Re: [PATCH v8 0/7] Add vmnet.framework based network backend
пт, 7 янв. 2022 г. в 08:03, Jason Wang : > > 在 2022/1/6 下午12:18, Jason Wang 写道: > > > > 在 2021/12/11 下午6:44, Vladislav Yaroshchuk 写道: > >> macOS provides networking API for VMs called 'vmnet.framework': > >> https://developer.apple.com/documentation/vmnet > >> > >> We can provide its support as the new QEMU network backends which > >> represent three different vmnet.framework interface usage modes: > >> > >>* `vmnet-shared`: > >> allows the guest to communicate with other guests in shared mode > >> and > >> also with external network (Internet) via NAT. Has (macOS-provided) > >> DHCP server; subnet mask and IP range can be configured; > >> > >>* `vmnet-host`: > >> allows the guest to communicate with other guests in host mode. > >> By default has enabled DHCP as `vmnet-shared`, but providing > >> network unique id (uuid) can make `vmnet-host` interfaces isolated > >> from each other and also disables DHCP. > >> > >>* `vmnet-bridged`: > >> bridges the guest with a physical network interface. > >> > >> This backends cannot work on macOS Catalina 10.15 cause we use > >> vmnet.framework API provided only with macOS 11 and newer. Seems > >> that it is not a problem, because QEMU guarantees to work on two most > >> recent versions of macOS which now are Big Sur (11) and Monterey (12). > >> > >> Also, we have one inconvenient restriction: vmnet.framework interfaces > >> can create only privileged user: > >> `$ sudo qemu-system-x86_64 -nic vmnet-shared` > >> > >> Attempt of `vmnet-*` netdev creation being unprivileged user fails with > >> vmnet's 'general failure'. > >> > >> This happens because vmnet.framework requires `com.apple.vm.networking` > >> entitlement which is: "restricted to developers of virtualization > >> software. > >> To request this entitlement, contact your Apple representative." as > >> Apple > >> documentation says: > >> > https://developer.apple.com/documentation/bundleresources/entitlements/com_apple_vm_networking > >> > >> > >> One more note: we still have quite useful but not supported > >> 'vmnet.framework' features as creating port forwarding rules, IPv6 > >> NAT prefix specifying and so on. > >> > >> Nevertheless, new backends work fine and tested within > >> `qemu-system-x86-64` > >> on macOS Bir Sur 11.5.2 host with such nic models: > >>* e1000-82545em > >>* virtio-net-pci > >>* vmxnet3 > >> > >> The guests were: > >>* macOS 10.15.7 > >>* Ubuntu Bionic (server cloudimg) > >> > >> > >> This series partially reuses patches by Phillip Tennen: > >> https://patchew.org/QEMU/20210218134947.1860-1-phillip.en...@gmail.com/ > >> So I included them signed-off line into one of the commit messages and > >> also here. > > > > > > Applied. > > > > Thanks > > > Reverted actually, though it can be built on macos but not Linux. I see > thing like: > > In file included from qapi/qapi-types-net.c:15: > qapi/qapi-types-net.h:411:9: error: unknown type name > ‘NetdevVmnetHostOptions’ >411 | NetdevVmnetHostOptions vmnet_host; >| ^~ > qapi/qapi-types-net.h:412:9: error: unknown type name > ‘NetdevVmnetSharedOptions’ >412 | NetdevVmnetSharedOptions vmnet_shared; >| ^~~~ > qapi/qapi-types-net.h:413:9: error: unknown type name > ‘NetdevVmnetBridgedOptions’ >413 | NetdevVmnetBridgedOptions vmnet_bridged; >| ^ > > Fixed in v9. There was one more place where 'if': 'CONFIG_VMNET' statement should be added in the qapi json. Without this malformed qapi sources were generated. Not only Linux builds were affected, other non-macOS platforms also. Sorry for this! > > Thanks > > -- Best Regards, Vladislav Yaroshchuk
Re: [PATCH v8 0/7] Add vmnet.framework based network backend
