|
From: | ness |
Subject: | Re: Persistence Pros and Cons |
Date: | Wed, 02 Nov 2005 18:11:16 +0100 |
User-agent: | Mozilla Thunderbird 1.0.7 (X11/20051031) |
Ludovic Courtès wrote:
"Christopher Nelson" <address@hidden> writes:Ah. Well, it seems to me that capabilities must not be serializable. If they could be, what would stop a thread from modifying the capabilities as they flowed back to the kernel?Right. I was assuming a _protected_ capability systems where capabilities are by definition _not_ serializable by applications[0].If the serializing entity was part of the TCB, then you have to implement a certain amount of persistence anyway.That was my point: how can we serialize capabilities without support from the trusted kernel (i.e. without "persistence"). As you say, it's probably impossible. This makes the use of persistence more than just a matter of taste.
The capabilities can't directly be serialized. The application has to get (e.g. by inheritance).
I guess jonathan meant the application level state.
Once you start implementing persistence by degrees you run into a whole bunch of edge cases where it's just easier to implement system-wide persistence anyway. That's been my experience, in any case.I guess so. Have you been working on persistence/checkpointing mechanisms? Thanks, Ludovic. [0] http://lists.gnu.org/archive/html/l4-hurd/2005-10/msg00010.html _______________________________________________ L4-hurd mailing list address@hidden http://lists.gnu.org/mailman/listinfo/l4-hurd
-- -ness-
[Prev in Thread] | Current Thread | [Next in Thread] |