From nobody Sun Dec 14 20:19:24 2025 Received: from mail-pj1-f49.google.com (mail-pj1-f49.google.com [209.85.216.49]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 351C4233727; Tue, 17 Jun 2025 04:32:55 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.49 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1750134777; cv=none; b=RACEvoerbi//Tr7y8S9xJyyOxEwlOyTRBSd5jL62KL++/AgoO8olvcWwkHN6UCJnc9AGp5PVaE9nqwLeeeCV/SmT0FfllspC2e9XiOFWuB0erawwqtkFOpo3M6g7D0ENIomz3klT0rL1if5mic5utuSKHdA80t99X3XpcpWhKxk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1750134777; c=relaxed/simple; bh=M6kehEHY7OwsO30C3T5dyH4gOVxvswy/eOIw/pHWvGo=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=Z2vsOqC1xEHSniPNz6EKL6myMEzl52YSDqEP1LkhAQ0BRaRLRrm2MtCFkI3X02/loTNBWK7N/MVgDKNTp5UFs4d4kSxZ6wP/3AVsaA7ZOr2tRsIEPcpHh4fRJWnZsELOix/+Rk7KPdvcdKOc1DFFRr7hXpaeTMAixyIr+4sWF7o= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=Z7dZ2ezG; arc=none smtp.client-ip=209.85.216.49 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="Z7dZ2ezG" Received: by mail-pj1-f49.google.com with SMTP id 98e67ed59e1d1-311bd8ce7e4so4344295a91.3; Mon, 16 Jun 2025 21:32:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1750134774; x=1750739574; darn=vger.kernel.org; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:from:to:cc:subject:date:message-id :reply-to; bh=tK3AwFkrbSBAfvCtmqP3DGRgf/aabwLUhpvOzpe/4SQ=; b=Z7dZ2ezGSmd5xdUkbYVaMWoEWPba1c+5wzfc4h6gbckJUkEk126MVsuKdWjkMf+XrY BeuON+BFGeAh13joHO4MbijUEkVNQo576qGsoQWJQfrjRna2lykMIRIdRv3EHNMrOVOD qTPMvSBYVcEenROX5wzJaLT2OrT2GvgaEByjQQRa1+o4v7mr4xv1ukxymIWPHnFVxonN UbheS593CROHQaow7GTwnJF6kjG4YmWqMQFHs09zvXIp3oYmhdSQCosvDl2hnCu/G0Ae MLMpy/xmNnBPlXAz9lO6ACmrNMSDtEtnIkUkyPwPftf/k8la3BK1e0f6VGr7LoFlmcaD SHbQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1750134774; x=1750739574; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=tK3AwFkrbSBAfvCtmqP3DGRgf/aabwLUhpvOzpe/4SQ=; b=pEsE1K3YKuVSfwPQo56v8+CUejXzCE/eS7sEfPTPsDdzCobSbG00JfmVMDsIhl1LOK BBJTAsRNSbL7Ecw6ldu2KWBvzQoUfofGaWBX7wQq2zZKFATbXsNfslii0sSK/r5ZWrEe 53MIhK0nnB+Ri06NOikgqKWUs+eagIlCIIUXYcdqyXrhYBNdahqb99Fyufy5R2EKzKrL ioeCcM5+c0/ERXAke39ZaTLSe8dcc9btkK3ONBgbQeAsdAT9hvQEfGSqjXUeJsRDEJXv SfjbbpzaTWsSXkG/DkatLlNXPWsjN5ehvk7XtMXjBi01EQc/j7uuKw55L7v1WsNwdGHx 5WhQ== X-Forwarded-Encrypted: i=1; AJvYcCUmocU1XJymETsYq04Ujr82RN3xmSSamyhA8i0a7fA/7eKVot+YOppZpZ0FDZIbkD8KAYOyfb8G84CVQJ8tOR0V@vger.kernel.org, AJvYcCWwM/ikXSzvAfHhwfmDigzM7yzSSEVgRxYJd91Dt2pAXX3GpvOgSx1lsQ6WFx6IM+nfW8b2vPKc@vger.kernel.org, AJvYcCXtScnjdon6BvA8XYWT9S+EPsfYZQTa7Td+BVwKSvmx7O9i+ZBgHWGMXD0VWsaXxU1cskkZKdZfyujPw4E=@vger.kernel.org X-Gm-Message-State: AOJu0Yxbjz3lcpobFmYMacdUYZe02sYfrz75xFC3rT5RJiO/jRXWv2sQ Ix0PqMxCER4mXFQCeA1zAJJrKV398P5qHvKXmk/O/PMFBOhZF/+Wj/rzfS5VelNG X-Gm-Gg: ASbGncutY1OMkPN1fFkVZMVdoS6fSSY5O1EpueQW8GJwcFIaHsHHo2GuEvn6vyY45V3 Cr1ZrZPsuHDGunXheibcTk570n7/tVhPeFeUiDcwxNc8uIpwqBItZH0WB9tic81sf4HL8gLVpvN /1EnZSGIlgEe+R6ZQPLVkht9gs00fnmBxgKK5DRmz42EWVZEljEDQ9ieS45+U9An3+AkKYeGatM ptjnxHZOULPA9Y5Aov6rzyrW1v4+OpxhTdZCQrTCfCNKU8yYciIWx0iXuD3IA1otMwgy05QaR6N 1R2Qs3PoVdem4lNoz1Qfj60ETzEGhGiY59L6OLleF/L7N/P7HGbYYOgdiJM= X-Google-Smtp-Source: AGHT+IHSfb1B9OqWCmo1j9XP1ine02uUWCOqD7+7PRIocnf/lDDULUBftytAvdSsR4guD5nUqSLd4g== X-Received: by 2002:a17:90b:2745:b0:312:e9bd:5d37 with SMTP id 98e67ed59e1d1-313f1c7b54dmr16681132a91.6.1750134773541; Mon, 16 Jun 2025 21:32:53 -0700 (PDT) Received: from localhost ([2a03:2880:2ff:5::]) by smtp.gmail.com with ESMTPSA id 98e67ed59e1d1-313c1b5efa2sm9560585a91.41.2025.06.16.21.32.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 16 Jun 2025 21:32:52 -0700 (PDT) From: Bobby Eshleman Date: Mon, 16 Jun 2025 21:32:50 -0700 Subject: [PATCH RFC net-next v4 01/11] selftests/vsock: add NS tests to vmtest.sh Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20250616-vsock-vmtest-v4-1-bdd1659c33fb@meta.com> References: <20250616-vsock-vmtest-v4-0-bdd1659c33fb@meta.com> In-Reply-To: <20250616-vsock-vmtest-v4-0-bdd1659c33fb@meta.com> To: Stefano Garzarella , Stefan Hajnoczi , Shuah Khan Cc: kvm@vger.kernel.org, "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , linux-kernel@vger.kernel.org, virtualization@lists.linux.dev, netdev@vger.kernel.org, linux-kselftest@vger.kernel.org, Bobby Eshleman X-Mailer: b4 0.13.0 This patch has not been tested since rebasing onto upstream vmtest.sh. It is probably very broken, but here to show the direction the testing is going in... vsock_test uses tcp for the control socket. TCP itself responds to namespaces. In order to test vsock but not break TCP, vmtest.sh sets up a bridge with socat (perhaps ip tables would be better, because it can reduce an out-of-tree tool dependency). Another option is to not use vsock_test for the NS tests, but it seems more robust to test all of vsock instead of just (for example) connectibility... Signed-off-by: Bobby Eshleman --- tools/testing/selftests/vsock/vmtest.sh | 555 ++++++++++++++++++++++++++++= +--- 1 file changed, 510 insertions(+), 45 deletions(-) diff --git a/tools/testing/selftests/vsock/vmtest.sh b/tools/testing/selfte= sts/vsock/vmtest.sh index edacebfc1632..8f627f60cc11 100755 --- a/tools/testing/selftests/vsock/vmtest.sh +++ b/tools/testing/selftests/vsock/vmtest.sh @@ -7,6 +7,48 @@ # * virtme-ng # * busybox-static (used by virtme-ng) # * qemu (used by virtme-ng) +# +# Namespace tests require to test the functionality of VSOCK under differe= nt +# namespace configurations. Ideally, we can use vsock_test and friends und= er +# the different configurations to ensure that all functionality works +# regardless of namespace setup. vsock_test also requires TCP for its cont= rol +# plane, which is also impacted by namespacing. For this reason, these tes= ts +# build a bridge between the namespaces so that the TCP control traffic can +# flow between namespaces. The bridge setup looks as follows: +# +# +# | +# +------------------+ | +# | VM | | +# | | NS0 | NS1 +# | +------------+ | | +# | | | | --------+--------------------+ +# | | vsock_test | | | | +# | | | | <-------+-----------------+ | +# | +------------+ | | VSOCK_TEST_PORT| | +# | | | | | VSOCK +# +------------------+ | | | +# ^ | | | | +# CONTROL_PORT| | | | | +# | | | | | +# | | | | v +# | | | +------------+ +# | | TCP | | | +# | | | | vsock_test | +# | | | | | +# | | | +------------+ +# CONTROL_PORT | | | CONTROL_PORT ^ | +# | | | | | +# | v | CONTROL_PORT | v +# +-------+ | +-------+ +# | |veth0 | veth1| | +# | socat |<-------------+------------- | socat | +# | | -------------+------------> | | +# +-------+ | +-------+ +# NS_BRIDGE_PORT | NS_BRIDGE_PORT +# | + +set -u =20 readonly SCRIPT_DIR=3D"$(cd -P -- "$(dirname -- "${BASH_SOURCE[0]}")" && p= wd -P)" readonly KERNEL_CHECKOUT=3D$(realpath "${SCRIPT_DIR}"/../../../../) @@ -19,11 +61,11 @@ readonly TEST_HOST_PORT=3D50000 readonly TEST_HOST_PORT_LISTENER=3D50001 readonly SSH_GUEST_PORT=3D22 readonly SSH_HOST_PORT=3D2222 -readonly VSOCK_CID=3D1234 +readonly BRIDGE_PORT=3D5678 +readonly DEFAULT_CID=3D1234 readonly WAIT_PERIOD=3D3 readonly WAIT_PERIOD_MAX=3D60 -readonly WAIT_TOTAL=3D$(( WAIT_PERIOD * WAIT_PERIOD_MAX )) -readonly QEMU_PIDFILE=3D$(mktemp /tmp/qemu_vsock_vmtest_XXXX.pid) +WAIT_TOTAL=3D$(( WAIT_PERIOD * WAIT_PERIOD_MAX )) =20 # virtme-ng offers a netdev for ssh when using "--ssh", but we also need a # control port forwarded for vsock_test. Because virtme-ng doesn't support @@ -33,23 +75,48 @@ readonly QEMU_PIDFILE=3D$(mktemp /tmp/qemu_vsock_vmtest= _XXXX.pid) # add the kernel cmdline options that virtme-init uses to setup the interf= ace. readonly QEMU_TEST_PORT_FWD=3D"hostfwd=3Dtcp::${TEST_HOST_PORT}-:${TEST_GU= EST_PORT}" readonly QEMU_SSH_PORT_FWD=3D"hostfwd=3Dtcp::${SSH_HOST_PORT}-:${SSH_GUEST= _PORT}" -readonly QEMU_OPTS=3D"\ +readonly LOG=3D$(mktemp /tmp/vsock_vmtest_XXXX.log) +readonly TEST_NAMES=3D(vm_server_host_client vm_client_host_server vm_loop= back) +QEMU_OPTS=3D"\ -netdev user,id=3Dn0,${QEMU_TEST_PORT_FWD},${QEMU_SSH_PORT_FWD} \ -device virtio-net-pci,netdev=3Dn0 \ - -device vhost-vsock-pci,guest-cid=3D${VSOCK_CID} \ - --pidfile ${QEMU_PIDFILE} \ " readonly KERNEL_CMDLINE=3D"\ virtme.dhcp net.ifnames=3D0 biosdevname=3D0 \ virtme.ssh virtme_ssh_channel=3Dtcp virtme_ssh_user=3D$USER \ " readonly LOG=3D$(mktemp /tmp/vsock_vmtest_XXXX.log) -readonly TEST_NAMES=3D(vm_server_host_client vm_client_host_server vm_loop= back) +readonly TEST_NAMES=3D( + vm_server_host_client + vm_client_host_server + vm_loopback + host_vsock_ns_mode + host_vsock_ns_mode_write_once + global_same_cid + local_same_cid + global_local_same_cid + local_global_same_cid + global_host_connect_global_vm + global_vm_connect_global_host + global_vm_connect_mixed_host +) + readonly TEST_DESCS=3D( "Run vsock_test in server mode on the VM and in client mode on the host." "Run vsock_test in client mode on the VM and in server mode on the host." "Run vsock_test using the loopback transport in the VM." + "Check /proc/net/vsock_ns_mode strings on the host." + "Check /proc/net/vsock_ns_mode is write-once on the host." + "Test that CID allocation fails with the same CID, one global NS and anot= her global NS." + "Test that CID allocation succeeds with the same CID, one local NS and an= other local NS." + "Test that CID allocation succeeds with the same CID, one global NS and o= ne local NS, global allocates first." + "Test that CID allocation succeeds with the same CID, one global NS and o= ne local NS, local allocates first." ) +readonly NEEDS_SETUP=3D(vm_server_host_client vm_client_host_server vm_loo= pback) +readonly MODES=3D("local" "global" "mixed") +readonly PIDFILE_TEMPLATE=3D"/tmp/qemu_vsock_vmtest_XXXX.pid" + +declare -a PIDFILES =20 VERBOSE=3D0 =20 @@ -84,21 +151,40 @@ die() { exit "${KSFT_FAIL}" } =20 +cleanup() { + terminate_pidfiles ${PIDFILES[@]} + del_namespaces +} + vm_ssh() { ssh -q -o UserKnownHostsFile=3D/dev/null -p ${SSH_HOST_PORT} localhost "$= @" return $? } =20 -cleanup() { - if [[ -s "${QEMU_PIDFILE}" ]]; then - pkill -SIGTERM -F "${QEMU_PIDFILE}" > /dev/null 2>&1 - fi +vm_ssh_ns() { + local ns=3D"${1}" + local NS_EXEC=3D"ip netns exec ${ns}" + shift =20 - # If failure occurred during or before qemu start up, then we need - # to clean this up ourselves. - if [[ -e "${QEMU_PIDFILE}" ]]; then - rm "${QEMU_PIDFILE}" - fi + ${NS_EXEC} ssh -q -o UserKnownHostsFile=3D/dev/null -p ${SSH_HOST_PORT} l= ocalhost $* + + return $? +} + +terminate_pidfiles() { + local pidfile + + for pidfile in $@; do + if [[ -s "${pidfile}" ]]; then + pkill -SIGTERM -F ${pidfile} 2>&1 > /dev/null + fi + + # If failure occurred during or before qemu start up, then we need + # to clean this up ourselves. + if [[ -e "${pidfile}" ]]; then + rm "${pidfile}" + fi + done } =20 check_args() { @@ -189,7 +275,13 @@ handle_build() { } =20 vm_start() { + local cid=3D$1 + local ns=3D$2 + local verify_boot=3D${3:-1} + local pidfile=3D${4:-} + local logfile=3D/dev/null + local qemu_opts=3D"" local verbose_opt=3D"" local kernel_opt=3D"" local qemu @@ -201,35 +293,53 @@ vm_start() { logfile=3D/dev/stdout fi =20 + qemu_opts=3D"\ + ${QEMU_OPTS} -device vhost-vsock-pci,guest-cid=3D${cid} \ + --pidfile ${pidfile} + " + if [[ "${BUILD}" -eq 1 ]]; then kernel_opt=3D"${KERNEL_CHECKOUT}" fi =20 - vng \ + if [[ ! -z "${ns}" ]]; then + NS_EXEC=3D"ip netns exec ${ns}" + fi + + if [[ -z "${pidfile}" ]]; then + pidfile=3D$(mktemp $PIDFILE_TEMPLATE) + PIDFILES+=3D("${pidfile}") + fi + + ${NS_EXEC} vng \ --run \ ${kernel_opt} \ ${verbose_opt} \ - --qemu-opts=3D"${QEMU_OPTS}" \ + --qemu-opts=3D"${qemu_opts}" \ --qemu=3D"${qemu}" \ --user root \ --append "${KERNEL_CMDLINE}" \ --rw &> ${logfile} & =20 - if ! timeout ${WAIT_TOTAL} \ - bash -c 'while [[ ! -s '"${QEMU_PIDFILE}"' ]]; do sleep 1; done; exit 0'= ; then - die "failed to boot VM" - fi + timeout ${WAIT_TOTAL} \ + bash -c 'while [[ ! -s '"${pidfile}"' ]]; do sleep 1; done; exit 0' } =20 vm_wait_for_ssh() { + local ns=3D"${1}" local i =20 i=3D0 - while true; do + while [[ true ]]; do if [[ ${i} -gt ${WAIT_PERIOD_MAX} ]]; then die "Timed out waiting for guest ssh" fi - if vm_ssh -- true; then + if [[ ! -z "${ns}" ]]; then + vm_ssh_ns "${ns}" -- true + else + vm_ssh -- true + fi + if [[ $? -eq 0 ]]; then break fi i=3D$(( i + 1 )) @@ -262,8 +372,9 @@ wait_for_listener() =20 vm_wait_for_listener() { local port=3D$1 + local host_ns=3D$2 =20 - vm_ssh <&1 | log_host "${testname}" =20 return $? @@ -343,7 +465,7 @@ test_vm_client_host_server() { ${VSOCK_TEST} \ --mode "server" \ --control-port "${TEST_HOST_PORT_LISTENER}" \ - --peer-cid "${VSOCK_CID}" 2>&1 | log_host "${testname}" & + --peer-cid "${DEFAULT_CID}" 2>&1 | log_host "${testname}" & =20 host_wait_for_listener =20 @@ -376,6 +498,309 @@ test_vm_loopback() { return $? } =20 +add_namespaces() { + local init=3D${1:-0} + + for mode in "${MODES[@]}"; do + if ! ip netns add "${mode}"; then + return ${KSFT_FAIL} + fi + + # e.g., global-2, local-2, mixed-2 + if ! ip netns add "${mode}-2"; then + return ${KSFT_FAIL} + fi + + if [[ ${init} -eq 1 ]]; then + ns_set_mode "${mode}" "${mode}" + ns_set_mode "${mode}-2" "${mode}" + + # we need lo for qemu port forwarding + ip netns exec "${mode}" ip link set dev lo up + ip netns exec "${mode}-2" ip link set dev lo up + fi + done + return 0 +} + +del_namespaces() { + for mode in "${MODES[@]}"; do + ip netns del "${mode}" + ip netns del "${mode}-2" + done &>/dev/null +} + +ns_set_mode() { + local ns=3D$1 + local mode=3D$2 + + echo "${mode}" \ + | ip netns exec "${ns}" \ + tee /proc/net/vsock_ns_mode &>/dev/null +} + +setup_bridge() { + local ns0 + local ns1 + local addr1 + + ns0=3D$1 + ns1=3D$2 + + ip link add veth0 type veth peer name veth1 + ip link set veth0 netns "${ns0}" + ip link set veth1 netns "${ns1}" + ip netns exec "${ns0}" ip addr add 10.0.0.1/24 dev veth0 + ip netns exec "${ns1}" ip addr add 10.0.0.2/24 dev veth1 + ip netns exec "${ns0}" ip link set veth0 up + ip netns exec "${ns1}" ip link set veth1 up +} + +teardown_bridge() { + local ns0=3D"${1}" + + # veth1 is implicitly destroyed with veth0 + ip netns exec "${ns0}" ip link delete veth0 +} + +test_host_vsock_ns_mode() { + if ! add_namespaces; then + return ${KSFT_FAIL} + fi + + for mode in "${MODES[@]}"; do + if ! ns_set_mode "${mode}" "${mode}"; then + del_namespaces + return ${KSFT_FAIL} + fi + done + + if ! del_namespaces; then + return ${KSFT_FAIL} + fi +} + +test_host_vsock_ns_mode_write_once() { + if ! add_namespaces; then + return ${KSFT_FAIL} + fi + + for mode in "${MODES[@]}"; do + if ! ns_set_mode "${mode}" "${mode}"; then + del_namespaces + return ${KSFT_FAIL} + fi + + # try setting back to global, should fail + if ns_set_mode "${mode}" "global"; then + del_namespaces + return ${KSFT_FAIL} + fi + done + + if ! del_namespaces; then + return ${KSFT_FAIL} + fi +} + +namespaces_can_boot_same_cid() { + local ns1=3D$1 + local ns2=3D$2 + local cid=3D20 + local pidfile1 + local pidfile2 + local msg + + if ! add_namespaces 1; then + return 1 + fi + + if [[ ${VERBOSE} -gt 0 ]]; then + echo "booting vm 1" | tap_prefix + fi + + pidfile1=3D$(mktemp $PIDFILE_TEMPLATE) + PIDFILES+=3D("${pidfile1}") + vm_start ${cid} ${ns1} ${pidfile1} + + if [[ ${VERBOSE} -gt 0 ]]; then + echo "booting vm 2" | tap_prefix + fi + + pidfile2=3D$(mktemp $PIDFILE_TEMPLATE) + PIDFILES+=3D("${pidfile2}") + WAIT_TOTAL=3D30 vm_start ${cid} ${ns2} ${pidfile2} + + rc=3D$? + if [[ $rc -eq 0 ]]; then + msg=3D"successfully booted" + rc=3D0 + else + msg=3D"failed to boot" + rc=3D1 + fi + + if [[ ${VERBOSE} -gt 0 ]]; then + echo "vm 2 ${msg}" | tap_prefix + fi + if ! del_namespaces; then + echo "failed to delete namespaces" | tap_prefix + fi + + terminate_pidfiles ${pidfile1} ${pidfile2} + return $rc +} + +test_global_same_cid() { + if namespaces_can_boot_same_cid "global" "global-2"; then + return $KSFT_FAIL + fi + + return $KSFT_PASS +} + +test_local_global_same_cid() { + if namespaces_can_boot_same_cid "local" "global"; then + return $KSFT_PASS + fi + + return $KSFT_FAIL +} + +test_global_local_same_cid() { + if namespaces_can_boot_same_cid "global" "local"; then + return $KSFT_PASS + fi + + return $KSFT_FAIL +} + +test_local_same_cid() { + if namespaces_can_boot_same_cid "local" "local"; then + return $KSFT_FAIL + fi + + return $KSFT_PASS +} + +test_global_host_connect_global_vm() { + local testname=3D"${FUNCNAME[0]#test_}" + local cid=3D${DEFAULT_CID} + local port=3D1234 + local host_ns=3D"global" + local host_ns2=3D"global-2" + + add_namespaces 1 + setup_bridge "${host_ns}" "${host_ns2}" + + # Start server in VM in namespace + if ! vm_start ${cid} "${host_ns}"; then + teardown_bridge "${host_ns}" + return $KSFT_FAIL + fi + + vm_ssh_ns "${host_ns}" \ + -- "${VSOCK_TEST}" \ + --mode=3Dserver \ + --control-port=3D"${TEST_GUEST_PORT}" \ + --peer-cid=3D2 \ + 2>&1 | log_guest "${testname}" & + vm_wait_for_listener ${TEST_GUEST_PORT} "${host_ns}" + + # Setup NS-to-NS "bridge"=20 + ip netns exec "${host_ns}" socat TCP-LISTEN:${BRIDGE_PORT},fork \ + TCP-CONNECT:localhost:${TEST_HOST_PORT} & + host_ns_wait_for_listener "${host_ns}" "${BRIDGE_PORT}" + + ip netns exec "${host_ns2}" \ + socat TCP:10.0.0.1:${BRIDGE_PORT} TCP-LISTEN:${TEST_HOST_PORT},fork & + host_ns_wait_for_listener "${host_ns2}" "${TEST_HOST_PORT}" + + # Start client in other namespace + ip netns exec "${host_ns2}" ${VSOCK_TEST} \ + --mode=3Dclient \ + --control-host=3D127.0.0.1 \ + --peer-cid=3D"${cid}" \ + --control-port=3D"${TEST_HOST_PORT}" 2>&1 | log_host "${testname}" + rc=3D$? + + if [[ ! $rc -eq 0 ]]; then + return $KSFT_FAIL + fi + + del_namespaces + + return $KSFT_PASS +} + +do_ns_vm_client_host_server_test() { + local testname=3D"$1" + local host_ns=3D"$2" + local host_ns2=3D"$3" + local cid=3D${DEFAULT_CID} + + # must not be same as qemu hostfwd port + local port=3D12345 + + add_namespaces 1 + setup_bridge "${host_ns}" "${host_ns2}" + + if ! vm_start ${cid} "${host_ns}"; then + teardown_bridge "${host_ns}" + return $KSFT_FAIL + fi + + ip netns exec "${host_ns2}" ${VSOCK_TEST} \ + --mode=3Dserver \ + --peer-cid=3D"${cid}" \ + --control-port=3D"${port}" 2>&1 | log_host "${testname}" & + + host_ns_wait_for_listener "${host_ns2}" "${port}" + + ip netns exec "${host_ns2}" \ + socat TCP-LISTEN:${BRIDGE_PORT},bind=3D10.0.0.2,fork \ + TCP:localhost:${port} & + + host_ns_wait_for_listener "${host_ns2}" "${BRIDGE_PORT}" + + ip netns exec "${host_ns}" socat TCP-LISTEN:${port},fork \ + TCP-CONNECT:10.0.0.2:${BRIDGE_PORT} & + + host_ns_wait_for_listener "${host_ns}" "${port}" + + vm_ssh_ns "${host_ns}" \ + -- "${VSOCK_TEST}" \ + --mode=3Dclient \ + --control-host=3D10.0.2.2 \ + --control-port=3D"${port}" \ + --peer-cid=3D2 \ + 2>&1 | log_guest "${testname}" + + if [[ ! $? -eq 0 ]]; then + return $KSFT_FAIL + fi + + del_namespaces + + return $KSFT_PASS +} + +test_global_vm_connect_global_host() { + local testname=3D"${FUNCNAME[0]#test_}" + local host_ns=3D"global" + local host_ns2=3D"global-2" + + do_ns_vm_client_host_server_test ${testname} ${host_ns} ${host_ns2} +} + +test_global_vm_connect_mixed_host() { + local testname=3D"${FUNCNAME[0]#test_}" + local host_ns=3D"global" + local host_ns2=3D"mixed" + + do_ns_vm_client_host_server_test ${testname} ${host_ns} ${host_ns2} +} + run_test() { local host_oops_cnt_before local host_warn_cnt_before @@ -421,7 +846,40 @@ run_test() { rc=3D$KSFT_FAIL fi =20 - return "${rc}" + check_result "${rc}" +} + +needs_setup() { + local tname + + tname=3D"$1" + + for testname in ${NEEDS_SETUP[@]}; do + if [[ "${tname}" =3D=3D "${testname}" ]]; then + return 1 + fi + done + + return 0 +} + +check_result() { + local rc + + rc=3D$1 + + if [[ ${rc} -eq $KSFT_PASS ]]; then + cnt_pass=3D$(( cnt_pass + 1 )) + echo "ok ${cnt_total} ${arg}" + elif [[ ${rc} -eq $KSFT_SKIP ]]; then + cnt_skip=3D$(( cnt_skip + 1 )) + echo "ok ${cnt_total} ${arg} # SKIP" + elif [[ ${rc} -eq $KSFT_FAIL ]]; then + cnt_fail=3D$(( cnt_fail + 1 )) + echo "not ok ${cnt_total} ${arg} # exit=3D$rc" + fi + + cnt_total=3D$(( cnt_total + 1 )) } =20 QEMU=3D"qemu-system-$(uname -m)" @@ -452,29 +910,36 @@ handle_build =20 echo "1..${#ARGS[@]}" =20 -log_setup "Booting up VM" -vm_start -vm_wait_for_ssh -log_setup "VM booted up" - cnt_pass=3D0 cnt_fail=3D0 cnt_skip=3D0 cnt_total=3D0 +setup_done=3D0 + +pidfile=3D"" +for arg in ${ARGS[@]}; do + if needs_setup "${arg}"; then + if [[ -z "${pidfile}" ]]; then + pidfile=3D$(mktemp $PIDFILE_TEMPLATE) + log_setup "Booting up VM" + vm_start "${DEFAULT_CID}" "" "${pidfile}" + vm_wait_for_ssh + log_setup "VM booted up" + fi + + run_test "${arg}" + fi +done + +if [[ ! -z "${pidfile}" ]]; then + log_setup "VM terminate" + terminate_pidfiles "${pidfile}" +fi + for arg in "${ARGS[@]}"; do - run_test "${arg}" - rc=3D$? - if [[ ${rc} -eq $KSFT_PASS ]]; then - cnt_pass=3D$(( cnt_pass + 1 )) - echo "ok ${cnt_total} ${arg}" - elif [[ ${rc} -eq $KSFT_SKIP ]]; then - cnt_skip=3D$(( cnt_skip + 1 )) - echo "ok ${cnt_total} ${arg} # SKIP" - elif [[ ${rc} -eq $KSFT_FAIL ]]; then - cnt_fail=3D$(( cnt_fail + 1 )) - echo "not ok ${cnt_total} ${arg} # exit=3D$rc" + if ! needs_setup "${arg}"; then + run_test "${arg}" fi - cnt_total=3D$(( cnt_total + 1 )) done =20 echo "SUMMARY: PASS=3D${cnt_pass} SKIP=3D${cnt_skip} FAIL=3D${cnt_fail}" --=20 2.47.1 From nobody Sun Dec 14 20:19:24 2025 Received: from mail-pl1-f181.google.com (mail-pl1-f181.google.com [209.85.214.181]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AE27A23B618; Tue, 17 Jun 2025 04:32:56 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.181 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1750134778; cv=none; b=f8wEC9sAkcqP2J0B0wqQ1GaQoPRDDvy84ZJ4/Shta+N0LKZxBBOapuuQtwQKQNqAYwXVjvDjZZpLOx30rdLWuAvoKU6FXkGcl2iqitlyCMHnBtYbwxRZBNRRd8erBw8/az9NoeDP7tvyLclYtoSFI9Pigq8VBCwLJtdZEmj17F8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1750134778; c=relaxed/simple; bh=XMTDR15bVq1YCZLijwAIRIhb0QtK2FVowursT7gd180=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=CTgjYLLZ36VOJFSfnMKMdJk0CpH/rNK7Y5Tbi6o/ffvK1k6LbOW+ZHmfc5J/bfm4AKyKGSX0gT65WSP21y2qOFmPkHbcxZCa1l1T7Z8r3lxmijdsUmTWgsYCxgU5T5/0UG/V+L4UeX3d+/r0ue0LyHVA/8LXJul60WTUuL3vdFk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=Uq9jUamM; arc=none smtp.client-ip=209.85.214.181 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="Uq9jUamM" Received: by mail-pl1-f181.google.com with SMTP id d9443c01a7336-234c5b57557so49830925ad.3; Mon, 16 Jun 2025 21:32:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1750134775; x=1750739575; darn=vger.kernel.org; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:from:to:cc:subject:date:message-id :reply-to; bh=n7GRFjLCtYMBnTd1HWFkFToBtNX7DzGE0tByfQl3zSM=; b=Uq9jUamMGvhRPIjGl/e5Rb6t52mYBqHhP9umumaf0O/fm0F+ZCiTclYWnGY3nZ87Ku YFXbTLc9GRXkjQYtBoN6qr2pLgDJwSBnuCfXXLUwEf4S4oMmx9JsVDh/z1OKJE9pvsWt PnAzCGrBOheiR6JMaIyDWqwf4fAhwA1UcAUMLTIs8sbiMytrVCiaKldtbwv2Q/VVnyTO 0nYbLGHo4eApeC/D9pGlKQ8Hr/bcN8ziaKCgcjy4eVJLjm24wm34zla57HVOLlMqp/Lz N5VBOYTf726BXbhDrlQjRPMZyDHVuy/xdagKBUfgsD4hJFMrW6CJNU/efTEpIdEKgSqF Vurg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1750134775; x=1750739575; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=n7GRFjLCtYMBnTd1HWFkFToBtNX7DzGE0tByfQl3zSM=; b=lLWEr9rkCanTyiciJ99gV2e0SL/+bzDTtGjR4yAkuZe+HFoE81uAsLZ+JFvtmRRmPN vAg1cx6P6DiepHQQXQdUYAlpP3kE1KSAN8c6jjvw4huQ1VPtURcf2ECu68dIqHzFUJGi 5bXhk5ELLh497h9WjZ93ydPEmQwtD1u5qv9bYfLPNv4skrzx4D0X4AFR0MitvY8tor8U SuGxvExNMLWZRKthrHfzeyOxYWtsX6Qi25xcRXzh7s8AmybKSAIkddQTMShogz1T7z/o HgFtNFxiPcDuZEbywRltz0BOgAcKkRUqa06JDpqwI/xjLSWzhoDD6DGzopLWwCfM5Deq jfmw== X-Forwarded-Encrypted: i=1; AJvYcCWEzktHeX9/HW8MShql2QeUagkZuTSZawpCT56XOCDwfYkwfnMtiISXzqWPxPKIhdU5odWghIS7B0n7UUBuPkvA@vger.kernel.org, AJvYcCWJSA6WM7rgIgKvtwEqApOmMLDLqv7ICl4ZO4lnevdly+rvb/YEVSb3l/9c7Cp1dln19Uo3jk1o@vger.kernel.org, AJvYcCWyIpZWimsOi9hXD7ZJfbkOoAbCalE6E52ZWzQI+bJwl1Y9iuVxe0NvuyVHhrmywTiZq6/vODJD2lXO9H4=@vger.kernel.org X-Gm-Message-State: AOJu0Ywqp5NMnuWRFp09qXCXkyozWz68VE8AdYMUNFpzjIWr3qrJ7tmv NuMZFUfVUAfzbt1TaKAHhHM5wFs8s3GahRkmHUvfk7Up/Kp/CPSgyZkOoFhdRmgh X-Gm-Gg: ASbGncudj/mbqPyjGgMm6m3tqccQLlUQsYHqFbrXzMcM2swgnQUid5WC4Rlakjhotx0 SugjL7/1UpTopGo91qLT+03r74H6GwAMCB06OSlozVTbVQyRheL87B7l7zT0NjnvXu2V5ih6v5s Yhn35uDId2CMotJcNfceRueugCH/57oSXw0upjfbJm3Xc8mfCPP4euIw89jueWg9s7PrR+FyXGu etcZ3iOOKj00mHR5ndSi50X6ijl1X5K9+6BZjgAEfc3NWPfHevSGy5fdxP+Gxy0KutTD6PjHIzN 5qtD4FJ7PN9FujncdYzeggGoUwhcItO4O7YmB2YHTSQtKpZ7IZLcXxURk4o= X-Google-Smtp-Source: AGHT+IF23dOLSSVd/bkPFQcDWGiYXTfx0Wmn0PL/ratRnnqT9FQS95X0J9Qb/FnCqL00zJlKlQ2idQ== X-Received: by 2002:a17:90b:3fcd:b0:312:e445:fdd9 with SMTP id 98e67ed59e1d1-313f1cc51demr19790632a91.10.1750134775296; Mon, 16 Jun 2025 21:32:55 -0700 (PDT) Received: from localhost ([2a03:2880:2ff:9::]) by smtp.gmail.com with ESMTPSA id 98e67ed59e1d1-313c19b826asm9622012a91.3.2025.06.16.21.32.54 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 16 Jun 2025 21:32:54 -0700 (PDT) From: Bobby Eshleman Date: Mon, 16 Jun 2025 21:32:51 -0700 Subject: [PATCH RFC net-next v4 02/11] vsock: a per-net vsock NS mode state Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20250616-vsock-vmtest-v4-2-bdd1659c33fb@meta.com> References: <20250616-vsock-vmtest-v4-0-bdd1659c33fb@meta.com> In-Reply-To: <20250616-vsock-vmtest-v4-0-bdd1659c33fb@meta.com> To: Stefano Garzarella , Stefan Hajnoczi , Shuah Khan Cc: kvm@vger.kernel.org, "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , linux-kernel@vger.kernel.org, virtualization@lists.linux.dev, netdev@vger.kernel.org, linux-kselftest@vger.kernel.org, Bobby Eshleman , Bobby Eshleman X-Mailer: b4 0.13.0 From: Bobby Eshleman Add the per-net vsock NS mode state. This only adds the structure for holding the mode necessary and some of the definitions, but does not integrate the functionality yet. Signed-off-by: Bobby Eshleman --- MAINTAINERS | 1 + include/net/net_namespace.h | 4 ++++ include/net/netns/vsock.h | 19 +++++++++++++++++++ 3 files changed, 24 insertions(+) diff --git a/MAINTAINERS b/MAINTAINERS index 507c5ff6f620..bf9015498854 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -26149,6 +26149,7 @@ L: netdev@vger.kernel.org S: Maintained F: drivers/vhost/vsock.c F: include/linux/virtio_vsock.h +F: include/net/netns/vsock.h F: include/uapi/linux/virtio_vsock.h F: net/vmw_vsock/virtio_transport.c F: net/vmw_vsock/virtio_transport_common.c diff --git a/include/net/net_namespace.h b/include/net/net_namespace.h index 025a7574b275..005c0da4fb62 100644 --- a/include/net/net_namespace.h +++ b/include/net/net_namespace.h @@ -37,6 +37,7 @@ #include #include #include +#include #include #include #include @@ -196,6 +197,9 @@ struct net { /* Move to a better place when the config guard is removed. */ struct mutex rtnl_mutex; #endif +#if IS_ENABLED(CONFIG_VSOCKETS) + struct netns_vsock vsock; +#endif } __randomize_layout; =20 #include diff --git a/include/net/netns/vsock.h b/include/net/netns/vsock.h new file mode 100644 index 000000000000..ea14b46ed437 --- /dev/null +++ b/include/net/netns/vsock.h @@ -0,0 +1,19 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +#ifndef __NET_NET_NAMESPACE_VSOCK_H +#define __NET_NET_NAMESPACE_VSOCK_H + +#include + +// TODO: rename to VSOCK_NET_* ? +#define VSOCK_NS_MODE_GLOBAL 1 +#define VSOCK_NS_MODE_LOCAL (1 << 1) +#define VSOCK_NS_MODE_INVALID (~0) +/* VSOCK_NS_MODE_WRITTEN_ONCE indicates "write-once" write has occurred */ +#define VSOCK_NS_MODE_WRITTEN_ONCE (1 << 7) + +struct netns_vsock { + struct ctl_table_header *vsock_hdr; + spinlock_t lock; + u8 ns_mode; +}; +#endif /* __NET_NET_NAMESPACE_VSOCK_H */ --=20 2.47.1 From nobody Sun Dec 14 20:19:24 2025 Received: from mail-pf1-f182.google.com (mail-pf1-f182.google.com [209.85.210.182]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6908023D283; Tue, 17 Jun 2025 04:32:58 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.182 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1750134780; cv=none; b=WXw3hs7RWZtL2vM8G8CkFRDa3KBIv9y/pdytOWwic/5BgdTd+m+Bukp5dsq/5gw54YIy/CqHaYWLB+qsBSv7YymmwWH689Z9658X/+yJKUwUQXy5TofEwvPoLeZLqd5g1LwOyH9iaN3e8VjCMchlAsfMfotCr9/c4Uc+/nL6yaA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1750134780; c=relaxed/simple; bh=7Efr2DcHjMHIkxPORLOyvtBZdxZGWYv5we2eZThllc8=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=GvAlQ/mw4ZGTyvcTdPbRL4KZ6X0sEn5Q1e7Yrkr9fhbqFhs4+c3w9Ii0SnQCVci+r288WWkQifN7EAA53lSOVjCEMGCdBCelj5zTiplwfKq8pmmTMFJTVQORpPhDiWcF7srP4PgZbqF1kGBoGghprH+6GYlTdHH4yOsiFxd/JQ4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=FBFNpVGM; arc=none smtp.client-ip=209.85.210.182 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="FBFNpVGM" Received: by mail-pf1-f182.google.com with SMTP id d2e1a72fcca58-7424ccbef4eso4599515b3a.2; Mon, 16 Jun 2025 21:32:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1750134777; x=1750739577; darn=vger.kernel.org; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:from:to:cc:subject:date:message-id :reply-to; bh=EZ01K2ow09UDDYywMmqZNZsYWpIeR8YfQL254KQmb7E=; b=FBFNpVGM4gvIWChnCLkP2CljW40poIKA6l+qJeslO/w2oDFb+ZAx+O+mQMT8aP96gm x8XjaZmzkU0ZBGGRZCQnhhKtPSMBRc+ASfO/oZAniFr4fonMICsbXFYje5md6S2f8B6G J5reQ9h78weEfWwj1c7iVA7MO6YbfBMSA66rt8ix4iebxykznMn7z+6+4RwbyvyIDRjS pzgW/8M1PuOpfV1l296P61ptbkIntqeE7Z7kLxGvPM+w1Xpq3Zn8AMjF9Hf+ST0AbcZH 6zxGfbnvOP/wR7onK4YrFPHLCIxADbTHe4EwAh7YhUCmqg1BmNRcaZENBI1pAfpB9GoA GGmw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1750134777; x=1750739577; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=EZ01K2ow09UDDYywMmqZNZsYWpIeR8YfQL254KQmb7E=; b=nly5YEzmysWaXvDZeXid4I5rPstO9TSNNBZpHk5k+yYYznAbYYe+P0QpAVqkItNiMw UsBfdEmO89nekFPJe8QqHI6S2LGUBsckgFO1WfPAewr4jfqYF2ABDM4Aa0La5Q0EkULH QQuiFJBOptBZwH2InM4MmV9QomCuWuN614Ix0WDh/LdUkDwfzU9uyUjLxE+ChlBmRP1G UwSMYwtseR9O/nMiNWZ9/Xh0yDf2+qGwDbj6yE8BvIyuv0aIbKKBmKb2MvUiNw33GkUe CQdHymFO0jKL1aI78kuo1VpEhCUHGMhm+hZoVPW2GUoBQxIVDK3+iU+nORxsuxzeiBzF pzag== X-Forwarded-Encrypted: i=1; AJvYcCXGoqU2f8kcuwa03MWfseoZRIc9OAbPXJXNp9ey8qlyho9ViLbL3HaRrpeSJenSjEd05d09gNZ4GhfQudow0OOz@vger.kernel.org, AJvYcCXWj/OE2f1ZAPTmbTT5vEj4A9X4nv2cKEHo3fYxvOCQCOIQWOMyUS/fIV6C+mxL3M6wwpcz5gq+@vger.kernel.org, AJvYcCXeByotg/9g3+9PjZvR4U2dHZe2R8jepHLFH/0ycA/VRZ5NZDIQZvQSrvKYWsmqRAKVO+gLl3MAHFyZNDs=@vger.kernel.org X-Gm-Message-State: AOJu0YyawUWJhIKr9jKDLgQcOP7g1qxf9GC+P/OpPrO9hQwMavH2IZY9 oZOkVDmJRwdlbvVY9cy/1SsX/IdxtBiW8LuxcotDl9MwebdzRmAJlgsCYE+VHOhv X-Gm-Gg: ASbGnctjc5XtPGXRSy+uwJhrtR6531rX7xnZ5K7PasAKZSaNrFVeAo8aFDxp8riW2p0 Igs4JhCcCmFBDSnoMNdEMZM7l3jDj7tgcVRh0nrLFGr5YUw3AmSflgnSY8agkCeX8HLb1Fr7NDm m7Z2e4fvQvrE4KsOuGqY6FeNyfRklMY6BpcJ0+U1N3l8MtnTTCWFBdVAHSkiQqG8q6upqtaPbVK KecQY07JGvGcPqVkSIbftnevyTp22AA3GeBcdMJ/g6kMTygyVf2wIbl3eNTd8ws5KtSGrHI6zrZ CaXylEvqCL/qJANvsqBNMItroymP/2TbARqrrq3D/NCnOoLdLcz3sue5Aqc= X-Google-Smtp-Source: AGHT+IHE/6Vn5YLgKjYSKZNdlfgBKY7zuMuQFBI6H0V1HGZEpIY6C5PiqCL/O1sycxc9EJbkuM+V3g== X-Received: by 2002:a05:6a20:cd92:b0:215:df62:7d51 with SMTP id adf61e73a8af0-21fbd584d3fmr17784132637.11.1750134776981; Mon, 16 Jun 2025 21:32:56 -0700 (PDT) Received: from localhost ([2a03:2880:2ff:5::]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-b2fe163a0e7sm7874487a12.16.2025.06.16.21.32.55 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 16 Jun 2025 21:32:56 -0700 (PDT) From: Bobby Eshleman Date: Mon, 16 Jun 2025 21:32:52 -0700 Subject: [PATCH RFC net-next v4 03/11] vsock: add vsock net ns helpers Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20250616-vsock-vmtest-v4-3-bdd1659c33fb@meta.com> References: <20250616-vsock-vmtest-v4-0-bdd1659c33fb@meta.com> In-Reply-To: <20250616-vsock-vmtest-v4-0-bdd1659c33fb@meta.com> To: Stefano Garzarella , Stefan Hajnoczi , Shuah Khan Cc: kvm@vger.kernel.org, "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , linux-kernel@vger.kernel.org, virtualization@lists.linux.dev, netdev@vger.kernel.org, linux-kselftest@vger.kernel.org, Bobby Eshleman , Bobby Eshleman X-Mailer: b4 0.13.0 From: Bobby Eshleman Add helper functions for setting/getting vsock NS modes. This commit is in preparation for adding NS support to vsock. Signed-off-by: Bobby Eshleman --- include/net/af_vsock.h | 46 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) diff --git a/include/net/af_vsock.h b/include/net/af_vsock.h index d56e6e135158..e0b9e6732d53 100644 --- a/include/net/af_vsock.h +++ b/include/net/af_vsock.h @@ -10,6 +10,7 @@ =20 #include #include +#include #include #include =20 @@ -256,4 +257,49 @@ static inline bool vsock_msgzerocopy_allow(const struc= t vsock_transport *t) { return t->msgzerocopy_allow && t->msgzerocopy_allow(); } + +extern struct net __vsock_global_net; +static inline struct net *vsock_global_net(void) +{ + return &__vsock_global_net; +} + +static inline u8 vsock_net_mode(struct net *net) +{ + u8 ret; + + spin_lock_bh(&net->vsock.lock); + ret =3D net->vsock.ns_mode; + spin_unlock_bh(&net->vsock.lock); + return ret; +} + +static inline void vsock_net_set_mode(struct net *net, u8 mode) +{ + spin_lock_bh(&net->vsock.lock); + net->vsock.ns_mode =3D mode | VSOCK_NS_MODE_WRITTEN_ONCE; + spin_unlock_bh(&net->vsock.lock); +} + +/* Return true if mode has already been written once. Otherwise, return fa= lse. */ +static inline bool vsock_net_mode_can_set(struct net *net) +{ + bool ret; + + spin_lock_bh(&net->vsock.lock); + ret =3D !(net->vsock.ns_mode & VSOCK_NS_MODE_WRITTEN_ONCE); + spin_unlock_bh(&net->vsock.lock); + return ret; +} + +/* Return true if vsock net mode check passes. Otherwise, return false. + * + * Read more about modes in comment header of net/vmw_vsock/af_vsock.c. + */ +static inline bool vsock_net_check_mode(struct net *n1, struct net *n2) +{ + return net_eq(n1, n2) || + (vsock_net_mode(n1) & VSOCK_NS_MODE_GLOBAL && + vsock_net_mode(n2) & VSOCK_NS_MODE_GLOBAL); +} #endif /* __AF_VSOCK_H__ */ --=20 2.47.1 From nobody Sun Dec 14 20:19:24 2025 Received: from mail-pg1-f171.google.com (mail-pg1-f171.google.com [209.85.215.171]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7A1EC24E4C6; Tue, 17 Jun 2025 04:33:00 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.215.171 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1750134782; cv=none; b=jbO6mIO9zPJq166ST/Dk/r527AMx9MpKnSAGSQyMCovDhbgbXei9vRO/gJIrvrKy1XGjCGScqxosYsKMdnIIIMjhRSzBYnrvNd1Dgg+g0f8LzPpTLlcywRrUJGcMOg4rcGUpgMPbyBnhBarp5RqLAgsLlB7lf7H8SufmU+s6GtU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1750134782; c=relaxed/simple; bh=qoJJ4i/W50edlHBToQPG13aPO77yuBEPT9SZ9aqVWJg=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=Q8b6K3C16gkugYTVjJ6J41LOrW83hF/EmpVr1L/0jgLuSkQggFLXOK5tEBrLZhyo+l/pq3Cc/uNpx3a9Le6JwC7Wy/gxxEfGkA/if1eJU5pQIoca4ALEsTZ40yaVpIjXMMV6BaU4z7Hu5do4VkX2PP0aaSp2Bcl+ySO1+/pKb+o= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=KWdTDq3w; arc=none smtp.client-ip=209.85.215.171 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="KWdTDq3w" Received: by mail-pg1-f171.google.com with SMTP id 41be03b00d2f7-b2c40a7ca6eso5531382a12.1; Mon, 16 Jun 2025 21:33:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1750134778; x=1750739578; darn=vger.kernel.org; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:from:to:cc:subject:date:message-id :reply-to; bh=YdPQ5Aka/ET/K6+EX7H2iku6AwIaWmDdsZFMu+a0Iz8=; b=KWdTDq3wASGAlMjV0MFFOmDuJxaEKUV0Gg4giDRfWIwl90s0NWSRjCQZDsWrkkIDUt HHt5MSBtjM7VnYkn/gYaPJ04P08CFTYus2jM2p+cAOwP4pk8BXP1qhOT+lbnrD2Ae49X 5TAV8wJ3ggC5hqaXOvRE1+cLGZDH5TF0rttZFyb4gQCsn2cj86Veu6rlQvlU5F556E6n Tzc5zW2WB8F6zvHAAn1eHQezUiy4kq1TBqCSIgADDf61F8I/2n8OKh1ZNVcF9ed8bb+a ZaSQZGae+921iQhCt/ioCS5AbilGumFi5aUu1GR/wSadPa/kzCQfuSTRiDXqhwwFF51W NMIg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1750134778; x=1750739578; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=YdPQ5Aka/ET/K6+EX7H2iku6AwIaWmDdsZFMu+a0Iz8=; b=wH46YSE3whOBjK/i9IkglyMTe0G9AufHCb+Bgdp+Oh0svkIeNU5bNnFKFbYwM153py ss8JzJgvAXKilawfkDJk9ZYsVCNR086AgCICLUYZO8kQ/LUyu/c1cUhtF+L7mckdFJ7K pwQgQxdhYwYa1kmN/WBA62rBj4lZvWi9pwDjYtEx9LT09GwTCCKYIM9TNsOyLlsqSdeV XyEWS6y2R4l/zMQnL0hWEWHbgsCIN3UIXUPt+6XiTjmAG4OiIlEu65V0tBLcUnaCsUPY kP02viEvRnDd/SKORvSlb+tqtr9obdi28F09bGxRh0qY8U8H9iqmSzo5j74ErhbSx6sn jhmw== X-Forwarded-Encrypted: i=1; AJvYcCWkptIL7t5WMyrOD5CWzNV6JCDzu0K+yrYp27QlzBSyb9HV2UojFzG/ZK+sAJyDd+kFW4Sfw675tRdjnts=@vger.kernel.org, AJvYcCWt8X4OjytRO7ZZm+tlTTTVI5QqqxIz8SYXuECDTF9q2ZyzSM66ZcGZrzr+Hy93cHlb0c8tqMAI@vger.kernel.org, AJvYcCXUVWcCaBO76xiLjZhWQVTAPUxl7mKeOWwar1PrdfBMnsF1zX7s+/D0EnvejRqnlaSofPbWOManNArrFbEPqkGi@vger.kernel.org X-Gm-Message-State: AOJu0YzsKMBJ46WJuWPay62JhLxq+Iw4YiXP9uw+z/SljXr1LPL6Vshl dAGxUjP9eViFvCW2vvMKOGBlm8IxPerHASodVuePYUx2MMCn9XYD66amY6Rnzwly X-Gm-Gg: ASbGncvUxT9O8tSlp3IG8FGHN/2LJOAVUQpuNtAMxts3wVDYRHJyaVg1lFTe22HIHEV ljo1dQ2lN0yJST142A14DQEkQR+Unw98oVZZyuIXJDTrM75biDA9gN2d/4y6/yfxLS7RNT2LcbT GqcxP5wJbwwXrGQzjNkmhpFY073lkXjjkdAJb1E/dCl45gr3VIkImqUK39s+MOXTuBm5We8sTYf qJsYG+2hLTwf5vxxobjLGIjXSz/Cgr1d3xSLz2szMDpADhB/FTSbfb/B293zqG76l/TWHeY5Gu1 8JN3dtJysCIVz/Exl3Yyo3Ex7SDQ4SVimaFJxeez26E+aNJTLXrz7o7ZjejV X-Google-Smtp-Source: AGHT+IH265eeeimXvBdGeNS8fFQQO32TNNnphVtyrQ1wwHVb3dE1zI1bmUAeXXk6oS7lTC1LBMOMGw== X-Received: by 2002:a05:6a00:4f82:b0:736:6d4d:ffa6 with SMTP id d2e1a72fcca58-7489cffbc7fmr14615749b3a.15.1750134778566; Mon, 16 Jun 2025 21:32:58 -0700 (PDT) Received: from localhost ([2a03:2880:2ff:73::]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-748900d257asm7746822b3a.165.2025.06.16.21.32.57 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 16 Jun 2025 21:32:57 -0700 (PDT) From: Bobby Eshleman Date: Mon, 16 Jun 2025 21:32:53 -0700 Subject: [PATCH RFC net-next v4 04/11] vsock: add net to vsock skb cb Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20250616-vsock-vmtest-v4-4-bdd1659c33fb@meta.com> References: <20250616-vsock-vmtest-v4-0-bdd1659c33fb@meta.com> In-Reply-To: <20250616-vsock-vmtest-v4-0-bdd1659c33fb@meta.com> To: Stefano Garzarella , Stefan Hajnoczi , Shuah Khan Cc: kvm@vger.kernel.org, "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , linux-kernel@vger.kernel.org, virtualization@lists.linux.dev, netdev@vger.kernel.org, linux-kselftest@vger.kernel.org, Bobby Eshleman , Bobby Eshleman X-Mailer: b4 0.13.0 From: Bobby Eshleman Add a net pointer to the vsock skb and helpers for getting/setting it. This is in preparation for adding vsock NS support. Signed-off-by: Bobby Eshleman --- include/linux/virtio_vsock.h | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/include/linux/virtio_vsock.h b/include/linux/virtio_vsock.h index 36fb3edfa403..93edc1e798a5 100644 --- a/include/linux/virtio_vsock.h +++ b/include/linux/virtio_vsock.h @@ -13,6 +13,7 @@ struct virtio_vsock_skb_cb { bool reply; bool tap_delivered; u32 offset; + struct net *net; }; =20 #define VIRTIO_VSOCK_SKB_CB(skb) ((struct virtio_vsock_skb_cb *)((skb)->cb= )) @@ -111,6 +112,16 @@ static inline size_t virtio_vsock_skb_len(struct sk_bu= ff *skb) return (size_t)(skb_end_pointer(skb) - skb->head); } =20 +static inline struct net *virtio_vsock_skb_net(struct sk_buff *skb) +{ + return VIRTIO_VSOCK_SKB_CB(skb)->net; +} + +static inline void virtio_vsock_skb_set_net(struct sk_buff *skb, struct ne= t *net) +{ + VIRTIO_VSOCK_SKB_CB(skb)->net =3D net; +} + #define VIRTIO_VSOCK_DEFAULT_RX_BUF_SIZE (1024 * 4) #define VIRTIO_VSOCK_MAX_BUF_SIZE 0xFFFFFFFFUL #define VIRTIO_VSOCK_MAX_PKT_BUF_SIZE (1024 * 64) --=20 2.47.1 From nobody Sun Dec 14 20:19:24 2025 Received: from mail-pg1-f178.google.com (mail-pg1-f178.google.com [209.85.215.178]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 07A3624EF6B; Tue, 17 Jun 2025 04:33:01 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.215.178 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1750134783; cv=none; b=iYyVB873fNKf3qCN4BRl1glUplHZSxjRDNr/YrXrgDJRdXHWmyNzgKfCWaXSRYrtu8aSxYsYlXbx1171tGGkKghXCwsHzU+pKsQ/tK38F1s01xFvzbESEjIEg9fvvKdklDFdiKuLeGkJs2zcD0hm5yFSosuh+wBROv8nk5SVTgs= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1750134783; c=relaxed/simple; bh=C2DFwzYQkx3LlkCAj/rIaEhjFwqc4O2MM49+/ldj++M=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=pzVhStYTS4vfgM95e7IE5VKZJh9WM8FiRPWj/I65mlDikpm+Deg7OOAyEQNuxHbWzPy3ebUjXD0Tdzbkf8YQL+ivDvxTaKoHwNwQ+DrSx3X3wbR5Isp5+5RzpDjmoSC8iqgvpoHLyckHBHB/HvxGTTdpsyP1QKtMzpyqp5hwk/o= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=CmV98+NX; arc=none smtp.client-ip=209.85.215.178 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="CmV98+NX" Received: by mail-pg1-f178.google.com with SMTP id 41be03b00d2f7-b26f7d2c1f1so5537492a12.0; Mon, 16 Jun 2025 21:33:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1750134781; x=1750739581; darn=vger.kernel.org; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:from:to:cc:subject:date:message-id :reply-to; bh=766yZkjmtJVFokYGwUZYaUubgjfKbmEBUpgRSzrrEqU=; b=CmV98+NXJx04yBTrEcrJ503tVvznJKpO6moe/F4Xm0Go2OLr5WCPGd+g31GWXtV8W4 ayyzis+G0OWxGCyYIbjwPiRglTVw67eIWW0oL6vrsGHYqO3ZKSHJJTomY8h++jYdg581 6AlFjBsD8Y5htr2ZDUgiGkH8+mXxJ59d2SQPo4enCzcSmahA+Cws1P0Bgsd6Es1/Wpim 4q51gAMmMnH18NdcUp4EYPvmMZ/9pTHcqJNWUNET2rDDflGJB0Yys0HCdAIepGEOZCJf MvFNYpkwubMKn8wBf55C0Wh0FnhwAQLPdHSvowAgnpsRw++9vnhDxUz3Huxg5TsbFr+S iGOQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1750134781; x=1750739581; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=766yZkjmtJVFokYGwUZYaUubgjfKbmEBUpgRSzrrEqU=; b=AnRGqMo3tHsIQc+tw4FafOPqBbXzAwUyHi88sxfFFgdr2PxI1PLBJ6v86OJsXgCCly O4VZDYgiEPDOl1SED3X0zjD4VrOEK6wmtB8ZER+o5ZyhqA/1X1msi1ZAaaq6mubLYbi5 d4Y1nPDbCBIYFr/BMA1gMkuadQatgVtVB8NLCqvniw4oBSQ2TOIDHrv47Up3qlbruBGT YW8BYOsgUAqv3MQKv0TsJsJzxULmMAUweidpG6DNofJJ4ESAJiYNsnREuaHIzSSEBG7J +1YCuK46ZkS+Dwj3MBRR6yOsUvmYE2HQFWmS8GWjxFPJ9f05AwUw5WbylPJdhmRhJFqg 6UuQ== X-Forwarded-Encrypted: i=1; AJvYcCUEkyA9AKYdm6ZWXnZdGDTfMus6yvxOnx+ghGIS5BK1H5VlF98sutQu5+MVUV5UO84nH+ykASjJe/yxs9v6jAzs@vger.kernel.org, AJvYcCVTfQJV2el7I4cGv8tHIxnzVFwcLpRdO7FNVSjnihdYFqW1kbKEnCqNRCuzXoESG2L+vZwTjWtL@vger.kernel.org, AJvYcCWuDT9+HQMlUsjuS4KPH+fIFGzlSFYyVryhJqGG+vwzxnlFLXJoLurxdtWoNEJnXl4j342XFtQIxntS9e4=@vger.kernel.org X-Gm-Message-State: AOJu0YzW93ifuyXXecVnsvZrUG/zWltnhf6EyI3l7t/UF7RQH01Cl8IJ pxR04jlSViXOYgNi1pNUCJiHFCRacvJ7FK8bkw9uedNbJaL7DTqG9fWkg+HNEfNo X-Gm-Gg: ASbGncuz51MwmPP+meYoPwxUIZ8TfK6TKMXK0jMGsrqW4aemcKX2YuWNZlJI/c6yZ85 iwoKduNtN3peZB+G/VSAAqsLR+L5qOvmwe6y9O81sIP/wC2mw6YZJXofZoT4WDkXNPTh5mu43fL q4JoNTjZY1cLBQqBw+IvbfwmVrIRyrn2EwdHdfYIE6jtFO5z0u5+jAaRs8aA2ibtjtHaYJzFBLa aU6ongy1QhE6FrYJxhp5Qq9sP0VJLvlS1bGYPP3Nhi2Mv6emqNyb522CeDwgwGL4ziSHusXycIg uKMdmaISZ3H5edkw4774Hlzg4IBfWjIEukgWYaEsjHfN5u3tQ65/4QiKTIfS X-Google-Smtp-Source: AGHT+IFnAeXzmju7Py/fE7DyF8/XrQUnHqGnGTjriiZFbWFtT/1tQFw/Aok20Q9u9KjfqDRCmdgjIw== X-Received: by 2002:a05:6a21:4d8c:b0:1f5:72eb:8b62 with SMTP id adf61e73a8af0-21fbd55112fmr17425755637.20.1750134780605; Mon, 16 Jun 2025 21:33:00 -0700 (PDT) Received: from localhost ([2a03:2880:2ff:40::]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-b2fe1639fadsm6560268a12.11.2025.06.16.21.32.59 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 16 Jun 2025 21:32:59 -0700 (PDT) From: Bobby Eshleman Date: Mon, 16 Jun 2025 21:32:54 -0700 Subject: [PATCH RFC net-next v4 05/11] vsock: add common code for vsock NS support Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20250616-vsock-vmtest-v4-5-bdd1659c33fb@meta.com> References: <20250616-vsock-vmtest-v4-0-bdd1659c33fb@meta.com> In-Reply-To: <20250616-vsock-vmtest-v4-0-bdd1659c33fb@meta.com> To: Stefano Garzarella , Stefan Hajnoczi , Shuah Khan Cc: kvm@vger.kernel.org, "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , linux-kernel@vger.kernel.org, virtualization@lists.linux.dev, netdev@vger.kernel.org, linux-kselftest@vger.kernel.org, Bobby Eshleman , Bobby Eshleman X-Mailer: b4 0.13.0 From: Bobby Eshleman Add NS functionality (initialization, passing to transports, procfs, etc...) to the vsock socket layer. Later patches that add NS support to transports will depend on this patch. Signed-off-by: Bobby Eshleman --- include/net/af_vsock.h | 7 +- net/vmw_vsock/af_vsock.c | 203 +++++++++++++++++++++++++++++++++++++++++++= ---- 2 files changed, 193 insertions(+), 17 deletions(-) diff --git a/include/net/af_vsock.h b/include/net/af_vsock.h index e0b9e6732d53..1ba1c30b625d 100644 --- a/include/net/af_vsock.h +++ b/include/net/af_vsock.h @@ -144,7 +144,7 @@ struct vsock_transport { int flags); int (*seqpacket_enqueue)(struct vsock_sock *vsk, struct msghdr *msg, size_t len); - bool (*seqpacket_allow)(u32 remote_cid); + bool (*seqpacket_allow)(struct vsock_sock *vsk, u32 remote_cid); u32 (*seqpacket_has_data)(struct vsock_sock *vsk); =20 /* Notification. */ @@ -214,9 +214,10 @@ void vsock_enqueue_accept(struct sock *listener, struc= t sock *connected); void vsock_insert_connected(struct vsock_sock *vsk); void vsock_remove_bound(struct vsock_sock *vsk); void vsock_remove_connected(struct vsock_sock *vsk); -struct sock *vsock_find_bound_socket(struct sockaddr_vm *addr); +struct sock *vsock_find_bound_socket(struct sockaddr_vm *addr, struct net = *net); struct sock *vsock_find_connected_socket(struct sockaddr_vm *src, - struct sockaddr_vm *dst); + struct sockaddr_vm *dst, + struct net *net); void vsock_remove_sock(struct vsock_sock *vsk); void vsock_for_each_connected_socket(struct vsock_transport *transport, void (*fn)(struct sock *sk)); diff --git a/net/vmw_vsock/af_vsock.c b/net/vmw_vsock/af_vsock.c index 2e7a3034e965..bec7e7aae956 100644 --- a/net/vmw_vsock/af_vsock.c +++ b/net/vmw_vsock/af_vsock.c @@ -83,6 +83,24 @@ * TCP_ESTABLISHED - connected * TCP_CLOSING - disconnecting * TCP_LISTEN - listening + * + * - Namespaces in vsock support two different modes configured + * through /proc/net/vsock_ns_mode. The modes are "local" and "global". + * Each mode defines how the namespace interacts with CIDs. + * /proc/net/vsock_ns_mode is write-once, so that it may be configured + * by a namespace manager. The default is "global". The mode is set + * per-namespace. + * + * The modes affect the allocation and accessibility of CIDs as follows: + * - global - aka fully public + * - CID allocation draws from the public pool + * - AF_VSOCK sockets may reach any CID allocated from the public pool + * - AF_VSOCK sockets may not reach CIDs allocated from private pools + * + * - local - aka fully private + * - CID allocation draws only from the private pool, does not affect = public pool + * - AF_VSOCK sockets may only reach CIDs from the private pool + * - AF_VSOCK sockets may not reach CIDs allocated from outside the po= ol */ =20 #include @@ -100,6 +118,7 @@ #include #include #include +#include #include #include #include @@ -111,6 +130,7 @@ #include #include #include +#include #include #include =20 @@ -149,6 +169,9 @@ static const struct vsock_transport *transport_dgram; static