[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: MirageOS biweekly calls - Nov 25th 10:00 CET - 12:00 CET at https://meet.jit.si/MirageOS

  • To: mirageos-devel@xxxxxxxxxxxxxxxxxxxx
  • From: Hannes Mehnert <hannes@xxxxxxxxxxx>
  • Date: Wed, 13 Nov 2024 12:43:59 +0100
  • Autocrypt: addr=hannes@xxxxxxxxxxx; keydata= xsFLBEIw1AoBEADAtXwEV8F1DBpE9lnBTbHDNeZwDVp84MhxxIT5GUexGgbOWGSEWHhC3rYe FfGRUxF4M9P4fwxpxCS5YCvxoijWHeEf8nG5IkztVv5cw63E443XWHcCMc80YAwglZ2cSP4U GTNeKb9rqVPckk/PL348BYRawhzvZK+Bc+bUvbtPCfUXT1BWIxAR1dzsfpAQVNZ4bA06xOoP QJYVNgl/lWOmQgnSgb0dE2zsgddKTOj05ru7Q7LobB7WAUTRJVkZcXnrvI1SOt/WbPTyqF8l RBh94xCqFhv4SlqZVOTXxo9gw3LpDv/cYXRl/m7+/7Wljl3ziQ9cawA6O1mbw8nm7Sfa+TZl qo+5lXEenXG+MCbH0XnnL2I4BO6HSGDtKX6htTG2xs6w4r9mVxTGJuJcGrC0dxuz5j4jylt/ KOVn9IaRKzhj8ga7kWffMp+JYdrn43732weoFFJxm78mD2ij4UbJtNkQIIcTv8IBJajHy2P3 h1NuBIwwb7RmBav4oo0CKWoasIHFwjMSBpCzJ8QOHeO/F3TY3DZp7FTwViUgSXVJoewO9yFG ctX7MC27/F1IonU9/SJW0j+F3Vz32SfxUBrDnLYpO7/vwA8w+xmWLnl0iJN/8injz5+CigsP e7O66t4MtC9BVCuLu7a/ikH5nW0q6RyTW8of9eZIsuEyqF1ZPwAGKc0jSGFubmVzIE1laG5l cnQgPGhhbm5lc0BtZWhuZXJ0Lm9yZz7CwXQEEwECAB4FAkIw1A0CGwMGCwkIBwMCAxUCAwMW AgECHgECF4AACgkQvIlliN98KO5HYg//UD6gk4sFcNop/EQivcnpfPnHrrUddsBl9bovQSXb zIh5HY/8xhO5i87n5Aox9jYLcZwa6HJ3ElHMOa+n9AY4/+H8bd+BiHWTgEhEzcZqcYwyP2S2 0X/e/m/+1XYs5tldKNZb7ruYRv6rNyUAF1H8EtYNaJpmGtXYurkMhWhEgeP9YB7svmkUN+JO og91tNhN1Wd10/JfKIytNcpXmW6zij0f3MJw/kdwIsmfSUMPaiEli+eB7nU0uLZWf4C3MWTT NmwNznEya5K9McH1Wc/lO9+oB+zRXFBUM/v9YaiyPZo0JcwSRdVYKvKteyqnL/lnx7vtkOnA EC/bcmMvlWLI+Q4Vw2cr2FKcIpJVwswZ5snFqgDr4O5JB88aEAzPFzyWWeBlVqXc0DbDu8jD YmG3yp/xn5UJQSRy6eUcXICNjJyIwekUCznRmhtGwkGFCFEZH/s2fQ7nETxZcuiE4meRnVQE 9lOafI5D+dlsG3SlyN1x0YvrPismep7PwA6FX3cDyz2iUUj4xICLvRLU6kq892KuFmv75pop VAZjJMQqc8BG3oN2YkDcO4NEuOT9/r9muk/WH5Mqcs2BJEG6+yiQ13uMS5TxXiPFp3vKRlq0 MFnm7YRZr5aK6B/WGLOHnRRb2OdAzUgsj4Qiyqvh8Ab+x9wjLwGePxlA1akrF2hQItfOwUsE