Age | Commit message (Collapse) | Author | Files | Lines |
|
Since QEMU 7.1 we don't support Ubuntu 18.04 anymore, so the last big
important Linux distro that did not have a pre-packaged libslirp has
been dismissed. All other major distros seem to have a libslirp package
in their distribution already - according to repology.org:
Fedora 35: 4.6.1
CentOS 8 (RHEL-8): 4.4.0
Debian 11: 4.4.0
OpenSUSE Leap 15.3: 4.3.1
Ubuntu LTS 20.04: 4.1.0
FreeBSD Ports: 4.7.0
NetBSD pkgsrc: 4.7.0
Homebrew: 4.7.0
MSYS2 mingw: 4.7.0
The only one that was still missing a libslirp package is OpenBSD - but
the next version (OpenBSD 7.2 which will be shipped in October) is going
to include a libslirp package. Since QEMU 7.2 will be published after
OpenBSD 7.2, we should be fine there, too.
So there is no real urgent need for keeping the slirp submodule in
the QEMU tree anymore. Thus let's drop the slirp submodule now and
rely on the libslirp packages from the distributions instead.
Message-Id: <20220824151122.704946-7-thuth@redhat.com>
Acked-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
Signed-off-by: Thomas Huth <thuth@redhat.com>
|
|
Version 4.7 of slirp provides a new timer API that works better with CFI,
together with several other improvements:
* Allow disabling the internal DHCP server !22
* Support Unix sockets in hostfwd !103
* IPv6 DNS proxying support !110
* bootp: add support for UEFI HTTP boot !111
and bugfixes.
The submodule update also includes 2 commits to fix warnings in the
Win32 build.
Reviewed-by: Marc-André Lureau <malureau@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
|
Switch from stable-4.2 branch to upstream v4.6.1 release + fixes.
## [Unreleased]
### Fixed
- Haiku fixes. !98 !99
- Fix a minor DHCP regression introduced in 4.6.0. !97
## [4.6.1] - 2021-06-18
### Fixed
- Fix DHCP regression introduced in 4.6.0. !95
## [4.6.0] - 2021-06-14
### Added
- mbuf: Add debugging helpers for allocation. !90
### Changed
- Revert "Set macOS deployment target to macOS 10.4". !93
### Fixed
- mtod()-related buffer overflows (CVE-2021-3592 #44, CVE-2021-3593 #45,
CVE-2021-3594 #47, CVE-2021-3595 #46).
- poll_fd: add missing fd registration for UDP and ICMP
- ncsi: make ncsi_calculate_checksum work with unaligned data. !89
- Various typos and doc fixes. !88
## [4.5.0] - 2021-05-18
### Added
- IPv6 forwarding. !62 !75 !77
- slirp_neighbor_info() to dump the ARP/NDP tables. !71
### Changed
- Lazy guest address resolution for IPv6. !81
- Improve signal handling when spawning a child. !61
- Set macOS deployment target to macOS 10.4. !72
- slirp_add_hostfwd: Ensure all error paths set errno. !80
- More API documentation.
### Fixed
- Assertion failure on unspecified IPv6 address. !86
- Disable polling for PRI on MacOS, fixing some closing streams issues. !73
- Various memory leak fixes on fastq/batchq. !68
- Memory leak on IPv6 fast-send. !67
- Slow socket response on Windows. !64
- Misc build and code cleanups. !60 !63 !76 !79 !84
## [4.4.0] - 2020-12-02
### Added
- udp, udp6, icmp: handle TTL value. !48
- Enable forwarding ICMP errors. !49
- Add DNS resolving for iOS. !54
### Changed
- Improve meson subproject() support. !53
- Removed Makefile-based build system. !56
### Fixed
- socket: consume empty packets. !55
- check pkt_len before reading protocol header (CVE-2020-29129). !57
- ip_stripoptions use memmove (fixes undefined behaviour). !47
- various Coverity-related changes/fixes.
## [4.3.1] - 2020-07-08
### Changed
- A silent truncation could occur in `slirp_fmt()`, which will now print a
critical message. See also #22.
### Fixed
- CVE-2020-10756 - Drop bogus IPv6 messages that could lead to data leakage.
See !44 and !42.
- Fix win32 builds by using the SLIRP_PACKED definition.
