From patchwork Fri Nov 12 03:11:07 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Zhang Chen X-Patchwork-Id: 12616045 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 73F24C433EF for ; Fri, 12 Nov 2021 03:22:24 +0000 (UTC) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 21AFA60234 for ; Fri, 12 Nov 2021 03:22:24 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org 21AFA60234 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=intel.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=nongnu.org Received: from localhost ([::1]:46850 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1mlN8x-0008EI-B9 for qemu-devel@archiver.kernel.org; Thu, 11 Nov 2021 22:22:23 -0500 Received: from eggs.gnu.org ([209.51.188.92]:37538) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mlN82-0005pV-4N for qemu-devel@nongnu.org; Thu, 11 Nov 2021 22:21:26 -0500 Received: from mga03.intel.com ([134.134.136.65]:4407) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mlN7z-0005Ty-Pp for qemu-devel@nongnu.org; Thu, 11 Nov 2021 22:21:25 -0500 X-IronPort-AV: E=McAfee;i="6200,9189,10165"; a="233009080" X-IronPort-AV: E=Sophos;i="5.87,227,1631602800"; d="scan'208";a="233009080" Received: from orsmga008.jf.intel.com ([10.7.209.65]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Nov 2021 19:21:21 -0800 X-IronPort-AV: E=Sophos;i="5.87,227,1631602800"; d="scan'208";a="504711459" Received: from unknown (HELO localhost.localdomain) ([10.239.13.19]) by orsmga008-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Nov 2021 19:21:19 -0800 From: Zhang Chen To: Jason Wang , Markus Armbruster , "Dr. David Alan Gilbert" , =?utf-8?q?Daniel_P=2E_Berra?= =?utf-8?q?ng=C3=A9?= , Eric Blake Subject: [PATCH for 7.0 V10 1/6] qapi/net: Add IPFlowSpec and QMP command for filter passthrough Date: Fri, 12 Nov 2021 11:11:07 +0800 Message-Id: <20211112031112.9303-2-chen.zhang@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211112031112.9303-1-chen.zhang@intel.com> References: <20211112031112.9303-1-chen.zhang@intel.com> MIME-Version: 1.0 Received-SPF: pass client-ip=134.134.136.65; envelope-from=chen.zhang@intel.com; helo=mga03.intel.com X-Spam_score_int: -41 X-Spam_score: -4.2 X-Spam_bar: ---- X-Spam_report: (-4.2 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Zhang Chen , qemu-dev , Li Zhijian Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: "Qemu-devel" Since the real user scenario does not need to monitor all traffic. Add passthrough-filter-add and passthrough-filter-del to maintain a network passthrough list in object with network packet processing function. Add IPFlowSpec struct for all QMP commands. Most the fields of IPFlowSpec are optional,except object-name. Signed-off-by: Zhang Chen --- net/net.c | 10 +++++++ qapi/net.json | 73 +++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 83 insertions(+) diff --git a/net/net.c b/net/net.c index f0d14dbfc1..5d0d5914fb 100644 --- a/net/net.c +++ b/net/net.c @@ -1215,6 +1215,16 @@ void qmp_netdev_del(const char *id, Error **errp) } } +void qmp_passthrough_filter_add(IPFlowSpec *spec, Error **errp) +{ + /* TODO implement setup passthrough rule */ +} + +void qmp_passthrough_filter_del(IPFlowSpec *spec, Error **errp) +{ + /* TODO implement delete passthrough rule */ +} + static void netfilter_print_info(Monitor *mon, NetFilterState *nf) { char *str; diff --git a/qapi/net.json b/qapi/net.json index 7fab2e7cd8..5194aedcf5 100644 --- a/qapi/net.json +++ b/qapi/net.json @@ -7,6 +7,7 @@ ## { 'include': 'common.json' } +{ 'include': 'sockets.json' } ## # @set_link: @@ -696,3 +697,75 @@ ## { 'event': 'FAILOVER_NEGOTIATED', 'data': {'device-id': 'str'} } + +## +# @IPFlowSpec: +# +# IP flow specification. +# +# @protocol: Transport layer protocol like TCP/UDP, etc. This will be +# passed to getprotobyname(3). +# +# @object-name: The @object-name means a QEMU object with network +# packet processing function, for example colo-compare, +# filter-redirector, filter-mirror, etc. QOM path to +# a QOM object that implements their own passthrough +# work in the original data processing flow. What is +# exposed to the outside world is an operable +# passthrough list. +# +# @source: Source address and port. +# +# @destination: Destination address and port. +# +# Since: 7.0 +## +{ 'struct': 'IPFlowSpec', + 'data': { '*protocol': 'str', 'object-name': 'str', + '*source': 'InetSocketAddressBase', + '*destination': 'InetSocketAddressBase' } } + +## +# @passthrough-filter-add: +# +# Add an entry to the QOM object own network passthrough list. +# Absent protocol, host addresses and ports match anything. +# +# Returns: Nothing on success +# +# Since: 7.0 +# +# Example: +# +# -> { "execute": "passthrough-filter-add", +# "arguments": { "protocol": "tcp", "object-name": "object0", +# "source": {"host": "192.168.1.1", "port": "1234"}, +# "destination": {"host": "192.168.1.2", "port": "4321"} } } +# <- { "return": {} } +# +## +{ 'command': 'passthrough-filter-add', 'boxed': true, + 'data': 'IPFlowSpec' } + +## +# @passthrough-filter-del: +# +# Delete