Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
ncat: add AF_VSOCK support #1075
This pull request adds support for the AF_VSOCK address family that has been in Linux since 3.9. AF_VSOCK facilitates host<->guest communication for VMware, KVM, and Hyper-V hypervisors. Addresses are represented as <u32 cid, u32 port> pairs. Both SOCK_STREAM and SOCK_DGRAM socket types are available (depending on hypervisor support).
AF_VSOCK is used for guest agents and hypervisor services. It is useful to have ncat support for shell scripting and testing.
This pull request adds an
The first thing new users do is to try netcat (for testing and troubleshooting). I wrote a utility to do this, but going forward I'd prefer to add support to ncat instead of shipping a new package solely for AF_VSOCK:
Hypervisor services and guest agents can use AF_VSOCK without worrying about network configuration since it's zero-configuration. For example, it is fairly common to run an agent inside the guest that allows the host to run management commands. VMware, KVM, and Hyper-V hypervisors all support AF_VSOCK.
Here is the Linux man page:
An overview of the virtio transport:
You can try it out on a Linux host with QEMU:
Any recent Linux guest should work (Debian testing, Fedora 27, etc).
AF_VSOCK sockets faciliate host<->guest communication on VMware, KVM, and Hyper-V hypervisors. AF_VSOCK has been available since Linux 3.9. SOCK_STREAM and SOCK_DGRAM semantics may be supported and semantics are similar to TCP and UDP. Addresses are represented by a <u32 cid, u32 port> pair, where the CID plays a role analogous to an IP address. This patch adds nsock_connect_vsock_stream() and nsock_connect_vsock_datagram() APIs. Note that nsock_connect_internal()'s unsigned short port argument must be changed to unsigned int to represent AF_VSOCK port numbers. Public TCP/UDP APIs are unchanged and still only take unsigned short port arguments.
Up until now unsigned short was sufficient for TCP/UDP port numbers. The AF_VSOCK address family uses unsigned 32-bit port numbers. This patch refactors main() so that AF_VSOCK code will be able to use the full [0, UINT32_MAX] port range in the next patch.
@dmiller-nmap I have rebased and retested this pull request. AF_VSOCK is being used increasingly for guest agents by Kata Containers, Crosvm, and other projects. ncat support is very useful for manually debugging and troubleshooting connectivity. I hope this feature can be merged.
If you have any questions, please let me know. Thanks!