forked from rootless-containers/slirp4netns
-
Notifications
You must be signed in to change notification settings - Fork 0
/
slirp4netns.c
428 lines (400 loc) · 11.7 KB
/
slirp4netns.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
/* SPDX-License-Identifier: GPL-2.0-or-later */
#define _GNU_SOURCE
#include <errno.h>
#include <signal.h>
#include <stdio.h>
#include <string.h>
#include <unistd.h>
#include <glib.h>
#include <libslirp.h>
#include "api.h"
#include "sandbox.h"
#include "seccompfilter.h"
#include "slirp4netns.h"
/* opaque for SlirpCb */
struct libslirp_data {
int tapfd;
GSList *timers;
};
/* implements SlirpCb.send_packet */
static ssize_t libslirp_send_packet(const void *pkt, size_t pkt_len,
void *opaque)
{
struct libslirp_data *data = (struct libslirp_data *)opaque;
return write(data->tapfd, pkt, pkt_len);
}
/* implements SlirpCb.guest_error */
static void libslirp_guest_error(const char *msg, void *opaque)
{
fprintf(stderr, "libslirp: %s\n", msg);
}
/* implements SlirpCb.clock_get_ns */
static int64_t libslirp_clock_get_ns(void *opaque)
{
struct timespec ts;
clock_gettime(CLOCK_MONOTONIC, &ts);
return ts.tv_sec * 1000000000LL + ts.tv_nsec;
}
/* timer for SlirpCb */
struct timer {
SlirpTimerCb cb;
void *cb_opaque;
int64_t expire_timer_msec;
};
/* implements SlirpCb.timer_new */
static void *libslirp_timer_new(SlirpTimerCb cb, void *cb_opaque, void *opaque)
{
struct libslirp_data *data = (struct libslirp_data *)opaque;
struct timer *t = g_malloc0(sizeof(*t));
t->cb = cb;
t->cb_opaque = cb_opaque;
t->expire_timer_msec = -1;
data->timers = g_slist_append(data->timers, t);
return t;
}
/* implements SlirpCb.timer_free */
static void libslirp_timer_free(void *timer, void *opaque)
{
struct libslirp_data *data = (struct libslirp_data *)opaque;
data->timers = g_slist_remove(data->timers, timer);
g_free(timer);
}
/* implements SlirpCb.timer_mod */
static void libslirp_timer_mod(void *timer, int64_t expire_timer_msec,
void *opaque)
{
struct timer *t = (struct timer *)timer;
t->expire_timer_msec = expire_timer_msec;
}
/* implements SlirpCb.register_poll_fd */
static void libslirp_register_poll_fd(int fd, void *opaque)
{
/*
* NOP
*
* This is NOP on QEMU@4c76137484878f42a2ce1ae1b888b6a7f66b4053 on Linux as
* well, see:
* * qemu/net/slirp.c: net_slirp_register_poll_fd (calls
* qemu_fd_register)
* * qemu/stubs/fd-register.c: qemu_fd_register (NOP on Linux)
*
* See also:
* * qemu/util/main-loop.c: qemu_fd_register (Win32 only)
*/
}
/* implements SlirpCb.unregister_poll_fd */
static void libslirp_unregister_poll_fd(int fd, void *opaque)
{
/*
* NOP
*
* This is NOP on QEMU@4c76137484878f42a2ce1ae1b888b6a7f66b4053 as well,
* see:
* * qemu/net/slirp.c: net_slirp_unregister_poll_fd (NOP)
*/
}
/* implements SlirpCb.notify */
static void libslirp_notify(void *opaque)
{
/*
* NOP
*
* This can be NOP on QEMU@4c76137484878f42a2ce1ae1b888b6a7f66b4053 as well,
* see:
* * qemu/net/slirp.c: net_slirp_notify (calls qemu_notify_event)
* * qemu/stubs/notify-event.c: qemu_notify_event (NOP)
*
* See also:
* * qemu/util/main-loop.c: qemu_notify_event (NOP if
* !qemu_aio_context)
*/
}
static int libslirp_poll_to_gio(int events)
{
int ret = 0;
if (events & SLIRP_POLL_IN) {
ret |= G_IO_IN;
}
if (events & SLIRP_POLL_OUT) {
ret |= G_IO_OUT;
}
if (events & SLIRP_POLL_PRI) {
ret |= G_IO_PRI;
}
if (events & SLIRP_POLL_ERR) {
ret |= G_IO_ERR;
}
if (events & SLIRP_POLL_HUP) {
ret |= G_IO_HUP;
}
return ret;
}
/*
* implements SlirpAddPollCb used in slirp_pollfds_fill.
* originally from qemu/net/slirp.c:net_slirp_add_poll
* (4c76137484878f42a2ce1ae1b888b6a7f66b4053)
*/
static int libslirp_add_poll(int fd, int events, void *opaque)
{
GArray *pollfds = opaque;
GPollFD pfd = {
.fd = fd,
.events = libslirp_poll_to_gio(events),
};
int idx = pollfds->len;
g_array_append_val(pollfds, pfd);
return idx;
}
static int libslirp_gio_to_poll(int events)
{
int ret = 0;
if (events & G_IO_IN) {
ret |= SLIRP_POLL_IN;
}
if (events & G_IO_OUT) {
ret |= SLIRP_POLL_OUT;
}
if (events & G_IO_PRI) {
ret |= SLIRP_POLL_PRI;
}
if (events & G_IO_ERR) {
ret |= SLIRP_POLL_ERR;
}
if (events & G_IO_HUP) {
ret |= SLIRP_POLL_HUP;
}
return ret;
}
/*
* implements SlirpGetREventsCB used in slirp_pollfds_poll
* originally from qemu/net/slirp.c:net_slirp_get_revents
* (4c76137484878f42a2ce1ae1b888b6a7f66b4053)
*/
static int libslirp_get_revents(int idx, void *opaque)
{
GArray *pollfds = opaque;
return libslirp_gio_to_poll(g_array_index(pollfds, GPollFD, idx).revents);
}
/*
* updates timeout_msec for data->timers
* originally from
* https://github.com/rd235/libslirp/blob/d2b7032e29f3ba98e17414b32c9effffc90f2bb0/src/qemu2libslirp.c#L66
*/
static void update_ra_timeout(uint32_t *timeout_msec,
struct libslirp_data *data)
{
int64_t now_msec = libslirp_clock_get_ns(data) / 1000000;
GSList *f;
for (f = data->timers; f != NULL; f = f->next) {
struct timer *t = f->data;
if (t->expire_timer_msec != -1) {
int64_t diff = t->expire_timer_msec - now_msec;
if (diff < 0)
diff = 0;
if (diff < *timeout_msec)
*timeout_msec = diff;
}
}
}
/*
* calls SlirpTimerCb if timed out
* originally from
* https://github.com/rd235/libslirp/blob/d2b7032e29f3ba98e17414b32c9effffc90f2bb0/src/qemu2libslirp.c#L78
*/
static void check_ra_timeout(struct libslirp_data *data)
{
int64_t now_msec = libslirp_clock_get_ns(data) / 1000000;
GSList *f;
for (f = data->timers; f != NULL; f = f->next) {
struct timer *t = f->data;
if (t->expire_timer_msec != -1) {
int64_t diff = t->expire_timer_msec - now_msec;
if (diff <= 0) {
t->expire_timer_msec = -1;
t->cb(t->cb_opaque);
}
}
}
}
static const SlirpCb libslirp_cb = {
.send_packet = libslirp_send_packet,
.guest_error = libslirp_guest_error,
.clock_get_ns = libslirp_clock_get_ns,
.timer_new = libslirp_timer_new,
.timer_free = libslirp_timer_free,
.timer_mod = libslirp_timer_mod,
.register_poll_fd = libslirp_register_poll_fd,
.unregister_poll_fd = libslirp_unregister_poll_fd,
.notify = libslirp_notify,
};
Slirp *create_slirp(void *opaque, struct slirp4netns_config *s4nn)
{
Slirp *slirp = NULL;
SlirpConfig cfg;
memset(&cfg, 0, sizeof(cfg));
cfg.version = 1;
cfg.restricted = 0;
cfg.in_enabled = 1;
cfg.vnetwork = s4nn->vnetwork;
cfg.vnetmask = s4nn->vnetmask;
cfg.vhost = s4nn->vhost;
cfg.in6_enabled = (int)(s4nn->enable_ipv6);
inet_pton(AF_INET6, "fd00::", &cfg.vprefix_addr6);
cfg.vprefix_len = 64;
inet_pton(AF_INET6, "fd00::2", &cfg.vhost6);
cfg.vhostname = NULL;
cfg.tftp_server_name = NULL;
cfg.tftp_path = NULL;
cfg.bootfile = NULL;
cfg.vdhcp_start = s4nn->vdhcp_start;
cfg.vnameserver = s4nn->vnameserver;
inet_pton(AF_INET6, "fd00::3", &cfg.vnameserver6);
cfg.vdnssearch = NULL;
cfg.vdomainname = NULL;
cfg.if_mtu = s4nn->mtu;
cfg.if_mru = s4nn->mtu;
cfg.disable_host_loopback = s4nn->disable_host_loopback;
#if SLIRP_CONFIG_VERSION_MAX >= 2
cfg.outbound_addr = NULL;
cfg.outbound_addr6 = NULL;
