From: Vincent Hanquez <vincent.hanquez@citrix.com>
To: David Vrabel <david.vrabel@citrix.com>
Cc: Ian Campbell <Ian.Campbell@citrix.com>,
Ross Philipson <ross.philipson@citrix.com>,
xen-devel@lists.xen.org
Subject: Re: [PATCH (V9) 0/2] Add V4V to Xen
Date: Fri, 31 May 2013 08:25:14 +0100 [thread overview]
Message-ID: <51A8505A.8030706@citrix.com> (raw)
In-Reply-To: <51A77964.6000500@citrix.com>
On 05/30/2013 05:08 PM, David Vrabel wrote:
> On 30/05/13 13:07, Ian Campbell wrote:
>> No patch to docs/... at all? The hypercall interface docs have improved
>> (although they still aren't great IMHO) but what's really needed is an
>> overview of the design and a "how do I actually use this" type thing.
> I agree. I'm looking at inter-domain communication mechanisms for use
> in XenServer and it's not obvious how to use v4v securely.
>
> e.g., when a previously trusted domain (A) is compromised it may spam a
> domain (B) with messages in a DoS attack. The per source domain/port
> receive rings help here as the domain A will not be able to block B from
> receiving traffic from other domains.
It's really up to the guest to take active measure to prevent this to
happens.
B have multiple ways to handle this scenario:
* unregister his ring: A can't communicate with B anymore
* throttle his ring processing: if B doens't process his ring,
eventually the ring is full
and A can't send any more spam.
* use stream message type, which has the same semantic to tcp
(LISTENING/CONNECTING/CONNECTED/..), where a stream need to be connected
before data is processed.
There's also the v4v firewall where connection can be blocked.
I'm not sure at the moment that a guest can set anything in it itself,
but if not
i think it would be a good idea for a guest to proactively set blocking
rules for
ring it owns.
> But how are these per-connection rings created? This seems to require
> out-of-band signaling for connection setup. I suppose this could be via
> v4v and a connection manager service running in a known and trusted
> domain. But how does a domain find the connection manager service and
> how does it handle the connection management domain being restarted?
Rings are created by a guest listening to v4v.
This is similar to how the ip stack works, as in some service may be
listening on
some port, and ip doesn't provide any mechanism to find those service
either.
IIRC, we use xenstore to provide connection parameters for services.
--
Vincent
next prev parent reply other threads:[~2013-05-31 7:25 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-05-28 19:43 [PATCH (V9) 0/2] Add V4V to Xen Ross Philipson
2013-05-28 19:43 ` [PATCH (V9) 1/2] xen: events, exposes evtchn_alloc_unbound_domain Ross Philipson
2013-05-28 19:43 ` [PATCH (V9) 2/2] xen: Add V4V implementation Ross Philipson
2013-05-29 0:43 ` Matt Wilson
2013-05-29 19:28 ` Ross Philipson
2013-05-29 8:34 ` Jan Beulich
2013-05-29 19:26 ` Ross Philipson
2013-05-30 5:16 ` Jan Beulich
2013-05-29 9:56 ` Vincent Hanquez
2013-05-30 16:20 ` Tim Deegan
2013-06-04 18:01 ` Ross Philipson
2013-06-10 15:06 ` David Vrabel
2013-05-30 11:57 ` [PATCH (V9) 0/2] Add V4V to Xen Ian Campbell
2013-05-31 7:36 ` Vincent Hanquez
2013-05-31 7:50 ` Ian Campbell
2013-05-31 8:56 ` Vincent Hanquez
2013-05-31 9:01 ` Ian Campbell
2013-05-31 9:26 ` Vincent Hanquez
2013-05-31 16:29 ` Ross Philipson
2013-05-31 16:38 ` Ian Campbell
2013-05-30 12:07 ` Ian Campbell
2013-05-30 16:08 ` David Vrabel
2013-05-31 7:25 ` Vincent Hanquez [this message]
2013-05-31 10:21 ` David Vrabel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=51A8505A.8030706@citrix.com \
--to=vincent.hanquez@citrix.com \
--cc=Ian.Campbell@citrix.com \
--cc=david.vrabel@citrix.com \
--cc=ross.philipson@citrix.com \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).