On Fri, Feb 5, 2021 at 5:54 PM <phillip.en...@gmail.com> wrote:
>
> From: Phillip Tennen <phil...@axleos.com>
>
> This patch implements a new netdev device, reachable via -netdev
> vmnet-macos, that’s backed by macOS’s vmnet framework.
>
> The vmnet framework provides native bridging support, and its usage in
> this patch is intended as a replacement for attempts to use a tap device
> via the tuntaposx kernel extension. Notably, the tap/tuntaposx approach
> never would have worked in the first place, as QEMU interacts with the
> tap device via poll(), and macOS does not support polling device files.
>
> vmnet requires either a special entitlement, granted via a provisioning
> profile, or root access. Otherwise attempts to create the virtual
> interface will fail with a “generic error” status code. QEMU may not
> currently be signed with an entitlement granted in a provisioning
> profile, as this would necessitate pre-signed binary build distribution,
> rather than source-code distribution. As such, using this netdev
> currently requires that qemu be run with root access. I’ve opened a
> feedback report with Apple to allow the use of the relevant entitlement
> with this use case:
> https://openradar.appspot.com/radar?id=5007417364447232
>
> vmnet offers three operating modes, all of which are supported by this
> patch via the “mode=host|shared|bridge” option:
>
> * "Host" mode: Allows the vmnet interface to communicate with other
> * vmnet
> interfaces that are in host mode and also with the native host.
> * "Shared" mode: Allows traffic originating from the vmnet interface to
> reach the Internet through a NAT. The vmnet interface can also
> communicate with the native host.
> * "Bridged" mode: Bridges the vmnet interface with a physical network
> interface.
>
> Each of these modes also provide some extra configuration that’s
> supported by this patch:
>
> * "Bridged" mode: The user may specify the physical interface to bridge
> with. Defaults to en0.
> * "Host" mode / "Shared" mode: The user may specify the DHCP range and
> subnet. Allocated by vmnet if not provided.
>
> vmnet also offers some extra configuration options that are not
> supported by this patch:
>
> * Enable isolation from other VMs using vmnet
> * Port forwarding rules
> * Enabling TCP segmentation offload
> * Only applicable in "shared" mode: specifying the NAT IPv6 prefix
> * Only available in "host" mode: specifying the IP address for the VM
> within an isolated network
>
> Note that this patch requires macOS 10.15 as a minimum, as this is when
> bridging support was implemented in vmnet.framework.
>
> Signed-off-by: Phillip Tennen <phil...@axleos.com>
>
Hi Phillip,
Thank you very much for this patch. As you wrote it should apply from
10.15 upwards. I have no problem building on Big Sur, but Catalina
stumbles. See below. Latest Xcode installed, other requirements
installed through brew.
Thanks for looking into this,
Best,
Howard
[1181/2135] Compiling C object libcommon.fa.p/net_vmnet-macos.c.o
FAILED: libcommon.fa.p/net_vmnet-macos.c.o
cc -Ilibcommon.fa.p -I. -I.. -I../capstone/include/capstone
-I../dtc/libfdt -I../slirp -I../slirp/src -Iqapi -Itrace -Iui
-Iui/shader -I/usr/local/Cellar/libffi/3.3_2/include
-I/usr/local/Cellar/glib/2.66.6/include
-I/usr/local/Cellar/glib/2.66.6/include/glib-2.0
-I/usr/local/Cellar/glib/2.66.6/lib/glib-2.0/include
-I/usr/local/opt/gettext/include -I/usr/local/Cellar/pcre/8.44/include
-I/usr/local/Cellar/glib/2.66.6/include/gio-unix-2.0
-I/usr/local/Cellar/libusb/1.0.24/include/libusb-1.0
-I/usr/local/Cellar/pixman/0.40.0/include/pixman-1 -Xclang
-fcolor-diagnostics -pipe -Wall -Winvalid-pch -std=gnu99 -O2 -g
-iquote . -iquote /Users/hsp/src/qemu-master -iquote
/Users/hsp/src/qemu-master/include -iquote
/Users/hsp/src/qemu-master/disas/libvixl -iquote
/Users/hsp/src/qemu-master/tcg/i386 -iquote
/Users/hsp/src/qemu-master/accel/tcg -m64 -mcx16
-DOS_OBJECT_USE_OBJC=0 -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64
-D_LARGEFILE_SOURCE -Wstrict-prototypes -Wredundant-decls -Wundef
-Wwrite-strings -Wmissing-prototypes -fno-strict-aliasing -fno-common
-fwrapv -Wold-style-definition -Wtype-limits -Wformat-security
-Wformat-y2k -Winit-self -Wignored-qualifiers -Wempty-body
-Wnested-externs -Wendif-labels -Wexpansion-to-defined
-Wno-initializer-overrides -Wno-missing-include-dirs
-Wno-shift-negative-value -Wno-string-plus-int
-Wno-typedef-redefinition -Wno-tautological-type-limit-compare
-fstack-protector-strong -DSTRUCT_IOVEC_DEFINED -MD -MQ
libcommon.fa.p/net_vmnet-macos.c.o -MF
libcommon.fa.p/net_vmnet-macos.c.o.d -o
libcommon.fa.p/net_vmnet-macos.c.o -c ../net/vmnet-macos.c
../net/vmnet-macos.c:54:10: error: use of undeclared identifier
'VMNET_SHARING_SERVICE_BUSY'
case VMNET_SHARING_SERVICE_BUSY:
^
