[kernel] Make capabilities/handles global

Instead of handles / capabilities having numeric ids that are only valid for the owning process, they are now global in a system capabilities table. This will allow for specifying capabilities in IPC that doesn't need to be kernel-controlled. Processes will still need to be granted access to given capabilities, but that can become a simpler system call than the current method of sending them through mailbox messages (and worse, having to translate every one into a new capability like was the case before). In order to track which handles a process has access to, a new node_set based on node_map allows for an efficient storage and lookup of handles.
2022-10-10 21:19:25 -07:00
parent 41bb97b179
commit 9ac4e51224
27 changed files with 337 additions and 383 deletions
--- a/definitions/objects/mailbox.def
+++ b/definitions/objects/mailbox.def
@@ -14,9 +14,9 @@ object mailbox : object {
    method close [destructor cap:close]

    # Asynchronously send a message to the reciever
-    method send [cap:send handle] {
+    method send [cap:send] {
        param tag uint64
-        param data buffer [zero_ok]
+        param subtag uint64
        param handles ref object [list]
    }

@@ -24,19 +24,18 @@ object mailbox : object {
    # arrive if block is true.
    method receive [cap:receive] {
        param tag uint64 [out]
-        param data buffer [out zero_ok]
+        param subtag uint64 [out]
        param handles ref object [out list zero_ok]
        param reply_tag uint16 [out optional]
-        param badge uint64 [out optional]
        param flags uint64
    }

    # Send a message to the reciever, and block until a
    # response is sent. Note that getting this response
    # does not require the receive capability.
-    method call [cap:send handle] {
+    method call [cap:send] {
        param tag uint64 [inout]
-        param data buffer [inout zero_ok]
+        param subtag uint64 [inout]
        param handles ref object [inout list zero_ok]
    }

@@ -44,7 +43,7 @@ object mailbox : object {
    # requires the receive capability and not the send capability.
    method respond [cap:receive] {
        param tag uint64
-        param data buffer [zero_ok]
+        param subtag uint64
        param handles ref object [list zero_ok]
        param reply_tag uint16
    }
@@ -54,12 +53,10 @@ object mailbox : object {
    # capability.
    method respond_receive [cap:receive] {
        param tag uint64 [inout]
-        param data buffer [inout zero_ok]
-        param data_in size
+        param subtag uint64 [inout]
        param handles ref object [inout list zero_ok]
        param handles_in size
        param reply_tag uint16 [inout]
-        param badge uint64 [out optional]
        param flags uint64
    }
 }