Knowledge: Using vsock

vsock provides point to point connectivity between host and guest. On IBM Z, it requires the following minimum levels: Linux kernel 4.8 (host and guest), QEMU 2.8, and libvirt v4.7.


A socket address is defined as a combination of a 32-bit Context Identifier (CID) and a 32-bit port number:
  • CID: Identifies the source or destination, which is either a virtual machine or the host. There are several special addresses:
    • VMADDR_CID_ANY (-1U) means any address for binding
    • VMADDR_CID_HYPERVISOR (0) is reserved for services built into the hypervisor
    • VMADDR_CID_RESERVED (1) must not be used
    • VMADDR_CID_HOST (2) is the well-known address of the host
  • Port: Differentiates between multiple services running on a single machine.



Verify the kernel configs as follows:
  • Host kernel:
  • Guest kernel:
Now load the module vhost_vsock in the host:
   user@host$ modprobe vhost_vsock

If SELinux is running: Unless you provide respective exception policies, make sure that it is set to 'permissive':
   user@host$ setenforce Permissive

Usage Example

Use streaming sockets of address family AF_VSOCK for vsock-based communication.
However, instead of writing your own BSD-sockets programs, you can simply use nc-vsock, a netcat clone. If not available in your linux distribution, download and build as follows in host and guest:
   user@host$ git clone
   user@host$ cd nc-vsock
   user@host$ make
Next up, enable a guest domain by adding a vsock device as follows:
   <vsock model='virtio'>
     <cid auto='no' address='9'/>
     <address type='ccw' cssid='0xfe' ssid='0x0' devno='0x0003'/>
Note that these parts can be skipped during guest definition.

Start a server on the host as follows:
   user@host$ nc-vsock -l 1234
Send a message from a guest to the host (represented by CID 2, see above):
   user@guest$ echo "This message is from guest $HOSTNAME" > guestmsg.txt
   user@guest$ nc-vsock 2 1234 < guestmsg.txt
Finally check the host's console to confirm that the message from the guest was received indeed:
   user@host$ nc-vsock -l 1234
   Connection from cid 9 port 1024...
   This message is from guest s38lp11

No comments:

Post a Comment