From: Anthony Liguori <aliguori@us.ibm.com>
To: "Daniel P. Berrange" <berrange@redhat.com>
Cc: xen-devel@lists.xensource.com
Subject: Re: xenconsoled CPU denial of service problem
Date: Wed, 04 Oct 2006 13:19:31 -0500 [thread overview]
Message-ID: <4523FB33.7080807@us.ibm.com> (raw)
In-Reply-To: <20061004181013.GH474@redhat.com>
Daniel P. Berrange wrote:
>> Xenconsole could still spit out on a PTY. You don't necessarily need a
>> daemon though (you could launch a xenconsole for each domain that was
>> started).
>>
>
> The xenconsole would still need the rate-limiting, and once you're launching
> one xenconsole per domain, where's the gain over the single xenconsoled
> process ?
>
When the pty is writable, try to read information from ring queue. Only
let the pty become readable when there is data in the queue ready to be
ready. You only need to listen for event channel notifications when the
queue is empty (so you cannot be stormed).
Likewise, you don't have to listen for event channel notifications when
the queue is full, and you have data to write.
The only time you could be DoS is when someone is attached to the PTY
and actively reading/writing to it. I would then argue that it's not
xenconsole's responsibility to rate limit. It's whoever is reading or
writing.
>> That also gives you a bit more choice in how you expose the console (you
>> could have a xenconsole that spit out via TCP).
>>
>
> Given a TTY, there are already tools which can do this & more. So I don't see
> any point in writing such functionality again for Xen. If using HVM domains
> one would already typically be exposing a serial console from the guest via
> a pseudo-TTY, so doing all PV console stuff via a TTY gives parity in the
> management toolset.
>
I'm happy exposing a pty for the console. I made those same arguments
myself when we first did it :-) I'm simply suggesting that we move the
buffering to domU.
Regards,
Anthony Liguori
> Regards,
> Dan.
>
next prev parent reply other threads:[~2006-10-04 18:19 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-08-28 18:02 xenconsoled CPU denial of service problem Daniel P. Berrange
2006-08-28 20:57 ` Keir Fraser
2006-08-29 15:59 ` Daniel P. Berrange
2006-08-30 18:13 ` Keir Fraser
2006-09-11 14:19 ` Daniel P. Berrange
2006-10-04 13:50 ` Daniel P. Berrange
2006-10-04 14:19 ` Keir Fraser
2006-10-04 16:49 ` Anthony Liguori
2006-10-04 17:19 ` Daniel P. Berrange
2006-10-04 17:42 ` Keir Fraser
2006-10-04 17:52 ` Anthony Liguori
2006-10-04 18:10 ` Daniel P. Berrange
2006-10-04 18:19 ` Anthony Liguori [this message]
2006-08-30 18:13 ` Keir Fraser
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4523FB33.7080807@us.ibm.com \
--to=aliguori@us.ibm.com \
--cc=berrange@redhat.com \
--cc=xen-devel@lists.xensource.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.