WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-devel

Re: [Xen-devel] [ANNOUNCE] xen ocaml tools

To: xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxx>
Subject: Re: [Xen-devel] [ANNOUNCE] xen ocaml tools
From: Patrick Colp <pjcolp@xxxxxxxxx>
Date: Fri, 06 Feb 2009 15:46:16 -0800
Cc: Thomas Gazagnaire <Thomas.Gazagnaire@xxxxxxxxxxxxx>, Vincent Hanquez <vincent.hanquez@xxxxxxxxxxxxx>
Delivery-date: Fri, 06 Feb 2009 15:47:19 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <498B0960.30109@xxxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <4989ACA0.40308@xxxxxxxxxxxxx> <4989FD52.3080401@xxxxxxxxx> <498B0960.30109@xxxxxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Thunderbird 2.0.0.19 (X11/20090105)
Vincent Hanquez wrote:
Patrick Colp wrote:
I'm really excited to see somebody else working on an OCaml XenStore! I was wondering if you could tell me what the difference are between this implementation and the one I recently released to the community?
this is a bit hard to tell without testing your version.

but i think the main difference is the way we handle transactions, which should provide a stable average time to commit transactions when having lots of xenstore traffic from guests.

I think you're thinking of my initial release last year. The version I released a few months ago also has an in-memory store and greatly improved transactions. It was motivated by the need to survive things like DoS attacks.

I wrote a little attack program (in OCaml) which runs from any DomU and brought the original xenstored to its knees. With the attack going, it's impossible to bring a new domain up -- it just hangs forever attempting to bring it up. Basically, the attack just hammers xenstored with micro-transactions. With the original transaction system, which allows the first committing transaction in a generation to win, long transactions could never complete. I implemented transactions that would enable all concurrent but non-conflicting transactions to commit. This made my version of xenstored resilient to the attack.

I played around with this with your version too, but found that, while it would not hang forever while attempting to load a domain, it would instead die after a few seconds with the following error:

Error: (2, 'No such file or directory')

I tried with with the eagain mode thing (random dropping of 1/3 of all transactions) both enabled and disabled, but it had the same effect (except that with the mode enabled, 1/3 of all transactions would fail regardless of if they should or not).

I've been reading over your code and noticed that you seem to have a mini-implementation of libxc. I was wondering why you chose to do this over using the pre-existing libxenctrl? Does this make the final executable smaller?


Patrick

Attachment: attack.tar.gz
Description: GNU Zip compressed data

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel