From: Vincent Hanquez <vincent.hanquez@eu.citrix.com>
To: Patrick Colp <pjcolp@cs.ubc.ca>
Cc: xen-devel <xen-devel@lists.xensource.com>,
Thomas Gazagnaire <Thomas.Gazagnaire@eu.citrix.com>
Subject: Re: [ANNOUNCE] xen ocaml tools
Date: Mon, 16 Feb 2009 15:01:53 +0000 [thread overview]
Message-ID: <49997FE1.9060508@eu.citrix.com> (raw)
In-Reply-To: <498CCBC8.7020407@cs.ubc.ca>
Patrick Colp wrote:
>
> I think you're thinking of my initial release last year. The version I released
> a few months ago also has an in-memory store and greatly improved transactions.
> It was motivated by the need to survive things like DoS attacks.
>
Is that possible to find your version of xenstored in a tarball somewhere ?
attack.tar.gz seems to contains lots of things related to xenstored, but
yet seems to missing watches and permissions.
> I wrote a little attack program (in OCaml) which runs from any DomU and brought
> the original xenstored to its knees. With the attack going, it's impossible to
> bring a new domain up -- it just hangs forever attempting to bring it up.
> Basically, the attack just hammers xenstored with micro-transactions. With the
> original transaction system, which allows the first committing transaction in a
> generation to win, long transactions could never complete. I implemented
> transactions that would enable all concurrent but non-conflicting transactions
> to commit. This made my version of xenstored resilient to the attack.
>
> I played around with this with your version too, but found that, while it would
> not hang forever while attempting to load a domain, it would instead die after a
> few seconds with the following error:
>
> Error: (2, 'No such file or directory')
>
i haven't really had time to look yet (i've been swamped with others
things), but will try to run your program.
but what is dying in the scenario you described ? ocaml xenstored or the
attack program ?
> I tried with with the eagain mode thing (random dropping of 1/3 of all
> transactions) both enabled and disabled, but it had the same effect (except that
> with the mode enabled, 1/3 of all transactions would fail regardless of if they
> should or not).
>
> I've been reading over your code and noticed that you seem to have a
> mini-implementation of libxc. I was wondering why you chose to do this over
> using the pre-existing libxenctrl? Does this make the final executable smaller?
>
libxenctrl is using the GPL license, whereas we chose the LGPL license
with ocaml static exception everywhere.
--
Vincent
next prev parent reply other threads:[~2009-02-16 15:01 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-02-04 14:56 [ANNOUNCE] xen ocaml tools Vincent Hanquez
2009-02-04 20:40 ` Patrick Colp
2009-02-05 15:44 ` Vincent Hanquez
2009-02-06 23:46 ` Patrick Colp
2009-02-07 1:34 ` Patrick Colp
2009-02-16 15:01 ` Vincent Hanquez [this message]
2009-02-17 1:06 ` Patrick Colp
2009-02-17 1:19 ` Jun Koi
2009-02-17 7:59 ` Keir Fraser
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=49997FE1.9060508@eu.citrix.com \
--to=vincent.hanquez@eu.citrix.com \
--cc=Thomas.Gazagnaire@eu.citrix.com \
--cc=pjcolp@cs.ubc.ca \
--cc=xen-devel@lists.xensource.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.