This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


[Xen-devel] Triggering hotplug scripts multiple times

To: Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxx>
Subject: [Xen-devel] Triggering hotplug scripts multiple times
From: Jacob Gorm Hansen <jacobg@xxxxxxx>
Date: Fri, 30 Mar 2007 10:01:49 +0200
Delivery-date: Fri, 30 Mar 2007 09:04:22 +0100
Dkim-signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:date:from:to:subject:message-id:mime-version:content-type:content-disposition:user-agent:sender; b=YqcZkqn+UgAjzQaTJPmFLqZ3/ielBrbPVEuWIrzumpwfJ9hL+GSIsbF2rLWyyykLVyWtRW0WeeFKKskVqqRF66VghJzM+CM2gY1CJbfOtsz/umvetY1eTMlN+8jv7BVTv7sQ0VWYrCj1SyQbILIsOVCiYliesFGgw+WLzo0y/7U=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:date:from:to:subject:message-id:mime-version:content-type:content-disposition:user-agent:sender; b=DL5rSrNcsPirtVx8v0WxzHD2bV85gOjjy+rXSYPYfMzCfwvMjGiiECKS1nsW3wMtvbFwrPDPQ9IQQTyi0pzOOM5zdqTPu+VH92CX6l2l/UWe0PPXxihYqKh+9mXH2FIw7Mpxm/FI/Gf+Cl6dtnSHAbo9V9xzAsGmEKNTjJ47+BY=
Envelope-to: Keir.Fraser@xxxxxxxxxxxx
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mutt/1.5.12-2006-07-14
hi list,

I am not sure how much of a problem this is in real life, but since the
changes to support kexec went in, it has been possible for a domU to
trigger its hotplug scripts over and over, by repeatedly changing the
frontend state of a virtual device.

This is only a problem if a hotplug script has a leak, for instance by
adding an iptables rule and not deleting it when the vif goes offline,
in which case it is probably possible to exhaust the dom0 kernel's
memory by filling it up with iptables entries (iptables does not seem to
enforce any upper limit).  Another potential issue is that a high CPU load
in dom0 can be created by repeated hotplugging of devices.

I am not sure what the correct workaround is, other than paying
attention to the quality of hotplug scripts.  Somehow it feels wrong
that a guest domain is able to arbitrarily trigger scripts in dom0,
though the ability to restart devices is a necessity for unprivileged
boot-loaders.  Perhaps the hotplug scripts should only be triggered
once, the first time the frontend is configured?


Xen-devel mailing list