[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2] net/macos: implement vmnet-based network device

From: Phillip Tennen
Subject: Re: [PATCH v2] net/macos: implement vmnet-based network device
Date: Thu, 11 Feb 2021 13:43:36 +0100

Hi Howard,

Thanks very much for taking a look and testing it out!

This is a good catch - VMNET_SHARING_SERVICE_BUSY 
was added in macOS Big Sur, and is not available in prior versions. 

I'll submit a v3 of this patch that adds a compile-guard around this 
constant (assuming the #available macro is... available), and will 
validate the other vmnet symbols I reference as well.


On Thu, Feb 11, 2021 at 7:51 AM Howard Spoelstra <hsp.cat7@gmail.com> wrote:
On Fri, Feb 5, 2021 at 5:54 PM <phillip.ennen@gmail.com> wrote:
> From: Phillip Tennen <phillip@axleos.com>
> This patch implements a new netdev device, reachable via -netdev
> vmnet-macos, that’s backed by macOS’s vmnet framework.
> The vmnet framework provides native bridging support, and its usage in
> this patch is intended as a replacement for attempts to use a tap device
> via the tuntaposx kernel extension. Notably, the tap/tuntaposx approach
> never would have worked in the first place, as QEMU interacts with the
> tap device via poll(), and macOS does not support polling device files.
> vmnet requires either a special entitlement, granted via a provisioning
> profile, or root access. Otherwise attempts to create the virtual
> interface will fail with a “generic error” status code. QEMU may not
> currently be signed with an entitlement granted in a provisioning
> profile, as this would necessitate pre-signed binary build distribution,
> rather than source-code distribution. As such, using this netdev
> currently requires that qemu be run with root access. I’ve opened a
> feedback report with Apple to allow the use of the relevant entitlement
> with this use case:
> https://openradar.appspot.com/radar?id=5007417364447232
> vmnet offers three operating modes, all of which are supported by this
> patch via the “mode=host|shared|bridge” option:
> * "Host" mode: Allows the vmnet interface to communicate with other
> * vmnet
> interfaces that are in host mode and also with the native host.
> * "Shared" mode: Allows traffic originating from the vmnet interface to
> reach the Internet through a NAT. The vmnet interface can also
> communicate with the native host.
> * "Bridged" mode: Bridges the vmnet interface with a physical network
> interface.
> Each of these modes also provide some extra configuration that’s
> supported by this patch:
> * "Bridged" mode: The user may specify the physical interface to bridge
> with. Defaults to en0.
> * "Host" mode / "Shared" mode: The user may specify the DHCP range and
> subnet. Allocated by vmnet if not provided.
> vmnet also offers some extra configuration options that are not
> supported by this patch:
> * Enable isolation from other VMs using vmnet
> * Port forwarding rules
> * Enabling TCP segmentation offload
> * Only applicable in "shared" mode: specifying the NAT IPv6 prefix
> * Only available in "host" mode: specifying the IP address for the VM
> within an isolated network
> Note that this patch requires macOS 10.15 as a minimum, as this is when
> bridging support was implemented in vmnet.framework.
> Signed-off-by: Phillip Tennen <phillip@axleos.com>
Hi Phillip,

Thank you very much for this patch. As you wrote it should apply from
10.15 upwards. I have no problem building on Big Sur, but Catalina
stumbles. See below. Latest Xcode installed, other requirements
installed through brew.

Thanks for looking into this,


[1181/2135] Compiling C object libcommon.fa.p/net_vmnet-macos.c.o
FAILED: libcommon.fa.p/net_vmnet-macos.c.o
cc -Ilibcommon.fa.p -I. -I.. -I../capstone/include/capstone
-I../dtc/libfdt -I../slirp -I../slirp/src -Iqapi -Itrace -Iui
-Iui/shader -I/usr/local/Cellar/libffi/3.3_2/include
-I/usr/local/opt/gettext/include -I/usr/local/Cellar/pcre/8.44/include
-I/usr/local/Cellar/pixman/0.40.0/include/pixman-1 -Xclang
-fcolor-diagnostics -pipe -Wall -Winvalid-pch -std=gnu99 -O2 -g
-iquote . -iquote /Users/hsp/src/qemu-master -iquote
/Users/hsp/src/qemu-master/include -iquote
/Users/hsp/src/qemu-master/disas/libvixl -iquote
/Users/hsp/src/qemu-master/tcg/i386 -iquote
/Users/hsp/src/qemu-master/accel/tcg -m64 -mcx16
-D_LARGEFILE_SOURCE -Wstrict-prototypes -Wredundant-decls -Wundef
-Wwrite-strings -Wmissing-prototypes -fno-strict-aliasing -fno-common
-fwrapv -Wold-style-definition -Wtype-limits -Wformat-security
-Wformat-y2k -Winit-self -Wignored-qualifiers -Wempty-body
-Wnested-externs -Wendif-labels -Wexpansion-to-defined
-Wno-initializer-overrides -Wno-missing-include-dirs
-Wno-shift-negative-value -Wno-string-plus-int
-Wno-typedef-redefinition -Wno-tautological-type-limit-compare
-fstack-protector-strong -DSTRUCT_IOVEC_DEFINED -MD -MQ
libcommon.fa.p/net_vmnet-macos.c.o -MF
libcommon.fa.p/net_vmnet-macos.c.o.d -o
libcommon.fa.p/net_vmnet-macos.c.o -c ../net/vmnet-macos.c
../net/vmnet-macos.c:54:10: error: use of undeclared identifier

reply via email to

[Prev in Thread] Current Thread [Next in Thread]