Re: [ANNOUNCE] xen ocaml tools

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Patrick Colp <pjcolp@cs.ubc.ca>
To: xen-devel <xen-devel@lists.xensource.com>
Cc: Thomas Gazagnaire <Thomas.Gazagnaire@eu.citrix.com>,
	Vincent Hanquez <vincent.hanquez@eu.citrix.com>
Subject: Re: [ANNOUNCE] xen ocaml tools
Date: Fri, 06 Feb 2009 15:46:16 -0800	[thread overview]
Message-ID: <498CCBC8.7020407@cs.ubc.ca> (raw)
In-Reply-To: <498B0960.30109@eu.citrix.com>

[-- Attachment #1: Type: text/plain, Size: 2107 bytes --]

Vincent Hanquez wrote:
> Patrick Colp wrote:
>> I'm really excited to see somebody else working on an OCaml XenStore! 
>> I was wondering if you could tell me what the difference are between 
>> this implementation and the one I recently released to the community?
>>   
> this is a bit hard to tell without testing your version.
> 
> but i think the main difference is the way we handle transactions, which 
> should provide a stable average time to commit transactions when having 
> lots of xenstore traffic from guests.

I think you're thinking of my initial release last year. The version I released 
a few months ago also has an in-memory store and greatly improved transactions. 
It was motivated by the need to survive things like DoS attacks.

I wrote a little attack program (in OCaml) which runs from any DomU and brought 
the original xenstored to its knees. With the attack going, it's impossible to 
bring a new domain up -- it just hangs forever attempting to bring it up. 
Basically, the attack just hammers xenstored with micro-transactions. With the 
original transaction system, which allows the first committing transaction in a 
generation to win, long transactions could never complete. I implemented 
transactions that would enable all concurrent but non-conflicting transactions 
to commit. This made my version of xenstored resilient to the attack.

I played around with this with your version too, but found that, while it would 
not hang forever while attempting to load a domain, it would instead die after a 
few seconds with the following error:

Error: (2, 'No such file or directory')

I tried with with the eagain mode thing (random dropping of 1/3 of all 
transactions) both enabled and disabled, but it had the same effect (except that 
with the mode enabled, 1/3 of all transactions would fail regardless of if they 
should or not).

I've been reading over your code and noticed that you seem to have a 
mini-implementation of libxc. I was wondering why you chose to do this over 
using the pre-existing libxenctrl? Does this make the final executable smaller?

Patrick

[-- Attachment #2: attack.tar.gz --]
[-- Type: application/x-gzip, Size: 7655 bytes --]

[-- Attachment #3: Type: text/plain, Size: 138 bytes --]

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

next prev parent reply	other threads:[~2009-02-06 23:46 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2009-02-04 14:56 [ANNOUNCE] xen ocaml tools Vincent Hanquez
2009-02-04 20:40 ` Patrick Colp
2009-02-05 15:44   ` Vincent Hanquez
2009-02-06 23:46     ` Patrick Colp [this message]
2009-02-07  1:34       ` Patrick Colp
2009-02-16 15:01       ` Vincent Hanquez
2009-02-17  1:06         ` Patrick Colp
2009-02-17  1:19         ` Jun Koi
2009-02-17  7:59           ` Keir Fraser

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=498CCBC8.7020407@cs.ubc.ca \
    --to=pjcolp@cs.ubc.ca \
    --cc=Thomas.Gazagnaire@eu.citrix.com \
    --cc=vincent.hanquez@eu.citrix.com \
    --cc=xen-devel@lists.xensource.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.