在 2022/1/6 下午12:18, Jason Wang 写道: 在 2021/12/11 下午6:44, Vladislav Yaroshchuk 写道: macOS provides networking API for VMs called 'vmnet.framework': https://developer.apple.com/documentation/vmnet We can provide its support as the new QEMU network backends which represent three different vmnet.framework interface usage modes: * `vmnet-shared`: allows the guest to communicate with other guests in shared mode and also with external network (Internet) via NAT. Has (macOS-provided) DHCP server; subnet mask and IP range can be configured; * `vmnet-host`: allows the guest to communicate with other guests in host mode. By default has enabled DHCP as `vmnet-shared`, but providing network unique id (uuid) can make `vmnet-host` interfaces isolated from each other and also disables DHCP. * `vmnet-bridged`: bridges the guest with a physical network interface. This backends cannot work on macOS Catalina 10.15 cause we use vmnet.framework API provided only with macOS 11 and newer. Seems that it is not a problem, because QEMU guarantees to work on two most recent versions of macOS which now are Big Sur (11) and Monterey (12). Also, we have one inconvenient restriction: vmnet.framework interfaces can create only privileged user: `$ sudo qemu-system-x86_64 -nic vmnet-shared` Attempt of `vmnet-*` netdev creation being unprivileged user fails with vmnet's 'general failure'. This happens because vmnet.framework requires `com.apple.vm.networking` entitlement which is: "restricted to developers of virtualization software. To request this entitlement, contact your Apple representative." as Apple documentation says: https://developer.apple.com/documentation/bundleresources/entitlements/com_apple_vm_networking One more note: we still have quite useful but not supported 'vmnet.framework' features as creating port forwarding rules, IPv6 NAT prefix specifying and so on. Nevertheless, new backends work fine and tested within `qemu-system-x86-64` on macOS Bir Sur 11.5.2 host with such nic models: * e1000-82545em * virtio-net-pci * vmxnet3 The guests were: * macOS 10.15.7 * Ubuntu Bionic (server cloudimg) This series partially reuses patches by Phillip Tennen: https://patchew.org/QEMU/20210218134947.1860-1-phillip.en...@gmail.com/ So I included them signed-off line into one of the commit messages and also here. Applied. Thanks Reverted actually, though it can be built on macos but not Linux. I see thing like: In file included from qapi/qapi-types-net.c:15: qapi/qapi-types-net.h:411:9: error: unknown type name ‘NetdevVmnetHostOptions’ 411 | NetdevVmnetHostOptions vmnet_host; | ^~ qapi/qapi-types-net.h:412:9: error: unknown type name ‘NetdevVmnetSharedOptions’ 412 | NetdevVmnetSharedOptions vmnet_shared; | ^~~~ qapi/qapi-types-net.h:413:9: error: unknown type name ‘NetdevVmnetBridgedOptions’ 413 | NetdevVmnetBridgedOptions vmnet_bridged; | ^ Thanks
Re: [PATCH v8 0/7] Add vmnet.framework based network backend
在 2021/12/11 下午6:44, Vladislav Yaroshchuk 写道: macOS provides networking API for VMs called 'vmnet.framework': https://developer.apple.com/documentation/vmnet We can provide its support as the new QEMU network backends which represent three different vmnet.framework interface usage modes: * `vmnet-shared`: allows the guest to communicate with other guests in shared mode and also with external network (Internet) via NAT. Has (macOS-provided) DHCP server; subnet mask and IP range can be configured; * `vmnet-host`: allows the guest to communicate with other guests in host mode. By default has enabled DHCP as `vmnet-shared`, but providing network unique id (uuid) can make `vmnet-host` interfaces isolated from each other and also disables DHCP. * `vmnet-bridged`: bridges the guest with a physical network interface. This backends cannot work on macOS Catalina 10.15 cause we use vmnet.framework API provided only with macOS 11 and newer. Seems that it is not a problem, because QEMU guarantees to work on two most recent versions of macOS which now are Big Sur (11) and Monterey (12). Also, we have one inconvenient restriction: vmnet.framework interfaces can create only privileged user: `$ sudo qemu-system-x86_64 -nic vmnet-shared` Attempt of `vmnet-*` netdev creation being unprivileged user fails with vmnet's 'general failure'. This happens because vmnet.framework requires `com.apple.vm.networking` entitlement which is: "restricted to developers of virtualization software. To request this entitlement, contact your Apple representative." as Apple documentation says: https://developer.apple.com/documentation/bundleresources/entitlements/com_apple_vm_networking One more note: we still have quite useful but not supported 'vmnet.framework' features as creating port forwarding rules, IPv6 NAT prefix specifying and so on. Nevertheless, new backends work fine and tested within `qemu-system-x86-64` on macOS Bir Sur 11.5.2 host with such nic models: * e1000-82545em * virtio-net-pci * vmxnet3 The guests were: * macOS 10.15.7 * Ubuntu Bionic (server cloudimg) This series partially reuses patches by Phillip Tennen: https://patchew.org/QEMU/20210218134947.1860-1-phillip.en...@gmail.com/ So I included them signed-off line into one of the commit messages and also here. Applied. Thanks v1 -> v2: Since v1 minor typos were fixed, patches rebased onto latest master, redundant changes removed (small commits squashed) v2 -> v3: - QAPI style fixes - Typos fixes in comments - `#include`'s updated to be in sync with recent master v3 -> v4: - Support vmnet interfaces isolation feature - Support vmnet-host network uuid setting feature - Refactored sources a bit v4 -> v5: - Missed 6.2 boat, now 7.0 candidate - Fix qapi netdev descriptions and styles (@subnetmask -> @subnet-mask) - Support vmnet-shared IPv6 prefix setting feature v5 -> v6 - provide detailed commit messages for commits of many changes - rename properties @dhcpstart and @dhcpend to @start-address and @end-address - improve qapi documentation about isolation features (@isolated, @net-uuid) v6 -> v7: - update MAINTAINERS list v7 -> v8 - QAPI code style fixes Vladislav Yaroshchuk (7): net/vmnet: add vmnet dependency and customizable option net/vmnet: add vmnet backends to qapi/net net/vmnet: implement shared mode (vmnet-shared) net/vmnet: implement host mode (vmnet-host) net/vmnet: implement bridged mode (vmnet-bridged) net/vmnet: update qemu-options.hx net/vmnet: update MAINTAINERS list MAINTAINERS | 5 + meson.build | 4 + meson_options.txt | 2 + net/clients.h | 11 ++ net/meson.build | 7 + net/net.c | 10 ++ net/vmnet-bridged.m | 111 net/vmnet-common.m| 330 ++ net/vmnet-host.c | 105 +++ net/vmnet-shared.c| 92 ++ net/vmnet_int.h | 48 + qapi/net.json | 129 - qemu-options.hx | 25 +++ scripts/meson-buildoptions.sh | 3 + 14 files changed, 880 insertions(+), 2 deletions(-) create mode 100644 net/vmnet-bridged.m create mode 100644 net/vmnet-common.m create mode 100644 net/vmnet-host.c create mode 100644 net/vmnet-shared.c create mode 100644 net/vmnet_int.h
Re: [PATCH v8 0/7] Add vmnet.framework based network backend
ping https://patchew.org/QEMU/20211211104413.50524-1-yaroshchuk2...@gmail.com/ сб, 11 дек. 2021 г. в 13:44, Vladislav Yaroshchuk : > macOS provides networking API for VMs called 'vmnet.framework': > https://developer.apple.com/documentation/vmnet > > We can provide its support as the new QEMU network backends which > represent three different vmnet.framework interface usage modes: > > * `vmnet-shared`: > allows the guest to communicate with other guests in shared mode and > also with external network (Internet) via NAT. Has (macOS-provided) > DHCP server; subnet mask and IP range can be configured; > > * `vmnet-host`: > allows the guest to communicate with other guests in host mode. > By default has enabled DHCP as `vmnet-shared`, but providing > network unique id (uuid) can make `vmnet-host` interfaces isolated > from each other and also disables DHCP. > > * `vmnet-bridged`: > bridges the guest with a physical network interface. > > This backends cannot work on macOS Catalina 10.15 cause we use > vmnet.framework API provided only with macOS 11 and newer. Seems > that it is not a problem, because QEMU guarantees to work on two most > recent versions of macOS which now are Big Sur (11) and Monterey (12). > > Also, we have one inconvenient restriction: vmnet.framework interfaces > can create only privileged user: > `$ sudo qemu-system-x86_64 -nic vmnet-shared` > > Attempt of `vmnet-*` netdev creation being unprivileged user fails with > vmnet's 'general failure'. > > This happens because vmnet.framework requires `com.apple.vm.networking` > entitlement which is: "restricted to developers of virtualization software. > To request this entitlement, contact your Apple representative." as Apple > documentation says: > > https://developer.apple.com/documentation/bundleresources/entitlements/com_apple_vm_networking > > One more note: we still have quite useful but not supported > 'vmnet.framework' features as creating port forwarding rules, IPv6 > NAT prefix specifying and so on. > > Nevertheless, new backends work fine and tested within `qemu-system-x86-64` > on macOS Bir Sur 11.5.2 host with such nic models: > * e1000-82545em > * virtio-net-pci > * vmxnet3 > > The guests were: > * macOS 10.15.7 > * Ubuntu Bionic (server cloudimg) > > > This series partially reuses patches by Phillip Tennen: > https://patchew.org/QEMU/20210218134947.1860-1-phillip.en...@gmail.com/ > So I included them signed-off line into one of the commit messages and > also here. > > v1 -> v2: > Since v1 minor typos were fixed, patches rebased onto latest master, > redundant changes removed (small commits squashed) > v2 -> v3: > - QAPI style fixes > - Typos fixes in comments > - `#include`'s updated to be in sync with recent master > v3 -> v4: > - Support vmnet interfaces isolation feature > - Support vmnet-host network uuid setting feature > - Refactored sources a bit > v4 -> v5: > - Missed 6.2 boat, now 7.0 candidate > - Fix qapi netdev descriptions and styles >(@subnetmask -> @subnet-mask) > - Support vmnet-shared IPv6 prefix setting feature > v5 -> v6 > - provide detailed commit messages for commits of >many changes > - rename properties @dhcpstart and @dhcpend to >@start-address and @end-address > - improve qapi documentation about isolation >features (@isolated, @net-uuid) > v6 -> v7: > - update MAINTAINERS list > v7 -> v8 > - QAPI code style fixes > > > Vladislav Yaroshchuk (7): > net/vmnet: add vmnet dependency and customizable option > net/vmnet: add vmnet backends to qapi/net > net/vmnet: implement shared mode (vmnet-shared) > net/vmnet: implement host mode (vmnet-host) > net/vmnet: implement bridged mode (vmnet-bridged) > net/vmnet: update qemu-options.hx > net/vmnet: update MAINTAINERS list > > MAINTAINERS | 5 + > meson.build | 4 + > meson_options.txt | 2 + > net/clients.h | 11 ++ > net/meson.build | 7 + > net/net.c | 10 ++ > net/vmnet-bridged.m | 111 > net/vmnet-common.m| 330 ++ > net/vmnet-host.c | 105 +++ > net/vmnet-shared.c| 92 ++ > net/vmnet_int.h | 48 + > qapi/net.json | 129 - > qemu-options.hx | 25 +++ > scripts/meson-buildoptions.sh | 3 + > 14 files changed, 880 insertions(+), 2 deletions(-) > create mode 100644 net/vmnet-bridged.m > create mode 100644 net/vmnet-common.m > create mode 100644 net/vmnet-host.c > create mode 100644 net/vmnet-shared.c > create mode 100644 net/vmnet_int.h > > -- > 2.23.0 > >
