diff options
author | Thomas Schwinge <thomas@schwinge.name> | 2011-09-15 13:57:17 +0200 |
---|---|---|
committer | Thomas Schwinge <thomas@schwinge.name> | 2011-09-15 13:57:17 +0200 |
commit | 3105441d1bf348b225c0778e18f3c9594e5e47ec (patch) | |
tree | 1cc2c95a49e44f53a4e584045cd108888acf51f8 /microkernel | |
parent | d6df18261f683affd28ae30f88597a03a4b5d7a6 (diff) |
capability: Extend.
Diffstat (limited to 'microkernel')
-rw-r--r-- | microkernel/eros.mdwn | 15 | ||||
-rw-r--r-- | microkernel/mach/port.mdwn | 24 |
2 files changed, 29 insertions, 10 deletions
diff --git a/microkernel/eros.mdwn b/microkernel/eros.mdwn new file mode 100644 index 00000000..be1ca90a --- /dev/null +++ b/microkernel/eros.mdwn @@ -0,0 +1,15 @@ +[[!meta copyright="Copyright © 2011 Free Software Foundation, Inc."]] + +[[!meta license="""[[!toggle id="license" text="GFDL 1.2+"]][[!toggleable +id="license" text="Permission is granted to copy, distribute and/or modify this +document under the terms of the GNU Free Documentation License, Version 1.2 or +any later version published by the Free Software Foundation; with no Invariant +Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license +is included in the section entitled [[GNU Free Documentation +License|/fdl]]."]]"""]] + +[[!tag open_issue_documentation]] + +<http://www.eros-os.org/> + +TODO. <http://www.eros-os.org/essays/reliability/paper.html> diff --git a/microkernel/mach/port.mdwn b/microkernel/mach/port.mdwn index 7f02628d..26b55456 100644 --- a/microkernel/mach/port.mdwn +++ b/microkernel/mach/port.mdwn @@ -1,4 +1,4 @@ -[[!meta copyright="Copyright © 2002, 2003, 2007, 2008, 2010 Free Software +[[!meta copyright="Copyright © 2002, 2003, 2007, 2008, 2010, 2011 Free Software Foundation, Inc."]] [[!meta license="""[[!toggle id="license" text="GFDL 1.2+"]][[!toggleable @@ -10,8 +10,8 @@ is included in the section entitled [[GNU Free Documentation License|/fdl]]."]]"""]] [[Mach]] *port*s are [[capabilities|capability]], and are also essentially -similar to [[UNIX]] pipes. They are communication channels, implemented by -kernel queues. +similar to [[UNIX]] pipes. They are unforgeable communication channels, +implemented by kernel queues. Each port has associated with it one *receive right* and one or more *send right*s and *send-once right*s. That is, there is one receiver and one or more @@ -39,7 +39,7 @@ like [[UNIX file descriptors|unix/file_descriptor]]. Only these local names can be used by [[thread]]s for invoking operations on ports, threads do not deal with port rights directly. -For that, each task has associated with it a *port address_space*, or *port +For that, each task has associated with it a *port address space*, or *port name space*. All ports are addressed via this table. Each task thus has its own private [[naming_context]] for port rights. @@ -58,20 +58,24 @@ The delivery of [[message]]s is reliable and strictly ordered. When a intermediate messages that are sent by other threads. Ports are objects that are implemented by the [[kernel]], and they are -kernel-protected resources. There is no way for a [[task]] to do anything with -a port unless it have corresponding port right. +kernel-protected resources: they are unforgeable, and there is no way for a +[[task]] to do anything with a port unless it have corresponding port right. Due to this, ports are globally unique. This makes them ideal for constituting -system-wide *object references*. For example, the [[RPC]] system as used by -the GNU Hurd works by invoking *methods* on such object references. The -available methods are defined in [[hurd/interface]] files, and are processes by -the [[MIG]] tool. +system-wide *object references*. (Fruther reading: +{{$capability#wikipedia_object-capability_model}}.) For example, the [[RPC]] +system as used by the GNU Hurd works by invoking *methods* on such object +references. The available methods are defined in [[hurd/interface]] files, and +are processes by the [[MIG]] tool. Invoking an operation on a port does not transfer the current execution control to the receiver, but instead is an asynchronous operation. For this, and especially in a [[RPC]] system, the sender may include a *reply port* using a send-once right, and synchronize (block) on that one. + +# Port Set + A [[thread]] can only block receiving on a single port. To work around this, the concept of a *port set* was introduced. A receive right can be added to (at most) one port set. These port sets look like port receive rights, but |