lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <88eaf53b-b148-7b27-491a-30706398ae06@redhat.com>
Date:   Thu, 15 Nov 2018 12:19:03 +0800
From:   Jason Wang <jasowang@...hat.com>
To:     jiangyiwen <jiangyiwen@...wei.com>, stefanha@...hat.com,
        stefanha@...il.com, mst@...hat.com
Cc:     netdev@...r.kernel.org, kvm@...r.kernel.org,
        virtualization@...ts.linux-foundation.org
Subject: Re: [RFC] Discuss about an new idea "Vsock over Virtio-net"


On 2018/11/15 上午11:56, jiangyiwen wrote:
> Hi Stefan, Michael, Jason and everyone,
>
> Several days ago, I discussed with jason about "Vsock over Virtio-net".
> This idea has two advantages:
> First, it can use many great features of virtio-net, like batching,
> mergeable rx buffer and multiqueue, etc.
> Second, it can reduce many duplicate codes and make it easy to be
> maintained.
>
> Before the implement, I want to discuss with everyone again, and
> want to know everyone's suggestions.
>
> After the discussion, based on this point I will try to implement
> this idea, but I am not familiar with the virtio-net, that is a
> pity. :(


I think we should have a new feature flag for this. E.g 
VIRTIO_NET_F_VSOCK. And host should fail the negotiation if guest 
doesn't support this to avoid confusion. When this feature is 
negotiated, we will use it only for VOSCK transport. This can simplify 
things somehow.


> -------------------------Simple idea------------------------------
>
> 1. The packet layout will become as follows:
>
> +---------------------------------+
> |        Virtio-net header        |
> |(struct virtio_net_hdr_mrg_rxbuf)|
> +---------------------------------+
> |          Vsock header           |
> |    (struct virtio_vsock_hdr)    |
> +---------------------------------+
> |             payload             |
> |      (until end of packet)      |
> +---------------------------------+
>
> 2. The Guest->Host basic code flow as follow:
>                              +------------+
>                              |   Client   |
>                              +------------+
>                                    |
>                                    |
> +------------------------------------------------------------------+
> |VSOCK Core Module                                                 |
> |ops->sendmsg; (vsock_stream_sendmsg)                              |
> |  -> alloc_skb; /* it will packet a skb buffer, and include vsock |
> |                 * hdr and payload */                             |
> |  -> dev_queue_xmit(); /* it will call start_xmit(virtio-net.c) */|
> |vsock hdr and payload, and then call                              |
> +------------------------------------------------------------------+


Note, if we've negotiated the feature, virtio-net driver must not use 
register_netdev to register it to network core. This can avoid lots of 
confusion.


>                                    |
>                                    |
> +------------------------------------------------------------------+
> |Virtio-net Module                                                 |
> |start_xmit                                                        |
> |  -> add virtio_net_hdr and pack sg in ring desc, notify Host     |
> +------------------------------------------------------------------+
>                                    |
>                                    |
> +------------------------------------------------------------------+
> |Vhost-net Module                                                  |
> |handle_tx                                                         |
> |  -> get tx buffer, skip virtio_net_hdr and call Vsock function.  |
> | /* This point has some differences, vhost-net use ->sendmsg to   |
> |  * forward information, however vsock only need to notify server |
> |  * that data ready. */                                           |
> +------------------------------------------------------------------+


When VIRTIO_NET_F_VOSCK is negotiated, we know that it's a vsock 
transport, we can then forward it to vsock core.


>                                    |
>                                    |
> +------------------------------------------------------------------+
> |VSOCK Core Module                                                 |
> |alloc_pkt, copy skb data to pkt.                                  |
> |add pkt to rx_queue and notify server to get data.                |
> +------------------------------------------------------------------+
>
> 3. To Host->Guest
> I have a problem and difficult, mainly I know about virtio-net a little),
> because I have been doing work related with storage and file system.
>
> The problem as follows:
> we should monitor all of socket of vsock in handle_rx, when there are
> data coming, and copy data to vq desc. Vhost-net use ->recvmsg to
> get data, it is different with socket. To vsock, I think host will
> not call ->recvmsg when it need to send message to guest. To net,
> vhost-net only as forwarding layer.

Know not much here, but is it possible to have a vsock(tap) to be passed 
to vhost_net and let vhost call its recvmgs()? Bascially it was a socket 
on host as well I believe?

If this doesn't work, we can have vsock specific receiving routine in 
vhost_net if VIRTIO_NET_F_VOSCK is negotiated.

Generally, I think we should try out best to keep the exist 
sendmsg()/recvmsg() interfaces and only consider the alternatives if we 
meet some real blocker.

Thanks


>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