const struct vsock_transport *transport_local; static DEFINE_MUTEX(vsock_register_mutex); =20 +struct net __vsock_global_net; +EXPORT_SYMBOL_GPL(__vsock_global_net); + /**** UTILS ****/ =20 /* Each bound VSocket is stored in the bind hash table and each connected @@ -235,33 +258,42 @@ static void __vsock_remove_connected(struct vsock_soc= k *vsk) sock_put(&vsk->sk); } =20 -static struct sock *__vsock_find_bound_socket(struct sockaddr_vm *addr) +static struct sock *__vsock_find_bound_socket(struct sockaddr_vm *addr, + struct net *net) { struct vsock_sock *vsk; =20 list_for_each_entry(vsk, vsock_bound_sockets(addr), bound_table) { + struct sock *sk =3D sk_vsock(vsk); + if (vsock_addr_equals_addr(addr, &vsk->local_addr)) - return sk_vsock(vsk); + if (vsock_net_check_mode(net, sock_net(sk))) + return sk; =20 if (addr->svm_port =3D=3D vsk->local_addr.svm_port && (vsk->local_addr.svm_cid =3D=3D VMADDR_CID_ANY || - addr->svm_cid =3D=3D VMADDR_CID_ANY)) - return sk_vsock(vsk); + addr->svm_cid =3D=3D VMADDR_CID_ANY) && + vsock_net_check_mode(net, sock_net(sk))) + return sk; } =20 return NULL; } =20 static struct sock *__vsock_find_connected_socket(struct sockaddr_vm *src, - struct sockaddr_vm *dst) + struct sockaddr_vm *dst, + struct net *net) { struct vsock_sock *vsk; =20 list_for_each_entry(vsk, vsock_connected_sockets(src, dst), connected_table) { + struct sock *sk =3D sk_vsock(vsk); + if (vsock_addr_equals_addr(src, &vsk->remote_addr) && - dst->svm_port =3D=3D vsk->local_addr.svm_port) { - return sk_vsock(vsk); + dst->svm_port =3D=3D vsk->local_addr.svm_port && + vsock_net_check_mode(net, sock_net(sk))) { + return sk; } } =20 @@ -304,12 +336,12 @@ void vsock_remove_connected(struct vsock_sock *vsk) } EXPORT_SYMBOL_GPL(vsock_remove_connected); =20 -struct sock *vsock_find_bound_socket(struct sockaddr_vm *addr) +struct sock *vsock_find_bound_socket(struct sockaddr_vm *addr, struct net = *net) { struct sock *sk; =20 spin_lock_bh(&vsock_table_lock); - sk =3D __vsock_find_bound_socket(addr); + sk =3D __vsock_find_bound_socket(addr, net); if (sk) sock_hold(sk); =20 @@ -320,12 +352,13 @@ struct sock *vsock_find_bound_socket(struct sockaddr_= vm *addr) EXPORT_SYMBOL_GPL(vsock_find_bound_socket); =20 struct sock *vsock_find_connected_socket(struct sockaddr_vm *src, - struct sockaddr_vm *dst) + struct sockaddr_vm *dst, + struct net *net) { struct sock *sk; =20 spin_lock_bh(&vsock_table_lock); - sk =3D __vsock_find_connected_socket(src, dst); + sk =3D __vsock_find_connected_socket(src, dst, net); if (sk) sock_hold(sk); =20 @@ -513,7 +546,7 @@ int vsock_assign_transport(struct vsock_sock *vsk, stru= ct vsock_sock *psk) =20 if (sk->sk_type =3D=3D SOCK_SEQPACKET) { if (!new_transport->seqpacket_allow || - !new_transport->seqpacket_allow(remote_cid)) { + !new_transport->seqpacket_allow(vsk, remote_cid)) { module_put(new_transport->module); return -ESOCKTNOSUPPORT; } @@ -644,6 +677,7 @@ static int __vsock_bind_connectible(struct vsock_sock *= vsk, { static u32 port; struct sockaddr_vm new_addr; + struct net *net =3D sock_net(sk_vsock(vsk)); =20 if (!port) port =3D get_random_u32_above(LAST_RESERVED_PORT); @@ -660,7 +694,7 @@ static int __vsock_bind_connectible(struct vsock_sock *= vsk, =20 new_addr.svm_port =3D port++; =20 - if (!__vsock_find_bound_socket(&new_addr)) { + if (!__vsock_find_bound_socket(&new_addr, net)) { found =3D true; break; } @@ -677,7 +711,7 @@ static int __vsock_bind_connectible(struct vsock_sock *= vsk, return -EACCES; } =20 - if (__vsock_find_bound_socket(&new_addr)) + if (__vsock_find_bound_socket(&new_addr, net)) return -EADDRINUSE; } =20 @@ -2588,6 +2622,138 @@ static struct miscdevice vsock_device =3D { .fops =3D &vsock_device_ops, }; =20 +#define VSOCK_NS_MODE_NAME_MAX 8 + +static struct ctl_table vsock_table[] =3D { + { + .procname =3D "vsock_ns_mode", + .data =3D &init_net.vsock.ns_mode, + .maxlen =3D sizeof(u8), + .mode =3D 0644, + .proc_handler =3D proc_dostring + }, +}; + +static int __net_init vsock_sysctl_register(struct net *net) +{ + struct ctl_table *table; + + if (net_eq(net, &init_net)) { + table =3D vsock_table; + } else { + table =3D kmemdup(vsock_table, sizeof(vsock_table), GFP_KERNEL); + if (!table) + goto err_alloc; + + table[0].data =3D &net->vsock.ns_mode; + } + + net->vsock.vsock_hdr =3D register_net_sysctl_sz(net, "net/vsock", table, + ARRAY_SIZE(vsock_table)); + if (!net->vsock.vsock_hdr) + goto err_reg; + + return 0; + +err_reg: + if (!net_eq(net, &init_net)) + kfree(table); +err_alloc: + return -ENOMEM; +} + +static void vsock_sysctl_unregister(struct net *net) +{ + const struct ctl_table *table; + + table =3D net->vsock.vsock_hdr->ctl_table_arg; + unregister_net_sysctl_table(net->vsock.vsock_hdr); + if (!net_eq(net, &init_net)) + kfree(table); +} + +#ifdef CONFIG_PROC_FS +static int vsock_proc_ns_mode_show(struct seq_file *seq, void *v) +{ + struct net *net =3D seq_file_single_net(seq); + const char *p =3D "invalid"; + + spin_lock_bh(&net->vsock.lock); + if (net->vsock.ns_mode & VSOCK_NS_MODE_GLOBAL) + p =3D "global"; + else if (net->vsock.ns_mode & VSOCK_NS_MODE_LOCAL) + p =3D "local"; + else + WARN_ONCE(1, "invalid vsock_ns_mode"); + spin_unlock_bh(&net->vsock.lock); + seq_printf(seq, "%s", p); + return 0; +} + +static int vsock_proc_ns_mode_write(struct file *file, char *buf, size_t s= ize) +{ + struct seq_file *m =3D file->private_data; + struct net *net =3D seq_file_single_net(m); + size_t len =3D size - 1; + int ret =3D 0; + u8 mode; + + if (!vsock_net_mode_can_set(net)) + return -EPERM; + + mode =3D 0; + if (!strncmp(buf, "global", len)) + mode |=3D VSOCK_NS_MODE_GLOBAL; + else if (!strncmp(buf, "local", len)) + mode |=3D VSOCK_NS_MODE_LOCAL; + else + return -EINVAL; + + vsock_net_set_mode(net, mode); + + return ret; +} +#endif /* CONFIG_PROC_FS */ + +static void vsock_net_init(struct net *net) +{ + spin_lock_init(&net->vsock.lock); + net->vsock.ns_mode =3D VSOCK_NS_MODE_GLOBAL; +} + +static __net_init int vsock_sysctl_init_net(struct net *net) +{ + vsock_net_init(net); + + if (vsock_sysctl_register(net)) + goto out; + +#ifdef CONFIG_PROC_FS + if (!proc_create_net_single_write("vsock_ns_mode", 0644, net->proc_net, + vsock_proc_ns_mode_show, + vsock_proc_ns_mode_write, + NULL)) + goto err_sysctl; +#endif + + return 0; + +err_sysctl: + vsock_sysctl_unregister(net); +out: + return -ENOMEM; +} + +static __net_exit void vsock_sysctl_exit_net(struct net *net) +{ + vsock_sysctl_unregister(net); +} + +static struct pernet_operations vsock_sysctl_ops __net_initdata =3D { + .init =3D vsock_sysctl_init_net, + .exit =3D vsock_sysctl_exit_net, +}; + static int __init vsock_init(void) { int err =3D 0; @@ -2615,10 +2781,19 @@ static int __init vsock_init(void) goto err_unregister_proto; } =20 + if (register_pernet_subsys(&vsock_sysctl_ops)) { + err =3D -ENOMEM; + goto err_unregister_sock; + } + + vsock_net_init(&init_net); + vsock_net_init(vsock_global_net()); vsock_bpf_build_proto(); =20 return 0; =20 +err_unregister_sock: + sock_unregister(AF_VSOCK); err_unregister_proto: proto_unregister(&vsock_proto); err_deregister_misc: --=20 2.47.1 From nobody Sun Dec 14 20:19:24 2025 Received: from mail-pl1-f172.google.com (mail-pl1-f172.google.com [209.85.214.172]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1AB4B25486B; Tue, 17 Jun 2025 04:33:03 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.172 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1750134785; cv=none; b=ji/gml0Qm5/Z/6nxAH7Dkp9C3DtqW3nzDPaAlweW0b+JTNGn4Tvt+CvKQ4B7fxxAr3MDDXjGBs/hboku9TkYCYciePE2jz6FvnfIIkWhAI2xcQxLhAlBh5sKXPoOzIxdZabCyC3TiXb1GJC2cemp+dpbdcYMtrXSD5f3PU2dp/I= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1750134785; c=relaxed/simple; bh=rWN+0kzz66BwYpbXVApft3NajZyjUkLvELDV5jgoh9Q=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=CNktMfZ/70dCBCnMpAP01VMcJLnc7IGIDIMB1/VHeQgIYzwBaSTmui2GHeYwbWuLs3Rc+Vm84LRN4/sauUdODCPcsRUHflRRWHTF0Fz0342Mw83PL9DYwLEUEG8zids98rf2iZ83oM2tHNdqBRVEeXsnhcz+TsSqpdLrDUwTWJI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=SGq1VRcG; arc=none smtp.client-ip=209.85.214.172 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="SGq1VRcG" Received: by mail-pl1-f172.google.com with SMTP id d9443c01a7336-234bfe37cccso66827575ad.0; Mon, 16 Jun 2025 21:33:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1750134782; x=1750739582; darn=vger.kernel.org; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:from:to:cc:subject:date:message-id :reply-to; bh=LclXjvFFmEwW0GFpupYPppfQlsjXKq5ckw5t+NfgedU=; b=SGq1VRcGGrGai3J2m0H4gj9ibeVi96xeFqFBHvesMLp3B/qPn/+44Z+giVWn4TDFoj RapwXpDJ86Le7iL3O8out8saWUygrYDOXGtvLR44YLJnQ5KpCaRIyuLMf2O9o75XV3fB FXmwX4RADSFI8vG1ZKujNdbsu8G5LZJ1Ocim7hgjEzrhQOHnF0KKR6tsdpYcVZgWxDrh CPHdX8YVMzaXMieamUs++EK4LVMeKAnbDIYSNvPmyTpVPDIfNkHS1GcD9jeimQaLwECa jmt0MtrXCr4VXmcz0At9qZC/7xG0Zlwxln7nCOPXFRAZbv85kmfwVITfl3Mg+/j3O4aM kroA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1750134782; x=1750739582; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=LclXjvFFmEwW0GFpupYPppfQlsjXKq5ckw5t+NfgedU=; b=m+wXS4Uk6wTtV/rxyFtGpHK8KpbtRU5oqSy1KDJi2Qt8Bl/dMbFHACmWHZF1wZKSja E1L5xKiXp5cTUxUW2BP+Xh58kxoUUjkdz+/uvHF5zHXc0+zAT9MQ7AOyb95ESprp9/y+ PekLT2D3IpMBoE/hSMqc79a35mn1A7L5sBzIsYSSHvnFJHwtZc+9f7Ob02Ul/2zl/RhK HPGgoETL+FXF3qnB/Z3JyDkrOM3DPJBWpaTEGNUr+75nqXO7bYWehEgjSbOKXi/L4JS6 vLi4EzNOxW0hfshfD5pKJVJ4D7TyLKujohOvGSi5vDVNHYtOjGLHpnTkz7OKQMOYdzd/ E7Sg== X-Forwarded-Encrypted: i=1; AJvYcCVhfHfncZymVH1pPwOlxQNvk211n0INw8Mvq1V3F3Y+SQgGYzzhxdbT4Ta4Ky4IaZey6gQuB6UPoLD8y4blKa0k@vger.kernel.org, AJvYcCW1TdBRUvem8i8Kq7emwZzqF1X6fERVYQzERQwntBUmD47+ihF8p3Qqr/henSJHTPy86CetxHCrsYwpESo=@vger.kernel.org, AJvYcCWbCxhACVqRxnAJzQSAvNJbIj0VqzZTRxClppjc1on+nfirzZLxIuyfzSulshJYaGxfG5NMIgRb@vger.kernel.org X-Gm-Message-State: AOJu0YxrOZF169EZXKdccMxuWeOUrL/KFqW54Ex1MrB4s5INt+abPtd6 j+mQuh9ujYrv7+jBkDuQqNLkQhhpfK+eBUUETrVinI4Lefo3RbBichJ3eBI6Nt24 X-Gm-Gg: ASbGnctGx9oq4W4Lr+qATA2oTPENiriGW4bc2R1JmBm246Z+b0KReCvp2MvZN85zBjF 9b/MriMxst5OR6r4P3SmVC1yVwOsF0KO1OM23Hg1L1VfwA2r+NhsX9Sg+1G/5ZsqSmNDbxPoe+8 RpoltT/PE/dW/4NqExzfr7CNYH1znDbODr9ZiVWWaf+c+3fXlngEhHUeoWhd/wa5TW1VFEnxXO2 Wv3Erw6O9kL2sxr7mCT1iLpMdEEwM0r617LkDFNlP/bLsf8LZY8Q+G5AbLdNU+uuDqqV5f7JWaf wyZ/72+cQ/4HQHXYX1RFblLEoOh65suNyFRWvdPtR/LTTp9VhQo+McyaIwQ7mh8hoSI3VKs= X-Google-Smtp-Source: AGHT+IFfHIKMTehJBbHbzXm+VgitB5C8K3/zKbjZaoAyzCeAaD3PR/+OGHYbSxWh4cZBh7ugMRypPw== X-Received: by 2002:a17:902:ce8d:b0:235:f3df:bbff with SMTP id d9443c01a7336-2366b00163dmr182222645ad.4.1750134782256; Mon, 16 Jun 2025 21:33:02 -0700 (PDT) Received: from localhost ([2a03:2880:2ff:74::]) by smtp.gmail.com with ESMTPSA id 98e67ed59e1d1-313fcae18e1sm1521189a91.0.2025.06.16.21.33.01 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 16 Jun 2025 21:33:01 -0700 (PDT) From: Bobby Eshleman Date: Mon, 16 Jun 2025 21:32:55 -0700 Subject: [PATCH RFC net-next v4 06/11] virtio-vsock: add netns to common code Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20250616-vsock-vmtest-v4-6-bdd1659c33fb@meta.com> References: <20250616-vsock-vmtest-v4-0-bdd1659c33fb@meta.com> In-Reply-To: <20250616-vsock-vmtest-v4-0-bdd1659c33fb@meta.com> To: Stefano Garzarella , Stefan Hajnoczi , Shuah Khan Cc: kvm@vger.kernel.org, "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , linux-kernel@vger.kernel.org, virtualization@lists.linux.dev, netdev@vger.kernel.org, linux-kselftest@vger.kernel.org, Bobby Eshleman , Bobby Eshleman X-Mailer: b4 0.13.0 From: Bobby Eshleman Add support to the virtio common code for passing around net namespace pointers (tx and rx). The series still requires non-common transport support to be added by future