| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <96b93774-f4dc-54ed-364c-e57281921111@amazon.com>
Date: Mon, 7 Dec 2020 21:45:28 +0200
From: "Paraschiv, Andra-Irina" <andraprs@...zon.com>
To: Stefano Garzarella <sgarzare@...hat.com>
CC: netdev <netdev@...r.kernel.org>,
linux-kernel <linux-kernel@...r.kernel.org>,
"David S . Miller" <davem@...emloft.net>,
David Duncan <davdunc@...zon.com>,
Dexuan Cui <decui@...rosoft.com>,
Alexander Graf <graf@...zon.de>,
Jorgen Hansen <jhansen@...are.com>,
Jakub Kicinski <kuba@...nel.org>,
Stefan Hajnoczi <stefanha@...hat.com>,
Vitaly Kuznetsov <vkuznets@...hat.com>
Subject: Re: [PATCH net-next v2 2/4] vm_sockets: Add VMADDR_FLAG_TO_HOST vsock
flag
On 07/12/2020 11:59, Stefano Garzarella wrote:
>
> On Fri, Dec 04, 2020 at 07:02:33PM +0200, Andra Paraschiv wrote:
>> Add VMADDR_FLAG_TO_HOST vsock flag that is used to setup a vsock
>> connection where all the packets are forwarded to the host.
>>
>> Then, using this type of vsock channel, vsock communication between
>> sibling VMs can be built on top of it.
>>
>> Changelog
>>
>> v1 -> v2
>>
>> * New patch in v2, it was split from the first patch in the series.
>> * Remove the default value for the vsock flags field.
>> * Update the naming for the vsock flag to "VMADDR_FLAG_TO_HOST".
>>
>> Signed-off-by: Andra Paraschiv <andraprs@...zon.com>
>> ---
>> include/uapi/linux/vm_sockets.h | 15 +++++++++++++++
>> 1 file changed, 15 insertions(+)
>>
>> diff --git a/include/uapi/linux/vm_sockets.h
>> b/include/uapi/linux/vm_sockets.h
>> index 46735376a57a8..72e1a3d05682d 100644
>> --- a/include/uapi/linux/vm_sockets.h
>> +++ b/include/uapi/linux/vm_sockets.h
>> @@ -114,6 +114,21 @@
>>
>> #define VMADDR_CID_HOST 2
>>
>> +/* The current default use case for the vsock channel is the following:
>> + * local vsock communication between guest and host and nested VMs
>> setup.
>> + * In addition to this, implicitly, the vsock packets are forwarded
>> to the host
>> + * if no host->guest vsock transport is set.
>> + *
>> + * Set this flag value in the sockaddr_vm corresponding field if the
>> vsock
>> + * packets need to be always forwarded to the host. Using this
>> behavior,
>> + * vsock communication between sibling VMs can be setup.
>
> Maybe we can add a sentence saying that this flag is set on the remote
> peer address for an incoming connection when it is routed from the host
> (local CID and remote CID > VMADDR_CID_HOST).
Sure, I can make it more clear when it is set e.g. in user space
(connect path) and in kernel space (listen path).
Thanks,
Andra
>
>> + *
>> + * This way can explicitly distinguish between vsock channels
>> created for
>> + * different use cases, such as nested VMs (or local communication
>> between
>> + * guest and host) and sibling VMs.
>> + */
>> +#define VMADDR_FLAG_TO_HOST 0x0001
>> +
>> /* Invalid vSockets version. */
>>
>> #define VM_SOCKETS_INVALID_VERSION -1U
>> --
>> 2.20.1 (Apple Git-117)
>>
>>
>>
>>
>> Amazon Development Center (Romania) S.R.L. registered office: 27A Sf.
>> Lazar Street, UBC5, floor 2, Iasi, Iasi County, 700045, Romania.
>> Registered in Romania. Registration number J22/2621/2005.
>>
>
Amazon Development Center (Romania) S.R.L. registered office: 27A Sf. Lazar Street, UBC5, floor 2, Iasi, Iasi County, 700045, Romania. Registered in Romania. Registration number J22/2621/2005.
Powered by blists - more mailing lists