From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id DA848224B0D for ; Thu, 22 Jan 2026 13:55:46 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1769090148; cv=none; b=RgrKPmARhQow0kMB2U9jo9JPsumuX8lQYX8mXU2Dms42AYdpzepbP0hqxbBXTbnXTlAdo7cZPKZtjylQ9ck90EVn/Zuf7SfcnHFUTM7ow/1DQUg+FlGcevSRbvtzgxTtmJF3QwE0h+XYOA10osCTbgZhtIP4AIolWvTjLO2yTyU= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1769090148; c=relaxed/simple; bh=2nXcGNysBiBdRcr6vy4ZStKKh5dYZxcbpIG7VnXq8as=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=qb0ZUKQQQ3LfNYzVgKp6cz0HIGXT3mFUN0wXiPLfDkboMPNaqVvtoDqA90eHb9x0ZvDIeFOFBuvHPXJpo+JA5ONszFVmRCr4Vl3Xu7TFMuicM+iELkhX3qQ+lp6AERdNmHdzK3/BsiZGv3syCkHU2QomSQ/SUYe6OwuhBvTZAQg= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=dKIjNfoP; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=mn8wNyGS; arc=none smtp.client-ip=170.10.129.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="dKIjNfoP"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="mn8wNyGS" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1769090145; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=F3Df56peZRg7yuOoU4r9j2z63CMqum3dw8Q62JAWFUY=; b=dKIjNfoPWX7POmB//l2RW700xuJRGr/FpNP99HfsXOH6cLD8kvrK9gIgtxcM7xYIzecw0X kiq9eYQAsRMuE8R6vWXaNfrXn3ub6dYjjIk+fgxvZ0a4HvO/N5BoIn3f2wtg4v8Te76ouG Y6Ar4VlDUQzWw9vQN0aWUV+5GNqPpu0= Received: from mail-wr1-f72.google.com (mail-wr1-f72.google.com [209.85.221.72]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-171-zcOrFgmRO26u8dvLYyZr4A-1; Thu, 22 Jan 2026 08:55:44 -0500 X-MC-Unique: zcOrFgmRO26u8dvLYyZr4A-1 X-Mimecast-MFC-AGG-ID: zcOrFgmRO26u8dvLYyZr4A_1769090143 Received: by mail-wr1-f72.google.com with SMTP id ffacd0b85a97d-4358f90fe8dso673723f8f.0 for ; Thu, 22 Jan 2026 05:55:44 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1769090143; x=1769694943; darn=vger.kernel.org; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=F3Df56peZRg7yuOoU4r9j2z63CMqum3dw8Q62JAWFUY=; b=mn8wNyGShfiU8zpLqqW1CJz3jW5+8fjwrYCHmBWgOVC4SJO3MbAFX2tfxro+yd5QDm 0JLhe+vvs1qJcHtRo5lchGrgx2BOnItYppZYoOf1ejrjs0iqcwJKkfjVOnvok/iEi/86 p00hhClju5EurMCdnC9TmH/KoYzMejAKc6UDpOHrcqhLVEgKNXCgjZvesK6pkPmZv0nP 9HQLX/OsK0ZRDVboJL7NcCOJBhUDrGOiOPRo763osNssreWFXsqpCbvstinNRJlH5wzo RWu6dp12WnWtsVWBSIq9UrDeqfpnl38BDw726f1wR+ee8TSY3Fzc4yagJg0gWUo+5IuG GlHA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1769090143; x=1769694943; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-gg:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=F3Df56peZRg7yuOoU4r9j2z63CMqum3dw8Q62JAWFUY=; b=HR1CWcnk7Czee7BfmftZbvBzumP5Cs0rQi3766t/+V9UxcJzfn0sC/Ik1/DclDB0eO 13INkiHDK0O47/DN/PHcUHVNEIYZKHjLknGEZJZN+4TlldXDzxnVpf2bMtkatF8RyXa4 DbDg3sMMNwhecR7OrSWc61ZWfcflB6d7PNHXc/h98XxslttQpl7TQLrDW/+cnKzk/c1T vVGIOWJ5Y+BMACWuu65RRRPndvo7/fNzLOHkYXDYzZhuzhjqnrTsPRiVsk+5rKIiTgEO xV6fd4tJwHGSrprQszedG//5nBmHVosI/nyVC5nr9wGI5fYhQiEXTMydhIK4kTItwaYP OCxw== X-Forwarded-Encrypted: i=1; AJvYcCVDxy2tWgoMH9XdB0V/I5e2oAM3l7dkTgO6ll0TcXlHFkekBo/dgtraU3DG2ayDB5iUvNyA2dI=@vger.kernel.org X-Gm-Message-State: AOJu0YzjrsvgDaQ0eYVdPCaQLxgGTEG8IX+2N1IBBU9rgddCvH7wL42c LTq1E2jnAC+9pO/Vd8Gzf5FP33ynr9rHHi3WfP4h+2uDoCtLr5mdqkCxEUxrlcAxZnMcf7D7Rmu yFcT+L53NMbxeGmANlWrxB9cqPFs16jFEzc06xN2uV9UxzvxW066W8a94zw== X-Gm-Gg: AZuq6aIz6zvTszJP9QshNpQ1mArKESJ72Glgq1zigTzh/Tf10PxDk6OaY6IYDwJxzN1 avcMo5R7eTKK0ZWW7YfJuY22D0e16Vj/DTlmmQoUx5aJn08izh0gmZ3kXnrU3VUw1xp+enF71EO ATyzjD5zfuKM3DSKPi26H3wH8pKVODPGVqisAp8KNrr17g47ci1Fu43aHFbskuHKVCVmzHjiNHV RvbOeX2TnBInXCFYREz2eWjcPoknE60Pih26tweNLedMZ1MbsTPn9RZezF9EhbQMFcbr43L0D3q K0gQQM7e+ksMqXKUSWgoy8HEZzKG9NgpG/m+qvM43Ao/zB1Tu8NyDlUw2wVaqSd9T7j0YqDRyKa tuHMQnHAJxVqc2eDdKK5kdSuIXWoXRGryVcD+YhahPqiVuhRlkGhDDHYxxUQ= X-Received: by 2002:adf:f812:0:b0:435:9e32:2b85 with SMTP id ffacd0b85a97d-435a5ff993cmr4488736f8f.29.1769090143512; Thu, 22 Jan 2026 05:55:43 -0800 (PST) X-Received: by 2002:adf:f812:0:b0:435:9e32:2b85 with SMTP id ffacd0b85a97d-435a5ff993cmr4488677f8f.29.1769090143056; Thu, 22 Jan 2026 05:55:43 -0800 (PST) Received: from sgarzare-redhat (host-82-53-134-58.retail.telecomitalia.it. [82.53.134.58]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-4359333b924sm18095487f8f.13.2026.01.22.05.55.41 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 22 Jan 2026 05:55:42 -0800 (PST) Date: Thu, 22 Jan 2026 14:55:36 +0100 From: Stefano Garzarella To: Bobby Eshleman Cc: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Stefan Hajnoczi , "Michael S. Tsirkin" , Jason Wang , Eugenio =?utf-8?B?UMOpcmV6?= , Xuan Zhuo , "K. Y. Srinivasan" , Haiyang Zhang , Wei Liu , Dexuan Cui , Bryan Tan , Vishnu Dasa , Broadcom internal kernel review list , Shuah Khan , Long Li , Jonathan Corbet , linux-kernel@vger.kernel.org, virtualization@lists.linux.dev, netdev@vger.kernel.org, kvm@vger.kernel.org, linux-hyperv@vger.kernel.org, linux-kselftest@vger.kernel.org, berrange@redhat.com, Sargun Dhillon , linux-doc@vger.kernel.org, Bobby Eshleman Subject: Re: [PATCH net-next v16 00/12] vsock: add namespace support to vhost-vsock and loopback Message-ID: References: <20260121-vsock-vmtest-v16-0-2859a7512097@meta.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Disposition: inline In-Reply-To: <20260121-vsock-vmtest-v16-0-2859a7512097@meta.com> On Wed, Jan 21, 2026 at 02:11:40PM -0800, Bobby Eshleman wrote: >This series adds namespace support to vhost-vsock and loopback. It does >not add namespaces to any of the other guest transports (virtio-vsock, >hyperv, or vmci). > >The current revision supports two modes: local and global. Local >mode is complete isolation of namespaces, while global mode is complete >sharing between namespaces of CIDs (the original behavior). > >The mode is set using the parent namespace's >/proc/sys/net/vsock/child_ns_mode and inherited when a new namespace is >created. The mode of the current namespace can be queried by reading >/proc/sys/net/vsock/ns_mode. The mode can not change after the namespace >has been created. > >Modes are per-netns. This allows a system to configure namespaces >independently (some may share CIDs, others are completely isolated). >This also supports future possible mixed use cases, where there may be >namespaces in global mode spinning up VMs while there are mixed mode >namespaces that provide services to the VMs, but are not allowed to >allocate from the global CID pool (this mode is not implemented in this >series). > >Additionally, added tests for the new namespace features: > >tools/testing/selftests/vsock/vmtest.sh >1..25 >ok 1 vm_server_host_client >ok 2 vm_client_host_server >ok 3 vm_loopback >ok 4 ns_host_vsock_ns_mode_ok >ok 5 ns_host_vsock_child_ns_mode_ok >ok 6 ns_global_same_cid_fails >ok 7 ns_local_same_cid_ok >ok 8 ns_global_local_same_cid_ok >ok 9 ns_local_global_same_cid_ok >ok 10 ns_diff_global_host_connect_to_global_vm_ok >ok 11 ns_diff_global_host_connect_to_local_vm_fails >ok 12 ns_diff_global_vm_connect_to_global_host_ok >ok 13 ns_diff_global_vm_connect_to_local_host_fails >ok 14 ns_diff_local_host_connect_to_local_vm_fails >ok 15 ns_diff_local_vm_connect_to_local_host_fails >ok 16 ns_diff_global_to_local_loopback_local_fails >ok 17 ns_diff_local_to_global_loopback_fails >ok 18 ns_diff_local_to_local_loopback_fails >ok 19 ns_diff_global_to_global_loopback_ok >ok 20 ns_same_local_loopback_ok >ok 21 ns_same_local_host_connect_to_local_vm_ok >ok 22 ns_same_local_vm_connect_to_local_host_ok >ok 23 ns_delete_vm_ok >ok 24 ns_delete_host_ok >ok 25 ns_delete_both_ok >SUMMARY: PASS=25 SKIP=0 FAIL=0 > >Thanks again for everyone's help and reviews! Thank you for your hard work and patience! I think we've come up with an excellent solution that's also not too invasive. All the patches have my R-b, I've double-checked and tested this v16. Everything seems to be working fine (famous last words xD). So this series is good to go IMO! Next step should be to update the vsock(7) namespace. Thanks, Stefano