if (s4nn->enable_outbound_addr) {
cfg.version = 2;
cfg.outbound_addr = &s4nn->outbound_addr;
}
if (s4nn->enable_outbound_addr6) {
cfg.version = 2;
cfg.outbound_addr6 = &s4nn->outbound_addr6;
}
#endif
#if SLIRP_CONFIG_VERSION_MAX >= 3
if (s4nn->disable_dns) {
cfg.version = 3;
cfg.disable_dns = true;
}
#endif
slirp = slirp_new(&cfg, &libslirp_cb, opaque);
if (slirp == NULL) {
fprintf(stderr, "slirp_new failed\n");
}
return slirp;
}
#define ETH_BUF_SIZE (65536)
int do_slirp(int tapfd, int readyfd, int exitfd, const char *api_socket,
struct slirp4netns_config *cfg)
{
int ret = -1;
Slirp *slirp = NULL;
uint8_t *buf = NULL;
struct libslirp_data opaque = { .tapfd = tapfd, .timers = NULL };
int apifd = -1;
struct api_ctx *apictx = NULL;
GArray *pollfds = g_array_new(FALSE, FALSE, sizeof(GPollFD));
int pollfds_exitfd_idx = -1;
int pollfds_apifd_idx = -1;
size_t n_fds = 1;
GPollFD tap_pollfd = { .fd = tapfd,
.events = G_IO_IN | G_IO_HUP,
.revents = 0 };
GPollFD exit_pollfd = { .fd = exitfd, .events = G_IO_HUP, .revents = 0 };
GPollFD api_pollfd = { .fd = -1,
.events = G_IO_IN | G_IO_HUP,
.revents = 0 };
slirp = create_slirp((void *)&opaque, cfg);
if (slirp == NULL) {
fprintf(stderr, "create_slirp failed\n");
goto err;
}
buf = malloc(ETH_BUF_SIZE);
if (buf == NULL) {
goto err;
}
g_array_append_val(pollfds, tap_pollfd);
if (exitfd >= 0) {
n_fds++;
g_array_append_val(pollfds, exit_pollfd);
pollfds_exitfd_idx = n_fds - 1;
}
if (api_socket != NULL) {
if ((apifd = api_bindlisten(api_socket)) < 0) {
goto err;
}
if ((apictx = api_ctx_alloc(cfg)) == NULL) {
fprintf(stderr, "api_ctx_alloc failed\n");
goto err;
}
api_pollfd.fd = apifd;
n_fds++;
g_array_append_val(pollfds, api_pollfd);
pollfds_apifd_idx = n_fds - 1;
}
signal(SIGPIPE, SIG_IGN);
if (cfg->enable_sandbox && create_sandbox() < 0) {
fprintf(stderr, "create_sandbox failed\n");
goto err;
}
if (cfg->enable_seccomp && enable_seccomp() < 0) {
fprintf(stderr, "enable_seccomp failed\n");
goto err;
}
if (readyfd >= 0) {
int rc = -1;
do
rc = write(readyfd, "1", 1);
while (rc < 0 && errno == EINTR);
close(readyfd);
}
while (1) {
int pollout;
GPollFD *pollfds_data;
uint32_t timeout = -1; /* msec */
g_array_set_size(pollfds, n_fds);
slirp_pollfds_fill(slirp, &timeout, libslirp_add_poll, pollfds);
update_ra_timeout(&timeout, &opaque);
pollfds_data = (GPollFD *)pollfds->data;
do {
pollout = g_poll(pollfds_data, pollfds->len, timeout);
} while (pollout < 0 && errno == EINTR);
if (pollout < 0) {
goto err;
}
if (pollfds_data[0].revents) {
ssize_t rc = read(tapfd, buf, ETH_BUF_SIZE);
if (rc < 0) {
perror("do_slirp: read");
goto after_slirp_input;
}
slirp_input(slirp, buf, (int)rc);
after_slirp_input:
pollout = -1;
}
/* The exitfd is closed. */
if (pollfds_exitfd_idx >= 0 &&
pollfds_data[pollfds_exitfd_idx].revents) {
fprintf(stderr, "exitfd event\n");
goto success;
}
if (pollfds_apifd_idx >= 0 && pollfds_data[pollfds_apifd_idx].revents) {
int rc;
fprintf(stderr, "apifd event\n");
if ((rc = api_handler(slirp, apifd, apictx)) < 0) {
fprintf(stderr, "api_handler: rc=%d\n", rc);
}
}
slirp_pollfds_poll(slirp, (pollout <= 0), libslirp_get_revents,
pollfds);
check_ra_timeout(&opaque);
}
success:
ret = 0;
err:
fprintf(stderr, "do_slirp is exiting\n");
if (buf != NULL) {
free(buf);
}
if (apictx != NULL) {
api_ctx_free(apictx);
unlink(api_socket);
}
g_array_free(pollfds, TRUE);
return ret;
}