From: Stefano Garzarella <sgarzare@redhat.com>
To: Bobby Eshleman <bobbyeshleman@gmail.com>
Cc: "David S. Miller" <davem@davemloft.net>,
"Eric Dumazet" <edumazet@google.com>,
"Jakub Kicinski" <kuba@kernel.org>,
"Paolo Abeni" <pabeni@redhat.com>,
"Simon Horman" <horms@kernel.org>,
"Stefan Hajnoczi" <stefanha@redhat.com>,
"Michael S. Tsirkin" <mst@redhat.com>,
"Jason Wang" <jasowang@redhat.com>,
"Eugenio Pérez" <eperezma@redhat.com>,
"Xuan Zhuo" <xuanzhuo@linux.alibaba.com>,
"K. Y. Srinivasan" <kys@microsoft.com>,
"Haiyang Zhang" <haiyangz@microsoft.com>,
"Wei Liu" <wei.liu@kernel.org>,
"Dexuan Cui" <decui@microsoft.com>,
"Bryan Tan" <bryan-bt.tan@broadcom.com>,
"Vishnu Dasa" <vishnu.dasa@broadcom.com>,
"Broadcom internal kernel review list"
<bcm-kernel-feedback-list@broadcom.com>,
"Shuah Khan" <shuah@kernel.org>, "Long Li" <longli@microsoft.com>,
"Jonathan Corbet" <corbet@lwn.net>,
linux-kernel@vger.kernel.org, virtualization@lists.linux.dev,
netdev@vger.kernel.org, kvm@vger.kernel.org,
linux-hyperv@vger.kernel.org, linux-kselftest@vger.kernel.org,
berrange@redhat.com, "Sargun Dhillon" <sargun@sargun.me>,
linux-doc@vger.kernel.org,
"Bobby Eshleman" <bobbyeshleman@meta.com>
Subject: Re: [PATCH net-next v16 00/12] vsock: add namespace support to vhost-vsock and loopback
Date: Thu, 22 Jan 2026 14:55:36 +0100 [thread overview]
Message-ID: <aXH7YCgl0qI2dF1T@sgarzare-redhat> (raw)
In-Reply-To: <20260121-vsock-vmtest-v16-0-2859a7512097@meta.com>
On Wed, Jan 21, 2026 at 02:11:40PM -0800, Bobby Eshleman wrote:
>This series adds namespace support to vhost-vsock and loopback. It does
>not add namespaces to any of the other guest transports (virtio-vsock,
>hyperv, or vmci).
>
>The current revision supports two modes: local and global. Local
>mode is complete isolation of namespaces, while global mode is complete
>sharing between namespaces of CIDs (the original behavior).
>
>The mode is set using the parent namespace's
>/proc/sys/net/vsock/child_ns_mode and inherited when a new namespace is
>created. The mode of the current namespace can be queried by reading
>/proc/sys/net/vsock/ns_mode. The mode can not change after the namespace
>has been created.
>
>Modes are per-netns. This allows a system to configure namespaces
>independently (some may share CIDs, others are completely isolated).
>This also supports future possible mixed use cases, where there may be
>namespaces in global mode spinning up VMs while there are mixed mode
>namespaces that provide services to the VMs, but are not allowed to
>allocate from the global CID pool (this mode is not implemented in this
>series).
>
>Additionally, added tests for the new namespace features:
>
>tools/testing/selftests/vsock/vmtest.sh
>1..25
>ok 1 vm_server_host_client
>ok 2 vm_client_host_server
>ok 3 vm_loopback
>ok 4 ns_host_vsock_ns_mode_ok
>ok 5 ns_host_vsock_child_ns_mode_ok
>ok 6 ns_global_same_cid_fails
>ok 7 ns_local_same_cid_ok
>ok 8 ns_global_local_same_cid_ok
>ok 9 ns_local_global_same_cid_ok
>ok 10 ns_diff_global_host_connect_to_global_vm_ok
>ok 11 ns_diff_global_host_connect_to_local_vm_fails
>ok 12 ns_diff_global_vm_connect_to_global_host_ok
>ok 13 ns_diff_global_vm_connect_to_local_host_fails
>ok 14 ns_diff_local_host_connect_to_local_vm_fails
>ok 15 ns_diff_local_vm_connect_to_local_host_fails
>ok 16 ns_diff_global_to_local_loopback_local_fails
>ok 17 ns_diff_local_to_global_loopback_fails
>ok 18 ns_diff_local_to_local_loopback_fails
>ok 19 ns_diff_global_to_global_loopback_ok
>ok 20 ns_same_local_loopback_ok
>ok 21 ns_same_local_host_connect_to_local_vm_ok
>ok 22 ns_same_local_vm_connect_to_local_host_ok
>ok 23 ns_delete_vm_ok
>ok 24 ns_delete_host_ok
>ok 25 ns_delete_both_ok
>SUMMARY: PASS=25 SKIP=0 FAIL=0
>
>Thanks again for everyone's help and reviews!
