[Espen Skoglund]
>> Given such a CapServer, the initial part of the protocol remains
>> similar:
>> STEP EFFECT ON SYSTEM STATE
>> [Initially] CapServer has Cap.1
>> A has Cap.1..x.1
>> RevCopy(Cap.1..x.1)
>> A --------------> CapServer CapServer has Cap.1..x.1.1
>> [Intention: A is saying: I authorize CapServer to create
>> capabilities that are co-equal to mine]
>> CapServer ------> A [none: CapServer is returning]
>> RevCopy(Cap.1..x.1)
>> A --------------> B B has Cap.1..x.1.2
>> RevCopy(Cap.1..x.1.2)
>> B --------------> CapServer CapServer has Cap.1...1.2.1
>> ??MagicOp??(Cap.1...x)
>> CapServer ------> B [B has Cap.1..x.2]
> Since CapServer knows that Cap.1..x.1.1 is identical to Cap.1, it can
> perform the following last step:
> RevCopy(Cap.1)
> CapServer ------> B B has Cap.1.y
Sorry. You actually want to make sure that
"B has Cap.1..x.1"
righy. My fault. Too quick to answer. Will have to get back to this
one after a little thinking.
eSk
_______________________________________________
L4-hurd mailing list
[email protected]
http://lists.gnu.org/mailman/listinfo/l4-hurd