- Various coverity scan errors fixed. !41
- Fix new GCC warnings. !43
## [4.3.0] - 2020-04-22
### Added
- `SLIRP_VERSION_STRING` macro, with the git sha suffix when building from git
- `SlirpConfig.disable_dns`, to disable DNS redirection #16
### Changed
- `slirp_version_string()` now has the git sha suffix when building form git
- Limit DNS redirection to port 53 #16
### Fixed
- Fix build regression with mingw & NetBSD
- Fix use-afte-free in `ip_reass()` (CVE-2020-1983)
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Doug Evans <dje@google.com>
|
|
An out-of-bounds access issue was found in the SLIRP user networking
implementation of QEMU. It could occur while processing ARP/NCSI
packets, if the packet length was shorter than required to accommodate
respective protocol headers and payload. A privileged guest user may use
this flaw to potentially leak host information bytes.
Marc-André Lureau (1):
Merge branch 'stable-4.2' into 'stable-4.2'
Prasad J Pandit (1):
slirp: check pkt_len before reading protocol header
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
|
|
Dr. David Alan Gilbert (1):
ip_stripoptions use memmove
Jindrich Novy (4):
Fix possible infinite loops and use-after-free
Use secure string copy to avoid overflow
Be sure to initialize sockaddr structure
Check lseek() for failure
Marc-André Lureau (2):
util: do not silently truncate
Merge branch 'stable-4.2' into 'stable-4.2'
Philippe Mathieu-Daudé (3):
Fix win32 builds by using the SLIRP_PACKED definition
Fix constness warnings
Remove unnecessary break
Ralf Haferkamp (2):
Drop bogus IPv6 messages
Fix MTU check
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
|
|
This is an update on the stable-4.2 branch of libslirp.git:
git shortlog 55ab21c9a3..2faae0f778f81
Marc-André Lureau (1):
Fix use-afte-free in ip_reass() (CVE-2020-1983)
CVE-2020-1983 is actually a follow up fix for commit
126c04acbabd7ad32c2b018fe10dfac2a3bc1210 ("Fix heap overflow in
ip_reass on big packet input") which was was included in qemu
v4.1 (commit e1a4a24d262ba5ac74ea1795adb3ab1cd574c7fb "slirp: update
with CVE-2019-14378 fix").
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-id: 20200421170227.843555-1-marcandre.lureau@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
git shortlog
126c04acbabd7ad32c2b018fe10dfac2a3bc1210..55ab21c9a36852915b81f1b41ebaf3b6509dd8ba
5eraph (1):
Use specific outbound IP address
Akihiro Suda (8):
remove confusing comment that exists from ancient slirp
add slirp_new(SlirpConfig *, SlirpCb *, void *)
allow custom MTU
add disable_host_loopback (prohibit connections to 127.0.0.1)
add SlirpConfig version
emu: remove dead code
emu: disable by default
fix a typo in a comment
Anders Waldenborg (1):
state: fix loading of guestfwd state
Giuseppe Scrivano (1):
socket: avoid getpeername after shutdown(SHUT_WR)
Jindrich Novy (1):
Don't leak memory when reallocation fails.
Jordi Pujol Palomer (1):
fork_exec: correctly parse command lines that contain spaces
Marc-André Lureau (60):
Merge branch 'AkihiroSuda/libslirp-slirp4netns'
Merge branch 'fix-typo' into 'master'
meson: make it subproject friendly
Merge branch 'meson' into 'master'
misc: fix compilation warnings
Merge branch 'fix-shutdown-wr' into 'master'
sbuf: remove unused and undefined sbcopy() path
sbuf: check more strictly sbcopy() bounds with offset
sbuf: replace a comment with a runtime warning
Replace remaining malloc/free user with glib
tcp_attach() can no longer fail
state: can't ENOMEM
sbuf: use unsigned types
sbuf: simplify sbreserve()
dnssearch: use g_strv_length()
vmstate: silence scan-build warning
gitlab-ci: run scan-build
Merge branch 'mem-cleanups' into 'master'
libslirp.map: bind slirp_new to SLIRP_4.1 version
meson: fix libtool versioning
Release v4.1.0
Merge branch '4.1.0' into 'master'
CHANGELOG: start unreleased section
Merge branch 'add-unix' into 'master'
util: add G_SIZEOF_MEMBER() macro
Check bootp_filename is not going to be truncated
bootp: remove extra cast
bootp: replace simple snprintf() with strcpy()
tftp: clarify what is actually OACK m_len
tcp_emu: add more fixme/warnings comments
util: add slirp_fmt() helpers
dhcpv6: use slirp_fmt()
misc: use slirp_fmt0()
tftp: use slirp_fmt0()
tcp_ctl: use slirp_fmt()
tcp_emu: fix unsafe snprintf() usages
misc: improve error report
Use g_snprintf()
util: add gnuc format function attribute to slirp_fmt*
Merge branch 'aw-guestfwd-state' into 'master'
Merge branch 'slirp-fmt' into 'master'
socket: remove extra label and variable
socket: factor out sotranslate ipv4/ipv6 handling
socket: remove need for extra scope_id variable
socket: do not fallback on host loopback if get_dns_addr() failed
socket: do not fallback on loopback addr for addresses in our mask/prefix
Prepare for v4.2.0 release
Merge branch 'translate-fix' into 'master'
Merge branch 'release-v4.2.0' into 'master'
changelog: post-release
changelog: fix link
.gitlab-ci: add --werror, treat CI build warnings as errors
Revert "socket: remove need for extra scope_id variable"
Teach slirp_version_string() to return vcs version
Merge branch 'mingw-fix' into 'master'
Merge branch 'vcs-version' into 'master'
meson: bump required version to 0.49
build-sys: fix NetBSD build regression
Merge branch 'netbsd-fix' into 'master'
build-sys: make libslirp-version.h depend on Makefile
PanNengyuan (1):
libslirp: fix NULL pointer dereference in tcp_sockclosed
Philippe Mathieu-Daudé (1):
Add a git-publish configuration file
Prasad J Pandit (4):
slirp: ncsi: compute checksum for valid data length
slirp: use correct size while emulating IRC commands
slirp: use correct size while emulating commands
slirp: tftp: restrict relative path access
Renzo Davoli (2):
Add slirp_remove_guestfwd()
Add slirp_add_unix()
Samuel Thibault (14):
ip_reass: explain why we should not always update the q pointer
Merge branch 'comment' into 'master'
Merge branch 'no-emu' into 'master'
Fix bogus indent, no source change
ip_reass: Fix use after free
Merge branch 'reass2' into 'master'
Make host receive broadcast packets
arp: Allow 0.0.0.0 destination address
Merge branch 'warnings' into 'master'
Merge branch 'arp_0' into 'master'
Merge branch 'broadcast' into 'master'
tcp_emu: Fix oob access
Merge branch 'oob' into 'master'
Merge branch 'master' into 'master'
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
|
|
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
|
|
Adds gitignore, README file, and fixes ident protocol parsing.
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
|
|
To fix Windows on ARM.
|
|
The slirp project is now hosted on freedesktop at:
https://gitlab.freedesktop.org/slirp.
The libslirp source was extracted from qemu/slirp filtered through
clang-format (available in project tree). The qemu slirp directory can
be swapped by a git submodule.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20190424110041.8175-3-marcandre.lureau@redhat.com>
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
|
|
Prepare for making slirp/ a standalone project.
Remove some useless includes while at it.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20190212162524.31504-5-marcandre.lureau@redhat.com>
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
|
|
Replace:
- u_char -> uint8_t
- u_short -> uint16_t
- u_long -> uint32_t
- u_int -> unsigned
- caddr_t -> char *
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
|
|
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
|
|
An overdue cleanup. Remaining declarations could probably be moved in
other headers, such as slirp.h.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
|
|
Cleaned up with scripts/clean-header-guards.pl.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
|
|
Slirp uses rfds/wfds/xfds more extensively than other QEMU components.
The rarely-used out-of-band TCP data feature is used. That means we
need the full table of select(2) to g_poll(3) events:
rfds -> G_IO_IN | G_IO_HUP | G_IO_ERR
wfds -> G_IO_OUT | G_IO_ERR
xfds -> G_IO_PRI
I came up with this table by looking at Linux fs/select.c which maps
select(2) to poll(2) internally.
Another detail to watch out for are the global variables that reference
rfds/wfds/xfds during slirp_select_poll(). sofcantrcvmore() and
sofcantsendmore() use these globals to clear fd_set bits. When
sofcantrcvmore() is called, the wfds bit is cleared so that the write
handler will no longer be run for this iteration of the event loop.
This actually seems buggy to me since TCP connections can be half-closed
and we'd still want to handle data in half-duplex fashion. I think the
real intention is to avoid running the read/write handler when the
socket has been fully closed. This is indicated with the SS_NOFDREF
state bit so we now check for it before invoking the TCP write handler.
Note that UDP/ICMP code paths don't care because they are
connectionless.
Note that slirp/ has a lot of tabs and sometimes mixed tabs with spaces.
I followed the style of the surrounding code.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Message-id: 1361356113-11049-6-git-send-email-stefanha@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
|
in_addr_t isn't available on mingw32. Just use an unsigned long instead. I
considered typedef'ing in_addr_t on mingw32 but this would potentially be
brittle if mingw32 did introduce the type.
Cc: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
Changes so translation of remote address to the host's ip address in
the virtual network happens for all addresses in the 127.0.0.0/8
network, not just 127.0.0.1.
This fixes so that hostfwd bound to addresses such as 127.0.0.2 works.
Signed-off-by: Anders Waldenborg <anders@0x63.nu>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
|
|
In the current implementation, if Slirp tries to send an IP packet to a client
with an unknown hardware address, the packet is simply dropped and an ARP
request is sent (if_encap in slirp/slirp.c).
With this patch, Slirp will send the ARP request, re-queue the packet and try
to send it later. The packet is dropped after one second if the ARP reply is
not received.
Signed-off-by: Fabien Chouteau <chouteau@adacore.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
|
|
There is no need to have a second set of integral types.
Replace them by the standard types from stdint.h.
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
|
|
Currently the qemu user-mode networking stack reads the host DNS
configuration (/etc/resolv.conf or the Windows equivalent) only once
when qemu starts. This causes name lookups in the guest to fail if the
host is moved to a different network from which the original DNS servers
are unreachable, a common occurrence when the host is a laptop.
This patch changes the slirp code to read the host DNS configuration on
demand, caching the results for at most 1 second to avoid unnecessary
overhead if name lookups occur in rapid succession. On non-Windows
hosts, /etc/resolv.conf is re-read only if the file has been replaced or
if its size or mtime has changed.
Signed-off-by: Ed Swierk <eswierk@aristanetworks.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
Three problems with our_addr:
- It's determined only once when qemu starts, but the address can change
(just like the DNS configuration can).
- It's supposed to be the IP address of a host network interface, but
there's no guarantee that gethostbyname(gethostname()) actually does
that: the host might be a laptop that has only a loopback interface up,
or the hostname might be localhost.localdomain, etc.
- It's useless at best: get_dns_addr() calls it, there's no reason to
send DNS requests to a different IP address if you're running a DNS
server on the host and resolv.conf points to 127.0.0.1.
These problems are easily solved by removing the code.
Signed-off-by: Ed Swierk <eswierk@aristanetworks.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
Allocate the internal slirp state dynamically and provide and call
slirp_cleanup to properly release it after use. This patch finally
unbreaks slirp release and re-instantiation via host_net_* monitor
commands.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
The essence of this patch is to stuff (almost) all global variables of
the slirp stack into the structure Slirp. In this step, we still keep
the structure as global variable, directly accessible by the whole
stack. Changes to the external interface of slirp will be applied in
the following patches.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
Drop redundant typecasts in both variants and remove the pointless
round-up in the UNIX version.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
With the internal IP configuration made more flexible, we can now
enhance the user interface. This patch adds a number of new options to
"-net user": net (address and mask), host, dhcpstart, dns and smbserver.
It also renames "redir" to "hostfwd" and "channel" to "guestfwd" in
order to (hopefully) clarify their meanings. The format of guestfwd is
extended so that the user can define not only the port but also the
virtual server's IP address the forwarding starts from.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
The user mode IP stack is currently only minimally configurable /wrt to
its virtual IP addresses. This is unfortunate if some guest has a fixed
idea of which IP addresses to use.
Therefore this patch prepares the stack for fully configurable IP
addresses and masks. The user interface and default addresses remain
untouched in this step, they will be enhanced in the following patch.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
So far a couple of slirp-related parameters were expressed via
stand-alone command line options. This it inconsistent and unintuitive.
Moreover, it prevents both dynamically reconfigured (host_net_add/
delete) and multi-instance slirp.
This patch refactors the configuration by turning -smb, -redir, -tftp
and -bootp as well as -net channel into options of "-net user". The old
stand-alone command line options are still processed, but no longer
advertised. This allows smooth migration of management applications to
to the new syntax and also the extension of that syntax later in this
series.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6272 c046a42c-6fe2-441c-8c8c-71466251a162
|
|
Add "slirp firewall" to permit connection only to vmchannel addresses.
Signed-off-by: Gleb Natapov <gleb@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6241 c046a42c-6fe2-441c-8c8c-71466251a162
|
|
Signed-off-by: Gleb Natapov <gleb@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6240 c046a42c-6fe2-441c-8c8c-71466251a162
|
|
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@3452 c046a42c-6fe2-441c-8c8c-71466251a162
|
|
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@3173 c046a42c-6fe2-441c-8c8c-71466251a162
|
|
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@1895 c046a42c-6fe2-441c-8c8c-71466251a162
|
|
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@1016 c046a42c-6fe2-441c-8c8c-71466251a162
|
|
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@733 c046a42c-6fe2-441c-8c8c-71466251a162
|