Home | History | Annotate | Download | only in qemu
      1 /*
      2  * QEMU System Emulator
      3  *
      4  * Copyright (c) 2003-2008 Fabrice Bellard
      5  *
      6  * Permission is hereby granted, free of charge, to any person obtaining a copy
      7  * of this software and associated documentation files (the "Software"), to deal
      8  * in the Software without restriction, including without limitation the rights
      9  * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
     10  * copies of the Software, and to permit persons to whom the Software is
     11  * furnished to do so, subject to the following conditions:
     12  *
     13  * The above copyright notice and this permission notice shall be included in
     14  * all copies or substantial portions of the Software.
     15  *
     16  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
     17  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
     18  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
     19  * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
     20  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
     21  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
     22  * THE SOFTWARE.
     23  */
     24 #include <unistd.h>
     25 #include <fcntl.h>
     26 #include <signal.h>
     27 #include <time.h>
     28 #include <errno.h>
     29 #include <sys/time.h>
     30 #include <zlib.h>
     31 
     32 #include "tcpdump.h"
     33 
     34 /* Needed early for HOST_BSD etc. */
     35 #include "config-host.h"
     36 
     37 #ifndef _WIN32
     38 #include <sys/times.h>
     39 #include <sys/wait.h>
     40 #include <termios.h>
     41 #include <sys/mman.h>
     42 #include <sys/ioctl.h>
     43 #include <sys/resource.h>
     44 #include <sys/socket.h>
     45 #include <netinet/in.h>
     46 #include <net/if.h>
     47 #ifdef __NetBSD__
     48 #include <net/if_tap.h>
     49 #endif
     50 #ifdef __linux__
     51 #include <linux/if_tun.h>
     52 #endif
     53 #include <arpa/inet.h>
     54 #include <dirent.h>
     55 #include <netdb.h>
     56 #include <sys/select.h>
     57 #ifdef CONFIG_BSD
     58 #include <sys/stat.h>
     59 #if defined(__FreeBSD__) || defined(__DragonFly__)
     60 #include <libutil.h>
     61 #else
     62 #include <util.h>
     63 #endif
     64 #elif defined (__GLIBC__) && defined (__FreeBSD_kernel__)
     65 #include <freebsd/stdlib.h>
     66 #else
     67 #ifdef __linux__
     68 #include <pty.h>
     69 #include <malloc.h>
     70 #include <linux/rtc.h>
     71 
     72 /* For the benefit of older linux systems which don't supply it,
     73    we use a local copy of hpet.h. */
     74 /* #include <linux/hpet.h> */
     75 #include "hpet.h"
     76 
     77 #include <linux/ppdev.h>
     78 #include <linux/parport.h>
     79 #endif
     80 #ifdef __sun__
     81 #include <sys/stat.h>
     82 #include <sys/ethernet.h>
     83 #include <sys/sockio.h>
     84 #include <netinet/arp.h>
     85 #include <netinet/in.h>
     86 #include <netinet/in_systm.h>
     87 #include <netinet/ip.h>
     88 #include <netinet/ip_icmp.h> // must come after ip.h
     89 #include <netinet/udp.h>
     90 #include <netinet/tcp.h>
     91 #include <net/if.h>
     92 #include <syslog.h>
     93 #include <stropts.h>
     94 #endif
     95 #endif
     96 #endif
     97 
     98 #if defined(__OpenBSD__)
     99 #include <util.h>
    100 #endif
    101 
    102 #if defined(CONFIG_VDE)
    103 #include <libvdeplug.h>
    104 #endif
    105 
    106 #ifdef _WIN32
    107 #include <windows.h>
    108 #include <malloc.h>
    109 #include <sys/timeb.h>
    110 #include <mmsystem.h>
    111 #define getopt_long_only getopt_long
    112 #define memalign(align, size) malloc(size)
    113 #endif
    114 
    115 #include "qemu-common.h"
    116 #include "net.h"
    117 #include "monitor.h"
    118 #include "sysemu.h"
    119 #include "qemu-timer.h"
    120 #include "qemu-char.h"
    121 #include "audio/audio.h"
    122 #include "qemu_socket.h"
    123 #include "qemu-log.h"
    124 
    125 #if defined(CONFIG_SLIRP)
    126 #include "libslirp.h"
    127 #endif
    128 
    129 #if defined(CONFIG_ANDROID)
    130 #include "shaper.h"
    131 #endif
    132 
    133 #include "android/android.h"
    134 #include "telephony/modem_driver.h"
    135 
    136 static VLANState *first_vlan;
    137 
    138 /* see http://en.wikipedia.org/wiki/List_of_device_bandwidths or a complete list */
    139 const NetworkSpeed  android_netspeeds[] = {
    140     { "gsm", "GSM/CSD", 14400, 14400 },
    141     { "hscsd", "HSCSD", 14400, 43200 },
    142     { "gprs", "GPRS", 40000, 80000 },
    143     { "edge", "EDGE/EGPRS", 118400, 236800 },
    144     { "umts", "UMTS/3G", 128000, 1920000 },
    145     { "hsdpa", "HSDPA", 348000, 14400000 },
    146     { "full", "no limit", 0, 0 },
    147     { NULL, NULL, 0, 0 }
    148 };
    149 const size_t android_netspeeds_count =
    150     sizeof(android_netspeeds) / sizeof(android_netspeeds[0]);
    151 
    152 const NetworkLatency  android_netdelays[] = {
    153     /* FIXME: these numbers are totally imaginary */
    154     { "gprs", "GPRS", 150, 550 },
    155     { "edge", "EDGE/EGPRS", 80, 400 },
    156     { "umts", "UMTS/3G", 35, 200 },
    157     { "none", "no latency", 0, 0 },
    158     { NULL, NULL, 0, 0 }
    159 };
    160 const size_t android_netdelays_count =
    161     sizeof(android_netdelays) / sizeof(android_netdelays[0]);
    162 
    163 /***********************************************************/
    164 /* network device redirectors */
    165 
    166 #if defined(DEBUG_NET) || defined(DEBUG_SLIRP)
    167 static void hex_dump(FILE *f, const uint8_t *buf, int size)
    168 {
    169     int len, i, j, c;
    170 
    171     for(i=0;i<size;i+=16) {
    172         len = size - i;
    173         if (len > 16)
    174             len = 16;
    175         fprintf(f, "%08x ", i);
    176         for(j=0;j<16;j++) {
    177             if (j < len)
    178                 fprintf(f, " %02x", buf[i+j]);
    179             else
    180                 fprintf(f, "   ");
    181         }
    182         fprintf(f, " ");
    183         for(j=0;j<len;j++) {
    184             c = buf[i+j];
    185             if (c < ' ' || c > '~')
    186                 c = '.';
    187             fprintf(f, "%c", c);
    188         }
    189         fprintf(f, "\n");
    190     }
    191 }
    192 #endif
    193 
    194 static int parse_macaddr(uint8_t *macaddr, const char *p)
    195 {
    196     int i;
    197     char *last_char;
    198     long int offset;
    199 
    200     errno = 0;
    201     offset = strtol(p, &last_char, 0);
    202     if (0 == errno && '\0' == *last_char &&
    203             offset >= 0 && offset <= 0xFFFFFF) {
    204         macaddr[3] = (offset & 0xFF0000) >> 16;
    205         macaddr[4] = (offset & 0xFF00) >> 8;
    206         macaddr[5] = offset & 0xFF;
    207         return 0;
    208     } else {
    209         for(i = 0; i < 6; i++) {
    210             macaddr[i] = strtol(p, (char **)&p, 16);
    211             if (i == 5) {
    212                 if (*p != '\0')
    213                     return -1;
    214             } else {
    215                 if (*p != ':' && *p != '-')
    216                     return -1;
    217                 p++;
    218             }
    219         }
    220         return 0;
    221     }
    222 
    223     return -1;
    224 }
    225 
    226 static int get_str_sep(char *buf, int buf_size, const char **pp, int sep)
    227 {
    228     const char *p, *p1;
    229     int len;
    230     p = *pp;
    231     p1 = strchr(p, sep);
    232     if (!p1)
    233         return -1;
    234     len = p1 - p;
    235     p1++;
    236     if (buf_size > 0) {
    237         if (len > buf_size - 1)
    238             len = buf_size - 1;
    239         memcpy(buf, p, len);
    240         buf[len] = '\0';
    241     }
    242     *pp = p1;
    243     return 0;
    244 }
    245 
    246 int parse_host_src_port(SockAddress *haddr,
    247                         SockAddress *saddr,
    248                         const char *input_str)
    249 {
    250     char *str = strdup(input_str);
    251     char *host_str = str;
    252     char *src_str;
    253     const char *src_str2;
    254     char *ptr;
    255 
    256     /*
    257      * Chop off any extra arguments at the end of the string which
    258      * would start with a comma, then fill in the src port information
    259      * if it was provided else use the "any address" and "any port".
