public inbox for passt-dev@passt.top
 help / color / mirror / code / Atom feed
* [libvirt PATCH 0/9] Support libvirt-managed QEMU domain <interface> backed by a passt process
@ 2023-01-09  4:11 Laine Stump
  2023-01-09  4:11 ` [libvirt PATCH 1/9] conf: rename virDomainNetBackend* to virDomainNetDriver* Laine Stump
                   ` (8 more replies)
  0 siblings, 9 replies; 28+ messages in thread
From: Laine Stump @ 2023-01-09  4:11 UTC (permalink / raw)
  To: libvir-list; +Cc: sbrivio, passt-dev

passt (https://passt.top) provides a method for connecting a guest to
the larger network without requiring any elevated privileges. This set
of patches allows libvirt/QEMU users to easily configure a QEMU domain to
use passt for the backend of any emulated network interface.

More details are in the individual patches, but the short explanation is that
you will use:

   <interface type='user'>
     <backend type='passt'>
     ...

to select the passt backend. (We decided to do it this way since the
concept is so similar to slirp, which was the original "type='user'")

The following caveats currently apply:

1) passt support requires "-netdev stream" in QEMU, which is only
   available starting with qemu-7.2.0. So if you want to test these
   patches out, you need the latest upstream release of QEMU.

2) SELinux must be set to "permissive". This is of course
   temporary. As I understand it, the remedy to this is a new SELinux
   profile for the passt binary, which is outside the control of
   libvirt and so not something that can be addressed in this patchset
   (or any other patch to libvirt).

3) Although there is a a new option for QEMU's -netdev that will tell
   QEMU to attempt to reconnect to a new incarnation of the same
   socket if passt unexpectedly exits, and a new QEMU event that will
   be put into QEMU to inform libvirt that the passt process has
   exited (so that it can start a new, identical passt process), I
   think this hasn't been pushed upstream yet (??), and I haven't
   implemented any support for it here. So, if the passt process
   unexpectedly exits, the guest will be without networking. However,
   Stefano (passt author) is emphatic that passt will never
   unexpectedly exit :-)

passt has *many* other options that libvirt could support, but the
small subset here are the things that seem most useful (and/or were
specifically requested by prospective users of passt). It is always
easier to add more stuff in the future than to remove "mistakes", so I
tried to no go overboard.

Laine Stump (9):
  conf: rename virDomainNetBackend* to virDomainNetDriver*
  conf: move anonymous backend struct from virDomainNetDef into its own
    struct
  conf: put interface <backend> parsing/formatting separate functions
  conf: add passt XML additions to schema
  conf: parse/format passt-related XML additions
  qemu: new capability QEMU_CAPS_NETDEV_STREAM
  qemu: add passtStateDir to qemu driver config
  qemu: hook up passt config to qemu domains
  specfile: require passt for the build if fedora >= 36 or rhel >= 9

