From: Anthony Liguori <aliguori@us.ibm.com>
To: "Mike D. Day" <ncmike@us.ibm.com>
Cc: "Cihula, Joseph" <joseph.cihula@intel.com>,
xen-devel@lists.xensource.com, Stefan Berger <stefanb@us.ibm.com>,
"Scarlata, Vincent R" <vincent.r.scarlata@intel.com>,
Ronald Perez <ronpz@us.ibm.com>
Subject: Re: A migration framework for external devices
Date: Thu, 09 Feb 2006 12:45:11 -0600 [thread overview]
Message-ID: <43EB8DB7.4030503@us.ibm.com> (raw)
In-Reply-To: <43EB8B89.80909@us.ibm.com>
Mike D. Day wrote:
> Anthony Liguori wrote:
>> all). It also allows you to do clever things like vary the port
>> which should add to the security of migration.
>
> Allowing the target to choose the port is good practice but not added
> security.
If the Xend is always listening for migrations on a well-known port, it
is trivially easy to start migrating domains to that host. If the port
number isn't decided until the time of migration (and better yet, is
decided through a secure channel like SSH), it makes it difficult to
determine when a port is open to migrate to and which port that is.
It's not perfect, but no security mechanism is. It's definitely better
than what we have now as it means you have to authenticate to a host
before you can migrate to it.
>> Why do plugins have to exist? The only reason to have a plugin
>> mechanism is to be able to maintain plugins outside of the Xend tree
>> which would require a stable plugin interface. I don't think we're
>> at a point where we can do that.
>
> No, you are missing an important point. The plugin mechanism is
> necessary to isolate specialized device migration code from
> general-purpose migration code. I don't think it has anything to do
> with where the plugins are maintained.
All devices have to have their state migrated in some form. There's
already code to handle that in Xend (via the S-Expression configuration
file). The only reason TPM migration doesn't just work is that the
current state migration is unidirectional and TPM requires bidirectional
state synchronization.
All that's strictly required here is the ability to transfer the TPM
state. This is just a little bit of additional code in XendCheckpoint
that ran after suspend to transfer the TPM state.
You certainly don't need to have a plugin mechanism to handle TPM
devices. I don't know of any other devices that need this logic either
today so it would be creating a lot of complexity with a plugin
mechanism and extensible protocol when it's not necessary.
Regards,
Anthony Liguori
next prev parent reply other threads:[~2006-02-09 18:45 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-02-08 20:16 A migration framework for external devices Stefan Berger
2006-02-08 21:28 ` Muli Ben-Yehuda
2006-02-08 21:30 ` Stefan Berger
2006-02-08 22:32 ` Mike D. Day
2006-02-08 22:40 ` Stefan Berger
2006-02-09 12:34 ` Mike D. Day
2006-02-09 15:01 ` Daniel Veillard
2006-02-09 16:10 ` Mike D. Day
2006-02-13 10:18 ` Daniel Veillard
2006-02-09 16:20 ` Stefan Berger
2006-02-09 16:37 ` Mike D. Day
2006-02-09 15:05 ` Anthony Liguori
2006-02-09 16:52 ` Stefan Berger
2006-02-09 17:05 ` Anthony Liguori
2006-02-09 17:51 ` Stefan Berger
2006-02-09 18:35 ` Mike D. Day
2006-02-09 18:45 ` Anthony Liguori [this message]
2006-02-09 18:58 ` Mike D. Day
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=43EB8DB7.4030503@us.ibm.com \
--to=aliguori@us.ibm.com \
--cc=joseph.cihula@intel.com \
--cc=ncmike@us.ibm.com \
--cc=ronpz@us.ibm.com \
--cc=stefanb@us.ibm.com \
--cc=vincent.r.scarlata@intel.com \
--cc=xen-devel@lists.xensource.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.