All of lore.kernel.org
 help / color / mirror / Atom feed
From: Stefano Garzarella <sgarzare@redhat.com>
To: "Paraschiv, Andra-Irina" <andraprs@amazon.com>
Cc: netdev <netdev@vger.kernel.org>,
	linux-kernel <linux-kernel@vger.kernel.org>,
	"David S . Miller" <davem@davemloft.net>,
	David Duncan <davdunc@amazon.com>,
	Dexuan Cui <decui@microsoft.com>, Alexander Graf <graf@amazon.de>,
	Jorgen Hansen <jhansen@vmware.com>,
	Jakub Kicinski <kuba@kernel.org>,
	Stefan Hajnoczi <stefanha@redhat.com>,
	Vitaly Kuznetsov <vkuznets@redhat.com>
Subject: Re: [PATCH net-next v1 0/3] vsock: Add flag field in the vsock address
Date: Thu, 3 Dec 2020 09:51:34 +0100	[thread overview]
Message-ID: <20201203085134.azxkxvapbjvebciq@steredhat> (raw)
In-Reply-To: <d5c55d2e-5dc3-96f2-2333-37e778c761ae@amazon.com>

On Wed, Dec 02, 2020 at 06:18:15PM +0200, Paraschiv, Andra-Irina wrote:
>
>
>On 02/12/2020 15:37, Stefano Garzarella wrote:
>>
>>Hi Andra,
>>
>>On Tue, Dec 01, 2020 at 05:25:02PM +0200, Andra Paraschiv wrote:
>>>vsock enables communication between virtual machines and the host 
>>>they are
>>>running on. Nested VMs can be setup to use vsock channels, as the multi
>>>transport support has been available in the mainline since the 
>>>v5.5 Linux kernel
>>>has been released.
>>>
>>>Implicitly, if no host->guest vsock transport is loaded, all the 
>>>vsock packets
>>>are forwarded to the host. This behavior can be used to setup 
>>>communication
>>>channels between sibling VMs that are running on the same host. 
>>>One example can
>>>be the vsock channels that can be established within AWS Nitro Enclaves
>>>(see Documentation/virt/ne_overview.rst).
>>>
>>>To be able to explicitly mark a connection as being used for a 
>>>certain use case,
>>>add a flag field in the vsock address data structure. The 
>>>"svm_reserved1" field
>>>has been repurposed to be the flag field. The value of the flag 
>>>will then be
>>>taken into consideration when the vsock transport is assigned.
>>>
>>>This way can distinguish between nested VMs / local communication 
>>>and sibling
>>>VMs use cases. And can also setup one or more types of 
>>>communication at the same
>>>time.
>>>
>>
>>Another thing worth mentioning is that for now it is not supported in
>>vhost-vsock, since we are discarding every packet not addressed to the
>>host.
>
>Right, thanks for the follow-up.
>
>>
>>What we should do would be:
>>- add a new IOCTL to vhost-vsock to enable sibling communication, by
>>  default I'd like to leave it disabled
>>
>>- allow sibling forwarding only if both guests have sibling
>>  communication enabled and we should implement some kind of filtering
>>  or network namespace support to allow the communication only between a
>>  subset of VMs
>>
>>
>>Do you have plans to work on it?
>
>Nope, not yet. But I can take some time in the second part of December 
>/ beginning of January for this. And we can catch up in the meantime 
>if there is something blocking or more clarifications are needed to 
>make it work.
>

Good, it will be great!

Thanks,
Stefano


      reply	other threads:[~2020-12-03  8:53 UTC|newest]

Thread overview: 21+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-12-01 15:25 [PATCH net-next v1 0/3] vsock: Add flag field in the vsock address Andra Paraschiv
2020-12-01 15:25 ` [PATCH net-next v1 1/3] vm_sockets: Include flag field in the vsock address data structure Andra Paraschiv
2020-12-01 16:09   ` Stefano Garzarella
2020-12-01 18:15     ` Paraschiv, Andra-Irina
2020-12-02  8:32       ` Stefano Garzarella
2020-12-03  9:21   ` Stefan Hajnoczi
2020-12-03 10:32     ` Paraschiv, Andra-Irina
2020-12-03 13:38       ` Stefano Garzarella
2020-12-03 14:04         ` Paraschiv, Andra-Irina
2020-12-01 15:25 ` [PATCH net-next v1 2/3] virtio_transport_common: Set sibling VMs flag on the receive path Andra Paraschiv
2020-12-01 16:22   ` Stefano Garzarella
2020-12-01 19:01     ` Paraschiv, Andra-Irina
2020-12-02  8:53       ` Stefano Garzarella
2020-12-01 15:25 ` [PATCH net-next v1 3/3] af_vsock: Assign the vsock transport considering the vsock address flag Andra Paraschiv
2020-12-01 16:23   ` Stefano Garzarella
2020-12-01 19:06     ` Paraschiv, Andra-Irina
2020-12-01 16:27 ` [PATCH net-next v1 0/3] vsock: Add flag field in the vsock address Stefano Garzarella
2020-12-01 18:02   ` Paraschiv, Andra-Irina
2020-12-02 13:37 ` Stefano Garzarella
2020-12-02 16:18   ` Paraschiv, Andra-Irina
2020-12-03  8:51     ` Stefano Garzarella [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20201203085134.azxkxvapbjvebciq@steredhat \
    --to=sgarzare@redhat.com \
    --cc=andraprs@amazon.com \
    --cc=davdunc@amazon.com \
    --cc=davem@davemloft.net \
    --cc=decui@microsoft.com \
    --cc=graf@amazon.de \
    --cc=jhansen@vmware.com \
    --cc=kuba@kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=netdev@vger.kernel.org \
    --cc=stefanha@redhat.com \
    --cc=vkuznets@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.