From patchwork Sun Mar 20 11:39:14 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Samuel Thibault X-Patchwork-Id: 8626091 Return-Path: X-Original-To: patchwork-qemu-devel@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork2.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.136]) by patchwork2.web.kernel.org (Postfix) with ESMTP id EF665C0553 for ; Sun, 20 Mar 2016 11:39:31 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id D30E92024F for ; Sun, 20 Mar 2016 11:39:30 +0000 (UTC) Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id A137620225 for ; Sun, 20 Mar 2016 11:39:29 +0000 (UTC) Received: from localhost ([::1]:52421 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ahbhg-0007LO-Q4 for patchwork-qemu-devel@patchwork.kernel.org; Sun, 20 Mar 2016 07:39:28 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:37790) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ahbhZ-0007LJ-Ib for qemu-devel@nongnu.org; Sun, 20 Mar 2016 07:39:22 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ahbhW-00058V-CT for qemu-devel@nongnu.org; Sun, 20 Mar 2016 07:39:21 -0400 Received: from sonata.ens-lyon.org ([140.77.166.138]:42591) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ahbhW-00058B-1C for qemu-devel@nongnu.org; Sun, 20 Mar 2016 07:39:18 -0400 Received: from localhost (localhost [127.0.0.1]) by sonata.ens-lyon.org (Postfix) with ESMTP id 74741200D8; Sun, 20 Mar 2016 12:39:16 +0100 (CET) Received: from sonata.ens-lyon.org ([127.0.0.1]) by localhost (sonata.ens-lyon.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1fexIlx_S_1l; Sun, 20 Mar 2016 12:39:16 +0100 (CET) Received: from var.youpi.perso.aquilenet.fr (LFbn-1-6757-94.w90-120.abo.wanadoo.fr [90.120.189.94]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by sonata.ens-lyon.org (Postfix) with ESMTPSA id 26F1A200D7; Sun, 20 Mar 2016 12:39:16 +0100 (CET) Received: from samy by var.youpi.perso.aquilenet.fr with local (Exim 4.86_2) (envelope-from ) id 1ahbhT-0004qO-Dm; Sun, 20 Mar 2016 12:39:15 +0100 From: Samuel Thibault To: qemu-devel@nongnu.org Date: Sun, 20 Mar 2016 12:39:14 +0100 Message-Id: <1458473954-18583-1-git-send-email-samuel.thibault@ens-lyon.org> X-Mailer: git-send-email 2.7.0 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 140.77.166.138 Cc: thuth@redhat.com, jan.kiszka@siemens.com, jasowang@redhat.com, armbru@redhat.com, Samuel Thibault Subject: [Qemu-devel] [PATCH] slirp: Allow to disable IPv4 or IPv6 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org X-Spam-Status: No, score=-6.9 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_HI, UNPARSEABLE_RELAY autolearn=unavailable version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP Make net=0.0.0.0 disable IPv4 and ip6-net=:: disable IPv6, so the user can setup IPv4-only and IPv6-only network environments. Signed-off-by: Samuel Thibault --- net/slirp.c | 8 +++++--- qapi-schema.json | 4 ++-- qemu-options.hx | 7 ++++--- slirp/ip6.h | 9 +++++++++ slirp/ip6_icmp.c | 10 ++++++++++ slirp/ip6_input.c | 6 ++++++ slirp/ip_input.c | 5 +++++ slirp/slirp.c | 5 +++++ 8 files changed, 46 insertions(+), 8 deletions(-) diff --git a/net/slirp.c b/net/slirp.c index 95239bc..3151d4a 100644 --- a/net/slirp.c +++ b/net/slirp.c @@ -244,13 +244,15 @@ static int net_slirp_init(NetClientState *peer, const char *model, #if defined(_WIN32) && (_WIN32_WINNT < 0x0600) /* No inet_pton helper before Vista... */ - if (vprefix6) { + if (vprefix6 && strcmp(vprefix6, "::")) { /* Unsupported */ return -1; } memset(&ip6_prefix, 0, sizeof(ip6_prefix)); - ip6_prefix.s6_addr[0] = 0xfe; - ip6_prefix.s6_addr[1] = 0xc0; + if (!vprefix6) { + ip6_prefix.s6_addr[0] = 0xfe; + ip6_prefix.s6_addr[1] = 0xc0; + } #else if (!vprefix6) { vprefix6 = "fec0::"; diff --git a/qapi-schema.json b/qapi-schema.json index 88f9b81..69eb6e7 100644 --- a/qapi-schema.json +++ b/qapi-schema.json @@ -2427,7 +2427,7 @@ # # @ip: #optional legacy parameter, use net= instead # -# @net: #optional IP address and optional netmask +# @net: #optional IP address and optional netmask. Set to 0.0.0.0 to disable IPv4 completely # # @host: #optional guest-visible address of the host # @@ -2443,7 +2443,7 @@ # @dnssearch: #optional list of DNS suffixes to search, passed as DHCP option # to the guest # -# @ip6-prefix: #optional IPv6 network prefix (default is fec0::) (since 2.6) +# @ip6-prefix: #optional IPv6 network prefix. Set to :: to disable IPv6 completely (default is fec0::) (since 2.6) # # @ip6-prefixlen: #optional IPv6 network prefix length (default is 64) (since 2.6) # diff --git a/qemu-options.hx b/qemu-options.hx index 732ed8c..4938213 100644 --- a/qemu-options.hx +++ b/qemu-options.hx @@ -1712,8 +1712,8 @@ Assign symbolic name for use in monitor commands. @item net=@var{addr}[/@var{mask}] Set IP network address the guest will see. Optionally specify the netmask, -either in the form a.b.c.d or as number of valid top-most bits. Default is -10.0.2.0/24. +either in the form a.b.c.d or as number of valid top-most bits. Set to 0.0.0.0 +to disable IPv4 completely. Default is 10.0.2.0/24. @item host=@var{addr} Specify the guest-visible address of the host. Default is the 2nd IP in the @@ -1721,7 +1721,8 @@ guest network, i.e. x.x.x.2. @item ip6-net=@var{addr}[/@var{int}] Set IPv6 network address the guest will see. Optionally specify the prefix -size, as number of valid top-most bits. Default is fec0::/64. +size, as number of valid top-most bits. Set to :: to disable IPv6 completely. +Default is fec0::/64. @item ip6-host=@var{addr} Specify the guest-visible IPv6 address of the host. Default is the 2nd IPv6 in diff --git a/slirp/ip6.h b/slirp/ip6.h index 8ddfa24..da23de6 100644 --- a/slirp/ip6.h +++ b/slirp/ip6.h @@ -26,6 +26,12 @@ 0x00, 0x00, 0x00, 0x00,\ 0x00, 0x00, 0x00, 0x02 } } +#define ZERO_ADDR { .s6_addr = \ + { 0x00, 0x00, 0x00, 0x00,\ + 0x00, 0x00, 0x00, 0x00,\ + 0x00, 0x00, 0x00, 0x00,\ + 0x00, 0x00, 0x00, 0x00 } } + static inline bool in6_equal(const struct in6_addr *a, const struct in6_addr *b) { return memcmp(a, b, sizeof(*a)) == 0; @@ -84,6 +90,9 @@ static inline bool in6_equal_mach(const struct in6_addr *a, #define in6_solicitednode_multicast(a)\ (in6_equal_net(a, &(struct in6_addr)SOLICITED_NODE_PREFIX, 104)) +#define in6_zero(a)\ + (in6_equal(a, &(struct in6_addr)ZERO_ADDR)) + /* Compute emulated host MAC address from its ipv6 address */ static inline void in6_compute_ethaddr(struct in6_addr ip, uint8_t eth[ETH_ALEN]) diff --git a/slirp/ip6_icmp.c b/slirp/ip6_icmp.c index 9d61349..69c0a16 100644 --- a/slirp/ip6_icmp.c +++ b/slirp/ip6_icmp.c @@ -24,6 +24,11 @@ static void ra_timer_handler(void *opaque) void icmp6_init(Slirp *slirp) { + if (in6_zero(&slirp->vprefix_addr6)) { + /* IPv6 is disabled */ + return; + } + slirp->ra_timer = timer_new_ms(QEMU_CLOCK_VIRTUAL, ra_timer_handler, slirp); timer_mod(slirp->ra_timer, qemu_clock_get_ms(QEMU_CLOCK_VIRTUAL) + NDP_Interval); @@ -31,6 +36,11 @@ void icmp6_init(Slirp *slirp) void icmp6_cleanup(Slirp *slirp) { + if (in6_zero(&slirp->vprefix_addr6)) { + /* IPv6 is disabled */ + return; + } + timer_del(slirp->ra_timer); timer_free(slirp->ra_timer); } diff --git a/slirp/ip6_input.c b/slirp/ip6_input.c index c0b11e7..7801043 100644 --- a/slirp/ip6_input.c +++ b/slirp/ip6_input.c @@ -24,6 +24,12 @@ void ip6_cleanup(Slirp *slirp) void ip6_input(struct mbuf *m) { struct ip6 *ip6; + Slirp *slirp = m->slirp; + + if (in6_zero(&slirp->vprefix_addr6)) { + /* IPv6 is disabled */ + goto bad; + } DEBUG_CALL("ip6_input"); DEBUG_ARG("m = %lx", (long)m); diff --git a/slirp/ip_input.c b/slirp/ip_input.c index b464f6b..a519bf6 100644 --- a/slirp/ip_input.c +++ b/slirp/ip_input.c @@ -80,6 +80,11 @@ ip_input(struct mbuf *m) register struct ip *ip; int hlen; + if (!slirp->vnetwork_addr.s_addr) { + /* IPv4 is disabled */ + goto bad; + } + DEBUG_CALL("ip_input"); DEBUG_ARG("m = %p", m); DEBUG_ARG("m_len = %d", m->m_len); diff --git a/slirp/slirp.c b/slirp/slirp.c index 9ccf415..4a4c79e 100644 --- a/slirp/slirp.c +++ b/slirp/slirp.c @@ -693,6 +693,11 @@ static void arp_input(Slirp *slirp, const uint8_t *pkt, int pkt_len) int ar_op; struct ex_list *ex_ptr; + if (!slirp->vnetwork_addr.s_addr) { + /* IPv4 is disabled */ + return; + } + ar_op = ntohs(ah->ar_op); switch(ar_op) { case ARPOP_REQUEST: