Re: cap exchange race with map/unmap

l4-hurd

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: cap exchange race with map/unmap

From:	Espen Skoglund
Subject:	Re: cap exchange race with map/unmap
Date:	Tue, 18 Oct 2005 23:14:39 +0200

[Jonathan S Shapiro]
> In the absence of any authority to fabricate new capabilities, the
> following chain of mappings is now in effect after the exchange:

>       RevCopy                RevCopy
>    A ----------> CapServer -----------> B

> If process A now exits, all of its capabilities are revoked. In
> consequence the Cap held by CapServer is revoked. In consequence the
> Cap held by B is revoked.

> Can somebody explain what authority or feature in the system design
> gives the CapServer sufficient power that it can create a capability
> that does not depend on A's continued existence?

If CapServer can identify that it posesses an identical capability it
can map this capability to B.

        eSk

[Prev in Thread]

Current Thread

[Next in Thread]

Re: Local IPC (was Re: Comparing "copy" and "map/unmap"), (continued)

Prev by Date: Re: problems with hierarchy: L4 pagers
Next by Date: Re: Wrapper design patterns (was: Revocation vs destruction)
Previous by thread: Re: cap exchange race with map/unmap
Next by thread: Re: cap exchange race with map/unmap
Index(es):
- Date
- Thread