    260      */
    261     if ((ptr = strchr(str,',')))
    262         *ptr = '\0';
    263 
    264     if ((src_str = strchr(input_str,'@'))) {
    265         *src_str = '\0';
    266         src_str++;
    267     }
    268 
    269     if (parse_host_port(haddr, host_str) < 0)
    270         goto fail;
    271 
    272     src_str2 = src_str;
    273     if (!src_str || *src_str == '\0')
    274         src_str2 = ":0";
    275 
    276     if (parse_host_port(saddr, src_str2) < 0)
    277         goto fail;
    278 
    279     free(str);
    280     return(0);
    281 
    282 fail:
    283     free(str);
    284     return -1;
    285 }
    286 
    287 int parse_host_port(SockAddress *saddr, const char *str)
    288 {
    289     char buf[512];
    290     const char *p, *r;
    291     uint32_t ip;
    292     int port;
    293 
    294     p = str;
    295     if (get_str_sep(buf, sizeof(buf), &p, ':') < 0)
    296         return -1;
    297 
    298     if (buf[0] == '\0') {
    299         ip = 0;
    300     } else {
    301         if (qemu_isdigit(buf[0])) {
    302             if (inet_strtoip(buf, &ip) < 0)
    303                 return -1;
    304         } else {
    305             if (sock_address_init_resolve(saddr, buf, 0, 0) < 0)
    306                 return - 1;
    307             ip = sock_address_get_ip(saddr);
    308         }
    309     }
    310     port = strtol(p, (char **)&r, 0);
    311     if (r == p)
    312         return -1;
    313     sock_address_init_inet(saddr, ip, port);
    314     return 0;
    315 }
    316 
    317 #if !defined(_WIN32) && 0
    318 static int parse_unix_path(struct sockaddr_un *uaddr, const char *str)
    319 {
    320     const char *p;
    321     int len;
    322 
    323     len = MIN(108, strlen(str));
    324     p = strchr(str, ',');
    325     if (p)
    326 	len = MIN(len, p - str);
    327 
    328     memset(uaddr, 0, sizeof(*uaddr));
    329 
    330     uaddr->sun_family = AF_UNIX;
    331     memcpy(uaddr->sun_path, str, len);
    332 
    333     return 0;
    334 }
    335 #endif
    336 
    337 void qemu_format_nic_info_str(VLANClientState *vc, uint8_t macaddr[6])
    338 {
    339     snprintf(vc->info_str, sizeof(vc->info_str),
    340              "model=%s,macaddr=%02x:%02x:%02x:%02x:%02x:%02x",
    341              vc->model,
    342              macaddr[0], macaddr[1], macaddr[2],
    343              macaddr[3], macaddr[4], macaddr[5]);
    344 }
    345 
    346 static char *assign_name(VLANClientState *vc1, const char *model)
    347 {
    348     VLANState *vlan;
    349     char buf[256];
    350     int id = 0;
    351 
    352     for (vlan = first_vlan; vlan; vlan = vlan->next) {
    353         VLANClientState *vc;
    354 
    355         for (vc = vlan->first_client; vc; vc = vc->next)
    356             if (vc != vc1 && strcmp(vc->model, model) == 0)
    357                 id++;
    358     }
    359 
    360     snprintf(buf, sizeof(buf), "%s.%d", model, id);
    361 
    362     return strdup(buf);
    363 }
    364 
    365 VLANClientState *qemu_new_vlan_client(VLANState *vlan,
    366                                       const char *model,
    367                                       const char *name,
    368                                       NetCanReceive *can_receive,
    369                                       NetReceive *receive,
    370                                       NetReceiveIOV *receive_iov,
    371                                       NetCleanup *cleanup,
    372                                       void *opaque)
    373 {
    374     VLANClientState *vc, **pvc;
    375     vc = qemu_mallocz(sizeof(VLANClientState));
    376     vc->model = strdup(model);
    377     if (name)
    378         vc->name = strdup(name);
    379     else
    380         vc->name = assign_name(vc, model);
    381     vc->can_receive = can_receive;
    382     vc->receive = receive;
    383     vc->receive_iov = receive_iov;
    384     vc->cleanup = cleanup;
    385     vc->opaque = opaque;
    386     vc->vlan = vlan;
    387 
    388     vc->next = NULL;
    389     pvc = &vlan->first_client;
    390     while (*pvc != NULL)
    391         pvc = &(*pvc)->next;
    392     *pvc = vc;
    393     return vc;
    394 }
    395 
    396 void qemu_del_vlan_client(VLANClientState *vc)
    397 {
    398     VLANClientState **pvc = &vc->vlan->first_client;
    399 
    400     while (*pvc != NULL)
    401         if (*pvc == vc) {
    402             *pvc = vc->next;
    403             if (vc->cleanup) {
    404                 vc->cleanup(vc);
    405             }
    406             free(vc->name);
    407             free(vc->model);
    408             qemu_free(vc);
    409             break;
    410         } else
    411             pvc = &(*pvc)->next;
    412 }
    413 
    414 VLANClientState *qemu_find_vlan_client(VLANState *vlan, void *opaque)
    415 {
    416     VLANClientState **pvc = &vlan->first_client;
    417 
    418     while (*pvc != NULL)
    419         if ((*pvc)->opaque == opaque)
    420             return *pvc;
    421         else
    422             pvc = &(*pvc)->next;
    423 
    424     return NULL;
    425 }
    426 
    427 int qemu_can_send_packet(VLANClientState *sender)
    428 {
    429     VLANState *vlan = sender->vlan;
    430     VLANClientState *vc;
    431 
    432     for (vc = vlan->first_client; vc != NULL; vc = vc->next) {
    433         if (vc == sender) {
    434             continue;
    435         }
    436 
    437         /* no can_receive() handler, they can always receive */
    438         if (!vc->can_receive || vc->can_receive(vc)) {
    439             return 1;
    440         }
    441     }
    442     return 0;
    443 }
    444 
    445 static int
    446 qemu_deliver_packet(VLANClientState *sender, const uint8_t *buf, int size)
    447 {
    448     VLANClientState *vc;
    449     int ret = -1;
    450 
    451     sender->vlan->delivering = 1;
    452 
    453     for (vc = sender->vlan->first_client; vc != NULL; vc = vc->next) {
    454         ssize_t len;
    455 
    456         if (vc == sender) {
    457             continue;
    458         }
    459 
    460         if (vc->link_down) {
    461             ret = size;
    462             continue;
    463         }
    464 
    465         len = vc->receive(vc, buf, size);
    466 
    467         ret = (ret >= 0) ? ret : len;
    468     }
    469 
    470     sender->vlan->delivering = 0;
    471 
    472     return ret;
    473 }
    474 
    475 void qemu_flush_queued_packets(VLANClientState *vc)
    476 {
    477     VLANPacket *packet;
    478 
    479     while ((packet = vc->vlan->send_queue) != NULL) {
    480         int ret;
    481 
    482         vc->vlan->send_queue = packet->next;
    483 
    484         ret = qemu_deliver_packet(packet->sender, packet->data, packet->size);
    485         if (ret == 0 && packet->sent_cb != NULL) {
    486             packet->next = vc->vlan->send_queue;
    487             vc->vlan->send_queue = packet;
    488             break;
    489         }
    490 
    491         if (packet->sent_cb)
    492             packet->sent_cb(packet->sender);
    493 
    494         qemu_free(packet);
    495     }
    496 }
    497 
    498 static void qemu_enqueue_packet(VLANClientState *sender,
    499                                 const uint8_t *buf, int size,
    500                                 NetPacketSent *sent_cb)
    501 {
    502     VLANPacket *packet;
    503 
    504     packet = qemu_malloc(sizeof(VLANPacket) + size);
    505     packet->next = sender->vlan->send_queue;
    506     packet->sender = sender;
    507     packet->size = size;
    508     packet->sent_cb = sent_cb;
    509     memcpy(packet->data, buf, size);
    510     sender->vlan->send_queue = packet;
    511 }
    512 
    513 ssize_t qemu_send_packet_async(VLANClientState *sender,
    514                                const uint8_t *buf, int size,
    515                                NetPacketSent *sent_cb)
    516 {
    517     int ret;
    518 
    519     if (sender->link_down) {
    520         return size;
    521     }
    522 
    523 #ifdef DEBUG_NET
    524     printf("vlan %d send:\n", sender->vlan->id);
    525     hex_dump(stdout, buf, size);
    526 #endif
    527 
    528     if (sender->vlan->delivering) {
    529         qemu_enqueue_packet(sender, buf, size, NULL);
    530         return size;
    531     }
    532 
    533     ret = qemu_deliver_packet(sender, buf, size);
    534     if (ret == 0 && sent_cb != NULL) {
    535         qemu_enqueue_packet(sender, buf, size, sent_cb);
    536         return 0;
    537     }
    538 
    539     qemu_flush_queued_packets(sender);
    540 
    541     return ret;
    542 }
    543 
    544 void qemu_send_packet(VLANClientState *vc, const uint8_t *buf, int size)
    545 {
    546     qemu_send_packet_async(vc, buf, size, NULL);
    547 }
    548 
    549 static ssize_t vc_sendv_compat(VLANClientState *vc, const struct iovec *iov,
    550                                int iovcnt)
    551 {
    552     uint8_t buffer[4096];
    553     size_t offset = 0;
    554     int i;
    555 
    556     for (i = 0; i < iovcnt; i++) {
    557         size_t len;
    558 
    559         len = MIN(sizeof(buffer) - offset, iov[i].iov_len);
    560         memcpy(buffer + offset, iov[i].iov_base, len);
    561         offset += len;
    562     }
    563 
    564     return vc->receive(vc, buffer, offset);
    565 }
    566 
    567 static ssize_t calc_iov_length(const struct iovec *iov, int iovcnt)
    568 {
    569     size_t offset = 0;
    570     int i;
    571 
    572     for (i = 0; i < iovcnt; i++)
    573         offset += iov[i].iov_len;
    574     return offset;
    575 }
    576 
    577 static int qemu_deliver_packet_iov(VLANClientState *sender,
    578                                    const struct iovec *iov, int iovcnt)
    579 {
    580     VLANClientState *vc;
    581     int ret = -1;
    582 
    583     sender->vlan->delivering = 1;
    584 
    585     for (vc = sender->vlan->first_client; vc != NULL; vc = vc->next) {
    586         ssize_t len;
    587 
    588         if (vc == sender) {
    589             continue;
    590         }
    591 
    592         if (vc->link_down) {
    593             ret = calc_iov_length(iov, iovcnt);
    594             continue;
    595         }
    596 
    597         if (vc->receive_iov) {
    598             len = vc->receive_iov(vc, iov, iovcnt);
    599         } else {
    600             len = vc_sendv_compat(vc, iov, iovcnt);
    601         }
    602 
    603         ret = (ret >= 0) ? ret : len;
    604     }
    605 
    606     sender->vlan->delivering = 0;
    607 
    608     return ret;
    609 }
    610 
    611 static ssize_t qemu_enqueue_packet_iov(VLANClientState *sender,
    612                                        const struct iovec *iov, int iovcnt,
    613                                        NetPacketSent *sent_cb)
    614 {
    615     VLANPacket *packet;
    616     size_t max_len = 0;
    617     int i;
    618 
    619     max_len = calc_iov_length(iov, iovcnt);
    620 
    621     packet = qemu_malloc(sizeof(VLANPacket) + max_len);
    622     packet->next = sender->vlan->send_queue;
    623     packet->sender = sender;
    624     packet->sent_cb = sent_cb;
    625     packet->size = 0;
    626 
    627     for (i = 0; i < iovcnt; i++) {
    628         size_t len = iov[i].iov_len;
    629 
    630         memcpy(packet->data + packet->size, iov[i].iov_base, len);
    631         packet->size += len;
    632     }
    633 
    634     sender->vlan->send_queue = packet;
    635 
    636     return packet->size;
    637 }
    638 
    639 ssize_t qemu_sendv_packet_async(VLANClientState *sender,
    640                                 const struct iovec *iov, int iovcnt,
    641                                 NetPacketSent *sent_cb)
    642 {
    643     int ret;
    644 
    645     if (sender->link_down) {
    646         return calc_iov_length(iov, iovcnt);
    647     }
    648 
    649     if (sender->vlan->delivering) {
    650         return qemu_enqueue_packet_iov(sender, iov, iovcnt, NULL);
    651     }
    652 
    653     ret = qemu_deliver_packet_iov(sender, iov, iovcnt);
    654     if (ret == 0 && sent_cb != NULL) {
    655         qemu_enqueue_packet_iov(sender, iov, iovcnt, sent_cb);
    656         return 0;
    657     }
    658 
    659     qemu_flush_queued_packets(sender);
    660 
    661     return ret;
    662 }
    663 
    664 ssize_t
    665 qemu_sendv_packet(VLANClientState *vc, const struct iovec *iov, int iovcnt)
    666 {
    667     return qemu_sendv_packet_async(vc, iov, iovcnt, NULL);
    668 }
    669 
    670 static void config_error(Monitor *mon, const char *fmt, ...)
    671 {
    672     va_list ap;
    673 
    674     va_start(ap, fmt);
    675     if (mon) {
    676         monitor_vprintf(mon, fmt, ap);
    677     } else {
    678         fprintf(stderr, "qemu: ");
    679         vfprintf(stderr, fmt, ap);
    680         exit(1);
    681     }
    682     va_end(ap);
    683 }
    684 
    685 #if defined(CONFIG_SLIRP)
    686 
    687 /* slirp network adapter */
    688 
    689 struct slirp_config_str {
    690     struct slirp_config_str *next;
    691     const char *str;
    692 };
    693 
    694 static int slirp_inited;
    695 static struct slirp_config_str *slirp_redirs;
    696 #ifndef _WIN32
    697 static const char *slirp_smb_export;
    698 #endif
    699 static VLANClientState *slirp_vc;
    700 
    701 #ifndef _WIN32
    702 static void slirp_smb(const char *exported_dir);
    703 #endif
    704 static void slirp_redirection(Monitor *mon, const char *redir_str);
    705 
    706 double   qemu_net_upload_speed   = 0.;
    707 double   qemu_net_download_speed = 0.;
    708 int      qemu_net_min_latency = 0;
    709 int      qemu_net_max_latency = 0;
    710 int      qemu_net_disable = 0;
    711 
    712 int
    713 ip_packet_is_internal( const uint8_t*  data, size_t  size )
    714 {
    715     const uint8_t*  end = data + size;
    716 
    717     /* must have room for Mac + IP header */
    718     if (data + 40 > end)
    719         return 0;
    720 
    721     if (data[12] != 0x08 || data[13] != 0x00 )
    722         return 0;
    723 
    724     /* must have valid IP header */
    725     data += 14;
    726     if ((data[0] >> 4) != 4 || (data[0] & 15) < 5)
    727         return 0;
    728 
    729     /* internal if both source and dest addresses are in 10.x.x.x */
    730     return ( data[12] == 10 && data[16] == 10);
    731 }
    732 
    733 #ifdef CONFIG_ANDROID
    734 
    735 NetShaper  slirp_shaper_in;
    736 NetShaper  slirp_shaper_out;
    737 NetDelay   slirp_delay_in;
    738 
    739 static void
    740 slirp_delay_in_cb( void*   data,
    741                    size_t  size,
    742                    void*   opaque )
    743 {
    744     slirp_input( (const uint8_t*)data, (int)size );
    745     opaque = opaque;
    746 }
    747 
    748 static void
    749 slirp_shaper_in_cb( void*   data,
    750                     size_t  size,
    751                     void*   opaque )
    752 {
    753     netdelay_send_aux( slirp_delay_in, data, size, opaque );
    754 }
    755 
    756 static void
    757 slirp_shaper_out_cb( void*   data,
    758                      size_t  size,
    759                      void*   opaque )
    760 {
    761     qemu_send_packet( slirp_vc, (const uint8_t*)data, (int)size );
    762 }
    763 
    764 void
    765 slirp_init_shapers( void )
    766 {
    767     slirp_delay_in   = netdelay_create( slirp_delay_in_cb );
    768     slirp_shaper_in  = netshaper_create( 1, slirp_shaper_in_cb );
    769     slirp_shaper_out = netshaper_create( 1, slirp_shaper_out_cb );
    770 
    771     netdelay_set_latency( slirp_delay_in, qemu_net_min_latency, qemu_net_max_latency );
    772     netshaper_set_rate( slirp_shaper_out, qemu_net_download_speed );
    773     netshaper_set_rate( slirp_shaper_in,  qemu_net_upload_speed  );
    774 }
    775 
    776 #endif /* CONFIG_ANDROID */
    777 
    778 
    779 int slirp_can_output(void)
    780 {
    781 #ifdef CONFIG_ANDROID
    782     return !slirp_vc ||
    783            ( netshaper_can_send(slirp_shaper_out) &&
    784              qemu_can_send_packet(slirp_vc) );
    785 #else
    786     return !slirp_vc || qemu_can_send_packet(slirp_vc);
    787 #endif
    788 }
    789 
    790 void slirp_output(const uint8_t *pkt, int pkt_len)
    791 {
    792 #ifdef DEBUG_SLIRP
    793     printf("slirp output:\n");
    794     hex_dump(stdout, pkt, pkt_len);
    795 #endif
    796     if (qemu_tcpdump_active)
    797         qemu_tcpdump_packet(pkt, pkt_len);
    798 
    799     if (!slirp_vc)
    800         return;
    801 
    802 #ifdef CONFIG_ANDROID
    803     netshaper_send(slirp_shaper_out, (void*)pkt, pkt_len);
    804 #else
    805     qemu_send_packet(slirp_vc, pkt, pkt_len);
    806 #endif
    807 }
    808 
    809 int slirp_is_inited(void)
    810 {
    811     return slirp_inited;
    812 }
    813 
    814 static ssize_t slirp_receive(VLANClientState *vc, const uint8_t *buf, size_t size)
    815 {
    816 #ifdef DEBUG_SLIRP
    817     printf("slirp input:\n");
    818     hex_dump(stdout, buf, size);
    819 #endif
    820     if (qemu_tcpdump_active)
    821         qemu_tcpdump_packet(buf, size);
    822 
    823 #ifdef CONFIG_ANDROID
    824     netshaper_send(slirp_shaper_in, (char*)buf, size);
    825 #else
    826     slirp_input(buf, size);
    827 #endif
    828     return size;
    829 }
    830 
    831 static int slirp_in_use;
    832 
    833 static void net_slirp_cleanup(VLANClientState *vc)
    834 {
    835     slirp_in_use = 0;
    836 }
    837 
    838 static int net_slirp_init(VLANState *vlan, const char *model, const char *name,
    839                           int restricted, const char *ip)
    840 {
    841     if (slirp_in_use) {
    842         /* slirp only supports a single instance so far */
    843         return -1;
    844     }
    845     if (!slirp_inited) {
    846         slirp_inited = 1;
    847         slirp_init(restricted, ip);
    848 
    849         while (slirp_redirs) {
    850             struct slirp_config_str *config = slirp_redirs;
    851 
    852             slirp_redirection(NULL, config->str);
    853             slirp_redirs = config->next;
    854             qemu_free(config);
    855         }
    856 #ifndef _WIN32
    857         if (slirp_smb_export) {
    858             slirp_smb(slirp_smb_export);
    859         }
    860 #endif
    861         slirp_init_shapers();
    862     }
    863 
    864     slirp_vc = qemu_new_vlan_client(vlan, model, name, NULL, slirp_receive,
    865                                     NULL, net_slirp_cleanup, NULL);
    866     slirp_vc->info_str[0] = '\0';
    867     slirp_in_use = 1;
    868     return 0;
    869 }
    870 
    871 static void net_slirp_redir_print(void *opaque, int is_udp,
    872                                   const SockAddress *laddr,
    873                                   const SockAddress *faddr)
    874 {
    875     Monitor *mon = (Monitor *)opaque;
    876     uint32_t h_addr;
    877     uint32_t g_addr;
    878     char buf[16];
    879 
    880     h_addr = sock_address_get_ip(faddr);
    881     g_addr = sock_address_get_ip(laddr);
    882 
    883     monitor_printf(mon, "  %s |", is_udp ? "udp" : "tcp" );
    884     snprintf(buf, 15, "%d.%d.%d.%d", (h_addr >> 24) & 0xff,
    885                                      (h_addr >> 16) & 0xff,
    886                                      (h_addr >> 8) & 0xff,
    887                                      (h_addr) & 0xff);
    888     monitor_printf(mon, " %15s |", buf);
    889     monitor_printf(mon, " %5d |", sock_address_get_port(faddr));
    890 
    891     snprintf(buf, 15, "%d.%d.%d.%d", (g_addr >> 24) & 0xff,
    892                                      (g_addr >> 16) & 0xff,
    893                                      (g_addr >> 8) & 0xff,
    894                                      (g_addr) & 0xff);
    895     monitor_printf(mon, " %15s |", buf);
    896     monitor_printf(mon, " %5d\n", sock_address_get_port(laddr));
    897 
    898 }
    899 
    900 static void net_slirp_redir_list(Monitor *mon)
    901 {
    902     if (!mon)
    903         return;
    904 
    905     monitor_printf(mon, " Prot |    Host Addr    | HPort |    Guest Addr   | GPort\n");
    906     monitor_printf(mon, "      |                 |       |                 |      \n");
    907     slirp_redir_loop(net_slirp_redir_print, mon);
    908 }
    909 
    910 static void net_slirp_redir_rm(Monitor *mon, const char *port_str)
    911 {
    912     int host_port;
    913     char buf[256] = "";
    914     const char *p = port_str;
    915     int is_udp = 0;
    916     int n;
    917 
    918     if (!mon)
    919         return;
    920 
    921     if (!port_str || !port_str[0])
    922         goto fail_syntax;
    923 
    924     get_str_sep(buf, sizeof(buf), &p, ':');
    925 
    926     if (!strcmp(buf, "tcp") || buf[0] == '\0') {
    927         is_udp = 0;
    928     } else if (!strcmp(buf, "udp")) {
    929         is_udp = 1;
    930     } else {
    931         goto fail_syntax;
    932     }
    933 
    934     host_port = atoi(p);
    935 
    936     n = slirp_redir_rm(is_udp, host_port);
    937 
    938     monitor_printf(mon, "removed %d redirections to %s port %d\n", n,
    939                         is_udp ? "udp" : "tcp", host_port);
    940     return;
    941 
    942  fail_syntax:
    943     monitor_printf(mon, "invalid format\n");
    944 }
    945 
    946 static void slirp_redirection(Monitor *mon, const char *redir_str)
    947 {
    948     uint32_t guest_addr;
    949     int host_port, guest_port;
    950     const char *p;
    951     char buf[256], *r;
    952     int is_udp;
    953 
    954     p = redir_str;
    955     if (get_str_sep(buf, sizeof(buf), &p, ':') < 0) {
    956         goto fail_syntax;
    957     }
    958     if (!strcmp(buf, "tcp") || buf[0] == '\0') {
    959         is_udp = 0;
    960     } else if (!strcmp(buf, "udp")) {
    961         is_udp = 1;
    962     } else {
    963         goto fail_syntax;
    964     }
    965 
    966     if (get_str_sep(buf, sizeof(buf), &p, ':') < 0) {
    967         goto fail_syntax;
    968     }
    969     host_port = strtol(buf, &r, 0);
    970     if (r == buf) {
    971         goto fail_syntax;
    972     }
    973 
    974     if (get_str_sep(buf, sizeof(buf), &p, ':') < 0) {
    975         goto fail_syntax;
    976     }
    977     if (buf[0] == '\0') {
    978         pstrcpy(buf, sizeof(buf), "10.0.2.15");
    979     }
    980     if (inet_strtoip(buf, &guest_addr) < 0) {
    981         goto fail_syntax;
    982     }
    983 
    984     guest_port = strtol(p, &r, 0);
    985     if (r == p) {
    986         goto fail_syntax;
    987     }
    988 
    989     if (slirp_redir(is_udp, host_port, guest_addr, guest_port) < 0) {
    990         config_error(mon, "could not set up redirection '%s'\n", redir_str);
    991     }
    992     return;
    993 
    994  fail_syntax:
    995     config_error(mon, "invalid redirection format '%s'\n", redir_str);
    996 }
    997 
    998 void net_slirp_redir(Monitor *mon, const char *redir_str, const char *redir_opt2)
    999 {
   1000     struct slirp_config_str *config;
   1001 
   1002     if (!slirp_inited) {
   1003         if (mon) {
   1004             monitor_printf(mon, "user mode network stack not in use\n");
   1005         } else {
   1006             config = qemu_malloc(sizeof(*config));
   1007             config->str = redir_str;
   1008             config->next = slirp_redirs;
   1009             slirp_redirs = config;
   1010         }
   1011         return;
   1012     }
   1013 
   1014     if (!strcmp(redir_str, "remove")) {
   1015         net_slirp_redir_rm(mon, redir_opt2);
   1016         return;
   1017     }
   1018 
   1019     if (!strcmp(redir_str, "list")) {
   1020         net_slirp_redir_list(mon);
   1021         return;
   1022     }
   1023 
   1024     slirp_redirection(mon, redir_str);
   1025 }
   1026 
   1027 #ifndef _WIN32
   1028 
   1029 static char smb_dir[1024];
   1030 
   1031 static void erase_dir(char *dir_name)
   1032 {
   1033     DIR *d;
   1034     struct dirent *de;
   1035     char filename[1024];
   1036 
   1037     /* erase all the files in the directory */
   1038     if ((d = opendir(dir_name)) != NULL) {
