From: Bobby Eshleman <bobbyeshleman@gmail.com>
To: Paolo Abeni <pabeni@redhat.com>
Cc: "Stefano Garzarella" <sgarzare@redhat.com>,
"David S. Miller" <davem@davemloft.net>,
"Eric Dumazet" <edumazet@google.com>,
"Jakub Kicinski" <kuba@kernel.org>,
"Simon Horman" <horms@kernel.org>,
"Stefan Hajnoczi" <stefanha@redhat.com>,
"Michael S. Tsirkin" <mst@redhat.com>,
"Jason Wang" <jasowang@redhat.com>,
"Eugenio Pérez" <eperezma@redhat.com>,
"Xuan Zhuo" <xuanzhuo@linux.alibaba.com>,
"K. Y. Srinivasan" <kys@microsoft.com>,
"Haiyang Zhang" <haiyangz@microsoft.com>,
"Wei Liu" <wei.liu@kernel.org>,
"Dexuan Cui" <decui@microsoft.com>,
"Bryan Tan" <bryan-bt.tan@broadcom.com>,
"Vishnu Dasa" <vishnu.dasa@broadcom.com>,
"Broadcom internal kernel review list"
<bcm-kernel-feedback-list@broadcom.com>,
"Shuah Khan" <shuah@kernel.org>, "Long Li" <longli@microsoft.com>,
"Jonathan Corbet" <corbet@lwn.net>,
linux-kernel@vger.kernel.org, virtualization@lists.linux.dev,
netdev@vger.kernel.org, kvm@vger.kernel.org,
linux-hyperv@vger.kernel.org, linux-kselftest@vger.kernel.org,
berrange@redhat.com, "Sargun Dhillon" <sargun@sargun.me>,
linux-doc@vger.kernel.org,
"Bobby Eshleman" <bobbyeshleman@meta.com>
Subject: Re: [PATCH net-next v15 01/12] vsock: add netns to vsock core
Date: Wed, 21 Jan 2026 09:36:48 -0800 [thread overview]
Message-ID: <aXEOoCqMvsbN2gtJ@devvm11784.nha0.facebook.com> (raw)
In-Reply-To: <4997118e-471c-45fe-bc1f-8f6140199db5@redhat.com>
On Wed, Jan 21, 2026 at 05:32:34PM +0100, Paolo Abeni wrote:
> On 1/21/26 3:48 PM, Stefano Garzarella wrote:
> >> diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
> >> index a8d0afde7f85..b6e3bfe365a1 100644
> >> --- a/Documentation/admin-guide/kernel-parameters.txt
> >> +++ b/Documentation/admin-guide/kernel-parameters.txt
> >> @@ -8253,6 +8253,20 @@ Kernel parameters
> >> them quite hard to use for exploits but
> >> might break your system.
> >>
> >> + vsock_init_ns_mode=
> >> + [KNL,NET] Set the vsock namespace mode for the init
> >> + (root) network namespace.
> >> +
> >> + global [default] The init namespace operates in
> >> + global mode where CIDs are system-wide and
> >> + sockets can communicate across global
> >> + namespaces.
> >> +
> >> + local The init namespace operates in local mode
> >> + where CIDs are private to the namespace and
> >> + sockets can only communicate within the same
> >> + namespace.
> >> +
> >
> > My comment on v14 was more to start a discussion :-) sorry to not be
> > clear.
> >
> > I briefly discussed it with Paolo in chat to better understand our
> > policy between cmdline parameters and module parameters, and it seems
> > that both are discouraged.
>
> Double checking the git log it looks like __setup() usage is less
> constrained/restricted than what I thought.
>
> > So he asked me if we have a use case for this, and thinking about it, I
> > don't have one at the moment. Also, if a user decides to set all netns
> > to local, whether init_net is local or global doesn't really matter,
> > right?
> >
> > So perhaps before adding this, we should have a real use case.
> > Perhaps more than this feature, I would add a way to change the default
> > of all netns (including init_net) from global to local. But we can do
> > that later, since all netns have a way to understand what mode they are
> > in, so we don't break anything and the user has to explicitly change it,
> > knowing that they are breaking compatibility with pre-netns support.\
>
> Lacking a clear use-case for vsock_init_ns_mode I tend to think it would
> be better to postpone its introduction. It should be easier to add it
> later than vice-versa.
