History | View | Annotate | Download (11.1 kB)
qemu-bridge-helper: force usage of a very high MAC address for the bridge
Linux uses the lowest enslaved MAC address as the MAC address ofthe bridge. Set MAC address to a high value so that it does notaffect the MAC address of the bridge.
Changing the MAC address of the bridge could cause a few seconds...
misc: move include files to include/qemu/
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
net: Add interface to bridge when SIOCBRADDIF isn't available
The bridge helper uses the SIOCBRADDIF ioctl to add an inteface toa bridge. SIOCBRADDIF is not available on old Linux versions. Thispatch adds support to use the SIOCDEVPRIVATE ioctl with BRCTL_ADD_IF...
Add access control support to qemu bridge helper
We go to great lengths to restrict ourselves to just cap_net_admin as an OSenforced security mechanism. However, we further restrict what we allow usersto do to simply adding a tap device to a bridge interface by virtue of the fact...
Add cap reduction support to enable use as SUID
The ideal way to use qemu-bridge-helper is to give it an fscap of using:
setcap cap_net_admin=ep qemu-bridge-helper
Unfortunately, most distros still do not have a mechanism to package fileswith fscaps applied. This means they'll have to SUID the qemu-bridge-helper...
Add basic version of bridge helper
This patch adds a helper that can be used to create a tap device attached toa bridge device. Since this helper is minimal in what it does, it can begiven CAP_NET_ADMIN which allows qemu to avoid running as root while still...