tsi: forward protocol field in proxy create enabling DGRAM+ICMP ping#127
Draft
mtjhrc wants to merge 1 commit into
Draft
tsi: forward protocol field in proxy create enabling DGRAM+ICMP ping#127mtjhrc wants to merge 1 commit into
mtjhrc wants to merge 1 commit into
Conversation
Add protocol to struct tsi_proxy_create and struct tsi_sock so the
host VMM can distinguish SOCK_DGRAM+IPPROTO_ICMP ("ping" socket) from
plain UDP. Without this, TSI hijacks ping sockets but the host
creates UDP sockets, breaking ICMP echo.
This enables ping for implementations that use SOCK_DGRAM ping
sockets (iputils on modern Fedora, Ubuntu, etc.). SOCK_RAW-based ping
(busybox/alpine) is not supported as TSI only hijacks SOCK_STREAM
and SOCK_DGRAM.
Assisted-by: OpenCode:claude-opus-4.6
Signed-off-by: Matej Hrica <mhrica@redhat.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Add protocol to struct tsi_proxy_create and struct tsi_sock so the host VMM can distinguish
SOCK_DGRAM+IPPROTO_ICMP("ping" socket) from plain UDP. Without this, TSI hijacks ping sockets but the host creates UDP sockets, breaking ICMP echo.This enables ping for implementations that use SOCK_DGRAM ping sockets (iputils on modern Fedora, Ubuntu, etc.). SOCK_RAW-based ping (busybox/alpine) is not supported as TSI only hijacks SOCK_STREAM and SOCK_DGRAM.
Coresponding libkrun side fix + test: TODO
Assisted-by: OpenCode:claude-opus-4.6