Re: Hermetic virtio-vsock in QEMU

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Hermetic virtio-vsock in QEMU

From:	Daniel P . Berrangé
Subject:	Re: Hermetic virtio-vsock in QEMU
Date:	Wed, 8 May 2024 14:32:45 +0100
User-agent:	Mutt/2.2.12 (2023-09-09)

On Wed, May 08, 2024 at 03:00:30PM +0200, Paolo Bonzini wrote:
> On Wed, May 8, 2024 at 2:51 PM Daniel P. Berrangé <berrange@redhat.com> wrote:
> > Designwise, a native VSOCK backend in QEMU really should implement the
> > same approach defined by firecracker, so that we have interoperability
> > with systemd, firecracker and cloud-hypervisor. See
> >
> >   https://gitlab.com/qemu-project/qemu/-/issues/2095
> >   
> > https://github.com/firecracker-microvm/firecracker/blob/main/docs/vsock.md#firecracker-virtio-vsock-design
> >
> > This involves multiple UNIX sockets on the host
> >
> >   1 * /some/path   - QEMU listens on this, and accepts connections
> >                      from other host processes. The client sends
> >                      "PORT <num>" to indicate that guest port it
> >                      is connecting to
> >
> >   n * /some/path_$PORT - QEMU connect to this for outgoing connections
> >                          from the guest. Other host processes need
> >                          to listen on whatever path_$PORT need to be
> >                          serviced
> 
> The former is quite horrible, but okay. Out of curiosity, which
> clients are using that convention?

I've no idea. The RFE above came out of a discussion with systemd
upstream when they were implementing their SSH-over-vsock host SSH
plugin

https://github.com/systemd/systemd/pull/30777

where it was noted that their code for using AF_VSOCK natively
wouldn't work with firecracker or cloud-hypervisor. Although
they've got native AF_VSOCK support there merged, conceptually
it looks desirable to have a common way of exposing AF_VSOCK
on the host.

Also, aside from cross-OS portability, this has the other benefit
that arbitarary users on the same host can make use of AF_VSOCK,
without worrying about CID clashes in the host kernel between
guests they're not aware of. All guests can just use the same
fixed CID and the UNIX socket exposure on the host namespaces
them.

With regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

[Prev in Thread]

Current Thread

[Next in Thread]

Re: Hermetic virtio-vsock in QEMU, Stefano Garzarella, 2024/05/07
- Re: Hermetic virtio-vsock in QEMU, Roman Kiryanov, 2024/05/08
  - Re: Hermetic virtio-vsock in QEMU, Stefano Garzarella, 2024/05/08
    - Re: Hermetic virtio-vsock in QEMU, Marc-André Lureau, 2024/05/08
    - Re: Hermetic virtio-vsock in QEMU, Stefano Garzarella, 2024/05/08
    - Re: Hermetic virtio-vsock in QEMU, Paolo Bonzini, 2024/05/08
    - Re: Hermetic virtio-vsock in QEMU, Daniel P . Berrangé, 2024/05/08
    - Re: Hermetic virtio-vsock in QEMU, Paolo Bonzini, 2024/05/08
    - Re: Hermetic virtio-vsock in QEMU, Daniel P . Berrangé <=

Prev by Date: Re: [PATCH v3 33/33] target/ppc: Add a macro to check for page protection bit
Next by Date: Re: [PATCH] hw/nvme: fix mo field in io mgnt send
Previous by thread: Re: Hermetic virtio-vsock in QEMU
Next by thread: [Stable-8.2.4 00/16] Patch Round-up for stable 8.2.4 (planned for 2024-05-12)
Index(es):
- Date
- Thread