Gleb Natapov wrote: > Andrew, > > On Wed, Oct 15, 2008 at 07:18:52AM -0700, Andrew Biggadike wrote: > >> Gleb Natapov <gleb@xxxxxxxxxx> wrote: >> >>>> Of course, you should also take a look at VMware's VMCI. If we're going >>>> to have a socket interface, if we can have a compatible userspace >>>> interface, that would probably be a good thing. >>>> >>> I looked at what I could find about VMCI (http://pubs.vmware.com/vmci-sdk/index.html). >>> >> I believe Anthony intended for you to look at the sockets interface to >> VMCI: http://www.vmware.com/pdf/ws65_s2_vmci_sockets.pdf. >> >> > Using VMCI socket requires loading kernel module in a guest and in a host. > Is this correct? > Note that their addressing scheme uses a CID/port pair. I think it's interesting and somewhat safe because it basically mirrors an IP/port pair. That makes it relatively safe because that addressing mechanism is well known (with it's advantages and flaws). For instance, you need some sort of authority to assign out ports. It doesn't really help with discovery either. Another possibility would be to have the address be like sockaddr_un. You could actually have it be file paths. The effect would be that any VMs that can communicate with each other could have a common namespace. You could extend the analogy and actually create controllable permissions that could be used to control who can talk to who. You could even create a synthetic filesystem in the guest that could mount this namespace allowing very sophisticated enumeration/permission control. This is probably the complete opposite end in terms of having a novel interface. The best solution is probably somewhere between the two. Regards, Anthony Liguori > -- > Gleb. > _______________________________________________ Virtualization mailing list Virtualization@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/virtualization
