From: Alexander Graf <graf@amazon.com>
To: Stefan Hajnoczi <stefanha@redhat.com>,
Stefano Garzarella <sgarzare@redhat.com>
Cc: <netdev@vger.kernel.org>, Jorgen Hansen <jhansen@vmware.com>,
"David S. Miller" <davem@davemloft.net>,
Dexuan Cui <decui@microsoft.com>,
"Anthony Liguori" <aliguori@amazon.com>,
David Duncan <davdunc@amazon.com>,
"Andra Paraschiv" <andraprs@amazon.com>,
Vitaly Kuznetsov <vkuznets@redhat.com>,
Jakub Kicinski <kuba@kernel.org>, <linux-kernel@vger.kernel.org>,
"Alexander Graf" <graf@amazon.de>
Subject: Re: [PATCH net] vsock: forward all packets to the host when no H2G is registered
Date: Thu, 19 Nov 2020 15:25:42 +0100 [thread overview]
Message-ID: <ffdc9e0c-fee2-e334-053b-0a26305b55ae@amazon.com> (raw)
In-Reply-To: <20201119140359.GE838210@stefanha-x1.localdomain>
On 19.11.20 15:03, Stefan Hajnoczi wrote:
> On Thu, Nov 12, 2020 at 02:38:37PM +0100, Stefano Garzarella wrote:
>> Before commit c0cfa2d8a788 ("vsock: add multi-transports support"),
>> if a G2H transport was loaded (e.g. virtio transport), every packets
>> was forwarded to the host, regardless of the destination CID.
>> The H2G transports implemented until then (vhost-vsock, VMCI) always
>> responded with an error, if the destination CID was not
>> VMADDR_CID_HOST.
>>
>> From that commit, we are using the remote CID to decide which
>> transport to use, so packets with remote CID > VMADDR_CID_HOST(2)
>> are sent only through H2G transport. If no H2G is available, packets
>> are discarded directly in the guest.
>>
>> Some use cases (e.g. Nitro Enclaves [1]) rely on the old behaviour
>> to implement sibling VMs communication, so we restore the old
>> behavior when no H2G is registered.
>> It will be up to the host to discard packets if the destination is
>> not the right one. As it was already implemented before adding
>> multi-transport support.
>>
>> Tested with nested QEMU/KVM by me and Nitro Enclaves by Andra.
>>
>> [1] Documentation/virt/ne_overview.rst
>>
>> Cc: Jorgen Hansen <jhansen@vmware.com>
>> Cc: Dexuan Cui <decui@microsoft.com>
>> Fixes: c0cfa2d8a788 ("vsock: add multi-transports support")
>> Reported-by: Andra Paraschiv <andraprs@amazon.com>
>> Tested-by: Andra Paraschiv <andraprs@amazon.com>
>> Signed-off-by: Stefano Garzarella <sgarzare@redhat.com>
>> ---
>> net/vmw_vsock/af_vsock.c | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
> Acked-by: Stefan Hajnoczi <stefanha@redhat.com>
Is there anything we have to do to also get this into the affected
stable trees? :)
Alex
Amazon Development Center Germany GmbH
Krausenstr. 38
10117 Berlin
Geschaeftsfuehrung: Christian Schlaeger, Jonathan Weiss
Eingetragen am Amtsgericht Charlottenburg unter HRB 149173 B
Sitz: Berlin
Ust-ID: DE 289 237 879
next prev parent reply other threads:[~2020-11-19 14:26 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-11-12 13:38 [PATCH net] vsock: forward all packets to the host when no H2G is registered Stefano Garzarella
2020-11-14 19:50 ` patchwork-bot+netdevbpf
2020-11-19 14:03 ` Stefan Hajnoczi
2020-11-19 14:25 ` Alexander Graf [this message]
2020-11-19 14:41 ` Stefano Garzarella
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ffdc9e0c-fee2-e334-053b-0a26305b55ae@amazon.com \
--to=graf@amazon.com \
--cc=aliguori@amazon.com \
--cc=andraprs@amazon.com \
--cc=davdunc@amazon.com \
--cc=davem@davemloft.net \
--cc=decui@microsoft.com \
--cc=graf@amazon.de \
--cc=jhansen@vmware.com \
--cc=kuba@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=sgarzare@redhat.com \
--cc=stefanha@redhat.com \
--cc=vkuznets@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.