[PATCH 00/23] Use a slirp helper process

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

From: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx>

Hi,

SLIRP networking can be running in a separate process. This allows for
stricter security policies for QEMU & SLIRP, as SLIRP is notoriously
not very safe (discussed on ML, various CVEs, and even the code says
so explicitly in the comments), yet people rely on it for various
reasons.

With this series, for a network interface "user", libvirt will:
- check the slirp-helper presence and capabilites (see [1])
- setup a socket pair between qemu and the helper
- use -net socket
- setup migration thanks to dbus-vmstate

There are no changes required to domain configuration to benefit
it. "guestfwd" isn't supported at this point, but it is known to be in
a broken state with libvirt+qemu anyway.

The dbus-vmstate is being proposed to QEMU.

The libslirp-rs slirp-helper hasn't yet received a release, but I plan
to make one soon, depending on the feedback.

fwiw, I have been working on an alternative rust-only implementation
of a slirp-helper that will also follow [1].

[1] https://gitlab.freedesktop.org/slirp/libslirp-rs/blob/master/src/bin/README.rst

Marc-André Lureau (23):
  Add .editorconfig
  dbus: correctly build reply message
  qemu: replace logCtxt with qemuDomainLogAppendMessage()
  qemu: reset VM id after external devices stop
  qemu: add socket datagram capability
  qemu: add dbus-vmstate capability
  qemu-conf: add configurable dbus-daemon location
  qemu-conf: add dbusStateDir
  qemu-security: add qemuSecurityCommandRun()
  qemu: add a DBus daemon helper unit
  qemu: add dbus-vmstate helper migration support
  domain-conf: add network def private data
  qemu: add qemuDomainNetworkPrivate
  qemu-conf: add configurable slirp-helper location
  qemu: add slirp helper unit
  qemu-domain: save and restore slirp state
  qemu: add a flag to the cookie to prevent slirp-helper setup
  qemu-migration: prevent migration if slirp cannot be migrated
  qemu-extdevice: prepare, start and stop slirp-helper
  qemu-command: use -net socket,fd= with slirp-helper
  qemu-process: prepare slirp-helper
  qemu-hotplug: handle hotplugging of slirp-helper
  tests: add slirp-helper qemuxml2argv test

 .editorconfig                                 |  21 +
 m4/virt-driver-qemu.m4                        |  10 +
 src/conf/domain_conf.c                        |  21 +-
 src/conf/domain_conf.h                        |   6 +
 src/qemu/Makefile.inc.am                      |   6 +
 src/qemu/libvirtd_qemu.aug                    |   2 +
 src/qemu/qemu.conf                            |   6 +
 src/qemu/qemu_alias.c                         |   7 +
 src/qemu/qemu_alias.h                         |   2 +
 src/qemu/qemu_capabilities.c                  |  10 +
 src/qemu/qemu_capabilities.h                  |   4 +
 src/qemu/qemu_command.c                       | 100 ++++-
 src/qemu/qemu_command.h                       |   6 +-
 src/qemu/qemu_conf.c                          |  20 +-
 src/qemu/qemu_conf.h                          |   3 +
 src/qemu/qemu_dbus.c                          | 384 ++++++++++++++++
 src/qemu/qemu_dbus.h                          |  44 ++
 src/qemu/qemu_domain.c                        | 206 ++++++++-
 src/qemu/qemu_domain.h                        |  27 ++
 src/qemu/qemu_driver.c                        |  11 +-
 src/qemu/qemu_extdevice.c                     |  82 ++--
 src/qemu/qemu_extdevice.h                     |  10 +-
 src/qemu/qemu_hotplug.c                       | 118 ++++-
 src/qemu/qemu_hotplug.h                       |   8 +
 src/qemu/qemu_interface.c                     |  27 ++
 src/qemu/qemu_interface.h                     |   4 +
 src/qemu/qemu_migration.c                     |  62 +++
 src/qemu/qemu_monitor.c                       |  35 +-
 src/qemu/qemu_monitor.h                       |   6 +-
 src/qemu/qemu_monitor_json.c                  |  15 +
 src/qemu/qemu_monitor_json.h                  |   5 +
 src/qemu/qemu_process.c                       |  37 +-
 src/qemu/qemu_process.h                       |   1 +
 src/qemu/qemu_security.c                      |  22 +
 src/qemu/qemu_security.h                      |   6 +
 src/qemu/qemu_slirp.c                         | 412 ++++++++++++++++++
 src/qemu/qemu_slirp.h                         |  78 ++++
 src/qemu/qemu_tpm.c                           |  10 +-
 src/qemu/qemu_tpm.h                           |   5 +-
 src/qemu/test_libvirtd_qemu.aug.in            |   2 +
 src/util/virdbus.c                            |  18 +-
 src/util/virdbus.h                            |   6 +-
 tests/Makefile.am                             |   1 +
 .../caps_4.0.0.aarch64.xml                    |   1 +
 .../qemucapabilitiesdata/caps_4.0.0.ppc64.xml |   1 +
 .../caps_4.0.0.riscv32.xml                    |   1 +
 .../caps_4.0.0.riscv64.xml                    |   1 +
 .../qemucapabilitiesdata/caps_4.0.0.s390x.xml |   1 +
 .../caps_4.0.0.x86_64.xml                     |   1 +
 .../caps_4.1.0.x86_64.xml                     |   1 +
 .../net-user.x86_64-4.0.0.args                |  34 ++
 tests/qemuxml2argvtest.c                      |  16 +
 tests/testutilsqemu.h                         |   1 +
 tests/virfirewalltest.c                       |   9 +-
 tests/virpolkittest.c                         |   3 +-
 55 files changed, 1849 insertions(+), 87 deletions(-)
 create mode 100644 .editorconfig
 create mode 100644 src/qemu/qemu_dbus.c
 create mode 100644 src/qemu/qemu_dbus.h
 create mode 100644 src/qemu/qemu_slirp.c
 create mode 100644 src/qemu/qemu_slirp.h
 create mode 100644 tests/qemuxml2argvdata/net-user.x86_64-4.0.0.args

-- 
2.22.0.214.g8dca754b1e

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]

  Powered by Linux