>
> If there is a clear/well defined/known use-case, I guess the series can
> go as-is.
>
> /P
>
Our use case also does not need the ability to set the init ns mode, so
I'll revert this bit.
Thanks,
Bobby
next prev parent reply other threads:[~2026-01-21 17:36 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-01-16 21:28 [PATCH net-next v15 00/12] vsock: add namespace support to vhost-vsock and loopback Bobby Eshleman
2026-01-16 21:28 ` [PATCH net-next v15 01/12] vsock: add netns to vsock core Bobby Eshleman
2026-01-21 14:48 ` Stefano Garzarella
2026-01-21 16:32 ` Paolo Abeni
2026-01-21 17:36 ` Bobby Eshleman [this message]
2026-01-21 17:49 ` Bobby Eshleman
2026-01-16 21:28 ` [PATCH net-next v15 02/12] virtio: set skb owner of virtio_transport_reset_no_sock() reply Bobby Eshleman
2026-01-16 21:28 ` [PATCH net-next v15 03/12] vsock: add netns support to virtio transports Bobby Eshleman
2026-01-16 21:28 ` [PATCH net-next v15 04/12] selftests/vsock: increase timeout to 1200 Bobby Eshleman
2026-01-16 21:28 ` [PATCH net-next v15 05/12] selftests/vsock: add namespace helpers to vmtest.sh Bobby Eshleman
2026-01-16 21:28 ` [PATCH net-next v15 06/12] selftests/vsock: prepare vm management helpers for namespaces Bobby Eshleman
2026-01-21 2:54 ` [net-next,v15,06/12] " Jakub Kicinski
2026-01-21 5:16 ` Bobby Eshleman
2026-01-16 21:28 ` [PATCH net-next v15 07/12] selftests/vsock: add vm_dmesg_{warn,oops}_count() helpers Bobby Eshleman
2026-01-16 21:28 ` [PATCH net-next v15 08/12] selftests/vsock: use ss to wait for listeners instead of /proc/net Bobby Eshleman
2026-01-16 21:28 ` [PATCH net-next v15 09/12] selftests/vsock: add tests for proc sys vsock ns_mode Bobby Eshleman
2026-01-16 21:28 ` [PATCH net-next v15 10/12] selftests/vsock: add namespace tests for CID collisions Bobby Eshleman
2026-01-16 21:28 ` [PATCH net-next v15 11/12] selftests/vsock: add tests for host <-> vm connectivity with namespaces Bobby Eshleman
2026-01-16 21:28 ` [PATCH net-next v15 12/12] selftests/vsock: add tests for namespace deletion Bobby Eshleman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aXEOoCqMvsbN2gtJ@devvm11784.nha0.facebook.com \
--to=bobbyeshleman@gmail.com \
--cc=bcm-kernel-feedback-list@broadcom.com \
--cc=berrange@redhat.com \
--cc=bobbyeshleman@meta.com \
--cc=bryan-bt.tan@broadcom.com \
--cc=corbet@lwn.net \
--cc=davem@davemloft.net \
--cc=decui@microsoft.com \
--cc=edumazet@google.com \
--cc=eperezma@redhat.com \
--cc=haiyangz@microsoft.com \
--cc=horms@kernel.org \
--cc=jasowang@redhat.com \
--cc=kuba@kernel.org \
--cc=kvm@vger.kernel.org \
--cc=kys@microsoft.com \
--cc=linux-doc@vger.kernel.org \
--cc=linux-hyperv@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=longli@microsoft.com \
--cc=mst@redhat.com \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=sargun@sargun.me \
--cc=sgarzare@redhat.com \
--cc=shuah@kernel.org \
--cc=stefanha@redhat.com \
--cc=virtualization@lists.linux.dev \
--cc=vishnu.dasa@broadcom.com \
--cc=wei.liu@kernel.org \
--cc=xuanzhuo@linux.alibaba.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.