[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH (V9) 0/2] Add V4V to Xen

On 05/30/2013 05:08 PM, David Vrabel wrote:
On 30/05/13 13:07, Ian Campbell wrote:
No patch to docs/... at all? The hypercall interface docs have improved
(although they still aren't great IMHO) but what's really needed is an
overview of the design and a "how do I actually use this" type thing.
I agree.  I'm looking at inter-domain communication mechanisms for use
in XenServer and it's not obvious how to use v4v securely.

e.g., when a previously trusted domain (A) is compromised it may spam a
domain (B) with messages in a DoS attack.  The per source domain/port
receive rings help here as the domain A will not be able to block B from
receiving traffic from other domains.
It's really up to the guest to take active measure to prevent this to happens.
B have multiple ways to handle this scenario:

* unregister his ring: A can't communicate with B anymore
* throttle his ring processing: if B doens't process his ring, eventually the ring is full
and A can't send any more spam.
* use stream message type, which has the same semantic to tcp (LISTENING/CONNECTING/CONNECTED/..), where a stream need to be connected before data is processed.

There's also the v4v firewall where connection can be blocked.
I'm not sure at the moment that a guest can set anything in it itself, but if not i think it would be a good idea for a guest to proactively set blocking rules for
ring it owns.

But how are these per-connection rings created?  This seems to require
out-of-band signaling for connection setup.  I suppose this could be via
v4v and a connection manager service running in a known and trusted
domain. But how does a domain find the connection manager service and
how does it handle the connection management domain being restarted?
Rings are created by a guest listening to v4v.
This is similar to how the ip stack works, as in some service may be listening on some port, and ip doesn't provide any mechanism to find those service either.

IIRC, we use xenstore to provide connection parameters for services.


Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.