QjDUdAEQAOHG4vdGxU3eH5hYDLYRsQP6ofoU36pV8iFEtZRJ833L5p9GP2xFUGVDH8yTdkdf QR1prsCJXA7sE/gYBf3k9lGicJQmYNo3uW9Ngz787BhiQJyW/JXcutyTt9b/AZmfJaDo1p0C 8IEtoG7wt4+giFwAJ1brTJtyxlKOGcjWiKh1/dTh13muXSOPcCmhNs4Zm0YNjrhW9nIn1iik lpMRJCCxY1RNcU2VZXfTqq63UTaIrZ1lgYXWilnTdpXt5UEDYBw8Ee6tpPfQflC02e8hbDeD JEP9MTM9pmmPOwZQXP36hTryakKt1Kpw3hgC+Yx9q4wwaZ4XIiWUgopT5mlI+LhnzCgO05YN NcPrbsr6Js34gC3odNicD+C1jSdOXCqAPZZNiVx0PBjRv+LbBZhUkjQJxidvXmrp55pLm+Ua IVl3E/HpFY8kTaJBHP7jvLp+W4J9tP64Ijk5Y9F0z93JwMspG671xuomFsRxUtyO6vldd7qH 1yVzDX7Dd0fAzMDOPQJW6zLiixCmA0McaZdeBXapMJDDoZAPY4pCbRyJJXe0tfv9ufzJrM8Z JHylONdBiIKWw0JldXkUvIGafl1JDOHjP1XoDWrSDO8yFhBR3uWxJy9u1s7aKvonQb5IcYU1 nPu1Olg3doPugXyC0V05MIa68iKw+Kv8KtDDWyibndoTAAYpwsFfBBgBAgAJBQJCMNR1AhsM AAoJELyJZYjffCjuelUP/jlCsxLzu3fZpuORY2LsOQMd4nFHSZLUjauLxDUn8jE//32IIJ0v QV9ab4k7JCLOuYJTTd9aYD6rkITZIVhAcsR/FQZNgVOvGTj6tAmNyn385vMz0p4bLOOy5T0C KMLKzzS4Rt4XgtzvH2xDXSHfPsqS/t/5WFkO+aLgcPALldWGQPgRu5DNoCLr989gCGu5vmd4 XwMRBt/LmJGI0v0EypL3eRmlGaUw5k6N1hStu4EETzdikAzXP5KTuloEXq/caYeUs/SIb5zi XVC1ISW0CIwj5ATbMh8DMG4splXCsajtnJjsKJATBZIWV4XoNqtgV+pQn1ShmW36nUfVGqzX AQ+9i/M+CCkxBrb85Bk8I1CA1nBHNk5SQqER40VRp6vcmuxvIBGi6t8dDWsDQ2q3kd4RjjDZ kYjSie7176bb9t5MfUGjA9WckHuyi+vjy3+sC/nRzByhXf+8iZsO2no3xWZkGUWI8F2hhpzW VsXqvC27LZvJk53fJbpuSueN8a7JKfbKPDqoDSsRaEtcM7ig475tqA/ZCzv6mdqhEV5buoLu cpW7UgYzjNQQXeYZygGWc7FTV3dqLmF1MY2+RlydQbUDjcj1CJ+UmKyxgoLyf7ru0sznr7Tp K4WDnVeJdWX1mqoSupF/u5LON1vpzh3OIl5NNAuV68Hb5On/ALC+DwFX
  • Delivery-date: Wed, 13 Nov 2024 11:44:20 +0000
  • List-id: Developer list for MirageOS <mirageos-devel.lists.xenproject.org>
The notes from the meeting yesterday are below. Thanks to everyone participating.
We discussed and found Monday mornings as a better fit for meeting, thus the next meeting is on Nov 25th 10:00 - 12:00 CET. Please add your agenda items to https://pad.data.coop/To6IOSeNSOK9kFVlgo7XWw?both# 


