From nobody Fri Oct 3 16:47:15 2025 Received: from mail-pf1-f169.google.com (mail-pf1-f169.google.com [209.85.210.169]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A65BD19ABC6; Thu, 28 Aug 2025 00:31:34 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.169 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1756341097; cv=none; b=UcN23U84rr+Bik18M8XejGU8eczEhiL2Te2lDV1EdOQi3uaQZTHp8aAfnEDoXXyrHP+9M+5jxcOOghNGfUIb+GF2DAeXVIFYGNtac143qyFuij+aavEc+VZuico66c0D7+bPRVsg3r7JXqT06/4scgxDnZ349Ay4nzeSXqt2ay0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1756341097; c=relaxed/simple; bh=z+sr6MdX8qILdTTvivuBLqgcZDE/1O6PGveEjKKmkI4=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=CUiYeq9MPkwN11+iFytA9Zp6cubDcnKnpkQLA8m8KjmVTA0B0BEmKnyAY2geCecEQCauI11DPCSjDjM7OB8VfpgWtAd3c2yirbwmBgEu+KXobahRMuWA7JmIcBGy3fIp0EWygjPox+PitlJUMmEam2dzg32fzIZnMxP1G2UVnSg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=N0J8smbi; arc=none smtp.client-ip=209.85.210.169 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="N0J8smbi" Received: by mail-pf1-f169.google.com with SMTP id d2e1a72fcca58-76e4f2e4c40so457696b3a.2; Wed, 27 Aug 2025 17:31:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1756341094; x=1756945894; darn=vger.kernel.org; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:from:to:cc:subject:date:message-id :reply-to; bh=tgPhhCZTl4chPUEyREnq+4qsbR5ADg6VFT1FXFFAJKw=; b=N0J8smbia3UKKOrHNQUI0UYfiQxVQ0kYa1oSrR//jG5DX7s2f+x5dC94Za+SKEdqIZ P7eYx4KJ6oBaWT564UzC8drIM09PNwmR/yJzx3KlE7iyoLz9D79NZaDy2ZCjq6RNICqj ZdgapVFJ7f8wmw1zfbL4bmyWgh9Y1Y4MtUIg2SJgVwq0bhRIBvEU4TBErNY/3d+IZB6f 9vdftvscaNNyg7YqtrY0DePEZ1k04sy5RkKQnGzpzSGoNE6y5+H2FxUErA1euv9zhWGw 1Hnjd33uBsPC5DO8jV4xnaCQeuaUMAUeguJ/kc5Ky1duFhss0tcxAYp2iXssEgtfz8MQ F2gw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1756341094; x=1756945894; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=tgPhhCZTl4chPUEyREnq+4qsbR5ADg6VFT1FXFFAJKw=; b=W0OCpdj+DoBb+EjMiufbNVw/uxcGHeVuzMFllugwInxe45jeLJi4hcaVDPt741bchk JP7Vbg5kFuVDjff1PDSrEpZlSCvLGO3MOCfoISKdt+sclib/EiZLzkvC/ambzrvIr3GF bGzK/l4imiuFncAm3L1U5dn3GNjzmtsWWpLBWCgiqDspzE8YpZVNjYnuxsb1aXlOS5qA vdx/IF9hp2A9eM8cjkSn4HpK0oDZgrv+QR9vV4wrLqg6mocXxkGdl/1KkjcMME6n0Ady yXEeVHf5CydUfscCd1mbwZcuGoCeIBtWrwaGdIJP6ori0iYtryY+VD6Asqq8gMTmK67y XivQ== X-Forwarded-Encrypted: i=1; AJvYcCV1B/QzZxA+/OH2U6bZtFQuU2vTsTtbCeJZ48YoQvkNqvX3DCjXlbKgvNE6YtRxFn617yeL9sn9JceJIGSH@vger.kernel.org, AJvYcCWDBU1SVptxj705LM4ZYt27o79Lq1e9fr1XiX1cH2cP3YZQhmJIgrgJ2PpNoYXR4+2ZB4aiG5fN1X5RuyqLXt4c@vger.kernel.org, AJvYcCWkwZ5lS9YJfkcOg4st6HW0j7+0cmETxBJ7yjb16uXu7H+bt63mtjb8Q0zJ3Vu9/Z1MsMQ=@vger.kernel.org, AJvYcCXZsFKVLE+ZbgkrxQlfJ0PWfBOh8pq2PBIGwGpW1spViipkcNvUxg5/lb/hG8C/cjXcjV4nDuuS@vger.kernel.org, AJvYcCXi/N/nE7PSyPdv3fJrjazrDYdjiOR8oNfuIKKpvY1ELPsWbAaonCG1yoNo8vuHzq/2f0GopT6xZEAlEIiS@vger.kernel.org X-Gm-Message-State: AOJu0YwklNCiC+VL8Rm44vDpnJ3de2+ziTwIAuW4nLJa2XTxdQBiBnX3 Or/0S2yP8sAchwQEGZ4QcXOoQn3dVMW3q+1FZh7WNWPGlZuGQA172fPy X-Gm-Gg: ASbGncvx84u41jVbxlYBZfj/z18xtKPC0oAa+PfwB1Z3pyB3QiB/djV5sGuI4sdqzzd NalLq5FPYkZgtohh2QxXKMThmtTHF9f2QX92JdNSZOWOvniUqgfYFR8kNkxd4eVbbKPkuAIY9s0 6KC3LwToEqdCm4vpE8267z44YNlZU/ia9dE8ynVUZmTNWk/CVpzMyX0zkOkkJ2r654YoH/OLxvS DbTynAnVr8P/LhEjSrL6qwsSWxJXu3vzFJ/vVEWDnitaUoVl+xNKlKgKGAAF3eQx/j5fWYlIGkm O1TBMVLkB60sBymZXdVCvgWjO94liIwC/2kKtSPLtN3LDcnBvdmee0W1i+jpKWHUHbxbFL/DvmY iDM1ILW1jewg9QcLStIQ= X-Google-Smtp-Source: AGHT+IGASGKslm4YnrVrCyR6nvJ/i2wzlfWuyETjLKTMh0O1Ojw/wh+hTG7OFeKYXpYEcTD89VSvYw== X-Received: by 2002:a05:6a00:179a:b0:772:65e:4273 with SMTP id d2e1a72fcca58-772065e467dmr5963292b3a.18.1756341093774; Wed, 27 Aug 2025 17:31:33 -0700 (PDT) Received: from localhost ([2a03:2880:2ff:6::]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-772093cac4bsm2796708b3a.12.2025.08.27.17.31.32 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 27 Aug 2025 17:31:32 -0700 (PDT) From: Bobby Eshleman Date: Wed, 27 Aug 2025 17:31:29 -0700 Subject: [PATCH net-next v5 1/9] vsock: a per-net vsock NS mode state Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20250827-vsock-vmtest-v5-1-0ba580bede5b@meta.com> References: <20250827-vsock-vmtest-v5-0-0ba580bede5b@meta.com> In-Reply-To: <20250827-vsock-vmtest-v5-0-0ba580bede5b@meta.com> To: Stefano Garzarella , Shuah Khan , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Stefan Hajnoczi , "Michael S. Tsirkin" , Jason Wang , Xuan Zhuo , =?utf-8?q?Eugenio_P=C3=A9rez?= , "K. Y. Srinivasan" , Haiyang Zhang , Wei Liu , Dexuan Cui , Bryan Tan , Vishnu Dasa , Broadcom internal kernel review list Cc: virtualization@lists.linux.dev, netdev@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-hyperv@vger.kernel.org, Bobby Eshleman , berrange@redhat.com, Bobby Eshleman X-Mailer: b4 0.13.0 From: Bobby Eshleman Add the per-net vsock NS mode state. This only adds the structure for holding the mode and some of the functions for setting/getting and checking the mode, but does not integrate the functionality yet. Signed-off-by: Bobby Eshleman --- Changes in v5: - use /proc/sys/net/vsock/ns_mode instead of /proc/net/vsock_ns_mode - change from net->vsock.ns_mode to net->vsock.mode - change vsock_net_set_mode() to vsock_net_write_mode() - vsock_net_write_mode() returns bool for write success to avoid need to use vsock_net_mode_can_set() - remove vsock_net_mode_can_set() --- MAINTAINERS | 1 + include/net/af_vsock.h | 42 ++++++++++++++++++++++++++++++++++++++++++ include/net/net_namespace.h | 4 ++++ include/net/netns/vsock.h | 20 ++++++++++++++++++++ 4 files changed, 67 insertions(+) diff --git a/MAINTAINERS b/MAINTAINERS index bce96dd254b8..deaf7f02ec32 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -26578,6 +26578,7 @@ L: netdev@vger.kernel.org S: Maintained F: drivers/vhost/vsock.c F: include/linux/virtio_vsock.h +F: include/net/netns/vsock.h F: include/uapi/linux/virtio_vsock.h F: net/vmw_vsock/virtio_transport.c F: net/vmw_vsock/virtio_transport_common.c diff --git a/include/net/af_vsock.h b/include/net/af_vsock.h index d40e978126e3..5707514c30b6 100644 --- a/include/net/af_vsock.h +++ b/include/net/af_vsock.h @@ -10,6 +10,7 @@ =20 #include #include +#include #include #include =20 @@ -256,4 +257,45 @@ static inline bool vsock_msgzerocopy_allow(const struc= t vsock_transport *t) { return t->msgzerocopy_allow && t->msgzerocopy_allow(); } + +static inline u8 vsock_net_mode(struct net *net) +{ + enum vsock_net_mode ret; + + spin_lock_bh(&net->vsock.lock); + ret =3D net->vsock.mode; + spin_unlock_bh(&net->vsock.lock); + return ret; +} + +static inline bool vsock_net_write_mode(struct net *net, u8 mode) +{ + bool ret; + + spin_lock_bh(&net->vsock.lock); + + if (net->vsock.written) { + ret =3D false; + goto skip; + } + + net->vsock.mode =3D mode; + net->vsock.written =3D true; + ret =3D true; + +skip: + spin_unlock_bh(&net->vsock.lock); + return ret; +} + +/* Return true if vsock net mode check passes. Otherwise, return false. + * + * Read more about modes in comment header of net/vmw_vsock/af_vsock.c. + */ +static inline bool vsock_net_check_mode(struct net *n1, struct net *n2) +{ + return net_eq(n1, n2) || + (vsock_net_mode(n1) =3D=3D VSOCK_NET_MODE_GLOBAL && + vsock_net_mode(n2) =3D=3D VSOCK_NET_MODE_GLOBAL); +} #endif /* __AF_VSOCK_H__ */ diff --git a/include/net/net_namespace.h b/include/net/net_namespace.h index 025a7574b275..005c0da4fb62 100644 --- a/include/net/net_namespace.h +++ b/include/net/net_namespace.h @@ -37,6 +37,7 @@ #include #include #include +#include #include #include #include @@ -196,6 +197,9 @@ struct net { /* Move to a better place when the config guard is removed. */ struct mutex rtnl_mutex; #endif +#if IS_ENABLED(CONFIG_VSOCKETS) + struct netns_vsock vsock; +#endif } __randomize_layout; =20 #include diff --git a/include/net/netns/vsock.h b/include/net/netns/vsock.h new file mode 100644 index 000000000000..d4593c0b8dc4 --- /dev/null +++ b/include/net/netns/vsock.h @@ -0,0 +1,20 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +#ifndef __NET_NET_NAMESPACE_VSOCK_H +#define __NET_NET_NAMESPACE_VSOCK_H + +#include + +enum vsock_net_mode { + VSOCK_NET_MODE_GLOBAL, + VSOCK_NET_MODE_LOCAL, +}; + +struct netns_vsock { + struct ctl_table_header *vsock_hdr; + spinlock_t lock; + + /* protected by lock */ + enum vsock_net_mode mode; + bool written; +}; +#endif /* __NET_NET_NAMESPACE_VSOCK_H */ --=20 2.47.3 From nobody Fri Oct 3 16:47:15 2025 Received: from mail-pl1-f175.google.com (mail-pl1-f175.google.com [209.85.214.175]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3795A146585; Thu, 28 Aug 2025 00:31:35 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.175 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1756341097; cv=none; b=tdK2tDWDV+K7lc9HdpLcIR3VyI4DuN/k1Bi5BlIx3iBXNvy6MWPISSsGtx/f1LYYHRpjAkV9TVHaK8fiMRjcSH7iucc7NMUdeY8BA8eDjYY6YOkwqcjp1cmYptjGHA5CwZ1TtiAS/Slv0eG6uVHTQgE9lG1FBnXYhhlmuMk5M6g= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1756341097; c=relaxed/simple; bh=TYmMByH+5sTf+Nmv/lFpsDIcxlWf1v6PPyxvRt0BSCI=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=BAYLaE1A+XsFGert7ijrdEMz5j/MffZm+yHeHeuonmi0UaZUYECOeSA4PspgCiDhEk31LTjM/DO0YhrJvv/q52C2Nr32JWMMoRj1J136B19UgrkZQwVW9ig2l6hHtlIwnQo2SFgggQh1bhClUUKm1+abGeBKBiSwu56t0Ffzgv4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=fOLKOfvm; arc=none smtp.client-ip=209.85.214.175 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="fOLKOfvm" Received: by mail-pl1-f175.google.com with SMTP id d9443c01a7336-246151aefaaso12488985ad.1; Wed, 27 Aug 2025 17:31:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1756341095; x=1756945895; darn=vger.kernel.org; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:from:to:cc:subject:date:message-id :reply-to; bh=CPvtzAfXM02gxsFwP0R3/4GEgD8KwF6jICYx2UBFbv4=; b=fOLKOfvmMYUZiIFVUjt7dJSvo4Qm46L7tXdzUvL0066dhc2XsjI3qh+lSe3P3tJ7ZN FeAY3ivHQZT6WChNqPqvG7M58M3tgRt245pT+8kaGGL32L/9wK/F4MKf+YP8s92GqDIY YSC3IXhaUF5oDCeNrXiobhetE/8eGdtDc7tJNJm007ci4kR5EVWrLYKSRfT8Sosg6mTj dRkkaAHN9bJ5AjiKj7GuJMbmcOmhyCoDzj80jWw7c6k/J8krWvXh726p+QHNX29yjow5 Y2Zq0zV+FB4GXGPNKm/GplWYsvSS+9TbdQQaBHQspVs/QD3JMyClcJsWVRw+eHhoMTas KqTA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1756341095; x=1756945895; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=CPvtzAfXM02gxsFwP0R3/4GEgD8KwF6jICYx2UBFbv4=; b=sf9b531Vyf4Lvpc0rOsZ4R7xll6fok8BN5kUYppitzLvZawzd+luJg+XWzdosAOd0m EJQaxhhNlbXQx8XBQuWtcbM2QK8ZFxXEpJBDOMWpez2QzSDYyT4MggAZEqiAD+nv3pVD /nuTCTFGcwuVicrlccUL21jAIWhyuGK1Ov89UP0VmrPn5XsB3SnErrEcbnWIoEatw1+c kweBHsz6BLOZ/7IVf8tYUXWot9HqGlyifY90csWfoj7T7FJpO7H4bhV+caGpSXQacmy4 n/gWG9lTvTYX2DN3sJHudB41wpA/9wRxBdkK23YderLz09NneO+Tipb33MZpVAUf+Xmj XnWg== X-Forwarded-Encrypted: i=1; AJvYcCWMcIOFG8QiT/zlpy7abRZLGYxzqRRy9cdPSRqh3ShtfloeQHF0HEQFhnSlHY7UKefB2Fdf3U/5rNpOBPYhHRIT@vger.kernel.org, AJvYcCWZrlhggB/kKOj/QJnqgrpsf2ZElbHWz2w6gUux49aL/ewgSjmxy9RCxuXDfncqgbvOJQ1UC6zmUs8EVQ1D@vger.kernel.org, AJvYcCWoFNDKpXHQbtW0cTAGVFkaK4YcD8eFKQF+CoHJgQFgE0qBvi+NwmBBnWxKYekUCklh3ElrGPbX@vger.kernel.org, AJvYcCXQwjDWUYJKdK6N3N1iyoXKgI3aI+1gMiPUGDalEBN4SMBM3eo8tm+ixI05GHSnh9dMrWw=@vger.kernel.org, AJvYcCXnN34hsbrhv8hPkvEpt3zGTkjj2rc85TjmRVaaLFRvIX3crOisWGZs2AVa/TQJ4o0eNskuVBpO1MyscyH4@vger.kernel.org X-Gm-Message-State: AOJu0YzhuWfOorBkl82WpTxkF7Yixgbc8FOV2AY/8j1J5xzEEL1fMUMx iaDjG/MoU+XjRwustFpd4Tl8edmclXtaYiVYqRK6l68kKrpeDl3ddn6L X-Gm-Gg: ASbGncs7RMMsNsE0hpcSeriQOe1ryqjWdc113qAQ7732e7R8Ls02u6ISZ4j2VeWrABq SLXBfhjbot98kuKcG34Ty7M8JSeo7WQo3GSRF/UxW8jEtykThveN6l2bm8EWiqC7pGPhqJyxARh Gn0tghFVqflDBhOFUGsq1Epsm4WPpGJqlerjx9+NNBUZdD6unjjZjrlARe97rxkAb5PQ+bf0Li3 HYCcxh/NgxyALW+B1/3ybQZytIZ/GjQpBXuImAvcLInMr8LdprwXm5BRXdNQj7EuJ2emRxYWwgD CGisquRgXkbXCaKJSepFgCwYBBTlpLDz4SfvWrDCM9/d2fxTYkVx/N4sZsVdsSspQUQzr7dsqXr xeMt7Th8Myo9N8rIA5A05Wham+XPglI6u4mgWgxd3AA== X-Google-Smtp-Source: AGHT+IE2PGfR2lyF9Hr8hV5HbfYYYn2UwMgBVIhXdHI1pQtLPnrjVODZOdxlZ2k7OY2teQU7xaDFDA== X-Received: by 2002:a17:902:e88e:b0:234:8a4a:ad89 with SMTP id d9443c01a7336-248753a2359mr86214995ad.1.1756341095375; Wed, 27 Aug 2025 17:31:35 -0700 (PDT) Received: from localhost ([2a03:2880:2ff:72::]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-24893618880sm32735435ad.99.2025.08.27.17.31.34 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 27 Aug 2025 17:31:34 -0700 (PDT) From: Bobby Eshleman Date: Wed, 27 Aug 2025 17:31:30 -0700 Subject: [PATCH net-next v5 2/9] vsock: add net to vsock skb cb Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20250827-vsock-vmtest-v5-2-0ba580bede5b@meta.com> References: <20250827-vsock-vmtest-v5-0-0ba580bede5b@meta.com> In-Reply-To: <20250827-vsock-vmtest-v5-0-0ba580bede5b@meta.com> To: Stefano Garzarella , Shuah Khan , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Stefan Hajnoczi , "Michael S. Tsirkin" , Jason Wang , Xuan Zhuo , =?utf-8?q?Eugenio_P=C3=A9rez?= , "K. Y. Srinivasan" , Haiyang Zhang , Wei Liu , Dexuan Cui , Bryan Tan , Vishnu Dasa , Broadcom internal kernel review list Cc: virtualization@lists.linux.dev, netdev@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-hyperv@vger.kernel.org, Bobby Eshleman , berrange@redhat.com, Bobby Eshleman X-Mailer: b4 0.13.0 From: Bobby Eshleman Add a net pointer to the vsock skb and helpers for getting/setting it. This is in preparation for adding vsock NS support. Signed-off-by: Bobby Eshleman --- Changes in v5: - some diff context change due to rebase to current net-next --- include/linux/virtio_vsock.h | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/include/linux/virtio_vsock.h b/include/linux/virtio_vsock.h index 0c67543a45c8..c547cda7196b 100644 --- a/include/linux/virtio_vsock.h +++ b/include/linux/virtio_vsock.h @@ -13,6 +13,7 @@ struct virtio_vsock_skb_cb { bool reply; bool tap_delivered; u32 offset; + struct net *net; }; =20 #define VIRTIO_VSOCK_SKB_CB(skb) ((struct virtio_vsock_skb_cb *)((skb)->cb= )) @@ -130,6 +131,16 @@ static inline size_t virtio_vsock_skb_len(struct sk_bu= ff *skb) return (size_t)(skb_end_pointer(skb) - skb->head); } =20 +static inline struct net *virtio_vsock_skb_net(struct sk_buff *skb) +{ + return VIRTIO_VSOCK_SKB_CB(skb)->net; +} + +static inline void virtio_vsock_skb_set_net(struct sk_buff *skb, struct ne= t *net) +{ + VIRTIO_VSOCK_SKB_CB(skb)->net =3D net; +} + /* Dimension the RX SKB so that the entire thing fits exactly into * a single 4KiB page. This avoids wasting memory due to alloc_skb() * rounding up to the next page order and also means that we --=20 2.47.3 From nobody Fri Oct 3 16:47:15 2025 Received: from mail-pf1-f180.google.com (mail-pf1-f180.google.com [209.85.210.180]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 02C1A1DE3DF; Thu, 28 Aug 2025 00:31:37 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.180 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1756341100; cv=none; b=koEx9owqzl8NpJUGFtjEsnPrS9anZmOgW8rmboIRuCHNjesw42rwnEIP/pElQ82lrPjsid7UwW02Pfz1e//BAN49fniJAONqTMfEh96EgoLBnfqlIRUbXlcAUXChXwLqzkrVsoGVlyv5lJ+8izvkVinvsQQN0WRbfvV1AFrpHYI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1756341100; c=relaxed/simple; bh=jtnRXYh/Lvi2uurp5TJ5M7dNqYesFDWBz3k5nbbOi+s=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=l73o81R4VJNk8+Q1Ouape7BCjwzyUf7rtw4WilAW7UkPBeI5Lp6iZmD3Ia2jFGDnkRARed4vBiK0lAaixuUURFRXN8bPmxPIJcF+fI0WYeGOhzhkMbOSRDf4Qs0iOZp0GH1u9HDTlmKslaYNuZaCwd5rLb+2GEMBXODl0KkL/xQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=HLLr9B9j; arc=none smtp.client-ip=209.85.210.180 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="HLLr9B9j" Received: by mail-pf1-f180.google.com with SMTP id d2e1a72fcca58-771e4378263so372477b3a.0; Wed, 27 Aug 2025 17:31:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1756341097; x=1756945897; darn=vger.kernel.org; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:from:to:cc:subject:date:message-id :reply-to; bh=Yh9cLsdWKv/YRQUA7B/iFdmJkDD58rsi37kMiS0jwHs=; b=HLLr9B9jZAGOXgmFHihrl19KxCZsoLC2J0n3Ba0yJrnCD5C5TOzmlsL1aNrFMDrQCv /DkqGQn0O/3aD51ji8Rqr7qi6zTRd9sRdUpxOKZ5h5QqrA+7Z9Gpy8lpF8IekK9lWUiu rHQDUmzQcXq2Wy4zE6UT72gr1GhCwfrOIoxnZjvqFuHwkPmeF1TEgbjowv10sZ6HW7B7 epr2N2fKd2tLmh1qLZNOiR65qv+WyYMG4lc6SnQu8TWdZh/UtsL9+QLP/jTBLQrfEe1O TRXCYsBheMEksAx5pi1yt6VM6bYF056r/eDU1E8ew3eCR7WAMO/62q+CilFeY02RDviK rt7w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1756341097; x=1756945897; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Yh9cLsdWKv/YRQUA7B/iFdmJkDD58rsi37kMiS0jwHs=; b=xKmrcnwqMuUOKzXBs9TszEvpAJ+y5/XpUnB4pfcREju5ckmeGWTGYBibtUzok/WTON q8pCicgMMYYBsNMYDkBmY7IdZu/XoCluFRT7GRygMNMM8+Xg9rqLPK8SrAZvGEWDbwLh 5FIAlc6Z606NXlJWRlXK0ZbxtDsDVg1VH3lY7hziPyd/kB+CtWoyfLyCMxPud3sYzU8U SODho5GP0VcC3yUUythwbhuWvDQGK1/w3ljOcxrc52dWjdI3IhOVdVwIgNVCPDjUybZ6 QSqECRtdrPpLRRkQCcRP8iA333MfXaL6QXYPO/ctdYIO7mGgQ7D5zlTogAnFMH8PlZg0 r7xA== X-Forwarded-Encrypted: i=1; AJvYcCU4YQV33dmMY1Ox2t3c9kt6n5oOJ8FU/bcxLGWhzySdavqxj0OGZtR5gcmRYaa2J6fdj9An/PlzkIUiRcB+@vger.kernel.org, AJvYcCUlviT2oXItnLmsImZLraW+5eYhCL60d8oVu2fpECrmS9CFxYvxiIEF1yRb0JMaG42lV6Thk1qzRmnO+oCa@vger.kernel.org, AJvYcCVbjHQWynU6Fv5SP4cHkknHiDKs7V41oMNGEOVOhIMGHmDJOIcb9pvaLA+KbNRKri5jD/Bp6IP3@vger.kernel.org, AJvYcCWI9SdfNmFpRz0ux7wkOiHLwh6AQ4B8cCc86tsjUlpTDTIn6n9Fh8UWGj1IroKuHmN9ZhU=@vger.kernel.org, AJvYcCXZ9pqa3wybKn8KFZ8im90BkcU2hDtxAuWruZOJkAsqChNl10ptlDRPA7KlawUiwcKezpts33dXKx0Rg0jSu02b@vger.kernel.org X-Gm-Message-State: AOJu0YxPwtUqqdPCRVAdNmZC1anIO3K/GVrar5P2rXktDlKK9ljLTaiK I62bOWUVWzy+dbB7h3atD1MfQZ9ZT2fvaKP1iwLva3IeB6+GEYSh9ZSK X-Gm-Gg: ASbGncsCtYeSINnJNsBFHgD3fsbsJ4BkIsbyTk6G7zmNgrDlIXKTT7PI/0hUNrcBAp+ zugeWxfOpIadhA9SEULLfsS6p6/r6N0KIZwRVFXCeGoDtvCiKBvKLIN0M6ae4nOLOsrod4J+SuC NX8hHXYyRlQx/ql+QKJQ+1OUHkX9ZL/Ipy7+TdjAlC2l3ymKyr9TphGBpFVMtI5tfb5+INHF2qN SMxtSa7TlZl7lXVBQGEZIAF90Tzf/wBMBoCycpWooYor0eIIkw5Zk8/9lPRsxMQcbdAYSwA3OvF W4q9DsJqRG8B8WOk+L+VbeIIi3t/p2ZIDjP4Zxfn3gBcJ/YcmPisy9XmjKwzv9Bhr38BkZeXvby X2efDstLnIlKRJoLKdxnA X-Google-Smtp-Source: AGHT+IF4qKFHVHKyH+bth0ngWyu6USvUH7Vt8MobOxW/uMLOOU0QRdSrBvV5S1MebI5F/LY/ZQpKow== X-Received: by 2002:a05:6a21:6da3:b0:243:78a:828b with SMTP id adf61e73a8af0-24340dec1aemr31764028637.50.1756341097158; Wed, 27 Aug 2025 17:31:37 -0700 (PDT) Received: from localhost ([2a03:2880:2ff:45::]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-7720d871486sm2114715b3a.54.2025.08.27.17.31.36 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 27 Aug 2025 17:31:36 -0700 (PDT) From: Bobby Eshleman Date: Wed, 27 Aug 2025 17:31:31 -0700 Subject: [PATCH net-next v5 3/9] vsock: add netns to vsock core Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20250827-vsock-vmtest-v5-3-0ba580bede5b@meta.com> References: <20250827-vsock-vmtest-v5-0-0ba580bede5b@meta.com> In-Reply-To: <20250827-vsock-vmtest-v5-0-0ba580bede5b@meta.com> To: Stefano Garzarella , Shuah Khan , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Stefan Hajnoczi , "Michael S. Tsirkin" , Jason Wang , Xuan Zhuo , =?utf-8?q?Eugenio_P=C3=A9rez?= , "K. Y. Srinivasan" , Haiyang Zhang , Wei Liu , Dexuan Cui , Bryan Tan , Vishnu Dasa , Broadcom internal kernel review list Cc: virtualization@lists.linux.dev, netdev@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-hyperv@vger.kernel.org, Bobby Eshleman , berrange@redhat.com, Bobby Eshleman X-Mailer: b4 0.13.0 From: Bobby Eshleman Add netns to logic to vsock core. Additionally, modify transport hook prototypes to be used by later transport-specific patches (e.g., *_seqpacket_allow()). Namespaces are supported primarily by changing socket lookup functions (e.g., vsock_find_connected_socket()) to take into account the socket namespace and the namespace mode before considering a candidate socket a "match". Introduce a dummy namespace struct, __vsock_global_dummy_net, to be used by transports that do not support namespacing. This dummy always has mode "global" to preserve previous CID behavior. This patch also introduces the sysctl /proc/sys/net/vsock/ns_mode that accepts the "global" or "local" mode strings. The transports (besides vhost) are modified to use the global dummy. Add netns functionality (initialization, passing to transports, procfs, etc...) to the af_vsock socket layer. Later patches that add netns support to transports depend on this patch. Signed-off-by: Bobby Eshleman --- Changes in v5: - vsock_global_net() -> vsock_global_dummy_net() - update comments for new uAPI - use /proc/sys/net/vsock/ns_mode instead of /proc/net/vsock_ns_mode - add prototype changes so patch remains compilable --- drivers/vhost/vsock.c | 4 +- include/net/af_vsock.h | 13 +- net/vmw_vsock/af_vsock.c | 202 ++++++++++++++++++++++++++++= +--- net/vmw_vsock/hyperv_transport.c | 2 +- net/vmw_vsock/virtio_transport.c | 5 +- net/vmw_vsock/virtio_transport_common.c | 4 +- net/vmw_vsock/vmci_transport.c | 4 +- net/vmw_vsock/vsock_loopback.c | 4 +- 8 files changed, 210 insertions(+), 28 deletions(-) diff --git a/drivers/vhost/vsock.c b/drivers/vhost/vsock.c index ae01457ea2cd..34adf0cf9124 100644 --- a/drivers/vhost/vsock.c +++ b/drivers/vhost/vsock.c @@ -404,7 +404,7 @@ static bool vhost_transport_msgzerocopy_allow(void) return true; } =20 -static bool vhost_transport_seqpacket_allow(u32 remote_cid); +static bool vhost_transport_seqpacket_allow(struct vsock_sock *vsk, u32 re= mote_cid); =20 static struct virtio_transport vhost_transport =3D { .transport =3D { @@ -460,7 +460,7 @@ static struct virtio_transport vhost_transport =3D { .send_pkt =3D vhost_transport_send_pkt, }; =20 -static bool vhost_transport_seqpacket_allow(u32 remote_cid) +static bool vhost_transport_seqpacket_allow(struct vsock_sock *vsk, u32 re= mote_cid) { struct vhost_vsock *vsock; bool seqpacket_allow =3D false; diff --git a/include/net/af_vsock.h b/include/net/af_vsock.h index 5707514c30b6..83f873174ba3 100644 --- a/include/net/af_vsock.h +++ b/include/net/af_vsock.h @@ -144,7 +144,7 @@ struct vsock_transport { int flags); int (*seqpacket_enqueue)(struct vsock_sock *vsk, struct msghdr *msg, size_t len); - bool (*seqpacket_allow)(u32 remote_cid); + bool (*seqpacket_allow)(struct vsock_sock *vsk, u32 remote_cid); u32 (*seqpacket_has_data)(struct vsock_sock *vsk); =20 /* Notification. */ @@ -214,9 +214,10 @@ void vsock_enqueue_accept(struct sock *listener, struc= t sock *connected); void vsock_insert_connected(struct vsock_sock *vsk); void vsock_remove_bound(struct vsock_sock *vsk); void vsock_remove_connected(struct vsock_sock *vsk); -struct sock *vsock_find_bound_socket(struct sockaddr_vm *addr); +struct sock *vsock_find_bound_socket(struct sockaddr_vm *addr, struct net = *net); struct sock *vsock_find_connected_socket(struct sockaddr_vm *src, - struct sockaddr_vm *dst); + struct sockaddr_vm *dst, + struct net *net); void vsock_remove_sock(struct vsock_sock *vsk); void vsock_for_each_connected_socket(struct vsock_transport *transport, void (*fn)(struct sock *sk)); @@ -258,6 +259,12 @@ static inline bool vsock_msgzerocopy_allow(const struc= t vsock_transport *t) return t->msgzerocopy_allow && t->msgzerocopy_allow(); } =20 +extern struct net __vsock_global_dummy_net; +static inline struct net *vsock_global_dummy_net(void) +{ + return &__vsock_global_dummy_net; +} + static inline u8 vsock_net_mode(struct net *net) { enum vsock_net_mode ret; diff --git a/net/vmw_vsock/af_vsock.c b/net/vmw_vsock/af_vsock.c index 0538948d5fd9..68a8875c8106 100644 --- a/net/vmw_vsock/af_vsock.c +++ b/net/vmw_vsock/af_vsock.c @@ -83,6 +83,24 @@ * TCP_ESTABLISHED - connected * TCP_CLOSING - disconnecting * TCP_LISTEN - listening + * + * - Namespaces in vsock support two different modes configured + * through /proc/sys/net/vsock/ns_mode. The modes are "local" and "globa= l". + * Each mode defines how the namespace interacts with CIDs. + * /proc/sys/net/vsock/ns_mode is write-once, so that it may be configur= ed + * and locked down by a namespace manager. The default is "global". The = mode + * is set per-namespace. + * + * The modes affect the allocation and accessibility of CIDs as follows: + * - global - aka fully public + * - CID allocation draws from the public pool + * - AF_VSOCK sockets may reach any CID allocated from the public pool + * - AF_VSOCK sockets may not reach CIDs allocated from private pools + * + * - local - aka fully private + * - CID allocation draws only from the private pool, does not affect = public pool + * - AF_VSOCK sockets may only reach CIDs from the private pool + * - AF_VSOCK sockets may not reach CIDs allocated from outside the po= ol */ =20 #include @@ -100,6 +118,7 @@ #include #include #include +#include #include #include #include @@ -111,6 +130,7 @@ #include #include #include +#include #include #include =20 @@ -149,6 +169,9 @@ static const struct vsock_transport *transport_dgram; static const struct vsock_transport *transport_local; static DEFINE_MUTEX(vsock_register_mutex); =20 +struct net __vsock_global_dummy_net; +EXPORT_SYMBOL_GPL(__vsock_global_dummy_net); + /**** UTILS ****/ =20 /* Each bound VSocket is stored in the bind hash table and each connected @@ -235,33 +258,42 @@ static void __vsock_remove_connected(struct vsock_soc= k *vsk) sock_put(&vsk->sk); } =20 -static struct sock *__vsock_find_bound_socket(struct sockaddr_vm *addr) +static struct sock *__vsock_find_bound_socket(struct sockaddr_vm *addr, + struct net *net) { struct vsock_sock *vsk; =20 list_for_each_entry(vsk, vsock_bound_sockets(addr), bound_table) { + struct sock *sk =3D sk_vsock(vsk); + if (vsock_addr_equals_addr(addr, &vsk->local_addr)) - return sk_vsock(vsk); + if (vsock_net_check_mode(net, sock_net(sk))) + return sk; =20 if (addr->svm_port =3D=3D vsk->local_addr.svm_port && (vsk->local_addr.svm_cid =3D=3D VMADDR_CID_ANY || - addr->svm_cid =3D=3D VMADDR_CID_ANY)) - return sk_vsock(vsk); + addr->svm_cid =3D=3D VMADDR_CID_ANY) && + vsock_net_check_mode(net, sock_net(sk))) + return sk; } =20 return NULL; } =20 static struct sock *__vsock_find_connected_socket(struct sockaddr_vm *src, - struct sockaddr_vm *dst) + struct sockaddr_vm *dst, + struct net *net) { struct vsock_sock *vsk; =20 list_for_each_entry(vsk, vsock_connected_sockets(src, dst), connected_table) { + struct sock *sk =3D sk_vsock(vsk); + if (vsock_addr_equals_addr(src, &vsk->remote_addr) && - dst->svm_port =3D=3D vsk->local_addr.svm_port) { - return sk_vsock(vsk); + dst->svm_port =3D=3D vsk->local_addr.svm_port && + vsock_net_check_mode(net, sock_net(sk))) { + return sk; } } =20 @@ -304,12 +336,12 @@ void vsock_remove_connected(struct vsock_sock *vsk) } EXPORT_SYMBOL_GPL(vsock_remove_connected); =20 -struct sock *vsock_find_bound_socket(struct sockaddr_vm *addr) +struct sock *vsock_find_bound_socket(struct sockaddr_vm *addr, struct net = *net) { struct sock *sk; =20 spin_lock_bh(&vsock_table_lock); - sk =3D __vsock_find_bound_socket(addr); + sk =3D __vsock_find_bound_socket(addr, net); if (sk) sock_hold(sk); =20 @@ -320,12 +352,13 @@ struct sock *vsock_find_bound_socket(struct sockaddr_= vm *addr) EXPORT_SYMBOL_GPL(vsock_find_bound_socket); =20 struct sock *vsock_find_connected_socket(struct sockaddr_vm *src, - struct sockaddr_vm *dst) + struct sockaddr_vm *dst, + struct net *net) { struct sock *sk; =20 spin_lock_bh(&vsock_table_lock); - sk =3D __vsock_find_connected_socket(src, dst); + sk =3D __vsock_find_connected_socket(src, dst, net); if (sk) sock_hold(sk); =20 @@ -528,7 +561,7 @@ int vsock_assign_transport(struct vsock_sock *vsk, stru= ct vsock_sock *psk) =20 if (sk->sk_type =3D=3D SOCK_SEQPACKET) { if (!new_transport->seqpacket_allow || - !new_transport->seqpacket_allow(remote_cid)) { + !new_transport->seqpacket_allow(vsk, remote_cid)) { module_put(new_transport->module); return -ESOCKTNOSUPPORT; } @@ -678,6 +711,7 @@ static int __vsock_bind_connectible(struct vsock_sock *= vsk, { static u32 port; struct sockaddr_vm new_addr; + struct net *net =3D sock_net(sk_vsock(vsk)); =20 if (!port) port =3D get_random_u32_above(LAST_RESERVED_PORT); @@ -695,7 +729,7 @@ static int __vsock_bind_connectible(struct vsock_sock *= vsk, =20 new_addr.svm_port =3D port++; =20 - if (!__vsock_find_bound_socket(&new_addr)) { + if (!__vsock_find_bound_socket(&new_addr, net)) { found =3D true; break; } @@ -712,7 +746,7 @@ static int __vsock_bind_connectible(struct vsock_sock *= vsk, return -EACCES; } =20 - if (__vsock_find_bound_socket(&new_addr)) + if (__vsock_find_bound_socket(&new_addr, net)) return -EADDRINUSE; } =20 @@ -2636,6 +2670,137 @@ static struct miscdevice vsock_device =3D { .fops =3D &vsock_device_ops, }; =20 +#define VSOCK_NET_MODE_STRING_MAX 7 + +static int vsock_net_mode_string(const struct ctl_table *table, int write, + void *buffer, size_t *lenp, loff_t *ppos) +{ + char buf[VSOCK_NET_MODE_STRING_MAX] =3D {0}; + enum vsock_net_mode mode; + struct ctl_table tmp; + struct net *net; + const char *p; + int ret; + + if (!table->data || !table->maxlen || !*lenp) { + *lenp =3D 0; + return 0; + } + + net =3D current->nsproxy->net_ns; + tmp =3D *table; + tmp.data =3D buf; + + if (!write) { + mode =3D vsock_net_mode(net); + + if (mode =3D=3D VSOCK_NET_MODE_GLOBAL) { + p =3D "global"; + } else if (mode =3D=3D VSOCK_NET_MODE_LOCAL) { + p =3D "local"; + } else { + WARN_ONCE(true, "netns has invalid vsock mode"); + *lenp =3D 0; + return 0; + } + + strscpy(buf, p, sizeof(buf)); + tmp.maxlen =3D strlen(p); + } + + ret =3D proc_dostring(&tmp, write, buffer, lenp, ppos); + if (ret) + return ret; + + if (write) { + if (!strncmp(buffer, "global", 6)) + mode =3D VSOCK_NET_MODE_GLOBAL; + else if (!strncmp(buffer, "local", 5)) + mode =3D VSOCK_NET_MODE_LOCAL; + else + return -EINVAL; + + if (!vsock_net_write_mode(net, mode)) + return -EPERM; + } + + return 0; +} + +static struct ctl_table vsock_table[] =3D { + { + .procname =3D "ns_mode", + .data =3D &init_net.vsock.mode, + .maxlen =3D sizeof(u8), + .mode =3D 0644, + .proc_handler =3D vsock_net_mode_string + }, +}; + +static int __net_init vsock_sysctl_register(struct net *net) +{ + struct ctl_table *table; + + if (net_eq(net, &init_net)) { + table =3D vsock_table; + } else { + table =3D kmemdup(vsock_table, sizeof(vsock_table), GFP_KERNEL); + if (!table) + goto err_alloc; + + table[0].data =3D &net->vsock.mode; + } + + net->vsock.vsock_hdr =3D register_net_sysctl_sz(net, "net/vsock", table, + ARRAY_SIZE(vsock_table)); + if (!net->vsock.vsock_hdr) + goto err_reg; + + return 0; + +err_reg: + if (!net_eq(net, &init_net)) + kfree(table); +err_alloc: + return -ENOMEM; +} + +static void vsock_sysctl_unregister(struct net *net) +{ + const struct ctl_table *table; + + table =3D net->vsock.vsock_hdr->ctl_table_arg; + unregister_net_sysctl_table(net->vsock.vsock_hdr); + if (!net_eq(net, &init_net)) + kfree(table); +} + +static void vsock_net_init(struct net *net) +{ + spin_lock_init(&net->vsock.lock); + net->vsock.mode =3D VSOCK_NET_MODE_GLOBAL; +} + +static __net_init int vsock_sysctl_init_net(struct net *net) +{ + vsock_net_init(net); + + if (vsock_sysctl_register(net)) + return -ENOMEM; + + return 0; +} + +static __net_exit void vsock_sysctl_exit_net(struct net *net) +{ + vsock_sysctl_unregister(net); +} + +static struct pernet_operations vsock_sysctl_ops __net_initdata =3D { + .init =3D vsock_sysctl_init_net, + .exit =3D vsock_sysctl_exit_net, +}; + static int __init vsock_init(void) { int err =3D 0; @@ -2663,10 +2828,19 @@ static int __init vsock_init(void) goto err_unregister_proto; } =20 + if (register_pernet_subsys(&vsock_sysctl_ops)) { + err =3D -ENOMEM; + goto err_unregister_sock; + } + + vsock_net_init(&init_net); + vsock_net_init(vsock_global_dummy_net()); vsock_bpf_build_proto(); =20 return 0; =20 +err_unregister_sock: + sock_unregister(AF_VSOCK); err_unregister_proto: proto_unregister(&vsock_proto); err_deregister_misc: diff --git a/net/vmw_vsock/hyperv_transport.c b/net/vmw_vsock/hyperv_transp= ort.c index 432fcbbd14d4..79bc55eeecb3 100644 --- a/net/vmw_vsock/hyperv_transport.c +++ b/net/vmw_vsock/hyperv_transport.c @@ -313,7 +313,7 @@ static void hvs_open_connection(struct vmbus_channel *c= han) return; =20 hvs_addr_init(&addr, conn_from_host ? if_type : if_instance); - sk =3D vsock_find_bound_socket(&addr); + sk =3D vsock_find_bound_socket(&addr, vsock_global_dummy_net()); if (!sk) return; =20 diff --git a/net/vmw_vsock/virtio_transport.c b/net/vmw_vsock/virtio_transp= ort.c index b6569b0ca2bb..af3e924fcc31 100644 --- a/net/vmw_vsock/virtio_transport.c +++ b/net/vmw_vsock/virtio_transport.c @@ -536,7 +536,7 @@ static bool virtio_transport_msgzerocopy_allow(void) return true; } =20 -static bool virtio_transport_seqpacket_allow(u32 remote_cid); +static bool virtio_transport_seqpacket_allow(struct vsock_sock *vsk, u32 r= emote_cid); =20 static struct virtio_transport virtio_transport =3D { .transport =3D { @@ -593,7 +593,7 @@ static struct virtio_transport virtio_transport =3D { .can_msgzerocopy =3D virtio_transport_can_msgzerocopy, }; =20 -static bool virtio_transport_seqpacket_allow(u32 remote_cid) +static bool virtio_transport_seqpacket_allow(struct vsock_sock *vsk, u32 r= emote_cid) { struct virtio_vsock *vsock; bool seqpacket_allow; @@ -659,6 +659,7 @@ static void virtio_transport_rx_work(struct work_struct= *work) if (payload_len) virtio_vsock_skb_put(skb, payload_len); =20 + virtio_vsock_skb_set_net(skb, vsock_global_dummy_net()); virtio_transport_deliver_tap_pkt(skb); virtio_transport_recv_pkt(&virtio_transport, skb); } diff --git a/net/vmw_vsock/virtio_transport_common.c b/net/vmw_vsock/virtio= _transport_common.c index fe92e5fa95b4..9b3aa4f0395d 100644 --- a/net/vmw_vsock/virtio_transport_common.c +++ b/net/vmw_vsock/virtio_transport_common.c @@ -1604,9 +1604,9 @@ void virtio_transport_recv_pkt(struct virtio_transpor= t *t, /* The socket must be in connected or bound table * otherwise send reset back */ - sk =3D vsock_find_connected_socket(&src, &dst); + sk =3D vsock_find_connected_socket(&src, &dst, vsock_global_dummy_net()); if (!sk) { - sk =3D vsock_find_bound_socket(&dst); + sk =3D vsock_find_bound_socket(&dst, vsock_global_dummy_net()); if (!sk) { (void)virtio_transport_reset_no_sock(t, skb); goto free_pkt; diff --git a/net/vmw_vsock/vmci_transport.c b/net/vmw_vsock/vmci_transport.c index 7eccd6708d66..fd600ad77d73 100644 --- a/net/vmw_vsock/vmci_transport.c +++ b/net/vmw_vsock/vmci_transport.c @@ -703,9 +703,9 @@ static int vmci_transport_recv_stream_cb(void *data, st= ruct vmci_datagram *dg) vsock_addr_init(&src, pkt->dg.src.context, pkt->src_port); vsock_addr_init(&dst, pkt->dg.dst.context, pkt->dst_port); =20 - sk =3D vsock_find_connected_socket(&src, &dst); + sk =3D vsock_find_connected_socket(&src, &dst, vsock_global_dummy_net()); if (!sk) { - sk =3D vsock_find_bound_socket(&dst); + sk =3D vsock_find_bound_socket(&dst, vsock_global_dummy_net()); if (!sk) { /* We could not find a socket for this specified * address. If this packet is a RST, we just drop it. diff --git a/net/vmw_vsock/vsock_loopback.c b/net/vmw_vsock/vsock_loopback.c index 6e78927a598e..1b2fab73e0d0 100644 --- a/net/vmw_vsock/vsock_loopback.c +++ b/net/vmw_vsock/vsock_loopback.c @@ -46,7 +46,7 @@ static int vsock_loopback_cancel_pkt(struct vsock_sock *v= sk) return 0; } =20 -static bool vsock_loopback_seqpacket_allow(u32 remote_cid); +static bool vsock_loopback_seqpacket_allow(struct vsock_sock *vsk, u32 rem= ote_cid); static bool vsock_loopback_msgzerocopy_allow(void) { return true; @@ -106,7 +106,7 @@ static struct virtio_transport loopback_transport =3D { .send_pkt =3D vsock_loopback_send_pkt, }; =20 -static bool vsock_loopback_seqpacket_allow(u32 remote_cid) +static bool vsock_loopback_seqpacket_allow(struct vsock_sock *vsk, u32 rem= ote_cid) { return true; } --=20 2.47.3 From nobody Fri Oct 3 16:47:15 2025 Received: from mail-pf1-f179.google.com (mail-pf1-f179.google.com [209.85.210.179]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EDDD61F4CBE; Thu, 28 Aug 2025 00:31:39 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.179 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1756341102; cv=none; b=ZfIFoHcAnkqcx15jyLn3TQ7qLc4Z/FX6rZY4FqLcLIApXiG/WuN3fEEKNNcP30/J14FDFlhBGuJnn5maqCWP1UUpPLEcdDy3q5UBe1Ej2P6ZbJ+fT+v8tIgJ+etuu9g2ZZGLQDxGTL1jytXeRrKlLDN5DeADeSNkH2KjL/VN4bQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1756341102; c=relaxed/simple; bh=wWdrwUKBUFrtXAHqJcDXxHi/oozKFw1YoDZbNfv/RMI=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=sCpweLJNRym4ze/80px6E0XMccZQWualX284atbCni/NGIdWgnng5Bl0lcEl4JoI+Y5j4XqMHhzwL7f4K/PPvYKLnB6zzopJxfTcrPTDMh2uDqA4fJXsnN/n+Epy7jtJrGT9U/dw+sONNck+/nQQKs6olus3nKicE+XvPCn/ic4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=gYb0gIMz; arc=none smtp.client-ip=209.85.210.179 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="gYb0gIMz" Received: by mail-pf1-f179.google.com with SMTP id d2e1a72fcca58-771ff6f117aso422223b3a.2; Wed, 27 Aug 2025 17:31:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1756341099; x=1756945899; darn=vger.kernel.org; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:from:to:cc:subject:date:message-id :reply-to; bh=WW/LcIFNDDwwwBQxgjHA336bZBssQi49MeEngdLV2Cg=; b=gYb0gIMzp84BgcKXhkx0wNMW9vBYWaOnMAFx8CAfChFldKXrxl9z0HsplZWOwJvogE hIgQaAod+/wGJVib5rPQRSpQQWkoECdzMRYq5OVxnC8Pz3VAz6oLYc8A5Dd/R8tSr+DF nuQkOVThPkVokNCARgHbTHJCNDbkghW2Rlcmc7DHQyxqixhN83F88H8XD1AhVRAt2o1B WCAfgWBRm9Q1sznNhS4nVjZZIys4zSCygysYg6SmZ68N2TUn/Qc4y/x3BbTDyWpZnzNk iDw8M6AaZcGdECkbTpZqbEFjH6vXh42JPTKdBwnFqJRC89ooCSBAKa239LKQw7M/M819 0Ehw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1756341099; x=1756945899; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=WW/LcIFNDDwwwBQxgjHA336bZBssQi49MeEngdLV2Cg=; b=FL7oA32sFkOReeMBBSNJeIneR86zkkuNe6nMa9LVBtQtcBc5sw3bhXYL+dy9xs8mkp q4rB8cE5dcPy74vGdWaCOUxwaQKCDcRiTDP/LJmkxzrMNK9aZqXsgXNUBFJ/t0eJJ2ZQ tUpqeOCEBDsjXHBJVVSECaxiUcxGBDLHAQE2hy8LBlg5OpJvz1xO4H5lq5OjPYurlDXV axCKRuZ9UfT3eN9qRzu+6XD0srS+Rq2K67C9UGPepXOZgOc9SDPG9lN2d3vcvySXufKt 6jld27x9wtkPqINAXzMOmVxRqf4O0UkB9/K6t/ZtcYLstkjri2b/LqpOVaF9uIS2HnB5 UDqA== X-Forwarded-Encrypted: i=1; AJvYcCU9+4gppIloOh8EbA4qHOuIfVKgN4toD3F7r6nlr4Hiai4PyJwkrO9j7k/JYa6er7OLvsh5LLE47I5iaN2x@vger.kernel.org, AJvYcCV0JW/oTwAu/rwb3buBpo6nxfLXfP77eJgcj8vJIEYBMOp0fG845VbpM4Qm+Fg5u95FfVA=@vger.kernel.org, AJvYcCV4fVOoHDdlkZoTnMduUuBTyHIa07H/dfgWKLLPwXXFA87xXq45TvfMzjh7HhZPGupBJ82efWew@vger.kernel.org, AJvYcCXGnZlqgPrhlKytZGuo5HEXVv+mi7499sDNUD2Lg2Pt41reku2uZSEHehei7n8IJv1P25as0V7caYzdUBKj2M7y@vger.kernel.org, AJvYcCXsVwopwYl9tXMn6uS/FcgWlv2kVS4ywEhAIl1DKTaRoJx6rrU8cAUdEVVWiazICmFsrOulNboAy+w3Roht@vger.kernel.org X-Gm-Message-State: AOJu0Yxt11wlF+TgQBsPbOhX2O2HaqYGS3SKsG9JlF73pdhBIv4v/DYX emYvFt5Y34t7lHEAQZ/g6VXXpMqJyFjbQGUtuR/MOrDGjBIJSZHlOb6P X-Gm-Gg: ASbGncv6WnR1HWm3bSBAdTTW8N+F9nVRhHcAxN23pO12Dd93gTwfgtnRldqENLUfPQh smkpcEb8Fq3WMV08I1jyvGjH4N3e2bRA30NLKEzyhPqLhNbk9xQ1yFCkL/UnQE6Vpbri6gpfjn/ rIiQM95qAEuALwK7oMTNqBOcLDxXLRCAOaEha1bU/9CQIozrSvu1LCnKfzvOfc1h6LNvfQhIwue 8P6CP4iAGcvqhEEQ1YvA1YEFNC3pQIgpqMLglXauPXu8KD+CsR4j6RR4teiiBvWh4kDDg2n8yEB vAQQnPGoX4g/JBT5hpWlOEaKBCn4NcIFamQx54kyTAqjK92S7qjMjLnroHNnaP0X2QrOJTKNHwl VOiThrxxIGjlhWTUTaMQ= X-Google-Smtp-Source: AGHT+IFemEU14RdHINRSlJUhUtiloPBD7tDAK4YxiClFU/SXgCt09YzlEQTv5tt9KahYIXPzz+S2+w== X-Received: by 2002:a05:6a00:3e0b:b0:772:bb4:a1c8 with SMTP id d2e1a72fcca58-7720bb4a740mr3714892b3a.23.1756341099057; Wed, 27 Aug 2025 17:31:39 -0700 (PDT) Received: from localhost ([2a03:2880:2ff:1::]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-771fbbc3bb0sm5435234b3a.66.2025.08.27.17.31.37 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 27 Aug 2025 17:31:38 -0700 (PDT) From: Bobby Eshleman Date: Wed, 27 Aug 2025 17:31:32 -0700 Subject: [PATCH net-next v5 4/9] vsock/loopback: add netns support Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20250827-vsock-vmtest-v5-4-0ba580bede5b@meta.com> References: <20250827-vsock-vmtest-v5-0-0ba580bede5b@meta.com> In-Reply-To: <20250827-vsock-vmtest-v5-0-0ba580bede5b@meta.com> To: Stefano Garzarella , Shuah Khan , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Stefan Hajnoczi , "Michael S. Tsirkin" , Jason Wang , Xuan Zhuo , =?utf-8?q?Eugenio_P=C3=A9rez?= , "K. Y. Srinivasan" , Haiyang Zhang , Wei Liu , Dexuan Cui , Bryan Tan , Vishnu Dasa , Broadcom internal kernel review list Cc: virtualization@lists.linux.dev, netdev@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-hyperv@vger.kernel.org, Bobby Eshleman , berrange@redhat.com, Bobby Eshleman X-Mailer: b4 0.13.0 From: Bobby Eshleman Add NS support to vsock loopback. Sockets in a global mode netns communicate with each other, regardless of namespace. Sockets in a local mode netns may only communicate with other sockets within the same namespace. Add callbacks for transport to hook into the initialization and exit of net namespaces. The transport's init hook will be called once per netns init. Likewise for exit. When a set of init/exit callbacks is registered, the init callback is called on each already existing namespace. Only one callback registration is supported for now. Currently vsock_loopback is the only user. Signed-off-by: Bobby Eshleman --- Changes in v5: - add callbacks code to avoid reverse dependency - add logic for handling vsock_loopback setup for already existing namespaces --- include/net/af_vsock.h | 34 +++++++++++++ include/net/netns/vsock.h | 5 ++ net/vmw_vsock/af_vsock.c | 110 +++++++++++++++++++++++++++++++++++++= ++++ net/vmw_vsock/vsock_loopback.c | 72 ++++++++++++++++++++++++--- 4 files changed, 213 insertions(+), 8 deletions(-) diff --git a/include/net/af_vsock.h b/include/net/af_vsock.h index 83f873174ba3..9333a98b9a1e 100644 --- a/include/net/af_vsock.h +++ b/include/net/af_vsock.h @@ -305,4 +305,38 @@ static inline bool vsock_net_check_mode(struct net *n1= , struct net *n2) (vsock_net_mode(n1) =3D=3D VSOCK_NET_MODE_GLOBAL && vsock_net_mode(n2) =3D=3D VSOCK_NET_MODE_GLOBAL); } + +struct vsock_net_callbacks { + int (*init)(struct net *net); + void (*exit)(struct net *net); + struct module *owner; +}; + +#if IS_ENABLED(CONFIG_VSOCKETS_LOOPBACK) + +#define vsock_register_net_callbacks(__init, __exit) \ + __vsock_register_net_callbacks((__init), (__exit), THIS_MODULE) + +int __vsock_register_net_callbacks(int (*init)(struct net *net), + void (*exit)(struct net *net), + struct module *owner); +void vsock_unregister_net_callbacks(void); + +#else + +#define vsock_register_net_callbacks(__init, __exit) do { } while (0) + +static inline int __vsock_register_net_callbacks(int (*init)(struct net *n= et), + void (*exit)(struct net *net), + struct module *owner) +{ + return 0; +} + +static inline void vsock_unregister_net_callbacks(void) {} +static inline int vsock_net_call_init(struct net *net) { return 0; } +static inline void vsock_net_call_exit(struct net *net) {} + +#endif /* CONFIG_VSOCKETS_LOOPBACK */ + #endif /* __AF_VSOCK_H__ */ diff --git a/include/net/netns/vsock.h b/include/net/netns/vsock.h index d4593c0b8dc4..08d9a933c540 100644 --- a/include/net/netns/vsock.h +++ b/include/net/netns/vsock.h @@ -9,6 +9,8 @@ enum vsock_net_mode { VSOCK_NET_MODE_LOCAL, }; =20 +struct vsock_loopback; + struct netns_vsock { struct ctl_table_header *vsock_hdr; spinlock_t lock; @@ -16,5 +18,8 @@ struct netns_vsock { /* protected by lock */ enum vsock_net_mode mode; bool written; +#if IS_ENABLED(CONFIG_VSOCKETS_LOOPBACK) + struct vsock_loopback *loopback; +#endif }; #endif /* __NET_NET_NAMESPACE_VSOCK_H */ diff --git a/net/vmw_vsock/af_vsock.c b/net/vmw_vsock/af_vsock.c index 68a8875c8106..5a73d9e1a96f 100644 --- a/net/vmw_vsock/af_vsock.c +++ b/net/vmw_vsock/af_vsock.c @@ -134,6 +134,9 @@ #include #include =20 +static struct vsock_net_callbacks vsock_net_callbacks; +static DEFINE_MUTEX(vsock_net_callbacks_lock); + static int __vsock_bind(struct sock *sk, struct sockaddr_vm *addr); static void vsock_sk_destruct(struct sock *sk); static int vsock_queue_rcv_skb(struct sock *sk, struct sk_buff *skb); @@ -2781,6 +2784,49 @@ static void vsock_net_init(struct net *net) net->vsock.mode =3D VSOCK_NET_MODE_GLOBAL; } =20 +#if IS_ENABLED(CONFIG_VSOCKETS_LOOPBACK) +static int vsock_net_call_init(struct net *net) +{ + struct vsock_net_callbacks *cbs; + int ret; + + mutex_lock(&vsock_net_callbacks_lock); + cbs =3D &vsock_net_callbacks; + + ret =3D 0; + if (!cbs->owner) + goto out; + + if (try_module_get(cbs->owner)) { + ret =3D cbs->init(net); + module_put(cbs->owner); + } + +out: + mutex_unlock(&vsock_net_callbacks_lock); + return ret; +} + +static void vsock_net_call_exit(struct net *net) +{ + struct vsock_net_callbacks *cbs; + + mutex_lock(&vsock_net_callbacks_lock); + cbs =3D &vsock_net_callbacks; + + if (!cbs->owner) + goto out; + + if (try_module_get(cbs->owner)) { + cbs->exit(net); + module_put(cbs->owner); + } + +out: + mutex_unlock(&vsock_net_callbacks_lock); +} +#endif /* CONFIG_VSOCKETS_LOOPBACK */ + static __net_init int vsock_sysctl_init_net(struct net *net) { vsock_net_init(net); @@ -2788,12 +2834,20 @@ static __net_init int vsock_sysctl_init_net(struct = net *net) if (vsock_sysctl_register(net)) return -ENOMEM; =20 + if (vsock_net_call_init(net) < 0) + goto err_sysctl; + return 0; + +err_sysctl: + vsock_sysctl_unregister(net); + return -ENOMEM; } =20 static __net_exit void vsock_sysctl_exit_net(struct net *net) { vsock_sysctl_unregister(net); + vsock_net_call_exit(net); } =20 static struct pernet_operations vsock_sysctl_ops __net_initdata =3D { @@ -2938,6 +2992,62 @@ void vsock_core_unregister(const struct vsock_transp= ort *t) } EXPORT_SYMBOL_GPL(vsock_core_unregister); =20 +#if IS_ENABLED(CONFIG_VSOCKETS_LOOPBACK) +int __vsock_register_net_callbacks(int (*init)(struct net *net), + void (*exit)(struct net *net), + struct module *owner) +{ + struct vsock_net_callbacks *cbs; + struct net *net; + int ret =3D 0; + + mutex_lock(&vsock_net_callbacks_lock); + + cbs =3D &vsock_net_callbacks; + cbs->init =3D init; + cbs->exit =3D exit; + cbs->owner =3D owner; + + /* call callbacks on any net previously created */ + down_read(&net_rwsem); + + if (try_module_get(cbs->owner)) { + for_each_net(net) { + ret =3D cbs->init(net); + if (ret < 0) + break; + } + + if (ret < 0) + for_each_net(net) + cbs->exit(net); + + module_put(cbs->owner); + } + + up_read(&net_rwsem); + mutex_unlock(&vsock_net_callbacks_lock); + + return ret; +} +EXPORT_SYMBOL_GPL(__vsock_register_net_callbacks); + +void vsock_unregister_net_callbacks(void) +{ + struct vsock_net_callbacks *cbs; + + mutex_lock(&vsock_net_callbacks_lock); + + cbs =3D &vsock_net_callbacks; + cbs->init =3D NULL; + cbs->exit =3D NULL; + cbs->owner =3D NULL; + + mutex_unlock(&vsock_net_callbacks_lock); +} +EXPORT_SYMBOL_GPL(vsock_unregister_net_callbacks); +#endif /* CONFIG_VSOCKETS_LOOPBACK */ + module_init(vsock_init); module_exit(vsock_exit); =20 diff --git a/net/vmw_vsock/vsock_loopback.c b/net/vmw_vsock/vsock_loopback.c index 1b2fab73e0d0..f16d21711cb0 100644 --- a/net/vmw_vsock/vsock_loopback.c +++ b/net/vmw_vsock/vsock_loopback.c @@ -28,8 +28,19 @@ static u32 vsock_loopback_get_local_cid(void) =20 static int vsock_loopback_send_pkt(struct sk_buff *skb) { - struct vsock_loopback *vsock =3D &the_vsock_loopback; + struct vsock_loopback *vsock; int len =3D skb->len; + struct net *net; + + if (skb->sk) + net =3D sock_net(skb->sk); + else + net =3D NULL; + + if (net && net->vsock.mode =3D=3D VSOCK_NET_MODE_LOCAL) + vsock =3D net->vsock.loopback; + else + vsock =3D &the_vsock_loopback; =20 virtio_vsock_skb_queue_tail(&vsock->pkt_queue, skb); queue_work(vsock->workqueue, &vsock->pkt_work); @@ -134,27 +145,72 @@ static void vsock_loopback_work(struct work_struct *w= ork) } } =20 -static int __init vsock_loopback_init(void) +static int vsock_loopback_init_vsock(struct vsock_loopback *vsock) { - struct vsock_loopback *vsock =3D &the_vsock_loopback; - int ret; - vsock->workqueue =3D alloc_workqueue("vsock-loopback", 0, 0); if (!vsock->workqueue) return -ENOMEM; =20 skb_queue_head_init(&vsock->pkt_queue); INIT_WORK(&vsock->pkt_work, vsock_loopback_work); + return 0; +} + +static void vsock_loopback_deinit_vsock(struct vsock_loopback *vsock) +{ + if (vsock->workqueue) + destroy_workqueue(vsock->workqueue); +} + +/* called with vsock_net_callbacks lock held */ +static int vsock_loopback_init_net(struct net *net) +{ + if (WARN_ON_ONCE(net->vsock.loopback)) + return 0; + + net->vsock.loopback =3D kmalloc(sizeof(*net->vsock.loopback), GFP_KERNEL); + if (!net->vsock.loopback) + return -ENOMEM; + + return vsock_loopback_init_vsock(net->vsock.loopback); +} + +/* called with vsock_net_callbacks lock held */ +static void vsock_loopback_exit_net(struct net *net) +{ + if (net->vsock.loopback) { + vsock_loopback_deinit_vsock(net->vsock.loopback); + kfree(net->vsock.loopback); + } +} + +static int __init vsock_loopback_init(void) +{ + struct vsock_loopback *vsock =3D &the_vsock_loopback; + int ret; + + ret =3D vsock_loopback_init_vsock(vsock); + if (ret < 0) + return ret; + + ret =3D vsock_register_net_callbacks(vsock_loopback_init_net, + vsock_loopback_exit_net); + if (ret < 0) + goto out_deinit_vsock; =20 ret =3D vsock_core_register(&loopback_transport.transport, VSOCK_TRANSPORT_F_LOCAL); if (ret) - goto out_wq; + goto out_unregister_net; + =20 return 0; =20 -out_wq: - destroy_workqueue(vsock->workqueue); +out_unregister_net: + vsock_unregister_net_callbacks(); + +out_deinit_vsock: + vsock_loopback_deinit_vsock(vsock); return ret; } =20 --=20 2.47.3 From nobody Fri Oct 3 16:47:15 2025 Received: from mail-pl1-f176.google.com (mail-pl1-f176.google.com [209.85.214.176]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B36B286344; Thu, 28 Aug 2025 00:31:41 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.176 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1756341103; cv=none; b=AhHmc76qU/2cb9GJ4P3zIw9yzaHumLiRKVGdlZuQ9lUIiEse7RWPEqVi3RmC02gDAn5iw09YUZPqSXsaHT0EM9O1b32rvjgOdSp1I01VyxirApwu5EN5aiTBdDaVpIFoFTWj18FQxRV7HFdGi6IQJ/eW8h/wc1YDzfeQVyTGRFo= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1756341103; c=relaxed/simple; bh=XcqxKWbcR9R+GFEDVaS469hmzOI/5gU8TKoZ33SLMAM=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=ikpFBx0UHyeKxZkpkUBLx6UatHAxqyOcvJlcvKTF1QRhJlhLlYJoJo0Js7BKB9Mb+vLQ92G8ef7NibwNio7tx0Nm9T7eDDG5mnkoPxCrJT5KWy3VsLxJE3GctwjfHzwqM/JuQJcmLhbJQJ8pAUBYlOtSBEndbw12YTw8Q55G+yw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=J2fUZxqa; arc=none smtp.client-ip=209.85.214.176 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="J2fUZxqa" Received: by mail-pl1-f176.google.com with SMTP id d9443c01a7336-2445805aa2eso3899935ad.1; Wed, 27 Aug 2025 17:31:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1756341101; x=1756945901; darn=vger.kernel.org; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:from:to:cc:subject:date:message-id :reply-to; bh=UNMRyhXc58NJQADKxcGV3IzP2b9a+EmxeUKj/JoKFFQ=; b=J2fUZxqaMFPm9bM1qszbCewCQwmEXwxxWzYIoMMFltClMBJRcVeHCHGnh+zs0RGFKi WwTQVnUxThCHyp3EBEGNdfg+D1/43tqAP8gY4wZNqRNJdSTEM4ACsWkSV8MHWcMeTRep 301/dhai2pOf7eHUR2UJ+L0TdV1Au2h1AgSxOAgQU34jVkbQoCp+AlH6d40RmorVR92X Oowf7IT4MIOVPv9bnwtn4p+8/Ps8aZg5zqT8KU/0pB0jGWF86f4GJluaQ3EkQ5cVtJvp UupNtqqkZi6+j257FpZw20+QzLdHlbBiH4pAE8dTL6dd09r5a9i56mlRE42EZXoGhsXJ diAw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1756341101; x=1756945901; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=UNMRyhXc58NJQADKxcGV3IzP2b9a+EmxeUKj/JoKFFQ=; b=ix1Ci77/CIb2n7DX52lV/L2Qdxfta3a3Ewt5xJYG2n+Jgi7B2FLXeB21dB4hI4Ib1K UTmDLzYHKEoNIJxmF9T3Ot/GP+q3j7N4tHTrfWBideG8QOOaon/xVm9+uAPEyD9O/NZH b+wGHal6JaJdtMfdp6K1rshBJQy8vJrsptXi+TiFbEsCbn+rqZJ/efQ+Zv3YXbIu2UU7 /pWjdB6zrLCt92DP14fhHW0Rsf6o41z9Ce6qvl1Uef9qUzEkXbtdh5v0LegdHJZh2Sj5 h3zmJDKGDH5Vl1y3h1AL54lwBQIexbKVPrDNfMp2OJBLhPmWIr0gFuvKFUndoPWIgowD uZeQ== X-Forwarded-Encrypted: i=1; AJvYcCU2Ox+nVMaiEA2NKfMuTLORBycx37l8G5SFlkpYacWK8jKkYeB7RJc1IQ3w/B//KPL3UI06pFTJ7Zw+7ngPrHzB@vger.kernel.org, AJvYcCUJ6zJLOykZofNMMP2irdVP2iS/MNSpb+NUk7fJqWXJNg1iKUYTMvVXDyTKHsNuRJyq0Mh+Hq+dB8PLOvYt@vger.kernel.org, AJvYcCVatihEfsjI6usrBw1fd/Rz0kD3FZULWSr1dORsPDNrivdt6hcUOkGdE8KtpSZjjBZMV2CtEOyjzSE/2Z7R@vger.kernel.org, AJvYcCVjskY0FLwEC32GqxXvWF+cgsrpZc+IQZjr9+4AeClC1yXYv2udl1e9FlbIYBJy8tUYbPmHX4V6@vger.kernel.org, AJvYcCXEiwdMEJYvV9lgVmyL6/smb2kbuDMnOH+uGzBzpDDPSmXIE94dsMUnjE0ib2NLKNVMdXw=@vger.kernel.org X-Gm-Message-State: AOJu0Yx5D8V0ayCZIQvUNERebS0e7mNQr8mK9QCZdqvjrbhyvQxUHznN TMaPCK8AdTpGpHqOlrIUF01l3CcjJN4G7jtMv4tlc0VO9GIsi8sbqinf X-Gm-Gg: ASbGncsKs3wdE5OUxWwWul1jlBcPmPDqYSBw17hyvLYqaN+rutFFTRR5wKYTs6EORyd k10+jQz3bLDqnjpwTK7aFkLjyn/tsidenKBZNO40u5x1k2rVX70suN/9vA9QPfKnQDyXKnjwB9e 2AhsO4uMTj4TYKwuxvAg7/B0ROXbLSY5UCIfEZyOmPzoyVvk/YkARqPYpIp8nMjiLMTufYkQkZD l/gYzpHBPmqPRnE0y+GdsXRHasO8sAsjzWo+ENjV8FNSckrtLErS7kb+zOcoCGCdfPtPUzxkcNg l7kI7EgauIr+6lxlQ80xzmwPBOTgGksoICGKmUMnku50RExJKy8o6OK0E2+AS0P0jH0abxJ59CA llVr7yVrJU9kTQQCWKZ1QhATJ7WMpcLc= X-Google-Smtp-Source: AGHT+IFjSJ3lNQyXihNLyzpDRLaKGYXU6ozW/kmFwiBYAHcnoyr5/NLuHTzQ3rWReb04ry+yDvDZSA== X-Received: by 2002:a17:903:1ae4:b0:245:f7f3:6760 with SMTP id d9443c01a7336-2462efb1aa9mr236094525ad.55.1756341100823; Wed, 27 Aug 2025 17:31:40 -0700 (PDT) Received: from localhost ([2a03:2880:2ff:47::]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-24668880260sm132633545ad.128.2025.08.27.17.31.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 27 Aug 2025 17:31:39 -0700 (PDT) From: Bobby Eshleman Date: Wed, 27 Aug 2025 17:31:33 -0700 Subject: [PATCH net-next v5 5/9] vsock/virtio: add netns to virtio transport common Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20250827-vsock-vmtest-v5-5-0ba580bede5b@meta.com> References: <20250827-vsock-vmtest-v5-0-0ba580bede5b@meta.com> In-Reply-To: <20250827-vsock-vmtest-v5-0-0ba580bede5b@meta.com> To: Stefano Garzarella , Shuah Khan , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Stefan Hajnoczi , "Michael S. Tsirkin" , Jason Wang , Xuan Zhuo , =?utf-8?q?Eugenio_P=C3=A9rez?= , "K. Y. Srinivasan" , Haiyang Zhang , Wei Liu , Dexuan Cui , Bryan Tan , Vishnu Dasa , Broadcom internal kernel review list Cc: virtualization@lists.linux.dev, netdev@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-hyperv@vger.kernel.org, Bobby Eshleman , berrange@redhat.com, Bobby Eshleman X-Mailer: b4 0.13.0 From: Bobby Eshleman Add support to the virtio-vsock common code for passing around net namespace pointers (tx and rx). The series still requires vhost/virtio transport support to be added by future patches. Signed-off-by: Bobby Eshleman --- include/linux/virtio_vsock.h | 1 + net/vmw_vsock/virtio_transport_common.c | 14 ++++++++++++-- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/include/linux/virtio_vsock.h b/include/linux/virtio_vsock.h index c547cda7196b..ce6d15eede9c 100644 --- a/include/linux/virtio_vsock.h +++ b/include/linux/virtio_vsock.h @@ -184,6 +184,7 @@ struct virtio_vsock_pkt_info { u32 remote_cid, remote_port; struct vsock_sock *vsk; struct msghdr *msg; + struct net *net; u32 pkt_len; u16 type; u16 op; diff --git a/net/vmw_vsock/virtio_transport_common.c b/net/vmw_vsock/virtio= _transport_common.c index 9b3aa4f0395d..7b566c8f8082 100644 --- a/net/vmw_vsock/virtio_transport_common.c +++ b/net/vmw_vsock/virtio_transport_common.c @@ -314,6 +314,8 @@ static struct sk_buff *virtio_transport_alloc_skb(struc= t virtio_vsock_pkt_info * info->flags, zcopy); =20 + virtio_vsock_skb_set_net(skb, info->net); + return skb; out: kfree_skb(skb); @@ -525,6 +527,7 @@ static int virtio_transport_send_credit_update(struct v= sock_sock *vsk) struct virtio_vsock_pkt_info info =3D { .op =3D VIRTIO_VSOCK_OP_CREDIT_UPDATE, .vsk =3D vsk, + .net =3D sock_net(sk_vsock(vsk)), }; =20 return virtio_transport_send_pkt_info(vsk, &info); @@ -1065,6 +1068,7 @@ int virtio_transport_connect(struct vsock_sock *vsk) struct virtio_vsock_pkt_info info =3D { .op =3D VIRTIO_VSOCK_OP_REQUEST, .vsk =3D vsk, + .net =3D sock_net(sk_vsock(vsk)), }; =20 return virtio_transport_send_pkt_info(vsk, &info); @@ -1080,6 +1084,7 @@ int virtio_transport_shutdown(struct vsock_sock *vsk,= int mode) (mode & SEND_SHUTDOWN ? VIRTIO_VSOCK_SHUTDOWN_SEND : 0), .vsk =3D vsk, + .net =3D sock_net(sk_vsock(vsk)), }; =20 return virtio_transport_send_pkt_info(vsk, &info); @@ -1106,6 +1111,7 @@ virtio_transport_stream_enqueue(struct vsock_sock *vs= k, .msg =3D msg, .pkt_len =3D len, .vsk =3D vsk, + .net =3D sock_net(sk_vsock(vsk)), }; =20 return virtio_transport_send_pkt_info(vsk, &info); @@ -1143,6 +1149,7 @@ static int virtio_transport_reset(struct vsock_sock *= vsk, .op =3D VIRTIO_VSOCK_OP_RST, .reply =3D !!skb, .vsk =3D vsk, + .net =3D sock_net(sk_vsock(vsk)), }; =20 /* Send RST only if the original pkt is not a RST pkt */ @@ -1163,6 +1170,7 @@ static int virtio_transport_reset_no_sock(const struc= t virtio_transport *t, .op =3D VIRTIO_VSOCK_OP_RST, .type =3D le16_to_cpu(hdr->type), .reply =3D true, + .net =3D virtio_vsock_skb_net(skb), }; struct sk_buff *reply; =20 @@ -1463,6 +1471,7 @@ virtio_transport_send_response(struct vsock_sock *vsk, .remote_port =3D le32_to_cpu(hdr->src_port), .reply =3D true, .vsk =3D vsk, + .net =3D sock_net(sk_vsock(vsk)), }; =20 return virtio_transport_send_pkt_info(vsk, &info); @@ -1577,6 +1586,7 @@ void virtio_transport_recv_pkt(struct virtio_transpor= t *t, struct sk_buff *skb) { struct virtio_vsock_hdr *hdr =3D virtio_vsock_hdr(skb); + struct net *net =3D virtio_vsock_skb_net(skb); struct sockaddr_vm src, dst; struct vsock_sock *vsk; struct sock *sk; @@ -1604,9 +1614,9 @@ void virtio_transport_recv_pkt(struct virtio_transpor= t *t, /* The socket must be in connected or bound table * otherwise send reset back */ - sk =3D vsock_find_connected_socket(&src, &dst, vsock_global_dummy_net()); + sk =3D vsock_find_connected_socket(&src, &dst, net); if (!sk) { - sk =3D vsock_find_bound_socket(&dst, vsock_global_dummy_net()); + sk =3D vsock_find_bound_socket(&dst, net); if (!sk) { (void)virtio_transport_reset_no_sock(t, skb); goto free_pkt; --=20 2.47.3 From nobody Fri Oct 3 16:47:15 2025 Received: from mail-pg1-f180.google.com (mail-pg1-f180.google.com [209.85.215.180]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4AAA721CA02; Thu, 28 Aug 2025 00:31:43 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.215.180 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1756341105; cv=none; b=NILtGbkCy9n5b2L0xRvWk9rgiISBf6WqZ1j8QzgDwZtnTYRKGPcMKeCGePTpRRGUQq36q/v2a+TheZWK1itUz4ZEMu/qLnx9pXK1XKPJLi4OaHjuaq8zwKy0SIFq/HaZ/9vgbzxsR6E5BXRD69KK4FUX80hyULnoIeBddWo8PjU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1756341105; c=relaxed/simple; bh=1GJOYUbLkSVUFuavBj8tOYipR+NhigVATpZKUWUhpl8=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=gECl6c4hOwc7P4E1AQsOZyza8+db3UBLk5Q2x0G/+QFlSznQoyKXj8pR41x9MreJvldrt+U9VjWP9inAHQmG8puScZo5yTO4EwwM1En2YMIkV+Yrfx0xC7bWPHlhvW2ybtDcJQd0KV+lQeavMQ1gFP2gzG74o+M+E3nLLdsP2Oc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=ZWfW5Rnx; arc=none smtp.client-ip=209.85.215.180 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="ZWfW5Rnx" Received: by mail-pg1-f180.google.com with SMTP id 41be03b00d2f7-b475dfb4f42so343513a12.0; Wed, 27 Aug 2025 17:31:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1756341103; x=1756945903; darn=vger.kernel.org; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:from:to:cc:subject:date:message-id :reply-to; bh=saysWBU4M7zZK6muNIPjMH0cBIXV8HIpOLa1ReuiyVc=; b=ZWfW5Rnx2hXoqvHUejKPcEyGRxay0H3jWRxEYqwWWelahI63PRtIxaILYpeRAEmBx4 SN8hBW6U445ldyvVq1yHnIHqWfF0x33pKrrwiId5tZ5WrBpBTpG0Rf9V7IFBPDT0Tb2D b8MEOu/oKNVis69wTzrhUpgt9tABrjM5bUSOvCV1UbdVwHaUS+2TrPuryugZValX2Sti rAJwgqiKSZtxFwyU6V8TTXVIRLcgCVnDp7DerBtO44/2L/HAPcqgxZRaifOe/osGoI8H vtyhIxdwXV35GtWrzKt6i04ERJ/V2ur/l/oeQdXruR5+c/NnR+9y9c6YgSXETmRUNmO5 lVHA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1756341103; x=1756945903; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=saysWBU4M7zZK6muNIPjMH0cBIXV8HIpOLa1ReuiyVc=; b=YLovJO72huaEZPmfjdom6DGjzrJZYNwm0I9xLHr+iewAX4N2cBy5tkjDo7G7yLpme0 SwBJRRgOE+u5imox99ZB8mTn64mb3UPdWv+sHFbJNgLU9SwG4WRTwDStp7LBjZyVJipe p4vVPmsSqi3NlRSr4k5z2xseHZfGFz+54hOgfbEMOsp/kQNpJ7bIZYwJGZNyjb8CWl6M hODWkPXfmqDNYJoqj9QVKST5K/GwyKFYUxE3WdWd8JuAnY/okjkM0VgcSHCaUA6tYh2k c80bmViwywRshQ9pVwchqoYWbC5DUwZ2F+an/zVlmS48KbBOGZjCP+wzxXzTrcjY26Wl UjLQ== X-Forwarded-Encrypted: i=1; AJvYcCUyYtG8tOYkq7WgA6a8S5L7xq5WS78QsssDevihUXNRwzbe2tIVYv6JQgryFnLBA+qP4r0=@vger.kernel.org, AJvYcCV6glG25x74WcZKZ/lcEefmj595v5AccQmibAzrlfAwbGswZaTz4OiR+AbQqhjBlkd04qV9wYu2@vger.kernel.org, AJvYcCVPbtdbeI6zJP9RkyO6c8c1nu39E5X0j9GlFKTlCJxwA65B/Q2T5TZzKRLxqznyzdUi3KadPDDsxAOXAJOGKenb@vger.kernel.org, AJvYcCVxpT1sm723z3WQiF2DDwFdvgtLjlMpX0NiacN2o3XJSO+TH0SkHJMJEzobW35tOD/Bn3O7HqYugLFlUsNm@vger.kernel.org, AJvYcCW/px9FUVYr6C1MI+HWTNe5q+08JYWArls6ZVe0FCODzR3oKJcjm09gj6TNqpFam2aaJm48CeP0KEX+f7lZ@vger.kernel.org X-Gm-Message-State: AOJu0YwGRjTIqqiBpmutK3GDmiCD6yPqGmwqchsgFUpbKaYdZJ2N+l9N qJQh0WmMEhvyHMvzr9AhYB9eknVZ3nKW6XePeaIpvp2uTe3rKFnpK06g X-Gm-Gg: ASbGncsMFxzR7B1TWuyC9laYIwTJ+4+b4LvqnXHDF5rb5zEwTab1zNS3kBn0xiIEsIz U7jPlxX3YRxo3aQESeSYHYnohpdCccnDYta1bv/a3NdTzZ6CxZhqb4VNhdQpXthFvm/5SgLKE8m +Rqn2VXphSbbxPxBzyYJEI5ggkv2QJJOkHgSnaOGTxoq1hKL6BaudUX/NWhBUY4TP9NfJaEtW1l 9U110miGvzkwRhQBMq6ICsWYB3JpEwOpZfJgi2o4tPbx9Ihiad9a/ckDRMiUhar3f7TIcEunr9v QPqOI+i5eNoq6dBhOe9En920Ej9IXOtfKXJywuIYqYqoyWPYxlSwI/tP6Rs9Sl2R3CUw3qLAVwL Pt6ZnH7yJOdudPeuG9iB5 X-Google-Smtp-Source: AGHT+IFKdbFnw9poUFr+kYVT0cwCfnfmVv/oxnRCgfFdvBFZZP6G4plqa6FPpGcS35Ongi0a99gCnA== X-Received: by 2002:a17:90b:2ccf:b0:321:4765:a423 with SMTP id 98e67ed59e1d1-32515eadd16mr26985871a91.6.1756341102437; Wed, 27 Aug 2025 17:31:42 -0700 (PDT) Received: from localhost ([2a03:2880:2ff:70::]) by smtp.gmail.com with ESMTPSA id 98e67ed59e1d1-327aafa8e3bsm485779a91.0.2025.08.27.17.31.41 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 27 Aug 2025 17:31:41 -0700 (PDT) From: Bobby Eshleman Date: Wed, 27 Aug 2025 17:31:34 -0700 Subject: [PATCH net-next v5 6/9] vhost/vsock: add netns support Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20250827-vsock-vmtest-v5-6-0ba580bede5b@meta.com> References: <20250827-vsock-vmtest-v5-0-0ba580bede5b@meta.com> In-Reply-To: <20250827-vsock-vmtest-v5-0-0ba580bede5b@meta.com> To: Stefano Garzarella , Shuah Khan , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Stefan Hajnoczi , "Michael S. Tsirkin" , Jason Wang , Xuan Zhuo , =?utf-8?q?Eugenio_P=C3=A9rez?= , "K. Y. Srinivasan" , Haiyang Zhang , Wei Liu , Dexuan Cui , Bryan Tan , Vishnu Dasa , Broadcom internal kernel review list Cc: virtualization@lists.linux.dev, netdev@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-hyperv@vger.kernel.org, Bobby Eshleman , berrange@redhat.com, Bobby Eshleman X-Mailer: b4 0.13.0 From: Bobby Eshleman Add the ability to isolate vsock flows using namespaces. The VM, via the vhost_vsock struct, inherits its namespace from the process that opens the vhost-vsock device. vhost_vsock lookup functions are modified to take into account the mode (e.g., if CIDs are matching but modes don't align, then return NULL). vhost_vsock now acquires a reference to the namespace. Signed-off-by: Bobby Eshleman --- Changes in v5: - respect pid namespaces when assigning namespace to vhost_vsock --- drivers/vhost/vsock.c | 26 ++++++++++++++++++-------- 1 file changed, 18 insertions(+), 8 deletions(-) diff --git a/drivers/vhost/vsock.c b/drivers/vhost/vsock.c index 34adf0cf9124..f7405bb27aab 100644 --- a/drivers/vhost/vsock.c +++ b/drivers/vhost/vsock.c @@ -46,6 +46,8 @@ static DEFINE_READ_MOSTLY_HASHTABLE(vhost_vsock_hash, 8); struct vhost_vsock { struct vhost_dev dev; struct vhost_virtqueue vqs[2]; + struct net *net; + netns_tracker ns_tracker; =20 /* Link to global vhost_vsock_hash, writes use vhost_vsock_mutex */ struct hlist_node hash; @@ -67,7 +69,7 @@ static u32 vhost_transport_get_local_cid(void) /* Callers that dereference the return value must hold vhost_vsock_mutex o= r the * RCU read lock. */ -static struct vhost_vsock *vhost_vsock_get(u32 guest_cid) +static struct vhost_vsock *vhost_vsock_get(u32 guest_cid, struct net *net) { struct vhost_vsock *vsock; =20 @@ -78,9 +80,8 @@ static struct vhost_vsock *vhost_vsock_get(u32 guest_cid) if (other_cid =3D=3D 0) continue; =20 - if (other_cid =3D=3D guest_cid) + if (other_cid =3D=3D guest_cid && vsock_net_check_mode(net, vsock->net)) return vsock; - } =20 return NULL; @@ -272,13 +273,14 @@ static int vhost_transport_send_pkt(struct sk_buff *skb) { struct virtio_vsock_hdr *hdr =3D virtio_vsock_hdr(skb); + struct net *net =3D virtio_vsock_skb_net(skb); struct vhost_vsock *vsock; int len =3D skb->len; =20 rcu_read_lock(); =20 /* Find the vhost_vsock according to guest context id */ - vsock =3D vhost_vsock_get(le64_to_cpu(hdr->dst_cid)); + vsock =3D vhost_vsock_get(le64_to_cpu(hdr->dst_cid), net); if (!vsock) { rcu_read_unlock(); kfree_skb(skb); @@ -305,7 +307,7 @@ vhost_transport_cancel_pkt(struct vsock_sock *vsk) rcu_read_lock(); =20 /* Find the vhost_vsock according to guest context id */ - vsock =3D vhost_vsock_get(vsk->remote_addr.svm_cid); + vsock =3D vhost_vsock_get(vsk->remote_addr.svm_cid, sock_net(sk_vsock(vsk= ))); if (!vsock) goto out; =20 @@ -462,11 +464,12 @@ static struct virtio_transport vhost_transport =3D { =20 static bool vhost_transport_seqpacket_allow(struct vsock_sock *vsk, u32 re= mote_cid) { + struct net *net =3D sock_net(sk_vsock(vsk)); struct vhost_vsock *vsock; bool seqpacket_allow =3D false; =20 rcu_read_lock(); - vsock =3D vhost_vsock_get(remote_cid); + vsock =3D vhost_vsock_get(remote_cid, net); =20 if (vsock) seqpacket_allow =3D vsock->seqpacket_allow; @@ -526,6 +529,7 @@ static void vhost_vsock_handle_tx_kick(struct vhost_wor= k *work) continue; } =20 + virtio_vsock_skb_set_net(skb, vsock->net); total_len +=3D sizeof(*hdr) + skb->len; =20 /* Deliver to monitoring devices all received packets */ @@ -652,10 +656,14 @@ static void vhost_vsock_free(struct vhost_vsock *vsoc= k) =20 static int vhost_vsock_dev_open(struct inode *inode, struct file *file) { + struct vhost_virtqueue **vqs; struct vhost_vsock *vsock; + struct net *net; int ret; =20 + net =3D current->nsproxy->net_ns; + /* This struct is large and allocation could fail, fall back to vmalloc * if there is no other way. */ @@ -669,6 +677,7 @@ static int vhost_vsock_dev_open(struct inode *inode, st= ruct file *file) goto out; } =20 + vsock->net =3D get_net_track(net, &vsock->ns_tracker, GFP_KERNEL); vsock->guest_cid =3D 0; /* no CID assigned yet */ vsock->seqpacket_allow =3D false; =20 @@ -708,7 +717,7 @@ static void vhost_vsock_reset_orphans(struct sock *sk) */ =20 /* If the peer is still valid, no need to reset connection */ - if (vhost_vsock_get(vsk->remote_addr.svm_cid)) + if (vhost_vsock_get(vsk->remote_addr.svm_cid, sock_net(sk))) return; =20 /* If the close timeout is pending, let it expire. This avoids races @@ -753,6 +762,7 @@ static int vhost_vsock_dev_release(struct inode *inode,= struct file *file) virtio_vsock_skb_queue_purge(&vsock->send_pkt_queue); =20 vhost_dev_cleanup(&vsock->dev); + put_net_track(vsock->net, &vsock->ns_tracker); kfree(vsock->dev.vqs); vhost_vsock_free(vsock); return 0; @@ -779,7 +789,7 @@ static int vhost_vsock_set_cid(struct vhost_vsock *vsoc= k, u64 guest_cid) =20 /* Refuse if CID is already in use */ mutex_lock(&vhost_vsock_mutex); - other =3D vhost_vsock_get(guest_cid); + other =3D vhost_vsock_get(guest_cid, vsock->net); if (other && other !=3D vsock) { mutex_unlock(&vhost_vsock_mutex); return -EADDRINUSE; --=20 2.47.3 From nobody Fri Oct 3 16:47:15 2025 Received: from mail-pf1-f182.google.com (mail-pf1-f182.google.com [209.85.210.182]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5D3C622F77B; Thu, 28 Aug 2025 00:31:45 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.182 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1756341107; cv=none; b=mUq/ILgDXAXZgcpiBIHCrQ4hGfnboOMk2FU/tqES7BqiKcrHe7yn9nfGj7Ubu+dBxWS2lD5l2ReMmDp3HsvUKpP0f2w9vI6pgmFc/XCXfJAQTKhl/y/fWIciHB0nnAPjcC58nUFBCXe49TupQKIgXC49sl0r+c6x6Z+WPjuzWqE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1756341107; c=relaxed/simple; bh=EcIbGeQZlwbG2n3LwrGpP4mEJH5ftJ79PCsbYjs89dI=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=g6n++z5D4KJIxJ9QoOeY2tbJEdbN0klhLW/jsQJAjxSWiFers9bA+HAIys9p95AJmwYezUypJQ2QWpHot9T3P1ZBFf1swfPAbFQzHo6R9/x69pCTgl7GFXNqEWNxHWfAs0qgCOu9zS43anLN1Jun+FhzZP8JJ1HbN5I9Thv5OnU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=m/W7MEza; arc=none smtp.client-ip=209.85.210.182 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="m/W7MEza" Received: by mail-pf1-f182.google.com with SMTP id d2e1a72fcca58-771e4378263so372531b3a.0; Wed, 27 Aug 2025 17:31:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1756341104; x=1756945904; darn=vger.kernel.org; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:from:to:cc:subject:date:message-id :reply-to; bh=D2evao2yHguRL1K3LeUb7zk3K6u4tPHmAj2zWCiTI2M=; b=m/W7MEzaKj/lLGAgthvRkn3hqYhqvXL2OnK2CsfuvT6TzE7vyXuXFA/1gjK7wNhIHg db9vhSLTIdk7AnBvxz78umSV+aAi2DxR1Ox4hF6DIKQgrYS1DVOuDxjgahdOdQ7WaCk7 s03frKjhmUe+DcppQRSu1IE51+Z43usO7lRF4rdp4PT8bX2G7WTH0xoqLmAICcPtzSmJ Fq4/e1iOtaXZ8yHDUUdIa02GqHdkult5SHNnBMnSR86g6hQsFwsxbV7GSKiT+mZujyVy 0GooIz+/86hX1tqXJhtQ9VfCGEPlLw3XJy7i0+74YOgGHxo1adLAG1Xl5NKWG5XM0ATp 96Og== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1756341104; x=1756945904; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=D2evao2yHguRL1K3LeUb7zk3K6u4tPHmAj2zWCiTI2M=; b=jEZFovwOu03xRc0npXwIyp3vrV0TotXm4SFZphdxic6T3o4hvmHbMECj7PftCXrCHF ie0LZbNEznbA+4f0PKiZOEgTUnL7zeKjthf7Ix3cIGBp7j4Idcxd9z8wmEd0kA6QxGTN 3v4+hDadi3LlbhPEJFuKqVTCf2m0bKKMIzrwDRLZolXa58VtDPwTJrxETLo0Srtv+kqS AoBRmxZiXYoa4Tx8MCWuTaVlIyXpjGv4+kva5xFV6mvJ5uUir/6CNCjRznaNY2H81elJ obnKJtdQ11iWN9Hkd4/aaPsbwVMNFBZnjma3Z7N/FTeAfn5dKCWDxP/tqHS6uhFMGlyi vdsw== X-Forwarded-Encrypted: i=1; AJvYcCU8Bvm/yVIA33+d/FfSoNVQVnlo3oflJqbu0CK3Js01jho3aNOs6tRFuaTMsJe9CdBckaKkEekarVJ6kl45mSkH@vger.kernel.org, AJvYcCV+iy/cJfXMnp9loLETEcUhn43tCieU5pxCVOJXs7mMOHafdDDtP8xrCeSGVhQQymeQ5QS9auexvE/HELxQ@vger.kernel.org, AJvYcCV3/bGd4mMQrkHC3VmilZuKx9gmTTYDTndWl+VBUlABZv2SYA75jxF0KaSlIawOjYjGn1I=@vger.kernel.org, AJvYcCWPabSTL9jKJEtsxJhKVTplzXKuRNT/cpyQSXse+kECxSlOAOxgFXou9s08S5za757+HsbWaqly@vger.kernel.org, AJvYcCWeeaot0ZfvZ9uFioFFA3hEUmyHiDFMntxJ0YpNv5uROAHs7cGvRU+HvdivgXJ7xoJb/QfOmwC3A2mGikqb@vger.kernel.org X-Gm-Message-State: AOJu0YyQn214Wcvop82+2xSbf4WwXT1wToIsKHE/u7TtC1f8MR6bfcXn S19qyDM6WFtE9JNKTOM2eksE1YLRe88aGDLI4B2LKM8PhLc8SKx48rxA X-Gm-Gg: ASbGnctF4a5WO1o9ptvGIBMsgYcpt24GFPqdJFhZ5HqgSVzJ6B+KqkzD8jBmOcU2KVz wz+kBA3cELmNxqvNvg1NawyR33P75dcVEQJTE5DKjwvJXSzgnOzqNp4mh2DvDJleDIo1NKEZhvT s/mzXRLjqdyitpK6s8M8frrJdmjxhXwg0XLKQ8mMlSEVt1S+643cRtewJKZjP6dlX0qeVaHZTLF 2CSjPz652biR8ci1pTbj6xXKnQLG9nl0+sIj0go3CUaPmDyKps2cUPSUlhWpkYdyQRCVbNf+/8G 6ewGyoWX0Oal8RtVszh3BIwYcuUODlZ312aH4NZM9lU0+HOka2C5AEnQliJdiLMgisYWCGV5ZHy O3JlqwsE2MJIyDS4nLFgl8wRTbOiy1wo= X-Google-Smtp-Source: AGHT+IEJbr3HMmIrqKif6m9C2MhdHBoHOAYBHt+zVuuv9LxC3u4ctZQ3MSl9h0oZOwFhJ8SGLu9S4g== X-Received: by 2002:a05:6a00:b52:b0:772:114c:bcbb with SMTP id d2e1a72fcca58-772114cc0d7mr3414779b3a.4.1756341104472; Wed, 27 Aug 2025 17:31:44 -0700 (PDT) Received: from localhost ([2a03:2880:2ff:72::]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-77040010834sm14170599b3a.46.2025.08.27.17.31.43 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 27 Aug 2025 17:31:43 -0700 (PDT) From: Bobby Eshleman Date: Wed, 27 Aug 2025 17:31:35 -0700 Subject: [PATCH net-next v5 7/9] selftests/vsock: improve logging in vmtest.sh Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20250827-vsock-vmtest-v5-7-0ba580bede5b@meta.com> References: <20250827-vsock-vmtest-v5-0-0ba580bede5b@meta.com> In-Reply-To: <20250827-vsock-vmtest-v5-0-0ba580bede5b@meta.com> To: Stefano Garzarella , Shuah Khan , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Stefan Hajnoczi , "Michael S. Tsirkin" , Jason Wang , Xuan Zhuo , =?utf-8?q?Eugenio_P=C3=A9rez?