On Sat, Jan 10, 2026 at 07:12:07PM -0500, Michael S. Tsirkin wrote:
On Fri, Jan 09, 2026 at 04:11:12PM -0800, Bobby Eshleman wrote:
On Tue, Dec 23, 2025 at 04:28:34PM -0800, Bobby Eshleman wrote:
This series adds namespace support to vhost-vsock and loopback. It does not add namespaces to any of the other guest transports (virtio-vsock, hyperv, or vmci).
The current revision supports two modes: local and global. Local mode is complete isolation of namespaces, while global mode is complete sharing between namespaces of CIDs (the original behavior).
The mode is set using the parent namespace's /proc/sys/net/vsock/child_ns_mode and inherited when a new namespace is created. The mode of the current namespace can be queried by reading /proc/sys/net/vsock/ns_mode. The mode can not change after the namespace has been created.
Modes are per-netns. This allows a system to configure namespaces independently (some may share CIDs, others are completely isolated). This also supports future possible mixed use cases, where there may be namespaces in global mode spinning up VMs while there are mixed mode namespaces that provide services to the VMs, but are not allowed to allocate from the global CID pool (this mode is not implemented in this series).
Stefano, would like me to resend this without the RFC tag, or should I just leave as is for review? I don't have any planned changes at the moment.
Best, Bobby
i couldn't apply it on top of net-next so pls do.
Yeah, some difficulties to apply also here. I tried `base-commit: 962ac5ca99a5c3e7469215bf47572440402dfd59` as mentioned in the cover, but didn't apply. After several tries I successfully applied on top of commit bc69ed975203 ("Merge tag 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost")
So, I agree, better to resend and you can remove RFC.
BTW I'll do my best to start to review tomorrow!
Thanks, Stefano