[cap-talk] "Same" key
Jonathan S. Shapiro
shap at eros-os.com
Sun Feb 4 12:30:50 CST 2007
On Sat, 2007-02-03 at 13:47 -0800, Mark S. Miller wrote:
> Jonathan S. Shapiro wrote:
> > The problem in this conversation is that we are failing to distinguish
> > correctly between the capability itself and the object that it
> > designates. The EQ relationship is a relationship on capabilities, not
> > objects. In real implementations, two distinct capabilities (i.e.
> > capabilities that are not EQ) may designate the same object because of
> > the way the object server is implemented.
> Can you give an example where two not-EQ caps designate the same object?
Not having tracked your definition of "object", probably not, but the
obvious example would be an object implemented by a domain that chooses
to ignore some or all of the facet ID bits. This would let two facets
alias the same object, but the resulting capabilities would fail EQ.
More practically -- and this exposes a place where I continue to be
uncomfortable with your definition of "object" -- it is very common to
have two capabilities with distinct facet IDs that designate the same
state and differ only in permissions -- specifically, one provides a
subset of the operations of the other. An example is RO-page key vs.
RW-page key, but the same notion appears in user-implemented
capabilities as well. In spite of your attempts to redefine terms :-) I
expect that I will continue to speak of such capabilities as designating
the same object.
More information about the cap-talk