Thank you for your hard work and patience!
I think we've come up with an excellent solution that's also not too
invasive.
All the patches have my R-b, I've double-checked and tested this v16.
Everything seems to be working fine (famous last words xD).
So this series is good to go IMO!
Next step should be to update the vsock(7) namespace.
Thanks,
Stefano
next prev parent reply other threads:[~2026-01-22 13:55 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-01-21 22:11 [PATCH net-next v16 00/12] vsock: add namespace support to vhost-vsock and loopback Bobby Eshleman
2026-01-21 22:11 ` [PATCH net-next v16 01/12] vsock: add netns to vsock core Bobby Eshleman
2026-02-17 15:08 ` Stefano Garzarella
2026-02-17 21:46 ` Jakub Kicinski
2026-01-21 22:11 ` [PATCH net-next v16 02/12] virtio: set skb owner of virtio_transport_reset_no_sock() reply Bobby Eshleman
2026-01-21 22:11 ` [PATCH net-next v16 03/12] vsock: add netns support to virtio transports Bobby Eshleman
2026-01-21 22:11 ` [PATCH net-next v16 04/12] selftests/vsock: increase timeout to 1200 Bobby Eshleman
2026-01-21 22:11 ` [PATCH net-next v16 05/12] selftests/vsock: add namespace helpers to vmtest.sh Bobby Eshleman
2026-01-21 22:11 ` [PATCH net-next v16 06/12] selftests/vsock: prepare vm management helpers for namespaces Bobby Eshleman
2026-01-21 22:11 ` [PATCH net-next v16 07/12] selftests/vsock: add vm_dmesg_{warn,oops}_count() helpers Bobby Eshleman
2026-01-21 22:11 ` [PATCH net-next v16 08/12] selftests/vsock: use ss to wait for listeners instead of /proc/net Bobby Eshleman
2026-01-21 22:11 ` [PATCH net-next v16 09/12] selftests/vsock: add tests for proc sys vsock ns_mode Bobby Eshleman
2026-01-21 22:11 ` [PATCH net-next v16 10/12] selftests/vsock: add namespace tests for CID collisions Bobby Eshleman
2026-01-21 22:11 ` [PATCH net-next v16 11/12] selftests/vsock: add tests for host <-> vm connectivity with namespaces Bobby Eshleman
2026-01-21 22:11 ` [PATCH net-next v16 12/12] selftests/vsock: add tests for namespace deletion Bobby Eshleman
2026-01-22 13:55 ` Stefano Garzarella [this message]
2026-01-22 16:01 ` [PATCH net-next v16 00/12] vsock: add namespace support to vhost-vsock and loopback Bobby Eshleman
2026-01-22 16:23 ` Michael S. Tsirkin
2026-01-27 10:00 ` patchwork-bot+netdevbpf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aXH7YCgl0qI2dF1T@sgarzare-redhat \
--to=sgarzare@redhat.com \
--cc=bcm-kernel-feedback-list@broadcom.com \
--cc=berrange@redhat.com \
--cc=bobbyeshleman@gmail.com \
--cc=bobbyeshleman@meta.com \
--cc=bryan-bt.tan@broadcom.com \
--cc=corbet@lwn.net \
--cc=davem@davemloft.net \
--cc=decui@microsoft.com \
--cc=edumazet@google.com \
--cc=eperezma@redhat.com \
--cc=haiyangz@microsoft.com \
--cc=horms@kernel.org \
--cc=jasowang@redhat.com \
--cc=kuba@kernel.org \
--cc=kvm@vger.kernel.org \
--cc=kys@microsoft.com \
--cc=linux-doc@vger.kernel.org \
--cc=linux-hyperv@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=longli@microsoft.com \
--cc=mst@redhat.com \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=sargun@sargun.me \
--cc=shuah@kernel.org \
--cc=stefanha@redhat.com \
--cc=virtualization@lists.linux.dev \
--cc=vishnu.dasa@broadcom.com \
--cc=wei.liu@kernel.org \
--cc=xuanzhuo@linux.alibaba.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox