                              vhostfdname, vnet_hdr, fd, &err);
929             if (err) {
930                 error_propagate(errp, err);
931                 close(fd);
932                 return -1;
933             }
934         }
935     }
936 
937     return 0;
938 }
939 
940 VHostNetState *tap_get_vhost_net(NetClientState *nc)
941 {
942     TAPState *s = DO_UPCAST(TAPState, nc, nc);
943     assert(nc->info->type == NET_CLIENT_DRIVER_TAP);
944     return s->vhost_net;
945 }
946 
947 int tap_enable(NetClientState *nc)
948 {
949     TAPState *s = DO_UPCAST(TAPState, nc, nc);
950     int ret;
951 
952     if (s->enabled) {
953         return 0;
954     } else {
955         ret = tap_fd_enable(s->fd);
956         if (ret == 0) {
957             s->enabled = true;
958             tap_update_fd_handler(s);
959         }
960         return ret;
961     }
962 }
963 
964 int tap_disable(NetClientState *nc)
965 {
966     TAPState *s = DO_UPCAST(TAPState, nc, nc);
967     int ret;
968 
969     if (s->enabled == 0) {
970         return 0;
971     } else {
972         ret = tap_fd_disable(s->fd);
973         if (ret == 0) {
974             qemu_purge_queued_packets(nc);
975             s->enabled = false;
976             tap_update_fd_handler(s);
977         }
978         return ret;
979     }
980 }
981