[kernel] Make capabilities/handles global
Instead of handles / capabilities having numeric ids that are only valid for the owning process, they are now global in a system capabilities table. This will allow for specifying capabilities in IPC that doesn't need to be kernel-controlled. Processes will still need to be granted access to given capabilities, but that can become a simpler system call than the current method of sending them through mailbox messages (and worse, having to translate every one into a new capability like was the case before). In order to track which handles a process has access to, a new node_set based on node_map allows for an efficient storage and lookup of handles.
This commit is contained in:
Justin C. Miller
@@ -32,7 +32,7 @@ interface syscalls [syscall] {
|
||||
# supplied list is not big enough, will set the size
|
||||
# needed in `size` and return j6_err_insufficient
|
||||
function handle_list {
|
||||
param handles ref object [list inout zero_ok] # A list of handles to be filled
|
||||
param handles struct handle_descriptor [list inout zero_ok] # A list of handles to be filled
|
||||
}
|
||||
|
||||
# Create a clone of an existing handle, possibly with
|
||||
|
||||
Reference in New Issue
Block a user