 docs/formatdomain.rst                         |  95 +++++-
 libvirt.spec.in                               |   7 +
 meson.build                                   |   1 +
 po/POTFILES                                   |   1 +
 src/conf/domain_conf.c                        | 303 ++++++++++++++++--
 src/conf/domain_conf.h                        |  64 +++-
 src/conf/domain_validate.c                    |  32 +-
 src/conf/schemas/domaincommon.rng             |  65 ++++
 src/conf/virconftypes.h                       |   6 +
 src/libvirt_private.syms                      |   1 +
 src/qemu/meson.build                          |   2 +
 src/qemu/qemu_capabilities.c                  |   4 +
 src/qemu/qemu_capabilities.h                  |   3 +
 src/qemu/qemu_command.c                       |  11 +-
 src/qemu/qemu_command.h                       |   3 +-
 src/qemu/qemu_conf.c                          |   2 +
 src/qemu/qemu_conf.h                          |   1 +
 src/qemu/qemu_domain.c                        |   5 +-
 src/qemu/qemu_domain.h                        |   3 +-
 src/qemu/qemu_driver.c                        |  12 +
 src/qemu/qemu_extdevice.c                     |  25 +-
 src/qemu/qemu_hotplug.c                       |  26 +-
 src/qemu/qemu_interface.c                     |   8 +-
 src/qemu/qemu_passt.c                         | 284 ++++++++++++++++
 src/qemu/qemu_passt.h                         |  38 +++
 src/qemu/qemu_process.c                       |   1 +
 src/qemu/qemu_validate.c                      |   9 +-
 src/security/virt-aa-helper.c                 |   2 +-
 .../caps_7.2.0.x86_64.xml                     |   1 +
 tests/qemuxml2argvdata/net-user-passt.args    |  34 ++
 .../net-user-passt.x86_64-latest.args         |  37 +++
 tests/qemuxml2argvdata/net-user-passt.xml     |  57 ++++
 tests/qemuxml2argvtest.c                      |   2 +
 tests/qemuxml2xmloutdata/net-user-passt.xml   |   1 +
 tests/qemuxml2xmltest.c                       |   1 +
 35 files changed, 1087 insertions(+), 60 deletions(-)
 create mode 100644 src/qemu/qemu_passt.c
 create mode 100644 src/qemu/qemu_passt.h
 create mode 100644 tests/qemuxml2argvdata/net-user-passt.args
 create mode 100644 tests/qemuxml2argvdata/net-user-passt.x86_64-latest.args
 create mode 100644 tests/qemuxml2argvdata/net-user-passt.xml
 create mode 120000 tests/qemuxml2xmloutdata/net-user-passt.xml

-- 
2.38.1


^ permalink raw reply	[flat|nested] 28+ messages in thread

end of thread, other threads:[~2023-01-12 18:12 UTC | newest]

Thread overview: 28+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-01-09  4:11 [libvirt PATCH 0/9] Support libvirt-managed QEMU domain <interface> backed by a passt process Laine Stump
2023-01-09  4:11 ` [libvirt PATCH 1/9] conf: rename virDomainNetBackend* to virDomainNetDriver* Laine Stump
2023-01-09  5:40   ` Ján Tomko
2023-01-09  4:11 ` [libvirt PATCH 2/9] conf: move anonymous backend struct from virDomainNetDef into its own struct Laine Stump
2023-01-09  5:41   ` Ján Tomko
2023-01-09  4:11 ` [libvirt PATCH 3/9] conf: put interface <backend> parsing/formatting separate functions Laine Stump
2023-01-09  5:47   ` Ján Tomko
2023-01-09  7:04     ` Laine Stump
2023-01-09  4:11 ` [libvirt PATCH 4/9] conf: add passt XML additions to schema Laine Stump
2023-01-09  5:48   ` Ján Tomko
2023-01-11 18:33   ` Daniel P. Berrangé
2023-01-12 14:45     ` Laine Stump
2023-01-12 17:28       ` Stefano Brivio
2023-01-12 18:12       ` Jiri Denemark
2023-01-09  4:11 ` [libvirt PATCH 5/9] conf: parse/format passt-related XML additions Laine Stump
2023-01-09  6:18   ` Ján Tomko
2023-01-09  4:11 ` [libvirt PATCH 6/9] qemu: new capability QEMU_CAPS_NETDEV_STREAM Laine Stump
2023-01-09  6:20   ` Ján Tomko
2023-01-09  4:11 ` [libvirt PATCH 7/9] qemu: add passtStateDir to qemu driver config Laine Stump
2023-01-09  6:23   ` Ján Tomko
2023-01-09 14:02     ` Laine Stump
2023-01-09  4:11 ` [libvirt PATCH 8/9] qemu: hook up passt config to qemu domains Laine Stump
2023-01-09  6:31   ` Ján Tomko
2023-01-09 14:14     ` Laine Stump
2023-01-09 14:51       ` Ján Tomko
2023-01-09 16:05         ` Laine Stump
2023-01-09  4:11 ` [libvirt PATCH 9/9] specfile: require passt for the build if fedora >= 36 or rhel >= 9 Laine Stump
2023-01-09  6:32   ` Ján Tomko

Code repositories for project(s) associated with this public inbox

	https://passt.top/passt

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for IMAP folder(s).