From mboxrd@z Thu Jan  1 00:00:00 1970
From: Arnd Bergmann <arnd@arndb.de>
Subject: Re: [PATCH qemu-kvm] Add raw(af_packet) network backend to qemu
Date: Thu, 28 Jan 2010 21:29:23 +0100
Message-ID: <201001282129.23255.arnd@arndb.de>
References: <4B5F54E8.3080507@codemonkey.ws> <20100128145226.GA10497@redhat.com> <4B61A7C9.7040808@codemonkey.ws>
Mime-Version: 1.0
Content-Type: Text/Plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Cc: "Michael S. Tsirkin" <mst@redhat.com>,
	Sridhar Samudrala <sri@us.ibm.com>, avi@redhat.com,
	markmc@redhat.com, ogerlitz@voltaire.com, kvm@vger.kernel.org,
	qemu-devel@vger.kernel.org, Chris Wright <chrisw@redhat.com>
To: Anthony Liguori <anthony@codemonkey.ws>
Return-path: <kvm-owner@vger.kernel.org>
Received: from moutng.kundenserver.de ([212.227.126.187]:51363 "EHLO
	moutng.kundenserver.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1754204Ab0A1Unq (ORCPT <rfc822;kvm@vger.kernel.org>);
	Thu, 28 Jan 2010 15:43:46 -0500
In-Reply-To: <4B61A7C9.7040808@codemonkey.ws>
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

On Thursday 28 January 2010, Anthony Liguori wrote:
> normal user uses libvirt to launch custom qemu instance.  libvirt passes 
> an fd of a raw socket to qemu and puts the qemu process in a restricted 
> network namespace.  user has another program running listening on a unix 
> domain socket and does something to the qemu process that causes it to 
> open the domain socket and send the fd it received from libvirt via 
> SCM_RIGHTS.

I looked at the af_unix code and it seems to suggest that this is not
possible, because you cannot bind to a socket that belongs to a different
network namespace. I haven't tried it though, so I may have missed
something.

	Arnd