   1039         for(;;) {
   1040             de = readdir(d);
   1041             if (!de)
   1042                 break;
   1043             if (strcmp(de->d_name, ".") != 0 &&
   1044                 strcmp(de->d_name, "..") != 0) {
   1045                 snprintf(filename, sizeof(filename), "%s/%s",
   1046                          smb_dir, de->d_name);
   1047                 if (unlink(filename) != 0)  /* is it a directory? */
   1048                     erase_dir(filename);
   1049             }
   1050         }
   1051         closedir(d);
   1052         rmdir(dir_name);
   1053     }
   1054 }
   1055 
   1056 /* automatic user mode samba server configuration */
   1057 static void smb_exit(void)
   1058 {
   1059     erase_dir(smb_dir);
   1060 }
   1061 
   1062 static void slirp_smb(const char *exported_dir)
   1063 {
   1064     char smb_conf[1024];
   1065     char smb_cmdline[1024];
   1066     FILE *f;
   1067 
   1068     /* XXX: better tmp dir construction */
   1069     snprintf(smb_dir, sizeof(smb_dir), "/tmp/qemu-smb.%ld", (long)getpid());
   1070     if (mkdir(smb_dir, 0700) < 0) {
   1071         fprintf(stderr, "qemu: could not create samba server dir '%s'\n", smb_dir);
   1072         exit(1);
   1073     }
   1074     snprintf(smb_conf, sizeof(smb_conf), "%s/%s", smb_dir, "smb.conf");
   1075 
   1076     f = fopen(smb_conf, "w");
   1077     if (!f) {
   1078         fprintf(stderr, "qemu: could not create samba server configuration file '%s'\n", smb_conf);
   1079         exit(1);
   1080     }
   1081     fprintf(f,
   1082             "[global]\n"
   1083             "private dir=%s\n"
   1084             "smb ports=0\n"
   1085             "socket address=127.0.0.1\n"
   1086             "pid directory=%s\n"
   1087             "lock directory=%s\n"
   1088             "log file=%s/log.smbd\n"
   1089             "smb passwd file=%s/smbpasswd\n"
   1090             "security = share\n"
   1091             "[qemu]\n"
   1092             "path=%s\n"
   1093             "read only=no\n"
   1094             "guest ok=yes\n",
   1095             smb_dir,
   1096             smb_dir,
   1097             smb_dir,
   1098             smb_dir,
   1099             smb_dir,
   1100             exported_dir
   1101             );
   1102     fclose(f);
   1103     atexit(smb_exit);
   1104 
   1105     snprintf(smb_cmdline, sizeof(smb_cmdline), "%s -s %s",
   1106              SMBD_COMMAND, smb_conf);
   1107 
   1108     slirp_add_exec(0, smb_cmdline, 4, 139);
   1109 }
   1110 
   1111 /* automatic user mode samba server configuration */
   1112 void net_slirp_smb(const char *exported_dir)
   1113 {
   1114     if (slirp_smb_export) {
   1115         fprintf(stderr, "-smb given twice\n");
   1116         exit(1);
   1117     }
   1118     slirp_smb_export = exported_dir;
   1119     if (slirp_inited) {
   1120         slirp_smb(exported_dir);
   1121     }
   1122 }
   1123 
   1124 #endif /* !defined(_WIN32) */
   1125 
   1126 void do_info_slirp(Monitor *mon)
   1127 {
   1128     //slirp_stats();
   1129 }
   1130 
   1131 struct VMChannel {
   1132     CharDriverState *hd;
   1133     int port;
   1134 };
   1135 
   1136 static int vmchannel_can_read(void *opaque)
   1137 {
   1138     struct VMChannel *vmc = (struct VMChannel*)opaque;
   1139     return slirp_socket_can_recv(4, vmc->port);
   1140 }
   1141 
   1142 static void vmchannel_read(void *opaque, const uint8_t *buf, int size)
   1143 {
   1144     struct VMChannel *vmc = (struct VMChannel*)opaque;
   1145     slirp_socket_recv(4, vmc->port, buf, size);
   1146 }
   1147 
   1148 #endif /* CONFIG_SLIRP */
   1149 
   1150 #if !defined(_WIN32)
   1151 
   1152 typedef struct TAPState {
   1153     VLANClientState *vc;
   1154     int fd;
   1155     char down_script[1024];
   1156     char down_script_arg[128];
   1157     uint8_t buf[4096];
   1158 } TAPState;
   1159 
   1160 static int launch_script(const char *setup_script, const char *ifname, int fd);
   1161 
   1162 static ssize_t tap_receive_iov(VLANClientState *vc, const struct iovec *iov,
   1163                                int iovcnt)
   1164 {
   1165     TAPState *s = vc->opaque;
   1166     ssize_t len;
   1167 
   1168     do {
   1169         len = writev(s->fd, iov, iovcnt);
   1170     } while (len == -1 && (errno == EINTR || errno == EAGAIN));
   1171 
   1172     return len;
   1173 }
   1174 
   1175 static ssize_t tap_receive(VLANClientState *vc, const uint8_t *buf, size_t size)
   1176 {
   1177     TAPState *s = vc->opaque;
   1178     ssize_t len;
   1179 
   1180     do {
   1181         len = write(s->fd, buf, size);
   1182     } while (len == -1 && (errno == EINTR || errno == EAGAIN));
   1183 
   1184     return len;
   1185 }
   1186 
   1187 static int tap_can_send(void *opaque)
   1188 {
   1189     TAPState *s = opaque;
   1190 
   1191     return qemu_can_send_packet(s->vc);
   1192 }
   1193 
   1194 #ifdef __sun__
   1195 static ssize_t tap_read_packet(int tapfd, uint8_t *buf, int maxlen)
   1196 {
   1197     struct strbuf sbuf;
   1198     int f = 0;
   1199 
   1200     sbuf.maxlen = maxlen;
   1201     sbuf.buf = (char *)buf;
   1202 
   1203     return getmsg(tapfd, NULL, &sbuf, &f) >= 0 ? sbuf.len : -1;
   1204 }
   1205 #else
   1206 static ssize_t tap_read_packet(int tapfd, uint8_t *buf, int maxlen)
   1207 {
   1208     return read(tapfd, buf, maxlen);
   1209 }
   1210 #endif
   1211 
   1212 static void tap_send(void *opaque);
   1213 
   1214 static void tap_send_completed(VLANClientState *vc)
   1215 {
   1216     TAPState *s = vc->opaque;
   1217 
   1218     qemu_set_fd_handler2(s->fd, tap_can_send, tap_send, NULL, s);
   1219 }
   1220 
   1221 static void tap_send(void *opaque)
   1222 {
   1223     TAPState *s = opaque;
   1224     int size;
   1225 
   1226     do {
   1227         size = tap_read_packet(s->fd, s->buf, sizeof(s->buf));
   1228         if (size <= 0) {
   1229             break;
   1230         }
   1231 
   1232         size = qemu_send_packet_async(s->vc, s->buf, size, tap_send_completed);
   1233         if (size == 0) {
   1234             qemu_set_fd_handler2(s->fd, NULL, NULL, NULL, NULL);
   1235         }
   1236     } while (size > 0);
   1237 }
   1238 
   1239 static void tap_cleanup(VLANClientState *vc)
   1240 {
   1241     TAPState *s = vc->opaque;
   1242 
   1243     if (s->down_script[0])
   1244         launch_script(s->down_script, s->down_script_arg, s->fd);
   1245 
   1246     qemu_set_fd_handler(s->fd, NULL, NULL, NULL);
   1247     close(s->fd);
   1248     qemu_free(s);
   1249 }
   1250 
   1251 /* fd support */
   1252 
   1253 static TAPState *net_tap_fd_init(VLANState *vlan,
   1254                                  const char *model,
   1255                                  const char *name,
   1256                                  int fd)
   1257 {
   1258     TAPState *s;
   1259 
   1260     s = qemu_mallocz(sizeof(TAPState));
   1261     s->fd = fd;
   1262     s->vc = qemu_new_vlan_client(vlan, model, name, NULL, tap_receive,
   1263                                  tap_receive_iov, tap_cleanup, s);
   1264     qemu_set_fd_handler2(s->fd, tap_can_send, tap_send, NULL, s);
   1265     snprintf(s->vc->info_str, sizeof(s->vc->info_str), "fd=%d", fd);
   1266     return s;
   1267 }
   1268 
   1269 #if defined (CONFIG_BSD) || defined (__FreeBSD_kernel__)
   1270 static int tap_open(char *ifname, int ifname_size)
   1271 {
   1272     int fd;
   1273     char *dev;
   1274     struct stat s;
   1275 
   1276     TFR(fd = open("/dev/tap", O_RDWR));
   1277     if (fd < 0) {
   1278         fprintf(stderr, "warning: could not open /dev/tap: no virtual network emulation\n");
   1279         return -1;
   1280     }
   1281 
   1282     fstat(fd, &s);
   1283     dev = devname(s.st_rdev, S_IFCHR);
   1284     pstrcpy(ifname, ifname_size, dev);
   1285 
   1286     fcntl(fd, F_SETFL, O_NONBLOCK);
   1287     return fd;
   1288 }
   1289 #elif defined(__sun__)
   1290 #define TUNNEWPPA       (('T'<<16) | 0x0001)
   1291 /*
   1292  * Allocate TAP device, returns opened fd.
   1293  * Stores dev name in the first arg(must be large enough).
   1294  */
   1295 static int tap_alloc(char *dev, size_t dev_size)
   1296 {
   1297     int tap_fd, if_fd, ppa = -1;
   1298     static int ip_fd = 0;
   1299     char *ptr;
   1300 
   1301     static int arp_fd = 0;
   1302     int ip_muxid, arp_muxid;
   1303     struct strioctl  strioc_if, strioc_ppa;
   1304     int link_type = I_PLINK;;
   1305     struct lifreq ifr;
   1306     char actual_name[32] = "";
   1307 
   1308     memset(&ifr, 0x0, sizeof(ifr));
   1309 
   1310     if( *dev ){
   1311        ptr = dev;
   1312        while( *ptr && !qemu_isdigit((int)*ptr) ) ptr++;
   1313        ppa = atoi(ptr);
   1314     }
   1315 
   1316     /* Check if IP device was opened */
   1317     if( ip_fd )
   1318        close(ip_fd);
   1319 
   1320     TFR(ip_fd = open("/dev/udp", O_RDWR, 0));
   1321     if (ip_fd < 0) {
   1322        syslog(LOG_ERR, "Can't open /dev/ip (actually /dev/udp)");
   1323        return -1;
   1324     }
   1325 
   1326     TFR(tap_fd = open("/dev/tap", O_RDWR, 0));
   1327     if (tap_fd < 0) {
   1328        syslog(LOG_ERR, "Can't open /dev/tap");
   1329        return -1;
   1330     }
   1331 
   1332     /* Assign a new PPA and get its unit number. */
   1333     strioc_ppa.ic_cmd = TUNNEWPPA;
   1334     strioc_ppa.ic_timout = 0;
   1335     strioc_ppa.ic_len = sizeof(ppa);
   1336     strioc_ppa.ic_dp = (char *)&ppa;
   1337     if ((ppa = ioctl (tap_fd, I_STR, &strioc_ppa)) < 0)
   1338        syslog (LOG_ERR, "Can't assign new interface");
   1339 
   1340     TFR(if_fd = open("/dev/tap", O_RDWR, 0));
   1341     if (if_fd < 0) {
   1342        syslog(LOG_ERR, "Can't open /dev/tap (2)");
   1343        return -1;
   1344     }
   1345     if(ioctl(if_fd, I_PUSH, "ip") < 0){
   1346        syslog(LOG_ERR, "Can't push IP module");
   1347        return -1;
   1348     }
   1349 
   1350     if (ioctl(if_fd, SIOCGLIFFLAGS, &ifr) < 0)
   1351 	syslog(LOG_ERR, "Can't get flags\n");
   1352 
   1353     snprintf (actual_name, 32, "tap%d", ppa);
   1354     pstrcpy(ifr.lifr_name, sizeof(ifr.lifr_name), actual_name);
   1355 
   1356     ifr.lifr_ppa = ppa;
   1357     /* Assign ppa according to the unit number returned by tun device */
   1358 
   1359     if (ioctl (if_fd, SIOCSLIFNAME, &ifr) < 0)
   1360         syslog (LOG_ERR, "Can't set PPA %d", ppa);
   1361     if (ioctl(if_fd, SIOCGLIFFLAGS, &ifr) <0)
   1362         syslog (LOG_ERR, "Can't get flags\n");
   1363     /* Push arp module to if_fd */
   1364     if (ioctl (if_fd, I_PUSH, "arp") < 0)
   1365         syslog (LOG_ERR, "Can't push ARP module (2)");
   1366 
   1367     /* Push arp module to ip_fd */
   1368     if (ioctl (ip_fd, I_POP, NULL) < 0)
   1369         syslog (LOG_ERR, "I_POP failed\n");
   1370     if (ioctl (ip_fd, I_PUSH, "arp") < 0)
   1371         syslog (LOG_ERR, "Can't push ARP module (3)\n");
   1372     /* Open arp_fd */
   1373     TFR(arp_fd = open ("/dev/tap", O_RDWR, 0));
   1374     if (arp_fd < 0)
   1375        syslog (LOG_ERR, "Can't open %s\n", "/dev/tap");
   1376 
   1377     /* Set ifname to arp */
   1378     strioc_if.ic_cmd = SIOCSLIFNAME;
   1379     strioc_if.ic_timout = 0;
   1380     strioc_if.ic_len = sizeof(ifr);
   1381     strioc_if.ic_dp = (char *)&ifr;
   1382     if (ioctl(arp_fd, I_STR, &strioc_if) < 0){
   1383         syslog (LOG_ERR, "Can't set ifname to arp\n");
   1384     }
   1385 
   1386     if((ip_muxid = ioctl(ip_fd, I_LINK, if_fd)) < 0){
   1387        syslog(LOG_ERR, "Can't link TAP device to IP");
   1388        return -1;
   1389     }
   1390 
   1391     if ((arp_muxid = ioctl (ip_fd, link_type, arp_fd)) < 0)
   1392         syslog (LOG_ERR, "Can't link TAP device to ARP");
   1393 
   1394     close (if_fd);
   1395 
   1396     memset(&ifr, 0x0, sizeof(ifr));
   1397     pstrcpy(ifr.lifr_name, sizeof(ifr.lifr_name), actual_name);
   1398     ifr.lifr_ip_muxid  = ip_muxid;
   1399     ifr.lifr_arp_muxid = arp_muxid;
   1400 
   1401     if (ioctl (ip_fd, SIOCSLIFMUXID, &ifr) < 0)
   1402     {
   1403       ioctl (ip_fd, I_PUNLINK , arp_muxid);
   1404       ioctl (ip_fd, I_PUNLINK, ip_muxid);
   1405       syslog (LOG_ERR, "Can't set multiplexor id");
   1406     }
   1407 
   1408     snprintf(dev, dev_size, "tap%d", ppa);
   1409     return tap_fd;
   1410 }
   1411 
   1412 static int tap_open(char *ifname, int ifname_size)
   1413 {
   1414     char  dev[10]="";
   1415     int fd;
   1416     if( (fd = tap_alloc(dev, sizeof(dev))) < 0 ){
   1417        fprintf(stderr, "Cannot allocate TAP device\n");
   1418        return -1;
   1419     }
   1420     pstrcpy(ifname, ifname_size, dev);
   1421     fcntl(fd, F_SETFL, O_NONBLOCK);
   1422     return fd;
   1423 }
   1424 #elif defined (_AIX)
   1425 static int tap_open(char *ifname, int ifname_size)
   1426 {
   1427     fprintf (stderr, "no tap on AIX\n");
   1428     return -1;
   1429 }
   1430 #else
   1431 static int tap_open(char *ifname, int ifname_size)
   1432 {
   1433     struct ifreq ifr;
   1434     int fd, ret;
   1435 
   1436     TFR(fd = open("/dev/net/tun", O_RDWR));
   1437     if (fd < 0) {
   1438         fprintf(stderr, "warning: could not open /dev/net/tun: no virtual network emulation\n");
   1439         return -1;
   1440     }
   1441     memset(&ifr, 0, sizeof(ifr));
   1442     ifr.ifr_flags = IFF_TAP | IFF_NO_PI;
   1443     if (ifname[0] != '\0')
   1444         pstrcpy(ifr.ifr_name, IFNAMSIZ, ifname);
   1445     else
   1446         pstrcpy(ifr.ifr_name, IFNAMSIZ, "tap%d");
   1447     ret = ioctl(fd, TUNSETIFF, (void *) &ifr);
   1448     if (ret != 0) {
   1449         fprintf(stderr, "warning: could not configure /dev/net/tun: no virtual network emulation\n");
   1450         close(fd);
   1451         return -1;
   1452     }
   1453     pstrcpy(ifname, ifname_size, ifr.ifr_name);
   1454     fcntl(fd, F_SETFL, O_NONBLOCK);
   1455     return fd;
   1456 }
   1457 #endif
   1458 
   1459 static int launch_script(const char *setup_script, const char *ifname, int fd)
   1460 {
   1461     sigset_t oldmask, mask;
   1462     int pid, status;
   1463     char *args[3];
   1464     char **parg;
   1465 
   1466     sigemptyset(&mask);
   1467     sigaddset(&mask, SIGCHLD);
   1468     sigprocmask(SIG_BLOCK, &mask, &oldmask);
   1469 
   1470     /* try to launch network script */
   1471     pid = fork();
   1472     if (pid == 0) {
   1473         int open_max = sysconf(_SC_OPEN_MAX), i;
   1474 
   1475         for (i = 0; i < open_max; i++) {
   1476             if (i != STDIN_FILENO &&
   1477                 i != STDOUT_FILENO &&
   1478                 i != STDERR_FILENO &&
   1479                 i != fd) {
   1480                 close(i);
   1481             }
   1482         }
   1483         parg = args;
   1484         *parg++ = (char *)setup_script;
   1485         *parg++ = (char *)ifname;
   1486         *parg++ = NULL;
   1487         execv(setup_script, args);
   1488         exit(1);
   1489     } else if (pid > 0) {
   1490         while (waitpid(pid, &status, 0) != pid) {
   1491             /* loop */
   1492         }
   1493         sigprocmask(SIG_SETMASK, &oldmask, NULL);
   1494 
   1495         if (WIFEXITED(status) && WEXITSTATUS(status) == 0) {
   1496             return 0;
   1497         }
   1498     }
   1499     fprintf(stderr, "%s: could not launch network script\n", setup_script);
   1500     return -1;
   1501 }
   1502 
   1503 static int net_tap_init(VLANState *vlan, const char *model,
   1504                         const char *name, const char *ifname1,
   1505                         const char *setup_script, const char *down_script)
   1506 {
   1507     TAPState *s;
   1508     int fd;
   1509     char ifname[128];
   1510 
   1511     if (ifname1 != NULL)
   1512         pstrcpy(ifname, sizeof(ifname), ifname1);
   1513     else
   1514         ifname[0] = '\0';
   1515     TFR(fd = tap_open(ifname, sizeof(ifname)));
   1516     if (fd < 0)
   1517         return -1;
   1518 
   1519     if (!setup_script || !strcmp(setup_script, "no"))
   1520         setup_script = "";
   1521     if (setup_script[0] != '\0') {
   1522 	if (launch_script(setup_script, ifname, fd))
   1523 	    return -1;
   1524     }
   1525     s = net_tap_fd_init(vlan, model, name, fd);
   1526     snprintf(s->vc->info_str, sizeof(s->vc->info_str),
   1527              "ifname=%s,script=%s,downscript=%s",
   1528              ifname, setup_script, down_script);
   1529     if (down_script && strcmp(down_script, "no")) {
   1530         snprintf(s->down_script, sizeof(s->down_script), "%s", down_script);
   1531         snprintf(s->down_script_arg, sizeof(s->down_script_arg), "%s", ifname);
   1532     }
   1533     return 0;
   1534 }
   1535 
   1536 #endif /* !_WIN32 */
   1537 
   1538 #if defined(CONFIG_VDE)
   1539 typedef struct VDEState {
   1540     VLANClientState *vc;
   1541     VDECONN *vde;
   1542 } VDEState;
   1543 
   1544 static void vde_to_qemu(void *opaque)
   1545 {
   1546     VDEState *s = opaque;
   1547     uint8_t buf[4096];
   1548     int size;
   1549 
   1550     size = vde_recv(s->vde, (char *)buf, sizeof(buf), 0);
   1551     if (size > 0) {
   1552         qemu_send_packet(s->vc, buf, size);
   1553     }
   1554 }
   1555 
   1556 static ssize_t vde_receive(VLANClientState *vc, const uint8_t *buf, size_t size)
   1557 {
   1558     VDEState *s = vc->opaque;
   1559     ssize_t ret;
   1560 
   1561     do {
   1562       ret = vde_send(s->vde, (const char *)buf, size, 0);
   1563     } while (ret < 0 && errno == EINTR);
   1564 
   1565     return ret;
   1566 }
   1567 
   1568 static void vde_cleanup(VLANClientState *vc)
   1569 {
   1570     VDEState *s = vc->opaque;
   1571     qemu_set_fd_handler(vde_datafd(s->vde), NULL, NULL, NULL);
   1572     vde_close(s->vde);
   1573     qemu_free(s);
   1574 }
   1575 
   1576 static int net_vde_init(VLANState *vlan, const char *model,
   1577                         const char *name, const char *sock,
   1578                         int port, const char *group, int mode)
   1579 {
   1580     VDEState *s;
   1581     char *init_group = strlen(group) ? (char *)group : NULL;
   1582     char *init_sock = strlen(sock) ? (char *)sock : NULL;
   1583 
   1584     struct vde_open_args args = {
   1585         .port = port,
   1586         .group = init_group,
   1587         .mode = mode,
   1588     };
   1589 
   1590     s = qemu_mallocz(sizeof(VDEState));
   1591     s->vde = vde_open(init_sock, (char *)"QEMU", &args);
   1592     if (!s->vde){
   1593         free(s);
   1594         return -1;
   1595     }
   1596     s->vc = qemu_new_vlan_client(vlan, model, name, NULL, vde_receive,
   1597                                  NULL, vde_cleanup, s);
   1598     qemu_set_fd_handler(vde_datafd(s->vde), vde_to_qemu, NULL, s);
   1599     snprintf(s->vc->info_str, sizeof(s->vc->info_str), "sock=%s,fd=%d",
   1600              sock, vde_datafd(s->vde));
   1601     return 0;
   1602 }
   1603 #endif
   1604 
   1605 /* network connection */
   1606 typedef struct NetSocketState {
   1607     VLANClientState *vc;
   1608     int fd;
   1609     int state; /* 0 = getting length, 1 = getting data */
   1610     unsigned int index;
   1611     unsigned int packet_len;
   1612     uint8_t buf[4096];
   1613     SockAddress  dgram_dst; /* contains inet host and port destination iff connectionless (SOCK_DGRAM) */
   1614 } NetSocketState;
   1615 
   1616 typedef struct NetSocketListenState {
   1617     VLANState *vlan;
   1618     char *model;
   1619     char *name;
   1620     int fd;
   1621 } NetSocketListenState;
   1622 
   1623 /* XXX: we consider we can send the whole packet without blocking */
   1624 static ssize_t net_socket_receive(VLANClientState *vc, const uint8_t *buf, size_t size)
   1625 {
   1626     NetSocketState *s = vc->opaque;
   1627     uint32_t len;
   1628     len = htonl(size);
   1629 
   1630     socket_send(s->fd, (const uint8_t *)&len, sizeof(len));
   1631     return socket_send(s->fd, buf, size);
   1632 }
   1633 
   1634 static ssize_t net_socket_receive_dgram(VLANClientState *vc, const uint8_t *buf, size_t size)
   1635 {
   1636     NetSocketState *s = vc->opaque;
   1637 
   1638     return socket_sendto(s->fd, buf, size, &s->dgram_dst);
   1639 }
   1640 
   1641 static void net_socket_send(void *opaque)
   1642 {
   1643     NetSocketState *s = opaque;
   1644     int size, err;
   1645     unsigned l;
   1646     uint8_t buf1[4096];
   1647     const uint8_t *buf;
   1648 
   1649     size = recv(s->fd, (void *)buf1, sizeof(buf1), 0);
   1650     if (size < 0) {
   1651         err = socket_error();
   1652         if (err != EWOULDBLOCK && err != EAGAIN)
   1653             goto eoc;
   1654     } else if (size == 0) {
   1655         /* end of connection */
   1656     eoc:
   1657         qemu_set_fd_handler(s->fd, NULL, NULL, NULL);
   1658         closesocket(s->fd);
   1659         return;
   1660     }
   1661     buf = buf1;
   1662     while (size > 0) {
   1663         /* reassemble a packet from the network */
   1664         switch(s->state) {
   1665         case 0:
   1666             l = 4 - s->index;
   1667             if (l > size)
   1668                 l = size;
   1669             memcpy(s->buf + s->index, buf, l);
   1670             buf += l;
   1671             size -= l;
   1672             s->index += l;
   1673             if (s->index == 4) {
   1674                 /* got length */
   1675                 s->packet_len = ntohl(*(uint32_t *)s->buf);
   1676                 s->index = 0;
   1677                 s->state = 1;
   1678             }
   1679             break;
   1680         case 1:
   1681             l = s->packet_len - s->index;
   1682             if (l > size)
   1683                 l = size;
   1684             if (s->index + l <= sizeof(s->buf)) {
   1685                 memcpy(s->buf + s->index, buf, l);
   1686             } else {
   1687                 fprintf(stderr, "serious error: oversized packet received,"
   1688                     "connection terminated.\n");
   1689                 s->state = 0;
   1690                 goto eoc;
   1691             }
   1692 
   1693             s->index += l;
   1694             buf += l;
   1695             size -= l;
   1696             if (s->index >= s->packet_len) {
   1697                 qemu_send_packet(s->vc, s->buf, s->packet_len);
   1698                 s->index = 0;
   1699                 s->state = 0;
   1700             }
   1701             break;
   1702         }
   1703     }
   1704 }
   1705 
   1706 static void net_socket_send_dgram(void *opaque)
   1707 {
   1708     NetSocketState *s = opaque;
   1709     int size;
   1710 
   1711     size = recv(s->fd, (void *)s->buf, sizeof(s->buf), 0);
   1712     if (size < 0)
   1713         return;
   1714     if (size == 0) {
   1715         /* end of connection */
   1716         qemu_set_fd_handler(s->fd, NULL, NULL, NULL);
   1717         return;
   1718     }
   1719     qemu_send_packet(s->vc, s->buf, size);
   1720 }
   1721 
   1722 static int net_socket_mcast_create(SockAddress *mcastaddr)
   1723 {
   1724     int fd;
   1725     int ret;
   1726     if (!IN_MULTICAST(sock_address_get_ip(mcastaddr))) {
   1727 	fprintf(stderr, "qemu: error: specified mcastaddr \"%s\" (0x%08x) does not contain a multicast address\n",
   1728 		sock_address_to_string(mcastaddr),
   1729                 sock_address_get_ip(mcastaddr));
   1730 	return -1;
   1731 
   1732     }
   1733     fd = socket_create_inet(SOCKET_DGRAM);
   1734     if (fd < 0) {
   1735         perror("socket(PF_INET, SOCK_DGRAM)");
   1736         return -1;
   1737     }
   1738 
   1739     ret = socket_set_xreuseaddr(fd);
   1740     if (ret < 0) {
   1741 	perror("setsockopt(SOL_SOCKET, SO_REUSEADDR)");
   1742 	goto fail;
   1743     }
   1744 
   1745     ret = socket_bind(fd, mcastaddr);
   1746     if (ret < 0) {
   1747         perror("bind");
   1748         goto fail;
   1749     }
   1750 
   1751     /* Add host to multicast group */
   1752     ret = socket_mcast_inet_add_membership(fd, sock_address_get_ip(mcastaddr));
   1753     if (ret < 0) {
   1754 	perror("setsockopt(IP_ADD_MEMBERSHIP)");
   1755 	goto fail;
   1756     }
   1757 
   1758     /* Force mcast msgs to loopback (eg. several QEMUs in same host */
   1759     ret = socket_mcast_inet_set_loop(fd, 1);
   1760     if (ret < 0) {
   1761 	perror("setsockopt(SOL_IP, IP_MULTICAST_LOOP)");
   1762 	goto fail;
   1763     }
   1764 
   1765     socket_set_nonblock(fd);
   1766     return fd;
   1767 fail:
   1768     if (fd >= 0)
   1769         socket_close(fd);
   1770     return -1;
   1771 }
   1772 
   1773 static void net_socket_cleanup(VLANClientState *vc)
   1774 {
   1775     NetSocketState *s = vc->opaque;
   1776     qemu_set_fd_handler(s->fd, NULL, NULL, NULL);
   1777     socket_close(s->fd);
   1778     qemu_free(s);
   1779 }
   1780 
   1781 static NetSocketState *net_socket_fd_init_dgram(VLANState *vlan,
   1782                                                 const char *model,
   1783                                                 const char *name,
   1784                                                 int fd, int is_connected)
   1785 {
   1786     SockAddress  saddr;
   1787     int newfd;
   1788     NetSocketState *s;
   1789 
   1790     /* fd passed: multicast: "learn" dgram_dst address from bound address and save it
   1791      * Because this may be "shared" socket from a "master" process, datagrams would be recv()
   1792      * by ONLY ONE process: we must "clone" this dgram socket --jjo
   1793      */
   1794 
   1795     if (is_connected) {
   1796 	if (socket_get_address(fd, &saddr) == 0) {
   1797 	    /* must be bound */
   1798 	    if (sock_address_get_ip(&saddr) == 0) {
   1799 		fprintf(stderr, "qemu: error: init_dgram: fd=%d unbound, cannot setup multicast dst addr\n",
   1800 			fd);
   1801 		return NULL;
   1802 	    }
   1803 	    /* clone dgram socket */
   1804 	    newfd = net_socket_mcast_create(&saddr);
   1805 	    if (newfd < 0) {
   1806 		/* error already reported by net_socket_mcast_create() */
   1807 		socket_close(fd);
   1808 		return NULL;
   1809 	    }
   1810 	    /* clone newfd to fd, close newfd */
   1811 	    dup2(newfd, fd);
   1812 	    socket_close(newfd);
   1813 
   1814 	} else {
   1815 	    fprintf(stderr, "qemu: error: init_dgram: fd=%d failed getsockname(): %s\n",
   1816 		    fd, strerror(errno));
   1817 	    return NULL;
   1818 	}
   1819     }
   1820 
   1821     s = qemu_mallocz(sizeof(NetSocketState));
   1822     s->fd = fd;
   1823 
   1824     s->vc = qemu_new_vlan_client(vlan, model, name, NULL, net_socket_receive_dgram,
   1825                                  NULL, net_socket_cleanup, s);
   1826     qemu_set_fd_handler(s->fd, net_socket_send_dgram, NULL, s);
   1827 
   1828     /* mcast: save bound address as dst */
   1829     if (is_connected) s->dgram_dst=saddr;
   1830 
   1831     snprintf(s->vc->info_str, sizeof(s->vc->info_str),
   1832 	    "socket: fd=%d (%s mcast=%s)",
   1833 	    fd, is_connected? "cloned" : "",
   1834 	    sock_address_to_string(&saddr));
   1835     return s;
   1836 }
   1837 
   1838 static void net_socket_connect(void *opaque)
   1839 {
   1840     NetSocketState *s = opaque;
   1841     qemu_set_fd_handler(s->fd, net_socket_send, NULL, s);
   1842 }
   1843 
   1844 static NetSocketState *net_socket_fd_init_stream(VLANState *vlan,
   1845                                                  const char *model,
   1846                                                  const char *name,
   1847                                                  int fd, int is_connected)
   1848 {
   1849     NetSocketState *s;
   1850     s = qemu_mallocz(sizeof(NetSocketState));
   1851     s->fd = fd;
   1852     s->vc = qemu_new_vlan_client(vlan, model, name, NULL, net_socket_receive,
   1853                                  NULL, net_socket_cleanup, s);
   1854     snprintf(s->vc->info_str, sizeof(s->vc->info_str),
   1855              "socket: fd=%d", fd);
   1856     if (is_connected) {
   1857         net_socket_connect(s);
   1858     } else {
   1859         qemu_set_fd_handler(s->fd, NULL, net_socket_connect, s);
   1860     }
   1861     return s;
   1862 }
   1863 
   1864 static NetSocketState *net_socket_fd_init(VLANState *vlan,
   1865                                           const char *model, const char *name,
   1866                                           int fd, int is_connected)
   1867 {
   1868     SocketType  so_type = socket_get_type(fd);
   1869 
   1870     switch(so_type) {
   1871     case SOCKET_DGRAM:
   1872         return net_socket_fd_init_dgram(vlan, model, name, fd, is_connected);
   1873     case SOCKET_STREAM:
   1874         return net_socket_fd_init_stream(vlan, model, name, fd, is_connected);
   1875     default:
   1876         /* who knows ... this could be a eg. a pty, do warn and continue as stream */
   1877         fprintf(stderr, "qemu: warning: socket type=%d for fd=%d is not SOCK_DGRAM or SOCK_STREAM\n", so_type, fd);
   1878         return net_socket_fd_init_stream(vlan, model, name, fd, is_connected);
   1879     }
   1880     return NULL;
   1881 }
   1882 
   1883 static void net_socket_accept(void *opaque)
   1884 {
   1885     NetSocketListenState *s = opaque;
   1886     NetSocketState *s1;
   1887     SockAddress  saddr;
   1888     int fd;
   1889 
   1890     for(;;) {
   1891         fd = socket_accept(s->fd, &saddr);
   1892         if (fd < 0) {
   1893             return;
   1894         } else if (fd >= 0) {
   1895             break;
   1896         }
   1897     }
   1898     s1 = net_socket_fd_init(s->vlan, s->model, s->name, fd, 1);
   1899     if (!s1) {
   1900         socket_close(fd);
   1901     } else {
   1902         snprintf(s1->vc->info_str, sizeof(s1->vc->info_str),
   1903                  "socket: connection from %s", sock_address_to_string(&saddr));
   1904     }
   1905 }
   1906 
   1907 static int net_socket_listen_init(VLANState *vlan,
   1908                                   const char *model,
   1909                                   const char *name,
   1910                                   const char *host_str)
   1911 {
   1912     NetSocketListenState *s;
   1913     int fd, ret;
   1914     SockAddress  saddr;
   1915 
   1916     if (parse_host_port(&saddr, host_str) < 0)
   1917         return -1;
   1918 
   1919     s = qemu_mallocz(sizeof(NetSocketListenState));
   1920 
   1921     fd = socket_create_inet(SOCKET_STREAM);
   1922     if (fd < 0) {
   1923         perror("socket");
   1924         return -1;
   1925     }
   1926     socket_set_nonblock(fd);
   1927 
   1928     /* allow fast reuse */
   1929     socket_set_xreuseaddr(fd);
   1930 
   1931     ret = socket_bind(fd, &saddr);
   1932     if (ret < 0) {
   1933         perror("bind");
   1934         return -1;
   1935     }
   1936     ret = socket_listen(fd, 0);
   1937     if (ret < 0) {
   1938         perror("listen");
   1939         return -1;
   1940     }
   1941     s->vlan = vlan;
   1942     s->model = strdup(model);
   1943     s->name = name ? strdup(name) : NULL;
   1944     s->fd = fd;
   1945     qemu_set_fd_handler(fd, net_socket_accept, NULL, s);
   1946     return 0;
   1947 }
   1948 
   1949 static int net_socket_connect_init(VLANState *vlan,
   1950                                    const char *model,
   1951                                    const char *name,
   1952                                    const char *host_str)
   1953 {
   1954     NetSocketState *s;
   1955     int fd, connected, ret, err;
   1956     SockAddress saddr;
   1957 
   1958     if (parse_host_port(&saddr, host_str) < 0)
   1959         return -1;
   1960 
   1961     fd = socket_create_inet(SOCKET_STREAM);
   1962     if (fd < 0) {
   1963         perror("socket");
   1964         return -1;
   1965     }
   1966     socket_set_nonblock(fd);
   1967 
   1968     connected = 0;
   1969     for(;;) {
   1970         ret = socket_connect(fd, &saddr);
   1971         if (ret < 0) {
   1972             err = socket_error();
   1973             if (err == EWOULDBLOCK || err == EAGAIN) {
   1974             } else if (err == EINPROGRESS || err == EALREADY) {
   1975                 break;
   1976             } else {
   1977                 perror("connect");
   1978                 socket_close(fd);
   1979                 return -1;
   1980             }
   1981         } else {
   1982             connected = 1;
   1983             break;
   1984         }
   1985     }
   1986     s = net_socket_fd_init(vlan, model, name, fd, connected);
   1987     if (!s)
   1988         return -1;
   1989     snprintf(s->vc->info_str, sizeof(s->vc->info_str),
   1990              "socket: connect to %s",
   1991              sock_address_to_string(&saddr));
   1992     return 0;
   1993 }
   1994 
   1995 static int net_socket_mcast_init(VLANState *vlan,
   1996                                  const char *model,
   1997                                  const char *name,
   1998                                  const char *host_str)
   1999 {
   2000     NetSocketState *s;
   2001     int fd;
   2002     SockAddress saddr;
   2003 
   2004     if (parse_host_port(&saddr, host_str) < 0)
   2005         return -1;
   2006 
   2007 
   2008     fd = net_socket_mcast_create(&saddr);
   2009     if (fd < 0)
   2010 	return -1;
   2011 
   2012     s = net_socket_fd_init(vlan, model, name, fd, 0);
   2013     if (!s)
   2014         return -1;
   2015 
   2016     s->dgram_dst = saddr;
   2017 
   2018     snprintf(s->vc->info_str, sizeof(s->vc->info_str),
   2019              "socket: mcast=%s",
   2020              sock_address_to_string(&saddr));
   2021     return 0;
   2022 
   2023 }
   2024 
   2025 typedef struct DumpState {
   2026     VLANClientState *pcap_vc;
   2027     int fd;
   2028     int pcap_caplen;
   2029 } DumpState;
   2030 
   2031 #define PCAP_MAGIC 0xa1b2c3d4
   2032 
   2033 struct pcap_file_hdr {
   2034     uint32_t magic;
   2035     uint16_t version_major;
   2036     uint16_t version_minor;
   2037     int32_t thiszone;
   2038     uint32_t sigfigs;
   2039     uint32_t snaplen;
   2040     uint32_t linktype;
   2041 };
   2042 
   2043 struct pcap_sf_pkthdr {
   2044     struct {
   2045         int32_t tv_sec;
   2046         int32_t tv_usec;
   2047     } ts;
   2048     uint32_t caplen;
   2049     uint32_t len;
   2050 };
   2051 
   2052 static ssize_t dump_receive(VLANClientState *vc, const uint8_t *buf, size_t size)
   2053 {
   2054     DumpState *s = vc->opaque;
   2055     struct pcap_sf_pkthdr hdr;
   2056     int64_t ts;
   2057     int caplen;
   2058 
   2059     /* Early return in case of previous error. */
   2060     if (s->fd < 0) {
   2061         return size;
   2062     }
   2063 
   2064     ts = muldiv64(qemu_get_clock(vm_clock), 1000000, get_ticks_per_sec());
   2065     caplen = size > s->pcap_caplen ? s->pcap_caplen : size;
   2066 
   2067     hdr.ts.tv_sec = ts / 1000000;
   2068     hdr.ts.tv_usec = ts % 1000000;
   2069     hdr.caplen = caplen;
   2070     hdr.len = size;
   2071     if (write(s->fd, &hdr, sizeof(hdr)) != sizeof(hdr) ||
