[cap-talk] kernel object knowledge
Jonathan S. Shapiro
shap at eros-os.com
Wed May 30 13:23:29 EDT 2007
On Wed, 2007-05-30 at 10:09 -0700, Charles Landau wrote:
> At 1:53 PM -0400 5/29/07, Jonathan S. Shapiro wrote:
> > 2. Naive (and even sophisticated) membranes must perform
> > storage allocation on every invocation
>
> to wrap every capability passed
>
> >, except where
> > they are able to recognize a capability as EQ to some
> > capability that they have already wrapped.
>
> Don't these difficulties apply also to non-oblivious membranes,
> though to a lesser degree? A non-oblivious membrane may know that
> some capabilities do not need to be wrapped, but there may still be
> some that do need to be wrapped. At best, a non-oblivious membrane
> simply lowers the bound of storage required (possibly lowering it
> from infinite to finite).
I seem to recall that MarkM had an implementation in E at one point that
was able to evade this issue by re-using the proxy object in some clever
way that I no longer recall. I may be mistaken.
I suspect (without any evidence) that the requirement to wrap (or avoid
wrapping) is a pure function of the capability type, and that oblivious
membranes can mostly implement that.
Assuming that a bounded number of capabilities are transferrable per
message, the oblivious membrane has a storage requirement that is
O(n-message). The non-oblivious membrane reduces this to
O(n-distinct-caps-xferred). Neither number is usefully small, since both
numbers considerably exceed available storage. Indeed, both requirements
likely exceed total historical world production of real storage media.
shap
More information about the cap-talk
mailing list