From nobody Mon Oct 27 12:48:13 2025
X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4cwCwZ1Blrz6DXyZ;
	Mon, 27 Oct 2025 12:48:14 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R12" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4cwCwZ0fwbz3M85;
	Mon, 27 Oct 2025 12:48:14 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1761569294;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=WKMnlFH/0oyEtAsyK10WHfwYsJd04zaEBIHLUS012Dc=;
	b=aw63yYuMPyWMaSmvmva5PrDu1I5b9QBFdzrDKeUyZdGmuZg+t2MXJ8m3prn7qxvDdZ4+Eb
	T2RIzMNt+e/QnVphq+thGOw2L1CplgEXjurIW58/xHtttYHYhIUCifHpB/PaMPP93SMlRv
	FXRlFaYiiLRDnfqDxBGvVK7h0TOn51wWZmzvH1WgKHS8ZX2rNHR7ltn+DvL4yXd7lLVr3B
	MjPZlByK4iwaPfVrC03rFoMe099l8AO0BW34a0GoHw6NPpyDSkbuSbks1hCzW6nm7RqXvg
	UfAWuf+YggcNxaFjzOU0Od0IDe9QLebfxvXOjs5R7yLG/krIhuOM+8ta/mNwbA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1761569294;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=WKMnlFH/0oyEtAsyK10WHfwYsJd04zaEBIHLUS012Dc=;
	b=LkvOoMBnjUuc1YFLEAS1Sa08loXPcWYI8Npae4mRd/swvzqEsgKZTGmEeQSLLrl8JoyACh
	PmrvhNwbcAGFonhjT1CftZpi/fZw9V5tGHtZeNTFGWgHKfcOiOsE8RO8ciV7/uHK1rOC5A
	i8WFevQGLbQFMWTVEFLfIkTh65hfGNPBGzSjnBC/m247y+N5QXSN7YCxOAlfhvhdxBeEID
	CbPhcL78wD+kSmviuY7FttBIDSMBqFPmH3aCYHmnZ05aMv2rIVhk+S9dqK3Xq0oS04TMgO
	cSYjFawMQMuHFcUDRtJKkme+n4dPRS/D35p8ORvXrAvYMZUiZ+86yp/5gcTzcw==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1761569294; a=rsa-sha256; cv=none;
	b=Aav/SUZFxgozxMf3dRrjTwP8KlroJ5SNudqZG7TB/MYQXu8y1MfiBgRxqNReG38s5wa0+/
	IY6GihRZKmoiPHuQKei7ohvGXl63Q646bUMarxK7DQJNm5EZE/ak06InPys+cdJKtlRiwe
	qn1EJsCH03TzBWHkR7HjFpMeLYi7APJX3ox1KYFQv4ibAVBhCHjorKqVDk+M0wzP2u6jS6
	hi+mjlyJzf68cTCX56v/a+ykYRsZje+v8bSdGpVoxFuCtMYUpPPjrxeJQqLlyoQ8a0CRHg
	msv8BoFn2KYhV9tkkBBBHVKJVpqE2qhEsgMwSxLGxWSKlFtZr1QzVJOuexa5+A==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4cwCwZ0D5Sz1JWH;
	Mon, 27 Oct 2025 12:48:14 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 59RCmDJc054334;
	Mon, 27 Oct 2025 12:48:13 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 59RCmDUj054331;
	Mon, 27 Oct 2025 12:48:13 GMT
	(envelope-from git)
Date: Mon, 27 Oct 2025 12:48:13 GMT
Message-Id: <202510271248.59RCmDUj054331@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-main@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: 1aad95345237 - main - bhyve: add support for ng_device
  network backend
List-Id: Commit messages for all branches of the src repository <dev-commits-src-all.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all
List-Help: <mailto:dev-commits-src-all+help@freebsd.org>
List-Post: <mailto:dev-commits-src-all@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-all+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-all+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-all@freebsd.org
Sender: owner-dev-commits-src-all@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: 1aad95345237424918e5f6b18464df4dbc2aa1d8
Auto-Submitted: auto-generated

The branch main has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=1aad95345237424918e5f6b18464df4dbc2aa1d8

commit 1aad95345237424918e5f6b18464df4dbc2aa1d8
Author:     Quentin Thébault <quentin.thebault@defenso.fr>
AuthorDate: 2025-09-12 08:39:55 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2025-10-27 12:46:47 +0000

    bhyve: add support for ng_device network backend
    
    Signed-off-by: Quentin Thébault <quentin.thebault@defenso.fr>
    
    Reviewed by:    markj
    MFC after:      1 month
    Sponsored by:   Defenso
    Differential Revision:  https://reviews.freebsd.org/D52542
    Pull Request:   https://github.com/freebsd/freebsd-src/pull/1880
---
 usr.sbin/bhyve/bhyve.8        | 21 +++++++++++++++++++--
 usr.sbin/bhyve/net_backends.c | 19 ++++++++++++++++++-
 2 files changed, 37 insertions(+), 3 deletions(-)

diff --git a/usr.sbin/bhyve/bhyve.8 b/usr.sbin/bhyve/bhyve.8
index c902c265da9e..3df9f79c3b2c 100644
--- a/usr.sbin/bhyve/bhyve.8
+++ b/usr.sbin/bhyve/bhyve.8
@@ -22,7 +22,7 @@
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
 .\"
-.Dd August 21, 2024
+.Dd September 16, 2025
 .Dt BHYVE 8
 .Os
 .Sh NAME
@@ -518,6 +518,8 @@ considered unconnected.
 .Op Cm \&,mtu= Ar N
 .Xc
 .It
+.Cm ngd Ar N
+.It
 .Xo
 .Cm netgraph,path= Ar ADDRESS Cm \&,peerhook= Ar HOOK
 .Op Cm \&,socket= Ar NAME
@@ -542,6 +544,19 @@ The MAC address is an ASCII string in
 .Xr ethers 5
 format.
 .Pp
+A
+.Cm ngd
+device can be used to connect a guest to a
+.Xr netgraph 4
+through a
+.Xr ng_device 4
+node.
+This can be used to run bhyve in a
+.Xr VNET 9
+jail, and give it access to the host's netgraph, that cannot be reached
+directly, by exposing the ng_device through
+.Xr devfs 8 .
+.Pp
 With
 .Cm virtio-net
 devices, the
@@ -572,7 +587,9 @@ must comply with
 .Xr netgraph 4
 addressing rules.
 .Pp
-The slirp backend can be used to provide a NATed network to the guest.
+The
+.Cm slirp
+backend can be used to provide a NATed network to the guest.
 This backend has poor performance but does not require any network
 configuration on the host system.
 It depends on the
diff --git a/usr.sbin/bhyve/net_backends.c b/usr.sbin/bhyve/net_backends.c
index 2d11c45f217a..95909d1f8ea2 100644
--- a/usr.sbin/bhyve/net_backends.c
+++ b/usr.sbin/bhyve/net_backends.c
@@ -119,7 +119,8 @@ tap_init(struct net_backend *be, const char *devname,
 		goto error;
 	}
 
-	if (ioctl(be->fd, VMIO_SIOCSIFFLAGS, up)) {
+	if (strncmp("ngd", be->prefix, 3) &&
+	    ioctl(be->fd, VMIO_SIOCSIFFLAGS, up)) {
 		EPRINTLN("tap device link up failed");
 		goto error;
 	}
@@ -273,8 +274,24 @@ static struct net_backend vmnet_backend = {
 	.set_cap = tap_set_cap,
 };
 
+/* A clone of the tap backend, with a different prefix. */
+static struct net_backend ngd_backend = {
+	.prefix = "ngd",
+	.priv_size = sizeof(struct tap_priv),
+	.init = tap_init,
+	.cleanup = tap_cleanup,
+	.send = tap_send,
+	.peek_recvlen = tap_peek_recvlen,
+	.recv = tap_recv,
+	.recv_enable = tap_recv_enable,
+	.recv_disable = tap_recv_disable,
+	.get_cap = tap_get_cap,
+	.set_cap = tap_set_cap,
+};
+
 DATA_SET(net_backend_set, tap_backend);
 DATA_SET(net_backend_set, vmnet_backend);
+DATA_SET(net_backend_set, ngd_backend);
 
 int
 netbe_legacy_config(nvlist_t *nvl, const char *opts)