GitLab

to get struct sbuf
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>

Set macOS deployment target

Closes #36

See merge request !72

Without a macOS deployment target, the resulting library does not work on macOS versions lower than it was currently built on.
For example, if libslirp was built on macOS 10.15, it would not work on macOS 10.14.

Add /build/ to .gitignore

See merge request !69

The docs suggest building in ./build, which is cool.
Add build to .gitignore so it doesn't interfere with git.
Signed-off-by: Doug Evans <dje@google.com>

m_cleanup: fix memory leaks

See merge request !68

This should ensure the lists are considered empty after the cleanup

m_cleanup didn't cleanup the if_batchq and if_fastq queues, resulting in
a memory leak.

mbufs added to the freelist shouldn't keep the M_EXT flag as they can be
recycled and the new owner could try to access the freed extended buffer.

ip6_output: fix memory leak on fast-send

See merge request !67

When emitting NDP Neighbour Sollicitations, ip6_output immediately calls
if_encap without going through any queue. if_encap however does not free
the mbuf, so ip6_output has to do it.

This was leaking one mbuf per NDP NS sent by slirp. Hopefully the guest was
not using more than NDP_TABLE_SIZE (16) IPv6 addresses, in which case it was
limited to a bound number, but more addresses would result to leaks.

Reject host forwarding to ipv6 "addr-any"

See merge request !66

Libslirp currently only provides a stateless DHCPv6 server,
and thus can't do the "addr-any -> guest IP address" translation
that is done for ipv4. Until a stateful DHCPv6 server is available,
reject addr-any.
Signed-off-by: Doug Evans <dje@google.com>

tcpx_listen: Pass sizeof(addr) to memset

See merge request !65

Signed-off-by: Doug Evans <dje@google.com>

Add ipv6 host forward support

See merge request !62

Two exported functions are added which are the ipv6 versions of their
ipv4 counterparts: slirp_add_ipv6_hostfwd, slirp_remove_ipv6_hostfwd.
Signed-off-by: Doug Evans <dje@google.com>

This is actually similar to the fix in 9f78e949 ("Fix a typo that
can cause slow socket response on Windows."), except that here there is
no semantic change since s = so->s above.
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>

[PATCH] Fix a typo that can cause slow socket response on Windows.

See merge request !64

We observed slow responses on a host forwarded port on Windows. Investigation revealed that qemu_fd_register was being called with fd=-1 and this caused g_poll in qemu_poll_ns timing out. I tracked this behavior to following commit:
748f8f4b slirp: replace qemu_set_nonblock()

@@ -482,7 +483,8 @@ void tcp_connect(struct socket *inso)
         tcp_close(sototcpcb(so)); /* This will sofree() as well */
         return;
     }
-    qemu_set_nonblock(s);
+    slirp_set_nonblock(s);
+    so->slirp->cb->register_poll_fd(so->s);

It seems that calling register_poll_fd with so->s instead of s may be a typo. Changing it back to s solves this issue. The commit 748f8f4b made similar change in tcp_fconnect but I have not touched it.
Signed-off-by: Hafiz Abid Qadeer <abidh@codesourcery.com>

Fix unused variables

See merge request !63

../../subprojects/libslirp/src/slirp.c:131:17: error: unused variable
'old_stat' [-Werror,-Wunused-variable]
    struct stat old_stat;
                ^
../../subprojects/libslirp/src/slirp.c:143:10: error: unused variable
'buff' [-Werror,-Wunused-variable]
    char buff[512];
         ^
2 errors generated.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>

fork_exec_child_setup: improve signal handling

See merge request !61

Blocked signal state is inherited across exec(), so let's zero that out rather
than inherit whatever it was when we spawned the child.

POSIX has some strange rules about SIG_IGN'd SIGCHLD across exec, so let's not
do that, just for consistency.

Remove some needless (void)casts

See merge request !60

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>

Release v4.4.0

See merge request !59

socket: consume empty packets

See merge request !55

it fixes a tightloop when a packet with len==0 is received.

Closes: https://github.com/rootless-containers/slirp4netns/issues/227Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>

Enable forwarding ICMP errors

See merge request !49

udp, udp6, icmp: handle TTL value

See merge request !48

slirp: check pkt_len before reading protocol header

See merge request !57

While processing ARP/NCSI packets in 'arp_input' or 'ncsi_input'
routines, ensure that pkt_len is large enough to accommodate the
respective protocol headers, lest it should do an OOB access.
Add check to avoid it.

CVE-2020-29129 CVE-2020-29130
  QEMU: slirp: out-of-bounds access while processing ARP/NCSI packets
 -> https://www.openwall.com/lists/oss-security/2020/11/27/1Reported-by: Qiuhao Li <Qiuhao.Li@outlook.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Message-Id: <20201126135706.273950-1-ppandit@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>

Remove the QEMU-special make build-system

See merge request !56