[cap-talk] Capability levels

Mark Seaborn mrs at mythic-beasts.com
Tue Aug 15 13:55:43 EDT 2006 

Jed at Webstart <donnelley1 at webstart.com> wrote:

> I guess you're basing your argument on the issue of who's in
> control?  I agree that the operating system is in control.  However,
> I don't think that's particularly relevant to the level discussion.  You
> could also say that the hardware level has yet a more over arching
> level of control (e.g. microcode, etc.), but if I were to place the hardware
> level into my suggested set of capability levels, I would do so as:
> 
> 1.  Hardware,
> 2.  Language,
> 3.  OS,
> 4.  Network

Looking at it in terms of what is more lightweight or heavyweight, I
would agree with Jed's ordering.

Language-level capabilities are the most lightweight.  Objects at this
level might only take up a few words, whereas OS-level objects are
things like files or 4k data pages.  There will generally be more
language-level objects in a system because not all language-level
objects will be exported between processes.  Furthermore, exporting an
object to another process can involve creating a (language-level)
proxy object in that process -- this is how it works in Plash.

There is a similar situation between the OS/network levels: Most
objects on one machine will not be exported across the network to
another machine, and you might have a process dedicated to doing the
proxying.

Levels don't always have an ordering.  In Plash there are C objects
and (more recently) Python objects, and these get converted back and
forth by wrapping.  The wrappers act as membranes.  Neither level is
on top.  The interprocess object protocol code happens to be written
in C (so Python objects will get wrapped before being exporting), but
it could equally be written in Python.

Neither C nor Python are capability-based languages, but you get the
idea -- you could have two capability-based languages with different
basic data types coexisting in the same process, sharing capabilities.

Another aspect of Plash is that multiple objects can be exported
across a single OS-level socket connection.  So I would replace "OS
level" in your list with "interprocess" and divide it up.  With Plash
that gives us:

1. Language level (within-process):
    - C Plash objects
    - Python Plash objects
2. Interprocess level:  Plash objects via interprocess protocol
3. Interprocess level:  OS level:  file descriptors (for sockets, files)
4. Network level (inter-machine):  none yet, although if there was one
   it would look like 2 and 3 using TCP+SSL but without the ability to
   pass OS-level file descriptors between machines.

Mark

More information about the cap-talk mailing list