From owner-freebsd-bugs@FreeBSD.ORG  Fri Mar 16 09:40:11 2007
Return-Path: <owner-freebsd-bugs@FreeBSD.ORG>
X-Original-To: freebsd-bugs@hub.freebsd.org
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 2451A16A401
	for <freebsd-bugs@hub.freebsd.org>;
	Fri, 16 Mar 2007 09:40:11 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org [69.147.83.40])
	by mx1.freebsd.org (Postfix) with ESMTP id 03E7913C4BA
	for <freebsd-bugs@hub.freebsd.org>;
	Fri, 16 Mar 2007 09:40:11 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id l2G9eAhH011389
	for <freebsd-bugs@freefall.freebsd.org>; Fri, 16 Mar 2007 09:40:10 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.13.4/8.13.4/Submit) id l2G9eAhI011388;
	Fri, 16 Mar 2007 09:40:10 GMT (envelope-from gnats)
Resent-Date: Fri, 16 Mar 2007 09:40:10 GMT
Resent-Message-Id: <200703160940.l2G9eAhI011388@freefall.freebsd.org>
Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer)
Resent-To: freebsd-bugs@FreeBSD.org
Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org,
	Frank Behrens <frank@pinky.sax.de>
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id E799516A406
	for <FreeBSD-gnats-submit@freebsd.org>;
	Fri, 16 Mar 2007 09:37:40 +0000 (UTC)
	(envelope-from frank@pinky.sax.de)
Received: from pinky.frank-behrens.de (pinky.frank-behrens.de [82.139.199.24])
	by mx1.freebsd.org (Postfix) with ESMTP id 421B713C45E
	for <FreeBSD-gnats-submit@freebsd.org>;
	Fri, 16 Mar 2007 09:37:40 +0000 (UTC)
	(envelope-from frank@pinky.sax.de)
Received: from moon.behrens (localhost [127.0.0.1])
	by pinky.frank-behrens.de (8.13.8/8.13.8) with ESMTP id l2G9bXVL048616
	for <FreeBSD-gnats-submit@freebsd.org>;
	Fri, 16 Mar 2007 10:37:38 +0100 (CET)
	(envelope-from frank@moon.behrens)
Received: (from frank@localhost)
	by moon.behrens (8.13.8/8.13.8/Submit) id l2G9bXHB048615;
	Fri, 16 Mar 2007 10:37:33 +0100 (CET) (envelope-from frank)
Message-Id: <200703160937.l2G9bXHB048615@moon.behrens>
Date: Fri, 16 Mar 2007 10:37:33 +0100 (CET)
From: Frank Behrens <frank@pinky.sax.de>
To: FreeBSD-gnats-submit@FreeBSD.org
X-Send-Pr-Version: 3.113
Cc: 
Subject: kern/110383: [patch] tap(4) should go UP if opened
X-BeenThere: freebsd-bugs@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bugs>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Help: <mailto:freebsd-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Mar 2007 09:40:11 -0000


>Number:         110383
>Category:       kern
>Synopsis:       [patch] tap(4) should go UP if opened
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Fri Mar 16 09:40:09 GMT 2007
>Closed-Date:
>Last-Modified:
>Originator:     Frank Behrens
>Release:        FreeBSD 6.2-STABLE-200703081613 i386
>Organization:
>Environment:
>Description:
The patch introduces a new sysctl "net.link.tap.user_open".
When it is non-zero the Ethernet interface will be enabled automatically 
(marked ``up'') when the control device is opened.

With that change (and previous cloning enhancements) it is possible to
setup tap(4)/if_bridge(4) interfaces by an administrator (or in the boot process)
und access them by non-root processes (e.q. qemu).

Rationale:
For transmitting packets via tap(4) device (at least) two conditions have to be met:
1. The control device must be opened by a process.
2. The ethernet interface must be UP.

For 1. we allow non-root processes the access, when
a) sysctl net.link.tap.user_open=1   AND
b) /dev/tapx has sufficient permissions

Without the patch we have no possibility to mark the interface as UP for the 
non-root process and the sysctl net.link.tap.user_open sounds a bit useless.

The patch is from Bruce M. Simpson, see
http://docs.freebsd.org/cgi/mid.cgi?45F7F405.4040607
and associated thread for discussion.

proposed MFC to RELENG_6 after: 2 weeks

>How-To-Repeat:
>Fix:

--- tapUPonOpen.patch begins here ---
--- sys/net/if_tap.c.orig	Fri Mar 16 09:17:05 2007
+++ sys/net/if_tap.c	Fri Mar 16 09:18:59 2007
@@ -150,6 +150,7 @@
 static struct mtx		tapmtx;
 static int			tapdebug = 0;        /* debug flag   */
 static int			tapuopen = 0;        /* allow user open() */	     
+static int			tapuponopen = 0;    /* IFF_UP on open() */
 static int			tapdclone = 1;	/* enable devfs cloning */
 static SLIST_HEAD(, tap_softc)	taphead;             /* first device */
 static struct clonedevs 	*tapclones;
@@ -163,6 +164,8 @@
     "Ethernet tunnel software network interface");
 SYSCTL_INT(_net_link_tap, OID_AUTO, user_open, CTLFLAG_RW, &tapuopen, 0,
 	"Allow user to open /dev/tap (based on node permissions)");
+SYSCTL_INT(_net_link_tap, OID_AUTO, up_on_open, CTLFLAG_RW, &tapuponopen, 0,
+	"Bring interface up when /dev/tap is opened");
 SYSCTL_INT(_net_link_tap, OID_AUTO, devfs_cloning, CTLFLAG_RW, &tapdclone, 0,
 	"Enably legacy devfs interface creation");
 SYSCTL_INT(_net_link_tap, OID_AUTO, debug, CTLFLAG_RW, &tapdebug, 0, "");
@@ -501,6 +504,8 @@
 	s = splimp();
 	ifp->if_drv_flags |= IFF_DRV_RUNNING;
 	ifp->if_drv_flags &= ~IFF_DRV_OACTIVE;
+	if (tapuponopen)
+		ifp->if_flags |= IFF_UP;
 	splx(s);
 
 	TAPDEBUG("%s is open. minor = %#x\n", ifp->if_xname, minor(dev));
--- share/man/man4/tap.4.orig	Thu Mar  8 19:06:35 2007
+++ share/man/man4/tap.4	Fri Mar 16 09:42:52 2007
@@ -1,7 +1,7 @@
 .\" $FreeBSD: src/share/man/man4/tap.4,v 1.17.2.1 2007/03/04 14:34:42 bms Exp $
 .\" Based on PR#2411
 .\"
-.Dd February 4, 2007
+.Dd March 16, 2007
 .Os
 .Dt TAP 4
 .Sh NAME
@@ -117,6 +117,13 @@
 variable
 .Va net.link.tap.user_open
 is non-zero.
+If 
+.Xr sysctl 8
+variable
+.Va net.link.tap.up_on_open
+is non-zero the Ethernet interface will be enabled automatically (marked
+.Dq up )
+when the control device is opened.
 A
 .Fn read
 call will return an error
--- tapUPonOpen.patch ends here ---

>Release-Note:
>Audit-Trail:
>Unformatted: