search for: cid_host

...> You already mentioned that you are working on a fix for loopback > > > > here for the guest, but presumably a host could also do loopback. > > > > > > IIUC we don't support loopback in the host, because in this case the > > > application will use the CID_HOST as address, but if we are in a nested > > > VM environment we are in trouble. > > > > If both src and dst CID are CID_HOST, we should be fairly sure that this > > Is host loopback, no? If src is anything else, we would do G2H. > > > > The problem is that we d...

...he guest) - from v5.4 we support multi-transport, so the L1 VM (e.g. L0 assigned cid 5 to this VM) can have both Guest2Host and Host2Guest transports. In this case, we have these possible issues: - L2 (or L1) guest can use cid 0, 1, and 2 to reach L1 (or L0), instead we should allow only CID_HOST (2) to reach the level below. Note: this happens also with not malformed guest that runs Linux v5.4 - if a malformed L2 guest sends a packet with the wrong dst_cid, for example instead of CID_HOST, it uses the cid assigned by L0 to L1 (5 in this example), this packets can wrongly que...

...he guest) - from v5.4 we support multi-transport, so the L1 VM (e.g. L0 assigned cid 5 to this VM) can have both Guest2Host and Host2Guest transports. In this case, we have these possible issues: - L2 (or L1) guest can use cid 0, 1, and 2 to reach L1 (or L0), instead we should allow only CID_HOST (2) to reach the level below. Note: this happens also with not malformed guest that runs Linux v5.4 - if a malformed L2 guest sends a packet with the wrong dst_cid, for example instead of CID_HOST, it uses the cid assigned by L0 to L1 (5 in this example), this packets can wrongly que...

...callback > (they don't send any data to the remote peer), but they are used as > placeholder, > we don't need to assign them to a transport. > > > > > > > > The remote CID is used to decide which transport to use: > > > - remote CID > VMADDR_CID_HOST will use host->guest transport > > > - remote CID <= VMADDR_CID_HOST will use guest->host transport > > > - listener sockets are not bound to any transports since no transport > > > operations are done on it. In this way we can create a listener > > &gt...

...callback > (they don't send any data to the remote peer), but they are used as > placeholder, > we don't need to assign them to a transport. > > > > > > > > The remote CID is used to decide which transport to use: > > > - remote CID > VMADDR_CID_HOST will use host->guest transport > > > - remote CID <= VMADDR_CID_HOST will use guest->host transport > > > - listener sockets are not bound to any transports since no transport > > > operations are done on it. In this way we can create a listener > > &gt...

...transport, so the L1 VM (e.g. L0 assigned > > cid 5 to this VM) can have both Guest2Host and Host2Guest transports. > > In this case, we have these possible issues: > > - L2 (or L1) guest can use cid 0, 1, and 2 to reach L1 (or L0), > > instead we should allow only CID_HOST (2) to reach the level below. > > Note: this happens also with not malformed guest that runs Linux v5.4 > > - if a malformed L2 guest sends a packet with the wrong dst_cid, for example > > instead of CID_HOST, it uses the cid assigned by L0 to L1 (5 in this > >...

...any data to the remote peer), but they are used as > > placeholder, > > we don't need to assign them to a transport. > > > > > > > > > > > > The remote CID is used to decide which transport to use: > > > > - remote CID > VMADDR_CID_HOST will use host->guest transport > > > > - remote CID <= VMADDR_CID_HOST will use guest->host transport > > > > - listener sockets are not bound to any transports since no transport > > > > operations are done on it. In this way we can create a listene...

....4 we support multi-transport, so the L1 VM (e.g. L0 assigned > cid 5 to this VM) can have both Guest2Host and Host2Guest transports. > In this case, we have these possible issues: > - L2 (or L1) guest can use cid 0, 1, and 2 to reach L1 (or L0), > instead we should allow only CID_HOST (2) to reach the level below. > Note: this happens also with not malformed guest that runs Linux v5.4 > - if a malformed L2 guest sends a packet with the wrong dst_cid, for example > instead of CID_HOST, it uses the cid assigned by L0 to L1 (5 in this > example), this pack...

...ic transport, i.e., if it binds to the host CID, it will use H2G, and if it binds to something else it will use G2H? You can still use VMADDR_CID_ANY if you want to initially listen to both transports. > The remote CID is used to decide which transport to use: > - remote CID > VMADDR_CID_HOST will use host->guest transport > - remote CID <= VMADDR_CID_HOST will use guest->host transport > - listener sockets are not bound to any transports since no transport > operations are done on it. In this way we can create a listener > socket, also if the transports are n...

...ic transport, i.e., if it binds to the host CID, it will use H2G, and if it binds to something else it will use G2H? You can still use VMADDR_CID_ANY if you want to initially listen to both transports. > The remote CID is used to decide which transport to use: > - remote CID > VMADDR_CID_HOST will use host->guest transport > - remote CID <= VMADDR_CID_HOST will use guest->host transport > - listener sockets are not bound to any transports since no transport > operations are done on it. In this way we can create a listener > socket, also if the transports are n...

When we receive a new packet from the guest, we check if the src_cid is correct, but we forgot to check the dst_cid. The host should accept only packets where dst_cid is equal to the host CID. Signed-off-by: Stefano Garzarella <sgarzare at redhat.com> --- drivers/vhost/vsock.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/drivers/vhost/vsock.c

When we receive a new packet from the guest, we check if the src_cid is correct, but we forgot to check the dst_cid. The host should accept only packets where dst_cid is equal to the host CID. Signed-off-by: Stefano Garzarella <sgarzare at redhat.com> --- drivers/vhost/vsock.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/drivers/vhost/vsock.c

...don't use any transport specific callback (they don't send any data to the remote peer), but they are used as placeholder, we don't need to assign them to a transport. > > > > The remote CID is used to decide which transport to use: > > - remote CID > VMADDR_CID_HOST will use host->guest transport > > - remote CID <= VMADDR_CID_HOST will use guest->host transport > > - listener sockets are not bound to any transports since no transport > > operations are done on it. In this way we can create a listener > > socket, also if...