[cap-talk] EQ, MyCap? review

Charles Landau clandau at macslab.com
Tue Feb 12 19:01:52 EST 2008 

At 3:29 PM -0800 2/12/08, Jed Donnelley wrote:
>On 2/12/2008 2:20 PM, Charles Landau wrote:
>  > I hope this helps with the terminology. Amplify Gate Key is very
>>  equivalent to MyCap?, for reasonable definitions of "My".
>
>I think I'm understanding.  Is there a one-to-one correspondence
>between start/entry capabilities/keys and service processes?

No, there can be multiple different start/entry capabilities/keys to 
the same process. Usually these represent different facets.

>Assuming so, then I guess the "brand" mechanism is a means to
>support multiple distinct start/entry capabilities/keys within
>a common "domain" by allowing a process entering the "domain"
>via one start/entry capability/key to access the internal
>state of a start/entry capability/key that might have been
>passed in as a parameter?  In that sense to get access to the
>"private" data for the object?
>
>If all the above guesses are correct, then the definition of "My"
>is essentially 'serviced by a process within the same brand'?

Yes, it means any facet of any process with the brand.

>In that case I guess "brand"s would typically have a convention
>for where to store a pointer in the the object state for any
>start/entry capability/key that may be serviced by another
>process in the brand?  Alternatively perhaps this access to
>private data is what you referred to above when you mentioned
>the possibility of calling "it using a private interface"?

There are many possible conventions.

What I meant by "using a private interface" was this: After using 
Amplify Gate Key, a process could use the resultant Process key to 
obtain a start key to a facet of the other process. That facet is 
used only internally, and when calling it, the callee is willing to 
reveal more-private data. This can be used where you need some 
synchronization that you can't get with shared memory.

Terminology:
In EROS and CapROS, the facet identifier is 16 bits and is called the 
keyInfo. It is stored as part of the capability.
In KeyKOS, a process is called a "domain", a start capability is 
called an "entry" key (following Dennis and Van Horn), and the facet 
identifier is the "databyte" (because it is 8 bits).

More information about the cap-talk mailing list