On 2019/5/15 下午9:35, Paolo Bonzini wrote:
On 15/05/19 08:34, Markus Armbruster wrote:
qemu-bridge-helper should have a manual page, and its handling of errors
in ACL include files needs work. There's probably more; I just glanced
at it. I'm not volunteering, though. It lacks a maintainer. Should we
add it to Jason's "Network device backends"?
Yes.
-netdev's helper parameter is seriously underdocumented. Document or
deprecate?
I believe management should only use fd parameter of TAP. If we have
other, it should be a duplication. So I suggest to deprecate the
bridge helper and -netdev bridge.
Objections, anyone?
Yes, your honor. :) The helper is the only way for unprivileged users
to set up TAP networking, which is basically the only really way to have
*working* network. It's widely used in the wild, it's self-contained
and the only alternative for users is the S-word (hint, it's five
letters long and ends with LIRP).
The issue is it can't deal with e.g vhost-net and multiqueue. We can
have a simple privileged launcher to do network configuration and pass
the fds to unprivileged qemu.
Thanks
However, I have no problem with deprecating the helper argument of
"-netdev tap", which is a useless duplication with "-netdev bridge".
Paolo
