From mboxrd@z Thu Jan  1 00:00:00 1970
From: David Vrabel <david.vrabel@citrix.com>
Subject: Re: [PATCH 0/3] Introduce xensock socket and implement
 sockback and sockfront drivers
Date: Mon, 11 Aug 2014 13:58:03 +0100
Message-ID: <53E8BDDB.2060206@citrix.com>
References: <1407497529-8585-1-git-send-email-oleksandr.dmytryshyn@globallogic.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xen.org>
In-Reply-To: <1407497529-8585-1-git-send-email-oleksandr.dmytryshyn@globallogic.com>
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: Oleksandr Dmytryshyn <oleksandr.dmytryshyn@globallogic.com>, Ian Campbell <ian.campbell@citrix.com>, Stefano Stabellini <stefano.stabellini@citrix.com>, Tim Deegan <tim@xen.org>, xen-devel@lists.xen.org
List-Id: xen-devel@lists.xenproject.org

On 08/08/14 12:32, Oleksandr Dmytryshyn wrote:
> Next series of the patches adds new socket support: xensock.
> Those sockets will be used for the xen-sock frontend/backend
> drivers. Those drivers will allow to connect via xensock
> sockets (in this case dom0/domD sockets can be used for the
> server application and domU sockets can be used for the
> client application). Those sockets are similar to the TCP sockets.
> But there are some limitations. Xensock sockets
> ignore an address and can act only as the stream
> sockets. Only one xensock socket can be opened in the frontend
> side and it will be connected with the single xensock socket
> in the backend side (this link is created automatically by
> frontend and backend driver).

We only want one generic socket-based interdomain communication
mechanism in the kernel and this proposal is lacking in several areas.

* It does not use the existing support for interdomain sockets (AF_VSOCK).

* It it not suitable for a channel between two mutually untrusting peers.

* The single channel to one other domain is insufficient.  Each domain
must be able to support connections to many other domains.

See also a previous discussion.

http://lists.xen.org/archives/html/xen-devel/2013-06/msg01123.html

But note the document has not been updated following the feedback from
that thread.

There is a userspace prototype available:

http://xenbits.xen.org/gitweb/?p=people/dvrabel/idc-prototype.git;a=summary

David