an entry from the QOM object own network passthrough list. +# Deletes the entry with exactly this protocol, host addresses +# and ports. +# +# Returns: Nothing on success +# +# Since: 7.0 +# +# Example: +# +# -> { "execute": "passthrough-filter-del", +# "arguments": { "protocol": "tcp", "object-name": "object0", +# "source": {"host": "192.168.1.1", "port": "1234"}, +# "destination": {"host": "192.168.1.2", "port": "4321"} } } +# <- { "return": {} } +# +## +{ 'command': 'passthrough-filter-del', 'boxed': true, + 'data': 'IPFlowSpec' } From patchwork Fri Nov 12 03:11:08 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Zhang Chen X-Patchwork-Id: 12616057 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id EA5BFC433F5 for ; Fri, 12 Nov 2021 03:23:59 +0000 (UTC) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id A0AEB60E53 for ; Fri, 12 Nov 2021 03:23:59 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org A0AEB60E53 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=intel.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=nongnu.org Received: from localhost ([::1]:53778 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1mlNAU-0004No-SQ for qemu-devel@archiver.kernel.org; Thu, 11 Nov 2021 22:23:58 -0500 Received: from eggs.gnu.org ([209.51.188.92]:37570) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mlN84-0005q1-6V for qemu-devel@nongnu.org; Thu, 11 Nov 2021 22:21:28 -0500 Received: from mga03.intel.com ([134.134.136.65]:4409) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mlN81-0005U8-FF for qemu-devel@nongnu.org; Thu, 11 Nov 2021 22:21:27 -0500 X-IronPort-AV: E=McAfee;i="6200,9189,10165"; a="233009086" X-IronPort-AV: E=Sophos;i="5.87,227,1631602800"; d="scan'208";a="233009086" Received: from orsmga008.jf.intel.com ([10.7.209.65]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Nov 2021 19:21:24 -0800 X-IronPort-AV: E=Sophos;i="5.87,227,1631602800"; d="scan'208";a="504711467" Received: from unknown (HELO localhost.localdomain) ([10.239.13.19]) by orsmga008-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Nov 2021 19:21:21 -0800 From: Zhang Chen To: Jason Wang , Markus Armbruster , "Dr. David Alan Gilbert" , =?utf-8?q?Daniel_P=2E_Berra?= =?utf-8?q?ng=C3=A9?= , Eric Blake Subject: [PATCH for 7.0 V10 2/6] util/qemu-sockets.c: Add inet_parse_base to handle InetSocketAddressBase Date: Fri, 12 Nov 2021 11:11:08 +0800 Message-Id: <20211112031112.9303-3-chen.zhang@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211112031112.9303-1-chen.zhang@intel.com> References: <20211112031112.9303-1-chen.zhang@intel.com> MIME-Version: 1.0 Received-SPF: pass client-ip=134.134.136.65; envelope-from=chen.zhang@intel.com; helo=mga03.intel.com X-Spam_score_int: -41 X-Spam_score: -4.2 X-Spam_bar: ---- X-Spam_report: (-4.2 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Zhang Chen , qemu-dev , Li Zhijian Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: "Qemu-devel" No need to carry the flag all the time in many scenarios. Signed-off-by: Zhang Chen --- include/qemu/sockets.h | 1 + util/qemu-sockets.c | 14 ++++++++++++++ 2 files changed, 15 insertions(+) diff --git a/include/qemu/sockets.h b/include/qemu/sockets.h index 0c34bf2398..3a0f8fa8f2 100644 --- a/include/qemu/sockets.h +++ b/include/qemu/sockets.h @@ -32,6 +32,7 @@ int socket_set_fast_reuse(int fd); int inet_ai_family_from_address(InetSocketAddress *addr, Error **errp); int inet_parse(InetSocketAddress *addr, const char *str, Error **errp); +int inet_parse_base(InetSocketAddressBase *addr, const char *str, Error **errp); int inet_connect(const char *str, Error **errp); int inet_connect_saddr(InetSocketAddress *saddr, Error **errp); diff --git a/util/qemu-sockets.c b/util/qemu-sockets.c index 0585e7a629..f444921918 100644 --- a/util/qemu-sockets.c +++ b/util/qemu-sockets.c @@ -713,6 +713,20 @@ int inet_parse(InetSocketAddress *addr, const char *str, Error **errp) return 0; } +int inet_parse_base(InetSocketAddressBase *base, const char *str, Error **errp) +{ + InetSocketAddress *addr; + int ret = 0; + + addr = g_new0(InetSocketAddress, 1); + ret = inet_parse(addr, str, errp); + + base->host = addr->host; + base->port = addr->port; + + g_free(addr); + return ret; +} /** * Create a blocking socket and connect it to an address. From patchwork Fri Nov 12 03:11:09 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Zhang Chen X-Patchwork-Id: 12616047 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4D093C433EF for ; Fri, 12 Nov 2021 03:22:28 +0000 (UTC) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id F3CC360234 for ; Fri, 12 Nov 2021 03:22:27 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org F3CC360234 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=intel.