= , "K. Y. Srinivasan" , Haiyang Zhang , Wei Liu , Dexuan Cui , Bryan Tan , Vishnu Dasa , Broadcom internal kernel review list Cc: virtualization@lists.linux.dev, netdev@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-hyperv@vger.kernel.org, Bobby Eshleman , berrange@redhat.com, Bobby Eshleman X-Mailer: b4 0.13.0 From: Bobby Eshleman Improve logging by adding configurable log levels. Additionally, improve usability of logging functions. Remove the test name prefix from logging functions so that logging calls can be made deeper into the call stack without passing down the test name or setting some global. Teach log function to accept a LOG_PREFIX variable to avoid unnecessary argument shifting. Signed-off-by: Bobby Eshleman --- tools/testing/selftests/vsock/vmtest.sh | 75 ++++++++++++++++-------------= ---- 1 file changed, 37 insertions(+), 38 deletions(-) diff --git a/tools/testing/selftests/vsock/vmtest.sh b/tools/testing/selfte= sts/vsock/vmtest.sh index edacebfc1632..183647a86c8a 100755 --- a/tools/testing/selftests/vsock/vmtest.sh +++ b/tools/testing/selftests/vsock/vmtest.sh @@ -51,7 +51,12 @@ readonly TEST_DESCS=3D( "Run vsock_test using the loopback transport in the VM." ) =20 -VERBOSE=3D0 +readonly LOG_LEVEL_DEBUG=3D0 +readonly LOG_LEVEL_INFO=3D1 +readonly LOG_LEVEL_WARN=3D2 +readonly LOG_LEVEL_ERROR=3D3 + +VERBOSE=3D"${LOG_LEVEL_WARN}" =20 usage() { local name @@ -196,7 +201,7 @@ vm_start() { =20 qemu=3D$(command -v "${QEMU}") =20 - if [[ "${VERBOSE}" -eq 1 ]]; then + if [[ ${VERBOSE} -le ${LOG_LEVEL_DEBUG} ]]; then verbose_opt=3D"--verbose" logfile=3D/dev/stdout fi @@ -271,60 +276,56 @@ EOF =20 host_wait_for_listener() { wait_for_listener "${TEST_HOST_PORT_LISTENER}" "${WAIT_PERIOD}" "${WAIT_P= ERIOD_MAX}" -} - -__log_stdin() { - cat | awk '{ printf "%s:\t%s\n","'"${prefix}"'", $0 }' -} =20 -__log_args() { - echo "$*" | awk '{ printf "%s:\t%s\n","'"${prefix}"'", $0 }' } =20 log() { - local prefix=3D"$1" + local redirect + local prefix =20 - shift - local redirect=3D - if [[ ${VERBOSE} -eq 0 ]]; then + if [[ ${VERBOSE} -gt ${LOG_LEVEL_INFO} ]]; then redirect=3D/dev/null else redirect=3D/dev/stdout fi =20 + prefix=3D"${LOG_PREFIX:-}" + if [[ "$#" -eq 0 ]]; then - __log_stdin | tee -a "${LOG}" > ${redirect} + if [[ -n "${prefix}" ]]; then + cat | awk -v prefix=3D"${prefix}" '{printf "%s: %s\n", prefix, $0}' + else + cat + fi else - __log_args "$@" | tee -a "${LOG}" > ${redirect} - fi + if [[ -n "${prefix}" ]]; then + echo "${prefix}: " "$@" + else + echo "$@" + fi + fi | tee -a "${LOG}" > ${redirect} } =20 -log_setup() { - log "setup" "$@" +log_host() { + LOG_PREFIX=3Dhost log $@ } =20 -log_host() { - local testname=3D$1 +log_guest() { + LOG_PREFIX=3Dguest log $@ +} =20 - shift - log "test:${testname}:host" "$@" } =20 -log_guest() { - local testname=3D$1 =20 - shift - log "test:${testname}:guest" "$@" } =20 test_vm_server_host_client() { - local testname=3D"${FUNCNAME[0]#test_}" =20 vm_ssh -- "${VSOCK_TEST}" \ --mode=3Dserver \ --control-port=3D"${TEST_GUEST_PORT}" \ --peer-cid=3D2 \ - 2>&1 | log_guest "${testname}" & + 2>&1 | log_guest & =20 vm_wait_for_listener "${TEST_GUEST_PORT}" =20 @@ -332,18 +333,17 @@ test_vm_server_host_client() { --mode=3Dclient \ --control-host=3D127.0.0.1 \ --peer-cid=3D"${VSOCK_CID}" \ - --control-port=3D"${TEST_HOST_PORT}" 2>&1 | log_host "${testname}" + --control-port=3D"${TEST_HOST_PORT}" 2>&1 | log_host =20 return $? } =20 test_vm_client_host_server() { - local testname=3D"${FUNCNAME[0]#test_}" =20 ${VSOCK_TEST} \ --mode "server" \ --control-port "${TEST_HOST_PORT_LISTENER}" \ - --peer-cid "${VSOCK_CID}" 2>&1 | log_host "${testname}" & + --peer-cid "${VSOCK_CID}" 2>&1 | log_host & =20 host_wait_for_listener =20 @@ -351,19 +351,18 @@ test_vm_client_host_server() { --mode=3Dclient \ --control-host=3D10.0.2.2 \ --peer-cid=3D2 \ - --control-port=3D"${TEST_HOST_PORT_LISTENER}" 2>&1 | log_guest "${testna= me}" + --control-port=3D"${TEST_HOST_PORT_LISTENER}" 2>&1 | log_guest =20 return $? } =20 test_vm_loopback() { - local testname=3D"${FUNCNAME[0]#test_}" local port=3D60000 # non-forwarded local port =20 vm_ssh -- "${VSOCK_TEST}" \ --mode=3Dserver \ --control-port=3D"${port}" \ - --peer-cid=3D1 2>&1 | log_guest "${testname}" & + --peer-cid=3D1 2>&1 | log_guest & =20 vm_wait_for_listener "${port}" =20 @@ -371,7 +370,7 @@ test_vm_loopback() { --mode=3Dclient \ --control-host=3D"127.0.0.1" \ --control-port=3D"${port}" \ - --peer-cid=3D1 2>&1 | log_guest "${testname}" + --peer-cid=3D1 2>&1 | log_guest =20 return $? } @@ -429,7 +428,7 @@ QEMU=3D"qemu-system-$(uname -m)" while getopts :hvsq:b o do case $o in - v) VERBOSE=3D1;; + v) VERBOSE=3D$(( VERBOSE - 1 ));; b) BUILD=3D1;; q) QEMU=3D$OPTARG;; h|*) usage;; @@ -452,10 +451,10 @@ handle_build =20 echo "1..${#ARGS[@]}" =20 -log_setup "Booting up VM" +log_host "Booting up VM" vm_start vm_wait_for_ssh -log_setup "VM booted up" +log_host "VM booted up" =20 cnt_pass=3D0 cnt_fail=3D0 --=20 2.47.3 From nobody Fri Oct 3 16:47:15 2025 Received: from mail-pj1-f49.google.com (mail-pj1-f49.google.com [209.85.216.49]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 228A123E356; Thu, 28 Aug 2025 00:31:46 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.49 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1756341109; cv=none; b=O4tZ9SjgiGvIZ1ZhwMdz9ckiO32lf5Bjp2NpbXj2f+dd8Tfnv9K6lW2KbPMZheiEleyiRs4g7wPo2h0I29Fi/CQg90zEEOiQF1Ba/Bm7/Z0LDHNJX77g+uReJGpsslH+nGrgIPUhmktzer19Sy+tENmniEjP4WNLgxk7+lSOm4U= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1756341109; c=relaxed/simple; bh=BquwX6HjvEBxZ0NOdjFPMl3JAQrw/BuuZkbNRV5kNDE=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=lhp5s/CkPjAcevKyv2QH0Bt4DWm5eD1ZrgNRlGp0ZcfE8eRLPRMucU0BoJA0Nd857Qa/yZatQ0z86mYmcsHXrF+KF/D8MVLFBAEeNDQjqoJaqc4lWfOqTB5oaqlTghDUewMIAde2ZNHaJ2oZ4tOQ8ILYWY4rwbi4QDmA4vR/66A= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=kthf9cLr; arc=none smtp.client-ip=209.85.216.49 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="kthf9cLr" Received: by mail-pj1-f49.google.com with SMTP id 98e67ed59e1d1-324e6daaa39so425056a91.0; Wed, 27 Aug 2025 17:31:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1756341106; x=1756945906; darn=vger.kernel.org; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:from:to:cc:subject:date:message-id :reply-to; bh=1YyzkIGkPcN4s/5n8XbmWu5wXR7Mhh7fBZ/cTvP3v7E=; b=kthf9cLrvUlHRl9ZgHdjkxQG2mJ6vw3loypCyE2wMBYlAO9oBEqWRV4wOD8Bk8yuWi b1QSRTcWTehK6HP3PWle3ne2kLKGCD+uT3WStJomK6r9Nf7gq+b9TQlOBbZdTlXLfIxP +OEWb3dDvulkXVhTq+Dgw4ycLWNlOaNjV6ZzlZlI49KqNbcwD8Pdb2BLRbx11Cgv4GJZ pKyNJj2SIaUPOZE71HYnvuylEMx5dBAXewCW3MFqrFQRGYD+p95cZZhuo6E1TMqkjUSh vRn3OSR3hE4medbPE7LUHhISFEF2UeVjN1FHMxlZN5EtAyD85tqGM8P8Q86U40IPJfVt 0Flg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1756341106; x=1756945906; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=1YyzkIGkPcN4s/5n8XbmWu5wXR7Mhh7fBZ/cTvP3v7E=; b=WzQXRQCVv6SpV9JXox4zKAtcmi+pGk1Za13qxP9E1qHMklWBOgGbCjbbqVI3+CeSB1 LxLOKRfOQZ3nYmjix1w3C04A8QiPjhqCEK+4SUUHUe+W4Q4FOmnYfiqa/lC8+Dl79wza yQSTCdAVwNDiSF1kCD5ajP4rRupGlGjhfOWMf2MsaqC9nVhMJ3u9IdFDSlsrlKHnbXUx tzCGP9ttkIM9ofcokkviXf4T/34TWm3wpHCyiZDy0utGXpJocOEhXJORe1U8i6iIxlWq EsrCZ5OicpHQZ2gt4JaS3PJ3m9dUHFTpGttH+35k+yxGv1XRGYYb+yxPb+MmcMhEezvC 22lg== X-Forwarded-Encrypted: i=1; AJvYcCVlJw6wasckE2W/OILGZGW/Tcjn9WWITg7CutLl5ENzeJ5NFgRuheamYPbaVsjHA2EGfSw=@vger.kernel.org, AJvYcCWAyvUpNAGwhL2pJAPP5bD+XzlDvJZa0FC4H8RqrAPdnhHS1iBqh176LXwuBjfCkacpXyUPclNR@vger.kernel.org, AJvYcCWE9DrMFIluZ7efBmGz043BTAzvORiIOe9Yl9yOmrfbR/nCso9wZViJj0egtMej7Rzb8IzsgCbUW2ookcPb@vger.kernel.org, AJvYcCWHvNxUXAdJjb4/RUYzTwwFPQkpJ4gGyugMzxq2kFl1tMxdtCHdqo95bOkmQzUgM+kxukiJ4IvurVPi1gwG@vger.kernel.org, AJvYcCXCDDgH/iB8QcVXuw4WzGdqFuFkAvp+5f62fI+FinQCtGW878JIXXoFZSAVSKay0hFN0YgG0ETxNnQai/SoPtIi@vger.kernel.org X-Gm-Message-State: AOJu0YyhzruxUSsYuuWJYQPuDHTvrL+G97g0u0XmOEHUTZJ0lXiwty7t cV34jyEr5xItnsxWy3/z9iF84sYUGUDfCvWxbnVhUDWXoQ1C4pV1deoJ X-Gm-Gg: ASbGncvYTpSXfM3Z/hKPWbYHVPicZPaQWW1SXrJrUs3mGStJX0ZaB9lNvdChg+DLkGm d9knlgafIsYnTwYXKXcZBk4ARz/I6TmzVJxVmhcdR+51U00OUWPiZkqfqqVlci/a94pxE6pk3+X RNJynNTiropF1b9yD7wFFaB8+w8wEEwq7KsbiX1EsEuISADPqs0wEmDj1tlIhHRpjhJNtVKqGSJ 9TxBp6FlS5xdEwRkH3GZVWQbB4BKY0rMr8uMVwKrINgRXPxRWf9XjdxqoMxppF9BzyPclekN9rj 5/3E/5XT3egA+316GrRIZcTEa2mWXZy35u45SV/4sS8RdI2HuHYI/7Pm9QtZpYlJC8eUwMhKZEB edUisQpG3f+6FGl5QLP8i X-Google-Smtp-Source: AGHT+IH0iX22i5zp4tqvi0cHsT4JxA9i1Dra/FRoxR4Vn+2NrRWAtx9wzlm5+GyzO17IIEvA0poyuQ== X-Received: by 2002:a17:90b:53cc:b0:327:aaeb:e805 with SMTP id 98e67ed59e1d1-327aaebf070mr1055603a91.21.1756341106213; Wed, 27 Aug 2025 17:31:46 -0700 (PDT) Received: from localhost ([2a03:2880:2ff:74::]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-7703ffb9d3bsm14220480b3a.23.2025.08.27.17.31.45 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 27 Aug 2025 17:31:45 -0700 (PDT) From: Bobby Eshleman Date: Wed, 27 Aug 2025 17:31:36 -0700 Subject: [PATCH net-next v5 8/9] selftests/vsock: invoke vsock_test through helpers Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20250827-vsock-vmtest-v5-8-0ba580bede5b@meta.com> References: <20250827-vsock-vmtest-v5-0-0ba580bede5b@meta.com> In-Reply-To: <20250827-vsock-vmtest-v5-0-0ba580bede5b@meta.com> To: Stefano Garzarella , Shuah Khan , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Stefan Hajnoczi , "Michael S. Tsirkin" , Jason Wang , Xuan Zhuo , =?utf-8?q?Eugenio_P=C3=A9rez?= , "K. Y. Srinivasan" , Haiyang Zhang , Wei Liu , Dexuan Cui , Bryan Tan , Vishnu Dasa , Broadcom internal kernel review list Cc: virtualization@lists.linux.dev, netdev@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-hyperv@vger.kernel.org, Bobby Eshleman , berrange@redhat.com, Bobby Eshleman X-Mailer: b4 0.13.0 From: Bobby Eshleman Add helper calls vm_vsock_test() and host_vsock_test() to invoke the vsock_test binary. This encapsulates several items of repeat logic, such as waiting for the server to reach listening state and enabling/disabling the bash option pipefail to avoid pipe-style logging from hiding failures. Signed-off-by: Bobby Eshleman --- tools/testing/selftests/vsock/vmtest.sh | 120 ++++++++++++++++++++++++++++= ---- 1 file changed, 108 insertions(+), 12 deletions(-) diff --git a/tools/testing/selftests/vsock/vmtest.sh b/tools/testing/selfte= sts/vsock/vmtest.sh index 183647a86c8a..5e36d1068f6f 100755 --- a/tools/testing/selftests/vsock/vmtest.sh +++ b/tools/testing/selftests/vsock/vmtest.sh @@ -248,6 +248,7 @@ wait_for_listener() local port=3D$1 local interval=3D$2 local max_intervals=3D$3 + local old_pipefail local protocol=3Dtcp local pattern local i @@ -256,6 +257,13 @@ wait_for_listener() =20 # for tcp protocol additionally check the socket state [ "${protocol}" =3D "tcp" ] && pattern=3D"${pattern}0A" + + # 'grep -q' exits on match, sending SIGPIPE to 'awk', which exits with + # an error, causing the if-condition to fail when pipefail is set. + # Instead, temporarily disable pipefail and restore it later. + old_pipefail=3D$(set -o | awk '/^pipefail[[:space:]]+(on|off)$/{print $2}= ') + set +o pipefail + for i in $(seq "${max_intervals}"); do if awk '{print $2" "$4}' /proc/net/"${protocol}"* | \ grep -q "${pattern}"; then @@ -263,6 +271,10 @@ wait_for_listener() fi sleep "${interval}" done + + if [[ "${old_pipefail}" =3D=3D on ]]; then + set -o pipefail + fi } =20 vm_wait_for_listener() { @@ -314,28 +326,112 @@ log_guest() { LOG_PREFIX=3Dguest log $@ } =20 +vm_vsock_test() { + local ns=3D$1 + local mode=3D$2 + local rc + + set -o pipefail + if [[ "${mode}" =3D=3D client ]]; then + local host=3D$3 + local cid=3D$4 + local port=3D$5 + + # log output and use pipefail to respect vsock_test errors + vm_ssh "${ns}" -- "${VSOCK_TEST}" \ + --mode=3Dclient \ + --control-host=3D"${host}" \ + --peer-cid=3D"${cid}" \ + --control-port=3D"${port}" \ + 2>&1 | log_guest + rc=3D$? + else + local cid=3D$3 + local port=3D$4 + + # log output and use pipefail to respect vsock_test errors + vm_ssh "${ns}" -- "${VSOCK_TEST}" \ + --mode=3Dserver \ + --peer-cid=3D"${cid}" \ + --control-port=3D"${port}" \ + 2>&1 | log_guest & + rc=3D$? + + if [[ $rc -ne 0 ]]; then + set +o pipefail + return $rc + fi + + vm_wait_for_listener "${ns}" "${port}" + rc=3D$? + fi + set +o pipefail + + return $rc } =20 +host_vsock_test() { + local ns=3D$1 + local mode=3D$2 + local cmd + + if [[ "${ns}" =3D=3D none ]]; then + cmd=3D"${VSOCK_TEST}" + else + cmd=3D"ip netns exec ${ns} ${VSOCK_TEST}" + fi + + # log output and use pipefail to respect vsock_test errors + set -o pipefail + if [[ "${mode}" =3D=3D client ]]; then + local host=3D$3 + local cid=3D$4 + local port=3D$5 + + ${cmd} \ + --mode=3D"${mode}" \ + --peer-cid=3D"${cid}" \ + --control-host=3D"${host}" \ + --control-port=3D"${port}" 2>&1 | log_host + rc=3D$? + else + local cid=3D$3 + local port=3D$4 + + ${cmd} \ + --mode=3D"${mode}" \ + --peer-cid=3D"${cid}" \ + --control-port=3D"${port}" 2>&1 | log_host & + rc=3D$? + + if [[ $rc -ne 0 ]]; then + return $rc + fi + + host_wait_for_listener "${ns}" "${port}" "${WAIT_PERIOD}" "${WAIT_PERIOD= _MAX}" + rc=3D$? + fi + set +o pipefail =20 + return $rc } =20 test_vm_server_host_client() { + vm_vsock_test "none" "server" 2 "${TEST_GUEST_PORT}" + host_vsock_test "none" "client" "127.0.0.1" "${VSOCK_CID}" "${TEST_HOST_P= ORT}" +} =20 - vm_ssh -- "${VSOCK_TEST}" \ - --mode=3Dserver \ - --control-port=3D"${TEST_GUEST_PORT}" \ - --peer-cid=3D2 \ - 2>&1 | log_guest & +test_vm_client_host_server() { + host_vsock_test "none" "server" "${VSOCK_CID}" "${TEST_HOST_PORT_LISTENER= }" + vm_vsock_test "none" "client" "10.0.2.2" 2 "${TEST_HOST_PORT_LISTENER}" +} =20 - vm_wait_for_listener "${TEST_GUEST_PORT}" +test_vm_loopback() { + vm_vsock_test "none" "server" 1 "${TEST_HOST_PORT_LISTENER}" + vm_vsock_test "none" "client" "127.0.0.1" 1 "${TEST_HOST_PORT_LISTENER}" +} =20 - ${VSOCK_TEST} \ - --mode=3Dclient \ - --control-host=3D127.0.0.1 \ - --peer-cid=3D"${VSOCK_CID}" \ - --control-port=3D"${TEST_HOST_PORT}" 2>&1 | log_host =20 - return $? } =20 test_vm_client_host_server() { --=20 2.47.3 From nobody Fri Oct 3 16:47:15 2025 Received: from mail-pj1-f53.google.com (mail-pj1-f53.google.com [209.85.216.53]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 56C73247DE1; Thu, 28 Aug 2025 00:31:49 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.53 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1756341112; cv=none; b=aadupSdj+Kz20/q16/DIMrFOw26krXm30sv5XPAP1KQUxezQW72zeJxMjpyAIvpW05Iu1UgwckbyCm+LjQxSiRClEtWNkstzgiM07s1ePbdphQeKX1BmrwAcCj/BsGL5Ajo8dIIFIbdZ1HmrsOsh10spW7pQBk3bgbS2KwwI+6U= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1756341112; c=relaxed/simple; bh=XSuSDmrQjNV3qL9yGGRj1Q8lZlo1XU+mOED6UtxnpQM=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=Ntb9Pop4Sd+F9htgDwGV9MjjnWA3acXrL4QXwqtKyHNv7Ohp6T7NHCa+/uhc41+vu+rO1eR8MleGLFQ4+O60xVguVIiVkcsnuJssA5vLIxBTQweFPwtTSvuiB0PMkYMqFpZ2wgPo+O1k7c/3/R2AkKUcqwV/VqUK0VI+g6SF6II= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=dFQd4hfa; arc=none smtp.client-ip=209.85.216.53 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="dFQd4hfa" Received: by mail-pj1-f53.google.com with SMTP id 98e67ed59e1d1-321cfa7ad29so1129149a91.1; Wed, 27 Aug 2025 17:31:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1756341108; x=1756945908; darn=vger.kernel.org; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:from:to:cc:subject:date:message-id :reply-to; bh=BfpxmYb+AZOCfr2AnpYy9iPWtYGvnkyYzAlBopdEFyQ=; b=dFQd4hfapXtfItey9G+BcUl8zTJQxqzxdoiKtRmQBD6FLaTL35iSteW9gMxflm+lC0 hM1r7gw9ii3mb1rg9q0Pn6r1bsPOBeNQAJ5GYLS9G7UYK10hXwxyy3oeqJfp1WUAiZ5R WqpPt78Bw1TYO8/6u7KD0HXkM90xcteZt5eCF8dtWLLoidbZqt6x0FrbQyG93Kz+PBTP VU3yleiurfq/zePzY/X2lrDIvXk+01cE23anZDjLVHFiLI1xEaTvGBB02O4fE2DmJyNm re9eeOPOng5Giio/xbpQv8Uf1qRHFHlTp/MN3SJqBuXefAzcUkwMztxKyfFoQ/vSe/Vh Jsgg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1756341108; x=1756945908; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=BfpxmYb+AZOCfr2AnpYy9iPWtYGvnkyYzAlBopdEFyQ=; b=vXSIHeSndkIBA1Nbu8gQy3arPvMugWPigISOBMKvrgAZ4e87+4W1E61TryOGNDih+p Ar+HhnKxFkphs5RxjouBb9aNddreSJQYn14C97v4uuMSbHiiepkdGnZY5uZ5Tixw3TlK PX6ZYRZi3j9M3NljPKwCYPZYtyZYaLg1/amN/V81f9EGIo4TDrG0EucYVc9JUQrGUanl JulYtTV2+M+sF5tgTOtBiTCG2np3ifQF9i9lw2nc+n0TRugQAVkYPPzHq70nDvXQUIKi nYI934uHVo3iIVni9LeVZ6FdbjAhlAY6ooV0Q4CAMQpuEsR8Epq22TvSoSslz41BrlyF wyCg== X-Forwarded-Encrypted: i=1; AJvYcCU3yxIfwDGkXusMkSPjrUvH5kr2kpJ+YHeZRLrSL2fRUmUP/8RgOw5uIUVrNIi2zUtGyIQEZfCh@vger.kernel.org, AJvYcCUSiMH+5pa7Lo0HEy0FoMjQOmYHqW4rIwRnLCMWJN9IMwg5zh+0k2wOpqsDLnXgM+3XXj3SbQyUy0Gal2Hz@vger.kernel.org, AJvYcCW4Ber8QHlP6HEkeSYQnMGX0WOmtup1KWNI4U7Uadrq6FPAi8Ejm9BJsb1vHc0kYLrJEXJiPvVOBesqb3GT@vger.kernel.org, AJvYcCWMJuU9b/9IUU3wA5d/72HVhqTqRL1+JK+7+aeHtFQCu/sgoTfdp9bt+fTEfrl2MI/7Apo=@vger.kernel.org, AJvYcCXocGM8vw9OyyR4NReqTWA6AI0kuIZ9pXYtyIlfNAS2xCpgtWEa9ZUhcKlsoOCZRxw9WaJOUsJzn/36J3mSAyQi@vger.kernel.org X-Gm-Message-State: AOJu0YyDmnzHbMtAdl6xNFNy31dExoqbag7wrtKBUOqwi2Nhmg7LESV5 ZczBIe3XX212CsjEc4kc3rj6OOu6bAc9MFwRNi+Zk9lWSd6727+jfZFLvQezs47Q X-Gm-Gg: ASbGnct69F8LDVBfueM9wDdrHUFk/8chsi0nx6POacdBrkRBZXhG7JSAa8nGgS9ZQWJ Ew599ODGfNt+DLioSGrjImMV9BOMRe6RIlJVdgN53fs4to/a8UvZE+BEkgjBwpc0okIcdlN0fvR dErxptCrMhn0EvUGUc8Gl0Bdo8eomSyk9KvOumgY0Ckt5SnEbnPPA/POtgSY+ne+71enFgn3LhB nIMyM76K6Zr67rnBGXxb+FrNvJXxNQ+5P0Rat+cECiJJgMHxUTkX6bif1FLe1TRfeRpSn8Z/MDG d9teW2VvpVNNxYAcOzGqHgj/8inAqm/MaKsZfOZ8pupHSRTJkdcyWRLlaxSZgDh0IpLTgPJZ1AL OOqzCAIdFRFIlzshhWPkjUY84lo2FQrw= X-Google-Smtp-Source: AGHT+IEg57QcmbrIQjwprTkgP68aNBsGFiAPXciHFu94NLgLuHIRfDkzSzDAptSD/xMXE9pPigNKJw== X-Received: by 2002:a17:90b:390f:b0:327:8fb4:5140 with SMTP id 98e67ed59e1d1-3278fb452a6mr3554651a91.10.1756341108115; Wed, 27 Aug 2025 17:31:48 -0700 (PDT) Received: from localhost ([2a03:2880:2ff:47::]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-771e912e40csm8623200b3a.44.2025.08.27.17.31.46 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 27 Aug 2025 17:31:47 -0700 (PDT) From: Bobby Eshleman Date: Wed, 27 Aug 2025 17:31:37 -0700 Subject: [PATCH net-next v5 9/9] selftests/vsock: add namespace tests Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20250827-vsock-vmtest-v5-9-0ba580bede5b@meta.com> References: <20250827-vsock-vmtest-v5-0-0ba580bede5b@meta.com> In-Reply-To: <20250827-vsock-vmtest-v5-0-0ba580bede5b@meta.com> To: Stefano Garzarella , Shuah Khan , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Stefan Hajnoczi , "Michael S. Tsirkin" , Jason Wang , Xuan Zhuo , =?utf-8?q?Eugenio_P=C3=A9rez?= , "K. Y. Srinivasan" , Haiyang Zhang , Wei Liu , Dexuan Cui , Bryan Tan , Vishnu Dasa , Broadcom internal kernel review list Cc: virtualization@lists.linux.dev, netdev@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-hyperv@vger.kernel.org, Bobby Eshleman , berrange@redhat.com, Bobby Eshleman X-Mailer: b4 0.13.0 From: Bobby Eshleman Add tests for namespace support in vsock. Use socat for basic connection failure tests and vsock_test for full functionality tests when communication is expected to succeed. vsock_test is not used for failure cases because in theory vsock_test could allow connection and some traffic flow but fail on some other case (e.g., fail on MSG_ZEROCOPY). Tests cover all cases of clients and servers being in all variants of local ns, global ns, host process, and VM process. Legacy tests are retained and executed in the init ns. Signed-off-by: Bobby Eshleman --- Changes in v5: - use /proc/sys/net/vsock/ns_mode - clarify logic of tests that reuse the same VM and tests that require netns setup - fix unassigned BUILD bug --- tools/testing/selftests/vsock/vmtest.sh | 913 ++++++++++++++++++++++++++++= ---- 1 file changed, 808 insertions(+), 105 deletions(-) diff --git a/tools/testing/selftests/vsock/vmtest.sh b/tools/testing/selfte= sts/vsock/vmtest.sh index 5e36d1068f6f..9d830eb7e829 100755 --- a/tools/testing/selftests/vsock/vmtest.sh +++ b/tools/testing/selftests/vsock/vmtest.sh @@ -7,6 +7,7 @@ # * virtme-ng # * busybox-static (used by virtme-ng) # * qemu (used by virtme-ng) +# * socat =20 readonly SCRIPT_DIR=3D"$(cd -P -- "$(dirname -- "${BASH_SOURCE[0]}")" && p= wd -P)" readonly KERNEL_CHECKOUT=3D$(realpath "${SCRIPT_DIR}"/../../../../) @@ -23,7 +24,7 @@ readonly VSOCK_CID=3D1234 readonly WAIT_PERIOD=3D3 readonly WAIT_PERIOD_MAX=3D60 readonly WAIT_TOTAL=3D$(( WAIT_PERIOD * WAIT_PERIOD_MAX )) -readonly QEMU_PIDFILE=3D$(mktemp /tmp/qemu_vsock_vmtest_XXXX.pid) +readonly WAIT_QEMU=3D5 =20 # virtme-ng offers a netdev for ssh when using "--ssh", but we also need a # control port forwarded for vsock_test. Because virtme-ng doesn't support @@ -33,23 +34,125 @@ readonly QEMU_PIDFILE=3D$(mktemp /tmp/qemu_vsock_vmtes= t_XXXX.pid) # add the kernel cmdline options that virtme-init uses to setup the interf= ace. readonly QEMU_TEST_PORT_FWD=3D"hostfwd=3Dtcp::${TEST_HOST_PORT}-:${TEST_GU= EST_PORT}" readonly QEMU_SSH_PORT_FWD=3D"hostfwd=3Dtcp::${SSH_HOST_PORT}-:${SSH_GUEST= _PORT}" -readonly QEMU_OPTS=3D"\ - -netdev user,id=3Dn0,${QEMU_TEST_PORT_FWD},${QEMU_SSH_PORT_FWD} \ - -device virtio-net-pci,netdev=3Dn0 \ - -device vhost-vsock-pci,guest-cid=3D${VSOCK_CID} \ - --pidfile ${QEMU_PIDFILE} \ -" readonly KERNEL_CMDLINE=3D"\ virtme.dhcp net.ifnames=3D0 biosdevname=3D0 \ virtme.ssh virtme_ssh_channel=3Dtcp virtme_ssh_user=3D$USER \ " readonly LOG=3D$(mktemp /tmp/vsock_vmtest_XXXX.log) -readonly TEST_NAMES=3D(vm_server_host_client vm_client_host_server vm_loop= back) +readonly TEST_NAMES=3D( + vm_server_host_client + vm_client_host_server + vm_loopback + host_vsock_ns_mode_ok + host_vsock_ns_mode_write_once_ok + global_same_cid_fails + local_same_cid_ok + global_local_same_cid_ok + local_global_same_cid_ok + diff_ns_global_host_connect_to_global_vm_ok + diff_ns_global_host_connect_to_local_vm_fails + diff_ns_global_vm_connect_to_global_host_ok + diff_ns_global_vm_connect_to_local_host_fails + diff_ns_local_host_connect_to_local_vm_fails + diff_ns_local_vm_connect_to_local_host_fails + diff_ns_global_to_local_loopback_local_fails + diff_ns_local_to_global_loopback_fails + diff_ns_local_to_local_loopback_fails + diff_ns_global_to_global_loopback_ok + same_ns_local_loopback_ok + same_ns_local_host_connect_to_local_vm_ok + same_ns_local_vm_connect_to_local_host_ok +) + readonly TEST_DESCS=3D( + # vm_server_host_client "Run vsock_test in server mode on the VM and in client mode on the host." + + # vm_client_host_server "Run vsock_test in client mode on the VM and in server mode on the host." + + # vm_loopback "Run vsock_test using the loopback transport in the VM." + + # host_vsock_ns_mode_ok + "Check /proc/sys/net/vsock/ns_mode strings on the host." + + # host_vsock_ns_mode_write_once_ok + "Check /proc/sys/net/vsock/ns_mode is write-once on the host." + + # global_same_cid_fails + "Check QEMU fails to start two VMs with same CID in two different global = namespaces." + + # local_same_cid_ok + "Check QEMU successfully starts two VMs with same CID in two different lo= cal namespaces." + + # global_local_same_cid_ok + "Check QEMU successfully starts one VM in a global ns and then another VM= in a local ns with the same CID." + + # local_global_same_cid_ok + "Check QEMU successfully starts one VM in a local ns and then another VM = in a global ns with the same CID." + + # diff_ns_global_host_connect_to_global_vm_ok + "Run vsock_test client in global ns with server in VM in another global n= s." + + # diff_ns_global_host_connect_to_local_vm_fails + "Run socat to test a process in a global ns fails to connect to a VM in a= local ns." + + # diff_ns_global_vm_connect_to_global_host_ok + "Run vsock_test client in VM in a global ns with server in another global= ns." + + # diff_ns_global_vm_connect_to_local_host_fails + "Run socat to test a VM in a global ns fails to connect to a host process= in a local ns." + + # diff_ns_local_host_connect_to_local_vm_fails + "Run socat to test a host process in a local ns fails to connect to a VM = in another local ns." + + # diff_ns_local_vm_connect_to_local_host_fails + "Run socat to test a VM in a local ns fails to connect to a host process = in another local ns." + + # diff_ns_global_to_local_loopback_local_fails + "Run socat to test a loopback vsock in a global ns fails to connect to a = vsock in a local ns." + + # diff_ns_local_to_global_loopback_fails + "Run socat to test a loopback vsock in a local ns fails to connect to a v= sock in a global ns." + + # diff_ns_local_to_local_loopback_fails + "Run socat to test a loopback vsock in a local ns fails to connect to a v= sock in another local ns." + + # diff_ns_global_to_global_loopback_ok + "Run socat to test a loopback vsock in a global ns successfully connects = to a vsock in another global ns." + + # same_ns_local_loopback_ok + "Run socat to test a loopback vsock in a local ns successfully connects t= o a vsock in the same ns." + + # same_ns_local_host_connect_to_local_vm_ok + "Run vsock_test client in a local ns with server in VM in same ns." + + # same_ns_local_vm_connect_to_local_host_ok + "Run vsock_test client in VM in a local ns with server in same ns." +) + +readonly USE_SHARED_VM=3D(vm_server_host_client vm_client_host_server vm_l= oopback) +readonly USE_INIT_NETNS=3D( + global_same_cid_fails + local_same_cid_ok + global_local_same_cid_ok + local_global_same_cid_ok + diff_ns_global_host_connect_to_global_vm_ok + diff_ns_global_host_connect_to_local_vm_fails + diff_ns_global_vm_connect_to_global_host_ok + diff_ns_global_vm_connect_to_local_host_fails + diff_ns_local_host_connect_to_local_vm_fails + diff_ns_local_vm_connect_to_local_host_fails + diff_ns_global_to_local_loopback_local_fails + diff_ns_local_to_global_loopback_fails + diff_ns_local_to_local_loopback_fails + diff_ns_global_to_global_loopback_ok + same_ns_local_loopback_ok + same_ns_local_host_connect_to_local_vm_ok + same_ns_local_vm_connect_to_local_host_ok ) +readonly MODES=3D("local" "global") =20 readonly LOG_LEVEL_DEBUG=3D0 readonly LOG_LEVEL_INFO=3D1 @@ -58,6 +161,12 @@ readonly LOG_LEVEL_ERROR=3D3 =20 VERBOSE=3D"${LOG_LEVEL_WARN}" =20 +# Test pass/fail counters +cnt_pass=3D0 +cnt_fail=3D0 +cnt_skip=3D0 +cnt_total=3D0 + usage() { local name local desc @@ -77,7 +186,7 @@ usage() { for ((i =3D 0; i < ${#TEST_NAMES[@]}; i++)); do name=3D${TEST_NAMES[${i}]} desc=3D${TEST_DESCS[${i}]} - printf "\t%-35s%-35s\n" "${name}" "${desc}" + printf "\t%-55s%-35s\n" "${name}" "${desc}" done echo =20 @@ -89,21 +198,87 @@ die() { exit "${KSFT_FAIL}" } =20 +add_namespaces() { + # add namespaces local0, local1, global0, and global1 + for mode in "${MODES[@]}"; do + ip netns add "${mode}0" 2>/dev/null + ip netns add "${mode}1" 2>/dev/null + done +} + +init_namespaces() { + for mode in "${MODES[@]}"; do + ns_set_mode "${mode}0" "${mode}" + ns_set_mode "${mode}1" "${mode}" + + log_host "set ns ${mode}0 to mode ${mode}" + log_host "set ns ${mode}1 to mode ${mode}" + + # we need lo for qemu port forwarding + ip netns exec "${mode}0" ip link set dev lo up + ip netns exec "${mode}1" ip link set dev lo up + done +} + +del_namespaces() { + for mode in "${MODES[@]}"; do + ip netns del "${mode}0" + ip netns del "${mode}1" + log_host "removed ns ${mode}0" + log_host "removed ns ${mode}1" + done &>/dev/null +} + +ns_set_mode() { + local ns=3D$1 + local mode=3D$2 + + echo "${mode}" | ip netns exec "${ns}" \ + tee /proc/sys/net/vsock/ns_mode &>/dev/null +} + vm_ssh() { - ssh -q -o UserKnownHostsFile=3D/dev/null -p ${SSH_HOST_PORT} localhost "$= @" + local ns_exec + + if [[ "${1}" =3D=3D none ]]; then + local ns_exec=3D"" + else + local ns_exec=3D"ip netns exec ${1}" + fi + + shift + + ${ns_exec} ssh -q -o UserKnownHostsFile=3D/dev/null -p ${SSH_HOST_PORT} l= ocalhost $* + return $? } =20 cleanup() { - if [[ -s "${QEMU_PIDFILE}" ]]; then - pkill -SIGTERM -F "${QEMU_PIDFILE}" > /dev/null 2>&1 - fi + del_namespaces +} =20 - # If failure occurred during or before qemu start up, then we need - # to clean this up ourselves. - if [[ -e "${QEMU_PIDFILE}" ]]; then - rm "${QEMU_PIDFILE}" - fi +terminate_pidfiles() { + local pidfile + + for pidfile in "$@"; do + if [[ -s "${pidfile}" ]]; then + pkill -SIGTERM -F "${pidfile}" 2>&1 > /dev/null + fi + + # If failure occurred during or before qemu start up, then we need + # to clean this up ourselves. + if [[ -e "${pidfile}" ]]; then + rm -f "${pidfile}" + fi + done +} + +terminate_pids() { + local pid + + for pid in "$@"; do + kill -SIGTERM "${pid}" &>/dev/null || : + done } =20 check_args() { @@ -133,7 +308,7 @@ check_args() { } =20 check_deps() { - for dep in vng ${QEMU} busybox pkill ssh; do + for dep in vng ${QEMU} busybox pkill ssh socat; do if [[ ! -x $(command -v "${dep}") ]]; then echo -e "skip: dependency ${dep} not found!\n" exit "${KSFT_SKIP}" @@ -170,6 +345,20 @@ check_vng() { fi } =20 +check_socat() { + local support_string + + support_string=3D"$(socat -V)" + + if [[ "${support_string}" !=3D *"WITH_VSOCK 1"* ]]; then + die "err: socat is missing vsock support" + fi + + if [[ "${support_string}" !=3D *"WITH_UNIX 1"* ]]; then + die "err: socat is missing unix support" + fi +} + handle_build() { if [[ ! "${BUILD}" -eq 1 ]]; then return @@ -194,9 +383,14 @@ handle_build() { } =20 vm_start() { + local cid=3D$1 + local ns=3D$2 + local pidfile=3D$3 local logfile=3D/dev/null local verbose_opt=3D"" + local qemu_opts=3D"" local kernel_opt=3D"" + local ns_exec=3D"" local qemu =20 qemu=3D$(command -v "${QEMU}") @@ -206,27 +400,37 @@ vm_start() { logfile=3D/dev/stdout fi =20 + qemu_opts=3D"\ + -netdev user,id=3Dn0,${QEMU_TEST_PORT_FWD},${QEMU_SSH_PORT_FWD} \ + -device virtio-net-pci,netdev=3Dn0 \ + ${QEMU_OPTS} -device vhost-vsock-pci,guest-cid=3D${cid} \ + --pidfile ${pidfile} + " + if [[ "${BUILD}" -eq 1 ]]; then kernel_opt=3D"${KERNEL_CHECKOUT}" fi =20 - vng \ + if [[ "${ns}" !