diff --git a/About b/About index c5647c0..d6f4a1f 100644 --- a/About +++ b/About @@ -108,8 +108,7 @@ not invalidated :-)" [Xavier Leroy](https://lwn.net/Articles/19378/)), and the [ ### Me on the intertubes You can find me on [twitter](https://twitter.com/h4nnes) and on -[GitHub](https://github.com/hannesm). I also have an [academic web -site](https://www.cl.cam.ac.uk/~hm519/). +[GitHub](https://github.com/hannesm). No comments here, but you can open issues on the [data repository on GitHub](https://github.com/hannesm/hannes.nqsb.io). diff --git a/Posts/BadRecordMac b/Posts/BadRecordMac index fa26b4e..54bc2e8 100644 --- a/Posts/BadRecordMac +++ b/Posts/BadRecordMac @@ -11,15 +11,15 @@ Roughly 2 weeks ago, [Engil](https://github.com/Engil) informed me that a TLS al I tried hard, but could not reproduce, but was very worried and was eager to find the root cause (some little fear remained that it was in our TLS stack). I setup this website with some TLS-level tracing (extending the code from our [TLS handshake server](https://tls.openmirage.org)). We tried to reproduce the issue with traces and packet captures (both on client and server side) in place from our computer labs office with no success. Later, Engil tried from his home and after 45MB of wire data, ran into this issue. Finally, evidence! Isolating the TCP flow with the alert resulted in just about 200KB of packet capture data (TLS ASCII trace around 650KB). -![encrypted alert](https://www.cl.cam.ac.uk/~hm519/encrypted-alert.png) +![encrypted alert](/static/img/encrypted-alert.png) What is happening on the wire? After some data is successfully transferred, at some point the client sends an encrypted alert (see above). The TLS session used a RSA key exchange and I could decrypt the TLS stream with Wireshark, which revealed that the alert was indeed a bad record MAC. Wireshark's "follow SSL stream" showed all client requests, but not all server responses. The TLS level trace from the server showed properly encrypted data. I tried to spot the TCP payload which caused the bad record MAC, starting from the alert in the client capture (the offending TCP frame should be closely before the alert). -![client TCP frame](https://www.cl.cam.ac.uk/~hm519/tcp-frame-client.png) +![client TCP frame](/static/img/tcp-frame-client.png) There is plaintext data which looks like a HTTP request in the TCP frame sent by the server to the client? WTF? This should never happen! The same TCP frame on the server side looked even more strange: it had an invalid checksum. -![server TCP frame](https://www.cl.cam.ac.uk/~hm519/tcp-frame-server.png) +![server TCP frame](/static/img/tcp-frame-server.png) What do we have so far? We spotted some plaintext data in a TCP frame which is part of a TLS session. The TCP checksum is invalid. diff --git a/Posts/BottomUp b/Posts/BottomUp index b829a99..b5482a1 100644 --- a/Posts/BottomUp +++ b/Posts/BottomUp @@ -68,11 +68,11 @@ This still does not sum up to 2.8MB since we're missing the transitive dependenc Let's use a different approach: first recursively find all dependencies. We do this by using `ocamlfind` to read `META` files which contain a list of dependent libraries in their `requires` line. As input we use `LIBS` from the Makefile snippet above. The code (OCaml script) is [available here](https://gist.github.com/hannesm/bcbe54c5759ed5854f05c8f8eaee4c79). The colour scheme is red for pieces of the OCaml distribution, yellow for input packages, and orange for the dependencies. -[](https://www.cl.cam.ac.uk/~hm519/mirage-console.svg) +[](/static/img/mirage-console.svg) This is the UNIX version only, the Xen version looks similar (but worth mentioning). -[](https://www.cl.cam.ac.uk/~hm519/mirage-console-xen.svg) +[](/static/img/mirage-console-xen.svg) You can spot at the right that `mirage-bootvar` uses `re`, which provoked me to [open a PR](https://github.com/mirage/mirage-bootvar-xen/pull/19), but Jon Ludlam [already had a nicer PR](https://github.com/mirage/mirage-bootvar-xen/pull/18) which is now merged (and a [new release is in preparation](https://github.com/mirage/mirage-bootvar-xen/pull/20)). @@ -84,9 +84,9 @@ We overapproximate the sizes here by assuming that a linker simply concatenates I developed a pie chart visualisation, but a friend of mine reminded me that such a chart is pretty useless for comparing slices for the human brain. I spent some more time to develop a treemap visualisation to satisfy the brain. The implemented algorithm is based on [squarified treemaps](http://www.win.tue.nl/~vanwijk/stm.pdf), but does not use implicit mutable state. In addition, the [provided script](https://gist.github.com/hannesm/c8a9b2e75bb4f98b5100a838ea125f3b) parses common linker flags (`-o -L -l`) and collects arguments to be linked in. It can be passed to `ocamlopt` as the C linker, more instructions at the end of `treemap.ml` (which should be cleaned up and integrated into the mirage tool, as mentioned earlier). -[](https://www.cl.cam.ac.uk/~hm519/mirage-console-bytes.svg) +[](/static/img/mirage-console-bytes.svg) -[](https://www.cl.cam.ac.uk/~hm519/mirage-console-xen-bytes-full.svg) +[](/static/img/mirage-console-xen-bytes-full.svg) As mentioned above, this is an overapproximation. The `libgcc.a` is only needed on Xen (see [this comment](https://github.com/mirage/mirage/commit/c17f2f60a6309322ba45cecb00a808f62f05cf82#commitcomment-17573123)), I have not yet tracked down why there is a `libasmrun.a` and a `libxenasmrun.a`. @@ -94,9 +94,9 @@ As mentioned above, this is an overapproximation. The `libgcc.a` is only needed Besides the hello world, I used the same tools on our [BTC Piñata](http://ownme.ipredator.se). -[](https://www.cl.cam.ac.uk/~hm519/pinata-deps.svg) +[](/static/img/pinata-deps.svg) -[](https://www.cl.cam.ac.uk/~hm519/pinata-bytes.svg) +[](/static/img/pinata-bytes.svg) ### Conclusion diff --git a/Posts/nqsbWebsite b/Posts/nqsbWebsite index 1e37ef6..c34e381 100644 --- a/Posts/nqsbWebsite +++ b/Posts/nqsbWebsite @@ -250,7 +250,7 @@ That's it, the [nqsb.io](https://nqsb.io) contains slightly more code to log ont A comparison using Firefox builtin network diagnostics shows that the waiting before receiving data is minimal (3ms, even spotted 0ms). -[](https://www.cl.cam.ac.uk/~hm519/performance-nqsbio.png) +[](/static/img/performance-nqsbio.png) We do not render HTML for each request, we do not splice data together, we *don't even read the client request*. And I'm sure we can improve the performance even more by profiling. diff --git a/static/img/encrypted-alert.png b/static/img/encrypted-alert.png new file mode 100644 index 0000000..d5e3e40 Binary files /dev/null and b/static/img/encrypted-alert.png differ diff --git a/static/img/mirage-console-bytes.svg b/static/img/mirage-console-bytes.svg new file mode 100644 index 0000000..258be2e --- /dev/null +++ b/static/img/mirage-console-bytes.svg @@ -0,0 +1,40 @@ + + stdlib.a/home/hannes/.opam/4.03.0/lib/ocaml/stdlib.a (1588982) + sexplib.a/home/hannes/.opam/4.03.0/lib/sexplib/sexplib.a (673124) + lwt-unix.a/home/hannes/.opam/4.03.0/lib/lwt/lwt-unix.a (657552) + liblwt-unix_stubs.a/home/hannes/.opam/4.03.0/lib/lwt/liblwt-unix_stubs.a (515632) + libasmrun.a/home/hannes/.opam/4.03.0/lib/ocaml/libasmrun.a (433626) + lwt.a/home/hannes/.opam/4.03.0/lib/lwt/lwt.a (331998) + cmdliner.a/home/hannes/.opam/4.03.0/lib/cmdliner/cmdliner.a (276850) + astring.a/home/hannes/.opam/4.03.0/lib/astring/astring.a (246538) + libunix.a/home/hannes/.opam/4.03.0/lib/ocaml/libunix.a (207120) + ipaddr.a/home/hannes/.opam/4.03.0/lib/ipaddr/ipaddr.a (202720) + unix.a/home/hannes/.opam/4.03.0/lib/ocaml/unix.a (143632) + camlstartup800193.o/tmp/camlstartup800193.o (117440) + ocplib_endian.a/home/hannes/.opam/4.03.0/lib/ocplib-endian/ocplib_endian.a (93778) + fmt.a/home/hannes/.opam/4.03.0/lib/fmt/fmt.a (88008) + cstruct.a/home/hannes/.opam/4.03.0/lib/cstruct/cstruct.a (70122) + lwt-log.a/home/hannes/.opam/4.03.0/lib/lwt/lwt-log.a (69738) + bigstring.a/home/hannes/.opam/4.03.0/lib/ocplib-endian/bigstring.a (47622) + logs.a/home/hannes/.opam/4.03.0/lib/logs/logs.a (46250) + libbigarray.a/home/hannes/.opam/4.03.0/lib/ocaml/libbigarray.a (32488) + bigarray.a/home/hannes/.opam/4.03.0/lib/ocaml/bigarray.a (30248) + mirage_logs.a/home/hannes/.opam/4.03.0/lib/mirage-logs/mirage_logs.a (24602) + mirage-runtime.a/home/hannes/.opam/4.03.0/lib/mirage/mirage-runtime.a (21882) + functoria-runtime.a/home/hannes/.opam/4.03.0/lib/functoria/functoria-runtime.a (15698) + OS.a/home/hannes/.opam/4.03.0/lib/mirage-unix/OS.a (15004) + main.omain.o (14624) + io_page.a/home/hannes/.opam/4.03.0/lib/io-page/io_page.a (13424) + mirage_console_unix.a/home/hannes/.opam/4.03.0/lib/mirage-console/mirage_console_unix.a (12746) + mProf.a/home/hannes/.opam/4.03.0/lib/mirage-profile/mProf.a (11358) + libcstruct_stubs.a/home/hannes/.opam/4.03.0/lib/cstruct/libcstruct_stubs.a (9468) + libio_page_unix_stubs.a/home/hannes/.opam/4.03.0/lib/io-page/libio_page_unix_stubs.a (7530) + key_gen.okey_gen.o (7256) + lwt_cstruct.a/home/hannes/.opam/4.03.0/lib/cstruct/lwt_cstruct.a (6696) + unikernel.ounikernel.o (5032) + mirage-clock.a/home/hannes/.opam/4.03.0/lib/mirage-clock-unix/mirage-clock.a (3330) + std_exit.o/home/hannes/.opam/4.03.0/lib/ocaml/std_exit.o (2984) + io_page_unix.a/home/hannes/.opam/4.03.0/lib/io-page/io_page_unix.a (2046) + result.a/home/hannes/.opam/4.03.0/lib/result/result.a (1950) + mirage-console.a/home/hannes/.opam/4.03.0/lib/mirage-console/mirage-console.a (1870) + diff --git a/static/img/mirage-console-xen-bytes-full.svg b/static/img/mirage-console-xen-bytes-full.svg new file mode 100644 index 0000000..1f5f87b --- /dev/null +++ b/static/img/mirage-console-xen-bytes-full.svg @@ -0,0 +1,55 @@ + + libgcc.a/usr/lib/gcc/x86_64-linux-gnu/4.8/libgcc.a (3027014) + stdlib.a/home/hannes/.opam/4.02.3/lib/ocaml/stdlib.a (1400328) + sexplib.a/home/hannes/.opam/4.02.3/lib/sexplib/sexplib.a (665768) + libopenlibm.a/home/hannes/.opam/4.02.3/lib/libopenlibm.a (629620) + libxenasmrun.a/home/hannes/.opam/4.02.3/lib/pkgconfig/../../lib/mirage-xen-ocaml/libxenasmrun.a (343920) + libasmrun.a/home/hannes/.opam/4.02.3/lib/ocaml/libasmrun.a (331260) + lwt.a/home/hannes/.opam/4.02.3/lib/lwt/lwt.a (328130) + cmdliner.a/home/hannes/.opam/4.02.3/lib/cmdliner/cmdliner.a (277042) + libminios.a/home/hannes/.opam/4.02.3/lib/pkgconfig/../../lib/minios-xen/libminios.a (271372) + astring.a/home/hannes/.opam/4.02.3/lib/astring/astring.a (243240) + re.a/home/hannes/.opam/4.02.3/lib/re/re.a (233148) + ipaddr.a/home/hannes/.opam/4.02.3/lib/ipaddr/ipaddr.a (198636) + camlstartup873580.o/tmp/camlstartup873580.o (121544) + xenstore.a/home/hannes/.opam/4.02.3/lib/xenstore/xenstore.a (119916) + ocplib_endian.a/home/hannes/.opam/4.02.3/lib/ocplib-endian/ocplib_endian.a (99350) + fmt.a/home/hannes/.opam/4.02.3/lib/fmt/fmt.a (86522) + OS.a/home/hannes/.opam/4.02.3/lib/mirage-xen/OS.a (77252) + cstruct.a/home/hannes/.opam/4.02.3/lib/cstruct/cstruct.a (68448) + xenstore_client_lwt.a/home/hannes/.opam/4.02.3/lib/xenstore/xenstore_client_lwt.a (62488) + libxenposix.a/home/hannes/.opam/4.02.3/lib/pkgconfig/../../lib/mirage-xen-posix/libxenposix.a (61286) + mirage_console_xen.a/home/hannes/.opam/4.02.3/lib/mirage-console/mirage_console_xen.a (51346) + bigstring.a/home/hannes/.opam/4.02.3/lib/ocplib-endian/bigstring.a (50380) + logs.a/home/hannes/.opam/4.02.3/lib/logs/logs.a (44770) + libxencamlbindings.a/home/hannes/.opam/4.02.3/lib/pkgconfig/../../lib/mirage-xen/libxencamlbindings.a (43158) + xen_gnt.a/home/hannes/.opam/4.02.3/lib/xen-gnt/xen_gnt.a (42476) + libx86_64.a/home/hannes/.opam/4.02.3/lib/pkgconfig/../../lib/minios-xen/libx86_64.a (41790) + shared_memory_ring.a/home/hannes/.opam/4.02.3/lib/shared-memory-ring/shared_memory_ring.a (41024) + re_str.a/home/hannes/.opam/4.02.3/lib/re/re_str.a (37994) + libxenotherlibs.a/home/hannes/.opam/4.02.3/lib/pkgconfig/../../lib/mirage-xen-ocaml/libxenotherlibs.a (37666) + mirage_console_proto.a/home/hannes/.opam/4.02.3/lib/mirage-console/mirage_console_proto.a (32550) + libbigarray.a/home/hannes/.opam/4.02.3/lib/ocaml/libbigarray.a (27760) + bigarray.a/home/hannes/.opam/4.02.3/lib/ocaml/bigarray.a (26228) + mirage_logs.a/home/hannes/.opam/4.02.3/lib/mirage-logs/mirage_logs.a (24604) + xen_evtchn.a/home/hannes/.opam/4.02.3/lib/xen-evtchn/xen_evtchn.a (22362) + mirage-runtime.a/home/hannes/.opam/4.02.3/lib/mirage/mirage-runtime.a (22140) + lwt_shared_memory_ring.a/home/hannes/.opam/4.02.3/lib/shared-memory-ring/lwt_shared_memory_ring.a (21432) + re_emacs.a/home/hannes/.opam/4.02.3/lib/re/re_emacs.a (20354) + xenstore_ring.a/home/hannes/.opam/4.02.3/lib/shared-memory-ring/xenstore_ring.a (19818) + console_ring.a/home/hannes/.opam/4.02.3/lib/shared-memory-ring/console_ring.a (19722) + mirage-bootvar.a/home/hannes/.opam/4.02.3/lib/mirage-bootvar/mirage-bootvar.a (16280) + functoria-runtime.a/home/hannes/.opam/4.02.3/lib/functoria/functoria-runtime.a (15444) + main.omain.o (14112) + io_page.a/home/hannes/.opam/4.02.3/lib/io-page/io_page.a (13208) + libcstruct_stubs.a/home/hannes/.opam/4.02.3/lib/cstruct/libcstruct_stubs.a (12016) + mProf.a/home/hannes/.opam/4.02.3/lib/mirage-profile/mProf.a (11084) + libio_page_xen_stubs.a/home/hannes/.opam/4.02.3/lib/io-page/libio_page_xen_stubs.a (8430) + libshared_memory_ring_stubs.a/home/hannes/.opam/4.02.3/lib/shared-memory-ring/libshared_memory_ring_stubs.a (8220) + key_gen.okey_gen.o (7184) + mirage-clock.a/home/hannes/.opam/4.02.3/lib/mirage-clock-xen/mirage-clock.a (6476) + unikernel.ounikernel.o (3592) + std_exit.o/home/hannes/.opam/4.02.3/lib/ocaml/std_exit.o (2944) + result.a/home/hannes/.opam/4.02.3/lib/result/result.a (1852) + mirage-console.a/home/hannes/.opam/4.02.3/lib/mirage-console/mirage-console.a (1778) + diff --git a/static/img/mirage-console-xen.svg b/static/img/mirage-console-xen.svg new file mode 100644 index 0000000..b39bfb7 --- /dev/null +++ b/static/img/mirage-console-xen.svg @@ -0,0 +1,669 @@ + + + + + + +mirage-console-xen + + +xenstore.client + +xenstore.client +1.3.0 + + +xenstore + +xenstore +1.3.0 + + +xenstore.client->xenstore + + + + +lwt + +lwt +2.5.2 + + +xenstore.client->lwt + + + + +cstruct.ppx + +cstruct.ppx +1.7.0 + + +xenstore->cstruct.ppx + + + + +cstruct + +cstruct +1.9.0 + + +xenstore->cstruct + + + + +xen-gnt + +xen-gnt +2.2.1 + + +unix + +unix + + +xen-gnt->unix + + + + +mirage-profile + +mirage-profile +0.6.1 + + +xen-gnt->mirage-profile + + + + +xen-gnt->lwt + + + + +io-page + +io-page +1.6.0 + + +xen-gnt->io-page + + + + +bigarray + +bigarray + + +xen-gnt->bigarray + + + + +xen-evtchn + +xen-evtchn +1.0.6 + + +xen-evtchn->unix + + + + +xen-evtchn->lwt + + + + +xen-evtchn->bigarray + + + + +shared-memory-ring.xenstore + +shared-memory-ring.xenstore +1.3.0 + + +shared-memory-ring + +shared-memory-ring +1.3.0 + + +shared-memory-ring.xenstore->shared-memory-ring + + + + +shared-memory-ring.lwt + +shared-memory-ring.lwt +1.3.0 + + +shared-memory-ring.lwt->shared-memory-ring + + + + +shared-memory-ring.lwt->mirage-profile + + + + +shared-memory-ring.lwt->lwt + + + + +shared-memory-ring.console + +shared-memory-ring.console +1.3.0 + + +shared-memory-ring.console->shared-memory-ring + + + + +shared-memory-ring.console->cstruct.ppx + + + + +shared-memory-ring.console->cstruct + + + + +shared-memory-ring->cstruct + + + + +sexplib + +sexplib +113.33.03 + + +sexplib->bigarray + + + + +result + +result +1.0 + + +re.str + +re.str +1.5.0 + + +re.emacs + +re.emacs +1.5.0 + + +re.str->re.emacs + + + + +re + +re +1.5.0 + + +re.str->re + + + + +re.emacs->re + + + + +bytes + +bytes + + +re->bytes + + + + +ocplib-endian.bigstring + +ocplib-endian.bigstring +0.8 + + +ocplib-endian.bigstring->bytes + + + + +ocplib-endian.bigstring->bigarray + + + + +ocplib-endian + +ocplib-endian +0.8 + + +ocplib-endian->bytes + + + + +mirage.runtime + +mirage.runtime +2.9.0 + + +logs + +logs +0.5.0 + + +mirage.runtime->logs + + + + +ipaddr + +ipaddr +2.7.0 + + +mirage.runtime->ipaddr + + + + +functoria.runtime + +functoria.runtime +1.1.0 + + +mirage.runtime->functoria.runtime + + + + +astring + +astring +0.8.1 + + +mirage.runtime->astring + + + + +mirage-xen + +mirage-xen +2.6.0 + + +mirage-xen->xenstore.client + + + + +mirage-xen->xen-gnt + + + + +mirage-xen->xen-evtchn + + + + +mirage-xen->shared-memory-ring.xenstore + + + + +mirage-xen->shared-memory-ring.lwt + + + + +mirage-xen->shared-memory-ring.console + + + + +mirage-xen->shared-memory-ring + + + + +mirage-types + +mirage-types +2.8.0 + + +mirage-xen->mirage-types + + + + +mirage-xen->mirage-profile + + + + +mirage-clock-xen + +mirage-clock-xen +1.0.0 + + +mirage-xen->mirage-clock-xen + + + + +mirage-xen->lwt + + + + +mirage-xen->io-page + + + + +mirage-xen->cstruct + + + + +mirage-types.lwt + +mirage-types.lwt +2.8.0 + + +mirage-profile->ocplib-endian.bigstring + + + + +mirage-profile->lwt + + + + +mirage-profile->cstruct.ppx + + + + +mirage-profile->cstruct + + + + +mirage-logs + +mirage-logs +0.2 + + +mirage-logs->mirage-types + + + + +mirage-logs->mirage-profile + + + + +mirage-logs->lwt + + + + +mirage-logs->logs + + + + +mirage-console.xen + +mirage-console.xen +2.1.3 + + +mirage-console.xen->xen-gnt + + + + +mirage-console.xen->xen-evtchn + + + + +mirage-console.xen->mirage-xen + + + + +mirage-console.xen->mirage-types + + + + +mirage-console.proto + +mirage-console.proto +2.1.3 + + +mirage-console.xen->mirage-console.proto + + + + +mirage-console.xen->lwt + + + + +mirage-console.xen->io-page + + + + +mirage-console.proto->xenstore + + + + +mirage-console + +mirage-console +2.1.3 + + +mirage-console.proto->mirage-console + + + + +mirage-console->mirage-types.lwt + + + + +mirage-console->mirage-types + + + + +mirage-console->lwt + + + + +mirage-bootvar + +mirage-bootvar +0.3.1 + + +mirage-bootvar->re.str + + + + +mirage-bootvar->re + + + + +mirage-bootvar->mirage-xen + + + + +mirage-bootvar->lwt + + + + +lwt->bytes + + + + +logs->result + + + + +ipaddr->sexplib + + + + +ipaddr->bytes + + + + +io-page->cstruct + + + + +io-page->bytes + + + + +fmt + +fmt +0.7.1 + + +functoria.runtime->fmt + + + + +cmdliner + +cmdliner +0.9.8 + + +functoria.runtime->cmdliner + + + + +cstruct.ppx->cstruct + + + + +cstruct->sexplib + + + + +cstruct->ocplib-endian.bigstring + + + + +cstruct->ocplib-endian + + + + +cstruct->bytes + + + + +cstruct->bigarray + + + + +bigarray->unix + + + + +astring->bytes + + + + + diff --git a/static/img/mirage-console.svg b/static/img/mirage-console.svg new file mode 100644 index 0000000..7c79d9b --- /dev/null +++ b/static/img/mirage-console.svg @@ -0,0 +1,407 @@ + + + + + + +mirage-console + + +unix + +unix + + +sexplib + +sexplib +113.33.00+4.03 + + +bigarray + +bigarray + + +sexplib->bigarray + + + + +result + +result +1.0 + + +ocplib-endian.bigstring + +ocplib-endian.bigstring +0.8 + + +bytes + +bytes + + +ocplib-endian.bigstring->bytes + + + + +ocplib-endian.bigstring->bigarray + + + + +ocplib-endian + +ocplib-endian +0.8 + + +ocplib-endian->bytes + + + + +mirage.runtime + +mirage.runtime +2.9.0 + + +logs + +logs +0.5.0 + + +mirage.runtime->logs + + + + +ipaddr + +ipaddr +2.7.0 + + +mirage.runtime->ipaddr + + + + +functoria.runtime + +functoria.runtime +1.1.0 + + +mirage.runtime->functoria.runtime + + + + +astring + +astring +0.8.1 + + +mirage.runtime->astring + + + + +mirage-unix + +mirage-unix +2.6.0 + + +mirage-clock-unix + +mirage-clock-unix +1.0.0 + + +mirage-unix->mirage-clock-unix + + + + +lwt.unix + +lwt.unix +2.5.2 + + +mirage-unix->lwt.unix + + + + +lwt + +lwt +2.5.2 + + +mirage-unix->lwt + + + + +io-page.unix + +io-page.unix +1.6.0 + + +mirage-unix->io-page.unix + + + + +io-page + +io-page +1.6.0 + + +mirage-unix->io-page + + + + +cstruct + +cstruct +2.1.0 + + +mirage-unix->cstruct + + + + +mirage-types.lwt + +mirage-types.lwt +2.8.0 + + +mirage-types + +mirage-types +2.8.0 + + +mirage-console.unix + +mirage-console.unix +2.1.3 + + +mirage-console.unix->mirage-unix + + + + +mirage-console.unix->mirage-types + + + + +mirage-console + +mirage-console +2.1.3 + + +mirage-console.unix->mirage-console + + + + +mirage-console.unix->lwt.unix + + + + +mirage-console.unix->lwt + + + + +cstruct.lwt + +cstruct.lwt +2.1.0 + + +mirage-console.unix->cstruct.lwt + + + + +mirage-console->mirage-types.lwt + + + + +mirage-console->mirage-types + + + + +mirage-console->lwt + + + + +mirage-clock-unix->unix + + + + +lwt.unix->unix + + + + +lwt.log + +lwt.log +2.5.2 + + +lwt.unix->lwt.log + + + + +lwt.unix->lwt + + + + +lwt.unix->bigarray + + + + +lwt.log->lwt + + + + +lwt->bytes + + + + +logs->result + + + + +ipaddr->sexplib + + + + +ipaddr->bytes + + + + +io-page.unix->bigarray + + + + +io-page->cstruct + + + + +io-page->bytes + + + + +fmt + +fmt +0.7.1 + + +functoria.runtime->fmt + + + + +cmdliner + +cmdliner +0.9.8 + + +functoria.runtime->cmdliner + + + + +cstruct.lwt->lwt.unix + + + + +cstruct.lwt->cstruct + + + + +cstruct->sexplib + + + + +cstruct->ocplib-endian.bigstring + + + + +cstruct->ocplib-endian + + + + +cstruct->bytes + + + + +cstruct->bigarray + + + + +bigarray->unix + + + + +astring->bytes + + + + + diff --git a/static/img/performance-nqsbio.png b/static/img/performance-nqsbio.png new file mode 100644 index 0000000..cc5e8db Binary files /dev/null and b/static/img/performance-nqsbio.png differ diff --git a/static/img/pinata-bytes.svg b/static/img/pinata-bytes.svg new file mode 100644 index 0000000..9b7ed49 --- /dev/null +++ b/static/img/pinata-bytes.svg @@ -0,0 +1,95 @@ + + libgcc.a/usr/lib/gcc/x86_64-linux-gnu/4.8/libgcc.a (3027014) + stdlib.a/home/hannes/.opam/4.02.3/lib/ocaml/stdlib.a (1400328) + libgmp-xen.a/home/hannes/.opam/4.02.3/lib/gmp-xen/libgmp-xen.a (1357772) + tls.a/home/hannes/.opam/4.02.3/lib/tls/tls.a (1012386) + sexplib.a/home/hannes/.opam/4.02.3/lib/sexplib/sexplib.a (665768) + libopenlibm.a/home/hannes/.opam/4.02.3/lib/libopenlibm.a (629620) + tyxml.a/home/hannes/.opam/4.02.3/lib/tyxml/tyxml.a (587802) + nocrypto.a/home/hannes/.opam/4.02.3/lib/nocrypto/nocrypto.a (431132) + x509.a/home/hannes/.opam/4.02.3/lib/x509/x509.a (403540) + libxenasmrun.a/home/hannes/.opam/4.02.3/lib/pkgconfig/../../lib/mirage-xen-ocaml/libxenasmrun.a (343920) + libasmrun.a/home/hannes/.opam/4.02.3/lib/ocaml/libasmrun.a (331260) + lwt.a/home/hannes/.opam/4.02.3/lib/lwt/lwt.a (328130) + tcp.a/home/hannes/.opam/4.02.3/lib/tcpip/tcp.a (315660) + libnocrypto_stubs.a/home/hannes/.opam/4.02.3/lib/nocrypto/libnocrypto_stubs.a (301090) + libnocrypto_xen_stubs.a/home/hannes/.opam/4.02.3/lib/nocrypto/libnocrypto_xen_stubs.a (288802) + libnocrypto_xen_stubs.a/home/hannes/.opam/4.02.3/lib/nocrypto/libnocrypto_xen_stubs.a (288802) + asn1-combinators.a/home/hannes/.opam/4.02.3/lib/asn1-combinators/asn1-combinators.a (279054) + cmdliner.a/home/hannes/.opam/4.02.3/lib/cmdliner/cmdliner.a (277042) + libminios.a/home/hannes/.opam/4.02.3/lib/minios-xen/libminios.a (271372) + astring.a/home/hannes/.opam/4.02.3/lib/astring/astring.a (243240) + re.a/home/hannes/.opam/4.02.3/lib/re/re.a (233148) + ipv6.a/home/hannes/.opam/4.02.3/lib/tcpip/ipv6.a (199486) + ipaddr.a/home/hannes/.opam/4.02.3/lib/ipaddr/ipaddr.a (198636) + tcpip.a/home/hannes/.opam/4.02.3/lib/tcpip/tcpip.a (193400) + camlstartupb4b590.o/tmp/camlstartupb4b590.o (193160) + dhcpv4.a/home/hannes/.opam/4.02.3/lib/tcpip/dhcpv4.a (134406) + mirage-net-xen.a/home/hannes/.opam/4.02.3/lib/mirage-net-xen/mirage-net-xen.a (131968) + xenstore.a/home/hannes/.opam/4.02.3/lib/xenstore/xenstore.a (119916) + ocplib_endian.a/home/hannes/.opam/4.02.3/lib/ocplib-endian/ocplib_endian.a (99350) + uutf.a/home/hannes/.opam/4.02.3/lib/uutf/uutf.a (91822) + ptime.a/home/hannes/.opam/4.02.3/lib/ptime/ptime.a (89482) + zarith.a/home/hannes/.opam/4.02.3/lib/zarith/zarith.a (87638) + fmt.a/home/hannes/.opam/4.02.3/lib/fmt/fmt.a (86522) + OS.a/home/hannes/.opam/4.02.3/lib/mirage-xen/OS.a (77252) + str.a/home/hannes/.opam/4.02.3/lib/ocaml/str.a (76790) + libzarith.a/home/hannes/.opam/4.02.3/lib/zarith/libzarith.a (74428) + cstruct.a/home/hannes/.opam/4.02.3/lib/cstruct/cstruct.a (68448) + xenstore_client_lwt.a/home/hannes/.opam/4.02.3/lib/xenstore/xenstore_client_lwt.a (62488) + libxenposix.a/home/hannes/.opam/4.02.3/lib/pkgconfig/../../lib/mirage-xen-posix/libxenposix.a (61286) + arpv4.a/home/hannes/.opam/4.02.3/lib/tcpip/arpv4.a (58494) + libzarith-xen.a/home/hannes/.opam/4.02.3/lib/zarith/libzarith-xen.a (53452) + mirage_console_xen.a/home/hannes/.opam/4.02.3/lib/mirage-console/mirage_console_xen.a (51346) + bigstring.a/home/hannes/.opam/4.02.3/lib/ocplib-endian/bigstring.a (50380) + main.omain.o (45272) + logs.a/home/hannes/.opam/4.02.3/lib/logs/logs.a (44770) + libxencamlbindings.a/home/hannes/.opam/4.02.3/lib/pkgconfig/../../lib/mirage-xen/libxencamlbindings.a (43158) + xen_gnt.a/home/hannes/.opam/4.02.3/lib/xen-gnt/xen_gnt.a (42476) + icmpv4.a/home/hannes/.opam/4.02.3/lib/tcpip/icmpv4.a (41882) + libx86_64.a/home/hannes/.opam/4.02.3/lib/minios-xen/libx86_64.a (41790) + shared_memory_ring.a/home/hannes/.opam/4.02.3/lib/shared-memory-ring/shared_memory_ring.a (41024) + page.opage.o (40744) + unikernel.ounikernel.o (38344) + re_str.a/home/hannes/.opam/4.02.3/lib/re/re_str.a (37994) + libxenotherlibs.a/home/hannes/.opam/4.02.3/lib/pkgconfig/../../lib/mirage-xen-ocaml/libxenotherlibs.a (37666) + tls-mirage.a/home/hannes/.opam/4.02.3/lib/tls/tls-mirage.a (34816) + tcpip-stack-direct.a/home/hannes/.opam/4.02.3/lib/tcpip/tcpip-stack-direct.a (33808) + mirage_console_proto.a/home/hannes/.opam/4.02.3/lib/mirage-console/mirage_console_proto.a (32550) + libbigarray.a/home/hannes/.opam/4.02.3/lib/ocaml/libbigarray.a (27760) + ipv4.a/home/hannes/.opam/4.02.3/lib/tcpip/ipv4.a (26902) + bigarray.a/home/hannes/.opam/4.02.3/lib/ocaml/bigarray.a (26228) + logger.ologger.o (24376) + xen_evtchn.a/home/hannes/.opam/4.02.3/lib/xen-evtchn/xen_evtchn.a (22362) + mirage-runtime.a/home/hannes/.opam/4.02.3/lib/mirage/mirage-runtime.a (22140) + lwt_shared_memory_ring.a/home/hannes/.opam/4.02.3/lib/shared-memory-ring/lwt_shared_memory_ring.a (21432) + re_emacs.a/home/hannes/.opam/4.02.3/lib/re/re_emacs.a (20354) + xenstore_ring.a/home/hannes/.opam/4.02.3/lib/shared-memory-ring/xenstore_ring.a (19818) + console_ring.a/home/hannes/.opam/4.02.3/lib/shared-memory-ring/console_ring.a (19722) + mirage-bootvar.a/home/hannes/.opam/4.02.3/lib/mirage-bootvar/mirage-bootvar.a (16280) + libtcpip_stubs.a/home/hannes/.opam/4.02.3/lib/tcpip/libtcpip_stubs.a (16256) + key_gen.okey_gen.o (15832) + functoria-runtime.a/home/hannes/.opam/4.02.3/lib/functoria/functoria-runtime.a (15444) + static1.ostatic1.o (14512) + libtcpip_xen_stubs.a/home/hannes/.opam/4.02.3/lib/tcpip/libtcpip_xen_stubs.a (14500) + mirage-entropy-xen.a/home/hannes/.opam/4.02.3/lib/mirage-entropy-xen/mirage-entropy-xen.a (13398) + io_page.a/home/hannes/.opam/4.02.3/lib/io-page/io_page.a (13208) + libcstruct_stubs.a/home/hannes/.opam/4.02.3/lib/cstruct/libcstruct_stubs.a (12016) + mProf.a/home/hannes/.opam/4.02.3/lib/mirage-profile/mProf.a (11084) + libio_page_unix_stubs.a/home/hannes/.opam/4.02.3/lib/io-page/libio_page_unix_stubs.a (10930) + udp.a/home/hannes/.opam/4.02.3/lib/tcpip/udp.a (9112) + libcamlstr.a/home/hannes/.opam/4.02.3/lib/ocaml/libcamlstr.a (8938) + test.otest.o (8760) + libio_page_xen_stubs.a/home/hannes/.opam/4.02.3/lib/io-page/libio_page_xen_stubs.a (8430) + libshared_memory_ring_stubs.a/home/hannes/.opam/4.02.3/lib/shared-memory-ring/libshared_memory_ring_stubs.a (8220) + nocrypto_xen.a/home/hannes/.opam/4.02.3/lib/nocrypto/nocrypto_xen.a (7938) + ethif.a/home/hannes/.opam/4.02.3/lib/tcpip/ethif.a (7776) + libmirage-entropy-xen_stubs.a/home/hannes/.opam/4.02.3/lib/mirage-entropy-xen/libmirage-entropy-xen_stubs.a (7704) + libmirage-entropy-xen_stubs.a/home/hannes/.opam/4.02.3/lib/mirage-entropy-xen/libmirage-entropy-xen_stubs.a (7704) + mirage-clock.a/home/hannes/.opam/4.02.3/lib/mirage-clock-xen/mirage-clock.a (6476) + tcpv4_plus.otcpv4_plus.o (4984) + std_exit.o/home/hannes/.opam/4.02.3/lib/ocaml/std_exit.o (2944) + io_page_unix.a/home/hannes/.opam/4.02.3/lib/io-page/io_page_unix.a (1934) + result.a/home/hannes/.opam/4.02.3/lib/result/result.a (1852) + mirage-console.a/home/hannes/.opam/4.02.3/lib/mirage-console/mirage-console.a (1778) + diff --git a/static/img/pinata-deps.svg b/static/img/pinata-deps.svg new file mode 100644 index 0000000..495faa9 --- /dev/null +++ b/static/img/pinata-deps.svg @@ -0,0 +1,1341 @@ + + + + + + +pinata + + +zarith + +zarith +1.4 + + +xenstore.client + +xenstore.client +1.3.0 + + +xenstore + +xenstore +1.3.0 + + +xenstore.client->xenstore + + + + +lwt + +lwt +2.5.2 + + +xenstore.client->lwt + + + + +cstruct.ppx + +cstruct.ppx +1.7.0 + + +xenstore->cstruct.ppx + + + + +cstruct + +cstruct +1.9.0 + + +xenstore->cstruct + + + + +xen-gnt + +xen-gnt +2.2.1 + + +unix + +unix + + +xen-gnt->unix + + + + +mirage-profile + +mirage-profile +0.6.1 + + +xen-gnt->mirage-profile + + + + +xen-gnt->lwt + + + + +io-page + +io-page +1.6.0 + + +xen-gnt->io-page + + + + +bigarray + +bigarray + + +xen-gnt->bigarray + + + + +xen-evtchn + +xen-evtchn +1.0.6 + + +xen-evtchn->unix + + + + +xen-evtchn->lwt + + + + +xen-evtchn->bigarray + + + + +x509 + +x509 +0.5.2 + + +sexplib + +sexplib +113.33.03 + + +x509->sexplib + + + + +nocrypto + +nocrypto +0.5.3 + + +x509->nocrypto + + + + +x509->cstruct + + + + +bytes + +bytes + + +x509->bytes + + + + +asn1-combinators + +asn1-combinators +0.1.2 + + +x509->asn1-combinators + + + + +uutf + +uutf +0.9.4 + + +tyxml + +tyxml +3.6.0 + + +tyxml->uutf + + + + +str + +str + + +tyxml->str + + + + +tls.mirage + +tls.mirage +0.7.1 + + +tls.mirage->x509 + + + + +tls + +tls +0.7.1 + + +tls.mirage->tls + + + + +mirage-types + +mirage-types +2.8.0 + + +tls.mirage->mirage-types + + + + +tls.mirage->lwt + + + + +ipaddr + +ipaddr +2.7.0 + + +tls.mirage->ipaddr + + + + +tls->x509 + + + + +tls->sexplib + + + + +result + +result +1.0 + + +tls->result + + + + +tls->nocrypto + + + + +tls->cstruct + + + + +tcpip.udp + +tcpip.udp +2.8.0 + + +tcpip + +tcpip +2.8.0 + + +tcpip.udp->tcpip + + + + +tcpip.udp->mirage-types + + + + +tcpip.udp->lwt + + + + +tcpip.udp->ipaddr + + + + +tcpip.udp->io-page + + + + +tcpip.udp->cstruct + + + + +tcpip.tcp + +tcpip.tcp +2.8.0 + + +tcpip.ipv6 + +tcpip.ipv6 +2.8.0 + + +tcpip.tcp->tcpip.ipv6 + + + + +tcpip.ipv4 + +tcpip.ipv4 +2.8.0 + + +tcpip.tcp->tcpip.ipv4 + + + + +tcpip.tcp->tcpip + + + + +tcpip.tcp->mirage-types + + + + +tcpip.tcp->mirage-profile + + + + +tcpip.tcp->lwt + + + + +tcpip.tcp->ipaddr + + + + +tcpip.tcp->io-page + + + + +tcpip.tcp->cstruct.ppx + + + + +tcpip.tcp->cstruct + + + + +tcpip.stack-direct + +tcpip.stack-direct +2.8.0 + + +tcpip.stack-direct->tcpip.udp + + + + +tcpip.stack-direct->tcpip.tcp + + + + +tcpip.icmpv4 + +tcpip.icmpv4 +2.8.0 + + +tcpip.stack-direct->tcpip.icmpv4 + + + + +tcpip.ethif + +tcpip.ethif +2.8.0 + + +tcpip.stack-direct->tcpip.ethif + + + + +tcpip.dhcpv4 + +tcpip.dhcpv4 +2.8.0 + + +tcpip.stack-direct->tcpip.dhcpv4 + + + + +tcpip.arpv4 + +tcpip.arpv4 +2.8.0 + + +tcpip.stack-direct->tcpip.arpv4 + + + + +tcpip.stack-direct->mirage-types + + + + +tcpip.stack-direct->lwt + + + + +tcpip.stack-direct->ipaddr + + + + +tcpip.stack-direct->io-page + + + + +tcpip.stack-direct->cstruct + + + + +tcpip.ipv6->tcpip + + + + +tcpip.ipv6->mirage-types + + + + +tcpip.ipv6->lwt + + + + +tcpip.ipv6->ipaddr + + + + +tcpip.ipv6->io-page + + + + +tcpip.ipv6->cstruct + + + + +tcpip.ipv4->tcpip + + + + +tcpip.ipv4->mirage-types + + + + +tcpip.ipv4->lwt + + + + +tcpip.ipv4->ipaddr + + + + +tcpip.ipv4->io-page + + + + +tcpip.ipv4->cstruct + + + + +tcpip.icmpv4->tcpip + + + + +tcpip.icmpv4->result + + + + +tcpip.icmpv4->mirage-types + + + + +tcpip.icmpv4->lwt + + + + +tcpip.icmpv4->ipaddr + + + + +tcpip.icmpv4->io-page + + + + +tcpip.icmpv4->cstruct + + + + +tcpip.ethif->tcpip + + + + +tcpip.ethif->mirage-types + + + + +tcpip.ethif->lwt + + + + +tcpip.ethif->ipaddr + + + + +tcpip.ethif->io-page + + + + +tcpip.ethif->cstruct + + + + +tcpip.dhcpv4->tcpip.udp + + + + +tcpip.dhcpv4->mirage-types + + + + +tcpip.dhcpv4->lwt + + + + +tcpip.dhcpv4->ipaddr + + + + +tcpip.dhcpv4->io-page + + + + +tcpip.dhcpv4->cstruct.ppx + + + + +tcpip.dhcpv4->cstruct + + + + +tcpip.dhcpv4->bytes + + + + +tcpip.arpv4->tcpip + + + + +tcpip.arpv4->mirage-types + + + + +tcpip.arpv4->lwt + + + + +tcpip.arpv4->ipaddr + + + + +tcpip.arpv4->io-page + + + + +tcpip.arpv4->cstruct.ppx + + + + +tcpip.arpv4->cstruct + + + + +tcpip->mirage-types + + + + +tcpip->mirage-profile + + + + +tcpip->ipaddr + + + + +tcpip->io-page + + + + +tcpip->cstruct.ppx + + + + +tcpip->cstruct + + + + +tcpip->bytes + + + + +shared-memory-ring.xenstore + +shared-memory-ring.xenstore +1.3.0 + + +shared-memory-ring + +shared-memory-ring +1.3.0 + + +shared-memory-ring.xenstore->shared-memory-ring + + + + +shared-memory-ring.lwt + +shared-memory-ring.lwt +1.3.0 + + +shared-memory-ring.lwt->shared-memory-ring + + + + +shared-memory-ring.lwt->mirage-profile + + + + +shared-memory-ring.lwt->lwt + + + + +shared-memory-ring.console + +shared-memory-ring.console +1.3.0 + + +shared-memory-ring.console->shared-memory-ring + + + + +shared-memory-ring.console->cstruct.ppx + + + + +shared-memory-ring.console->cstruct + + + + +shared-memory-ring->cstruct + + + + +sexplib->bigarray + + + + +re.str + +re.str +1.5.0 + + +re.emacs + +re.emacs +1.5.0 + + +re.str->re.emacs + + + + +re + +re +1.5.0 + + +re.str->re + + + + +re.emacs->re + + + + +re->bytes + + + + +ptime + +ptime +0.8.0 + + +ptime->result + + + + +ocplib-endian.bigstring + +ocplib-endian.bigstring +0.8 + + +ocplib-endian.bigstring->bytes + + + + +ocplib-endian.bigstring->bigarray + + + + +ocplib-endian + +ocplib-endian +0.8 + + +ocplib-endian->bytes + + + + +nocrypto.xen + +nocrypto.xen +0.5.3 + + +nocrypto.xen->nocrypto + + + + +mirage-entropy-xen + +mirage-entropy-xen +0.3.0 + + +nocrypto.xen->mirage-entropy-xen + + + + +nocrypto.xen->lwt + + + + +nocrypto->zarith + + + + +nocrypto->sexplib + + + + +nocrypto->cstruct + + + + +mirage.runtime + +mirage.runtime +2.9.0 + + +logs + +logs +0.5.0 + + +mirage.runtime->logs + + + + +mirage.runtime->ipaddr + + + + +functoria.runtime + +functoria.runtime +1.1.0 + + +mirage.runtime->functoria.runtime + + + + +astring + +astring +0.8.1 + + +mirage.runtime->astring + + + + +mirage-xen + +mirage-xen +2.6.0 + + +mirage-xen->xenstore.client + + + + +mirage-xen->xen-gnt + + + + +mirage-xen->xen-evtchn + + + + +mirage-xen->shared-memory-ring.xenstore + + + + +mirage-xen->shared-memory-ring.lwt + + + + +mirage-xen->shared-memory-ring.console + + + + +mirage-xen->shared-memory-ring + + + + +mirage-xen->mirage-types + + + + +mirage-xen->mirage-profile + + + + +mirage-clock-xen + +mirage-clock-xen +1.0.0 + + +mirage-xen->mirage-clock-xen + + + + +mirage-xen->lwt + + + + +mirage-xen->io-page + + + + +mirage-xen->cstruct + + + + +mirage-types.lwt + +mirage-types.lwt +2.8.0 + + +mirage-profile->ocplib-endian.bigstring + + + + +mirage-profile->lwt + + + + +mirage-profile->cstruct.ppx + + + + +mirage-profile->cstruct + + + + +mirage-net-xen + +mirage-net-xen +1.4.2 + + +mirage-net-xen->xen-gnt + + + + +mirage-net-xen->xen-evtchn + + + + +mirage-net-xen->mirage-xen + + + + +mirage-net-xen->mirage-profile + + + + +mirage-net-xen->lwt + + + + +mirage-net-xen->ipaddr + + + + +mirage-net-xen->cstruct + + + + +mirage-entropy-xen->mirage-xen + + + + +mirage-entropy-xen->lwt + + + + +mirage-entropy-xen->cstruct + + + + +mirage-console.xen + +mirage-console.xen +2.1.3 + + +mirage-console.xen->xen-gnt + + + + +mirage-console.xen->xen-evtchn + + + + +mirage-console.xen->mirage-xen + + + + +mirage-console.xen->mirage-types + + + + +mirage-console.proto + +mirage-console.proto +2.1.3 + + +mirage-console.xen->mirage-console.proto + + + + +mirage-console.xen->lwt + + + + +mirage-console.xen->io-page + + + + +mirage-console.proto->xenstore + + + + +mirage-console + +mirage-console +2.1.3 + + +mirage-console.proto->mirage-console + + + + +mirage-console->mirage-types.lwt + + + + +mirage-console->mirage-types + + + + +mirage-console->lwt + + + + +mirage-bootvar + +mirage-bootvar +0.3.1 + + +mirage-bootvar->re.str + + + + +mirage-bootvar->re + + + + +mirage-bootvar->mirage-xen + + + + +mirage-bootvar->lwt + + + + +lwt->bytes + + + + +logs->result + + + + +ipaddr->sexplib + + + + +ipaddr->bytes + + + + +io-page.unix + +io-page.unix +1.6.0 + + +io-page.unix->bigarray + + + + +io-page->cstruct + + + + +io-page->bytes + + + + +fmt + +fmt +0.7.1 + + +functoria.runtime->fmt + + + + +cmdliner + +cmdliner +0.9.8 + + +functoria.runtime->cmdliner + + + + +cstruct.ppx->cstruct + + + + +cstruct->sexplib + + + + +cstruct->ocplib-endian.bigstring + + + + +cstruct->ocplib-endian + + + + +cstruct->bytes + + + + +cstruct->bigarray + + + + +bigarray->unix + + + + +astring->bytes + + + + +asn1-combinators->zarith + + + + +asn1-combinators->cstruct + + + + + diff --git a/static/img/tcp-frame-client.png b/static/img/tcp-frame-client.png new file mode 100644 index 0000000..8abe1a2 Binary files /dev/null and b/static/img/tcp-frame-client.png differ diff --git a/static/img/tcp-frame-server.png b/static/img/tcp-frame-server.png new file mode 100644 index 0000000..c2595ed Binary files /dev/null and b/static/img/tcp-frame-server.png differ