From mboxrd@z Thu Jan  1 00:00:00 1970
From: Vincent Hanquez <vincent.hanquez@eu.citrix.com>
Subject: Re: [ANNOUNCE] xen ocaml tools
Date: Mon, 16 Feb 2009 15:01:53 +0000
Message-ID: <49997FE1.9060508@eu.citrix.com>
References: <498CCBC8.7020407@cs.ubc.ca>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xensource.com>
In-Reply-To: <498CCBC8.7020407@cs.ubc.ca>
List-Unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xensource.com>
List-Help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-Subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
Sender: xen-devel-bounces@lists.xensource.com
Errors-To: xen-devel-bounces@lists.xensource.com
To: Patrick Colp <pjcolp@cs.ubc.ca>
Cc: xen-devel <xen-devel@lists.xensource.com>, Thomas Gazagnaire <Thomas.Gazagnaire@eu.citrix.com>
List-Id: xen-devel@lists.xenproject.org

Patrick Colp wrote:
>
> I think you're thinking of my initial release last year. The version I released 
> a few months ago also has an in-memory store and greatly improved transactions. 
> It was motivated by the need to survive things like DoS attacks.
>   
Is that possible to find your version of xenstored in a tarball somewhere ?
attack.tar.gz seems to contains lots of things related to xenstored, but 
yet seems to missing watches and permissions.
> I wrote a little attack program (in OCaml) which runs from any DomU and brought 
> the original xenstored to its knees. With the attack going, it's impossible to 
> bring a new domain up -- it just hangs forever attempting to bring it up. 
> Basically, the attack just hammers xenstored with micro-transactions. With the 
> original transaction system, which allows the first committing transaction in a 
> generation to win, long transactions could never complete. I implemented 
> transactions that would enable all concurrent but non-conflicting transactions 
> to commit. This made my version of xenstored resilient to the attack.
>
> I played around with this with your version too, but found that, while it would 
> not hang forever while attempting to load a domain, it would instead die after a 
> few seconds with the following error:
>
> Error: (2, 'No such file or directory')
>   
i haven't really had time to look yet (i've been swamped with others 
things), but will try to run your program.
but what is dying in the scenario you described ? ocaml xenstored or the 
attack program ?
> I tried with with the eagain mode thing (random dropping of 1/3 of all 
> transactions) both enabled and disabled, but it had the same effect (except that 
> with the mode enabled, 1/3 of all transactions would fail regardless of if they 
> should or not).
>
> I've been reading over your code and noticed that you seem to have a 
> mini-implementation of libxc. I was wondering why you chose to do this over 
> using the pre-existing libxenctrl? Does this make the final executable smaller?
>   
libxenctrl is using the GPL license, whereas we chose the LGPL license 
with ocaml static exception everywhere.

-- 
Vincent