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=nongnu.org Received: from localhost ([::1]:47266 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1mlN91-0008Ua-1M for qemu-devel@archiver.kernel.org; Thu, 11 Nov 2021 22:22:27 -0500 Received: from eggs.gnu.org ([209.51.188.92]:37604) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mlN86-0005vx-FX for qemu-devel@nongnu.org; Thu, 11 Nov 2021 22:21:30 -0500 Received: from mga03.intel.com ([134.134.136.65]:4409) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mlN84-0005U8-39 for qemu-devel@nongnu.org; Thu, 11 Nov 2021 22:21:30 -0500 X-IronPort-AV: E=McAfee;i="6200,9189,10165"; a="233009091" X-IronPort-AV: E=Sophos;i="5.87,227,1631602800"; d="scan'208";a="233009091" Received: from orsmga008.jf.intel.com ([10.7.209.65]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Nov 2021 19:21:27 -0800 X-IronPort-AV: E=Sophos;i="5.87,227,1631602800"; d="scan'208";a="504711476" Received: from unknown (HELO localhost.localdomain) ([10.239.13.19]) by orsmga008-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Nov 2021 19:21:24 -0800 From: Zhang Chen To: Jason Wang , Markus Armbruster , "Dr. David Alan Gilbert" , =?utf-8?q?Daniel_P=2E_Berra?= =?utf-8?q?ng=C3=A9?= , Eric Blake Subject: [PATCH for 7.0 V10 3/6] hmp-commands: Add new HMP command for filter passthrough Date: Fri, 12 Nov 2021 11:11:09 +0800 Message-Id: <20211112031112.9303-4-chen.zhang@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211112031112.9303-1-chen.zhang@intel.com> References: <20211112031112.9303-1-chen.zhang@intel.com> MIME-Version: 1.0 Received-SPF: pass client-ip=134.134.136.65; envelope-from=chen.zhang@intel.com; helo=mga03.intel.com X-Spam_score_int: -41 X-Spam_score: -4.2 X-Spam_bar: ---- X-Spam_report: (-4.2 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Zhang Chen , qemu-dev , Li Zhijian Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: "Qemu-devel" Add hmp_passthrough_filter_add and hmp_passthrough_filter_del make user can maintain object network passthrough list in human monitor Signed-off-by: Zhang Chen --- hmp-commands.hx | 26 ++++++++++++++++++ include/monitor/hmp.h | 2 ++ monitor/hmp-cmds.c | 63 +++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 91 insertions(+) diff --git a/hmp-commands.hx b/hmp-commands.hx index 70a9136ac2..e57e099361 100644 --- a/hmp-commands.hx +++ b/hmp-commands.hx @@ -1292,6 +1292,32 @@ SRST Remove host network device. ERST + { + .name = "passthrough_filter_add", + .args_type = "protocol:s?,object-name:s,src:s?,dst:s?", + .params = "[protocol] object-name [src] [dst]", + .help = "Add network passthrough rule to object passthrough list", + .cmd = hmp_passthrough_filter_add, + }, + +SRST +``passthrough_filter_add`` + Add network stream to object passthrough list. +ERST + + { + .name = "passthrough_filter_del", + .args_type = "protocol:s?,object-name:s,src:s?,dst:s?", + .params = "[protocol] object-name [src] [dst]", + .help = "Delete network passthrough rule from object passthrough list", + .cmd = hmp_passthrough_filter_del, + }, + +SRST +``passthrough_filter_del`` + Delete network stream from object passthrough list. +ERST + { .name = "object_add", .args_type = "object:S", diff --git a/include/monitor/hmp.h b/include/monitor/hmp.h index 96d014826a..020b86212e 100644 --- a/include/monitor/hmp.h +++ b/include/monitor/hmp.h @@ -78,6 +78,8 @@ void hmp_device_del(Monitor *mon, const QDict *qdict); void hmp_dump_guest_memory(Monitor *mon, const QDict *qdict); void hmp_netdev_add(Monitor *mon, const QDict *qdict); void hmp_netdev_del(Monitor *mon, const QDict *qdict); +void hmp_passthrough_filter_add(Monitor *mon, const QDict *qdict); +void hmp_passthrough_filter_del(Monitor *mon, const QDict *qdict); void hmp_getfd(Monitor *mon, const QDict *qdict); void hmp_closefd(Monitor *mon, const QDict *qdict); void hmp_sendkey(Monitor *mon, const QDict *qdict); diff --git a/monitor/hmp-cmds.c b/monitor/hmp-cmds.c index 9c91bf93e9..19e91f7599 100644 --- a/monitor/hmp-cmds.c +++ b/monitor/hmp-cmds.c @@ -1570,6 +1570,69 @@ void hmp_netdev_del(Monitor *mon, const QDict *qdict) hmp_handle_error(mon, err); } +static IPFlowSpec *hmp_parse_IPFlowSpec(Monitor *mon, const QDict *qdict) +{ + IPFlowSpec *spec = g_new0(IPFlowSpec, 1); + g_autofree char *src = NULL, *dst = NULL; + + spec->protocol = g_strdup(qdict_get_try_str(qdict, "protocol")); + spec->object_name = g_strdup(qdict_get_try_str(qdict, "object-name")); + src = g_strdup(qdict_get_try_str(qdict, "src")); + dst = g_strdup(qdict_get_try_str(qdict, "dst")); + + if (src) { + spec->source = g_new0(InetSocketAddressBase, 1); + + if (inet_parse_base(spec->source, src, NULL)) { + monitor_printf(mon, "Incorrect passthrough src address\n"); + goto err; + } + } + + if (dst) { + spec->destination = g_new0(InetSocketAddressBase, 1); + + if (inet_parse_base(spec->destination, dst, NULL)) { + monitor_printf(mon, "Incorrect passthrough dst address\n"); + goto err; + } + } + + return spec; + +err: + g_free(spec->source); + g_free(spec->destination); + g_free(spec); + return NULL; +} + +void hmp_passthrough_filter_add(Monitor *mon, const QDict *qdict) +{ + IPFlowSpec *spec; + Error *err = NULL; + + spec = hmp_parse_IPFlowSpec(mon, qdict); + if (spec) { + qmp_passthrough_filter_add(spec, &err); + } + + hmp_handle_error(mon, err); +} + +void hmp_passthrough_filter_del(Monitor *mon, const QDict *qdict) +{ + IPFlowSpec *spec; + Error *err = NULL; + + spec = hmp_parse_IPFlowSpec(mon, qdict); + if (spec) { + qmp_passthrough_filter_del(spec, &err); + } + + hmp_handle_error(mon, err); +} + void hmp_object_add(Monitor *mon, const QDict *qdict) { const char *options = qdict_get_str(qdict, "object"); From patchwork Fri Nov 12 03:11:10 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Zhang Chen X-Patchwork-Id: 12616059 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3BB46C433EF for ; Fri, 12 Nov 2021 03:24:01 +0000 (UTC) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id DD46560E90 for ; Fri, 12 Nov 2021 03:24:00 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org DD46560E90 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=intel.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=nongnu.org Received: from localhost ([::1]:53806 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1mlNAW-0004Om-3y for qemu-devel@archiver.kernel.org; Thu, 11 Nov 2021 22:24:00 -0500 Received: from eggs.gnu.org ([209.51.188.92]:37644) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mlN8C-0006FR-Fq for qemu-devel@nongnu.org; Thu, 11 Nov 2021 22:21:36 -0500 Received: from mga03.intel.com ([134.134.136.65]:4413) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mlN86-0005UX-Bq for qemu-devel@nongnu.org; Thu, 11 Nov 2021 22:21:36 -0500 X-IronPort-AV: E=McAfee;i="6200,9189,10165"; a="233009097" X-IronPort-AV: E=Sophos;i="5.87,227,1631602800"; d="scan'208";a="233009097" Received: from orsmga008.jf.intel.com ([10.7.209.65]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Nov 2021 19:21:29 -0800 X-IronPort-AV: E=Sophos;i="5.87,227,1631602800"; d="scan'208";a="504711484" Received: from unknown (HELO localhost.localdomain) ([10.239.13.19]) by orsmga008-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Nov 2021 19:21:27 -0800 From: Zhang Chen To: Jason Wang , Markus Armbruster , "Dr. David Alan Gilbert" , =?utf-8?q?Daniel_P=2E_Berra?= =?utf-8?q?ng=C3=A9?= , Eric Blake Subject: [PATCH for 7.0 V10 4/6] net/colo-compare: Move data structure and define to .h file. Date: Fri, 12 Nov 2021 11:11:10 +0800 Message-Id: <20211112031112.9303-5-chen.zhang@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211112031112.9303-1-chen.zhang@intel.com> References: <20211112031112.9303-1-chen.zhang@intel.com> MIME-Version: 1.0 Received-SPF: pass client-ip=134.134.136.65; envelope-from=chen.zhang@intel.com; helo=mga03.intel.com X-Spam_score_int: -41 X-Spam_score: -4.2 X-Spam_bar: ---- X-Spam_report: (-4.2 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Zhang Chen , qemu-dev , Li Zhijian Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: "Qemu-devel" Rename structure with COLO index and move it to .h file, It make other modules can reuse COLO code. Signed-off-by: Zhang Chen --- net/colo-compare.c | 132 ++++++++------------------------------------- net/colo-compare.h | 86 +++++++++++++++++++++++++++++ 2 files changed, 109 insertions(+), 109 deletions(-) diff --git a/net/colo-compare.c b/net/colo-compare.c index b8876d7fd9..9114b687de 100644 --- a/net/colo-compare.c +++ b/net/colo-compare.c @@ -17,29 +17,18 @@ #include "qemu/error-report.h" #include "trace.h" #include "qapi/error.h" -#include "net/net.h" #include "net/eth.h" #include "qom/object_interfaces.h" #include "qemu/iov.h" #include "qom/object.h" #include "net/queue.h" -#include "chardev/char-fe.h" #include "qemu/sockets.h" -#include "colo.h" -#include "sysemu/iothread.h" #include "net/colo-compare.h" -#include "migration/colo.h" -#include "migration/migration.h" #include "util.h" #include "block/aio-wait.h" #include "qemu/coroutine.h" -#define TYPE_COLO_COMPARE "colo-compare" -typedef struct CompareState CompareState; -DECLARE_INSTANCE_CHECKER(CompareState, COLO_COMPARE, - TYPE_COLO_COMPARE) - static QTAILQ_HEAD(, CompareState) net_compares = QTAILQ_HEAD_INITIALIZER(net_compares); @@ -47,13 +36,13 @@ static NotifierList colo_compare_notifiers = NOTIFIER_LIST_INITIALIZER(colo_compare_notifiers); #define COMPARE_READ_LEN_MAX NET_BUFSIZE -#define MAX_QUEUE_SIZE 1024 +#define MAX_COLO_QUEUE_SIZE 1024 #define COLO_COMPARE_FREE_PRIMARY 0x01 #define COLO_COMPARE_FREE_SECONDARY 0x02 -#define REGULAR_PACKET_CHECK_MS 1000 -#define DEFAULT_TIME_OUT_MS 3000 +#define COLO_REGULAR_PACKET_CHECK_MS 1000 +#define COLO_DEFAULT_TIME_OUT_MS 3000 /* #define DEBUG_COLO_PACKETS */ @@ -64,87 +53,6 @@ static QemuCond event_complete_cond; static int event_unhandled_count; static uint32_t max_queue_size; -/* - * + CompareState ++ - * | | - * +---------------+ +---------------+ +---------------+ - * | conn list + - > conn + ------- > conn + -- > ...... - * +---------------+ +---------------+ +---------------+ - * | | | | | | - * +---------------+ +---v----+ +---v----+ +---v----+ +---v----+ - * |primary | |secondary |primary | |secondary - * |packet | |packet + |packet | |packet + - * +--------+ +--------+ +--------+ +--------+ - * | | | | - * +---v----+ +---v----+ +---v----+ +---v----+ - * |primary | |secondary |primary | |secondary - * |packet | |packet + |packet | |packet + - * +--------+ +--------+ +--------+ +--------+ - * | | | | - * +---v----+ +---v----+ +---v----+ +---v----+ - * |primary | |secondary |primary | |secondary - * |packet | |packet + |packet | |packet + - * +--------+ +--------+ +--------+ +--------+ - */ - -typedef struct SendCo { - Coroutine *co; - struct CompareState *s; - CharBackend *chr; - GQueue send_list; - bool notify_remote_frame; - bool done; - int ret; -} SendCo; - -typedef struct SendEntry { - uint32_t size; - uint32_t vnet_hdr_len; - uint8_t *buf; -} SendEntry; - -struct CompareState { - Object parent; - - char *pri_indev; - char *sec_indev; - char *outdev; - char *notify_dev; - CharBackend chr_pri_in; - CharBackend chr_sec_in; - CharBackend chr_out; - CharBackend chr_notify_dev; - SocketReadState pri_rs; - SocketReadState sec_rs; - SocketReadState notify_rs; - SendCo out_sendco; - SendCo notify_sendco; - bool vnet_hdr; - uint64_t compare_timeout; - uint32_t expired_scan_cycle; - - /* - * Record the connection that through the NIC - * Element type: Connection - */ - GQueue conn_list; - /* Record the connection without repetition */ - GHashTable *connection_track_table; - - IOThread *iothread; - GMainContext *worker_context; - QEMUTimer *packet_check_timer; - - QEMUBH *event_bh; - enum colo_event event; - - QTAILQ_ENTRY(CompareState) next; -}; - -typedef struct CompareClass { - ObjectClass parent_class; -} CompareClass; - enum { PRIMARY_IN = 0, SECONDARY_IN, @@ -155,6 +63,12 @@ static const char *colo_mode[] = { [SECONDARY_IN] = "secondary", }; +typedef struct COLOSendEntry { + uint32_t size; + uint32_t vnet_hdr_len; + uint8_t *buf; +} COLOSendEntry; + static int compare_chr_send(CompareState *s, uint8_t *buf, uint32_t size, @@ -724,19 +638,19 @@ static void colo_compare_connection(void *opaque, void *user_data) static void coroutine_fn _compare_chr_send(void *opaque) { - SendCo *sendco = opaque; + COLOSendCo *sendco = opaque; CompareState *s = sendco->s; int ret = 0; while (!g_queue_is_empty(&sendco->send_list)) { - SendEntry *entry = g_queue_pop_tail(&sendco->send_list); + COLOSendEntry *entry = g_queue_pop_tail(&sendco->send_list); uint32_t len = htonl(entry->size); ret = qemu_chr_fe_write_all(sendco->chr, (uint8_t *)&len, sizeof(len)); if (ret != sizeof(len)) { g_free(entry->buf); - g_slice_free(SendEntry, entry); + g_slice_free(COLOSendEntry, entry); goto err; } @@ -753,7 +667,7 @@ static void coroutine_fn _compare_chr_send(void *opaque) if (ret != sizeof(len)) { g_free(entry->buf); - g_slice_free(SendEntry, entry); + g_slice_free(COLOSendEntry, entry); goto err; } } @@ -764,12 +678,12 @@ static void coroutine_fn _compare_chr_send(void *opaque) if (ret != entry->size) { g_free(entry->buf); - g_slice_free(SendEntry, entry); + g_slice_free(COLOSendEntry, entry); goto err; } g_free(entry->buf); - g_slice_free(SendEntry, entry); + g_slice_free(COLOSendEntry, entry); } sendco->ret = 0; @@ -777,9 +691,9 @@ static void coroutine_fn _compare_chr_send(void *opaque) err: while (!g_queue_is_empty(&sendco->send_list)) { - SendEntry *entry = g_queue_pop_tail(&sendco->send_list); + COLOSendEntry *entry = g_queue_pop_tail(&sendco->send_list); g_free(entry->buf); - g_slice_free(SendEntry, entry); + g_slice_free(COLOSendEntry, entry); } sendco->ret = ret < 0 ? ret : -EIO; out: @@ -795,8 +709,8 @@ static int compare_chr_send(CompareState *s, bool notify_remote_frame, bool zero_copy) { - SendCo *sendco; - SendEntry *entry; + COLOSendCo *sendco; + COLOSendEntry *entry; if (notify_remote_frame) { sendco = &s->notify_sendco; @@ -808,7 +722,7 @@ static int compare_chr_send(CompareState *s, return 0; } - entry = g_slice_new(SendEntry); + entry = g_slice_new(COLOSendEntry); entry->size = size; entry->vnet_hdr_len = vnet_hdr_len; if (zero_copy) { @@ -1261,17 +1175,17 @@ static void colo_compare_complete(UserCreatable *uc, Error **errp) if (!s->compare_timeout) { /* Set default value to 3000 MS */ - s->compare_timeout = DEFAULT_TIME_OUT_MS; + s->compare_timeout = COLO_DEFAULT_TIME_OUT_MS; } if (!s->expired_scan_cycle) { /* Set default value to 3000 MS */ - s->expired_scan_cycle = REGULAR_PACKET_CHECK_MS; + s->expired_scan_cycle = COLO_REGULAR_PACKET_CHECK_MS; } if (!max_queue_size) { /* Set default queue size to 1024 */ - max_queue_size = MAX_QUEUE_SIZE; + max_queue_size = MAX_COLO_QUEUE_SIZE; } if (find_and_check_chardev(&chr, s->pri_indev, errp) || diff --git a/net/colo-compare.h b/net/colo-compare.h index b055270da2..031b627a2f 100644 --- a/net/colo-compare.h +++ b/net/colo-compare.h @@ -17,6 +17,92 @@ #ifndef QEMU_COLO_COMPARE_H #define QEMU_COLO_COMPARE_H +#include "net/net.h" +#include "chardev/char-fe.h" +#include "migration/colo.h" +#include "migration/migration.h" +#include "sysemu/iothread.h" +#include "colo.h" + +#define TYPE_COLO_COMPARE "colo-compare" +typedef struct CompareState CompareState; +DECLARE_INSTANCE_CHECKER(CompareState, COLO_COMPARE, + TYPE_COLO_COMPARE) + +typedef struct COLOSendCo { + Coroutine *co; + struct CompareState *s; + CharBackend *chr; + GQueue send_list; + bool notify_remote_frame; + bool done; + int ret; +} COLOSendCo; + +/* + * + CompareState ++ + * | | + * +---------------+ +---------------+ +---------------+ + * | conn list + - > conn + ------- > conn + -- > ...... + * +---------------+ +---------------+ +---------------+ + * | | | | | | + * +---------------+ +---v----+ +---v----+ +---v----+ +---v----+ + * |primary | |secondary |primary | |secondary + * |packet | |packet + |packet | |packet + + * +--------+ +--------+ +--------+ +--------+ + * | | | | + * +---v----+ +---v----+ +---v----+ +---v----+ + * |primary | |secondary |primary | |secondary + * |packet | |packet + |packet | |packet + + * +--------+ +--------+ +--------+ +--------+ + * | | | | + * +---v----+ +---v----+ +---v----+ +---v----+ + * |primary | |secondary |primary | |secondary + * |packet | |packet + |packet | |packet + + * +--------+ +--------+ +--------+ +--------+ + */ +struct CompareState { + Object parent; + + char *pri_indev; + char *sec_indev; + char *outdev; + char *notify_dev; + CharBackend chr_pri_in; + CharBackend chr_sec_in; + CharBackend chr_out; + CharBackend chr_notify_dev; + SocketReadState pri_rs; + SocketReadState sec_rs; + SocketReadState notify_rs; + COLOSendCo out_sendco; + COLOSendCo notify_sendco; + bool vnet_hdr; + uint64_t compare_timeout; + uint32_t expired_scan_cycle; + + /* + * Record the connection that through the NIC + * Element type: Connection + */ + GQueue conn_list; + /* Record the connection without repetition */ + GHashTable *connection_track_table; + + IOThread *iothread; + GMainContext *worker_context; + QEMUTimer *packet_check_timer; + + QEMUBH *event_bh; + enum colo_event event; + + QTAILQ_ENTRY(CompareState) next; +}; + +typedef struct CompareClass { + ObjectClass parent_class; +} CompareClass; + void colo_notify_compares_event(void *opaque, int event, Error **errp); void colo_compare_register_notifier(Notifier *notify); void colo_compare_unregister_notifier(Notifier *notify); From patchwork Fri Nov 12 03:11:11 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Zhang Chen X-Patchwork-Id: 12616061 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 668DEC433F5 for ; Fri, 12 Nov 2021 03:25:33 +0000 (UTC) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 1BD2660E90 for ; Fri, 12 Nov 2021 03:25:33 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org 1BD2660E90 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=intel.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=nongnu.org Received: from localhost ([::1]:57996 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1mlNC0-0007CM-4S for qemu-devel@archiver.kernel.org; Thu, 11 Nov 2021 22:25:32 -0500 Received: from eggs.gnu.org ([209.51.188.92]:37630) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mlN8B-0006A1-4L for qemu-devel@nongnu.org; Thu, 11 Nov 2021 22:21:35 -0500 Received: from mga03.intel.com ([134.134.136.65]:4409) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mlN89-0005U8-1T for qemu-devel@nongnu.org; Thu, 11 Nov 2021 22:21:34 -0500 X-IronPort-AV: E=McAfee;i="6200,9189,10165"; a="233009110" X-IronPort-AV: E=Sophos;i="5.87,227,1631602800"; d="scan'208";a="233009110" Received: from orsmga008.jf.intel.com ([10.7.209.65]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Nov 2021 19:21:32 -0800 X-IronPort-AV: E=Sophos;i="5.87,227,1631602800"; d="scan'208";a="504711489" Received: from unknown (HELO localhost.localdomain) ([10.239.13.19]) by orsmga008-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Nov 2021 19:21:29 -0800 From: Zhang Chen To: Jason Wang , Markus Armbruster , "Dr. David Alan Gilbert" , =?utf-8?q?Daniel_P=2E_Berra?= =?utf-8?q?ng=C3=A9?= , Eric Blake Subject: [PATCH for 7.0 V10 5/6] net/colo-compare: Add passthrough list to CompareState Date: Fri, 12 Nov 2021 11:11:11 +0800 Message-Id: <20211112031112.9303-6-chen.zhang@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211112031112.9303-1-chen.zhang@intel.com> References: <20211112031112.9303-1-chen.zhang@intel.com> MIME-Version: 1.0 Received-SPF: pass client-ip=134.134.136.65; envelope-from=chen.zhang@intel.com; helo=mga03.intel.com X-Spam_score_int: -41 X-Spam_score: -4.2 X-Spam_bar: ---- X-Spam_report: (-4.2 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Zhang Chen , qemu-dev , Li Zhijian Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: "Qemu-devel" Add passthrough list for each CompareState. Signed-off-by: Zhang Chen --- net/colo-compare.c | 28 ++++++++++++++++++++++++++++ net/colo-compare.h | 12 ++++++++++++ 2 files changed, 40 insertions(+) diff --git a/net/colo-compare.c b/net/colo-compare.c index 9114b687de..df8bc5acce 100644 --- a/net/colo-compare.c +++ b/net/colo-compare.c @@ -161,6 +161,7 @@ static int packet_enqueue(CompareState *s, int mode, Connection **con) ConnectionKey key; Packet *pkt = NULL; Connection *conn; + COLOPassthroughEntry *pass, *next; int ret; if (mode == PRIMARY_IN) { @@ -180,6 +181,31 @@ static int packet_enqueue(CompareState *s, int mode, Connection **con) } fill_connection_key(pkt, &key, false); + /* Check COLO passthrough specifications */ + qemu_mutex_lock(&s->passthroughlist_mutex); + if (!QLIST_EMPTY(&s->passthroughlist)) { + QLIST_FOREACH_SAFE(pass, &s->passthroughlist, node, next) { + if (key.ip_proto == pass->l4_protocol.p_proto) { + if (pass->src_port == 0 || pass->src_port == key.dst_port) { + if (pass->src_ip.s_addr == 0 || + pass->src_ip.s_addr == key.src.s_addr) { + if (pass->dst_port == 0 || + pass->dst_port == key.src_port) { + if (pass->dst_ip.s_addr == 0 || + pass->dst_ip.s_addr == key.dst.s_addr) { + packet_destroy(pkt, NULL); + pkt = NULL; + qemu_mutex_unlock(&s->passthroughlist_mutex); + return -1; + } + } + } + } + } + } + } + qemu_mutex_unlock(&s->passthroughlist_mutex); + conn = connection_get(s->connection_track_table, &key, &s->conn_list); @@ -1232,6 +1258,7 @@ static void colo_compare_complete(UserCreatable *uc, Error **errp) } g_queue_init(&s->conn_list); + QLIST_INIT(&s->passthroughlist); s->connection_track_table = g_hash_table_new_full(connection_key_hash, connection_key_equal, @@ -1246,6 +1273,7 @@ static void colo_compare_complete(UserCreatable *uc, Error **errp) qemu_cond_init(&event_complete_cond); colo_compare_active = true; } + qemu_mutex_init(&s->passthroughlist_mutex); QTAILQ_INSERT_TAIL(&net_compares, s, next); qemu_mutex_unlock(&colo_compare_mutex); diff --git a/net/colo-compare.h b/net/colo-compare.h index 031b627a2f..995f28b833 100644 --- a/net/colo-compare.h +++ b/net/colo-compare.h @@ -23,6 +23,7 @@ #include "migration/migration.h" #include "sysemu/iothread.h" #include "colo.h" +#include #define TYPE_COLO_COMPARE "colo-compare" typedef struct CompareState CompareState; @@ -39,6 +40,15 @@ typedef struct COLOSendCo { int ret; } COLOSendCo; +typedef struct COLOPassthroughEntry { + struct protoent l4_protocol; + int src_port; + int dst_port; + struct in_addr src_ip; + struct in_addr dst_ip; + QLIST_ENTRY(COLOPassthroughEntry) node; +} COLOPassthroughEntry; + /* * + CompareState ++ * | | @@ -95,6 +105,8 @@ struct CompareState { QEMUBH *event_bh; enum colo_event event; + QLIST_HEAD(, COLOPassthroughEntry) passthroughlist; + QemuMutex passthroughlist_mutex; QTAILQ_ENTRY(CompareState) next; }; From patchwork Fri Nov 12 03:11:12 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Zhang Chen X-Patchwork-Id: 12616049 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id DC9CDC433EF for ; Fri, 12 Nov 2021 03:22:37 +0000 (UTC) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 84FF160E52 for ; Fri, 12 Nov 2021 03:22:37 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org 84FF160E52 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=intel.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=nongnu.org Received: from localhost ([::1]:48102 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1mlN9A-0000c4-HP for qemu-devel@archiver.kernel.org; Thu, 11 Nov 2021 22:22:36 -0500 Received: from eggs.gnu.org ([209.51.188.92]:37652) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mlN8D-0006Kf-ND for qemu-devel@nongnu.org; Thu, 11 Nov 2021 22:21:37 -0500 Received: from mga03.intel.com ([134.134.136.65]:4409) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mlN8B-0005U8-G6 for qemu-devel@nongnu.org; Thu, 11 Nov 2021 22:21:37 -0500 X-IronPort-AV: E=McAfee;i="6200,9189,10165"; a="233009118" X-IronPort-AV: E=Sophos;i="5.87,227,1631602800"; d="scan'208";a="233009118" Received: from orsmga008.jf.intel.com ([10.7.209.65]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Nov 2021 19:21:34 -0800 X-IronPort-AV: E=Sophos;i="5.87,227,1631602800"; d="scan'208";a="504711499" Received: from unknown (HELO localhost.localdomain) ([10.239.13.19]) by orsmga008-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Nov 2021 19:21:32 -0800 From: Zhang Chen To: Jason Wang , Markus Armbruster , "Dr. David Alan Gilbert" , =?utf-8?q?Daniel_P=2E_Berra?= =?utf-8?q?ng=C3=A9?= , Eric Blake Subject: [PATCH for 7.0 V10 6/6] net/net.c: Add handler for passthrough filter command Date: Fri, 12 Nov 2021 11:11:12 +0800 Message-Id: <20211112031112.9303-7-chen.zhang@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211112031112.9303-1-chen.zhang@intel.com> References: <20211112031112.9303-1-chen.zhang@intel.com> MIME-Version: 1.0 Received-SPF: pass client-ip=134.134.136.65; envelope-from=chen.zhang@intel.com; helo=mga03.intel.com X-Spam_score_int: -41 X-Spam_score: -4.2 X-Spam_bar: ---- X-Spam_report: (-4.2 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Zhang Chen , qemu-dev , Li Zhijian Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: "Qemu-devel" Use the connection protocol,src port,dst port,src ip,dst ip as the key to passthrough certain network traffic in object with network packet processing function. Signed-off-by: Zhang Chen --- net/net.c | 199 +++++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 197 insertions(+), 2 deletions(-) diff --git a/net/net.c b/net/net.c index 5d0d5914fb..443e88d396 100644 --- a/net/net.c +++ b/net/net.c @@ -55,6 +55,8 @@ #include "net/colo-compare.h" #include "net/filter.h" #include "qapi/string-output-visitor.h" +#include "net/colo-compare.h" +#include "qom/object_interfaces.h" /* Net bridge is currently not supported for W32. */ #if !defined(_WIN32) @@ -1215,14 +1217,207 @@ void qmp_netdev_del(const char *id, Error **errp) } } +static int check_addr(InetSocketAddressBase *addr) +{ + if (!addr || (addr->host && !qemu_isdigit(addr->host[0]))) { + return -1; + } + + if (atoi(addr->port) > 65536 || atoi(addr->port) < 0) { + return -1; + } + + return 0; +} + +/* The initial version only supports colo-compare */ +static CompareState *passthrough_filter_check(IPFlowSpec *spec, Error **errp) +{ + Object *container; + Object *obj; + CompareState *s; + + if (!spec->object_name) { + error_setg(errp, QERR_INVALID_PARAMETER_VALUE, "object-name", + "Need input object name"); + return NULL; + } + + container = object_get_objects_root(); + obj = object_resolve_path_component(container, spec->object_name); + if (!obj) { + error_setg(errp, "object '%s' not found", spec->object_name); + return NULL; + } + + s = COLO_COMPARE(obj); + + if (!getprotobyname(spec->protocol)) { + error_setg(errp, "Passthrough filter get wrong protocol"); + return NULL; + } + + if (spec->source) { + if (check_addr(spec->source)) { + error_setg(errp, "Passthrough filter get wrong source"); + return NULL; + } + } + + if (spec->destination) { + if (check_addr(spec->destination)) { + error_setg(errp, "Passthrough filter get wrong destination"); + return NULL; + } + } + + return s; +} + +/* The initial version only supports colo-compare */ +static COLOPassthroughEntry *passthrough_filter_find(CompareState *s, + COLOPassthroughEntry *ent) +{ + COLOPassthroughEntry *next = NULL, *origin = NULL; + + if (!QLIST_EMPTY(&s->passthroughlist)) { + QLIST_FOREACH_SAFE(origin, &s->passthroughlist, node, next) { + if ((ent->l4_protocol.p_proto == origin->l4_protocol.p_proto) && + (ent->src_port == origin->src_port) && + (ent->dst_port == origin->dst_port) && + (ent->src_ip.s_addr == origin->src_ip.s_addr) && + (ent->dst_ip.s_addr == origin->dst_ip.s_addr)) { + return origin; + } + } + } + + return NULL; +} + +/* The initial version only supports colo-compare */ +static void passthrough_filter_add(CompareState *s, + IPFlowSpec *spec, + Error **errp) +{ + COLOPassthroughEntry *pass = NULL; + + pass = g_new0(COLOPassthroughEntry, 1); + + if (spec->protocol) { + memcpy(&pass->l4_protocol, getprotobyname(spec->protocol), + sizeof(struct protoent)); + } + + if (spec->source) { + if (!inet_aton(spec->source->host, &pass->src_ip)) { + pass->src_ip.s_addr = 0; + } + + pass->src_port = atoi(spec->source->port); + } + + if (spec->destination) { + if (!inet_aton(spec->destination->host, &pass->dst_ip)) { + pass->dst_ip.s_addr = 0; + } + + pass->dst_port = atoi(spec->destination->port); + } + + qemu_mutex_lock(&s->passthroughlist_mutex); + if (passthrough_filter_find(s, pass)) { + error_setg(errp, "The pass through connection already exists"); + g_free(pass); + qemu_mutex_unlock(&s->passthroughlist_mutex); + return; + } + + QLIST_INSERT_HEAD(&s->passthroughlist, pass, node); + qemu_mutex_unlock(&s->passthroughlist_mutex); +} + +/* The initial version only supports colo-compare */ +static void passthrough_filter_del(CompareState *s, + IPFlowSpec *spec, + Error **errp) +{ + COLOPassthroughEntry *pass = NULL, *result = NULL; + + pass = g_new0(COLOPassthroughEntry, 1); + + if (spec->protocol) { + memcpy(&pass->l4_protocol, getprotobyname(spec->protocol), + sizeof(struct protoent)); + } + + if (spec->source) { + if (!inet_aton(spec->source->host, &pass->src_ip)) { + pass->src_ip.s_addr = 0; + } + + pass->src_port = atoi(spec->source->port); + } + + if (spec->destination) { + if (!inet_aton(spec->destination->host, &pass->dst_ip)) { + pass->dst_ip.s_addr = 0; + } + + pass->dst_port = atoi(spec->destination->port); + } + + qemu_mutex_lock(&s->passthroughlist_mutex); + + result = passthrough_filter_find(s, pass); + if (result) { + QLIST_REMOVE(result, node); + g_free(result); + } else { + error_setg(errp, "Can't find the IP flow Spec"); + } + + g_free(pass); + g_free(spec); + qemu_mutex_unlock(&s->passthroughlist_mutex); +} + +/* The initial version only supports colo-compare */ void qmp_passthrough_filter_add(IPFlowSpec *spec, Error **errp) { - /* TODO implement setup passthrough rule */ + CompareState *s; + Error *err = NULL; + + s = passthrough_filter_check(spec, &err); + if (err) { + error_propagate(errp, err); + return; + } + + passthrough_filter_add(s, spec, &err); + if (err) { + error_propagate(errp, err); + return; + } } +/* The initial version only supports colo-compare */ void qmp_passthrough_filter_del(IPFlowSpec *spec, Error **errp) { - /* TODO implement delete passthrough rule */ + CompareState *s; + Error *err = NULL; + + s = passthrough_filter_check(spec, &err); + if (err) { + error_propagate(errp, err); + return; + } + + passthrough_filter_del(s, spec, &err); + if (err) { + error_propagate(errp, err); + return; + } } static void netfilter_print_info(Monitor *mon, NetFilterState *nf)