Best,

Hannes
- Topic: (Hannes, Pierre) cstruct and performance (see e.g. https://github.com/mirage/mirage-net/pull/25) 

- Participants: Pierre, Sam, Hannes, Anh

### Minutes
- Anh is a PhD student (advised by others & Pierre) who works on opportunistic firewalling - using MirageOS as a firewall 
  - Also wants to work on an IDS in MirageOS, similar to suricata
- Pierre is an associate professor at University of Rennes, MirageOS core team 
  - mainly works on the qubes-mirage-firewall
  - joined MirageOS since he uses QubesOS on his main laptop
- Hannes is working full-time on MirageOS
  - Works in Robur Coop with other peoples
  - Push MirageOS into production
  - Works on various applications for MirageOS (VPN, dnsmasq, ...)
- Has done some performance investigations, and would like to improve the performance of MirageOS to convince more people to use it 
- Sam works at Tarides since ~2 years
  - since last year works on MirageOS
  - mainly to get MirageOS working on OCaml 5
  - also to get MirageOS working on unikraft (replacing solo5)
- since solo5 lacks a bit maintenance, also performance (unikraft has batch IO), maybe some day also multicore 

- Cstruct & performances
- Cstruct are important for some backends (Xen) where non moving memory areas are shared amoing domains - Cstruct are heavy to allocate (using dlmalloc, is expensive), and this is against the GC (only the finalizer is used for free) - Some work in (e.g. mirage-crypto) has shown performance improvments (2.5x - 3x) during the Cstruct->{string, bytes} swap 
  - Sam: for some operations we would need to copy
- Sam: for a packet receive / send ring, we need non-moving memory as well - Pierre: in the qubes-mirage-firewall we do a lot of copies anyways, e.g. NAT - Pierre: it is "probably"(TM) not too painful to move from Cstruct.t to bytes - Pierre: a big issue is the finalizer, it is unclear when it is called, and the memory is fragmented a lot - Hannes: API-wise, mirage-net receive function takes a callback (Cstruct.t -> unit) Lwt.t, where the mirage-net allocated a buffer and passes it to the callback - Hannes: and the send function gets a `size` hint, and allocates a buffer to be filled - Hannes: what about ownership? Should the mirage-net receive, once the callback has finished, reclaim ownership and reuse the piece of memory? 
  - Pierre: maybe an opaque type is the path to go?
- Pierre: should the send be a write-only buffer, the receive a read-only buffer? -- Hannes: there's Cstruct_cap that uses phantom types for it - Sam: maybe move to an abstract API would help to benchmark the two options, test them on real workloads - Hannes: next to types (API), the question is about ownership (and who is responsible to allocate / free the memory) - Hannes: asking the question the other way around, from the application: what should be done for a packet that is received at the firewall? - Hannes: from my point of view, the perfect firewall should not copy: once a packet is received (given a ring buffer of received packets), this packet should copied (and eventually modified, if NAT needs to be done) to an element of the send ring buffer -- there shouldn't be an allocation of the entire packet in the code 
  - Pierre: we should avoid any allocations, and also all copies
- Pierre: started to use a bridge firewall which doesn't copy, and avoiding copies is good for performance (for e.g. solo5), for xen the copy we can't really avoid (on xen, you either need to copy or you would need to reconfigure with which VM you share the memory) - Hannes: with the ring buffer approach, we can't really avoid the copying -- it would mean a lot of buerocracy, and the ownership and lifetime of a buffer in the ring buffer isn't well-specified anymore - Hannes: given xen and uring, the ring buffer would need to contain non-moving memory, for solo5-hvt/spt it shouldn't matter -- but is there a difference between using bytes or bigarray for such a ring buffer? - Hannes also tried to write a library that has an abstract type t and is backed by either byte or bigarray memory (and the implementation can be selected at compile time - so no functorisation, but you get a B.get_uint8 etc. directly), but the issue is that exposing the raw memory from bigarray makes the OCaml runtime unhappy -> segmentation fault - Florian mentioned each OCaml value needs to have a tag/header, so we'd need to allocate a bit memory before the page-aligned stuff, and put the header in there 
    - so that may be a path to investigate
- Pierre: not sure how the Cstruct.split works, esp. with the header -> it creates a new OCaml variable with the same starting buffer address, and different offset and length 
  - Hannes: I can see multiple paths to investigate:
    - virtio firewall using bytes/string vs cstruct
- virtio firewall using a ring buffer (i.e. allocate not for each packet) vs allocate for each packet - Hannes: also we (well, Romain) figured that allocations of < 255 bytes is very cheap if you allocate bytes/string (it is in the minor heap) - so the high-performance MirageOS unikernel would allocate data in chunks of < 255 bytes - Hannes: Cstruct is more than the memory region: we have an offset and length as well, thus replacing Cstruct.t by Bytes.t removes some safety, since we don't carry around the offset anymore (and thus the ethernet layer can hardly pass on the payload (Cstruct.shift buf 14)) - Hannes: what is the path forward? do we have a concrete application that we want to use for performance investigations? - Pierre: the qubes-mirage-firewall would be a great study, since there are users (who sometimes complain about the performance) - Pierre: a huge performance benefit in the qubes/xen setting would be segmentation offload - Pierre: started to measure the virtio (simple-fw) with no cstruct (see https://github.com/palainp/simple-fw/tree/no-cstruct (doesn't yet compile, needs some further work on mirage-tcpip)) - Pierre: likes the idea to not trust the upper layer, an abstract type would be great - Hannes: the abstract type could as well be cstruct.t, and have an implementation that uses bytes instead of bigarray.t for switching ;) - Pierre: we had this in 2022, but the qubes-mirage-firewall fails to compile with it - Hannes: let's use that cstruct-backed-by-bytes branch (https://github.com/hannesm/ocaml-cstruct/tree/no-bigarray) and test the simple-fw with virtio on it :) [and for now, ignore the qubes-mirage-firewall compilation issues] 

#### OCaml 5 and ocaml-solo5
- how should we move?
- OCaml 5 has a different GC which memory profile is different
- Virgile tested that PR on the mirage website, redirecting every other flow to the OCaml 5 unikernel - The behaviour was different under lots of stress (with aborted connections) -- it would be interesting to see whether under normal conditions there's a difference? - With OCaml 5.3, there had been various GC fixes, and big users like Coq/Frama-C, maybe time to look into it again 
- With OCaml 5, we need to call GC.compact manually
- Pierre: it compiles fine for the qubes-mirage-firewall, but doesn't have any long-term runs (only ~10 hours) - with a slightly improved memory bandwidth - Pierre: also tested on dns-resolver, which died due to memory fragmentation (so we should move the bytes) 
- Pierre: with OCaml 5, it uses more memory at startup
- Pierre plans to test simple-fw with bytes x bigarray on OCaml 4 x OCaml 5
- Sam: we should move forward to test it in real conditions
- Sam: we should merge and release, maybe something like the ocaml compiler with release candidates - so it is available, but you've to ask for it explicitly - Hannes: maybe not even needed, since ocaml-solo5 depends on the OCaml version of your switch, and so if you're using OCaml 5, you'll get the ocaml-solo5 compatible with OCaml 5, and if you're using OCaml 4, you'll get the ocaml-solo5 compatible with OCaml 4

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.