[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v3] net/macos: implement vmnet-based netdev
|
From: |
Markus Armbruster |
|
Subject: |
Re: [PATCH v3] net/macos: implement vmnet-based netdev |
|
Date: |
Sat, 07 Aug 2021 14:24:45 +0200 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux) |
Jason, did this fall through the cracks?
My review is for the QAPI schema only.
Akihiko Odaki <akihiko.odaki@gmail.com> writes:
> From: Phillip Tennen <phillip@axleos.com>
>
> This patch implements a new netdev device, reachable via -netdev
> vmnet-macos, that’s backed by macOS’s vmnet framework.
>
> The vmnet framework provides native bridging support, and its usage in
> this patch is intended as a replacement for attempts to use a tap device
> via the tuntaposx kernel extension. Notably, the tap/tuntaposx approach
> never would have worked in the first place, as QEMU interacts with the
> tap device via poll(), and macOS does not support polling device files.
>
> vmnet requires either a special entitlement, granted via a provisioning
> profile, or root access. Otherwise attempts to create the virtual
> interface will fail with a “generic error” status code. QEMU may not
> currently be signed with an entitlement granted in a provisioning
> profile, as this would necessitate pre-signed binary build distribution,
> rather than source-code distribution. As such, using this netdev
> currently requires that qemu be run with root access. I’ve opened a
> feedback report with Apple to allow the use of the relevant entitlement
> with this use case:
> https://openradar.appspot.com/radar?id=5007417364447232
>
> vmnet offers three operating modes, all of which are supported by this
> patch via the “mode=host|shared|bridge” option:
>
> * "Host" mode: Allows the vmnet interface to communicate with other
> * vmnet
> interfaces that are in host mode and also with the native host.
> * "Shared" mode: Allows traffic originating from the vmnet interface to
> reach the Internet through a NAT. The vmnet interface can also
> communicate with the native host.
> * "Bridged" mode: Bridges the vmnet interface with a physical network
> interface.
>
> Each of these modes also provide some extra configuration that’s
> supported by this patch:
>
> * "Bridged" mode: The user may specify the physical interface to bridge
> with. Defaults to en0.
> * "Host" mode / "Shared" mode: The user may specify the DHCP range and
> subnet. Allocated by vmnet if not provided.
>
> vmnet also offers some extra configuration options that are not
> supported by this patch:
>
> * Enable isolation from other VMs using vmnet
> * Port forwarding rules
> * Enabling TCP segmentation offload
> * Only applicable in "shared" mode: specifying the NAT IPv6 prefix
> * Only available in "host" mode: specifying the IP address for the VM
> within an isolated network
>
> Note that this patch requires macOS 10.15 as a minimum, as this is when
> bridging support was implemented in vmnet.framework.
>
> Rebased to commit 9aef0954195cc592e86846dbbe7f3c2c5603690a by Akihiko
> Odaki.
>
> Signed-off-by: Phillip Tennen <phillip@axleos.com>
> Signed-off-by: Akihiko Odaki <akihiko.odaki@gmail.com>
> Message-Id: <20210315103209.20870-1-akihiko.odaki@gmail.com>
[...]
> diff --git a/qapi/net.json b/qapi/net.json
> index 7fab2e7cd8a..e3b67f174fc 100644
> --- a/qapi/net.json
> +++ b/qapi/net.json
> @@ -452,6 +452,115 @@
> '*vhostdev': 'str',
> '*queues': 'int' } }
>
> +##
> +# @VmnetOperatingMode:
> +#
> +# The operating modes in which a vmnet netdev can run
> +# Only available on macOS
Generated qemu-qmp-ref.7 and .html show this as
The operating modes in which a vmnet netdev can run Only available
on macOS
Please end your sentences with periods :)
More of the same below. Proof-reading the generated documentation is
always a good idea, and often forgotten (I've been guilty of that, too).
> +#
> +# @host: the guest may communicate with the host
> +# and other guest network interfaces
> +#
> +# @shared: the guest may reach the Internet through a NAT,
Scratch "a"?
> +# and may communicate with the host and other guest
> +# network interfaces
> +#
> +# @bridged: the guest's traffic is bridged with a
> +# physical network interface of the host
"bridged width" or "bridged to"? I'm not a networking guy...
> +#
> +# Since: 6.0
6.2
> +##
> +{ 'enum': 'VmnetOperatingMode',
> + 'data': [ 'host', 'shared', 'bridged' ],
> + 'if': 'defined(CONFIG_VMNET)' }
I suspect we want 'defined(CONFIG_VMNET) && defined(CONFIG_DARWIN)',
here and below.
> +
> +##
> +# @NetdevVmnetModeOptionsBridged:
> +#
> +# Options for the vmnet-macos netdev
> +# that are only available in 'bridged' mode
> +# Only available on macOS
> +#
> +# @ifname: the physical network interface to bridge with
> +# (defaults to en0 if not specified)
Scratch " if not specified".
> +#
> +# Since: 6.0
> +##
> +{ 'struct': 'NetdevVmnetModeOptionsBridged',
> + 'data': { '*ifname': 'str' },
> + 'if': 'defined(CONFIG_VMNET)' }
> +
> +##
> +# @NetdevVmnetModeOptionsHostOrShared:
> +#
> +# Options for the vmnet-macos netdev
> +# that are only available in 'host' or 'shared' mode
> +# Only available on macOS
> +#
> +# @dhcp-start-address: the gateway address to use for the interface.
> +# The range to dhcp_end_address is placed in the DHCP
> pool.
