[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH (V9) 0/2] Add V4V to Xen

To: David Vrabel <david.vrabel@xxxxxxxxxx>
From: Vincent Hanquez <vincent.hanquez@xxxxxxxxxx>
Date: Fri, 31 May 2013 08:25:14 +0100
Cc: Ian Campbell <Ian.Campbell@xxxxxxxxxx>, Ross Philipson <ross.philipson@xxxxxxxxxx>, xen-devel@xxxxxxxxxxxxx
Delivery-date: Fri, 31 May 2013 07:25:40 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

On 05/30/2013 05:08 PM, David Vrabel wrote:

On 30/05/13 13:07, Ian Campbell wrote:

No patch to docs/... at all? The hypercall interface docs have improved
(although they still aren't great IMHO) but what's really needed is an
overview of the design and a "how do I actually use this" type thing.

I agree.  I'm looking at inter-domain communication mechanisms for use
in XenServer and it's not obvious how to use v4v securely.

e.g., when a previously trusted domain (A) is compromised it may spam a
domain (B) with messages in a DoS attack.  The per source domain/port
receive rings help here as the domain A will not be able to block B from
receiving traffic from other domains.

It's really up to the guest to take active measure to prevent this tohappens.

B have multiple ways to handle this scenario:

* unregister his ring: A can't communicate with B anymore

* throttle his ring processing: if B doens't process his ring,eventually the ring is full

and A can't send any more spam.

* use stream message type, which has the same semantic to tcp(LISTENING/CONNECTING/CONNECTED/..), where a stream need to be connectedbefore data is processed.


There's also the v4v firewall where connection can be blocked.

I'm not sure at the moment that a guest can set anything in it itself,but if noti think it would be a good idea for a guest to proactively set blockingrules for

ring it owns.

But how are these per-connection rings created?  This seems to require
out-of-band signaling for connection setup.  I suppose this could be via
v4v and a connection manager service running in a known and trusted
domain. But how does a domain find the connection manager service and
how does it handle the connection management domain being restarted?

Rings are created by a guest listening to v4v.

This is similar to how the ip stack works, as in some service may belistening onsome port, and ip doesn't provide any mechanism to find those serviceeither.


IIRC, we use xenstore to provide connection parameters for services.

--
Vincent

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH (V9) 0/2] Add V4V to Xen
  - From: David Vrabel

References:
- [Xen-devel] [PATCH (V9) 0/2] Add V4V to Xen
  - From: Ross Philipson
- Re: [Xen-devel] [PATCH (V9) 0/2] Add V4V to Xen
  - From: Ian Campbell
- Re: [Xen-devel] [PATCH (V9) 0/2] Add V4V to Xen
  - From: David Vrabel

Prev by Date: Re: [Xen-devel] Xen 4.3 development update -- RC3 willo be an actual candidate, please test
Next by Date: Re: [Xen-devel] [PATCH (V9) 0/2] Add V4V to Xen
Previous by thread: Re: [Xen-devel] [PATCH (V9) 0/2] Add V4V to Xen
Next by thread: Re: [Xen-devel] [PATCH (V9) 0/2] Add V4V to Xen
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.