[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [ANNOUNCE] xen ocaml tools

  • To: Vincent Hanquez <vincent.hanquez@xxxxxxxxxxxxx>
  • From: Jun Koi <junkoi2004@xxxxxxxxx>
  • Date: Tue, 17 Feb 2009 10:19:00 +0900
  • Cc: xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxx>
  • Delivery-date: Mon, 16 Feb 2009 17:20:05 -0800
  • Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=xdlIh6hqWPuorbL5sajMLkH6F62kWVfagRqlIkWILwJN6iwEP6qt0HtDVkJlTZcc8Q QDtR16xesIKjIsfr0kOHUYa70zbSOnT4GAMj/V8PNESrRkqrDZ9ddl4WLtIHPF/QRVq9 zDpcQF3vKrMZu46XrOmQ/lAYHdKhfCSUB93dQ=
  • List-id: Xen developer discussion <xen-devel.lists.xensource.com>
On Tue, Feb 17, 2009 at 12:01 AM, Vincent Hanquez
<vincent.hanquez@xxxxxxxxxxxxx> wrote:
> Patrick Colp wrote:
>>
>> I think you're thinking of my initial release last year. The version I
>> released a few months ago also has an in-memory store and greatly improved
>> transactions. It was motivated by the need to survive things like DoS
>> attacks.
>>
>
> Is that possible to find your version of xenstored in a tarball somewhere ?
> attack.tar.gz seems to contains lots of things related to xenstored, but yet
> seems to missing watches and permissions.
>>
>> I wrote a little attack program (in OCaml) which runs from any DomU and
>> brought the original xenstored to its knees. With the attack going, it's
>> impossible to bring a new domain up -- it just hangs forever attempting to
>> bring it up. Basically, the attack just hammers xenstored with
>> micro-transactions. With the original transaction system, which allows the
>> first committing transaction in a generation to win, long transactions could
>> never complete. I implemented transactions that would enable all concurrent
>> but non-conflicting transactions to commit. This made my version of
>> xenstored resilient to the attack.
>>
>> I played around with this with your version too, but found that, while it
>> would not hang forever while attempting to load a domain, it would instead
>> die after a few seconds with the following error:
>>
>> Error: (2, 'No such file or directory')
>>
>
> i haven't really had time to look yet (i've been swamped with others
> things), but will try to run your program.
> but what is dying in the scenario you described ? ocaml xenstored or the
> attack program ?
>>
>> I tried with with the eagain mode thing (random dropping of 1/3 of all
>> transactions) both enabled and disabled, but it had the same effect (except
>> that with the mode enabled, 1/3 of all transactions would fail regardless of
>> if they should or not).
>>
>> I've been reading over your code and noticed that you seem to have a
>> mini-implementation of libxc. I was wondering why you chose to do this over
>> using the pre-existing libxenctrl? Does this make the final executable
>> smaller?
>>
>
> libxenctrl is using the GPL license, whereas we chose the LGPL license with
> ocaml static exception everywhere.

This part is interesting!

I have some doubts here: for ex, now I want to reimplement some parts
of libxenstore in BSD or LGPL. But I cannot avoid to include
"/usr/include/{xs,xenctrl|.h", because they have some must-have data
definition. But it seems all these headers are in GPL, so my code
violates the copyright! Or not??

Thanks,
Jun

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.