> +# (only valid with mode=host|shared)
> +# (must be specified with dhcp-end-address and
> +# dhcp-subnet-mask)
> +# (allocated automatically if unset)
> +#
> +# @dhcp-end-address: the DHCP IPv4 range end address to use for the
> interface.
> +# (only valid with mode=host|shared)
> +# (must be specified with dhcp-start-address and
> +# dhcp-subnet-mask)
> +# (allocated automatically if unset)
> +#
> +# @dhcp-subnet-mask: the IPv4 subnet mask (string) to use on the interface.
> +# (only valid with mode=host|shared)
> +# (must be specified with dhcp-start-address and
> +# dhcp-end-address)
> +# (allocated automatically if unset)
No IPv6. Is it because the underlying OS feature can't do it, or is it
merely not implemented in QEMU, yet?
> +#
> +# Since: 6.0
> +##
> +{ 'struct': 'NetdevVmnetModeOptionsHostOrShared',
> + 'data': {
> + '*dhcp-start-address': 'str' ,
> + '*dhcp-end-address': 'str',
> + '*dhcp-subnet-mask': 'str' },
> + 'if': 'defined(CONFIG_VMNET)' }
> +
> +##
> +# @NetdevVmnetModeOptions:
> +#
> +# Options specific to different operating modes of a vmnet netdev
Suggest
# Options for a vmnet network interface backend.
> +# Only available on macOS
> +#
> +# @mode: the operating mode vmnet should run in
> +#
> +# Since: 6.0
> +##
> +{ 'union': 'NetdevVmnetModeOptions',
> + 'base': { 'mode': 'VmnetOperatingMode' },
> + 'discriminator': 'mode',
> + 'data': {
> + 'bridged': 'NetdevVmnetModeOptionsBridged',
> + 'host': 'NetdevVmnetModeOptionsHostOrShared',
> + 'shared': 'NetdevVmnetModeOptionsHostOrShared' },
> + 'if': 'defined(CONFIG_VMNET)' }
> +
> +##
> +# @NetdevVmnetOptions:
> +#
> +# vmnet network backend
> +# Only available on macOS
> +#
> +# @options: a structure specifying the mode and mode-specific options
> +# (once QAPI supports a union type as a branch to another union
> type,
> +# this structure can be changed to a union, and the contents of
> +# NetdevVmnetModeOptions moved here)
> +#
> +# Since: 6.0
> +##
> +{ 'struct': 'NetdevVmnetOptions',
> + 'data': {'options': 'NetdevVmnetModeOptions' },
> + 'if': 'defined(CONFIG_VMNET)' }
Why do you need this wrapper struct?
> +
> ##
> # @NetClientDriver:
> #
> @@ -460,10 +569,13 @@
> # Since: 2.7
> #
> # @vhost-vdpa since 5.1
> +#
> +# @vmnet-macos since 6.0 (only available on macOS)
> ##
> { 'enum': 'NetClientDriver',
> 'data': [ 'none', 'nic', 'user', 'tap', 'l2tpv3', 'socket', 'vde',
> - 'bridge', 'hubport', 'netmap', 'vhost-user', 'vhost-vdpa' ] }
> + 'bridge', 'hubport', 'netmap', 'vhost-user', 'vhost-vdpa',
> + { 'name': 'vmnet-macos', 'if': 'defined(CONFIG_VMNET)' } ] }
>
> ##
> # @Netdev:
> @@ -477,6 +589,8 @@
> # Since: 1.2
> #
> # 'l2tpv3' - since 2.1
> +#
> +# 'vmnet-macos' since 6.0 (only available on macOS)
> ##
> { 'union': 'Netdev',
> 'base': { 'id': 'str', 'type': 'NetClientDriver' },
> @@ -492,7 +606,9 @@
> 'hubport': 'NetdevHubPortOptions',
> 'netmap': 'NetdevNetmapOptions',
> 'vhost-user': 'NetdevVhostUserOptions',
> - 'vhost-vdpa': 'NetdevVhostVDPAOptions' } }
> + 'vhost-vdpa': 'NetdevVhostVDPAOptions',
> + 'vmnet-macos': { 'type': 'NetdevVmnetOptions',
> + 'if': 'defined(CONFIG_VMNET)' } } }
>
> ##
> # @RxState:
> diff --git a/qemu-options.hx b/qemu-options.hx
> index f7210779409..5ff872b3e84 100644
> --- a/qemu-options.hx
> +++ b/qemu-options.hx
> @@ -2609,6 +2609,15 @@ DEF("netdev", HAS_ARG, QEMU_OPTION_netdev,
> #ifdef __linux__
> "-netdev vhost-vdpa,id=str,vhostdev=/path/to/dev\n"
> " configure a vhost-vdpa network,Establish a vhost-vdpa
> netdev\n"
> +#endif
> +#ifdef CONFIG_VMNET
> + "-netdev vmnet-macos,id=str,mode=bridged[,ifname=ifname]\n"
> + " configure a macOS-provided vmnet network in \"physical
> interface bridge\" mode\n"
> + " the physical interface to bridge with defaults to en0 if
> unspecified\n"
> + "-netdev vmnet-macos,id=str,mode=host|shared\n"
> + "
> [,dhcp_start_address=addr,dhcp_end_address=addr,dhcp_subnet_mask=mask]\n"
> + " configure a macOS-provided vmnet network in \"host\" or
> \"shared\" mode\n"
> + " the DHCP configuration will be set automatically if
> unspecified\n"
> #endif
> "-netdev hubport,id=str,hubid=n[,netdev=nd]\n"
> " configure a hub port on the hub with ID 'n'\n",
> QEMU_ARCH_ALL)
- Re: [PATCH v3] net/macos: implement vmnet-based netdev,
Markus Armbruster <=