=3D "none" ]]; then + ns_exec=3D"ip netns exec ${ns}" + fi + + ${ns_exec} vng \ --run \ ${kernel_opt} \ ${verbose_opt} \ - --qemu-opts=3D"${QEMU_OPTS}" \ + --qemu-opts=3D"${qemu_opts}" \ --qemu=3D"${qemu}" \ --user root \ --append "${KERNEL_CMDLINE}" \ --rw &> ${logfile} & =20 - if ! timeout ${WAIT_TOTAL} \ - bash -c 'while [[ ! -s '"${QEMU_PIDFILE}"' ]]; do sleep 1; done; exit 0'= ; then - die "failed to boot VM" - fi + timeout "${WAIT_QEMU}" \ + bash -c 'while [[ ! -s '"${pidfile}"' ]]; do sleep 1; done; exit 0' } =20 vm_wait_for_ssh() { + local ns=3D$1 local i =20 i=3D0 @@ -234,7 +438,8 @@ vm_wait_for_ssh() { if [[ ${i} -gt ${WAIT_PERIOD_MAX} ]]; then die "Timed out waiting for guest ssh" fi - if vm_ssh -- true; then + + if vm_ssh "${ns}" -- true; then break fi i=3D$(( i + 1 )) @@ -269,6 +474,7 @@ wait_for_listener() grep -q "${pattern}"; then break fi + sleep "${interval}" done =20 @@ -278,17 +484,29 @@ wait_for_listener() } =20 vm_wait_for_listener() { - local port=3D$1 + local ns=3D$1 + local port=3D$2 + + log "Waiting for listener on port ${port} on vm" =20 - vm_ssh <&1 | log_host & + for mode in "${MODES[@]}"; do + local ns=3D"${mode}0" + if ! ns_set_mode "${ns}" "${mode}"; then + del_namespaces + return "${KSFT_FAIL}" + fi =20 - host_wait_for_listener + # try writing again and expect failure + if ns_set_mode "${ns}" "${mode}"; then + del_namespaces + return "${KSFT_FAIL}" + fi + done =20 - vm_ssh -- "${VSOCK_TEST}" \ - --mode=3Dclient \ - --control-host=3D10.0.2.2 \ - --peer-cid=3D2 \ - --control-port=3D"${TEST_HOST_PORT_LISTENER}" 2>&1 | log_guest + del_namespaces =20 - return $? + return "${KSFT_PASS}" } =20 -test_vm_loopback() { - local port=3D60000 # non-forwarded local port +namespaces_can_boot_same_cid() { + local ns0=3D$1 + local ns1=3D$2 + local pidfile1 pidfile2 + local cid=3D20 + readonly cid + local rc =20 - vm_ssh -- "${VSOCK_TEST}" \ - --mode=3Dserver \ - --control-port=3D"${port}" \ - --peer-cid=3D1 2>&1 | log_guest & + pidfile1=3D$(mktemp /tmp/qemu_vsock_vmtest_XXXX.pid) + vm_start "${cid}" "${ns0}" "${pidfile1}" =20 - vm_wait_for_listener "${port}" + pidfile2=3D$(mktemp /tmp/qemu_vsock_vmtest_XXXX.pid) + vm_start "${cid}" "${ns1}" "${pidfile2}" =20 - vm_ssh -- "${VSOCK_TEST}" \ - --mode=3Dclient \ - --control-host=3D"127.0.0.1" \ - --control-port=3D"${port}" \ - --peer-cid=3D1 2>&1 | log_guest + rc=3D$? + terminate_pidfiles "${pidfile1}" "${pidfile2}" =20 - return $? + return $rc +} + +test_global_same_cid_fails() { + if namespaces_can_boot_same_cid "global0" "global1"; then + return "${KSFT_FAIL}" + fi + + return "${KSFT_PASS}" +} + +test_local_global_same_cid_ok() { + if namespaces_can_boot_same_cid "local0" "global0"; then + return "${KSFT_PASS}" + fi + + return "${KSFT_FAIL}" +} + +test_global_local_same_cid_ok() { + if namespaces_can_boot_same_cid "global0" "local0"; then + return "${KSFT_PASS}" + fi + + return "${KSFT_FAIL}" +} + +test_local_same_cid_ok() { + if namespaces_can_boot_same_cid "local0" "local0"; then + return "${KSFT_FAIL}" + fi + + return "${KSFT_PASS}" +} + +test_diff_ns_global_host_connect_to_global_vm_ok() { + local pids pid pidfile + local ns0 ns1 port + declare -a pids + local unixfile + ns0=3D"global0" + ns1=3D"global1" + port=3D1234 + local rc + + pidfile=3D$(mktemp /tmp/qemu_vsock_vmtest_XXXX.pid) + + if ! vm_start "${VSOCK_CID}" "${ns0}" "${pidfile}"; then + return "${KSFT_FAIL}" + fi + + unixfile=3D$(mktemp -u /tmp/XXXX.sock) + ip netns exec "${ns1}" \ + socat TCP-LISTEN:"${TEST_HOST_PORT}",fork \ + UNIX-CONNECT:"${unixfile}" & + pids+=3D($!) + host_wait_for_listener "${ns1}" "${TEST_HOST_PORT}" + + ip netns exec "${ns0}" socat UNIX-LISTEN:"${unixfile}",fork \ + TCP-CONNECT:localhost:"${TEST_HOST_PORT}" & + pids+=3D($!) + + vm_vsock_test "${ns0}" "server" 2 "${TEST_GUEST_PORT}" + vm_wait_for_listener "${ns0}" "${TEST_GUEST_PORT}" + host_vsock_test "${ns1}" "client" "127.0.0.1" "${VSOCK_CID}" "${TEST_HOST= _PORT}" + rc=3D$? + + for pid in "${pids[@]}"; do + if [[ "$(jobs -p)" =3D *"${pid}"* ]]; then + kill -SIGTERM "${pid}" &>/dev/null + fi + done + + terminate_pidfiles "${pidfile}" + + if [[ $rc -ne 0 ]]; then + return "${KSFT_FAIL}" + fi + + return "${KSFT_PASS}" +} + +test_diff_ns_global_host_connect_to_local_vm_fails() { + local ns0=3D"global0" + local ns1=3D"local0" + local port=3D12345 + local pidfile + local result + local pid + + outfile=3D$(mktemp) + + pidfile=3D$(mktemp /tmp/qemu_vsock_vmtest_XXXX.pid) + if ! vm_start "${VSOCK_CID}" "${ns1}" "${pidfile}"; then + log_host "failed to start vm (cid=3D${VSOCK_CID}, ns=3D${ns0})" + return $KSFT_FAIL + fi + + vm_wait_for_ssh "${ns1}" + vm_ssh "${ns1}" -- socat VSOCK-LISTEN:"${port}" STDOUT > "${outfile}" & + echo TEST | ip netns exec "${ns0}" \ + socat STDIN VSOCK-CONNECT:"${VSOCK_CID}":"${port}" 2>/dev/null + + terminate_pidfiles "${pidfile}" + + result=3D$(cat "${outfile}") + rm -f "${outfile}" + + if [[ "${result}" !=3D TEST ]]; then + return $KSFT_PASS + fi + + return $KSFT_FAIL +} + +test_diff_ns_global_vm_connect_to_global_host_ok() { + local ns0=3D"global0" + local ns1=3D"global1" + local port=3D12345 + local unixfile + local pidfile + local pids + + declare -a pids + + log_host "Setup socat bridge from ns ${ns0} to ns ${ns1} over port ${port= }" + + unixfile=3D$(mktemp -u /tmp/XXXX.sock) + + ip netns exec "${ns0}" \ + socat TCP-LISTEN:"${port}" UNIX-CONNECT:"${unixfile}" & + pids+=3D($!) + + ip netns exec "${ns1}" \ + socat UNIX-LISTEN:"${unixfile}" TCP-CONNECT:127.0.0.1:"${port}" & + pids+=3D($!) + + log_host "Launching ${VSOCK_TEST} in ns ${ns1}" + host_vsock_test "${ns1}" "server" "${VSOCK_CID}" "${port}" + + pidfile=3D$(mktemp /tmp/qemu_vsock_vmtest_XXXX.pid) + if ! vm_start "${VSOCK_CID}" "${ns0}" "${pidfile}"; then + log_host "failed to start vm (cid=3D${cid}, ns=3D${ns0})" + terminate_pids "${pids[@]}" + rm -f "${unixfile}" + return $KSFT_FAIL + fi + + vm_wait_for_ssh "${ns0}" + vm_vsock_test "${ns0}" "client" "10.0.2.2" 2 "${port}" + rc=3D$? + + terminate_pidfiles "${pidfile}" + terminate_pids "${pids[@]}" + rm -f "${unixfile}" + + if [[ ! $rc -eq 0 ]]; then + return "${KSFT_FAIL}" + fi + + return "${KSFT_PASS}" + +} + +test_diff_ns_global_vm_connect_to_local_host_fails() { + local ns0=3D"global0" + local ns1=3D"local0" + local port=3D12345 + local pidfile + local result + local pid + + log_host "Launching socat in ns ${ns1}" + outfile=3D$(mktemp) + ip netns exec "${ns1}" socat VSOCK-LISTEN:${port} STDOUT &> "${outfile}" & + pid=3D$! + + pidfile=3D$(mktemp /tmp/qemu_vsock_vmtest_XXXX.pid) + if ! vm_start "${VSOCK_CID}" "${ns0}" "${pidfile}"; then + log_host "failed to start vm (cid=3D${cid}, ns=3D${ns0})" + terminate_pids "${pid}" + rm -f "${outfile}" + return $KSFT_FAIL + fi + + vm_wait_for_ssh "${ns0}" + + vm_ssh "${ns0}" -- \ + bash -c "echo TEST | socat STDIN VSOCK-CONNECT:2:${port}" 2>&1 | log_gue= st + + terminate_pidfiles "${pidfile}" + terminate_pids "${pid}" + + result=3D$(cat "${outfile}") + rm -f "${outfile}" + + if [[ "${result}" !=3D TEST ]]; then + return "${KSFT_PASS}" + fi + + return "${KSFT_FAIL}" +} + +test_diff_ns_local_host_connect_to_local_vm_fails() { + local ns0=3D"local0" + local ns1=3D"local1" + local port=3D12345 + local pidfile + local result + local pid + + outfile=3D$(mktemp) + + pidfile=3D$(mktemp /tmp/qemu_vsock_vmtest_XXXX.pid) + if ! vm_start "${VSOCK_CID}" "${ns1}" "${pidfile}"; then + log_host "failed to start vm (cid=3D${cid}, ns=3D${ns0})" + return $KSFT_FAIL + fi + + vm_wait_for_ssh "${ns1}" + vm_ssh "${ns1}" -- socat VSOCK-LISTEN:"${port}" STDOUT > "${outfile}" & + echo TEST | ip netns exec "${ns0}" \ + socat STDIN VSOCK-CONNECT:"${VSOCK_CID}":"${port}" 2>/dev/null + + terminate_pidfiles "${pidfile}" + + result=3D$(cat "${outfile}") + rm -f "${outfile}" + + if [[ "${result}" !=3D TEST ]]; then + return $KSFT_PASS + fi + + return $KSFT_FAIL +} + +test_diff_ns_local_vm_connect_to_local_host_fails() { + local ns0=3D"local0" + local ns1=3D"local1" + local port=3D12345 + local pidfile + local result + local pid + + log_host "Launching socat in ns ${ns1}" + outfile=3D$(mktemp) + ip netns exec "${ns1}" socat VSOCK-LISTEN:"${port}" STDOUT &> "${outfile}= " & + pid=3D$! + + pidfile=3D$(mktemp /tmp/qemu_vsock_vmtest_XXXX.pid) + if ! vm_start "${VSOCK_CID}" "${ns0}" "${pidfile}"; then + log_host "failed to start vm (cid=3D${cid}, ns=3D${ns0})" + rm -f "${outfile}" + return "${KSFT_FAIL}" + fi + + vm_wait_for_ssh "${ns0}" + + vm_ssh "${ns0}" -- \ + bash -c "echo TEST | socat STDIN VSOCK-CONNECT:2:${port}" 2>&1 | log_gue= st + + terminate_pidfiles "${pidfile}" + terminate_pids "${pid}" + + result=3D$(cat "${outfile}") + rm -f "${outfile}" + + if [[ "${result}" !=3D TEST ]]; then + return "${KSFT_PASS}" + fi + + return "${KSFT_FAIL}" +} + +__test_loopback_two_netns() { + local ns0=3D$1 + local ns1=3D$2 + local port=3D12345 + local result + local pid + + modprobe vsock_loopback &> /dev/null || : + + log_host "Launching socat in ns ${ns1}" + outfile=3D$(mktemp) + ip netns exec "${ns1}" socat VSOCK-LISTEN:"${port}" STDOUT > "${outfile}"= 2>/dev/null & + pid=3D$! + + log_host "Launching socat in ns ${ns0}" + echo TEST | ip netns exec "${ns0}" socat STDIN VSOCK-CONNECT:1:"${port}" = 2>/dev/null + terminate_pids "${pid}" + + result=3D$(cat "${outfile}") + rm -f "${outfile}" + + if [[ "${result}" =3D=3D TEST ]]; then + return 0 + fi + + return 1 +} + +test_diff_ns_global_to_local_loopback_local_fails() { + if ! __test_loopback_two_netns "global0" "local0"; then + return "${KSFT_PASS}" + fi + + return "${KSFT_FAIL}" +} + +test_diff_ns_local_to_global_loopback_fails() { + if ! __test_loopback_two_netns "local0" "global0"; then + return "${KSFT_PASS}" + fi + + return "${KSFT_FAIL}" +} + +test_diff_ns_local_to_local_loopback_fails() { + if ! __test_loopback_two_netns "local0" "local1"; then + return "${KSFT_PASS}" + fi + + return "${KSFT_FAIL}" +} + +test_diff_ns_global_to_global_loopback_ok() { + if __test_loopback_two_netns "global0" "global1"; then + return "${KSFT_PASS}" + fi + + return "${KSFT_FAIL}" +} + +test_same_ns_local_loopback_ok() { + if __test_loopback_two_netns "local0" "local0"; then + return "${KSFT_PASS}" + fi + + return "${KSFT_FAIL}" +} + +test_same_ns_local_host_connect_to_local_vm_ok() { + local ns=3D"local0" + local port=3D1234 + local pidfile + local rc + + pidfile=3D$(mktemp /tmp/qemu_vsock_vmtest_XXXX.pid) + + if ! vm_start "${VSOCK_CID}" "${ns}" "${pidfile}"; then + return "${KSFT_FAIL}" + fi + + vm_vsock_test "${ns}" "server" 2 "${TEST_GUEST_PORT}" + host_vsock_test "${ns}" "client" "127.0.0.1" "${VSOCK_CID}" "${TEST_HOST_= PORT}" + rc=3D$? + + terminate_pidfiles "${pidfile}" + + if [[ $rc -ne 0 ]]; then + return "${KSFT_FAIL}" + fi + + return "${KSFT_PASS}" +} + +test_same_ns_local_vm_connect_to_local_host_ok() { + local ns=3D"local0" + local port=3D1234 + local pidfile + local rc + + pidfile=3D$(mktemp /tmp/qemu_vsock_vmtest_XXXX.pid) + + if ! vm_start "${VSOCK_CID}" "${ns}" "${pidfile}"; then + return "${KSFT_FAIL}" + fi + + vm_vsock_test "${ns}" "server" 2 "${TEST_GUEST_PORT}" + host_vsock_test "${ns}" "client" "127.0.0.1" "${VSOCK_CID}" "${TEST_HOST_= PORT}" + rc=3D$? + + terminate_pidfiles "${pidfile}" + + if [[ $rc -ne 0 ]]; then + return "${KSFT_FAIL}" + fi + + return "${KSFT_PASS}" +} + +shared_vm_test() { + local tname + + tname=3D"${1}" + + for testname in "${USE_SHARED_VM[@]}"; do + if [[ "${tname}" =3D=3D "${testname}" ]]; then + return 0 + fi + done + + return 1 } =20 -run_test() { + +init_netns_test() { + local tname + + tname=3D"${1}" + + for testname in "${USE_INIT_NETNS[@]}"; do + if [[ "${tname}" =3D=3D "${testname}" ]]; then + return 0 + fi + done + + return 1 +} + +check_result() { + local rc num + + rc=3D$1 + num=3D$(( cnt_total + 1 )) + + if [[ ${rc} -eq $KSFT_PASS ]]; then + cnt_pass=3D$(( cnt_pass + 1 )) + echo "ok ${num} ${arg}" + elif [[ ${rc} -eq $KSFT_SKIP ]]; then + cnt_skip=3D$(( cnt_skip + 1 )) + echo "ok ${num} ${arg} # SKIP" + elif [[ ${rc} -eq $KSFT_FAIL ]]; then + cnt_fail=3D$(( cnt_fail + 1 )) + echo "not ok ${num} ${arg} # exit=3D$rc" + fi + + cnt_total=3D$(( cnt_total + 1 )) +} + +run_shared_vm_tests() { + local start_shared_vm pidfile local host_oops_cnt_before local host_warn_cnt_before local vm_oops_cnt_before @@ -483,42 +1156,93 @@ run_test() { local name local rc =20 - host_oops_cnt_before=3D$(dmesg | grep -c -i 'Oops') - host_warn_cnt_before=3D$(dmesg --level=3Dwarn | wc -l) - vm_oops_cnt_before=3D$(vm_ssh -- dmesg | grep -c -i 'Oops') - vm_warn_cnt_before=3D$(vm_ssh -- dmesg --level=3Dwarn | wc -l) + start_shared_vm=3D0 =20 - name=3D$(echo "${1}" | awk '{ print $1 }') - eval test_"${name}" - rc=3D$? + for arg in "${ARGS[@]}"; do + if shared_vm_test "${arg}"; then + start_shared_vm=3D1 + break + fi + done =20 - host_oops_cnt_after=3D$(dmesg | grep -i 'Oops' | wc -l) - if [[ ${host_oops_cnt_after} -gt ${host_oops_cnt_before} ]]; then - echo "FAIL: kernel oops detected on host" | log_host "${name}" - rc=3D$KSFT_FAIL + pidfile=3D"" + if [[ "${start_shared_vm}" =3D=3D 1 ]]; then + pidfile=3D$(mktemp $PIDFILE_TEMPLATE) + log_host "Booting up VM" + vm_start "${VSOCK_CID}" "none" "${pidfile}" + vm_wait_for_ssh "none" + log_host "VM booted up" fi =20 - host_warn_cnt_after=3D$(dmesg --level=3Dwarn | wc -l) - if [[ ${host_warn_cnt_after} -gt ${host_warn_cnt_before} ]]; then - echo "FAIL: kernel warning detected on host" | log_host "${name}" - rc=3D$KSFT_FAIL - fi + for arg in "${ARGS[@]}"; do + if ! shared_vm_test "${arg}"; then + continue + fi =20 - vm_oops_cnt_after=3D$(vm_ssh -- dmesg | grep -i 'Oops' | wc -l) - if [[ ${vm_oops_cnt_after} -gt ${vm_oops_cnt_before} ]]; then - echo "FAIL: kernel oops detected on vm" | log_host "${name}" - rc=3D$KSFT_FAIL - fi + host_oops_cnt_before=3D$(dmesg | grep -c -i 'Oops') + host_warn_cnt_before=3D$(dmesg --level=3Dwarn | wc -l) + vm_oops_cnt_before=3D$(vm_ssh none -- dmesg | grep -c -i 'Oops') + vm_warn_cnt_before=3D$(vm_ssh none -- dmesg --level=3Dwarn | wc -l) + + name=3D$(echo "${arg}" | awk '{ print $1 }') + log_host "Executing test_${name}" + eval test_"${name}" + rc=3D$? + + host_oops_cnt_after=3D$(dmesg | grep -i 'Oops' | wc -l) + if [[ ${host_oops_cnt_after} -gt ${host_oops_cnt_before} ]]; then + echo "FAIL: kernel oops detected on host" | log_host "${name}" + rc=3D$KSFT_FAIL + fi + + host_warn_cnt_after=3D$(dmesg --level=3Dwarn | wc -l) + if [[ ${host_warn_cnt_after} -gt ${host_warn_cnt_before} ]]; then + echo "FAIL: kernel warning detected on host" | log_host "${name}" + rc=3D$KSFT_FAIL + fi + + vm_oops_cnt_after=3D$(vm_ssh none -- dmesg | grep -i 'Oops' | wc -l) + if [[ ${vm_oops_cnt_after} -gt ${vm_oops_cnt_before} ]]; then + echo "FAIL: kernel oops detected on vm" | log_host "${name}" + rc=3D$KSFT_FAIL + fi + + vm_warn_cnt_after=3D$(vm_ssh none -- dmesg --level=3Dwarn | wc -l) + if [[ ${vm_warn_cnt_after} -gt ${vm_warn_cnt_before} ]]; then + echo "FAIL: kernel warning detected on vm" | log_host "${name}" + rc=3D$KSFT_FAIL + fi =20 - vm_warn_cnt_after=3D$(vm_ssh -- dmesg --level=3Dwarn | wc -l) - if [[ ${vm_warn_cnt_after} -gt ${vm_warn_cnt_before} ]]; then - echo "FAIL: kernel warning detected on vm" | log_host "${name}" - rc=3D$KSFT_FAIL + check_result "${rc}" + done + + if [[ -n "${pidfile}" ]]; then + log_host "VM terminate" + terminate_pidfiles "${pidfile}" fi +} + +run_isolated_vm_tests() { + for arg in "${ARGS[@]}"; do + if shared_vm_test "${arg}"; then + continue + fi =20 - return "${rc}" + add_namespaces + if init_netns_test "${arg}"; then + init_namespaces + fi + + name=3D$(echo "${arg}" | awk '{ print $1 }') + log_host "Executing test_${name}" + eval test_"${name}" + check_result $? + + del_namespaces + done } =20 +BUILD=3D0 QEMU=3D"qemu-system-$(uname -m)" =20 while getopts :hvsq:b o @@ -543,34 +1267,13 @@ fi check_args "${ARGS[@]}" check_deps check_vng +check_socat handle_build =20 echo "1..${#ARGS[@]}" =20 -log_host "Booting up VM" -vm_start -vm_wait_for_ssh -log_host "VM booted up" - -cnt_pass=3D0 -cnt_fail=3D0 -cnt_skip=3D0 -cnt_total=3D0 -for arg in "${ARGS[@]}"; do - run_test "${arg}" - rc=3D$? - if [[ ${rc} -eq $KSFT_PASS ]]; then - cnt_pass=3D$(( cnt_pass + 1 )) - echo "ok ${cnt_total} ${arg}" - elif [[ ${rc} -eq $KSFT_SKIP ]]; then - cnt_skip=3D$(( cnt_skip + 1 )) - echo "ok ${cnt_total} ${arg} # SKIP" - elif [[ ${rc} -eq $KSFT_FAIL ]]; then - cnt_fail=3D$(( cnt_fail + 1 )) - echo "not ok ${cnt_total} ${arg} # exit=3D$rc" - fi - cnt_total=3D$(( cnt_total + 1 )) -done +run_shared_vm_tests +run_isolated_vm_tests =20 echo "SUMMARY: PASS=3D${cnt_pass} SKIP=3D${cnt_skip} FAIL=3D${cnt_fail}" echo "Log: ${LOG}" --=20 2.47.3