Re: [ANNOUNCE] xen ocaml tools

[Patrick Colp <pjcolp@cs.ubc.ca>]

[-- Attachment #1: Type: text/plain, Size: 2840 bytes --]

Vincent Hanquez wrote:
> Patrick Colp wrote:
>>
>> I think you're thinking of my initial release last year. The version I 
>> released a few months ago also has an in-memory store and greatly 
>> improved transactions. It was motivated by the need to survive things 
>> like DoS attacks.
>>   
> Is that possible to find your version of xenstored in a tarball somewhere ?
> attack.tar.gz seems to contains lots of things related to xenstored, but 
> yet seems to missing watches and permissions.

The attack code utilises some of the code from the version of XenStore I 
wrote. I released a patch for it to the list as well as a link to my 
website where the code available as a gzip and bzip2:

website: http://cs.ubc.ca/~pjcolp/

bzip2 direct link: http://cs.ubc.ca/~pjcolp/xenstore-ocaml.tar.bz2
gzip direct link: http://cs.ubc.ca/~pjcolp/xenstore-ocaml.tar.gz

I'm attaching the gzip version to this e-mail as well. The code is 
designed to be compiled against Xen as a replacement to the C version. I 
put it in the tools/xenstore directory in the xen-unstable tree to 
compile it.

>> I wrote a little attack program (in OCaml) which runs from any DomU 
>> and brought the original xenstored to its knees. With the attack 
>> going, it's impossible to bring a new domain up -- it just hangs 
>> forever attempting to bring it up. Basically, the attack just hammers 
>> xenstored with micro-transactions. With the original transaction 
>> system, which allows the first committing transaction in a generation 
>> to win, long transactions could never complete. I implemented 
>> transactions that would enable all concurrent but non-conflicting 
>> transactions to commit. This made my version of xenstored resilient to 
>> the attack.
>>
>> I played around with this with your version too, but found that, while 
>> it would not hang forever while attempting to load a domain, it would 
>> instead die after a few seconds with the following error:
>>
>> Error: (2, 'No such file or directory')
>>   
> i haven't really had time to look yet (i've been swamped with others 
> things), but will try to run your program.
> but what is dying in the scenario you described ? ocaml xenstored or the 
> attack program ?

When the attack is run, neither the attack nor xenstored die, but while 
the attack is running it is impossible to start a domain. In the C 
version, it would hang forever attempting to start a domain. When I ran 
it against your OCaml version, it wouldn't hang but instead after a few 
seconds the domain start would quit with the error:

Error: (2, 'No such file or directory')


If you're interested, I think it would be great to trying to merge the 
two XenStores together to get the best of both worlds. Are you going to 
be at Xen Summit? If so, would you be interested in chatting about this 
in person?


Patrick

[-- Attachment #2: xenstore-ocaml.tar.gz --]
[-- Type: application/x-gzip, Size: 94611 bytes --]

[-- Attachment #3: Type: text/plain, Size: 138 bytes --]

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel