On 30/07/10 02:49, Todd Deshane wrote:
> On Thu, Jul 29, 2010 at 11:46 AM, <magnus.therning@xxxxxxxxxxxxx> wrote:
>> Is this a direction that's worthwhile to pursue?
>> Would a make_uuid_urandom also be necessary? (E.g. getting session
>> UUIDs from /dev/random might be too heavy weight for something that's
>> that short-lived.)
>
> Would it be possible to use uuidgen for something that simple?
>
> http://linux.die.net/man/1/uuidgen
Yes, it would, but I'm not sure that it'd simplify things that much.
Currently the code reads a few bytes from a device and then converts them into
a string of the appropriate format. Using uuidgen would require spawning a
process on each UUID creation, and reading its stdout. Given how frequently
xapi generates UUIDs I'd guess that this would cause a performance hit.
The issue at hand is that xapi uses entropy very liberally, and entropy is a
dear resource in dom0. So it makes sense to try to conserve it a bit,
especially when noticing that UUIDs are used for so many things. Splitting it
into three groups seems useful to me:
1. UUIDs that are long-lived secrets (e.g. pool secret)
2. UUIDs that identify objects, but in reality are short-lived secrets (e.g.
sessions)
3. UUIDs that identify objects (e.g. PBDs, VDIs, etc)
So, my initial thought was the following:
1. Use UUIDs generated from /dev/random
2. Use UUIDs generated from /dev/urandom
3. Use UUIDs generated from OCaml's Random
Cheers,
M
--
Magnus Therning
magnus.therning@xxxxxxxxxxxxx Jabber: magnusth@eng
There does not now, nor will there ever, exist a programming language
in which it is the least bit hard to write bad programs.
-- Flon's Axiom
_______________________________________________
xen-api mailing list
xen-api@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/mailman/listinfo/xen-api
|
Home