• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * QEMU System Emulator
3  *
4  * Copyright (c) 2003-2008 Fabrice Bellard
5  *
6  * Permission is hereby granted, free of charge, to any person obtaining a copy
7  * of this software and associated documentation files (the "Software"), to deal
8  * in the Software without restriction, including without limitation the rights
9  * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10  * copies of the Software, and to permit persons to whom the Software is
11  * furnished to do so, subject to the following conditions:
12  *
13  * The above copyright notice and this permission notice shall be included in
14  * all copies or substantial portions of the Software.
15  *
16  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19  * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
22  * THE SOFTWARE.
23  */
24 #include <unistd.h>
25 #include <fcntl.h>
26 #include <signal.h>
27 #include <time.h>
28 #include <errno.h>
29 #include <sys/time.h>
30 #include <zlib.h>
31 
32 #include "tcpdump.h"
33 
34 /* Needed early for HOST_BSD etc. */
35 #include "config-host.h"
36 
37 #ifndef _WIN32
38 #include <sys/times.h>
39 #include <sys/wait.h>
40 #include <termios.h>
41 #include <sys/mman.h>
42 #include <sys/ioctl.h>
43 #include <sys/resource.h>
44 #include <sys/socket.h>
45 #include <netinet/in.h>
46 #include <net/if.h>
47 #ifdef __NetBSD__
48 #include <net/if_tap.h>
49 #endif
50 #ifdef __linux__
51 #include <linux/if_tun.h>
52 #endif
53 #include <arpa/inet.h>
54 #include <dirent.h>
55 #include <netdb.h>
56 #include <sys/select.h>
57 #ifdef CONFIG_BSD
58 #include <sys/stat.h>
59 #if defined(__FreeBSD__) || defined(__DragonFly__)
60 #include <libutil.h>
61 #else
62 #include <util.h>
63 #endif
64 #elif defined (__GLIBC__) && defined (__FreeBSD_kernel__)
65 #include <freebsd/stdlib.h>
66 #else
67 #ifdef __linux__
68 #include <pty.h>
69 #include <malloc.h>
70 #include <linux/rtc.h>
71 
72 /* For the benefit of older linux systems which don't supply it,
73    we use a local copy of hpet.h. */
74 /* #include <linux/hpet.h> */
75 #include "hpet.h"
76 
77 #include <linux/ppdev.h>
78 #include <linux/parport.h>
79 #endif
80 #ifdef __sun__
81 #include <sys/stat.h>
82 #include <sys/ethernet.h>
83 #include <sys/sockio.h>
84 #include <netinet/arp.h>
85 #include <netinet/in.h>
86 #include <netinet/in_systm.h>
87 #include <netinet/ip.h>
88 #include <netinet/ip_icmp.h> // must come after ip.h
89 #include <netinet/udp.h>
90 #include <netinet/tcp.h>
91 #include <net/if.h>
92 #include <syslog.h>
93 #include <stropts.h>
94 #endif
95 #endif
96 #endif
97 
98 #if defined(__OpenBSD__)
99 #include <util.h>
100 #endif
101 
102 #if defined(CONFIG_VDE)
103 #include <libvdeplug.h>
104 #endif
105 
106 #ifdef _WIN32
107 #include <windows.h>
108 #include <malloc.h>
109 #include <sys/timeb.h>
110 #include <mmsystem.h>
111 #define getopt_long_only getopt_long
112 #define memalign(align, size) malloc(size)
113 #endif
114 
115 #include "qemu-common.h"
116 #include "net.h"
117 #include "monitor.h"
118 #include "sysemu.h"
119 #include "qemu-timer.h"
120 #include "qemu-char.h"
121 #include "audio/audio.h"
122 #include "qemu_socket.h"
123 #include "qemu-log.h"
124 
125 #if defined(CONFIG_SLIRP)
126 #include "libslirp.h"
127 #endif
128 
129 #if defined(CONFIG_ANDROID)
130 #include "shaper.h"
131 #endif
132 
133 #include "android/android.h"
134 #include "telephony/modem_driver.h"
135 
136 static VLANState *first_vlan;
137 
138 /* see http://en.wikipedia.org/wiki/List_of_device_bandwidths or a complete list */
139 const NetworkSpeed  android_netspeeds[] = {
140     { "gsm", "GSM/CSD", 14400, 14400 },
141     { "hscsd", "HSCSD", 14400, 43200 },
142     { "gprs", "GPRS", 40000, 80000 },
143     { "edge", "EDGE/EGPRS", 118400, 236800 },
144     { "umts", "UMTS/3G", 128000, 1920000 },
145     { "hsdpa", "HSDPA", 348000, 14400000 },
146     { "full", "no limit", 0, 0 },
147     { NULL, NULL, 0, 0 }
148 };
149 const size_t android_netspeeds_count =
150     sizeof(android_netspeeds) / sizeof(android_netspeeds[0]);
151 
152 const NetworkLatency  android_netdelays[] = {
153     /* FIXME: these numbers are totally imaginary */
154     { "gprs", "GPRS", 150, 550 },
155     { "edge", "EDGE/EGPRS", 80, 400 },
156     { "umts", "UMTS/3G", 35, 200 },
157     { "none", "no latency", 0, 0 },
158     { NULL, NULL, 0, 0 }
159 };
160 const size_t android_netdelays_count =
161     sizeof(android_netdelays) / sizeof(android_netdelays[0]);
162 
163 /***********************************************************/
164 /* network device redirectors */
165 
166 #if defined(DEBUG_NET) || defined(DEBUG_SLIRP)
hex_dump(FILE * f,const uint8_t * buf,int size)167 static void hex_dump(FILE *f, const uint8_t *buf, int size)
168 {
169     int len, i, j, c;
170 
171     for(i=0;i<size;i+=16) {
172         len = size - i;
173         if (len > 16)
174             len = 16;
175         fprintf(f, "%08x ", i);
176         for(j=0;j<16;j++) {
177             if (j < len)
178                 fprintf(f, " %02x", buf[i+j]);
179             else
180                 fprintf(f, "   ");
181         }
182         fprintf(f, " ");
183         for(j=0;j<len;j++) {
184             c = buf[i+j];
185             if (c < ' ' || c > '~')
186                 c = '.';
187             fprintf(f, "%c", c);
188         }
189         fprintf(f, "\n");
190     }
191 }
192 #endif
193 
parse_macaddr(uint8_t * macaddr,const char * p)194 static int parse_macaddr(uint8_t *macaddr, const char *p)
195 {
196     int i;
197     char *last_char;
198     long int offset;
199 
200     errno = 0;
201     offset = strtol(p, &last_char, 0);
202     if (0 == errno && '\0' == *last_char &&
203             offset >= 0 && offset <= 0xFFFFFF) {
204         macaddr[3] = (offset & 0xFF0000) >> 16;
205         macaddr[4] = (offset & 0xFF00) >> 8;
206         macaddr[5] = offset & 0xFF;
207         return 0;
208     } else {
209         for(i = 0; i < 6; i++) {
210             macaddr[i] = strtol(p, (char **)&p, 16);
211             if (i == 5) {
212                 if (*p != '\0')
213                     return -1;
214             } else {
215                 if (*p != ':' && *p != '-')
216                     return -1;
217                 p++;
218             }
219         }
220         return 0;
221     }
222 
223     return -1;
224 }
225 
get_str_sep(char * buf,int buf_size,const char ** pp,int sep)226 static int get_str_sep(char *buf, int buf_size, const char **pp, int sep)
227 {
228     const char *p, *p1;
229     int len;
230     p = *pp;
231     p1 = strchr(p, sep);
232     if (!p1)
233         return -1;
234     len = p1 - p;
235     p1++;
236     if (buf_size > 0) {
237         if (len > buf_size - 1)
238             len = buf_size - 1;
239         memcpy(buf, p, len);
240         buf[len] = '\0';
241     }
242     *pp = p1;
243     return 0;
244 }
245 
parse_host_src_port(SockAddress * haddr,SockAddress * saddr,const char * input_str)246 int parse_host_src_port(SockAddress *haddr,
247                         SockAddress *saddr,
248                         const char *input_str)
249 {
250     char *str = strdup(input_str);
251     char *host_str = str;
252     char *src_str;
253     const char *src_str2;
254     char *ptr;
255 
256     /*
257      * Chop off any extra arguments at the end of the string which
258      * would start with a comma, then fill in the src port information
259      * if it was provided else use the "any address" and "any port".
260      */
261     if ((ptr = strchr(str,',')))
262         *ptr = '\0';
263 
264     if ((src_str = strchr(input_str,'@'))) {
265         *src_str = '\0';
266         src_str++;
267     }
268 
269     if (parse_host_port(haddr, host_str) < 0)
270         goto fail;
271 
272     src_str2 = src_str;
273     if (!src_str || *src_str == '\0')
274         src_str2 = ":0";
275 
276     if (parse_host_port(saddr, src_str2) < 0)
277         goto fail;
278 
279     free(str);
280     return(0);
281 
282 fail:
283     free(str);
284     return -1;
285 }
286 
parse_host_port(SockAddress * saddr,const char * str)287 int parse_host_port(SockAddress *saddr, const char *str)
288 {
289     char buf[512];
290     const char *p, *r;
291     uint32_t ip;
292     int port;
293 
294     p = str;
295     if (get_str_sep(buf, sizeof(buf), &p, ':') < 0)
296         return -1;
297 
298     if (buf[0] == '\0') {
299         ip = 0;
300     } else {
301         if (qemu_isdigit(buf[0])) {
302             if (inet_strtoip(buf, &ip) < 0)
303                 return -1;
304         } else {
305             if (sock_address_init_resolve(saddr, buf, 0, 0) < 0)
306                 return - 1;
307             ip = sock_address_get_ip(saddr);
308         }
309     }
310     port = strtol(p, (char **)&r, 0);
311     if (r == p)
312         return -1;
313     sock_address_init_inet(saddr, ip, port);
314     return 0;
315 }
316 
317 #if !defined(_WIN32) && 0
parse_unix_path(struct sockaddr_un * uaddr,const char * str)318 static int parse_unix_path(struct sockaddr_un *uaddr, const char *str)
319 {
320     const char *p;
321     int len;
322 
323     len = MIN(108, strlen(str));
324     p = strchr(str, ',');
325     if (p)
326 	len = MIN(len, p - str);
327 
328     memset(uaddr, 0, sizeof(*uaddr));
329 
330     uaddr->sun_family = AF_UNIX;
331     memcpy(uaddr->sun_path, str, len);
332 
333     return 0;
334 }
335 #endif
336 
qemu_format_nic_info_str(VLANClientState * vc,uint8_t macaddr[6])337 void qemu_format_nic_info_str(VLANClientState *vc, uint8_t macaddr[6])
338 {
339     snprintf(vc->info_str, sizeof(vc->info_str),
340              "model=%s,macaddr=%02x:%02x:%02x:%02x:%02x:%02x",
341              vc->model,
342              macaddr[0], macaddr[1], macaddr[2],
343              macaddr[3], macaddr[4], macaddr[5]);
344 }
345 
assign_name(VLANClientState * vc1,const char * model)346 static char *assign_name(VLANClientState *vc1, const char *model)
347 {
348     VLANState *vlan;
349     char buf[256];
350     int id = 0;
351 
352     for (vlan = first_vlan; vlan; vlan = vlan->next) {
353         VLANClientState *vc;
354 
355         for (vc = vlan->first_client; vc; vc = vc->next)
356             if (vc != vc1 && strcmp(vc->model, model) == 0)
357                 id++;
358     }
359 
360     snprintf(buf, sizeof(buf), "%s.%d", model, id);
361 
362     return strdup(buf);
363 }
364 
qemu_new_vlan_client(VLANState * vlan,const char * model,const char * name,NetCanReceive * can_receive,NetReceive * receive,NetReceiveIOV * receive_iov,NetCleanup * cleanup,void * opaque)365 VLANClientState *qemu_new_vlan_client(VLANState *vlan,
366                                       const char *model,
367                                       const char *name,
368                                       NetCanReceive *can_receive,
369                                       NetReceive *receive,
370                                       NetReceiveIOV *receive_iov,
371                                       NetCleanup *cleanup,
372                                       void *opaque)
373 {
374     VLANClientState *vc, **pvc;
375     vc = qemu_mallocz(sizeof(VLANClientState));
376     vc->model = strdup(model);
377     if (name)
378         vc->name = strdup(name);
379     else
380         vc->name = assign_name(vc, model);
381     vc->can_receive = can_receive;
382     vc->receive = receive;
383     vc->receive_iov = receive_iov;
384     vc->cleanup = cleanup;
385     vc->opaque = opaque;
386     vc->vlan = vlan;
387 
388     vc->next = NULL;
389     pvc = &vlan->first_client;
390     while (*pvc != NULL)
391         pvc = &(*pvc)->next;
392     *pvc = vc;
393     return vc;
394 }
395 
qemu_del_vlan_client(VLANClientState * vc)396 void qemu_del_vlan_client(VLANClientState *vc)
397 {
398     VLANClientState **pvc = &vc->vlan->first_client;
399 
400     while (*pvc != NULL)
401         if (*pvc == vc) {
402             *pvc = vc->next;
403             if (vc->cleanup) {
404                 vc->cleanup(vc);
405             }
406             free(vc->name);
407             free(vc->model);
408             qemu_free(vc);
409             break;
410         } else
411             pvc = &(*pvc)->next;
412 }
413 
qemu_find_vlan_client(VLANState * vlan,void * opaque)414 VLANClientState *qemu_find_vlan_client(VLANState *vlan, void *opaque)
415 {
416     VLANClientState **pvc = &vlan->first_client;
417 
418     while (*pvc != NULL)
419         if ((*pvc)->opaque == opaque)
420             return *pvc;
421         else
422             pvc = &(*pvc)->next;
423 
424     return NULL;
425 }
426 
qemu_can_send_packet(VLANClientState * sender)427 int qemu_can_send_packet(VLANClientState *sender)
428 {
429     VLANState *vlan = sender->vlan;
430     VLANClientState *vc;
431 
432     for (vc = vlan->first_client; vc != NULL; vc = vc->next) {
433         if (vc == sender) {
434             continue;
435         }
436 
437         /* no can_receive() handler, they can always receive */
438         if (!vc->can_receive || vc->can_receive(vc)) {
439             return 1;
440         }
441     }
442     return 0;
443 }
444 
445 static int
qemu_deliver_packet(VLANClientState * sender,const uint8_t * buf,int size)446 qemu_deliver_packet(VLANClientState *sender, const uint8_t *buf, int size)
447 {
448     VLANClientState *vc;
449     int ret = -1;
450 
451     sender->vlan->delivering = 1;
452 
453     for (vc = sender->vlan->first_client; vc != NULL; vc = vc->next) {
454         ssize_t len;
455 
456         if (vc == sender) {
457             continue;
458         }
459 
460         if (vc->link_down) {
461             ret = size;
462             continue;
463         }
464 
465         len = vc->receive(vc, buf, size);
466 
467         ret = (ret >= 0) ? ret : len;
468     }
469 
470     sender->vlan->delivering = 0;
471 
472     return ret;
473 }
474 
qemu_flush_queued_packets(VLANClientState * vc)475 void qemu_flush_queued_packets(VLANClientState *vc)
476 {
477     VLANPacket *packet;
478 
479     while ((packet = vc->vlan->send_queue) != NULL) {
480         int ret;
481 
482         vc->vlan->send_queue = packet->next;
483 
484         ret = qemu_deliver_packet(packet->sender, packet->data, packet->size);
485         if (ret == 0 && packet->sent_cb != NULL) {
486             packet->next = vc->vlan->send_queue;
487             vc->vlan->send_queue = packet;
488             break;
489         }
490 
491         if (packet->sent_cb)
492             packet->sent_cb(packet->sender);
493 
494         qemu_free(packet);
495     }
496 }
497 
qemu_enqueue_packet(VLANClientState * sender,const uint8_t * buf,int size,NetPacketSent * sent_cb)498 static void qemu_enqueue_packet(VLANClientState *sender,
499                                 const uint8_t *buf, int size,
500                                 NetPacketSent *sent_cb)
501 {
502     VLANPacket *packet;
503 
504     packet = qemu_malloc(sizeof(VLANPacket) + size);
505     packet->next = sender->vlan->send_queue;
506     packet->sender = sender;
507     packet->size = size;
508     packet->sent_cb = sent_cb;
509     memcpy(packet->data, buf, size);
510     sender->vlan->send_queue = packet;
511 }
512 
qemu_send_packet_async(VLANClientState * sender,const uint8_t * buf,int size,NetPacketSent * sent_cb)513 ssize_t qemu_send_packet_async(VLANClientState *sender,
514                                const uint8_t *buf, int size,
515                                NetPacketSent *sent_cb)
516 {
517     int ret;
518 
519     if (sender->link_down) {
520         return size;
521     }
522 
523 #ifdef DEBUG_NET
524     printf("vlan %d send:\n", sender->vlan->id);
525     hex_dump(stdout, buf, size);
526 #endif
527 
528     if (sender->vlan->delivering) {
529         qemu_enqueue_packet(sender, buf, size, NULL);
530         return size;
531     }
532 
533     ret = qemu_deliver_packet(sender, buf, size);
534     if (ret == 0 && sent_cb != NULL) {
535         qemu_enqueue_packet(sender, buf, size, sent_cb);
536         return 0;
537     }
538 
539     qemu_flush_queued_packets(sender);
540 
541     return ret;
542 }
543 
qemu_send_packet(VLANClientState * vc,const uint8_t * buf,int size)544 void qemu_send_packet(VLANClientState *vc, const uint8_t *buf, int size)
545 {
546     qemu_send_packet_async(vc, buf, size, NULL);
547 }
548 
vc_sendv_compat(VLANClientState * vc,const struct iovec * iov,int iovcnt)549 static ssize_t vc_sendv_compat(VLANClientState *vc, const struct iovec *iov,
550                                int iovcnt)
551 {
552     uint8_t buffer[4096];
553     size_t offset = 0;
554     int i;
555 
556     for (i = 0; i < iovcnt; i++) {
557         size_t len;
558 
559         len = MIN(sizeof(buffer) - offset, iov[i].iov_len);
560         memcpy(buffer + offset, iov[i].iov_base, len);
561         offset += len;
562     }
563 
564     return vc->receive(vc, buffer, offset);
565 }
566 
calc_iov_length(const struct iovec * iov,int iovcnt)567 static ssize_t calc_iov_length(const struct iovec *iov, int iovcnt)
568 {
569     size_t offset = 0;
570     int i;
571 
572     for (i = 0; i < iovcnt; i++)
573         offset += iov[i].iov_len;
574     return offset;
575 }
576 
qemu_deliver_packet_iov(VLANClientState * sender,const struct iovec * iov,int iovcnt)577 static int qemu_deliver_packet_iov(VLANClientState *sender,
578                                    const struct iovec *iov, int iovcnt)
579 {
580     VLANClientState *vc;
581     int ret = -1;
582 
583     sender->vlan->delivering = 1;
584 
585     for (vc = sender->vlan->first_client; vc != NULL; vc = vc->next) {
586         ssize_t len;
587 
588         if (vc == sender) {
589             continue;
590         }
591 
592         if (vc->link_down) {
593             ret = calc_iov_length(iov, iovcnt);
594             continue;
595         }
596 
597         if (vc->receive_iov) {
598             len = vc->receive_iov(vc, iov, iovcnt);
599         } else {
600             len = vc_sendv_compat(vc, iov, iovcnt);
601         }
602 
603         ret = (ret >= 0) ? ret : len;
604     }
605 
606     sender->vlan->delivering = 0;
607 
608     return ret;
609 }
610 
qemu_enqueue_packet_iov(VLANClientState * sender,const struct iovec * iov,int iovcnt,NetPacketSent * sent_cb)611 static ssize_t qemu_enqueue_packet_iov(VLANClientState *sender,
612                                        const struct iovec *iov, int iovcnt,
613                                        NetPacketSent *sent_cb)
614 {
615     VLANPacket *packet;
616     size_t max_len = 0;
617     int i;
618 
619     max_len = calc_iov_length(iov, iovcnt);
620 
621     packet = qemu_malloc(sizeof(VLANPacket) + max_len);
622     packet->next = sender->vlan->send_queue;
623     packet->sender = sender;
624     packet->sent_cb = sent_cb;
625     packet->size = 0;
626 
627     for (i = 0; i < iovcnt; i++) {
628         size_t len = iov[i].iov_len;
629 
630         memcpy(packet->data + packet->size, iov[i].iov_base, len);
631         packet->size += len;
632     }
633 
634     sender->vlan->send_queue = packet;
635 
636     return packet->size;
637 }
638 
qemu_sendv_packet_async(VLANClientState * sender,const struct iovec * iov,int iovcnt,NetPacketSent * sent_cb)639 ssize_t qemu_sendv_packet_async(VLANClientState *sender,
640                                 const struct iovec *iov, int iovcnt,
641                                 NetPacketSent *sent_cb)
642 {
643     int ret;
644 
645     if (sender->link_down) {
646         return calc_iov_length(iov, iovcnt);
647     }
648 
649     if (sender->vlan->delivering) {
650         return qemu_enqueue_packet_iov(sender, iov, iovcnt, NULL);
651     }
652 
653     ret = qemu_deliver_packet_iov(sender, iov, iovcnt);
654     if (ret == 0 && sent_cb != NULL) {
655         qemu_enqueue_packet_iov(sender, iov, iovcnt, sent_cb);
656         return 0;
657     }
658 
659     qemu_flush_queued_packets(sender);
660 
661     return ret;
662 }
663 
664 ssize_t
qemu_sendv_packet(VLANClientState * vc,const struct iovec * iov,int iovcnt)665 qemu_sendv_packet(VLANClientState *vc, const struct iovec *iov, int iovcnt)
666 {
667     return qemu_sendv_packet_async(vc, iov, iovcnt, NULL);
668 }
669 
config_error(Monitor * mon,const char * fmt,...)670 static void config_error(Monitor *mon, const char *fmt, ...)
671 {
672     va_list ap;
673 
674     va_start(ap, fmt);
675     if (mon) {
676         monitor_vprintf(mon, fmt, ap);
677     } else {
678         fprintf(stderr, "qemu: ");
679         vfprintf(stderr, fmt, ap);
680         exit(1);
681     }
682     va_end(ap);
683 }
684 
685 #if defined(CONFIG_SLIRP)
686 
687 /* slirp network adapter */
688 
689 struct slirp_config_str {
690     struct slirp_config_str *next;
691     const char *str;
692 };
693 
694 static int slirp_inited;
695 static struct slirp_config_str *slirp_redirs;
696 #ifndef _WIN32
697 static const char *slirp_smb_export;
698 #endif
699 static VLANClientState *slirp_vc;
700 
701 #ifndef _WIN32
702 static void slirp_smb(const char *exported_dir);
703 #endif
704 static void slirp_redirection(Monitor *mon, const char *redir_str);
705 
706 double   qemu_net_upload_speed   = 0.;
707 double   qemu_net_download_speed = 0.;
708 int      qemu_net_min_latency = 0;
709 int      qemu_net_max_latency = 0;
710 int      qemu_net_disable = 0;
711 
712 int
ip_packet_is_internal(const uint8_t * data,size_t size)713 ip_packet_is_internal( const uint8_t*  data, size_t  size )
714 {
715     const uint8_t*  end = data + size;
716 
717     /* must have room for Mac + IP header */
718     if (data + 40 > end)
719         return 0;
720 
721     if (data[12] != 0x08 || data[13] != 0x00 )
722         return 0;
723 
724     /* must have valid IP header */
725     data += 14;
726     if ((data[0] >> 4) != 4 || (data[0] & 15) < 5)
727         return 0;
728 
729     /* internal if both source and dest addresses are in 10.x.x.x */
730     return ( data[12] == 10 && data[16] == 10);
731 }
732 
733 #ifdef CONFIG_ANDROID
734 
735 NetShaper  slirp_shaper_in;
736 NetShaper  slirp_shaper_out;
737 NetDelay   slirp_delay_in;
738 
739 static void
slirp_delay_in_cb(void * data,size_t size,void * opaque)740 slirp_delay_in_cb( void*   data,
741                    size_t  size,
742                    void*   opaque )
743 {
744     slirp_input( (const uint8_t*)data, (int)size );
745     opaque = opaque;
746 }
747 
748 static void
slirp_shaper_in_cb(void * data,size_t size,void * opaque)749 slirp_shaper_in_cb( void*   data,
750                     size_t  size,
751                     void*   opaque )
752 {
753     netdelay_send_aux( slirp_delay_in, data, size, opaque );
754 }
755 
756 static void
slirp_shaper_out_cb(void * data,size_t size,void * opaque)757 slirp_shaper_out_cb( void*   data,
758                      size_t  size,
759                      void*   opaque )
760 {
761     qemu_send_packet( slirp_vc, (const uint8_t*)data, (int)size );
762 }
763 
764 void
slirp_init_shapers(void)765 slirp_init_shapers( void )
766 {
767     slirp_delay_in   = netdelay_create( slirp_delay_in_cb );
768     slirp_shaper_in  = netshaper_create( 1, slirp_shaper_in_cb );
769     slirp_shaper_out = netshaper_create( 1, slirp_shaper_out_cb );
770 
771     netdelay_set_latency( slirp_delay_in, qemu_net_min_latency, qemu_net_max_latency );
772     netshaper_set_rate( slirp_shaper_out, qemu_net_download_speed );
773     netshaper_set_rate( slirp_shaper_in,  qemu_net_upload_speed  );
774 }
775 
776 #endif /* CONFIG_ANDROID */
777 
778 
slirp_can_output(void)779 int slirp_can_output(void)
780 {
781 #ifdef CONFIG_ANDROID
782     return !slirp_vc ||
783            ( netshaper_can_send(slirp_shaper_out) &&
784              qemu_can_send_packet(slirp_vc) );
785 #else
786     return !slirp_vc || qemu_can_send_packet(slirp_vc);
787 #endif
788 }
789 
slirp_output(const uint8_t * pkt,int pkt_len)790 void slirp_output(const uint8_t *pkt, int pkt_len)
791 {
792 #ifdef DEBUG_SLIRP
793     printf("slirp output:\n");
794     hex_dump(stdout, pkt, pkt_len);
795 #endif
796     if (qemu_tcpdump_active)
797         qemu_tcpdump_packet(pkt, pkt_len);
798 
799     if (!slirp_vc)
800         return;
801 
802 #ifdef CONFIG_ANDROID
803     netshaper_send(slirp_shaper_out, (void*)pkt, pkt_len);
804 #else
805     qemu_send_packet(slirp_vc, pkt, pkt_len);
806 #endif
807 }
808 
slirp_is_inited(void)809 int slirp_is_inited(void)
810 {
811     return slirp_inited;
812 }
813 
slirp_receive(VLANClientState * vc,const uint8_t * buf,size_t size)814 static ssize_t slirp_receive(VLANClientState *vc, const uint8_t *buf, size_t size)
815 {
816 #ifdef DEBUG_SLIRP
817     printf("slirp input:\n");
818     hex_dump(stdout, buf, size);
819 #endif
820     if (qemu_tcpdump_active)
821         qemu_tcpdump_packet(buf, size);
822 
823 #ifdef CONFIG_ANDROID
824     netshaper_send(slirp_shaper_in, (char*)buf, size);
825 #else
826     slirp_input(buf, size);
827 #endif
828     return size;
829 }
830 
831 static int slirp_in_use;
832 
net_slirp_cleanup(VLANClientState * vc)833 static void net_slirp_cleanup(VLANClientState *vc)
834 {
835     slirp_in_use = 0;
836 }
837 
net_slirp_init(VLANState * vlan,const char * model,const char * name,int restricted,const char * ip)838 static int net_slirp_init(VLANState *vlan, const char *model, const char *name,
839                           int restricted, const char *ip)
840 {
841     if (slirp_in_use) {
842         /* slirp only supports a single instance so far */
843         return -1;
844     }
845     if (!slirp_inited) {
846         slirp_inited = 1;
847         slirp_init(restricted, ip);
848 
849         while (slirp_redirs) {
850             struct slirp_config_str *config = slirp_redirs;
851 
852             slirp_redirection(NULL, config->str);
853             slirp_redirs = config->next;
854             qemu_free(config);
855         }
856 #ifndef _WIN32
857         if (slirp_smb_export) {
858             slirp_smb(slirp_smb_export);
859         }
860 #endif
861         slirp_init_shapers();
862     }
863 
864     slirp_vc = qemu_new_vlan_client(vlan, model, name, NULL, slirp_receive,
865                                     NULL, net_slirp_cleanup, NULL);
866     slirp_vc->info_str[0] = '\0';
867     slirp_in_use = 1;
868     return 0;
869 }
870 
net_slirp_redir_print(void * opaque,int is_udp,const SockAddress * laddr,const SockAddress * faddr)871 static void net_slirp_redir_print(void *opaque, int is_udp,
872                                   const SockAddress *laddr,
873                                   const SockAddress *faddr)
874 {
875     Monitor *mon = (Monitor *)opaque;
876     uint32_t h_addr;
877     uint32_t g_addr;
878     char buf[16];
879 
880     h_addr = sock_address_get_ip(faddr);
881     g_addr = sock_address_get_ip(laddr);
882 
883     monitor_printf(mon, "  %s |", is_udp ? "udp" : "tcp" );
884     snprintf(buf, 15, "%d.%d.%d.%d", (h_addr >> 24) & 0xff,
885                                      (h_addr >> 16) & 0xff,
886                                      (h_addr >> 8) & 0xff,
887                                      (h_addr) & 0xff);
888     monitor_printf(mon, " %15s |", buf);
889     monitor_printf(mon, " %5d |", sock_address_get_port(faddr));
890 
891     snprintf(buf, 15, "%d.%d.%d.%d", (g_addr >> 24) & 0xff,
892                                      (g_addr >> 16) & 0xff,
893                                      (g_addr >> 8) & 0xff,
894                                      (g_addr) & 0xff);
895     monitor_printf(mon, " %15s |", buf);
896     monitor_printf(mon, " %5d\n", sock_address_get_port(laddr));
897 
898 }
899 
net_slirp_redir_list(Monitor * mon)900 static void net_slirp_redir_list(Monitor *mon)
901 {
902     if (!mon)
903         return;
904 
905     monitor_printf(mon, " Prot |    Host Addr    | HPort |    Guest Addr   | GPort\n");
906     monitor_printf(mon, "      |                 |       |                 |      \n");
907     slirp_redir_loop(net_slirp_redir_print, mon);
908 }
909 
net_slirp_redir_rm(Monitor * mon,const char * port_str)910 static void net_slirp_redir_rm(Monitor *mon, const char *port_str)
911 {
912     int host_port;
913     char buf[256] = "";
914     const char *p = port_str;
915     int is_udp = 0;
916     int n;
917 
918     if (!mon)
919         return;
920 
921     if (!port_str || !port_str[0])
922         goto fail_syntax;
923 
924     get_str_sep(buf, sizeof(buf), &p, ':');
925 
926     if (!strcmp(buf, "tcp") || buf[0] == '\0') {
927         is_udp = 0;
928     } else if (!strcmp(buf, "udp")) {
929         is_udp = 1;
930     } else {
931         goto fail_syntax;
932     }
933 
934     host_port = atoi(p);
935 
936     n = slirp_redir_rm(is_udp, host_port);
937 
938     monitor_printf(mon, "removed %d redirections to %s port %d\n", n,
939                         is_udp ? "udp" : "tcp", host_port);
940     return;
941 
942  fail_syntax:
943     monitor_printf(mon, "invalid format\n");
944 }
945 
slirp_redirection(Monitor * mon,const char * redir_str)946 static void slirp_redirection(Monitor *mon, const char *redir_str)
947 {
948     uint32_t guest_addr;
949     int host_port, guest_port;
950     const char *p;
951     char buf[256], *r;
952     int is_udp;
953 
954     p = redir_str;
955     if (get_str_sep(buf, sizeof(buf), &p, ':') < 0) {
956         goto fail_syntax;
957     }
958     if (!strcmp(buf, "tcp") || buf[0] == '\0') {
959         is_udp = 0;
960     } else if (!strcmp(buf, "udp")) {
961         is_udp = 1;
962     } else {
963         goto fail_syntax;
964     }
965 
966     if (get_str_sep(buf, sizeof(buf), &p, ':') < 0) {
967         goto fail_syntax;
968     }
969     host_port = strtol(buf, &r, 0);
970     if (r == buf) {
971         goto fail_syntax;
972     }
973 
974     if (get_str_sep(buf, sizeof(buf), &p, ':') < 0) {
975         goto fail_syntax;
976     }
977     if (buf[0] == '\0') {
978         pstrcpy(buf, sizeof(buf), "10.0.2.15");
979     }
980     if (inet_strtoip(buf, &guest_addr) < 0) {
981         goto fail_syntax;
982     }
983 
984     guest_port = strtol(p, &r, 0);
985     if (r == p) {
986         goto fail_syntax;
987     }
988 
989     if (slirp_redir(is_udp, host_port, guest_addr, guest_port) < 0) {
990         config_error(mon, "could not set up redirection '%s'\n", redir_str);
991     }
992     return;
993 
994  fail_syntax:
995     config_error(mon, "invalid redirection format '%s'\n", redir_str);
996 }
997 
net_slirp_redir(Monitor * mon,const char * redir_str,const char * redir_opt2)998 void net_slirp_redir(Monitor *mon, const char *redir_str, const char *redir_opt2)
999 {
1000     struct slirp_config_str *config;
1001 
1002     if (!slirp_inited) {
1003         if (mon) {
1004             monitor_printf(mon, "user mode network stack not in use\n");
1005         } else {
1006             config = qemu_malloc(sizeof(*config));
1007             config->str = redir_str;
1008             config->next = slirp_redirs;
1009             slirp_redirs = config;
1010         }
1011         return;
1012     }
1013 
1014     if (!strcmp(redir_str, "remove")) {
1015         net_slirp_redir_rm(mon, redir_opt2);
1016         return;
1017     }
1018 
1019     if (!strcmp(redir_str, "list")) {
1020         net_slirp_redir_list(mon);
1021         return;
1022     }
1023 
1024     slirp_redirection(mon, redir_str);
1025 }
1026 
1027 #ifndef _WIN32
1028 
1029 static char smb_dir[1024];
1030 
erase_dir(char * dir_name)1031 static void erase_dir(char *dir_name)
1032 {
1033     DIR *d;
1034     struct dirent *de;
1035     char filename[1024];
1036 
1037     /* erase all the files in the directory */
1038     if ((d = opendir(dir_name)) != NULL) {
1039         for(;;) {
1040             de = readdir(d);
1041             if (!de)
1042                 break;
1043             if (strcmp(de->d_name, ".") != 0 &&
1044                 strcmp(de->d_name, "..") != 0) {
1045                 snprintf(filename, sizeof(filename), "%s/%s",
1046                          smb_dir, de->d_name);
1047                 if (unlink(filename) != 0)  /* is it a directory? */
1048                     erase_dir(filename);
1049             }
1050         }
1051         closedir(d);
1052         rmdir(dir_name);
1053     }
1054 }
1055 
1056 /* automatic user mode samba server configuration */
smb_exit(void)1057 static void smb_exit(void)
1058 {
1059     erase_dir(smb_dir);
1060 }
1061 
slirp_smb(const char * exported_dir)1062 static void slirp_smb(const char *exported_dir)
1063 {
1064     char smb_conf[1024];
1065     char smb_cmdline[1024];
1066     FILE *f;
1067 
1068     /* XXX: better tmp dir construction */
1069     snprintf(smb_dir, sizeof(smb_dir), "/tmp/qemu-smb.%ld", (long)getpid());
1070     if (mkdir(smb_dir, 0700) < 0) {
1071         fprintf(stderr, "qemu: could not create samba server dir '%s'\n", smb_dir);
1072         exit(1);
1073     }
1074     snprintf(smb_conf, sizeof(smb_conf), "%s/%s", smb_dir, "smb.conf");
1075 
1076     f = fopen(smb_conf, "w");
1077     if (!f) {
1078         fprintf(stderr, "qemu: could not create samba server configuration file '%s'\n", smb_conf);
1079         exit(1);
1080     }
1081     fprintf(f,
1082             "[global]\n"
1083             "private dir=%s\n"
1084             "smb ports=0\n"
1085             "socket address=127.0.0.1\n"
1086             "pid directory=%s\n"
1087             "lock directory=%s\n"
1088             "log file=%s/log.smbd\n"
1089             "smb passwd file=%s/smbpasswd\n"
1090             "security = share\n"
1091             "[qemu]\n"
1092             "path=%s\n"
1093             "read only=no\n"
1094             "guest ok=yes\n",
1095             smb_dir,
1096             smb_dir,
1097             smb_dir,
1098             smb_dir,
1099             smb_dir,
1100             exported_dir
1101             );
1102     fclose(f);
1103     atexit(smb_exit);
1104 
1105     snprintf(smb_cmdline, sizeof(smb_cmdline), "%s -s %s",
1106              SMBD_COMMAND, smb_conf);
1107 
1108     slirp_add_exec(0, smb_cmdline, 4, 139);
1109 }
1110 
1111 /* automatic user mode samba server configuration */
net_slirp_smb(const char * exported_dir)1112 void net_slirp_smb(const char *exported_dir)
1113 {
1114     if (slirp_smb_export) {
1115         fprintf(stderr, "-smb given twice\n");
1116         exit(1);
1117     }
1118     slirp_smb_export = exported_dir;
1119     if (slirp_inited) {
1120         slirp_smb(exported_dir);
1121     }
1122 }
1123 
1124 #endif /* !defined(_WIN32) */
1125 
do_info_slirp(Monitor * mon)1126 void do_info_slirp(Monitor *mon)
1127 {
1128     //slirp_stats();
1129 }
1130 
1131 struct VMChannel {
1132     CharDriverState *hd;
1133     int port;
1134 };
1135 
vmchannel_can_read(void * opaque)1136 static int vmchannel_can_read(void *opaque)
1137 {
1138     struct VMChannel *vmc = (struct VMChannel*)opaque;
1139     return slirp_socket_can_recv(4, vmc->port);
1140 }
1141 
vmchannel_read(void * opaque,const uint8_t * buf,int size)1142 static void vmchannel_read(void *opaque, const uint8_t *buf, int size)
1143 {
1144     struct VMChannel *vmc = (struct VMChannel*)opaque;
1145     slirp_socket_recv(4, vmc->port, buf, size);
1146 }
1147 
1148 #endif /* CONFIG_SLIRP */
1149 
1150 #if !defined(_WIN32)
1151 
1152 typedef struct TAPState {
1153     VLANClientState *vc;
1154     int fd;
1155     char down_script[1024];
1156     char down_script_arg[128];
1157     uint8_t buf[4096];
1158 } TAPState;
1159 
1160 static int launch_script(const char *setup_script, const char *ifname, int fd);
1161 
tap_receive_iov(VLANClientState * vc,const struct iovec * iov,int iovcnt)1162 static ssize_t tap_receive_iov(VLANClientState *vc, const struct iovec *iov,
1163                                int iovcnt)
1164 {
1165     TAPState *s = vc->opaque;
1166     ssize_t len;
1167 
1168     do {
1169         len = writev(s->fd, iov, iovcnt);
1170     } while (len == -1 && (errno == EINTR || errno == EAGAIN));
1171 
1172     return len;
1173 }
1174 
tap_receive(VLANClientState * vc,const uint8_t * buf,size_t size)1175 static ssize_t tap_receive(VLANClientState *vc, const uint8_t *buf, size_t size)
1176 {
1177     TAPState *s = vc->opaque;
1178     ssize_t len;
1179 
1180     do {
1181         len = write(s->fd, buf, size);
1182     } while (len == -1 && (errno == EINTR || errno == EAGAIN));
1183 
1184     return len;
1185 }
1186 
tap_can_send(void * opaque)1187 static int tap_can_send(void *opaque)
1188 {
1189     TAPState *s = opaque;
1190 
1191     return qemu_can_send_packet(s->vc);
1192 }
1193 
1194 #ifdef __sun__
tap_read_packet(int tapfd,uint8_t * buf,int maxlen)1195 static ssize_t tap_read_packet(int tapfd, uint8_t *buf, int maxlen)
1196 {
1197     struct strbuf sbuf;
1198     int f = 0;
1199 
1200     sbuf.maxlen = maxlen;
1201     sbuf.buf = (char *)buf;
1202 
1203     return getmsg(tapfd, NULL, &sbuf, &f) >= 0 ? sbuf.len : -1;
1204 }
1205 #else
tap_read_packet(int tapfd,uint8_t * buf,int maxlen)1206 static ssize_t tap_read_packet(int tapfd, uint8_t *buf, int maxlen)
1207 {
1208     return read(tapfd, buf, maxlen);
1209 }
1210 #endif
1211 
1212 static void tap_send(void *opaque);
1213 
tap_send_completed(VLANClientState * vc)1214 static void tap_send_completed(VLANClientState *vc)
1215 {
1216     TAPState *s = vc->opaque;
1217 
1218     qemu_set_fd_handler2(s->fd, tap_can_send, tap_send, NULL, s);
1219 }
1220 
tap_send(void * opaque)1221 static void tap_send(void *opaque)
1222 {
1223     TAPState *s = opaque;
1224     int size;
1225 
1226     do {
1227         size = tap_read_packet(s->fd, s->buf, sizeof(s->buf));
1228         if (size <= 0) {
1229             break;
1230         }
1231 
1232         size = qemu_send_packet_async(s->vc, s->buf, size, tap_send_completed);
1233         if (size == 0) {
1234             qemu_set_fd_handler2(s->fd, NULL, NULL, NULL, NULL);
1235         }
1236     } while (size > 0);
1237 }
1238 
tap_cleanup(VLANClientState * vc)1239 static void tap_cleanup(VLANClientState *vc)
1240 {
1241     TAPState *s = vc->opaque;
1242 
1243     if (s->down_script[0])
1244         launch_script(s->down_script, s->down_script_arg, s->fd);
1245 
1246     qemu_set_fd_handler(s->fd, NULL, NULL, NULL);
1247     close(s->fd);
1248     qemu_free(s);
1249 }
1250 
1251 /* fd support */
1252 
net_tap_fd_init(VLANState * vlan,const char * model,const char * name,int fd)1253 static TAPState *net_tap_fd_init(VLANState *vlan,
1254                                  const char *model,
1255                                  const char *name,
1256                                  int fd)
1257 {
1258     TAPState *s;
1259 
1260     s = qemu_mallocz(sizeof(TAPState));
1261     s->fd = fd;
1262     s->vc = qemu_new_vlan_client(vlan, model, name, NULL, tap_receive,
1263                                  tap_receive_iov, tap_cleanup, s);
1264     qemu_set_fd_handler2(s->fd, tap_can_send, tap_send, NULL, s);
1265     snprintf(s->vc->info_str, sizeof(s->vc->info_str), "fd=%d", fd);
1266     return s;
1267 }
1268 
1269 #if defined (CONFIG_BSD) || defined (__FreeBSD_kernel__)
tap_open(char * ifname,int ifname_size)1270 static int tap_open(char *ifname, int ifname_size)
1271 {
1272     int fd;
1273     char *dev;
1274     struct stat s;
1275 
1276     TFR(fd = open("/dev/tap", O_RDWR));
1277     if (fd < 0) {
1278         fprintf(stderr, "warning: could not open /dev/tap: no virtual network emulation\n");
1279         return -1;
1280     }
1281 
1282     fstat(fd, &s);
1283     dev = devname(s.st_rdev, S_IFCHR);
1284     pstrcpy(ifname, ifname_size, dev);
1285 
1286     fcntl(fd, F_SETFL, O_NONBLOCK);
1287     return fd;
1288 }
1289 #elif defined(__sun__)
1290 #define TUNNEWPPA       (('T'<<16) | 0x0001)
1291 /*
1292  * Allocate TAP device, returns opened fd.
1293  * Stores dev name in the first arg(must be large enough).
1294  */
tap_alloc(char * dev,size_t dev_size)1295 static int tap_alloc(char *dev, size_t dev_size)
1296 {
1297     int tap_fd, if_fd, ppa = -1;
1298     static int ip_fd = 0;
1299     char *ptr;
1300 
1301     static int arp_fd = 0;
1302     int ip_muxid, arp_muxid;
1303     struct strioctl  strioc_if, strioc_ppa;
1304     int link_type = I_PLINK;;
1305     struct lifreq ifr;
1306     char actual_name[32] = "";
1307 
1308     memset(&ifr, 0x0, sizeof(ifr));
1309 
1310     if( *dev ){
1311        ptr = dev;
1312        while( *ptr && !qemu_isdigit((int)*ptr) ) ptr++;
1313        ppa = atoi(ptr);
1314     }
1315 
1316     /* Check if IP device was opened */
1317     if( ip_fd )
1318        close(ip_fd);
1319 
1320     TFR(ip_fd = open("/dev/udp", O_RDWR, 0));
1321     if (ip_fd < 0) {
1322        syslog(LOG_ERR, "Can't open /dev/ip (actually /dev/udp)");
1323        return -1;
1324     }
1325 
1326     TFR(tap_fd = open("/dev/tap", O_RDWR, 0));
1327     if (tap_fd < 0) {
1328        syslog(LOG_ERR, "Can't open /dev/tap");
1329        return -1;
1330     }
1331 
1332     /* Assign a new PPA and get its unit number. */
1333     strioc_ppa.ic_cmd = TUNNEWPPA;
1334     strioc_ppa.ic_timout = 0;
1335     strioc_ppa.ic_len = sizeof(ppa);
1336     strioc_ppa.ic_dp = (char *)&ppa;
1337     if ((ppa = ioctl (tap_fd, I_STR, &strioc_ppa)) < 0)
1338        syslog (LOG_ERR, "Can't assign new interface");
1339 
1340     TFR(if_fd = open("/dev/tap", O_RDWR, 0));
1341     if (if_fd < 0) {
1342        syslog(LOG_ERR, "Can't open /dev/tap (2)");
1343        return -1;
1344     }
1345     if(ioctl(if_fd, I_PUSH, "ip") < 0){
1346        syslog(LOG_ERR, "Can't push IP module");
1347        return -1;
1348     }
1349 
1350     if (ioctl(if_fd, SIOCGLIFFLAGS, &ifr) < 0)
1351 	syslog(LOG_ERR, "Can't get flags\n");
1352 
1353     snprintf (actual_name, 32, "tap%d", ppa);
1354     pstrcpy(ifr.lifr_name, sizeof(ifr.lifr_name), actual_name);
1355 
1356     ifr.lifr_ppa = ppa;
1357     /* Assign ppa according to the unit number returned by tun device */
1358 
1359     if (ioctl (if_fd, SIOCSLIFNAME, &ifr) < 0)
1360         syslog (LOG_ERR, "Can't set PPA %d", ppa);
1361     if (ioctl(if_fd, SIOCGLIFFLAGS, &ifr) <0)
1362         syslog (LOG_ERR, "Can't get flags\n");
1363     /* Push arp module to if_fd */
1364     if (ioctl (if_fd, I_PUSH, "arp") < 0)
1365         syslog (LOG_ERR, "Can't push ARP module (2)");
1366 
1367     /* Push arp module to ip_fd */
1368     if (ioctl (ip_fd, I_POP, NULL) < 0)
1369         syslog (LOG_ERR, "I_POP failed\n");
1370     if (ioctl (ip_fd, I_PUSH, "arp") < 0)
1371         syslog (LOG_ERR, "Can't push ARP module (3)\n");
1372     /* Open arp_fd */
1373     TFR(arp_fd = open ("/dev/tap", O_RDWR, 0));
1374     if (arp_fd < 0)
1375        syslog (LOG_ERR, "Can't open %s\n", "/dev/tap");
1376 
1377     /* Set ifname to arp */
1378     strioc_if.ic_cmd = SIOCSLIFNAME;
1379     strioc_if.ic_timout = 0;
1380     strioc_if.ic_len = sizeof(ifr);
1381     strioc_if.ic_dp = (char *)&ifr;
1382     if (ioctl(arp_fd, I_STR, &strioc_if) < 0){
1383         syslog (LOG_ERR, "Can't set ifname to arp\n");
1384     }
1385 
1386     if((ip_muxid = ioctl(ip_fd, I_LINK, if_fd)) < 0){
1387        syslog(LOG_ERR, "Can't link TAP device to IP");
1388        return -1;
1389     }
1390 
1391     if ((arp_muxid = ioctl (ip_fd, link_type, arp_fd)) < 0)
1392         syslog (LOG_ERR, "Can't link TAP device to ARP");
1393 
1394     close (if_fd);
1395 
1396     memset(&ifr, 0x0, sizeof(ifr));
1397     pstrcpy(ifr.lifr_name, sizeof(ifr.lifr_name), actual_name);
1398     ifr.lifr_ip_muxid  = ip_muxid;
1399     ifr.lifr_arp_muxid = arp_muxid;
1400 
1401     if (ioctl (ip_fd, SIOCSLIFMUXID, &ifr) < 0)
1402     {
1403       ioctl (ip_fd, I_PUNLINK , arp_muxid);
1404       ioctl (ip_fd, I_PUNLINK, ip_muxid);
1405       syslog (LOG_ERR, "Can't set multiplexor id");
1406     }
1407 
1408     snprintf(dev, dev_size, "tap%d", ppa);
1409     return tap_fd;
1410 }
1411 
tap_open(char * ifname,int ifname_size)1412 static int tap_open(char *ifname, int ifname_size)
1413 {
1414     char  dev[10]="";
1415     int fd;
1416     if( (fd = tap_alloc(dev, sizeof(dev))) < 0 ){
1417        fprintf(stderr, "Cannot allocate TAP device\n");
1418        return -1;
1419     }
1420     pstrcpy(ifname, ifname_size, dev);
1421     fcntl(fd, F_SETFL, O_NONBLOCK);
1422     return fd;
1423 }
1424 #elif defined (_AIX)
tap_open(char * ifname,int ifname_size)1425 static int tap_open(char *ifname, int ifname_size)
1426 {
1427     fprintf (stderr, "no tap on AIX\n");
1428     return -1;
1429 }
1430 #else
tap_open(char * ifname,int ifname_size)1431 static int tap_open(char *ifname, int ifname_size)
1432 {
1433     struct ifreq ifr;
1434     int fd, ret;
1435 
1436     TFR(fd = open("/dev/net/tun", O_RDWR));
1437     if (fd < 0) {
1438         fprintf(stderr, "warning: could not open /dev/net/tun: no virtual network emulation\n");
1439         return -1;
1440     }
1441     memset(&ifr, 0, sizeof(ifr));
1442     ifr.ifr_flags = IFF_TAP | IFF_NO_PI;
1443     if (ifname[0] != '\0')
1444         pstrcpy(ifr.ifr_name, IFNAMSIZ, ifname);
1445     else
1446         pstrcpy(ifr.ifr_name, IFNAMSIZ, "tap%d");
1447     ret = ioctl(fd, TUNSETIFF, (void *) &ifr);
1448     if (ret != 0) {
1449         fprintf(stderr, "warning: could not configure /dev/net/tun: no virtual network emulation\n");
1450         close(fd);
1451         return -1;
1452     }
1453     pstrcpy(ifname, ifname_size, ifr.ifr_name);
1454     fcntl(fd, F_SETFL, O_NONBLOCK);
1455     return fd;
1456 }
1457 #endif
1458 
launch_script(const char * setup_script,const char * ifname,int fd)1459 static int launch_script(const char *setup_script, const char *ifname, int fd)
1460 {
1461     sigset_t oldmask, mask;
1462     int pid, status;
1463     char *args[3];
1464     char **parg;
1465 
1466     sigemptyset(&mask);
1467     sigaddset(&mask, SIGCHLD);
1468     sigprocmask(SIG_BLOCK, &mask, &oldmask);
1469 
1470     /* try to launch network script */
1471     pid = fork();
1472     if (pid == 0) {
1473         int open_max = sysconf(_SC_OPEN_MAX), i;
1474 
1475         for (i = 0; i < open_max; i++) {
1476             if (i != STDIN_FILENO &&
1477                 i != STDOUT_FILENO &&
1478                 i != STDERR_FILENO &&
1479                 i != fd) {
1480                 close(i);
1481             }
1482         }
1483         parg = args;
1484         *parg++ = (char *)setup_script;
1485         *parg++ = (char *)ifname;
1486         *parg++ = NULL;
1487         execv(setup_script, args);
1488         _exit(1);
1489     } else if (pid > 0) {
1490         while (waitpid(pid, &status, 0) != pid) {
1491             /* loop */
1492         }
1493         sigprocmask(SIG_SETMASK, &oldmask, NULL);
1494 
1495         if (WIFEXITED(status) && WEXITSTATUS(status) == 0) {
1496             return 0;
1497         }
1498     }
1499     fprintf(stderr, "%s: could not launch network script\n", setup_script);
1500     return -1;
1501 }
1502 
net_tap_init(VLANState * vlan,const char * model,const char * name,const char * ifname1,const char * setup_script,const char * down_script)1503 static int net_tap_init(VLANState *vlan, const char *model,
1504                         const char *name, const char *ifname1,
1505                         const char *setup_script, const char *down_script)
1506 {
1507     TAPState *s;
1508     int fd;
1509     char ifname[128];
1510 
1511     if (ifname1 != NULL)
1512         pstrcpy(ifname, sizeof(ifname), ifname1);
1513     else
1514         ifname[0] = '\0';
1515     TFR(fd = tap_open(ifname, sizeof(ifname)));
1516     if (fd < 0)
1517         return -1;
1518 
1519     if (!setup_script || !strcmp(setup_script, "no"))
1520         setup_script = "";
1521     if (setup_script[0] != '\0') {
1522 	if (launch_script(setup_script, ifname, fd))
1523 	    return -1;
1524     }
1525     s = net_tap_fd_init(vlan, model, name, fd);
1526     snprintf(s->vc->info_str, sizeof(s->vc->info_str),
1527              "ifname=%s,script=%s,downscript=%s",
1528              ifname, setup_script, down_script);
1529     if (down_script && strcmp(down_script, "no")) {
1530         snprintf(s->down_script, sizeof(s->down_script), "%s", down_script);
1531         snprintf(s->down_script_arg, sizeof(s->down_script_arg), "%s", ifname);
1532     }
1533     return 0;
1534 }
1535 
1536 #endif /* !_WIN32 */
1537 
1538 #if defined(CONFIG_VDE)
1539 typedef struct VDEState {
1540     VLANClientState *vc;
1541     VDECONN *vde;
1542 } VDEState;
1543 
vde_to_qemu(void * opaque)1544 static void vde_to_qemu(void *opaque)
1545 {
1546     VDEState *s = opaque;
1547     uint8_t buf[4096];
1548     int size;
1549 
1550     size = vde_recv(s->vde, (char *)buf, sizeof(buf), 0);
1551     if (size > 0) {
1552         qemu_send_packet(s->vc, buf, size);
1553     }
1554 }
1555 
vde_receive(VLANClientState * vc,const uint8_t * buf,size_t size)1556 static ssize_t vde_receive(VLANClientState *vc, const uint8_t *buf, size_t size)
1557 {
1558     VDEState *s = vc->opaque;
1559     ssize_t ret;
1560 
1561     do {
1562       ret = vde_send(s->vde, (const char *)buf, size, 0);
1563     } while (ret < 0 && errno == EINTR);
1564 
1565     return ret;
1566 }
1567 
vde_cleanup(VLANClientState * vc)1568 static void vde_cleanup(VLANClientState *vc)
1569 {
1570     VDEState *s = vc->opaque;
1571     qemu_set_fd_handler(vde_datafd(s->vde), NULL, NULL, NULL);
1572     vde_close(s->vde);
1573     qemu_free(s);
1574 }
1575 
net_vde_init(VLANState * vlan,const char * model,const char * name,const char * sock,int port,const char * group,int mode)1576 static int net_vde_init(VLANState *vlan, const char *model,
1577                         const char *name, const char *sock,
1578                         int port, const char *group, int mode)
1579 {
1580     VDEState *s;
1581     char *init_group = strlen(group) ? (char *)group : NULL;
1582     char *init_sock = strlen(sock) ? (char *)sock : NULL;
1583 
1584     struct vde_open_args args = {
1585         .port = port,
1586         .group = init_group,
1587         .mode = mode,
1588     };
1589 
1590     s = qemu_mallocz(sizeof(VDEState));
1591     s->vde = vde_open(init_sock, (char *)"QEMU", &args);
1592     if (!s->vde){
1593         free(s);
1594         return -1;
1595     }
1596     s->vc = qemu_new_vlan_client(vlan, model, name, NULL, vde_receive,
1597                                  NULL, vde_cleanup, s);
1598     qemu_set_fd_handler(vde_datafd(s->vde), vde_to_qemu, NULL, s);
1599     snprintf(s->vc->info_str, sizeof(s->vc->info_str), "sock=%s,fd=%d",
1600              sock, vde_datafd(s->vde));
1601     return 0;
1602 }
1603 #endif
1604 
1605 /* network connection */
1606 typedef struct NetSocketState {
1607     VLANClientState *vc;
1608     int fd;
1609     int state; /* 0 = getting length, 1 = getting data */
1610     unsigned int index;
1611     unsigned int packet_len;
1612     uint8_t buf[4096];
1613     SockAddress  dgram_dst; /* contains inet host and port destination iff connectionless (SOCK_DGRAM) */
1614 } NetSocketState;
1615 
1616 typedef struct NetSocketListenState {
1617     VLANState *vlan;
1618     char *model;
1619     char *name;
1620     int fd;
1621 } NetSocketListenState;
1622 
1623 /* XXX: we consider we can send the whole packet without blocking */
net_socket_receive(VLANClientState * vc,const uint8_t * buf,size_t size)1624 static ssize_t net_socket_receive(VLANClientState *vc, const uint8_t *buf, size_t size)
1625 {
1626     NetSocketState *s = vc->opaque;
1627     uint32_t len;
1628     len = htonl(size);
1629 
1630     socket_send(s->fd, (const uint8_t *)&len, sizeof(len));
1631     return socket_send(s->fd, buf, size);
1632 }
1633 
net_socket_receive_dgram(VLANClientState * vc,const uint8_t * buf,size_t size)1634 static ssize_t net_socket_receive_dgram(VLANClientState *vc, const uint8_t *buf, size_t size)
1635 {
1636     NetSocketState *s = vc->opaque;
1637 
1638     return socket_sendto(s->fd, buf, size, &s->dgram_dst);
1639 }
1640 
net_socket_send(void * opaque)1641 static void net_socket_send(void *opaque)
1642 {
1643     NetSocketState *s = opaque;
1644     int size, err;
1645     unsigned l;
1646     uint8_t buf1[4096];
1647     const uint8_t *buf;
1648 
1649     size = recv(s->fd, (void *)buf1, sizeof(buf1), 0);
1650     if (size < 0) {
1651         err = socket_error();
1652         if (err != EWOULDBLOCK && err != EAGAIN)
1653             goto eoc;
1654     } else if (size == 0) {
1655         /* end of connection */
1656     eoc:
1657         qemu_set_fd_handler(s->fd, NULL, NULL, NULL);
1658         closesocket(s->fd);
1659         return;
1660     }
1661     buf = buf1;
1662     while (size > 0) {
1663         /* reassemble a packet from the network */
1664         switch(s->state) {
1665         case 0:
1666             l = 4 - s->index;
1667             if (l > size)
1668                 l = size;
1669             memcpy(s->buf + s->index, buf, l);
1670             buf += l;
1671             size -= l;
1672             s->index += l;
1673             if (s->index == 4) {
1674                 /* got length */
1675                 s->packet_len = ntohl(*(uint32_t *)s->buf);
1676                 s->index = 0;
1677                 s->state = 1;
1678             }
1679             break;
1680         case 1:
1681             l = s->packet_len - s->index;
1682             if (l > size)
1683                 l = size;
1684             if (s->index + l <= sizeof(s->buf)) {
1685                 memcpy(s->buf + s->index, buf, l);
1686             } else {
1687                 fprintf(stderr, "serious error: oversized packet received,"
1688                     "connection terminated.\n");
1689                 s->state = 0;
1690                 goto eoc;
1691             }
1692 
1693             s->index += l;
1694             buf += l;
1695             size -= l;
1696             if (s->index >= s->packet_len) {
1697                 qemu_send_packet(s->vc, s->buf, s->packet_len);
1698                 s->index = 0;
1699                 s->state = 0;
1700             }
1701             break;
1702         }
1703     }
1704 }
1705 
net_socket_send_dgram(void * opaque)1706 static void net_socket_send_dgram(void *opaque)
1707 {
1708     NetSocketState *s = opaque;
1709     int size;
1710 
1711     size = recv(s->fd, (void *)s->buf, sizeof(s->buf), 0);
1712     if (size < 0)
1713         return;
1714     if (size == 0) {
1715         /* end of connection */
1716         qemu_set_fd_handler(s->fd, NULL, NULL, NULL);
1717         return;
1718     }
1719     qemu_send_packet(s->vc, s->buf, size);
1720 }
1721 
net_socket_mcast_create(SockAddress * mcastaddr)1722 static int net_socket_mcast_create(SockAddress *mcastaddr)
1723 {
1724     int fd;
1725     int ret;
1726     if (!IN_MULTICAST(sock_address_get_ip(mcastaddr))) {
1727 	fprintf(stderr, "qemu: error: specified mcastaddr \"%s\" (0x%08x) does not contain a multicast address\n",
1728 		sock_address_to_string(mcastaddr),
1729                 sock_address_get_ip(mcastaddr));
1730 	return -1;
1731 
1732     }
1733     fd = socket_create_inet(SOCKET_DGRAM);
1734     if (fd < 0) {
1735         perror("socket(PF_INET, SOCK_DGRAM)");
1736         return -1;
1737     }
1738 
1739     ret = socket_set_xreuseaddr(fd);
1740     if (ret < 0) {
1741 	perror("setsockopt(SOL_SOCKET, SO_REUSEADDR)");
1742 	goto fail;
1743     }
1744 
1745     ret = socket_bind(fd, mcastaddr);
1746     if (ret < 0) {
1747         perror("bind");
1748         goto fail;
1749     }
1750 
1751     /* Add host to multicast group */
1752     ret = socket_mcast_inet_add_membership(fd, sock_address_get_ip(mcastaddr));
1753     if (ret < 0) {
1754 	perror("setsockopt(IP_ADD_MEMBERSHIP)");
1755 	goto fail;
1756     }
1757 
1758     /* Force mcast msgs to loopback (eg. several QEMUs in same host */
1759     ret = socket_mcast_inet_set_loop(fd, 1);
1760     if (ret < 0) {
1761 	perror("setsockopt(SOL_IP, IP_MULTICAST_LOOP)");
1762 	goto fail;
1763     }
1764 
1765     socket_set_nonblock(fd);
1766     return fd;
1767 fail:
1768     if (fd >= 0)
1769         socket_close(fd);
1770     return -1;
1771 }
1772 
net_socket_cleanup(VLANClientState * vc)1773 static void net_socket_cleanup(VLANClientState *vc)
1774 {
1775     NetSocketState *s = vc->opaque;
1776     qemu_set_fd_handler(s->fd, NULL, NULL, NULL);
1777     socket_close(s->fd);
1778     qemu_free(s);
1779 }
1780 
net_socket_fd_init_dgram(VLANState * vlan,const char * model,const char * name,int fd,int is_connected)1781 static NetSocketState *net_socket_fd_init_dgram(VLANState *vlan,
1782                                                 const char *model,
1783                                                 const char *name,
1784                                                 int fd, int is_connected)
1785 {
1786     SockAddress  saddr;
1787     int newfd;
1788     NetSocketState *s;
1789 
1790     /* fd passed: multicast: "learn" dgram_dst address from bound address and save it
1791      * Because this may be "shared" socket from a "master" process, datagrams would be recv()
1792      * by ONLY ONE process: we must "clone" this dgram socket --jjo
1793      */
1794 
1795     if (is_connected) {
1796 	if (socket_get_address(fd, &saddr) == 0) {
1797 	    /* must be bound */
1798 	    if (sock_address_get_ip(&saddr) == 0) {
1799 		fprintf(stderr, "qemu: error: init_dgram: fd=%d unbound, cannot setup multicast dst addr\n",
1800 			fd);
1801 		return NULL;
1802 	    }
1803 	    /* clone dgram socket */
1804 	    newfd = net_socket_mcast_create(&saddr);
1805 	    if (newfd < 0) {
1806 		/* error already reported by net_socket_mcast_create() */
1807 		socket_close(fd);
1808 		return NULL;
1809 	    }
1810 	    /* clone newfd to fd, close newfd */
1811 	    dup2(newfd, fd);
1812 	    socket_close(newfd);
1813 
1814 	} else {
1815 	    fprintf(stderr, "qemu: error: init_dgram: fd=%d failed getsockname(): %s\n",
1816 		    fd, strerror(errno));
1817 	    return NULL;
1818 	}
1819     }
1820 
1821     s = qemu_mallocz(sizeof(NetSocketState));
1822     s->fd = fd;
1823 
1824     s->vc = qemu_new_vlan_client(vlan, model, name, NULL, net_socket_receive_dgram,
1825                                  NULL, net_socket_cleanup, s);
1826     qemu_set_fd_handler(s->fd, net_socket_send_dgram, NULL, s);
1827 
1828     /* mcast: save bound address as dst */
1829     if (is_connected) s->dgram_dst=saddr;
1830 
1831     snprintf(s->vc->info_str, sizeof(s->vc->info_str),
1832 	    "socket: fd=%d (%s mcast=%s)",
1833 	    fd, is_connected? "cloned" : "",
1834 	    sock_address_to_string(&saddr));
1835     return s;
1836 }
1837 
net_socket_connect(void * opaque)1838 static void net_socket_connect(void *opaque)
1839 {
1840     NetSocketState *s = opaque;
1841     qemu_set_fd_handler(s->fd, net_socket_send, NULL, s);
1842 }
1843 
net_socket_fd_init_stream(VLANState * vlan,const char * model,const char * name,int fd,int is_connected)1844 static NetSocketState *net_socket_fd_init_stream(VLANState *vlan,
1845                                                  const char *model,
1846                                                  const char *name,
1847                                                  int fd, int is_connected)
1848 {
1849     NetSocketState *s;
1850     s = qemu_mallocz(sizeof(NetSocketState));
1851     s->fd = fd;
1852     s->vc = qemu_new_vlan_client(vlan, model, name, NULL, net_socket_receive,
1853                                  NULL, net_socket_cleanup, s);
1854     snprintf(s->vc->info_str, sizeof(s->vc->info_str),
1855              "socket: fd=%d", fd);
1856     if (is_connected) {
1857         net_socket_connect(s);
1858     } else {
1859         qemu_set_fd_handler(s->fd, NULL, net_socket_connect, s);
1860     }
1861     return s;
1862 }
1863 
net_socket_fd_init(VLANState * vlan,const char * model,const char * name,int fd,int is_connected)1864 static NetSocketState *net_socket_fd_init(VLANState *vlan,
1865                                           const char *model, const char *name,
1866                                           int fd, int is_connected)
1867 {
1868     SocketType  so_type = socket_get_type(fd);
1869 
1870     switch(so_type) {
1871     case SOCKET_DGRAM:
1872         return net_socket_fd_init_dgram(vlan, model, name, fd, is_connected);
1873     case SOCKET_STREAM:
1874         return net_socket_fd_init_stream(vlan, model, name, fd, is_connected);
1875     default:
1876         /* who knows ... this could be a eg. a pty, do warn and continue as stream */
1877         fprintf(stderr, "qemu: warning: socket type=%d for fd=%d is not SOCK_DGRAM or SOCK_STREAM\n", so_type, fd);
1878         return net_socket_fd_init_stream(vlan, model, name, fd, is_connected);
1879     }
1880     return NULL;
1881 }
1882 
net_socket_accept(void * opaque)1883 static void net_socket_accept(void *opaque)
1884 {
1885     NetSocketListenState *s = opaque;
1886     NetSocketState *s1;
1887     SockAddress  saddr;
1888     int fd;
1889 
1890     for(;;) {
1891         fd = socket_accept(s->fd, &saddr);
1892         if (fd < 0) {
1893             return;
1894         } else if (fd >= 0) {
1895             break;
1896         }
1897     }
1898     s1 = net_socket_fd_init(s->vlan, s->model, s->name, fd, 1);
1899     if (!s1) {
1900         socket_close(fd);
1901     } else {
1902         snprintf(s1->vc->info_str, sizeof(s1->vc->info_str),
1903                  "socket: connection from %s", sock_address_to_string(&saddr));
1904     }
1905 }
1906 
net_socket_listen_init(VLANState * vlan,const char * model,const char * name,const char * host_str)1907 static int net_socket_listen_init(VLANState *vlan,
1908                                   const char *model,
1909                                   const char *name,
1910                                   const char *host_str)
1911 {
1912     NetSocketListenState *s;
1913     int fd, ret;
1914     SockAddress  saddr;
1915 
1916     if (parse_host_port(&saddr, host_str) < 0)
1917         return -1;
1918 
1919     s = qemu_mallocz(sizeof(NetSocketListenState));
1920 
1921     fd = socket_create_inet(SOCKET_STREAM);
1922     if (fd < 0) {
1923         perror("socket");
1924         return -1;
1925     }
1926     socket_set_nonblock(fd);
1927 
1928     /* allow fast reuse */
1929     socket_set_xreuseaddr(fd);
1930 
1931     ret = socket_bind(fd, &saddr);
1932     if (ret < 0) {
1933         perror("bind");
1934         return -1;
1935     }
1936     ret = socket_listen(fd, 0);
1937     if (ret < 0) {
1938         perror("listen");
1939         return -1;
1940     }
1941     s->vlan = vlan;
1942     s->model = strdup(model);
1943     s->name = name ? strdup(name) : NULL;
1944     s->fd = fd;
1945     qemu_set_fd_handler(fd, net_socket_accept, NULL, s);
1946     return 0;
1947 }
1948 
net_socket_connect_init(VLANState * vlan,const char * model,const char * name,const char * host_str)1949 static int net_socket_connect_init(VLANState *vlan,
1950                                    const char *model,
1951                                    const char *name,
1952                                    const char *host_str)
1953 {
1954     NetSocketState *s;
1955     int fd, connected, ret, err;
1956     SockAddress saddr;
1957 
1958     if (parse_host_port(&saddr, host_str) < 0)
1959         return -1;
1960 
1961     fd = socket_create_inet(SOCKET_STREAM);
1962     if (fd < 0) {
1963         perror("socket");
1964         return -1;
1965     }
1966     socket_set_nonblock(fd);
1967 
1968     connected = 0;
1969     for(;;) {
1970         ret = socket_connect(fd, &saddr);
1971         if (ret < 0) {
1972             err = socket_error();
1973             if (err == EWOULDBLOCK || err == EAGAIN) {
1974             } else if (err == EINPROGRESS || err == EALREADY) {
1975                 break;
1976             } else {
1977                 perror("connect");
1978                 socket_close(fd);
1979                 return -1;
1980             }
1981         } else {
1982             connected = 1;
1983             break;
1984         }
1985     }
1986     s = net_socket_fd_init(vlan, model, name, fd, connected);
1987     if (!s)
1988         return -1;
1989     snprintf(s->vc->info_str, sizeof(s->vc->info_str),
1990              "socket: connect to %s",
1991              sock_address_to_string(&saddr));
1992     return 0;
1993 }
1994 
net_socket_mcast_init(VLANState * vlan,const char * model,const char * name,const char * host_str)1995 static int net_socket_mcast_init(VLANState *vlan,
1996                                  const char *model,
1997                                  const char *name,
1998                                  const char *host_str)
1999 {
2000     NetSocketState *s;
2001     int fd;
2002     SockAddress saddr;
2003 
2004     if (parse_host_port(&saddr, host_str) < 0)
2005         return -1;
2006 
2007 
2008     fd = net_socket_mcast_create(&saddr);
2009     if (fd < 0)
2010 	return -1;
2011 
2012     s = net_socket_fd_init(vlan, model, name, fd, 0);
2013     if (!s)
2014         return -1;
2015 
2016     s->dgram_dst = saddr;
2017 
2018     snprintf(s->vc->info_str, sizeof(s->vc->info_str),
2019              "socket: mcast=%s",
2020              sock_address_to_string(&saddr));
2021     return 0;
2022 
2023 }
2024 
2025 typedef struct DumpState {
2026     VLANClientState *pcap_vc;
2027     int fd;
2028     int pcap_caplen;
2029 } DumpState;
2030 
2031 #define PCAP_MAGIC 0xa1b2c3d4
2032 
2033 struct pcap_file_hdr {
2034     uint32_t magic;
2035     uint16_t version_major;
2036     uint16_t version_minor;
2037     int32_t thiszone;
2038     uint32_t sigfigs;
2039     uint32_t snaplen;
2040     uint32_t linktype;
2041 };
2042 
2043 struct pcap_sf_pkthdr {
2044     struct {
2045         int32_t tv_sec;
2046         int32_t tv_usec;
2047     } ts;
2048     uint32_t caplen;
2049     uint32_t len;
2050 };
2051 
dump_receive(VLANClientState * vc,const uint8_t * buf,size_t size)2052 static ssize_t dump_receive(VLANClientState *vc, const uint8_t *buf, size_t size)
2053 {
2054     DumpState *s = vc->opaque;
2055     struct pcap_sf_pkthdr hdr;
2056     int64_t ts;
2057     int caplen;
2058 
2059     /* Early return in case of previous error. */
2060     if (s->fd < 0) {
2061         return size;
2062     }
2063 
2064     ts = muldiv64(qemu_get_clock(vm_clock), 1000000, get_ticks_per_sec());
2065     caplen = size > s->pcap_caplen ? s->pcap_caplen : size;
2066 
2067     hdr.ts.tv_sec = ts / 1000000;
2068     hdr.ts.tv_usec = ts % 1000000;
2069     hdr.caplen = caplen;
2070     hdr.len = size;
2071     if (write(s->fd, &hdr, sizeof(hdr)) != sizeof(hdr) ||
2072         write(s->fd, buf, caplen) != caplen) {
2073         qemu_log("-net dump write error - stop dump\n");
2074         close(s->fd);
2075         s->fd = -1;
2076     }
2077 
2078     return size;
2079 }
2080 
net_dump_cleanup(VLANClientState * vc)2081 static void net_dump_cleanup(VLANClientState *vc)
2082 {
2083     DumpState *s = vc->opaque;
2084 
2085     close(s->fd);
2086     qemu_free(s);
2087 }
2088 
net_dump_init(Monitor * mon,VLANState * vlan,const char * device,const char * name,const char * filename,int len)2089 static int net_dump_init(Monitor *mon, VLANState *vlan, const char *device,
2090                          const char *name, const char *filename, int len)
2091 {
2092     struct pcap_file_hdr hdr;
2093     DumpState *s;
2094 
2095     s = qemu_malloc(sizeof(DumpState));
2096 
2097     s->fd = open(filename, O_CREAT | O_WRONLY, 0644);
2098     if (s->fd < 0) {
2099         config_error(mon, "-net dump: can't open %s\n", filename);
2100         return -1;
2101     }
2102 
2103     s->pcap_caplen = len;
2104 
2105     hdr.magic = PCAP_MAGIC;
2106     hdr.version_major = 2;
2107     hdr.version_minor = 4;
2108     hdr.thiszone = 0;
2109     hdr.sigfigs = 0;
2110     hdr.snaplen = s->pcap_caplen;
2111     hdr.linktype = 1;
2112 
2113     if (write(s->fd, &hdr, sizeof(hdr)) < sizeof(hdr)) {
2114         config_error(mon, "-net dump write error: %s\n", strerror(errno));
2115         close(s->fd);
2116         qemu_free(s);
2117         return -1;
2118     }
2119 
2120     s->pcap_vc = qemu_new_vlan_client(vlan, device, name, NULL, dump_receive, NULL,
2121                                       net_dump_cleanup, s);
2122     snprintf(s->pcap_vc->info_str, sizeof(s->pcap_vc->info_str),
2123              "dump to %s (len=%d)", filename, len);
2124     return 0;
2125 }
2126 
2127 /* find or alloc a new VLAN */
qemu_find_vlan(int id)2128 VLANState *qemu_find_vlan(int id)
2129 {
2130     VLANState **pvlan, *vlan;
2131     for(vlan = first_vlan; vlan != NULL; vlan = vlan->next) {
2132         if (vlan->id == id)
2133             return vlan;
2134     }
2135     vlan = qemu_mallocz(sizeof(VLANState));
2136     vlan->id = id;
2137     vlan->next = NULL;
2138     pvlan = &first_vlan;
2139     while (*pvlan != NULL)
2140         pvlan = &(*pvlan)->next;
2141     *pvlan = vlan;
2142     return vlan;
2143 }
2144 
nic_get_free_idx(void)2145 static int nic_get_free_idx(void)
2146 {
2147     int index;
2148 
2149     for (index = 0; index < MAX_NICS; index++)
2150         if (!nd_table[index].used)
2151             return index;
2152     return -1;
2153 }
2154 
qemu_check_nic_model(NICInfo * nd,const char * model)2155 void qemu_check_nic_model(NICInfo *nd, const char *model)
2156 {
2157     const char *models[2];
2158 
2159     models[0] = model;
2160     models[1] = NULL;
2161 
2162     qemu_check_nic_model_list(nd, models, model);
2163 }
2164 
qemu_check_nic_model_list(NICInfo * nd,const char * const * models,const char * default_model)2165 void qemu_check_nic_model_list(NICInfo *nd, const char * const *models,
2166                                const char *default_model)
2167 {
2168     int i, exit_status = 0;
2169 
2170     if (!nd->model)
2171         nd->model = strdup(default_model);
2172 
2173     if (strcmp(nd->model, "?") != 0) {
2174         for (i = 0 ; models[i]; i++)
2175             if (strcmp(nd->model, models[i]) == 0)
2176                 return;
2177 
2178         fprintf(stderr, "qemu: Unsupported NIC model: %s\n", nd->model);
2179         exit_status = 1;
2180     }
2181 
2182     fprintf(stderr, "qemu: Supported NIC models: ");
2183     for (i = 0 ; models[i]; i++)
2184         fprintf(stderr, "%s%c", models[i], models[i+1] ? ',' : '\n');
2185 
2186     exit(exit_status);
2187 }
2188 
net_client_init(Monitor * mon,const char * device,const char * p)2189 int net_client_init(Monitor *mon, const char *device, const char *p)
2190 {
2191     static const char * const fd_params[] = {
2192         "vlan", "name", "fd", NULL
2193     };
2194     char buf[1024];
2195     int vlan_id, ret;
2196     VLANState *vlan;
2197     char *name = NULL;
2198 
2199     vlan_id = 0;
2200     if (get_param_value(buf, sizeof(buf), "vlan", p)) {
2201         vlan_id = strtol(buf, NULL, 0);
2202     }
2203     vlan = qemu_find_vlan(vlan_id);
2204 
2205     if (get_param_value(buf, sizeof(buf), "name", p)) {
2206         name = qemu_strdup(buf);
2207     }
2208     if (!strcmp(device, "nic")) {
2209         static const char * const nic_params[] = {
2210             "vlan", "name", "macaddr", "model", NULL
2211         };
2212         NICInfo *nd;
2213         uint8_t *macaddr;
2214         int idx = nic_get_free_idx();
2215 
2216         if (check_params(buf, sizeof(buf), nic_params, p) < 0) {
2217             config_error(mon, "invalid parameter '%s' in '%s'\n", buf, p);
2218             ret = -1;
2219             goto out;
2220         }
2221         if (idx == -1 || nb_nics >= MAX_NICS) {
2222             config_error(mon, "Too Many NICs\n");
2223             ret = -1;
2224             goto out;
2225         }
2226         nd = &nd_table[idx];
2227         macaddr = nd->macaddr;
2228         macaddr[0] = 0x52;
2229         macaddr[1] = 0x54;
2230         macaddr[2] = 0x00;
2231         macaddr[3] = 0x12;
2232         macaddr[4] = 0x34;
2233         macaddr[5] = 0x56 + idx;
2234 
2235         if (get_param_value(buf, sizeof(buf), "macaddr", p)) {
2236             if (parse_macaddr(macaddr, buf) < 0) {
2237                 config_error(mon, "invalid syntax for ethernet address\n");
2238                 ret = -1;
2239                 goto out;
2240             }
2241         }
2242         if (get_param_value(buf, sizeof(buf), "model", p)) {
2243             nd->model = strdup(buf);
2244         }
2245         nd->vlan = vlan;
2246         nd->name = name;
2247         nd->used = 1;
2248         name = NULL;
2249         nb_nics++;
2250         vlan->nb_guest_devs++;
2251         ret = idx;
2252     } else
2253     if (!strcmp(device, "none")) {
2254         if (*p != '\0') {
2255             config_error(mon, "'none' takes no parameters\n");
2256             ret = -1;
2257             goto out;
2258         }
2259         /* does nothing. It is needed to signal that no network cards
2260            are wanted */
2261         ret = 0;
2262     } else
2263 #ifdef CONFIG_SLIRP
2264     if (!strcmp(device, "user")) {
2265         static const char * const slirp_params[] = {
2266             "vlan", "name", "hostname", "restrict", "ip", NULL
2267         };
2268         int restricted = 0;
2269         char *ip = NULL;
2270 
2271         if (check_params(buf, sizeof(buf), slirp_params, p) < 0) {
2272             config_error(mon, "invalid parameter '%s' in '%s'\n", buf, p);
2273             ret = -1;
2274             goto out;
2275         }
2276         if (get_param_value(buf, sizeof(buf), "hostname", p)) {
2277             pstrcpy(slirp_hostname, sizeof(slirp_hostname), buf);
2278         }
2279         if (get_param_value(buf, sizeof(buf), "restrict", p)) {
2280             restricted = (buf[0] == 'y') ? 1 : 0;
2281         }
2282         if (get_param_value(buf, sizeof(buf), "ip", p)) {
2283             ip = qemu_strdup(buf);
2284         }
2285         vlan->nb_host_devs++;
2286         ret = net_slirp_init(vlan, device, name, restricted, ip);
2287         qemu_free(ip);
2288     } else if (!strcmp(device, "channel")) {
2289         long port;
2290         char name[20], *devname;
2291         struct VMChannel *vmc;
2292 
2293         port = strtol(p, &devname, 10);
2294         devname++;
2295         if (port < 1 || port > 65535) {
2296             config_error(mon, "vmchannel wrong port number\n");
2297             ret = -1;
2298             goto out;
2299         }
2300         vmc = malloc(sizeof(struct VMChannel));
2301         snprintf(name, 20, "vmchannel%ld", port);
2302         vmc->hd = qemu_chr_open(name, devname, NULL);
2303         if (!vmc->hd) {
2304             config_error(mon, "could not open vmchannel device '%s'\n",
2305                          devname);
2306             ret = -1;
2307             goto out;
2308         }
2309         vmc->port = port;
2310         slirp_add_exec(3, vmc->hd, 4, port);
2311         qemu_chr_add_handlers(vmc->hd, vmchannel_can_read, vmchannel_read,
2312                 NULL, vmc);
2313         ret = 0;
2314     } else
2315 #endif
2316 #ifdef _WIN32
2317     if (!strcmp(device, "tap")) {
2318         static const char * const tap_params[] = {
2319             "vlan", "name", "ifname", NULL
2320         };
2321         char ifname[64];
2322 
2323         if (check_params(buf, sizeof(buf), tap_params, p) < 0) {
2324             config_error(mon, "invalid parameter '%s' in '%s'\n", buf, p);
2325             ret = -1;
2326             goto out;
2327         }
2328         if (get_param_value(ifname, sizeof(ifname), "ifname", p) <= 0) {
2329             config_error(mon, "tap: no interface name\n");
2330             ret = -1;
2331             goto out;
2332         }
2333         vlan->nb_host_devs++;
2334         ret = tap_win32_init(vlan, device, name, ifname);
2335     } else
2336 #elif defined (_AIX)
2337 #else
2338     if (!strcmp(device, "tap")) {
2339         char ifname[64], chkbuf[64];
2340         char setup_script[1024], down_script[1024];
2341         int fd;
2342         vlan->nb_host_devs++;
2343         if (get_param_value(buf, sizeof(buf), "fd", p) > 0) {
2344             if (check_params(chkbuf, sizeof(chkbuf), fd_params, p) < 0) {
2345                 config_error(mon, "invalid parameter '%s' in '%s'\n", chkbuf, p);
2346                 ret = -1;
2347                 goto out;
2348             }
2349             fd = strtol(buf, NULL, 0);
2350             fcntl(fd, F_SETFL, O_NONBLOCK);
2351             net_tap_fd_init(vlan, device, name, fd);
2352             ret = 0;
2353         } else {
2354             static const char * const tap_params[] = {
2355                 "vlan", "name", "ifname", "script", "downscript", NULL
2356             };
2357             if (check_params(chkbuf, sizeof(chkbuf), tap_params, p) < 0) {
2358                 config_error(mon, "invalid parameter '%s' in '%s'\n", chkbuf, p);
2359                 ret = -1;
2360                 goto out;
2361             }
2362             if (get_param_value(ifname, sizeof(ifname), "ifname", p) <= 0) {
2363                 ifname[0] = '\0';
2364             }
2365             if (get_param_value(setup_script, sizeof(setup_script), "script", p) == 0) {
2366                 pstrcpy(setup_script, sizeof(setup_script), DEFAULT_NETWORK_SCRIPT);
2367             }
2368             if (get_param_value(down_script, sizeof(down_script), "downscript", p) == 0) {
2369                 pstrcpy(down_script, sizeof(down_script), DEFAULT_NETWORK_DOWN_SCRIPT);
2370             }
2371             ret = net_tap_init(vlan, device, name, ifname, setup_script, down_script);
2372         }
2373     } else
2374 #endif
2375     if (!strcmp(device, "socket")) {
2376         char chkbuf[64];
2377         if (get_param_value(buf, sizeof(buf), "fd", p) > 0) {
2378             int fd;
2379             if (check_params(chkbuf, sizeof(chkbuf), fd_params, p) < 0) {
2380                 config_error(mon, "invalid parameter '%s' in '%s'\n", chkbuf, p);
2381                 ret = -1;
2382                 goto out;
2383             }
2384             fd = strtol(buf, NULL, 0);
2385             ret = -1;
2386             if (net_socket_fd_init(vlan, device, name, fd, 1))
2387                 ret = 0;
2388         } else if (get_param_value(buf, sizeof(buf), "listen", p) > 0) {
2389             static const char * const listen_params[] = {
2390                 "vlan", "name", "listen", NULL
2391             };
2392             if (check_params(chkbuf, sizeof(chkbuf), listen_params, p) < 0) {
2393                 config_error(mon, "invalid parameter '%s' in '%s'\n", chkbuf, p);
2394                 ret = -1;
2395                 goto out;
2396             }
2397             ret = net_socket_listen_init(vlan, device, name, buf);
2398         } else if (get_param_value(buf, sizeof(buf), "connect", p) > 0) {
2399             static const char * const connect_params[] = {
2400                 "vlan", "name", "connect", NULL
2401             };
2402             if (check_params(chkbuf, sizeof(chkbuf), connect_params, p) < 0) {
2403                 config_error(mon, "invalid parameter '%s' in '%s'\n", chkbuf, p);
2404                 ret = -1;
2405                 goto out;
2406             }
2407             ret = net_socket_connect_init(vlan, device, name, buf);
2408         } else if (get_param_value(buf, sizeof(buf), "mcast", p) > 0) {
2409             static const char * const mcast_params[] = {
2410                 "vlan", "name", "mcast", NULL
2411             };
2412             if (check_params(chkbuf, sizeof(chkbuf), mcast_params, p) < 0) {
2413                 config_error(mon, "invalid parameter '%s' in '%s'\n", chkbuf, p);
2414                 ret = -1;
2415                 goto out;
2416             }
2417             ret = net_socket_mcast_init(vlan, device, name, buf);
2418         } else {
2419             config_error(mon, "Unknown socket options: %s\n", p);
2420             ret = -1;
2421             goto out;
2422         }
2423         vlan->nb_host_devs++;
2424     } else
2425 #ifdef CONFIG_VDE
2426     if (!strcmp(device, "vde")) {
2427         static const char * const vde_params[] = {
2428             "vlan", "name", "sock", "port", "group", "mode", NULL
2429         };
2430         char vde_sock[1024], vde_group[512];
2431 	int vde_port, vde_mode;
2432 
2433         if (check_params(buf, sizeof(buf), vde_params, p) < 0) {
2434             config_error(mon, "invalid parameter '%s' in '%s'\n", buf, p);
2435             ret = -1;
2436             goto out;
2437         }
2438         vlan->nb_host_devs++;
2439         if (get_param_value(vde_sock, sizeof(vde_sock), "sock", p) <= 0) {
2440 	    vde_sock[0] = '\0';
2441 	}
2442 	if (get_param_value(buf, sizeof(buf), "port", p) > 0) {
2443 	    vde_port = strtol(buf, NULL, 10);
2444 	} else {
2445 	    vde_port = 0;
2446 	}
2447 	if (get_param_value(vde_group, sizeof(vde_group), "group", p) <= 0) {
2448 	    vde_group[0] = '\0';
2449 	}
2450 	if (get_param_value(buf, sizeof(buf), "mode", p) > 0) {
2451 	    vde_mode = strtol(buf, NULL, 8);
2452 	} else {
2453 	    vde_mode = 0700;
2454 	}
2455 	ret = net_vde_init(vlan, device, name, vde_sock, vde_port, vde_group, vde_mode);
2456     } else
2457 #endif
2458     if (!strcmp(device, "dump")) {
2459         int len = 65536;
2460 
2461         if (get_param_value(buf, sizeof(buf), "len", p) > 0) {
2462             len = strtol(buf, NULL, 0);
2463         }
2464         if (!get_param_value(buf, sizeof(buf), "file", p)) {
2465             snprintf(buf, sizeof(buf), "qemu-vlan%d.pcap", vlan_id);
2466         }
2467         ret = net_dump_init(mon, vlan, device, name, buf, len);
2468     } else {
2469         config_error(mon, "Unknown network device: %s\n", device);
2470         ret = -1;
2471         goto out;
2472     }
2473     if (ret < 0) {
2474         config_error(mon, "Could not initialize device '%s'\n", device);
2475     }
2476 out:
2477     qemu_free(name);
2478     return ret;
2479 }
2480 
net_client_uninit(NICInfo * nd)2481 void net_client_uninit(NICInfo *nd)
2482 {
2483     nd->vlan->nb_guest_devs--;
2484     nb_nics--;
2485     nd->used = 0;
2486     free((void *)nd->model);
2487 }
2488 
net_host_check_device(const char * device)2489 static int net_host_check_device(const char *device)
2490 {
2491     int i;
2492     const char *valid_param_list[] = { "tap", "socket", "dump"
2493 #ifdef CONFIG_SLIRP
2494                                        ,"user"
2495 #endif
2496 #ifdef CONFIG_VDE
2497                                        ,"vde"
2498 #endif
2499     };
2500     for (i = 0; i < sizeof(valid_param_list) / sizeof(char *); i++) {
2501         if (!strncmp(valid_param_list[i], device,
2502                      strlen(valid_param_list[i])))
2503             return 1;
2504     }
2505 
2506     return 0;
2507 }
2508 
net_host_device_add(Monitor * mon,const char * device,const char * opts)2509 void net_host_device_add(Monitor *mon, const char *device, const char *opts)
2510 {
2511     if (!net_host_check_device(device)) {
2512         monitor_printf(mon, "invalid host network device %s\n", device);
2513         return;
2514     }
2515     if (net_client_init(mon, device, opts ? opts : "") < 0) {
2516         monitor_printf(mon, "adding host network device %s failed\n", device);
2517     }
2518 }
2519 
net_host_device_remove(Monitor * mon,int vlan_id,const char * device)2520 void net_host_device_remove(Monitor *mon, int vlan_id, const char *device)
2521 {
2522     VLANState *vlan;
2523     VLANClientState *vc;
2524 
2525     vlan = qemu_find_vlan(vlan_id);
2526 
2527     for (vc = vlan->first_client; vc != NULL; vc = vc->next) {
2528         if (!strcmp(vc->name, device)) {
2529             break;
2530         }
2531     }
2532 
2533     if (!vc) {
2534         monitor_printf(mon, "can't find device %s\n", device);
2535         return;
2536     }
2537     if (!net_host_check_device(vc->model)) {
2538         monitor_printf(mon, "invalid host network device %s\n", device);
2539         return;
2540     }
2541     qemu_del_vlan_client(vc);
2542 }
2543 
net_client_parse(const char * str)2544 int net_client_parse(const char *str)
2545 {
2546     const char *p;
2547     char *q;
2548     char device[64];
2549 
2550     p = str;
2551     q = device;
2552     while (*p != '\0' && *p != ',') {
2553         if ((q - device) < sizeof(device) - 1)
2554             *q++ = *p;
2555         p++;
2556     }
2557     *q = '\0';
2558     if (*p == ',')
2559         p++;
2560 
2561     return net_client_init(NULL, device, p);
2562 }
2563 
do_info_network(Monitor * mon)2564 void do_info_network(Monitor *mon)
2565 {
2566     VLANState *vlan;
2567     VLANClientState *vc;
2568 
2569     for(vlan = first_vlan; vlan != NULL; vlan = vlan->next) {
2570         monitor_printf(mon, "VLAN %d devices:\n", vlan->id);
2571         for(vc = vlan->first_client; vc != NULL; vc = vc->next)
2572             monitor_printf(mon, "  %s: %s\n", vc->name, vc->info_str);
2573     }
2574 }
2575 
do_set_link(Monitor * mon,const char * name,const char * up_or_down)2576 int do_set_link(Monitor *mon, const char *name, const char *up_or_down)
2577 {
2578     VLANState *vlan;
2579     VLANClientState *vc = NULL;
2580 
2581     for (vlan = first_vlan; vlan != NULL; vlan = vlan->next)
2582         for (vc = vlan->first_client; vc != NULL; vc = vc->next)
2583             if (strcmp(vc->name, name) == 0)
2584                 goto done;
2585 done:
2586 
2587     if (!vc) {
2588         monitor_printf(mon, "could not find network device '%s'", name);
2589         return 0;
2590     }
2591 
2592     if (strcmp(up_or_down, "up") == 0)
2593         vc->link_down = 0;
2594     else if (strcmp(up_or_down, "down") == 0)
2595         vc->link_down = 1;
2596     else
2597         monitor_printf(mon, "invalid link status '%s'; only 'up' or 'down' "
2598                        "valid\n", up_or_down);
2599 
2600     if (vc->link_status_changed)
2601         vc->link_status_changed(vc);
2602 
2603     return 1;
2604 }
2605 
net_cleanup(void)2606 void net_cleanup(void)
2607 {
2608     VLANState *vlan;
2609 
2610     /* close network clients */
2611     for(vlan = first_vlan; vlan != NULL; vlan = vlan->next) {
2612         VLANClientState *vc = vlan->first_client;
2613 
2614         while (vc) {
2615             VLANClientState *next = vc->next;
2616 
2617             qemu_del_vlan_client(vc);
2618 
2619             vc = next;
2620         }
2621     }
2622 }
2623 
net_client_check(void)2624 void net_client_check(void)
2625 {
2626     VLANState *vlan;
2627 
2628     for(vlan = first_vlan; vlan != NULL; vlan = vlan->next) {
2629         if (vlan->nb_guest_devs == 0 && vlan->nb_host_devs == 0)
2630             continue;
2631         if (vlan->nb_guest_devs == 0)
2632             fprintf(stderr, "Warning: vlan %d with no nics\n", vlan->id);
2633         if (vlan->nb_host_devs == 0)
2634             fprintf(stderr,
2635                     "Warning: vlan %d is not connected to host network\n",
2636                     vlan->id);
2637     }
2638 }
2639 
2640 int
android_parse_network_speed(const char * speed)2641 android_parse_network_speed(const char*  speed)
2642 {
2643     int          n;
2644     char*  end;
2645     double       sp;
2646 
2647     if (speed == NULL || speed[0] == 0) {
2648         speed = DEFAULT_NETSPEED;
2649     }
2650 
2651     for (n = 0; android_netspeeds[n].name != NULL; n++) {
2652         if (!strcmp(android_netspeeds[n].name, speed)) {
2653             qemu_net_download_speed = android_netspeeds[n].download;
2654             qemu_net_upload_speed   = android_netspeeds[n].upload;
2655             return 0;
2656         }
2657     }
2658 
2659     /* is this a number ? */
2660     sp = strtod(speed, &end);
2661     if (end == speed) {
2662         return -1;
2663     }
2664 
2665     qemu_net_download_speed = qemu_net_upload_speed = sp*1000.;
2666     if (*end == ':') {
2667         speed = end+1;
2668         sp = strtod(speed, &end);
2669         if (end > speed) {
2670             qemu_net_download_speed = sp*1000.;
2671         }
2672     }
2673 
2674     if (android_modem)
2675         amodem_set_data_network_type( android_modem,
2676                                       android_parse_network_type(speed) );
2677     return 0;
2678 }
2679 
2680 
2681 int
android_parse_network_latency(const char * delay)2682 android_parse_network_latency(const char*  delay)
2683 {
2684     int  n;
2685     char*  end;
2686     double  sp;
2687 
2688     if (delay == NULL || delay[0] == 0)
2689         delay = DEFAULT_NETDELAY;
2690 
2691     for (n = 0; android_netdelays[n].name != NULL; n++) {
2692         if ( !strcmp( android_netdelays[n].name, delay ) ) {
2693             qemu_net_min_latency = android_netdelays[n].min_ms;
2694             qemu_net_max_latency = android_netdelays[n].max_ms;
2695             return 0;
2696         }
2697     }
2698 
2699     /* is this a number ? */
2700     sp = strtod(delay, &end);
2701     if (end == delay) {
2702         return -1;
2703     }
2704 
2705     qemu_net_min_latency = qemu_net_max_latency = (int)sp;
2706     if (*end == ':') {
2707         delay = (const char*)end+1;
2708         sp = strtod(delay, &end);
2709         if (end > delay) {
2710             qemu_net_max_latency = (int)sp;
2711         }
2712     }
2713     return 0;
2714 }
2715