From: Andrew Warfield <andrew.warfield@gmail.com>
To: Harry Butterworth <harry@hebutterworth.freeserve.co.uk>
Cc: Eric Van Hensbergen <ericvh@gmail.com>,
Mike Wray <mike.wray@hp.com>,
xen-devel@lists.xensource.com,
"Ronald G. Minnich" <rminnich@lanl.gov>,
Eric Van Hensbergen <ericvh@users.sourceforge.net>
Subject: Re: Interdomain comms
Date: Tue, 10 May 2005 16:26:03 +0100 [thread overview]
Message-ID: <eacc82a405051008261f21147@mail.gmail.com> (raw)
In-Reply-To: <eacc82a405051008243195164c@mail.gmail.com>
Hi Harry,
These two comments seem more about the immediate control tool plans
than about a generic comms mechanism.
> There are two different issues here:
These seem pretty concise as regards the new control tool plans:
> 1) Having one Xend might be correct at the moment. The _assumption in
> the guests_ that there is only one Xend is technically a minor flaw. If,
> for example, the guest got an idc_address for Xend, the guest would be
> decoupled from the design choice of one or many Xends.
I think we are all keen to move in the direction of having no xend but
rather a small set of single purpose daemons that handle specific
tasks and map well on to the emerging security primitives.
> 2) The Xend introductions. The weird aspect about these is that they
> are a triangular protocol with phases initiated by xend in two
> directions, potentially at the same time. I'm more used to control flow
> following resource dependencies, for example: server tells third-party
> about resource availability; third-party assigns resources to clients;
> clients connect directly to server. This is also triangular but if you
> put the server at the top and bottom it becomes a stack ordered by
> dependencies. I think stacks are much less confusing than triangles and
> have more easily defined interlocks and less risk of introducing timing
> windows. I think it ought to be possible to get the security right for
> a stack solution as well as the triangle solution. Maybe a secuity
> expert could provide some help.
The triangular connection setup in the current code is a little grim
and something that will change very soon. The two relevant bits of
this are the event channel and the shared page address on setting up a
new device channel. Keir added support for unbound event channels
quite a while ago, and the control tools/drivers just haven't evolved
to take advantage of them yet. The store will be used for additional
connection set-up state, such as shared page addresses.
Connection setup this way does map on to the connect/listen semantics
that Mike has been advocating. For example, on a request to add a new
frontend, the backend driver will create a simple state machine for
the new device channel and assign an unbound event channel to it. It
will then move out of this (unbound) "listening" state when the front
end connects to the event channel and sends the first notification.
So we still have something in the middle, but it's a much more simple
and generic thing.
a.
next prev parent reply other threads:[~2005-05-10 15:26 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-05-05 15:18 please help: initialize XEND for my debug-FE/BE.c Aggarwal, Vikas (OFT)
2005-05-05 20:37 ` Harry Butterworth
[not found] ` <427B20B9.1010101@hp.com>
2005-05-06 12:14 ` Interdomain comms Harry Butterworth
2005-05-06 13:39 ` Mark Williamson
2005-05-06 16:04 ` Ronald G. Minnich
2005-05-06 16:49 ` Eric Van Hensbergen
2005-05-06 23:13 ` Harry Butterworth
2005-05-07 0:19 ` Eric Van Hensbergen
2005-05-07 13:26 ` Harry Butterworth
2005-05-07 14:57 ` Eric Van Hensbergen
2005-05-07 16:15 ` Ronald G. Minnich
2005-05-07 17:10 ` Keir Fraser
2005-05-07 21:22 ` Eric Van Hensbergen
2005-05-07 17:17 ` Harry Butterworth
2005-05-07 21:29 ` Eric Van Hensbergen
2005-05-07 22:11 ` Harry Butterworth
2005-05-08 0:57 ` Eric Van Hensbergen
2005-05-08 8:19 ` Andrew Warfield
2005-05-08 15:27 ` Eric Van Hensbergen
2005-05-10 8:31 ` Mike Wray
2005-05-10 10:09 ` Andrew Warfield
2005-05-10 14:30 ` Mike Wray
2005-05-10 14:51 ` Harry Butterworth
[not found] ` <eacc82a405051008243195164c@mail.gmail.com>
2005-05-10 15:26 ` Andrew Warfield [this message]
2005-05-10 16:42 ` Harry Butterworth
2005-05-08 8:36 ` Harry Butterworth
2005-05-08 16:18 ` Eric Van Hensbergen
2005-05-08 17:48 ` Harry Butterworth
2005-05-06 16:57 ` Nivedita Singhvi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=eacc82a405051008261f21147@mail.gmail.com \
--to=andrew.warfield@gmail.com \
--cc=andrew.warfield@cl.cam.ac.uk \
--cc=ericvh@gmail.com \
--cc=ericvh@users.sourceforge.net \
--cc=harry@hebutterworth.freeserve.co.uk \
--cc=mike.wray@hp.com \
--cc=rminnich@lanl.gov \
--cc=xen-devel@lists.xensource.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.