WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-devel

Re: [Xen-devel] [ANNOUNCE] xen ocaml tools

To: Vincent Hanquez <vincent.hanquez@xxxxxxxxxxxxx>
Subject: Re: [Xen-devel] [ANNOUNCE] xen ocaml tools
From: Patrick Colp <pjcolp@xxxxxxxxx>
Date: Mon, 16 Feb 2009 17:06:29 -0800
Cc: xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxx>, Thomas Gazagnaire <Thomas.Gazagnaire@xxxxxxxxxxxxx>
Delivery-date: Mon, 16 Feb 2009 17:08:23 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <49997FE1.9060508@xxxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <498CCBC8.7020407@xxxxxxxxx> <49997FE1.9060508@xxxxxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Thunderbird 2.0.0.19 (X11/20090105)
Vincent Hanquez wrote:
Patrick Colp wrote:

I think you're thinking of my initial release last year. The version I released a few months ago also has an in-memory store and greatly improved transactions. It was motivated by the need to survive things like DoS attacks.
Is that possible to find your version of xenstored in a tarball somewhere ?
attack.tar.gz seems to contains lots of things related to xenstored, but yet seems to missing watches and permissions.

The attack code utilises some of the code from the version of XenStore I wrote. I released a patch for it to the list as well as a link to my website where the code available as a gzip and bzip2:

website: http://cs.ubc.ca/~pjcolp/

bzip2 direct link: http://cs.ubc.ca/~pjcolp/xenstore-ocaml.tar.bz2
gzip direct link: http://cs.ubc.ca/~pjcolp/xenstore-ocaml.tar.gz

I'm attaching the gzip version to this e-mail as well. The code is designed to be compiled against Xen as a replacement to the C version. I put it in the tools/xenstore directory in the xen-unstable tree to compile it.

I wrote a little attack program (in OCaml) which runs from any DomU and brought the original xenstored to its knees. With the attack going, it's impossible to bring a new domain up -- it just hangs forever attempting to bring it up. Basically, the attack just hammers xenstored with micro-transactions. With the original transaction system, which allows the first committing transaction in a generation to win, long transactions could never complete. I implemented transactions that would enable all concurrent but non-conflicting transactions to commit. This made my version of xenstored resilient to the attack.

I played around with this with your version too, but found that, while it would not hang forever while attempting to load a domain, it would instead die after a few seconds with the following error:

Error: (2, 'No such file or directory')
i haven't really had time to look yet (i've been swamped with others things), but will try to run your program. but what is dying in the scenario you described ? ocaml xenstored or the attack program ?

When the attack is run, neither the attack nor xenstored die, but while the attack is running it is impossible to start a domain. In the C version, it would hang forever attempting to start a domain. When I ran it against your OCaml version, it wouldn't hang but instead after a few seconds the domain start would quit with the error:

Error: (2, 'No such file or directory')


If you're interested, I think it would be great to trying to merge the two XenStores together to get the best of both worlds. Are you going to be at Xen Summit? If so, would you be interested in chatting about this in person?


Patrick

Attachment: xenstore-ocaml.tar.gz
Description: GNU Zip compressed data

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel