[libvirt PATCH 5/9] conf: parse/format passt-related XML additions

Ján Tomko jtomko at redhat.com
Mon Jan 9 07:18:27 UTC 2023 

On a Sunday in 2023, Laine Stump wrote:
>This implements XML config to represent a subset of the features
>supported by 'passt' (https://passt.top), which is an alternative
>backend for emulated network devices that requires no elevated
>privileges (similar to slirp, but "better").
>
>Along with setting the backend to use passt (via <backend
>type='passt'/> when the interface type='user'), we also support
>passt's --log-file and --interface options (via the <backend>
>subelement logFile and upstream attributes) and its --tcp-ports and
>--udp-ports options (which selectively forward incoming connections to
>the host on to the guest) via the new <portForward> subelement of
><interface>. Here is an example of the config for a network interface
>that uses passt to connect:
>
>    <interface type='user'>
>      <mac address='52:54:00:a8:33:fc'/>
>      <ip address='192.168.221.122' family='ipv4'/>
>      <model type='virtio'/>
>      <backend type='passt' logFile='/tmp/xyzzy.log' upstream='eth0'/>
>      <portForward address='10.0.0.1' proto='tcp' dev='eth0'>
>        <range start='2022' to='22'/>
>        <range start='5000' end='5099' to='1000'/>
>        <range start='5010' end='5029' exclude='yes'/>
>      </portForward>
>      <portForward proto='udp'>
>        <range start='10101'/>
>      </portForward>
>    </interface>
>
>In this case:
>
>* the guest will be offered address 192.168.221.122 for its interface
>  via DHCP
>
>* the passt process will write all log messages to /tmp/xyzzy.log
>
>* routes to the outside for the guest will be derived from the
>  addresses and routes associated with the host interface "eth0".
>
>* incoming tcp port 2022 to the host will be forwarded to port 22
>  on the guest.
>
>* incoming tcp ports 5000-5099 (with the exception of ports 5010-5029)
>  to the host will be forwarded to port 1000-1099 on the guest.
>
>* incoming udp packets on port 10101 will be forwarded (unchanged) to
>  the guest.
>
>Signed-off-by: Laine Stump <laine at redhat.com>
>---
> docs/formatdomain.rst                       |  95 +++++++-
> src/conf/domain_conf.c                      | 242 +++++++++++++++++++-
> src/conf/domain_conf.h                      |  40 ++++
> src/conf/domain_validate.c                  |  32 ++-
> src/conf/virconftypes.h                     |   4 +
> src/libvirt_private.syms                    |   1 +
> tests/qemuxml2xmloutdata/net-user-passt.xml |   1 +
> tests/qemuxml2xmltest.c                     |   1 +
> 8 files changed, 401 insertions(+), 15 deletions(-)
> create mode 120000 tests/qemuxml2xmloutdata/net-user-passt.xml
>

Reviewed-by: Ján Tomko <jtomko at redhat.com>

The XML looks reasonable to me. All my comments below are just
nitpicking.

>+static int
>+virDomainNetPortForwardRangesParseXML(virDomainNetPortForward *def,
>+                                      xmlXPathContextPtr ctxt)
>+{
>+    int nRanges;
>+    g_autofree xmlNodePtr *ranges = NULL;
>+    size_t i;
>+
>+    if ((nRanges = virXPathNodeSet("./range",
>+                                   ctxt, &ranges)) <= 0) {

This would fit on one line. Also, the braces are not necessary,
but allowed per our coding style.

>+        return nRanges;
>+    }
>+
>+    def->ranges = g_new0(virDomainNetPortForwardRange *, nRanges);
>+
>+    for (i = 0; i < nRanges; i++) {
>+        g_autofree virDomainNetPortForwardRange *range = NULL;
>+

[...]

>@@ -23274,17 +23435,91 @@ static void
> virDomainNetBackendFormat(virBuffer *buf,
>                           virDomainNetBackend *backend)
> {
>-
>-    if (!(backend->tap || backend->vhost))
>+    if (!(backend->type || backend->tap || backend->vhost
>+          || backend->logFile || backend->upstream)) {

The prevalent style is to put the operator on the preceding line.
Best way to avoid it here is to use virXMLFormatElement.

>         return;
>+    }
>

[...]

>
>+    if (net->type != VIR_DOMAIN_NET_TYPE_USER) {
>+        if (net->backend.type == VIR_DOMAIN_NET_BACKEND_PASST) {
>+            virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
>+                           _("\"<backend type='passt'/>\" can only be used with \"<interface type='user'>\""));

Including XML in the error message can be confusing if the error reaches
users that did not use XML to configure the domain.

>+            return -1;
>+        }
>+    }
>+
>     switch (net->type) {
>     case VIR_DOMAIN_NET_TYPE_VHOSTUSER:
>         if (!virDomainNetIsVirtioModel(net)) {

Reviewed-by: Ján Tomko <jtomko at redhat.com>

Jano
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20230109/82024415/attachment.sig>

More information about the libvir-list mailing list