patches. Signed-off-by: Bobby Eshleman --- include/linux/virtio_vsock.h | 1 + net/vmw_vsock/virtio_transport_common.c | 14 ++++++++++++-- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/include/linux/virtio_vsock.h b/include/linux/virtio_vsock.h index 93edc1e798a5..81355f84b76c 100644 --- a/include/linux/virtio_vsock.h +++ b/include/linux/virtio_vsock.h @@ -160,6 +160,7 @@ struct virtio_vsock_pkt_info { u32 remote_cid, remote_port; struct vsock_sock *vsk; struct msghdr *msg; + struct net *net; u32 pkt_len; u16 type; u16 op; diff --git a/net/vmw_vsock/virtio_transport_common.c b/net/vmw_vsock/virtio= _transport_common.c index 1b5d9896edae..310f2e92c527 100644 --- a/net/vmw_vsock/virtio_transport_common.c +++ b/net/vmw_vsock/virtio_transport_common.c @@ -313,6 +313,8 @@ static struct sk_buff *virtio_transport_alloc_skb(struc= t virtio_vsock_pkt_info * info->flags, zcopy); =20 + virtio_vsock_skb_set_net(skb, info->net); + return skb; out: kfree_skb(skb); @@ -524,6 +526,7 @@ static int virtio_transport_send_credit_update(struct v= sock_sock *vsk) struct virtio_vsock_pkt_info info =3D { .op =3D VIRTIO_VSOCK_OP_CREDIT_UPDATE, .vsk =3D vsk, + .net =3D sock_net(sk_vsock(vsk)), }; =20 return virtio_transport_send_pkt_info(vsk, &info); @@ -1064,6 +1067,7 @@ int virtio_transport_connect(struct vsock_sock *vsk) struct virtio_vsock_pkt_info info =3D { .op =3D VIRTIO_VSOCK_OP_REQUEST, .vsk =3D vsk, + .net =3D sock_net(sk_vsock(vsk)), }; =20 return virtio_transport_send_pkt_info(vsk, &info); @@ -1079,6 +1083,7 @@ int virtio_transport_shutdown(struct vsock_sock *vsk,= int mode) (mode & SEND_SHUTDOWN ? VIRTIO_VSOCK_SHUTDOWN_SEND : 0), .vsk =3D vsk, + .net =3D sock_net(sk_vsock(vsk)), }; =20 return virtio_transport_send_pkt_info(vsk, &info); @@ -1105,6 +1110,7 @@ virtio_transport_stream_enqueue(struct vsock_sock *vs= k, .msg =3D msg, .pkt_len =3D len, .vsk =3D vsk, + .net =3D sock_net(sk_vsock(vsk)), }; =20 return virtio_transport_send_pkt_info(vsk, &info); @@ -1142,6 +1148,7 @@ static int virtio_transport_reset(struct vsock_sock *= vsk, .op =3D VIRTIO_VSOCK_OP_RST, .reply =3D !!skb, .vsk =3D vsk, + .net =3D sock_net(sk_vsock(vsk)), }; =20 /* Send RST only if the original pkt is not a RST pkt */ @@ -1162,6 +1169,7 @@ static int virtio_transport_reset_no_sock(const struc= t virtio_transport *t, .op =3D VIRTIO_VSOCK_OP_RST, .type =3D le16_to_cpu(hdr->type), .reply =3D true, + .net =3D virtio_vsock_skb_net(skb), }; struct sk_buff *reply; =20 @@ -1462,6 +1470,7 @@ virtio_transport_send_response(struct vsock_sock *vsk, .remote_port =3D le32_to_cpu(hdr->src_port), .reply =3D true, .vsk =3D vsk, + .net =3D sock_net(sk_vsock(vsk)), }; =20 return virtio_transport_send_pkt_info(vsk, &info); @@ -1576,6 +1585,7 @@ void virtio_transport_recv_pkt(struct virtio_transpor= t *t, struct sk_buff *skb) { struct virtio_vsock_hdr *hdr =3D virtio_vsock_hdr(skb); + struct net *net =3D virtio_vsock_skb_net(skb); struct sockaddr_vm src, dst; struct vsock_sock *vsk; struct sock *sk; @@ -1603,9 +1613,9 @@ void virtio_transport_recv_pkt(struct virtio_transpor= t *t, /* The socket must be in connected or bound table * otherwise send reset back */ - sk =3D vsock_find_connected_socket(&src, &dst); + sk =3D vsock_find_connected_socket(&src, &dst, net); if (!sk) { - sk =3D vsock_find_bound_socket(&dst); + sk =3D vsock_find_bound_socket(&dst, net); if (!sk) { (void)virtio_transport_reset_no_sock(t, skb); goto free_pkt; --=20 2.47.1 From nobody Sun Dec 14 20:19:24 2025 Received: from mail-pf1-f180.google.com (mail-pf1-f180.google.com [209.85.210.180]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BE6F82571A5; Tue, 17 Jun 2025 04:33:05 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.180 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1750134787; cv=none; b=sBHh8OMX5CxnNuY0RSJKWoabJ1mIAQQye/TjUqRsIISoqbdTgHZzPKe11Ic3sk2b1hZj+eqDQmwYzSaEKMobcRp6aI+RH65HClKyQO2VC2ReJJMUJ/3iHct6T0IQ7/SWRFr5q2TUtUFLLHg715NTgzZ7UuAAz3c+8qIwDAXlQFE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1750134787; c=relaxed/simple; bh=r7BJdhjaCrqjDtcDL+/xFlmv8Nfpm1btrHOfSVyIAFo=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=jFayv3r7l/XgIK7ha1o3+XNTwObQr8EW5HeZlkB6oSZkutZxxFTFfbzkx/o8hKwYocvddFHb7qQkCrE14tsZpfVdEh+rffZcMhoqya8s0X0LpOkGde5/zFcnQlvj+lt3fSjBumd0rAzDWqSQhUExePf34obRNbTd5tFd3i6DXG0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=edxAuOoB; arc=none smtp.client-ip=209.85.210.180 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="edxAuOoB" Received: by mail-pf1-f180.google.com with SMTP id d2e1a72fcca58-73972a54919so4516423b3a.3; Mon, 16 Jun 2025 21:33:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1750134784; x=1750739584; darn=vger.kernel.org; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:from:to:cc:subject:date:message-id :reply-to; bh=5yfO0tEScEMml231bVy7VytbtLB5e8P7wQZMzjqYWpo=; b=edxAuOoBkBcHjnPF2PgmC6I2UluBfeX0RzhsPhY8uGBVwNsXHu+URdFuT/AjZ4/eW8 zAVnnxFNfKAihc+RMtcEF/IDmiLL8SHEn3JlKH2md3EjUo0+uArvjvUsJXfXdMXG1FJc PT39TPKx5ZHMb2qU3ebMEc1GBEBBynHXSGvg84IwC0JUqfEob4F7zxdgWJvMyGCQZPcs I6nM1cxHEP8uILddEO1yMIEcPzwYKQ0ih9pTgppVwchdSkbxmtaVEs/7OmA4lBo4vSjs n7KLzCw6jF+CfcSm+t122heR+nD/Z/hyVMND+ZiG39F5rcWMIkSEQ1JgCQMnzF9nH0wQ 1udw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1750134784; x=1750739584; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=5yfO0tEScEMml231bVy7VytbtLB5e8P7wQZMzjqYWpo=; b=M3hZCF2ZJ5z+lD9VVQWHFcHrFGQNAO6I4HJP8Qlf76XaZBA/CQyPny4DMEYHDOGPAD 68yYqewELug59g13n467jIjKSjYw3TUQqUCGYyJqpW++avEAG1iEL8SU/B4PFA5E7aBy 8CK6CjlJ05c5wrv7h2ZAHN3Tsx1jiHMcrxwJiJg47wg4cM6O4RqSshyN5fvV38uulPbp pAoZmoWYnBZ4/Und03uQVGkvPvgHAtLxxiu/YINGQ8Fge1ubaBcbusIJxmOXDCBgRdvj Ft6uCyBAkv7kgyy79W0ONNke44H0zbq1+t0sQWcPSKQqU/ZkD0CL+nHiNnpmdruhZfI/ fYlA== X-Forwarded-Encrypted: i=1; AJvYcCUl0M+D5fY+oASg3CqwUQcxdXmBVqkKReDDqiGuw6ffVDvkR9I5ScosRW9aUo0NnI3wG9X7rsu4jiE9XBI=@vger.kernel.org, AJvYcCVQLh38o2VYoLijV891/pz8LaBkIN+epNAapoDTahRC01mhIJvGLh9heq82VueuRRbAZ9Gs2bsmoyxUdNXtAMZn@vger.kernel.org, AJvYcCWwD3BJfRzPGNPvhJpzpHP6hgt8jL4HeUwQllhG28ik1rxvlV6ej3TniPYeUGjtZld2go44WFbs@vger.kernel.org X-Gm-Message-State: AOJu0Yx+7VLFCccleB0P9WIkbEAF4AlbkL84GisN6U/z8Ixj5MPWrX+L COWFVe7TMJ6qNLH0+imHp+WKgV6qaHyJtngbj7kbwxzOh4lCooWVMCa+xcHGnIAO X-Gm-Gg: ASbGncu7ReWvgLIR+DVHQxtPQ2jnxNt4unYDC5/1oDGIZImC5qrjkqX0H6rHHgp2142 H/s2Y/HPH26mwro6xLLp5CW5X2G7i4PppJ2rmNeyWdolbUGWeKq0cwhjjGERCHeD2YUvGi7Ry2s hXz2xYLDWZCu/M1UkzyG1/9bQNYziEEUjcRX/Fl0bqQ973btHjtQeef7pIHIixVGjGy+KJyzVY/ mFbXrgnF/jQICOL49WRRBXwjhWzBMirRhBM0sA87ODExq8Ck36syKt2r0YkBIdvxtLKDQwzZAoM RbKAWqdPmPjf7SDQlY8E6PSFB5du8reDbEV2FuFJE6nPwZmowT4cyFIQSR5lMuTxxtWMl/g= X-Google-Smtp-Source: AGHT+IGrXfy7WRHc58IY+hIWfog8kDoAy+7YGN0M1ZowgVuks+5tCsIOan1BwV/kUQTDJBNE+wqE0g== X-Received: by 2002:a05:6a00:3a04:b0:736:d297:164 with SMTP id d2e1a72fcca58-7489cf6aad9mr16631360b3a.1.1750134784343; Mon, 16 Jun 2025 21:33:04 -0700 (PDT) Received: from localhost ([2a03:2880:2ff:40::]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-7488ffee587sm8066407b3a.16.2025.06.16.21.33.02 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 16 Jun 2025 21:33:03 -0700 (PDT) From: Bobby Eshleman Date: Mon, 16 Jun 2025 21:32:56 -0700 Subject: [PATCH RFC net-next v4 07/11] vhost/vsock: add netns support Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20250616-vsock-vmtest-v4-7-bdd1659c33fb@meta.com> References: <20250616-vsock-vmtest-v4-0-bdd1659c33fb@meta.com> In-Reply-To: <20250616-vsock-vmtest-v4-0-bdd1659c33fb@meta.com> To: Stefano Garzarella , Stefan Hajnoczi , Shuah Khan Cc: kvm@vger.kernel.org, "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , linux-kernel@vger.kernel.org, virtualization@lists.linux.dev, netdev@vger.kernel.org, linux-kselftest@vger.kernel.org, Bobby Eshleman , Bobby Eshleman X-Mailer: b4 0.13.0 From: Bobby Eshleman Add the ability to isolate vsock flows using namespaces. The namespace for a VM is inherited from the PID that opened the vhost-vsock device. Signed-off-by: Bobby Eshleman --- drivers/vhost/vsock.c | 48 ++++++++++++++++++++++++++++++++++++++---------- 1 file changed, 38 insertions(+), 10 deletions(-) diff --git a/drivers/vhost/vsock.c b/drivers/vhost/vsock.c index 802153e23073..863419533a3f 100644 --- a/drivers/vhost/vsock.c +++ b/drivers/vhost/vsock.c @@ -46,6 +46,8 @@ static DEFINE_READ_MOSTLY_HASHTABLE(vhost_vsock_hash, 8); struct vhost_vsock { struct vhost_dev dev; struct vhost_virtqueue vqs[2]; + struct net *net; + netns_tracker ns_tracker; =20 /* Link to global vhost_vsock_hash, writes use vhost_vsock_mutex */ struct hlist_node hash; @@ -59,6 +61,22 @@ struct vhost_vsock { bool seqpacket_allow; }; =20 +static void vhost_vsock_net_set(struct vhost_vsock *vsock, struct net *net) +{ + if (net_eq(net, vsock_global_net())) + vsock->net =3D vsock_global_net(); + else + vsock->net =3D get_net_track(net, &vsock->ns_tracker, GFP_KERNEL); +} + +static void vhost_vsock_net_put(struct vhost_vsock *vsock) +{ + if (net_eq(vsock->net, vsock_global_net())) + return; + + put_net_track(vsock->net, &vsock->ns_tracker); +} + static u32 vhost_transport_get_local_cid(void) { return VHOST_VSOCK_DEFAULT_HOST_CID; @@ -67,7 +85,7 @@ static u32 vhost_transport_get_local_cid(void) /* Callers that dereference the return value must hold vhost_vsock_mutex o= r the * RCU read lock. */ -static struct vhost_vsock *vhost_vsock_get(u32 guest_cid) +static struct vhost_vsock *vhost_vsock_get(u32 guest_cid, struct net *net) { struct vhost_vsock *vsock; =20 @@ -78,9 +96,8 @@ static struct vhost_vsock *vhost_vsock_get(u32 guest_cid) if (other_cid =3D=3D 0) continue; =20 - if (other_cid =3D=3D guest_cid) + if (other_cid =3D=3D guest_cid && vsock_net_check_mode(net, vsock->net)) return vsock; - } =20 return NULL; @@ -272,13 +289,14 @@ static int vhost_transport_send_pkt(struct sk_buff *skb) { struct virtio_vsock_hdr *hdr =3D virtio_vsock_hdr(skb); + struct net *net =3D virtio_vsock_skb_net(skb); struct vhost_vsock *vsock; int len =3D skb->len; =20 rcu_read_lock(); =20 /* Find the vhost_vsock according to guest context id */ - vsock =3D vhost_vsock_get(le64_to_cpu(hdr->dst_cid)); + vsock =3D vhost_vsock_get(le64_to_cpu(hdr->dst_cid), net); if (!vsock) { rcu_read_unlock(); kfree_skb(skb); @@ -305,7 +323,7 @@ vhost_transport_cancel_pkt(struct vsock_sock *vsk) rcu_read_lock(); =20 /* Find the vhost_vsock according to guest context id */ - vsock =3D vhost_vsock_get(vsk->remote_addr.svm_cid); + vsock =3D vhost_vsock_get(vsk->remote_addr.svm_cid, sock_net(sk_vsock(vsk= ))); if (!vsock) goto out; =20 @@ -403,7 +421,7 @@ static bool vhost_transport_msgzerocopy_allow(void) return true; } =20 -static bool vhost_transport_seqpacket_allow(u32 remote_cid); +static bool vhost_transport_seqpacket_allow(struct vsock_sock *vsk, u32 re= mote_cid); =20 static struct virtio_transport vhost_transport =3D { .transport =3D { @@ -459,13 +477,14 @@ static struct virtio_transport vhost_transport =3D { .send_pkt =3D vhost_transport_send_pkt, }; =20 -static bool vhost_transport_seqpacket_allow(u32 remote_cid) +static bool vhost_transport_seqpacket_allow(struct vsock_sock *vsk, u32 re= mote_cid) { + struct net *net =3D sock_net(sk_vsock(vsk)); struct vhost_vsock *vsock; bool seqpacket_allow =3D false; =20 rcu_read_lock(); - vsock =3D vhost_vsock_get(remote_cid); + vsock =3D vhost_vsock_get(remote_cid, net); =20 if (vsock) seqpacket_allow =3D vsock->seqpacket_allow; @@ -525,6 +544,7 @@ static void vhost_vsock_handle_tx_kick(struct vhost_wor= k *work) continue; } =20 + virtio_vsock_skb_set_net(skb, vsock->net); total_len +=3D sizeof(*hdr) + skb->len; =20 /* Deliver to monitoring devices all received packets */ @@ -651,10 +671,16 @@ static void vhost_vsock_free(struct vhost_vsock *vsoc= k) =20 static int vhost_vsock_dev_open(struct inode *inode, struct file *file) { + struct vhost_virtqueue **vqs; struct vhost_vsock *vsock; + struct net *net; int ret; =20 + net =3D get_net_ns_by_pid(current->pid); + if (IS_ERR(net)) + return PTR_ERR(net); + /* This struct is large and allocation could fail, fall back to vmalloc * if there is no other way. */ @@ -668,6 +694,7 @@ static int vhost_vsock_dev_open(struct inode *inode, st= ruct file *file) goto out; } =20 + vhost_vsock_net_set(vsock, net); vsock->guest_cid =3D 0; /* no CID assigned yet */ vsock->seqpacket_allow =3D false; =20 @@ -707,7 +734,7 @@ static void vhost_vsock_reset_orphans(struct sock *sk) */ =20 /* If the peer is still valid, no need to reset connection */ - if (vhost_vsock_get(vsk->remote_addr.svm_cid)) + if (vhost_vsock_get(vsk->remote_addr.svm_cid, sock_net(sk))) return; =20 /* If the close timeout is pending, let it expire. This avoids races @@ -752,6 +779,7 @@ static int vhost_vsock_dev_release(struct inode *inode,= struct file *file) virtio_vsock_skb_queue_purge(&vsock->send_pkt_queue); =20 vhost_dev_cleanup(&vsock->dev); + vhost_vsock_net_put(vsock); kfree(vsock->dev.vqs); vhost_vsock_free(vsock); return 0; @@ -778,7 +806,7 @@ static int vhost_vsock_set_cid(struct vhost_vsock *vsoc= k, u64 guest_cid) =20 /* Refuse if CID is already in use */ mutex_lock(&vhost_vsock_mutex); - other =3D vhost_vsock_get(guest_cid); + other =3D vhost_vsock_get(guest_cid, vsock->net); if (other && other !=3D vsock) { mutex_unlock(&vhost_vsock_mutex); return -EADDRINUSE; --=20 2.47.1 From nobody Sun Dec 14 20:19:24 2025 Received: from mail-pl1-f179.google.com (mail-pl1-f179.google.com [209.85.214.179]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9B08025A341; Tue, 17 Jun 2025 04:33:07 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.179 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1750134789; cv=none; b=j5419943bwTUHWXKxtygJkEaZFAHIphpcq+RSjUvxKxaCvvmbZ8rbtkPO59ZJWGsaLEdxsSmXkcO1AElVN/GQ2aAfZuPLlqGaPqncWmYicnzFfT1XF1ud0NLajHCykXg591PNPB+NM4CvCA0g8Zm/gZ/HEu00tH2MiDcAq0NE2A= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1750134789; c=relaxed/simple; bh=8iL4uzIPqS8RLVh3FNuZXgVHq1hRBKkNvfmU0de7s8w=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=nCLJ3KhBDRDD1HfDYkrUA1xHRgnYldWasZ88PQuhkxt1JiRD6El6kupGM0N0K5JyyPzVpZziENY0kYY6/YtkXpj5NWtd1P9Qj49MLsiLEewvslnDGvBxrVyY9y51Q0QkDFn1x7JIAV0U0Jh5KHKmcdB9PM8o6YgvKsxzD2hsIoo= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=QCCsxRY0; arc=none smtp.client-ip=209.85.214.179 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="QCCsxRY0" Received: by mail-pl1-f179.google.com with SMTP id d9443c01a7336-234bfe37cccso66827875ad.0; Mon, 16 Jun 2025 21:33:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1750134786; x=1750739586; darn=vger.kernel.org; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:from:to:cc:subject:date:message-id :reply-to; bh=FJN1ESreek0j9m2XTDShreBHd17nPCksTQTpnYLrMbE=; b=QCCsxRY0KHuMSAv3IIb95emS60QJ/wR+qmKIkwndlM17I9x/fOgP1wwISg5uRQE2vI FCfut5QUahDKLu1PuAmOEgWDzV3EVUEXqg0xiRV5e9yVNY+07kdPNl7zZbAkZdCCa9bY yZcmW7OYo9HjHWWp14ev0TT+eQ6Hu0RYuBqubtrMpzFnilaL1xB4cxYME2yzJspNjiAJ C6OBvX8DmcTTYQ4FBl5Uu9vXOFoqE2FRaHscZjPjrdN9CB2KLXJoFfZnlwxaZumF/LZG OX38EGwaZl8MYxDVB/cLKWgRkd4BG/mcXTEQUY6VZkcuhh1xhyOJFPl5/oasGbMckicJ pf6A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1750134786; x=1750739586; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=FJN1ESreek0j9m2XTDShreBHd17nPCksTQTpnYLrMbE=; b=RkZRpTKFfe/0oedmL8ogLKS+m1DiuknNcvdV6pXEq4jbu/gzfG3eGvMNVCudkGYgCg Wf+RokB8lJ19pW2GpqGW58E1EPvzea+ICRdiTUctTvR8pEvG4yWLcnoDTl0cjr+NCD0Y 6BKclXjN9hqccOLB8/cYxXu/lu4GPzC80OZqHLW0PzNJLGb8+DAmQlNs7BlfpL1EKEhq BjKbR9RxfGB8cE7QsnueFU/Oh82LnGhOFb9cp+0gS2JJ/Jl6bM34Ify/NMrawlKkwqPU cGMRzCUmyRMPwWvZRWPc4uK6U7l/Ax00C7leNaO37+dQMI7mGj4rue8jArURwrOpvmUx lxwQ== X-Forwarded-Encrypted: i=1; AJvYcCVqFhQt6LRRk0sNKMdDDeUThGf6kAeIVThszAFLeyktZ3BUQ2c/A0MBwxh+DohnziklTUIlahcUWUdqapkCigLT@vger.kernel.org, AJvYcCVxgLNpt6qThK+SY9Fu+ZpzsB1LRK+klZ/P7CuPNWxWO3L5z6TIM3vqcMS4p8bZlDL11loKglynDfHHTLo=@vger.kernel.org, AJvYcCXLZL8K+ireRobCqXwZJ0ttCNis9qJVLBeIVDU/AaHL5uib7DTQ1u+Bwpsy5GzV0t7hICEafsJy@vger.kernel.org X-Gm-Message-State: AOJu0Yx0N3l2DPC1QEqm2aTBbwSg+ZRRSA1q97Kl06ms7cf1cgc5h3ZH Fw9OIqtXQqxrD5Pa1U3Ev5PYpeoA6Mz2668N+bM1ULvHUChLr9GxtCCBDnw/JXW8 X-Gm-Gg: ASbGnctLuUP0VEsZMSr7rLNcVqgOJpohD2yNj1+8X5aio7M/lZC6GVeVT8zDGn+zhmS 2BKWU04fr9e2INkS5JK0vvZjGs2GZIXrwHuQpGzfM08ff1vj3Ie5ifBOiziLkEilLDC8kgLz5Gu ZpzuFqhf/AxHaI6BT40NPLcRnlIKZK4L5D/aNZ60te9FgpklnMDiFYowtr5+9zS206jlXE3NL8r MC9MK4MBU22sxvteg+8sayAXJZJVcQNiOlRFnVQOo1ldaNjBsrXAI+326DR6e0eazcED5IbJoIr Sxx0OlTxQ/D0oXB85gA9bPOSgf5XvzoAMMWk/AMXjgFY42QQ34On+kVMnqmY X-Google-Smtp-Source: AGHT+IGkFu9sQ96pWE/tvZJGaNKtT1/Ussv66FYp5oIw+9uvT4GiaGRUxhl5bUUj7am7ZNMIQejaAQ== X-Received: by 2002:a17:902:e848:b0:234:a992:96d9 with SMTP id d9443c01a7336-2366b00ee5cmr163590035ad.17.1750134785904; Mon, 16 Jun 2025 21:33:05 -0700 (PDT) Received: from localhost ([2a03:2880:2ff:43::]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-2365dea7d98sm70324525ad.151.2025.06.16.21.33.05 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 16 Jun 2025 21:33:05 -0700 (PDT) From: Bobby Eshleman Date: Mon, 16 Jun 2025 21:32:57 -0700 Subject: [PATCH RFC net-next v4 08/11] vsock/virtio: add netns hooks Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20250616-vsock-vmtest-v4-8-bdd1659c33fb@meta.com> References: <20250616-vsock-vmtest-v4-0-bdd1659c33fb@meta.com> In-Reply-To: <20250616-vsock-vmtest-v4-0-bdd1659c33fb@meta.com> To: Stefano Garzarella , Stefan Hajnoczi , Shuah Khan Cc: kvm@vger.kernel.org, "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , linux-kernel@vger.kernel.org, virtualization@lists.linux.dev, netdev@vger.kernel.org, linux-kselftest@vger.kernel.org, Bobby Eshleman , Bobby Eshleman X-Mailer: b4 0.13.0 From: Bobby Eshleman This changes virtio to not be broken by new internal API changes required for NS support on the host side. virtio-vsock namespaces are always global mode, so behavior is unchanged for them. Signed-off-by: Bobby Eshleman --- net/vmw_vsock/virtio_transport.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/net/vmw_vsock/virtio_transport.c b/net/vmw_vsock/virtio_transp= ort.c index f0e48e6911fc..25c1bca7b136 100644 --- a/net/vmw_vsock/virtio_transport.c +++ b/net/vmw_vsock/virtio_transport.c @@ -536,7 +536,7 @@ static bool virtio_transport_msgzerocopy_allow(void) return true; } =20 -static bool virtio_transport_seqpacket_allow(u32 remote_cid); +static bool virtio_transport_seqpacket_allow(struct vsock_sock *vsk, u32 r= emote_cid); =20 static struct virtio_transport virtio_transport =3D { .transport =3D { @@ -593,7 +593,7 @@ static struct virtio_transport virtio_transport =3D { .can_msgzerocopy =3D virtio_transport_can_msgzerocopy, }; =20 -static bool virtio_transport_seqpacket_allow(u32 remote_cid) +static bool virtio_transport_seqpacket_allow(struct vsock_sock *vsk, u32 r= emote_cid) { struct virtio_vsock *vsock; bool seqpacket_allow; @@ -649,6 +649,7 @@ static void virtio_transport_rx_work(struct work_struct= *work) } =20 virtio_vsock_skb_rx_put(skb); + virtio_vsock_skb_set_net(skb, vsock_global_net()); virtio_transport_deliver_tap_pkt(skb); virtio_transport_recv_pkt(&virtio_transport, skb); } --=20 2.47.1 From nobody Sun Dec 14 20:19:24 2025 Received: from mail-pg1-f173.google.com (mail-pg1-f173.google.com [209.85.215.173]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5CFB225C6FC; Tue, 17 Jun 2025 04:33:09 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.215.173 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1750134791; cv=none; b=RH+qb4EzTg7+cJbDGAQ49/NOyjqdmrx3eWiphaOzuepBafWIfVaHtML2fQVcr5iDDNYzX60W4Oe1ZRjKTOcBmff3LSrDZC0WPPSGhwfP/J+HPAYcefYxGR5uVikDcujcI7iRhHP6api4XPyM2Uh04bLij5INphgWABI1l+P5sho= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1750134791; c=relaxed/simple; bh=SvB3qBm1VTjIjRDl1c4e6i1RbCCzA1EXVBxQVVn1tvA=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=MUg+h2ZSwKQ0fGRl/FsAlYX8j0WoCCO7LMBXnWE7/nApEy6q2gw++CtYxC8ZCe8Wg66fxf/p7Mci9TR42Tl3jtSFS0gK2hT+xY3Shqykxbm4D17nrX+4y3RTDEj4iNGU1/gV5jOM3SdZlfiBFxfl9d47OWqFESLXIxU8K0xhePk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=LSFDaMtt; arc=none smtp.client-ip=209.85.215.173 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="LSFDaMtt" Received: by mail-pg1-f173.google.com with SMTP id 41be03b00d2f7-b2d46760950so5474786a12.3; Mon, 16 Jun 2025 21:33:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1750134788; x=1750739588; darn=vger.kernel.org; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:from:to:cc:subject:date:message-id :reply-to; bh=rMpypbPx49C4LhAqP1zWnTq1tGkVcmiL21eIZ1oGdsw=; b=LSFDaMttFlZEFAQm3jrRD/9wdtNkMFOcSpIpQwvU6DMf/EwBkqrdEyGUYD4LJYLYGq 2Js7tPiXWCYpVnxYM/N3dyVh5FqwdtqlCMDm2HWDX086hHWOMQQBlWzBNSV28PF4VSde XXC4+XQZsQOhn2F0XrXf4tNBjoZGJsvFcvCHYVTCIWy3aylKxF827Q+X/qczIyBFcDwp U2NW+i3Bt54xatERDXyg74J/QivFT7Kzx6Oznx30xJ6xjRvrC0lENmvFxuKiirhq2P30 bvez1OL+jSgD2pJUObHLLtI/f5BsiyTC0f5Y/2XLb7jWxNvn4pY5B2R7Y40gUU/0CZ49 cSZQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1750134788; x=1750739588; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=rMpypbPx49C4LhAqP1zWnTq1tGkVcmiL21eIZ1oGdsw=; b=iI9gn/mf+HKCzYMcVX/JF6tT1HAJOAym7gAvbJSI0gRlh3dQA8GIJ1S3ol1gnAV1vy 1XHq0I3vD4PIeYNw0wo7jHh6UupWcnHMuoF0SzK8deHpdyCJNtNmdS/KVDp2H9DV9U97 JfjwpVqbI6Zm/c8zXpKpXvk+s6iFk+SYLIJzPXrKLd73I89jp6jJppw4AGFtmKJLDg8j lSKwjB+2f780kjhSX+QLIDieWBcaISWYLzfUXA+ekzNU3DH5ZWIjuYfyaSLrnbnJLqVx 2ynfCueMBssrGPv9kjsWzw00gy3Vv1KnmnVncEPcmo044p40xJf1sEtGwe7P8EnJHD0K a0mw== X-Forwarded-Encrypted: i=1; AJvYcCVIkrK8EvlGqtpd0DROxv7BlIn/PCOTmMYhoR3n4dSY7MxoNU30m7A+z84hLXduUQjPEq/JElIr2dFnX2MGwy6i@vger.kernel.org, AJvYcCVMowbWMnpY/AX/UmOmV725w8bW+yowLvdazpcBCSPS9T47RTaTMEm/CEcSB+LcPBBbUoC1Mxut@vger.kernel.org, AJvYcCX3b/fK20Dq31Moe7OnhFpAuci2b0+fFoBSoL1nNh3f7d5nHsrQQ8dXQ4qIBm9caFab0LX6q/EzRB2D2TI=@vger.kernel.org X-Gm-Message-State: AOJu0YwvVrUCALYxinh7TB7hcnJHyxrwSO556E+UIQr6lrWFeqOINbl7 g8ksbJEGcXAyJbY+Ynxvt2s3NtT1qabhnEuDnMvEvhwjDMZ9iJIrhQRZi3zDtyLr X-Gm-Gg: ASbGncsIPy8iDPu88GeSiTSGmGq0Y43cA8O40xy8ijLyedZZU42SdjNs4l45jycaqvo 10GG7DAAFJPjLoUqkqFpNfoRn1nGU9ufldACOoI8ehF/h5BCN30QS1176q4cH2/55BJnm3KOo+Y wQnzkZt6hgVMTsagbdJMGm6PETFYMKLmyIzIwF5YfXXSMrSDFxy8yGV5lr+aRQ1eBUx/C7Zqc0P Wc34ZMeXnUA8HCvLgFnwhuAWSGP8Xxmn/6JTSZ74aotMSIiucDKJja4C2G9m6JiyOxEnPkXythw snbArGzfjcr3sVH6N41TOO+cXxFBtCrUGtUNR+UFQpceKKtE5ZL97WXyIV7pi+5O/s6rkU8= X-Google-Smtp-Source: AGHT+IHan/Inn+3hHqs41XckrP55r8fD+/kVg11iHSZaNVdMOIOPZ8mHU4EEhc6WhlTm03MzuZLWCw== X-Received: by 2002:a17:90b:1e07:b0:312:eaea:afa1 with SMTP id 98e67ed59e1d1-313f1e2bfa7mr18799476a91.29.1750134788030; Mon, 16 Jun 2025 21:33:08 -0700 (PDT) Received: from localhost ([2a03:2880:2ff:70::]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-2365de782d3sm70339985ad.115.2025.06.16.21.33.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 16 Jun 2025 21:33:06 -0700 (PDT) From: Bobby Eshleman Date: Mon, 16 Jun 2025 21:32:58 -0700 Subject: [PATCH RFC net-next v4 09/11] hv_sock: add netns hooks Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20250616-vsock-vmtest-v4-9-bdd1659c33fb@meta.com> References: <20250616-vsock-vmtest-v4-0-bdd1659c33fb@meta.com> In-Reply-To: <20250616-vsock-vmtest-v4-0-bdd1659c33fb@meta.com> To: Stefano Garzarella , Stefan Hajnoczi , Shuah Khan Cc: kvm@vger.kernel.org, "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , linux-kernel@vger.kernel.org, virtualization@lists.linux.dev, netdev@vger.kernel.org, linux-kselftest@vger.kernel.org, Bobby Eshleman , Bobby Eshleman X-Mailer: b4 0.13.0 From: Bobby Eshleman Make NS changes not break hyperv. Guest vsocks still remain in the global namespace always, so the behavior is unchanged. Signed-off-by: Bobby Eshleman --- net/vmw_vsock/hyperv_transport.