|
|
|
|
|
|
|
|
|
|
xen-devel
[Xen-devel] Triggering hotplug scripts multiple times
hi list,
I am not sure how much of a problem this is in real life, but since the
changes to support kexec went in, it has been possible for a domU to
trigger its hotplug scripts over and over, by repeatedly changing the
frontend state of a virtual device.
This is only a problem if a hotplug script has a leak, for instance by
adding an iptables rule and not deleting it when the vif goes offline,
in which case it is probably possible to exhaust the dom0 kernel's
memory by filling it up with iptables entries (iptables does not seem to
enforce any upper limit). Another potential issue is that a high CPU load
in dom0 can be created by repeated hotplugging of devices.
I am not sure what the correct workaround is, other than paying
attention to the quality of hotplug scripts. Somehow it feels wrong
that a guest domain is able to arbitrarily trigger scripts in dom0,
though the ability to restart devices is a necessity for unprivileged
boot-loaders. Perhaps the hotplug scripts should only be triggered
once, the first time the frontend is configured?
regards,
Jacob
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
|
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- [Xen-devel] Triggering hotplug scripts multiple times,
Jacob Gorm Hansen <=
|
|
|
|
|