   2072         write(s->fd, buf, caplen) != caplen) {
   2073         qemu_log("-net dump write error - stop dump\n");
   2074         close(s->fd);
   2075         s->fd = -1;
   2076     }
   2077 
   2078     return size;
   2079 }
   2080 
   2081 static void net_dump_cleanup(VLANClientState *vc)
   2082 {
   2083     DumpState *s = vc->opaque;
   2084 
   2085     close(s->fd);
   2086     qemu_free(s);
   2087 }
   2088 
   2089 static int net_dump_init(Monitor *mon, VLANState *vlan, const char *device,
   2090                          const char *name, const char *filename, int len)
   2091 {
   2092     struct pcap_file_hdr hdr;
   2093     DumpState *s;
   2094 
   2095     s = qemu_malloc(sizeof(DumpState));
   2096 
   2097     s->fd = open(filename, O_CREAT | O_WRONLY, 0644);
   2098     if (s->fd < 0) {
   2099         config_error(mon, "-net dump: can't open %s\n", filename);
   2100         return -1;
   2101     }
   2102 
   2103     s->pcap_caplen = len;
   2104 
   2105     hdr.magic = PCAP_MAGIC;
   2106     hdr.version_major = 2;
   2107     hdr.version_minor = 4;
   2108     hdr.thiszone = 0;
   2109     hdr.sigfigs = 0;
   2110     hdr.snaplen = s->pcap_caplen;
   2111     hdr.linktype = 1;
   2112 
   2113     if (write(s->fd, &hdr, sizeof(hdr)) < sizeof(hdr)) {
   2114         config_error(mon, "-net dump write error: %s\n", strerror(errno));
   2115         close(s->fd);
   2116         qemu_free(s);
   2117         return -1;
   2118     }
   2119 
   2120     s->pcap_vc = qemu_new_vlan_client(vlan, device, name, NULL, dump_receive, NULL,
   2121                                       net_dump_cleanup, s);
   2122     snprintf(s->pcap_vc->info_str, sizeof(s->pcap_vc->info_str),
   2123              "dump to %s (len=%d)", filename, len);
   2124     return 0;
   2125 }
   2126 
   2127 /* find or alloc a new VLAN */
   2128 VLANState *qemu_find_vlan(int id)
   2129 {
   2130     VLANState **pvlan, *vlan;
   2131     for(vlan = first_vlan; vlan != NULL; vlan = vlan->next) {
   2132         if (vlan->id == id)
   2133             return vlan;
   2134     }
   2135     vlan = qemu_mallocz(sizeof(VLANState));
   2136     vlan->id = id;
   2137     vlan->next = NULL;
   2138     pvlan = &first_vlan;
   2139     while (*pvlan != NULL)
   2140         pvlan = &(*pvlan)->next;
   2141     *pvlan = vlan;
   2142     return vlan;
   2143 }
   2144 
   2145 static int nic_get_free_idx(void)
   2146 {
   2147     int index;
   2148 
   2149     for (index = 0; index < MAX_NICS; index++)
   2150         if (!nd_table[index].used)
   2151             return index;
   2152     return -1;
   2153 }
   2154 
   2155 void qemu_check_nic_model(NICInfo *nd, const char *model)
   2156 {
   2157     const char *models[2];
   2158 
   2159     models[0] = model;
   2160     models[1] = NULL;
   2161 
   2162     qemu_check_nic_model_list(nd, models, model);
   2163 }
   2164 
   2165 void qemu_check_nic_model_list(NICInfo *nd, const char * const *models,
   2166                                const char *default_model)
   2167 {
   2168     int i, exit_status = 0;
   2169 
   2170     if (!nd->model)
   2171         nd->model = strdup(default_model);
   2172 
   2173     if (strcmp(nd->model, "?") != 0) {
   2174         for (i = 0 ; models[i]; i++)
   2175             if (strcmp(nd->model, models[i]) == 0)
   2176                 return;
   2177 
   2178         fprintf(stderr, "qemu: Unsupported NIC model: %s\n", nd->model);
   2179         exit_status = 1;
   2180     }
   2181 
   2182     fprintf(stderr, "qemu: Supported NIC models: ");
   2183     for (i = 0 ; models[i]; i++)
   2184         fprintf(stderr, "%s%c", models[i], models[i+1] ? ',' : '\n');
   2185 
   2186     exit(exit_status);
   2187 }
   2188 
   2189 int net_client_init(Monitor *mon, const char *device, const char *p)
   2190 {
   2191     static const char * const fd_params[] = {
   2192         "vlan", "name", "fd", NULL
   2193     };
   2194     char buf[1024];
   2195     int vlan_id, ret;
   2196     VLANState *vlan;
   2197     char *name = NULL;
   2198 
   2199     vlan_id = 0;
   2200     if (get_param_value(buf, sizeof(buf), "vlan", p)) {
   2201         vlan_id = strtol(buf, NULL, 0);
   2202     }
   2203     vlan = qemu_find_vlan(vlan_id);
   2204 
   2205     if (get_param_value(buf, sizeof(buf), "name", p)) {
   2206         name = qemu_strdup(buf);
   2207     }
   2208     if (!strcmp(device, "nic")) {
   2209         static const char * const nic_params[] = {
   2210             "vlan", "name", "macaddr", "model", NULL
   2211         };
   2212         NICInfo *nd;
   2213         uint8_t *macaddr;
   2214         int idx = nic_get_free_idx();
   2215 
   2216         if (check_params(buf, sizeof(buf), nic_params, p) < 0) {
   2217             config_error(mon, "invalid parameter '%s' in '%s'\n", buf, p);
   2218             ret = -1;
   2219             goto out;
   2220         }
   2221         if (idx == -1 || nb_nics >= MAX_NICS) {
   2222             config_error(mon, "Too Many NICs\n");
   2223             ret = -1;
   2224             goto out;
   2225         }
   2226         nd = &nd_table[idx];
   2227         macaddr = nd->macaddr;
   2228         macaddr[0] = 0x52;
   2229         macaddr[1] = 0x54;
   2230         macaddr[2] = 0x00;
   2231         macaddr[3] = 0x12;
   2232         macaddr[4] = 0x34;
   2233         macaddr[5] = 0x56 + idx;
   2234 
   2235         if (get_param_value(buf, sizeof(buf), "macaddr", p)) {
   2236             if (parse_macaddr(macaddr, buf) < 0) {
   2237                 config_error(mon, "invalid syntax for ethernet address\n");
   2238                 ret = -1;
   2239                 goto out;
   2240             }
   2241         }
   2242         if (get_param_value(buf, sizeof(buf), "model", p)) {
   2243             nd->model = strdup(buf);
   2244         }
   2245         nd->vlan = vlan;
   2246         nd->name = name;
   2247         nd->used = 1;
   2248         name = NULL;
   2249         nb_nics++;
   2250         vlan->nb_guest_devs++;
   2251         ret = idx;
   2252     } else
   2253     if (!strcmp(device, "none")) {
   2254         if (*p != '\0') {
   2255             config_error(mon, "'none' takes no parameters\n");
   2256             ret = -1;
   2257             goto out;
   2258         }
   2259         /* does nothing. It is needed to signal that no network cards
   2260            are wanted */
   2261         ret = 0;
   2262     } else
   2263 #ifdef CONFIG_SLIRP
   2264     if (!strcmp(device, "user")) {
   2265         static const char * const slirp_params[] = {
   2266             "vlan", "name", "hostname", "restrict", "ip", NULL
   2267         };
   2268         int restricted = 0;
   2269         char *ip = NULL;
   2270 
   2271         if (check_params(buf, sizeof(buf), slirp_params, p) < 0) {
   2272             config_error(mon, "invalid parameter '%s' in '%s'\n", buf, p);
   2273             ret = -1;
   2274             goto out;
   2275         }
   2276         if (get_param_value(buf, sizeof(buf), "hostname", p)) {
   2277             pstrcpy(slirp_hostname, sizeof(slirp_hostname), buf);
   2278         }
   2279         if (get_param_value(buf, sizeof(buf), "restrict", p)) {
   2280             restricted = (buf[0] == 'y') ? 1 : 0;
   2281         }
   2282         if (get_param_value(buf, sizeof(buf), "ip", p)) {
   2283             ip = qemu_strdup(buf);
   2284         }
   2285         vlan->nb_host_devs++;
   2286         ret = net_slirp_init(vlan, device, name, restricted, ip);
   2287         qemu_free(ip);
   2288     } else if (!strcmp(device, "channel")) {
   2289         long port;
   2290         char name[20], *devname;
   2291         struct VMChannel *vmc;
   2292 
   2293         port = strtol(p, &devname, 10);
   2294         devname++;
   2295         if (port < 1 || port > 65535) {
   2296             config_error(mon, "vmchannel wrong port number\n");
   2297             ret = -1;
   2298             goto out;
   2299         }
   2300         vmc = malloc(sizeof(struct VMChannel));
   2301         snprintf(name, 20, "vmchannel%ld", port);
   2302         vmc->hd = qemu_chr_open(name, devname, NULL);
   2303         if (!vmc->hd) {
   2304             config_error(mon, "could not open vmchannel device '%s'\n",
   2305                          devname);
   2306             ret = -1;
   2307             goto out;
   2308         }
   2309         vmc->port = port;
   2310         slirp_add_exec(3, vmc->hd, 4, port);
   2311         qemu_chr_add_handlers(vmc->hd, vmchannel_can_read, vmchannel_read,
   2312                 NULL, vmc);
   2313         ret = 0;
   2314     } else
   2315 #endif
   2316 #ifdef _WIN32
   2317     if (!strcmp(device, "tap")) {
   2318         static const char * const tap_params[] = {
   2319             "vlan", "name", "ifname", NULL
   2320         };
   2321         char ifname[64];
   2322 
   2323         if (check_params(buf, sizeof(buf), tap_params, p) < 0) {
   2324             config_error(mon, "invalid parameter '%s' in '%s'\n", buf, p);
   2325             ret = -1;
   2326             goto out;
   2327         }
   2328         if (get_param_value(ifname, sizeof(ifname), "ifname", p) <= 0) {
   2329             config_error(mon, "tap: no interface name\n");
   2330             ret = -1;
   2331             goto out;
   2332         }
   2333         vlan->nb_host_devs++;
   2334         ret = tap_win32_init(vlan, device, name, ifname);
   2335     } else
   2336 #elif defined (_AIX)
   2337 #else
   2338     if (!strcmp(device, "tap")) {
   2339         char ifname[64], chkbuf[64];
   2340         char setup_script[1024], down_script[1024];
   2341         int fd;
   2342         vlan->nb_host_devs++;
   2343         if (get_param_value(buf, sizeof(buf), "fd", p) > 0) {
   2344             if (check_params(chkbuf, sizeof(chkbuf), fd_params, p) < 0) {
   2345                 config_error(mon, "invalid parameter '%s' in '%s'\n", chkbuf, p);
   2346                 ret = -1;
   2347                 goto out;
   2348             }
   2349             fd = strtol(buf, NULL, 0);
   2350             fcntl(fd, F_SETFL, O_NONBLOCK);
   2351             net_tap_fd_init(vlan, device, name, fd);
   2352             ret = 0;
   2353         } else {
   2354             static const char * const tap_params[] = {
   2355                 "vlan", "name", "ifname", "script", "downscript", NULL
   2356             };
   2357             if (check_params(chkbuf, sizeof(chkbuf), tap_params, p) < 0) {
   2358                 config_error(mon, "invalid parameter '%s' in '%s'\n", chkbuf, p);
   2359                 ret = -1;
   2360                 goto out;
   2361             }
   2362             if (get_param_value(ifname, sizeof(ifname), "ifname", p) <= 0) {
   2363                 ifname[0] = '\0';
   2364             }
   2365             if (get_param_value(setup_script, sizeof(setup_script), "script", p) == 0) {
   2366                 pstrcpy(setup_script, sizeof(setup_script), DEFAULT_NETWORK_SCRIPT);
   2367             }
   2368             if (get_param_value(down_script, sizeof(down_script), "downscript", p) == 0) {
   2369                 pstrcpy(down_script, sizeof(down_script), DEFAULT_NETWORK_DOWN_SCRIPT);
   2370             }
   2371             ret = net_tap_init(vlan, device, name, ifname, setup_script, down_script);
   2372         }
   2373     } else
   2374 #endif
   2375     if (!strcmp(device, "socket")) {
   2376         char chkbuf[64];
   2377         if (get_param_value(buf, sizeof(buf), "fd", p) > 0) {
   2378             int fd;
   2379             if (check_params(chkbuf, sizeof(chkbuf), fd_params, p) < 0) {
   2380                 config_error(mon, "invalid parameter '%s' in '%s'\n", chkbuf, p);
   2381                 ret = -1;
   2382                 goto out;
   2383             }
   2384             fd = strtol(buf, NULL, 0);
   2385             ret = -1;
   2386             if (net_socket_fd_init(vlan, device, name, fd, 1))
   2387                 ret = 0;
   2388         } else if (get_param_value(buf, sizeof(buf), "listen", p) > 0) {
   2389             static const char * const listen_params[] = {
   2390                 "vlan", "name", "listen", NULL
   2391             };
   2392             if (check_params(chkbuf, sizeof(chkbuf), listen_params, p) < 0) {
   2393                 config_error(mon, "invalid parameter '%s' in '%s'\n", chkbuf, p);
   2394                 ret = -1;
   2395                 goto out;
   2396             }
   2397             ret = net_socket_listen_init(vlan, device, name, buf);
   2398         } else if (get_param_value(buf, sizeof(buf), "connect", p) > 0) {
   2399             static const char * const connect_params[] = {
   2400                 "vlan", "name", "connect", NULL
   2401             };
   2402             if (check_params(chkbuf, sizeof(chkbuf), connect_params, p) < 0) {
   2403                 config_error(mon, "invalid parameter '%s' in '%s'\n", chkbuf, p);
   2404                 ret = -1;
   2405                 goto out;
   2406             }
   2407             ret = net_socket_connect_init(vlan, device, name, buf);
   2408         } else if (get_param_value(buf, sizeof(buf), "mcast", p) > 0) {
   2409             static const char * const mcast_params[] = {
   2410                 "vlan", "name", "mcast", NULL
   2411             };
   2412             if (check_params(chkbuf, sizeof(chkbuf), mcast_params, p) < 0) {
   2413                 config_error(mon, "invalid parameter '%s' in '%s'\n", chkbuf, p);
   2414                 ret = -1;
   2415                 goto out;
   2416             }
   2417             ret = net_socket_mcast_init(vlan, device, name, buf);
   2418         } else {
   2419             config_error(mon, "Unknown socket options: %s\n", p);
   2420             ret = -1;
   2421             goto out;
   2422         }
   2423         vlan->nb_host_devs++;
   2424     } else
   2425 #ifdef CONFIG_VDE
   2426     if (!strcmp(device, "vde")) {
   2427         static const char * const vde_params[] = {
   2428             "vlan", "name", "sock", "port", "group", "mode", NULL
   2429         };
   2430         char vde_sock[1024], vde_group[512];
   2431 	int vde_port, vde_mode;
   2432 
   2433         if (check_params(buf, sizeof(buf), vde_params, p) < 0) {
   2434             config_error(mon, "invalid parameter '%s' in '%s'\n", buf, p);
   2435             ret = -1;
   2436             goto out;
   2437         }
   2438         vlan->nb_host_devs++;
   2439         if (get_param_value(vde_sock, sizeof(vde_sock), "sock", p) <= 0) {
   2440 	    vde_sock[0] = '\0';
   2441 	}
   2442 	if (get_param_value(buf, sizeof(buf), "port", p) > 0) {
   2443 	    vde_port = strtol(buf, NULL, 10);
   2444 	} else {
   2445 	    vde_port = 0;
   2446 	}
   2447 	if (get_param_value(vde_group, sizeof(vde_group), "group", p) <= 0) {
   2448 	    vde_group[0] = '\0';
   2449 	}
   2450 	if (get_param_value(buf, sizeof(buf), "mode", p) > 0) {
   2451 	    vde_mode = strtol(buf, NULL, 8);
   2452 	} else {
   2453 	    vde_mode = 0700;
   2454 	}
   2455 	ret = net_vde_init(vlan, device, name, vde_sock, vde_port, vde_group, vde_mode);
   2456     } else
   2457 #endif
   2458     if (!strcmp(device, "dump")) {
   2459         int len = 65536;
   2460 
   2461         if (get_param_value(buf, sizeof(buf), "len", p) > 0) {
   2462             len = strtol(buf, NULL, 0);
   2463         }
   2464         if (!get_param_value(buf, sizeof(buf), "file", p)) {
   2465             snprintf(buf, sizeof(buf), "qemu-vlan%d.pcap", vlan_id);
   2466         }
   2467         ret = net_dump_init(mon, vlan, device, name, buf, len);
   2468     } else {
   2469         config_error(mon, "Unknown network device: %s\n", device);
   2470         ret = -1;
   2471         goto out;
   2472     }
   2473     if (ret < 0) {
   2474         config_error(mon, "Could not initialize device '%s'\n", device);
   2475     }
   2476 out:
   2477     qemu_free(name);
   2478     return ret;
   2479 }
   2480 
   2481 void net_client_uninit(NICInfo *nd)
   2482 {
   2483     nd->vlan->nb_guest_devs--;
   2484     nb_nics--;
   2485     nd->used = 0;
   2486     free((void *)nd->model);
   2487 }
   2488 
   2489 static int net_host_check_device(const char *device)
   2490 {
   2491     int i;
   2492     const char *valid_param_list[] = { "tap", "socket", "dump"
   2493 #ifdef CONFIG_SLIRP
   2494                                        ,"user"
   2495 #endif
   2496 #ifdef CONFIG_VDE
   2497                                        ,"vde"
   2498 #endif
   2499     };
   2500     for (i = 0; i < sizeof(valid_param_list) / sizeof(char *); i++) {
   2501         if (!strncmp(valid_param_list[i], device,
   2502                      strlen(valid_param_list[i])))
   2503             return 1;
   2504     }
   2505 
   2506     return 0;
   2507 }
   2508 
   2509 void net_host_device_add(Monitor *mon, const char *device, const char *opts)
   2510 {
   2511     if (!net_host_check_device(device)) {
   2512         monitor_printf(mon, "invalid host network device %s\n", device);
   2513         return;
   2514     }
   2515     if (net_client_init(mon, device, opts ? opts : "") < 0) {
   2516         monitor_printf(mon, "adding host network device %s failed\n", device);
   2517     }
   2518 }
   2519 
   2520 void net_host_device_remove(Monitor *mon, int vlan_id, const char *device)
   2521 {
   2522     VLANState *vlan;
   2523     VLANClientState *vc;
   2524 
   2525     vlan = qemu_find_vlan(vlan_id);
   2526 
   2527     for (vc = vlan->first_client; vc != NULL; vc = vc->next) {
   2528         if (!strcmp(vc->name, device)) {
   2529             break;
   2530         }
   2531     }
   2532 
   2533     if (!vc) {
   2534         monitor_printf(mon, "can't find device %s\n", device);
   2535         return;
   2536     }
   2537     if (!net_host_check_device(vc->model)) {
   2538         monitor_printf(mon, "invalid host network device %s\n", device);
   2539         return;
   2540     }
   2541     qemu_del_vlan_client(vc);
   2542 }
   2543 
   2544 int net_client_parse(const char *str)
   2545 {
   2546     const char *p;
   2547     char *q;
   2548     char device[64];
   2549 
   2550     p = str;
   2551     q = device;
   2552     while (*p != '\0' && *p != ',') {
   2553         if ((q - device) < sizeof(device) - 1)
   2554             *q++ = *p;
   2555         p++;
   2556     }
   2557     *q = '\0';
   2558     if (*p == ',')
   2559         p++;
   2560 
   2561     return net_client_init(NULL, device, p);
   2562 }
   2563 
   2564 void do_info_network(Monitor *mon)
   2565 {
   2566     VLANState *vlan;
   2567     VLANClientState *vc;
   2568 
   2569     for(vlan = first_vlan; vlan != NULL; vlan = vlan->next) {
   2570         monitor_printf(mon, "VLAN %d devices:\n", vlan->id);
   2571         for(vc = vlan->first_client; vc != NULL; vc = vc->next)
   2572             monitor_printf(mon, "  %s: %s\n", vc->name, vc->info_str);
   2573     }
   2574 }
   2575 
   2576 int do_set_link(Monitor *mon, const char *name, const char *up_or_down)
   2577 {
   2578     VLANState *vlan;
   2579     VLANClientState *vc = NULL;
   2580 
   2581     for (vlan = first_vlan; vlan != NULL; vlan = vlan->next)
   2582         for (vc = vlan->first_client; vc != NULL; vc = vc->next)
   2583             if (strcmp(vc->name, name) == 0)
   2584                 goto done;
   2585 done:
   2586 
   2587     if (!vc) {
   2588         monitor_printf(mon, "could not find network device '%s'", name);
   2589         return 0;
   2590     }
   2591 
   2592     if (strcmp(up_or_down, "up") == 0)
   2593         vc->link_down = 0;
   2594     else if (strcmp(up_or_down, "down") == 0)
   2595         vc->link_down = 1;
   2596     else
   2597         monitor_printf(mon, "invalid link status '%s'; only 'up' or 'down' "
   2598                        "valid\n", up_or_down);
   2599 
   2600     if (vc->link_status_changed)
   2601         vc->link_status_changed(vc);
   2602 
   2603     return 1;
   2604 }
   2605 
   2606 void net_cleanup(void)
   2607 {
   2608     VLANState *vlan;
   2609 
   2610     /* close network clients */
   2611     for(vlan = first_vlan; vlan != NULL; vlan = vlan->next) {
   2612         VLANClientState *vc = vlan->first_client;
   2613 
   2614         while (vc) {
   2615             VLANClientState *next = vc->next;
   2616 
   2617             qemu_del_vlan_client(vc);
   2618 
   2619             vc = next;
   2620         }
   2621     }
   2622 }
   2623 
   2624 void net_client_check(void)
   2625 {
   2626     VLANState *vlan;
   2627 
   2628     for(vlan = first_vlan; vlan != NULL; vlan = vlan->next) {
   2629         if (vlan->nb_guest_devs == 0 && vlan->nb_host_devs == 0)
   2630             continue;
   2631         if (vlan->nb_guest_devs == 0)
   2632             fprintf(stderr, "Warning: vlan %d with no nics\n", vlan->id);
   2633         if (vlan->nb_host_devs == 0)
   2634             fprintf(stderr,
   2635                     "Warning: vlan %d is not connected to host network\n",
   2636                     vlan->id);
   2637     }
   2638 }
   2639 
   2640 int
   2641 android_parse_network_speed(const char*  speed)
   2642 {
   2643     int          n;
   2644     char*  end;
   2645     double       sp;
   2646 
   2647     if (speed == NULL || speed[0] == 0) {
   2648         speed = DEFAULT_NETSPEED;
   2649     }
   2650 
   2651     for (n = 0; android_netspeeds[n].name != NULL; n++) {
   2652         if (!strcmp(android_netspeeds[n].name, speed)) {
   2653             qemu_net_download_speed = android_netspeeds[n].download;
   2654             qemu_net_upload_speed   = android_netspeeds[n].upload;
   2655             return 0;
   2656         }
   2657     }
   2658 
   2659     /* is this a number ? */
   2660     sp = strtod(speed, &end);
   2661     if (end == speed) {
   2662         return -1;
   2663     }
   2664 
   2665     qemu_net_download_speed = qemu_net_upload_speed = sp*1000.;
   2666     if (*end == ':') {
   2667         speed = end+1;
   2668         sp = strtod(speed, &end);
   2669         if (end > speed) {
   2670             qemu_net_download_speed = sp*1000.;
   2671         }
   2672     }
   2673 
   2674     if (android_modem)
   2675         amodem_set_data_network_type( android_modem,
   2676                                       android_parse_network_type(speed) );
   2677     return 0;
   2678 }
   2679 
   2680 
   2681 int
   2682 android_parse_network_latency(const char*  delay)
   2683 {
   2684     int  n;
   2685     char*  end;
   2686     double  sp;
   2687 
   2688     if (delay == NULL || delay[0] == 0)
   2689         delay = DEFAULT_NETDELAY;
   2690 
   2691     for (n = 0; android_netdelays[n].name != NULL; n++) {
   2692         if ( !strcmp( android_netdelays[n].name, delay ) ) {
   2693             qemu_net_min_latency = android_netdelays[n].min_ms;
   2694             qemu_net_max_latency = android_netdelays[n].max_ms;
   2695             return 0;
   2696         }
   2697     }
   2698 
   2699     /* is this a number ? */
   2700     sp = strtod(delay, &end);
   2701     if (end == delay) {
   2702         return -1;
   2703     }
   2704 
   2705     qemu_net_min_latency = qemu_net_max_latency = (int)sp;
   2706     if (*end == ':') {
   2707         delay = (const char*)end+1;
   2708         sp = strtod(delay, &end);
   2709         if (end > delay) {
   2710             qemu_net_max_latency = (int)sp;
   2711         }
   2712     }
   2713     return 0;
   2714 }
   2715