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/vmw_vsock/hyperv_transport.c b/net/vmw_vsock/hyperv_transp= ort.c index 31342ab502b4..85b22366ef00 100644 --- a/net/vmw_vsock/hyperv_transport.c +++ b/net/vmw_vsock/hyperv_transport.c @@ -313,7 +313,7 @@ static void hvs_open_connection(struct vmbus_channel *c= han) return; =20 hvs_addr_init(&addr, conn_from_host ? if_type : if_instance); - sk =3D vsock_find_bound_socket(&addr); + sk =3D vsock_find_bound_socket(&addr, vsock_global_net()); if (!sk) return; =20 --=20 2.47.1 From nobody Sun Dec 14 20:19:24 2025 Received: from mail-pj1-f50.google.com (mail-pj1-f50.google.com [209.85.216.50]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D7C7625CC52; Tue, 17 Jun 2025 04:33:10 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.50 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1750134793; cv=none; b=lUUOx7rNl8LFxHLeVQcOwpBnUOvm8YySrggOle6DQbDXQg2nuaCRQ4fD4eVTBJ4cRysdDzw5BYUROnBi6CRmPpjuqprsj6lUK7og3LBMZZ216d06FGMo1CvKariwr/mWmcExaDRlXtb2pxsOpu+zvfv1QAxMxnmmzTyI7roobRU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1750134793; c=relaxed/simple; bh=+t28P7IfMd6Z3qkHyejEJg2X1cP76IfrOfkKHb23b4k=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=ssyRAi/rZm6PsrnpDhzArK1qiQNJQfRFOSSDyfm07xAT3b+T4fzr8eBK3EFADT+5bv+CWjsdJ6QMibzH9StWPHQW2Z+h+ccFx7m4PJav71d9qcSStQH+dFUnCjseFRbUHce3wrUBAlYGOPao07wiCvwdAUuyTptYQd9Y57sWmpw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=Gr/9MOvB; arc=none smtp.client-ip=209.85.216.50 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="Gr/9MOvB" Received: by mail-pj1-f50.google.com with SMTP id 98e67ed59e1d1-3139027b825so3669248a91.0; Mon, 16 Jun 2025 21:33:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1750134789; x=1750739589; darn=vger.kernel.org; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:from:to:cc:subject:date:message-id :reply-to; bh=ZfX6aOsHYzp8OvVtnsleRNNoqy1TSXcylauBeBxQCfM=; b=Gr/9MOvBKjRs7cP5UifHuG6Aj66vhYmvRyvnJz8VM+0Gu55rdhoGUj4fwbY4vaxRXL KJ3osiOR5dFrH0JMmzpT70iKIp+ktTobpKW/d/TkJFxLTlpxeRW7pH8YW/9h9i0Ppj0X +Im+vFx1w/4+NSpxNpIoDIogp2iRtUydmEfnsVTEVF06F/r7gdJKee9aTQhvjWkGN24Z nr7MU6WoODrrpfkeJbzqNhOP/kkKI9n3l5o0Mc+8YGH6X4nWRYbpognzrxMB6Qg0S2MY fP2kFa6AAZbnnzf7xpgzz9UnAZO7BTZ0wrGODZYfp/Evj13wS8nIekpgox80O/t+kr72 edCQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1750134789; x=1750739589; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ZfX6aOsHYzp8OvVtnsleRNNoqy1TSXcylauBeBxQCfM=; b=P+X7D08rLB4QLTFk8iJJwYMdP1r38iJhGPjZCk0wC58dh3SoVBb04sNlQZIVc2C169 xpdTbJ25GQE5kV47icGMCfG7qFtVSL6/szetF0hZh4kqc8Ss9OqEEKLEgdVH09ju+6/b Yvgtg1StHlZxIM8GREHpFbRUMpt6yNFgB8+J3VrLxxwJZk+pZLvQHqJLYG1uGjNm2qN/ khiQbVnFtcbsYcGA0J2x6blg30XsqFe87pBcOFLRYDl6Mc8grXCzQYzd1H85yQzjTGqL HBzO+F/ZnGhhbaTzF0uJExn91G7G4MAqCM+pJ3Yd5qWLLCToeXyhg5powURqgN6wIaIe v4+w== X-Forwarded-Encrypted: i=1; AJvYcCVHXUFPgGmhGioy2fED7yBnibc3mmHQkzvujoiFf6+OIAWgrONlUbCO2udwgI2W5/LQK6PPJkmk4mDzA4Y=@vger.kernel.org, AJvYcCVa1QsVY38Nfa08h463GaNYpWfU0w27/VF5D36a3D8Bi0vcCI45gguRYc8ib7KxRPrnwBXkEr25@vger.kernel.org, AJvYcCX/YMAuhtPKN78JqkL9yHK0zdCP+nxvLqiXYvPs3EA329yuw6UjWYWNn1ednOjqmacXuoSv88bGFsPMijTBudq7@vger.kernel.org X-Gm-Message-State: AOJu0Yzvy9BXbJNeVnBjxGIbKr1ZD+MFeCfo/HvFNnRLM0pe9cLzJheY /VDqgK3/JKsM6XNQ8Bx8d6Gj+oslfyA8jMPmJ8PuQpGCFvVwQQZkrj6PsN1IInQT X-Gm-Gg: ASbGnctO5jytUW/k4B6ksyFhmeRA2NJkOYKos1OUXRdw3IqHghxKs2VdJfeEVoG7lqm 2Vm7vqMt6Qrjrd55Du5R3tz0OdvO5RbzAri4wkUJei6g1LuFbLNYp3hNuwiek17hn5yrlaGdyon 5VgkFPHZxNEKDH0CCVg0ovguDnBnj4u1NNttQieRvoiI4CiIlyKGbF3dBiWrVwdqKubt/oiWhIc qmMXr9XjXZkB0jtYTGI2JyaQq5/0QS3H2MjK8B2c0JVoJTAb9fA4W5eXkO64P853Yp0w0xO7rxV uFtvx0RqqsRYSr+pKlCw2YoB3hDX8heAWBNMf+Ap7i9MAGugRmNwmzwMaJDKLo/njuo= X-Google-Smtp-Source: AGHT+IHnlb+3zl8t+M0JYb3T3mvJO36gRS/DjbaA/k1lUw1YbdWzxTO9ao8p51vZKxNJED/Jx4OQ8Q== X-Received: by 2002:a17:90b:53c5:b0:311:9c9a:58d7 with SMTP id 98e67ed59e1d1-313f1daa7b4mr16313306a91.19.1750134789555; Mon, 16 Jun 2025 21:33:09 -0700 (PDT) Received: from localhost ([2a03:2880:2ff::]) by smtp.gmail.com with ESMTPSA id 98e67ed59e1d1-313c1c6a80bsm9566197a91.44.2025.06.16.21.33.08 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 16 Jun 2025 21:33:08 -0700 (PDT) From: Bobby Eshleman Date: Mon, 16 Jun 2025 21:32:59 -0700 Subject: [PATCH RFC net-next v4 10/11] vsock/vmci: add netns hooks Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20250616-vsock-vmtest-v4-10-bdd1659c33fb@meta.com> References: <20250616-vsock-vmtest-v4-0-bdd1659c33fb@meta.com> In-Reply-To: <20250616-vsock-vmtest-v4-0-bdd1659c33fb@meta.com> To: Stefano Garzarella , Stefan Hajnoczi , Shuah Khan Cc: kvm@vger.kernel.org, "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , linux-kernel@vger.kernel.org, virtualization@lists.linux.dev, netdev@vger.kernel.org, linux-kselftest@vger.kernel.org, Bobby Eshleman , Bobby Eshleman X-Mailer: b4 0.13.0 From: Bobby Eshleman Add hooks for new internal NS calls to avoid breaking vmci. Guest vsocks remain in global mode namespaces, so behavior is unchanged. Signed-off-by: Bobby Eshleman --- net/vmw_vsock/vmci_transport.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/vmw_vsock/vmci_transport.c b/net/vmw_vsock/vmci_transport.c index b370070194fa..8f374f84a526 100644 --- a/net/vmw_vsock/vmci_transport.c +++ b/net/vmw_vsock/vmci_transport.c @@ -703,9 +703,9 @@ static int vmci_transport_recv_stream_cb(void *data, st= ruct vmci_datagram *dg) vsock_addr_init(&src, pkt->dg.src.context, pkt->src_port); vsock_addr_init(&dst, pkt->dg.dst.context, pkt->dst_port); =20 - sk =3D vsock_find_connected_socket(&src, &dst); + sk =3D vsock_find_connected_socket(&src, &dst, vsock_global_net()); if (!sk) { - sk =3D vsock_find_bound_socket(&dst); + sk =3D vsock_find_bound_socket(&dst, vsock_global_net()); if (!sk) { /* We could not find a socket for this specified * address. If this packet is a RST, we just drop it. --=20 2.47.1 From nobody Sun Dec 14 20:19:24 2025 Received: from mail-pg1-f174.google.com (mail-pg1-f174.google.com [209.85.215.174]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B458025A341; Tue, 17 Jun 2025 04:33:12 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.215.174 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1750134794; cv=none; b=BOmM+N03IPJZ1Rtip6Sgai38+FkQI4Bib1A/qa1kzQKC9cykv6Ktx3I1S2ZnuDFI/ktfEQuHbgvGP82pA2cmTwlSi1T5YAh39JlB8ZkBltIvcVCBmcTnHb4Tq3WZJaV+POrNSnhVGv5UKjEqEjshafc3Tt82boIxYcoI/Jwysn8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1750134794; c=relaxed/simple; bh=mawhiv0L3KBPhIbjNO6APLwCsPC/bD2yqJGvqU3ndG4=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=mI23lg5/XPXPOaI62XxNMclyUbiRYiCQN9jzymd/n5HQvtKmhxExyvUFJxmIM58gJSRK6FJ+bhzhFiIqE4o3Vk5l9pkOeP5BcjC1Rby6c83UEtErennaM8xvQRUey7f+DnSvj11gz3JpfSuJ42GDW1P7aPvyLpOC9p5PzWmDINI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=l1XyVz+1; arc=none smtp.client-ip=209.85.215.174 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="l1XyVz+1" Received: by mail-pg1-f174.google.com with SMTP id 41be03b00d2f7-b2f11866376so4110128a12.3; Mon, 16 Jun 2025 21:33:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1750134791; x=1750739591; darn=vger.kernel.org; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:from:to:cc:subject:date:message-id :reply-to; bh=7nQqyuVseDJyHOiPXQ8YAL67/IptUNPpJxUJ4iDj92c=; b=l1XyVz+1+A8QrqB6lu/LZ+hY3eGcPbx3qUFT2hsXhZA5nmbFHOkEGLD39eR13wnJcB Z7VuDapmI43SJuLDjYacevlBw2q/HnsUQ512is6AQ9y3sN+xWB+4qg4sGTqv+X0vHyvs c+LnDN0oz3Z6eC3GJGW8kebPxXoIQ9VDQ6qcyRZ0ORxwxWqvww4UwRzjQilWWZSrhkFY rOlRRG74lxrT7v053aPSvwD+n1Jl3gClIXdFDYSVBwVvGBlS5AxHCFLmavjraP3CsCur V6cAollWdfN9XSsIdoKrbSyAqaBjxKVITuTTET8py9iP1MHBkoSSs/QVfFh0DtiBqFHh yUlA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1750134791; x=1750739591; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=7nQqyuVseDJyHOiPXQ8YAL67/IptUNPpJxUJ4iDj92c=; b=CLtqSaGBo0kHWemYaGzwG1t2E6Wm5MW9yQGOirKoVrftvjqleOPbmjU9zkWoMW2HGo P4ZT2Z9DjLi0vSlHCyJKDe3R1sYnVjc3qgouXrk8nhLLlmmw3S84FxY+zIKCGeLzz8E5 29YhVTI4XYbxGR9O6w0dE5r3gsLcEfwsNJD00x5x2p9mvuN+uZXCoIwdL0gWKpE25jjP Hw99kT6vY/u2YjLzDMP1pj7lBDTQVgw25VtlCpNbs7YvyNwT6FiihPvj1ySSWEC1uV7O qDyoNR4yNWXKNtg6le+0RI5ysS1ouR9gOzu51LyzeLYNX3QUV7v2FhFDZc1wltFYGWlb +aBQ== X-Forwarded-Encrypted: i=1; AJvYcCUT6dtpmA30PVtTDC+hsjVrMPRSNJhv/39/YnxxcnECXIyI+0JtJIeGCtvgZ3KD/xlxNrVKVO1sfYkDD9k=@vger.kernel.org, AJvYcCUZGzTPK6ceL3N4sCewke+HHjklr8lKh+Bng9hH9PujsPaZrmC7gY9Qt1Ne7oGHTRf9uiY6pDSusek8y2t/TCvD@vger.kernel.org, AJvYcCUrn596ydqLJ56coVzzkLizBOrG71MjjrIxJ9j4DqPNDeFCbTwMcl+lMdLBC/RirTxuvp+iX3rb@vger.kernel.org X-Gm-Message-State: AOJu0YyzKmQwAVQeiz+idOYWIPXc/h5g0dBO4ttk9ruM6efPuDN0BIby mpZLdpBXcsGfEpTkAsJLhHHiDAX7/SJPxCAwm0lStvmwiNjFom0GsLi0qUmV+f7e X-Gm-Gg: ASbGncvwNz1kamP5XeH/ZHuudjMA+1wK25tQ+mrMqt3lCYasdHSKCeEPMxGqFLzF5LB 324frguGXIac1HtqiDZRR+xEqIXxmb+FRFnMTBpzvfqtX9+Bg7EmHRHUR3kdSEzpOd0Tql5/dUs CXwOPYhVqXeCsguqcOumAJz9p/3wu+mvpi6zZfjnUFi5Q4ETiSyfGQXHbCQ8feaHGy7jIS0Lng+ j54h4CNRNtuvMzFTxe/iH66QFcnaTWkyFGmlOwc4oG9KssQ9ohPCJkRaA3ZuE9WmEM7nzzgDREo OKE/wRV9ErBxnq02UhWy5sNa8vHkmc33OG0+Jqp4syI4roc1TCPeTQKEfYU= X-Google-Smtp-Source: AGHT+IGvRdb4I9HaaHhuHW8HBDY1U3GRW+PV9CJvxql3LOfHXJTee/8j/3AWnJ695agzLnIfzr0vOw== X-Received: by 2002:a17:90b:1847:b0:313:fa28:b223 with SMTP id 98e67ed59e1d1-313fa28cebamr14341945a91.3.1750134791287; Mon, 16 Jun 2025 21:33:11 -0700 (PDT) Received: from localhost ([2a03:2880:2ff:4::]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-2365deb0484sm69909325ad.142.2025.06.16.21.33.10 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 16 Jun 2025 21:33:10 -0700 (PDT) From: Bobby Eshleman Date: Mon, 16 Jun 2025 21:33:00 -0700 Subject: [PATCH RFC net-next v4 11/11] vsock/loopback: add netns support Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20250616-vsock-vmtest-v4-11-bdd1659c33fb@meta.com> References: <20250616-vsock-vmtest-v4-0-bdd1659c33fb@meta.com> In-Reply-To: <20250616-vsock-vmtest-v4-0-bdd1659c33fb@meta.com> To: Stefano Garzarella , Stefan Hajnoczi , Shuah Khan Cc: kvm@vger.kernel.org, "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , linux-kernel@vger.kernel.org, virtualization@lists.linux.dev, netdev@vger.kernel.org, linux-kselftest@vger.kernel.org, Bobby Eshleman , Bobby Eshleman X-Mailer: b4 0.13.0 From: Bobby Eshleman Add NS support to vsock loopback. In theory, loopback can be viewed as a given CID, and so should collide with other vsocks when the namespaces are in global mode, but should not collide if the namespace is in local mode. This has not been tested yet, but will be by the next rev. TODO: add tests for this Signed-off-by: Bobby Eshleman --- net/vmw_vsock/vsock_loopback.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/vmw_vsock/vsock_loopback.c b/net/vmw_vsock/vsock_loopback.c index 6e78927a598e..1b2fab73e0d0 100644 --- a/net/vmw_vsock/vsock_loopback.c +++ b/net/vmw_vsock/vsock_loopback.c @@ -46,7 +46,7 @@ static int vsock_loopback_cancel_pkt(struct vsock_sock *v= sk) return 0; } =20 -static bool vsock_loopback_seqpacket_allow(u32 remote_cid); +static bool vsock_loopback_seqpacket_allow(struct vsock_sock *vsk, u32 rem= ote_cid); static bool vsock_loopback_msgzerocopy_allow(void) { return true; @@ -106,7 +106,7 @@ static struct virtio_transport loopback_transport =3D { .send_pkt =3D vsock_loopback_send_pkt, }; =20 -static bool vsock_loopback_seqpacket_allow(u32 remote_cid) +static bool vsock_loopback_seqpacket_allow(struct vsock_sock *vsk, u32 rem= ote_cid) { return true; } --=20 2.47.1