| |
|
 |
|
 |
|
|
|
| |
|
|
xen-devel
Re: [Xen-devel] A migration framework for external devices
|
To: |
"Mike D. Day" <ncmike@xxxxxxxxxx> |
|
Subject: |
Re: [Xen-devel] A migration framework for external devices |
|
From: |
Anthony Liguori <aliguori@xxxxxxxxxx> |
|
Date: |
Thu, 09 Feb 2006 12:45:11 -0600 |
|
Cc: |
"Cihula, Joseph" <joseph.cihula@xxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxx, Stefan Berger <stefanb@xxxxxxxxxx>, "Scarlata, Vincent R" <vincent.r.scarlata@xxxxxxxxx>, Ronald Perez <ronpz@xxxxxxxxxx> |
|
Delivery-date: |
Thu, 09 Feb 2006 18:56:46 +0000 |
|
Envelope-to: |
www-data@xxxxxxxxxxxxxxxxxxx |
|
In-reply-to: |
<43EB8B89.80909@xxxxxxxxxx> |
|
List-help: |
<mailto:xen-devel-request@lists.xensource.com?subject=help> |
|
List-id: |
Xen developer discussion <xen-devel.lists.xensource.com> |
|
List-post: |
<mailto:xen-devel@lists.xensource.com> |
|
List-subscribe: |
<http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe> |
|
List-unsubscribe: |
<http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe> |
|
References: |
<OF8A30427C.48305C4F-ON85257110.005AFDA3-85257110.005CA9EB@xxxxxxxxxx> <43EB766A.30701@xxxxxxxxxx> <43EB8B89.80909@xxxxxxxxxx> |
|
Sender: |
xen-devel-bounces@xxxxxxxxxxxxxxxxxxx |
|
User-agent: |
Mail/News 1.5 (X11/20060119) |
Mike D. Day wrote:
Anthony Liguori wrote:
all). It also allows you to do clever things like vary the port
which should add to the security of migration.
Allowing the target to choose the port is good practice but not added
security.
If the Xend is always listening for migrations on a well-known port, it
is trivially easy to start migrating domains to that host. If the port
number isn't decided until the time of migration (and better yet, is
decided through a secure channel like SSH), it makes it difficult to
determine when a port is open to migrate to and which port that is.
It's not perfect, but no security mechanism is. It's definitely better
than what we have now as it means you have to authenticate to a host
before you can migrate to it.
Why do plugins have to exist? The only reason to have a plugin
mechanism is to be able to maintain plugins outside of the Xend tree
which would require a stable plugin interface. I don't think we're
at a point where we can do that.
No, you are missing an important point. The plugin mechanism is
necessary to isolate specialized device migration code from
general-purpose migration code. I don't think it has anything to do
with where the plugins are maintained.
All devices have to have their state migrated in some form. There's
already code to handle that in Xend (via the S-Expression configuration
file). The only reason TPM migration doesn't just work is that the
current state migration is unidirectional and TPM requires bidirectional
state synchronization.
All that's strictly required here is the ability to transfer the TPM
state. This is just a little bit of additional code in XendCheckpoint
that ran after suspend to transfer the TPM state.
You certainly don't need to have a plugin mechanism to handle TPM
devices. I don't know of any other devices that need this logic either
today so it would be creating a lot of complexity with a plugin
mechanism and extensible protocol when it's not necessary.
Regards,
Anthony Liguori
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
|
|
|
| |
|
Home