mirror of
				https://git.proxmox.com/git/qemu
				synced 2025-10-25 22:37:41 +00:00 
			
		
		
		
	 a7c36ee492
			
		
	
	
		a7c36ee492
		
	
	
	
	
		
			
			The most common use of -net tap is to connect a tap device to a bridge.  This
requires the use of a script and running qemu as root in order to allocate a
tap device to pass to the script.
This model is great for portability and flexibility but it's incredibly
difficult to eliminate the need to run qemu as root.  The only really viable
mechanism is to use tunctl to create a tap device, attach it to a bridge as
root, and then hand that tap device to qemu.  The problem with this mechanism
is that it requires administrator intervention whenever a user wants to create
a guest.
By essentially writing a helper that implements the most common qemu-ifup
script that can be safely given cap_net_admin, we can dramatically simplify
things for non-privileged users.  We still support existing -net tap options
as a mechanism for advanced users and backwards compatibility.
Currently, this is very Linux centric but there's really no reason why it
couldn't be extended for other Unixes.
A typical invocation would be similar to one of the following:
  qemu linux.img -net bridge -net nic,model=virtio
  qemu linux.img -net tap,helper="/usr/local/libexec/qemu-bridge-helper"
                 -net nic,model=virtio
  qemu linux.img -netdev bridge,id=hn0
                 -device virtio-net-pci,netdev=hn0,id=nic1
  qemu linux.img -netdev tap,helper="/usr/local/libexec/qemu-bridge-helper",id=hn0
                 -device virtio-net-pci,netdev=hn0,id=nic1
The default bridge that we attach to is br0.  The thinking is that a distro
could preconfigure such an interface to allow out-of-the-box bridged networking.
Alternatively, if a user wants to use a different bridge, a typical invocation
would be simliar to one of the following:
  qemu linux.img -net bridge,br=qemubr0 -net nic,model=virtio
  qemu linux.img -net tap,helper="/usr/local/libexec/qemu-bridge-helper --br=qemubr0"
                 -net nic,model=virtio
  qemu linux.img -netdev bridge,br=qemubr0,id=hn0
                 -device virtio-net-pci,netdev=hn0,id=nic1
  qemu linux.img -netdev tap,helper="/usr/local/libexec/qemu-bridge-helper --br=qemubr0",id=hn0
                 -device virtio-net-pci,netdev=hn0,id=nic1
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Richa Marwaha <rmarwah@linux.vnet.ibm.com>
Signed-off-by: Corey Bryant <coreyb@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
		
	
			
		
			
				
	
	
		
			64 lines
		
	
	
		
			2.4 KiB
		
	
	
	
		
			C
		
	
	
	
	
	
			
		
		
	
	
			64 lines
		
	
	
		
			2.4 KiB
		
	
	
	
		
			C
		
	
	
	
	
	
| /*
 | |
|  * QEMU System Emulator
 | |
|  *
 | |
|  * Copyright (c) 2003-2008 Fabrice Bellard
 | |
|  * Copyright (c) 2009 Red Hat, Inc.
 | |
|  *
 | |
|  * Permission is hereby granted, free of charge, to any person obtaining a copy
 | |
|  * of this software and associated documentation files (the "Software"), to deal
 | |
|  * in the Software without restriction, including without limitation the rights
 | |
|  * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 | |
|  * copies of the Software, and to permit persons to whom the Software is
 | |
|  * furnished to do so, subject to the following conditions:
 | |
|  *
 | |
|  * The above copyright notice and this permission notice shall be included in
 | |
|  * all copies or substantial portions of the Software.
 | |
|  *
 | |
|  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 | |
|  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 | |
|  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
 | |
|  * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 | |
|  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 | |
|  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 | |
|  * THE SOFTWARE.
 | |
|  */
 | |
| 
 | |
| #ifndef QEMU_NET_TAP_H
 | |
| #define QEMU_NET_TAP_H
 | |
| 
 | |
| #include "qemu-common.h"
 | |
| #include "qemu-option.h"
 | |
| 
 | |
| #define DEFAULT_NETWORK_SCRIPT "/etc/qemu-ifup"
 | |
| #define DEFAULT_NETWORK_DOWN_SCRIPT "/etc/qemu-ifdown"
 | |
| 
 | |
| int net_init_tap(QemuOpts *opts, Monitor *mon, const char *name, VLANState *vlan);
 | |
| 
 | |
| int tap_open(char *ifname, int ifname_size, int *vnet_hdr, int vnet_hdr_required);
 | |
| 
 | |
| ssize_t tap_read_packet(int tapfd, uint8_t *buf, int maxlen);
 | |
| 
 | |
| int tap_has_ufo(VLANClientState *vc);
 | |
| int tap_has_vnet_hdr(VLANClientState *vc);
 | |
| int tap_has_vnet_hdr_len(VLANClientState *vc, int len);
 | |
| void tap_using_vnet_hdr(VLANClientState *vc, int using_vnet_hdr);
 | |
| void tap_set_offload(VLANClientState *vc, int csum, int tso4, int tso6, int ecn, int ufo);
 | |
| void tap_set_vnet_hdr_len(VLANClientState *vc, int len);
 | |
| 
 | |
| int tap_set_sndbuf(int fd, QemuOpts *opts);
 | |
| int tap_probe_vnet_hdr(int fd);
 | |
| int tap_probe_vnet_hdr_len(int fd, int len);
 | |
| int tap_probe_has_ufo(int fd);
 | |
| void tap_fd_set_offload(int fd, int csum, int tso4, int tso6, int ecn, int ufo);
 | |
| void tap_fd_set_vnet_hdr_len(int fd, int len);
 | |
| 
 | |
| int tap_get_fd(VLANClientState *vc);
 | |
| 
 | |
| struct vhost_net;
 | |
| struct vhost_net *tap_get_vhost_net(VLANClientState *vc);
 | |
| 
 | |
| int net_init_bridge(QemuOpts *opts, Monitor *mon, const char *name,
 | |
|                     VLANState *vlan);
 | |
| 
 | |
| #endif /* QEMU_NET_TAP_H */
 |