From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by passt.top (Postfix) with ESMTP id 4FBA95A0082 for ; Mon, 9 Jan 2023 08:18:13 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1673248692; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=/xZpVdoJLH/GDq2MYpV9nXqw/O0abe2kDe+/KWm+D6g=; b=YJED4xiRtTdDi0kjM2GM1xei/fqo6lQFFWs4w5zqJtBj8bheSn1y+bFPv58cnplkKRjF2H yxjXza1kKZqy7S3KYY78RjocVYQ9I1r4/UmFOftcEZRJcCC+gc/wDTff259Uc2ySA9Wd24 z4AHMa0yK4S8mwA248Kuduh0qMbXe3Y= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-61-yYAinYgNMCauk9q4CV4kzw-1; Mon, 09 Jan 2023 02:18:10 -0500 X-MC-Unique: yYAinYgNMCauk9q4CV4kzw-1 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.rdu2.redhat.com [10.11.54.1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 65B511875041 for ; Mon, 9 Jan 2023 07:18:10 +0000 (UTC) Received: from fedora (ovpn-192-19.brq.redhat.com [10.40.192.19]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 68EE140C2004; Mon, 9 Jan 2023 07:18:05 +0000 (UTC) From: =?iso-8859-1?B?SuFu?= Tomko To: Laine Stump Subject: Re: [libvirt PATCH 5/9] conf: parse/format passt-related XML additions Message-ID: References: <20230109041112.368790-1-laine@redhat.com> <20230109041112.368790-6-laine@redhat.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="qF1W9cbNqbXxOa7O" Content-Disposition: inline In-Reply-To: <20230109041112.368790-6-laine@redhat.com> X-Scanned-By: MIMEDefang 3.1 on 10.11.54.1 X-MailFrom: jtomko@redhat.com X-Mailman-Rule-Hits: nonmember-moderation X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation Message-ID-Hash: ZB35XTZCPWSTDDUGBUATMLQB6KY2VLY5 X-Message-ID-Hash: ZB35XTZCPWSTDDUGBUATMLQB6KY2VLY5 X-Mailman-Approved-At: Tue, 10 Jan 2023 16:08:41 +0100 CC: libvir-list@redhat.com, sbrivio@redhat.com, passt-dev@passt.top X-Mailman-Version: 3.3.3 Precedence: list List-Id: Development discussion and patches for passt Archived-At: Archived-At: List-Archive: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: Date: Mon, 09 Jan 2023 07:18:13 X-Original-Date: Mon, 9 Jan 2023 08:18:27 +0100 --qF1W9cbNqbXxOa7O Content-Type: text/plain; charset=iso-8859-1; format=flowed Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On a Sunday in 2023, Laine Stump wrote: >This implements XML config to represent a subset of the features >supported by 'passt' (https://passt.top), which is an alternative >backend for emulated network devices that requires no elevated >privileges (similar to slirp, but "better"). > >Along with setting the backend to use passt (via type=3D'passt'/> when the interface type=3D'user'), we also support >passt's --log-file and --interface options (via the >subelement logFile and upstream attributes) and its --tcp-ports and >--udp-ports options (which selectively forward incoming connections to >the host on to the guest) via the new subelement of >. Here is an example of the config for a network interface >that uses passt to connect: > > > > > > > > > > > > > > > > >In this case: > >* the guest will be offered address 192.168.221.122 for its interface > via DHCP > >* the passt process will write all log messages to /tmp/xyzzy.log > >* routes to the outside for the guest will be derived from the > addresses and routes associated with the host interface "eth0". > >* incoming tcp port 2022 to the host will be forwarded to port 22 > on the guest. > >* incoming tcp ports 5000-5099 (with the exception of ports 5010-5029) > to the host will be forwarded to port 1000-1099 on the guest. > >* incoming udp packets on port 10101 will be forwarded (unchanged) to > the guest. > >Signed-off-by: Laine Stump >--- > docs/formatdomain.rst | 95 +++++++- > src/conf/domain_conf.c | 242 +++++++++++++++++++- > src/conf/domain_conf.h | 40 ++++ > src/conf/domain_validate.c | 32 ++- > src/conf/virconftypes.h | 4 + > src/libvirt_private.syms | 1 + > tests/qemuxml2xmloutdata/net-user-passt.xml | 1 + > tests/qemuxml2xmltest.c | 1 + > 8 files changed, 401 insertions(+), 15 deletions(-) > create mode 120000 tests/qemuxml2xmloutdata/net-user-passt.xml > Reviewed-by: J=E1n Tomko The XML looks reasonable to me. All my comments below are just nitpicking. >+static int >+virDomainNetPortForwardRangesParseXML(virDomainNetPortForward *def, >+ xmlXPathContextPtr ctxt) >+{ >+ int nRanges; >+ g_autofree xmlNodePtr *ranges =3D NULL; >+ size_t i; >+ >+ if ((nRanges =3D virXPathNodeSet("./range", >+ ctxt, &ranges)) <=3D 0) { This would fit on one line. Also, the braces are not necessary, but allowed per our coding style. >+ return nRanges; >+ } >+ >+ def->ranges =3D g_new0(virDomainNetPortForwardRange *, nRanges); >+ >+ for (i =3D 0; i < nRanges; i++) { >+ g_autofree virDomainNetPortForwardRange *range =3D NULL; >+ [...] >@@ -23274,17 +23435,91 @@ static void > virDomainNetBackendFormat(virBuffer *buf, > virDomainNetBackend *backend) > { >- >- if (!(backend->tap || backend->vhost)) >+ if (!(backend->type || backend->tap || backend->vhost >+ || backend->logFile || backend->upstream)) { The prevalent style is to put the operator on the preceding line. Best way to avoid it here is to use virXMLFormatElement. > return; >+ } > [...] > >+ if (net->type !=3D VIR_DOMAIN_NET_TYPE_USER) { >+ if (net->backend.type =3D=3D VIR_DOMAIN_NET_BACKEND_PASST) { >+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s", >+ _("\"\" can only be u= sed with \"\"")); Including XML in the error message can be confusing if the error reaches users that did not use XML to configure the domain. >+ return -1; >+ } >+ } >+ > switch (net->type) { > case VIR_DOMAIN_NET_TYPE_VHOSTUSER: > if (!virDomainNetIsVirtioModel(net)) { Reviewed-by: J=E1n Tomko Jano --qF1W9cbNqbXxOa7O Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iHUEARYKAB0WIQT+Rn5j0qdK2hQgnuAU0rOr/y4PvAUCY7u/vwAKCRAU0rOr/y4P vKH2AQCCVOagdb05JBSHt8Czc21Tau1irIdA7qKWpHRZtDP1/wD/cA61/eMYMbj4 GeOTmp+2iy6b4qaXboUhjK+8MsA9xwA= =B9uH -----END PGP SIGNATURE----- --qF1W9cbNqbXxOa7O--